Xe Iaso
9599cb8ea9
test: add httpdebug tool
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-10-09 14:48:33 +00:00
Xe Iaso
8cdf58c9e6
ci(ssh): re-enable aarch64-16k
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-20 15:30:29 +00:00
Xe Iaso
1c170988c8
fix: mend auth cookie name stutter ( #1139 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-19 13:51:11 -04:00
Xe Iaso
9439466ff2
ci(ssh): disable aarch64-16k until my SFP connecter comes in on friday
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-17 16:00:10 +00:00
Richard Mahn
4787aeca51
Add Door43 link to known instances documentation ( #1136 )
...
Signed-off-by: Richard Mahn <richmahn@users.noreply.github.com >
2025-09-17 13:11:11 +00:00
Xe Iaso
fb3637df95
feat(metarefresh): randomly use the Refresh header ( #1133 )
...
* feat(lib/challenge): expose ResponseWriter to challenge issuers
Signed-off-by: Xe Iaso <me@xeiaso.net >
* feat(metarefresh): randomly use the Refresh header
There are several ways to trigger an automatic refresh without
JavaScript. One of them is the "meta refresh" method[1], but the other
is with the Refresh header[2]. Both are semantically identical and
supported with browsers as old as Chrome version 1.
Given that they are basically the same thing, this patch makes Anubis
randomly select between them by using the challenge random data's first
character. This will fire about 50% of the time.
I expect this to have no impact. If this works out fine, then I will
implement some kind of fallback logic for the fast challenge such that
admins can opt into allowing clients with a no-js configuration to pass
the fast challenge. This needs to bake in the oven though.
[1]: https://developer.mozilla.org/en-US/docs/Web/HTML/Reference/Elements/meta/http-equiv
[2]: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/Refresh
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs: update CHANGELOG
Signed-off-by: Xe Iaso <me@xeiaso.net >
* feat(metarefresh): simplify random logic
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
Signed-off-by: Xe Iaso <xe.iaso@techaro.lol >
2025-09-16 17:32:13 -04:00
dependabot[bot]
26076b8520
build(deps): bump github.com/docker/docker in /test ( #1130 )
...
Bumps [github.com/docker/docker](https://github.com/docker/docker ) from 28.3.2+incompatible to 28.3.3+incompatible.
- [Release notes](https://github.com/docker/docker/releases )
- [Commits](https://github.com/docker/docker/compare/v28.3.2...v28.3.3 )
---
updated-dependencies:
- dependency-name: github.com/docker/docker
dependency-version: 28.3.3+incompatible
dependency-type: direct:production
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-16 16:22:28 -04:00
NetSysFire
edb84f03b7
convert issue templates into issue forms ( #1115 )
2025-09-16 13:14:10 +00:00
Jan Pieter Waagmeester
b2d525bba4
Update nl.json removeing literal translated 'cookie' (koekje) with 'cookie' ( #1126 )
...
Signed-off-by: Jan Pieter Waagmeester <jieter@jieter.nl >
2025-09-16 07:53:30 -04:00
dependabot[bot]
00679aed66
build(deps): bump the github-actions group with 3 updates ( #1118 )
...
Bumps the github-actions group with 3 updates: [actions-hub/kubectl](https://github.com/actions-hub/kubectl ), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions-hub/kubectl` from 1.34.0 to 1.34.1
- [Release notes](https://github.com/actions-hub/kubectl/releases )
- [Commits](af345ed727...f14933a23bhttps://github.com/astral-sh/setup-uv/releases )
- [Commits](557e51de59...b75a909f75https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](f1f6e5f6af...192325c861support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 18:23:31 -04:00
dependabot[bot]
03299024c5
build(deps): bump the npm group with 2 updates ( #1117 )
...
Bumps the npm group with 2 updates: [preact](https://github.com/preactjs/preact ) and [postcss-import-url](https://github.com/unlight/postcss-import-url ).
Updates `preact` from 10.27.1 to 10.27.2
- [Release notes](https://github.com/preactjs/preact/releases )
- [Commits](https://github.com/preactjs/preact/compare/10.27.1...10.27.2 )
Updates `postcss-import-url` from 1.0.0 to 7.2.0
- [Release notes](https://github.com/unlight/postcss-import-url/releases )
- [Changelog](https://github.com/unlight/postcss-import-url/blob/master/CHANGELOG.md )
- [Commits](https://github.com/unlight/postcss-import-url/commits/v7.2.0 )
---
updated-dependencies:
- dependency-name: preact
dependency-version: 10.27.2
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: npm
- dependency-name: postcss-import-url
dependency-version: 7.2.0
dependency-type: direct:development
update-type: version-update:semver-major
dependency-group: npm
...
Signed-off-by: dependabot[bot] <support@github.com >
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-09-15 18:23:15 -04:00
Anna
f745d37d90
fix(run/openrc): truncate runtime directory before starting Anubis ( #1122 )
...
If Anubis is not shut down correctly and there are leftover socket
files, Anubis will refuse to start.
As "checkpath -D" currently does not work as expected
(https://github.com/OpenRC/openrc/issues/335 ), simply use "rm -rf"
before starting Anubis.
Signed-off-by: Anna @CyberTailor <cyber@sysrq.in >
2025-09-15 07:44:35 -04:00
Xe Iaso
d12993e31d
feat(expressions): add contentLength to bot expressions ( #1120 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-15 01:41:45 +00:00
Xe Iaso
88b3e457ee
docs: update BotStopper docs based on new features
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-14 20:16:43 +00:00
Xe Iaso
bb2b113b63
ci(ssh): don't print uname -av output ( #1114 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-14 03:03:46 +00:00
Xe Iaso
6c283d0cd9
ci: add aarch64 for ssh CI ( #1112 )
...
* ci: add aarch64 for ssh CI
Signed-off-by: Xe Iaso <me@xeiaso.net >
* ci: better comment aile and t-elos' roles
Signed-off-by: Xe Iaso <me@xeiaso.net >
* ci: fix aile
Signed-off-by: Xe Iaso <me@xeiaso.net >
* ci: update ssh known hosts secret
Signed-off-by: Xe Iaso <me@xeiaso.net >
* ci(ssh): replace raw connection strings with arch-quirks
Signed-off-by: Xe Iaso <me@xeiaso.net >
* ci(ssh): disable this check in PRs again
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-14 00:15:23 +00:00
agoujot
0037e214a1
add link to preact in challenge list ( #1111 )
...
Preact was added in 1.22, but it currently isn't listed in the "Challenges" page.
Signed-off-by: agoujot <145840578+agoujot@users.noreply.github.com >
2025-09-13 17:31:36 -04:00
Valentin Lab
29ae2a4b87
feat: fallback to SameSite Lax mode if cookie is not secure ( #1105 )
...
Also, will allow to set cookie `SameSite` mode on command line or
environment. Note that `None` mode will be forced to ``Lax`` if
cookie is set to not be secure.
Signed-off-by: Valentin Lab <valentin.lab@kalysto.org >
2025-09-13 10:56:54 +00:00
Xe Iaso
401e18f29f
feat(store/bbolt): implement actor pattern ( #1107 )
...
* feat(store/bbolt): implement actor pattern
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs(internal/actorify): document package
Signed-off-by: Xe Iaso <me@xeiaso.net >
* Update metadata
check-spelling run (pull_request) for Xe/actorify
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com >
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com >
2025-09-12 18:35:22 +00:00
Xe Iaso
63591866aa
fix(decaymap): fix lock convoy ( #1106 )
...
* fix(decaymap): fix lock convoy
Ref #1103
This uses the actor pattern to delay deletion instead of making things
fight over a lock. It also properly fixes locking logic to prevent the
convoy problem.
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs: update CHANGELOG
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-12 16:43:08 +00:00
Xe Iaso
f79d36d21e
docs: update CHANGELOG properly
...
It helps if you save your editor buffer!
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-11 14:07:52 +00:00
Xe Iaso
f5b5243b5e
docs: update CHANGELOG
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-11 14:04:32 +00:00
Xe Iaso
2011b83a44
chore: port client-side JS to TypeScript ( #1100 )
...
* chore(challenge/preact): port to typescript
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(js/algorithms): port to typescript
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(js/worker): port to typescript
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(web): fix TypeScript build logic
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(web): port bench.mjs to typescript
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(web): port main.mjs to typescript
Signed-off-by: Xe Iaso <me@xeiaso.net >
* Update metadata
check-spelling run (pull_request) for Xe/use-typescript
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com >
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev >
* fix(js/algorithms/fast): handle old browsers
Closes #1082
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com >
2025-09-11 10:03:10 -04:00
Martin
8ed89a6c6e
feat(lib): Add option for adding difficulty field to JWT claims ( #1063 )
...
* Add option for difficulty JWT field
* Add DIFFICULTY_IN_JWT option to docs
* Add missing_required_forwarded_headers to lt translation via Google Translate
* docs(CHANGELOG): move CHANGELOG entry to the top
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
Co-authored-by: Xe Iaso <me@xeiaso.net >
2025-09-11 13:50:33 +00:00
Xe Iaso
9430d0e6a5
fix(cmd/containerbuild): support commas in --docker-tags ( #1099 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-08 22:19:42 +00:00
Xe Iaso
8b9dafac51
security: npm audit fix for GHSA-hfm8-9jrf-7g9w et. al ( #1098 )
...
* security: npm audit fix for GHSA-hfm8-9jrf-7g9w et. al
Closes #1097
I'm not sure that this is required, but I'd sleep better at night not
finding out that it is required the hard way.
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore: bump postcss version
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-08 14:17:59 -04:00
dependabot[bot]
9997130a7c
build(deps): bump the github-actions group with 4 updates ( #1093 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev >
2025-09-07 22:01:27 -04:00
Jason Cameron
e239083944
docs: add reminder for verified signatures in PR template ( #1092 )
2025-09-07 16:15:26 -04:00
Jason Cameron
abf6c8de57
feat: Warn on missing signing keys when persisting challenges ( #1088 )
2025-09-07 15:43:58 -04:00
Xe Iaso
7e1b5d9951
fix: demote temporal assurance checks
...
* fix(challenge): demote temporal assurance to 80% instead of 95%
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(challenge/preact): wait a little longer to be extra safe
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(challenge/metarefresh): wait a little longer to be extra safe
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs(CHANGELOG): add fix notes
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-07 16:10:54 +00:00
Xe Iaso
98945fb56f
feat(lib/store): add s3api storage backend ( #1089 )
...
* feat(lib/store): add s3api storage backend
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs(store/s3api): replace fake S3 API keys with the bee movie script
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs(store/s3api): fix spelling sin
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(store/s3api): remove vestigal experiment
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(store/s3api): support IsPersistent call
Ref #1088
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore(test): go mod tidy
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-07 09:24:14 -04:00
Jason Cameron
82099d9e05
fix(robots2policy): handle multiple user agents under one block ( #925 )
2025-09-06 22:35:19 -04:00
dependabot[bot]
87c2f1e0e6
build(deps): bump the github-actions group across 1 directory with 8 updates ( #1071 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev >
2025-09-06 22:30:43 -04:00
Jason Cameron
f0199d014f
docs: document some missing env vars ( #1087 )
2025-09-07 01:34:42 +00:00
Jason Cameron
75109f6b73
docs(installation): add SLOG_LEVEL environment variable to configuration ( #1086 )
...
* docs(installation): add SLOG_LEVEL environment variable to configuration
* docs(installation): add SLOG_LEVEL environment variable to configuration
2025-09-06 20:59:02 -04:00
Xe Iaso
c43d7ca686
docs(botstopper): add HTML templating support
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-06 23:42:23 +00:00
Xe Iaso
5d5c39e123
chore: v1.22.0
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-06 11:54:36 -04:00
Xe Iaso
d35e47c655
feat: glob matching for redirect domains ( #1084 )
...
* feat: glob matching for redirect domains
Signed-off-by: Xe Iaso <me@xeiaso.net >
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net >
* docs: update CHANGELOG
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-06 15:46:18 +00:00
Xe Iaso
48b49a0190
docs(CHANGELOG): add changelog entry for v1.22.0
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-05 22:42:08 +00:00
Xe Iaso
de94139789
test: ensure FORCED_LANGUAGE works ( #1083 )
...
Closes #1077
2025-09-05 22:07:17 +00:00
Rimas Kudelis
fd011d19e2
Updates to lt.json ( #1075 )
...
Minor improvements to Lithuanian strings
Signed-off-by: Rimas Kudelis <rimas@kudelis.lt >
2025-09-03 20:07:46 -04:00
Xe Iaso
489abb6b4d
chore: release v1.22.0-pre2
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-02 21:31:17 -04:00
Xe Iaso
8da0771647
chore: break AI agents in this code tree ( #1065 )
...
Update metadata
check-spelling run (pull_request) for Xe/anti-assistant
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev >
Update metadata
check-spelling run (pull_request) for Xe/anti-assistant
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev >
chore: fix package builds
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-09-02 10:11:01 -04:00
Xe Iaso
f0bcbe43af
ci: fix tests ( #1069 )
...
* fix(locailization): fix ci
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(test): fix CI
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(test): fix CI?
Signed-off-by: Xe Iaso <me@xeiaso.net >
* fix(test): fix CI??
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-08-31 08:13:00 -04:00
Xe Iaso
f6e077c907
fix(challenge/metarefresh): ensure that clients have waited long enough ( #1068 )
...
Some admins have noticed that clients are not waiting the right amount
of time in order to access a resource protected by the metarefresh
challenge. This patch adds a check to make sure that clients have waited
at least 95% (difficulty times 950 milliseconds instead of difficulity
times 1000 milliseconds) of the time they should.
If this scales, maybe time is the best way to go for Anubis in the near
future instead of anything else computational.
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-08-31 07:51:54 -04:00
/har/per
2704ba95d0
feat(localization): Add Vietnamese translation ( #926 )
...
* feat(localization): Add Vietnamese translation
* feat(localization): Add Vietnamese language translation
* feat(localization): Add record to CHANGELOG.md
* feat(localization): Add test case for Vietnamese
2025-08-30 00:23:02 -04:00
Xe Iaso
f6a578787f
chore(docs): adjust anubis rules
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-08-29 23:04:32 +00:00
Xe Iaso
31a654ecb6
chore: introduce issue templates ( #939 )
...
* chore: introduce issue templates
* chore: fix spelling
Signed-off-by: Xe Iaso <me@xeiaso.net >
---------
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-08-29 20:41:39 +00:00
Xe Iaso
1a4b5cadcb
chore: fix spelling
...
Signed-off-by: Xe Iaso <me@xeiaso.net >
2025-08-29 20:31:20 +00:00
Rimas Kudelis
d5cdd21631
feat(localizaton): add Lithuanian locale ( #998 )
2025-08-29 16:29:57 -04:00
