anubis

mirror of https://github.com/TecharoHQ/anubis.git synced 2026-02-08 21:09:41 -06:00

Author	SHA1	Message	Date
Xe Iaso	d12993e31d	feat(expressions): add contentLength to bot expressions (#1120 ) Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-15 01:41:45 +00:00
Xe Iaso	88b3e457ee	docs: update BotStopper docs based on new features Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-14 20:16:43 +00:00
Xe Iaso	bb2b113b63	ci(ssh): don't print uname -av output (#1114 ) Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-14 03:03:46 +00:00
Xe Iaso	6c283d0cd9	ci: add aarch64 for ssh CI (#1112 ) * ci: add aarch64 for ssh CI Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: better comment aile and t-elos' roles Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: fix aile Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: update ssh known hosts secret Signed-off-by: Xe Iaso <me@xeiaso.net> * ci(ssh): replace raw connection strings with arch-quirks Signed-off-by: Xe Iaso <me@xeiaso.net> * ci(ssh): disable this check in PRs again Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-14 00:15:23 +00:00
agoujot	0037e214a1	add link to preact in challenge list (#1111 ) Preact was added in 1.22, but it currently isn't listed in the "Challenges" page. Signed-off-by: agoujot <145840578+agoujot@users.noreply.github.com>	2025-09-13 17:31:36 -04:00
Valentin Lab	29ae2a4b87	feat: fallback to SameSite Lax mode if cookie is not secure (#1105 ) Also, will allow to set cookie `SameSite` mode on command line or environment. Note that `None` mode will be forced to ``Lax`` if cookie is set to not be secure. Signed-off-by: Valentin Lab <valentin.lab@kalysto.org>	2025-09-13 10:56:54 +00:00
Xe Iaso	401e18f29f	feat(store/bbolt): implement actor pattern (#1107 ) * feat(store/bbolt): implement actor pattern Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(internal/actorify): document package Signed-off-by: Xe Iaso <me@xeiaso.net> * Update metadata check-spelling run (pull_request) for Xe/actorify Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>	2025-09-12 18:35:22 +00:00
Xe Iaso	63591866aa	fix(decaymap): fix lock convoy (#1106 ) * fix(decaymap): fix lock convoy Ref #1103 This uses the actor pattern to delay deletion instead of making things fight over a lock. It also properly fixes locking logic to prevent the convoy problem. Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-12 16:43:08 +00:00
Xe Iaso	f79d36d21e	docs: update CHANGELOG properly It helps if you save your editor buffer! Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-11 14:07:52 +00:00
Xe Iaso	f5b5243b5e	docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-11 14:04:32 +00:00
Xe Iaso	2011b83a44	chore: port client-side JS to TypeScript (#1100 ) * chore(challenge/preact): port to typescript Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(js/algorithms): port to typescript Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(js/worker): port to typescript Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(web): fix TypeScript build logic Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(web): port bench.mjs to typescript Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(web): port main.mjs to typescript Signed-off-by: Xe Iaso <me@xeiaso.net> * Update metadata check-spelling run (pull_request) for Xe/use-typescript Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> * fix(js/algorithms/fast): handle old browsers Closes #1082 Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>	2025-09-11 10:03:10 -04:00
Martin	8ed89a6c6e	feat(lib): Add option for adding difficulty field to JWT claims (#1063 ) * Add option for difficulty JWT field * Add DIFFICULTY_IN_JWT option to docs * Add missing_required_forwarded_headers to lt translation via Google Translate * docs(CHANGELOG): move CHANGELOG entry to the top Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-09-11 13:50:33 +00:00
Xe Iaso	9430d0e6a5	fix(cmd/containerbuild): support commas in --docker-tags (#1099 ) Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-08 22:19:42 +00:00
Xe Iaso	8b9dafac51	security: npm audit fix for GHSA-hfm8-9jrf-7g9w et. al (#1098 ) * security: npm audit fix for GHSA-hfm8-9jrf-7g9w et. al Closes #1097 I'm not sure that this is required, but I'd sleep better at night not finding out that it is required the hard way. Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: bump postcss version Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-08 14:17:59 -04:00
dependabot[bot]	9997130a7c	build(deps): bump the github-actions group with 4 updates (#1093 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-09-07 22:01:27 -04:00
Jason Cameron	e239083944	docs: add reminder for verified signatures in PR template (#1092 )	2025-09-07 16:15:26 -04:00
Jason Cameron	abf6c8de57	feat: Warn on missing signing keys when persisting challenges (#1088 )	2025-09-07 15:43:58 -04:00
Xe Iaso	7e1b5d9951	fix: demote temporal assurance checks * fix(challenge): demote temporal assurance to 80% instead of 95% Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenge/preact): wait a little longer to be extra safe Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenge/metarefresh): wait a little longer to be extra safe Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(CHANGELOG): add fix notes Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-07 16:10:54 +00:00
Xe Iaso	98945fb56f	feat(lib/store): add s3api storage backend (#1089 ) * feat(lib/store): add s3api storage backend Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(store/s3api): replace fake S3 API keys with the bee movie script Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(store/s3api): fix spelling sin Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(store/s3api): remove vestigal experiment Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(store/s3api): support IsPersistent call Ref #1088 Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * chore(test): go mod tidy Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-07 09:24:14 -04:00
Jason Cameron	82099d9e05	fix(robots2policy): handle multiple user agents under one block (#925 )	2025-09-06 22:35:19 -04:00
dependabot[bot]	87c2f1e0e6	build(deps): bump the github-actions group across 1 directory with 8 updates (#1071 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-09-06 22:30:43 -04:00
Jason Cameron	f0199d014f	docs: document some missing env vars (#1087 )	2025-09-07 01:34:42 +00:00
Jason Cameron	75109f6b73	docs(installation): add SLOG_LEVEL environment variable to configuration (#1086 ) * docs(installation): add SLOG_LEVEL environment variable to configuration * docs(installation): add SLOG_LEVEL environment variable to configuration	2025-09-06 20:59:02 -04:00
Xe Iaso	c43d7ca686	docs(botstopper): add HTML templating support Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-06 23:42:23 +00:00
Xe Iaso	5d5c39e123	chore: v1.22.0 Signed-off-by: Xe Iaso <me@xeiaso.net> v1.22.0	2025-09-06 11:54:36 -04:00
Xe Iaso	d35e47c655	feat: glob matching for redirect domains (#1084 ) * feat: glob matching for redirect domains Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: update CHANGELOG Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-06 15:46:18 +00:00
Xe Iaso	48b49a0190	docs(CHANGELOG): add changelog entry for v1.22.0 Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-05 22:42:08 +00:00
Xe Iaso	de94139789	test: ensure FORCED_LANGUAGE works (#1083 ) Closes #1077	2025-09-05 22:07:17 +00:00
Rimas Kudelis	fd011d19e2	Updates to lt.json (#1075 ) Minor improvements to Lithuanian strings Signed-off-by: Rimas Kudelis <rimas@kudelis.lt>	2025-09-03 20:07:46 -04:00
Xe Iaso	489abb6b4d	chore: release v1.22.0-pre2 Signed-off-by: Xe Iaso <me@xeiaso.net> v1.22.0-pre2	2025-09-02 21:31:17 -04:00
Xe Iaso	8da0771647	chore: break AI agents in this code tree (#1065 ) Update metadata check-spelling run (pull_request) for Xe/anti-assistant on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> Update metadata check-spelling run (pull_request) for Xe/anti-assistant on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> chore: fix package builds Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-09-02 10:11:01 -04:00
Xe Iaso	f0bcbe43af	ci: fix tests (#1069 ) * fix(locailization): fix ci Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(test): fix CI Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(test): fix CI? Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(test): fix CI?? Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-31 08:13:00 -04:00
Xe Iaso	f6e077c907	fix(challenge/metarefresh): ensure that clients have waited long enough (#1068 ) Some admins have noticed that clients are not waiting the right amount of time in order to access a resource protected by the metarefresh challenge. This patch adds a check to make sure that clients have waited at least 95% (difficulty times 950 milliseconds instead of difficulity times 1000 milliseconds) of the time they should. If this scales, maybe time is the best way to go for Anubis in the near future instead of anything else computational. Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-31 07:51:54 -04:00
/har/per	2704ba95d0	feat(localization): Add Vietnamese translation (#926 ) * feat(localization): Add Vietnamese translation * feat(localization): Add Vietnamese language translation * feat(localization): Add record to CHANGELOG.md * feat(localization): Add test case for Vietnamese	2025-08-30 00:23:02 -04:00
Xe Iaso	f6a578787f	chore(docs): adjust anubis rules Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 23:04:32 +00:00
Xe Iaso	31a654ecb6	chore: introduce issue templates (#939 ) * chore: introduce issue templates * chore: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 20:41:39 +00:00
Xe Iaso	1a4b5cadcb	chore: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 20:31:20 +00:00
Rimas Kudelis	d5cdd21631	feat(localizaton): add Lithuanian locale (#998 )	2025-08-29 16:29:57 -04:00
Xe Iaso	0e0847cbeb	feat: add 'proof of React' challenge (#1038 ) * feat: add 'proof of React' challenge Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenge/preact): use JSX fragments Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenge/preact): ensure that the client waits as long as it needs to Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: fix spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenges/xeact): add noscript warning Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenges/xeact): add default loading message Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenges/xeact): make a UI render without JS Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenges/xeact): use %s here, not %w Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(test/healthcheck): run asset build Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(challenge/preact): fix build in ci Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 16:09:27 -04:00
Xe Iaso	00afa72c4b	fix(blog/cpu-core-odd): make the diagram look decent in light mode Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:54:22 +00:00
Xe Iaso	eb50f59351	docs(changelog): fix mis-paste Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-29 19:54:02 +00:00
Skyler Mäntysaari	01f55cf552	internal/log: Implement logging of HOST when using subrequest auth (#1027 ) * internal/log: Implement logging of HOST when using subrequest auth The host header wouldn't be set on subrequest auth, so we need to look for X-Forwarded-Host header when logging requests. * chore: add changelog entry --------- Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 19:04:33 +00:00
OwN-3m-All	99bd06b8c3	Update nginx.mdx - needs port_in_redirect off setting (#1018 ) * Update nginx.mdx - needs port_in_redirect off setting Signed-off-by: OwN-3m-All <own3mall@gmail.com> * Update metadata check-spelling run (pull_request) for patch-1 Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> --------- Signed-off-by: OwN-3m-All <own3mall@gmail.com> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-08-29 19:03:08 +00:00
TinyServal	d6f1f24e1b	docs: document client IP headers and interop with cloudflare (#1034 )	2025-08-29 14:54:03 -04:00
Eric Hameleers	6a5485fde9	Alienbob: add Slackware URLs that are now protected by Anubis (#1051 ) * Update known-instances.md with Slackware git servers Signed-off-by: Eric Hameleers <alien@slackware.com> * Update CHANGELOG.md with Slackware git servers being protected by Anubis Signed-off-by: Eric Hameleers <alien@slackware.com> --------- Signed-off-by: Eric Hameleers <alien@slackware.com> Signed-off-by: Xe Iaso <xe.iaso@techaro.lol> Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>	2025-08-29 14:24:04 +00:00
Alex Samorukov	582181f9b9	Allow to disable keep-alive for the targets not supporting it properly (#1049 ) * Allow to disable keep-alive for the targets not supporting it properly * Add changelog entry	2025-08-29 10:17:03 -04:00
Chris	44264981b5	Fix broken docs link (#1059 ) Fixes a broken docs link Signed-off-by: Chris <398094+phuzion@users.noreply.github.com>	2025-08-28 11:28:25 -03:00
Xe Iaso	21c3e0c469	docs(blog): add post about the odd CPU core count bug (#1058 ) * docs(blog): add post about the odd CPU core count bug Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-28 09:32:04 -04:00
phoval	9ddc1eb840	fix: middleware traefik redirect url (#1040 )	2025-08-28 07:24:29 -04:00
Xe Iaso	c661bc37d1	fix(worker): constrain nonce value to be a whole integer (#1045 ) * fix(worker): constrain nonce value to be a whole integer Closes #1043 Sometimes the worker could get into a strange state where it has a decimal nonce, but the server assumes that the nonce can only be a whole number. This patch constrains the nonce to be a whole number on the worker end by detecting if the nonce is a decimal number and then truncating away the decimal portion. Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(algorithms/fast): truncate decimal place on number of threads Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-08-26 14:05:03 -04:00

1 2 3 4 5 ...

591 Commits