fix(config): deprecate the report_as field for challenges (#1311)

* fix(config): deprecate the report_as field for challenges This was a bad idea when it was added and it is irresponsible to continue to have it. It causes more UX problems than it fixes with slight of hand. Closes: #1310 Closes: #1307 Signed-off-by: Xe Iaso <me@xeiaso.net> * fix(policy): use the new logger for config validation messages Signed-off-by: Xe Iaso <me@xeiaso.net> * docs(admin/thresholds): remove this report_as setting Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-11-25 23:25:17 -05:00 · 2025-11-25 23:25:17 -05:00 · 4ead3ed16e
commit 4ead3ed16e
parent 1f9c2272e6
21 changed files with 73 additions and 70 deletions
--- a/lib/anubis.go
+++ b/lib/anubis.go
@ -167,8 +167,8 @@ func (s *Server) hydrateChallengeRule(rule *policy.Bot, chall *challenge.Challen
 	if rule.Challenge.Difficulty == 0 {
 		rule.Challenge.Difficulty = chall.Difficulty
 	}
-	if rule.Challenge.ReportAs == 0 {
-		rule.Challenge.ReportAs = chall.Difficulty
+	if rule.Challenge.ReportAs != 0 {
+		s.logger.Warn("[DEPRECATION] the report_as field in this bot rule is deprecated, see https://github.com/TecharoHQ/anubis/issues/1310 for more information", "bot_name", rule.Name, "difficulty", rule.Challenge.Difficulty, "report_as", rule.Challenge.ReportAs)
 	}
 	if rule.Challenge.Algorithm == "" {
 		rule.Challenge.Algorithm = chall.Method
@ -648,7 +648,6 @@ func (s *Server) check(r *http.Request, lg *slog.Logger) (policy.CheckResult, *p
 	return cr("default/allow", config.RuleAllow, weight), &policy.Bot{
 		Challenge: &config.ChallengeRules{
 			Difficulty: s.policy.DefaultDifficulty,
-			ReportAs:   s.policy.DefaultDifficulty,
 			Algorithm:  config.DefaultAlgorithm,
 		},
 		Rules: &checker.List{},
--- a/lib/anubis_test.go
+++ b/lib/anubis_test.go
@ -464,10 +464,6 @@ func TestCheckDefaultDifficultyMatchesPolicy(t *testing.T) {
 			if bot.Challenge.Difficulty != i {
 				t.Errorf("Challenge.Difficulty is wrong, wanted %d, got: %d", i, bot.Challenge.Difficulty)
 			}
-
-			if bot.Challenge.ReportAs != i {
-				t.Errorf("Challenge.ReportAs is wrong, wanted %d, got: %d", i, bot.Challenge.ReportAs)
-			}
 		})
 	}
 }
--- a/lib/challenge/proofofwork/proofofwork_test.go
+++ b/lib/challenge/proofofwork/proofofwork_test.go
@ -36,7 +36,6 @@ func TestBasic(t *testing.T) {
 		Challenge: &config.ChallengeRules{
 			Algorithm:  "fast",
 			Difficulty: 0,
-			ReportAs:   0,
 		},
 	}
 	const challengeStr = "hunter"
--- a/lib/config/config_test.go
+++ b/lib/config/config_test.go
@ -110,7 +110,6 @@ func TestBotValid(t *testing.T) {
 				PathRegex: p("Mozilla"),
 				Challenge: &ChallengeRules{
 					Difficulty: -1,
-					ReportAs:   4,
 					Algorithm:  "fast",
 				},
 			},
@ -124,7 +123,6 @@ func TestBotValid(t *testing.T) {
 				PathRegex: p("Mozilla"),
 				Challenge: &ChallengeRules{
 					Difficulty: 420,
-					ReportAs:   4,
 					Algorithm:  "fast",
 				},
 			},
@ -361,7 +359,6 @@ func TestBotConfigZero(t *testing.T) {

 	b.Challenge = &ChallengeRules{
 		Difficulty: 4,
-		ReportAs:   4,
 		Algorithm:  DefaultAlgorithm,
 	}
 	if b.Zero() {
--- a/lib/config/testdata/good/thresholds.yaml
+++ b/lib/config/testdata/good/thresholds.yaml
@ -18,7 +18,6 @@ thresholds:
    challenge:
      algorithm: metarefresh
      difficulty: 1
-      report_as: 1
  - name: moderate-suspicion
    expression:
      all:
@ -28,11 +27,9 @@ thresholds:
    challenge:
      algorithm: fast
      difficulty: 2
-      report_as: 2
  - name: extreme-suspicion
    expression: weight >= 20
    action: CHALLENGE
    challenge:
      algorithm: fast
      difficulty: 4
-      report_as: 4
--- a/lib/config/threshold.go
+++ b/lib/config/threshold.go
@ -24,7 +24,6 @@ var (
 			Challenge: &ChallengeRules{
 				Algorithm:  "fast",
 				Difficulty: anubis.DefaultDifficulty,
-				ReportAs:   anubis.DefaultDifficulty,
 			},
 		},
 	}
--- a/lib/config/threshold_test.go
+++ b/lib/config/threshold_test.go
@ -32,7 +32,6 @@ func TestThresholdValid(t *testing.T) {
 				Challenge: &ChallengeRules{
 					Algorithm:  "fast",
 					Difficulty: 1,
-					ReportAs:   1,
 				},
 			},
 			err: nil,
--- a/lib/policy/policy.go
+++ b/lib/policy/policy.go
@ -66,6 +66,29 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic
 	result := newParsedConfig(c)
 	result.DefaultDifficulty = defaultDifficulty

+	if c.Logging.Level != nil {
+		logLevel = c.Logging.Level.String()
+	}
+
+	switch c.Logging.Sink {
+	case config.LogSinkStdio:
+		result.Logger = internal.InitSlog(logLevel, os.Stderr)
+	case config.LogSinkFile:
+		out := &logrotate.Logger{
+			Filename:           c.Logging.Parameters.Filename,
+			FilenameTimeFormat: time.RFC3339,
+			MaxBytes:           c.Logging.Parameters.MaxBytes,
+			MaxAge:             c.Logging.Parameters.MaxAge,
+			MaxBackups:         c.Logging.Parameters.MaxBackups,
+			LocalTime:          c.Logging.Parameters.UseLocalTime,
+			Compress:           c.Logging.Parameters.Compress,
+		}
+
+		result.Logger = internal.InitSlog(logLevel, out)
+	}
+
+	lg := result.Logger.With("at", "config-validate")
+
 	for _, b := range c.Bots {
 		if berr := b.Valid(); berr != nil {
 			validationErrs = append(validationErrs, berr)
@ -126,7 +149,7 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic

 		if b.ASNs != nil {
 			if !hasThothClient {
-				slog.Warn("You have specified a Thoth specific check but you have no Thoth client configured. Please read https://anubis.techaro.lol/docs/admin/thoth for more information", "check", "asn", "settings", b.ASNs)
+				lg.Warn("You have specified a Thoth specific check but you have no Thoth client configured. Please read https://anubis.techaro.lol/docs/admin/thoth for more information", "check", "asn", "settings", b.ASNs)
 				continue
 			}

@ -135,7 +158,7 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic

 		if b.GeoIP != nil {
 			if !hasThothClient {
-				slog.Warn("You have specified a Thoth specific check but you have no Thoth client configured. Please read https://anubis.techaro.lol/docs/admin/thoth for more information", "check", "geoip", "settings", b.GeoIP)
+				lg.Warn("You have specified a Thoth specific check but you have no Thoth client configured. Please read https://anubis.techaro.lol/docs/admin/thoth for more information", "check", "geoip", "settings", b.GeoIP)
 				continue
 			}

@ -145,7 +168,6 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic
 		if b.Challenge == nil {
 			parsedBot.Challenge = &config.ChallengeRules{
 				Difficulty: defaultDifficulty,
-				ReportAs:   defaultDifficulty,
 				Algorithm:  "fast",
 			}
 		} else {
@ -155,7 +177,7 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic
 			}

 			if parsedBot.Challenge.Algorithm == "slow" {
-				slog.Warn("use of deprecated algorithm \"slow\" detected, please update this to \"fast\" when possible", "name", parsedBot.Name)
+				lg.Warn("use of deprecated algorithm \"slow\" detected, please update this to \"fast\" when possible", "name", parsedBot.Name)
 			}
 		}

@ -172,17 +194,20 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic

 	for _, t := range c.Thresholds {
 		if t.Challenge != nil && t.Challenge.Algorithm == "slow" {
-			slog.Warn("use of deprecated algorithm \"slow\" detected, please update this to \"fast\" when possible", "name", t.Name)
+			lg.Warn("use of deprecated algorithm \"slow\" detected, please update this to \"fast\" when possible", "name", t.Name)
+		}
+
+		if t.Challenge != nil && t.Challenge.ReportAs != 0 {
+			lg.Warn("use of deprecated report_as setting detected, please remove this from your policy file when possible", "name", t.Name)
 		}

 		if t.Name == "legacy-anubis-behaviour" && t.Expression.String() == "true" {
 			if !warnedAboutThresholds.Load() {
-				slog.Warn("configuration file does not contain thresholds, see docs for details on how to upgrade", "fname", fname, "docs_url", "https://anubis.techaro.lol/docs/admin/configuration/thresholds/")
+				lg.Warn("configuration file does not contain thresholds, see docs for details on how to upgrade", "fname", fname, "docs_url", "https://anubis.techaro.lol/docs/admin/configuration/thresholds/")
 				warnedAboutThresholds.Store(true)
 			}

 			t.Challenge.Difficulty = defaultDifficulty
-			t.Challenge.ReportAs = defaultDifficulty
 		}

 		threshold, err := ParsedThresholdFromConfig(t)
@ -207,27 +232,6 @@ func ParseConfig(ctx context.Context, fin io.Reader, fname string, defaultDiffic
 		validationErrs = append(validationErrs, config.ErrUnknownStoreBackend)
 	}

-	if c.Logging.Level != nil {
-		logLevel = c.Logging.Level.String()
-	}
-
-	switch c.Logging.Sink {
-	case config.LogSinkStdio:
-		result.Logger = internal.InitSlog(logLevel, os.Stderr)
-	case config.LogSinkFile:
-		out := &logrotate.Logger{
-			Filename:           c.Logging.Parameters.Filename,
-			FilenameTimeFormat: time.RFC3339,
-			MaxBytes:           c.Logging.Parameters.MaxBytes,
-			MaxAge:             c.Logging.Parameters.MaxAge,
-			MaxBackups:         c.Logging.Parameters.MaxBackups,
-			LocalTime:          c.Logging.Parameters.UseLocalTime,
-			Compress:           c.Logging.Parameters.Compress,
-		}
-
-		result.Logger = internal.InitSlog(logLevel, out)
-	}
-
 	if len(validationErrs) > 0 {
 		return nil, fmt.Errorf("errors validating policy config JSON %s: %w", fname, errors.Join(validationErrs...))
 	}
--- a/lib/testdata/invalid-challenge-method.yaml
+++ b/lib/testdata/invalid-challenge-method.yaml
@ -4,5 +4,4 @@ bots:
    action: CHALLENGE
    challenge:
      difficulty: 16
-      report_as: 4
      algorithm: hunter2 # invalid algorithm
--- a/lib/testdata/test_config.yaml
+++ b/lib/testdata/test_config.yaml
@ -42,4 +42,3 @@ thresholds:
    challenge:
      algorithm: fast
      difficulty: 1
-      report_as: 1
--- a/lib/testdata/zero_difficulty.yaml
+++ b/lib/testdata/zero_difficulty.yaml
@ -42,4 +42,3 @@ thresholds:
    challenge:
      algorithm: fast
      difficulty: 0
-      report_as: 0