Xe Iaso
5e95da6b6c
test(ssh-ci): disable GOARCH=ppc64le for now
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-06-11 12:58:32 -04:00
Xe Iaso
f5140ae57b
test: introduce SSH based CI for non-native test hosts ( #644 )
...
* feat: ssh based CI
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test: implement SSH ci with caches and github actions
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): fix known hosts secret
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): clone the repo, that's important
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): speed up ci by prebaking the SSH CI image
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): set -euo
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): enable pull_request_target so things work
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): oh goody it's broken
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): add cronjob to rebuild ci runner image
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): also run yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): force git version for yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): run set -x in the container
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): fix yeet?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): remove yeet for now
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test(ssh-ci): disable for PRs for now
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-06-11 12:50:01 -04:00
Xe Iaso
c638653172
feat(lib): implement request weight ( #621 )
...
* feat(lib): implement request weight
Replaces #608
This is a big one and will be what makes Anubis a generic web
application firewall. This introduces the WEIGH option, allowing
administrators to have facets of request metadata add or remove
"weight", or the level of suspicion. This really makes Anubis weigh
the soul of requests.
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(lib): maintain legacy challenge behavior
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(lib): make weight have dedicated checkers for the hashes
Signed-off-by: Xe Iaso <me@xeiaso.net>
* feat(data): convert some rules over to weight points
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: document request weight
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(CHANGELOG): spelling error
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: fix links to challenge information
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs(policies): fix formatting
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(config): make default weight adjustment 5
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-06-09 15:25:04 -04:00
Fierelier
0fe46b48cf
Make progress bar styling more compatible (UXP, etc) ( #636 )
...
* Make progress bar styling more compatible (UXP, etc)
* Add 'Make progress bar styling more compatible (UXP, etc)'
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Fierelier <fier@airmail.cc>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-06-09 12:19:38 -04:00
dependabot[bot]
6594ae0eef
build(deps): bump github/codeql-action in the github-actions group ( #635 )
...
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.28.18 to 3.28.19
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](ff0a06e83c...fca7ace96b
2025-06-09 08:56:41 -04:00
Xe Iaso
4ac59c3a79
feat(lib/challenge): HTTP meta refresh challenge method ( #623 )
...
* feat(lib/challenge): HTTP meta refresh challenge method
Closes #95
This challenge method enables users that don't (or won't) support
JavaScript to pass Anubis challenges. It works by using HTML meta
refresh directives to ensure that the client is a browser.
This is OFF by default. In order to enable it, an administrator MUST
choose to make the default challenge method `metarefresh`.
TODO(Xe):
- [ ] Documentation on this challenge method
- [ ] Amend wording around Anubis being a proof of work proxy in the docs
- [ ] Add configuration file syntax for the default challenge method and settings
- [ ] Test with early customers
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix(lib/challenge/metarefresh): use this value of err
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: add metarefresh challenge info, Web AI Firewall Utility
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-06-06 21:18:55 -04:00
foosinn
9f1d791991
docs(subrequest-auth): document required policy changes ( #613 )
...
* docs(subrequest-auth): document required policy changes
Signed-off-by: foosinn <foosinn@f2o.io>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: foosinn <foosinn@f2o.io>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-06-05 16:53:18 -04:00
Markus Sommer
76fa3e01a5
docs(known-instances): add Alliance of Hessian Libraries ( #611 )
...
Signed-off-by: Markus Sommer <markus@splork.de>
2025-06-04 02:03:57 +00:00
dependabot[bot]
ec73bcbaf1
build(deps): bump docker/build-push-action in the github-actions group ( #602 )
...
Bumps the github-actions group with 1 update: [docker/build-push-action](https://github.com/docker/build-push-action ).
Updates `docker/build-push-action` from 6.17.0 to 6.18.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](1dc7386353...263435318d
2025-06-01 23:39:05 -04:00
Corry Haines
de7dbfe6d6
Split up AI filtering files ( #592 )
...
* Split up AI filtering files
Create aggressive/moderate/permissive policies to allow administrators to choose their AI/LLM stance.
Aggressive policy matches existing default in Anubis.
Removes `Google-Extended` flag from `ai-robots-txt.yaml` as it doesn't exist in requests.
Rename `ai-robots-txt.yaml` to `ai-catchall.yaml` as the file is no longer a copy of the source repo/file.
* chore: spelling
* chore: fix embeds
* chore: fix data includes
* chore: fix file name typo
* chore: Ignore READMEs in configs
* chore(lib/policy/config): go tool goimports -w
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-06-01 20:21:18 +00:00
Corry Haines
0d9ebebff6
Opt-in policies for OpenAI and MistralAI bots ( #590 )
...
* Define OpenAI bot ALLOW policies
Allows OpenAI bots to be allowlisted at the choice of the Anubis administrator. None are enabled by default.
* Define MistralAI bot ALLOW policy
* chore: spelling
2025-05-31 16:48:57 -04:00
Corry Haines
68a71c6a99
Add Applebot definition ( #589 )
...
* Add Applebot definition
Adds Apple's search indexing bot, and allowlists it by default.
Allowlisted by default because it is equivalent to Googlebot/Bingbot. Remove Applebot from `ai-robots-txt.yaml` for the same reasons.
Remove `Applebot-Extended` from `ai-robots-txt.yaml` as it has no effect.
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-31 10:18:32 -04:00
jordigh
9ba10262e3
add Weblate to known-instances.md ( #571 )
...
Signed-off-by: jordigh <jordigh@octave.org>
2025-05-28 00:03:04 +00:00
dependabot[bot]
a28a3d155a
build(deps): bump astral-sh/setup-uv in the github-actions group ( #558 )
...
Bumps the github-actions group with 1 update: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ).
Updates `astral-sh/setup-uv` from 6.0.1 to 6.1.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](6b9c6063ab...f0ec1fc3b3
2025-05-27 11:12:31 -04:00
James Renken
6f08bcb481
feat: add TARGET_SNI to allow overriding the TLS handshake hostname when forwarding requests ( #529 )
...
* feat: add TARGET_SNI to allow overriding the TLS handshake hostname when forwarding requests
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-23 16:27:35 +00:00
Dryusdan
11081aac08
Bump AI-robots.txt rules to version 1.31 ( #538 )
...
* Bump AI-robots.txt rules to version 1.31
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-23 16:15:12 +00:00
Nathan Price
c78d830ecb
docs/docs/admin/native-install.mdx: correct the path for the default configuration file installation ( #535 )
...
Using the native-install instructions, default.env was installed as /etc/anubis rather than /etc/anubis/default.env
2025-05-22 18:34:06 +00:00
dependabot[bot]
7b8953303d
build(deps): bump the github-actions group with 4 updates ( #523 )
...
Bumps the github-actions group with 4 updates: [docker/build-push-action](https://github.com/docker/build-push-action ), [actions-hub/kubectl](https://github.com/actions-hub/kubectl ), [check-spelling/check-spelling](https://github.com/check-spelling/check-spelling ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/build-push-action` from 6.16.0 to 6.17.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](14487ce63c...1dc7386353https://github.com/actions-hub/kubectl/releases )
- [Commits](e81783053d...f632a31512https://github.com/check-spelling/check-spelling/releases )
- [Commits](67debf5066...c635c2f3f7https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](60168efe1c...ff0a06e83c
2025-05-19 00:35:59 +00:00
Xe Iaso
50e030d17e
chore(docs/deploy): move to new cluster ( #519 )
...
* chore(docs/deploy): move to new cluster
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-18 20:25:12 +00:00
Xe Iaso
b640c567da
feat(lib): ensure that clients store cookies ( #501 )
...
* feat(lib): ensure that clients store cookies
If a client is misconfigured and does not store cookies, then they can
get into a proof of work death spiral with Anubis. This fixes the
problem by setting a test cookie whenever the user gets hit with a
challenge page. If the test cookie is not there at challenge pass time,
then they are blocked. Administrators will also get a log message
explaining that the user intentionally broke cookie support and that this
behavior is not an Anubis bug.
Additionally, this ensures that clients being shown a challenge support
gzip-compressed responses by showing the challenge page at gzip level 1.
This level is intentionally chosen in order to minimize system impacts.
The ClearCookie function is made more generic to account for cookie
names as an argument. A correlating SetCookie function was also added to
make it easier to set cookies.
* chore(lib): clean up test code
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-16 13:03:40 -04:00
Dryusdan
9e9982ab5d
feat(apps): Make SASL login work on bookstack with Anubis ( #502 )
...
* Make SASL login work on bookstack with Anubis
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-16 17:01:34 +00:00
Xe Iaso
3b98368aa9
feat(apps): add SearXNG instance tracker policy and Qualys Labs SSL testing rules ( #512 )
...
* feat(apps): add SearXNG instance tracker policy
* feat(apps): add Qualys SSL Labs policy
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: hyperdefined <contact@hyper.lol>
2025-05-16 16:59:15 +00:00
Xe Iaso
91c21fbb4b
docs: add HTMX workaround ( #511 )
...
* docs: add HTMX workaround
Signed-off-by: Xe Iaso <me@xeiaso.net>
* chore: spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-16 16:37:39 +00:00
Xe Iaso
d51b7ec0aa
chore(spelling): add weblate
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-13 10:04:30 -04:00
Jason Cameron
659b577e0e
feat(ci): use dynamic repository owner and name in Docker actions ( #487 )
...
* feat(ci): use dynamic repository owner and name in Docker actions
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): support forks
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): support forks
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): add debug output for Docker repository information
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): update Docker image naming convention in workflow
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): set lowercase image name in Docker workflow
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): remove json/gha branch from Docker workflow triggers
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat(ci): simplify Docker registry configuration in workflow
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
---------
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
2025-05-09 20:18:53 -04:00
Xe Iaso
a0805cad16
chore(go.mod): move yeet to be a go tool ( #485 )
...
This means that yeet's version will be managed by `go.mod` and
auto-bumped with dependabot. This removes human error from the equation
and ensures that Anubis is always built with the newest version of yeet.
This also makes it trivial to make your own local packages for testing:
```text
go tool yeet
```
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-09 18:33:44 +00:00
Henri Vasserman
22ada6251f
test(playwright): Add Docker and Podman support ( #433 )
...
* test(playwright): Add support to run tests in Docker/Podman
* fix command name
Co-authored-by: Xe Iaso <me@xeiaso.net>
Signed-off-by: Henri Vasserman <henv@hot.ee>
* up the pw version as it is in package.json
* add convenience npm scripts
* chore: changelog update
Also removed a period from my other item.
* chore: fix spelling
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Henri Vasserman <henv@hot.ee>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-09 13:58:55 -04:00
Xe Iaso
092b80ba55
ci(check-spelling): allow release names in spelling allowlists ( #483 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-09 17:22:26 +00:00
Josh Soref
39dc3c0317
ci: add check-spelling ( #462 )
...
This is a basic spell checker to make sure words are spelled correctly.
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-09 17:02:41 +00:00
dependabot[bot]
2e54e839f1
build(deps): bump the gomod group across 1 directory with 4 updates ( #457 )
...
* build(deps): bump the gomod group across 1 directory with 4 updates
Bumps the gomod group with 4 updates in the / directory: [github.com/a-h/templ](https://github.com/a-h/templ ), [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go ), [golang.org/x/net](https://github.com/golang/net ) and [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ).
Updates `github.com/a-h/templ` from 0.3.857 to 0.3.865
- [Release notes](https://github.com/a-h/templ/releases )
- [Changelog](https://github.com/a-h/templ/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/a-h/templ/compare/v0.3.857...v0.3.865 )
Updates `github.com/playwright-community/playwright-go` from 0.5101.0 to 0.5200.0
- [Release notes](https://github.com/playwright-community/playwright-go/releases )
- [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5101.0...v0.5200.0 )
Updates `golang.org/x/net` from 0.39.0 to 0.40.0
- [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0 )
Updates `k8s.io/apimachinery` from 0.32.3 to 0.33.0
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.3...v0.33.0 )
---
updated-dependencies:
- dependency-name: github.com/a-h/templ
dependency-version: 0.3.865
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: gomod
- dependency-name: github.com/playwright-community/playwright-go
dependency-version: 0.5200.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: golang.org/x/net
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: k8s.io/apimachinery
dependency-version: 0.33.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore: go mod tidy && npm run assets
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: use playwright managed by npm
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-07 17:48:10 -04:00
Xe Iaso
3701b2bc3d
ci(go): fix govulncheck ( #464 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-07 13:42:28 +00:00
Xe Iaso
16412a8bf9
ci: add govulncheck ( #456 )
...
This is intended to catch low-hanging fruit.
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-06 14:07:55 +00:00
Patrick Linnane
3b50b4c6c0
zizmor: add config file to silence unpinned-uses of Homebrew/actions ( #441 )
2025-05-05 01:22:36 +00:00
dependabot[bot]
8ee0529321
build(deps): bump the github-actions group with 3 updates ( #439 )
...
Bumps the github-actions group with 3 updates: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/attest-build-provenance` from 2.2.3 to 2.3.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](c074443f1a...db473fddc0https://github.com/astral-sh/setup-uv/releases )
- [Commits](c7f87aa956...6b9c6063abhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-04 20:46:48 -04:00
Xe Iaso
f8e1000ab0
fix(yeetfile): copy all docs, data files, and botPolicies.yaml ( #419 )
...
* fix(yeetfile): copy all docs, data files, and botPolicies.yaml
Closes #415
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: bump yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-02 08:43:19 -04:00
dependabot[bot]
bd0e46dac3
build(deps): bump the github-actions group with 4 updates ( #387 )
...
Bumps the github-actions group with 4 updates: [docker/build-push-action](https://github.com/docker/build-push-action ), [actions-hub/kubectl](https://github.com/actions-hub/kubectl ), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/build-push-action` from 6.15.0 to 6.16.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](471d1dc4e0...14487ce63chttps://github.com/actions-hub/kubectl/releases )
- [Commits](9270913c29...e81783053dhttps://github.com/astral-sh/setup-uv/releases )
- [Commits](d4b2f3b6ec...c7f87aa956https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](45775bd823...28deaeda66
2025-04-28 01:40:38 +00:00
Xe Iaso
5423ab013a
ci(packages): final pre-release yeet bump ( #384 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-27 16:54:03 +00:00
Xe Iaso
bec7199ab6
fix(docs): make the docs respect light/dark mode ( #334 )
...
Closes #333
I'm very bad at design so I just picked colors that looked reasonable
enough to me. Hopefully this will be enough to get us to the next stage!
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-23 04:01:02 +00:00
Xe Iaso
ac5a4bf58d
chore(ci): migrate to TecharoHQ/yeet ( #323 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-22 12:21:37 +00:00
dependabot[bot]
a14f917d68
build(deps): bump astral-sh/setup-uv in the github-actions group ( #312 )
...
Bumps the github-actions group with 1 update: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ).
Updates `astral-sh/setup-uv` from 5.4.1 to 5.4.2
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](0c5e2b8115...d4b2f3b6ec
2025-04-20 21:16:38 -04:00
Xe Iaso
2d22491e8c
undo depot for now until I have the corp set up
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-20 09:07:54 -04:00
Xe Iaso
736c3ade09
.github/funding: add GitHub sponsors
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-17 23:48:36 -04:00
dependabot[bot]
5d4d2e3e2a
build(deps): bump github/codeql-action in the github-actions group ( #264 )
...
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.28.13 to 3.28.15
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...45775bd823
2025-04-15 05:56:14 -04:00
dependabot[bot]
2ebce26709
build(deps): bump the gomod group with 3 updates ( #265 )
...
* build(deps): bump the gomod group with 3 updates
Bumps the gomod group with 3 updates: [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go ), [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) and [golang.org/x/net](https://github.com/golang/net ).
Updates `github.com/playwright-community/playwright-go` from 0.5001.0 to 0.5101.0
- [Release notes](https://github.com/playwright-community/playwright-go/releases )
- [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5001.0...v0.5101.0 )
Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.21.1...v1.22.0 )
Updates `golang.org/x/net` from 0.38.0 to 0.39.0
- [Commits](https://github.com/golang/net/compare/v0.38.0...v0.39.0 )
---
updated-dependencies:
- dependency-name: github.com/playwright-community/playwright-go
dependency-version: 0.5101.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: github.com/prometheus/client_golang
dependency-version: 1.22.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: golang.org/x/net
dependency-version: 0.39.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
...
Signed-off-by: dependabot[bot] <support@github.com>
* internal/test: bump playwright version
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-04-15 05:55:50 -04:00
Xe Iaso
62e20a213a
use depot builders ( #262 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-13 15:57:47 -04:00
Patrick Linnane
503f466ecf
workflows: hash pin more Actions ( #241 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-11 22:18:13 -04:00
Patrick Linnane
1614504922
workflows: hash pin Actions ( #203 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-08 00:45:06 -04:00
Xe Iaso
2324395ae2
move pull request template to a hidden folder
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-07 17:36:29 -04:00
Xe Iaso
8adf1a06eb
.github/workflows/package-builds-stable: allow write permissions to upload binary packages
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 13:05:45 -04:00
Xe Iaso
df27a96f1f
make a half-baked tarball ( #221 )
...
* make a half-baked tarball
Closes #217
Signed-off-by: Xe Iaso <me@xeiaso.net>
* make two tarballs: one with just the vendor, and one with vendor and npm
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 12:44:52 +00:00
