sophie/nuke - git.sad.ovh - sophie's repository hosting

Author	SHA1	Message	Date
dependabot[bot]	2e54e839f1	build(deps): bump the gomod group across 1 directory with 4 updates (#457 ) * build(deps): bump the gomod group across 1 directory with 4 updates Bumps the gomod group with 4 updates in the / directory: [github.com/a-h/templ](https://github.com/a-h/templ), [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go), [golang.org/x/net](https://github.com/golang/net) and [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery). Updates `github.com/a-h/templ` from 0.3.857 to 0.3.865 - [Release notes](https://github.com/a-h/templ/releases) - [Changelog](https://github.com/a-h/templ/blob/main/.goreleaser.yaml) - [Commits](https://github.com/a-h/templ/compare/v0.3.857...v0.3.865) Updates `github.com/playwright-community/playwright-go` from 0.5101.0 to 0.5200.0 - [Release notes](https://github.com/playwright-community/playwright-go/releases) - [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5101.0...v0.5200.0) Updates `golang.org/x/net` from 0.39.0 to 0.40.0 - [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0) Updates `k8s.io/apimachinery` from 0.32.3 to 0.33.0 - [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.3...v0.33.0) --- updated-dependencies: - dependency-name: github.com/a-h/templ dependency-version: 0.3.865 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: github.com/playwright-community/playwright-go dependency-version: 0.5200.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/net dependency-version: 0.40.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: k8s.io/apimachinery dependency-version: 0.33.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com> * chore: go mod tidy && npm run assets Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: use playwright managed by npm Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-05-07 17:48:10 -04:00
Xe Iaso	16412a8bf9	ci: add govulncheck (#456 ) This is intended to catch low-hanging fruit. Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-05-06 14:07:55 +00:00
Xe Iaso	865d513e35	feat(checker): add CEL for matching complicated expressions (#421 ) * feat(lib/policy): add support for CEL checkers This adds the ability for administrators to use Common Expression Language[0] (CEL) for more advanced check logic than Anubis previously offered. These can be as simple as: ```yaml - name: allow-api-routes action: ALLOW expression: and: - '!(method == "HEAD" \|\| method == "GET")' - path.startsWith("/api/") ``` or get as complicated as: ```yaml - name: allow-git-clients action: ALLOW expression: and: - userAgent.startsWith("git/") \|\| userAgent.contains("libgit") \|\| userAgent.startsWith("go-git") \|\| userAgent.startsWith("JGit/") \|\| userAgent.startsWith("JGit-") - > "Git-Protocol" in headers && headers["Git-Protocol"] == "version=2" ``` Internally these are compiled and evaluated with cel-go[1]. This also leaves room for extensibility should that be desired in the future. This will intersect with #338 and eventually intersect with TLS fingerprints as in #337. [0]: https://cel.dev/ [1]: https://github.com/google/cel-go Signed-off-by: Xe Iaso <me@xeiaso.net> * feat(data/apps): add API route allow rule for non-HEAD/GET Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: document expression syntax Signed-off-by: Xe Iaso <me@xeiaso.net> * fix: fixes in review Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-05-03 14:26:54 -04:00
Jason Cameron	301c7a42bd	refactor(lib): Split up anubis.go into some smaller files. (#379 ) * refactor(logging): centralize logger creation in GetLogger function Signed-off-by: Jason Cameron <git@jasoncameron.dev> * refactor(logging): rename GetLogger to GetRequestLogger for clarity Signed-off-by: Jason Cameron <git@jasoncameron.dev> * refactor: streamline error handling and response methods Signed-off-by: Jason Cameron <git@jasoncameron.dev> * refactor(lib): Split anubis.go up into some smaller specialized methods Signed-off-by: Jason Cameron <git@jasoncameron.dev> * refactor(http): simplify error response handling by using respondWithStatus Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore(lib): run goimports Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Jason Cameron <git@jasoncameron.dev> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-04-27 13:36:39 +00:00
Xe Iaso	d40b5cfdab	lib: move config to yaml (#307 ) * lib: move config to yaml Signed-off-by: Xe Iaso <me@xeiaso.net> * web: run go generate Signed-off-by: Xe Iaso <me@xeiaso.net> * Add Haiku to known instances (#304) Signed-off-by: Asmodeus <46908100+AsmodeumX@users.noreply.github.com> * Add headers bot rule (#300) * Closes #291: add headers support to bot policy rules * Fix config validator * update docs for JSON -> YAML Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: document http header based actions Signed-off-by: Xe Iaso <me@xeiaso.net> * lib: add missing test Signed-off-by: Xe Iaso <me@xeiaso.net> * Apply suggestions from code review Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com> Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: Asmodeus <46908100+AsmodeumX@users.noreply.github.com> Co-authored-by: Asmodeus <46908100+AsmodeumX@users.noreply.github.com> Co-authored-by: Neur0toxine <pashok9825@gmail.com> Co-authored-by: Copilot <175728472+Copilot@users.noreply.github.com>	2025-04-21 00:09:27 +00:00
dependabot[bot]	2ebce26709	build(deps): bump the gomod group with 3 updates (#265 ) * build(deps): bump the gomod group with 3 updates Bumps the gomod group with 3 updates: [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go), [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang) and [golang.org/x/net](https://github.com/golang/net). Updates `github.com/playwright-community/playwright-go` from 0.5001.0 to 0.5101.0 - [Release notes](https://github.com/playwright-community/playwright-go/releases) - [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5001.0...v0.5101.0) Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0 - [Release notes](https://github.com/prometheus/client_golang/releases) - [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md) - [Commits](https://github.com/prometheus/client_golang/compare/v1.21.1...v1.22.0) Updates `golang.org/x/net` from 0.38.0 to 0.39.0 - [Commits](https://github.com/golang/net/compare/v0.38.0...v0.39.0) --- updated-dependencies: - dependency-name: github.com/playwright-community/playwright-go dependency-version: 0.5101.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: github.com/prometheus/client_golang dependency-version: 1.22.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod - dependency-name: golang.org/x/net dependency-version: 0.39.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com> * internal/test: bump playwright version Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-04-15 05:55:50 -04:00
dependabot[bot]	0928c3c830	build(deps): bump the gomod group across 1 directory with 2 updates (#233 ) * build(deps): bump the gomod group across 1 directory with 2 updates Bumps the gomod group with 2 updates in the / directory: [github.com/a-h/templ](https://github.com/a-h/templ) and [golang.org/x/net](https://github.com/golang/net). Updates `github.com/a-h/templ` from 0.3.833 to 0.3.857 - [Release notes](https://github.com/a-h/templ/releases) - [Changelog](https://github.com/a-h/templ/blob/main/.goreleaser.yaml) - [Commits](https://github.com/a-h/templ/compare/v0.3.833...v0.3.857) Updates `golang.org/x/net` from 0.37.0 to 0.38.0 - [Commits](https://github.com/golang/net/compare/v0.37.0...v0.38.0) --- updated-dependencies: - dependency-name: github.com/a-h/templ dependency-version: 0.3.857 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: gomod - dependency-name: golang.org/x/net dependency-version: 0.38.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: gomod ... Signed-off-by: dependabot[bot] <support@github.com> * run go generate Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: Xe Iaso <me@xeiaso.net> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-04-07 14:21:29 +00:00
Xe Iaso	95416dfe82	Makefile: fix subtle logic bug (#228 ) Closes #226 Makefile dependencies are backwards, apparently. Also add staticcheck as a `go tool` dependency.	2025-04-06 00:28:08 -04:00
dependabot[bot]	9d68e73d03	build(deps): bump github.com/go-jose/go-jose/v3 from 3.0.3 to 3.0.4 (#89 ) Bumps [github.com/go-jose/go-jose/v3](https://github.com/go-jose/go-jose) from 3.0.3 to 3.0.4. - [Release notes](https://github.com/go-jose/go-jose/releases) - [Changelog](https://github.com/go-jose/go-jose/blob/main/CHANGELOG.md) - [Commits](https://github.com/go-jose/go-jose/compare/v3.0.3...v3.0.4) --- updated-dependencies: - dependency-name: github.com/go-jose/go-jose/v3 dependency-type: indirect ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-22 21:18:02 -04:00
Valentin Anger	af6f05554f	internal/test: introduce integration tests using Playwright (#81 )	2025-03-22 16:36:27 -04:00
dependabot[bot]	c66305904b	build(deps): bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 (#74 ) Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.1 to 5.2.2. - [Release notes](https://github.com/golang-jwt/jwt/releases) - [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md) - [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.1...v5.2.2) --- updated-dependencies: - dependency-name: github.com/golang-jwt/jwt/v5 dependency-type: direct:production ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-03-21 20:41:19 -04:00
Xe Iaso	07e6695430	cmd/anubis: set X-Real-Ip based on X-Forwarded-For (#63 ) This triggers a SHAME release[0]. [0]: https://pridever.org/	2025-03-21 16:45:33 -04:00
Remilia Da Costa Faro	d6d879133e	Allow filtering by remote addresses (#52 ) * Added the possibility to define rules for remote addresses * Added change in changelog * Added check for X-Real-Ip and X-Forwarded-For when checking for remote address filtering * cmd/anubis: refine IP filtering logic * Optimize the configuration so that the IP trie is created once at application start instead of dynamically being created every request. * Document the changes in the changelog and docs site. * Allow pure IP range filtering. * Allow user agent based IP range filtering. * Allow path based IP range filtering. * Create --debug-x-real-ip-default flag for testing Anubis locally without a HTTP load balancer. --------- Co-authored-by: Xe Iaso <me@xeiaso.net>	2025-03-21 15:39:34 -04:00
Xe Iaso	9923878c5c	initial import from /x/ monorepo Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-17 19:33:07 -04:00

14 commits