sophie/nuke - git.sad.ovh - sophie's repository hosting

Author	SHA1	Message	Date
dependabot[bot]	5c97d693c1	build(deps): bump the github-actions group across 1 directory with 4 updates (#1340 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-12-15 02:34:45 +00:00
dependabot[bot]	071b836741	build(deps): bump the github-actions group with 3 updates (#1317 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-11-30 22:12:30 -05:00
Jason Cameron	bbdeee00f7	fix: pin Node.js and Go versions in CI configuration files (#1318 ) fixes cache poisoning issues	2025-12-01 03:03:39 +00:00
dependabot[bot]	1a12171d74	build(deps): bump the github-actions group with 3 updates (#1262 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-11-09 18:08:06 -08:00
Xe Iaso	b5ead0a68c	fix(data): add ruleset to explicitly allow Docker / OCI clients (#1253 ) * fix(data): add ruleset to explicitly allow Docker / OCI clients Fixes #1252 This is technically a regression as these clients used to work in Anubis v1.22.0, however it is allowable to make this opt-in as most websites do not expect to be serving Docker / OCI registry client traffic. Signed-off-by: Xe Iaso <me@xeiaso.net> * Update metadata check-spelling run (pull_request) for Xe/gh-1252/docker-registry-client-fix Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com> on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev> * test(docker-registry): export the right envvars Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: add simdjson dependency for homebrew node Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: install go/node without homebrew Signed-off-by: Xe Iaso <me@xeiaso.net> * test: use right github commit variable Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: remove simdjson dependency Signed-off-by: Xe Iaso <me@xeiaso.net> * ci: install ko with an action Signed-off-by: Xe Iaso <me@xeiaso.net> * docs: add OCI registry caveat docs Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net> Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>	2025-11-08 00:17:25 +00:00
dependabot[bot]	3dab060bfa	build(deps): bump the github-actions group across 1 directory with 6 updates (#1221 ) Bumps the github-actions group with 6 updates in the / directory: \| Package \| From \| To \| \| --- \| --- \| --- \| \| [actions/cache](https://github.com/actions/cache) \| `4.2.4` \| `4.3.0` \| \| [docker/login-action](https://github.com/docker/login-action) \| `3.5.0` \| `3.6.0` \| \| [actions/upload-artifact](https://github.com/actions/upload-artifact) \| `4.6.2` \| `5.0.0` \| \| [actions/setup-node](https://github.com/actions/setup-node) \| `5.0.0` \| `6.0.0` \| \| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) \| `6.7.0` \| `7.1.2` \| \| [github/codeql-action](https://github.com/github/codeql-action) \| `3.30.3` \| `4.31.0` \| Updates `actions/cache` from 4.2.4 to 4.3.0 - [Release notes](https://github.com/actions/cache/releases) - [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md) - [Commits](`0400d5f644...0057852bfa`) Updates `docker/login-action` from 3.5.0 to 3.6.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](`184bdaa072...5e57cd1181`) Updates `actions/upload-artifact` from 4.6.2 to 5.0.0 - [Release notes](https://github.com/actions/upload-artifact/releases) - [Commits](`ea165f8d65...330a01c490`) Updates `actions/setup-node` from 5.0.0 to 6.0.0 - [Release notes](https://github.com/actions/setup-node/releases) - [Commits](`a0853c2454...2028fbc5c2`) Updates `astral-sh/setup-uv` from 6.7.0 to 7.1.2 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](`b75a909f75...85856786d1`) Updates `github/codeql-action` from 3.30.3 to 4.31.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`192325c861...4e94bd11f7`) --- updated-dependencies: - dependency-name: actions/cache dependency-version: 4.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: docker/login-action dependency-version: 3.6.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/upload-artifact dependency-version: 5.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: actions/setup-node dependency-version: 6.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 7.1.2 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 4.31.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-10-26 22:41:24 -04:00
dependabot[bot]	87c2f1e0e6	build(deps): bump the github-actions group across 1 directory with 8 updates (#1071 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-09-06 22:30:43 -04:00
Jason Cameron	adda60c163	Revert "build(deps): bump the github-actions group with 2 updates (#952 )" (#962 )	2025-08-06 03:01:25 +00:00
dependabot[bot]	e0a15bf4dc	build(deps): bump the github-actions group with 2 updates (#952 ) Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-08-05 22:45:07 -04:00
Jason Cameron	1562f88c35	chore: Remove unused/dead code (#703 ) * chore(xess): remove unused xess templates Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore(checker): remove unused staticHashChecker implementation Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat: add pinact and deadcode to go tools (pinact is used for the gha pinning) Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: update Docker and kubectl actions to latest versions Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: update Homebrew action from master to main in workflow files See `df537ec97f` Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: remove unused go-colorable and tools dependencies from go.sum Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: update postcss-import and other dependencies to latest versions Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: update Docusaurus dependencies to version 3.8.1 Signed-off-by: Jason Cameron <git@jasoncameron.dev> * chore: downgrade playwright and playwright-core to version 1.52.0 Signed-off-by: Jason Cameron <git@jasoncameron.dev> --------- Signed-off-by: Jason Cameron <git@jasoncameron.dev>	2025-06-25 09:31:33 -04:00
dependabot[bot]	e5455c02d8	build(deps): bump the github-actions group with 3 updates (#666 ) Bumps the github-actions group with 3 updates: [docker/login-action](https://github.com/docker/login-action), [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) and [github/codeql-action](https://github.com/github/codeql-action). Updates `docker/login-action` from 3.0.0 to 3.4.0 - [Release notes](https://github.com/docker/login-action/releases) - [Commits](https://github.com/docker/login-action/compare/v3...74a5d142397b4f367a81961eba4e8cd7edddf772) Updates `actions/attest-build-provenance` from 2.3.0 to 2.4.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](`db473fddc0...e8998f9491`) Updates `github/codeql-action` from 3.28.19 to 3.29.0 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`fca7ace96b...ce28f5bb42`) --- updated-dependencies: - dependency-name: docker/login-action dependency-version: 3.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: actions/attest-build-provenance dependency-version: 2.4.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.29.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: Jason Cameron <git@jasoncameron.dev>	2025-06-15 21:13:56 -04:00
Xe Iaso	f5140ae57b	test: introduce SSH based CI for non-native test hosts (#644 ) * feat: ssh based CI Signed-off-by: Xe Iaso <me@xeiaso.net> * test: implement SSH ci with caches and github actions Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): fix known hosts secret Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): clone the repo, that's important Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): speed up ci by prebaking the SSH CI image Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): set -euo Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): enable pull_request_target so things work Signed-off-by: Xe Iaso <me@xeiaso.net> * chore: spelling Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): oh goody it's broken Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): add cronjob to rebuild ci runner image Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): also run yeet Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): force git version for yeet Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): run set -x in the container Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): fix yeet? Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): remove yeet for now Signed-off-by: Xe Iaso <me@xeiaso.net> * test(ssh-ci): disable for PRs for now Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-06-11 12:50:01 -04:00
Jason Cameron	659b577e0e	feat(ci): use dynamic repository owner and name in Docker actions (#487 ) * feat(ci): use dynamic repository owner and name in Docker actions Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): support forks Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): support forks Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): add debug output for Docker repository information Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): update Docker image naming convention in workflow Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): set lowercase image name in Docker workflow Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): remove json/gha branch from Docker workflow triggers Signed-off-by: Jason Cameron <git@jasoncameron.dev> * feat(ci): simplify Docker registry configuration in workflow Signed-off-by: Jason Cameron <git@jasoncameron.dev> --------- Signed-off-by: Jason Cameron <git@jasoncameron.dev>	2025-05-09 20:18:53 -04:00
dependabot[bot]	8ee0529321	build(deps): bump the github-actions group with 3 updates (#439 ) Bumps the github-actions group with 3 updates: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) and [github/codeql-action](https://github.com/github/codeql-action). Updates `actions/attest-build-provenance` from 2.2.3 to 2.3.0 - [Release notes](https://github.com/actions/attest-build-provenance/releases) - [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md) - [Commits](`c074443f1a...db473fddc0`) Updates `astral-sh/setup-uv` from 6.0.0 to 6.0.1 - [Release notes](https://github.com/astral-sh/setup-uv/releases) - [Commits](`c7f87aa956...6b9c6063ab`) Updates `github/codeql-action` from 3.28.16 to 3.28.17 - [Release notes](https://github.com/github/codeql-action/releases) - [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md) - [Commits](`28deaeda66...60168efe1c`) --- updated-dependencies: - dependency-name: actions/attest-build-provenance dependency-version: 2.3.0 dependency-type: direct:production update-type: version-update:semver-minor dependency-group: github-actions - dependency-name: astral-sh/setup-uv dependency-version: 6.0.1 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions - dependency-name: github/codeql-action dependency-version: 3.28.17 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: github-actions ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2025-05-04 20:46:48 -04:00
Xe Iaso	2d22491e8c	undo depot for now until I have the corp set up Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-04-20 09:07:54 -04:00
Xe Iaso	62e20a213a	use depot builders (#262 ) Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-04-13 15:57:47 -04:00
Patrick Linnane	1614504922	workflows: hash pin Actions (#203 ) Signed-off-by: Patrick Linnane <patrick@linnane.io>	2025-04-08 00:45:06 -04:00
Patrick Linnane	fc237a1690	workflows: fix zizmor findings (part 1) (#190 ) Signed-off-by: Patrick Linnane <patrick@linnane.io>	2025-04-01 22:33:44 +00:00
Xe Iaso	937f1dd330	all: do not commit generated JS/CSS to source control (#148 ) Closes #125 Closes #40 Among other things, this moves all of the asset generation to run within the context of an npm script. Developer documentation stubs have been added so that people can get started more easily. The top-level Dockerfile (which is no longer used in production) has been removed as its presence has been causing confusion. This changeset will break it anyways. These changes will make for less "repo churn" as the static assets are built and rebuilt, at the cost of making the build step more complicated for downstream packagers. If this becomes a burden, we can explore making a "release tarball" that contains pre-massaged outputs.	2025-03-28 14:55:25 -04:00
Xe Iaso	56cdb2e51b	Fix docker image CI for pull requests (#84 ) Closes #65 Pull request images will now be `ttl.sh/techaro/pr-{number}/anubis:24h`.	2025-03-22 11:26:49 -04:00
Xe Iaso	4ec4dc3624	.github/workflows: don't publish provenance data for PRs Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-21 15:42:51 -04:00
Xe Iaso	38e1e8cb5e	comment out the comment PR experiment for now, ugh, I hate GitHub ACLs Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-21 11:06:31 -04:00
Xe Iaso	f730326814	off by one Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-21 10:40:30 -04:00
Xe Iaso	db6d424aaa	.github/workflows/docker: only do comments if we're in a PR Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-21 10:36:24 -04:00
Xe Iaso	95dddb5549	cmd/containerbuild: default to ttl.sh for third party contributions (#51 ) * cmd/containerbuild: default to ttl.sh for third party contributions Closes #48 Signed-off-by: Xe Iaso <me@xeiaso.net> * track comment tags Signed-off-by: Xe Iaso <me@xeiaso.net> * empty commit to make sure double-commenting doesn't work Signed-off-by: Xe Iaso <me@xeiaso.net> --------- Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-21 10:34:01 -04:00
Xe Iaso	1efcb88261	Try using ko to build images Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-19 09:10:29 -04:00
Xe Iaso	fad32f79f9	make docker image for Anubis Signed-off-by: Xe Iaso <me@xeiaso.net>	2025-03-18 08:35:05 -04:00

27 commits