896858e027
jane remover
Docker image builds / build (push) Waiting to run
Asset Build Verification / asset_verification (push) Has been cancelled
Docs deploy / build (push) Has been cancelled
Go Mod Tidy Check / go_mod_tidy_check (push) Has been cancelled
Go / go_tests (push) Has been cancelled
Package builds (unstable) / package_builds (push) Has been cancelled
Smoke tests / smoke-test (default-config-macro) (push) Has been cancelled
Smoke tests / smoke-test (docker-registry) (push) Has been cancelled
Smoke tests / smoke-test (double_slash) (push) Has been cancelled
Smoke tests / smoke-test (forced-language) (push) Has been cancelled
Smoke tests / smoke-test (git-clone) (push) Has been cancelled
Smoke tests / smoke-test (git-push) (push) Has been cancelled
Smoke tests / smoke-test (healthcheck) (push) Has been cancelled
Smoke tests / smoke-test (i18n) (push) Has been cancelled
Smoke tests / smoke-test (log-file) (push) Has been cancelled
Smoke tests / smoke-test (nginx) (push) Has been cancelled
Smoke tests / smoke-test (palemoon/amd64) (push) Has been cancelled
Smoke tests / smoke-test (robots_txt) (push) Has been cancelled
Check Spelling / Check Spelling (push) Has been cancelled
SSH CI / ssh (aarch64-16k) (push) Has been cancelled
SSH CI / ssh (aarch64-4k) (push) Has been cancelled
SSH CI / ssh (ppc64le) (push) Has been cancelled
SSH CI / ssh (riscv64) (push) Has been cancelled
zizmor / zizmor latest via PyPI (push) Has been cancelled
2026-02-07 13:08:47 +02:00
dependabot[bot]
d2205b11a7
build(deps): bump the github-actions group with 4 updates ( #1425 )
...
Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout ), [actions/setup-node](https://github.com/actions/setup-node ), [actions/setup-go](https://github.com/actions/setup-go ) and [actions/cache](https://github.com/actions/cache ).
Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases )
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md )
- [Commits](8e8c483db8...de0fac2e45https://github.com/actions/setup-node/releases )
- [Commits](395ad32622...6044e13b5dhttps://github.com/actions/setup-go/releases )
- [Commits](4dc6199c7b...7a3fe6cf4chttps://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](9255dc7a25...8b402f58fb
2026-01-28 13:50:19 -05:00
dependabot[bot]
5c97d693c1
build(deps): bump the github-actions group across 1 directory with 4 updates ( #1340 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
2025-12-15 02:34:45 +00:00
dependabot[bot]
071b836741
build(deps): bump the github-actions group with 3 updates ( #1317 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
2025-11-30 22:12:30 -05:00
Jason Cameron
bbdeee00f7
fix: pin Node.js and Go versions in CI configuration files ( #1318 )
...
fixes cache poisoning issues
2025-12-01 03:03:39 +00:00
dependabot[bot]
1a12171d74
build(deps): bump the github-actions group with 3 updates ( #1262 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
2025-11-09 18:08:06 -08:00
Xe Iaso
b5ead0a68c
fix(data): add ruleset to explicitly allow Docker / OCI clients ( #1253 )
...
* fix(data): add ruleset to explicitly allow Docker / OCI clients
Fixes #1252
This is technically a regression as these clients used to work in Anubis
v1.22.0, however it is allowable to make this opt-in as most websites do not
expect to be serving Docker / OCI registry client traffic.
Signed-off-by: Xe Iaso <me@xeiaso.net>
* Update metadata
check-spelling run (pull_request) for Xe/gh-1252/docker-registry-client-fix
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev>
* test(docker-registry): export the right envvars
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: add simdjson dependency for homebrew node
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: install go/node without homebrew
Signed-off-by: Xe Iaso <me@xeiaso.net>
* test: use right github commit variable
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: remove simdjson dependency
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: install ko with an action
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: add OCI registry caveat docs
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
2025-11-08 00:17:25 +00:00
dependabot[bot]
3dab060bfa
build(deps): bump the github-actions group across 1 directory with 6 updates ( #1221 )
...
Bumps the github-actions group with 6 updates in the / directory:
| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache ) | `4.2.4` | `4.3.0` |
| [docker/login-action](https://github.com/docker/login-action ) | `3.5.0` | `3.6.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact ) | `4.6.2` | `5.0.0` |
| [actions/setup-node](https://github.com/actions/setup-node ) | `5.0.0` | `6.0.0` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) | `6.7.0` | `7.1.2` |
| [github/codeql-action](https://github.com/github/codeql-action ) | `3.30.3` | `4.31.0` |
Updates `actions/cache` from 4.2.4 to 4.3.0
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](0400d5f644...0057852bfahttps://github.com/docker/login-action/releases )
- [Commits](184bdaa072...5e57cd1181https://github.com/actions/upload-artifact/releases )
- [Commits](ea165f8d65...330a01c490https://github.com/actions/setup-node/releases )
- [Commits](a0853c2454...2028fbc5c2https://github.com/astral-sh/setup-uv/releases )
- [Commits](b75a909f75...85856786d1https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](192325c861...4e94bd11f7
2025-10-26 22:41:24 -04:00
dependabot[bot]
87c2f1e0e6
build(deps): bump the github-actions group across 1 directory with 8 updates ( #1071 )
...
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
2025-09-06 22:30:43 -04:00
Xe Iaso
de17823bc7
chore: release v1.21.0-pre2 ( #816 )
...
* chore: release v1.21.0-pre2
* chore: disable automated stable package builds for now
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-07-12 16:57:08 -04:00
Jason Cameron
1562f88c35
chore: Remove unused/dead code ( #703 )
...
* chore(xess): remove unused xess templates
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* chore(checker): remove unused staticHashChecker implementation
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* feat: add pinact and deadcode to go tools (pinact is used for the gha pinning)
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* chore: update Docker and kubectl actions to latest versions
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
* chore: update Homebrew action from master to main in workflow files
See df537ec97f
2025-06-25 09:31:33 -04:00
Xe Iaso
a0805cad16
chore(go.mod): move yeet to be a go tool ( #485 )
...
This means that yeet's version will be managed by `go.mod` and
auto-bumped with dependabot. This removes human error from the equation
and ensures that Anubis is always built with the newest version of yeet.
This also makes it trivial to make your own local packages for testing:
```text
go tool yeet
```
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-09 18:33:44 +00:00
Xe Iaso
f8e1000ab0
fix(yeetfile): copy all docs, data files, and botPolicies.yaml ( #419 )
...
* fix(yeetfile): copy all docs, data files, and botPolicies.yaml
Closes #415
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: bump yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-02 08:43:19 -04:00
Xe Iaso
5423ab013a
ci(packages): final pre-release yeet bump ( #384 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-27 16:54:03 +00:00
Xe Iaso
ac5a4bf58d
chore(ci): migrate to TecharoHQ/yeet ( #323 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-22 12:21:37 +00:00
Xe Iaso
2d22491e8c
undo depot for now until I have the corp set up
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-20 09:07:54 -04:00
Xe Iaso
62e20a213a
use depot builders ( #262 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-13 15:57:47 -04:00
Patrick Linnane
503f466ecf
workflows: hash pin more Actions ( #241 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-11 22:18:13 -04:00
Xe Iaso
8adf1a06eb
.github/workflows/package-builds-stable: allow write permissions to upload binary packages
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 13:05:45 -04:00
Xe Iaso
df27a96f1f
make a half-baked tarball ( #221 )
...
* make a half-baked tarball
Closes #217
Signed-off-by: Xe Iaso <me@xeiaso.net>
* make two tarballs: one with just the vendor, and one with vendor and npm
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 12:44:52 +00:00
Xe Iaso
878b37178d
implement packaging proof of concept with yeet ( #194 )
...
* implement packaging proof of concept with yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs/developer: add local dev docs for yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* apply review feedback
Signed-off-by: Xe Iaso <me@xeiaso.net>
* build package artifacts in CI
Signed-off-by: Xe Iaso <me@xeiaso.net>
* tell CI to fetch all git metadata
Signed-off-by: Xe Iaso <me@xeiaso.net>
* rename package builds job
Signed-off-by: Xe Iaso <me@xeiaso.net>
* upload each package individually
Signed-off-by: Xe Iaso <me@xeiaso.net>
* split package build CI jobs
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix code injection?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix ci?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix security alert
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs/local-dev: point people to yeet v1.13.3
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-04 08:15:04 -04:00
