dependabot[bot]
2e54e839f1
build(deps): bump the gomod group across 1 directory with 4 updates ( #457 )
...
* build(deps): bump the gomod group across 1 directory with 4 updates
Bumps the gomod group with 4 updates in the / directory: [github.com/a-h/templ](https://github.com/a-h/templ ), [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go ), [golang.org/x/net](https://github.com/golang/net ) and [k8s.io/apimachinery](https://github.com/kubernetes/apimachinery ).
Updates `github.com/a-h/templ` from 0.3.857 to 0.3.865
- [Release notes](https://github.com/a-h/templ/releases )
- [Changelog](https://github.com/a-h/templ/blob/main/.goreleaser.yaml )
- [Commits](https://github.com/a-h/templ/compare/v0.3.857...v0.3.865 )
Updates `github.com/playwright-community/playwright-go` from 0.5101.0 to 0.5200.0
- [Release notes](https://github.com/playwright-community/playwright-go/releases )
- [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5101.0...v0.5200.0 )
Updates `golang.org/x/net` from 0.39.0 to 0.40.0
- [Commits](https://github.com/golang/net/compare/v0.39.0...v0.40.0 )
Updates `k8s.io/apimachinery` from 0.32.3 to 0.33.0
- [Commits](https://github.com/kubernetes/apimachinery/compare/v0.32.3...v0.33.0 )
---
updated-dependencies:
- dependency-name: github.com/a-h/templ
dependency-version: 0.3.865
dependency-type: direct:production
update-type: version-update:semver-patch
dependency-group: gomod
- dependency-name: github.com/playwright-community/playwright-go
dependency-version: 0.5200.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: golang.org/x/net
dependency-version: 0.40.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: k8s.io/apimachinery
dependency-version: 0.33.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
...
Signed-off-by: dependabot[bot] <support@github.com>
* chore: go mod tidy && npm run assets
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: use playwright managed by npm
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-05-07 17:48:10 -04:00
Xe Iaso
3701b2bc3d
ci(go): fix govulncheck ( #464 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-07 13:42:28 +00:00
Xe Iaso
16412a8bf9
ci: add govulncheck ( #456 )
...
This is intended to catch low-hanging fruit.
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-06 14:07:55 +00:00
Patrick Linnane
3b50b4c6c0
zizmor: add config file to silence unpinned-uses of Homebrew/actions ( #441 )
2025-05-05 01:22:36 +00:00
dependabot[bot]
8ee0529321
build(deps): bump the github-actions group with 3 updates ( #439 )
...
Bumps the github-actions group with 3 updates: [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance ), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `actions/attest-build-provenance` from 2.2.3 to 2.3.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases )
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md )
- [Commits](c074443f1a...db473fddc0https://github.com/astral-sh/setup-uv/releases )
- [Commits](c7f87aa956...6b9c6063abhttps://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](28deaeda66...60168efe1c
2025-05-04 20:46:48 -04:00
Xe Iaso
f8e1000ab0
fix(yeetfile): copy all docs, data files, and botPolicies.yaml ( #419 )
...
* fix(yeetfile): copy all docs, data files, and botPolicies.yaml
Closes #415
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ci: bump yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-05-02 08:43:19 -04:00
dependabot[bot]
bd0e46dac3
build(deps): bump the github-actions group with 4 updates ( #387 )
...
Bumps the github-actions group with 4 updates: [docker/build-push-action](https://github.com/docker/build-push-action ), [actions-hub/kubectl](https://github.com/actions-hub/kubectl ), [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ) and [github/codeql-action](https://github.com/github/codeql-action ).
Updates `docker/build-push-action` from 6.15.0 to 6.16.0
- [Release notes](https://github.com/docker/build-push-action/releases )
- [Commits](471d1dc4e0...14487ce63chttps://github.com/actions-hub/kubectl/releases )
- [Commits](9270913c29...e81783053dhttps://github.com/astral-sh/setup-uv/releases )
- [Commits](d4b2f3b6ec...c7f87aa956https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](45775bd823...28deaeda66
2025-04-28 01:40:38 +00:00
Xe Iaso
5423ab013a
ci(packages): final pre-release yeet bump ( #384 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-27 16:54:03 +00:00
Xe Iaso
bec7199ab6
fix(docs): make the docs respect light/dark mode ( #334 )
...
Closes #333
I'm very bad at design so I just picked colors that looked reasonable
enough to me. Hopefully this will be enough to get us to the next stage!
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-23 04:01:02 +00:00
Xe Iaso
ac5a4bf58d
chore(ci): migrate to TecharoHQ/yeet ( #323 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-22 12:21:37 +00:00
dependabot[bot]
a14f917d68
build(deps): bump astral-sh/setup-uv in the github-actions group ( #312 )
...
Bumps the github-actions group with 1 update: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv ).
Updates `astral-sh/setup-uv` from 5.4.1 to 5.4.2
- [Release notes](https://github.com/astral-sh/setup-uv/releases )
- [Commits](0c5e2b8115...d4b2f3b6ec
2025-04-20 21:16:38 -04:00
Xe Iaso
2d22491e8c
undo depot for now until I have the corp set up
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-20 09:07:54 -04:00
Xe Iaso
736c3ade09
.github/funding: add GitHub sponsors
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-17 23:48:36 -04:00
dependabot[bot]
5d4d2e3e2a
build(deps): bump github/codeql-action in the github-actions group ( #264 )
...
Bumps the github-actions group with 1 update: [github/codeql-action](https://github.com/github/codeql-action ).
Updates `github/codeql-action` from 3.28.13 to 3.28.15
- [Release notes](https://github.com/github/codeql-action/releases )
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md )
- [Commits](1b549b9259...45775bd823
2025-04-15 05:56:14 -04:00
dependabot[bot]
2ebce26709
build(deps): bump the gomod group with 3 updates ( #265 )
...
* build(deps): bump the gomod group with 3 updates
Bumps the gomod group with 3 updates: [github.com/playwright-community/playwright-go](https://github.com/playwright-community/playwright-go ), [github.com/prometheus/client_golang](https://github.com/prometheus/client_golang ) and [golang.org/x/net](https://github.com/golang/net ).
Updates `github.com/playwright-community/playwright-go` from 0.5001.0 to 0.5101.0
- [Release notes](https://github.com/playwright-community/playwright-go/releases )
- [Commits](https://github.com/playwright-community/playwright-go/compare/v0.5001.0...v0.5101.0 )
Updates `github.com/prometheus/client_golang` from 1.21.1 to 1.22.0
- [Release notes](https://github.com/prometheus/client_golang/releases )
- [Changelog](https://github.com/prometheus/client_golang/blob/main/CHANGELOG.md )
- [Commits](https://github.com/prometheus/client_golang/compare/v1.21.1...v1.22.0 )
Updates `golang.org/x/net` from 0.38.0 to 0.39.0
- [Commits](https://github.com/golang/net/compare/v0.38.0...v0.39.0 )
---
updated-dependencies:
- dependency-name: github.com/playwright-community/playwright-go
dependency-version: 0.5101.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: github.com/prometheus/client_golang
dependency-version: 1.22.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
- dependency-name: golang.org/x/net
dependency-version: 0.39.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: gomod
...
Signed-off-by: dependabot[bot] <support@github.com>
* internal/test: bump playwright version
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-04-15 05:55:50 -04:00
Xe Iaso
62e20a213a
use depot builders ( #262 )
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-13 15:57:47 -04:00
Patrick Linnane
503f466ecf
workflows: hash pin more Actions ( #241 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-11 22:18:13 -04:00
Patrick Linnane
1614504922
workflows: hash pin Actions ( #203 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-08 00:45:06 -04:00
Xe Iaso
2324395ae2
move pull request template to a hidden folder
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-07 17:36:29 -04:00
Xe Iaso
8adf1a06eb
.github/workflows/package-builds-stable: allow write permissions to upload binary packages
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 13:05:45 -04:00
Xe Iaso
df27a96f1f
make a half-baked tarball ( #221 )
...
* make a half-baked tarball
Closes #217
Signed-off-by: Xe Iaso <me@xeiaso.net>
* make two tarballs: one with just the vendor, and one with vendor and npm
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 12:44:52 +00:00
Xe Iaso
f1f8fdf752
package.json: fix build command ( #230 )
...
Closes #225
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-06 04:29:52 +00:00
Xe Iaso
878b37178d
implement packaging proof of concept with yeet ( #194 )
...
* implement packaging proof of concept with yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs/developer: add local dev docs for yeet
Signed-off-by: Xe Iaso <me@xeiaso.net>
* apply review feedback
Signed-off-by: Xe Iaso <me@xeiaso.net>
* build package artifacts in CI
Signed-off-by: Xe Iaso <me@xeiaso.net>
* tell CI to fetch all git metadata
Signed-off-by: Xe Iaso <me@xeiaso.net>
* rename package builds job
Signed-off-by: Xe Iaso <me@xeiaso.net>
* upload each package individually
Signed-off-by: Xe Iaso <me@xeiaso.net>
* split package build CI jobs
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix code injection?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix ci?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix security alert
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs/local-dev: point people to yeet v1.13.3
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-04-04 08:15:04 -04:00
dependabot[bot]
515453c607
build(deps): bump actions/cache from 3 to 4 in the github-actions group ( #198 )
...
Bumps the github-actions group with 1 update: [actions/cache](https://github.com/actions/cache ).
Updates `actions/cache` from 3 to 4
- [Release notes](https://github.com/actions/cache/releases )
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md )
- [Commits](https://github.com/actions/cache/compare/v3...v4 )
---
updated-dependencies:
- dependency-name: actions/cache
dependency-type: direct:production
update-type: version-update:semver-major
dependency-group: github-actions
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2025-04-02 00:15:49 -04:00
Patrick Linnane
01c2e45843
dependabot: enable ( #189 )
...
* dependabot: enable
Signed-off-by: Patrick Linnane <patrick@linnane.io>
* dependabot: group updates
Signed-off-by: Patrick Linnane <patrick@linnane.io>
---------
Signed-off-by: Patrick Linnane <patrick@linnane.io>
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-04-02 00:09:46 -04:00
Patrick Linnane
fc237a1690
workflows: fix zizmor findings (part 1) ( #190 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-01 22:33:44 +00:00
Patrick Linnane
6af7c5891f
ci: add zizmor ( #188 )
...
Signed-off-by: Patrick Linnane <patrick@linnane.io>
2025-04-01 17:56:27 -04:00
Xe Iaso
52ca5390c2
Add staticheck to CI ( #152 )
...
* Add staticheck to CI
Signed-off-by: Xe Iaso <me@xeiaso.net>
* fix staticcheck warnings
Signed-off-by: Xe Iaso <me@xeiaso.net>
* oh, right, playwright is broken
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-29 15:00:22 -04:00
Xe Iaso
937f1dd330
all: do not commit generated JS/CSS to source control ( #148 )
...
Closes #125
Closes #40
Among other things, this moves all of the asset generation to run within
the context of an npm script. Developer documentation stubs have been
added so that people can get started more easily.
The top-level Dockerfile (which is no longer used in production) has
been removed as its presence has been causing confusion. This changeset
will break it anyways.
These changes will make for less "repo churn" as the static assets are
built and rebuilt, at the cost of making the build step more complicated
for downstream packagers. If this becomes a burden, we can explore
making a "release tarball" that contains pre-massaged outputs.
2025-03-28 14:55:25 -04:00
Xe Iaso
7d4be0dcec
Apply bits of the cookie settings PR one by one ( #140 )
...
Enables uses to change the cookie domain and partitioned flags.
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-27 15:24:03 -04:00
Yulian Kuncheff
6156d3d729
Refactor and split out things into cmd and lib ( #77 )
...
* Refactor anubis to split business logic into a lib, and cmd to just be direct usage.
* Post-rebase fixes.
* Update changelog, remove unnecessary one.
* lib: refactor this
This is mostly based on my personal preferences for how Go code should
be laid out. I'm not sold on the package name "lib" (I'd call it anubis
but that would stutter), but people are probably gonna import it as
libanubis so it's likely fine.
Packages have been "flattened" to centralize implementation with area of
concern. This goes against the Java-esque style that many people like,
but I think this helps make things simple.
Most notably: the dnsbl client (which is a hack) is an internal package
until it's made more generic. Then it can be made external.
I also fixed the logic such that `go generate` works and rebased on
main.
* internal/test: run tests iff npx exists and DONT_USE_NETWORK is not set
Signed-off-by: Xe Iaso <me@xeiaso.net>
* internal/test: install deps
Signed-off-by: Xe Iaso <me@xeiaso.net>
* .github/workflows: verbose go tests?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* internal/test: sleep 2
Signed-off-by: Xe Iaso <me@xeiaso.net>
* internal/test: nix this test so CI works
Signed-off-by: Xe Iaso <me@xeiaso.net>
* internal/test: warmup per browser?
Signed-off-by: Xe Iaso <me@xeiaso.net>
* internal/test: disable for now :(
Signed-off-by: Xe Iaso <me@xeiaso.net>
* lib/anubis: do not apply bot rules if address check fails
Closes #83
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
Co-authored-by: Xe Iaso <me@xeiaso.net>
2025-03-22 18:44:49 -04:00
Xe Iaso
56cdb2e51b
Fix docker image CI for pull requests ( #84 )
...
Closes #65
Pull request images will now be `ttl.sh/techaro/pr-{number}/anubis:24h`.
2025-03-22 11:26:49 -04:00
Xe Iaso
4ec4dc3624
.github/workflows: don't publish provenance data for PRs
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-21 15:42:51 -04:00
Xe Iaso
38e1e8cb5e
comment out the comment PR experiment for now, ugh, I hate GitHub ACLs
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-21 11:06:31 -04:00
Xe Iaso
f730326814
off by one
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-21 10:40:30 -04:00
Xe Iaso
db6d424aaa
.github/workflows/docker: only do comments if we're in a PR
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-21 10:36:24 -04:00
Xe Iaso
95dddb5549
cmd/containerbuild: default to ttl.sh for third party contributions ( #51 )
...
* cmd/containerbuild: default to ttl.sh for third party contributions
Closes #48
Signed-off-by: Xe Iaso <me@xeiaso.net>
* track comment tags
Signed-off-by: Xe Iaso <me@xeiaso.net>
* empty commit to make sure double-commenting doesn't work
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-21 10:34:01 -04:00
Xe Iaso
c47347ff76
add docs site based on docusarus ( #35 )
...
* add docs site based on docusarus
Closes #2
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: deploy to aeacus
Signed-off-by: Xe Iaso <me@xeiaso.net>
* ready for merge
Signed-off-by: Xe Iaso <me@xeiaso.net>
* docs: fix anubis port
Signed-off-by: Xe Iaso <me@xeiaso.net>
---------
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-20 15:06:58 -04:00
Xe Iaso
1efcb88261
Try using ko to build images
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-19 09:10:29 -04:00
Xe Iaso
b22676da6c
add FUNDING file
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-19 07:10:20 -04:00
Xe Iaso
fad32f79f9
make docker image for Anubis
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-18 08:35:05 -04:00
Xe Iaso
836eaf829a
.github/workflows/go: make this slower for now
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-17 19:39:56 -04:00
Xe Iaso
9923878c5c
initial import from /x/ monorepo
...
Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-03-17 19:33:07 -04:00
