sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions
638 commits 1 branch 0 tags 14 MiB
Commit graph

13 commits

Author SHA1 Message Date
Xe Iaso
b5ead0a68c
fix(data): add ruleset to explicitly allow Docker / OCI clients (#1253) 
* fix(data): add ruleset to explicitly allow Docker / OCI clients

Fixes #1252

This is technically a regression as these clients used to work in Anubis
v1.22.0, however it is allowable to make this opt-in as most websites do not
expect to be serving Docker / OCI registry client traffic.

Signed-off-by: Xe Iaso <me@xeiaso.net>

* Update metadata

check-spelling run (pull_request) for Xe/gh-1252/docker-registry-client-fix

Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev>

* test(docker-registry): export the right envvars

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: add simdjson dependency for homebrew node

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: install go/node without homebrew

Signed-off-by: Xe Iaso <me@xeiaso.net>

* test: use right github commit variable

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: remove simdjson dependency

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: install ko with an action

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: add OCI registry caveat docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
 2025-11-08 00:17:25 +00:00
dependabot[bot]
3dab060bfa
build(deps): bump the github-actions group across 1 directory with 6 updates (#1221) 
Bumps the github-actions group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [actions/cache](https://github.com/actions/cache) | `4.2.4` | `4.3.0` |
| [docker/login-action](https://github.com/docker/login-action) | `3.5.0` | `3.6.0` |
| [actions/upload-artifact](https://github.com/actions/upload-artifact) | `4.6.2` | `5.0.0` |
| [actions/setup-node](https://github.com/actions/setup-node) | `5.0.0` | `6.0.0` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `6.7.0` | `7.1.2` |
| [github/codeql-action](https://github.com/github/codeql-action) | `3.30.3` | `4.31.0` |



Updates `actions/cache` from 4.2.4 to 4.3.0
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](0400d5f644...0057852bfa)

Updates `docker/login-action` from 3.5.0 to 3.6.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](184bdaa072...5e57cd1181)

Updates `actions/upload-artifact` from 4.6.2 to 5.0.0
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](ea165f8d65...330a01c490)

Updates `actions/setup-node` from 5.0.0 to 6.0.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](a0853c2454...2028fbc5c2)

Updates `astral-sh/setup-uv` from 6.7.0 to 7.1.2
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](b75a909f75...85856786d1)

Updates `github/codeql-action` from 3.30.3 to 4.31.0
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](192325c861...4e94bd11f7)

---
updated-dependencies:
- dependency-name: actions/cache
  dependency-version: 4.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: docker/login-action
  dependency-version: 3.6.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/upload-artifact
  dependency-version: 5.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-version: 6.0.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.1.2
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: github/codeql-action
  dependency-version: 4.31.0
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2025-10-26 22:41:24 -04:00
dependabot[bot]
87c2f1e0e6
build(deps): bump the github-actions group across 1 directory with 8 updates (#1071) 
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-09-06 22:30:43 -04:00
Jason Cameron
adda60c163
Revert "build(deps): bump the github-actions group with 2 updates (#952)" (#962) 2025-08-06 03:01:25 +00:00
dependabot[bot]
e0a15bf4dc
build(deps): bump the github-actions group with 2 updates (#952) 
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-08-05 22:45:07 -04:00
Jason Cameron
1562f88c35
chore: Remove unused/dead code (#703) 
* chore(xess): remove unused xess templates

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore(checker): remove unused staticHashChecker implementation

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat: add pinact and deadcode to go tools (pinact is used for the gha pinning)

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: update Docker and kubectl actions to latest versions

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: update Homebrew action from master to main in workflow files

See  df537ec97f

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: remove unused go-colorable and tools dependencies from go.sum

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: update postcss-import and other dependencies to latest versions

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: update Docusaurus dependencies to version 3.8.1

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* chore: downgrade playwright and playwright-core to version 1.52.0

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

---------

Signed-off-by: Jason Cameron <git@jasoncameron.dev>
 2025-06-25 09:31:33 -04:00
Jason Cameron
659b577e0e
feat(ci): use dynamic repository owner and name in Docker actions (#487) 
* feat(ci): use dynamic repository owner and name in Docker actions

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): support forks

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): support forks

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): add debug output for Docker repository information

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): update Docker image naming convention in workflow

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): set lowercase image name in Docker workflow

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): remove json/gha branch from Docker workflow triggers

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

* feat(ci): simplify Docker registry configuration in workflow

Signed-off-by: Jason Cameron <git@jasoncameron.dev>

---------

Signed-off-by: Jason Cameron <git@jasoncameron.dev>
 2025-05-09 20:18:53 -04:00
Xe Iaso
2d22491e8c
undo depot for now until I have the corp set up 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-20 09:07:54 -04:00
Xe Iaso
62e20a213a
use depot builders (#262) 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-04-13 15:57:47 -04:00
Patrick Linnane
1614504922
workflows: hash pin Actions (#203) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-08 00:45:06 -04:00
Patrick Linnane
fc237a1690
workflows: fix zizmor findings (part 1) (#190) 
Signed-off-by: Patrick Linnane <patrick@linnane.io>
 2025-04-01 22:33:44 +00:00
Xe Iaso
937f1dd330
all: do not commit generated JS/CSS to source control (#148) 
Closes #125
Closes #40

Among other things, this moves all of the asset generation to run within
the context of an npm script. Developer documentation stubs have been
added so that people can get started more easily.

The top-level Dockerfile (which is no longer used in production) has
been removed as its presence has been causing confusion. This changeset
will break it anyways.

These changes will make for less "repo churn" as the static assets are
built and rebuilt, at the cost of making the build step more complicated
for downstream packagers. If this becomes a burden, we can explore
making a "release tarball" that contains pre-massaged outputs.
 2025-03-28 14:55:25 -04:00
Xe Iaso
56cdb2e51b
Fix docker image CI for pull requests (#84) 
Closes #65

Pull request images will now be `ttl.sh/techaro/pr-{number}/anubis:24h`.
 2025-03-22 11:26:49 -04:00