sophie/nuke
1
0
Fork 0
Code Packages 1 Activity Actions
nuke/lib/policy/config/testdata/good
History
Xe Iaso e3826df3ab
feat: implement a client for Thoth, the IP reputation database for Anubis (#637) 
* feat(internal): add Thoth client and simple ASN checker

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thoth): cached ip to asn checker

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: go mod tidy

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(thoth): minor testing fixups, ensure ASNChecker is Checker

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thoth): make ASNChecker instances

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thoth): add GeoIP checker

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thoth): store a thoth client in a context

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: refactor Checker type to its own package

Signed-off-by: Xe Iaso <me@xeiaso.net>

* test(thoth): add thoth mocking package, ignore context deadline exceeded errors

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thoth): pre-cache private ranges

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(lib/policy/config): enable thoth ASNs and GeoIP checker parsing

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(thoth): refactor to move checker creation to the checker files

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(policy): enable thoth checks

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(thothmock): test helper function for loading a mock thoth instance

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat: wire up Thoth, make thoth checks part of the default config

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(thoth): mend staticcheck errors

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs(admin): add Thoth docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(policy): update Thoth links in error messages

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(docs/manifest): enable Thoth

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: add THOTH_INSECURE for contacting Thoth over plain TCP in extreme circumstances

Signed-off-by: Xe Iaso <me@xeiaso.net>

* test(thoth): use mock thoth when credentials aren't detected in the environment

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(cmd/anubis): better warnings for half-configured Thoth setups

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs(botpolicies): link to Thoth geoip docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
2025-06-16 11:57:32 -04:00
..
allow_everyone.json Refactor and split out things into cmd and lib (#77) 2025-03-22 18:44:49 -04:00
allow_everyone.yaml lib: move config to yaml (#307) 2025-04-21 00:09:27 +00:00
block_cf_workers.json Add headers bot rule (#300) 2025-04-20 22:18:21 +00:00
block_cf_workers.yaml lib: move config to yaml (#307) 2025-04-21 00:09:27 +00:00
challenge_cloudflare.yaml feat: implement a client for Thoth, the IP reputation database for Anubis (#637) 2025-06-16 11:57:32 -04:00
challengemozilla.json Refactor and split out things into cmd and lib (#77) 2025-03-22 18:44:49 -04:00
challengemozilla.yaml lib: move config to yaml (#307) 2025-04-21 00:09:27 +00:00
entropy.yaml feat(expressions): add randInt function to allow making rules nondeterministic (#578) 2025-05-28 16:36:27 -04:00
everything_blocked.json Refactor and split out things into cmd and lib (#77) 2025-03-22 18:44:49 -04:00
everything_blocked.yaml lib: move config to yaml (#307) 2025-04-21 00:09:27 +00:00
geoip_us.yaml feat: implement a client for Thoth, the IP reputation database for Anubis (#637) 2025-06-16 11:57:32 -04:00
git_client.json feat(checker): add CEL for matching complicated expressions (#421) 2025-05-03 14:26:54 -04:00
git_client.yaml feat(checker): add CEL for matching complicated expressions (#421) 2025-05-03 14:26:54 -04:00
import_filesystem.json feat: enable loading config fragments (#321) 2025-04-23 07:01:28 -04:00
import_filesystem.yaml feat: enable loading config fragments (#321) 2025-04-23 07:01:28 -04:00
import_keep_internet_working.json feat: enable loading config fragments (#321) 2025-04-23 07:01:28 -04:00
import_keep_internet_working.yaml feat: enable loading config fragments (#321) 2025-04-23 07:01:28 -04:00
old_xesite.json test(config): add Xesite's old policy file to known good test cases (#382) 2025-04-27 13:32:50 +00:00
simple-weight.yaml feat(lib): implement request weight (#621) 2025-06-09 15:25:04 -04:00
status-codes-paranoid.json feat(config): add ability to customize HTTP status codes Anubis returns (#393) 2025-04-29 15:13:44 -04:00
status-codes-paranoid.yaml feat(config): add ability to customize HTTP status codes Anubis returns (#393) 2025-04-29 15:13:44 -04:00
status-codes-rfc.json feat(config): add ability to customize HTTP status codes Anubis returns (#393) 2025-04-29 15:13:44 -04:00
status-codes-rfc.yaml feat(config): add ability to customize HTTP status codes Anubis returns (#393) 2025-04-29 15:13:44 -04:00
weight-no-weight.yaml feat(lib): implement request weight (#621) 2025-06-09 15:25:04 -04:00