arian/anubis-mirror
1
0
Fork 0
mirror of https://github.com/TecharoHQ/anubis.git synced 2026-04-10 10:38:45 +00:00
Code Issues Packages Projects Releases Wiki Activity
729 Commits 190 Branches 41 Tags
04fef9e033afbc85cdd3ace41aeab738d48a4e13
Commit Graph

729 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Xe Iaso
04fef9e033 ci: purge govulncheck, it's less signal than i hoped (#1515) 
* ci: purge govulncheck, it's less signal than i hoped

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci(go): use go stable

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: use go stable

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-03-16 10:30:43 +00:00
Mozi
fa518e1b8c docs: fix mixed tab/space indentation in Caddy config example (#1506) 
Assisted-by: Claude Opus 4.6 via Copilot

Signed-off-by: Mozi <29089388+pzhlkj6612@users.noreply.github.com>
 2026-03-12 16:35:53 +00:00
Xe Iaso
f38210fd84 docs(admin/policy): document ReadWritePaths for logging to files (#1469) 
The default Anubis systemd configuration is very restrictive in
order to prevent any possible compromise of Anubis to be useful
by threat actors. As such, it assumes all logs will be pushed to
the system journal. Some administrators do not want Anubis' logs
to be pushed to the system journal and want Anubis to log to a
file instead.

This change documents how to set up ReadWritePaths in the Anubis
systemd configuration such that Anubis can lot to a file as
administrators expect.

Closes: #1468

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-02-19 12:24:34 +00:00
Xe Iaso
35b5e78a0d chore: tag v1.25.0 
Signed-off-by: Xe Iaso <me@xeiaso.net>
v1.25.0 		2026-02-18 15:56:28 +00:00
Martin
4e0df8c643 feat(docs): Add HAProxy Configurations to Docs (#1424) 
* Add HAProxy docs

* Add changes to Changelog

* Add CodeBlock import to haproxy.mdc

* Fix typos

* Add exceptions to spelling
 2026-02-15 10:32:32 -05:00
dependabot[bot]
c34ec67777 build(deps): bump the npm group across 1 directory with 2 updates (#1452) 
Bumps the npm group with 2 updates in the / directory: [preact](https://github.com/preactjs/preact) and [esbuild](https://github.com/evanw/esbuild).


Updates `preact` from 10.28.2 to 10.28.3
- [Release notes](https://github.com/preactjs/preact/releases)
- [Commits](https://github.com/preactjs/preact/compare/10.28.2...10.28.3)

Updates `esbuild` from 0.27.2 to 0.27.3
- [Release notes](https://github.com/evanw/esbuild/releases)
- [Changelog](https://github.com/evanw/esbuild/blob/main/CHANGELOG.md)
- [Commits](https://github.com/evanw/esbuild/compare/v0.27.2...v0.27.3)

---
updated-dependencies:
- dependency-name: preact
  dependency-version: 10.28.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
- dependency-name: esbuild
  dependency-version: 0.27.3
  dependency-type: direct:development
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-15 10:32:07 -05:00
dependabot[bot]
61026976ec build(deps): bump the github-actions group across 1 directory with 6 updates (#1453) 
Bumps the github-actions group with 6 updates in the / directory:

| Package | From | To |
| --- | --- | --- |
| [docker/login-action](https://github.com/docker/login-action) | `3.6.0` | `3.7.0` |
| [actions/attest-build-provenance](https://github.com/actions/attest-build-provenance) | `3.1.0` | `3.2.0` |
| [actions-hub/kubectl](https://github.com/actions-hub/kubectl) | `1.35.0` | `1.35.1` |
| [actions/cache](https://github.com/actions/cache) | `5.0.2` | `5.0.3` |
| [amannn/action-semantic-pull-request](https://github.com/amannn/action-semantic-pull-request) | `5.5.3` | `6.1.1` |
| [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv) | `7.2.0` | `7.3.0` |



Updates `docker/login-action` from 3.6.0 to 3.7.0
- [Release notes](https://github.com/docker/login-action/releases)
- [Commits](5e57cd1181...c94ce9fb46)

Updates `actions/attest-build-provenance` from 3.1.0 to 3.2.0
- [Release notes](https://github.com/actions/attest-build-provenance/releases)
- [Changelog](https://github.com/actions/attest-build-provenance/blob/main/RELEASE.md)
- [Commits](00014ed6ed...96278af6ca)

Updates `actions-hub/kubectl` from 1.35.0 to 1.35.1
- [Release notes](https://github.com/actions-hub/kubectl/releases)
- [Commits](f6d776bd78...3ece3793e7)

Updates `actions/cache` from 5.0.2 to 5.0.3
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](8b402f58fb...cdf6c1fa76)

Updates `amannn/action-semantic-pull-request` from 5.5.3 to 6.1.1
- [Release notes](https://github.com/amannn/action-semantic-pull-request/releases)
- [Changelog](https://github.com/amannn/action-semantic-pull-request/blob/main/CHANGELOG.md)
- [Commits](0723387faa...48f256284b)

Updates `astral-sh/setup-uv` from 7.2.0 to 7.3.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](61cb8a9741...eac588ad8d)

---
updated-dependencies:
- dependency-name: docker/login-action
  dependency-version: 3.7.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/attest-build-provenance
  dependency-version: 3.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions-hub/kubectl
  dependency-version: 1.35.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-version: 5.0.3
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: amannn/action-semantic-pull-request
  dependency-version: 6.1.1
  dependency-type: direct:production
  update-type: version-update:semver-major
  dependency-group: github-actions
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.3.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-02-15 10:31:51 -05:00
Xe Iaso
189c5c021c chore: sync logo submissions (#1455) 
* chore: sync logo submissions

Closes: #1447
Closes: #1438
Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: update spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-02-15 15:29:32 +00:00
Martin
dde186150b feat(docs): Add ANEXIA Sponsor logo (#1409) 
* Add ANEXIA Sponsor logo

* Add changes to CHANGELOG.md

* Add missing words to spelling expect.txt

---------

Signed-off-by: Xe Iaso <xe.iaso@techaro.lol>
Co-authored-by: Xe Iaso <xe.iaso@techaro.lol>
 2026-02-15 15:21:44 +00:00
Xe Iaso
a98f721957 docs: add AI coding tools policy (#1454) 
* docs: add AI coding tools policy

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: remove symlinks

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs(AGENTS): make compatible with opencode

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: update spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-02-15 15:08:59 +00:00
hyperdefined
03f5e0d542 feat(apps): add updown.io policy (#1444) 2026-02-15 08:21:39 -05:00
Kurt McKee
b4f15a5d16 Fix a CI warning: "The set-output command is deprecated" (#1443) 2026-02-15 08:19:43 -05:00
Xe Iaso
bf5d66222c chore: set up commitlint, husky, and prettier (#1451) 
* chore: add prettier configuration

Signed-off-by: Xe Iaso <me@xeiaso.net>

* format: run prettier tree-wide

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(prettier): ignore intentionally ungrammatical files

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: add PR title lint rule

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci: add DCO check

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: add commitlint and husky

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: add CONTRIBUTING guidelines

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: set SKIP_INTEGRATION in precommit tests

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: update spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* ci(dco): remove reopened trigger

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: remove dead file

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(prettier): don't format nginx includes

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-02-15 08:19:12 -05:00
Bart Louwers
005750903d Improve Dutch translations (#1446) 
* Improve horrible machine translated Dutch translations

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>

* Apply suggestion from @louwers

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>

* Apply suggestion from @louwers

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>

* Apply suggestion from @louwers

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>

* Apply suggestion from @louwers

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>

* Update check-spelling metadata

---------

Signed-off-by: Bart Louwers <bart.louwers@gmail.com>
Co-authored-by: Jason Cameron <git@jsn.cam>
 2026-02-14 21:08:34 +00:00
dependabot[bot]
d2205b11a7 build(deps): bump the github-actions group with 4 updates (#1425) 
Bumps the github-actions group with 4 updates: [actions/checkout](https://github.com/actions/checkout), [actions/setup-node](https://github.com/actions/setup-node), [actions/setup-go](https://github.com/actions/setup-go) and [actions/cache](https://github.com/actions/cache).


Updates `actions/checkout` from 6.0.1 to 6.0.2
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](8e8c483db8...de0fac2e45)

Updates `actions/setup-node` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/actions/setup-node/releases)
- [Commits](395ad32622...6044e13b5d)

Updates `actions/setup-go` from 6.1.0 to 6.2.0
- [Release notes](https://github.com/actions/setup-go/releases)
- [Commits](4dc6199c7b...7a3fe6cf4c)

Updates `actions/cache` from 5.0.1 to 5.0.2
- [Release notes](https://github.com/actions/cache/releases)
- [Changelog](https://github.com/actions/cache/blob/main/RELEASES.md)
- [Commits](9255dc7a25...8b402f58fb)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: 6.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
- dependency-name: actions/setup-node
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/setup-go
  dependency-version: 6.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
- dependency-name: actions/cache
  dependency-version: 5.0.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: github-actions
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jason Cameron <git@jsn.cam>
 2026-01-28 13:50:19 -05:00
Bertrand Jacquin
09f6f4b153 web: fix spacing/indent (#1423) 
web/index.templ CSS contains a mix bag of tab/space along with unaligned
inner CSS. This commit brings consistency
 2026-01-24 21:27:16 -05:00
Matthias Dötsch
d2bc5cadb9 performance: remove significant overhead of decaymap (#1420) 
I have ~5% base CPU load on an idle server due to mutex 100x per second.

Signed-off-by: Matthias Dötsch <matze@mdoetsch.de>
 2026-01-22 19:03:17 +00:00
Jason Cameron
23ec1b82a7 chore: add comments back to Challenge struct. (#1419) 
See #1284
and https://github.com/TecharoHQ/anubis/pull/1284#issuecomment-3784096905
 2026-01-22 14:52:15 +00:00
dependabot[bot]
d622675edc build(deps): bump preact from 10.28.1 to 10.28.2 in the npm group (#1412) 
Bumps the npm group with 1 update: [preact](https://github.com/preactjs/preact).


Updates `preact` from 10.28.1 to 10.28.2
- [Release notes](https://github.com/preactjs/preact/releases)
- [Commits](https://github.com/preactjs/preact/compare/10.28.1...10.28.2)

---
updated-dependencies:
- dependency-name: preact
  dependency-version: 10.28.2
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jason Cameron <git@jsn.cam>
 2026-01-22 09:50:34 -05:00
dependabot[bot]
493a957f4b build(deps): bump astral-sh/setup-uv in the github-actions group (#1413) 
Bumps the github-actions group with 1 update: [astral-sh/setup-uv](https://github.com/astral-sh/setup-uv).


Updates `astral-sh/setup-uv` from 7.1.6 to 7.2.0
- [Release notes](https://github.com/astral-sh/setup-uv/releases)
- [Commits](681c641aba...61cb8a9741)

---
updated-dependencies:
- dependency-name: astral-sh/setup-uv
  dependency-version: 7.2.0
  dependency-type: direct:production
  update-type: version-update:semver-minor
  dependency-group: github-actions
...


Co-authored-by: Jason Cameron <git@jsn.cam>
 2026-01-22 09:49:50 -05:00
Timon de Groot
57c0b2b22c Add IP mapped Perplexity user agents (#1393) 
Perplexity has some proper documentation available for their crawlers,
with published IP addresses: https://docs.perplexity.ai/guides/bots.

Signed-off-by: Timon de Groot <timon.degroot@team.blue>
 2026-01-15 19:57:31 -05:00
Thomas Arrow
186ffeb744 docs: clarify botstopper kubernetes instructions (#1404) 
This makes it clear that when generating a kubernetes secret to pull the bot stopper image that:
- no email is required
- a user is required but the actual value of the username is not checked
- the GH token needs to be pasted in

Signed-off-by: Thomas Arrow <tarrow@users.noreply.github.com>
 2026-01-15 11:13:10 +00:00
Xe Iaso
ff87aac4e7 fix(web): include base prefix in generated URLs (#1403) 
* fix(web): include base prefix in generated URLs

Forgot to add the base prefix to these URLs. Committed a fix for this
and added a test to ensure this does not repeat. Oops!

Closes: #1402
Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-01-14 23:47:44 +00:00
Anton Kesy
3c76724aeb fix: correct typos (#1398) 2026-01-12 01:23:58 +00:00
Andrew Young
1db57e5d23 fix sponsor (Databento) logo size (#1395) 2026-01-09 23:42:03 +00:00
Xe Iaso
6fc2c3c857 docs: document how to import the default config (#1392) 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2026-01-08 16:14:52 +00:00
dependabot[bot]
149e864786 build(deps): bump preact from 10.28.0 to 10.28.1 in the npm group (#1387) 
Bumps the npm group with 1 update: [preact](https://github.com/preactjs/preact).


Updates `preact` from 10.28.0 to 10.28.1
- [Release notes](https://github.com/preactjs/preact/releases)
- [Commits](https://github.com/preactjs/preact/compare/10.28.0...10.28.1)

---
updated-dependencies:
- dependency-name: preact
  dependency-version: 10.28.1
  dependency-type: direct:production
  update-type: version-update:semver-patch
  dependency-group: npm
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2026-01-05 21:44:28 -05:00
Jason Cameron
2aaee6c348 Revert "build(deps): bump the gomod group across 1 directory with 3 updates (…" (#1386) 2026-01-04 00:13:45 +00:00
dependabot[bot]
ebad69a4e1 build(deps): bump the gomod group across 1 directory with 3 updates (#1370) 
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Jason Cameron <jason.cameron@stanwith.me>
 2026-01-03 19:06:05 -05:00
lif
71147b4857 fix: respect Accept-Language quality factors in language detection (#1380) 
The Accept-Language header parsing was not correctly handling quality
factors. When a browser sends "en-GB,de-DE;q=0.5", the expected behavior
is to prefer English (q=1.0 by default) over German (q=0.5).

The fix uses golang.org/x/text/language.ParseAcceptLanguage to properly
parse and sort language preferences by quality factor. It also adds base
language fallbacks (e.g., "en" for "en-GB") to ensure regional variants
match their parent languages when no exact match exists.

Fixes #1022

Signed-off-by: majiayu000 <1835304752@qq.com>
 2026-01-02 08:01:43 -05:00
lif
cee7871ef8 fix: update SSL Labs IP addresses (#1377) 
Signed-off-by: majiayu000 <1835304752@qq.com>
Co-authored-by: Jason Cameron <jason.cameron@stanwith.me>
 2026-01-01 23:21:31 -05:00
Jason Cameron
26d258fb94 Update check-spelling metadata (#1379) 2026-01-01 23:02:15 +00:00
Xe Iaso
80a8e0a8ae chore: add Databento as diamond tier sponsor 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-30 10:56:58 -05:00
Xe Iaso
359613f35a feat: iplist2rule utility command (#1373) 
* feat: iplist2rule utility command

Assisted-By: GLM 4.7 via Claude Code
Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: update CHANGELOG

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: fix spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: fix spelling again

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(iplist2rule): add comment describing how rule was generated

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: add iplist2rule docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: fix spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-29 17:10:17 +00:00
Xe Iaso
1d8e98c5ec test(nginx): fix tests to work in GHA (#1372) 
* test(nginx): fix tests to work in GHA

Closes: #1371
Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(test): does this work lol

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(test): does this other thing work lol

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(test): pki folder location

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
Signed-off-by: Jason Cameron <git@jasoncameron.dev>
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-12-28 23:59:48 -05:00
Jason Cameron
880020095c fix(test): remove interactive flag from nginx smoke test docker run command (#1371) 2025-12-29 03:14:50 +00:00
dependabot[bot]
f5728e96a1 build(deps-dev): bump esbuild from 0.27.1 to 0.27.2 in the npm group (#1368) 
Co-authored-by: Jason Cameron <git@jsn.cam>
 2025-12-28 22:07:44 -05:00
dependabot[bot]
bcf525dbcf build(deps): bump the github-actions group with 3 updates (#1369) 
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-12-28 22:04:16 -05:00
Xe Iaso
d748dc9da8 test: basic nginx smoke test (#1365) 
* docs: split nginx configuration files to their own directory

Signed-off-by: Xe Iaso <me@xeiaso.net>

* test: add nginx config smoke test based on the config in the docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-28 23:18:25 +00:00
p0008874
9b210d795e docs(known-instances): Alphabetical order + Add Valve Corporation (#1352) 
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-12-26 01:05:26 +00:00
The Ninth
e084e5011e feat(localization): add Polish language translation (#1363) 
(cherry picked from commit 1f9c2272e6)

Co-authored-by: bplajzer <b.plajzerr@gmail.com>
 2025-12-25 15:14:04 -05:00
dependabot[bot]
2532478abd build(deps): bump the github-actions group with 4 updates (#1355) 
Co-authored-by: Jason Cameron <git@jasoncameron.dev>
 2025-12-24 01:02:48 -05:00
Xe Iaso
6d9c0abe74 chore: tag v1.24.0 
Signed-off-by: Xe Iaso <me@xeiaso.net>
v1.24.0 		2025-12-23 21:17:59 -05:00
Xe Iaso
a37068a423 fix(default-config): remove browser detection logic (#1360) 
Looks like these rules don't work anymore.

Closes: #1353

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-24 02:13:54 +00:00
Xe Iaso
9d9be61c24 fix(default-config): must-accept-rule on browsers only (#1350) 
TIL docker clients don't include the Accept header all the time. I would
have thought they did that. Oops.

Closes: #1346

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-19 20:42:24 +00:00
Michael
535ed74b17 i18n(de): improve consistency and wording (#1348) 
- Use consistent informal address (fix simplified_explanation)
- Translate "protected_from" ("From" → "Von")
- Standardize "Webseite" → "Website"
- Use more natural phrasing:
  - "Berechnung wird durchgeführt" → "Berechnung läuft"
  - "Zur Hauptseite" → "Zur Startseite"
  - Replace awkward "sozialen Vertrag" phrasing
- "Fingerabdruckerkennung" → "Browser-Fingerprinting" (more common)
- Improve sentence structure and punctuation

Signed-off-by: Michael <87752300+michi-onl@users.noreply.github.com>
 2025-12-19 00:29:49 +00:00
Xe Iaso
ba8a1b7caf fix(honeypot/naive): right, we want the client IP, not the load balancer IP 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-16 04:44:59 -05:00
Xe Iaso
40afc13d7f fix(honeypot/naive): implement better IP parsing logic 
Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-16 04:32:45 -05:00
Xe Iaso
122e4bc072 feat: first implementation of honeypot logic (#1342) 
* feat: first implementation of honeypot logic

This is a bit of an experiment, stick with me.

The core idea here is that badly written crawlers are that: badly
written. They look for anything that contains `<a href="whatever" />`
tags and will blindly use those values to recurse. This takes advantage
of that by hiding a link in a `<script>` tag like this:

```html
<script type="ignore"><a href="/bots-only">Don't click</a></script>
```

Browsers will ignore it because they have no handler for the "ignore"
script type.

This current draft is very unoptimized (it takes like 7 seconds to
generate a page on my tower), however switching spintax libraries will
make this much faster.

The hope is to make this pluggable with WebAssembly such that we force
administrators to choose a storage method. First we crawl before we
walk.

The AI involvement in this commit is limited to the spintax in
affirmations.txt, spintext.txt, and titles.txt. This generates a bunch
of "pseudoprofound bullshit" like the following:

> This Restoration to Balance & Alignment
>
> There's a moment when creators are being called to realize that the work
> can't be reduced to results, but about energy. We don't innovate products
> by pushing harder, we do it by holding the vision. Because momentum can't
> be forced, it unfolds over time when culture are moving in the same
> direction. We're being invited into a paradigm shift in how we think
> about innovation. [...]

This is intended to "look" like normal article text. As this is a first
draft, this sucks and will be improved upon.

Assisted-by: GLM 4.6, ChatGPT, GPT-OSS 120b
Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(honeypot/naive): optimize hilariously

Signed-off-by: Xe Iaso <me@xeiaso.net>

* feat(honeypot/naive): attempt to automatically filter out based on crawling

Signed-off-by: Xe Iaso <me@xeiaso.net>

* fix(lib): use mazeGen instead of bsGen

Signed-off-by: Xe Iaso <me@xeiaso.net>

* docs: add honeypot docs

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore(test): go mod tidy

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: fix spelling metadata

Signed-off-by: Xe Iaso <me@xeiaso.net>

* chore: spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>

---------

Signed-off-by: Xe Iaso <me@xeiaso.net>
 2025-12-16 04:14:29 -05:00
dependabot[bot]
cb91145352 build(deps): bump the gomod group across 1 directory with 6 updates (#1341) 
Co-authored-by: Jason Cameron <jason.cameron@stanwith.me>
 2025-12-15 02:43:18 +00:00