chore: update spelling

Signed-off-by: Xe Iaso <me@xeiaso.net>
docs(AGENTS): make compatible with opencode
2026-05-09 16:42:52 +00:00 · 2026-02-15 15:04:04 +00:00 · 2026-02-15 15:02:20 +00:00 · 2026-02-15 14:35:00 +00:00 · 2026-02-15 13:34:47 +00:00
103 changed files with 954 additions and 1631 deletions
@@ -1,12 +1,12 @@
 <!--
 delete me and describe your change here, give enough context for a maintainer to understand what and why
-See https://github.com/TecharoHQ/anubis/blob/main/CONTRIBUTING.md for more information
+See https://anubis.techaro.lol/docs/developer/code-quality for more information
 -->
 Checklist:
 - [ ] Added a description of the changes to the `[Unreleased]` section of docs/docs/CHANGELOG.md
- [ ] Added test cases to [the relevant parts of the codebase](https://github.com/TecharoHQ/anubis/blob/main/CONTRIBUTING.md)
+- [ ] Added test cases to [the relevant parts of the codebase](https://anubis.techaro.lol/docs/developer/code-quality)
 - [ ] Ran integration tests `npm run test:integration` (unsupported on Windows, please use WSL)
 - [ ] All of my commits have [verified signatures](https://anubis.techaro.lol/docs/developer/signed-commits)
@@ -24,10 +24,3 @@ iplist
 NArg
 blocklists
 rififi
 prolocation
 Prolocation
 Necron
 Stargate
 FFXIV
 uvensys
 de
@@ -7,7 +7,6 @@ Aibrew
 alibaba
 alrest
 amazonbot
 anexia
 anthro
 anubis
 anubistest
@@ -65,7 +64,6 @@ cidranger
 ckie
 CLAUDE
 cloudflare
 cloudsolutions
 Codespaces
 confd
 containerbuild
@@ -119,8 +117,6 @@ FCr
 fcrdns
 fediverse
 ffprobe
 FFXIV
 fhdr
 financials
 finfos
 Firecrawl
@@ -158,7 +154,6 @@ grw
 gzw
 Hashcash
 hashrate
 hdr
 headermap
 healthcheck
 healthz
@@ -168,7 +163,6 @@ Hetzner
 hmc
 homelab
 hostable
 HSTS
 htmlc
 htmx
 httpdebug
@@ -239,7 +233,6 @@ mymaster
 mypass
 myuser
 nbf
 Necron
 nepeat
 netsurf
 nginx
@@ -331,14 +324,11 @@ Spambot
 spammer
 sparkline
 spyderbot
 srcip
 srv
 stackoverflow
 Stargate
 startprecmd
 stoppostcmd
 storetest
 strcmp
 subgrid
 subr
 subrequest
@@ -363,7 +353,6 @@ Timpibot
 TLog
 traefik
 trunc
 txn
 uberspace
 Unbreak
 unbreakdocker
@@ -22,12 +22,12 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y build-essential
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "1.25.7"
+          go-version: "1.25.4"
      - name: install node deps
        run: |
@@ -26,18 +26,18 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y build-essential
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9
      - name: Docker meta
        id: meta
-        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
        with:
          images: ghcr.io/${{ github.repository }}
@@ -36,17 +36,17 @@ jobs:
        run: |
          echo "IMAGE=ghcr.io/${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9
      - name: Log into registry
-        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
@@ -54,7 +54,7 @@ jobs:
      - name: Docker meta
        id: meta
-        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
        with:
          images: ${{ env.IMAGE }}
@@ -68,7 +68,7 @@ jobs:
          SLOG_LEVEL: debug
      - name: Generate artifact attestation
-        uses: actions/attest-build-provenance@a2bbfa25375fe432b6a289bc6b6cd05ecd0c4c32 # v4.1.0
+        uses: actions/attest-build-provenance@00014ed6ed5efc5b1ab7f7f34a39eb55d41aa4f8 # v3.1.0
        with:
          subject-name: ${{ env.IMAGE }}
          subject-digest: ${{ steps.build.outputs.digest }}
@@ -22,10 +22,10 @@ jobs:
          persist-credentials: false
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
      - name: Log into registry
-        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
        with:
          registry: ghcr.io
          username: techarohq
@@ -33,7 +33,7 @@ jobs:
      - name: Docker meta
        id: meta
-        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
        with:
          images: ghcr.io/techarohq/anubis/docs
          tags: |
@@ -42,7 +42,7 @@ jobs:
      - name: Build and push
        id: build
-        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
        with:
          context: ./docs
          cache-to: type=gha
@@ -53,14 +53,14 @@ jobs:
          push: true
      - name: Apply k8s manifests to limsa lominsa
-        uses: actions-hub/kubectl@5ada4e2c02eacc03978c2437e95c8b0f979a9619 # v1.35.2
+        uses: actions-hub/kubectl@f6d776bd78f4523e36d6c74d34f9941c242b2213 # v1.35.0
        env:
          KUBE_CONFIG: ${{ secrets.LIMSA_LOMINSA_KUBECONFIG }}
        with:
          args: apply -k docs/manifest
      - name: Apply k8s manifests to limsa lominsa
-        uses: actions-hub/kubectl@5ada4e2c02eacc03978c2437e95c8b0f979a9619 # v1.35.2
+        uses: actions-hub/kubectl@f6d776bd78f4523e36d6c74d34f9941c242b2213 # v1.35.0
        env:
          KUBE_CONFIG: ${{ secrets.LIMSA_LOMINSA_KUBECONFIG }}
        with:
@@ -18,11 +18,11 @@ jobs:
          persist-credentials: false
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
      - name: Docker meta
        id: meta
-        uses: docker/metadata-action@030e881283bb7a6894de51c315a6bfe6a94e05cf # v6.0.0
+        uses: docker/metadata-action@c299e40c65443455700f0fdfc63efafe5b349051 # v5.10.0
        with:
          images: ghcr.io/techarohq/anubis/docs
          tags: |
@@ -31,7 +31,7 @@ jobs:
      - name: Build and push
        id: build
-        uses: docker/build-push-action@d08e5c354a6adb9ed34480a06d141179aa583294 # v7.0.0
+        uses: docker/build-push-action@263435318d21b8e681c14492fe198d362a7d2c83 # v6.18.0
        with:
          context: ./docs
          cache-to: type=gha
@@ -17,9 +17,9 @@ jobs:
        with:
          persist-credentials: false
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - name: Check go.mod and go.sum in main directory
        run: |
@@ -24,15 +24,15 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y build-essential
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - name: Cache playwright binaries
-        uses: actions/cache@cdf6c1fa76f9f475f3d7449005a359c84ca0f306 # v5.0.3
+        uses: actions/cache@8b402f58fbc84540c8b491a91e594a4576fec3d7 # v5.0.2
        id: playwright-cache
        with:
          path: |
@@ -55,10 +55,10 @@ jobs:
        run: npm run test
      - name: Lint with staticcheck
-        uses: dominikh/staticcheck-action@9716614d4101e79b4340dd97b10e54d68234e431 # v1.4.1
+        uses: dominikh/staticcheck-action@024238d2898c874f26d723e7d0ff4308c35589a2 # v1.4.0
        with:
          version: "latest"
      - name: Govulncheck
        run: |
-          go tool govulncheck ./... ||:
+          go tool govulncheck ./...
@@ -14,6 +14,6 @@ jobs:
    permissions:
      pull-requests: read
    steps:
-      - uses: amannn/action-semantic-pull-request@48f256284bd46cdaab1048c3721360e808335d50 # v6.1.1
+      - uses: amannn/action-semantic-pull-request@0723387faaf9b38adef4775cd42cfd5155ed6017 # v5.5.3
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
@@ -25,12 +25,12 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y build-essential
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - name: install node deps
        run: |
@@ -26,12 +26,12 @@ jobs:
          sudo apt-get update
          sudo apt-get install -y build-essential
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - name: install node deps
        run: |
@@ -41,7 +41,7 @@ jobs:
        run: |
          go tool yeet
-      - uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f # v7.0.0
+      - uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f # v6.0.0
        with:
          name: packages
          path: var/*
@@ -34,12 +34,12 @@ jobs:
        with:
          persist-credentials: false
-      - uses: actions/setup-node@53b83947a5a98c8d113130e565377fae1a50d02f # v6.3.0
+      - uses: actions/setup-node@6044e13b5dc448c55e2357c09f80417699197238 # v6.2.0
        with:
          node-version: "24.11.0"
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9
@@ -57,7 +57,7 @@ jobs:
        run: echo "ARTIFACT_NAME=${{ matrix.test }}" | sed 's|/|-|g' >> $GITHUB_ENV
      - name: Upload artifact
-        uses: actions/upload-artifact@bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
+        uses: actions/upload-artifact@b7c566a772e6b6bfb58ed0dc250532a479d7789f
        if: always()
        with:
          name: ${{ env.ARTIFACT_NAME }}
@@ -24,13 +24,13 @@ jobs:
          fetch-depth: 0
          persist-credentials: false
      - name: Log into registry
-        uses: docker/login-action@b45d80f862d83dbcd57f89517bcf500b2ab88fb2 # v4.0.0
+        uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0
        with:
          registry: ghcr.io
          username: ${{ github.repository_owner }}
          password: ${{ secrets.GITHUB_TOKEN }}
      - name: Set up Docker Buildx
-        uses: docker/setup-buildx-action@4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd # v4.0.0
+        uses: docker/setup-buildx-action@8d2750c68a42422c14e847fe6c8ac0403b4cbd6f # v3.12.0
      - name: Build and push
        run: |
          cd ./test/ssh-ci
@@ -12,15 +12,14 @@ permissions:
 jobs:
  ssh:
    if: github.repository == 'TecharoHQ/anubis'
-    #runs-on: alrest-techarohq
+    runs-on: alrest-techarohq
    runs-on: ubuntu-latest
    strategy:
      matrix:
        host:
          - riscv64
          - ppc64le
-          #- aarch64-4k
+          - aarch64-4k
-          #- aarch64-16k
+          - aarch64-16k
    steps:
      - name: Checkout code
        uses: actions/checkout@de0fac2e4500dabe0009e67214ff5f5447ce83dd # v6.0.2
@@ -30,15 +29,15 @@ jobs:
          persist-credentials: false
      - name: Install CI target SSH key
-        uses: shimataro/ssh-key-action@6b84f2e793b32fa0b03a379cadadec75cc539391 # v2.8.0
+        uses: shimataro/ssh-key-action@d4fffb50872869abe2d9a9098a6d9c5aa7d16be4 # v2.7.0
        with:
          key: ${{ secrets.CI_SSH_KEY }}
          name: id_rsa
          known_hosts: ${{ secrets.CI_SSH_KNOWN_HOSTS }}
-      - uses: actions/setup-go@4b73464bb391d4059bd26b0524d20df3927bd417 # v6.3.0
+      - uses: actions/setup-go@7a3fe6cf4cb3a834922a1244abfce67bcef6a0c5 # v6.2.0
        with:
-          go-version: "stable"
+          go-version: "1.25.4"
      - name: Run CI
        run: go run ./utils/cmd/backoff-retry bash test/ssh-ci/rigging.sh ${{ matrix.host }}
@@ -21,7 +21,7 @@ jobs:
          persist-credentials: false
      - name: Install the latest version of uv
-        uses: astral-sh/setup-uv@eac588ad8def6316056a12d4907a9d4d84ff7a3b # v7.3.0
+        uses: astral-sh/setup-uv@61cb8a9741eeb8a550a1b8544337180c0fc8476b # v7.2.0
      - name: Run zizmor 🌈
        run: uvx zizmor --format sarif . > results.sarif
@@ -24,6 +24,7 @@ build: assets
 lint: assets
 	$(GO) vet ./...
 	$(GO) tool staticcheck ./...
 	$(GO) tool govulncheck ./...
 prebaked-build:
 	$(GO) build -o ./var/anubis -ldflags "-X 'github.com/TecharoHQ/anubis.Version=$(VERSION)'" ./cmd/anubis
@@ -26,21 +26,9 @@ Anubis is brought to you by sponsors and donors like:
 ### Gold Tier
 <a href="https://www.unipromos.com/?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="./docs/static/img/sponsors/unipromos.webp" alt="Unipromos" height="64" />
 </a>
 <a href="https://uvensys.de/?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="./docs/static/img/sponsors/uvensys.webp" alt="Uvensys" height="64">
 </a>
 <a href="https://distrust.co?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="./docs/static/img/sponsors/distrust-logo.webp" alt="Distrust" height="64">
 </a>
 <a href="https://about.gitea.com?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="./docs/static/img/sponsors/gitea-logo.webp" alt="Gitea" height="64">
 </a>
 <a href="https://prolocation.net?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="./docs/static/img/sponsors/prolocation-logo.svg" alt="Prolocation" height="64">
 </a>
 <a href="https://terminaltrove.com/?utm_campaign=github&utm_medium=referral&utm_content=anubis&utm_source=abgh">
  <img src="./docs/static/img/sponsors/terminal-trove.webp" alt="Terminal Trove" height="64">
 </a>
@@ -70,9 +58,6 @@ Anubis is brought to you by sponsors and donors like:
    height="64"
  />
 </a>
 <a href="https://www.anexia.com/">
  <img src="./docs/static/img/sponsors/anexia-cloudsolutions-logo.webp" alt="ANEXIA Cloud Solutions" height="64">
 </a>
 ## Overview
@@ -1 +1 @@
-1.25.0
+1.24.0
@@ -418,8 +418,8 @@ func main() {
 	var redirectDomainsList []string
 	if *redirectDomains != "" {
-		domains := strings.SplitSeq(*redirectDomains, ",")
+		domains := strings.Split(*redirectDomains, ",")
-		for domain := range domains {
+		for _, domain := range domains {
 			_, err = url.Parse(domain)
 			if err != nil {
 				log.Fatalf("cannot parse redirect-domain %q: %s", domain, err.Error())
@@ -10,7 +10,6 @@ import (
 	"net/http"
 	"os"
 	"regexp"
 	"slices"
 	"strings"
 	"github.com/TecharoHQ/anubis/lib/config"
@@ -211,8 +210,11 @@ func parseRobotsTxt(input io.Reader) ([]RobotsRule, error) {
 	// Mark blacklisted user agents (those with "Disallow: /")
 	for i := range rules {
-		if slices.Contains(rules[i].Disallows, "/") {
+		for _, disallow := range rules[i].Disallows {
-			rules[i].IsBlacklist = true
+			if disallow == "/" {
 				rules[i].IsBlacklist = true
 				break
 			}
 		}
 	}
@@ -158,8 +158,8 @@ func TestDataFileConversion(t *testing.T) {
 			}
 			if strings.ToLower(*outputFormat) == "yaml" {
-				var actualData []any
+				var actualData []interface{}
-				var expectedData []any
+				var expectedData []interface{}
 				err = yaml.Unmarshal(actualOutput, &actualData)
 				if err != nil {
@@ -178,8 +178,8 @@ func TestDataFileConversion(t *testing.T) {
 					t.Errorf("Output mismatch for %s\nExpected:\n%s\n\nActual:\n%s", tc.name, expectedStr, actualStr)
 				}
 			} else {
-				var actualData []any
+				var actualData []interface{}
-				var expectedData []any
+				var expectedData []interface{}
 				err = json.Unmarshal(actualOutput, &actualData)
 				if err != nil {
@@ -419,6 +419,6 @@ Disallow: /`
 // compareData performs a deep comparison of two data structures,
 // ignoring differences that are semantically equivalent in YAML/JSON
-func compareData(actual, expected any) bool {
+func compareData(actual, expected interface{}) bool {
 	return reflect.DeepEqual(actual, expected)
 }
@@ -11,43 +11,12 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 ## [Unreleased]
 - fix: prevent nil pointer panic in challenge validation when threshold rules match during PassChallenge (#1463)
 - Instruct reverse proxies to not cache error pages.
 - Fixed mixed tab/space indentation in Caddy documentation code block
 - Rewrite main proof of work challenge to use Preact instead of Vanilla.js ([#1149](https://github.com/TecharoHQ/anubis/issues/1149))
 <!-- This changes the project to: -->
 ## v1.25.0: Necron
 Hey all,
 I'm sure you've all been aware that things have been slowing down a little with Anubis development, and I want to apologize for that. A lot has been going on in my life lately (my blog will have a post out on Friday with more information), and as a result I haven't really had the energy to work on Anubis in publicly visible ways. There are things going on behind the scenes, but nothing is really shippable yet, sorry!
 I've also been feeling some burnout in the wake of perennial waves of anger directed towards me. I'm handling it, I'll be fine, I've just had a lot going on in my life and it's been rough.
 I've been missing the sense of wanderlust and discovery that comes with the artistic way I playfully develop software. I suspect that some of the stresses I've been through (setting up a complicated surgery in a country whose language you aren't fluent in is kind of an experience) have been sapping my energy. I'd gonna try to mess with things on my break, but realistically I'm probably just gonna be either watching Stargate SG-1 or doing unreasonable amounts of ocean fishing in Final Fantasy 14. Normally I'd love to keep the details about my medical state fairly private, but I'm more of a public figure now than I was this time last year so I don't really get the invisibility I'm used to for this.
 I've also had a fair amount of negativity directed at me for simply being much more visible than the anonymous threat actors running the scrapers that are ruining everything, which though understandable has not helped.
 Anyways, it all worked out and I'm about to be in the hospital for a week, so if things go really badly with this release please downgrade to the last version and/or upgrade to the main branch when the fix PR is inevitably merged. I hoped to have time to tame GPG and set up full release automation in the Anubis repo, but that didn't work out this time and that's okay.
 If I can challenge you all to do something, go out there and try to actually create something new somehow. Combine ideas you've never mixed before. Be creative, be human, make something purely for yourself to scratch an itch that you've always had yet never gotten around to actually mending.
 At the very least, try to be an example of how you want other people to act, even when you're in a situation where software written by someone else is configured to require a user agent to execute javascript to access a webpage.
 Be well,
 Xe
 PS: if you're well-versed in FFXIV lore, the release title should give you an idea of the kind of stuff I've been going through mentally.
 - Add iplist2rule tool that lets admins turn an IP address blocklist into an Anubis ruleset.
 - Add Polish locale ([#1292](https://github.com/TecharoHQ/anubis/pull/1309))
 - Fix honeypot and imprint links missing `BASE_PREFIX` when deployed behind a path prefix ([#1402](https://github.com/TecharoHQ/anubis/issues/1402))
 - Add ANEXIA Sponsor logo to docs ([#1409](https://github.com/TecharoHQ/anubis/pull/1409))
 - Improve idle performance in memory storage
- Add HAProxy Configurations to Docs ([#1424](https://github.com/TecharoHQ/anubis/pull/1424))
+
 <!-- This changes the project to: -->
 ## v1.24.0: Y'shtola Rhul
@@ -62,9 +62,9 @@ yourdomain.example.com {
  tls your@email.address
  reverse_proxy http://anubis:3000 {
-    header_up X-Real-Ip {remote_host}
+		header_up X-Real-Ip {remote_host}
-    header_up X-Http-Version {http.request.proto}
+		header_up X-Http-Version {http.request.proto}
-  }
+	}
 }
 ```
@@ -1,101 +0,0 @@
 # HAProxy
 import CodeBlock from "@theme/CodeBlock";
 To use Anubis with HAProxy, you have two variants:
  - simple - stick Anubis between HAProxy and your application backend (simple)
    - perfect if you only have a single application in general
  - advanced - force Anubis challenge by default and route to the application backend by HAProxy if the challenge is correct
    - useful for complex setups
    - routing can be done in HAProxy
    - define ACLs in HAProxy for domains, paths etc which are required/excluded regarding Anubis
    - HAProxy 3.0 recommended
 ## Simple Variant
 ```mermaid
 ---
 title: HAProxy with simple config
 ---
 flowchart LR
    T(User Traffic)
    HAProxy(HAProxy Port 80/443)
    Anubis
    Application
    T --> HAProxy
    HAProxy --> Anubis
    Anubis --> |Happy Traffic| Application
 ```
 Your Anubis env file configuration may look like this:
 import simpleAnubis from "!!raw-loader!./haproxy/simple-config.env";
 <CodeBlock language="bash">{simpleAnubis}</CodeBlock>
 The important part is that `TARGET` points to your actual application and if Anubis and HAProxy are on the same machine, a UNIX socket can be used.
 Your frontend and backend configuration of HAProxy may look like the following:
 import simpleHAProxy from "!!raw-loader!./haproxy/simple-haproxy.cfg";
 <CodeBlock language="bash">{simpleHAProxy}</CodeBlock>
 This simply enables SSL offloading, sets some useful and required headers and routes to Anubis directly.
 ## Advanced Variant
 Due to the fact that HAProxy can decode JWT, we are able to verify the Anubis token directly in HAProxy and route the traffic to the specific backends ourselves.
 Mind that rule logic to allow Git HTTP and other legit bot traffic to bypass is delegated from Anubis to HAProxy then. If required, you should implement any whitelisting in HAProxy using `acl_anubis_ignore` yourself.
 In this example are three applications behind one HAProxy frontend. Only App1 and App2 are secured via Anubis; App3 is open for everyone. The path `/excluded/path` can also be accessed by anyone.
 ```mermaid
 ---
 title: HAProxy with advanced config
 ---
 flowchart LR
    T(User Traffic)
    HAProxy(HAProxy Port 80/443)
    B1(App1)
    B2(App2)
    B3(App3)
    Anubis
    T --> HAProxy
    HAProxy --> |Traffic for App1 and App2 without valid challenge| Anubis
    HAProxy --> |app1.example.com | B1
    HAProxy --> |app2.example.com| B2
    HAProxy --> |app3.example.com| B3
 ```
 :::note
 For an improved JWT decoding performance, it's recommended to use HAProxy version 3.0 or above.
 :::
 Your Anubis env file configuration may look like this:
 import advancedAnubis from "!!raw-loader!./haproxy/advanced-config.env";
 <CodeBlock language="bash">{advancedAnubis}</CodeBlock>
 It's important to use `HS512_SECRET` which HAProxy understands. Please replace `<SECRET-HERE>` with your own secret string (alphanumerical string with 128 characters recommended).
 You can set Anubis to force a challenge for every request using the following policy file:
 import advancedAnubisPolicy from "!!raw-loader!./haproxy/advanced-config-policy.yml";
 <CodeBlock language="yaml">{advancedAnubisPolicy}</CodeBlock>
 The HAProxy config file may look like this:
 import advancedHAProxy from "!!raw-loader!./haproxy/advanced-haproxy.cfg";
 <CodeBlock language="haproxy">{advancedHAProxy}</CodeBlock>
 Please replace `<SECRET-HERE>` with the same secret from the Anubis config.
@@ -1,15 +0,0 @@
 # /etc/anubis/challenge-any.yml
 bots:
  - name: any
    action: CHALLENGE
    user_agent_regex: .*
 status_codes:
  CHALLENGE: 403
  DENY: 403
 thresholds: []
 dnsbl: false
@@ -1,11 +0,0 @@
 # /etc/anubis/default.env
 BIND=/run/anubis/default.sock
 BIND_NETWORK=unix
 DIFFICULTY=4
 METRICS_BIND=:9090
 # target is irrelevant here, backend routing happens in HAProxy
 TARGET=http://0.0.0.0
 HS512_SECRET=<SECRET-HERE>
 COOKIE_DYNAMIC_DOMAIN=True
 POLICY_FNAME=/etc/anubis/challenge-any.yml
@@ -1,59 +0,0 @@
 # /etc/haproxy/haproxy.cfg
 frontend FE-multiple-applications
  mode http
  bind :80
  # ssl offloading on port 443 using a certificate from /etc/haproxy/ssl/ directory
  bind :443 ssl crt /etc/haproxy/ssl/ alpn h2,http/1.1 ssl-min-ver TLSv1.2 no-tls-tickets
  # set X-Real-IP header required for Anubis
  http-request set-header X-Real-IP "%[src]"
  # redirect HTTP to HTTPS
  http-request redirect scheme https code 301 unless { ssl_fc }
  # add HSTS header
  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
  # only force Anubis challenge for app1 and app2
  acl acl_anubis_required hdr(host) -i "app1.example.com"
  acl acl_anubis_required hdr(host) -i "app2.example.com"
  # exclude Anubis for a specific path
  acl acl_anubis_ignore path /excluded/path
  # use Anubis if auth cookie not found
  use_backend BE-anubis if acl_anubis_required !acl_anubis_ignore !{ req.cook(techaro.lol-anubis-auth) -m found }
  # get payload of the JWT such as algorithm, expire time, restrictions
  http-request set-var(txn.anubis_jwt_alg) req.cook(techaro.lol-anubis-auth),jwt_header_query('$.alg') if acl_anubis_required !acl_anubis_ignore
  http-request set-var(txn.anubis_jwt_exp) cook(techaro.lol-anubis-auth),jwt_payload_query('$.exp','int') if acl_anubis_required !acl_anubis_ignore
  http-request set-var(txn.anubis_jwt_res) cook(techaro.lol-anubis-auth),jwt_payload_query('$.restriction') if acl_anubis_required !acl_anubis_ignore
  http-request set-var(txn.srcip) req.fhdr(X-Real-IP) if acl_anubis_required !acl_anubis_ignore
  http-request set-var(txn.now) date() if acl_anubis_required !acl_anubis_ignore
  # use Anubis if JWT has wrong algorithm, is expired, restrictions don't match or isn't signed with the correct key
  use_backend BE-anubis if acl_anubis_required !acl_anubis_ignore !{ var(txn.anubis_jwt_alg) -m str HS512 }
  use_backend BE-anubis if acl_anubis_required !acl_anubis_ignore { var(txn.anubis_jwt_exp),sub(txn.now) -m int lt 0 }
  use_backend BE-anubis if acl_anubis_required !acl_anubis_ignore !{ var(txn.srcip),digest(sha256),hex,lower,strcmp(txn.anubis_jwt_res) eq 0 }
  use_backend BE-anubis if acl_anubis_required !acl_anubis_ignore !{ cook(techaro.lol-anubis-auth),jwt_verify(txn.anubis_jwt_alg,"<SECRET-HERE>") -m int 1 }
  # custom routing in HAProxy
  use_backend BE-app1 if { hdr(host) -i "app1.example.com" }
  use_backend BE-app2 if { hdr(host) -i "app2.example.com" }
  use_backend BE-app3 if { hdr(host) -i "app3.example.com" }
 backend BE-app1
  mode http
  server app1-server 127.0.0.1:3000
 backend BE-app2
  mode http
  server app2-server 127.0.0.1:4000
 backend BE-app3
  mode http
  server app3-server 127.0.0.1:5000
 BE-anubis
  mode http
  server anubis /run/anubis/default.sock
@@ -1,10 +0,0 @@
 # /etc/anubis/default.env
 BIND=/run/anubis/default.sock
 BIND_NETWORK=unix
 SOCKET_MODE=0666
 DIFFICULTY=4
 METRICS_BIND=:9090
 COOKIE_DYNAMIC_DOMAIN=true
 # address and port of the actual application
 TARGET=http://localhost:3000
@@ -1,22 +0,0 @@
 # /etc/haproxy/haproxy.cfg
 frontend FE-application
  mode http
  bind :80
  # ssl offloading on port 443 using a certificate from /etc/haproxy/ssl/ directory
  bind :443 ssl crt /etc/haproxy/ssl/ alpn h2,http/1.1 ssl-min-ver TLSv1.2 no-tls-tickets
  # set X-Real-IP header required for Anubis
  http-request set-header X-Real-IP "%[src]"
  # redirect HTTP to HTTPS
  http-request redirect scheme https code 301 unless { ssl_fc }
  # add HSTS header
  http-response set-header Strict-Transport-Security "max-age=31536000; includeSubDomains; preload"
  # route to Anubis backend by default
  default_backend BE-anubis-application
 BE-anubis-application
  mode http
  server anubis /run/anubis/default.sock
@@ -130,52 +130,3 @@ Then point your Ingress to the Anubis port:
              # diff-add
              name: anubis
 ```
 ## Envoy Gateway
 If you are using envoy-gateway, the `X-Real-Ip` header is not set by default, but Anubis does require it. You can resolve this by adding the header, either on the specific `HTTPRoute` where Anubis is listening, or on the `ClientTrafficPolicy` to apply it to any number of Gateways:
 HTTPRoute:
 ```yaml
 apiVersion: gateway.networking.k8s.io/v1
 kind: HTTPRoute
 metadata:
  name: app-route
 spec:
  hostnames: ["app.domain.tld"]
  parentRefs:
    - name: envoy-external
      namespace: network
      sectionName: https
  rules:
    - backendRefs:
        - identifier: *app
          port: anubis
      filters:
        - type: RequestHeaderModifier
          requestHeaderModifier:
            set:
              - name: X-Real-Ip
                value: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
 ```
 Applying to any number of Gateways:
 ```yaml
 apiVersion: gateway.envoyproxy.io/v1alpha1
 kind: ClientTrafficPolicy
 metadata:
  name: envoy
 spec:
  headers:
    earlyRequestHeaders:
      set:
        - name: X-Real-Ip
          value: "%DOWNSTREAM_REMOTE_ADDRESS_WITHOUT_PORT%"
  clientIPDetection:
    xForwardedFor:
      trustedCIDRs:
        - 10.96.0.0/16 # Cluster pod CIDR
  targetSelectors: # These will apply to all Gateways
    - group: gateway.networking.k8s.io
      kind: Gateway
 ```
@@ -203,7 +203,6 @@ To get Anubis filtering your traffic, you need to make sure it's added to your H
 - [Kubernetes](./environments/kubernetes.mdx)
 - [Nginx](./environments/nginx.mdx)
 - [Traefik](./environments/traefik.mdx)
 - [HAProxy](./environments/haproxy.mdx)
 :::note
@@ -143,4 +143,3 @@ For more details on particular reverse proxies, see here:
 - [Apache](./environments/apache.mdx)
 - [Nginx](./environments/nginx.mdx)
 - [HAProxy](./environments/haproxy.mdx)
@@ -393,32 +393,6 @@ logging:
 When files are rotated out, the old files will be named after the rotation timestamp in [RFC 3339 format](https://www.rfc-editor.org/rfc/rfc3339).
 :::note
 If you are running Anubis in systemd via a native package, the default systemd unit settings are very restrictive and will forbid writing to folders in `/var/log`. In order to fix this, please make a [drop-in unit](https://www.flatcar.org/docs/latest/setup/systemd/drop-in-units/) like the following:
 ```text
 # /etc/systemd/anubis@instance-name.service.d/50-var-log-readwrite.conf
 [Service]
 ReadWritePaths=/run /var/log/anubis
 ```
 Once you write this to the correct place, reload the systemd configuration:
 ```text
 sudo systemctl daemon-reload
 ```
 And then restart Anubis:
 ```text
 sudo systemctl restart anubis@instance-name
 ```
 You may be required to make drop-ins for each Anubis instance depending on the facts and circumstances of your deployment.
 :::
 ### `stdio` sink
 By default, Anubis logs everything to the standard error stream of its process. This requires no configuration:
@@ -0,0 +1,31 @@
 ---
 title: Code quality guidelines
 ---
 When submitting code to Anubis, please take the time to consider the fact that this project is security software. If things go bad, bots can pummel sites into oblivion. This is not ideal for uptime.
 As such, code reviews will be a bit more strict than you have seen in other projects. This is not people trying to be mean, this is a side effect of taking the problem seriously.
 When making code changes, try to do the following:
 - If you're submitting a bugfix, add a test case for it
 - If you're changing the JavaScript, make sure the integration tests pass (`npm run test:integration`)
 ## Commit messages
 Anubis follows the Go project's conventions for commit messages. In general, an ideal commit message should read like this:
 ```text
 path/to/folder: brief description of the change
 If the change is subtle, has implementation consequences, or is otherwise
 not entirely self-describing: take the time to spell out why. If things
 are very subtle, please also amend the documentation accordingly
 ```
 The subject of a commit message should be the second half of the sentence "This commit changes the Anubis project to:". Here's a few examples:
 - `disable DroneBL by default`
 - `port the challenge to WebAssembly`
 The extended commit message is also your place to give rationale for a new feature. When maintainers are reviewing your code, they will use this to figure out if the burden from feature maintainership is worth the merge.
@@ -35,21 +35,9 @@ Anubis is brought to you by sponsors and donors like:
 ### Gold Tier
 <a href="https://www.unipromos.com/?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="/img/sponsors/unipromos.webp" alt="Uvensys" height="64" />
 </a>
 <a href="https://uvensys.de/?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="/img/sponsors/uvensys.webp" alt="Uvensys" height="64" />
 </a>
 <a href="https://distrust.co?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="/img/sponsors/distrust-logo.webp" alt="Distrust" height="64" />
 </a>
 <a href="https://about.gitea.com?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="/img/sponsors/gitea-logo.webp" alt="Gitea" height="64" />
 </a>
 <a href="https://prolocation.net?utm_campaign=github&utm_medium=referral&utm_content=anubis">
  <img src="/img/sponsors/prolocation-logo.svg" alt="Prolocation" height="64" />
 </a>
 <a href="https://terminaltrove.com/?utm_campaign=github&utm_medium=referral&utm_content=anubis&utm_source=abgh">
  <img
    src="/img/sponsors/terminal-trove.webp"
@@ -38,8 +38,10 @@ This page contains a non-exhaustive list with all websites using Anubis.
 - https://squirreljme.cc/
 - https://superlove.sayitditto.net/
 - https://svnweb.freebsd.org/
 - https://trac.ffmpeg.org/
 - https://tumfatig.net/
 - https://wiki.archlinux.org/
 - https://wiki.dolphin-emu.org/
 - https://wiki.freepascal.org/
 - https://wiki.koha-community.org/
 - https://www.cfaarchive.org/
@@ -51,11 +53,6 @@ This page contains a non-exhaustive list with all websites using Anubis.
  - https://bbs.archlinux32.org/
  - https://bugs.archlinux32.org/
  </details>
 - <details>
  <summary>Dolphin Emulator</summary>
  - https://forums.dolphin-emu.org/
  - https://wiki.dolphin-emu.org/
  </details>
 - <details>
  <summary>Duke University</summary>
  - https://repository.duke.edu/
@@ -63,11 +60,6 @@ This page contains a non-exhaustive list with all websites using Anubis.
  - https://find.library.duke.edu/
  - https://nicholas.duke.edu/
  </details>
 - <details>
  <summary>FFmpeg</summary>
  - https://git.ffmpeg.org/
  - https://trac.ffmpeg.org/
  </details>
 - <details>
  <summary>Forschungszentrum Jülich</summary>
  - https://juser.fz-juelich.de/
@@ -120,8 +112,11 @@ This page contains a non-exhaustive list with all websites using Anubis.
  - https://git.kernel.org/
  - https://lore.kernel.org/
  </details>
 - <details>
  <summary>The United Nations</summary>
  - https://policytoolbox.iiep.unesco.org/
  </details>
 - <details>
  <summary>Valve Corporation</summary>
  - https://developer.valvesoftware.com/wiki/Main_Page
  - https://wiki.teamfortress.com/wiki/Main_Page
  </details>
@@ -1,37 +0,0 @@
 <?xml version="1.0" encoding="utf-8"?>
 <!-- Generator: Adobe Illustrator 15.1.0, SVG Export Plug-In . SVG Version: 6.00 Build 0)  -->
 <!DOCTYPE svg PUBLIC "-//W3C//DTD SVG 1.1//EN" "http://www.w3.org/Graphics/SVG/1.1/DTD/svg11.dtd">
 <svg version="1.1" id="Layer_1" xmlns="http://www.w3.org/2000/svg" xmlns:xlink="http://www.w3.org/1999/xlink" x="0px" y="0px"
 	 width="250px" height="42px" viewBox="0 0.05 250 42" enable-background="new 0 0.05 250 42" xml:space="preserve">
 <g>
 	<rect y="0.15" fill="#FFFFFF" width="42" height="42"/>
 	<polygon fill="#FF0600" points="0,42.05 10.5,42.05 10.5,10.55 31.5,10.55 31.5,31.55 21,31.55 10.5,42.05 42,42.05 42,0.05 
 		0,0.05 	"/>
 	<path fill="#222222" d="M59.1,24.95h-2.2v9.6h-5.3V8.05h7.5c5.7,0,7.5,3.3,7.5,8.5C66.6,21.65,64.9,24.95,59.1,24.95z M59,12.75h-2
 		v7.4h2c2.2,0,2.3-2,2.3-3.7C61.3,14.85,61.2,12.75,59,12.75z"/>
 	<path fill="#222222" d="M80.1,34.55l-3.2-10.3h-1.8v10.3h-5.3V8.05h7.6c5.8,0,7.4,3,7.4,8.1c0,2.8-0.4,5.4-3,7l3.9,11.5h-5.6V34.55
 		z M77.3,12.75h-2.2v6.7h2.2c2,0,2.1-1.8,2.1-3.4C79.4,14.55,79.3,12.75,77.3,12.75z"/>
 	<path fill="#222222" d="M101.2,32.149c-1.2,1.5-2.9,2.7-5.8,2.7s-4.6-1.2-5.8-2.7c-1.9-2.3-2-5.8-2-10.899c0-5.1,0.1-8.6,2-10.9
 		c1.2-1.5,2.9-2.7,5.8-2.7s4.6,1.2,5.8,2.7c1.9,2.3,2,5.8,2,10.9C103.2,26.35,103.1,29.85,101.2,32.149z M97.2,13.55
 		c-0.3-0.6-0.8-1-1.8-1s-1.5,0.4-1.8,1c-0.6,1.2-0.7,4.5-0.7,7.7c0,3.2,0.1,6.5,0.7,7.8c0.3,0.6,0.8,1,1.8,1s1.5-0.4,1.8-1
 		c0.6-1.2,0.7-4.5,0.7-7.8C97.9,18.05,97.8,14.75,97.2,13.55z"/>
 	<path fill="#222222" d="M106.5,34.55V8.05h5.3v21.8h6.9v4.8h-12.2V34.55z"/>
 	<path fill="#222222" d="M133.7,32.149c-1.2,1.5-2.9,2.7-5.8,2.7c-2.9,0-4.601-1.2-5.8-2.7c-1.9-2.3-2-5.8-2-10.899
 		c0-5.1,0.1-8.6,2-10.9c1.2-1.5,2.9-2.7,5.8-2.7c2.899,0,4.6,1.2,5.8,2.7c1.899,2.3,2,5.8,2,10.9
 		C135.7,26.35,135.6,29.85,133.7,32.149z M129.7,13.55c-0.3-0.6-0.8-1-1.8-1s-1.5,0.4-1.801,1c-0.6,1.2-0.7,4.5-0.7,7.7
 		c0,3.2,0.1,6.5,0.7,7.8c0.301,0.6,0.801,1,1.801,1s1.5-0.4,1.8-1c0.6-1.2,0.7-4.5,0.7-7.8C130.4,18.05,130.3,14.75,129.7,13.55z"/>
 	<path fill="#222222" d="M151.3,32.95c-1.3,1.3-2.899,1.899-5.1,1.899c-2.9,0-4.601-1.2-5.8-2.7c-1.9-2.3-2-5.8-2-10.899
 		c0-5.1,0.1-8.6,2-10.9c1.199-1.5,2.899-2.7,5.8-2.7c2.2,0,3.8,0.6,5.1,1.9c1.4,1.3,2.3,3.4,2.4,5.9h-5.3c0-0.7-0.101-1.5-0.4-2
 		c-0.3-0.6-0.8-1-1.8-1s-1.5,0.4-1.8,1c-0.601,1.2-0.7,4.5-0.7,7.7c0,3.2,0.1,6.5,0.7,7.8c0.3,0.6,0.8,1,1.8,1s1.5-0.4,1.8-1
 		c0.3-0.601,0.4-1.301,0.4-2.101h5.3C153.6,29.55,152.7,31.649,151.3,32.95z"/>
 	<path fill="#222222" d="M167.8,34.55l-0.899-4.1H160.8l-0.899,4.1h-5.5l6.899-26.5h5.2l6.8,26.5H167.8z M163.9,15.85l-2,9.8h4.1
 		L163.9,15.85z"/>
 	<path fill="#222222" d="M182.2,12.75v21.8h-5.3v-21.8h-4.5v-4.7H186.6v4.8H182.2V12.75z"/>
 	<path fill="#222222" d="M189.5,34.55V8.05h5.3v26.5H189.5z"/>
 	<path fill="#222222" d="M211.7,32.149c-1.2,1.5-2.9,2.7-5.8,2.7c-2.9,0-4.601-1.2-5.801-2.7c-1.899-2.3-2-5.8-2-10.899
 		c0-5.1,0.101-8.6,2-10.9c1.2-1.5,2.9-2.7,5.801-2.7c2.899,0,4.6,1.2,5.8,2.7c1.899,2.3,2,5.8,2,10.9
 		C213.7,26.35,213.5,29.85,211.7,32.149z M207.6,13.55c-0.3-0.6-0.8-1-1.8-1s-1.5,0.4-1.8,1c-0.6,1.2-0.7,4.5-0.7,7.7
 		c0,3.2,0.101,6.5,0.7,7.8c0.3,0.6,0.8,1,1.8,1s1.5-0.4,1.8-1c0.601-1.2,0.7-4.5,0.7-7.8C208.3,18.05,208.3,14.75,207.6,13.55z"/>
 	<path fill="#222222" d="M227.9,34.55l-5.601-13v13H217V8.05h4.6l5.5,13v-13h5.301v26.5H227.9z"/>
 </g>
 </svg>
@@ -36,7 +36,7 @@ func Glob(pattern, subj string) bool {
 	end := len(parts) - 1
 	// Go over the leading parts and ensure they match.
-	for i := range end {
+	for i := 0; i < end; i++ {
 		idx := strings.Index(subj, parts[i])
 		switch i {
@@ -184,7 +184,7 @@ func TestHashCollisions(t *testing.T) {
 	for _, prefix := range prefixes {
 		for _, suffix := range suffixes {
 			for _, variation := range variations {
-				for i := range 100 {
+				for i := 0; i < 100; i++ {
 					input := fmt.Sprintf("%s%s%s-%d", prefix, suffix, variation, i)
 					hash := XXHash64sum(input)
 					if existing, exists := xxhashHashes[hash]; exists {
@@ -211,7 +211,7 @@ func TestHashCollisions(t *testing.T) {
 	seqCount := 0
 	for _, pattern := range patterns {
-		for i := range 10000 {
+		for i := 0; i < 10000; i++ {
 			input := fmt.Sprintf(pattern, i)
 			hash := XXHash64sum(input)
 			if existing, exists := xxhashHashes[hash]; exists {
@@ -120,7 +120,7 @@ func (i *Impl) makeAffirmations() []string {
 	count := rand.IntN(5) + 1
 	var result []string
-	for range count {
+	for j := 0; j < count; j++ {
 		result = append(result, i.affirmation.Spin())
 	}
@@ -131,7 +131,7 @@ func (i *Impl) makeSpins() []string {
 	count := rand.IntN(5) + 1
 	var result []string
-	for range count {
+	for j := 0; j < count; j++ {
 		result = append(result, i.body.Spin())
 	}
@@ -16,7 +16,7 @@ func (lo *ListOr[T]) UnmarshalJSON(data []byte) error {
 	// Check if first non-whitespace character is '['
 	firstChar := data[0]
-	for i := range data {
+	for i := 0; i < len(data); i++ {
 		if data[i] != ' ' && data[i] != '\t' && data[i] != '\n' && data[i] != '\r' {
 			firstChar = data[i]
 			break
@@ -95,7 +95,7 @@ func TestMemoryUsage(t *testing.T) {
 	// Run getTarget many times
 	u, _ := url.Parse("/path/to/resource?query=1&foo=bar&baz=qux")
-	for range 10000 {
+	for i := 0; i < 10000; i++ {
 		_ = cache.getTarget(u)
 	}
@@ -129,7 +129,7 @@ func TestMemoryUsage(t *testing.T) {
 	runtime.GC()
 	runtime.ReadMemStats(&m1)
-	for range 1000 {
+	for i := 0; i < 1000; i++ {
 		_ = cache.extractOGTags(doc)
 	}
@@ -3,7 +3,6 @@ package ogtags
 import (
 	"context"
 	"net/url"
 	"slices"
 	"strings"
 	"testing"
 	"unicode/utf8"
@@ -79,7 +78,7 @@ func FuzzGetTarget(f *testing.F) {
 		}
 		// Ensure no memory corruption by calling multiple times
-		for range 3 {
+		for i := 0; i < 3; i++ {
 			result2 := cache.getTarget(u)
 			if result != result2 {
 				t.Errorf("getTarget not deterministic: %q != %q", result, result2)
@@ -149,8 +148,11 @@ func FuzzExtractOGTags(f *testing.F) {
 				}
 			}
 			if !approved {
-				if slices.Contains(cache.approvedTags, property) {
+				for _, tag := range cache.approvedTags {
-					approved = true
+					if property == tag {
 						approved = true
 						break
 					}
 				}
 			}
 			if !approved {
@@ -258,8 +260,11 @@ func FuzzExtractMetaTagInfo(f *testing.F) {
 				}
 			}
 			if !approved {
-				if slices.Contains(cache.approvedTags, property) {
+				for _, tag := range cache.approvedTags {
-					approved = true
+					if property == tag {
 						approved = true
 						break
 					}
 				}
 			}
 			if !approved {
@@ -1,7 +1,6 @@
 package ogtags
 import (
 	"slices"
 	"strings"
 	"golang.org/x/net/html"
@@ -66,8 +65,10 @@ func (c *OGTagCache) extractMetaTagInfo(n *html.Node) (property, content string)
 	}
 	// Check exact matches
-	if slices.Contains(c.approvedTags, propertyKey) {
+	for _, tag := range c.approvedTags {
-		return propertyKey, content
+		if propertyKey == tag {
 			return propertyKey, content
 		}
 	}
 	return "", content
@@ -270,7 +270,7 @@ func TestPlaywrightBrowser(t *testing.T) {
 				var performedAction action
 				var err error
-				for i := range 5 {
+				for i := 0; i < 5; i++ {
 					performedAction, err = executeTestCase(t, tc, typ, anubisURL)
 					if performedAction == tc.action {
 						break
@@ -81,11 +81,11 @@ type Server struct {
 func (s *Server) getTokenKeyfunc() jwt.Keyfunc {
 	// return ED25519 key if HS512 is not set
 	if len(s.hs512Secret) == 0 {
-		return func(token *jwt.Token) (any, error) {
+		return func(token *jwt.Token) (interface{}, error) {
 			return s.ed25519Priv.Public().(ed25519.PublicKey), nil
 		}
 	} else {
-		return func(token *jwt.Token) (any, error) {
+		return func(token *jwt.Token) (interface{}, error) {
 			return s.hs512Secret, nil
 		}
 	}
@@ -106,13 +106,6 @@ func (s *Server) issueChallenge(ctx context.Context, r *http.Request, lg *slog.L
 		//return nil, errors.New("[unexpected] this codepath should be impossible, asked to issue a challenge for a non-challenge rule")
 	}
 	if rule.Challenge == nil {
 		rule.Challenge = &config.ChallengeRules{
 			Difficulty: s.policy.DefaultDifficulty,
 			Algorithm:  config.DefaultAlgorithm,
 		}
 	}
 	id, err := uuid.NewV7()
 	if err != nil {
 		return nil, err
@@ -141,7 +134,7 @@ func (s *Server) issueChallenge(ctx context.Context, r *http.Request, lg *slog.L
 		return nil, err
 	}
-	lg.Info("new challenge issued", "challenge", id.String(), "method", chall.Method)
+	lg.Info("new challenge issued", "challenge", id.String())
 	return &chall, err
 }
@@ -498,11 +491,7 @@ func (s *Server) PassChallenge(w http.ResponseWriter, r *http.Request) {
 	chall, err := s.getChallenge(r)
 	if err != nil {
 		lg.Error("getChallenge failed", "err", err)
-		algorithm := "unknown"
+		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), rule.Challenge.Algorithm), makeCode(err))
 		if rule.Challenge != nil {
 			algorithm = rule.Challenge.Algorithm
 		}
 		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), algorithm), makeCode(err))
 		return
 	}
@@ -649,16 +638,8 @@ func (s *Server) check(r *http.Request, lg *slog.Logger) (policy.CheckResult, *p
 		}
 		if matches {
 			challRules := t.Challenge
 			if challRules == nil {
 				// Non-CHALLENGE thresholds (ALLOW/DENY) don't have challenge config.
 				// Use an empty struct so hydrateChallengeRule can fill from stored
 				// challenge data during validation, rather than baking in defaults
 				// that could mismatch the difficulty the client actually solved for.
 				challRules = &config.ChallengeRules{}
 			}
 			return cr("threshold/"+t.Name, t.Action, weight), &policy.Bot{
-				Challenge: challRules,
+				Challenge: t.Challenge,
 				Rules:     &checker.List{},
 			}, nil
 		}
@@ -38,8 +38,8 @@ func NewTLogWriter(t *testing.T) io.Writer {
 // Write splits input on newlines and logs each line separately.
 func (w *TLogWriter) Write(p []byte) (n int, err error) {
-	lines := strings.SplitSeq(string(p), "\n")
+	lines := strings.Split(string(p), "\n")
-	for line := range lines {
+	for _, line := range lines {
 		if line != "" {
 			w.t.Log(line)
 		}
@@ -10,7 +10,6 @@ var (
 	ErrFailed        = errors.New("challenge: user failed challenge")
 	ErrMissingField  = errors.New("challenge: missing field")
 	ErrInvalidFormat = errors.New("challenge: field has invalid format")
 	ErrInvalidInput  = errors.New("challenge: input is nil or missing required fields")
 )
 func NewError(verb, publicReason string, privateReason error) *Error {
@@ -1,7 +1,6 @@
 package challenge
 import (
 	"fmt"
 	"log/slog"
 	"net/http"
 	"sort"
@@ -51,44 +50,12 @@ type IssueInput struct {
 	Store     store.Interface
 }
 func (in *IssueInput) Valid() error {
 	if in == nil {
 		return fmt.Errorf("%w: IssueInput is nil", ErrInvalidInput)
 	}
 	if in.Rule == nil {
 		return fmt.Errorf("%w: Rule is nil", ErrInvalidInput)
 	}
 	if in.Rule.Challenge == nil {
 		return fmt.Errorf("%w: Rule.Challenge is nil", ErrInvalidInput)
 	}
 	if in.Challenge == nil {
 		return fmt.Errorf("%w: Challenge is nil", ErrInvalidInput)
 	}
 	return nil
 }
 type ValidateInput struct {
 	Rule      *policy.Bot
 	Challenge *Challenge
 	Store     store.Interface
 }
 func (in *ValidateInput) Valid() error {
 	if in == nil {
 		return fmt.Errorf("%w: ValidateInput is nil", ErrInvalidInput)
 	}
 	if in.Rule == nil {
 		return fmt.Errorf("%w: Rule is nil", ErrInvalidInput)
 	}
 	if in.Rule.Challenge == nil {
 		return fmt.Errorf("%w: Rule.Challenge is nil", ErrInvalidInput)
 	}
 	if in.Challenge == nil {
 		return fmt.Errorf("%w: Challenge is nil", ErrInvalidInput)
 	}
 	return nil
 }
 type Impl interface {
 	// Setup registers any additional routes with the Impl for assets or API routes.
 	Setup(mux *http.ServeMux)
@@ -24,10 +24,6 @@ type Impl struct{}
 func (i *Impl) Setup(mux *http.ServeMux) {}
 func (i *Impl) Issue(w http.ResponseWriter, r *http.Request, lg *slog.Logger, in *challenge.IssueInput) (templ.Component, error) {
 	if err := in.Valid(); err != nil {
 		return nil, err
 	}
 	u, err := r.URL.Parse(anubis.BasePrefix + "/.within.website/x/cmd/anubis/api/pass-challenge")
 	if err != nil {
 		return nil, fmt.Errorf("can't render page: %w", err)
@@ -53,10 +49,6 @@ func (i *Impl) Issue(w http.ResponseWriter, r *http.Request, lg *slog.Logger, in
 }
 func (i *Impl) Validate(r *http.Request, lg *slog.Logger, in *challenge.ValidateInput) error {
 	if err := in.Valid(); err != nil {
 		return challenge.NewError("validate", "invalid input", err)
 	}
 	wantTime := in.Challenge.IssuedAt.Add(time.Duration(in.Rule.Challenge.Difficulty) * 800 * time.Millisecond)
 	if time.Now().Before(wantTime) {
@@ -39,10 +39,6 @@ type impl struct{}
 func (i *impl) Setup(mux *http.ServeMux) {}
 func (i *impl) Issue(w http.ResponseWriter, r *http.Request, lg *slog.Logger, in *challenge.IssueInput) (templ.Component, error) {
 	if err := in.Valid(); err != nil {
 		return nil, err
 	}
 	u, err := r.URL.Parse(anubis.BasePrefix + "/.within.website/x/cmd/anubis/api/pass-challenge")
 	if err != nil {
 		return nil, fmt.Errorf("can't render page: %w", err)
@@ -61,10 +57,6 @@ func (i *impl) Issue(w http.ResponseWriter, r *http.Request, lg *slog.Logger, in
 }
 func (i *impl) Validate(r *http.Request, lg *slog.Logger, in *challenge.ValidateInput) error {
 	if err := in.Valid(); err != nil {
 		return challenge.NewError("validate", "invalid input", err)
 	}
 	wantTime := in.Challenge.IssuedAt.Add(time.Duration(in.Rule.Challenge.Difficulty) * 80 * time.Millisecond)
 	if time.Now().Before(wantTime) {
@@ -33,10 +33,6 @@ func (i *Impl) Issue(w http.ResponseWriter, r *http.Request, lg *slog.Logger, in
 }
 func (i *Impl) Validate(r *http.Request, lg *slog.Logger, in *chall.ValidateInput) error {
 	if err := in.Valid(); err != nil {
 		return chall.NewError("validate", "invalid input", err)
 	}
 	rule := in.Rule
 	challenge := in.Challenge.RandomData
@@ -7,12 +7,13 @@ import (
 templ page(localizer *localization.SimpleLocalizer) {
 	<div class="centered-div">
-		<img style="display:none;" src={ anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=" + anubis.Version }/>
+		<img id="image" style="width:100%;max-width:256px;" src={ anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=" + anubis.Version }/>
-		<div id="app">
+		<img style="display:none;" style="width:100%;max-width:256px;" src={ anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=" + anubis.Version }/>
-			<img style="width:100%;max-width:256px;" src={ anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=" + anubis.Version }/>
+		<p id="status">{ localizer.T("loading") }</p>
 			<p id="status">{ localizer.T("loading") }</p>
 		</div>
 		<script async type="module" src={ anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=" + anubis.Version }></script>
 		<div id="progress" role="progressbar" aria-labelledby="status">
 			<div class="bar-inner"></div>
 		</div>
 		<details>
 			if anubis.UseSimplifiedExplanation {
 				<p>
@@ -34,27 +34,27 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			templ_7745c5c3_Var1 = templ.NopComponent
 		}
 		ctx = templ.ClearChildren(ctx)
-		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 1, "<div class=\"centered-div\"><img style=\"display:none;\" src=\"")
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 1, "<div class=\"centered-div\"><img id=\"image\" style=\"width:100%;max-width:256px;\" src=\"")
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
 		var templ_7745c5c3_Var2 string
-		templ_7745c5c3_Var2, templ_7745c5c3_Err = templ.JoinStringErrs(anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=" + anubis.Version)
+		templ_7745c5c3_Var2, templ_7745c5c3_Err = templ.JoinStringErrs(anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=" + anubis.Version)
 		if templ_7745c5c3_Err != nil {
-			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 10, Col: 138}
+			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 10, Col: 165}
 		}
 		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var2))
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
-		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 2, "\"><div id=\"app\"><img style=\"width:100%;max-width:256px;\" src=\"")
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 2, "\"> <img style=\"display:none;\" style=\"width:100%;max-width:256px;\" src=\"")
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
 		var templ_7745c5c3_Var3 string
-		templ_7745c5c3_Var3, templ_7745c5c3_Err = templ.JoinStringErrs(anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/pensive.webp?cacheBuster=" + anubis.Version)
+		templ_7745c5c3_Var3, templ_7745c5c3_Err = templ.JoinStringErrs(anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/img/happy.webp?cacheBuster=" + anubis.Version)
 		if templ_7745c5c3_Err != nil {
-			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 12, Col: 155}
+			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 11, Col: 174}
 		}
 		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var3))
 		if templ_7745c5c3_Err != nil {
@@ -67,26 +67,26 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 		var templ_7745c5c3_Var4 string
 		templ_7745c5c3_Var4, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("loading"))
 		if templ_7745c5c3_Err != nil {
-			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 13, Col: 42}
+			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 12, Col: 41}
 		}
 		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var4))
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
-		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 4, "</p></div><script async type=\"module\" src=\"")
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 4, "</p><script async type=\"module\" src=\"")
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
 		var templ_7745c5c3_Var5 string
 		templ_7745c5c3_Var5, templ_7745c5c3_Err = templ.JoinStringErrs(anubis.BasePrefix + "/.within.website/x/cmd/anubis/static/js/main.mjs?cacheBuster=" + anubis.Version)
 		if templ_7745c5c3_Err != nil {
-			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 15, Col: 136}
+			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 13, Col: 136}
 		}
 		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var5))
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
-		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 5, "\"></script><details>")
+		templ_7745c5c3_Err = templruntime.WriteString(templ_7745c5c3_Buffer, 5, "\"></script><div id=\"progress\" role=\"progressbar\" aria-labelledby=\"status\"><div class=\"bar-inner\"></div></div><details>")
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
@@ -98,7 +98,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			var templ_7745c5c3_Var6 string
 			templ_7745c5c3_Var6, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("simplified_explanation"))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 19, Col: 44}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 20, Col: 44}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var6))
 			if templ_7745c5c3_Err != nil {
@@ -116,7 +116,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			var templ_7745c5c3_Var7 string
 			templ_7745c5c3_Var7, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("ai_companies_explanation"))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 23, Col: 46}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 24, Col: 46}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var7))
 			if templ_7745c5c3_Err != nil {
@@ -129,7 +129,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			var templ_7745c5c3_Var8 string
 			templ_7745c5c3_Var8, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("anubis_compromise"))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 26, Col: 39}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 27, Col: 39}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var8))
 			if templ_7745c5c3_Err != nil {
@@ -142,7 +142,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			var templ_7745c5c3_Var9 string
 			templ_7745c5c3_Var9, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("hack_purpose"))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 29, Col: 34}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 30, Col: 34}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var9))
 			if templ_7745c5c3_Err != nil {
@@ -155,7 +155,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 			var templ_7745c5c3_Var10 string
 			templ_7745c5c3_Var10, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("jshelter_note"))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 32, Col: 35}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 33, Col: 35}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var10))
 			if templ_7745c5c3_Err != nil {
@@ -173,7 +173,7 @@ func page(localizer *localization.SimpleLocalizer) templ.Component {
 		var templ_7745c5c3_Var11 string
 		templ_7745c5c3_Var11, templ_7745c5c3_Err = templ.JoinStringErrs(localizer.T("javascript_required"))
 		if templ_7745c5c3_Err != nil {
-			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 38, Col: 40}
+			return templ.Error{Err: templ_7745c5c3_Err, FileName: `proofofwork.templ`, Line: 39, Col: 40}
 		}
 		_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var11))
 		if templ_7745c5c3_Err != nil {
@@ -30,62 +30,6 @@ func mkRequest(t *testing.T, values map[string]string) *http.Request {
 	return req
 }
 // TestValidateNilRuleChallenge reproduces the panic from
 // https://github.com/TecharoHQ/anubis/issues/1463
 //
 // When a threshold rule matches during PassChallenge, check() can return
 // a policy.Bot with Challenge == nil. After hydrateChallengeRule fails to
 // run (or the error path hits before it), Validate dereferences
 // rule.Challenge.Difficulty and panics.
 func TestValidateNilRuleChallenge(t *testing.T) {
 	i := &Impl{Algorithm: "fast"}
 	lg := slog.With()
 	// This is the exact response for SHA256("hunter" + "0") with 0 leading zeros required.
 	const challengeStr = "hunter"
 	const response = "2652bdba8fb4d2ab39ef28d8534d7694c557a4ae146c1e9237bd8d950280500e"
 	req := mkRequest(t, map[string]string{
 		"nonce":       "0",
 		"elapsedTime": "69",
 		"response":    response,
 	})
 	for _, tc := range []struct {
 		name  string
 		input *challenge.ValidateInput
 	}{
 		{
 			name: "nil-rule-challenge",
 			input: &challenge.ValidateInput{
 				Rule:      &policy.Bot{},
 				Challenge: &challenge.Challenge{RandomData: challengeStr},
 			},
 		},
 		{
 			name: "nil-rule",
 			input: &challenge.ValidateInput{
 				Challenge: &challenge.Challenge{RandomData: challengeStr},
 			},
 		},
 		{
 			name:  "nil-challenge",
 			input: &challenge.ValidateInput{Rule: &policy.Bot{Challenge: &config.ChallengeRules{Algorithm: "fast"}}},
 		},
 		{
 			name:  "nil-input",
 			input: nil,
 		},
 	} {
 		t.Run(tc.name, func(t *testing.T) {
 			err := i.Validate(req, lg, tc.input)
 			if !errors.Is(err, challenge.ErrInvalidInput) {
 				t.Fatalf("expected ErrInvalidInput, got: %v", err)
 			}
 		})
 	}
 }
 func TestBasic(t *testing.T) {
 	i := &Impl{Algorithm: "fast"}
 	bot := &policy.Bot{
@@ -228,8 +228,8 @@ type ImportStatement struct {
 }
 func (is *ImportStatement) open() (fs.File, error) {
-	if after, ok := strings.CutPrefix(is.Import, "(data)/"); ok {
+	if strings.HasPrefix(is.Import, "(data)/") {
-		fname := after
+		fname := strings.TrimPrefix(is.Import, "(data)/")
 		fin, err := data.BotPolicies.Open(fname)
 		return fin, err
 	}
@@ -325,7 +325,7 @@ func (sc StatusCodes) Valid() error {
 }
 type fileConfig struct {
-	OpenGraph   openGraphFileConfig `json:"openGraph"`
+	OpenGraph   openGraphFileConfig `json:"openGraph,omitempty"`
 	Impressum   *Impressum          `json:"impressum,omitempty"`
 	Store       *Store              `json:"store"`
 	Bots        []BotOrImport       `json:"bots"`
@@ -188,6 +188,7 @@ func TestBotValid(t *testing.T) {
 	}
 	for _, cs := range tests {
 		cs := cs
 		t.Run(cs.name, func(t *testing.T) {
 			err := cs.bot.Valid()
 			if err == nil && cs.err == nil {
@@ -215,6 +216,7 @@ func TestConfigValidKnownGood(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			fin, err := os.Open(filepath.Join("testdata", "good", st.Name()))
 			if err != nil {
@@ -301,6 +303,7 @@ func TestConfigValidBad(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			fin, err := os.Open(filepath.Join("testdata", "bad", st.Name()))
 			if err != nil {
@@ -24,6 +24,7 @@ func TestBadConfigs(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			if _, err := LoadPoliciesOrDefault(t.Context(), filepath.Join("config", "testdata", "bad", st.Name()), anubis.DefaultDifficulty, "info"); err == nil {
 				t.Fatal(err)
@@ -41,6 +42,7 @@ func TestGoodConfigs(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			t.Run("with-thoth", func(t *testing.T) {
 				ctx := thothmock.WithMockThoth(t)
@@ -182,7 +182,10 @@ func makeCode(err error) string {
 	enc := base64.StdEncoding.EncodeToString(buf.Bytes())
 	var builder strings.Builder
 	for i := 0; i < len(enc); i += width {
-		end := min(i+width, len(enc))
+		end := i + width
 		if end > len(enc) {
 			end = len(enc)
 		}
 		builder.WriteString(enc[i:end])
 		builder.WriteByte('\n')
 	}
@@ -219,12 +222,8 @@ func (s *Server) RenderIndex(w http.ResponseWriter, r *http.Request, cr policy.C
 	chall, err := s.issueChallenge(r.Context(), r, lg, cr, rule)
 	if err != nil {
 		lg.Error("can't get challenge", "err", err)
 		algorithm := "unknown"
 		if rule.Challenge != nil {
 			algorithm = rule.Challenge.Algorithm
 		}
 		s.ClearCookie(w, CookieOpts{Name: anubis.TestCookieName, Host: r.Host})
-		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), algorithm), makeCode(err))
+		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), rule.Challenge.Algorithm), makeCode(err))
 		return
 	}
@@ -249,13 +248,9 @@ func (s *Server) RenderIndex(w http.ResponseWriter, r *http.Request, cr policy.C
 	impl, ok := challenge.Get(chall.Method)
 	if !ok {
-		algorithm := "unknown"
+		lg.Error("check failed", "err", "can't get algorithm", "algorithm", rule.Challenge.Algorithm)
 		if rule.Challenge != nil {
 			algorithm = rule.Challenge.Algorithm
 		}
 		lg.Error("check failed", "err", "can't get algorithm", "algorithm", algorithm)
 		s.ClearCookie(w, CookieOpts{Name: anubis.TestCookieName, Host: r.Host})
-		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), algorithm), makeCode(err))
+		s.respondWithError(w, r, fmt.Sprintf("%s: %s", localizer.T("internal_server_error"), rule.Challenge.Algorithm), makeCode(err))
 		return
 	}
@@ -338,14 +333,7 @@ func (s *Server) respondWithError(w http.ResponseWriter, r *http.Request, messag
 func (s *Server) respondWithStatus(w http.ResponseWriter, r *http.Request, msg, code string, status int) {
 	localizer := localization.GetLocalizer(r)
-	component := web.Base(
+	templ.Handler(web.Base(localizer.T("oh_noes"), web.ErrorPage(msg, s.opts.WebmasterEmail, code, localizer), s.policy.Impressum, localizer), templ.WithStatus(status)).ServeHTTP(w, r)
 		localizer.T("oh_noes"),
 		web.ErrorPage(msg, s.opts.WebmasterEmail, code, localizer),
 		s.policy.Impressum,
 		localizer,
 	)
 	handler := internal.NoStoreCache(templ.Handler(component, templ.WithStatus(status)))
 	handler.ServeHTTP(w, r)
 }
 func (s *Server) ServeHTTP(w http.ResponseWriter, r *http.Request) {
@@ -7,7 +7,6 @@ import (
 	"testing"
 	"github.com/TecharoHQ/anubis"
 	"github.com/TecharoHQ/anubis/internal"
 	"github.com/TecharoHQ/anubis/lib/policy"
 )
@@ -192,34 +191,3 @@ func TestRenderIndexUnauthorized(t *testing.T) {
 		t.Errorf("expected body %q, got %q", "Authorization required", body)
 	}
 }
 func TestNoCacheOnError(t *testing.T) {
 	pol := loadPolicies(t, "testdata/useragent.yaml", 0)
 	srv := spawnAnubis(t, Options{Policy: pol})
 	ts := httptest.NewServer(internal.RemoteXRealIP(true, "tcp", srv))
 	defer ts.Close()
 	for userAgent, expectedCacheControl := range map[string]string{
 		"DENY":      "no-store",
 		"CHALLENGE": "no-store",
 		"ALLOW":     "",
 	} {
 		t.Run(userAgent, func(t *testing.T) {
 			req, err := http.NewRequest(http.MethodGet, ts.URL, nil)
 			if err != nil {
 				t.Fatal(err)
 			}
 			req.Header.Set("User-Agent", userAgent)
 			resp, err := ts.Client().Do(req)
 			if err != nil {
 				t.Fatal(err)
 			}
 			if resp.Header.Get("Cache-Control") != expectedCacheControl {
 				t.Errorf("wanted Cache-Control header %q, got %q", expectedCacheControl, resp.Header.Get("Cache-Control"))
 			}
 		})
 	}
 }
@@ -62,6 +62,5 @@
  "js_finished_reading": "Čtení dokončeno, pokračovat →",
  "js_calculation_error": "Chyba výpočtu!",
  "js_calculation_error_msg": "Nepodařilo se vypočítat výzvu:",
-  "missing_required_forwarded_headers": "Chybějící požadované hlavičky X-Forwarded-*",
+  "missing_required_forwarded_headers": "Chybějící požadované hlavičky X-Forwarded-*"
  "js_challenge_data_missing": "Data pro ověření chybí. Načtěte prosím stránku znovu."
 }
@@ -62,6 +62,5 @@
  "js_iterations": "Iterationen",
  "js_finished_reading": "Fertig gelesen – weiter zur Seite →",
  "js_calculation_error": "Berechnungsfehler!",
-  "js_calculation_error_msg": "Fehler bei der Berechnung der Prüfung:",
+  "js_calculation_error_msg": "Fehler bei der Berechnung der Prüfung:"
  "js_challenge_data_missing": "Die Prüfungsdaten fehlen. Bitte laden Sie die Seite neu."
 }
@@ -62,6 +62,5 @@
  "js_iterations": "iterations",
  "js_finished_reading": "I've finished reading, continue →",
  "js_calculation_error": "Calculation error!",
-  "js_calculation_error_msg": "Failed to calculate challenge:",
+  "js_calculation_error_msg": "Failed to calculate challenge:"
  "js_challenge_data_missing": "Challenge data is missing. Please reload the page."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "¡Error de cálculo!",
  "js_calculation_error_msg": "Falló al calcular el desafío:",
  "missing_required_forwarded_headers": "Faltan los encabezados X-Forwarded-* requeridos",
-  "simplified_explanation": "Esta es una medida contra bots y solicitudes maliciosas similar a un CAPTCHA. Sin embargo, en lugar de tener que hacer el trabajo usted mismo, a su navegador se le asigna una tarea de cálculo que debe resolver para garantizar que es un cliente válido. Este concepto se llama <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Prueba de trabajo</a>. La tarea se calcula en unos segundos y se le concede acceso al sitio web. Gracias por su comprensión y paciencia.",
+  "simplified_explanation": "Esta es una medida contra bots y solicitudes maliciosas similar a un CAPTCHA. Sin embargo, en lugar de tener que hacer el trabajo usted mismo, a su navegador se le asigna una tarea de cálculo que debe resolver para garantizar que es un cliente válido. Este concepto se llama <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Prueba de trabajo</a>. La tarea se calcula en unos segundos y se le concede acceso al sitio web. Gracias por su comprensión y paciencia."
  "js_challenge_data_missing": "Faltan los datos del desafío. Por favor, recargue la página."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Arvutamise viga!",
  "js_calculation_error_msg": "Ei suutnud kontrolli arvutada:",
  "missing_required_forwarded_headers": "Puuduvad nõutud X-Forwarded-* päised",
-  "simplified_explanation": "See on meede robotite ja pahatahtlike päringute vastu, mis sarnaneb CAPTCHA-le. Kuid selle asemel, et peaksite ise tööd tegema, antakse teie brauserile arvutusülesanne, mille see peab lahendama, et tagada selle kehtivus kliendina. Seda kontseptsiooni nimetatakse <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Töötõendiks</a>. Ülesanne arvutatakse mõne sekundiga ja teile antakse juurdepääs veebisaidile. Täname teid mõistva suhtumise ja kannatlikkuse eest.",
+  "simplified_explanation": "See on meede robotite ja pahatahtlike päringute vastu, mis sarnaneb CAPTCHA-le. Kuid selle asemel, et peaksite ise tööd tegema, antakse teie brauserile arvutusülesanne, mille see peab lahendama, et tagada selle kehtivus kliendina. Seda kontseptsiooni nimetatakse <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Töötõendiks</a>. Ülesanne arvutatakse mõne sekundiga ja teile antakse juurdepääs veebisaidile. Täname teid mõistva suhtumise ja kannatlikkuse eest."
  "js_challenge_data_missing": "Kontrollülesande andmed puuduvad. Palun laadige leht uuesti."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Laskentavirhe!",
  "js_calculation_error_msg": "Haasteen laskenta ei onnistunut:",
  "missing_required_forwarded_headers": "Puuttuvat vaaditut X-Forwarded-* otsikot",
-  "simplified_explanation": "Tämä on toimenpide botteja ja haitallisia pyyntöjä vastaan, joka on samanlainen kuin CAPTCHA. Sen sijaan, että joutuisit tekemään työtä itse, selaimesi saa laskentatehtävän, joka sen on ratkaistava varmistaakseen, että se on kelvollinen asiakas. Tätä käsitettä kutsutaan nimellä <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Työtodistus</a>. Tehtävä lasketaan muutamassa sekunnissa ja saat pääsyn verkkosivustolle. Kiitos ymmärryksestäsi ja kärsivällisyydestäsi.",
+  "simplified_explanation": "Tämä on toimenpide botteja ja haitallisia pyyntöjä vastaan, joka on samanlainen kuin CAPTCHA. Sen sijaan, että joutuisit tekemään työtä itse, selaimesi saa laskentatehtävän, joka sen on ratkaistava varmistaakseen, että se on kelvollinen asiakas. Tätä käsitettä kutsutaan nimellä <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Työtodistus</a>. Tehtävä lasketaan muutamassa sekunnissa ja saat pääsyn verkkosivustolle. Kiitos ymmärryksestäsi ja kärsivällisyydestäsi."
  "js_challenge_data_missing": "Haastetiedot puuttuvat. Lataa sivu uudelleen."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Error sa pagkalkula!",
  "js_calculation_error_msg": "Nabigong ikalkula ang hamon:",
  "missing_required_forwarded_headers": "Nawawala ang kinakailangang X-Forwarded-* na mga header",
-  "simplified_explanation": "Ito ay isang panukala laban sa mga bot at malisyosong mga kahilingan na katulad ng isang CAPTCHA. Gayunpaman, sa halip na ikaw mismo ang gumawa ng trabaho, binibigyan ang iyong browser ng isang gawain sa pagkalkula na kailangan nitong lutasin upang matiyak na ito ay isang wastong kliyente. Ang konseptong ito ay tinatawag na <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Ang gawain ay kinakalkula sa loob ng ilang segundo at binibigyan ka ng access sa website. Salamat sa iyong pag-unawa at pasensya.",
+  "simplified_explanation": "Ito ay isang panukala laban sa mga bot at malisyosong mga kahilingan na katulad ng isang CAPTCHA. Gayunpaman, sa halip na ikaw mismo ang gumawa ng trabaho, binibigyan ang iyong browser ng isang gawain sa pagkalkula na kailangan nitong lutasin upang matiyak na ito ay isang wastong kliyente. Ang konseptong ito ay tinatawag na <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Ang gawain ay kinakalkula sa loob ng ilang segundo at binibigyan ka ng access sa website. Salamat sa iyong pag-unawa at pasensya."
  "js_challenge_data_missing": "Nawawala ang data ng hamon. Mangyaring i-reload ang pahina."
 }
@@ -1,67 +1,66 @@
 {
  "loading": "Chargement...",
-  "why_am_i_seeing": "Comment suis-je arrivé·e ici ?",
+  "why_am_i_seeing": "Pourquoi je vois ceci ?",
  "protected_by": "Protégé par",
-  "protected_from": "de",
+  "protected_from": "From",
  "made_with": "Fait avec ❤️ au 🇨🇦",
  "mascot_design": "Design de la mascotte par",
-  "ai_companies_explanation": "Vous voyez cette page car l'administrateur·rice de ce site Web a configuré Anubis pour protéger le serveur contre le fléau des entreprises d'IA qui récupèrent agressivement le contenu des sites Web. Cela perturbe leur fonctionnement et rend leurs ressources inaccessibles pour tout le monde.",
+  "ai_companies_explanation": "Vous voyez ceci car l'administrateur de ce site web a configuré Anubis pour protéger le serveur contre le fléau des entreprises d'IA qui scrapent agressivement les sites web. Cela peut et cause des temps d'arrêt pour les sites web, ce qui rend leurs ressources inaccessibles pour tout le monde.",
-  "anubis_compromise": "Anubis est un compromis. Anubis utilise un procédé de preuve de travail similaire à Hashcash, un procédé de preuve de travail proposé pour réduire le spam par e-mail. L'idée est qu'à l'échelle individuelle, la charge supplémentaire est négligeable, mais à l'échelle des scrapers de masse, la charge s'accumule et le scraping devient beaucoup plus coûteux.",
+  "anubis_compromise": "Anubis est un compromis. Anubis utilise un schéma de Preuve de Travail dans la veine de Hashcash, un schéma de preuve de travail proposé pour réduire le spam par email. L'idée est qu'à l'échelle individuelle, la charge supplémentaire est négligeable, mais à l'échelle des scrapers de masse, cela s'accumule et rend le scraping beaucoup plus coûteux.",
-  "hack_purpose": "En fin de compte, il s'agit d'une solution de substitution permettant de consacrer plus de temps à l'identification et à la prise d'empreintes des navigateurs headless (par exemple, en reconnaissant leur rendu des polices), pour que, à terme, la page de défi utilisant la preuve de travail n'ait plus besoin d'être présentée aux utilisateur·rices qui sont beaucoup plus susceptibles d'être légitimes.",
+  "hack_purpose": "En fin de compte, il s'agit d'une solution de substitution afin de consacrer plus de temps à l'identification et à l'empreinte digitale des navigateurs sans tête (par exemple, via leur rendu de police) afin que la page de preuve de travail du défi n'ait pas besoin d'être présentée aux utilisateurs qui sont beaucoup plus susceptibles d'être légitimes.",
-  "jshelter_note": "Veuillez noter qu'Anubis nécessite l'utilisation de fonctionnalités JavaScript modernes qui peuvent être désactivées par des plugins comme JShelter. Veuillez désactiver JShelter ou tout autre plugin similaire pour ce domaine.",
+  "jshelter_note": "Veuillez noter qu'Anubis nécessite l'utilisation de fonctionnalités JavaScript modernes que des plugins comme JShelter désactiveront. Veuillez désactiver JShelter ou d'autres plugins similaires pour ce domaine.",
-  "version_info": "Ce site Web utilise Anubis version",
+  "version_info": "Ce site web utilise Anubis version",
  "try_again": "Réessayer",
  "go_home": "Accueil",
-  "contact_webmaster": "ou si vous pensez que vous ne devriez pas être bloqué, veuillez contacter le webmaster à l'adresse",
+  "contact_webmaster": "ou si vous pensez que vous ne devriez pas être bloqué, veuillez contacter le webmaster à",
  "connection_security": "Veuillez patienter un instant pendant que nous assurons la sécurité de votre connexion.",
-  "javascript_required": "Malheureusement, vous devez activer JavaScript pour passer cette page de défi. Cette obligation est imposée par les entreprises d'IA, qui ont décidé de modifier unilatéralement les termes du contrat social régissant l'hébergement de sites Web. Une solution sans JavaScript est en cours de développement.",
+  "javascript_required": "Malheureusement, vous devez activer JavaScript pour passer ce défi. Ceci est requis car les entreprises d'IA ont changé le contrat social autour du fonctionnement de l'hébergement de sites web. Une solution sans JS est en cours de développement.",
  "benchmark_requires_js": "L'exécution de l'outil de benchmark nécessite l'activation de JavaScript.",
-  "difficulty": "Difficulté :",
+  "difficulty": "Difficulté :",
-  "algorithm": "Algorithme :",
+  "algorithm": "Algorithme :",
-  "compare": "Comparer :",
+  "compare": "Comparer :",
  "time": "Temps",
  "iters": "Itérations",
  "time_a": "Temps A",
  "iters_a": "Itér. A",
  "time_b": "Temps B",
  "iters_b": "Itér. B",
-  "static_check_endpoint": "Ceci est juste un point de terminaison de vérification à utiliser par votre proxy inverse.",
+  "static_check_endpoint": "Ceci est juste un point de terminaison de vérification pour votre proxy inverse à utiliser.",
  "authorization_required": "Autorisation requise",
-  "cookies_disabled": "Les cookies sont désactivés dans votre navigateur. Anubis a recours aux cookies pour l'intérêt légitime de s'assurer que vous êtes un client valide. Veuillez activer les cookies pour ce domaine.",
+  "cookies_disabled": "Votre navigateur est configuré pour désactiver les cookies. Anubis nécessite des cookies pour l'intérêt légitime de s'assurer que vous êtes un client valide. Veuillez activer les cookies pour ce domaine",
-  "access_denied": "Accès refusé : code d'erreur",
+  "access_denied": "Accès refusé : code d'erreur",
-  "dronebl_entry": "DroneBL a rapporté une entrée",
+  "dronebl_entry": "DroneBL a signalé une entrée",
  "see_dronebl_lookup": "voir",
-  "internal_server_error": "Erreur interne du serveur : l'administrateur·rice a mal configuré Anubis. Veuillez contacter l'administrateur·rice et lui demander de consulter les logs autour de",
+  "internal_server_error": "Erreur interne du serveur : l'administrateur a mal configuré Anubis. Veuillez contacter l'administrateur et lui demander de consulter les logs autour de",
  "invalid_redirect": "Redirection invalide",
  "redirect_not_parseable": "URL de redirection non analysable",
  "redirect_domain_not_allowed": "Domaine de redirection non autorisé",
-  "failed_to_sign_jwt": "échec de la signature du JWT",
+  "failed_to_sign_jwt": "échec de la signature JWT",
  "invalid_invocation": "Invocation invalide de MakeChallenge",
-  "client_error_browser": "Erreur client : Veuillez vous assurer que votre navigateur est à jour et réessayez plus tard.",
+  "client_error_browser": "Erreur client : Veuillez vous assurer que votre navigateur est à jour et réessayez plus tard.",
-  "oh_noes": "Oh non !",
+  "oh_noes": "Oh non !",
-  "benchmarking_anubis": "Je vérifie les performances d'Anubis !",
+  "benchmarking_anubis": "Test de performance d'Anubis !",
-  "you_are_not_a_bot": "Vous n'êtes pas un robot !",
+  "you_are_not_a_bot": "Vous n'êtes pas un robot !",
-  "making_sure_not_bot": "Je m'assure que vous n'êtes pas un robot !",
+  "making_sure_not_bot": "Vérification que vous n'êtes pas un robot !",
-  "celphase": "CELPHASE",
+  "celphase": "PHASE de CEL",
-  "js_web_crypto_error": "L'élément web.crypto de votre navigateur n'est pas fonctionnel. Consultez-vous bien cette page dans un contexte sécurisé ?",
+  "js_web_crypto_error": "Votre navigateur n'a pas d'élément web.crypto fonctionnel. Consultez-vous cette page dans un contexte sécurisé ?",
-  "js_web_workers_error": "Votre navigateur ne prend pas en charge les web workers (Anubis les utilise pour éviter de bloquer votre navigateur). Avez-vous installé un plugin comme JShelter ?",
+  "js_web_workers_error": "Votre navigateur ne prend pas en charge les web workers (Anubis les utilise pour éviter de bloquer votre navigateur). Avez-vous un plugin comme JShelter installé ?",
-  "js_cookies_error": "Votre navigateur ne stocke pas les cookies. Anubis a recours aux cookies pour déterminer quels clients ont réussi les défis en stockant un jeton signé dans un cookie. Veuillez activer le stockage des cookies pour ce domaine. Le nom des cookies stockés par Anubis peut varier à tout moment. Le nom et la valeur des cookies ne font pas partie de l'API publique.",
+  "js_cookies_error": "Votre navigateur ne stocke pas les cookies. Anubis utilise des cookies pour déterminer quels clients ont réussi les défis en stockant un jeton signé dans un cookie. Veuillez activer le stockage des cookies pour ce domaine. Les noms des cookies qu'Anubis stocke peuvent varier sans préavis. Les noms et valeurs des cookies ne font pas partie de l'API publique.",
-  "js_context_not_secure": "Votre contexte n'est pas sécurisé !",
+  "js_context_not_secure": "Votre contexte n'est pas sécurisé !",
-  "js_context_not_secure_msg": "Essayez de vous connecter via HTTPS ou demandez à l'administrateur·rice de configurer HTTPS. Pour plus d'informations, consultez <a href=\"https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts#when_is_a_context_considered_secure\">MDN</a>.",
+  "js_context_not_secure_msg": "Essayez de vous connecter via HTTPS ou informez l'administrateur de configurer HTTPS. Pour plus d'informations, voir <a href=\"https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts#when_is_a_context_considered_secure\">MDN</a>.",
  "js_calculating": "Calcul en cours...",
  "js_missing_feature": "Fonctionnalité manquante",
-  "js_challenge_error": "Erreur de défi !",
+  "js_challenge_error": "Erreur de défi !",
  "js_challenge_error_msg": "Échec de la résolution de l'algorithme de vérification. Vous pouvez essayer de recharger la page.",
-  "js_calculating_difficulty": "Calcul en cours...<br/>Difficulté :",
+  "js_calculating_difficulty": "Calcul en cours...<br/>Difficulté :",
-  "js_speed": "Vitesse :",
+  "js_speed": "Vitesse :",
  "js_verification_longer": "La vérification prend plus de temps que prévu. Veuillez ne pas actualiser la page.",
-  "js_success": "Vérification réussie !",
+  "js_success": "Succès !",
-  "js_done_took": "Terminé ! Cela aura nécessité",
+  "js_done_took": "Terminé ! A pris",
  "js_iterations": "itérations",
-  "js_finished_reading": "J'ai fini de lire, continuer →",
+  "js_finished_reading": "J'ai fini de lire, continuer →",
-  "js_calculation_error": "Erreur de calcul !",
+  "js_calculation_error": "Erreur de calcul !",
-  "js_calculation_error_msg": "Échec du calcul du défi :",
+  "js_calculation_error_msg": "Échec du calcul du défi :",
-  "missing_required_forwarded_headers": "En-têtes X-Forwarded-* manquants",
+  "missing_required_forwarded_headers": "En-têtes X-Forwarded-* requis manquants",
-  "simplified_explanation": "Ceci est une mesure contre les robots et les requêtes malveillantes, similaire à un CAPTCHA. Cependant, au lieu d'avoir à faire le travail vous-même, votre navigateur se voit confier une tâche de calcul qu'il doit résoudre pour confirmer qu'il est un client valide. Ce concept est nommé <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Preuve de travail</a>. La tâche s'effectue en quelques secondes, puis vous avez accès au site Web. Merci pour votre compréhension et votre patience.",
+  "simplified_explanation": "Il s'agit d'une mesure contre les robots et les requêtes malveillantes similaire à un CAPTCHA. Cependant, au lieu d'avoir à faire le travail vous-même, votre navigateur se voit confier une tâche de calcul qu'il doit résoudre pour s'assurer qu'il est un client valide. Ce concept s'appelle <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Preuve de travail</a>. La tâche est calculée en quelques secondes et vous avez accès au site Web. Merci de votre compréhension et de votre patience."
  "js_challenge_data_missing": "Les données du défi sont manquantes. Veuillez recharger la page."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Reiknivilla!",
  "js_calculation_error_msg": "Mistókst að reikna áskorun:",
  "missing_required_forwarded_headers": "Vantar nauðsynleg X-Forwarded-* hausar",
-  "simplified_explanation": "Þetta er ráðstöfun gegn vélmennum og illa meinandi beiðnum, sem virkar svipað og CAPTCHA-mennskupróf. Hins vegar; í stað þess að þurfa að vinna sjálfur, fær vafrinn þinn útreikningsverkefni sem hann þarf að leysa til að tryggja að hann sé gildur biðlari. Þetta hugtak er kallað <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Sönnun-á-vinnu</a>. Verkefnið er reiknað á nokkrum sekúndum og þú færð aðgang að vefsíðunni. Takk fyrir skilninginn og þolinmæðina.",
+  "simplified_explanation": "Þetta er ráðstöfun gegn vélmennum og illa meinandi beiðnum, sem virkar svipað og CAPTCHA-mennskupróf. Hins vegar; í stað þess að þurfa að vinna sjálfur, fær vafrinn þinn útreikningsverkefni sem hann þarf að leysa til að tryggja að hann sé gildur biðlari. Þetta hugtak er kallað <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Sönnun-á-vinnu</a>. Verkefnið er reiknað á nokkrum sekúndum og þú færð aðgang að vefsíðunni. Takk fyrir skilninginn og þolinmæðina."
  "js_challenge_data_missing": "Áskorunargögn vantar. Vinsamlegast endurhlaðið síðuna."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Errore nel calcolo!",
  "js_calculation_error_msg": "Impossibile superare il test:",
  "missing_required_forwarded_headers": "Mancano gli header X-Forwarded-* richiesti",
-  "simplified_explanation": "Questa è una misura contro bot e richieste dannose simile a un CAPTCHA. Tuttavia, invece di dover lavorare tu stesso, al tuo browser viene assegnato un compito di calcolo che deve risolvere per garantire che sia un client valido. Questo concetto è chiamato <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Il compito viene calcolato in pochi secondi e ti viene concesso l'accesso al sito web. Grazie per la tua comprensione e pazienza.",
+  "simplified_explanation": "Questa è una misura contro bot e richieste dannose simile a un CAPTCHA. Tuttavia, invece di dover lavorare tu stesso, al tuo browser viene assegnato un compito di calcolo che deve risolvere per garantire che sia un client valido. Questo concetto è chiamato <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Il compito viene calcolato in pochi secondi e ti viene concesso l'accesso al sito web. Grazie per la tua comprensione e pazienza."
  "js_challenge_data_missing": "I dati della sfida sono mancanti. Ricarica la pagina."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "計算エラー！",
  "js_calculation_error_msg": "チャレンジの計算に失敗しました:",
  "missing_required_forwarded_headers": "必要な X-Forwarded-* ヘッダーがありません",
-  "simplified_explanation": "これは、CAPTCHAと同様の、ボットや悪意のあるリクエストに対する対策です。ただし、自分で作業する代わりに、ブラウザに計算タスクが与えられ、それを解決して有効なクライアントであることを確認する必要があります。この概念は<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>と呼ばれます。タスクは数秒で計算され、ウェブサイトへのアクセスが許可されます。ご理解とご協力をお願いいたします。",
+  "simplified_explanation": "これは、CAPTCHAと同様の、ボットや悪意のあるリクエストに対する対策です。ただし、自分で作業する代わりに、ブラウザに計算タスクが与えられ、それを解決して有効なクライアントであることを確認する必要があります。この概念は<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>と呼ばれます。タスクは数秒で計算され、ウェブサイトへのアクセスが許可されます。ご理解とご協力をお願いいたします。"
  "js_challenge_data_missing": "チャレンジデータがありません。ページを再読み込みしてください。"
 }
@@ -36,7 +36,7 @@
  "invalid_redirect": "Netinkamas nukreipimas",
  "redirect_not_parseable": "Nukreipimo adreso nepavyko išanalizuoti",
  "redirect_domain_not_allowed": "Nukreipimo domenas neleistinas",
-  "missing_required_forwarded_headers": "Trūksta privalomų X-Forwarded-* antraščių",
+  "missing_required_forwarded_headers": "Trūksta būtinų „X-Forwarded-*“ antraščių",
  "failed_to_sign_jwt": "nepavyko pasirašyti JWT",
  "invalid_invocation": "Netinkamas kreipinys į „MakeChallenge“",
  "client_error_browser": "Problema klientinėje dalyje: įsitikinkite, jog jūsų naršyklė nepasenusi ir bandykite dar kartą.",
@@ -63,5 +63,5 @@
  "js_finished_reading": "Viską perskaičiau, tęskime →",
  "js_calculation_error": "Skaičiavimo klaida!",
  "js_calculation_error_msg": "Nepavyko įveikti iššūkio:",
-  "js_challenge_data_missing": "Trūksta iššūkio duomenų. Prašome perkrauti puslapį."
+  "missing_required_forwarded_headers": "Trūksta privalomų X-Forwarded-* antraščių"
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Beregningsfeil!",
  "js_calculation_error_msg": "Mislyktes i å beregne utfordring:",
  "missing_required_forwarded_headers": "Mangler nødvendige X-Forwarded-* header",
-  "simplified_explanation": "Dette er et tiltak mot roboter og ondsinnede forespørsler som ligner på en CAPTCHA. Men i stedet for å måtte gjøre arbeidet selv, får nettleseren din en beregningsoppgave som den må løse for å sikre at den er en gyldig klient. Dette konseptet kalles <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Oppgaven beregnes på noen få sekunder, og du får tilgang til nettstedet. Takk for din forståelse og tålmodighet.",
+  "simplified_explanation": "Dette er et tiltak mot roboter og ondsinnede forespørsler som ligner på en CAPTCHA. Men i stedet for å måtte gjøre arbeidet selv, får nettleseren din en beregningsoppgave som den må løse for å sikre at den er en gyldig klient. Dette konseptet kalles <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a>. Oppgaven beregnes på noen få sekunder, og du får tilgang til nettstedet. Takk for din forståelse og tålmodighet."
  "js_challenge_data_missing": "Utfordringsdata mangler. Vennligst last inn siden på nytt."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Rekenfout!",
  "js_calculation_error_msg": "Uitdaging niet berekend:",
  "missing_required_forwarded_headers": "Ontbrekende vereiste X-Forwarded-* headers",
-  "simplified_explanation": "Dit is een maatregel tegen bots en kwaadwillende verzoeken, vergelijkbaar met een CAPTCHA. In plaats van dat je zelf werk moet verrichten, krijgt je browser een rekentaak die moet worden opgelost om ervoor te zorgen dat het een geldige client is. Dit concept wordt <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a> genoemd. De taak wordt in een paar seconden berekend en u krijgt toegang tot de website. Bedankt voor je begrip en geduld.",
+  "simplified_explanation": "Dit is een maatregel tegen bots en kwaadwillende verzoeken, vergelijkbaar met een CAPTCHA. In plaats van dat je zelf werk moet verrichten, krijgt je browser een rekentaak die moet worden opgelost om ervoor te zorgen dat het een geldige client is. Dit concept wordt <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Proof of Work</a> genoemd. De taak wordt in een paar seconden berekend en u krijgt toegang tot de website. Bedankt voor je begrip en geduld."
  "js_challenge_data_missing": "Uitdagingsgegevens ontbreken. Herlaad de pagina."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Rekningsfeil!",
  "js_calculation_error_msg": "Mislukkast i å rekna utfordring:",
  "missing_required_forwarded_headers": "Vantande naudsynte «X-Forwarded-*»-overskrifter",
-  "simplified_explanation": "Dette er eit tiltak mot robotar og ondsinna førespurnader som liknar på ein CAPTCHA. Men i staden for å måtte gjera arbeidet sjølv, får netlesaren din ei utrekningsoppgåve som han må løysa for å stadfesta at han er ein gyldig klient. Dette konseptet vert kalla <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">arbeidsstadfesting</a>. Oppgåva vert rekna ut på nokre få sekund, og du får tilgang til nettstaden. Takk for forståinga di og tolmodet ditt.",
+  "simplified_explanation": "Dette er eit tiltak mot robotar og ondsinna førespurnader som liknar på ein CAPTCHA. Men i staden for å måtte gjera arbeidet sjølv, får netlesaren din ei utrekningsoppgåve som han må løysa for å stadfesta at han er ein gyldig klient. Dette konseptet vert kalla <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">arbeidsstadfesting</a>. Oppgåva vert rekna ut på nokre få sekund, og du får tilgang til nettstaden. Takk for forståinga di og tolmodet ditt."
  "js_challenge_data_missing": "Utfordringsdata manglar. Last inn sida på nytt."
 }
@@ -62,6 +62,5 @@
  "js_iterations": "iteracji",
  "js_finished_reading": "Skończyłem czytać, kontynuuj →",
  "js_calculation_error": "Błąd obliczeń!",
-  "js_calculation_error_msg": "Nie udało się obliczyć zadania:",
+  "js_calculation_error_msg": "Nie udało się obliczyć zadania:"
  "js_challenge_data_missing": "Brak danych wyzwania. Proszę odświeżyć stronę."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Erro de cálculo!",
  "js_calculation_error_msg": "Falha ao calcular a validação:",
  "missing_required_forwarded_headers": "Faltam os cabeçalhos X-Forwarded-* obrigatórios",
-  "simplified_explanation": "Esta é uma medida contra bots e solicitações maliciosas, semelhante a um CAPTCHA. No entanto, em vez de você mesmo ter que fazer o trabalho, seu navegador recebe uma tarefa de cálculo que ele deve resolver para garantir que seja um cliente válido. Esse conceito é chamado de <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Prova de Trabalho</a>. A tarefa é calculada em poucos segundos e você tem acesso ao site. Obrigado pela sua compreensão e paciência.",
+  "simplified_explanation": "Esta é uma medida contra bots e solicitações maliciosas, semelhante a um CAPTCHA. No entanto, em vez de você mesmo ter que fazer o trabalho, seu navegador recebe uma tarefa de cálculo que ele deve resolver para garantir que seja um cliente válido. Esse conceito é chamado de <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Prova de Trabalho</a>. A tarefa é calculada em poucos segundos e você tem acesso ao site. Obrigado pela sua compreensão e paciência."
  "js_challenge_data_missing": "Os dados do desafio estão ausentes. Por favor, recarregue a página."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Ошибка расчёта!",
  "js_calculation_error_msg": "Не удалось рассчитать задачу:",
  "missing_required_forwarded_headers": "Отсутствуют требуемые заголовки X-Forwarded-*",
-  "simplified_explanation": "Это мера против ботов и вредоносных запросов, аналогичная CAPTCHA. Однако вместо того, чтобы вам приходилось работать самостоятельно, вашему браузеру дается задача вычисления, которую он должен решить, чтобы убедиться, что он является действительным клиентом. Эта концепция называется <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Доказательство выполнения работы</a>. Задача рассчитывается за несколько секунд, и вам предоставляется доступ к веб-сайту. Спасибо за понимание и терпение.",
+  "simplified_explanation": "Это мера против ботов и вредоносных запросов, аналогичная CAPTCHA. Однако вместо того, чтобы вам приходилось работать самостоятельно, вашему браузеру дается задача вычисления, которую он должен решить, чтобы убедиться, что он является действительным клиентом. Эта концепция называется <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Доказательство выполнения работы</a>. Задача рассчитывается за несколько секунд, и вам предоставляется доступ к веб-сайту. Спасибо за понимание и терпение."
  "js_challenge_data_missing": "Данные проверки отсутствуют. Пожалуйста, перезагрузите страницу."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Beräkningsfel!",
  "js_calculation_error_msg": "Misslyckades att kalkylera utmaning:",
  "missing_required_forwarded_headers": "Saknar nödvändiga X-Forwarded-* headers",
-  "simplified_explanation": "Detta är en åtgärd mot botar och skadliga förfrågningar som liknar en CAPTCHA. Men i stället för att du själv måste göra jobbet får din webbläsare en beräkningsuppgift som den måste lösa för att säkerställa att den är en giltig klient. Detta koncept kallas <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Arbetsbevis</a>. Uppgiften beräknas på några sekunder och du beviljas tillgång till webbplatsen. Tack för din förståelse och ditt tålamod.",
+  "simplified_explanation": "Detta är en åtgärd mot botar och skadliga förfrågningar som liknar en CAPTCHA. Men i stället för att du själv måste göra jobbet får din webbläsare en beräkningsuppgift som den måste lösa för att säkerställa att den är en giltig klient. Detta koncept kallas <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Arbetsbevis</a>. Uppgiften beräknas på några sekunder och du beviljas tillgång till webbplatsen. Tack för din förståelse och ditt tålamod."
  "js_challenge_data_missing": "Utmaningsdata saknas. Vänligen ladda om sidan."
 }
@@ -60,6 +60,5 @@
  "js_iterations": "รอบ",
  "js_finished_reading": "อ่านจบแล้ว ดำเนินการต่อ →",
  "js_calculation_error": "เกิดข้อผิดพลาดในการคำนวณ!",
-  "js_calculation_error_msg": "ไม่สามารถคำนวณการท้าทายได้:",
+  "js_calculation_error_msg": "ไม่สามารถคำนวณการท้าทายได้:"
  "js_challenge_data_missing": "ข้อมูลการท้าทายหายไป กรุณาโหลดหน้าใหม่"
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "Hesaplama hatası!",
  "js_calculation_error_msg": "Zorluk hesaplaması başarısız oldu:",
  "missing_required_forwarded_headers": "Gerekli X-Forwarded-* başlıkları eksik",
-  "simplified_explanation": "Bu, botlara ve kötü niyetli isteklere karşı CAPTCHA'ya benzer bir önlemdir. Ancak, kendiniz çalışmak yerine, tarayıcınıza geçerli bir istemci olduğundan emin olmak için çözmesi gereken bir hesaplama görevi verilir. Bu kavrama <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">İş Kanıtı</a> denir. Görev birkaç saniye içinde hesaplanır ve web sitesine erişim hakkı kazanırsınız. Anlayışınız ve sabrınız için teşekkür ederiz.",
+  "simplified_explanation": "Bu, botlara ve kötü niyetli isteklere karşı CAPTCHA'ya benzer bir önlemdir. Ancak, kendiniz çalışmak yerine, tarayıcınıza geçerli bir istemci olduğundan emin olmak için çözmesi gereken bir hesaplama görevi verilir. Bu kavrama <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">İş Kanıtı</a> denir. Görev birkaç saniye içinde hesaplanır ve web sitesine erişim hakkı kazanırsınız. Anlayışınız ve sabrınız için teşekkür ederiz."
  "js_challenge_data_missing": "Doğrulama verileri eksik. Lütfen sayfayı yeniden yükleyin."
 }
@@ -62,6 +62,5 @@
  "js_iterations": "ітерацій",
  "js_finished_reading": "Читання завершено, продовжити →",
  "js_calculation_error": "Помилка обчислення!",
-  "js_calculation_error_msg": "Не вдалося обчислити перевірку:",
+  "js_calculation_error_msg": "Не вдалося обчислити перевірку:"
  "js_challenge_data_missing": "Дані перевірки відсутні. Будь ласка, перезавантажте сторінку."
 }
@@ -62,6 +62,5 @@
  "js_iterations": "lần lặp lại",
  "js_finished_reading": "Tôi đã đọc xong, tiếp tục →",
  "js_calculation_error": "Lỗi tính toán!",
-  "js_calculation_error_msg": "Không thể tính toán thử thách:",
+  "js_calculation_error_msg": "Không thể tính toán thử thách:"
  "js_challenge_data_missing": "Thiếu dữ liệu thử thách. Vui lòng tải lại trang."
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "计算错误！",
  "js_calculation_error_msg": "计算挑战失败：",
  "missing_required_forwarded_headers": "缺少必要的 X-Forwarded-* 头",
-  "simplified_explanation": "这是一种类似于验证码的措施，用于防止机器人和恶意请求。但是，您无需自己动手，您的浏览器会收到一个计算任务，必须解决该任务以确保它是有效的客户端。这个概念称为<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">工作量证明</a>。该任务在几秒钟内计算完毕，您将被授予访问网站的权限。感谢您的理解和耐心。",
+  "simplified_explanation": "这是一种类似于验证码的措施，用于防止机器人和恶意请求。但是，您无需自己动手，您的浏览器会收到一个计算任务，必须解决该任务以确保它是有效的客户端。这个概念称为<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">工作量证明</a>。该任务在几秒钟内计算完毕，您将被授予访问网站的权限。感谢您的理解和耐心。"
  "js_challenge_data_missing": "验证数据缺失。请重新加载页面。"
 }
@@ -62,6 +62,5 @@
  "js_calculation_error": "計算錯誤！",
  "js_calculation_error_msg": "計算挑戰失敗：",
  "missing_required_forwarded_headers": "缺少必要的 X-Forwarded-* 標頭",
-  "simplified_explanation": "這是一種類似於驗證碼的措施，用於防止機器人和惡意請求。但是，您無需自己動手，您的瀏覽器會收到一個計算任務，必須解決該任務以確保它是有效的客戶端。這個概念稱為<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">工作量證明</a>。該任務在幾秒鐘內計算完畢，您將被授予訪問網站的權限。感謝您的理解和耐心。",
+  "simplified_explanation": "這是一種類似於驗證碼的措施，用於防止機器人和惡意請求。但是，您無需自己動手，您的瀏覽器會收到一個計算任務，必須解決該任務以確保它是有效的客戶端。這個概念稱為<a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">工作量證明</a>。該任務在幾秒鐘內計算完畢，您將被授予訪問網站的權限。感謝您的理解和耐心。"
  "js_challenge_data_missing": "驗證資料遺失。請重新載入頁面。"
 }
@@ -103,7 +103,7 @@ func TestBotEnvironment(t *testing.T) {
 					t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 				}
-				result, _, err := prog.Eval(map[string]any{
+				result, _, err := prog.Eval(map[string]interface{}{
 					"headers": tt.headers,
 				})
 				if err != nil {
@@ -168,7 +168,7 @@ func TestBotEnvironment(t *testing.T) {
 					t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 				}
-				result, _, err := prog.Eval(map[string]any{
+				result, _, err := prog.Eval(map[string]interface{}{
 					"path": tt.path,
 				})
 				if err != nil {
@@ -280,7 +280,7 @@ func TestBotEnvironment(t *testing.T) {
 					t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 				}
-				result, _, err := prog.Eval(map[string]any{})
+				result, _, err := prog.Eval(map[string]interface{}{})
 				if err != nil {
 					t.Fatalf("failed to evaluate expression %q: %v", tt.expression, err)
 				}
@@ -359,7 +359,7 @@ func TestBotEnvironment(t *testing.T) {
 						t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 					}
-					result, _, err := prog.Eval(map[string]any{})
+					result, _, err := prog.Eval(map[string]interface{}{})
 					if err != nil {
 						t.Fatalf("failed to evaluate expression %q: %v", tt.expression, err)
 					}
@@ -421,7 +421,7 @@ func TestBotEnvironment(t *testing.T) {
 						t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 					}
-					result, _, err := prog.Eval(map[string]any{})
+					result, _, err := prog.Eval(map[string]interface{}{})
 					if err != nil {
 						t.Fatalf("failed to evaluate expression %q: %v", tt.expression, err)
 					}
@@ -514,7 +514,7 @@ func TestBotEnvironment(t *testing.T) {
 						t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 					}
-					result, _, err := prog.Eval(map[string]any{})
+					result, _, err := prog.Eval(map[string]interface{}{})
 					if err != nil {
 						t.Fatalf("failed to evaluate expression %q: %v", tt.expression, err)
 					}
@@ -572,7 +572,7 @@ func TestBotEnvironment(t *testing.T) {
 						t.Fatalf("failed to compile expression %q: %v", tt.expression, err)
 					}
-					result, _, err := prog.Eval(map[string]any{})
+					result, _, err := prog.Eval(map[string]interface{}{})
 					if tt.evalError {
 						if err == nil {
 							t.Errorf("%s: expected an evaluation error, but got none", tt.description)
@@ -598,7 +598,7 @@ func TestThresholdEnvironment(t *testing.T) {
 	}
 	tests := []struct {
-		variables     map[string]any
+		variables     map[string]interface{}
 		name          string
 		expression    string
 		description   string
@@ -608,7 +608,7 @@ func TestThresholdEnvironment(t *testing.T) {
 		{
 			name:          "weight-variable-available",
 			expression:    `weight > 100`,
-			variables:     map[string]any{"weight": 150},
+			variables:     map[string]interface{}{"weight": 150},
 			expected:      types.Bool(true),
 			description:   "should support weight variable in expressions",
 			shouldCompile: true,
@@ -616,7 +616,7 @@ func TestThresholdEnvironment(t *testing.T) {
 		{
 			name:          "weight-variable-false-case",
 			expression:    `weight > 100`,
-			variables:     map[string]any{"weight": 50},
+			variables:     map[string]interface{}{"weight": 50},
 			expected:      types.Bool(false),
 			description:   "should correctly evaluate weight comparisons",
 			shouldCompile: true,
@@ -624,7 +624,7 @@ func TestThresholdEnvironment(t *testing.T) {
 		{
 			name:          "missingHeader-not-available",
 			expression:    `missingHeader(headers, "Test")`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expected:      types.Bool(false), // not used
 			description:   "should not have missingHeader function available",
 			shouldCompile: false,
@@ -667,7 +667,7 @@ func TestNewEnvironment(t *testing.T) {
 	tests := []struct {
 		name          string
 		expression    string
-		variables     map[string]any
+		variables     map[string]interface{}
 		expectBool    *bool // nil if we just want to test compilation or non-bool result
 		description   string
 		shouldCompile bool
@@ -675,7 +675,7 @@ func TestNewEnvironment(t *testing.T) {
 		{
 			name:          "randInt-function-compilation",
 			expression:    `randInt(10)`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expectBool:    nil, // Don't check result, just compilation
 			description:   "should compile randInt function",
 			shouldCompile: true,
@@ -683,7 +683,7 @@ func TestNewEnvironment(t *testing.T) {
 		{
 			name:          "randInt-range-validation",
 			expression:    `randInt(10) >= 0 && randInt(10) < 10`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expectBool:    boolPtr(true),
 			description:   "should return values in correct range",
 			shouldCompile: true,
@@ -691,7 +691,7 @@ func TestNewEnvironment(t *testing.T) {
 		{
 			name:          "strings-extension-size",
 			expression:    `"hello".size() == 5`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expectBool:    boolPtr(true),
 			description:   "should support string extension functions",
 			shouldCompile: true,
@@ -699,7 +699,7 @@ func TestNewEnvironment(t *testing.T) {
 		{
 			name:          "strings-extension-contains",
 			expression:    `"hello world".contains("world")`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expectBool:    boolPtr(true),
 			description:   "should support string contains function",
 			shouldCompile: true,
@@ -707,7 +707,7 @@ func TestNewEnvironment(t *testing.T) {
 		{
 			name:          "strings-extension-startsWith",
 			expression:    `"hello world".startsWith("hello")`,
-			variables:     map[string]any{},
+			variables:     map[string]interface{}{},
 			expectBool:    boolPtr(true),
 			description:   "should support string startsWith function",
 			shouldCompile: true,
@@ -32,6 +32,7 @@ func TestGoodConfigs(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			t.Run("with-thoth", func(t *testing.T) {
 				fin, err := os.Open(filepath.Join("..", "config", "testdata", "good", st.Name()))
@@ -70,6 +71,7 @@ func TestBadConfigs(t *testing.T) {
 	}
 	for _, st := range finfos {
 		st := st
 		t.Run(st.Name(), func(t *testing.T) {
 			fin, err := os.Open(filepath.Join("..", "config", "testdata", "bad", st.Name()))
 			if err != nil {
@@ -6,7 +6,6 @@ import (
 	"encoding/json"
 	"fmt"
 	"io"
 	"maps"
 	"sync"
 	"testing"
 	"time"
@@ -37,7 +36,9 @@ func (m *mockS3) PutObject(ctx context.Context, in *s3.PutObjectInput, _ ...func
 	m.data[aws.ToString(in.Key)] = bytes.Clone(b)
 	if in.Metadata != nil {
 		m.meta[aws.ToString(in.Key)] = map[string]string{}
-		maps.Copy(m.meta[aws.ToString(in.Key)], in.Metadata)
+		for k, v := range in.Metadata {
 			m.meta[aws.ToString(in.Key)][k] = v
 		}
 	}
 	m.bucket = aws.ToString(in.Bucket)
 	return &s3.PutObjectOutput{}, nil
@@ -103,7 +103,7 @@ func (s Sentinel) Valid() error {
 // redisClient is satisfied by *valkey.Client and *valkey.ClusterClient.
 type redisClient interface {
 	Get(ctx context.Context, key string) *valkey.StringCmd
-	Set(ctx context.Context, key string, value any, expiration time.Duration) *valkey.StatusCmd
+	Set(ctx context.Context, key string, value interface{}, expiration time.Duration) *valkey.StatusCmd
 	Del(ctx context.Context, keys ...string) *valkey.IntCmd
 	Ping(ctx context.Context) *valkey.StatusCmd
 }
@@ -1,12 +0,0 @@
 bots:
  - name: deny
    user_agent_regex: DENY
    action: DENY
  - name: challenge
    user_agent_regex: CHALLENGE
    action: CHALLENGE
  - name: allow
    user_agent_regex: ALLOW
    action: ALLOW
@@ -11,8 +11,8 @@ func authUnaryClientInterceptor(token string) grpc.UnaryClientInterceptor {
 	return func(
 		ctx context.Context,
 		method string,
-		req any,
+		req interface{},
-		reply any,
+		reply interface{},
 		cc *grpc.ClientConn,
 		invoker grpc.UnaryInvoker,
 		opts ...grpc.CallOption,
@@ -1,6 +1,6 @@
 {
  "name": "@techaro/anubis",
-  "version": "1.25.0",
+  "version": "1.24.0",
  "description": "",
  "main": "index.js",
  "scripts": {
@@ -20,12 +20,12 @@
  "author": "",
  "license": "ISC",
  "devDependencies": {
-    "@commitlint/cli": "^20.4.3",
+    "@commitlint/cli": "^20.4.1",
-    "@commitlint/config-conventional": "^20.4.3",
+    "@commitlint/config-conventional": "^20.4.1",
-    "baseline-browser-mapping": "^2.10.0",
+    "baseline-browser-mapping": "^2.9.19",
-    "cssnano": "^7.1.3",
+    "cssnano": "^7.1.2",
-    "cssnano-preset-advanced": "^7.0.11",
+    "cssnano-preset-advanced": "^7.0.10",
-    "esbuild": "^0.27.3",
+    "esbuild": "^0.27.2",
    "husky": "^9.1.7",
    "playwright": "^1.52.0",
    "postcss-cli": "^11.0.1",
@@ -36,7 +36,7 @@
  },
  "dependencies": {
    "@aws-crypto/sha256-js": "^5.2.0",
-    "preact": "^10.28.4"
+    "preact": "^10.28.2"
  },
  "commitlint": {
    "extends": [
@@ -41,22 +41,15 @@ cp ../lib/localization/locales/*.json static/locales/
 shopt -s nullglob globstar
-for file in js/**/*.ts js/**/*.tsx js/**/*.mjs; do
+for file in js/**/*.ts js/**/*.mjs; do
  out="static/${file}"
-  if [[ "$file" == *.tsx ]]; then
+  if [[ "$file" == *.ts ]]; then
    out="static/${file%.tsx}.mjs"
  elif [[ "$file" == *.ts ]]; then
    out="static/${file%.ts}.mjs"
  fi
  mkdir -p "$(dirname "$out")"
-  JSX_FLAGS=""
+  esbuild "$file" --sourcemap --bundle --minify --outfile="$out" --banner:js="$LICENSE"
  if [[ "$file" == *.tsx ]]; then
    JSX_FLAGS="--jsx=automatic --jsx-import-source=preact"
  fi
  esbuild "$file" --sourcemap --bundle --minify --outfile="$out" $JSX_FLAGS --banner:js="$LICENSE"
  gzip -f -k -n "$out"
  zstd -f -k --ultra -22 "$out"
  brotli -fZk "$out"
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Xe Iaso	400c945ad6	chore: update spelling Signed-off-by: Xe Iaso <me@xeiaso.net>	2026-02-15 15:04:04 +00:00
Xe Iaso	957bee6933	docs(AGENTS): make compatible with opencode Signed-off-by: Xe Iaso <me@xeiaso.net>	2026-02-15 15:02:20 +00:00
Xe Iaso	4fc9943da0	chore: remove symlinks Signed-off-by: Xe Iaso <me@xeiaso.net>	2026-02-15 14:35:00 +00:00
Xe Iaso	1613735dd8	docs: add AI coding tools policy Signed-off-by: Xe Iaso <me@xeiaso.net>	2026-02-15 13:34:47 +00:00