chore: update spelling

check-spelling run (pull_request) for Xe/ci-multiple-go-versions

Signed-off-by: check-spelling-bot <check-spelling-bot@users.noreply.github.com>
on-behalf-of: @check-spelling <check-spelling-bot@check-spelling.dev>

.github/actions/spelling/allow.txt

@@ -23,3 +23,4 @@ fout
 iplist
 NArg
 blocklists
+rififi

.github/actions/spelling/expect.txt

@@ -64,7 +64,6 @@ ckie
 cloudflare
 Codespaces
 confd
-connnection
 containerbuild
 containerregistry
 coreutils
@@ -243,6 +242,7 @@ oci
 OCOB
 ogtag
 oklch
+oldstable
 omgili
 omgilibot
 openai
@@ -257,6 +257,7 @@ Pangu
 parseable
 passthrough
 Patreon
+perplexitybot
 pgrep
 phrik
 pidfile

.github/workflows/go.yml

@@ -12,6 +12,11 @@ permissions:
 
 jobs:
   go_tests:
+    strategy:
+      matrix:
+        go_version:
+          - oldstable
+          - stable
     #runs-on: alrest-techarohq
     runs-on: ubuntu-24.04
     steps:
@@ -26,10 +31,11 @@ jobs:
 
       - uses: actions/setup-node@395ad3262231945c25e8478fd5baf05154b1d79f # v6.1.0
         with:
-          node-version: '24.11.0'
+          node-version: "latest"
+
       - uses: actions/setup-go@4dc6199c7b1a012772edbd06daecab0f50c9053c # v6.1.0
         with:
-          go-version: '1.25.4'
+          go-version: ${{ matrix.go_version }}
 
       - name: Cache playwright binaries
         uses: actions/cache@9255dc7a253b0ccc959486e2bca901246202afeb # v5.0.1

data/clients/ai.yaml

@@ -4,5 +4,5 @@
 #  - Claude-User: No published IP allowlist
 - name: "ai-clients"
   user_agent_regex: >-
-    ChatGPT-User|Claude-User|MistralAI-User
+    ChatGPT-User|Claude-User|MistralAI-User|Perplexity-User
   action: DENY

data/clients/perplexity-user.yaml

@@ -0,0 +1,12 @@
+# Acts on behalf of user requests
+# https://docs.perplexity.ai/guides/bots
+- name: perplexity-user
+  user_agent_regex: Perplexity-User/.+; \+https\://perplexity\.ai/perplexity-user
+  action: ALLOW
+  # https://www.perplexity.com/perplexity-user.json
+  remote_addresses: [
+    "44.208.221.197/32",
+    "34.193.163.52/32",
+    "18.97.21.0/30",
+    "18.97.43.80/29",
+  ]

data/crawlers/ai-search.yaml

@@ -4,5 +4,5 @@
 #  - Claude-SearchBot: No published IP allowlist
 - name: "ai-crawlers-search"
   user_agent_regex: >-
-    OAI-SearchBot|Claude-SearchBot
+    OAI-SearchBot|Claude-SearchBot|PerplexityBot
   action: DENY

data/crawlers/perplexitybot.yaml

@@ -0,0 +1,16 @@
+# Indexing for search, does not collect training data
+# https://docs.perplexity.ai/guides/bots
+- name: perplexitybot
+  user_agent_regex: PerplexityBot/.+; \+https\://perplexity\.ai/perplexitybot
+  action: ALLOW
+  # https://www.perplexity.com/perplexitybot.json
+  remote_addresses: [
+    "107.20.236.150/32",
+    "3.224.62.45/32",
+    "18.210.92.235/32",
+    "3.222.232.239/32",
+    "3.211.124.183/32",
+    "3.231.139.107/32",
+    "18.97.1.228/30",
+    "18.97.9.96/29",
+  ]

data/meta/ai-block-moderate.yaml

@@ -3,5 +3,7 @@
 - import: (data)/bots/ai-catchall.yaml
 - import: (data)/crawlers/ai-training.yaml
 - import: (data)/crawlers/openai-searchbot.yaml
+- import: (data)/crawlers/perplexitybot.yaml
 - import: (data)/clients/openai-chatgpt-user.yaml
-- import: (data)/clients/mistral-mistralai-user.yaml
+- import: (data)/clients/mistral-mistralai-user.yaml
+- import: (data)/clients/perplexity-user.yaml

data/meta/ai-block-permissive.yaml

@@ -2,5 +2,7 @@
 - import: (data)/bots/ai-catchall.yaml
 - import: (data)/crawlers/openai-searchbot.yaml
 - import: (data)/crawlers/openai-gptbot.yaml
+- import: (data)/crawlers/perplexitybot.yaml
 - import: (data)/clients/openai-chatgpt-user.yaml
-- import: (data)/clients/mistral-mistralai-user.yaml
+- import: (data)/clients/mistral-mistralai-user.yaml
+- import: (data)/clients/perplexity-user.yaml

docs/docs/CHANGELOG.md

@@ -13,6 +13,7 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 - Add iplist2rule tool that lets admins turn an IP address blocklist into an Anubis ruleset.
 - Add Polish locale ([#1292](https://github.com/TecharoHQ/anubis/pull/1309))
+- Fix honeypot and imprint links missing `BASE_PREFIX` when deployed behind a path prefix ([#1402](https://github.com/TecharoHQ/anubis/issues/1402))
 
 <!-- This changes the project to: -->
 

docs/docs/admin/botstopper.mdx

@@ -51,9 +51,8 @@ If you are using Kubernetes, you will need to create an image pull secret:
 kubectl create secret docker-registry \
   techarohq-botstopper \
   --docker-server ghcr.io \
-  --docker-username your-username \
-  --docker-password your-access-token \
-  --docker-email your@email.address
+  --docker-username any-username \
+  --docker-password <your-access-token> \
 ```
 
 Then attach it to your Deployment:

web/index.templ

@@ -64,7 +64,7 @@ templ base(title string, body templ.Component, impressum *config.Impressum, chal
 			@templ.JSONScript("anubis_public_url", anubis.PublicUrl)
 		</head>
 		<body id="top">
-			@honeypotLink(fmt.Sprintf("%shoneypot/%s/init", anubis.APIPrefix, uuid.NewString()))
+			@honeypotLink(anubis.BasePrefix + fmt.Sprintf("%shoneypot/%s/init", anubis.APIPrefix, uuid.NewString()))
 			<main>
 				<h1 id="title" class="centered-div">{ title }</h1>
 				@body
@@ -79,7 +79,7 @@ templ base(title string, body templ.Component, impressum *config.Impressum, chal
 						if impressum != nil {
 							<p>
 								@templ.Raw(impressum.Footer)
-								-- <a href={ templ.SafeURL(fmt.Sprintf("%simprint", anubis.APIPrefix)) }>Imprint</a>
+								-- <a href={ templ.SafeURL(anubis.BasePrefix + fmt.Sprintf("%simprint", anubis.APIPrefix)) }>Imprint</a>
 							</p>
 						}
 						<p>{ localizer.T("version_info") } <code>{ anubis.Version }</code>.</p>

web/index_templ.go

@@ -137,7 +137,7 @@ func base(title string, body templ.Component, impressum *config.Impressum, chall
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
-		templ_7745c5c3_Err = honeypotLink(fmt.Sprintf("%shoneypot/%s/init", anubis.APIPrefix, uuid.NewString())).Render(ctx, templ_7745c5c3_Buffer)
+		templ_7745c5c3_Err = honeypotLink(anubis.BasePrefix+fmt.Sprintf("%shoneypot/%s/init", anubis.APIPrefix, uuid.NewString())).Render(ctx, templ_7745c5c3_Buffer)
 		if templ_7745c5c3_Err != nil {
 			return templ_7745c5c3_Err
 		}
@@ -245,9 +245,9 @@ func base(title string, body templ.Component, impressum *config.Impressum, chall
 				return templ_7745c5c3_Err
 			}
 			var templ_7745c5c3_Var13 templ.SafeURL
-			templ_7745c5c3_Var13, templ_7745c5c3_Err = templ.JoinURLErrs(templ.SafeURL(fmt.Sprintf("%simprint", anubis.APIPrefix)))
+			templ_7745c5c3_Var13, templ_7745c5c3_Err = templ.JoinURLErrs(templ.SafeURL(anubis.BasePrefix + fmt.Sprintf("%simprint", anubis.APIPrefix)))
 			if templ_7745c5c3_Err != nil {
-				return templ.Error{Err: templ_7745c5c3_Err, FileName: `index.templ`, Line: 82, Col: 78}
+				return templ.Error{Err: templ_7745c5c3_Err, FileName: `index.templ`, Line: 82, Col: 98}
 			}
 			_, templ_7745c5c3_Err = templ_7745c5c3_Buffer.WriteString(templ.EscapeString(templ_7745c5c3_Var13))
 			if templ_7745c5c3_Err != nil {

web/index_test.go

@@ -0,0 +1,81 @@
+package web
+
+import (
+	"context"
+	"net/http/httptest"
+	"strings"
+	"testing"
+
+	"github.com/TecharoHQ/anubis"
+	"github.com/TecharoHQ/anubis/lib/config"
+	"github.com/TecharoHQ/anubis/lib/localization"
+	"github.com/a-h/templ"
+)
+
+func TestBasePrefixInLinks(t *testing.T) {
+	tests := []struct {
+		name       string
+		basePrefix string
+		wantInLink string
+	}{
+		{
+			name:       "no prefix",
+			basePrefix: "",
+			wantInLink: "/.within.website/x/cmd/anubis/api/",
+		},
+		{
+			name:       "with rififi prefix",
+			basePrefix: "/rififi",
+			wantInLink: "/rififi/.within.website/x/cmd/anubis/api/",
+		},
+		{
+			name:       "with myapp prefix",
+			basePrefix: "/myapp",
+			wantInLink: "/myapp/.within.website/x/cmd/anubis/api/",
+		},
+	}
+
+	for _, tt := range tests {
+		t.Run(tt.name, func(t *testing.T) {
+			// Save original BasePrefix and restore after test
+			origPrefix := anubis.BasePrefix
+			defer func() { anubis.BasePrefix = origPrefix }()
+
+			anubis.BasePrefix = tt.basePrefix
+
+			// Create test impressum
+			impressum := &config.Impressum{
+				Footer: "<p>Test footer</p>",
+				Page: config.ImpressumPage{
+					Title: "Test Imprint",
+					Body:  "<p>Test imprint body</p>",
+				},
+			}
+
+			// Create localizer using a dummy request
+			req := httptest.NewRequest("GET", "/", nil)
+			localizer := &localization.SimpleLocalizer{}
+			localizer.Localizer = localization.NewLocalizationService().GetLocalizerFromRequest(req)
+
+			// Render the base template to a buffer
+			var buf strings.Builder
+			component := base(tt.name, templ.NopComponent, impressum, nil, nil, localizer)
+			err := component.Render(context.Background(), &buf)
+			if err != nil {
+				t.Fatalf("failed to render template: %v", err)
+			}
+
+			output := buf.String()
+
+			// Check that honeypot link includes the base prefix
+			if !strings.Contains(output, `href="`+tt.wantInLink+`honeypot/`) {
+				t.Errorf("honeypot link does not contain base prefix %q\noutput: %s", tt.wantInLink, output)
+			}
+
+			// Check that imprint link includes the base prefix
+			if !strings.Contains(output, `href="`+tt.wantInLink+`imprint`) {
+				t.Errorf("imprint link does not contain base prefix %q\noutput: %s", tt.wantInLink, output)
+			}
+		})
+	}
+}