chore: npm run assets

Signed-off-by: Xe Iaso <me@xeiaso.net>

.github/actions/spelling/expect.txt

@@ -36,7 +36,6 @@ botstopper
 BPort
 Brightbot
 broked
-buildah
 byteslice
 Bytespider
 cachebuster
@@ -65,7 +64,6 @@ Codespaces
 confd
 connnection
 containerbuild
-containerregistry
 coreutils
 Cotoyogi
 Cromite
@@ -200,6 +198,7 @@ licstart
 lightpanda
 limsa
 Linting
+linuxbrew
 LLU
 loadbalancer
 lol
@@ -226,7 +225,6 @@ nobots
 NONINFRINGEMENT
 nosleep
 nullglob
-oci
 OCOB
 ogtag
 oklch
@@ -343,7 +341,6 @@ Velen
 vendored
 vhosts
 VKE
-vnd
 VPS
 Vultr
 weblate

.github/workflows/docker-pr.yml

@@ -2,7 +2,7 @@ name: Docker image builds (pull requests)
 
 on:
   pull_request:
-    branches: ["main"]
+    branches: [ "main" ]
 
 env:
   DOCKER_METADATA_SET_OUTPUT_ENV: "true"
@@ -21,20 +21,29 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
 
-      - name: build essential
+      - name: Set up Homebrew
+        uses: Homebrew/actions/setup-homebrew@main
+
+      - name: Setup Homebrew cellar cache
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        with:
+          path: |
+            /home/linuxbrew/.linuxbrew/Cellar
+            /home/linuxbrew/.linuxbrew/bin
+            /home/linuxbrew/.linuxbrew/etc
+            /home/linuxbrew/.linuxbrew/include
+            /home/linuxbrew/.linuxbrew/lib
+            /home/linuxbrew/.linuxbrew/opt
+            /home/linuxbrew/.linuxbrew/sbin
+            /home/linuxbrew/.linuxbrew/share
+            /home/linuxbrew/.linuxbrew/var
+          key: ${{ runner.os }}-go-homebrew-cellar-${{ hashFiles('go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-homebrew-cellar-
+
+      - name: Install Brew dependencies
         run: |
-          sudo apt-get update
-          sudo apt-get install -y build-essential
-
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: latest
-
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
-        with:
-          go-version: stable
-
-      - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9
+          brew bundle
 
       - name: Docker meta
         id: meta

.github/workflows/docker.yml

@@ -27,24 +27,33 @@ jobs:
           fetch-depth: 0
           persist-credentials: false
 
-      - name: build essential
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y build-essential
-
       - name: Set lowercase image name
         run: |
           echo "IMAGE=ghcr.io/${GITHUB_REPOSITORY,,}" >> $GITHUB_ENV
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: latest
+      - name: Set up Homebrew
+        uses: Homebrew/actions/setup-homebrew@main
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - name: Setup Homebrew cellar cache
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
-          go-version: stable
+          path: |
+            /home/linuxbrew/.linuxbrew/Cellar
+            /home/linuxbrew/.linuxbrew/bin
+            /home/linuxbrew/.linuxbrew/etc
+            /home/linuxbrew/.linuxbrew/include
+            /home/linuxbrew/.linuxbrew/lib
+            /home/linuxbrew/.linuxbrew/opt
+            /home/linuxbrew/.linuxbrew/sbin
+            /home/linuxbrew/.linuxbrew/share
+            /home/linuxbrew/.linuxbrew/var
+          key: ${{ runner.os }}-go-homebrew-cellar-${{ hashFiles('go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-homebrew-cellar-
 
-      - uses: ko-build/setup-ko@d006021bd0c28d1ce33a07e7943d48b079944c8d # v0.9
+      - name: Install Brew dependencies
+        run: |
+          brew bundle
 
       - name: Log into registry
         uses: docker/login-action@5e57cd118135c172c3672efd75eb46360885c0ef # v3.6.0

.github/workflows/go.yml

@@ -2,9 +2,9 @@ name: Go
 
 on:
   push:
-    branches: ["main"]
+    branches: [ "main" ]
   pull_request:
-    branches: ["main"]
+    branches: [ "main" ]
 
 permissions:
   contents: read
@@ -15,51 +15,77 @@ jobs:
     #runs-on: alrest-techarohq
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-        with:
-          persist-credentials: false
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      with:
+        persist-credentials: false
 
-      - name: build essential
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y build-essential
+    - name: build essential
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: latest
+    - name: Set up Homebrew
+      uses: Homebrew/actions/setup-homebrew@main
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
-        with:
-          go-version: stable
+    - name: Setup Homebrew cellar cache
+      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      with:
+        path: |
+          /home/linuxbrew/.linuxbrew/Cellar
+          /home/linuxbrew/.linuxbrew/bin
+          /home/linuxbrew/.linuxbrew/etc
+          /home/linuxbrew/.linuxbrew/include
+          /home/linuxbrew/.linuxbrew/lib
+          /home/linuxbrew/.linuxbrew/opt
+          /home/linuxbrew/.linuxbrew/sbin
+          /home/linuxbrew/.linuxbrew/share
+          /home/linuxbrew/.linuxbrew/var
+        key: ${{ runner.os }}-go-homebrew-cellar-${{ hashFiles('go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-go-homebrew-cellar-
 
-      - name: Cache playwright binaries
-        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
-        id: playwright-cache
-        with:
-          path: |
-            ~/.cache/ms-playwright
-          key: ${{ runner.os }}-playwright-${{ hashFiles('**/go.sum') }}
+    - name: Install Brew dependencies
+      run: |
+        brew bundle
 
-      - name: install node deps
-        run: |
-          npm ci
+    - name: Setup Golang caches
+      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      with:
+        path: |
+          ~/.cache/go-build
+          ~/go/pkg/mod
+        key: ${{ runner.os }}-golang-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-golang-
 
-      - name: install playwright browsers
-        run: |
-          npx --no-install playwright@1.52.0 install --with-deps
-          npx --no-install playwright@1.52.0 run-server --port 9001 &
+    - name: Cache playwright binaries
+      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      id: playwright-cache
+      with:
+        path: |
+          ~/.cache/ms-playwright
+        key: ${{ runner.os }}-playwright-${{ hashFiles('**/go.sum') }}
 
-      - name: Build
-        run: npm run build
+    - name: install node deps
+      run: |
+        npm ci
 
-      - name: Test
-        run: npm run test
+    - name: install playwright browsers
+      run: |
+        npx --no-install playwright@1.52.0 install --with-deps
+        npx --no-install playwright@1.52.0 run-server --port 9001 &
 
-      - name: Lint with staticcheck
-        uses: dominikh/staticcheck-action@024238d2898c874f26d723e7d0ff4308c35589a2 # v1.4.0
-        with:
-          version: "latest"
+    - name: Build
+      run: npm run build
 
-      - name: Govulncheck
-        run: |
-          go tool govulncheck ./...
+    - name: Test
+      run: npm run test
+
+    - name: Lint with staticcheck
+      uses: dominikh/staticcheck-action@024238d2898c874f26d723e7d0ff4308c35589a2 # v1.4.0
+      with:
+        version: "latest"
+
+    - name: Govulncheck
+      run: |
+        go tool govulncheck ./...

.github/workflows/package-builds-stable.yml

@@ -25,13 +25,39 @@ jobs:
           sudo apt-get update
           sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: latest
+      - name: Set up Homebrew
+        uses: Homebrew/actions/setup-homebrew@main
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
+      - name: Setup Homebrew cellar cache
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
         with:
-          go-version: stable
+          path: |
+            /home/linuxbrew/.linuxbrew/Cellar
+            /home/linuxbrew/.linuxbrew/bin
+            /home/linuxbrew/.linuxbrew/etc
+            /home/linuxbrew/.linuxbrew/include
+            /home/linuxbrew/.linuxbrew/lib
+            /home/linuxbrew/.linuxbrew/opt
+            /home/linuxbrew/.linuxbrew/sbin
+            /home/linuxbrew/.linuxbrew/share
+            /home/linuxbrew/.linuxbrew/var
+          key: ${{ runner.os }}-go-homebrew-cellar-${{ hashFiles('go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-go-homebrew-cellar-
+
+      - name: Install Brew dependencies
+        run: |
+          brew bundle
+
+      - name: Setup Golang caches
+        uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+        with:
+          path: |
+            ~/.cache/go-build
+            ~/go/pkg/mod
+          key: ${{ runner.os }}-golang-${{ hashFiles('**/go.sum') }}
+          restore-keys: |
+            ${{ runner.os }}-golang-
 
       - name: install node deps
         run: |

.github/workflows/package-builds-unstable.yml

@@ -2,9 +2,9 @@ name: Package builds (unstable)
 
 on:
   push:
-    branches: ["main"]
+    branches: [ "main" ]
   pull_request:
-    branches: ["main"]
+    branches: [ "main" ]
 
 permissions:
   contents: read
@@ -15,34 +15,60 @@ jobs:
     #runs-on: alrest-techarohq
     runs-on: ubuntu-24.04
     steps:
-      - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
-        with:
-          persist-credentials: false
-          fetch-tags: true
-          fetch-depth: 0
+    - uses: actions/checkout@08c6903cd8c0fde910a37f88322edcfb5dd907a8 # v5.0.0
+      with:
+        persist-credentials: false
+        fetch-tags: true
+        fetch-depth: 0
 
-      - name: build essential
-        run: |
-          sudo apt-get update
-          sudo apt-get install -y build-essential
+    - name: build essential
+      run: |
+        sudo apt-get update
+        sudo apt-get install -y build-essential
 
-      - uses: actions/setup-node@49933ea5288caeca8642d1e84afbd3f7d6820020 # v4.4.0
-        with:
-          node-version: latest
+    - name: Set up Homebrew
+      uses: Homebrew/actions/setup-homebrew@main
 
-      - uses: actions/setup-go@d35c59abb061a4a6fb18e82ac0862c26744d6ab5 # v5.5.0
-        with:
-          go-version: stable
+    - name: Setup Homebrew cellar cache
+      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      with:
+        path: |
+          /home/linuxbrew/.linuxbrew/Cellar
+          /home/linuxbrew/.linuxbrew/bin
+          /home/linuxbrew/.linuxbrew/etc
+          /home/linuxbrew/.linuxbrew/include
+          /home/linuxbrew/.linuxbrew/lib
+          /home/linuxbrew/.linuxbrew/opt
+          /home/linuxbrew/.linuxbrew/sbin
+          /home/linuxbrew/.linuxbrew/share
+          /home/linuxbrew/.linuxbrew/var
+        key: ${{ runner.os }}-go-homebrew-cellar-${{ hashFiles('go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-go-homebrew-cellar-
 
-      - name: install node deps
-        run: |
-          npm ci
+    - name: Install Brew dependencies
+      run: |
+        brew bundle
 
-      - name: Build Packages
-        run: |
-          go tool yeet
+    - name: Setup Golang caches
+      uses: actions/cache@0057852bfaa89a56745cba8c7296529d2fc39830 # v4.3.0
+      with:
+        path: |
+          ~/.cache/go-build
+          ~/go/pkg/mod
+        key: ${{ runner.os }}-golang-${{ hashFiles('**/go.sum') }}
+        restore-keys: |
+          ${{ runner.os }}-golang-
 
-      - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
-        with:
-          name: packages
-          path: var/*
+    - name: install node deps
+      run: |
+        npm ci
+
+    - name: Build Packages
+      run: |
+        go tool yeet
+
+    - uses: actions/upload-artifact@330a01c490aca151604b8cf639adc76d48f6c5d4 # v5.0.0
+      with:
+        name: packages
+        path: var/*

.github/workflows/smoke-tests.yml

@@ -15,7 +15,6 @@ jobs:
       matrix:
         test:
           - default-config-macro
-          - docker-registry
           - double_slash
           - forced-language
           - git-clone

VERSION

@@ -1 +1 @@
-1.23.1
+1.23.0

data/clients/docker-client.yaml

@@ -1,53 +0,0 @@
-- name: allow-docker-client
-  action: ALLOW
-  expression:
-    all:
-      - path.startsWith("/v2/")
-      - userAgent.contains("docker/")
-      - userAgent.contains("git-commit/")
-      - '"Accept" in headers'
-      - headers["Accept"].contains("vnd.docker.distribution")
-      - '"Baggage" in headers'
-      - headers["Baggage"].contains("trigger")
-
-- name: allow-crane-client
-  action: ALLOW
-  expression:
-    all:
-      - userAgent.contains("crane/")
-      - userAgent.contains("go-containerregistry/")
-
-- name: allow-docker-distribution-api-client
-  action: ALLOW
-  expression:
-    all:
-      - '"Docker-Distribution-Api-Version" in headers'
-      - '!(userAgent.contains("Mozilla"))'
-
-- name: allow-go-containerregistry-client
-  action: ALLOW
-  expression:
-    all:
-      - path.startsWith("/v2/")
-      - userAgent.contains("go-containerregistry/")
-
-- name: allow-buildah
-  action: ALLOW
-  expression:
-    all:
-      - path.startsWith("/v2/")
-      - userAgent.contains("Buildah/")
-
-- name: allow-podman
-  action: ALLOW
-  expression:
-    all:
-      - path.startsWith("/v2/")
-      - userAgent.contains("containers/")
-
-- name: allow-containerd
-  action: ALLOW
-  expression:
-    all:
-      - path.startsWith("/v2/")
-      - userAgent.contains("containerd/")

docs/docs/CHANGELOG.md

@@ -13,37 +13,8 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 <!-- This changes the project to: -->
 
-- Allow more OCI registry clients [based on feedback](https://github.com/TecharoHQ/anubis/pull/1253#issuecomment-3506744184).
-
-## v1.23.1: Lyse Hext - Echo 1
-
-- Fix `SERVE_ROBOTS_TXT` setting after the double slash fix broke it.
-
-### Potentially breaking changes
-
-#### Remove default Tencent Cloud block rule
-
-v1.23.0 added a default rule to block Tencent Cloud. After an email from their abuse team where they promised to take action to clean up their reputation, I have removed the default block rule. If this network causes you problems, please contact [abuse@tencent.com](mailto:abuse@tencent.com) and supply the following information:
-
-- Time of abusive requests.
-- IP address, User-Agent header, or other unique identifiers that can help the abuse team educate the customer about their misbehaving infrastructure.
-- Does the abusive IP address request robots.txt? If not, be sure to include that information.
-- A brief description of the impact to your system such as high system load, pages not rendering, or database system crashes. This helps the provider establish the fact that their customer is causing you measurable harm.
-- Context as to what your service is, what it does, and why they should care.
-
-Mention that you are using Anubis or BotStopper to protect your services. If they do not respond to you, please [contact me](https://xeiaso.net/contact) as soon as possible.
-
-#### Docker / OCI registry clients
-
-Anubis v1.23.0 accidentally blocked Docker / OCI registry clients. In order to explicitly allow them, add an import for `(data)/clients/docker-client.yaml`:
-
-```yaml
-bots:
-  - import: (data)/meta/default-config.yaml
-  - import: (data)/clients/docker-client.yaml
-```
-
-This is technically a regression as these clients used to work in Anubis v1.22.0, however it is allowable to make this opt-in as most websites do not expect to be serving Docker / OCI registry client traffic.
+- Fix `SERVE_ROBOTS_TXT` setting file after the double slash fix broke it.
+- Remove the default configuration rule to block Tencent cloud. If users see abuse from Tencent cloud IP ranges, please contact abuse@tencent.com and mention that you are using Anubis to protect your services. Please include source IP address, source port, timestamp, target IP address, target port, request headers (including the User-Agent header), and target endpoints/patterns.
 
 ## v1.23.0: Lyse Hext
 

docs/docs/admin/roles/_category_.json

@@ -1,8 +0,0 @@
-{
-  "label": "Server Roles",
-  "position": 40,
-  "link": {
-    "type": "generated-index",
-    "description": "Various server roles you will need to keep in mind with Anubis."
-  }
-}

docs/docs/admin/roles/oci-registry.mdx

@@ -1,10 +0,0 @@
-# OCI Registries
-
-If you are serving an OCI registry behind Anubis, you will need to import the `(data)/clients/docker-client.yaml` file in order to make sure that OCI registry clients can download images:
-
-```yaml
-bots:
-  - import: (data)/meta/default-config.yaml
-  - import: (data)/clients/docker-client.yaml
-# ... the rest of your config
-```

lib/localization/locales/is.json

@@ -8,7 +8,7 @@
   "ai_companies_explanation": "Þú ert að sjá þetta vegna þess að kerfisstjóri þessa vefsvæðis hefur sett upp Anubis til að vernda vefþjóninn fyrir holskeflu beiðna frá svokölluðum gervigreindarfyrirtækjum sem samviskulaust eru að skrapa upplýsingar af vefsvæðum annarra. Þetta getur valdið og veldur töfum og truflunum á þessum vefsvæðum, sem aftur veldur því að efni þeirra verður öllum óaðgengilegt.",
   "anubis_compromise": "Anubis er millivegur. Anubis notar sönnun-á-vinnu (Proof-of-Work) skema í líkingu við Hashcash, sem er viðlíka skema til að minnka ruslpóst. Hugmyndin er að fyrir almennar heimsóknir verði viðbótarálagið vegna þessa ásættanlegt og valdi litlum truflunum, en við massaskröpun verði samlegðaráhrifin veruleg og geri slíka skröpun upplýsinga of dýra hvað varðar afköst og reiknigetu.",
   "hack_purpose": "Að lokum er þetta staðgengilslausn svo hægt sé að eyða meiri tíma í fingraför og auðkenningu höfuðlausra vafra (t.d. með því hvernig þeir birta leturgerðir) svo að áskorunarprófunarsíðan þurfi ekki að birtast notendum sem eru mun líklegri til að vera lögmætir.",
-  "jshelter_note": "Athugaðu að Anubis krefst notkunar á ýmsum nútímalegum eiginleikum JavaScript sem viðbætur á borð við JShelter munu gera óvirka. Endilega gerðu JShelter eða álíka viðbætur óvirkar fyrir þetta lén.",
+  "jshelter_note": "Athugaðu að Anubis krefst notkunar á ýmsum nútímalegum eiginleikum JavaScript sem viðbætur á borð við JShelter munu gera ávirka. Endilega gerðu JShelter eða álíka viðbætur óvirkar fyrir þetta lén.",
   "version_info": "Þetta vefsvæði er að keyra Anubis útgáfu",
   "try_again": "Prófaðu aftur",
   "go_home": "Farðu aftur heim til þín",
@@ -62,5 +62,5 @@
   "js_calculation_error": "Reiknivilla!",
   "js_calculation_error_msg": "Mistókst að reikna áskorun:",
   "missing_required_forwarded_headers": "Vantar nauðsynleg X-Forwarded-* hausar",
-  "simplified_explanation": "Þetta er ráðstöfun gegn vélmennum og illa meinandi beiðnum, sem virkar svipað og CAPTCHA-mennskupróf. Hins vegar; í stað þess að þurfa að vinna sjálfur, fær vafrinn þinn útreikningsverkefni sem hann þarf að leysa til að tryggja að hann sé gildur biðlari. Þetta hugtak er kallað <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Sönnun-á-vinnu</a>. Verkefnið er reiknað á nokkrum sekúndum og þú færð aðgang að vefsíðunni. Takk fyrir skilninginn og þolinmæðina."
+  "simplified_explanation": "Þetta er ráðstöfun gegn vélmennum og illgjarnum beiðnum svipað og CAPTCHA. Hins vegar, í stað þess að þurfa að vinna sjálfur, fær vafrinn þinn útreikningsverkefni sem hann þarf að leysa til að tryggja að hann sé gildur biðlari. Þetta hugtak er kallað <a href=\"https://en.wikipedia.org/wiki/Proof_of_work\">Sönnun-á-vinnu</a>. Verkefnið er reiknað á nokkrum sekúndum og þú færð aðgang að vefsíðunni. Takk fyrir skilninginn og þolinmæðina."
 }

lib/localization/locales/th.json

@@ -1,64 +0,0 @@
-{
-  "loading": "กำลังโหลด...",
-  "why_am_i_seeing": "ทำไมถึงเห็นสิ่งนี้?",
-  "protected_by": "ปกป้องโดย",
-  "protected_from": "จาก",
-  "made_with": "สร้างด้วย ❤️ ใน 🇨🇦",
-  "mascot_design": "ออกแบบมาสค็อตโดย",
-  "ai_companies_explanation": "คุณเห็นสิ่งนี้เพราะผู้ดูแลเว็บไซต์ได้ตั้งค่า Anubis เพื่อป้องกันเซิร์ฟเวอร์จากบริษัท AI ที่ทำการขูดข้อมูลเว็บไซต์อย่างก้าวร้าว ซึ่งสามารถทำให้เว็บไซต์ล่ม และทำให้ทรัพยากรของเว็บไซต์ไม่สามารถเข้าถึงได้สำหรับทุกคน",
-  "anubis_compromise": "Anubis คือการประนีประนอม โดยใช้ระบบ Proof-of-Work คล้ายกับ Hashcash ซึ่งเป็นแนวคิดสำหรับลดสแปมอีเมล แนวคิดคือ การโหลดเพิ่มเติมในระดับผู้ใช้รายบุคคลสามารถละเลยได้ แต่ในระดับการขูดข้อมูลจำนวนมาก มันจะสะสมและทำให้การขูดแพงขึ้น",
-  "hack_purpose": "ท้ายที่สุดแล้ว นี่คือการแฮ็กที่มีวัตถุประสงค์หลักเพื่อเป็นโซลูชันชั่วคราวที่ 'เพียงพอ' เพื่อให้มีเวลาในการสร้างการตรวจจับตัวตนของเบราว์เซอร์แบบไม่มีกล่องข้อความ (เช่น ผ่านการเรนเดอร์ฟอนต์) เพื่อไม่ต้องแสดงหน้า Proof-of-Work แก่ผู้ใช้ที่มีแนวโน้มว่าจะเป็นผู้ใช้จริง",
-  "jshelter_note": "โปรดทราบว่า Anubis ต้องการใช้คุณสมบัติ JavaScript สมัยใหม่ที่ปลั๊กอินอย่าง JShelter จะปิดใช้งาน กรุณาปิด JShelter หรือปลั๊กอินลักษณะคล้ายกันสำหรับโดเมนนี้",
-  "version_info": "เว็บไซต์นี้กำลังใช้ Anubis เวอร์ชัน",
-  "try_again": "ลองอีกครั้ง",
-  "go_home": "กลับหน้าหลัก",
-  "contact_webmaster": "หากคุณเชื่อว่าไม่ควรถูกบล็อก กรุณาติดต่อผู้ดูแลเว็บไซต์ที่",
-  "connection_security": "กรุณารอสักครู่ในขณะที่เราตรวจสอบความปลอดภัยของการเชื่อมต่อของคุณ",
-  "javascript_required": "น่าเสียดายที่คุณต้องเปิดใช้ JavaScript เพื่อผ่านการทดสอบนี้ เนื่องจากบริษัท AI ได้เปลี่ยนข้อตกลงทางสังคมเกี่ยวกับการโฮสต์เว็บไซต์ ทางเลือกแบบ 'ไม่มี JS' กำลังอยู่ระหว่างการพัฒนา",
-  "benchmark_requires_js": "เครื่องมือวัดประสิทธิภาพต้องใช้ JavaScript",
-  "difficulty": "ความยาก:",
-  "algorithm": "อัลกอริธึม:",
-  "compare": "เปรียบเทียบ:",
-  "time": "เวลา",
-  "iters": "จำนวนรอบ",
-  "time_a": "เวลา A",
-  "iters_a": "รอบ A",
-  "time_b": "เวลา B",
-  "iters_b": "รอบ B",
-  "static_check_endpoint": "นี่เป็นเพียง endpoint ตรวจสอบสำหรับ reverse proxy ของคุณ",
-  "authorization_required": "ต้องมีการยืนยันตัวตน",
-  "cookies_disabled": "เบราว์เซอร์ของคุณปิดการใช้งานคุกกี้ Anubis ต้องใช้คุกกี้เพื่อตรวจสอบว่าเป็นผู้ใช้ที่แท้จริง กรุณาเปิดใช้งานคุกกี้สำหรับโดเมนนี้",
-  "access_denied": "การเข้าถึงถูกปฏิเสธ: รหัสข้อผิดพลาด",
-  "dronebl_entry": "DroneBL รายงานรายการนี้",
-  "see_dronebl_lookup": "ดู",
-  "internal_server_error": "เกิดข้อผิดพลาดในเซิร์ฟเวอร์: ผู้ดูแลระบบได้กำหนดค่า Anubis อย่างไม่ถูกต้อง กรุณาติดต่อผู้ดูแลระบบและให้เขาตรวจสอบบันทึกใกล้กับ",
-  "invalid_redirect": "การเปลี่ยนเส้นทางไม่ถูกต้อง",
-  "redirect_not_parseable": "ไม่สามารถแยกวิเคราะห์ URL สำหรับเปลี่ยนเส้นทาง",
-  "redirect_domain_not_allowed": "ไม่อนุญาตให้เปลี่ยนเส้นทางไปยังโดเมนนี้",
-  "failed_to_sign_jwt": "ไม่สามารถเซ็น JWT ได้",
-  "invalid_invocation": "เรียกใช้ MakeChallenge อย่างไม่ถูกต้อง",
-  "client_error_browser": "ข้อผิดพลาดของไคลเอนต์: กรุณาตรวจสอบว่าเบราว์เซอร์ของคุณเป็นเวอร์ชันล่าสุด และลองใหม่ในภายหลัง",
-  "oh_noes": "โอ้ ไม่!",
-  "benchmarking_anubis": "กำลังวัดประสิทธิภาพ Anubis!",
-  "you_are_not_a_bot": "คุณไม่ใช่บอท!",
-  "making_sure_not_bot": "ตรวจสอบให้แน่ใจว่าคุณไม่ใช่บอท!",
-  "celphase": "CELPHASE",
-  "js_web_crypto_error": "เบราว์เซอร์ของคุณไม่มีฟีเจอร์ web.crypto ที่ใช้งานได้ คุณกำลังดูผ่านบริบทที่ปลอดภัยหรือไม่?",
-  "js_web_workers_error": "เบราว์เซอร์ของคุณไม่รองรับ web workers (Anubis ใช้เพื่อลดการค้างของเบราว์เซอร์) คุณใช้ปลั๊กอินเช่น JShelter หรือไม่?",
-  "js_cookies_error": "เบราว์เซอร์ของคุณไม่เก็บคุกกี้ Anubis ใช้คุกกี้เพื่อเก็บโทเค็นที่เซ็นแล้วสำหรับไคลเอนต์ที่ผ่านการท้าทาย กรุณาเปิดใช้งานการเก็บคุกกี้สำหรับโดเมนนี้ ชื่อคุกกี้อาจเปลี่ยนแปลงได้โดยไม่แจ้งล่วงหน้า",
-  "js_context_not_secure": "บริบทของคุณไม่ปลอดภัย!",
-  "js_context_not_secure_msg": "ลองเชื่อมต่อผ่าน HTTPS หรือแจ้งผู้ดูแลระบบให้ตั้งค่า HTTPS สำหรับข้อมูลเพิ่มเติมดูที่ <a href=\"https://developer.mozilla.org/en-US/docs/Web/Security/Secure_Contexts#when_is_a_context_considered_secure\">MDN</a>",
-  "js_calculating": "กำลังคำนวณ...",
-  "js_missing_feature": "ไม่มีคุณลักษณะนี้",
-  "js_challenge_error": "เกิดข้อผิดพลาดในการท้าทาย!",
-  "js_challenge_error_msg": "ไม่สามารถแก้ไขอัลกอริธึมการตรวจสอบ อาจต้องโหลดหน้าใหม่",
-  "js_calculating_difficulty": "กำลังคำนวณ...<br/>ความยาก:",
-  "js_speed": "ความเร็ว:",
-  "js_verification_longer": "การตรวจสอบใช้เวลานานกว่าที่คาดไว้ กรุณาอย่ารีเฟรชหน้านี้",
-  "js_success": "สำเร็จ!",
-  "js_done_took": "เสร็จแล้ว! ใช้เวลา",
-  "js_iterations": "รอบ",
-  "js_finished_reading": "อ่านจบแล้ว ดำเนินการต่อ →",
-  "js_calculation_error": "เกิดข้อผิดพลาดในการคำนวณ!",
-  "js_calculation_error_msg": "ไม่สามารถคำนวณการท้าทายได้:"
-}

package-lock.json

@@ -1,12 +1,12 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.23.1",
+  "version": "1.23.0",
   "lockfileVersion": 3,
   "requires": true,
   "packages": {
     "": {
       "name": "@techaro/anubis",
-      "version": "1.23.1",
+      "version": "1.23.0",
       "license": "ISC",
       "dependencies": {
         "@aws-crypto/sha256-js": "^5.2.0",

package.json

@@ -1,6 +1,6 @@
 {
   "name": "@techaro/anubis",
-  "version": "1.23.1",
+  "version": "1.23.0",
   "description": "",
   "main": "index.js",
   "scripts": {

test/docker-registry/anubis.yaml

@@ -1,7 +0,0 @@
-bots:
-  - import: (data)/meta/default-config.yaml
-  - import: (data)/clients/docker-client.yaml
-
-status_codes:
-  CHALLENGE: 200
-  DENY: 403

test/docker-registry/docker-compose.yaml

@@ -1,30 +0,0 @@
-services:
-  registry:
-    image: distribution/distribution:edge
-    restart: always
-
-  relayd:
-    image: ghcr.io/xe/x/relayd
-    pull_policy: always
-    environment:
-      CERT_DIR: /etc/techaro/pki/registry.local.cetacean.club
-      CERT_FNAME: cert.pem
-      KEY_FNAME: key.pem
-      PROXY_TO: http://anubis:3000
-    ports:
-      - 3004:3004
-    volumes:
-      - ../pki/registry.local.cetacean.club:/etc/techaro/pki/registry.local.cetacean.club
-
-  anubis:
-    image: ko.local/anubis
-    restart: always
-    environment:
-      BIND: ":3000"
-      TARGET: http://registry:5000
-      POLICY_FNAME: /etc/techaro/anubis.yaml
-      USE_REMOTE_ADDRESS: "true"
-    ports:
-      - 3000
-    volumes:
-      - ./anubis.yaml:/etc/techaro/anubis.yaml

test/docker-registry/test.sh

@@ -1,29 +0,0 @@
-#!/usr/bin/env bash
-
-set -eo pipefail
-
-export VERSION=${GITHUB_SHA}-test
-export KO_DOCKER_REPO=ko.local
-
-set -u
-
-source ../lib/lib.sh
-
-build_anubis_ko
-
-function cleanup() {
-	docker compose down
-}
-
-trap cleanup EXIT SIGINT
-
-mint_cert registry.local.cetacean.club
-
-docker compose up -d
-
-backoff-retry skopeo \
-	--insecure-policy \
-	copy \
-	--dest-tls-verify=false \
-	docker://hello-world \
-	docker://registry.local.cetacean.club:3004/hello-world

test/docker-registry/var/.gitignore

@@ -1,2 +0,0 @@
-*
-!.gitignore

test/git-push/test.sh

@@ -2,7 +2,7 @@
 
 set -eo pipefail
 
-export VERSION=${GITHUB_SHA}-test
+export VERSION=$GITHUB_COMMIT-test
 export KO_DOCKER_REPO=ko.local
 
 set -u
@@ -21,16 +21,16 @@ docker compose up -d
 sleep 2
 
 (
-	cd var &&
-		mkdir foo &&
-		cd foo &&
-		git init &&
-		touch README &&
-		git add . &&
-		git config user.name "Anubis CI" &&
-		git config user.email "social+anubis-ci@techaro.lol" &&
-		git commit -sm "initial commit" &&
-		git push -u http://localhost:3000/git/foo.git master
+  cd var && \
+  mkdir foo && \
+  cd foo && \
+  git init && \
+  touch README && \
+  git add . && \
+  git config user.name "Anubis CI" && \
+  git config user.email "social+anubis-ci@techaro.lol" && \
+  git commit -sm "initial commit" && \
+  git push -u http://localhost:3000/git/foo.git master
 )
 
-exit 0
+exit 0