8000 Releases · TecharoHQ/anubis · GitHub
[go: up one dir, main page]
More Web Proxy on the site http://driver.im/
Skip to content

Releases: TecharoHQ/anubis

v1.19.1: Jenomis cen Lexentale - Echo 1

01 Jun 21:18
@Xe Xe
v1.19.1
ec733e9
Compare
Choose a tag to compare
v1.19.1: Jenomis cen Lexentale - Echo 1 Latest
Latest

Return data/bots/ai-robots-txt.yaml to avoid breaking configs #599

This is a smaller release, mostly focused on improving compatibility and fixes a few major issues with cookies.

Users should upgrade to this release as soon as possible.

What's Changed

  • style: apply structpack & goimport by @JasonLovesDoggo in #469
  • feat: add TARGET_INSECURE_SKIP_VERIFY setting to allow self-signed HTTPS backends by @Xe in #426
  • Add check-spelling v0.0.24 by @jsoref in #462
  • Overhaul anubis.freebsd by @pswilde in #427
  • ci(check-spelling): allow release names in spelling allowlists by @Xe in #483
  • test(playwright): Add Docker and Podman support by @SlyEcho in #433
  • chore(go.mod): move yeet to be a go tool by @Xe in #485
  • fix(jwt): update nonce value in challenge JWT cookie to be a string by @JasonLovesDoggo in #486
  • feat(ci): use dynamic repository owner and name in Docker actions by @JasonLovesDoggo in #487
  • fix(bots/phrik): add IPv6 address for phrik by @Xe in #494
  • build(deps-dev): bump the npm group with 3 updates by @dependabot in #496
  • fix(lib): use a new cookie per domain when COOKIE_DOMAIN is set by @Xe in #490
  • docs(known-instances): add some entries to the list by @Xe in #497
  • fix(lib): make ClearCookie respect the dynamic cookie name by @Xe in #500
  • fix(systemd): add RuntimeDirectory by @Xe in #510
  • docs: add HTMX workaround by @Xe in #511
  • Bump AI-robots.txt rules to version 1.30 by @Dryusdan in #509
  • feat: add TARGET_HOST to allow overriding the Host header when forwarding requests by @OatmealDome in #507
  • feat(apps): add SearXNG instance tracker policy and Qualys Labs SSL testing rules by @Xe in #512
  • feat(apps): Make SASL login work on bookstack with Anubis by @Dryusdan in #502
  • feat(lib): ensure that clients store cookies by @Xe in #501
  • chore(docs/deploy): move to new cluster by @Xe in #519
  • Add reddit.nerdvpn.de to known instances by @Lenni-builder in #518
  • fix(lib): properly clear out test cookie by @Xe in #522
  • build(deps): bump the github-actions group with 4 updates by @dependabot in #523
  • docs: REDIRECT_DOMAINS must include port numbers by @gucci-on-fleek in #521
  • docs: correct the path for the default configuration file by @gravityfargo in #535
  • Bump AI-robots.txt rules to version 1.31 by @Dryusdan in #538
  • feat: add TARGET_SNI to allow overriding the TLS handshake hostname when forwarding requests by @jprenken in #529
  • fix(lib): record challenges issused over embedded HTML by @Xe in #543
  • docs(native-install): vague gesturing at distribution package managers by @Xe in #544
  • fix(expression): add validation for empty expression list in CEL by @JasonLovesDoggo in #545
  • docs(admin): add wordpress docs by @Xe in #552
  • Create Anubis OpenRC init.d script by @CyberTailor in #561
  • build(deps): bump astral-sh/setup-uv from 6.0.1 to 6.1.0 in the github-actions group by @dependabot in #558
  • add Weblate to known-instances.md by @jordigh in #571
  • feat(cli): Add --version flag by @kdkasad in #572
  • build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 in the gomod group by @dependabot in #524
  • fix(internal): register mime type for .mjs files by @Xe in #577
  • feat(expressions): add randInt function to allow making rules nondeterministic by @Xe in #578
  • feat(data): add x-firefox-ai default challenge rule by @Xe in #580
  • fix(internal/test): skip integration tests if SKIP_INTEGRATION is set by @Xe in #586
  • feat(yeetfile): build GOARCH=ppc64le packages by @Xe in #583
  • feat(lib): Add proxied requests counter metric by @kdkasad in #570
  • fix(web): show Anubis version number on challenge pages by @Xe in #587
  • fix(lib): only use the first five characters of Accept-Language header values by @Xe in #588
  • style(bench): small cleanup by @JasonLovesDoggo in #546
  • feat(lib): annotate cookies with what rule was passed by @Xe in #576
  • Add Applebot definition by @tabletcorry in #589
  • docs(known-instances): Add Gitea by @jesentz in #591
  • Opt-in policies for OpenAI and MistralAI bots by @tabletcorry in #590
  • docs(known-instances): add openwrt.org by @Aloki in #594
  • docs(known-instances): add catgirl.click by @Zohiu in #597
  • add my site to known-instances.md by @minihoot in #595
  • Split up AI filtering files by @tabletcorry in #592

New Contributors

Full Changelog: v1.18.0...v1.19.1

Contributors

jordigh, tabletcorry, and 18 other contributors
Assets 30

v1.19.0: Jenomis cen Lexentale

01 Jun 20:38
@Xe Xe
v1.19.0
44d5ec0
Compare
Choose a tag to compare
v1.19.0: Jenomis cen Lexentale

NOTE:

Prefer v1.19.1. This has a config bug that was fixed in v1.19.1.

This is a smaller release, mostly focused on improving compatibility and fixes a few major issues with cookies.

Users should upgrade to this release as soon as possible.

What's Changed

  • style: apply structpack & goimport by @JasonLovesDoggo in #469
  • feat: add TARGET_INSECURE_SKIP_VERIFY setting to allow self-signed HTTPS backends by @Xe in #426
  • Add check-spelling v0.0.24 by @jsoref in #462
  • Overhaul anubis.freebsd by @pswilde in #427
  • ci(check-spelling): allow release names in spelling allowlists by @Xe in #483
  • test(playwright): Add Docker and Podman support by @SlyEcho in #433
  • chore(go.mod): move yeet to be a go tool by @Xe in #485
  • fix(jwt): update nonce value in challenge JWT cookie to be a string by @JasonLovesDoggo in #486
  • feat(ci): use dynamic repository owner and name in Docker actions by @JasonLovesDoggo in #487
  • fix(bots/phrik): add IPv6 address for phrik by @Xe in #494
  • build(deps-dev): bump the npm group with 3 updates by @dependabot in #496
  • fix(lib): use a new cookie per domain when COOKIE_DOMAIN is set by @Xe in #490
  • docs(known-instances): add some entries to the list by @Xe in #497
  • fix(lib): make ClearCookie respect the dynamic cookie name by @Xe in #500
  • fix(systemd): add RuntimeDirectory by @Xe in #510
  • docs: add HTMX workaround by @Xe in #511
  • Bump AI-robots.txt rules to version 1.30 by @Dryusdan in #509
  • feat: add TARGET_HOST to allow overriding the Host header when forwarding requests by @OatmealDome in #507
  • feat(apps): add SearXNG instance tracker policy and Qualys Labs SSL testing rules by @Xe in #512
  • feat(apps): Make SASL login work on bookstack with Anubis by @Dryusdan in #502
  • feat(lib): ensure that clients store cookies by @Xe in #501
  • chore(docs/deploy): move to new cluster by @Xe in #519
  • Add reddit.nerdvpn.de to known instances by @Lenni-builder in #518
  • fix(lib): properly clear out test cookie by @Xe in #522
  • build(deps): bump the github-actions group with 4 updates by @dependabot in #523
  • docs: REDIRECT_DOMAINS must include port numbers by @gucci-on-fleek in #521
  • docs: correct the path for the default configuration file by @gravityfargo in #535
  • Bump AI-robots.txt rules to version 1.31 by @Dryusdan in #538
  • feat: add TARGET_SNI to allow overriding the TLS handshake hostname when forwarding requests by @jprenken in #529
  • fix(lib): record challenges issused over embedded HTML by @Xe in #543
  • docs(native-install): vague gesturing at distribution package managers by @Xe in #544
  • fix(expression): add validation for empty expression list in CEL by @JasonLovesDoggo in #545
  • docs(admin): add wordpress docs by @Xe in #552
  • Create Anubis OpenRC init.d script by @CyberTailor in #561
  • build(deps): bump astral-sh/setup-uv from 6.0.1 to 6.1.0 in the github-actions group by @dependabot in #558
  • add Weblate to known-instances.md by @jordigh in #571
  • feat(cli): Add --version flag by @kdkasad in #572
  • build(deps): bump k8s.io/apimachinery from 0.33.0 to 0.33.1 in the gomod group by @dependabot in #524
  • fix(internal): register mime type for .mjs files by @Xe in #577
  • feat(expressions): add randInt function to allow making rules nondeterministic by @Xe in #578
  • feat(data): add x-firefox-ai default challenge rule by @Xe in #580
  • fix(internal/test): skip integration tests if SKIP_INTEGRATION is set by @Xe in #586
  • feat(yeetfile): build GOARCH=ppc64le packages by @Xe in #583
  • feat(lib): Add proxied requests counter metric by @kdkasad in #570
  • fix(web): show Anubis version number on challenge pages by @Xe in #587
  • fix(lib): only use the first five characters of Accept-Language header values by @Xe in #588
  • style(bench): small cleanup by @JasonLovesDoggo in #546
  • feat(lib): annotate cookies with what rule was passed by @Xe in #576
  • Add Applebot definition by @tabletcorry in #589
  • docs(known-instances): Add Gitea by @jesentz in #591
  • Opt-in policies for OpenAI and MistralAI bots by @tabletcorry in #590
  • docs(known-instances): add openwrt.org by @Aloki in #594
  • docs(known-instances): add catgirl.click by @Zohiu in #597
  • add my site to known-instances.md by @minihoot in #595
  • Split up AI filtering files by @tabletcorry in #592

New Contributors

Full Changelog: v1.18.0...v1.19.0

Contributors

jordigh, tabletcorry, and 18 other contributors
Loading
0 Join discussion

v1.19.0-pre1: Jenomis cen Lexentale

25 May 18:11
@Xe Xe
v1.19.0-pre1
fa1f235
Compare
Choose a tag to compare
v1.19.0-pre1: Jenomis cen Lexentale Pre-release
Pre-release

What's Changed

  • style: apply structpack & goimport by @JasonLovesDoggo in #469
  • feat: add TARGET_INSECURE_SKIP_VERIFY setting to allow self-signed HTTPS backends by @Xe in #426
  • Add check-spelling v0.0.24 by @jsoref in #462
  • Overhaul anubis.freebsd by @pswilde in #427
  • ci(check-spelling): allow release names in spelling allowlists by @Xe in #483
  • test(playwright): Add Docker and Podman support by @SlyEcho in #433
  • chore(go.mod): move yeet to be a go tool by @Xe in #485
  • fix(jwt): update nonce value in challenge JWT cookie to be a string by @JasonLovesDoggo in #486
  • feat(ci): use dynamic repository owner and name in Docker actions by @JasonLovesDoggo in #487
  • fix(bots/phrik): add IPv6 address for phrik by @Xe in #494
  • build(deps-dev): bump the npm group with 3 updates by @dependabot in #496
  • fix(lib): use a new cookie per domain when COOKIE_DOMAIN is set by @Xe in #490
  • docs(known-instances): add some entries to the list by @Xe in #497
  • fix(lib): make ClearCookie respect the dynamic cookie name by @Xe in #500
  • fix(systemd): add RuntimeDirectory by @Xe in #510
  • docs: add HTMX workaround by @Xe in #511
  • Bump AI-robots.txt rules to version 1.30 by @Dryusdan in #509
  • feat: add TARGET_HOST to allow overriding the Host header when forwarding requests by @OatmealDome in #507
  • feat(apps): add SearXNG instance tracker policy and Qualys Labs SSL testing rules by @Xe in #512
  • feat(apps): Make SASL login work on bookstack with Anubis by @Dryusdan in #502
  • feat(lib): ensure that clients store cookies by @Xe in #501
  • chore(docs/deploy): move to new cluster by @Xe in #519
  • Add reddit.nerdvpn.de to known instances by @Lenni-builder in #518
  • fix(lib): properly clear out test cookie by @Xe in #522
  • build(deps): bump the github-actions group with 4 updates by @dependabot in #523
  • docs: REDIRECT_DOMAINS must include port numbers by @gucci-on-fleek in #521
  • docs: correct the path for the default configuration file by @gravityfargo in #535
  • Bump AI-robots.txt rules to version 1.31 by @Dryusdan in #538
  • feat: add TARGET_SNI to allow overriding the TLS handshake hostname when forwarding requests by @jprenken in #529
  • fix(lib): record challenges issused over embedded HTML by @Xe in #543
  • docs(native-install): vague gesturing at distribution package managers by @Xe in #544
  • fix(expression): add validation for empty expression list in CEL by @JasonLovesDoggo in #545
  • docs(admin): add wordpress docs by @Xe in #552

New Contributors

Full Changelog: v1.18.0...v1.19.0-pre1

Contributors

Xe, SlyEcho, and 10 other contributors
Loading
0 Join discussion

v1.18.0: Varis zos Galvus

09 May 16:31
@Xe Xe
v1.18.0
8c7640a
Compare
Choose a tag to compare
v1.18.0: Varis zos Galvus

The big ticket feature in this release is CEL expression matching support. This allows you to tailor your approach for the individual services you are protecting.

These can be as simple as:

- name: allow-api-requests
  action: ALLOW
  expression:
    all:
      - '"Accept" in headers'
      - 'headers["Accept"] == "application/json"'
      - 'path.startsWith("/api/")'

Or as complicated as:

- name: allow-git-clients
  action: ALLOW
  expression:
    all:
      - >-
        (  
          userAgent.startsWith("git/") ||
          userAgent.contains("libgit") ||
          userAgent.startsWith("go-git") ||
          userAgent.startsWith("JGit/") ||
          userAgent.startsWith("JGit-")
        )
      - '"Git-Protocol" in headers'
      - headers["Git-Protocol"] == "version=2"

The docs have more information, but here's a tl;dr of the variables you have access to in expressions:

Name Type Explanation Example
headers map[string, string] The headers of the request being processed. {"User-Agent": "Mozilla/5.0 Gecko/20100101 Firefox/137.0"}
host string The HTTP hostname the request is targeted to. anubis.techaro.lol
method string The HTTP method in the request being processed. GET, POST, DELETE, etc.
path string The path of the request being processed. /, /api/memes/create
query map[string, string] The query parameters of the request being processed. ?foo=bar -> {"foo": "bar"}
remoteAddress string The IP address of the client. 1.1.1.1
userAgent string The User-Agent string in the request being processed. Mozilla/5.0 Gecko/20100101 Firefox/137.0

This will be made more elaborate in the future. Give me time. This is a simple, lovable, and complete implementation of this feature so that administrators can get hacking ASAP.

Other changes:

  • Use CSS variables to deduplicate styles
  • Fixed native packages not containing the stdlib and botPolicies.yaml
  • Change import syntax to allow multi-level imports
  • Changed the startup logging to use JSON formatting as all the other logs do.
  • Added the ability to do expression matching with CEL
  • Add a warning for clients that don't store cookies
  • Disable Open Graph passthrough by default (#435)
  • Clarify the license of the mascot images (#442)
  • Started Suppressing 'Context canceled' errors from http in the logs (#446)

What's Changed

  • docs(known-instances): add ScummVM by @lotharsm in #411
  • fix(web): Avoid timestamping main.mjs.gz by @heftig in #412
  • docs(known-instances): Add FreeCAD Wiki to known instances by @twihno in #414
  • fix(yeetfile): copy all docs, data files, and botPolicies.yaml by @Xe in #419
  • feat(config): allow multi-level imports by @Xe in #402
  • fix(cmd/anubis): print "Rule error IDs" in JSON by @SlyEcho in #408
  • Update nginx.mdx upstream syntax by @kkremitzki in #397
  • deduplicate css rules by using media query to set variables by @barmintor in #420
  • docs(user): add frequently asked questions page by @Xe in #422
  • docs: add caddy docs by @Xe in #423
  • docs(apache): make listener run on port 3001 by @mans17 in #430
  • feat(checker): add CEL for matching complicated expressions by @Xe in #421
  • build(deps): bump the github-actions group with 3 updates by @dependabot in #439
  • zizmor: add config file to silence unpinned-uses of Homebrew/actions by @p-linnane in #441
  • fix(anubis): disable opengraph passthru by default by @Xe in #447
  • Spelling by @jsoref in #445
  • feat(js): stop execution if the client disabled cookies by @Xe in #438
  • chore(static/img): add mascot attributions to the repo by @Xe in #448
  • chore(sponsors): add canine.tools by @hyperdefined in #450
  • ci: add govulncheck by @Xe in #456
  • ci(go): fix govulncheck by @Xe in #464
  • build(deps): bump the gomod group across 1 directory with 4 updates by @dependabot in #457
  • docs: add missing subrequest auth configuration by @nijel in #463
  • feat(log): implement custom error log filter to suppress "context can… by @JasonLovesDoggo in #470
  • Trim spaces from elements of split XFF string by @dchandekstark in #459
  • fix(js): use pure JS SHA256 library, refactor by @Xe in #471
  • Revert "fix(js): use pure JS SHA256 library, refactor" by @Xe in #475

New Contributors

Full Changelog: v1.17.1...v1.18.0

Contributors

barmintor, dchandekstark, and 13 other contributors
Loading
0 Join discussion

v1.18.0-pre1: Varis zos Galvus

05 May 21:29
@Xe Xe
v1.18.0-pre1
e64987e
Compare
Choose a tag to compare
v1.18.0-pre1: Varis zos Galvus Pre-release
Pre-release

The big ticket feature in this release is CEL expression matching support. This allows you to tailor your approach for the individual services you are protecting.

These can be as simple as:

- name: allow-api-requests
  action: ALLOW
  expression:
    all:
      - '"Accept" in headers'
      - 'headers["Accept"] == "application/json"'
      - 'path.startsWith("/api/")'

Or as complicated as:

- name: allow-git-clients
  action: ALLOW
  expression:
    all:
    - >-
      (  
        userAgent.startsWith("git/") ||
        userAgent.contains("libgit") ||
        userAgent.startsWith("go-git") ||
        userAgent.startsWith("JGit/") ||
        userAgent.startsWith("JGit-")
      )
    - '"Git-Protocol" in headers'
    - headers["Git-Protocol"] == "version=2"

The docs have more information, but here's a tl;dr of the variables you have access to in expressions:

Name Type Explanation Example
headers map[string, string] The headers of the request being processed. {"User-Agent": "Mozilla/5.0 Gecko/20100101 Firefox/137.0"}
host string The HTTP hostname the request is targeted to. anubis.techaro.lol
method string The HTTP method in the request being processed. GET, POST, DELETE, etc.
path string The path of the request being processed. /, /api/memes/create
query map[string, string] The query parameters of the request being processed. ?foo=bar -> {"foo": "bar"}
remoteAddress string The IP address of the client. 1.1.1.1
userAgent string The User-Agent string in the request being processed. Mozilla/5.0 Gecko/20100101 Firefox/137.0

This will be made more elaborate in the future. Give me time. This is a simple, lovable, and complete implementation of this feature so that administrators can get hacking ASAP.

What's Changed

  • docs(known-instances): add ScummVM by @lotharsm in #411
  • fix(web): Avoid timestamping main.mjs.gz by @heftig in #412
  • docs(known-instances): Add FreeCAD Wiki to known instances by @twihno in #414
  • fix(yeetfile): copy all docs, data files, and botPolicies.yaml by @Xe in #419
  • feat(config): allow multi-level imports by @Xe in #402
  • fix(cmd/anubis): print "Rule error IDs" in JSON by @SlyEcho in #408
  • Update nginx.mdx upstream syntax by @kkremitzki in #397
  • deduplicate css rules by using media query to set variables by @barmintor in #420
  • docs(user): add frequently asked questions page by @Xe in #422
  • docs: add caddy docs by @Xe in #423
  • docs(apache): make listener run on port 3001 by @mans17 in #430
  • feat(checker): add CEL for matching complicated expressions by @Xe in #421
  • build(deps): bump the github-actions group with 3 updates by @dependabot in #439
  • zizmor: add config file to silence unpinned-uses of Homebrew/actions by @p-linnane in #441
  • fix(anubis): disable opengraph passthru by default by @Xe in #447
  • Spelling by @jsoref in #445
  • feat(js): stop execution if the client disabled cookies by @Xe in #438
  • chore(static/img): add mascot attributions to the repo by @Xe in #448

New Contributors

Full Changelog: v1.17.1...v1.18.0-pre1

Contributors

barmintor, heftig, and 9 other contributors
Loading
0 Join discussion

v1.17.1: Asahi sas Brutus: Echo 1

01 May 17:35
@Xe Xe
v1.17.1
63b8411
Compare
Choose a tag to compare
v1.17.1: Asahi sas Brutus: Echo 1

A smaller release this time, getting the low hanging fruit off the plate so I can ship expressions v1.

What's Changed

  • Bump AI-robots.txt rules to version 1.29 by @Dryusdan in #383
  • build(deps): bump the github-actions group with 4 updates by @dependabot in #387
  • build(deps-dev): bump esbuild from 0.25.2 to 0.25.3 in the npm group by @dependabot in #388
  • feat(og): Foward host header by @JasonLovesDoggo in #370
  • feat(config): add ability to customize HTTP status codes Anubis returns by @Xe in #393
  • feat: enable Open Graph tag passthrough by default by @JasonLovesDoggo in #348
  • feat: make authorization cookie default expiration time customizable by @Nydauron in #389
  • Update information on workarounds for JShelter by @polcak in #399
  • docs: Add FreeCAD Forum to list of known users by @twihno in #407

New Contributors

Full Changelog: v1.17.0...v1.17.1

Contributors

Xe, polcak, and 5 other contributors
Loading
1 Join discussion

v1.17.0: Asahi sas Brutus

27 Apr 19:23
@Xe Xe
v1.17.0
b0f0913
This commit was signed with the committer’s verified signature.
Xe Xe Iaso
SSH Key Fingerprint: hOYgRDm/OlR9niXcXyjzRoCUK62vyPDKahQfoWqeN7g
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.0: Asahi sas Brutus

v.1.17.0 is a rather large release. This kind of giant feature release will not happen again as this has caused significant problems with testing in various configurations. Automated testing is being worked on but I have nothing to report yet.

Big-ticket features include but are not limited to:

  • Configuration can be in YAML or JSON
  • Configuration snippets can be imported from the default library or anywhere on the filesystem
  • Default rules now flag "Opera" after seeing an attack in the wild that does that
  • Many documentation and build script fixes
  • AI-robots.txt rules are added to the default config to stop the worst offenders that care to identify themselves
  • Apache, Nginx, and Traefik have gotten documentation
  • Users can match by headers as well as user agents or paths
  • Internal refactoring to make Anubis faster and easier to maintain
  • "Secondary screening" has been removed to give a more consistent user experience
  • The Internet Archive is allowlisted by default
  • X-Forwarded-For header calculation should be a bit better
  • Subpath support (run anubis on /git)
  • Many implicit things have been documented

And more. I will try to tag new versions more aggressively in the future. Big releases like this suck and I don't like having to do them.

What's Changed

  • dev: Improvements to build scripts by @SlyEcho in #232
  • docs/user/known-instances: add page by @fossdd in #214
  • feat: update botPolicies for DuckDuckGo web crawler by @thatonecodes in #250
  • workflows: hash pin more Actions by @p-linnane in #241
  • feat(docs): expand known instances list with new entries by @JasonLovesDoggo in #254
  • docs/docs/user/known-instances.md: remove duplicate scioly.org mention by @rayes0 in #259
  • feat(docs): grammar fixes & updates for known users by @hyperdefined in #257
  • use depot builders by @Xe in #262
  • cmd/containerbuild/main.go: fix docker tag parsing by @rayes0 in #260
  • fix(fetch): improve error handling for Content-Type parsing by @JasonLovesDoggo in #253
  • Docs pallete fix by @B4uti4github in #271
  • build(deps): bump the gomod group with 3 updates by @dependabot in #265
  • build(deps): bump github/codeql-action from 3.28.13 to 3.28.15 in the github-actions group by @dependabot in #264
  • Create Anubis FreeBSD rc.d script by @pswilde in #274
  • docs/blog: remove by @fossdd in #273
  • Docs: add nginx with Anubis in the middle configuration example by @massar in #282
  • perf: embed challenge data in HTML by @ryanccn in #279
  • Allow ranges from the Internet Archive (AS7941) by @ecdfeaa2 in #276
  • Add 'Opera' to 'generic-browser' bot policy rule by @mjeanson in #220
  • Add more AI user agent in botPolicies.json by @Dryusdan in #249
  • docs/admin/installation: Apache documentation by @Xe in #290
  • docs/admin: break per-environment details into their own pages by @Xe in #292
  • Use outline shorthand by @JasonLovesDoggo in #293
  • Add Haiku to known instances by @AsmodeumX in #304
  • Add headers bot rule by @Neur0toxine in #300
  • added an another git.lupancham.net to known instances of use by @Thinkseal in #296
  • Update known-instances.md by @Xe in #309
  • feat(docs): added info on how to configure traefik by @snoweuph in #255
  • lib: move config to yaml by @Xe in #307
  • docs: Update changelog with consistent periods by @JasonLovesDoggo in #313
  • build(deps): bump astral-sh/setup-uv from 5.4.1 to 5.4.2 in the github-actions group by @dependabot in #312
  • feat(lib): use Checker type instead of ad-hoc logic by @Xe in #318
  • data: disable generic-bot-catchall by default by @Xe in #322
  • chore(ci): migrate to TecharoHQ/yeet by @Xe in #323
  • chore(known-instances): Add https://git.devuan.org/ by @Xe in #324
  • fix: improve error handling and create the json encoder once #331 by @JasonLovesDoggo in #332
  • fix(docs): make the docs respect light/dark mode by @Xe in #334
  • feat(cmd/anubis): compute full XFF header by @acuteaura in #328
  • feat: enable loading config fragments by @Xe in #321
  • build(deps): bump http-proxy-middleware from 2.0.7 to 2.0.9 in /docs by @dependabot in #335
  • build(deps): bump estree-util-value-to-estree from 3.3.2 to 3.3.3 in /docs by @dependabot in #336
  • feat(xess): move CSS color definitions to CSS variables by @Xe in #339
  • Add documentation for default allow behavior by @lucrnz in #346
  • fix(lib): use correct URL for path checker in PassChallenge by @compilade in #347
  • README: represent repology badge in 3 column format by @luzpaz in #349
  • Fix: mojeekbot regex by @igorbrai in #351
  • Fix Traegik but funny typos by @remyzandwijk in #356
  • docs(known-instances): add NixOS Hydra by @RossComputerGuy in #358
  • docs: Fix nginx.mdx indentation by @diegoe in #359
  • docs(README): enable dark mode for the star history view by @Xe in #360
  • feat: more elaborate XFF compute by @acuteaura in #350
  • fix(docs): fix typos in Traefik integration docs by @thatonecodes in #361
  • docs(install): note that Anubis needs certain paths proxied by @Xe in #363
  • Add check endpoint which can be used with nginx' auth_request function by @SuperSandro2000 in #266
  • feat: add support for a base prefix by @JasonLovesDoggo in #294
  • fix(lib): make Anubis less paranoid by @Xe in #365
  • fix(config): remove trailing newlines in regexes by @Xe in #373
  • docs(known-instances): add Codeberg by @p0008874 in #381
  • test(config): add Xesite's old policy file to known good test cases by @Xe in #382
  • README.md: Fix link to policy definition docs. by @Kistaro in #380
  • refactor(lib): Split up anubis.go into some smaller files. by @JasonLovesDoggo in #379
  • ci(packages): final pre-release yeet bump by @Xe in #384

New Contributors

Read more

Contributors

Kistaro, Xe, and 29 other contributors
Loading
0 Join discussion

v1.17.0-beta4: Now with fixed version numbers

26 Apr 17:58
@Xe Xe
v1.17.0-beta4
This tag was signed with the committer’s verified signature.
Xe Xe Iaso
SSH Key Fingerprint: 4VmLEcSFkJqNVktQ6/3CA2uSk8wGZ8VEzLmTQTyjngM
Verified
Learn about vigilant mode.
d8f9239
This commit was signed with the committer’s verified signature.
Xe Xe Iaso
SSH Key Fingerprint: 4VmLEcSFkJqNVktQ6/3CA2uSk8wGZ8VEzLmTQTyjngM
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.0-beta4: Now with fixed version numbers Pre-release
Pre-release

Today I learned that if you have two tags pointing to the same commit in Git and your git version detection logic is the output of git describe --tags --dirty, git will return the first tag and not the second. So in order to actually bump the version number in that detection logic, you need to push a dummy commit in order for that version number to actually change.

Aren't computers grand?

What's Changed

  • fix(config): remove trailing newlines in regexes by @Xe in #373

Full Changelog: v1.17.0-beta1...v1.17.0-beta4

Contributors

Xe
Loading
1 Join discussion

v1.17.0-beta3

26 Apr 17:45
@Xe Xe
v1.17.0-beta3
ef52550
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.0-beta3 Pre-release
Pre-release

Hotfix: remove trailing newlines in regexes from default configuration file, alter tests so that can't repeat.
Hotfix: label the tag properly or else yeet makes the version number wrong

I wish there was literally any other option than YAML for something that makes it easy to write regexes inline.

What's Changed

  • fix(config): remove trailing newlines in regexes by @Xe in #373

Full Changelog: v1.17.0-beta1...v1.17.0-beta2

Contributors

Xe
Loading
1 Join discussion

v1.17.0-beta1

25 Apr 19:10
@Xe Xe
v1.17.0-beta1
c669b47
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.
Compare
Choose a tag to compare
v1.17.0-beta1 Pre-release
Pre-release

This is a pre-release to test things after a lot of forward progress has been made. Big-ticket features include but are not limited to:

  • Configuration can be in YAML or JSON
  • Configuration snippets can be imported from the default library or anywhere on the filesystem
  • Default rules now flag "Opera" after seeing an attack in the wild that does that
  • Many documentation and build script fixes
  • AI-robots.txt rules are added to the default config to stop the worst offenders that care to identify themselves
  • Apache, Nginx, and Traefik have gotten documentation
  • Users can match by headers as well as user agents or paths
  • Internal refactoring to make Anubis faster and easier to maintain
  • "Secondary screening" has been removed to give a more consistent user experience
  • The Internet Archive is allowlisted by default
  • X-Forwarded-For header calculation should be a bit better
  • Subpath support (run anubis on /git)
  • Many implicit things have been documented

And more. I will try to tag new versions more aggressively in the future.

What's Changed

  • dev: Improvements to build scripts by @SlyEcho in #232
  • docs/user/known-instances: add page by @fossdd in #214
  • feat: update botPolicies for DuckDuckGo web crawler by @thatonecodes in #250
  • workflows: hash pin more Actions by @p-linnane in #241
  • feat(docs): expand known instances list with new entries by @JasonLovesDoggo in #254
  • docs/docs/user/known-instances.md: remove duplicate scioly.org mention by @rayes0 in #259
  • feat(docs): grammar fixes & updates for known users by @hyperdefined in #257
  • use depot builders by @Xe in #262
  • cmd/containerbuild/main.go: fix docker tag parsing by @rayes0 in #260
  • fix(fetch): improve error handling for Content-Type parsing by @JasonLovesDoggo in #253
  • Docs pallete fix by @B4uti4github in #271
  • build(deps): bump the gomod group with 3 updates by @dependabot in #265
  • build(deps): bump github/codeql-action from 3.28.13 to 3.28.15 in the github-actions group by @dependabot in #264
  • Create Anubis FreeBSD rc.d script by @pswilde in #274
  • docs/blog: remove by @fossdd in #273
  • Docs: add nginx with Anubis in the middle configuration example by @massar in #282
  • perf: embed challenge data in HTML by @ryanccn in #279
  • Allow ranges from the Internet Archive (AS7941) by @ecdfeaa2 in #276
  • Add 'Opera' to 'generic-browser' bot policy rule by @mjeanson in #220
  • Add more AI user agent in botPolicies.json by @Dryusdan in #249
  • docs/admin/installation: Apache documentation by @Xe in #290
  • docs/admin: break per-environment details into their own pages by @Xe in #292
  • Use outline shorthand by @JasonLovesDoggo in #293
  • Add Haiku to known instances by @AsmodeumX in #304
  • Add headers bot rule by @Neur0toxine in #300
  • added an another git.lupancham.net to known instances of use by @Thinkseal in #296
  • Update known-instances.md by @Xe in #309
  • feat(docs): added info on how to configure traefik by @snoweuph in #255
  • lib: move config to yaml by @Xe in #307
  • docs: Update changelog with consistent periods by @JasonLovesDoggo in #313
  • build(deps): bump astral-sh/setup-uv from 5.4.1 to 5.4.2 in the github-actions group by @dependabot in #312
  • feat(lib): use Checker type instead of ad-hoc logic by @Xe in #318
  • data: disable generic-bot-catchall by default by @Xe in #322
  • chore(ci): migrate to TecharoHQ/yeet by @Xe in #323
  • chore(known-instances): Add https://git.devuan.org/ by @Xe in #324
  • fix: improve error handling and create the json encoder once #331 by @JasonLovesDoggo in #332
  • fix(docs): make the docs respect light/dark mode by @Xe in #334
  • feat(cmd/anubis): compute full XFF header by @acuteaura in #328
  • feat: enable loading config fragments by @Xe in #321
  • build(deps): bump http-proxy-middleware from 2.0.7 to 2.0.9 in /docs by @dependabot in #335
  • build(deps): bump estree-util-value-to-estree from 3.3.2 to 3.3.3 in /docs by @dependabot in #336
  • feat(xess): move CSS color definitions to CSS variables by @Xe in #339
  • Add documentation for default allow behavior by @lucrnz in #346
  • fix(lib): use correct URL for path checker in PassChallenge by @compilade in #347
  • README: represent repology badge in 3 column format by @luzpaz in #349
  • Fix: mojeekbot regex by @igorbrai in #351
  • Fix Traegik but funny typos by @remyzandwijk in #356
  • docs(known-instances): add NixOS Hydra by @RossComputerGuy in #358
  • docs: Fix nginx.mdx indentation by @diegoe in #359
  • docs(README): enable dark mode for the star history view by @Xe in #360
  • feat: more elaborate XFF compute by @acuteaura in #350
  • fix(docs): fix typos in Traefik integration docs by @thatonecodes in #361
  • docs(install): note that Anubis needs certain paths proxied by @Xe in #363
  • Add check endpoint which can be used with nginx' auth_request function by @SuperSandro2000 in #266
  • feat: add support for a base prefix by @JasonLovesDoggo in #294
  • fix(lib): make Anubis less paranoid by @Xe in #365

New Contributors

Full Changelog: v1.16.0...v1.17.0-beta1

Contributors

Xe, mjeanson, and 27 other contributors
Loading
0 Join discussion
0