4.7 KiB
| sidebar_position |
|---|
| 999 |
Changelog
All notable changes to this project will be documented in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
[Unreleased]
v1.15.0
Zenos yae Galvus
Yes...the coming days promise to be most interesting. Most interesting.
Headline changes:
- ed25519 signing keys for Anubis can be stored in the flag
--ed25519-private-key-hexor envvarED25519_PRIVATE_KEY_HEX; if one is not provided when Anubis starts, a new one is generated and logged - Add the ability to set the cookie domain with the envvar
COOKIE_DOMAIN=techaro.lolfor all domains undertecharo.lol - Add the ability to set the cookie partitioned flag with the envvar
COOKIE_PARTITIONED=true
Many other small changes were made, including but not limited to:
- Fixed and clarified installation instructions
- Introduced integration tests using Playwright
- Refactor & Split up Anubis into cmd and lib.go
- Fixed bot check to only apply if address range matches
- Fix default difficulty setting that was broken in a refactor
- Linting fixes
- Make dark mode diff lines readable in the documentation
- Fix CI based browser smoke test
Users running Anubis' test suite may run into issues with the integration tests on Windows hosts. This is a known issue and will be fixed at some point in the future. In the meantime, use the Windows Subsystem for Linux (WSL).
v1.14.2
Livia sas Junius: Echo 2
- Remove default RSS reader rule as it may allow for a targeted attack against rails apps #67
- Whitelist MojeekBot in botPolicies #47
- botPolicies regex has been cleaned up #66
v1.14.1
Livia sas Junius: Echo 1
- Set the
X-Real-Ipheader based on the contents ofX-Forwarded-For#62
v1.14.0
Livia sas Junius
Fail to do as my lord commands...and I will spare him the trouble of blocking you.
-
Add explanation of what Anubis is doing to the challenge page #25
-
Administrators can now define artificially hard challenges using the "slow" algorithm:
{ "name": "generic-bot-catchall", "user_agent_regex": "(?i:bot|crawler)", "action": "CHALLENGE", "challenge": { "difficulty": 16, "report_as": 4, "algorithm": "slow" } }This allows administrators to cause particularly malicious clients to use unreasonable amounts of CPU. The UI will also lie to the client about the difficulty.
-
Docker images now explicitly call
docker.io/library/<thing>to increase compatibility with Podman et. al #21 -
Don't overflow the image when browser windows are small (eg. on phones) #27
-
Lower the default difficulty to 4 from 5
-
Don't duplicate work across multiple threads #36
-
Documentation has been moved to https://anubis.techaro.lol/ with sources in docs/
-
Removed several visible AI artifacts (e.g., 6 fingers) #37
-
Fixed hang when navigator.hardwareConcurrency is undefined
-
Support Unix domain sockets #45
-
Allow filtering by remote addresses:
{ "name": "qwantbot", "user_agent_regex": "\\+https\\:\\/\\/help\\.qwant\\.com/bot/", "action": "ALLOW", "remote_addresses": ["91.242.162.0/24"] }This also works at an IP range level:
{ "name": "internal-network", "action": "ALLOW", "remote_addresses": ["100.64.0.0/10"] }
1.13.0
- Proof-of-work challenges are drastically sped up #19
- Docker images are now built with the timestamp set to the commit timestamp
- The README now points to TecharoHQ/anubis instead of Xe/x
- Images are built using ko instead of
docker buildx build#13