Merge branch 'codex-v030-wire'

Bumps codex to v0.3.0 and aligns iblogs's save-time PII filter chain with codex's ProjectZomboidRedactor. Removes the redundant in-tree IPv4Filter / IPv6Filter chain entries (codex now handles IPs end-to-end including port suffixes). Adds PZ-specific Steam ID / player-name / coordinate scrubbing the prior chain never had.
feat: align save-time redaction with codex v0.3.0 ProjectZomboidRedactor
2026-05-06 19:12:50 +00:00 · 2026-05-06 19:12:50 +00:00 · 2026-05-04 10:59:43 +00:00 · 2026-05-04 10:59:37 +00:00
6 changed files with 53 additions and 8 deletions
--- a/1
+++ b/1
@@ -2,6 +2,7 @@ FROM dunglas/frankenphp:1-php8.5
 # System Setup
 RUN install-php-extensions mongodb zip
 RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates && rm -rf /var/lib/apt/lists/*
 ARG USER=iblogs
 RUN useradd ${USER} && \
--- a/composer.json
+++ b/composer.json
@@ -21,7 +21,7 @@
        "ext-mongodb": "*",
        "ext-uri": "*",
        "ext-zlib": "*",
-        "indifferentketchup/codex": "^0.2.0",
+        "indifferentketchup/codex": "^0.3.0",
        "mongodb/mongodb": "2.1.2"
    },
    "autoload": {
--- a/composer.lock
+++ b/composer.lock
@@ -4,15 +4,15 @@
        "Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
        "This file is @generated automatically"
    ],
-    "content-hash": "821a03243eb4b751e38ca3f8f063dd3e",
+    "content-hash": "c970170e823f1c31130ee1eec742a090",
    "packages": [
        {
            "name": "indifferentketchup/codex",
-            "version": "v0.2.0",
+            "version": "v0.3.0",
            "source": {
                "type": "git",
                "url": "https://git.indifferentketchup.com/indifferentketchup/ik-codex",
-                "reference": "2bd4fe6189c21be5b1fb03e8ac23b1a3c01d747c"
+                "reference": "656142dbf8979da7d5f06908e5dd53afa1b5e56d"
            },
            "require": {
                "php": ">=8.4"
@@ -47,7 +47,7 @@
                }
            ],
            "description": "Generic PHP log parsing and analysis framework.",
-            "time": "2026-05-01T22:08:43+00:00"
+            "time": "2026-05-06T19:04:37+00:00"
        },
        {
            "name": "mongodb/mongodb",
--- a/dev/compose.yaml
+++ b/dev/compose.yaml
@@ -8,7 +8,7 @@ services:
      - IBLOGS_WORKER_REQUESTS=1
      - FRANKENPHP_WORKERS=4
    ports:
-      - "80:80"
+      - "4217:80"
    volumes:
      - ../:/app
      - ./dev.ini:/usr/local/etc/php/conf.d/dev.ini
--- a/src/Filter/Filter.php
+++ b/src/Filter/Filter.php
@@ -23,8 +23,7 @@ abstract class Filter implements \JsonSerializable
            new TrimFilter(),
            new LimitBytesFilter(),
            new LimitLinesFilter(),
-            new IPv4Filter(),
+            new ProjectZomboidRedactorFilter(),
            new IPv6Filter(),
            new UsernameFilter(),
            new AccessTokenFilter(),
        ];
--- a/src/Filter/ProjectZomboidRedactorFilter.php
+++ b/src/Filter/ProjectZomboidRedactorFilter.php
@@ -0,0 +1,45 @@
 <?php
 namespace IndifferentKetchup\Iblogs\Filter;
 use IndifferentKetchup\Codex\Util\ProjectZomboid\ProjectZomboidRedactor;
 /**
 * Save-time wrapper that delegates to codex's ProjectZomboidRedactor.
 *
 * Codex owns the canonical Project Zomboid PII patterns (Steam IDs, player
 * names, world coordinates, plus IPv4 / IPv6 addresses with the v0.3.0
 * release). This filter is the single point at which PZ-shaped PII is
 * scrubbed on save; it replaces the previous IPv4Filter + IPv6Filter
 * stage (whose IP-only matches left port suffixes intact) and adds the
 * PZ-specific Steam ID, player-name, and coordinate redaction the generic
 * filters never touched.
 *
 * Codex's IPv4 / IPv6 regexes are generic and apply to non-PZ pastes too;
 * the PZ-specific regexes (Steam ID, player name, coords) mostly no-op on
 * non-PZ content because they rely on PZ-specific anchors (`76561198`,
 * the Steam-ID placeholder, `Combat:` / `Safety:` prefixes, `at` / `[`
 * coord wrappers + trailing PvP verbs).
 *
 * Patterns are encapsulated inside the codex redactor and are not exposed
 * to the client-side preview JS (`getData()` returns an empty array).
 * Server-side redaction on save is the privacy guarantee; the preview is
 * only a UX hint for users about what gets scrubbed.
 */
 class ProjectZomboidRedactorFilter extends Filter
 {
    public function getType(): FilterType
    {
        return FilterType::REGEX;
    }
    public function getData(): array
    {
        return [];
    }
    public function filter(string $data): string
    {
        return new ProjectZomboidRedactor()->redact($data);
    }
 }
Author	SHA1	Message	Date
indifferentketchup	8437d62394	Merge branch 'codex-v030-wire' Some checks failed Publish Docker Image / build-and-push (push) Failing after 5s Details Bumps codex to v0.3.0 and aligns iblogs's save-time PII filter chain with codex's ProjectZomboidRedactor. Removes the redundant in-tree IPv4Filter / IPv6Filter chain entries (codex now handles IPs end-to-end including port suffixes). Adds PZ-specific Steam ID / player-name / coordinate scrubbing the prior chain never had.	2026-05-06 19:12:50 +00:00
indifferentketchup	4fced60a83	feat: align save-time redaction with codex v0.3.0 ProjectZomboidRedactor Bumps the codex constraint from ^0.2.0 to ^0.3.0 to pull the PZ-B42 parser fix and the IP-redaction passes added in the codex v0.3.0 release. Wires codex's ProjectZomboidRedactor into the save-time Filter chain via a thin ProjectZomboidRedactorFilter wrapper, and removes the now-redundant IPv4Filter / IPv6Filter chain entries: - Codex's IPv4 / IPv6 redaction is generic-applicable (not PZ-only) and superior to the prior in-tree filters because it consumes the port suffix together with the address; previously only the IP was scrubbed, leaving e.g. ":27015" visible. - Codex additionally redacts PZ-specific PII the prior filters never touched (Steam IDs, player names, world coordinates). - The IPv4Filter and IPv6Filter source files are retained on disk for easy restore from history if a future paste type proves unsuitable for codex-driven IP scrubbing. UsernameFilter (OS-path username scrubbing — different concern from PZ player names) and AccessTokenFilter remain untouched. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-06 19:12:50 +00:00
indifferentketchup	33fcd0d81f	chore(dev): change local dev port to 4217 Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 10:59:43 +00:00
indifferentketchup	f72e2d0936	chore(docker): install git and ca-certificates Required so Composer can resolve VCS-based dependencies (e.g. forked codex packages) at build time. Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>	2026-05-04 10:59:37 +00:00