indifferentketchup/iblogs
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: indifferentketchup:iblogs-bootstrap
Branches Tags
indifferentketchup:main indifferentketchup:iblogs-bootstrap
..
compare: indifferentketchup:8437d6239496747545e4597f738ac8ac6c4060fb
Branches Tags
indifferentketchup:main indifferentketchup:iblogs-bootstrap

4 Commits
iblogs-boo ... 8437d62394

Author SHA1 Message Date
indifferentketchup
8437d62394 Merge branch 'codex-v030-wire'
Some checks failed
Publish Docker Image / build-and-push (push) Failing after 5s
Details 
Bumps codex to v0.3.0 and aligns iblogs's save-time PII filter
chain with codex's ProjectZomboidRedactor. Removes the redundant
in-tree IPv4Filter / IPv6Filter chain entries (codex now handles
IPs end-to-end including port suffixes). Adds PZ-specific Steam
ID / player-name / coordinate scrubbing the prior chain never had.
 2026-05-06 19:12:50 +00:00
indifferentketchup
4fced60a83 feat: align save-time redaction with codex v0.3.0 ProjectZomboidRedactor 
Bumps the codex constraint from ^0.2.0 to ^0.3.0 to pull the PZ-B42
parser fix and the IP-redaction passes added in the codex v0.3.0
release. Wires codex's ProjectZomboidRedactor into the save-time
Filter chain via a thin ProjectZomboidRedactorFilter wrapper, and
removes the now-redundant IPv4Filter / IPv6Filter chain entries:

- Codex's IPv4 / IPv6 redaction is generic-applicable (not PZ-only)
  and superior to the prior in-tree filters because it consumes the
  port suffix together with the address; previously only the IP was
  scrubbed, leaving e.g. ":27015" visible.
- Codex additionally redacts PZ-specific PII the prior filters never
  touched (Steam IDs, player names, world coordinates).
- The IPv4Filter and IPv6Filter source files are retained on disk
  for easy restore from history if a future paste type proves
  unsuitable for codex-driven IP scrubbing.

UsernameFilter (OS-path username scrubbing — different concern from
PZ player names) and AccessTokenFilter remain untouched.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-06 19:12:50 +00:00
indifferentketchup
33fcd0d81f chore(dev): change local dev port to 4217 
Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-04 10:59:43 +00:00
indifferentketchup
f72e2d0936 chore(docker): install git and ca-certificates 
Required so Composer can resolve VCS-based dependencies (e.g. forked codex packages) at build time.

Co-Authored-By: Claude Opus 4.7 (1M context) <noreply@anthropic.com>
 2026-05-04 10:59:37 +00:00
6 changed files with 53 additions and 8 deletions
Expand all files Collapse all files

1
Dockerfile
View File

@@ -2,6 +2,7 @@ FROM dunglas/frankenphp:1-php8.5
# System Setup
RUN install-php-extensions mongodb zip
RUN apt-get update && apt-get install -y --no-install-recommends git ca-certificates && rm -rf /var/lib/apt/lists/*
ARG USER=iblogs
RUN useradd ${USER} && \

2
composer.json
View File

@@ -21,7 +21,7 @@
"ext-mongodb": "*",
"ext-uri": "*",
"ext-zlib": "*",
"indifferentketchup/codex": "^0.2.0",
"indifferentketchup/codex": "^0.3.0",
"mongodb/mongodb": "2.1.2"
},
"autoload": {

8
composer.lock generated
View File

@@ -4,15 +4,15 @@
"Read more about it at https://getcomposer.org/doc/01-basic-usage.md#installing-dependencies",
"This file is @generated automatically"
],
"content-hash": "821a03243eb4b751e38ca3f8f063dd3e",
"content-hash": "c970170e823f1c31130ee1eec742a090",
"packages": [
{
"name": "indifferentketchup/codex",
"version": "v0.2.0",
"version": "v0.3.0",
"source": {
"type": "git",
"url": "https://git.indifferentketchup.com/indifferentketchup/ik-codex",
"reference": "2bd4fe6189c21be5b1fb03e8ac23b1a3c01d747c"
"reference": "656142dbf8979da7d5f06908e5dd53afa1b5e56d"
},
"require": {
"php": ">=8.4"
@@ -47,7 +47,7 @@
}
],
"description": "Generic PHP log parsing and analysis framework.",
"time": "2026-05-01T22:08:43+00:00"
"time": "2026-05-06T19:04:37+00:00"
},
{
"name": "mongodb/mongodb",

2
dev/compose.yaml
View File

@@ -8,7 +8,7 @@ services:
- IBLOGS_WORKER_REQUESTS=1
- FRANKENPHP_WORKERS=4
ports:
- "80:80"
- "4217:80"
volumes:
- ../:/app
- ./dev.ini:/usr/local/etc/php/conf.d/dev.ini

3
src/Filter/Filter.php
View File

@@ -23,8 +23,7 @@ abstract class Filter implements \JsonSerializable
new TrimFilter(),
new LimitBytesFilter(),
new LimitLinesFilter(),
new IPv4Filter(),
new IPv6Filter(),
new ProjectZomboidRedactorFilter(),
new UsernameFilter(),
new AccessTokenFilter(),
];

45
src/Filter/ProjectZomboidRedactorFilter.php Normal file
View File

@@ -0,0 +1,45 @@
<?php
namespace IndifferentKetchup\Iblogs\Filter;
use IndifferentKetchup\Codex\Util\ProjectZomboid\ProjectZomboidRedactor;
/**
* Save-time wrapper that delegates to codex's ProjectZomboidRedactor.
*
* Codex owns the canonical Project Zomboid PII patterns (Steam IDs, player
* names, world coordinates, plus IPv4 / IPv6 addresses with the v0.3.0
* release). This filter is the single point at which PZ-shaped PII is
* scrubbed on save; it replaces the previous IPv4Filter + IPv6Filter
* stage (whose IP-only matches left port suffixes intact) and adds the
* PZ-specific Steam ID, player-name, and coordinate redaction the generic
* filters never touched.
*
* Codex's IPv4 / IPv6 regexes are generic and apply to non-PZ pastes too;
* the PZ-specific regexes (Steam ID, player name, coords) mostly no-op on
* non-PZ content because they rely on PZ-specific anchors (`76561198`,
* the Steam-ID placeholder, `Combat:` / `Safety:` prefixes, `at` / `[`
* coord wrappers + trailing PvP verbs).
*
* Patterns are encapsulated inside the codex redactor and are not exposed
* to the client-side preview JS (`getData()` returns an empty array).
* Server-side redaction on save is the privacy guarantee; the preview is
* only a UX hint for users about what gets scrubbed.
*/
class ProjectZomboidRedactorFilter extends Filter
{
public function getType(): FilterType
{
return FilterType::REGEX;
}
public function getData(): array
{
return [];
}
public function filter(string $data): string
{
return new ProjectZomboidRedactor()->redact($data);
}
}