prokop/thgtoa
1
0
Fork 0
mirror of https://github.com/Anon-Planet/thgtoa.git synced 2026-06-11 00:02:29 +02:00
Code Issues Packages Projects Releases Wiki Activity

chore(lint): commitizen passes

Browse Source 
Passed a couple times through the automatic linter to fix some markdown

Signed-off-by: nopeitsnothing <no@anonymousplanet.org>
This commit is contained in:
nopeitsnothing
2026-05-24 07:44:51 -04:00
parent c19389ce49
commit 3b550119a8
5 changed files with 28 additions and 22 deletions
Download Patch File Download Diff File Expand all files Collapse all files
.cz.toml
+9
View File
@@ -0,0 +1,9 @@
[tool.commitizen]
name = "cz_conventional_commits"
version_scheme = "semver"
tag_format = "v$version"
update_changelog_on_bump = false
major_version_zero = false
[tool.commitizen.customize]
schema_pattern = '^(feat|feature|add|fix|bugfix|revert|security|perf|refactor|change|chore|ci|docs|style|test|build)(\(.+\))?(!)?: .{1,72}(\n.*)*$'
.pre-commit-config.yaml
+4 -5
View File
@@ -10,14 +10,13 @@ repos:
- id: check-added-large-files - id: check-added-large-files
- id: check-merge-conflict - id: check-merge-conflict
- id: check-symlinks - id: check-symlinks
- id: detect-private-key
- id: end-of-file-fixer - id: end-of-file-fixer
- id: trailing-whitespace - id: trailing-whitespace
- id: mixed-line-ending - id: mixed-line-ending
args: [--fix=lf] args: [--fix=lf]
- repo: https://github.com/igorshubovych/markdownlint-cli - repo: https://github.com/commitizen-tools/commitizen
rev: v0.41.0 rev: v4.8.3
hooks: hooks:
- id: markdownlint - id: commitizen
- id: markdownlint-fix stages: [commit-msg]
docs/code/develop.md
+3 -3
View File
@@ -49,7 +49,7 @@ You also need **Google Chrome** or **Microsoft Edge** installed for the light-mo
## Repository layout ## Repository layout
``` ```bash
.github/ .github/
workflows/ workflows/
build.yml ← builds PDFs, uploads artifact build.yml ← builds PDFs, uploads artifact
@@ -120,7 +120,7 @@ Opens at `http://127.0.0.1:8000`.
The pipeline triggers automatically when you push to `main` — no manual steps are needed for normal contributions. The pipeline triggers automatically when you push to `main` — no manual steps are needed for normal contributions.
``` ```bash
push to main push to main
@@ -294,7 +294,7 @@ b2sum -c b2sums.txt
A successful verify looks like: A successful verify looks like:
``` ```bash
gpg: Signature made ... gpg: Signature made ...
gpg: Good signature from "Anonymous Planet (Release) ..." gpg: Good signature from "Anonymous Planet (Release) ..."
``` ```
docs/guide/index.md
+1 -12
View File
@@ -10043,28 +10043,17 @@ Again, regarding the PDFs of this guide and as explained in the README of my rep
- Run "python pdfid.py file-to-check.pdf" and you should see these at 0 in the case of the PDF files in this repository: - Run "python pdfid.py file-to-check.pdf" and you should see these at 0 in the case of the PDF files in this repository:
``` ```text
/JS 0 #This indicates the presence of Javascript /JS 0 #This indicates the presence of Javascript
/JavaScript 0 #This indicates the presence of Javascript /JavaScript 0 #This indicates the presence of Javascript
/AA 0 #This indicates the presence of automatic action on opening /AA 0 #This indicates the presence of automatic action on opening
/OpenAction 0 #This indicates the presence of automatic action on opening /OpenAction 0 #This indicates the presence of automatic action on opening
/AcroForm 0 #This indicates the presence of AcroForm which could contain JavaScript /AcroForm 0 #This indicates the presence of AcroForm which could contain JavaScript
/JBIG2Decode 0 #This indicates the use of JBIG2 compression which could be used for obfuscating content /JBIG2Decode 0 #This indicates the use of JBIG2 compression which could be used for obfuscating content
/RichMedia 0 #This indicates the presence of rich media within the PDF such as Flash /RichMedia 0 #This indicates the presence of rich media within the PDF such as Flash
/Launch 0 #This counts the launch actions /Launch 0 #This counts the launch actions
/EmbeddedFile 0 #This indicates there are embedded files within the PDF /EmbeddedFile 0 #This indicates there are embedded files within the PDF
/XFA 0 #This indicates the presence of XML Forms within the PDF /XFA 0 #This indicates the presence of XML Forms within the PDF
``` ```
Now, what if you think the PDF is still suspicious? Fear not ... there are more things you can do to ensure it is not malicious: Now, what if you think the PDF is still suspicious? Fear not ... there are more things you can do to ensure it is not malicious:
docs/verify/index.md
+11 -2
View File
@@ -36,12 +36,14 @@ python scripts/verify_pdf.py --vt
#### 1. Verify SHA256 Hash #### 1. Verify SHA256 Hash
**Linux/macOS:** **Linux/macOS:**
```bash ```bash
cd /path/to/repo cd /path/to/repo
sha256sum -c sha256sum-light.txt sha256sum -c sha256sum-light.txt
``` ```
**Windows (PowerShell):** **Windows (PowerShell):**
```powershell ```powershell
Get-FileHash -Algorithm SHA256 export\thgtoa.pdf | Select-Object Hash Get-FileHash -Algorithm SHA256 export\thgtoa.pdf | Select-Object Hash
# Compare with the hash in thgtoa.pdf.sha256 # Compare with the hash in thgtoa.pdf.sha256
@@ -50,18 +52,21 @@ Get-FileHash -Algorithm SHA256 export\thgtoa.pdf | Select-Object Hash
#### 2. Verify GPG Signature #### 2. Verify GPG Signature
First, import the public key: First, import the public key:
```bash ```bash
gpg --import pgp/anonymousplanet-master.asc gpg --import pgp/anonymousplanet-master.asc
``` ```
Then verify the signature: Then verify the signature:
```bash ```bash
gpg --verify export/thgtoa.pdf.sig export/thgtoa.pdf gpg --verify export/thgtoa.pdf.sig export/thgtoa.pdf
gpg --verify export/thgtoa-dark.pdf.sig export/thgtoa-dark.pdf gpg --verify export/thgtoa-dark.pdf.sig export/thgtoa-dark.pdf
``` ```
Expected output for successful verification: Expected output for successful verification:
```
```text
gpg: Signature made Mon 20 Apr 2026 01:46:40 AM EDT gpg: Signature made Mon 20 Apr 2026 01:46:40 AM EDT
gpg: using EDDSA key 9FA5436D0EE360985157382517ECA05F768DEDF6 gpg: using EDDSA key 9FA5436D0EE360985157382517ECA05F768DEDF6
gpg: Good signature from "Anonymous Planet Master Signing Key" [unknown] gpg: Good signature from "Anonymous Planet Master Signing Key" [unknown]
@@ -77,6 +82,7 @@ Visit the VirusTotal report links (automatically generated in release notes):
- Dark mode: `https://www.virustotal.com/gui/file/[hash]` - Dark mode: `https://www.virustotal.com/gui/file/[hash]`
Or use the Python script with API key: Or use the Python script with API key:
```bash ```bash
export VT_API_KEY=your_vt_api_key export VT_API_KEY=your_vt_api_key
python scripts/verify_pdf.py --vt python scripts/verify_pdf.py --vt
@@ -103,15 +109,18 @@ The GitHub Actions workflows automatically:
## Troubleshooting ## Troubleshooting
### "Good signature" but wrong owner? ### "Good signature" but wrong owner?
- Ensure you imported the correct public key - Ensure you imported the correct public key
- Check the key fingerprint matches the official one from the repository - Check the key fingerprint matches the official one from the repository
### Hash mismatch? ### Hash mismatch?
- Re-download the file (corruption during transfer) - Re-download the file (corruption during transfer)
- Verify you're checking against the correct hash file - Verify you're checking against the correct hash file
- Check for disk errors on your system - Check for disk errors on your system
### GPG not found? ### GPG not found?
- Install GPG: `sudo apt install gnupg` (Debian/Ubuntu) or `brew install gnupg` (macOS) - Install GPG: `sudo apt install gnupg` (Debian/Ubuntu) or `brew install gnupg` (macOS)
- On Windows, use [Gpg4win](https://www.gpg4win.org/) - On Windows, use [Gpg4win](https://www.gpg4win.org/)
@@ -123,4 +132,4 @@ The GitHub Actions workflows automatically:
--- ---
*For questions or issues with verification, please open an issue on GitHub.* _For questions or issues with verification, please open an issue on GitHub._