mirror of
https://github.com/Anon-Planet/thgtoa.git
synced 2026-06-11 00:02:29 +02:00
nopeitsnothing
c5e5ae48e1
Lots of source additions here from long-standing notes over the past few
months. Squashed to make it neater than 219 commits.
- bump version to v1.2.4, Jun 2026
- expand Tor section with new "Traffic analysis and the limits of Tor" subsection
guard node persistence, website fingerprinting, and a practical breakdown of
when Tor is and is not sufficient
- expand hardware/firmware threat section with new subsections on firmware
implants, USB attack hardware (O.MG Cable, Rubber Ducky), Evil Maid attacks,
supply chain compromise, and a physical inspection checklist
- rename "Removing Metadata from Files/Documents/Pictures" section to "Metadata
auditing"; add reference table of tools by file type; expand EXIF/XMP coverage,
PDF metadata (font fingerprinting), and DOCX revision history with real-world
source identification cases; restructure subsections
- add introductory paragraph to "Your Metadata" section
- add new appendix B8: operational security failure case studies with common
threads
- add new appendix B9: post-quantum cryptography covering HNDL threat, NIST PQC
standards, Signal's PQXDH, browser hybrid KEM, PGP limitations, VPN guidance,
and Monero note
- add new appendix C1: stylometric analysis and writing style covering features
measured, deployed tools, real cases (J.K. Rowling), effective and ineffective
countermeasures including AI rewriting
- fix Dangerzone GitHub URL (firstlook -> freedomofpress)
- Remove duplicate footnote [^500]; minor wording fixes ("users" -> "people",
passive voice tweaks, cross-reference updates)
- docs/index.md: both MSK and RSK GPG fingerprints in a collapsible tip admonition
instead of bare text
- docs/about/index.md: convert Note admonitions to tip; reformat social media
links into collapsible tip block
- docs/mirrors/index.md: simplify PDF download instructions to point to Releases;
- README.md: add star history chart
- mkdocs.yml: rename site to "The Hitchhiker's Guide"; update site description
with hashtags
- sign.yml: remove commented-out workflow_run trigger and if: condition; add
verify job that runs after sign, downloads artifacts, runs verify_pdf.py, and
writes a full job summary with hashes; update artifact upload description; minor
comment and whitespace cleanup
- release.yml, changelog.yml: replace decorative banner comments with single-line
comments; fix trailing-space style in permissions block
- publish.yml: remove stale comment about nomaterial theme
- verify_pdf.py: full rewrite: replace single-hash-file lookup with flexible
resolver that checks both bare hash files (.sha256, .b2sum) and two-column
sumfiles (sha256sums.txt, b2sums.txt); add BLAKE2b verification alongside
SHA-256; fix signature extension (.asc not .sig); improve CLI (--file,
--export-dir flags; remove --all; default runs all checks); improve VirusTotal
output with direct link; cleaner output formatting with ruled separators
59 lines
1.9 KiB
YAML
59 lines
1.9 KiB
YAML
name: 📝 Update Changelog
|
|
|
|
# Manual only — run after a release is published. Provide the exact version
|
|
# string (e.g. v1.2.4) to prepend to the changelog. Version is required to
|
|
# prevent silent auto-increment drift from release tags.
|
|
on:
|
|
workflow_dispatch:
|
|
inputs:
|
|
version:
|
|
description: 'Version string to record (e.g. v1.2.4) — required'
|
|
required: true
|
|
type: string
|
|
dry_run:
|
|
description: 'Dry run — print entry without committing'
|
|
required: false
|
|
default: false
|
|
type: boolean
|
|
|
|
permissions:
|
|
contents: write # commit changelog back to main
|
|
|
|
jobs:
|
|
changelog:
|
|
name: Prepend changelog entry
|
|
runs-on: ubuntu-latest
|
|
|
|
steps:
|
|
- name: 🛠️ Checkout
|
|
uses: actions/checkout@v4
|
|
with:
|
|
# Use a PAT so the commit triggers downstream workflows (GITHUB_TOKEN won't)
|
|
token: ${{ secrets.CHANGELOG_PAT || secrets.GITHUB_TOKEN }}
|
|
fetch-depth: 0
|
|
|
|
- name: 🐍 Set up Python
|
|
uses: actions/setup-python@v5
|
|
with:
|
|
python-version: "3.13"
|
|
|
|
- name: 📝 Generate and prepend changelog entry
|
|
env:
|
|
DRY_RUN: ${{ inputs.dry_run || 'false' }}
|
|
MANUAL_VERSION: ${{ inputs.version }}
|
|
GH_SHA: ${{ github.sha }}
|
|
GH_REF: ${{ github.ref_name }}
|
|
TRIGGERING_SHA: ${{ github.event.workflow_run.head_sha || github.sha }}
|
|
run: python scripts/update_changelog.py
|
|
|
|
- name: 📤 Commit changelog
|
|
if: ${{ inputs.dry_run != 'true' }}
|
|
run: |
|
|
git config user.name "github-actions[bot]"
|
|
git config user.email "github-actions[bot]@users.noreply.github.com"
|
|
git add docs/changelog/index.md
|
|
# Only commit if there's actually a change
|
|
git diff --cached --quiet && echo "No changelog change to commit." || \
|
|
git commit -m "docs: update changelog [skip ci]"
|
|
git push
|