searxng/.git/searx/botdetection, branch master

[mod] drop: from future import annotations

2025-09-03T11:37:36+00:00

Signed-off-by: Markus Heiser

[mod] addition of various type hints / tbc

2025-09-03T11:37:36+00:00

- pyright configuration [1]_
- stub files: types-lxml [2]_
- addition of various type hints
- enable use of new type system features on older Python versions [3]_
- ``.tool-versions`` - set python to lowest version we support (3.10.18) [4]_:
  Older versions typically lack some typing features found in newer Python
  versions.  Therefore, for local type checking (before commit), it is necessary
  to use the older Python interpreter.

.. [1] https://docs.basedpyright.com/v1.20.0/configuration/config-files/
.. [2] https://pypi.org/project/types-lxml/
.. [3] https://typing-extensions.readthedocs.io/en/latest/#
.. [4] https://mise.jdx.dev/configuration.html#tool-versions

Signed-off-by: Markus Heiser 
Format: reST

[fix] limiter: trusted proxies doc-string (#5104)

2025-08-09T21:30:48+00:00

[mod] limiter: trusted proxies (#4911)

2025-08-09T21:03:30+00:00

Replaces `x_for` functionality with `trusted_proxies`. This allows defining
which IP / ranges to trust extracting the client IP address from X-Forwarded-For
and X-Real-IP headers.

We don't know if the proxy chain will give us the proper client
address (REMOTE_ADDR in the WSGI environment), so we rely on reading the headers
of the proxy before SearXNG (if there is one, in that case it must be added to
trusted_proxies) hoping it has done the proper checks. In case a proxy in the
chain does not check the client address correctly, integrity is compromised and
this should be fixed by whoever manages the proxy, not us.

Closes:

- https://github.com/searxng/searxng/issues/4940
- https://github.com/searxng/searxng/issues/4939
- https://github.com/searxng/searxng/issues/4907
- https://github.com/searxng/searxng/issues/3632
- https://github.com/searxng/searxng/issues/3191
- https://github.com/searxng/searxng/issues/1237

Related:

- https://github.com/searxng/searxng-docker/issues/386
- https://github.com/inetol-infrastructure/searxng-container/issues/81

[mod] migrate from Redis to Valkey (#4795)

2025-07-09T05:55:37+00:00

This patch migrates from `redis==5.2.1` [1] to `valkey==6.1.0` [2].

The migration to valkey is necessary because the company behind Redis has decided
to abandon the open source license. After experiencing a drop in user numbers,
they now want to run it under a dual license again. But this move demonstrates
once again how unreliable the company is and how it treats open source
developers.

To review first, read the docs::

    $ make docs.live

Follow the instructions to remove redis:

- http://0.0.0.0:8000/admin/settings/settings_redis.html

Config and install a local valkey DB:

- http://0.0.0.0:8000/admin/settings/settings_valkey.html

[1] https://pypi.org/project/redis/
[2] https://pypi.org/project/valkey/

Co-authored-by: HLFH 
Co-authored-by: Markus Heiser

[fix] sec-fetch-* headers cannot be verified for non-secure requests (#4962)

2025-06-30T11:31:45+00:00

Signed-off-by: Markus Heiser

[chore] fix some docstring typos (#4815)

2025-05-20T19:03:54+00:00

[fix] sec-fetch-* blocking infinite scroll (#4728)

2025-05-07T08:38:21+00:00

[fix] references from searx.botdetection.http_sec_fetch (#4723)

2025-05-07T08:25:47+00:00

fix: check if the browser supports Sec-Fetch headers (#4696)

2025-05-04T08:12:25+00:00