| Age | Commit message (Collapse) | Author |
|---|
|
Set minor versioning for most of the packages that iterate fast or we know won't
cause problems, and fixed versioning for the rest.
Packages going into bundles should be placed in "dependencies".
The inspection of prod bundles is necessary. Although it does not make a lot of
sense right now, it will be useful in later PR and will give us a reference to
start with.
|
|
TypeScript is a superset of JavaScript, converting the entire theme to
TypeScript allows us to receive much more feedback on possible issues made in
package updates or our own typos, furthermore, it allows to transpile properly
to lower specs. This PR couldn't be done in smaller commits, a lot of work
needed to make everything *work properly*:
- A browser baseline has been set that requires minimum **Chromium 93, Firefox
92 and Safari 15** (proper visuals/operation on older browser versions is not
guaranteed)
- LightningCSS now handles minification and prefix creation for CSS.
- All hardcoded polyfills and support for previous browser baseline versions
have been removed.
- Convert codebase to TypeScript.
- Convert IIFE to ESM, handling globals with IIFE is cumbersome, ESM is the
standard for virtually any use of JS nowadays.
- Vite now builds the theme without the need for `vite-plugin-static-copy`.
- `searxng.ready` now accepts an array of conditions for the callback to be
executed.
- Replace `leaflet` with `ol` as there were some issues with proper Vite
bundling.
- Merged `head` with `main` script, as head was too small now.
- Add `assertElement` to properly check the existence of critical DOM elements.
- `searxng.on` renamed to `searxng.listen` with some handling improvements.
|
|
Related:
- https://github.com/searxng/searxng/pull/5073#issuecomment-3196282632
|
|
FIxes publishedDate format in reuters engine to encompass ISO 8601 times both with and without milliseconds.
Why is this change important?
Previously, the engine would sometimes fail saying:
2025-08-12 21:13:23,091 ERROR:searx.engines.reuters: exception : time data '2024-04-15T19:08:30.833Z' does not match format '%Y-%m-%dT%H:%M:%SZ'
Traceback (most recent call last):
...
File "/usr/local/searxng/searx/engines/reuters.py", line 87, in response
publishedDate=datetime.strptime(result["display_time"], "%Y-%m-%dT%H:%M:%SZ"),
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
...
Note that most queries seem to work with Reuters, but there are some results that have the additional milliseconds and fail. Regardless, the change is backwards compatible as both the formats (with and without the ms) should now parse correctly.
|
|
Bumps [actions/checkout](https://github.com/actions/checkout) from 4.2.2 to 5.0.0.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/11bd71901bbe5b1630ceea73d27597364c9af683...08c6903cd8c0fde910a37f88322edcfb5dd907a8)
---
updated-dependencies:
- dependency-name: actions/checkout
dependency-version: 5.0.0
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [github/codeql-action](https://github.com/github/codeql-action) from 3.29.6 to 3.29.9.
- [Release notes](https://github.com/github/codeql-action/releases)
- [Changelog](https://github.com/github/codeql-action/blob/main/CHANGELOG.md)
- [Commits](https://github.com/github/codeql-action/compare/a4e1a019f5e24960714ff6296aee04b736cbc3cf...df559355d593797519d70b90fc8edd5db049e7a2)
---
updated-dependencies:
- dependency-name: github/codeql-action
dependency-version: 3.29.9
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Add Baidu Captcha detection to reduce `JSONDecodeError` error
Baidu will redirect to `wappass.baidu.com` and return a captcha challenge.
Current behavior will get the data from `wappass.baidu.com` then return a
`json.decoder.JSONDecodeError` error.
|
|
The HTTP X-Forwarded-Proto (XFP) request header is a *de-facto* standard header
for identifying the protocol (HTTP or HTTPS) that a client used to connect to a
proxy or load balancer.[1]
The ``X-Scheme`` header was added 10 years ago, why ``X-Scheme`` was used back
then and not ``X-Forwarded-Proto``, nobody knows today / possibly because
``X-Forwarded-Proto`` wasn't a *de-facto* standard back then.
[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto
[2] https://github.com/searx/searx/commit/6ef7c3276
|
|
The HTTP X-Forwarded-Proto (XFP) request header is a de-facto standard header
for identifying the protocol (HTTP or HTTPS) that a client used to connect to a
proxy or load balancer.[1]
In our documentation[2] we recommend to set the `X-Scheme` header. This header
is not required if the `server.base_url` is set correctly.[3]
If none of these URL scheme details exist, then the header X-Forwarded-Proto is
evaluated as a third alternative.
[1] https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/X-Forwarded-Proto
[2] https://docs.searxng.org/admin/installation-apache.html#apache-s-searxng-site
[3] https://docs.searxng.org/admin/settings/settings_server.html
Closes: https://github.com/searxng/searxng/issues/5105
|
|
|
|
Replaces `x_for` functionality with `trusted_proxies`. This allows defining
which IP / ranges to trust extracting the client IP address from X-Forwarded-For
and X-Real-IP headers.
We don't know if the proxy chain will give us the proper client
address (REMOTE_ADDR in the WSGI environment), so we rely on reading the headers
of the proxy before SearXNG (if there is one, in that case it must be added to
trusted_proxies) hoping it has done the proper checks. In case a proxy in the
chain does not check the client address correctly, integrity is compromised and
this should be fixed by whoever manages the proxy, not us.
Closes:
- https://github.com/searxng/searxng/issues/4940
- https://github.com/searxng/searxng/issues/4939
- https://github.com/searxng/searxng/issues/4907
- https://github.com/searxng/searxng/issues/3632
- https://github.com/searxng/searxng/issues/3191
- https://github.com/searxng/searxng/issues/1237
Related:
- https://github.com/searxng/searxng-docker/issues/386
- https://github.com/inetol-infrastructure/searxng-container/issues/81
|
|
|
|
Related:
- https://github.com/searxng/searxng/pull/5037#issuecomment-3166851578
|
|
To get an API key follow instructions at [1].
[1] https://about.marginalia-search.com/article/api/
Related (historical ordered):
- https://github.com/searxng/searxng/issues/1620
- https://github.com/searxng/searxng/issues/1673
- https://github.com/searxng/searxng/pull/1627
- https://github.com/searxng/searxng/pull/2489
Closes:
- https://github.com/searxng/searxng/issues/3034
Co-authored-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
0fbf5aa2d - 2025-08-07 - alexgabi <alexgabi@noreply.codeberg.org>
d18d3ed1c - 2025-08-07 - return42 <return42@noreply.codeberg.org>
7927a63a0 - 2025-08-06 - pikzim <pikzim@noreply.codeberg.org>
27c8b4013 - 2025-08-05 - nhthinh <nhthinh@noreply.codeberg.org>
83262e748 - 2025-08-04 - IcewindX <icewindx@noreply.codeberg.org>
|
|
The `publishedDate` has always been `None` before that change, which
causes that there are no `publishedDate`s visible for any result.
|
|
All actions are pulled using the version hash, versions are handled by
dependabot, and we'll have control over which actions get updated.
Replaces Trivy scanner with Docker Scout, we have recently begun analyzing the
images there, and the action will keep us in sync about the problems on GHCS
dashboard.
|
|
We always use the latest versions of our base images, so this dependabot task
is unneeded.
|
|
Bumps the minor group with 1 update: [certifi](https://github.com/certifi/python-certifi).
Updates `certifi` from 2025.7.14 to 2025.8.3
- [Commits](https://github.com/certifi/python-certifi/compare/2025.07.14...2025.08.03)
---
updated-dependencies:
- dependency-name: certifi
dependency-version: 2025.8.3
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Sometimes, there's only an `adaptivestreaming` field in `streams`, which
is usually an m3u8 file. That's however not supported by the video player
of any browser, so we can't use and must build a different url instead.
|
|
WhiteNoise requires all headers to be strings, however it's common to use
other primitive types (e.g. numbers) in the header, e.g. `X-XSS-Protection: 0`.
Thus, we must convert all types of values (i.e. numbers) to strings.
- closes https://github.com/searxng/searxng/issues/5091
|
|
Due to current limitations of `actions/cache`, the cache cannot be overwritten.
In our case, we need to accumulate cached wheels from different architectures.
To solve this, we simply delete the key before storing the cache again.
|
|
Building the container currently does not work properly.
When rebuilding several times with `make container`, `version_frozen.py`
is recreated, which wouldn't be an issue if the file’s timestamp was constant.
Now, when creating `version_frozen.py`, it will have the same timestamp as the
commit when it was created. (`version_frozen.py` is moved to a dedicated layer).
Reusing "builder" cache when building "dist" could be slow
(CD reports 2 seconds, but locally I've seen it take up to 10 seconds),
so the Dockerfile is now split and we save a couple steps
by importing the "builder" image directly.
The last changes made it possible to remove the layer cache in "builder",
since the overhead is now greater than building the layers from scratch.
Until now, all "dist" layers were squashed into a single layer,
which in most cases is a good idea
(except for storage/delivery pricing/overhead), but in our case,
since we manage the entire pipeline, we can ignore this
and share layers between builds.
This means (for example) that if we change files unrelated to the container
in several consecutive commits (documentation changes), we don't have to push
the entire image to registry, but only the different layers
(`version_frozen.py` in this example).
The same applies when pulling, as only the layers that have changed
compared to the local layers will be downloaded (that's the theory,
we'll see if this works as expected or if we need to tweak something else).
|
|
- not 100% sure about the condition code mapping, there are no real matches for most of the codes from Apple WeatherKit to the weather codes we have in SearXNG
- related: https://github.com/searxng/searxng/issues/4885
|
|
The app and website were taken offline in December 2024, with the latter
pointing to KitchenAid's US website. [1]
[1] https://en.wikipedia.org/wiki/Yummly
Closes: https://github.com/searxng/searxng/issues/5079
|
|
With this change, the "latest" tag will be visually higher (on registry tag list). Right now, it appears under the "DOCKER_TAG" manifest tag, which can be confusing.
|
|
* [fix] CI task "update_engine_traits.py" fails
To catch all problems with an HTTP request, the more general class
``httpx.HTTPError`` must be caught, for your test use::
$ ./manage dev.env
$ python ./searxng_extra/update/update_engine_traits.py
Closes: https://github.com/searxng/searxng/issues/5068
* [data] update searx.data - update_engine_traits.py
|
|
* [upd] pypi: Bump the minor group with 2 updates
Bumps the minor group with 2 updates: [granian[reload]](https://github.com/emmett-framework/granian) and [granian](https://github.com/emmett-framework/granian).
Updates `granian[reload]` from 2.4.2 to 2.5.0
- [Release notes](https://github.com/emmett-framework/granian/releases)
- [Commits](https://github.com/emmett-framework/granian/compare/v2.4.2...v2.5.0)
Updates `granian` from 2.4.2 to 2.5.0
- [Release notes](https://github.com/emmett-framework/granian/releases)
- [Commits](https://github.com/emmett-framework/granian/compare/v2.4.2...v2.5.0)
---
updated-dependencies:
- dependency-name: granian[reload]
dependency-version: 2.5.0
dependency-type: direct:development
update-type: version-update:semver-minor
dependency-group: minor
- dependency-name: granian
dependency-version: 2.5.0
dependency-type: direct:production
update-type: version-update:semver-minor
dependency-group: minor
...
Signed-off-by: dependabot[bot] <support@github.com>
* [enh] py: use humanized duration
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Ivan Gabaldon <igabaldon@inetol.net>
|
|
17e9fcd68 - 2025-07-29 - musabustun <musabustun@noreply.codeberg.org>
90b302e3e - 2025-07-29 - return42 <return42@noreply.codeberg.org>
023a22292 - 2025-07-29 - return42 <return42@noreply.codeberg.org>
17d37ede6 - 2025-07-30 - gkalathas <gkalathas@noreply.codeberg.org>
3c64c165f - 2025-07-29 - return42 <return42@noreply.codeberg.org>
d8f65cdc7 - 2025-07-26 - IcewindX <icewindx@noreply.codeberg.org>
|
|
|
|
Reporting the DeprecationWarning once should be sufficient when running tests.
|
|
|
|
|
|
|
|
|
|
|
|
Co-authored-by: searxng-bot <searxng-bot@users.noreply.github.com>
|
|
The error message in case the vqd value could not be determined was incorrect
and triggered an exception::
File "/usr/local/searxng/searxng-src/searx/engines/duckduckgo.py", line 132, in get_vqd
logger.error("vqd value from duckduckgo.com ", resp.status_code)
Message: 'vqd value from duckduckgo.com '
Arguments: (202,)
|
|
If the ``on_result`` handle returns False, then the ``else`` was always jumped
to, which throws the NotImplementedError exception::
File "/usr/local/searxng/searxng-src/searx/results.py", line 99, in extend
raise NotImplementedError(f"no handler implemented to process the result of type {result}")
NotImplementedError: no handler implemented to process the result of type MainResult(title=...
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Pyright has been installed twice so far, once via `package.json` and once in the
test script via `npx --no-install`. Separating the type checks in the CI and on
the developer desktop is also not necessary.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Implement rules and functions to format shell scripts:
$ make format.shell
or alternatively to format all source code:
$ make format
The formatter `shfmt` reads the rules from the editorconfig[1]
If any EditorConfig files are found, they will be used to apply formatting
options. If any parser or printer flags are given to the tool, no
EditorConfig files will be used.
[1] https://github.com/patrickvane/shfmt?tab=readme-ov-file#description
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
The `go.mod` was created by::
$ ./manage dev.env
(dev.env)$ go mod init searxng.org/devtools
(dev.env)$ go get -tool mvdan.cc/sh/v3/cmd/shfmt@v3.12.0
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Removes obsolete scripts and fix various leftovers.
Signed-off-by: Markus Heiser <markus.heiser@darmarit.de>
|
|
Use Python exception to prevent startup crash in case of fetch ClearURL
failure. Also add some logs.
Closes: https://github.com/searxng/searxng/issues/5054
|
|
settings.yml correct value to disable scheduling
|
|
|
