diff options
| author | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-12 21:32:38 +0000 |
|---|---|---|
| committer | DanConwayDev <DanConwayDev@protonmail.com> | 2026-01-12 21:33:15 +0000 |
| commit | 70c577f10bbe150b6b13bec545dc8720ad005a64 (patch) | |
| tree | 4f390cd523248db007ecb4335a61598b930ccad9 /README.md | |
| parent | 1948312d40f34fca868d1ef6d6d94e165c09738c (diff) | |
feat(config): add repository blacklist to block specific repos/npubs/identifiers
Adds NGIT_REPOSITORY_BLACKLIST option for blocking repositories, taking precedence
over all whitelists (archive and repository) to enable moderation without affecting
curation policy.
Key features:
- Three blacklist formats: <npub>, <npub>/<identifier>, <identifier>
- Blacklist checked first before any other validation
- Overrides archive whitelist and repository whitelist
- Specific rejection reasons based on match type (npub/identifier/both)
- Not flagged in NIP-11 curation (operational, not policy)
Implementation:
- Add BlacklistConfig struct with check() method returning detailed reasons
- Add NGIT_REPOSITORY_BLACKLIST config option and blacklist_config() method
- Update validate_announcement() to check blacklist first with specific reasons
- 12 new unit tests covering all blacklist behavior and precedence
Configuration synced across all four sources:
- src/config.rs: Core implementation with BlacklistConfig
- .env.example: Comprehensive documentation with examples
- docs/reference/configuration.md: Complete reference documentation
- nix/module.nix: NixOS module option with environment mapping
Testing:
- 12 new tests for blacklist functionality (config + validation)
- All 332 library tests passing
- All 38 integration tests passing
Use cases:
- Block spam/malware repos by identifier
- Block abusive users by npub
- Block specific problematic repos by npub/identifier
- Temporary blocks for investigation
Diffstat (limited to 'README.md')
| -rw-r--r-- | README.md | 2 |
1 files changed, 1 insertions, 1 deletions
| @@ -36,7 +36,7 @@ Unlike the reference implementation ([ngit-relay](https://gitworkshop.dev/npub15 | |||
| 36 | - **Pure Rust Implementation**: Single binary, no external dependencies beyond Git itself | 36 | - **Pure Rust Implementation**: Single binary, no external dependencies beyond Git itself |
| 37 | - **Integrated Authorization**: Push validation happens inline during the Git receive-pack operation | 37 | - **Integrated Authorization**: Push validation happens inline during the Git receive-pack operation |
| 38 | - **GRASP-01 Compliant**: Core service requirements for Git hosting with Nostr authorization | 38 | - **GRASP-01 Compliant**: Core service requirements for Git hosting with Nostr authorization |
| 39 | - **Repository Whitelist**: Optional curation via pubkey/identifier whitelist (GRASP-01 mode) | 39 | - **Repository Whitelist/Blacklist**: Optional curation via pubkey/identifier whitelist (GRASP-01 mode) and blacklist (overrides all whitelists) |
| 40 | - **GRASP-02 Proactive Sync**: Sophisticated relay-to-relay event and git data synchronization | 40 | - **GRASP-02 Proactive Sync**: Sophisticated relay-to-relay event and git data synchronization |
| 41 | - **NIP-77 Negentropy**: Efficient set reconciliation with automatic fallback to REQ+EOSE | 41 | - **NIP-77 Negentropy**: Efficient set reconciliation with automatic fallback to REQ+EOSE |
| 42 | - **Live & Historic Sync**: Real-time event streaming plus catch-up for past events | 42 | - **Live & Historic Sync**: Real-time event streaming plus catch-up for past events |