{"id":18454361,"url":"https://github.com/freedomofpress/securedrop-https-everywhere-ruleset","last_synced_at":"2025-10-09T22:14:31.307Z","repository":{"id":41952533,"uuid":"254460884","full_name":"freedomofpress/securedrop-https-everywhere-ruleset","owner":"freedomofpress","description":"HTTPS Everywhere ruleset for human-readable Onion URLs for SecureDrop instances","archived":false,"fork":false,"pushed_at":"2025-09-23T19:49:26.000Z","size":641,"stargazers_count":10,"open_issues_count":7,"forks_count":4,"subscribers_count":6,"default_branch":"main","last_synced_at":"2025-09-23T20:25:30.902Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"https://securedrop.org/https-everywhere/","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":null,"status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/freedomofpress.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":null,"code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":".github/CODEOWNERS","security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2020-04-09T19:30:04.000Z","updated_at":"2025-09-23T18:22:56.000Z","dependencies_parsed_at":"2024-04-18T15:59:44.497Z","dependency_job_id":"466191a2-a4a3-403d-9015-5d754710cb14","html_url":"https://github.com/freedomofpress/securedrop-https-everywhere-ruleset","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/freedomofpress/securedrop-https-everywhere-ruleset","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freedomofpress%2Fsecuredrop-https-everywhere-ruleset","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freedomofpress%2Fsecuredrop-https-everywhere-ruleset/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freedomofpress%2Fsecuredrop-https-everywhere-ruleset/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freedomofpress%2Fsecuredrop-https-everywhere-ruleset/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/freedomofpress","download_url":"https://codeload.github.com/freedomofpress/securedrop-https-everywhere-ruleset/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/freedomofpress%2Fsecuredrop-https-everywhere-ruleset/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279002130,"owners_count":26083307,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-09T02:00:07.460Z","response_time":59,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-11-06T08:03:56.428Z","updated_at":"2025-10-09T22:14:31.265Z","avatar_url":"https://github.com/freedomofpress.png","language":"Python","readme":"\u003e By contributing to this project, you agree to abide by our [Code of Conduct](https://github.com/freedomofpress/.github/blob/main/CODE_OF_CONDUCT.md).\n\n# HTTPS-Everywhere Rulesets for SecureDrop\n\n`securedrop-https-everywhere-ruleset` is used to create a signed HTTPS Everywhere ruleset that maps full-length .onion addresses to user-friendly [onion names](https://securedrop.org/faq/getting-onion-name-your-securedrop/) for some news organizations listed in the [SecureDrop directory](https://securedrop.org/directory/). Any time a new onion name is approved, we add its mapping to our HTTPS Everywhere ruleset and deploy it to https://securedrop.org/https-everywhere-2021/ . Tor Browser automatically includes our ruleset in the default HTTPS Everywhere extension and checks for updates on startup.\n\n## Development\n\nFirst, [install poetry](https://python-poetry.org/docs/#installation) and run `poetry install --with=dev`.\n\nYou can create a test key for signing using:\n\n```\nmake test-key\n```\n\nwhich will create `test-key.jwk` in your current working directory.\n\n## Updating Rulesets\n\n### Adding a new organization\n\n1. Ensure they are in the official SecureDrop directory. If they are not, go through the IVF process with the organization.\n\n2. Add their domain name and the requested URL to the `onboarded.txt` via PR into this repository. We match the domain based on the landing page of the organization, comparing the `netloc` in a URL with structure `scheme://netloc/path;parameters?query#fragment`.\n\n3. Next, generate the updated ruleset with `make generate` and review the output.\n\n4. Once satisfied, you can sign it with `make sign` (requires signing key, please ping a key holder for assistance).\n\n5. Commit all files generated by the script above and open a Pull Request to this repository. Once the PR is merged, the rulesets will automatically be deployed to production.\n\n## Verifying changes\n\nInspect the diff. If it looks good, commit the resulting `index.html` and all files to be served. To test locally, run\n\n    make serve\n\nAnd configure your browser to use `http://localhost:4080/https-everywhere/`.\n\n## Deployment\n\nUpon merge the container will be published to `quay.io/freedomofpress` and the new tag will be deployed automatically.\n","funding_links":[],"categories":[],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreedomofpress%2Fsecuredrop-https-everywhere-ruleset","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Ffreedomofpress%2Fsecuredrop-https-everywhere-ruleset","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Ffreedomofpress%2Fsecuredrop-https-everywhere-ruleset/lists"}