SMC-API v2.1

Author: Nitrrine

.env.example

@@ -1,5 +1,5 @@
 JWT_SECRET_KEY=
-ANALYTICS_API_KEY=
+HIGHLIGHT_PROJECT_ID=
 TURNSTILE_SECRET_KEY=
 VERDICTS_DISCORD_WEBHOOK_URL=
 REPORTS_DISCORD_WEBHOOK_URL=

.github/workflows/docker.yaml

@@ -0,0 +1,23 @@
+name: Build and Publish image to Docker Hub
+
+on:
+  workflow_dispatch:
+
+jobs:
+  docker:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Login to Docker Hub
+        uses: docker/login-action@v3
+        with:
+          username: ${{ vars.DOCKERHUB_USERNAME }}
+          password: ${{ secrets.DOCKERHUB_TOKEN }}
+      - name: Set up QEMU
+        uses: docker/setup-qemu-action@v3
+      - name: Set up Docker Buildx
+        uses: docker/setup-buildx-action@v3
+      - name: Build and push
+        uses: docker/build-push-action@v6
+        with:
+          push: true
+          tags: nitrrine/stopmalwarecontent-api:latest

.github/workflows/ruff.yaml

@@ -0,0 +1,18 @@
+name: Run Ruff check
+on: push
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+      - name: Install Python
+        uses: actions/setup-python@v5
+        with:
+          python-version: "3.13"
+      - name: Install dependencies
+        run: |
+          python -m pip install --upgrade pip
+          pip install ruff
+      # Update output format to enable automatic inline annotations.
+      - name: Run Ruff
+        run: ruff check --output-format=github .

.python-version

@@ -0,0 +1 @@
+3.13

Dockerfile

@@ -0,0 +1,31 @@
+# Use a Python image with uv pre-installed
+FROM ghcr.io/astral-sh/uv:python3.13-bookworm-slim
+
+# Install the project into `/app`
+WORKDIR /app
+
+# Enable bytecode compilation
+ENV UV_COMPILE_BYTECODE=1
+
+# Copy from the cache instead of linking since it's a mounted volume
+ENV UV_LINK_MODE=copy
+
+# Install the project's dependencies using the lockfile and settings
+RUN --mount=type=cache,target=/root/.cache/uv \
+    --mount=type=bind,source=uv.lock,target=uv.lock \
+    --mount=type=bind,source=pyproject.toml,target=pyproject.toml \
+    uv sync --frozen --no-install-project --no-dev
+
+# Then, add the rest of the project source code and install it
+# Installing separately from its dependencies allows optimal layer caching
+ADD . /app
+RUN --mount=type=cache,target=/root/.cache/uv \
+    uv sync --frozen --no-dev
+
+# Place executables in the environment at the front of the path
+ENV PATH="/app/.venv/bin:$PATH"
+
+# Reset the entrypoint, don't invoke `uv`
+ENTRYPOINT []
+
+CMD ["fastapi", "run", "src/main.py", "--host", "0.0.0.0"]

README.md

@@ -1,4 +1,5 @@
 # StopMalwareContent - API
+
 ![Uptime](https://img.shields.io/endpoint?url=https%3A%2F%2Fraw.githubusercontent.com%2Flodinesoftware%2Fuptime%2Fmaster%2Fapi%2Fstop-malware-content-api%2Fuptime.json)
 
-Powered by FastAPI
+An official API for StopMalwareContent Extension, written in Python, using FastAPI.

SECURITY.md

@@ -0,0 +1,32 @@
+# Security Notice
+
+The notice explains how vulnerabilities should be reported.
+
+# Reporting a Vulnerability
+
+If you've found a vulnerability, we would like to know so we can fix it before it is released publicly.
+**Do not open a GitHub issue for a found vulnerability**.
+
+Send details to [nitrrine@team.lodine.xyz](nitrrine@team.lodine.xyz) or through a Discord direct message to an Admin of this project, including:
+
+- the website, page or repository where the vulnerability can be observed
+- a brief description of the vulnerability
+- optionally the type of vulnerability and any related [OWASP category](https://www.owasp.org/index.php/Category:OWASP_Top_Ten_2017_Project)
+- non-destructive exploitation details
+
+We will do our best to reply as fast as possible.
+
+# Scope
+
+The following vulnerabilities **are not** in scope:
+
+- volumetric vulnerabilities, for example overwhelming a service with a high volume of requests
+- reports indicating that our services do not fully align with “best practice”, for example missing security headers
+
+If you aren't sure, you can still reach out via email or direct message.
+
+---
+
+This notice is inspired by the [Python Discord Security Notice](https://github.com/python-discord/site/tree/main/pydis_site/apps/content/resources/security-notice.md).
+
+_Version 2025-01_

config/database.py

@@ -0,0 +1,18 @@
+[project]
+name = "stopmalwarecontent-api"
+version = "2.1.0"
+description = "API for StopMalwareContent Extension."
+readme = "README.md"
+requires-python = ">=3.13"
+dependencies = [
+    "authx>=1.4.2",
+    "fastapi[standard]>=0.115.12",
+    "highlight-io>=0.10.1",
+    "pymongo>=4.12.0",
+    "python-dotenv>=1.1.0",
+    "requests>=2.32.3",
+    "ruff>=0.11.6",
+]
+
+[tool.ruff]
+indent-width = 2