- Rewrite DDoS tests to use ensemble detector (remove KNN model setup)
- Update scanner tests for ensemble-based detection
- Remove legacy model construction helpers from benchmarks
- Add copyright headers to test files
Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
Add `// Copyright Sunbeam Studios 2026` and `// SPDX-License-Identifier:
Apache-2.0` headers to all source files missing them. Update LICENSE
copyright year, Dockerfile copyright header, and .dockerignore for new
project structure (lean4/, docs/, training artifacts).
Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
Expand DDoS feature vector to 14 dimensions (cookie_ratio, referer_ratio,
accept_language_ratio, suspicious_path_ratio). Add heuristic auto-labeling
to DDoS trainer. Update benchmarks and tests to match new feature vectors.
Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
Add in-memory HTTP response cache using pingora-cache MemCache backend.
Cache runs after the detection pipeline so cache hits bypass upstream
request modifications and body rewriting. Respects Cache-Control
(no-store, private, s-maxage, max-age), skips caching for routes with
body rewrites or auth subrequest headers, and supports configurable
default TTL, stale-while-revalidate, and max file size per route.
Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
Add static file serving with try_files chain ($uri, $uri.html,
$uri/index.html, fallback), regex-based URL rewrites compiled at
startup, response body find/replace for text/html and JS content,
auth subrequests with header capture for path routes, and custom
response headers per route. Extends RouteConfig with static_root,
fallback, rewrites, body_rewrites, and response_headers fields.
Signed-off-by: Sienna Meridian Satterwhite <sienna@sunbeam.pt>
