I have to use some actions from v3 apparently

.gitea/workflows/release.yaml

@@ -6,13 +6,15 @@ on:
       - v*
 
 jobs:
-  release:
+  build:
     runs-on: ubuntu-latest
+    outputs:
+      zip-file: vision-start-${{ gitea.ref_name }}.zip
     steps:
       - name: Check out repository code
         uses: actions/checkout@v4
-      - name: Setup zip
+      - name: Setup required tools
-        run: sudo apt-get install zip -y
+        run: sudo apt-get install zip jq curl -y
       - name: Install JS dependencies
         run: npm install
       - name: Run build
@@ -24,9 +26,65 @@ jobs:
           mv manifest.json vision-start/
       - name: Create zip archive
         run: zip -r vision-start-${{ gitea.ref_name }}.zip vision-start
+      - name: Upload artifact
+        uses: actions/upload-artifact@v3
+        with:
+          name: release-zip
+          path: vision-start-${{ gitea.ref_name }}.zip
+
+  virus-total-check:
+    runs-on: ubuntu-latest
+    needs: build
+    outputs:
+      analysis-url: ${{ steps.vt-check.outputs.analysis-url }}
+      detection-ratio: ${{ steps.vt-check.outputs.detection-ratio }}
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Setup required tools
+        run: sudo apt-get install jq curl -y
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: release-zip
+      - name: Run VirusTotal check
+        id: vt-check
+        env:
+          virustotal_apikey: ${{ secrets.VIRUSTOTAL_APIKEY }}
+          VIRUS_TOTAL_FILE: vision-start-${{ gitea.ref_name }}.zip
+        run: |
+          # Run the VirusTotal check script and capture output
+          bash scripts/check_virustotal.sh > vt_output.txt 2>&1
+          
+          # Extract analysis URL and detection ratio from output
+          ANALYSIS_URL=$(grep "Analysis URL:" vt_output.txt | cut -d' ' -f3- || echo "Not available")
+          DETECTION_RATIO=$(grep "Detection ratio:" vt_output.txt | cut -d' ' -f3- || echo "Not available")
+          
+          # Set outputs for next job
+          echo "analysis-url=$ANALYSIS_URL" >> $GITEA_OUTPUT
+          echo "detection-ratio=$DETECTION_RATIO" >> $GITEA_OUTPUT
+          
+          # Display the full output
+          cat vt_output.txt
+
+  release:
+    runs-on: ubuntu-latest
+    needs: [build, virus-total-check]
+    steps:
+      - name: Check out repository code
+        uses: actions/checkout@v4
+      - name: Download artifact
+        uses: actions/download-artifact@v3
+        with:
+          name: release-zip
       - name: Release zip
         uses: akkuman/gitea-release-action@v1
         with:
+          body: |
+            This is the release for version ${{ gitea.ref_name }}.
+            
+            **Virus Total Analysis URL:** ${{ needs.virus-total-check.outputs.analysis-url }}
+            **Virus Total Detection Ratio:** ${{ needs.virus-total-check.outputs.detection-ratio }}
           name: ${{ gitea.ref_name }}
           tag_name: ${{ gitea.ref_name }}
           files: vision-start-${{ gitea.ref_name }}.zip

README.md

@@ -7,6 +7,17 @@
 ![Editing page with Abstract Red background](screenshots/editing-abstract-red.png)
 ![Configuration Tab opened](screenshots/configuration-abstract-red.png)
 
+## Installing
+
+Vision Start is not yet available on Chrome Web Store, but it can be installed manually:
+1. Go to https://git.ivanch.me/ivanch/vision-start/releases/latest
+2. Download the latest `vision-start-[version].zip` file
+3. Extract the zip file, you will have a `vision-start` folder
+4. Go to chrome://extensions/
+5. Enable "Developer mode" in the top right corner
+6. Click on "Load unpacked" and select the `vision-start` folder you extracted in step 3
+7. The extension should now be installed! Just open a new tab to see it in action.
+
 ## Backgrounds
 
 It comes with a selection of some nice pre-defined backgrounds. You can also upload up to one image to it.

scripts/check_virustotal.sh

@@ -0,0 +1,113 @@
+#!/bin/bash
+
+# Script to check a file against VirusTotal API
+# Requires: curl, jq
+# Environment variable: virustotal_apikey
+
+set -e
+
+# Configuration
+FILE_PATH="${VIRUS_TOTAL_FILE:-vision-start.zip}"
+API_KEY="${virustotal_apikey}"
+BASE_URL="https://www.virustotal.com/vtapi/v2"
+
+# Check if API key is set
+if [ -z "$API_KEY" ]; then
+    echo "Error: virustotal_apikey environment variable is not set"
+    exit 1
+fi
+
+# Check if file exists
+if [ ! -f "$FILE_PATH" ]; then
+    echo "Error: File $FILE_PATH not found"
+    exit 1
+fi
+
+# Check if required tools are available
+if ! command -v curl &> /dev/null; then
+    echo "Error: curl is required but not installed"
+    exit 1
+fi
+
+if ! command -v jq &> /dev/null; then
+    echo "Error: jq is required but not installed"
+    exit 1
+fi
+
+echo "Uploading $FILE_PATH to VirusTotal for analysis..."
+
+# Upload file to VirusTotal
+UPLOAD_RESPONSE=$(curl -s -X POST \
+    -F "apikey=$API_KEY" \
+    -F "file=@$FILE_PATH" \
+    "$BASE_URL/file/scan")
+
+# Extract scan_id from response
+SCAN_ID=$(echo "$UPLOAD_RESPONSE" | jq -r '.scan_id')
+
+if [ "$SCAN_ID" == "null" ] || [ -z "$SCAN_ID" ]; then
+    echo "Error: Failed to upload file or get scan ID"
+    echo "Response: $UPLOAD_RESPONSE"
+    exit 1
+fi
+
+echo "File uploaded successfully. Scan ID: $SCAN_ID"
+echo "Waiting for analysis to complete..."
+
+# Wait for analysis to complete and get results
+MAX_ATTEMPTS=30
+ATTEMPT=0
+SLEEP_INTERVAL=10
+
+while [ $ATTEMPT -lt $MAX_ATTEMPTS ]; do
+    echo "Checking analysis status (attempt $((ATTEMPT + 1))/$MAX_ATTEMPTS)..."
+    
+    # Get scan report
+    REPORT_RESPONSE=$(curl -s -X POST \
+        -d "apikey=$API_KEY" \
+        -d "resource=$SCAN_ID" \
+        "$BASE_URL/file/report")
+    
+    # Check if analysis is complete
+    RESPONSE_CODE=$(echo "$REPORT_RESPONSE" | jq -r '.response_code')
+    
+    if [ "$RESPONSE_CODE" == "1" ]; then
+        # Analysis complete
+        echo "Analysis completed!"
+        
+        # Extract results
+        POSITIVES=$(echo "$REPORT_RESPONSE" | jq -r '.positives')
+        TOTAL=$(echo "$REPORT_RESPONSE" | jq -r '.total')
+        PERMALINK=$(echo "$REPORT_RESPONSE" | jq -r '.permalink')
+        
+        echo "Analysis URL: $PERMALINK"
+        echo "Detection ratio: $POSITIVES/$TOTAL"
+        
+        # Check if file is safe
+        if [ "$POSITIVES" -eq 0 ]; then
+            echo "✅ File is clean (no threats detected)"
+            exit 0
+        else
+            echo "❌ File contains threats ($POSITIVES detections out of $TOTAL scanners)"
+            exit 1
+        fi
+    elif [ "$RESPONSE_CODE" == "0" ]; then
+        # File not found or analysis not complete yet
+        echo "Analysis still in progress..."
+    elif [ "$RESPONSE_CODE" == "-2" ]; then
+        # Still queued for analysis
+        echo "File still queued for analysis..."
+    else
+        echo "Unexpected response code: $RESPONSE_CODE"
+        echo "Response: $REPORT_RESPONSE"
+        exit 1
+    fi
+    
+    ATTEMPT=$((ATTEMPT + 1))
+    if [ $ATTEMPT -lt $MAX_ATTEMPTS ]; then
+        sleep $SLEEP_INTERVAL
+    fi
+done
+
+echo "Timeout: Analysis did not complete within expected time"
+exit 1