Translated using Weblate (Spanish)

Currently translated at 100.0% (308 of 308 strings)

.env

@@ -42,18 +42,22 @@ CORS_ALLOW_ORIGIN='^https?://(localhost|127\.0\.0\.1)(:[0-9]+)?$'
 ###> symfony/lock ###
 # Choose one of the stores below
 # postgresql+advisory://db_user:db_password@localhost/db_name
-LOCK_DSN=flock
+LOCK_DSN=redis://localhost:6379
 ###< symfony/lock ###
 
 ###> symfony/mailer ###
 MAILER_DSN=null://null
 ###< symfony/mailer ###
 
+MESSENGER_CONSUMER_NAME=worker
+
 ###> symfony/messenger ###
 # Choose one of the transports below
 # MESSENGER_TRANSPORT_DSN=amqp://guest:guest@localhost:5672/%2f/messages
 # MESSENGER_TRANSPORT_DSN=redis://localhost:6379/messages
-MESSENGER_TRANSPORT_DSN=doctrine://default?auto_setup=0
+MESSENGER_ASYNC_TRANSPORT_DSN=redis://localhost:6379/messages?lazy=1
+MESSENGER_RDAP_LOW_TRANSPORT_DSN=redis://localhost:6379/messages-rdap-low?lazy=1
+MESSENGER_RDAP_HIGH_TRANSPORT_DSN=redis://localhost:6379/messages-rdap-high?lazy=1
 ###< symfony/messenger ###
 
 
@@ -69,6 +73,7 @@ OAUTH_AUTHORIZATION_URL=
 OAUTH_TOKEN_URL=
 OAUTH_USERINFO_URL=
 OAUTH_SCOPE=
+SSO_AUTO_REDIRECT=false
 
 # Typically your IP address, this envvar is required for
 # some connectors that need to be provided with your host's
@@ -81,6 +86,7 @@ LIMITED_FEATURES=false
 LIMIT_MAX_WATCHLIST=0
 LIMIT_MAX_WATCHLIST_DOMAINS=0
 LIMIT_MAX_WATCHLIST_WEBHOOKS=0
+PUBLIC_RDAP_LOOKUP_ENABLE=false
 
 # STATISTICS
 INFLUXDB_ENABLED=false

.env.test

@@ -9,3 +9,17 @@ LIMITED_FEATURES=true
 LIMIT_MAX_WATCHLIST=10
 LIMIT_MAX_WATCHLIST_DOMAINS=10
 LIMIT_MAX_WATCHLIST_WEBHOOKS=10
+
+# TEST
+GANDI_PAT_TOKEN=
+
+NAMECOM_USERNAME=
+NAMECOM_PASSWORD=
+
+NAMECHEAP_USERNAME=
+NAMECHEAP_TOKEN=
+
+# Typically your IP address, this envvar is required for
+# some connectors that need to be provided with your host's
+# outgoing IP address.
+OUTGOING_IP=

.github/workflows/lint-and-tests.yml

@@ -2,12 +2,16 @@ name: Lint and Tests
 
 on:
     push:
-        branches: [ "master", "develop" ]
+        branches: [ "develop" ]
+        paths-ignore: [ "docs/**" ]
     pull_request:
-        branches: [ "master", "develop" ]
+        branches: [ "develop" ]
+        paths-ignore: [ "docs/**" ]
 
 permissions:
     contents: read
+    checks: write
+    pull-requests: write
 
 jobs:
     php-setup:
@@ -22,7 +26,7 @@ jobs:
             -   name: Set up PHP
                 uses: shivammathur/setup-php@v2
                 with:
-                    php-version: '8.3'
+                    php-version: '8.4'
                     extensions: mbstring, xml, intl, curl, iconv, pdo_pgsql, sodium, zip, http
 
             -   name: Cache Composer dependencies
@@ -65,7 +69,7 @@ jobs:
             -   name: Set up PHP
                 uses: shivammathur/setup-php@v2
                 with:
-                    php-version: '8.3'
+                    php-version: '8.4'
 
             -   name: Run PHPStan
                 run: vendor/bin/phpstan analyse
@@ -92,7 +96,7 @@ jobs:
             -   name: Set up PHP
                 uses: shivammathur/setup-php@v2
                 with:
-                    php-version: '8.3'
+                    php-version: '8.4'
 
             -   name: Run PHP-CS-Fixer
                 run: vendor/bin/php-cs-fixer fix --dry-run --diff
@@ -102,6 +106,10 @@ jobs:
         name: Tests
         runs-on: ubuntu-latest
         needs: [ php-setup, cs-fixer, phpstan ]
+        env:
+            GANDI_PAT_TOKEN: ${{ secrets.GANDI_PAT_TOKEN }}
+            NAMECOM_USERNAME: ${{ secrets.NAMECOM_USERNAME }}
+            NAMECOM_PASSWORD: ${{ secrets.NAMECOM_PASSWORD }}
         services:
             postgres:
                 image: postgres
@@ -114,6 +122,15 @@ jobs:
                     --health-retries 5
                 ports:
                     - 5432:5432
+            valkey:
+                image: valkey/valkey:latest
+                options: >-
+                    --health-cmd "valkey-cli ping"
+                    --health-interval 10s
+                    --health-timeout 5s
+                    --health-retries 5
+                ports:
+                    - 6379:6379
         steps:
             -   name: Checkout code
                 uses: actions/checkout@v3
@@ -130,7 +147,7 @@ jobs:
             -   name: Set up PHP
                 uses: shivammathur/setup-php@v2
                 with:
-                    php-version: '8.3'
+                    php-version: '8.4'
                     extensions: mbstring, xml, intl, curl, iconv, pdo_pgsql, sodium, zip, http
 
             -   name: Prepare database
@@ -143,7 +160,14 @@ jobs:
                 run: ln -s custom_rdap_servers.example.yaml config/app/custom_rdap_servers.yaml
 
             -   name: Run PHPUnit
-                run: vendor/bin/phpunit --coverage-text
+                run: vendor/bin/phpunit --coverage-text --log-junit test-results.xml
+
+            -   name: Publish Test Results
+                uses: EnricoMi/publish-unit-test-result-action@v2
+                if: (!cancelled())
+                with:
+                    files: |
+                        test-results.xml
 
     eslint:
         name: ESLint

.github/workflows/publish-docs.yml

@@ -0,0 +1,76 @@
+name: Publish Documentation
+
+on:
+    push:
+        paths: [ 'docs/**' ]
+        branches: [ develop ]
+
+jobs:
+    build:
+        runs-on: ubuntu-latest
+        environment:
+            name: Domain Watchdog Documentation
+            url: https://domainwatchdog.eu
+
+        steps:
+            -   name: Checkout source
+                uses: actions/checkout@v5
+                with:
+                    fetch-depth: 0
+
+            -   name: Set up PHP
+                uses: shivammathur/setup-php@v2
+                with:
+                    php-version: '8.4'
+                    extensions: mbstring, xml, intl, curl, iconv, pdo_pgsql, sodium, zip, http
+
+            -   name: Cache Composer dependencies
+                uses: actions/cache@v3
+                with:
+                    path: vendor
+                    key: ${{ runner.os }}-composer-${{ hashFiles('**/composer.lock') }}
+                    restore-keys: |
+                        ${{ runner.os }}-composer-
+
+            -   name: Install dependencies
+                run: composer install --prefer-dist --no-progress --no-suggest --optimize-autoloader
+
+            -   name: Generate Swagger JSON
+                run: bin/console api:openapi:export --output=docs/swagger_docs.json
+
+            -   name: Setup Node
+                uses: actions/setup-node@v4
+                with:
+                    node-version: 24
+
+            -   name: Install dependencies
+                run: npm install --global yarn && yarn install
+                working-directory: docs
+
+            -   name: Build Astro site
+                run: yarn run build
+                working-directory: docs
+
+
+            -   name: Clean target folder on server
+                uses: appleboy/ssh-action@v1
+                with:
+                    host: dw1.srv.domainwatchdog.eu
+                    port: 2004
+                    username: deploy
+                    key: ${{ secrets.DEPLOYER_PRIVATE_KEY }}
+                    script: |
+                        rm -rf /var/www/domainwatchdog.eu/*
+
+            -   name: Upload build via SCP
+                uses: appleboy/scp-action@master
+                with:
+                    host: dw1.srv.domainwatchdog.eu
+                    port: 2004
+                    username: deploy
+                    key: ${{ secrets.DEPLOYER_PRIVATE_KEY }}
+                    source: "docs/dist/*"
+                    target: /var/www/domainwatchdog.eu/
+                    overwrite: true
+                    debug: true
+                    strip_components: 2

CODE-OF-CONDUCT.md

@@ -1,118 +1,87 @@
-# Code of conduct
+# Contributor Covenant 3.0 Code of Conduct
 
 ## Our Pledge
 
-We as members, contributors, and leaders pledge to make participation in our
-community a harassment-free experience for everyone, regardless of age, body
-size, visible or invisible disability, ethnicity, sex characteristics, gender
-identity and expression, level of experience, education, socio-economic status,
-nationality, personal appearance, race, caste, color, religion, or sexual
-identity and orientation.
+We pledge to make our community welcoming, safe, and equitable for all.
 
-We pledge to act and interact in ways that contribute to an open, welcoming,
-diverse, inclusive, and healthy community.
+We are committed to fostering an environment that respects and promotes the dignity, rights, and contributions of all individuals, regardless of characteristics including race, ethnicity, caste, color, age, physical characteristics, neurodiversity, disability, sex or gender, gender identity or expression, sexual orientation, language, philosophy or religion, national or social origin, socio-economic position, level of education, or other status. The same privileges of participation are extended to everyone who participates in good faith and in accordance with this Covenant.
 
-## Our Standards
 
-Examples of behavior that contributes to a positive environment for our
-community include:
+## Encouraged Behaviors
 
-* Demonstrating empathy and kindness toward other people
-* Being respectful of differing opinions, viewpoints, and experiences
-* Giving and gracefully accepting constructive feedback
-* Accepting responsibility and apologizing to those affected by our mistakes,
-  and learning from the experience
-* Focusing on what is best not just for us as individuals, but for the overall
-  community
+While acknowledging differences in social norms, we all strive to meet our community's expectations for positive behavior. We also understand that our words and actions may be interpreted differently than we intend based on culture, background, or native language.
 
-Examples of unacceptable behavior include:
+With these considerations in mind, we agree to behave mindfully toward each other and act in ways that center our shared values, including:
 
-* The use of sexualized language or imagery, and sexual attention or advances of
-  any kind
-* Trolling, insulting or derogatory comments, and personal or political attacks
-* Public or private harassment
-* Publishing others' private information, such as a physical or email address,
-  without their explicit permission
-* Other conduct which could reasonably be considered inappropriate in a
-  professional setting
+1. Respecting the **purpose of our community**, our activities, and our ways of gathering.
+2. Engaging **kindly and honestly** with others.
+3. Respecting **different viewpoints** and experiences.
+4. **Taking responsibility** for our actions and contributions.
+5. Gracefully giving and accepting **constructive feedback**.
+6. Committing to **repairing harm** when it occurs.
+7. Behaving in other ways that promote and sustain the **well-being of our community**.
 
-## Enforcement Responsibilities
 
-Community leaders are responsible for clarifying and enforcing our standards of
-acceptable behavior and will take appropriate and fair corrective action in
-response to any behavior that they deem inappropriate, threatening, offensive,
-or harmful.
+## Restricted Behaviors
+
+We agree to restrict the following behaviors in our community. Instances, threats, and promotion of these behaviors are violations of this Code of Conduct.
+
+1. **Harassment.** Violating explicitly expressed boundaries or engaging in unnecessary personal attention after any clear request to stop.
+2. **Character attacks.** Making insulting, demeaning, or pejorative comments directed at a community member or group of people.
+3. **Stereotyping or discrimination.** Characterizing anyone’s personality or behavior on the basis of immutable identities or traits.
+4. **Sexualization.** Behaving in a way that would generally be considered inappropriately intimate in the context or purpose of the community.
+5. **Violating confidentiality**. Sharing or acting on someone's personal or private information without their permission.
+6. **Endangerment.** Causing, encouraging, or threatening violence or other harm toward any person or group.
+7. Behaving in other ways that **threaten the well-being** of our community.
+
+### Other Restrictions
+
+1. **Misleading identity.** Impersonating someone else for any reason, or pretending to be someone else to evade enforcement actions.
+2. **Failing to credit sources.** Not properly crediting the sources of content you contribute.
+3. **Promotional materials**. Sharing marketing or other commercial content in a way that is outside the norms of the community.
+4. **Irresponsible communication.** Failing to responsibly present content which includes, links or describes any other restricted behaviors.
+
+
+## Reporting an Issue
+
+Tensions can occur between community members even when they are trying their best to collaborate. Not every conflict represents a code of conduct violation, and this Code of Conduct reinforces encouraged behaviors and norms that can help avoid conflicts and minimize harm.
+
+When an incident does occur, it is important to report it promptly. To report a possible violation, please contact the maintainer.
+
+Community Moderators take reports of violations seriously and will make every effort to respond in a timely manner. They will investigate all reports of code of conduct violations, reviewing messages, logs, and recordings, or interviewing witnesses and other participants. Community Moderators will keep investigation and enforcement actions as transparent as possible while prioritizing safety and confidentiality. In order to honor these values, enforcement actions are carried out in private with the involved parties, but communicating to the whole community may be part of a mutually agreed upon resolution.
+
+
+## Addressing and Repairing Harm
+
+If an investigation by the Community Moderators finds that this Code of Conduct has been violated, the following enforcement ladder may be used to determine how best to repair harm, based on the incident's impact on the individuals involved and the community as a whole. Depending on the severity of a violation, lower rungs on the ladder may be skipped.
+
+1) Warning
+    1) Event: A violation involving a single incident or series of incidents.
+    2) Consequence: A private, written warning from the Community Moderators.
+    3) Repair: Examples of repair include a private written apology, acknowledgement of responsibility, and seeking clarification on expectations.
+2) Temporarily Limited Activities
+    1) Event: A repeated incidence of a violation that previously resulted in a warning, or the first incidence of a more serious violation.
+    2) Consequence: A private, written warning with a time-limited cooldown period designed to underscore the seriousness of the situation and give the community members involved time to process the incident. The cooldown period may be limited to particular communication channels or interactions with particular community members.
+    3) Repair: Examples of repair may include making an apology, using the cooldown period to reflect on actions and impact, and being thoughtful about re-entering community spaces after the period is over.
+3) Temporary Suspension
+    1) Event: A pattern of repeated violation which the Community Moderators have tried to address with warnings, or a single serious violation.
+    2) Consequence: A private written warning with conditions for return from suspension. In general, temporary suspensions give the person being suspended time to reflect upon their behavior and possible corrective actions.
+    3) Repair: Examples of repair include respecting the spirit of the suspension, meeting the specified conditions for return, and being thoughtful about how to reintegrate with the community when the suspension is lifted.
+4) Permanent Ban
+    1) Event: A pattern of repeated code of conduct violations that other steps on the ladder have failed to resolve, or a violation so serious that the Community Moderators determine there is no way to keep the community safe with this person as a member.
+    2) Consequence: Access to all community spaces, tools, and communication channels is removed. In general, permanent bans should be rarely used, should have strong reasoning behind them, and should only be resorted to if working through other remedies has failed to change the behavior.
+    3) Repair: There is no possible repair in cases of this severity.
+
+This enforcement ladder is intended as a guideline. It does not limit the ability of Community Managers to use their discretion and judgment, in keeping with the best interests of our community.
 
-Community leaders have the right and responsibility to remove, edit, or reject
-comments, commits, code, wiki edits, issues, and other contributions that are
-not aligned to this Code of Conduct, and will communicate reasons for moderation
-decisions when appropriate.
 
 ## Scope
 
-This Code of Conduct applies within all community spaces, and also applies when
-an individual is officially representing the community in public spaces.
-Examples of representing our community include using an official email address,
-posting via an official social media account, or acting as an appointed
-representative at an online or offline event.
+This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public or other spaces. Examples of representing our community include using an official email address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
 
-## Enforcement
-
-Instances of abusive, harassing, or otherwise unacceptable behavior may be
-reported to the community leaders responsible for enforcement at contact@maelgangloff.fr.
-All complaints will be reviewed and investigated promptly and fairly.
-
-All community leaders are obligated to respect the privacy and security of the
-reporter of any incident.
-
-## Enforcement Guidelines
-
-Community leaders will follow these Community Impact Guidelines in determining
-the consequences for any action they deem in violation of this Code of Conduct:
-
-### 1. Correction
-
-**Community Impact**: Use of inappropriate language or other behavior deemed
-unprofessional or unwelcome in the community.
-
-**Consequence**: A private, written warning from community leaders, providing
-clarity around the nature of the violation and an explanation of why the
-behavior was inappropriate. A public apology may be requested.
-
-### 2. Warning
-
-**Community Impact**: A violation through a single incident or series of
-actions.
-
-**Consequence**: A warning with consequences for continued behavior. No
-interaction with the people involved, including unsolicited interaction with
-those enforcing the Code of Conduct, for a specified period of time. This
-includes avoiding interactions in community spaces as well as external channels
-like social media. Violating these terms may lead to a temporary or permanent
-ban.
-
-### 3. Temporary Ban
-
-**Community Impact**: A serious violation of community standards, including
-sustained inappropriate behavior.
-
-**Consequence**: A temporary ban from any sort of interaction or public
-communication with the community for a specified period of time. No public or
-private interaction with the people involved, including unsolicited interaction
-with those enforcing the Code of Conduct, is allowed during this period.
-Violating these terms may lead to a permanent ban.
-
-### 4. Permanent Ban
-
-**Community Impact**: Demonstrating a pattern of violation of community
-standards, including sustained inappropriate behavior, harassment of an
-individual, or aggression toward or disparagement of classes of individuals.
-
-**Consequence**: A permanent ban from any sort of public interaction within the
-community.
 
 ## Attribution
 
-This Code of Conduct is adapted from the [Contributor Covenant][homepage],
-version 2.1, available at
-[https://www.contributor-covenant.org/version/2/1/code_of_conduct.html][v2.1].
+This Code of Conduct is adapted from the Contributor Covenant, version 3.0, permanently available at [https://www.contributor-covenant.org/version/3/0/](https://www.contributor-covenant.org/version/3/0/).
+
+Contributor Covenant is stewarded by the Organization for Ethical Source and licensed under CC BY-SA 4.0. To view a copy of this license, visit [https://creativecommons.org/licenses/by-sa/4.0/](https://creativecommons.org/licenses/by-sa/4.0/)

CODEOWNERS

@@ -0,0 +1 @@
+*   contact@maelgangloff.fr

Dockerfile

@@ -1,7 +1,7 @@
 # syntax=docker/dockerfile:1.4
 
 # Versions
-FROM dunglas/frankenphp:1-php8.3 AS frankenphp_upstream
+FROM dunglas/frankenphp:1-php8.4 AS frankenphp_upstream
 
 # The different stages of this Dockerfile are meant to be built into separate images
 # https://docs.docker.com/develop/develop-images/multistage-build/#stop-at-a-specific-build-stage

INSTALL.md

@@ -1,121 +0,0 @@
-# Installation and Update
-
-## Installation
-
-To deploy a Domain Watchdog instance, please refer to the Symfony documentation
-on [How to deploy a Symfony application](https://symfony.com/doc/current/deployment.html).
-
-### Prerequisites
-
-- PHP 8.2 or higher
-- PostgreSQL 16 or higher
-
-In order to retrieve information about domain names, Domain Watchdog will query the RDAP server responsible for the TLD.
-It is crucial that the Domain Watchdog instance is placed in a clean environment from which these servers can be
-queried.
-In particular, the DNS servers and root certificates of the system must be trusted.
-
-### Steps
-
-Clone the repository:
-
-```shell
-git clone https://github.com/maelgangloff/domain-watchdog.git
- ```
-
-#### Backend
-
-1. Install dependencies:
-    ```shell
-    composer install
-    ```
-2. Set up your environment variables:
-    ```shell
-    cp .env .env.local
-    ```
-3. Generate the cryptographic key pair for the JWT signature
-    ```shell
-    php bin/console lexik:jwt:generate-keypair
-    ```
-4. Run database migrations:
-    ```shell
-    php bin/console doctrine:migrations:migrate
-    ```
-5. Start the Symfony server:
-    ```shell
-    symfony server:start
-    ```
-6. Build assets:
-   ```shell
-   php bin/console assets:install
-   ```
-7. Don't forget to set up workers to process the [message queue](https://symfony.com/doc/current/messenger.html)
-
-#### Frontend
-
-1. Install dependencies:
-    ```shell
-    yarn install
-    ```
-2. Generate language files:
-    ```shell
-    yarn run ttag:po2json
-    ```
-3. Make the final build:
-    ```shell
-    yarn build
-    ```
-4. Add and modify the following files as you wish:
-   ~~~
-   public/content/home.md
-   public/content/privacy.md
-   public/content/tos.md
-   public/content/faq.md
-   public/images/icons-512.png
-   public/images/banner.png
-   public/favicon.ico
-   ~~~
-
-## Update
-
-**Any updates are your responsibility. Make a backup of the data if necessary.**
-
-Fetch updates from the remote repository:
-
-```shell
-git pull origin master
- ```
-
-### Backend
-
-1. Install dependencies:
-    ```shell
-    composer install
-    ```
-2. Run database migrations:
-    ```shell
-    php bin/console doctrine:migrations:migrate
-    ```
-3. Clearing the Symfony cache:
-   ```shell
-   php bin/console cache:clear
-    ```
-4. Build assets:
-   ```shell
-   php bin/console assets:install
-   ```
-
-### Frontend
-
-1. Install dependencies:
-    ```shell
-    yarn install
-    ```
-2. Generate language files:
-    ```shell
-    yarn run ttag:po2json
-    ```
-3. Make the final build:
-    ```shell
-    yarn build
-    ```

README.md

@@ -3,8 +3,9 @@
 <p align="center">Your companion in the quest for domain names 🔍 <br/><a href="https://domainwatchdog.eu">domainwatchdog.eu »</a></p>
 <br/>
 
-Domain Watchdog is an app that uses RDAP to collect publicly available info about domains, track their history, and purchase them.
-For more information please check [the wiki](https://github.com/maelgangloff/domain-watchdog/wiki) !
+Domain Watchdog is an app that uses RDAP to collect publicly available info about domains, track their history, and
+purchase them.  
+For more information please check out [the documentation](https://domainwatchdog.eu) !
 
 ## Why use it?
 
@@ -20,73 +21,42 @@ detailed history of events (ownership changes, renewals, etc.) is not feasible w
 ## Install
 
 > [!TIP]
-> For more details on the installation procedure, please refer to [INSTALL.md](/INSTALL.md).
+> For more details on the installation procedure, please refer to [the documentation](https://domainwatchdog.eu/en/install-config/install/docker-compose/).
 
 ### Docker Deployment
 
-1. Clone the repository
-2. Modify environment variables (.env) and add static files to customize your instance (see [INSTALL.md](/INSTALL.md))
-3. Pull the latest version of the Domain Watchdog image from Docker Hub.
-    ```shell
-    docker compose pull
-    ```
-4. Start the project in production environment. If you want, you can also build the Docker image to use yourself.
-    ```shell
-    docker compose up
-    ```
+1. Download the [docker-compose.yml](https://github.com/maelgangloff/domain-watchdog/blob/develop/docker-compose.yml)
+   and modify it as needed
+2. Download the [.env](https://github.com/maelgangloff/domain-watchdog/blob/develop/.env) and modify it as needed
+3. Add static files to customize your instance (under `public/content`)
+4. Pull the latest version of the Domain Watchdog image from Docker Hub
+
+```shell
+docker compose pull
+```
+
+5. Start the project in production environment
+
+```shell
+docker compose up
+```
 
 By default, the container listens on http://localhost:8080, but you can configure this in environment variables.
-See the [Docker Compose file](./docker-compose.yml).
 
-## Features
+## Development and contributions
 
-### Auto-purchase domain
+See [the documentation](https://domainwatchdog.eu) for information on setting up a development environment and making
+your contributions.  
+To add a new provider, a [dedicated page](https://domainwatchdog.eu/en/developing/implementing-new-provider/) is available.
 
-A connector is a way to order a domain name. It is important to mention that this project does not act as a payment
-intermediary.
-Indeed, the user's credentials are directly used to enable the purchase via the provider's API. To this end, the user
-gives his consent to define the legal framework in which the use of his account with the provider's API will be made.
+## Security
 
-The table below lists the supported API connector providers:
+Please see [SECURITY.md](./SECURITY.md).
 
-|                                  Provider                                  |    Supported     |
-|:--------------------------------------------------------------------------:|:----------------:|
-|                         [OVH](https://api.ovh.com)                         |     **Yes**      |
-|                [GANDI](https://api.gandi.net/docs/domains/)                |     **Yes**      |
-| [NAMECHEAP](https://www.namecheap.com/support/api/methods/domains/create/) |     **Yes**      |
-|                   [AUTODNS](https://cloud.autodns.com/)                    |     **Yes**      |
-|              [NAME.COM](https://www.name.com/en-en/api-docs/)              |     **Yes**      |
-|                             Custom EPP Server                              | **EXPERIMENTAL** |
+## License
 
-If a domain has expired and a connector is linked to the Watchlist, then Domain Watchdog will try to order it via the
-connector provider's API.
-
-Note: If the same domain name is present on several Watchlists, it is not possible to predict in advance which user will
-win the domain name. The choice is left to chance.
-
-### Monitoring
-
-![Watchlist Diagram](https://github.com/user-attachments/assets/c3454572-3ac5-4b39-bc5e-6b7cf72fab92)
-
-
-A watchlist is a list of domain names, triggers and possibly an API connector.
-
-They allow you to follow the life of the listed domain names and send you a notification when a change has been
-detected.
-
-A notification to the user is sent when a new event occurs on one of the domain names in the Watchlist. This can be an
-email or a chat via Webhook (Slack, Mattermost, Discord, ...). An iCalendar export of domain events is possible.
-
-### RDAP search
-
-The latest version of the WHOIS protocol was standardized in 2004 by RFC 3912.[^1] This protocol allows anyone to
-retrieve key information concerning a domain name, an IP address, or an entity registered with a registry.
-
-ICANN launched a global vote in 2023 to propose replacing the WHOIS protocol with RDAP. As a result, registries and
-registrars will no longer be required to support WHOIS from 2025 (*WHOIS Sunset Date*).[^2]
-
-Domain Watchdog uses the RDAP protocol, which will soon be the new standard for retrieving information concerning domain
-names.
+This source code of this project is licensed under *GNU Affero General Public License v3.0 or later*.
+Contributions are welcome as long as they do not contravene the Code of Conduct.
 
 ## Disclaimer
 
@@ -96,20 +66,5 @@ names.
     caching system, etc.
 > * Please note that this project is NOT affiliated IN ANY WAY with the API Providers used to order domain names.
 > * The project installers are responsible for the use of their own instance.
-> * Under no circumstances will the owner of this project be held responsible for other cases over which he has no control.
-
-## Useful documentation
-
-> [!NOTE]
-> - [RFC 7482 : Registration Data Access Protocol (RDAP) Query Format](https://datatracker.ietf.org/doc/html/rfc7482)
-> - [RFC 7483 : JSON Responses for the Registration Data Access Protocol (RDAP)](https://datatracker.ietf.org/doc/html/rfc7483)
-> - [RFC 7484 : Finding the Authoritative Registration Data (RDAP) Service](https://datatracker.ietf.org/doc/html/rfc7484)
-
-## Licensing
-
-This source code of this project is licensed under *GNU Affero General Public License v3.0 or later*.
-Contributions are welcome as long as they do not contravene the Code of Conduct.
-
-[^1]: RFC 3912 : WHOIS Protocol Specification. (2004). IETF Datatracker. https://datatracker.ietf.org/doc/html/rfc3912
-[^2]: 2023 Global Amendments to the Base gTLD Registry Agreement (RA), Specification 13, and 2013 Registrar
-Accreditation Agreement (RAA) - ICANN. (2023). https://www.icann.org/resources/pages/global-amendment-2023-en
+> * Under no circumstances will the owner of this project be held responsible for other cases over which he has no
+    control.

assets/App.tsx

@@ -1,4 +1,4 @@
-import {Button, ConfigProvider, FloatButton, Layout, Space, theme, Tooltip, Typography} from 'antd'
+import {Alert, Button, ConfigProvider, Drawer, Flex, Layout, message, theme, Typography} from 'antd'
 import {Link, Navigate, Route, Routes, useLocation, useNavigate} from 'react-router-dom'
 import TextPage from './pages/TextPage'
 import DomainSearchPage from './pages/search/DomainSearchPage'
@@ -7,43 +7,90 @@ import TldPage from './pages/infrastructure/TldPage'
 import StatisticsPage from './pages/StatisticsPage'
 import WatchlistPage from './pages/tracking/WatchlistPage'
 import UserPage from './pages/UserPage'
+import type {PropsWithChildren} from 'react'
 import React, {useCallback, useEffect, useMemo, useState} from 'react'
-import {getUser} from './utils/api'
-import LoginPage, {AuthenticatedContext} from './pages/LoginPage'
+import {getConfiguration, getUser, type InstanceConfig} from './utils/api'
+import LoginPage from './pages/LoginPage'
 import ConnectorPage from './pages/tracking/ConnectorPage'
 import NotFoundPage from './pages/NotFoundPage'
 import useBreakpoint from './hooks/useBreakpoint'
 import {Sider} from './components/Sider'
 import {jt, t} from 'ttag'
-import {BugOutlined, InfoCircleOutlined, MergeOutlined} from '@ant-design/icons'
+import {MenuOutlined} from '@ant-design/icons'
 import TrackedDomainPage from './pages/tracking/TrackedDomainPage'
 import IcannRegistrarPage from "./pages/infrastructure/IcannRegistrarPage"
+import type {AuthContextType} from "./contexts"
+import {AuthenticatedContext, ConfigurationContext} from "./contexts"
 
 const PROJECT_LINK = 'https://github.com/maelgangloff/domain-watchdog'
 const LICENSE_LINK = 'https://www.gnu.org/licenses/agpl-3.0.txt'
 
-const ProjectLink = <Typography.Link target='_blank' href={PROJECT_LINK}>Domain Watchdog</Typography.Link>
-const LicenseLink = <Typography.Link target='_blank' href={LICENSE_LINK}>AGPL-3.0-or-later</Typography.Link>
+const ProjectLink = <Typography.Link key="projectLink" target='_blank' href={PROJECT_LINK}>Domain
+    Watchdog</Typography.Link>
+const LicenseLink = <Typography.Link key="licenceLink" target='_blank' rel='license'
+                                     href={LICENSE_LINK}>AGPL-3.0-or-later</Typography.Link>
+
+function SiderWrapper(props: PropsWithChildren<{
+    sidebarCollapsed: boolean,
+    setSidebarCollapsed: (collapsed: boolean) => void
+}>): React.ReactElement {
+    const {sidebarCollapsed, setSidebarCollapsed, children} = props
+    const sm = useBreakpoint('sm')
+    const location = useLocation()
+
+    useEffect(() => {
+        if (sm) {
+            setSidebarCollapsed(false)
+        }
+    }, [location])
+
+    if (sm) {
+        return <Drawer
+            placement="left"
+            open={sidebarCollapsed}
+            onClose={() => setSidebarCollapsed(false)}
+            closeIcon={null}
+            styles={{body: {padding: 0, height: '100%', background: '#001529'}}}
+            width='200px'>
+            {children}
+        </Drawer>
+    } else {
+        return <Layout.Sider
+            collapsible
+            breakpoint='sm'
+            width={220}
+            trigger={null}
+            collapsed={sidebarCollapsed && sm}
+            {...(sm ? {collapsedWidth: 0} : {})}>
+            {children}
+        </Layout.Sider>
+    }
+}
 
 export default function App(): React.ReactElement {
     const navigate = useNavigate()
     const location = useLocation()
     const sm = useBreakpoint('sm')
 
-    const [isAuthenticated, setIsAuthenticated] = useState(false)
-
-    const authenticated = useCallback((authenticated: boolean) => {
-        setIsAuthenticated(authenticated)
-    }, [])
-
-    const contextValue = useMemo(() => ({
-        authenticated,
-        setIsAuthenticated
-    }), [authenticated, setIsAuthenticated])
-
+    const [sidebarCollapsed, setSidebarCollapsed] = useState(false)
+    const [isAuthenticated, setIsAuthenticated] = useState<boolean | undefined>(undefined)
+    const [configuration, setConfiguration] = useState<InstanceConfig | undefined>(undefined)
     const [darkMode, setDarkMode] = useState(false)
+    const [dismissLoginAlert, setDismissLoginAlert] = useState(() => localStorage.getItem('dismiss-login-alert') === 'true')
 
     const windowQuery = window.matchMedia('(prefers-color-scheme:dark)')
+    const [messageApi, contextHolder] = message.useMessage()
+
+
+    const authContextValue: AuthContextType = useMemo(() => ({
+        isAuthenticated,
+        setIsAuthenticated
+    }), [isAuthenticated])
+
+    const configContextValue = useMemo(() => ({
+        configuration,
+    }), [configuration])
+
     const darkModeChange = useCallback((event: MediaQueryListEvent) => {
         setDarkMode(event.matches)
     }, [])
@@ -55,16 +102,23 @@ export default function App(): React.ReactElement {
         }
     }, [windowQuery, darkModeChange])
 
+    useEffect(() => localStorage.setItem('dismiss-login-alert', dismissLoginAlert.toString()), [dismissLoginAlert])
+
     useEffect(() => {
         setDarkMode(windowQuery.matches)
+        getConfiguration().then(configuration => {
+            setConfiguration(configuration)
+
             getUser().then(() => {
                 setIsAuthenticated(true)
                 if (location.pathname === '/login') navigate('/home')
             }).catch(() => {
                 setIsAuthenticated(false)
                 const pathname = location.pathname
-            if (!['/login', '/tos', '/faq', '/privacy'].includes(pathname)) navigate('/home')
+                if (configuration.publicRdapLookupEnabled) return navigate('/search/domain')
+                if (!['/login', '/tos', '/faq', '/privacy'].includes(pathname)) return navigate('/home')
             })
+        }).catch(() => messageApi.error(t`Unable to contact the server, please reload the page.`))
     }, [])
 
     return (
@@ -73,22 +127,39 @@ export default function App(): React.ReactElement {
                 algorithm: darkMode ? theme.darkAlgorithm : undefined
             }}
         >
-            <AuthenticatedContext.Provider value={contextValue}>
+            <ConfigurationContext.Provider value={configContextValue}>
+                <AuthenticatedContext.Provider value={authContextValue}>
+                    {!dismissLoginAlert && (configuration?.registerEnabled || configuration?.ssoLogin) && isAuthenticated === false && !['/login'].includes(location.pathname) &&
+                        <Alert
+                            type="warning"
+                            message={t`Please log in to access all features, monitor domains, and manage your Connectors.`}
+                            action={<Link to='/login'><Button>{t`Log in`}</Button></Link>}
+                            onClose={() => setDismissLoginAlert(true)}
+                            banner closable/>
+                    }
                     <Layout hasSider style={{minHeight: '100vh'}}>
-                    {/* Ant will use a break-off tab to toggle the collapse of the sider when collapseWidth = 0 */}
-                    <Layout.Sider collapsible breakpoint='sm' width={220} {...(sm ? {collapsedWidth: 0} : {})}>
-                        <Sider isAuthenticated={isAuthenticated}/>
-                    </Layout.Sider>
+                        <SiderWrapper sidebarCollapsed={sidebarCollapsed} setSidebarCollapsed={setSidebarCollapsed}>
+                            <Sider/>
+                        </SiderWrapper>
                         <Layout>
-                        <Layout.Header style={{padding: 0}}/>
+                            <Layout.Header style={{padding: 0}}>
+                                {sm &&
+                                    <Button type="text" style={{marginLeft: 8}}
+                                            onClick={() => setSidebarCollapsed(!sidebarCollapsed)}>
+                                        <MenuOutlined/>
+                                    </Button>
+                                }
+                            </Layout.Header>
                             <Layout.Content style={sm ? {margin: '24px 0'} : {margin: '24px 16px 0'}}>
                                 <div style={{
-                                padding: 24,
+                                    padding: sm ? 8 : 24,
                                     minHeight: 360
                                 }}
                                 >
+                                    {contextHolder}
                                     <Routes>
-                                    <Route path='/' element={<Navigate to='/login'/>}/>
+                                        <Route path='/' element={<Navigate
+                                            to={configuration?.publicRdapLookupEnabled ? '/search/domain' : '/home'}/>}/>
                                         <Route path='/home' element={<TextPage resource='home.md'/>}/>
 
                                         <Route path='/search/domain' element={<DomainSearchPage/>}/>
@@ -116,43 +187,35 @@ export default function App(): React.ReactElement {
                                 </div>
                             </Layout.Content>
                             <Layout.Footer style={{textAlign: 'center'}}>
-                            <Space size='middle' wrap align='center'>
-                                <Link to='/tos'><Button type='text'>{t`TOS`}</Button></Link>
-                                <Link to='/privacy'><Button type='text'>{t`Privacy Policy`}</Button></Link>
+                                <Flex gap='middle' wrap justify='center'>
+                                    <Link to='/tos' rel='terms-of-service'><Button type='text'>{t`TOS`}</Button></Link>
+                                    <Link to='/privacy' rel='privacy-policy'><Button
+                                        type='text'>{t`Privacy Policy`}</Button></Link>
                                     <Link to='/faq'><Button type='text'>{t`FAQ`}</Button></Link>
-                                <Typography.Link
-                                    target='_blank'
-                                    href='https://github.com/maelgangloff/domain-watchdog/wiki'
-                                >
-                                    <Button
-                                        type='text'
-                                    >{t`Documentation`}
+                                    <Button target='_blank'
+                                            href='https://domainwatchdog.eu'
+                                            type='text'>
+                                        {t`Documentation`}
                                     </Button>
-                                </Typography.Link>
-                            </Space>
+                                    <Button target='_blank'
+                                            href={PROJECT_LINK}
+                                            type='text'>
+                                        {t`Source code`}
+                                    </Button>
+                                    <Button target='_blank'
+                                            href={PROJECT_LINK + '/issues'}
+                                            type='text'>
+                                        {t`Submit an issue`}
+                                    </Button>
+                                </Flex>
                                 <Typography.Paragraph style={{marginTop: '1em'}}>
                                     {jt`${ProjectLink} is an open source project distributed under the ${LicenseLink} license.`}
                                 </Typography.Paragraph>
                             </Layout.Footer>
                         </Layout>
-                    <FloatButton.Group
-                        trigger='hover'
-                        style={{
-                            position: 'fixed',
-                            insetInlineEnd: (100 - 40) / 2,
-                            bottom: 100 - 40 / 2
-                        }}
-                        icon={<InfoCircleOutlined/>}
-                    >
-                        <Tooltip title={t`Official git repository`} placement='left'>
-                            <FloatButton icon={<MergeOutlined/>} target='_blank' href={PROJECT_LINK}/>
-                        </Tooltip>
-                        <Tooltip title={t`Submit an issue`} placement='left'>
-                            <FloatButton icon={<BugOutlined/>} target='_blank' href={PROJECT_LINK + '/issues'}/>
-                        </Tooltip>
-                    </FloatButton.Group>
                     </Layout>
                 </AuthenticatedContext.Provider>
+            </ConfigurationContext.Provider>
         </ConfigProvider>
     )
 }

assets/components/LoginForm.tsx

@@ -1,11 +1,11 @@
-import {Button, Form, Input, message, Space} from 'antd'
+import {Button, Flex, Form, Input, message} from 'antd'
 import {t} from 'ttag'
-import React, {useContext, useEffect} from 'react'
+import React, {useContext, useEffect, useState} from 'react'
 import {getUser, login} from '../utils/api'
-import {AuthenticatedContext} from '../pages/LoginPage'
 import {useNavigate} from 'react-router-dom'
 
 import {showErrorAPI} from '../utils/functions/showErrorAPI'
+import {AuthenticatedContext} from "../contexts"
 
 interface FieldType {
     username: string
@@ -16,6 +16,7 @@ export function LoginForm({ssoLogin}: { ssoLogin?: boolean }) {
     const navigate = useNavigate()
     const [messageApi, contextHolder] = message.useMessage()
     const {setIsAuthenticated} = useContext(AuthenticatedContext)
+    const [loading, setLoading] = useState(false)
 
     useEffect(() => {
         getUser().then(() => {
@@ -25,12 +26,15 @@ export function LoginForm({ssoLogin}: { ssoLogin?: boolean }) {
     }, [])
 
     const onFinish = (data: FieldType) => {
+        setLoading(true)
+
         login(data.username, data.password).then(() => {
             setIsAuthenticated(true)
             navigate('/home')
         }).catch((e) => {
             setIsAuthenticated(false)
             showErrorAPI(e, messageApi)
+            setLoading(false)
         })
     }
     return (
@@ -43,6 +47,7 @@ export function LoginForm({ssoLogin}: { ssoLogin?: boolean }) {
                 style={{maxWidth: 600}}
                 onFinish={onFinish}
                 autoComplete='off'
+                disabled={loading}
             >
                 <Form.Item
                     label={t`Email address`}
@@ -60,18 +65,15 @@ export function LoginForm({ssoLogin}: { ssoLogin?: boolean }) {
                     <Input.Password/>
                 </Form.Item>
 
-                <Space>
-                    <Form.Item wrapperCol={{offset: 8, span: 16}}>
+                <Flex wrap justify="center" gap="middle">
                     <Button type='primary' htmlType='submit'>
                         {t`Submit`}
                     </Button>
-                    </Form.Item>
-                    {ssoLogin && <Form.Item wrapperCol={{offset: 8, span: 16}}>
+                    {ssoLogin &&
                         <Button type='dashed' htmlType='button' href='/login/oauth'>
                             {t`Log in with SSO`}
-                        </Button>
-                    </Form.Item>}
-                </Space>
+                        </Button>}
+                </Flex>
             </Form>
         </>
     )

assets/components/Sider.tsx

@@ -14,14 +14,17 @@ import {
     SafetyOutlined,
     SearchOutlined,
     TableOutlined,
-    TeamOutlined,
     UserOutlined
 } from '@ant-design/icons'
 import {Menu} from 'antd'
-import React from 'react'
+import React, {useContext} from 'react'
 import {useLocation, useNavigate} from 'react-router-dom'
+import {AuthenticatedContext, ConfigurationContext} from "../contexts"
+
+export function Sider() {
+    const {isAuthenticated} = useContext(AuthenticatedContext)
+    const {configuration} = useContext(ConfigurationContext)
 
-export function Sider({isAuthenticated}: { isAuthenticated: boolean }) {
     const navigate = useNavigate()
     const location = useLocation()
 
@@ -43,17 +46,9 @@ export function Sider({isAuthenticated}: { isAuthenticated: boolean }) {
                     icon: <CompassOutlined/>,
                     label: t`Domain`,
                     title: t`Domain Finder`,
-                    disabled: !isAuthenticated,
+                    disabled: !configuration?.publicRdapLookupEnabled && !isAuthenticated,
                     onClick: () => navigate('/search/domain')
                 },
-                {
-                    key: '/search/entity',
-                    icon: <TeamOutlined/>,
-                    label: t`Entity`,
-                    title: t`Entity Finder`,
-                    disabled: !isAuthenticated,
-                    onClick: () => navigate('/search/entity')
-                },
                 /*
                         {
                             key: 'ns-finder',

assets/components/search/DomainResult.tsx

@@ -57,7 +57,8 @@ export function DomainResult({domain}: { domain: Domain }) {
                                     title={t`Registry-level protection, ensuring the highest level of security by preventing unauthorized, unwanted, or accidental changes to the domain name at the registry level`}
                                 >
                                     <Tag
-                                        bordered={false} color={isDomainLocked(domain.status, 'server') ? 'green' : 'default'}
+                                        bordered={false}
+                                        color={isDomainLocked(domain.status, 'server') ? 'green' : 'default'}
                                         icon={<SafetyCertificateOutlined
                                             style={{fontSize: '16px'}}
                                         />}
@@ -68,7 +69,8 @@ export function DomainResult({domain}: { domain: Domain }) {
                                     title={t`Registrar-level protection, safeguarding the domain from unauthorized, unwanted, or accidental changes through registrar controls`}
                                 >
                                     <Tag
-                                        bordered={false} color={isDomainLocked(domain.status, 'client') ? 'green' : 'default'}
+                                        bordered={false}
+                                        color={isDomainLocked(domain.status, 'client') ? 'green' : 'default'}
                                         icon={<BankOutlined
                                             style={{fontSize: '16px'}}
                                         />}
@@ -96,7 +98,10 @@ export function DomainResult({domain}: { domain: Domain }) {
                             {
                                 domain.events.length > 0 && <>
                                     <Divider orientation='left'>{t`Timeline`}</Divider>
-                                    <EventTimeline events={domainEvents}/>
+                                    <EventTimeline events={domainEvents}
+                                                   expiresInDays={domain.expiresInDays}
+                                                   isRenewalPeriod={domain.status.includes('auto renew period') || domain.status.includes('renew period')}
+                                    />
                                 </>
                             }
                             {

assets/components/search/EventTimeline.tsx

@@ -5,19 +5,74 @@ import useBreakpoint from '../../hooks/useBreakpoint'
 import {rdapEventDetailTranslation, rdapEventNameTranslation} from '../../utils/functions/rdapTranslation'
 import {actionToColor} from '../../utils/functions/actionToColor'
 import {actionToIcon} from '../../utils/functions/actionToIcon'
+import {ThunderboltOutlined} from "@ant-design/icons"
+import {t} from "ttag"
+import type {TimeLineItemProps} from "antd/lib/timeline/TimelineItem"
 
-export function EventTimeline({events}: { events: Event[] }) {
+function getWhoisRemoveTimelineEvent(whoisRemoveDateEstimate: Date, withRenewalPeriod?: boolean) {
+    const locale = navigator.language.split('-')[0]
     const sm = useBreakpoint('sm')
+    const eventName = withRenewalPeriod === undefined ? t`Estimated removal` : withRenewalPeriod ? t`Estimated removal (incl. renewal)` : t`Estimated removal (excl. renewal)`
+    const eventDetail = t`Estimated WHOIS removal date. This is the latest date this record would be deleted, according to ICANN's standard lifecycle. Note that some registries have their own lifecycles.`
+
+    const dateStr =
+        <Typography.Text>
+            {whoisRemoveDateEstimate.toLocaleDateString(locale)}
+        </Typography.Text>
+
+    const text = sm
+        ? {
+            children: <Tooltip placement='bottom' title={eventDetail}>
+                {eventName}&emsp;{dateStr}
+            </Tooltip>
+        }
+        : {
+            label: dateStr,
+            children: <Tooltip placement='left' title={eventDetail}>{eventName}</Tooltip>
+        }
+
+    return {
+        date: whoisRemoveDateEstimate,
+        color: (withRenewalPeriod === undefined || withRenewalPeriod) ? 'yellow' : 'grey',
+        dot: <ThunderboltOutlined style={{fontSize: '16px'}}/>,
+        pending: true,
+        ...text
+    }
+}
+
+
+export function EventTimeline({events, expiresInDays, isRenewalPeriod}: {
+    events: Event[],
+    expiresInDays?: number,
+    isRenewalPeriod: boolean
+}) {
+    const sm = useBreakpoint('sm')
+    const sortedEvents = events.sort((a, b) => new Date(b.date).getTime() - new Date(a.date).getTime())
 
     const locale = navigator.language.split('-')[0]
     const rdapEventNameTranslated = rdapEventNameTranslation()
     const rdapEventDetailTranslated = rdapEventDetailTranslation()
+    const items: (TimeLineItemProps & { date: Date })[] = []
 
-    return (
-        <>
-            <Timeline
-                mode={sm ? 'left' : 'right'}
-                items={events.map(e => {
+    if (expiresInDays !== undefined) {
+        const whoisRemoveDateEstimate = new Date(new Date().getTime() + expiresInDays * 24 * 60 * 60 * 1e3)
+
+        const expirationEvent = sortedEvents.find(e => !e.deleted && e.action === 'expiration')
+        const lastExpirationEvent = sortedEvents.find(e => e.deleted && e.action === 'expiration')
+
+        if (expirationEvent && lastExpirationEvent && isRenewalPeriod) {
+            items.push(getWhoisRemoveTimelineEvent(whoisRemoveDateEstimate, true))
+
+            const date = new Date(whoisRemoveDateEstimate.getTime() - (new Date(expirationEvent.date).getTime() - new Date(lastExpirationEvent.date).getTime()))
+            items.push(getWhoisRemoveTimelineEvent(date, false))
+        } else {
+            items.push(getWhoisRemoveTimelineEvent(whoisRemoveDateEstimate))
+        }
+    }
+
+    items.push(
+        ...sortedEvents
+            .map(e => {
                     const eventName = (
                         <Typography.Text style={{color: e.deleted ? 'grey' : 'default'}}>
                             {rdapEventNameTranslated[e.action as keyof typeof rdapEventNameTranslated] || e.action}
@@ -45,14 +100,18 @@ export function EventTimeline({events}: { events: Event[] }) {
                         }
 
                     return {
+                        date: new Date(e.date),
                         color: e.deleted ? 'grey' : actionToColor(e.action),
                         dot: actionToIcon(e.action),
                         pending: new Date(e.date).getTime() > new Date().getTime(),
                         ...text
                     }
                 }
-                )}
-            />
-        </>
             )
+    )
+
+    return <Timeline
+        mode={sm ? 'left' : 'right'}
+        items={items.sort((a, b) => b.date.getTime() - a.date.getTime())}
+    />
 }

assets/components/tracking/connector/ConnectorsList.tsx

@@ -22,16 +22,16 @@ export function ConnectorsList({connectors, onDelete}: { connectors: ConnectorEl
         <>
             <Divider/>
             {connectors.map(connector => {
-                    const createdAt = <Typography.Text strong>
+                    const createdAt = <Typography.Text strong key={"createdAt"}>
                         {new Date(connector.createdAt).toLocaleString()}
                     </Typography.Text>
                     const {watchlistCount} = connector
                     const connectorName = Object.keys(ConnectorProvider).find(p => ConnectorProvider[p as keyof typeof ConnectorProvider] === connector.provider)
 
-                    return <>
-                        {contextHolder}
-                        <Card
-                            hoverable title={<Space>
+                    return <Card
+                            hoverable
+                            key={connector.id}
+                            title={<Space>
                             {t`Connector ${connectorName}`}<Typography.Text code>{connector.id}</Typography.Text>
                         </Space>}
                             size='small'
@@ -45,6 +45,7 @@ export function ConnectorsList({connectors, onDelete}: { connectors: ConnectorEl
                             ><DeleteFilled style={{color: token.colorError}}/>
                             </Popconfirm>}
                         >
+                            {contextHolder}
                             <Typography.Paragraph>{jt`Creation date: ${createdAt}`}</Typography.Paragraph>
                             <Typography.Paragraph>{t`Used in: ${watchlistCount} Watchlist`}</Typography.Paragraph>
                             <Card.Meta description={
@@ -58,7 +59,6 @@ The creation date corresponds to the date on which you consented to the creation
                                 </>
                             }/>
                         </Card>
-                    </>
                 }
             )}
         </>

assets/components/tracking/watchlist/CreateWatchlistButton.tsx

@@ -0,0 +1,58 @@
+import {Button, Drawer, Form} from 'antd'
+import {t} from 'ttag'
+import {WatchlistForm} from './WatchlistForm'
+import React, {useState} from 'react'
+import type {Connector} from '../../../utils/api/connectors'
+import useBreakpoint from "../../../hooks/useBreakpoint"
+
+export function CreateWatchlistButton({onUpdateWatchlist, connectors}: {
+    onUpdateWatchlist: (values: {
+        domains: string[],
+        trackedEvents: string[],
+        trackedEppStatus: string[],
+        token: string
+    }) => Promise<void>
+    connectors: Array<Connector & { id: string }>
+}) {
+    const [form] = Form.useForm()
+    const [open, setOpen] = useState(false)
+    const [loading, setLoading] = useState(false)
+    const sm = useBreakpoint('sm')
+
+    const showDrawer = () => setOpen(true)
+
+    const onClose = () => {
+        setOpen(false)
+        setLoading(false)
+    }
+
+    return (
+        <>
+            <Button type='default' block onClick={() => {
+                showDrawer()
+            }}>{t`Create a Watchlist`}</Button>
+            <Drawer
+                title={t`Create a Watchlist`}
+                width={sm ? '100%' : '80%'}
+                onClose={onClose}
+                open={open}
+                loading={loading}
+                styles={{
+                    body: {
+                        paddingBottom: 80
+                    }
+                }}
+            >
+                <WatchlistForm
+                    form={form}
+                    onFinish={values => {
+                        setLoading(true)
+                        onUpdateWatchlist(values).then(onClose).catch(() => setLoading(false))
+                    }}
+                    connectors={connectors}
+                    isCreation
+                />
+            </Drawer>
+        </>
+    )
+}

assets/components/tracking/watchlist/DisableWatchlistButton.tsx

@@ -0,0 +1,33 @@
+import {Popconfirm, theme, Typography} from 'antd'
+import {t} from 'ttag'
+import type { Watchlist} from '../../../utils/api'
+import {patchWatchlist} from '../../../utils/api'
+import {PauseCircleOutlined, PlayCircleOutlined} from '@ant-design/icons'
+import React from 'react'
+
+export function DisableWatchlistButton({watchlist, onChange, enabled}: {
+    watchlist: Watchlist,
+    onChange: () => void,
+    enabled: boolean
+}) {
+    const {token} = theme.useToken()
+
+    return (
+        enabled ?
+            <Popconfirm
+                title={t`Disable the Watchlist`}
+                description={t`Are you sure to disable this Watchlist?`}
+                onConfirm={async () => await patchWatchlist(watchlist.token, {enabled: !enabled}).then(onChange)}
+                okText={t`Yes`}
+                cancelText={t`No`}
+                okButtonProps={{danger: true}}
+            >
+                <Typography.Link>
+                    <PauseCircleOutlined style={{color: token.colorText}} title={t`Disable the Watchlist`}/>
+                </Typography.Link>
+            </Popconfirm> : <Typography.Link>
+                <PlayCircleOutlined style={{color: token.colorWarning}} title={t`Enable the Watchlist`}
+                                     onClick={async () => await patchWatchlist(watchlist.token, {enabled: !enabled}).then(onChange)}/>
+            </Typography.Link>
+    )
+}

assets/components/tracking/watchlist/TrackedDomainTable.tsx

@@ -22,11 +22,13 @@ import {
 } from '@ant-design/icons'
 import {DomainToTag} from '../../../utils/functions/DomainToTag'
 import {isDomainLocked} from "../../../utils/functions/isDomainLocked"
+import useBreakpoint from "../../../hooks/useBreakpoint"
 
 export function TrackedDomainTable() {
     const REDEMPTION_NOTICE = (
         <Tooltip
             title={t`At least one domain name is in redemption period and will potentially be deleted soon`}
+            key="redeptionNotice"
         >
             <Tag color={eppStatusCodeToColor('redemption period')}>redemption period</Tag>
         </Tooltip>
@@ -35,6 +37,7 @@ export function TrackedDomainTable() {
     const PENDING_DELETE_NOTICE = (
         <Tooltip
             title={t`At least one domain name is pending deletion and will soon become available for registration again`}
+            key="pendingDeleteNotice"
         >
             <Tag color={eppStatusCodeToColor('pending delete')}>pending delete</Tag>
         </Tooltip>
@@ -53,6 +56,7 @@ export function TrackedDomainTable() {
     const [dataTable, setDataTable] = useState<TableRow[]>([])
     const [total, setTotal] = useState<number>()
     const [specialNotice, setSpecialNotice] = useState<ReactElement[]>([])
+    const sm = useBreakpoint('sm')
 
     const rdapStatusCodeDetailTranslated = rdapStatusCodeDetailTranslation()
 
@@ -220,6 +224,7 @@ export function TrackedDomainTable() {
                 text: <Tooltip
                     placement='bottomLeft'
                     title={rdapStatusCodeDetailTranslated[s as keyof typeof rdapStatusCodeDetailTranslated] || undefined}
+                    key={s}
                 >
                     <Tag color={eppStatusCodeToColor(s)}>{s}</Tag>
                 </Tooltip>,
@@ -235,7 +240,7 @@ export function TrackedDomainTable() {
             description={t`No tracked domain names were found, please create your first Watchlist`}
         >
             <Link to='/tracking/watchlist'>
-                <Button type='primary'>Create Now</Button>
+                <Button type='primary'>{t`Create now`}</Button>
             </Link>
         </Empty>
         : <Skeleton loading={total === undefined}>
@@ -268,7 +273,8 @@ export function TrackedDomainTable() {
                         fetchData({page, itemsPerPage})
                     }
                 }}
-                scroll={{y: '50vh'}}
+                scroll={sm ? {} : {y: '50vh'}}
+                size={sm ? 'small' : 'large'}
             />
         </Skeleton>
 }

assets/components/tracking/watchlist/UpdateWatchlistButton.tsx

@@ -1,23 +1,23 @@
-import {Button, Drawer, Form, Typography} from 'antd'
+import {Drawer, Form, Typography} from 'antd'
 import {t} from 'ttag'
 import {WatchlistForm} from './WatchlistForm'
 import React, {useState} from 'react'
 import {EditOutlined} from '@ant-design/icons'
 import type {Connector} from '../../../utils/api/connectors'
 import type {Watchlist} from '../../../utils/api'
+import useBreakpoint from "../../../hooks/useBreakpoint"
 
 export function UpdateWatchlistButton({watchlist, onUpdateWatchlist, connectors}: {
     watchlist: Watchlist
-    onUpdateWatchlist: (values: { domains: string[], trackedEvents: string[], token: string }) => Promise<void>
+    onUpdateWatchlist: (values: { domains: string[], trackedEvents: string[], trackedEppStatus: string[], token: string }) => Promise<void>
     connectors: Array<Connector & { id: string }>
 }) {
     const [form] = Form.useForm()
     const [open, setOpen] = useState(false)
     const [loading, setLoading] = useState(false)
+    const sm = useBreakpoint('sm')
 
-    const showDrawer = () => {
-        setOpen(true)
-    }
+    const showDrawer = () => setOpen(true)
 
     const onClose = () => {
         setOpen(false)
@@ -36,6 +36,7 @@ export function UpdateWatchlistButton({watchlist, onUpdateWatchlist, connectors}
                         {name: 'connector', value: watchlist.connector?.id},
                         {name: 'domains', value: watchlist.domains.map(d => d.ldhName)},
                         {name: 'trackedEvents', value: watchlist.trackedEvents},
+                        {name: 'trackedEppStatus', value: watchlist.trackedEppStatus},
                         {name: 'dsn', value: watchlist.dsn}
                     ])
                 }}
@@ -43,7 +44,7 @@ export function UpdateWatchlistButton({watchlist, onUpdateWatchlist, connectors}
             </Typography.Link>
             <Drawer
                 title={t`Update a Watchlist`}
-                width='80%'
+                width={sm ? '100%' : '80%'}
                 onClose={onClose}
                 open={open}
                 loading={loading}
@@ -52,7 +53,6 @@ export function UpdateWatchlistButton({watchlist, onUpdateWatchlist, connectors}
                         paddingBottom: 80
                     }
                 }}
-                extra={<Button onClick={onClose}>{t`Cancel`}</Button>}
             >
                 <WatchlistForm
                     form={form}
@@ -62,7 +62,7 @@ export function UpdateWatchlistButton({watchlist, onUpdateWatchlist, connectors}
                     }}
                     connectors={connectors}
                     isCreation={false}
-                    watchList={watchlist}
+                    watchlist={watchlist}
                 />
             </Drawer>
         </>

assets/components/tracking/watchlist/WatchlistCard.tsx

@@ -7,25 +7,44 @@ import {DeleteWatchlistButton} from './DeleteWatchlistButton'
 import React from 'react'
 import type {Connector} from '../../../utils/api/connectors'
 import {CalendarWatchlistButton} from './CalendarWatchlistButton'
-import {rdapEventDetailTranslation, rdapEventNameTranslation} from '../../../utils/functions/rdapTranslation'
+import {
+    rdapDomainStatusCodeDetailTranslation,
+    rdapEventDetailTranslation,
+    rdapEventNameTranslation
+} from '../../../utils/functions/rdapTranslation'
 
 import {actionToColor} from '../../../utils/functions/actionToColor'
 import {DomainToTag} from '../../../utils/functions/DomainToTag'
 import type {Watchlist} from '../../../utils/api'
+import {eppStatusCodeToColor} from "../../../utils/functions/eppStatusCodeToColor"
+import {DisableWatchlistButton} from "./DisableWatchlistButton"
 
-export function WatchlistCard({watchlist, onUpdateWatchlist, connectors, onDelete}: {
+export function WatchlistCard({watchlist, onUpdateWatchlist, connectors, onChange}: {
     watchlist: Watchlist
-    onUpdateWatchlist: (values: { domains: string[], trackedEvents: string[], token: string }) => Promise<void>
+    onUpdateWatchlist: (values: {
+        domains: string[],
+        trackedEvents: string[],
+        trackedEppStatus: string[],
+        token: string
+    }) => Promise<void>
     connectors: Array<Connector & { id: string }>
-    onDelete: () => void
+    onChange: () => void
 }) {
     const rdapEventNameTranslated = rdapEventNameTranslation()
     const rdapEventDetailTranslated = rdapEventDetailTranslation()
+    const rdapDomainStatusCodeDetailTranslated = rdapDomainStatusCodeDetailTranslation()
 
     return (
         <>
             <Card
+                aria-disabled={true}
                 type='inner'
+                style={{
+                    width: '100%',
+                    opacity: watchlist.enabled ? 1 : 0.5,
+                    filter: watchlist.enabled ? 'none' : 'grayscale(0.7)',
+                    transition: 'all 0.3s ease',
+                }}
                 title={<>
                     {
                         (watchlist.connector != null)
@@ -41,7 +60,6 @@ export function WatchlistCard({watchlist, onUpdateWatchlist, connectors, onDelet
                     </Tooltip>
                 </>}
                 size='small'
-                style={{width: '100%'}}
                 extra={
                     <Space size='middle'>
                         <ViewDiagramWatchlistButton token={watchlist.token}/>
@@ -54,25 +72,65 @@ export function WatchlistCard({watchlist, onUpdateWatchlist, connectors, onDelet
                             connectors={connectors}
                         />
 
-                        <DeleteWatchlistButton watchlist={watchlist} onDelete={onDelete}/>
+                        <DisableWatchlistButton watchlist={watchlist} onChange={onChange}
+                                                enabled={watchlist.enabled}/>
+                        <DeleteWatchlistButton watchlist={watchlist} onDelete={onChange}/>
                     </Space>
                 }
             >
                 <Card.Meta description={watchlist.token} style={{marginBottom: '1em'}}/>
                 <Row gutter={16}>
                     <Col span={16}>
-                        {watchlist.domains.map(d => <DomainToTag key={d.ldhName} domain={d}/>)}
+                        {watchlist.domains.map(d => (
+                            <DomainToTag key={d.ldhName} domain={d}/>
+                        ))}
                     </Col>
+
                     <Col span={8}>
-                        {watchlist.trackedEvents?.map(t => <Tooltip
+                        <>
+                            <div style={{
+                                fontWeight: 500,
+                                marginBottom: '0.5em',
+                                color: '#555',
+                                fontSize: '0.9em'
+                            }}>
+                                {t`Tracked events`}
+                            </div>
+                            <div style={{marginBottom: '1em'}}>
+                                {watchlist.trackedEvents?.map(t => (
+                                    <Tooltip
                                         key={t}
-                                    title={rdapEventDetailTranslated[t as keyof typeof rdapEventDetailTranslated] || undefined}
+                                        title={rdapEventDetailTranslated[t as keyof typeof rdapEventDetailTranslated]}
                                     >
-                                    <Tag color={actionToColor(t)}>
+                                        <Tag color={actionToColor(t)} style={{marginBottom: 4}}>
                                             {rdapEventNameTranslated[t as keyof typeof rdapEventNameTranslated]}
                                         </Tag>
                                     </Tooltip>
-                            )}
+                                ))}
+                            </div>
+                        </>
+                        <>
+                            <div style={{
+                                fontWeight: 500,
+                                marginBottom: '0.5em',
+                                color: '#555',
+                                fontSize: '0.9em'
+                            }}>
+                                {t`Tracked EPP status`}
+                            </div>
+                            <div>
+                                {watchlist.trackedEppStatus?.map(t => (
+                                    <Tooltip
+                                        key={t}
+                                        title={rdapDomainStatusCodeDetailTranslated[t as keyof typeof rdapDomainStatusCodeDetailTranslated]}
+                                    >
+                                        <Tag color={eppStatusCodeToColor(t)} style={{marginBottom: 4}}>
+                                            {t}
+                                        </Tag>
+                                    </Tooltip>
+                                ))}
+                            </div>
+                        </>
                     </Col>
                 </Row>
             </Card>

assets/components/tracking/watchlist/WatchlistForm.tsx

@@ -4,11 +4,16 @@ import {t} from 'ttag'
 import {ApiOutlined, MinusCircleOutlined, PlusOutlined} from '@ant-design/icons'
 import React from 'react'
 import type {Connector} from '../../../utils/api/connectors'
-import {rdapEventDetailTranslation, rdapEventNameTranslation} from '../../../utils/functions/rdapTranslation'
+import {
+    rdapDomainStatusCodeDetailTranslation,
+    rdapEventDetailTranslation,
+    rdapEventNameTranslation
+} from '../../../utils/functions/rdapTranslation'
 import {actionToColor} from '../../../utils/functions/actionToColor'
 import {actionToIcon} from '../../../utils/functions/actionToIcon'
 import type {EventAction, Watchlist} from '../../../utils/api'
 import {formItemLayoutWithOutLabel} from "../../../utils/providers"
+import {eppStatusCodeToColor} from "../../../utils/functions/eppStatusCodeToColor"
 
 type TagRender = SelectProps['tagRender']
 
@@ -26,14 +31,15 @@ const formItemLayout = {
 export function WatchlistForm({form, connectors, onFinish, isCreation}: {
     form: FormInstance
     connectors: Array<Connector & { id: string }>
-    onFinish: (values: { domains: string[], trackedEvents: string[], token: string }) => void
+    onFinish: (values: { domains: string[], trackedEvents: string[], trackedEppStatus: string[], token: string }) => void
     isCreation: boolean,
-    watchList?: Watchlist,
+    watchlist?: Watchlist,
 }) {
     const rdapEventNameTranslated = rdapEventNameTranslation()
     const rdapEventDetailTranslated = rdapEventDetailTranslation()
+    const rdapDomainStatusCodeDetailTranslated = rdapDomainStatusCodeDetailTranslation()
 
-    const triggerTagRenderer: TagRender = ({value, closable, onClose}: {
+    const eventActionTagRenderer: TagRender = ({value, closable, onClose}: {
         value: EventAction
         closable: boolean
         onClose: () => void
@@ -60,12 +66,41 @@ export function WatchlistForm({form, connectors, onFinish, isCreation}: {
         )
     }
 
+    const domainStatusTagRenderer: TagRender = ({value, closable, onClose}: {
+        value: EventAction
+        closable: boolean
+        onClose: () => void
+    }) => {
+        const onPreventMouseDown = (event: React.MouseEvent<HTMLSpanElement>) => {
+            event.preventDefault()
+            event.stopPropagation()
+        }
+        return (
+            <Tooltip
+                title={rdapDomainStatusCodeDetailTranslated[value as keyof typeof rdapDomainStatusCodeDetailTranslated] || undefined}
+            >
+                <Tag
+                    color={eppStatusCodeToColor(value)}
+                    onMouseDown={onPreventMouseDown}
+                    closable={closable}
+                    onClose={onClose}
+                    style={{marginInlineEnd: 4}}
+                >
+                    {value}
+                </Tag>
+            </Tooltip>
+        )
+    }
+
     return (
         <Form
             {...formItemLayoutWithOutLabel}
             form={form}
             onFinish={onFinish}
-            initialValues={{trackedEvents: ['last changed', 'transfer', 'expiration', 'deletion']}}
+            initialValues={{
+                trackedEvents: ['last changed', 'transfer', 'deletion'],
+                trackedEppStatus: ['auto renew period', 'redemption period', 'pending delete', 'client hold', 'server hold']
+        }}
         >
 
             <Form.Item name='token' hidden>
@@ -155,7 +190,7 @@ export function WatchlistForm({form, connectors, onFinish, isCreation}: {
             <Form.Item
                 label={t`Tracked events`}
                 name='trackedEvents'
-                rules={[{required: true, message: t`At least one trigger`, type: 'array'}]}
+                rules={[{required: true, message: t`At least one event`, type: 'array'}]}
                 labelCol={{
                     xs: {span: 24},
                     sm: {span: 4}
@@ -168,7 +203,7 @@ export function WatchlistForm({form, connectors, onFinish, isCreation}: {
             >
                 <Select
                     mode='multiple'
-                    tagRender={triggerTagRenderer}
+                    tagRender={eventActionTagRenderer}
                     style={{width: '100%'}}
                     options={Object.keys(rdapEventNameTranslated).map(e => ({
                         value: e,
@@ -178,6 +213,32 @@ export function WatchlistForm({form, connectors, onFinish, isCreation}: {
                 />
             </Form.Item>
 
+            <Form.Item
+                label={t`Tracked EPP status`}
+                name='trackedEppStatus'
+                rules={[{required: true, message: t`At least one EPP status`, type: 'array'}]}
+                labelCol={{
+                    xs: {span: 24},
+                    sm: {span: 4}
+                }}
+                wrapperCol={{
+                    md: {span: 12},
+                    sm: {span: 20}
+                }}
+                required
+            >
+                <Select
+                    mode='multiple'
+                    tagRender={domainStatusTagRenderer}
+                    style={{width: '100%'}}
+                    options={Object.keys(rdapDomainStatusCodeDetailTranslated).map(e => ({
+                        value: e,
+                        title: rdapDomainStatusCodeDetailTranslated[e as keyof typeof rdapDomainStatusCodeDetailTranslated] || undefined,
+                        label: e
+                    }))}
+                />
+            </Form.Item>
+
             <Form.Item
                 label={t`Connector`}
                 name='connector'

assets/components/tracking/watchlist/WatchlistSelectionModal.tsx

@@ -0,0 +1,101 @@
+import React, {useEffect, useState} from "react"
+import type {ModalProps} from "antd"
+import {Tag, Tooltip} from "antd"
+import {Flex, Modal, Select, Typography} from "antd"
+import type {Domain, Watchlist} from "../../../utils/api"
+import {getWatchlists} from "../../../utils/api"
+import {t} from 'ttag'
+import {DomainToTag} from "../../../utils/functions/DomainToTag"
+import {EllipsisOutlined} from '@ant-design/icons'
+
+const MAX_DOMAIN_TAGS = 25
+
+function WatchlistOption({watchlist}: {watchlist: Watchlist}) {
+    let domains = watchlist.domains
+    let rest: Domain[]|undefined = undefined
+
+    if (domains.length > MAX_DOMAIN_TAGS) {
+        rest = domains.slice(MAX_DOMAIN_TAGS)
+        domains = domains.slice(0, MAX_DOMAIN_TAGS)
+    }
+
+    return <Flex vertical>
+        <Typography.Text strong>{watchlist.name}</Typography.Text>
+        <Flex wrap gap='4px'>
+            {domains.map(d => <DomainToTag link={false} domain={d} key={d.ldhName} />)}
+            {rest
+                && <Tooltip title={rest.map(d => <DomainToTag link={false} domain={d} key={d.ldhName} />)}>
+                    <Tag icon={<EllipsisOutlined/>} color='processing'>
+                        {t`${rest.length} more`}
+                    </Tag>
+                </Tooltip>
+            }
+        </Flex>
+    </Flex>
+}
+
+interface WatchlistSelectionModalProps {
+    onFinish: (watchlist: Watchlist) => Promise<void>|void
+    description?: string
+    open?: boolean
+    modalProps?: Partial<ModalProps>
+}
+
+export default function WatchlistSelectionModal(props: WatchlistSelectionModalProps) {
+    const [watchlists, setWatchlists] = useState<Watchlist[] | undefined>()
+    const [selectedWatchlist, setSelectedWatchlist] = useState<Watchlist | undefined>()
+    const [validationLoading, setValidationLoading] = useState(false)
+
+    useEffect(() => {
+        if (props.open && !watchlists) {
+            getWatchlists().then(list => setWatchlists(list["hydra:member"]))
+        }
+    }, [props.open])
+
+    const onFinish = () => {
+        const promise = props.onFinish(selectedWatchlist as Watchlist)
+
+        if (promise) {
+            setValidationLoading(true)
+            promise.finally(() => {
+                setSelectedWatchlist(undefined)
+                setValidationLoading(false)
+            })
+        } else {
+            setSelectedWatchlist(undefined)
+        }
+    }
+
+    return <Modal
+        open={props.open}
+        onOk={onFinish}
+        okButtonProps={{
+            disabled: !selectedWatchlist,
+            loading: validationLoading,
+        }}
+        {...props.modalProps ?? {}}
+    >
+        <Flex vertical>
+            <Typography.Paragraph>
+                {
+                    props.description
+                    || t`Select one of your available Watchlists`
+                }
+            </Typography.Paragraph>
+            <Select
+                placeholder={t`Watchlist`}
+                style={{width: '100%'}}
+                onChange={(_, option) => setSelectedWatchlist(option as Watchlist)}
+                options={watchlists}
+                value={selectedWatchlist?.token}
+                fieldNames={{
+                    label: 'name',
+                    value: 'token',
+                }}
+                loading={!watchlists}
+                status={selectedWatchlist ? '' : 'error'}
+                optionRender={(watchlist) => <WatchlistOption watchlist={watchlist.data}/>}
+            />
+        </Flex>
+    </Modal>
+}

assets/components/tracking/watchlist/WatchlistsList.tsx

@@ -3,21 +3,21 @@ import type {Connector} from '../../../utils/api/connectors'
 import {WatchlistCard} from './WatchlistCard'
 import type {Watchlist} from '../../../utils/api'
 
-export function WatchlistsList({watchlists, onDelete, onUpdateWatchlist, connectors}: {
+export function WatchlistsList({watchlists, onChange, onUpdateWatchlist, connectors}: {
     watchlists: Watchlist[]
-    onDelete: () => void
-    onUpdateWatchlist: (values: { domains: string[], trackedEvents: string[], token: string }) => Promise<void>
+    onChange: () => void
+    onUpdateWatchlist: (values: { domains: string[], trackedEvents: string[], trackedEppStatus: string[], token: string }) => Promise<void>
     connectors: Array<Connector & { id: string }>
 }) {
     return (
         <>
-            {watchlists.map(watchlist =>
+            {[...watchlists.filter(w => w.enabled), ...watchlists.filter(w => !w.enabled)].map(watchlist =>
                 <WatchlistCard
                     key={watchlist.token}
                     watchlist={watchlist}
                     onUpdateWatchlist={onUpdateWatchlist}
                     connectors={connectors}
-                    onDelete={onDelete}
+                    onChange={onChange}
                 />
             )}
         </>

assets/contexts/index.ts

@@ -0,0 +1,24 @@
+import type React from 'react'
+import {createContext} from 'react'
+import type {InstanceConfig} from "../utils/api"
+
+
+export type ConfigurationContextType = {
+    configuration: InstanceConfig | undefined
+}
+
+export const ConfigurationContext = createContext<ConfigurationContextType>({
+    configuration: undefined,
+})
+
+
+export type AuthContextType = {
+    isAuthenticated?: boolean
+    setIsAuthenticated: React.Dispatch<React.SetStateAction<boolean | undefined>>
+}
+
+export const AuthenticatedContext = createContext<AuthContextType>({
+    isAuthenticated: undefined,
+    setIsAuthenticated: () => {
+    },
+})

assets/index.css

@@ -10,4 +10,8 @@
 body {
     margin: 0;
     font-family: "Noto Color Emoji", sans-serif;
+
+    @media (prefers-color-scheme: dark) {
+        background: #000000;
+    }
 }

assets/pages/LoginPage.tsx

@@ -1,39 +1,30 @@
-import React, {createContext, useEffect, useState} from 'react'
+import React, { useContext, useEffect, useState} from 'react'
 import {Button, Card} from 'antd'
 import {t} from 'ttag'
 import TextPage from './TextPage'
 import {LoginForm} from '../components/LoginForm'
-import type { InstanceConfig} from '../utils/api'
-import {getConfiguration} from '../utils/api'
 import {RegisterForm} from '../components/RegisterForm'
-
-export const AuthenticatedContext = createContext<
-    {
-        authenticated: (authenticated: boolean) => void
-        setIsAuthenticated: React.Dispatch<React.SetStateAction<boolean>>
-    }
->({
-    authenticated: () => {
-    },
-    setIsAuthenticated: () => {
-    }
-})
+import useBreakpoint from "../hooks/useBreakpoint"
+import {ConfigurationContext} from "../contexts"
 
 export default function LoginPage() {
     const [wantRegister, setWantRegister] = useState<boolean>(false)
-    const [configuration, setConfiguration] = useState<InstanceConfig>()
+    const { configuration } = useContext(ConfigurationContext)
+
+    const md = useBreakpoint('md')
 
     const toggleWantRegister = () => {
         setWantRegister(!wantRegister)
     }
 
     useEffect(() => {
-        getConfiguration().then(setConfiguration)
-    }, [])
+        if(!configuration?.registerEnabled && configuration?.ssoLogin && configuration?.ssoAutoRedirect) {
+            window.location.href = '/login/oauth'
+        }
+    }, [configuration])
 
-    return (
-        <Card title={wantRegister ? t`Register` : t`Log in`} style={{width: '100%'}}>
-            <Card.Grid style={{width: '50%', textAlign: 'center'}} hoverable={false}>
+    const grid = [
+        <Card.Grid key="form" style={{width: md ? '100%' : '50%', textAlign: 'center'}} hoverable={false}>
             {wantRegister ? <RegisterForm/> : <LoginForm ssoLogin={configuration?.ssoLogin}/>}
             {
                 configuration?.registerEnabled &&
@@ -45,10 +36,19 @@ export default function LoginPage() {
                 >{wantRegister ? t`Log in` : t`Create an account`}
                 </Button>
             }
-            </Card.Grid>
-            <Card.Grid style={{width: '50%'}} hoverable={false}>
+        </Card.Grid>,
+        <Card.Grid key="ads" style={{width: md ? '100%' : '50%'}} hoverable={false}>
             <TextPage resource='ads.md'/>
         </Card.Grid>
+    ]
+
+    if (md) {
+        grid.reverse()
+    }
+
+    return (
+        <Card title={wantRegister ? t`Register` : t`Log in`} style={{width: '100%'}}>
+            {grid}
         </Card>
     )
 }

assets/pages/StatisticsPage.tsx

@@ -1,7 +1,7 @@
 import React, {useEffect, useState} from 'react'
 import type { Statistics} from '../utils/api'
 import {getStatistics} from '../utils/api'
-import {Card, Col, Divider, Row, Statistic, Tooltip} from 'antd'
+import {Card, Col, Divider, Flex, Row, Statistic, Tooltip} from 'antd'
 import {t} from 'ttag'
 import {
   AimOutlined,
@@ -18,10 +18,8 @@ export default function StatisticsPage() {
         getStatistics().then(setStats)
     }, [])
 
-    const totalDomainPurchase = (stats?.domainPurchased ?? 0) + (stats?.domainPurchaseFailed ?? 0)
-
     const successRate = stats !== undefined
-        ? (totalDomainPurchase === 0 ? undefined : stats.domainPurchased / totalDomainPurchase)
+        ? (stats?.domainPurchased === 0 ? undefined : ((stats?.domainPurchased ?? 0) - (stats?.domainPurchaseFailed ?? 0)) /  stats?.domainPurchased)
         : undefined
 
     return (
@@ -82,7 +80,7 @@ export default function StatisticsPage() {
                             loading={stats === undefined}
                             title={t`Purchased domain names`}
                             prefix={<FieldTimeOutlined/>}
-                            value={stats?.domainPurchased}
+                            value={(stats?.domainPurchased??0) - (stats?.domainPurchaseFailed??0)}
                             valueStyle={{color: 'green'}}
                         />
                     </Card>
@@ -95,7 +93,7 @@ export default function StatisticsPage() {
                             <Statistic
                                 loading={stats === undefined}
                                 title={t`Success rate`}
-                                value={successRate === undefined ? '-' : successRate * 100}
+                                value={successRate === undefined ? '-' : (successRate * 100).toFixed(2)}
                                 suffix='%'
                                 valueStyle={{color: successRate === undefined ? 'grey' : successRate >= 0.5 ? 'darkgreen' : 'orange'}}
                             />
@@ -104,20 +102,19 @@ export default function StatisticsPage() {
                 </Col>
             </Row>
             <Divider/>
-            <Row gutter={16} justify='center' align='middle'>
+            <Flex gap={16} wrap justify='center' align='middle'>
                 {stats?.domainCount
                     .sort((a, b) => b.domain - a.domain)
-                    .map(({domain, tld}) => <Col key={tld} span={4}>
-                        <Card bordered={false}>
+                    .map(({domain, tld}) =>
+                        <Card key={tld} bordered={false}>
                             <Statistic
                                 loading={stats === undefined}
                                 title={tld ? tld : t`TLD`}
                                 value={domain}
                                 valueStyle={{color: 'darkorange'}}
                             />
-                        </Card>
-                    </Col>)}
-            </Row>
+                        </Card>)}
+            </Flex>
         </>
     )
 }

assets/pages/infrastructure/IcannRegistrarPage.tsx

@@ -5,6 +5,7 @@ import {t} from 'ttag'
 import type {ColumnType} from 'antd/es/table'
 import {CheckCircleOutlined, SettingOutlined, CloseCircleOutlined} from "@ant-design/icons"
 import {getIcannAccreditations} from "../../utils/api/icann-accreditations"
+import useBreakpoint from "../../hooks/useBreakpoint"
 
 const {Text, Paragraph} = Typography
 
@@ -19,6 +20,7 @@ function RegistrarListTable(filters: FiltersType) {
         name: string
     }
 
+    const sm = useBreakpoint('sm')
     const [dataTable, setDataTable] = useState<TableRow[]>([])
     const [total, setTotal] = useState(0)
 
@@ -63,14 +65,15 @@ function RegistrarListTable(filters: FiltersType) {
                     fetchData({...filters, page, itemsPerPage})
                 }
             }}
-
-            scroll={{y: '50vh'}}
+            scroll={sm ? {} : {y: '50vh'}}
+            size={sm ? 'small' : 'large'}
         />
     )
 }
 
 export default function IcannRegistrarPage() {
     const [activeTabKey, setActiveTabKey] = useState<string>('Accredited')
+    const sm = useBreakpoint('sm')
 
     const contentList: Record<string, React.ReactNode> = {
         Accredited: <>
@@ -125,6 +128,7 @@ export default function IcannRegistrarPage() {
                 activeTabKey={activeTabKey}
                 key={activeTabKey}
                 onTabChange={(k: string) => setActiveTabKey(k)}
+                size={sm ? 'small' : 'default'}
             >
                 {contentList[activeTabKey]}
 

assets/pages/infrastructure/TldPage.tsx

@@ -11,6 +11,7 @@ import {getCountryCode} from '../../utils/functions/getCountryCode'
 import {tldToEmoji} from '../../utils/functions/tldToEmoji'
 import {BankOutlined, FlagOutlined, GlobalOutlined, TrademarkOutlined} from "@ant-design/icons"
 import {Link} from "react-router-dom"
+import useBreakpoint from "../../hooks/useBreakpoint"
 
 const {Text, Paragraph} = Typography
 
@@ -30,6 +31,7 @@ function TldTable(filters: FiltersType) {
         Country?: string
     }
 
+    const sm = useBreakpoint('sm')
     const [dataTable, setDataTable] = useState<TableRow[]>([])
     const [total, setTotal] = useState(0)
 
@@ -110,14 +112,15 @@ function TldTable(filters: FiltersType) {
                     fetchData({...filters, page, itemsPerPage})
                 }
             }}
-
-            scroll={{y: '50vh'}}
+            scroll={sm ? {} : {y: '50vh'}}
+            size={sm ? 'small' : 'large'}
         />
     )
 }
 
 export default function TldPage() {
     const [activeTabKey, setActiveTabKey] = useState<string>('gTLD')
+    const sm = useBreakpoint("sm")
 
     const contentList: Record<string, React.ReactNode> = {
         sTLD: <>
@@ -185,6 +188,7 @@ export default function TldPage() {
                 activeTabKey={activeTabKey}
                 key={activeTabKey}
                 onTabChange={(k: string) => setActiveTabKey(k)}
+                size={sm ? 'small' : 'default'}
             >
                 {contentList[activeTabKey]}
 

assets/pages/search/DomainSearchPage.tsx

@@ -1,26 +1,31 @@
-import React, {useEffect, useState} from 'react'
-import type { FormProps} from 'antd'
-import {Empty, Flex, message, Skeleton} from 'antd'
-import type {Domain} from '../../utils/api'
-import { getDomain} from '../../utils/api'
+import React, {useContext, useEffect, useState} from 'react'
+import type {FormProps} from 'antd'
+import { Empty, Flex, FloatButton, message, Skeleton} from 'antd'
+import type {Domain, Watchlist} from '../../utils/api'
+import {addDomainToWatchlist, getDomain} from '../../utils/api'
 import type {AxiosError} from 'axios'
 import {t} from 'ttag'
-import type { FieldType} from '../../components/search/DomainSearchBar'
+import type {FieldType} from '../../components/search/DomainSearchBar'
 import {DomainSearchBar} from '../../components/search/DomainSearchBar'
 import {DomainResult} from '../../components/search/DomainResult'
 import {showErrorAPI} from '../../utils/functions/showErrorAPI'
 import {useNavigate, useParams} from 'react-router-dom'
+import {PlusOutlined} from '@ant-design/icons'
+import WatchlistSelectionModal from '../../components/tracking/watchlist/WatchlistSelectionModal'
+import {AuthenticatedContext} from "../../contexts"
 
 export default function DomainSearchPage() {
     const {query} = useParams()
     const [domain, setDomain] = useState<Domain | null>()
-    const [loading, setLoading] = useState<boolean>(false)
+    const domainLdhName = domain?.ldhName
+    const [loading, setLoading] = useState(false)
+    const [addToWatchlistModal, setAddToWatchlistModal] = useState(false)
+    const {isAuthenticated} = useContext(AuthenticatedContext)
+
 
     const [messageApi, contextHolder] = message.useMessage()
     const navigate = useNavigate()
 
-
-
     const onFinish: FormProps<FieldType>['onFinish'] = (values) => {
         navigate('/search/domain/' + values.ldhName)
 
@@ -41,7 +46,18 @@ export default function DomainSearchPage() {
         onFinish({ldhName: query, isRefreshForced: false})
     }, [])
 
-    return (
+    const addToWatchlist = async (watchlist: Watchlist) => {
+        await addDomainToWatchlist(watchlist, domain!.ldhName).then(() => {
+            setAddToWatchlistModal(false)
+
+            const ldhName = domain?.ldhName
+            messageApi.success(t`${ldhName} added to ${watchlist.name}`)
+        }).catch((e: AxiosError) => {
+            showErrorAPI(e, messageApi)
+        })
+    }
+
+    return <>
         <Flex gap='middle' align='center' justify='center' vertical>
             {contextHolder}
             <DomainSearchBar initialValue={query} onFinish={onFinish}/>
@@ -57,5 +73,29 @@ export default function DomainSearchPage() {
                 }
             </Skeleton>
         </Flex>
-    )
+        {domain && isAuthenticated
+            && <FloatButton
+                style={{
+                    position: 'fixed',
+                    insetInlineEnd: (100 - 40) / 2,
+                    bottom: 100 - 40 / 2
+                }}
+                tooltip={t`Add to Watchlist`}
+                type="primary"
+                icon={<PlusOutlined/>}
+                onClick={() => setAddToWatchlistModal(true)}
+            />
+        }
+        <WatchlistSelectionModal
+            open={addToWatchlistModal}
+            onFinish={addToWatchlist}
+            modalProps={{
+                title: t`Add ${domainLdhName} to a Watchlist`,
+                onCancel: () => setAddToWatchlistModal(false),
+                onClose: () => setAddToWatchlistModal(false),
+                cancelText: t`Cancel`,
+                okText: t`Add`
+            }}
+        />
+    </>
 }

assets/pages/tracking/WatchlistPage.tsx

@@ -1,34 +1,34 @@
 import React, {useEffect, useState} from 'react'
-import {Card, Divider, Flex, Form, message} from 'antd'
+import {Divider, Flex, Form, message} from 'antd'
 import type {Watchlist} from '../../utils/api'
 import {getWatchlists, postWatchlist, putWatchlist} from '../../utils/api'
 import type {AxiosError} from 'axios'
 import {t} from 'ttag'
-import {WatchlistForm} from '../../components/tracking/watchlist/WatchlistForm'
 import {WatchlistsList} from '../../components/tracking/watchlist/WatchlistsList'
 import type {Connector} from '../../utils/api/connectors'
 import { getConnectors} from '../../utils/api/connectors'
 
 import {showErrorAPI} from '../../utils/functions/showErrorAPI'
+import {CreateWatchlistButton} from "../../components/tracking/watchlist/CreateWatchlistButton"
 
 interface FormValuesType {
     name?: string
     domains: string[]
     trackedEvents: string[]
+    trackedEppStatus: string[]
     connector?: string
     dsn?: string[]
 }
 
-const getRequestDataFromFormCreation = (values: FormValuesType) => {
-    const domainsURI = values.domains.map(d => '/api/domains/' + d.toLowerCase())
-    return {
-        name: values.name,
-        domains: domainsURI,
+const getRequestDataFromFormCreation = (values: FormValuesType) =>
+    ({        name: values.name,
+        domains: values.domains.map(d => '/api/domains/' + d.toLowerCase()),
         trackedEvents: values.trackedEvents,
+        trackedEppStatus: values.trackedEppStatus,
         connector: values.connector !== undefined ? ('/api/connectors/' + values.connector) : undefined,
-        dsn: values.dsn
-    }
-}
+        dsn: values.dsn,
+        enabled: true
+    })
 
 export default function WatchlistPage() {
     const [form] = Form.useForm()
@@ -36,15 +36,13 @@ export default function WatchlistPage() {
     const [watchlists, setWatchlists] = useState<Watchlist[]>()
     const [connectors, setConnectors] = useState<Array<Connector & { id: string }>>()
 
-    const onCreateWatchlist = (values: FormValuesType) => {
-        postWatchlist(getRequestDataFromFormCreation(values)).then(() => {
+    const onCreateWatchlist = async (values: FormValuesType) => await postWatchlist(getRequestDataFromFormCreation(values)).then(() => {
             form.resetFields()
             refreshWatchlists()
             messageApi.success(t`Watchlist created !`)
         }).catch((e: AxiosError) => {
             showErrorAPI(e, messageApi)
         })
-    }
 
     const onUpdateWatchlist = async (values: FormValuesType & { token: string }) => await putWatchlist({
             token: values.token,
@@ -76,18 +74,17 @@ export default function WatchlistPage() {
     return (
         <Flex gap='middle' align='center' justify='center' vertical>
             {contextHolder}
-            <Card size='small' loading={connectors === undefined} title={t`Create a Watchlist`} style={{width: '100%'}}>
-                {(connectors != null) &&
-                    <WatchlistForm form={form} onFinish={onCreateWatchlist} connectors={connectors} isCreation/>}
-            </Card>
+            {(connectors !== undefined) && (watchlists !== undefined) &&
+                <>
+                    <CreateWatchlistButton onUpdateWatchlist={onCreateWatchlist} connectors={connectors} />
                     <Divider/>
-            {(connectors != null) && (watchlists != null) && watchlists.length > 0 &&
                     <WatchlistsList
                         watchlists={watchlists}
-                    onDelete={refreshWatchlists}
+                        onChange={refreshWatchlists}
                         connectors={connectors}
                         onUpdateWatchlist={onUpdateWatchlist}
-                />}
+                    />
+                </>}
         </Flex>
     )
 }

assets/utils/api/index.ts

@@ -81,8 +81,10 @@ export interface WatchlistRequest {
     name?: string
     domains: string[]
     trackedEvents?: string[]
+    trackedEppStatus?: string[]
     connector?: string
     dsn?: string[]
+    enabled?: boolean
 }
 
 export interface Watchlist {
@@ -91,6 +93,7 @@ export interface Watchlist {
     token: string
     domains: Domain[]
     trackedEvents?: string[]
+    trackedEppStatus?: string[]
     dsn?: string[]
     connector?: {
         id: string
@@ -98,12 +101,15 @@ export interface Watchlist {
         createdAt: string
     }
     createdAt: string
+    enabled: boolean
 }
 
 export interface InstanceConfig {
+    ssoAutoRedirect: boolean
     ssoLogin: boolean
     limtedFeatures: boolean
     registerEnabled: boolean
+    publicRdapLookupEnabled: boolean
 }
 
 export interface Statistics {

assets/utils/api/watchlist.ts

@@ -32,6 +32,25 @@ export async function postWatchlist(watchlist: WatchlistRequest) {
     return response.data
 }
 
+export async function patchWatchlist(token: string, watchlist: Partial<WatchlistRequest>) {
+    const response = await request<{ token: string }>({
+        method: 'PATCH',
+        url: 'watchlists/' + token,
+        data: watchlist,
+        headers: {
+            'Content-Type': 'application/merge-patch+json'
+        }
+    })
+    return response.data
+}
+
+export async function addDomainToWatchlist(watchlist: Watchlist, ldhName: string) {
+    const domains = watchlist.domains.map(d => '/api/domains/' + d.ldhName)
+    domains.push('/api/domains/' + ldhName)
+
+    return patchWatchlist(watchlist.token, {domains})
+}
+
 export async function deleteWatchlist(token: string): Promise<void> {
     await request({
         method: 'DELETE',

assets/utils/functions/DomainToTag.tsx

@@ -6,10 +6,8 @@ import React from 'react'
 import type {Event} from "../api"
 import {t} from "ttag"
 
-export function DomainToTag({domain}: { domain: { ldhName: string, deleted: boolean, status: string[], events?: Event[] } }) {
-    return (
-        <Link to={'/search/domain/' + domain.ldhName}>
-            <Badge dot={domain.events?.find(e =>
+export function DomainToTag({domain, link}: { domain: { ldhName: string, deleted: boolean, status: string[], events?: Event[] }, link?: boolean }) {
+    const tag = <Badge dot={domain.events?.find(e =>
         e.action === 'last changed' &&
         !e.deleted &&
         ((new Date().getTime() - new Date(e.date).getTime()) < 7*24*60*60*1e3)
@@ -32,6 +30,14 @@ export function DomainToTag({domain}: { domain: { ldhName: string, deleted: bool
         >{punycode.toUnicode(domain.ldhName)}
         </Tag>
     </Badge>
+
+    if (link ?? true) {
+        return (
+            <Link to={'/search/domain/' + domain.ldhName}>
+                {tag}
             </Link>
         )
+    } else {
+        return tag
+    }
 }

assets/utils/functions/StatusToTag.tsx

@@ -10,6 +10,7 @@ export function statusToTag(s: string) {
         <Tooltip
             placement='bottomLeft'
             title={rdapStatusCodeDetailTranslated[s as keyof typeof rdapStatusCodeDetailTranslated] || undefined}
+            key={s}
         >
             <Tag color={eppStatusCodeToColor(s)}>{s}</Tag>
         </Tooltip>

assets/utils/functions/eppStatusCodeToColor.tsx

@@ -1,4 +1,5 @@
-export const eppStatusCodeToColor = (s: string) =>
+export const eppStatusCodeToColor = (s?: string) =>
+    s === undefined ? 'default' :
         ['active', 'ok'].includes(s)
             ? 'green'
             : ['pending delete', 'redemption period'].includes(s)

assets/utils/functions/rdapTranslation.ts

@@ -68,23 +68,7 @@ export const rdapEventDetailTranslation = () => ({
     'enum validation expiration': t`Association of phone number represented by this ENUM domain to registrant has expired or will expire at a predetermined date and time.`
 })
 
-/**
- * @see https://www.iana.org/assignments/rdap-json-values/rdap-json-values.xhtml
- * @see https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
- */
-export const rdapStatusCodeDetailTranslation = () => ({
-    validated: t`Signifies that the data of the object instance has been found to be accurate.`,
-    'renew prohibited': t`Renewal or reregistration of the object instance is forbidden.`,
-    'update prohibited': t`Updates to the object instance are forbidden.`,
-    'transfer prohibited': t`Transfers of the registration from one registrar to another are forbidden.`,
-    'delete prohibited': t`Deletion of the registration of the object instance is forbidden.`,
-    proxy: t`The registration of the object instance has been performed by a third party.`,
-    private: t`The information of the object instance is not designated for public consumption.`,
-    removed: t`Some of the information of the object instance has not been made available and has been removed.`,
-    obscured: t`Some of the information of the object instance has been altered for the purposes of not readily revealing the actual information of the object instance.`,
-    associated: t`The object instance is associated with other object instances in the registry.`,
-    locked: t`Changes to the object instance cannot be made, including the association of other object instances.`,
-
+export const rdapDomainStatusCodeDetailTranslation = () => ({
     active: t`This is the standard status for a domain, meaning it has no pending operations or prohibitions.`,
     inactive: t`This status code indicates that delegation information (name servers) has not been associated with your domain. Your domain is not activated in the DNS and will not resolve.`,
     'pending create': t`This status code indicates that a request to create your domain has been received and is being processed.`,
@@ -110,6 +94,27 @@ export const rdapStatusCodeDetailTranslation = () => ({
     'server hold': t`This status code is set by your domain's Registry Operator. Your domain is not activated in the DNS.`,
     'transfer period': t`This grace period is provided after the successful transfer of a domain name from one registrar to another. If the new registrar deletes the domain name during this period, the registry provides a credit to the registrar for the cost of the transfer.`,
 
+})
+
+/**
+ * @see https://www.iana.org/assignments/rdap-json-values/rdap-json-values.xhtml
+ * @see https://www.icann.org/resources/pages/epp-status-codes-2014-06-16-en
+ */
+export const rdapStatusCodeDetailTranslation = () => ({
+    validated: t`Signifies that the data of the object instance has been found to be accurate.`,
+    'renew prohibited': t`Renewal or reregistration of the object instance is forbidden.`,
+    'update prohibited': t`Updates to the object instance are forbidden.`,
+    'transfer prohibited': t`Transfers of the registration from one registrar to another are forbidden.`,
+    'delete prohibited': t`Deletion of the registration of the object instance is forbidden.`,
+    proxy: t`The registration of the object instance has been performed by a third party.`,
+    private: t`The information of the object instance is not designated for public consumption.`,
+    removed: t`Some of the information of the object instance has not been made available and has been removed.`,
+    obscured: t`Some of the information of the object instance has been altered for the purposes of not readily revealing the actual information of the object instance.`,
+    associated: t`The object instance is associated with other object instances in the registry.`,
+    locked: t`Changes to the object instance cannot be made, including the association of other object instances.`,
+
+    ...rdapDomainStatusCodeDetailTranslation(),
+
     administrative: t`The object instance has been allocated administratively (i.e., not for use by the recipient in their own right in operational networks).`,
     reserved: t`The object instance has been allocated to an IANA special-purpose address registry.`
 })

assets/utils/providers/forms/NamecheapConnectorForm.tsx

@@ -10,7 +10,7 @@ export default function NamecheapConnectorForm() {
                 label={t`Username`}
                 name={['authData', 'ApiUser']}
                 help={<Typography.Link target='_blank' href='https://ap.www.namecheap.com/settings/tools/apiaccess/'>
-                    {t`Retreive an API key and whitelist this instance's IP address on Namecheap's website`}
+                    {t`Retrieve an API key and whitelist this instance's IP address on Namecheap's website`}
                 </Typography.Link>}
             >
                 <Input prefix={<UserOutlined/>} autoComplete='off'/>

composer.json

@@ -20,9 +20,10 @@
   "minimum-stability": "stable",
   "prefer-stable": true,
   "require": {
-    "php": ">=8.2",
+    "php": ">=8.4",
     "ext-ctype": "*",
     "ext-iconv": "*",
+    "ext-redis": "*",
     "ext-simplexml": "*",
     "api-platform/core": "^3.3",
     "doctrine/dbal": "^3",
@@ -32,7 +33,7 @@
     "eluceo/ical": "^2.14",
     "influxdata/influxdb-client-php": "^3.6",
     "knpuniversity/oauth2-client-bundle": "^2.18",
-    "laminas/laminas-feed": "^2.23",
+    "laminas/laminas-feed": "2.26.x-dev",
     "lexik/jwt-authentication-bundle": "^3.1",
     "metaregistrar/php-epp-client": "^1.0",
     "nelmio/cors-bundle": "^2.5",
@@ -42,6 +43,7 @@
     "protonlabs/vobject": "^4.31",
     "psr/http-client": "^1.0",
     "runtime/frankenphp-symfony": "^0.2.0",
+    "scienta/doctrine-json-functions": "^6.3",
     "symfony/asset": "7.3.*",
     "symfony/asset-mapper": "7.3.*",
     "symfony/cache": "7.3.*",
@@ -154,7 +156,7 @@
     "symfony/css-selector": "7.3.*",
     "symfony/debug-bundle": "7.3.*",
     "symfony/maker-bundle": "^1.0",
-    "symfony/phpunit-bridge": "^7.1",
+    "symfony/phpunit-bridge": "^7.3",
     "symfony/stopwatch": "7.3.*",
     "symfony/web-profiler-bundle": "7.3.*",
     "zenstruck/foundry": "^2.7"

config/packages/api_platform.yaml

@@ -1,7 +1,15 @@
 api_platform:
     title: Domain Watchdog API
-    version: 1.0.0
+    description: List of operations that can be performed on the Domain Watchdog project API. These endpoints allow you to perform any useful action related to domain name searches, managing Watchlists and Connectors, etc.
+    version: 1.3.5
     asset_package: 'api_platform'
+    openapi:
+        contact:
+            name: Domain Watchdog
+            url: https://github.com/maelgangloff/domain-watchdog/
+        license:
+            name: GNU Affero General Public License v3.0
+            url: https://www.gnu.org/licenses/agpl-3.0.txt
     formats:
         jsonld: [ 'application/ld+json' ]
         xml: [ 'application/xml' ]
@@ -42,7 +50,9 @@ api_platform:
         App\Exception\TldNotSupportedException: 400
         App\Exception\UnknownRdapServerException: 400
         App\Exception\UnsupportedDsnScheme: 400
+        App\Exception\RdapServerException: 400
 
         # Provider exception
         App\Exception\Provider\UserNoExplicitConsentException: 451
         App\Exception\Provider\AbstractProviderException: 400
+        Metaregistrar\EPP\eppException: 400

config/packages/doctrine.yaml

@@ -10,7 +10,7 @@ doctrine:
         use_savepoints: true
     orm:
         auto_generate_proxy_classes: true
-        enable_lazy_ghost_objects: true
+        enable_native_lazy_objects: true
         report_fields_where_declared: true
         validate_xml_mapping: true
         naming_strategy: doctrine.orm.naming_strategy.underscore_number_aware
@@ -24,6 +24,9 @@ doctrine:
                 alias: App
         controller_resolver:
             auto_mapping: false
+        dql:
+            string_functions:
+                JSONB_CONTAINS: Scienta\DoctrineJsonFunctions\Query\AST\Functions\Postgresql\JsonbContains
 
 when@test:
     doctrine:

config/packages/messenger.yaml

@@ -5,10 +5,30 @@ framework:
         transports:
             # https://symfony.com/doc/current/messenger.html#transport-configuration
             async:
-                dsn: '%env(MESSENGER_TRANSPORT_DSN)%'
+                dsn: '%env(MESSENGER_ASYNC_TRANSPORT_DSN)%'
                 retry_strategy:
                     max_retries: 3
                     multiplier: 2
+                options:
+                    consumer: '%env(MESSENGER_CONSUMER_NAME)%'
+            rdap_high:
+                dsn: '%env(MESSENGER_RDAP_HIGH_TRANSPORT_DSN)%'
+                options:
+                    consumer: '%env(MESSENGER_CONSUMER_NAME)%'
+                retry_strategy:
+                    delay: 1000
+                    multiplier: 2
+                    max_delay: 86400000
+
+            rdap_low:
+                dsn: '%env(MESSENGER_RDAP_LOW_TRANSPORT_DSN)%'
+                options:
+                    consumer: '%env(MESSENGER_CONSUMER_NAME)%'
+                retry_strategy:
+                    delay: 2000
+                    multiplier: 2
+                    max_delay: 86400000
+
             failed: 'doctrine://default?queue_name=failed'
             # sync: 'sync://'
 
@@ -23,11 +43,9 @@ framework:
             Symfony\Component\Notifier\Message\SmsMessage: async
 
             App\Message\OrderDomain: async
-            App\Message\ProcessWatchListsTrigger: async
-            App\Message\SendDomainEventNotif: async
-            App\Message\UpdateDomainsFromWatchlist: async
+            App\Message\DetectDomainChange: async
+            App\Message\ProcessAllWatchlist: async
+            App\Message\ProcessWatchlist: async
             App\Message\UpdateRdapServers: async
             App\Message\ValidateConnectorCredentials: async
-
-            # Route your messages to the transports
-            # 'App\Message\YourMessage': async
+            App\Message\UpdateDomain: rdap_high

config/packages/rate_limiter.yaml

@@ -17,10 +17,15 @@ framework:
 
         user_register:
             policy: token_bucket
-            limit: 1
+            limit: 5
             rate: { interval: '5 minutes' }
 
-        rdap_requests:
+        user_rdap_requests:
             policy: sliding_window
-            limit: 10
+            limit: 60
+            interval: '1 hour'
+
+        public_rdap_requests:
+            policy: sliding_window
+            limit: 30
             interval: '1 hour'

config/packages/security.yaml

@@ -60,6 +60,7 @@ security:
         - { path: ^/api$, roles: PUBLIC_ACCESS }
         - { path: ^/api/docs, roles: PUBLIC_ACCESS }
         - { path: ^/api/register$, roles: PUBLIC_ACCESS }
+        - { path: ^/api/domains/*, roles: CAN_RDAP_LOOKUP }
         - { path: "^/api/watchlists/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/calendar$", roles: PUBLIC_ACCESS }
         - { path: "^/api/watchlists/[0-9a-f]{8}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{4}-[0-9a-f]{12}/rss", roles: PUBLIC_ACCESS }
         - { path: "^/api/config$", roles: PUBLIC_ACCESS }

config/services.yaml

@@ -7,12 +7,27 @@ parameters:
     custom_rdap_servers_file: '%kernel.project_dir%/config/app/custom_rdap_servers.yaml'
 
     mailer_sender_email: '%env(string:MAILER_SENDER_EMAIL)%'
+
     mailer_sender_name: '%env(string:MAILER_SENDER_NAME)%'
+    env(MAILER_SENDER_NAME): Domain Watchdog
+
     oauth_enabled: '%env(OAUTH_CLIENT_ID)%'
+
+    sso_auto_redirect: '%env(bool:SSO_AUTO_REDIRECT)%'
+    env(SSO_AUTO_REDIRECT): false
+
     registration_enabled: '%env(bool:REGISTRATION_ENABLED)%'
+    env(REGISTRATION_ENABLED): true
+
     registration_verify_email: '%env(bool:REGISTRATION_VERIFY_EMAIL)%'
+    env(REGISTRATION_VERIFY_EMAIL): false
+
+    public_rdap_lookup_enabled: '%env(bool:PUBLIC_RDAP_LOOKUP_ENABLED)%'
+    env(PUBLIC_RDAP_LOOKUP_ENABLED): false
 
     limited_features: '%env(bool:LIMITED_FEATURES)%'
+    env(LIMITED_FEATURES): false
+
     limit_max_watchlist: '%env(int:LIMIT_MAX_WATCHLIST)%'
     limit_max_watchlist_domains: '%env(int:LIMIT_MAX_WATCHLIST_DOMAINS)%'
     limit_max_watchlist_webhooks: '%env(int:LIMIT_MAX_WATCHLIST_WEBHOOKS)%'
@@ -20,6 +35,8 @@ parameters:
     outgoing_ip: '%env(string:OUTGOING_IP)%'
 
     influxdb_enabled: '%env(bool:INFLUXDB_ENABLED)%'
+    env(INFLUXDB_ENABLED): false
+
     influxdb_url: '%env(string:INFLUXDB_URL)%'
     influxdb_token: '%env(string:INFLUXDB_TOKEN)%'
     influxdb_bucket: '%env(string:INFLUXDB_BUCKET)%'
@@ -46,3 +63,11 @@ services:
 
     # add more service definitions when explicit configuration is needed
     # please note that last definitions always *replace* previous ones
+
+when@test:
+    parameters:
+        gandi_pat_token: '%env(string:GANDI_PAT_TOKEN)%'
+        namecom_username: '%env(string:NAMECOM_USERNAME)%'
+        namecom_password: '%env(string:NAMECOM_PASSWORD)%'
+        namecheap_username: '%env(string:NAMECHEAP_USERNAME)%'
+        namecheap_token: '%env(string:NAMECHEAP_TOKEN)%'

docker-compose.yml

@@ -1,42 +1,52 @@
 # Please see https://github.com/maelgangloff/domain-watchdog
+
 services:
     domainwatchdog:
         image: maelgangloff/domain-watchdog:latest
+        container_name: domainwatchdog_app
         restart: unless-stopped
+        env_file:
+            - .env.local
         environment:
+            APP_ENV: prod
             SERVER_NAME: ${SERVER_NAME:-:80}
-            DATABASE_URL: postgresql://${POSTGRES_USER:-app}:${POSTGRES_PASSWORD:-!ChangeMe!}@${POSTGRES_HOST:-database}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-app}?serverVersion=${POSTGRES_VERSION:-15}&charset=${POSTGRES_CHARSET:-utf8}
-            APP_SECRET: ${APP_SECRET:-ChangeMe}
-            REGISTRATION_ENABLED: ${REGISTRATION_ENABLED:-true}
-            REGISTRATION_VERIFY_EMAIL: ${REGISTRATION_VERIFY_EMAIL:-false}
-            LIMITED_FEATURES: ${LIMITED_FEATURES:-false}
-            LIMIT_MAX_WATCHLIST: ${LIMIT_MAX_WATCHLIST:-0}
-            LIMIT_MAX_WATCHLIST_DOMAINS: ${LIMIT_MAX_WATCHLIST_DOMAINS:-0}
-            LIMIT_MAX_WATCHLIST_WEBHOOKS: ${LIMIT_MAX_WATCHLIST_WEBHOOKS:-0}
-            MAILER_DSN: ${MAILER_DSN:-null://null}
+            DATABASE_URL: postgresql://${POSTGRES_USER:-app}:${POSTGRES_PASSWORD:-!ChangeMe!}@database:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-app}?serverVersion=${POSTGRES_VERSION:-15}&charset=${POSTGRES_CHARSET:-utf8}
+            MESSENGER_ASYNC_TRANSPORT_DSN: redis://valkey:6379/messages
+            MESSENGER_RDAP_LOW_TRANSPORT_DSN: redis://valkey:6379/messages-rdap-low
+            MESSENGER_RDAP_HIGH_TRANSPORT_DSN: redis://valkey:6379/messages-rdap-high
         volumes:
             - caddy_data:/data
             - caddy_config:/config
             - ./public/content:/app/public/content
         ports:
             - "127.0.0.1:8080:80"
+        depends_on:
+            - database
 
     php-worker:
         image: maelgangloff/domain-watchdog:latest
+        container_name: domainwatchdog_worker
         restart: always
         command: php /app/bin/console messenger:consume --all --time-limit=3600 -vvv
+        env_file:
+            - .env.local
         environment:
-            DATABASE_URL: postgresql://${POSTGRES_USER:-app}:${POSTGRES_PASSWORD:-!ChangeMe!}@${POSTGRES_HOST:-database}:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-app}?serverVersion=${POSTGRES_VERSION:-15}&charset=${POSTGRES_CHARSET:-utf8}
-            APP_SECRET: ${APP_SECRET:-ChangeMe}
-            MAILER_DSN: ${MAILER_DSN:-null://null}
+            APP_ENV: prod
+            DATABASE_URL: postgresql://${POSTGRES_USER:-app}:${POSTGRES_PASSWORD:-!ChangeMe!}@database:${POSTGRES_PORT:-5432}/${POSTGRES_DB:-app}?serverVersion=${POSTGRES_VERSION:-15}&charset=${POSTGRES_CHARSET:-utf8}
+            MESSENGER_ASYNC_TRANSPORT_DSN: redis://valkey:6379/messages
+            MESSENGER_RDAP_LOW_TRANSPORT_DSN: redis://valkey:6379/messages-rdap-low
+            MESSENGER_RDAP_HIGH_TRANSPORT_DSN: redis://valkey:6379/messages-rdap-high
+            MESSENGER_CONSUMER_NAME: worker
+        depends_on:
+            - database
         healthcheck:
-            disable: true
             test: [ ]
-    #        volumes:
-    #            - ./custom_rdap_servers.yaml:/app/config/app/custom_rdap_servers.yaml # Please see #41 issue
+            disable: true
 
     database:
         image: postgres:${POSTGRES_VERSION:-16}-alpine
+        container_name: domainwatchdog_db
+        restart: unless-stopped
         environment:
             POSTGRES_DB: ${POSTGRES_DB:-app}
             POSTGRES_PASSWORD: ${POSTGRES_PASSWORD:-!ChangeMe!}
@@ -49,12 +59,10 @@ services:
         volumes:
             - database_data:/var/lib/postgresql/data:rw
 
-#    keydb:
-#        image: eqalpha/keydb:latest
-#        container_name: keydb
-#        restart: always
-#        ports:
-#            - "127.0.0.1:6379:6379"
+    valkey:
+        image: valkey/valkey
+        container_name: valkey
+        restart: always
 
 #  influxdb2:
 #    image: influxdb:2

docs/.gitignore

@@ -0,0 +1,24 @@
+# build output
+dist/
+# generated types
+.astro/
+
+# dependencies
+node_modules/
+
+# logs
+npm-debug.log*
+yarn-debug.log*
+yarn-error.log*
+pnpm-debug.log*
+
+
+# environment variables
+.env
+.env.production
+
+# macOS-specific files
+.DS_Store
+
+
+swagger_docs.json

docs/LICENSE

@@ -0,0 +1,661 @@
+                    GNU AFFERO GENERAL PUBLIC LICENSE
+                       Version 3, 19 November 2007
+
+ Copyright (C) 2007 Free Software Foundation, Inc. <https://fsf.org/>
+ Everyone is permitted to copy and distribute verbatim copies
+ of this license document, but changing it is not allowed.
+
+                            Preamble
+
+  The GNU Affero General Public License is a free, copyleft license for
+software and other kinds of works, specifically designed to ensure
+cooperation with the community in the case of network server software.
+
+  The licenses for most software and other practical works are designed
+to take away your freedom to share and change the works.  By contrast,
+our General Public Licenses are intended to guarantee your freedom to
+share and change all versions of a program--to make sure it remains free
+software for all its users.
+
+  When we speak of free software, we are referring to freedom, not
+price.  Our General Public Licenses are designed to make sure that you
+have the freedom to distribute copies of free software (and charge for
+them if you wish), that you receive source code or can get it if you
+want it, that you can change the software or use pieces of it in new
+free programs, and that you know you can do these things.
+
+  Developers that use our General Public Licenses protect your rights
+with two steps: (1) assert copyright on the software, and (2) offer
+you this License which gives you legal permission to copy, distribute
+and/or modify the software.
+
+  A secondary benefit of defending all users' freedom is that
+improvements made in alternate versions of the program, if they
+receive widespread use, become available for other developers to
+incorporate.  Many developers of free software are heartened and
+encouraged by the resulting cooperation.  However, in the case of
+software used on network servers, this result may fail to come about.
+The GNU General Public License permits making a modified version and
+letting the public access it on a server without ever releasing its
+source code to the public.
+
+  The GNU Affero General Public License is designed specifically to
+ensure that, in such cases, the modified source code becomes available
+to the community.  It requires the operator of a network server to
+provide the source code of the modified version running there to the
+users of that server.  Therefore, public use of a modified version, on
+a publicly accessible server, gives the public access to the source
+code of the modified version.
+
+  An older license, called the Affero General Public License and
+published by Affero, was designed to accomplish similar goals.  This is
+a different license, not a version of the Affero GPL, but Affero has
+released a new version of the Affero GPL which permits relicensing under
+this license.
+
+  The precise terms and conditions for copying, distribution and
+modification follow.
+
+                       TERMS AND CONDITIONS
+
+  0. Definitions.
+
+  "This License" refers to version 3 of the GNU Affero General Public License.
+
+  "Copyright" also means copyright-like laws that apply to other kinds of
+works, such as semiconductor masks.
+
+  "The Program" refers to any copyrightable work licensed under this
+License.  Each licensee is addressed as "you".  "Licensees" and
+"recipients" may be individuals or organizations.
+
+  To "modify" a work means to copy from or adapt all or part of the work
+in a fashion requiring copyright permission, other than the making of an
+exact copy.  The resulting work is called a "modified version" of the
+earlier work or a work "based on" the earlier work.
+
+  A "covered work" means either the unmodified Program or a work based
+on the Program.
+
+  To "propagate" a work means to do anything with it that, without
+permission, would make you directly or secondarily liable for
+infringement under applicable copyright law, except executing it on a
+computer or modifying a private copy.  Propagation includes copying,
+distribution (with or without modification), making available to the
+public, and in some countries other activities as well.
+
+  To "convey" a work means any kind of propagation that enables other
+parties to make or receive copies.  Mere interaction with a user through
+a computer network, with no transfer of a copy, is not conveying.
+
+  An interactive user interface displays "Appropriate Legal Notices"
+to the extent that it includes a convenient and prominently visible
+feature that (1) displays an appropriate copyright notice, and (2)
+tells the user that there is no warranty for the work (except to the
+extent that warranties are provided), that licensees may convey the
+work under this License, and how to view a copy of this License.  If
+the interface presents a list of user commands or options, such as a
+menu, a prominent item in the list meets this criterion.
+
+  1. Source Code.
+
+  The "source code" for a work means the preferred form of the work
+for making modifications to it.  "Object code" means any non-source
+form of a work.
+
+  A "Standard Interface" means an interface that either is an official
+standard defined by a recognized standards body, or, in the case of
+interfaces specified for a particular programming language, one that
+is widely used among developers working in that language.
+
+  The "System Libraries" of an executable work include anything, other
+than the work as a whole, that (a) is included in the normal form of
+packaging a Major Component, but which is not part of that Major
+Component, and (b) serves only to enable use of the work with that
+Major Component, or to implement a Standard Interface for which an
+implementation is available to the public in source code form.  A
+"Major Component", in this context, means a major essential component
+(kernel, window system, and so on) of the specific operating system
+(if any) on which the executable work runs, or a compiler used to
+produce the work, or an object code interpreter used to run it.
+
+  The "Corresponding Source" for a work in object code form means all
+the source code needed to generate, install, and (for an executable
+work) run the object code and to modify the work, including scripts to
+control those activities.  However, it does not include the work's
+System Libraries, or general-purpose tools or generally available free
+programs which are used unmodified in performing those activities but
+which are not part of the work.  For example, Corresponding Source
+includes interface definition files associated with source files for
+the work, and the source code for shared libraries and dynamically
+linked subprograms that the work is specifically designed to require,
+such as by intimate data communication or control flow between those
+subprograms and other parts of the work.
+
+  The Corresponding Source need not include anything that users
+can regenerate automatically from other parts of the Corresponding
+Source.
+
+  The Corresponding Source for a work in source code form is that
+same work.
+
+  2. Basic Permissions.
+
+  All rights granted under this License are granted for the term of
+copyright on the Program, and are irrevocable provided the stated
+conditions are met.  This License explicitly affirms your unlimited
+permission to run the unmodified Program.  The output from running a
+covered work is covered by this License only if the output, given its
+content, constitutes a covered work.  This License acknowledges your
+rights of fair use or other equivalent, as provided by copyright law.
+
+  You may make, run and propagate covered works that you do not
+convey, without conditions so long as your license otherwise remains
+in force.  You may convey covered works to others for the sole purpose
+of having them make modifications exclusively for you, or provide you
+with facilities for running those works, provided that you comply with
+the terms of this License in conveying all material for which you do
+not control copyright.  Those thus making or running the covered works
+for you must do so exclusively on your behalf, under your direction
+and control, on terms that prohibit them from making any copies of
+your copyrighted material outside their relationship with you.
+
+  Conveying under any other circumstances is permitted solely under
+the conditions stated below.  Sublicensing is not allowed; section 10
+makes it unnecessary.
+
+  3. Protecting Users' Legal Rights From Anti-Circumvention Law.
+
+  No covered work shall be deemed part of an effective technological
+measure under any applicable law fulfilling obligations under article
+11 of the WIPO copyright treaty adopted on 20 December 1996, or
+similar laws prohibiting or restricting circumvention of such
+measures.
+
+  When you convey a covered work, you waive any legal power to forbid
+circumvention of technological measures to the extent such circumvention
+is effected by exercising rights under this License with respect to
+the covered work, and you disclaim any intention to limit operation or
+modification of the work as a means of enforcing, against the work's
+users, your or third parties' legal rights to forbid circumvention of
+technological measures.
+
+  4. Conveying Verbatim Copies.
+
+  You may convey verbatim copies of the Program's source code as you
+receive it, in any medium, provided that you conspicuously and
+appropriately publish on each copy an appropriate copyright notice;
+keep intact all notices stating that this License and any
+non-permissive terms added in accord with section 7 apply to the code;
+keep intact all notices of the absence of any warranty; and give all
+recipients a copy of this License along with the Program.
+
+  You may charge any price or no price for each copy that you convey,
+and you may offer support or warranty protection for a fee.
+
+  5. Conveying Modified Source Versions.
+
+  You may convey a work based on the Program, or the modifications to
+produce it from the Program, in the form of source code under the
+terms of section 4, provided that you also meet all of these conditions:
+
+    a) The work must carry prominent notices stating that you modified
+    it, and giving a relevant date.
+
+    b) The work must carry prominent notices stating that it is
+    released under this License and any conditions added under section
+    7.  This requirement modifies the requirement in section 4 to
+    "keep intact all notices".
+
+    c) You must license the entire work, as a whole, under this
+    License to anyone who comes into possession of a copy.  This
+    License will therefore apply, along with any applicable section 7
+    additional terms, to the whole of the work, and all its parts,
+    regardless of how they are packaged.  This License gives no
+    permission to license the work in any other way, but it does not
+    invalidate such permission if you have separately received it.
+
+    d) If the work has interactive user interfaces, each must display
+    Appropriate Legal Notices; however, if the Program has interactive
+    interfaces that do not display Appropriate Legal Notices, your
+    work need not make them do so.
+
+  A compilation of a covered work with other separate and independent
+works, which are not by their nature extensions of the covered work,
+and which are not combined with it such as to form a larger program,
+in or on a volume of a storage or distribution medium, is called an
+"aggregate" if the compilation and its resulting copyright are not
+used to limit the access or legal rights of the compilation's users
+beyond what the individual works permit.  Inclusion of a covered work
+in an aggregate does not cause this License to apply to the other
+parts of the aggregate.
+
+  6. Conveying Non-Source Forms.
+
+  You may convey a covered work in object code form under the terms
+of sections 4 and 5, provided that you also convey the
+machine-readable Corresponding Source under the terms of this License,
+in one of these ways:
+
+    a) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by the
+    Corresponding Source fixed on a durable physical medium
+    customarily used for software interchange.
+
+    b) Convey the object code in, or embodied in, a physical product
+    (including a physical distribution medium), accompanied by a
+    written offer, valid for at least three years and valid for as
+    long as you offer spare parts or customer support for that product
+    model, to give anyone who possesses the object code either (1) a
+    copy of the Corresponding Source for all the software in the
+    product that is covered by this License, on a durable physical
+    medium customarily used for software interchange, for a price no
+    more than your reasonable cost of physically performing this
+    conveying of source, or (2) access to copy the
+    Corresponding Source from a network server at no charge.
+
+    c) Convey individual copies of the object code with a copy of the
+    written offer to provide the Corresponding Source.  This
+    alternative is allowed only occasionally and noncommercially, and
+    only if you received the object code with such an offer, in accord
+    with subsection 6b.
+
+    d) Convey the object code by offering access from a designated
+    place (gratis or for a charge), and offer equivalent access to the
+    Corresponding Source in the same way through the same place at no
+    further charge.  You need not require recipients to copy the
+    Corresponding Source along with the object code.  If the place to
+    copy the object code is a network server, the Corresponding Source
+    may be on a different server (operated by you or a third party)
+    that supports equivalent copying facilities, provided you maintain
+    clear directions next to the object code saying where to find the
+    Corresponding Source.  Regardless of what server hosts the
+    Corresponding Source, you remain obligated to ensure that it is
+    available for as long as needed to satisfy these requirements.
+
+    e) Convey the object code using peer-to-peer transmission, provided
+    you inform other peers where the object code and Corresponding
+    Source of the work are being offered to the general public at no
+    charge under subsection 6d.
+
+  A separable portion of the object code, whose source code is excluded
+from the Corresponding Source as a System Library, need not be
+included in conveying the object code work.
+
+  A "User Product" is either (1) a "consumer product", which means any
+tangible personal property which is normally used for personal, family,
+or household purposes, or (2) anything designed or sold for incorporation
+into a dwelling.  In determining whether a product is a consumer product,
+doubtful cases shall be resolved in favor of coverage.  For a particular
+product received by a particular user, "normally used" refers to a
+typical or common use of that class of product, regardless of the status
+of the particular user or of the way in which the particular user
+actually uses, or expects or is expected to use, the product.  A product
+is a consumer product regardless of whether the product has substantial
+commercial, industrial or non-consumer uses, unless such uses represent
+the only significant mode of use of the product.
+
+  "Installation Information" for a User Product means any methods,
+procedures, authorization keys, or other information required to install
+and execute modified versions of a covered work in that User Product from
+a modified version of its Corresponding Source.  The information must
+suffice to ensure that the continued functioning of the modified object
+code is in no case prevented or interfered with solely because
+modification has been made.
+
+  If you convey an object code work under this section in, or with, or
+specifically for use in, a User Product, and the conveying occurs as
+part of a transaction in which the right of possession and use of the
+User Product is transferred to the recipient in perpetuity or for a
+fixed term (regardless of how the transaction is characterized), the
+Corresponding Source conveyed under this section must be accompanied
+by the Installation Information.  But this requirement does not apply
+if neither you nor any third party retains the ability to install
+modified object code on the User Product (for example, the work has
+been installed in ROM).
+
+  The requirement to provide Installation Information does not include a
+requirement to continue to provide support service, warranty, or updates
+for a work that has been modified or installed by the recipient, or for
+the User Product in which it has been modified or installed.  Access to a
+network may be denied when the modification itself materially and
+adversely affects the operation of the network or violates the rules and
+protocols for communication across the network.
+
+  Corresponding Source conveyed, and Installation Information provided,
+in accord with this section must be in a format that is publicly
+documented (and with an implementation available to the public in
+source code form), and must require no special password or key for
+unpacking, reading or copying.
+
+  7. Additional Terms.
+
+  "Additional permissions" are terms that supplement the terms of this
+License by making exceptions from one or more of its conditions.
+Additional permissions that are applicable to the entire Program shall
+be treated as though they were included in this License, to the extent
+that they are valid under applicable law.  If additional permissions
+apply only to part of the Program, that part may be used separately
+under those permissions, but the entire Program remains governed by
+this License without regard to the additional permissions.
+
+  When you convey a copy of a covered work, you may at your option
+remove any additional permissions from that copy, or from any part of
+it.  (Additional permissions may be written to require their own
+removal in certain cases when you modify the work.)  You may place
+additional permissions on material, added by you to a covered work,
+for which you have or can give appropriate copyright permission.
+
+  Notwithstanding any other provision of this License, for material you
+add to a covered work, you may (if authorized by the copyright holders of
+that material) supplement the terms of this License with terms:
+
+    a) Disclaiming warranty or limiting liability differently from the
+    terms of sections 15 and 16 of this License; or
+
+    b) Requiring preservation of specified reasonable legal notices or
+    author attributions in that material or in the Appropriate Legal
+    Notices displayed by works containing it; or
+
+    c) Prohibiting misrepresentation of the origin of that material, or
+    requiring that modified versions of such material be marked in
+    reasonable ways as different from the original version; or
+
+    d) Limiting the use for publicity purposes of names of licensors or
+    authors of the material; or
+
+    e) Declining to grant rights under trademark law for use of some
+    trade names, trademarks, or service marks; or
+
+    f) Requiring indemnification of licensors and authors of that
+    material by anyone who conveys the material (or modified versions of
+    it) with contractual assumptions of liability to the recipient, for
+    any liability that these contractual assumptions directly impose on
+    those licensors and authors.
+
+  All other non-permissive additional terms are considered "further
+restrictions" within the meaning of section 10.  If the Program as you
+received it, or any part of it, contains a notice stating that it is
+governed by this License along with a term that is a further
+restriction, you may remove that term.  If a license document contains
+a further restriction but permits relicensing or conveying under this
+License, you may add to a covered work material governed by the terms
+of that license document, provided that the further restriction does
+not survive such relicensing or conveying.
+
+  If you add terms to a covered work in accord with this section, you
+must place, in the relevant source files, a statement of the
+additional terms that apply to those files, or a notice indicating
+where to find the applicable terms.
+
+  Additional terms, permissive or non-permissive, may be stated in the
+form of a separately written license, or stated as exceptions;
+the above requirements apply either way.
+
+  8. Termination.
+
+  You may not propagate or modify a covered work except as expressly
+provided under this License.  Any attempt otherwise to propagate or
+modify it is void, and will automatically terminate your rights under
+this License (including any patent licenses granted under the third
+paragraph of section 11).
+
+  However, if you cease all violation of this License, then your
+license from a particular copyright holder is reinstated (a)
+provisionally, unless and until the copyright holder explicitly and
+finally terminates your license, and (b) permanently, if the copyright
+holder fails to notify you of the violation by some reasonable means
+prior to 60 days after the cessation.
+
+  Moreover, your license from a particular copyright holder is
+reinstated permanently if the copyright holder notifies you of the
+violation by some reasonable means, this is the first time you have
+received notice of violation of this License (for any work) from that
+copyright holder, and you cure the violation prior to 30 days after
+your receipt of the notice.
+
+  Termination of your rights under this section does not terminate the
+licenses of parties who have received copies or rights from you under
+this License.  If your rights have been terminated and not permanently
+reinstated, you do not qualify to receive new licenses for the same
+material under section 10.
+
+  9. Acceptance Not Required for Having Copies.
+
+  You are not required to accept this License in order to receive or
+run a copy of the Program.  Ancillary propagation of a covered work
+occurring solely as a consequence of using peer-to-peer transmission
+to receive a copy likewise does not require acceptance.  However,
+nothing other than this License grants you permission to propagate or
+modify any covered work.  These actions infringe copyright if you do
+not accept this License.  Therefore, by modifying or propagating a
+covered work, you indicate your acceptance of this License to do so.
+
+  10. Automatic Licensing of Downstream Recipients.
+
+  Each time you convey a covered work, the recipient automatically
+receives a license from the original licensors, to run, modify and
+propagate that work, subject to this License.  You are not responsible
+for enforcing compliance by third parties with this License.
+
+  An "entity transaction" is a transaction transferring control of an
+organization, or substantially all assets of one, or subdividing an
+organization, or merging organizations.  If propagation of a covered
+work results from an entity transaction, each party to that
+transaction who receives a copy of the work also receives whatever
+licenses to the work the party's predecessor in interest had or could
+give under the previous paragraph, plus a right to possession of the
+Corresponding Source of the work from the predecessor in interest, if
+the predecessor has it or can get it with reasonable efforts.
+
+  You may not impose any further restrictions on the exercise of the
+rights granted or affirmed under this License.  For example, you may
+not impose a license fee, royalty, or other charge for exercise of
+rights granted under this License, and you may not initiate litigation
+(including a cross-claim or counterclaim in a lawsuit) alleging that
+any patent claim is infringed by making, using, selling, offering for
+sale, or importing the Program or any portion of it.
+
+  11. Patents.
+
+  A "contributor" is a copyright holder who authorizes use under this
+License of the Program or a work on which the Program is based.  The
+work thus licensed is called the contributor's "contributor version".
+
+  A contributor's "essential patent claims" are all patent claims
+owned or controlled by the contributor, whether already acquired or
+hereafter acquired, that would be infringed by some manner, permitted
+by this License, of making, using, or selling its contributor version,
+but do not include claims that would be infringed only as a
+consequence of further modification of the contributor version.  For
+purposes of this definition, "control" includes the right to grant
+patent sublicenses in a manner consistent with the requirements of
+this License.
+
+  Each contributor grants you a non-exclusive, worldwide, royalty-free
+patent license under the contributor's essential patent claims, to
+make, use, sell, offer for sale, import and otherwise run, modify and
+propagate the contents of its contributor version.
+
+  In the following three paragraphs, a "patent license" is any express
+agreement or commitment, however denominated, not to enforce a patent
+(such as an express permission to practice a patent or covenant not to
+sue for patent infringement).  To "grant" such a patent license to a
+party means to make such an agreement or commitment not to enforce a
+patent against the party.
+
+  If you convey a covered work, knowingly relying on a patent license,
+and the Corresponding Source of the work is not available for anyone
+to copy, free of charge and under the terms of this License, through a
+publicly available network server or other readily accessible means,
+then you must either (1) cause the Corresponding Source to be so
+available, or (2) arrange to deprive yourself of the benefit of the
+patent license for this particular work, or (3) arrange, in a manner
+consistent with the requirements of this License, to extend the patent
+license to downstream recipients.  "Knowingly relying" means you have
+actual knowledge that, but for the patent license, your conveying the
+covered work in a country, or your recipient's use of the covered work
+in a country, would infringe one or more identifiable patents in that
+country that you have reason to believe are valid.
+
+  If, pursuant to or in connection with a single transaction or
+arrangement, you convey, or propagate by procuring conveyance of, a
+covered work, and grant a patent license to some of the parties
+receiving the covered work authorizing them to use, propagate, modify
+or convey a specific copy of the covered work, then the patent license
+you grant is automatically extended to all recipients of the covered
+work and works based on it.
+
+  A patent license is "discriminatory" if it does not include within
+the scope of its coverage, prohibits the exercise of, or is
+conditioned on the non-exercise of one or more of the rights that are
+specifically granted under this License.  You may not convey a covered
+work if you are a party to an arrangement with a third party that is
+in the business of distributing software, under which you make payment
+to the third party based on the extent of your activity of conveying
+the work, and under which the third party grants, to any of the
+parties who would receive the covered work from you, a discriminatory
+patent license (a) in connection with copies of the covered work
+conveyed by you (or copies made from those copies), or (b) primarily
+for and in connection with specific products or compilations that
+contain the covered work, unless you entered into that arrangement,
+or that patent license was granted, prior to 28 March 2007.
+
+  Nothing in this License shall be construed as excluding or limiting
+any implied license or other defenses to infringement that may
+otherwise be available to you under applicable patent law.
+
+  12. No Surrender of Others' Freedom.
+
+  If conditions are imposed on you (whether by court order, agreement or
+otherwise) that contradict the conditions of this License, they do not
+excuse you from the conditions of this License.  If you cannot convey a
+covered work so as to satisfy simultaneously your obligations under this
+License and any other pertinent obligations, then as a consequence you may
+not convey it at all.  For example, if you agree to terms that obligate you
+to collect a royalty for further conveying from those to whom you convey
+the Program, the only way you could satisfy both those terms and this
+License would be to refrain entirely from conveying the Program.
+
+  13. Remote Network Interaction; Use with the GNU General Public License.
+
+  Notwithstanding any other provision of this License, if you modify the
+Program, your modified version must prominently offer all users
+interacting with it remotely through a computer network (if your version
+supports such interaction) an opportunity to receive the Corresponding
+Source of your version by providing access to the Corresponding Source
+from a network server at no charge, through some standard or customary
+means of facilitating copying of software.  This Corresponding Source
+shall include the Corresponding Source for any work covered by version 3
+of the GNU General Public License that is incorporated pursuant to the
+following paragraph.
+
+  Notwithstanding any other provision of this License, you have
+permission to link or combine any covered work with a work licensed
+under version 3 of the GNU General Public License into a single
+combined work, and to convey the resulting work.  The terms of this
+License will continue to apply to the part which is the covered work,
+but the work with which it is combined will remain governed by version
+3 of the GNU General Public License.
+
+  14. Revised Versions of this License.
+
+  The Free Software Foundation may publish revised and/or new versions of
+the GNU Affero General Public License from time to time.  Such new versions
+will be similar in spirit to the present version, but may differ in detail to
+address new problems or concerns.
+
+  Each version is given a distinguishing version number.  If the
+Program specifies that a certain numbered version of the GNU Affero General
+Public License "or any later version" applies to it, you have the
+option of following the terms and conditions either of that numbered
+version or of any later version published by the Free Software
+Foundation.  If the Program does not specify a version number of the
+GNU Affero General Public License, you may choose any version ever published
+by the Free Software Foundation.
+
+  If the Program specifies that a proxy can decide which future
+versions of the GNU Affero General Public License can be used, that proxy's
+public statement of acceptance of a version permanently authorizes you
+to choose that version for the Program.
+
+  Later license versions may give you additional or different
+permissions.  However, no additional obligations are imposed on any
+author or copyright holder as a result of your choosing to follow a
+later version.
+
+  15. Disclaimer of Warranty.
+
+  THERE IS NO WARRANTY FOR THE PROGRAM, TO THE EXTENT PERMITTED BY
+APPLICABLE LAW.  EXCEPT WHEN OTHERWISE STATED IN WRITING THE COPYRIGHT
+HOLDERS AND/OR OTHER PARTIES PROVIDE THE PROGRAM "AS IS" WITHOUT WARRANTY
+OF ANY KIND, EITHER EXPRESSED OR IMPLIED, INCLUDING, BUT NOT LIMITED TO,
+THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
+PURPOSE.  THE ENTIRE RISK AS TO THE QUALITY AND PERFORMANCE OF THE PROGRAM
+IS WITH YOU.  SHOULD THE PROGRAM PROVE DEFECTIVE, YOU ASSUME THE COST OF
+ALL NECESSARY SERVICING, REPAIR OR CORRECTION.
+
+  16. Limitation of Liability.
+
+  IN NO EVENT UNLESS REQUIRED BY APPLICABLE LAW OR AGREED TO IN WRITING
+WILL ANY COPYRIGHT HOLDER, OR ANY OTHER PARTY WHO MODIFIES AND/OR CONVEYS
+THE PROGRAM AS PERMITTED ABOVE, BE LIABLE TO YOU FOR DAMAGES, INCLUDING ANY
+GENERAL, SPECIAL, INCIDENTAL OR CONSEQUENTIAL DAMAGES ARISING OUT OF THE
+USE OR INABILITY TO USE THE PROGRAM (INCLUDING BUT NOT LIMITED TO LOSS OF
+DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD
+PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS),
+EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF
+SUCH DAMAGES.
+
+  17. Interpretation of Sections 15 and 16.
+
+  If the disclaimer of warranty and limitation of liability provided
+above cannot be given local legal effect according to their terms,
+reviewing courts shall apply local law that most closely approximates
+an absolute waiver of all civil liability in connection with the
+Program, unless a warranty or assumption of liability accompanies a
+copy of the Program in return for a fee.
+
+                     END OF TERMS AND CONDITIONS
+
+            How to Apply These Terms to Your New Programs
+
+  If you develop a new program, and you want it to be of the greatest
+possible use to the public, the best way to achieve this is to make it
+free software which everyone can redistribute and change under these terms.
+
+  To do so, attach the following notices to the program.  It is safest
+to attach them to the start of each source file to most effectively
+state the exclusion of warranty; and each file should have at least
+the "copyright" line and a pointer to where the full notice is found.
+
+    <one line to give the program's name and a brief idea of what it does.>
+    Copyright (C) <year>  <name of author>
+
+    This program is free software: you can redistribute it and/or modify
+    it under the terms of the GNU Affero General Public License as published by
+    the Free Software Foundation, either version 3 of the License, or
+    (at your option) any later version.
+
+    This program is distributed in the hope that it will be useful,
+    but WITHOUT ANY WARRANTY; without even the implied warranty of
+    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+    GNU Affero General Public License for more details.
+
+    You should have received a copy of the GNU Affero General Public License
+    along with this program.  If not, see <https://www.gnu.org/licenses/>.
+
+Also add information on how to contact you by electronic and paper mail.
+
+  If your software can interact with users remotely through a computer
+network, you should also make sure that it provides a way for users to
+get its source.  For example, if your program is a web application, its
+interface could display a "Source" link that leads users to an archive
+of the code.  There are many ways you could offer source, and different
+solutions will be better for different programs; see section 13 for the
+specific requirements.
+
+  You should also get your employer (if you work as a programmer) or school,
+if any, to sign a "copyright disclaimer" for the program, if necessary.
+For more information on this, and how to apply and follow the GNU AGPL, see
+<https://www.gnu.org/licenses/>.

docs/astro.config.mjs

@@ -0,0 +1,173 @@
+// @ts-check
+import {defineConfig} from 'astro/config'
+import starlight from '@astrojs/starlight'
+import starlightLinksValidator from 'starlight-links-validator'
+import mermaid from "astro-mermaid"
+import starlightCoolerCredit from "starlight-cooler-credit"
+import starlightKbd from 'starlight-kbd'
+import starlightOpenAPI, {createOpenAPISidebarGroup} from 'starlight-openapi'
+
+
+const domainWatchdogSidebarGroup = createOpenAPISidebarGroup()
+const BASE_URL = 'https://domainwatchdog.eu'
+
+// https://astro.build/config
+export default defineConfig({
+    site: BASE_URL,
+    integrations: [
+        starlight({
+            title: 'Domain Watchdog',
+            defaultLocale: 'en',
+            logo: {
+                src: './src/assets/logo.png',
+                alt: 'Domain Watchdog logo'
+            },
+            favicon: 'logo.png',
+            description: 'An app that uses RDAP to collect publicly available info about domains, track their history, and purchase then when they expire',
+            editLink: {
+                baseUrl: 'https://github.com/maelgangloff/domain-watchdog/edit/develop/docs/'
+            },
+            tagline: 'Your companion in the quest for domain names 🔍',
+            lastUpdated: true,
+            social: [
+                {icon: 'github', label: 'GitHub', href: 'https://github.com/maelgangloff/domain-watchdog'},
+                {icon: 'seti:docker', label: 'Docker', href: 'https://hub.docker.com/r/maelgangloff/domain-watchdog'}
+            ],
+            sidebar: [
+                {slug: 'features'},
+                {
+                    label: 'Installation & Configuration',
+                    translations: {fr: 'Installation & Configuration'},
+                    items: [
+                        {label: 'Installation', autogenerate: {directory: 'install-config/install'}, translations: {fr: 'Installation'}},
+                        {slug: 'install-config/configuration'},
+                        {slug: 'install-config/upgrade'},
+                    ]
+                },
+                {
+                    label: 'Features',
+                    translations: {fr: 'Fonctionnalités'},
+                    items: [
+                        {slug: 'features/search/domain-search'},
+                        {label: 'Domain back-order', autogenerate: {directory: 'features/backorder'}, translations: {fr: 'Achat automatisé'}},
+                        {label: 'Domain tracking', autogenerate: {directory: 'features/tracking'}, translations: {fr: 'Suivi des domaines'}},
+                        {label: 'Infrastructure', autogenerate: {directory: 'features/infrastructure'}, translations: {fr: 'Infrastructure'}},
+                    ]
+                },
+                {
+                    label: 'Developing',
+                    translations: {fr: 'Développement'},
+                    items: [
+                        {slug: 'developing/technical-stack'},
+                        {slug: 'developing/implementing-new-provider'},
+                        {slug: 'developing/software-testing'},
+                        {slug: 'developing/translation'},
+                        {label: 'Contributing', autogenerate: {directory: 'developing/contributing'}, translations: {fr: 'Contribuer'}}
+                    ],
+                },
+                {label: 'Definitions', autogenerate: {directory: 'definitions'}, collapsed: false, translations: {fr: 'Définitions'}},
+                {label: 'Interoperability', items: [domainWatchdogSidebarGroup], badge: {text: 'DEV', class: 'caution'}, collapsed: true},
+                {label: 'Legal', autogenerate: {directory: 'legal'}, collapsed: false, translations: {fr: 'Légal'}},
+                {slug: 'acknowledgments', translations: {fr: 'Remerciements'}},
+            ],
+            locales: {
+                en: {
+                    label: 'English',
+                    lang: 'en'
+                },
+                fr: {
+                    label: 'Français',
+                    lang: 'fr'
+                }
+            },
+            head: [
+                {
+                    tag: 'meta',
+                    attrs: {
+                        name: 'keywords',
+                        content: 'Domain Watchdog, RDAP, WHOIS, domain monitoring, domain history, domain expiration, domain tracker'
+                    },
+                },
+                {
+                    tag: 'meta',
+                    attrs: {name: 'author', content: 'Maël Gangloff'},
+                },
+                {
+                  tag: 'meta',
+                  attrs: {name: 'theme-color', content: '#475569'}
+                },
+                {
+                    tag: 'meta',
+                    attrs: {name: 'twitter:title', content: 'Domain Watchdog | Monitoring, Expiration & Backorder'},
+                },
+                {
+                    tag: 'meta',
+                    attrs: {name: 'twitter:card', content: 'summary'},
+                },
+                {
+                    tag: 'meta',
+                    attrs: {name: 'twitter:url', content: BASE_URL},
+                },
+                {
+                    tag: 'meta',
+                    attrs: {property: 'og:image', content: BASE_URL + '/logo.png'},
+                },
+                {
+                    tag: 'meta',
+                    attrs: {property: 'og:image:alt', content: 'Domain Watchdog logo'},
+                },
+                {
+                    tag: 'script',
+                    attrs: {type: 'text/javascript'},
+                    content: `var _paq = window._paq = window._paq || [];
+_paq.push(['trackPageView']);
+_paq.push(['enableLinkTracking']);
+_paq.push(['trackAllContentImpressions']);
+_paq.push(['trackVisibleContentImpressions']);
+_paq.push(['enableHeartBeatTimer']);
+
+(function () {
+    var u = "//sonar.domainwatchdog.eu/";
+    _paq.push(['setTrackerUrl', u + 'sonar']);
+    _paq.push(['setSiteId', '4']);
+    var d = document, g = d.createElement('script'), s = d.getElementsByTagName('script')[0];
+    g.async = true;
+    g.src = u + 'sonar.js';
+    s.parentNode.insertBefore(g, s);
+})();`
+                }
+            ],
+            plugins: [
+                starlightLinksValidator({
+                    errorOnLocalLinks: false
+                }),
+                starlightCoolerCredit({
+                    credit: {
+                        title: '',
+                        href: 'https://maelgangloff.fr',
+                        description: 'Maintained with ♡ by Maël Gangloff & contributors'
+                    },
+                    showImage: false
+                }),
+                starlightKbd({
+                    types: [
+                        {id: 'generic', label: 'Generic', default: true},
+                        {id: 'mac', label: 'macOS'}
+                    ],
+                }),
+                starlightOpenAPI([
+                    {
+                        base: 'en/interoperability/api',
+                        schema: 'swagger_docs.json',
+                        sidebar: {operations: {badges: true}, group: domainWatchdogSidebarGroup}
+                    },
+                ]),
+            ],
+            customCss: [
+                './src/styles/index.css',
+                '@fontsource/noto-color-emoji/emoji.css'
+            ]
+        }),
+        mermaid()
+    ]
+})

docs/package.json

@@ -0,0 +1,31 @@
+{
+  "name": "domainwatchdog.eu",
+  "private": true,
+  "author": {
+    "name": "Maël Gangloff",
+    "email": "contact@maelgangloff.fr"
+  },
+  "type": "module",
+  "license": "AGPL-3.0-or-later",
+  "version": "0.0.1",
+  "scripts": {
+    "dev": "astro dev",
+    "start": "astro dev",
+    "build": "astro build",
+    "preview": "astro preview",
+    "astro": "astro"
+  },
+  "dependencies": {
+    "@astrojs/starlight": "^0.36.2",
+    "@fontsource/noto-color-emoji": "^5.2.10",
+    "astro": "^5.6.1",
+    "astro-mermaid": "^1.1.0",
+    "mermaid": "^11.12.1",
+    "sharp": "^0.34.2",
+    "starlight-contributor-list": "^0.3.1",
+    "starlight-cooler-credit": "^0.4.1",
+    "starlight-kbd": "^0.2.1",
+    "starlight-links-validator": "^0.19.1",
+    "starlight-openapi": "^0.21.1"
+  }
+}

docs/src/assets/logo.png

@@ -0,0 +1 @@
+../../public/logo.png

docs/src/components/testimonial.astro

@@ -0,0 +1,90 @@
+---
+import {Image} from 'astro:assets'
+
+interface Props {
+    username: string
+    name: string
+    cite: string
+}
+
+const {name, username, cite} = Astro.props
+---
+
+<li class="testimonial">
+    <blockquote class="quote" cite={cite}>
+        <slot/>
+    </blockquote>
+    <div class="footer">
+        <Image class="avatar" height="96" width="96" src={'https://avatars.githubusercontent.com/' + username} alt=""/>
+        <div>
+            <p class="name">{name}</p>
+            <a href={cite} class="username">@{username}</a>
+        </div>
+    </div>
+</li>
+
+<style>
+    .testimonial {
+        display: flex;
+        flex-direction: column;
+        gap: 1.5em;
+    }
+
+    @media (min-width: 50rem) {
+        .testimonial {
+            gap: 2em;
+        }
+    }
+
+    .quote {
+        position: relative;
+        padding-inline-start: 1.5em;
+    }
+
+    .quote::before {
+        position: absolute;
+        content: '';
+        inset-block: 0.5em;
+        inset-inline-start: 0;
+        border-inline-start: 1px solid var(--sl-color-text-accent);
+    }
+
+    .quote > :global(* + *) {
+        margin-top: 0.75em;
+    }
+
+    .footer {
+        display: flex;
+        gap: 1rem;
+        align-items: center;
+    }
+
+    .avatar {
+        --outline-color: rgba(255, 255, 255, 0.33);
+        outline: 1px solid var(--outline-color);
+        outline-offset: -1px;
+        border-radius: 99rem;
+        width: 4em;
+        height: 4em;
+    }
+
+    :global([data-theme='light']) .avatar {
+        --outline-color: rgba(23, 25, 30, 0.33);
+    }
+
+    .name {
+        font-weight: 600;
+        font-size: var(--sl-text-h4);
+        color: var(--sl-color-white);
+        line-height: var(--sl-line-height-headings);
+    }
+
+    .username {
+        text-underline-offset: 4px;
+        color: var(--sl-color-text-accent);
+    }
+
+    .username:hover {
+        color: var(--sl-color-white);
+    }
+</style>

docs/src/content.config.ts

@@ -0,0 +1,7 @@
+import {defineCollection} from 'astro:content';
+import {docsLoader} from '@astrojs/starlight/loaders';
+import {docsSchema} from '@astrojs/starlight/schema';
+
+export const collections = {
+    docs: defineCollection({loader: docsLoader(), schema: docsSchema()}),
+};

docs/src/content/docs/en/acknowledgments.mdx

@@ -0,0 +1,88 @@
+---
+title: 🙌 Acknowledgments
+description: Many thanks to the contributors, developers, and translators whose work makes this project possible.
+---
+
+import { ContributorList } from "starlight-contributor-list"
+import { LinkCard} from "@astrojs/starlight/components";
+import Testimonial from '~/components/testimonial.astro'
+
+## Contributors
+
+Thank you to all the individuals who help improve this project.
+Your reports, discussions, code contributions, documentation efforts, and translations collectively enhance its quality, reliability, and accessibility.
+
+<ContributorList githubRepo="maelgangloff/domain-watchdog" ignore={['weblate']} />
+
+## Maintainer
+
+<Testimonial
+    name="Maël Gangloff"
+    username="maelgangloff"
+    cite="https://maelgangloff.fr"
+/>
+
+
+## Dependencies
+
+This project is built upon a variety of open-source tools and libraries.
+These dependencies enable essential features such as domain lookups, data storage, notifications, API handling, and more.
+
+To learn more about the technologies used and the architectural decisions behind the project, visit:
+
+<LinkCard
+    title="Technical Stack"
+    description="Overview of the frameworks, languages, and architectural components used by Domain Watchdog."
+    href="/en/developing/technical-stack/"
+/>
+
+## External Data Sources
+
+Domain Watchdog integrates several publicly available datasets and standardized resources.
+These external inputs ensure accurate domain information, consistent behavior across TLDs, and reliable monitoring.
+
+### IANA
+
+The project relies on IANA’s published datasets, including:
+
+- the [complete list of Top-Level Domains (TLDs)](https://data.iana.org/TLD/tlds-alpha-by-domain.txt),
+- the [official list of accredited domain registrars](https://www.iana.org/assignments/registrar-ids/registrar-ids.xhtml),
+- registrar IANA identification numbers and their declared RDAP endpoints.
+
+These resources provide the foundation for consistent and up-to-date domain lookups.
+
+### ICANN
+
+ICANN’s [RDAP bootstrap file](https://data.iana.org/rdap/dns.json) offers a standardized mapping of each TLD to its corresponding RDAP server.
+This ensures reliable RDAP queries across registries and predictable resolution for all supported domain extensions.
+
+<LinkCard
+    title="ICANN"
+    href="/en/definitions/icann/"
+    description="Learn more about ICANN (Internet Corporation for Assigned Names and Numbers)."/>
+
+
+### RDAP Servers of the Registries
+
+The project also depends on the RDAP services provided by individual registries.
+These services supply authoritative domain registration data.
+
+For more information, see:
+
+<LinkCard
+    title="RDAP Protocol"
+    href="/en/definitions/rdap/"
+    description="Learn about the successor to WHOIS designed to handle structured data and privacy access."/>
+
+## Want to redistribute this project?
+
+What a great idea, we can't wait to see it! 😍
+
+This project is open source, and its source code is freely accessible.
+You may reuse, modify, and redistribute the project under the terms of the license.
+
+
+<LinkCard
+    title="Project License"
+    href="/en/legal/license/"
+    description="Licensing information detailing usage rights, redistribution terms, and legal conditions for contributing and using the project."/>

docs/src/content/docs/en/definitions/dns.mdx

@@ -0,0 +1,74 @@
+---
+title: DNS Protocol
+description: What is DNS? Understand the Domain Name System, how it translates domain names into IP addresses, and its role in modern internet navigation.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+**DNS (Domain Name System)** is the decentralized naming system for computers, services, or any resources connected to the internet or a private network.
+It acts as the "phonebook of the internet", translating human-readable domain names into machine-readable infos.
+
+## The Hierarchical Architecture
+
+The DNS architecture is a distributed, hierarchical database resembling an inverted tree. This structure, known as the **Domain Name Space**, is processed from right to left:
+
+* **Root Level**: The top of the hierarchy, represented by a silent single dot (`.`) at the end of a fully qualified domain name.
+* **Top-Level Domains (TLDs)**: The highest visible level (e.g., `.com`, `.org`, `.fr`).
+* **Second-Level Domains (SLDs)**: The specific name registered by an entity (e.g., `example` in `example.com`).
+* **Subdomains**: Further subdivisions for specific services or organizational structures (e.g., `www`, `blog`, or `api`).
+
+## Authoritative Servers
+
+Authoritative DNS servers hold the definitive resource records for a specific domain zone. Unlike recursive resolvers that cache answers, authoritative servers provide the original data.
+
+When a client requests a domain, the resolution chain queries:
+
+1.  **Root Servers**: Directs to the TLD servers.
+2.  **TLD Servers**: Directs to the domain's authoritative nameservers.
+3.  **Authoritative Server**: Returns the final IP address (or other record).
+
+<LinkCard
+    title="Top Level Domain"
+    description="An overview of Top-Level Domains (TLDs), their classification (gTLD, ccTLD, etc.), and the structure of the DNS root zone."
+    href="/en/definitions/top-level-domain/"/>
+
+## GLUE Records
+
+A GLUE record is an A (or AAAA) record **provided by the parent zone** to prevent circular dependencies. Normally, the parent zone only delegates, but here it must provide data.
+They are strictly necessary when a domain's nameserver is a subdomain of the domain itself (e.g., `example.com` uses `ns1.example.com` as its nameserver). Without the GLUE record in the `.com` zone pointing to `ns1`'s IP, the resolver would be stuck in a loop trying to resolve the nameserver's name.
+
+### Example: `ns.icann.org`
+
+In this example, `icann.org` uses `ns.icann.org` as one of its nameservers.
+
+To resolve `icann.org`, you must query `ns.icann.org`, but you cannot find `ns.icann.org` without first resolving `icann.org`.
+
+When querying the `.org` TLD server (`A0.ORG.AFILIAS-NST.INFO`), the server returns the Nameserver (NS) records in the **Authority Section**, but crucially, it also provides the IP addresses in the **Additional Section**. These are the GLUE records.
+
+```text title="DNS query of ns.icann.org using the dig command" {17-18}
+; <<>> DiG 9.20.15 <<>> ns.icann.org @A0.ORG.AFILIAS-NST.INFO
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52458
+;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 3
+
+;; QUESTION SECTION:
+;ns.icann.org.            IN    A
+
+;; AUTHORITY SECTION:
+icann.org.        3600    IN    NS    ns.icann.org.
+icann.org.        3600    IN    NS    a.icann-servers.net.
+icann.org.        3600    IN    NS    c.icann-servers.net.
+icann.org.        3600    IN    NS    b.icann-servers.net.
+
+;; ADDITIONAL SECTION:
+ns.icann.org.        3600    IN    A     199.4.138.53
+ns.icann.org.        3600    IN    AAAA  2001:500:89::53
+
+;; Query time: 241 msec
+;; SERVER: 199.19.56.1#53(A0.ORG.AFILIAS-NST.INFO) (UDP)
+```
+
+## See also
+
+- [Domain Name System](https://en.wikipedia.org/wiki/Domain_Name_System) on Wikipedia

docs/src/content/docs/en/definitions/dnssec.mdx

@@ -0,0 +1,52 @@
+---
+title: DNSSEC
+description: Secure your domain resolution. Learn about DNSSEC (Domain Name System Security Extensions) and how it protects users from forged DNS data.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+**DNSSEC (Domain Name System Security Extensions)** adds a layer of cryptographic security to the DNS protocol. It defends against specific attacks, such as **DNS cache poisoning** and **man-in-the-middle attacks**, by ensuring that the DNS data received is identical to what the zone owner published.
+
+## What DNSSEC does
+
+DNSSEC employs public-key cryptography to establish a **Chain of Trust**.
+
+* **Origin Authentication**: Verifies that the data comes from the correct authoritative server.
+* **Data Integrity**: Ensures the data has not been modified in transit.
+* **Authenticated Denial of Existence**: Proves securely that a domain or record does *not* exist (using NSEC/NSEC3).
+
+New resource records enable this validation:
+
+* `RRSIG`: The digital signature associated with a record set.
+* `DNSKEY`: The public key used to verify the RRSIG.
+* `DS` (Delegation Signer): A hash of the child zone's key, stored in the parent zone to link the trust chain.
+
+## What DNSSEC does not do
+
+  * **No Encryption**: DNS queries and responses remain in plain text (unlike DoH or DoT).
+  * **No Identity Validation**: It does not validate the legitimacy of the domain owner (e.g., it doesn't prevent phishing domains, it just proves the phishing domain's IP is correct).
+
+## Configure DNSSEC on your Domain Name
+
+Implementing DNSSEC involves two main stages:
+
+1.  **Signing the Zone**: The authoritative nameserver generates keys (`ZSK` and `KSK`) and signs the zone data, creating `RRSIG` and `DNSKEY` records.
+2.  **Establishing Trust**: The domain owner must send the `DS` record (hash of the KSK) to the Registrar. The Registrar forwards this to the Registry for publication in the parent TLD zone.
+
+<LinkCard
+    title="Domain name"
+    description="An explanation of what a domain name is and its structure."
+    href="/en/definitions/domain-name/"/>
+
+## The Adoption of DNSSEC
+
+Adoption is a top-down process starting from the Root Zone. While the Root and most TLDs are signed, adoption at the end-user level (Second-Level Domains) relies on registrar support and registrant awareness.
+
+<LinkCard
+    title="Top Level Domain"
+    description="An overview of Top-Level Domains (TLDs) and their classification (gTLD, ccTLD, etc.)."
+    href="/en/definitions/top-level-domain/"/>
+
+## See also
+
+- [DNSSEC World Map](https://stats.labs.apnic.net/dnssec) of the APNIC Labs

docs/src/content/docs/en/definitions/domain-lifecycle.mdx

@@ -0,0 +1,44 @@
+---
+title: Domain Lifecycle
+description: Explore the domain lifecycle, from registration and renewal to expiration and redemption. Know the critical phases for managing your domain name.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+The **Domain Lifecycle** defines the statuses a domain name traverses from its creation to its deletion.
+Understanding these phases is critical to prevent unintentional loss of a domain.
+
+## The Generic Life Cycle
+
+![Generic Domain Name Life Cycle](https://archive.icann.org/en/registrars/gtld-lifecycle.jpg)
+
+For most Generic Top-Level Domains (gTLDs) regulated by ICANN, the cycle follows this path:
+
+1.  **Available**: The domain is open for registration.
+2.  **Registered (Active)**: The domain is owned and functional. It can be updated, transferred, or renewed (typically 1–10 years).
+3.  **Auto-Renew Grace Period**: (0–45 days) The domain expires. The owner can usually renew it at the standard rate. The domain may stop resolving (ServerHold).
+4.  **Redemption Grace Period**: (30 days) The domain is deleted from the registrar but held by the registry. Recovery is possible but requires a higher **restoration fee**.
+5.  **Pending Delete**: (5 days) The domain is scheduled for permanent deletion. It cannot be recovered or renewed.
+6.  **Released**: The domain becomes **Available** again for public registration.
+
+<LinkCard
+    title="Domain name"
+    description="An explanation of what a domain name is and its structure."
+    href="/en/definitions/domain-name/"/>
+
+## Special Cases of some ccTLDs
+
+Country Code Top-Level Domains (ccTLDs) operate under local regulations, leading to diverse lifecycles:
+
+* **No Grace Periods**: Some ccTLDs enter "Pending Delete" immediately upon expiration.
+* **Pre-Expiration Renewal**: Some registries require renewal fees to be paid weeks before the actual expiration date.
+* **Manual Processes**: Restoration in some ccTLDs may require manual intervention and paperwork.
+
+<LinkCard
+    title="Top Level Domain"
+    description="An overview of Top-Level Domains (TLDs) and their classification (gTLD, ccTLD, etc.)."
+    href="/en/definitions/top-level-domain/"/>
+
+## See also
+
+- [Life Cycle of a Typical gTLD Domain Name](https://www.icann.org/en/contracted-parties/accredited-registrars/resources/gtld-lifecycle) on the ICANN website

docs/src/content/docs/en/definitions/domain-name.mdx

@@ -0,0 +1,53 @@
+---
+title: Domain name
+description: Define your online identity. This page explains what a domain name is, its structure, and related information.
+---
+A **Domain Name** is a human-readable identification string used to locate resources on the Internet. It maps complex numerical IP addresses to memorable names.
+
+## The Structure of a Domain Name
+
+A domain name is read hierarchically from right to left:
+
+1.  **Top-Level Domain (TLD)**: The suffix (e.g., `.com`, `.fr`).
+2.  **Second-Level Domain (SLD)**: The unique name chosen by the registrant (e.g., `example`).
+3.  **Subdomain**: prefixes for specific services (e.g., `www`, `api`).
+
+A **Fully Qualified Domain Name (FQDN)** includes all labels up to the root (e.g., `www.example.com.`).
+
+## The EPP Statuses
+
+The Extensible Provisioning Protocol (EPP) assigns status codes to domains to indicate their state or restrictions. These are visible in WHOIS/RDAP lookups.
+
+### Server Statuses (Set by Registry)
+
+The registry can apply EPP codes to modify the state of a domain name. These are all codes except those beginning with `client`, which are reserved for registrars.
+Generic codes are listed in the ICANN documentation.
+
+Some registries have developed additional codes to describe non-standard cases.
+For example, AFNIC added the code `server trade prohibited` to describe the prohibition of the `trade` operation on a domain name.
+This operation is part of AFNIC's EPP extension and is not a standard operation for a domain name.
+
+### Client Statuses (Set by Registrar)
+
+Registrars can also apply EPP codes to a domain name. These codes always begin with `client` to distinguish them from the codes applied by the registry.
+
+Some codes have the same effect as those applied by the registry.
+
+For example, the `client hold` and `server hold` codes block the resolution of a domain name's DNS zone.
+This means that the top-level domain name's DNS zone no longer contains the `NS` records necessary for delegating the domain name's zone.
+This results in the complete shutdown of services for the domain name.
+This code is often used by the registrar to strongly encourage the registrant to pay renewal fees (when the domain name is not in its redemption period).
+
+## Internationalized Domain Name (IDN)
+
+An IDN is a domain name that contains characters other than the standard ASCII format (a-z, 0-9, and hyphens). This includes characters with diacritics (accents) or characters from non-Latin scripts (Arabic, Chinese, Cyrillic, etc.).
+
+To function in the legacy DNS system, IDNs are converted into an ASCII-compatible format called **Punycode**, which always begins with `xn--`.
+
+|      Display      |         Punycode         |
+|:-----------------:|:------------------------:|
+| `maëlgangloff.fr` | `xn--malgangloff-0bb.fr` |
+
+## See also
+
+  - [EPP Status Codes](https://icann.org/epp) on the ICANN website

docs/src/content/docs/en/definitions/epp.mdx

@@ -0,0 +1,44 @@
+---
+title: EPP Protocol
+description: What is the EPP protocol? Learn how this protocol allows registries and registrars to communicate about domain names.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+The **Extensible Provisioning Protocol (EPP)** is the standard application-layer protocol for allocating objects within registries over the Internet. While primarily used for domain names, it can also manage contacts and host objects.
+
+## The Actors
+
+### Client (Registrar)
+
+The Registrar acts as the EPP Client. They send XML commands to create, update, renew, or delete domain names based on customer requests.
+
+<LinkCard
+    title="Registrar"
+    description="What is a Domain Name Registrar?"
+    href="/en/definitions/registrar/"/>
+
+### Server (Registry)
+
+The Registry acts as the EPP Server. It processes the commands, validates logic (e.g., "is this domain available?"), updates the central database, and returns success or error responses.
+
+<LinkCard
+    title="Registry"
+    description="What is a Domain Name Registry?"
+    href="/en/definitions/registry/"/>
+
+## The Protocol Mechanism
+
+EPP uses **XML** messages transported over **TCP**, secured by **TLS**. It is a stateful protocol, meaning a session is established (Login) before commands are executed.
+
+Common EPP commands include:
+
+* `<check>`: Verify availability.
+* `<create>`: Register a new object.
+* `<info>`: Retrieve object details.
+* `<transfer>`: Initiate a registrar transfer.
+* `<poll>`: Retrieve asynchronous notifications from the Registry.
+
+## See also
+
+  - [RFC 5730 - Extensible Provisioning Protocol (EPP)](https://datatracker.ietf.org/doc/html/rfc5730)

docs/src/content/docs/en/definitions/icann.mdx

@@ -0,0 +1,46 @@
+---
+title: ICANN
+description: Learn about ICANN (Internet Corporation for Assigned Names and Numbers), the non-profit organization coordinating the global internet's unique identifiers.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+**ICANN (Internet Corporation for Assigned Names and Numbers)** is the non-profit organization responsible for coordinating the maintenance and security of the global Internet's unique identifiers.
+
+ICANN acts as the primary governance body for the technical infrastructure of the DNS. Its responsibilities include:
+
+* **IANA Functions**: Managing the allocation of IP address space and the Root Zone of the DNS.
+* **Policy Development**: Facilitating the creation of global policies for the domain name system via a multi-stakeholder model.
+
+## Managing Top-Level Domains
+
+ICANN decides which new Top-Level Domains (TLDs) are added to the Root Zone.
+
+* It oversees the **New gTLD Program**, which expanded the internet from a few dozen extensions (like `.com`) to over 1,000 (like `.app`, `.shop`).
+* It delegates **ccTLDs** (like `.uk`, `.fr`) to specific country managers, although it has less direct control over their local policies.
+
+<LinkCard
+    title="Top Level Domain"
+    description="An overview of Top-Level Domains (TLDs) and their classification (gTLD, ccTLD, etc.)."
+    href="/en/definitions/top-level-domain/"/>
+
+## Accreditation of Registrars
+
+ICANN publishes on its website [the complete list of accredited registrars](https://www.icann.org/en/contracted-parties/accredited-registrars/list-of-accredited-registrars).
+
+### Benefits of ICANN Accreditation
+
+Accredited registrars are authorized to register domain names under the [generic top-level domains (gTLDs)](/en/definitions/top-level-domain/#generic-tld-gtld).
+For these extensions, accreditation is an essential prerequisite for registries to grant EPP access to the registrar.
+
+For certain [country-code top-level domains (ccTLDs)](/en/definitions/top-level-domain/#country-code-tld-cctld), ICANN accreditation is not mandatory.
+This is the case, for example, with AFNIC (Association Française pour le Nommage Internet en Coopération), which has its own accreditation process described on [its website](https://www.afnic.fr/produits-services/services-associes/devenir-bureau-denregistrement-laccreditation-de-lafnic/).
+This approach allows smaller organizations to operate as registrars at the national level.
+
+### The ICANN Accreditation Process
+
+As of today, 11 steps are required to obtain ICANN accreditation. The details of these steps are available on [ICANN’s official website](https://www.icann.org/en/contracted-parties/accredited-registrars/how-to-become-a-registrar).
+
+## See also
+
+  - [Official website](https://www.icann.org/)

docs/src/content/docs/en/definitions/rdap.mdx

@@ -0,0 +1,29 @@
+---
+title: RDAP Protocol
+description: The modern Domain data access protocol. Understand RDAP for reliable and structured access to domain registration and ownership data.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+The **Registration Data Access Protocol (RDAP)** is the modern standard for accessing registration data. It was designed to replace the legacy WHOIS protocol by addressing its lack of standardization and security.
+
+## Key Improvements over WHOIS
+
+* **Structured Data (JSON)**: Unlike WHOIS, which returns unstructured free text, RDAP returns data in JSON format. This allows for easy automated parsing and consistent display by clients.
+* **Standardized Queries**: RDAP uses RESTful web services (HTTP/HTTPS).
+* **Internationalization**: Native support for non-Latin characters (IDNs).
+* **Differentiated Access**: RDAP supports authentication, allowing registries to show limited data to the public (GDPR compliance) while providing full data to accredited authorities.
+
+<LinkCard
+    title="WHOIS Protocol"
+    description="Get an overview of the WHOIS Protocol."
+    href="/en/definitions/whois/"/>
+
+## Deployment Status
+
+ICANN mandates RDAP implementation for all accredited Registrars and gTLD Registries.
+While WHOIS is still widely used by legacy systems, RDAP is the authoritative source for gTLD registration data. Adoption among ccTLDs is voluntary and ongoing.
+
+## See also
+
+  - [RDAP Deployment Dashboard](https://deployment.rdap.org)

docs/src/content/docs/en/definitions/registrar.mdx

@@ -0,0 +1,37 @@
+---
+title: Registrar
+description: What is a Domain Name Registrar? Learn their role in managing the registration and transfer of domain names for the public.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+A **Registrar** is an accredited commercial entity that sells domain name registrations to the public. They act as the intermediary between the Registrant (the domain owner) and the Registry (the database operator).
+
+<LinkCard
+    title="Registry"
+    description="What is a Domain Name Registry?"
+    href="/en/definitions/registry/"/>
+
+## Core Responsibilities
+
+### Administrative Management
+
+* **Registration & Renewal**: Handling the purchase and periodic renewal of domains.
+* **Lifecycle Management**: Managing grace periods, redemption fees, and transfers.
+* **Data Accuracy**: Collecting and maintaining accurate contact information for WHOIS/RDAP directories.
+
+### Technical Services
+
+* **EPP Interface**: Translating user actions into EPP commands sent to the Registry.
+* **DNS Hosting**: Most registrars provide default nameservers, allowing users to manage their DNS records (A, MX, CNAME) via a user-friendly dashboard.
+* **DNSSEC**: Facilitating the rotation and publication of DS records.
+
+<LinkCard
+    title="DNS Protocol"
+    description="What is DNS? Understand the Domain Name System."
+    href="/en/definitions/dns/"/>
+
+## See also
+
+  - [Domain name registrar](https://en.wikipedia.org/wiki/Domain_name_registrar) on Wikipedia
+  - [What happens at the registrar](https://www.afnic.fr/en/observatory-and-resources/expert-papers/what-happens-at-the-registrar/) from AFNIC

docs/src/content/docs/en/definitions/registry.mdx

@@ -0,0 +1,33 @@
+---
+title: Registry
+description: Understand the Domain Name Registry? Learn how these organizations manage the central database for all domain names under a specific TLD.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+A **Registry** (or Registry Operator) is the organization responsible for maintaining the master database of all domain names registered under a specific Top-Level Domain (TLD).
+
+## Technical Roles
+
+The Registry is the authoritative source for its TLD. Its duties include:
+
+* **Zone File Generation**: Publishing the zone file that directs global DNS traffic to the correct nameservers for every domain in the extension.
+* **IDN & DNSSEC Management**: Enforcing policies for special characters and managing the cryptographic signing of the TLD zone.
+* **WHOIS/RDAP Server**: Operating the directory service that provides public information about registered domains.
+
+## Operational Roles
+
+Registries generally do not sell directly to the public. Instead, they:
+
+* Define the **Acceptable Use Policies** for the TLD.
+* Set the wholesale price for domains.
+* Accredit and connect with **Registrars** via EPP.
+
+<LinkCard
+    title="Registrar"
+    description="What is a Domain Name Registrar?"
+    href="/en/definitions/registrar/"/>
+
+## See also
+
+  - [Domain name registry](https://en.wikipedia.org/wiki/Domain_name_registry) on Wikipedia

docs/src/content/docs/en/definitions/top-level-domain.mdx

@@ -0,0 +1,50 @@
+---
+title: Top-Level Domain (TLD)
+description: An overview of Top-Level Domains (TLDs), their classification (gTLD, ccTLD, etc.), and the structure of the DNS root zone.
+---
+
+A **Top-Level Domain (TLD)** is the rightmost segment of a domain name (after the last dot). TLDs are the highest level of the DNS hierarchy below the root.
+
+## TLD Classifications
+
+### Generic TLD (gTLD)
+
+Originally intended for specific use cases, most gTLDs are now open to everyone.
+
+* **Legacy**: `.com` (commercial), `.net` (network), `.org` (organization).
+* **New gTLDs**: Thousands of niche extensions like `.app`, `.blog`, `.guru`.
+* **Restricted**: Domains like `.bank` or `.pharmacy` require verification of eligibility.
+* **Brand**: Closed TLDs for corporations, e.g., `.google` or `.bmw`.
+
+### Country Code TLD (ccTLD)
+
+Reserved for countries and territories (two letters, based on ISO 3166).
+
+* **Examples**: `.uk` (United Kingdom), `.de` (Germany), `.io` (British Indian Ocean Territory).
+* **Rules**: Policies vary strictly by country. Some require local residency (e.g., `.no`, `.ca`), while others are marketed globally (e.g., `.tv`, `.ai`).
+
+### Sponsored TLD (sTLD)
+
+Managed by private organizations representing a specific community.
+
+* `.gov` (US Government)
+* `.edu` (Accredited US institutions)
+* `.aero` (Aviation industry)
+
+### Infrastructure TLD
+
+* `.arpa`: Managed by IANA, used exclusively for technical infrastructure (e.g., reverse DNS lookups).
+
+## Reserved TLDs
+
+Per [RFC 2606](https://tools.ietf.org/html/rfc2606), four TLDs are permanently reserved for testing and documentation to avoid confusion in production environments:
+
+* `.test`
+* `.example`
+* `.invalid`
+* `.localhost`
+
+## See also
+
+- [Top-level domain (Wikipedia)](https://en.wikipedia.org/wiki/Top-level_domain)
+- [IANA Root Zone Database](https://www.iana.org/domains/root/db)

docs/src/content/docs/en/definitions/whois.mdx

@@ -0,0 +1,97 @@
+---
+title: WHOIS Protocol
+description: Get an overview of WHOIS. Learn how this protocol is used to query databases for information about the registered user or assignees of a domain name.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+WHOIS is a text-based query/response protocol (listening on **TCP Port 43**) widely used for querying databases that store the registered users or assignees of an Internet resource, such as a domain name or an IP address block.
+
+## Core Use Cases
+
+* **Availability Check**: Verifying if a specific domain name is available for registration.
+* **Ownership Identification**: Identifying the Registrant or the Registrar managing the domain.
+* **Technical Troubleshooting**: Finding the authoritative nameservers or the technical contacts to resolve network issues.
+* **Legal & Abuse**: Providing a record for law enforcement, intellectual property protection, and abuse reporting.
+
+## Thick vs. Thin Registries
+
+Understanding WHOIS responses requires understanding how the TLD Registry stores data.
+
+### Thin Registry (e.g., .com, .net)
+
+The Registry only stores technical data (DNSSEC, Nameservers) and a pointer to the Registrar.
+
+To get the full contact details, a second WHOIS query must be sent to the **Registrar's WHOIS server**.
+
+### Thick Registry (e.g., .org, .info, most ccTLDs)
+
+The Registry stores *all* information, including the Registrant's contact details and administrative data.
+
+A single query to the Registry provides the full record.
+
+## Example: Recursive WHOIS Query
+
+The standard `whois` command line tool often handles the "Thin Registry" redirect automatically.
+However, seeing the raw steps helps understand the protocol.
+
+In the example below for a **Thin TLD** (`.com`), we first query the Registry, which points us to the Registrar.
+
+### Request to the Registry (Verisign)
+
+Note the `Registrar WHOIS Server` field in the response.
+
+```text title="WHOIS query to the Registry"
+$ whois --verbose example.com -h whois.verisign-grs.com.
+Using server whois.verisign-grs.com..
+Query string: "example.com"
+
+   Domain Name: EXAMPLE.COM
+   Registry Domain ID: 2336799_DOMAIN_COM-VRSN
+   Registrar WHOIS Server: whois.iana.org
+   Registrar URL: http://res-dom.iana.org
+   Updated Date: 2025-08-14T07:01:39Z
+   Creation Date: 1995-08-14T04:00:00Z
+   Registry Expiry Date: 2026-08-13T04:00:00Z
+   Registrar: RESERVED-Internet Assigned Numbers Authority
+   Domain Status: clientDeleteProhibited https://icann.org/epp#clientDeleteProhibited
+   Domain Status: clientTransferProhibited https://icann.org/epp#clientTransferProhibited
+   Name Server: A.IANA-SERVERS.NET
+   Name Server: B.IANA-SERVERS.NET
+   DNSSEC: signedDelegation
+>>> Last update of whois database: 2025-11-20T08:05:54Z <<<
+```
+
+### Request to the Registrar (IANA)
+
+Following the referral, we query the specific Registrar to get the ownership details.
+
+```text title="WHOIS query to the Registrar"
+$ whois --verbose example.com -h whois.iana.org
+Using server whois.iana.org..
+Query string: "example.com"
+
+% IANA WHOIS server
+% for more information on IANA, visit http://www.iana.org
+% This query returned 1 object
+
+domain:       EXAMPLE.COM
+organisation: Internet Assigned Numbers Authority
+created:      1992-01-01
+source:       IANA
+```
+
+## Privacy Considerations
+
+Since the implementation of the **GDPR** (General Data Protection Regulation) and similar global privacy laws, the WHOIS output has changed significantly.
+
+* **Data Redaction**: Most personal fields (Name, Email, Phone) are now replaced with placeholders like `DATA REDACTED` or `Redacted for Privacy`.
+* **Privacy Proxies**: Registrars often provide services that replace the registrant's details with the registrar's generic contact information to prevent spam and harassment.
+* **Tiered Access**: Full, unredacted data is often no longer publicly available anonymously and requires a legitimate legal request or accreditation.
+
+<LinkCard title="RDAP Protocol" href="/en/definitions/rdap/"
+          description="Learn about the successor to WHOIS designed to handle structured data and privacy access."/>
+
+## See also
+
+* [RFC 3912 - WHOIS Protocol Specification](https://datatracker.ietf.org/doc/html/rfc3912)

docs/src/content/docs/en/developing/contributing/code-of-conduct.md

@@ -0,0 +1,90 @@
+---
+title: 👼 Code of Conduct
+description: Code of conduct outlining community standards and guidelines for respectful collaboration within the project.
+---
+
+## Our Pledge
+
+We pledge to make our community welcoming, safe, and equitable for all.
+
+We are committed to fostering an environment that respects and promotes the dignity, rights, and contributions of all individuals, regardless of characteristics including race, ethnicity, caste, color, age, physical characteristics, neurodiversity, disability, sex or gender, gender identity or expression, sexual orientation, language, philosophy or religion, national or social origin, socio-economic position, level of education, or other status. The same privileges of participation are extended to everyone who participates in good faith and in accordance with this Covenant.
+
+
+## Encouraged Behaviors
+
+While acknowledging differences in social norms, we all strive to meet our community's expectations for positive behavior. We also understand that our words and actions may be interpreted differently than we intend based on culture, background, or native language.
+
+With these considerations in mind, we agree to behave mindfully toward each other and act in ways that center our shared values, including:
+
+1. Respecting the **purpose of our community**, our activities, and our ways of gathering.
+2. Engaging **kindly and honestly** with others.
+3. Respecting **different viewpoints** and experiences.
+4. **Taking responsibility** for our actions and contributions.
+5. Gracefully giving and accepting **constructive feedback**.
+6. Committing to **repairing harm** when it occurs.
+7. Behaving in other ways that promote and sustain the **well-being of our community**.
+
+
+## Restricted Behaviors
+
+We agree to restrict the following behaviors in our community. Instances, threats, and promotion of these behaviors are violations of this Code of Conduct.
+
+1. **Harassment.** Violating explicitly expressed boundaries or engaging in unnecessary personal attention after any clear request to stop.
+2. **Character attacks.** Making insulting, demeaning, or pejorative comments directed at a community member or group of people.
+3. **Stereotyping or discrimination.** Characterizing anyone’s personality or behavior on the basis of immutable identities or traits.
+4. **Sexualization.** Behaving in a way that would generally be considered inappropriately intimate in the context or purpose of the community.
+5. **Violating confidentiality**. Sharing or acting on someone's personal or private information without their permission.
+6. **Endangerment.** Causing, encouraging, or threatening violence or other harm toward any person or group.
+7. Behaving in other ways that **threaten the well-being** of our community.
+
+### Other Restrictions
+
+1. **Misleading identity.** Impersonating someone else for any reason, or pretending to be someone else to evade enforcement actions.
+2. **Failing to credit sources.** Not properly crediting the sources of content you contribute.
+3. **Promotional materials**. Sharing marketing or other commercial content in a way that is outside the norms of the community.
+4. **Irresponsible communication.** Failing to responsibly present content which includes, links or describes any other restricted behaviors.
+
+
+## Reporting an Issue
+
+Tensions can occur between community members even when they are trying their best to collaborate. Not every conflict represents a code of conduct violation, and this Code of Conduct reinforces encouraged behaviors and norms that can help avoid conflicts and minimize harm.
+
+When an incident does occur, it is important to report it promptly. To report a possible violation, please contact the maintainer.
+
+Community Moderators take reports of violations seriously and will make every effort to respond in a timely manner. They will investigate all reports of code of conduct violations, reviewing messages, logs, and recordings, or interviewing witnesses and other participants. Community Moderators will keep investigation and enforcement actions as transparent as possible while prioritizing safety and confidentiality. In order to honor these values, enforcement actions are carried out in private with the involved parties, but communicating to the whole community may be part of a mutually agreed upon resolution.
+
+
+## Addressing and Repairing Harm
+
+If an investigation by the Community Moderators finds that this Code of Conduct has been violated, the following enforcement ladder may be used to determine how best to repair harm, based on the incident's impact on the individuals involved and the community as a whole. Depending on the severity of a violation, lower rungs on the ladder may be skipped.
+
+1) Warning
+    1) Event: A violation involving a single incident or series of incidents.
+    2) Consequence: A private, written warning from the Community Moderators.
+    3) Repair: Examples of repair include a private written apology, acknowledgement of responsibility, and seeking clarification on expectations.
+2) Temporarily Limited Activities
+    1) Event: A repeated incidence of a violation that previously resulted in a warning, or the first incidence of a more serious violation.
+    2) Consequence: A private, written warning with a time-limited cooldown period designed to underscore the seriousness of the situation and give the community members involved time to process the incident. The cooldown period may be limited to particular communication channels or interactions with particular community members.
+    3) Repair: Examples of repair may include making an apology, using the cooldown period to reflect on actions and impact, and being thoughtful about re-entering community spaces after the period is over.
+3) Temporary Suspension
+    1) Event: A pattern of repeated violation which the Community Moderators have tried to address with warnings, or a single serious violation.
+    2) Consequence: A private written warning with conditions for return from suspension. In general, temporary suspensions give the person being suspended time to reflect upon their behavior and possible corrective actions.
+    3) Repair: Examples of repair include respecting the spirit of the suspension, meeting the specified conditions for return, and being thoughtful about how to reintegrate with the community when the suspension is lifted.
+4) Permanent Ban
+    1) Event: A pattern of repeated code of conduct violations that other steps on the ladder have failed to resolve, or a violation so serious that the Community Moderators determine there is no way to keep the community safe with this person as a member.
+    2) Consequence: Access to all community spaces, tools, and communication channels is removed. In general, permanent bans should be rarely used, should have strong reasoning behind them, and should only be resorted to if working through other remedies has failed to change the behavior.
+    3) Repair: There is no possible repair in cases of this severity.
+
+This enforcement ladder is intended as a guideline. It does not limit the ability of Community Managers to use their discretion and judgment, in keeping with the best interests of our community.
+
+
+## Scope
+
+This Code of Conduct applies within all community spaces, and also applies when an individual is officially representing the community in public or other spaces. Examples of representing our community include using an official email address, posting via an official social media account, or acting as an appointed representative at an online or offline event.
+
+
+## Attribution
+
+This Code of Conduct is adapted from the Contributor Covenant, version 3.0, permanently available at [https://www.contributor-covenant.org/version/3/0/](https://www.contributor-covenant.org/version/3/0/).
+
+Contributor Covenant is stewarded by the Organization for Ethical Source and licensed under CC BY-SA 4.0. To view a copy of this license, visit [https://creativecommons.org/licenses/by-sa/4.0/](https://creativecommons.org/licenses/by-sa/4.0/)

docs/src/content/docs/en/developing/contributing/pull-requests.mdx

@@ -0,0 +1,53 @@
+---
+title: 💌 Pull Requests
+description: Instructions for submitting pull requests. Please read these instructions carefully to ensure you comply with contribution standards.
+---
+
+When you want to propose a change to the source code, you will need to create a Pull Request on this project's GitHub
+repository.
+
+Note that if you are modifying several different parts, you should split it into multiple Pull Requests. This will make
+it easier to review and merge your proposals.
+
+You will then be asked to fill in a few fields:
+
+## Title
+
+The Pull Request title should briefly describe the proposed changes. Please be concise and precise. For example, to add
+support for a new, fictitious provider called "FakeRegistrar," you could write something like "Add support for
+FakeRegistrar provider".
+
+## Description
+
+For complex changes, please provide as much detail as possible. If your changes modify an existing API, you must mention
+this in the description, as it may have repercussions on projects related to Domain Watchdog.
+
+If the proposal modifies the frontend, it would be best to include screenshots (desktop and mobile versions) to better
+visualize the proposal.
+
+## Change Type
+
+A checklist allows you to choose the type of change proposed:
+
+```markdown
+- [ ] Bug fix (non-breaking change which fixes an issue)
+- [ ] New feature (non-breaking change which adds functionality)
+- [ ] Breaking change (fix or feature that would cause existing functionality to not work as expected)
+- [ ] This change requires a documentation update
+```
+
+This checklist helps to better identify the project's impact on the PR.
+
+## Compliance Checklist
+
+The checklist below allows you to self-assess the conformity of your proposal before submitting it for review:
+
+```markdown
+- [x] Commit names follow the Conventional Commits convention
+- [x] I have checked the entire code before submitting it
+- [x] I have updated the documentation related to my commits
+- [x] My code does not generate errors
+```
+
+In any case, if you experience any difficulties creating a PR, feel free to open one; we will help you ensure it
+complies with these requirements.

docs/src/content/docs/en/developing/implementing-new-provider.mdx

@@ -0,0 +1,229 @@
+---
+title: 🌟 Implementing a new provider
+description: Step-by-step guide to adding a new Provider, with backend, frontend, and testing instructions to integrate a registrar into the project.
+---
+
+import {FileTree, Steps, Code, LinkCard} from "@astrojs/starlight/components";
+
+This project aims to be compatible with as many registrars as possible, giving users a choice when creating a Connector.
+
+::::caution
+Only registrars with a public and documented API can be offered. Using a registrar's private API is strictly prohibited.
+::::
+
+Adding a new Provider is straightforward. Simply follow the steps below.
+
+This guide explains how to add support for a new domain registrar.
+You’ll implement both the Backend (Provider logic) and the Frontend (configuration form).
+
+## Prerequisites
+
+<Steps>
+1. Read the API documentation of the new Provider and identify the sections related to user authentication and domain name registration.
+1. Set up your development environment.
+    <LinkCard title="Manual Installation" href="/en/install-config/install/manual-install/" description='Install the project from source to begin development' />
+</Steps>
+
+## Backend
+
+In this section, you’ll implement the logic required to interact with the new Provider’s API.
+
+<Steps>
+    1. Create a new DTO class to validate user authentication data.
+        <FileTree>
+            - src
+              - Dto.Connector
+                - DefaultProviderDto.php default DTO, which will also be used
+                - **MySuperRegistrarProviderDto.php** your new DTO class
+                - ...
+        </FileTree>
+
+    1. Add the necessary class properties and assertions.
+       The DTO class must extend `DefaultProviderDto`.
+
+        Only include properties required for user authentication, domain name registration, and any legally required consents.
+        <Code code={`namespace App\\Dto\\Connector;
+
+            class MySuperRegistrarProviderDto extends DefaultProviderDto
+        `} lang="php" title='MySuperRegistrarProviderDto.php' mark={['extends DefaultProviderDto']} />
+
+    1. Create a new Provider class.
+        <FileTree>
+            - src
+              - Service
+                - Provider
+                  - AbstractProvider.php                defines the signature of methods
+                  - **MySuperRegistrarProvider.php**    your new Provider
+                  - ...
+        </FileTree>
+
+    1. The class must extend `AbstractProvider`.
+        Refer to the existing Providers for implementation examples.
+        <Code code={`namespace App\\Service\\Provider;
+
+        #[Autoconfigure(public: true)]
+        class MySuperRegistrarProvider extends AbstractProvider
+        {
+            protected string $dtoClass = MySuperRegistrarProviderDto::class;
+
+            /** @var MySuperRegistrarProviderDto */
+            protected DefaultProviderDto $authData;
+        `} lang="php" title='MySuperRegistrarProvider.php' mark={['extends AbstractProvider']} />
+       ::::note
+        You now need to implement the methods defined in `AbstractProvider`.
+
+        Refer to the official Provider API documentation as needed.
+        ::::
+
+    1. Implement the `assertAuthentication` method.
+
+       This method validates user authentication data.
+       Make a request to the Provider’s API to verify that the user’s credentials are valid.
+
+       The method must return `void` when authentication succeeds.
+       ::::tip
+       If an issue occurs, throw an appropriate exception from the `App\Exception\Provider` namespace.
+       ::::
+        <Code code={`
+        protected function assertAuthentication(): void
+        {
+            // TODO: Implement assertAuthentication() method.
+        }`} lang="php" title='MySuperRegistrarProvider.php' mark={['protected function assertAuthentication()']} />
+
+    1. Implement the `getCachedTldList` method.
+        <Code code={`
+        protected function getCachedTldList(): CacheItemInterface
+        {
+            return $this->cacheItemPool->getItem('app.provider.my-super-registrar.supported-tld');
+        }`} lang="php" title='MySuperRegistrarProvider.php' mark={['my-super-registrar']} />
+
+        This method returns the cache entry holding the list of TLDs supported by this Provider.
+        Even if the API does not currently provide this information, implement the method for future compatibility.
+
+    1. Implement the `getSupportedTldList` method.
+
+        If the Provider API does not offer a way to retrieve supported TLDs, return an empty array `[]`.
+        Otherwise, call the API and return the list of supported TLDs.
+        <Code code={`
+        protected function getSupportedTldList(): array
+        {
+            // TODO: Implement getSupportedTldList() method.
+        }`} lang="php" title='MySuperRegistrarProvider.php' />
+
+    1. Implement the `isSupported` method (if necessary).
+        Override `isSupported` **only if** the Provider API cannot list supported TLDs. In that case, return `true` to indicate that all TLDs are potentially valid.
+
+    1. Implement the `orderDomain` method.
+
+        Follow the Provider's API documentation to implement domain ordering using the required properties.
+        ::::tip
+        As with authentication, you may throw generic Provider exceptions in case of an error.
+        ::::
+        <Code code={`
+        public function orderDomain(Domain $domain, bool $dryRun): void
+        {
+            // TODO: Implement orderDomain() method.
+        }`} lang="php" title='MySuperRegistrarProvider.php' />
+
+    1. Add your Provider to the `ConnectorProvider` enumeration.
+        <Code code={`
+        namespace App\Config;
+
+        enum ConnectorProvider: string
+        {
+            // ...
+            case MY_SUPER_REGISTRAR = 'my-super-registrar';
+
+            public function getConnectorProvider(): string
+            {
+                return match ($this) {
+                    // ...
+                    ConnectorProvider::MY_SUPER_REGISTRAR => MySuperRegistrarProvider::class,
+            };
+        }`} lang="php" title='src/Config/ConnectorProvider.php' />
+</Steps>
+
+**Well done!** 🎉
+
+You have now completed the Backend implementation.
+Let’s continue with the Frontend! 🚀
+
+## Frontend
+
+<Steps>
+    1. Create a form containing the necessary fields for your Provider.
+        <FileTree>
+            - assets
+              - utils
+                - providers
+                  - forms
+                    - DefaultConnectorFormItems.tsx             fields shared by all
+                    - **MySuperRegistrarConnectorForm.tsx**
+                    - ...
+        </FileTree>
+
+    1. Add the fields corresponding to the DTO you created earlier.
+       Check existing forms for reference.
+       If the Provider API does not allow retrieving supported TLDs, display this information as in the other forms.
+
+    1. Add your Provider to the `ConnectorProvider` enumeration.
+       The value must exactly match the one defined in PHP.
+
+       <Code code={`
+        export enum ConnectorProvider {
+            // ...
+            MY_SUPER_REGISTRAR = 'my-super-registrar'
+        }`} lang="ts" title='assets/utils/api/connectors.ts' />
+
+    1. Add the API terms of service link and the reference to your new form in the `index.ts` configuration file.
+        <Code code={`
+        export const providersConfig: Record<ConnectorProvider, ProviderConfig> = {
+            // ...
+            [ConnectorProvider.MY_SUPER_REGISTRAR]: {
+                tosLink: 'https://...',
+                form: MySuperRegistrarConnectorForm
+            }
+        }`} lang="ts" title='assets/utils/providers/index.ts' />
+
+    1. Ensure the interface renders correctly and fix any display issues.
+</Steps>
+
+**Great job!** 🎉
+
+Your Frontend implementation is now complete.
+
+## Testing
+
+<Steps>
+    1. Add the corresponding test function in the Provider test collection.
+        <Code code={`
+        #[DependsExternal(RDAPServiceTest::class, 'testUpdateRdapServers')]
+        public function testMySuperRegistrar()
+        {
+            $token = static::getContainer()->getParameter('my_super_registrar_token');
+            if (!$token) {
+                $this->markTestSkipped('Missing My Super Registrar token');
+            }
+
+            $this->testGenericProvider(ConnectorProvider::MY_SUPER_REGISTRAR, [
+                'waiveRetractationPeriod' => true,
+                'acceptConditions' => true,
+                'ownerLegalAge' => true,
+                'token' => $token,
+            ]);
+        }`} lang="php" title='tests/Service/Provider/AbstractProviderTest.php' />
+
+    1. Create a Symfony configuration parameter connecting the environment variable to the credentials.
+
+    1. Run the tests with PHPUnit:
+        ```shell
+        php vendor/bin/phpunit
+        ```
+    1. Ensure the test passes.
+    If it fails, fix the implementation accordingly.
+    Consider enabling code coverage to identify executed sections.
+</Steps>
+
+That's it!
+
+You’ve now finished implementing a new Provider. ✨

docs/src/content/docs/en/developing/software-testing.mdx

@@ -0,0 +1,106 @@
+---
+title: 🧬 Software Testing
+description: Discover how to launch and write unit and integration tests for this project using PHPUnit and a test database.
+---
+import {FileTree, LinkCard, Steps} from "@astrojs/starlight/components"
+
+Due to the nature of this project, it is essential to ensure that the logic is properly tested.
+
+For example, it is important to test whether the API calls to the supported Registrars are correctly implemented.
+
+## Run the tests
+
+Before proceeding, note that the first command drops the test database if it exists to ensure a clean testing environment.
+
+```shell
+php bin/console doctrine:database:drop --env=test --force
+```
+
+### Configure the test environment
+
+<Steps>
+    1. Create a test database
+        ```shell
+        php bin/console doctrine:database:create --env=test
+        ```
+        This command will create a blank database, suffixed with `_test` so as not to interfere with your development database.
+
+    1. Run the database migrations
+        ```shell
+        php bin/console doctrine:migrations:migrate --env=test
+        ```
+
+    1. Configure the specific environment variables for the tests
+        ```shell
+        cp .env.test .env.test.local
+        ```
+        This file is ignored by version control and lets you configure credentials or secrets required for certain integration tests.
+</Steps>
+
+### Run the tests with PHPUnit
+
+This project uses the [PHPUnit framework](https://phpunit.de/documentation.html) for writing and running tests.
+It is a good idea to read the [Symfony documentation specific to testing](https://symfony.com/doc/current/testing.html) before starting.
+
+To run the tests, execute the following command and observe the results.
+```shell
+php vendor/bin/phpunit
+```
+
+:::tip{icon="heart"}
+Depending on the integrated development environment (IDE) you use, it may have PHPUnit integration.
+This integration can be very useful for viewing code coverage and helping you interpret test results.
+:::
+
+If you choose to run the tests using the command line, you can expect to get a result similar to the one below.
+
+```text /D+(S)/ "Skipped: 1"
+PHPUnit 10.5.58 by Sebastian Bergmann and contributors.
+
+Runtime:       PHP 8.4.15
+Configuration: /home/maelgangloff/Documents/git/domain-watchdog/phpunit.dist.xml
+
+DDDDDDDDDDDDDDDDD.DDDDDD.............DDDDDDDDSDDDDDDDDD           55 / 55 (100%)
+
+Faker seed: 777840
+
+Time: 00:30.381, Memory: 318.50 MB
+
+OK, but there were issues!
+Tests: 55, Assertions: 86, Deprecations: 26, Skipped: 1.
+```
+
+In this example, note that a test has been skipped (the highlighted `S` in the result above).
+This test verifies the purchase of a domain name using a Registrar's sandbox API.
+Because authentication credentials are not set in the environment variables, this test is configured to be skipped.
+
+To configure these variables, please modify the file specific to the test environment.
+
+<FileTree>
+    - domain-watchdog
+        - .env.test
+        - **.env.test.local**
+        - ...
+</FileTree>
+
+
+## Write new tests
+
+All tests should be placed under `tests/` and follow PHPUnit’s naming conventions (`*Test.php`).
+
+:::note
+Ideally, every proposed code change (via Pull Requests) **MUST** include tests covering the related modifications.
+Refer to the Contributing section for more details on the guidelines.
+:::
+
+<LinkCard title="Create a Pull Request" description="Instructions for submitting pull requests" href="/en/developing/contributing/pull-requests/" />
+
+This requirement is especially important for any change affecting the project’s logic or algorithms.
+
+If you are not yet familiar with writing tests, you are still welcome to submit your changes. Other contributors can help ensure the necessary tests are added.
+
+### Writing tests for a new Provider
+
+The procedure for creating tests for a new provider is described on the dedicated page below.
+
+<LinkCard title="Testing a new Provider" description="Follow these steps to test your implementation of a new Provider" href="/en/developing/implementing-new-provider/#testing" />

docs/src/content/docs/en/developing/technical-stack.mdx

@@ -0,0 +1,103 @@
+---
+title: ⚙️ Technical stack
+description: Overview of the project's technical stack, including frameworks, languages, and architecture used throughout the system.
+---
+
+This page lists the main technologies used in the project, with links to their documentation. Specific version
+information can be found in the project’s dependency files (`composer.lock`, `package.json`, etc.). The architecture
+diagram below summarizes how these services interact.
+
+```mermaid
+flowchart LR
+    USER[[Users]]
+
+    subgraph EXT[External Resources]
+        direction TB
+        RDAP[RDAP Servers]
+        PROVIDER[Supported Registrar API]
+    end
+
+    subgraph INFRA[Managed Infrastructure]
+        RP[[Reverse Proxy]]
+
+        subgraph APP_ZONE[Application]
+            DW(Domain Watchdog)
+        end
+
+        subgraph DATA[Persistence & State]
+            PG[(PostgreSQL)]
+            INFL[(InfluxDB)]
+            REDIS[(Redis)]
+        end
+
+        OAUTH(OAuth 2.0 Provider)
+    end
+
+    USER <==> |HTTPS| RP
+    RP <==> |HTTP| DW
+
+    DW --> |Read/Write| PG
+    DW --> |Store Metrics| INFL
+    DW --> |Cache/Lock| REDIS
+    DW <--> |Auth Check| OAUTH
+
+    DW -.-> |Query Domain| RDAP
+    DW -.-> |API Actions| PROVIDER
+```
+
+## Backend
+
+### Framework
+
+The programming language is **PHP**.
+
+The backend is developed using the **Symfony** framework ([documentation](https://symfony.com/doc)).
+
+The API is made possible by the **API Platform**
+project ([documentation](https://api-platform.com/docs/symfony/)).
+
+### SQL database
+
+This project requires a **PostgreSQL** database ([documentation](https://www.postgresql.org/docs/current/)).
+
+Other database types cannot be used because some migrations were specifically written to leverage the performance of
+this database management system.
+
+### Key-value database
+
+A **Redis-compatible** key-value database is required to:
+
+- Cache certain values
+- Implement locks to limit the possibility of conditional raises
+- Store messages to be distributed to workers to process asynchronous actions. For example: updating domain names in a
+  Watchlist on a high-priority RDAP client queue.
+
+## Time Series database
+
+The **InfluxDB** database is optional.
+A data point is added for the following events:
+
+- RDAP requests from your instance: response time, requested domain name, HTTP status code, IP address of the RDAP
+  server, etc.
+- User notifications: adding events to a domain name, changing EPP statuses, etc.
+
+### SSO authentication
+
+An **OAuth 2.0** server is not required to authenticate users.
+
+Using Single Sign-On (SSO) allows you to delegate user authentication to a third party. This can be useful if you only
+want people within your organization to be able to use this project instance. Furthermore, you can then configure
+advanced security policies such as passwordless login, passkeys, multifactor authentication, and more.
+___
+
+## Frontend
+
+### Framework
+
+The language for frontend development is **TypeScript**.
+
+The framework used for the frontend is **React** ([documentation](https://react.dev/reference/react)).
+
+### Component Library
+
+The component library used is **Ant Design** ([documentation](https://ant.design/components/overview/)).

docs/src/content/docs/en/developing/translation.mdx

@@ -0,0 +1,16 @@
+---
+title: 🗺 Translation
+description: This project is available in several languages, the current translation status is available on this page.
+---
+
+The project is translated into several languages to allow as many people as possible to easily understand the interface.
+Feel free to contribute and add a translation!
+
+The current status of the translation is given below.
+
+[![Translation status](https://weblate.vinceh121.me/widget/domain-watchdog/domain-watchdog-dashboard/open-graph.png)](https://weblate.vinceh121.me/engage/domain-watchdog/)
+
+
+If you don't find your language in the list above, feel free to open an issue on the project repository and request that a new language be added.
+
+Once the language is added, you can start suggesting translations in the translation space. This project uses Weblate for community translation.

docs/src/content/docs/en/features/backorder/connector.mdx

@@ -0,0 +1,41 @@
+---
+title: 📡 Connector
+description: Learn how the Backorder Connector works, its flow, requirements, and how it integrates with registrar APIs for domain backordering.
+---
+
+import {LinkCard, Steps} from '@astrojs/starlight/components';
+
+A Connector allows Domain Watchdog to communicate with an external domain registrar’s API to perform actions such as
+domain registration.
+
+## Create a Connector
+
+<Steps>
+1. Choose an external API provider from the list of supported registrars.
+    <LinkCard title="Supported registrar" description="List of supported registrars for creating a Connector" href="/en/features/backorder/supported-registrar/"/>
+
+2. Enter the required information using the credentials obtained from your provider’s customer area
+    :::tip{icon="heart"}
+    A link allows you to directly access the Provider's page to retrieve this authentication information
+    :::
+
+3. Review and consent to the required terms. As a reminder, you can delete a Connector at any time from your personal space.
+
+4. Click the button to create your Connector. **Congratulations 🎉**
+</Steps>
+
+## Legal considerations
+
+These legal requirements ensure that all domain operations comply with registrar policies and applicable regulations.
+
+Domain Watchdog acts only as a technical interface and does not serve as a payment intermediary.
+Your credentials are transmitted directly to the provider’s API for domain operations.
+By creating a Connector, you consent to the provider’s terms and the use of your credentials for authorized operations.
+
+In particular, you must consent to:
+
+- Accept the provider’s API Terms of Use
+- Confirm that you are of legal age to accept these terms
+
+Since the terms of use may change at any time, the link to these terms is always accessible on the page listing the
+Connectors.

docs/src/content/docs/en/features/backorder/supported-registrar.mdx

@@ -0,0 +1,113 @@
+---
+title: 🤝 Supported registrar list
+description: List of registrars supported for domain backorders, with details on compatibility. Description of the configuration for each registrar.
+---
+
+import {LinkButton} from '@astrojs/starlight/components';
+
+:::caution[Reminder]
+
+* Please note that this project is NOT affiliated IN ANY WAY with the API Providers used to order domain names.
+* The project installers are responsible for the use of their own instance.
+* Under no circumstances will the owner of this project be held responsible for other cases over which he has no
+control.
+:::
+
+## OVH
+
+| Field          | Description                                                                      | Required |
+|----------------|----------------------------------------------------------------------------------|:--------:|
+| App key        | the key that allows OVH to identify your application                             | Required | 
+| App secret key | the secret key associated with your application                                  | Required |
+| Consumer key   | the secret key that links the application to your account                        | Required |
+| Endpoint       | allows you to choose which server to use (Europe, United States or Canada)       | Required |
+| Subsidiary     | the country linked to the OVH subsidiary associated with your account            | Required |
+| Pricing mode   | choose whether you want to pay for a Premium domain name or only standard prices | Required |
+
+<LinkButton variant="secondary"
+            icon="external"
+            target="_blank"
+            href="https://api.ovh.com/createToken/?GET=/order/cart&GET=/order/cart/*&POST=/order/cart&POST=/order/cart/*&DELETE=/order/cart/*&GET=/domain/extensions">
+    Retrieve my token from the OVH website
+</LinkButton>
+
+## Gandi
+
+| Field      | Description                                                      | Required |
+|------------|------------------------------------------------------------------|:--------:|
+| Token      | your account authentication token                                | Required | 
+| Sharing ID | indicates the organization that will pay for the ordered product | Optional |
+
+<LinkButton variant="secondary"
+            icon="external"
+            target="_blank"
+            href="https://admin.gandi.net/organizations/account/pat">
+    Retrieve my token from the Gandi website
+</LinkButton>
+
+## Namecheap
+
+:::caution
+This provider requires that the IPv4 address of your instance be entered on its web interface when creating the API
+connection. This information must also be entered in the configuration.
+:::
+
+| Field    | Description                           | Required |
+|----------|---------------------------------------|:--------:|
+| API user | the API user as given by the Provider | Required | 
+| API key  | the API key as given by the Provider  | Required |
+
+<LinkButton variant="secondary"
+            icon="external"
+            target="_blank"
+            href="https://ap.www.namecheap.com/settings/tools/apiaccess/">
+    Retrieve my token from the Namecheap website
+</LinkButton>
+
+## AutoDNS
+
+:::caution
+This provider does not provide a list of supported TLD. Please double-check if the domain you want to register is
+supported.
+:::
+
+| Field         | Description                                                   | Required |
+|---------------|---------------------------------------------------------------|:--------:|
+| Username      | the account username                                          | Required | 
+| Password      | the account password                                          | Required |
+| Owner consent | purchase consent                                              | Required |
+| Context       | the "context" as given by the Provider                        | Required |
+| Contact ID    | Contact ID of the domain name holder of the purchased domains | Required |
+
+<LinkButton variant="secondary"
+            icon="external"
+            target="_blank"
+            href="https://en.autodns.com/domain-robot-api/">
+    Retrieve my token from the AutoDNS website
+</LinkButton>
+
+## Name.com
+
+:::caution
+This provider does not provide a list of supported TLD. Please double-check if the domain you want to register is
+supported.
+:::
+
+| Field    | Description                       | Required |
+|----------|-----------------------------------|:--------:|
+| Username | the account username              | Required |
+| Token    | your account authentication token | Required |
+
+<LinkButton variant="secondary"
+            icon="external"
+            target="_blank"
+            href="https://www.name.com/account/settings/api">
+    Retrieve my token from the Name.com website
+</LinkButton>
+
+## Custom EPP server
+
+This type of connector allows you to directly link your instance to a registry via the EPP protocol.
+This requires that you have signed a contract with a registry; you are then considered a registry in your own right.
+
+Currently, the implementation of this feature has not been tested; your feedback is important!

docs/src/content/docs/en/features/index.mdx

@@ -0,0 +1,111 @@
+---
+title: 🚀 Getting started
+description: Step-by-step guide to creating an account, searching domains, tracking changes, and enabling auto-purchase with Connectors.
+---
+
+import {LinkCard, Steps} from '@astrojs/starlight/components';
+
+On this page, you'll find a step-by-step guide to getting started with **Domain Watchdog** and exploring its main
+features. The sidebar menu on the left allows you to quickly navigate between all documentation sections.
+
+:::note
+Depending on the configuration of the instance on which you're performing these actions, some options may be limited or
+hidden.
+:::
+
+---
+
+## Create an account
+
+If your instance allows user registration, you can create an account directly from the interface.
+
+![User registration](../../../../assets/images/user-register.png)
+
+<Steps>
+1. Click the **Register** button.
+2. Enter your **email address** and **password**.
+3. A confirmation email will be sent to verify your address.
+</Steps>
+
+After confirming your email, you can log in and start using all available features.
+
+---
+
+## Search for a domain name
+
+Domain Watchdog uses the **RDAP protocol**, the modern replacement for WHOIS, to retrieve accurate information about
+domain names.
+
+![Search for a domain name](../../../../assets/images/search-domain.png)
+
+:::tip[Read more]
+To read the documentation related to domain name search, please click on the link below.
+
+<LinkCard title="Domain search"
+          description="Obtain the details of a domain name registration and the history of observed events"
+          href="/en/features/search/domain-search/"/>
+:::
+
+---
+
+## Create a Watchlist
+
+A **Watchlist** is a collection of domain names, triggers, and optionally an API Connector.
+It allows you to:
+- monitor domain status changes
+- receive notifications (email or webhook: Slack, Mattermost, Discord, etc.)
+- optionally auto-purchase a domain when it expires
+
+![Create a Watchlist](../../../../assets/images/create-watchlist.png)
+
+:::tip[Read more]
+To read the documentation related to the Watchlist, please click on the link below.
+
+<LinkCard title="Watchlist"
+          description="Add domain names to a Watchlist to track them, be notified of any changes, and potentially buy them when they expire"
+          href="/en/features/tracking/watchlist/"/>
+:::
+
+### Watchlist notifications
+
+When a domain changes state, you’ll automatically receive a notification.  
+You can also export domain events as **iCalendar** feeds.
+
+---
+
+## Create a Connector
+
+A **Connector** is used to automatically order (backorder) a domain name using its provider’s API.
+
+![Create a Connector](../../../../assets/images/create-connector.png)
+
+:::tip[Read more]
+To read the documentation related to Connector, please click on the link below.
+
+<LinkCard title="Connector"
+          description="Create a Connector to enable domain name purchases by linking it to your Watchlists"
+          href="/en/features/backorder/connector/"/>
+:::
+
+### Supported registrar list
+
+<LinkCard title="Supported registrar list"
+          description="List of registrars supported by this project"
+          href="/en/features/backorder/supported-registrar/"/>
+
+---
+
+### Tracking table
+
+The Tracking table page displays a list of all the domain names you monitor via your Watchlists.
+This list is ordered, meaning the domain names are arranged according to their estimated deletion date.
+
+![Tracking table](../../../../assets/images/tracking-table.png)
+
+:::tip[Read more]
+To read the documentation related to the Tracking table, please click on the link below.
+
+<LinkCard title="Tracking table"
+          description="List all the domains you're monitoring in your Watchlist and track the status of those domains"
+          href="/en/features/tracking/tracking-table/"/>
+:::

docs/src/content/docs/en/features/infrastructure/icann-registrar-list.mdx

@@ -0,0 +1,6 @@
+---
+title: 📙 ICANN Registrar list
+description: List of ICANN-accredited Registrars. The list can be explored on the web interface.
+draft: true
+---
+

docs/src/content/docs/en/features/infrastructure/tld-list.mdx

@@ -0,0 +1,5 @@
+---
+title: 🌐 TLD list
+description: Discover the list of currently active TLDs directly in your interface, along with additional information.
+draft: true
+---

docs/src/content/docs/en/features/search/domain-search.mdx

@@ -0,0 +1,34 @@
+---
+title: 🔎 Domain search
+description: Overview of the domain search functionality which allows you to view all public information about a domain name.
+---
+
+import {Steps} from "@astrojs/starlight/components"
+import {Kbd} from "starlight-kbd/components"
+
+:::tip[Did you know?]
+In this project, everything is done to minimize the number of requests to RDAP servers. Limitations imposed on end users help control the flow of RDAP requests.
+These limitations can be configured for each instance, in the environment variables.
+:::
+
+The domain search feature allows users to look up information about a domain name through the user interface.
+
+To search for a domain name:
+
+<Steps>
+    1. Enter the domain in the search bar.
+    2. Press <Kbd mac="Enter" generic="Enter" /> to submit the query.
+</Steps>
+
+![Search for a domain name](../../../../../assets/images/search-domain.png)
+
+If the extension you are searching for does **not** have an official RDAP server, an error message will inform you that no RDAP server is available.
+
+## Force Update
+
+By default, if the domain information stored in the database is still considered valid, the system returns the existing record without performing a new RDAP query.
+
+If you need to force an RDAP update for a given domain:
+* Press <Kbd mac="Shift+Enter" generic="Shift+Enter" /> when submitting the search.
+
+This triggers a fresh lookup against the RDAP server.

docs/src/content/docs/en/features/tracking/tracking-table.mdx

@@ -0,0 +1,6 @@
+---
+title: 🎯 Tracking table
+description: The tracking table is a tool that allows you to gather information about the domain names you are tracking.
+---
+
+![Tracking table](../../../../../assets/images/tracking-table.png)

docs/src/content/docs/en/features/tracking/watchlist.mdx

@@ -0,0 +1,36 @@
+---
+title: 🔔 Watchlist
+description: Learn how the domain watchlist works, enabling users to monitor domains and receive updates on changes.
+---
+
+import {Steps} from '@astrojs/starlight/components';
+
+A Watchlist is a list of domain names, triggers and possibly an API connector. They allow you to follow the life of the
+listed domain names and send you a notification when a change has been detected.
+
+If a domain has expired and a connector is linked to the Watchlist, then an order attempt will be made though the
+Connector provider's API.
+
+:::note
+If the same domain name is present on several Watchlists, on the same principle as the race condition, it is not
+possible to predict in advance which user will win the domain name. The choice is left to chance...
+:::
+
+## Create a Watchlist
+
+![Create a Watchlist](../../../..//../assets/images/create-watchlist.png)
+
+<Steps>
+1. Choose a name for your Watchlist and find it more easily
+2. Add the domain names you want to follow
+3. Select the events for which you want to receive an email notification
+4. Optionally add a connector to try to automatically buy a domain name that becomes available
+5. Click the button to create your Watchlist. **Congratulations 🎉**
+</Steps>
+
+Now, it's your turn to create a Watchlist!
+
+## Limitations
+
+Depending on the instance configuration, there are several limitations to frame user behavior.
+

docs/src/content/docs/en/install-config/configuration.mdx

@@ -0,0 +1,45 @@
+---
+title: 📜 Configuration
+description: Configuration guide explaining environment variables and settings required to run and customize the project.
+---
+
+import {LinkCard} from '@astrojs/starlight/components';
+
+<LinkCard title="Install with Docker" href="/en/install-config/install/docker-compose/"/>
+
+## Environment variables
+
+| Variable                       | Description                                    |           Default           |
+|--------------------------------|------------------------------------------------|:---------------------------:|
+| `DATABASE_URL`                 | Please check Symfony config                    |                             |
+| `OUTGOING_IP`                  | Outgoing IPv4, needed for some providers       |                             |
+| `INFLUXDB_ENABLED`             | Enable the connection with InfluxDB            |           `false`           |
+| `INFLUXDB_URL`                 | InfluxDB URL                                   |   `http://localhost:8086`   |
+| `INFLUXDB_TOKEN`               | InfluxDB token                                 |                             |
+| `INFLUXDB_BUCKET`              | InfluxDB bucket name                           |      `domainwatchdog`       |
+| `INFLUXDB_ORG`                 | InfluxDB organization                          |      `domainwatchdog`       |
+| `LIMITED_FEATURES`             | Limit certain features for users               |           `false`           |
+| `LIMIT_MAX_WATCHLIST`          | Maximum number of Watchlists per user          |             `0`             |
+| `LIMIT_MAX_WATCHLIST_DOMAINS`  | Maximum number of domains per Watchlist        |             `0`             |
+| `LIMIT_MAX_WATCHLIST_WEBHOOKS` | Maximum number of webhooks per Watchlist       |             `0`             |
+| `MAILER_SENDER_NAME`           | Name of the sender of emails                   |      `Domain Watchdog`      |
+| `MAILER_SENDER_EMAIL`          | Sender's email address                         | `notifications@example.com` |
+| `REGISTRATION_ENABLED`         | Enable user registration                       |           `true`            |
+| `REGISTRATION_VERIFY_EMAIL`    | Verify email addresses during registration     |           `false`           |
+| `MAILER_DSN`                   | Please check Symfony config                    |        `null://null`        |
+| `OAUTH_CLIENT_ID`              | Client ID (OAuth 2.0) for using external SSO   |                             |
+| `OAUTH_CLIENT_SECRET`          | Client secret (OAuth 2.0)                      |                             |
+| `OAUTH_AUTHORIZATION_URL`      | Authorization URL (OAuth 2.0)                  |                             |
+| `OAUTH_TOKEN_URL`              | Token URL (OAuth 2.0)                          |                             |
+| `OAUTH_USERINFO_URL`           | User Info URL (OAuth 2.0)                      |                             |
+| `OAUTH_SCOPE`                  | Scope (OAuth 2.0)                              |                             |
+| `SSO_AUTO_REDIRECT`            | Redirect to the SSO auth URL                   |           `false`           |
+| `PUBLIC_RDAP_LOOKUP_ENABLE`    | Allow unauthenticated domain name name lookups |           `false`           |
+
+
+## Authentication
+
+Currently, there is no way to delete your account, reset your password, or enable multifactor authentication.
+
+Registering users directly in the interface is recommended for individual instances. For multi-user environments, the
+recommended method is to use external SSO via the OAuth 2.0 protocol.

docs/src/content/docs/en/install-config/install/docker-compose.mdx

@@ -0,0 +1,26 @@
+---
+title: 🐋 Docker installation
+description: Step-by-step guide to installing this project using the Docker image and Docker Compose, with configuration steps and deployment notes.
+---
+
+import {LinkCard} from '@astrojs/starlight/components';
+
+1. Download the [docker-compose.yml](https://github.com/maelgangloff/domain-watchdog/blob/develop/docker-compose.yml) and modify it as needed
+2. Download the [.env](https://github.com/maelgangloff/domain-watchdog/blob/develop/.env), rename it to `.env.local` and modify it as needed
+<LinkCard title="Configuration" description="List of environment variables" href="/en/install-config/configuration/#environment-variables"/>
+
+3. Add static files to customize your instance (under `public/content`)
+4. Pull the latest version of the Domain Watchdog image from Docker Hub
+
+```shell
+docker compose pull
+```
+
+5. Start the project in production environment
+
+```shell
+docker compose up
+```
+
+By default, the container listens on http://localhost:8080, but you can configure this in environment variables.
+

docs/src/content/docs/en/install-config/install/manual-install.mdx

@@ -0,0 +1,88 @@
+---
+title: 🔧 Manual installation
+description: Manual installation guide with system requirements, dependencies, and step-by-step instructions to install the project from source.
+---
+
+import {FileTree, LinkCard, Steps} from '@astrojs/starlight/components';
+
+To deploy a Domain Watchdog instance, please refer to the Symfony documentation
+on [How to deploy a Symfony application](https://symfony.com/doc/current/deployment.html).
+
+## Prerequisites
+
+- PHP 8.4 or higher
+- PostgreSQL 16 or higher
+
+In order to retrieve information about domain names, Domain Watchdog will query the RDAP server responsible for the TLD.
+It is crucial that the Domain Watchdog instance is placed in a clean environment from which these servers can be
+queried.
+In particular, the DNS servers and root certificates of the system must be trusted.
+
+## Steps
+
+Clone the repository:
+
+```shell
+git clone https://github.com/maelgangloff/domain-watchdog.git
+```
+
+### Backend
+
+<Steps>
+1. Install dependencies
+    ```shell
+    composer install
+    ```
+2. Set up your environment variables
+    ```shell
+    cp .env .env.local
+    ```
+    <LinkCard title="Configuration" description="List of environment variables" href="/en/install-config/configuration/"/>
+
+3. Generate the cryptographic key pair for the JWT signature
+    ```shell
+    php bin/console lexik:jwt:generate-keypair
+    ```
+4. Run database migrations
+    ```shell
+    php bin/console doctrine:migrations:migrate
+    ```
+5. Start the Symfony server
+    ```shell
+    symfony server:start
+    ```
+6. Build assets
+    ```shell
+    php bin/console assets:install
+    ```
+7. Don't forget to set up workers to process the [message queue](https://symfony.com/doc/current/messenger.html)
+</Steps>
+
+### Frontend
+
+<Steps>
+1. Install dependencies
+    ```shell
+    yarn install
+    ```
+2. Generate language files
+    ```shell
+    yarn run ttag:po2json
+    ```
+3. Make the final build
+    ```shell
+    yarn build
+    ```
+4. Add and modify the following files as you wish
+    <FileTree>
+        - public
+            - content
+                - home.md
+                - privacy.md
+                - tos.md
+                - faq.md
+                - icons-512.png
+                - banner.png
+                - favicon.ico
+    </FileTree>
+</Steps>

docs/src/content/docs/en/install-config/upgrade.mdx

@@ -0,0 +1,52 @@
+---
+title: ♻️ Manual Upgrade
+description: Upgrade guide explaining how to safely update the project, including migrations, and versioning details.
+---
+
+import {Steps} from "@astrojs/starlight/components";
+
+**Any updates are your responsibility. Make a backup of the data if necessary.**
+
+Fetch updates from the remote repository:
+
+```shell
+git pull origin master
+```
+
+## Backend
+
+<Steps>
+1. Install dependencies
+    ```shell
+    composer install
+    ```
+2. Run database migrations
+    ```shell
+    php bin/console doctrine:migrations:migrate
+    ```
+3. Clearing the Symfony cache
+    ```shell
+    php bin/console cache:clear
+    ```
+4. Build assets
+    ```shell
+    php bin/console assets:install
+    ```
+</Steps>
+
+## Frontend
+
+<Steps>
+1. Install dependencies
+    ```shell
+    yarn install
+    ```
+2. Generate language files
+    ```shell
+    yarn run ttag:po2json
+    ```
+3. Make the final build
+    ```shell
+    yarn build
+    ```
+</Steps>

docs/src/content/docs/en/legal/faq.md

@@ -0,0 +1,5 @@
+---
+title: ❔ FAQ
+description: Explore the most frequently asked questions when using this project and the most common answers.
+draft: true
+---

docs/src/content/docs/en/legal/license.md

@@ -0,0 +1,9 @@
+---
+title: ⚖️ License
+description: Licensing information detailing usage rights, redistribution terms, and legal conditions for contributing and using the project.
+---
+
+![GNU AGPL v3 license logo](https://www.gnu.org/graphics/agplv3-with-text-162x68.png)
+
+This entire project is licensed under [*GNU Affero General Public License v3.0*](https://www.gnu.org/licenses/agpl-3.0.txt) or later.
+Contributions are welcome as long as they do not contravene the Code of Conduct.

docs/src/content/docs/en/legal/security.md

@@ -0,0 +1,15 @@
+---
+title: 🔏 Security policy
+description: Security policy describing vulnerability reporting, and guidelines to keep the project secure. Please report any security issues.
+---
+
+## Reporting a Vulnerability
+
+If you want to report a vulnerability, please contact the maintainer of this repository. Thanks!
+
+~~~
+Contact: mailto:contact@maelgangloff.fr
+Encryption: openpgp4fpr:323E63F1AB879F30B38F527611FDC81C24A7F629
+Encryption: https://maelgangloff.fr/pgp-key.txt
+Preferred-Languages: fr, en
+~~~

docs/src/content/docs/fr/definitions/dns.mdx

@@ -0,0 +1,78 @@
+---
+title: Protocole DNS
+description: Qu'est-ce que le DNS ? Comprendre le système de noms de domaine et son rôle dans la navigation Internet.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+Le **DNS (Domain Name System)** est le système de nommage décentralisé pour les ordinateurs, les services ou toute ressource connectée à Internet ou à un réseau privé.
+Il agit comme "l'annuaire d'Internet", traduisant les noms de domaine lisibles par les humains en informations lisibles par les machines.
+
+## Une architecture hiérarchique
+
+L'architecture DNS est une base de données distribuée et hiérarchique ressemblant à un arbre inversé. Cette structure, connue sous le nom d'**Espace de Noms de Domaine** (Domain Name Space), est traitée de droite à gauche :
+
+[Image of DNS hierarchical structure]
+
+  * **Niveau Racine (Root)** : Le sommet de la hiérarchie, représenté par un point unique optionnel (`.`) à la fin d'un nom de domaine complet (FQDN).
+  * **Domaines de premier niveau (TLD)** : Le niveau visible le plus élevé (par exemple, `.com`, `.org`, `.fr`).
+  * **Domaines de second niveau (SLD)** : Le nom spécifique enregistré par une entité (par exemple, `example` dans `example.com`).
+  * **Sous-domaines** : Subdivisions supplémentaires pour des services spécifiques ou des structures organisationnelles (par exemple, `www`, `blog` ou `api`).
+
+## Serveurs faisant autorité
+
+Les serveurs DNS faisant autorité détiennent les enregistrements de ressources définitifs pour une zone de domaine spécifique. Contrairement aux résolveurs récursifs qui mettent les réponses en cache, les serveurs faisant autorité fournissent les données originales.
+
+[Image of DNS resolution process]
+
+Lorsqu'un client demande un domaine, la chaîne de résolution interroge :
+
+1.  **Serveurs Racines** : Dirigent vers les serveurs TLD.
+2.  **Serveurs TLD** : Dirigent vers les serveurs de noms faisant autorité du domaine.
+3.  **Serveur faisant autorité** : Renvoie l'adresse IP finale (ou un autre enregistrement).
+
+<LinkCard
+title="Domaine de premier niveau"
+description="Un aperçu des domaines de premier niveau (TLD), leur classification (gTLD, ccTLD, etc.) et la structure de la zone racine DNS."
+href="/fr/definitions/top-level-domain/"/>
+
+## Enregistrements GLUE
+
+Un enregistrement GLUE est un enregistrement A (ou AAAA) **fourni par la zone parente** pour éviter les dépendances circulaires. Normalement, la zone parente ne fait que déléguer, mais ici, elle doit fournir des données.
+Ils sont strictement nécessaires lorsque le serveur de noms d'un domaine est un sous-domaine du domaine lui-même (par exemple, `example.com` utilise `ns1.example.com` comme serveur de noms). Sans l'enregistrement GLUE dans la zone `.com` pointant vers l'IP de `ns1`, le résolveur serait bloqué dans une boucle en essayant de résoudre le nom du serveur de noms.
+
+### Exemple : `ns.icann.org`
+
+Dans cet exemple, `icann.org` utilise `ns.icann.org` comme l'un de ses serveurs de noms.
+
+Pour résoudre `icann.org`, vous devez interroger `ns.icann.org`, mais vous ne pouvez pas trouver `ns.icann.org` sans d'abord résoudre `icann.org`.
+
+Lors de l'interrogation du serveur TLD `.org` (`A0.ORG.AFILIAS-NST.INFO`), le serveur renvoie les enregistrements de serveur de noms (NS) dans la **Section Autorité**, mais de manière cruciale, il fournit également les adresses IP dans la **Section Additionnelle**. Ce sont les enregistrements GLUE.
+
+```text title="Requête DNS de ns.icann.org utilisant la commande dig" {17-18}
+; <<>> DiG 9.20.15 <<>> ns.icann.org @A0.ORG.AFILIAS-NST.INFO
+;; global options: +cmd
+;; Got answer:
+;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 52458
+;; flags: qr rd; QUERY: 1, ANSWER: 0, AUTHORITY: 4, ADDITIONAL: 3
+
+;; QUESTION SECTION:
+;ns.icann.org.            IN    A
+
+;; AUTHORITY SECTION:
+icann.org.        3600    IN    NS    ns.icann.org.
+icann.org.        3600    IN    NS    a.icann-servers.net.
+icann.org.        3600    IN    NS    c.icann-servers.net.
+icann.org.        3600    IN    NS    b.icann-servers.net.
+
+;; ADDITIONAL SECTION:
+ns.icann.org.        3600    IN    A     199.4.138.53
+ns.icann.org.        3600    IN    AAAA  2001:500:89::53
+
+;; Query time: 241 msec
+;; SERVER: 199.19.56.1#53(A0.ORG.AFILIAS-NST.INFO) (UDP)
+```
+
+## Voir aussi
+
+  - [Domain Name System (Système de noms de domaine)](https://fr.wikipedia.org/wiki/Domain_Name_System) sur Wikipédia

docs/src/content/docs/fr/definitions/dnssec.mdx

@@ -0,0 +1,52 @@
+---
+title: DNSSEC
+description: Sécurisez votre résolution de domaine. En savoir plus sur DNSSEC et comment il protège les utilisateurs contre les données DNS falsifiées.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+**DNSSEC (Domain Name System Security Extensions)** ajoute une couche de sécurité cryptographique au protocole DNS. Il défend contre des attaques spécifiques, telles que l'**empoisonnement du cache DNS** et les **attaques de l'homme du milieu**, en garantissant que les données DNS reçues sont identiques à celles publiées par le propriétaire de la zone.
+
+## Ce que fait DNSSEC
+
+DNSSEC utilise la cryptographie à clé publique pour établir une **Chaîne de Confiance**.
+
+  * **Authentification de l'origine** : Vérifie que les données proviennent du bon serveur faisant autorité.
+  * **Intégrité des données** : Garantit que les données n'ont pas été modifiées en transit.
+  * **Déni d'existence authentifié** : Prouve de manière sécurisée qu'un domaine ou un enregistrement n'existe *pas* (en utilisant NSEC/NSEC3).
+
+De nouveaux enregistrements de ressources permettent cette validation :
+
+  * `RRSIG` : La signature numérique associée à un jeu d'enregistrements.
+  * `DNSKEY` : La clé publique utilisée pour vérifier le RRSIG.
+  * `DS` (Delegation Signer) : Un hachage de la clé de la zone enfant, stocké dans la zone parente pour lier la chaîne de confiance.
+
+## Ce que DNSSEC ne fait pas
+
+  * **Pas de chiffrement** : Les requêtes et réponses DNS restent en texte clair (contrairement à DoH ou DoT).
+  * **Pas de validation d'identité** : Il ne valide pas la légitimité du propriétaire du domaine (par exemple, il n'empêche pas les domaines de phishing, il prouve juste que l'IP du domaine de phishing est correcte).
+
+## Configurer DNSSEC sur votre nom de domaine
+
+La mise en œuvre de DNSSEC implique deux étapes principales :
+
+1.  **Signature de la zone** : Le serveur de noms faisant autorité génère des clés (`ZSK` et `KSK`) et signe les données de la zone, créant des enregistrements `RRSIG` et `DNSKEY`.
+2.  **Établissement de la confiance** : Le propriétaire du domaine doit envoyer l'enregistrement `DS` (hachage de la KSK) au Bureau d'enregistrement (Registrar). Le Bureau d'enregistrement transmet cela au Registre pour publication dans la zone TLD parente.
+
+<LinkCard
+title="Nom de domaine"
+description="Une explication de ce qu'est un nom de domaine et de sa structure."
+href="/fr/definitions/domain-name/"/>
+
+## L'adoption de DNSSEC
+
+L'adoption est un processus descendant commençant par la Zone Racine. Alors que la Racine et la plupart des TLD sont signés, l'adoption au niveau de l'utilisateur final (domaines de second niveau) dépend du support du bureau d'enregistrement et de la sensibilisation du titulaire.
+
+<LinkCard
+title="Domaine de premier niveau"
+description="Un aperçu des domaines de premier niveau (TLD) et leur classification (gTLD, ccTLD, etc.)."
+href="/fr/definitions/top-level-domain/"/>
+
+## Voir aussi
+
+  - [Carte mondiale DNSSEC](https://stats.labs.apnic.net/dnssec) des laboratoires APNIC

docs/src/content/docs/fr/definitions/domain-lifecycle.mdx

@@ -0,0 +1,42 @@
+---
+title: Cycle de vie d'un domaine
+description: Explorez le cycle de vie d'un domaine, de l'enregistrement à l'expiration. Découvrez les phases critiques pour suivre un nom de domaine.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+Le **Cycle de vie d'un domaine** définit les statuts qu'un nom de domaine traverse de sa création à sa suppression.
+Comprendre ces phases est critique pour éviter la perte involontaire d'un domaine.
+
+## Le cycle de vie générique
+
+Pour la plupart des domaines de premier niveau génériques (gTLD) régulés par l'ICANN, le cycle suit ce chemin :
+
+1.  **Disponible** : Le domaine est ouvert à l'enregistrement.
+2.  **Enregistré (Actif)** : Le domaine est détenu et fonctionnel. Il peut être mis à jour, transféré ou renouvelé (généralement 1 à 10 ans).
+3.  **Période de grâce de renouvellement automatique** : (0–45 jours) Le domaine expire. Le propriétaire peut généralement le renouveler au tarif standard. Le domaine peut cesser de résoudre (ServerHold).
+4.  **Période de rédemption** : (30 jours) Le domaine est supprimé du bureau d'enregistrement mais conservé par le registre. La récupération est possible mais nécessite des **frais de restauration** plus élevés.
+5.  **Suppression en attente** (Pending Delete) : (5 jours) Le domaine est programmé pour une suppression définitive. Il ne peut être ni récupéré ni renouvelé.
+6.  **Libéré** : Le domaine devient à nouveau **Disponible** pour l'enregistrement public.
+
+<LinkCard
+title="Nom de domaine"
+description="Une explication de ce qu'est un nom de domaine et de sa structure."
+href="/fr/definitions/domain-name/"/>
+
+## Cas particuliers de certains ccTLD
+
+Les domaines de premier niveau géographiques (ccTLD) fonctionnent selon des réglementations locales, ce qui conduit à des cycles de vie divers :
+
+  * **Pas de périodes de grâce** : Certains ccTLD entrent en "Suppression en attente" immédiatement après l'expiration.
+  * **Renouvellement pré-expiration** : Certains registres exigent que les frais de renouvellement soient payés des semaines avant la date d'expiration réelle.
+  * **Processus manuels** : La restauration dans certains ccTLD peut nécessiter une intervention manuelle et de la paperasse.
+
+<LinkCard
+title="Domaine de premier niveau"
+description="Un aperçu des domaines de premier niveau (TLD) et leur classification (gTLD, ccTLD, etc.)."
+href="/fr/definitions/top-level-domain/"/>
+
+## Voir aussi
+
+  - [Cycle de vie d'un nom de domaine gTLD typique](https://www.icann.org/en/contracted-parties/accredited-registrars/resources/gtld-lifecycle) sur le site de l'ICANN

docs/src/content/docs/fr/definitions/domain-name.mdx

@@ -0,0 +1,53 @@
+---
+title: Nom de domaine
+description: Définissez votre identité en ligne. Une explication de ce qu'est un nom de domaine et de sa structure.
+---
+Un **Nom de Domaine** est une chaîne d'identification lisible par l'homme utilisée pour localiser des ressources sur Internet. Il mappe des adresses IP numériques complexes vers des noms mémorables.
+
+## La structure d'un nom de domaine
+
+Un nom de domaine se lit hiérarchiquement de droite à gauche :
+
+1.  **Domaine de premier niveau (TLD)** : Le suffixe (par exemple, `.com`, `.fr`).
+2.  **Domaine de second niveau (SLD)** : Le nom unique choisi par le titulaire (par exemple, `example`).
+3.  **Sous-domaine** : préfixes pour des services spécifiques (par exemple, `www`, `api`).
+
+Un **Nom de Domaine Complètement Qualifié (FQDN)** inclut tous les labels jusqu'à la racine (par exemple, `www.example.com.`).
+
+## Les statuts EPP
+
+Le protocole EPP (Extensible Provisioning Protocol) attribue des codes de statut aux domaines pour indiquer leur état ou des restrictions. Ceux-ci sont visibles dans les recherches WHOIS/RDAP.
+
+### Statuts serveur (définis par le registre)
+
+Le registre peut appliquer des codes EPP pour modifier l'état d'un nom de domaine. Ce sont tous les codes sauf ceux commençant par `client`, qui sont réservés aux bureaux d'enregistrement.
+Les codes génériques sont listés dans la documentation de l'ICANN.
+
+Certains registres ont développé des codes supplémentaires pour décrire des cas non standard.
+Par exemple, l'AFNIC a ajouté le code `server trade prohibited` pour décrire l'interdiction de l'opération de `trade` (cession) sur un nom de domaine.
+Cette opération fait partie de l'extension EPP de l'AFNIC et n'est pas une opération standard pour un nom de domaine.
+
+### Statuts client (définis par le bureau d'enregistrement)
+
+Les bureaux d'enregistrement peuvent également appliquer des codes EPP à un nom de domaine. Ces codes commencent toujours par `client` pour les distinguer des codes appliqués par le registre.
+
+Certains codes ont le même effet que ceux appliqués par le registre.
+
+Par exemple, les codes `client hold` et `server hold` bloquent la résolution de la zone DNS d'un nom de domaine.
+Cela signifie que la zone DNS du domaine de premier niveau ne contient plus les enregistrements `NS` nécessaires à la délégation de la zone du nom de domaine.
+Cela entraîne l'arrêt complet des services pour le nom de domaine.
+Ce code est souvent utilisé par le bureau d'enregistrement pour encourager fortement le titulaire à payer les frais de renouvellement (lorsque le nom de domaine n'est pas dans sa période de rédemption).
+
+## Nom de domaine internationalisé (IDN)
+
+Un IDN est un nom de domaine qui contient des caractères autres que le format ASCII standard (a-z, 0-9 et traits d'union). Cela inclut les caractères avec des diacritiques (accents) ou des caractères d'écritures non latines (arabe, chinois, cyrillique, etc.).
+
+Pour fonctionner dans le système DNS hérité, les IDN sont convertis dans un format compatible ASCII appelé **Punycode**, qui commence toujours par `xn--`.
+
+|     Affichage     |         Punycode         |
+|:-----------------:|:------------------------:|
+| `maëlgangloff.fr` | `xn--malgangloff-0bb.fr` |
+
+## Voir aussi
+
+  - [Codes de statut EPP](https://icann.org/epp) sur le site de l'ICANN

docs/src/content/docs/fr/definitions/epp.mdx

@@ -0,0 +1,44 @@
+---
+title: Protocole EPP
+description: Qu'est-ce que le protocole EPP ? Découvrez comment ce protocole permet aux registres et bureaux d'enregistrement de communiquer au sujet des noms de domaines.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+L'**Extensible Provisioning Protocol (EPP)** est le protocole de couche application standard pour l'allocation d'objets au sein des registres sur Internet. Bien qu'il soit principalement utilisé pour les noms de domaine, il peut également gérer les contacts et les objets hôtes.
+
+## Les acteurs
+
+### Client (Bureau d'enregistrement)
+
+Le Bureau d'enregistrement (Registrar) agit comme le Client EPP. Il envoie des commandes XML pour créer, mettre à jour, renouveler ou supprimer des noms de domaine en fonction des demandes des clients.
+
+<LinkCard
+title="Bureau d'enregistrement"
+description="Qu'est-ce qu'un bureau d'enregistrement de noms de domaine ?"
+href="/fr/definitions/registrar/"/>
+
+### Serveur (Registre)
+
+Le Registre agit comme le Serveur EPP. Il traite les commandes, valide la logique (par exemple, "ce domaine est-il disponible ?"), met à jour la base de données centrale et renvoie des réponses de succès ou d'erreur.
+
+<LinkCard
+title="Registre"
+description="Qu'est-ce qu'un registre de noms de domaine ?"
+href="/fr/definitions/registry/"/>
+
+## Le mécanisme du protocole
+
+EPP utilise des messages **XML** transportés sur **TCP**, sécurisés par **TLS**. C'est un protocole à états, ce qui signifie qu'une session est établie (Connexion) avant que les commandes ne soient exécutées.
+
+Les commandes EPP courantes incluent :
+
+  * `<check>` : Vérifier la disponibilité.
+  * `<create>` : Enregistrer un nouvel objet.
+  * `<info>` : Récupérer les détails de l'objet.
+  * `<transfer>` : Initier un transfert de bureau d'enregistrement.
+  * `<poll>` : Récupérer les notifications asynchrones du Registre.
+
+## Voir aussi
+
+  - [RFC 5730 - Extensible Provisioning Protocol (EPP)](https://datatracker.ietf.org/doc/html/rfc5730)

docs/src/content/docs/fr/definitions/icann.mdx

@@ -0,0 +1,46 @@
+---
+title: ICANN
+description: En savoir plus sur l'ICANN, l'organisation à but non lucratif coordonnant les identifiants uniques de l'Internet mondial.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+L'**ICANN (Internet Corporation for Assigned Names and Numbers)** est l'organisation à but non lucratif responsable de la coordination de la maintenance et de la sécurité des identifiants uniques de l'Internet mondial.
+
+L'ICANN agit comme le principal organe de gouvernance pour l'infrastructure technique du DNS. Ses responsabilités incluent :
+
+  * **Fonctions IANA** : Gestion de l'allocation de l'espace d'adressage IP et de la Zone Racine du DNS.
+  * **Développement de politiques** : Faciliter la création de politiques mondiales pour le système de noms de domaine via un modèle multipartite.
+
+## Gestion des domaines de premier niveau
+
+L'ICANN décide quels nouveaux domaines de premier niveau (TLD) sont ajoutés à la Zone Racine.
+
+  * Elle supervise le **Programme des nouveaux gTLD**, qui a étendu Internet de quelques douzaines d'extensions (comme `.com`) à plus de 1 000 (comme `.app`, `.shop`).
+  * Elle délègue les **ccTLD** (comme `.uk`, `.fr`) à des gestionnaires nationaux spécifiques, bien qu'elle ait moins de contrôle direct sur leurs politiques locales.
+
+<LinkCard
+title="Domaine de premier niveau"
+description="Un aperçu des domaines de premier niveau (TLD) et leur classification (gTLD, ccTLD, etc.)."
+href="/fr/definitions/top-level-domain/"/>
+
+## Accréditation des bureaux d’enregistrement
+
+L’ICANN publie sur son site internet [la liste complète des bureaux d’enregistrement accrédités](https://www.icann.org/en/contracted-parties/accredited-registrars/list-of-accredited-registrars).
+
+### Les avantages de l’accréditation ICANN
+
+Les bureaux d’enregistrement accrédités sont habilités à enregistrer des noms de domaine relevant des [noms de domaine de premier niveau génériques (gTLD)](/en/definitions/top-level-domain/#generic-tld-gtld).
+Pour ces extensions, l’accréditation constitue un prérequis indispensable afin que les registres accordent un accès EPP au bureau d’enregistrement.
+
+Pour certains [noms de domaine de premier niveau géographiques (ccTLD)](/en/definitions/top-level-domain/#country-code-tld-cctld), l’accréditation ICANN n’est toutefois pas obligatoire.
+C’est par exemple le cas de l’AFNIC (Association Française pour le Nommage Internet en Coopération), qui dispose de son propre processus d’accréditation, décrit sur [son site internet](https://www.afnic.fr/produits-services/services-associes/devenir-bureau-denregistrement-laccreditation-de-lafnic/).
+Ce fonctionnement permet à des structures de plus petite taille d’exercer le rôle de bureau d’enregistrement à l’échelle nationale.
+
+### Le processus d’accréditation ICANN
+
+À ce jour, 11 étapes sont nécessaires pour obtenir l’accréditation de l’ICANN. Le détail de ces étapes est disponible sur [le site officiel de l’ICANN](https://www.icann.org/en/contracted-parties/accredited-registrars/how-to-become-a-registrar).
+
+## Voir aussi
+
+  - [Site officiel](https://www.icann.org/)

docs/src/content/docs/fr/definitions/rdap.mdx

@@ -0,0 +1,29 @@
+---
+title: Protocole RDAP
+description: Découvrez RDAP pour un accès structuré aux données d'enregistrement et de propriété des noms de domaines.
+---
+
+import {LinkCard} from "@astrojs/starlight/components";
+
+Le **RDAP (Registration Data Access Protocol)** est la norme moderne pour accéder aux données d'enregistrement. Il a été conçu pour remplacer l'ancien protocole WHOIS en remédiant à son manque de standardisation et de sécurité.
+
+## Améliorations clés par rapport à WHOIS
+
+  * **Données structurées (JSON)** : Contrairement à WHOIS, qui renvoie du texte libre non structuré, RDAP renvoie des données au format JSON. Cela permet une analyse automatisée facile et un affichage cohérent par les clients.
+  * **Requêtes standardisées** : RDAP utilise des services web RESTful (HTTP/HTTPS).
+  * **Internationalisation** : Support natif des caractères non latins (IDN).
+  * **Accès différencié** : RDAP prend en charge l'authentification, permettant aux registres d'afficher des données limitées au public (conformité RGPD) tout en fournissant des données complètes aux autorités accréditées.
+
+<LinkCard
+title="Protocole WHOIS"
+description="Obtenez un aperçu du protocole WHOIS."
+href="/fr/definitions/whois/"/>
+
+## État du déploiement
+
+L'ICANN rend obligatoire la mise en œuvre de RDAP pour tous les bureaux d'enregistrement accrédités et les registres gTLD.
+Alors que WHOIS est encore largement utilisé par les systèmes hérités, RDAP est la source faisant autorité pour les données d'enregistrement gTLD. L'adoption parmi les ccTLD est volontaire et en cours.
+
+## Voir aussi
+
+  - [Tableau de bord de déploiement RDAP](https://deployment.rdap.org)