AuthMeReloaded

mirror of https://github.com/AuthMe/AuthMeReloaded.git synced 2024-11-14 22:35:54 +01:00

Author	SHA1	Message	Date
dependabot[bot]	683c897c0f	Bump mockito-core from 4.7.0 to 4.8.0 (#2613 ) Bumps [mockito-core](https://github.com/mockito/mockito) from 4.7.0 to 4.8.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.7.0...v4.8.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-10-09 22:03:47 +02:00
Gabriele C	fefeead323	Fix duplicated repository in pom.xml	2022-10-09 22:03:09 +02:00
dependabot[bot]	3f5353a328	Bump checker-qual from 3.24.0 to 3.25.0 (#2612 ) Bumps [checker-qual](https://github.com/typetools/checker-framework) from 3.24.0 to 3.25.0. - [Release notes](https://github.com/typetools/checker-framework/releases) - [Changelog](https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/typetools/checker-framework/compare/checker-framework-3.24.0...checker-framework-3.25.0) --- updated-dependencies: - dependency-name: org.checkerframework:checker-qual dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-07 22:10:46 +02:00
dependabot[bot]	dca829650c	Bump sqlite-jdbc from 3.39.2.0 to 3.39.2.1 (#2610 ) Bumps [sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) from 3.39.2.0 to 3.39.2.1. - [Release notes](https://github.com/xerial/sqlite-jdbc/releases) - [Changelog](https://github.com/xerial/sqlite-jdbc/blob/master/CHANGELOG) - [Commits](https://github.com/xerial/sqlite-jdbc/compare/3.39.2.0...3.39.2.1) --- updated-dependencies: - dependency-name: org.xerial:sqlite-jdbc dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-07 22:10:37 +02:00
dependabot[bot]	37b8728197	Bump postgresql from 42.4.2 to 42.5.0 (#2609 ) Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.4.2 to 42.5.0. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.4.2...REL42.5.0) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-07 22:10:30 +02:00
dependabot[bot]	50a1f9de98	Bump EssentialsX from 2.19.6 to 2.19.7 (#2608 ) Bumps [EssentialsX](https://github.com/EssentialsX/Essentials) from 2.19.6 to 2.19.7. - [Release notes](https://github.com/EssentialsX/Essentials/releases) - [Commits](https://github.com/EssentialsX/Essentials/compare/2.19.6...2.19.7) --- updated-dependencies: - dependency-name: net.essentialsx:EssentialsX dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-09-07 22:10:20 +02:00
Gabriele C	51760c4a8c	Change the essentialsx repository	2022-09-07 22:09:29 +02:00
ChanceSD	0d29c18ab4	Fix automatic antibot (#2611 )	2022-09-02 13:54:22 +02:00
ljacqu	63780e3f7c	Add Checkstyle rule to disallow toLowerCase() and toUpperCase() without Locale (#2606 )	2022-08-21 01:12:57 +02:00
Gabriele C	0f24197323	Merge remote-tracking branch 'origin/master'	2022-08-20 04:41:29 +02:00
Gabriele C	75b3a571e1	Always specify Locale on toLowerCase and toUpperCase usages, fixes AuthMe not working correctly on machines with turkish locale. ('I'.toLowerCase() => 'ı')	2022-08-20 04:41:04 +02:00
dependabot[bot]	909617fce1	Bump postgresql from 42.4.1 to 42.4.2 (#2605 ) Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.4.1 to 42.4.2. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.4.1...REL42.4.2) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-19 16:45:52 +02:00
Gabriele C	c38e2aba28	Fix bungee message order (login -> connect)	2022-08-18 03:41:31 +02:00
Gabriele C	6f1c63e693	Add delay to bungee force-login messages	2022-08-18 03:39:40 +02:00
Gabriele C	b65ffd7c74	Send logout message to bungee on self-unregister	2022-08-18 02:04:08 +02:00
Gabriele C	7c8bbe6294	Remove cache-update bungee messages, always use the player in the context to send bungee messages, minor codestyle changes	2022-08-18 01:48:34 +02:00
dependabot[bot]	fd0a0a1155	Bump mockito-core from 4.6.1 to 4.7.0 (#2604 ) Bumps [mockito-core](https://github.com/mockito/mockito) from 4.6.1 to 4.7.0. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.6.1...v4.7.0) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-18 00:45:10 +02:00
dependabot[bot]	af2fbd0558	Bump maven-javadoc-plugin from 3.4.0 to 3.4.1 (#2603 ) Bumps [maven-javadoc-plugin](https://github.com/apache/maven-javadoc-plugin) from 3.4.0 to 3.4.1. - [Release notes](https://github.com/apache/maven-javadoc-plugin/releases) - [Commits](https://github.com/apache/maven-javadoc-plugin/compare/maven-javadoc-plugin-3.4.0...maven-javadoc-plugin-3.4.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-javadoc-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-18 00:44:55 +02:00
dependabot[bot]	ec9de15bb9	Bump EssentialsX from 2.19.4 to 2.19.6 (#2602 ) Bumps [EssentialsX](https://github.com/EssentialsX/Essentials) from 2.19.4 to 2.19.6. - [Release notes](https://github.com/EssentialsX/Essentials/releases) - [Commits](https://github.com/EssentialsX/Essentials/compare/2.19.4...2.19.6) --- updated-dependencies: - dependency-name: net.essentialsx:EssentialsX dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-18 00:44:44 +02:00
dependabot[bot]	70f06b6da8	Bump sqlite-jdbc from 3.36.0.3 to 3.39.2.0 (#2596 ) Bumps [sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) from 3.36.0.3 to 3.39.2.0. - [Release notes](https://github.com/xerial/sqlite-jdbc/releases) - [Changelog](https://github.com/xerial/sqlite-jdbc/blob/master/CHANGELOG) - [Commits](https://github.com/xerial/sqlite-jdbc/compare/3.36.0.3...3.39.2.0) --- updated-dependencies: - dependency-name: org.xerial:sqlite-jdbc dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-10 12:26:59 +02:00
dependabot[bot]	1869c3097f	Bump maven-site-plugin from 3.12.0 to 3.12.1 (#2595 ) Bumps [maven-site-plugin](https://github.com/apache/maven-site-plugin) from 3.12.0 to 3.12.1. - [Release notes](https://github.com/apache/maven-site-plugin/releases) - [Commits](https://github.com/apache/maven-site-plugin/compare/maven-site-plugin-3.12.0...maven-site-plugin-3.12.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-site-plugin dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-10 12:26:54 +02:00
dependabot[bot]	4b2a122581	Bump mariadb-java-client from 3.0.6 to 3.0.7 (#2594 ) Bumps [mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) from 3.0.6 to 3.0.7. - [Release notes](https://github.com/mariadb-corporation/mariadb-connector-j/releases) - [Changelog](https://github.com/mariadb-corporation/mariadb-connector-j/blob/master/CHANGELOG.md) - [Commits](https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.0.6...3.0.7) --- updated-dependencies: - dependency-name: org.mariadb.jdbc:mariadb-java-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-10 12:26:47 +02:00
dependabot[bot]	817a4af65b	Bump checker-qual from 3.23.0 to 3.24.0 (#2593 ) Bumps [checker-qual](https://github.com/typetools/checker-framework) from 3.23.0 to 3.24.0. - [Release notes](https://github.com/typetools/checker-framework/releases) - [Changelog](https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/typetools/checker-framework/compare/checker-framework-3.23.0...checker-framework-3.24.0) --- updated-dependencies: - dependency-name: org.checkerframework:checker-qual dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-10 12:26:40 +02:00
dependabot[bot]	aaba6dc24d	Bump postgresql from 42.4.0 to 42.4.1 (#2592 ) Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.4.0 to 42.4.1. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.4.0...REL42.4.1) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-08-10 12:26:32 +02:00
Gabriele C	9c928e04e5	Bump the mysql connector version	2022-07-28 18:48:35 +02:00
Gabriele C	4fe6cfe485	Bump the mysql connector version, fix minor dependency shading issues	2022-07-28 18:42:06 +02:00
Gabriele C	053519faa4	Merge branch 'HarvelsX-mariadb'	2022-07-28 18:12:44 +02:00
Gabriele C	24d03aa1e2	Add missing "MARIADB" datasource backend to the configuration file, remove "mySQLDriverClassName" property as it is no longer needed.	2022-07-28 18:11:57 +02:00
Gabriele C	6d49d798f1	Merge branch 'mariadb' of https://github.com/HarvelsX/AuthMeReloaded into HarvelsX-mariadb	2022-07-28 17:46:57 +02:00
dependabot[bot]	be2881182f	Bump maven-resources-plugin from 3.2.0 to 3.3.0 (#2586 ) Bumps [maven-resources-plugin](https://github.com/apache/maven-resources-plugin) from 3.2.0 to 3.3.0. - [Release notes](https://github.com/apache/maven-resources-plugin/releases) - [Commits](https://github.com/apache/maven-resources-plugin/compare/maven-resources-plugin-3.2.0...maven-resources-plugin-3.3.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-resources-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-27 23:37:43 +02:00
dependabot[bot]	4652aae8f7	Bump maven-install-plugin from 2.5.2 to 3.0.1 (#2583 ) Bumps [maven-install-plugin](https://github.com/apache/maven-install-plugin) from 2.5.2 to 3.0.1. - [Release notes](https://github.com/apache/maven-install-plugin/releases) - [Commits](https://github.com/apache/maven-install-plugin/compare/maven-install-plugin-2.5.2...maven-install-plugin-3.0.1) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-install-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-27 23:37:37 +02:00
dependabot[bot]	61710e9a47	Bump maven-deploy-plugin from 2.8.2 to 3.0.0 (#2580 ) Bumps [maven-deploy-plugin](https://github.com/apache/maven-deploy-plugin) from 2.8.2 to 3.0.0. - [Release notes](https://github.com/apache/maven-deploy-plugin/releases) - [Commits](https://github.com/apache/maven-deploy-plugin/compare/maven-deploy-plugin-2.8.2...maven-deploy-plugin-3.0.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-deploy-plugin dependency-type: direct:production update-type: version-update:semver-major ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-27 23:37:26 +02:00
HarvelsX	a9898fd806	Add support MariaDB driver: https://github.com/AuthMe/AuthMeReloaded/issues/2556 ;	2022-07-25 12:14:26 +03:00
HarvelsX	ed4200b23f	Fix column check: https://github.com/AuthMe/AuthMeReloaded/issues/2543 ;	2022-07-25 12:14:17 +03:00
Gabriele C	0ac1854a52	Implement allowPublicKeyRetrieval option in mysql datasource	2022-07-18 13:03:05 +02:00
Gabriele C	d07cb90858	Fix build under jdk 9+	2022-07-18 13:01:51 +02:00
Gabriele C	a67a4bb72b	Don't let unrestricted usernames bypass the locked ip-username check	2022-07-17 18:40:11 +02:00
Gabriele C	64c45c43df	Update dependencies	2022-07-17 18:36:06 +02:00
Lê Huy Mạnh Tân	f1f5434b4b	Finished translating messages_vn.yml (#2569 ) Fixed some typo's and finished translating	2022-07-16 18:36:10 +02:00
Caro	7530528432	Add test for AuthMeApi.getLastLoginMillis (#2562 )	2022-07-16 18:35:42 +02:00
dependabot[bot]	9d9e039cac	Bump checker-qual from 3.22.1 to 3.23.0 (#2578 ) Bumps [checker-qual](https://github.com/typetools/checker-framework) from 3.22.1 to 3.23.0. - [Release notes](https://github.com/typetools/checker-framework/releases) - [Changelog](https://github.com/typetools/checker-framework/blob/master/docs/CHANGELOG.md) - [Commits](https://github.com/typetools/checker-framework/compare/checker-framework-3.22.1...checker-framework-3.23.0) --- updated-dependencies: - dependency-name: org.checkerframework:checker-qual dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-16 18:35:09 +02:00
games647	dbf9afbf82	Run workflows for pull requests too to verify the test results (#2574 )	2022-07-16 18:35:03 +02:00
dependabot[bot]	291790178d	Bump mariadb-java-client from 3.0.4 to 3.0.6 (#2570 ) Bumps [mariadb-java-client](https://github.com/mariadb-corporation/mariadb-connector-j) from 3.0.4 to 3.0.6. - [Release notes](https://github.com/mariadb-corporation/mariadb-connector-j/releases) - [Changelog](https://github.com/mariadb-corporation/mariadb-connector-j/blob/master/CHANGELOG.md) - [Commits](https://github.com/mariadb-corporation/mariadb-connector-j/compare/3.0.4...3.0.6) --- updated-dependencies: - dependency-name: org.mariadb.jdbc:mariadb-java-client dependency-type: direct:production update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-16 18:34:50 +02:00
dependabot[bot]	a111d6799e	Bump h2 from 2.1.212 to 2.1.214 (#2563 ) Bumps [h2](https://github.com/h2database/h2database) from 2.1.212 to 2.1.214. - [Release notes](https://github.com/h2database/h2database/releases) - [Commits](https://github.com/h2database/h2database/compare/version-2.1.212...version-2.1.214) --- updated-dependencies: - dependency-name: com.h2database:h2 dependency-type: direct:development update-type: version-update:semver-patch ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-16 18:34:43 +02:00
dependabot[bot]	a14b8bd60e	Bump maven-enforcer-plugin from 3.0.0 to 3.1.0 (#2561 ) Bumps [maven-enforcer-plugin](https://github.com/apache/maven-enforcer) from 3.0.0 to 3.1.0. - [Release notes](https://github.com/apache/maven-enforcer/releases) - [Commits](https://github.com/apache/maven-enforcer/compare/enforcer-3.0.0...enforcer-3.1.0) --- updated-dependencies: - dependency-name: org.apache.maven.plugins:maven-enforcer-plugin dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-16 18:34:35 +02:00
dependabot[bot]	18613cb3cc	Bump postgresql from 42.3.6 to 42.4.0 (#2554 ) Bumps [postgresql](https://github.com/pgjdbc/pgjdbc) from 42.3.6 to 42.4.0. - [Release notes](https://github.com/pgjdbc/pgjdbc/releases) - [Changelog](https://github.com/pgjdbc/pgjdbc/blob/master/CHANGELOG.md) - [Commits](https://github.com/pgjdbc/pgjdbc/compare/REL42.3.6...REL42.4.0) --- updated-dependencies: - dependency-name: org.postgresql:postgresql dependency-type: direct:production update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-07-16 18:34:25 +02:00
games647	0b6c92949c	Add test for the warning if the BungeeCord is enabled	2022-07-06 15:27:49 +02:00
games647	32d92e13c5	[Security] Disable BungeeCord hook if the proxy is disable in Spigot (#2572 from @Ghost-chu) If Spigot is running without a proxy, an incoming BungeeCord can also originate from a malicious player. This happens, because there is no proxy preventing this message. There appears to be no method to check if this message comes from a trusted source from the Bukkit side. This implementation checks if BungeeCord support is enabled in Spigot. This means that we notify them that we actually expect a proxy enabled configuration for this feature. This solves the issue, where the hook was enabled, because the server was earlier configured with proxies in mind, but they are no longer used. Nevertheless this doesn't fully solve the issue, because in misconfigured setups, where the Spigot server is publicly accessible, it's still possible. However this is always a recommended configuration step. Alternative solutions were rejected like: 1) Check on incoming BungeeCord message, if we received BungeeCord forwarding data during login This data can be fully faked by the player too. 2) Check the connection properties if the appearing proxy is local. While this is possible, there instance that the proxy is not on the same network although it's legitimate. Although it could be possible to introduce this with a configuration option, but it would increase the complexity for users. Related #2559 Related #2571	2022-07-06 15:08:08 +02:00
Ghost_chu	25cf85a7dc	Execute simple check before enable BungeeCord hook. This commit added a simple check that check spigot.yml -> settings.bungeecord status by using AuthMe built-in method bukkitService.isBungeeCordConfiguredForSpigot() and disable hook if it enabled and not behind an BungeeCord proxy. Register plugin message channel without BungeeCord proxy will allow attacker send fake login payload to treat AuthMe login with Plugin Message for him and bypass the user login. This commit also updated SettingsWarner for new behavior.	2022-07-06 15:39:06 +08:00
dependabot[bot]	3892bb6923	Bump mockito-core from 4.4.0 to 4.6.1 (#2551 ) Bumps [mockito-core](https://github.com/mockito/mockito) from 4.4.0 to 4.6.1. - [Release notes](https://github.com/mockito/mockito/releases) - [Commits](https://github.com/mockito/mockito/compare/v4.4.0...v4.6.1) --- updated-dependencies: - dependency-name: org.mockito:mockito-core dependency-type: direct:development update-type: version-update:semver-minor ... Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>	2022-06-04 02:13:01 +02:00

1 2 3 4 5 ...

4097 Commits