Aurora Lahtela
d3be0e9f89
Optimized server latest join addresses query
...
Original benchmark: 19 seconds
Improved benchmark: 150 milliseconds
-> 120x faster
2023-01-21 12:47:13 +02:00
Aurora Lahtela
987fb7b56a
Optimized server player list table query
...
Original benchmark: 4 seconds
Improved benchmark: 500 milliseconds
-> 8x faster
2023-01-21 12:17:46 +02:00
Aurora Lahtela
1b0942c988
Unit test Benchmark utility
2023-01-21 12:04:58 +02:00
Aurora Lahtela
dda7199a1a
Fix more sonar smells
2023-01-20 22:54:54 +02:00
Aurora Lahtela
52a80622ce
Fix sonar smells in fabric module
2023-01-20 22:17:40 +02:00
Aurora Lahtela
2eba115f6f
Wrote tests for some commands
2023-01-20 21:03:15 +02:00
dependabot[bot]
c22da1bf76
Bump i18next from 22.4.8 to 22.4.9 in /Plan/react/dashboard ( #2827 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.4.8 to 22.4.9.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.4.8...v22.4.9 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:05:07 +02:00
dependabot[bot]
04c43fac79
Bump react-i18next from 12.1.1 to 12.1.4 in /Plan/react/dashboard ( #2828 )
...
Bumps [react-i18next](https://github.com/i18next/react-i18next ) from 12.1.1 to 12.1.4.
- [Release notes](https://github.com/i18next/react-i18next/releases )
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/react-i18next/compare/v12.1.1...v12.1.4 )
---
updated-dependencies:
- dependency-name: react-i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:57 +02:00
dependabot[bot]
e21e7aa068
Bump geoip2 from 3.0.2 to 4.0.0 in /Plan ( #2787 )
...
Bumps [geoip2](https://github.com/maxmind/GeoIP2-java ) from 3.0.2 to 4.0.0.
- [Release notes](https://github.com/maxmind/GeoIP2-java/releases )
- [Changelog](https://github.com/maxmind/GeoIP2-java/blob/main/CHANGELOG.md )
- [Commits](https://github.com/maxmind/GeoIP2-java/compare/v3.0.2...v4.0.0 )
---
updated-dependencies:
- dependency-name: com.maxmind.geoip2:geoip2
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:49 +02:00
dependabot[bot]
5bc58a893a
Bump gson from 2.10 to 2.10.1 in /Plan ( #2823 )
...
Bumps [gson](https://github.com/google/gson ) from 2.10 to 2.10.1.
- [Release notes](https://github.com/google/gson/releases )
- [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/gson/compare/gson-parent-2.10...gson-parent-2.10.1 )
---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:26 +02:00
dependabot[bot]
6e29d62f17
Bump junit-jupiter from 5.9.1 to 5.9.2 in /Plan ( #2825 )
...
Bumps [junit-jupiter](https://github.com/junit-team/junit5 ) from 5.9.1 to 5.9.2.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2 )
---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:11 +02:00
dependabot[bot]
7ae218f558
Bump react-router-dom from 6.4.5 to 6.7.0 in /Plan/react/dashboard ( #2836 )
...
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom ) from 6.4.5 to 6.7.0.
- [Release notes](https://github.com/remix-run/react-router/releases )
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md )
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.7.0/packages/react-router-dom )
---
updated-dependencies:
- dependency-name: react-router-dom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:42:57 +02:00
dependabot[bot]
5f66370ec9
Bump io.swagger.core.v3.swagger-gradle-plugin in /Plan ( #2824 )
...
Bumps io.swagger.core.v3.swagger-gradle-plugin from 2.2.7 to 2.2.8.
---
updated-dependencies:
- dependency-name: io.swagger.core.v3.swagger-gradle-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:21 +02:00
dependabot[bot]
468aada307
Bump swaggerVersion from 2.2.7 to 2.2.8 in /Plan ( #2826 )
...
Bumps `swaggerVersion` from 2.2.7 to 2.2.8.
Updates `swagger-core-jakarta` from 2.2.7 to 2.2.8
Updates `swagger-jaxrs2-jakarta` from 2.2.7 to 2.2.8
---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-core-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: io.swagger.core.v3:swagger-jaxrs2-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:07 +02:00
dependabot[bot]
446a4c1cb3
Bump mockitoVersion from 4.11.0 to 5.0.0 in /Plan ( #2835 )
...
Bumps `mockitoVersion` from 4.11.0 to 5.0.0.
Updates `mockito-core` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
Updates `mockito-junit-jupiter` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:27:48 +02:00
dependabot[bot]
1c1aa08948
Bump mysql-connector-java from 8.0.31 to 8.0.32 in /Plan ( #2834 )
...
Bumps mysql-connector-java from 8.0.31 to 8.0.32.
---
updated-dependencies:
- dependency-name: mysql:mysql-connector-java
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:16:02 +02:00
dependabot[bot]
7a44a91546
Bump axios from 1.2.2 to 1.2.3 in /Plan/react/dashboard ( #2837 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:15:43 +02:00
Aurora Lahtela
1f1a8e0de2
Unregister placeholder extension when Plan disables
...
Affects issues:
- Fixed #2833
2023-01-17 17:52:12 +02:00
AuroraLS3
75e9057919
Update versions.txt 5.5 build 2172 - CRITICAL security vulnerability fix
2023-01-15 08:43:42 +00:00
Aurora Lahtela
9e11d9f484
Removed untrusted data from exception messages in case they end up on the webpage
2023-01-15 10:04:10 +02:00
Aurora Lahtela
f20a04809c
Test against and identify path traversal vulnerability in other methods
2023-01-15 09:30:30 +02:00
Aurora Lahtela
b0a1bc1fb1
Prevent malicious join address packet from breaking session serialization
2023-01-15 09:01:28 +02:00
Aurora Lahtela
38785a9505
Added Untrusted-annotation to be more careful around user given data
...
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
2023-01-14 23:25:35 +02:00
Aurora Lahtela
82274ae658
Fix issue due to 'None' translation in FI language
2023-01-14 12:12:45 +02:00
Aurora Lahtela
bd85f10c55
Fix customized resource lookup Path Traversal vulnerability
...
Affects issues:
- Fixed #2830
2023-01-13 23:23:12 +02:00
Aurora Lahtela
205692af65
Updated Finnish Locale
2023-01-08 14:47:25 +02:00
Aurora Lahtela
4580666426
Update locale files with new language
2023-01-08 14:09:45 +02:00
AuroraLS3
c8e720cd24
Update versions.txt 5.5 build 2163
2023-01-07 10:09:22 +00:00
Aurora Lahtela
5ba6e0dc9f
Fix concurrency issues with json cache and database
2023-01-07 11:45:58 +02:00
Aurora Lahtela
9622f6a614
Disable BadAFKThresholdValuePatch
2023-01-06 23:06:17 +02:00
Aurora Lahtela
97b9a18cea
Catch session deserialization errors during enable
2023-01-06 19:40:04 +02:00
dependabot[bot]
85b4a51515
Bump json5 from 1.0.1 to 1.0.2 in /Plan/react/dashboard ( #2817 )
...
Bumps [json5](https://github.com/json5/json5 ) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases )
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md )
- [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2 )
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 15:24:46 +02:00
Aurora Lahtela
e660655136
Disable ReverseProxyRegressionTest
2023-01-06 14:41:50 +02:00
Aurora Lahtela
aa897fe8de
Implemented support for reverse-proxy subdirectory addresses
...
Reverse proxied version of React website now works
when subdirectory address is used (eg. /plan/...)
The functionality was unit tested to ensure things work
2023-01-06 14:24:18 +02:00
Aurora Lahtela
5082f80030
Implemented support for subdirectory addresses
...
Export of React version of frontend now supports exporting to a subdirectory
So now you can access exported site at /plan/... if it is hosted there.
This might impact reverse proxy setups positively, but that has not yet been tested.
The hypothetical positive impact is the inclusion of subdirectory in the React-router
configuration, since now it can handle the reverse-proxy subdirectory in URL.
2023-01-06 12:12:45 +02:00
dependabot[bot]
ac2fa2ecce
Bump i18next from 22.4.6 to 22.4.8 in /Plan/react/dashboard ( #2816 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.4.6 to 22.4.8.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.4.6...v22.4.8 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 09:13:24 +02:00
dependabot[bot]
86285b2915
Bump mockitoVersion from 4.10.0 to 4.11.0 in /Plan ( #2808 )
...
Bumps `mockitoVersion` from 4.10.0 to 4.11.0.
Updates `mockito-core` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0 )
Updates `mockito-junit-jupiter` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:32 +02:00
dependabot[bot]
0d89122988
Bump sass from 1.56.2 to 1.57.1 in /Plan/react/dashboard ( #2800 )
...
Bumps [sass](https://github.com/sass/dart-sass ) from 1.56.2 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases )
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md )
- [Commits](https://github.com/sass/dart-sass/compare/1.56.2...1.57.1 )
---
updated-dependencies:
- dependency-name: sass
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:14 +02:00
dependabot[bot]
b9432673c6
Bump axios from 1.2.1 to 1.2.2 in /Plan/react/dashboard ( #2809 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/v1.2.1...1.2.2 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:53 +02:00
dependabot[bot]
d941e7f858
Bump com.github.node-gradle.node from 3.5.0 to 3.5.1 in /Plan ( #2811 )
...
Bumps com.github.node-gradle.node from 3.5.0 to 3.5.1.
---
updated-dependencies:
- dependency-name: com.github.node-gradle.node
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:34 +02:00
AuroraLS3
c1084364fb
Update versions.txt 5.5 build 2150 - Hotfix
2022-12-30 11:58:24 +00:00
AuroraLS3
8e88b3a9a6
Make undefined join address id guesstimate based on existing data
2022-12-30 13:26:53 +02:00
AuroraLS3
a8dbc3288e
Fix checkstyle
2022-12-29 21:06:52 +02:00
AuroraLS3
bf63b29f72
Set bad join address ids as unknown
2022-12-29 20:54:23 +02:00
AuroraLS3
d0030fc6e3
Fix BadJoinAddressDataCorrectionPatch
2022-12-29 20:31:23 +02:00
Aurora Lahtela
6e8dc2215e
Remove build 2124 from version notifications
2022-12-28 10:56:32 +02:00
AuroraLS3
20bac03831
Update versions.txt 5.5 build 2144
2022-12-20 17:45:36 +00:00
Aurora Lahtela
626d63a87d
Optimized BadJoinAddressDataCorrectionPatch using INSTR
2022-12-20 19:32:09 +02:00
dependabot[bot]
0eb5e5e7eb
Bump i18next-http-backend from 2.0.2 to 2.1.1 in /Plan/react/dashboard ( #2795 )
...
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend ) from 2.0.2 to 2.1.1.
- [Release notes](https://github.com/i18next/i18next-http-backend/releases )
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.0.2...v2.1.1 )
---
updated-dependencies:
- dependency-name: i18next-http-backend
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:09:09 +02:00
dependabot[bot]
6a95b38355
Bump i18next from 22.1.4 to 22.4.6 in /Plan/react/dashboard ( #2796 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.1.4 to 22.4.6.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.1.4...v22.4.6 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:08:59 +02:00