Commit Graph

5770 Commits

Author SHA1 Message Date
Aurora Lahtela
d3be0e9f89 Optimized server latest join addresses query
Original benchmark: 19 seconds
Improved benchmark: 150 milliseconds
-> 120x faster
2023-01-21 12:47:13 +02:00
Aurora Lahtela
987fb7b56a Optimized server player list table query
Original benchmark: 4 seconds
Improved benchmark: 500 milliseconds
-> 8x faster
2023-01-21 12:17:46 +02:00
Aurora Lahtela
1b0942c988 Unit test Benchmark utility 2023-01-21 12:04:58 +02:00
Aurora Lahtela
dda7199a1a Fix more sonar smells 2023-01-20 22:54:54 +02:00
Aurora Lahtela
52a80622ce Fix sonar smells in fabric module 2023-01-20 22:17:40 +02:00
Aurora Lahtela
2eba115f6f Wrote tests for some commands 2023-01-20 21:03:15 +02:00
dependabot[bot]
c22da1bf76
Bump i18next from 22.4.8 to 22.4.9 in /Plan/react/dashboard (#2827)
Bumps [i18next](https://github.com/i18next/i18next) from 22.4.8 to 22.4.9.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v22.4.8...v22.4.9)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:05:07 +02:00
dependabot[bot]
04c43fac79
Bump react-i18next from 12.1.1 to 12.1.4 in /Plan/react/dashboard (#2828)
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 12.1.1 to 12.1.4.
- [Release notes](https://github.com/i18next/react-i18next/releases)
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v12.1.1...v12.1.4)

---
updated-dependencies:
- dependency-name: react-i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:57 +02:00
dependabot[bot]
e21e7aa068
Bump geoip2 from 3.0.2 to 4.0.0 in /Plan (#2787)
Bumps [geoip2](https://github.com/maxmind/GeoIP2-java) from 3.0.2 to 4.0.0.
- [Release notes](https://github.com/maxmind/GeoIP2-java/releases)
- [Changelog](https://github.com/maxmind/GeoIP2-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/maxmind/GeoIP2-java/compare/v3.0.2...v4.0.0)

---
updated-dependencies:
- dependency-name: com.maxmind.geoip2:geoip2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:49 +02:00
dependabot[bot]
5bc58a893a
Bump gson from 2.10 to 2.10.1 in /Plan (#2823)
Bumps [gson](https://github.com/google/gson) from 2.10 to 2.10.1.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.10...gson-parent-2.10.1)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:26 +02:00
dependabot[bot]
6e29d62f17
Bump junit-jupiter from 5.9.1 to 5.9.2 in /Plan (#2825)
Bumps [junit-jupiter](https://github.com/junit-team/junit5) from 5.9.1 to 5.9.2.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:11 +02:00
dependabot[bot]
7ae218f558
Bump react-router-dom from 6.4.5 to 6.7.0 in /Plan/react/dashboard (#2836)
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.4.5 to 6.7.0.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.7.0/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:42:57 +02:00
dependabot[bot]
5f66370ec9
Bump io.swagger.core.v3.swagger-gradle-plugin in /Plan (#2824)
Bumps io.swagger.core.v3.swagger-gradle-plugin from 2.2.7 to 2.2.8.

---
updated-dependencies:
- dependency-name: io.swagger.core.v3.swagger-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:21 +02:00
dependabot[bot]
468aada307
Bump swaggerVersion from 2.2.7 to 2.2.8 in /Plan (#2826)
Bumps `swaggerVersion` from 2.2.7 to 2.2.8.

Updates `swagger-core-jakarta` from 2.2.7 to 2.2.8

Updates `swagger-jaxrs2-jakarta` from 2.2.7 to 2.2.8

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-core-jakarta
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.swagger.core.v3:swagger-jaxrs2-jakarta
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:07 +02:00
dependabot[bot]
446a4c1cb3
Bump mockitoVersion from 4.11.0 to 5.0.0 in /Plan (#2835)
Bumps `mockitoVersion` from 4.11.0 to 5.0.0.

Updates `mockito-core` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0)

Updates `mockito-junit-jupiter` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:27:48 +02:00
dependabot[bot]
1c1aa08948
Bump mysql-connector-java from 8.0.31 to 8.0.32 in /Plan (#2834)
Bumps mysql-connector-java from 8.0.31 to 8.0.32.

---
updated-dependencies:
- dependency-name: mysql:mysql-connector-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:16:02 +02:00
dependabot[bot]
7a44a91546
Bump axios from 1.2.2 to 1.2.3 in /Plan/react/dashboard (#2837)
Bumps [axios](https://github.com/axios/axios) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/1.2.2...v1.2.3)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:15:43 +02:00
Aurora Lahtela
1f1a8e0de2 Unregister placeholder extension when Plan disables
Affects issues:
- Fixed #2833
2023-01-17 17:52:12 +02:00
AuroraLS3
75e9057919 Update versions.txt 5.5 build 2172 - CRITICAL security vulnerability fix 2023-01-15 08:43:42 +00:00
Aurora Lahtela
9e11d9f484 Removed untrusted data from exception messages in case they end up on the webpage 2023-01-15 10:04:10 +02:00
Aurora Lahtela
f20a04809c Test against and identify path traversal vulnerability in other methods 2023-01-15 09:30:30 +02:00
Aurora Lahtela
b0a1bc1fb1 Prevent malicious join address packet from breaking session serialization 2023-01-15 09:01:28 +02:00
Aurora Lahtela
38785a9505 Added Untrusted-annotation to be more careful around user given data
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
2023-01-14 23:25:35 +02:00
Aurora Lahtela
82274ae658 Fix issue due to 'None' translation in FI language 2023-01-14 12:12:45 +02:00
Aurora Lahtela
bd85f10c55 Fix customized resource lookup Path Traversal vulnerability
Affects issues:
- Fixed #2830
2023-01-13 23:23:12 +02:00
Aurora Lahtela
205692af65 Updated Finnish Locale 2023-01-08 14:47:25 +02:00
Aurora Lahtela
4580666426 Update locale files with new language 2023-01-08 14:09:45 +02:00
AuroraLS3
c8e720cd24 Update versions.txt 5.5 build 2163 2023-01-07 10:09:22 +00:00
Aurora Lahtela
5ba6e0dc9f Fix concurrency issues with json cache and database 2023-01-07 11:45:58 +02:00
Aurora Lahtela
9622f6a614
Disable BadAFKThresholdValuePatch 2023-01-06 23:06:17 +02:00
Aurora Lahtela
97b9a18cea Catch session deserialization errors during enable 2023-01-06 19:40:04 +02:00
dependabot[bot]
85b4a51515
Bump json5 from 1.0.1 to 1.0.2 in /Plan/react/dashboard (#2817)
Bumps [json5](https://github.com/json5/json5) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases)
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md)
- [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2)

---
updated-dependencies:
- dependency-name: json5
  dependency-type: indirect
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 15:24:46 +02:00
Aurora Lahtela
e660655136 Disable ReverseProxyRegressionTest 2023-01-06 14:41:50 +02:00
Aurora Lahtela
aa897fe8de Implemented support for reverse-proxy subdirectory addresses
Reverse proxied version of React website now works
when subdirectory address is used (eg. /plan/...)

The functionality was unit tested to ensure things work
2023-01-06 14:24:18 +02:00
Aurora Lahtela
5082f80030 Implemented support for subdirectory addresses
Export of React version of frontend now supports exporting to a subdirectory
So now you can access exported site at /plan/... if it is hosted there.

This might impact reverse proxy setups positively, but that has not yet been tested.
The hypothetical positive impact is the inclusion of subdirectory in the React-router
configuration, since now it can handle the reverse-proxy subdirectory in URL.
2023-01-06 12:12:45 +02:00
dependabot[bot]
ac2fa2ecce
Bump i18next from 22.4.6 to 22.4.8 in /Plan/react/dashboard (#2816)
Bumps [i18next](https://github.com/i18next/i18next) from 22.4.6 to 22.4.8.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v22.4.6...v22.4.8)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 09:13:24 +02:00
dependabot[bot]
86285b2915
Bump mockitoVersion from 4.10.0 to 4.11.0 in /Plan (#2808)
Bumps `mockitoVersion` from 4.10.0 to 4.11.0.

Updates `mockito-core` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0)

Updates `mockito-junit-jupiter` from 4.10.0 to 4.11.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.10.0...v4.11.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:32 +02:00
dependabot[bot]
0d89122988
Bump sass from 1.56.2 to 1.57.1 in /Plan/react/dashboard (#2800)
Bumps [sass](https://github.com/sass/dart-sass) from 1.56.2 to 1.57.1.
- [Release notes](https://github.com/sass/dart-sass/releases)
- [Changelog](https://github.com/sass/dart-sass/blob/main/CHANGELOG.md)
- [Commits](https://github.com/sass/dart-sass/compare/1.56.2...1.57.1)

---
updated-dependencies:
- dependency-name: sass
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:36:14 +02:00
dependabot[bot]
b9432673c6
Bump axios from 1.2.1 to 1.2.2 in /Plan/react/dashboard (#2809)
Bumps [axios](https://github.com/axios/axios) from 1.2.1 to 1.2.2.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/v1.2.1...1.2.2)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:53 +02:00
dependabot[bot]
d941e7f858
Bump com.github.node-gradle.node from 3.5.0 to 3.5.1 in /Plan (#2811)
Bumps com.github.node-gradle.node from 3.5.0 to 3.5.1.

---
updated-dependencies:
- dependency-name: com.github.node-gradle.node
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-03 11:35:34 +02:00
AuroraLS3
c1084364fb Update versions.txt 5.5 build 2150 - Hotfix 2022-12-30 11:58:24 +00:00
AuroraLS3
8e88b3a9a6 Make undefined join address id guesstimate based on existing data 2022-12-30 13:26:53 +02:00
AuroraLS3
a8dbc3288e Fix checkstyle 2022-12-29 21:06:52 +02:00
AuroraLS3
bf63b29f72 Set bad join address ids as unknown 2022-12-29 20:54:23 +02:00
AuroraLS3
d0030fc6e3 Fix BadJoinAddressDataCorrectionPatch 2022-12-29 20:31:23 +02:00
Aurora Lahtela
6e8dc2215e
Remove build 2124 from version notifications 2022-12-28 10:56:32 +02:00
AuroraLS3
20bac03831 Update versions.txt 5.5 build 2144 2022-12-20 17:45:36 +00:00
Aurora Lahtela
626d63a87d Optimized BadJoinAddressDataCorrectionPatch using INSTR 2022-12-20 19:32:09 +02:00
dependabot[bot]
0eb5e5e7eb
Bump i18next-http-backend from 2.0.2 to 2.1.1 in /Plan/react/dashboard (#2795)
Bumps [i18next-http-backend](https://github.com/i18next/i18next-http-backend) from 2.0.2 to 2.1.1.
- [Release notes](https://github.com/i18next/i18next-http-backend/releases)
- [Commits](https://github.com/i18next/i18next-http-backend/compare/v2.0.2...v2.1.1)

---
updated-dependencies:
- dependency-name: i18next-http-backend
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:09:09 +02:00
dependabot[bot]
6a95b38355
Bump i18next from 22.1.4 to 22.4.6 in /Plan/react/dashboard (#2796)
Bumps [i18next](https://github.com/i18next/i18next) from 22.1.4 to 22.4.6.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v22.1.4...v22.4.6)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-12-20 18:08:59 +02:00