- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
These labels have not been kept up to date and some might contain
out of date information (Packages have changed etc.)
It is better to not include them than include bad information.
javax.xml was removed in recent Java versions, so depending on it breaks
compatibility with servers running on them. The Base64 class is the way
to use Base64 serialization.
* Moved project files to 'common'-module
This is done so that refactoring into multiple smaller modules is easier
as the IDE will not attempt to move tests incorrectly when moving things
between different modules
* Created 'bukkit' module
Following classes were removed during the operation:
- BukkitServerInfo (Renamed to ServerServerInfo)
- SpongeServerInfo (could use ServerServerInfo)
- Hastebin (not viable on every platform, unused)
- HastebinTest
- MockPlayers (unused, bukkit specific)
Changes to classes:
- Renamed Importer to BukkitImporter (contained bukkit related impl.)
- Extracted Importer interface from BukkitImporter
- Turned BukkitPlanModule and BukkitClassBindingModule to interfaces by
using @Binds annotation
- Added Status class since PlayersOnlineListener had a boolean,
that stated if kicks were counted.
This commit completes split partially and was not pushed on commit.
* Created 'sponge' module
Changes to classes:
- Turned ServerSuperClassBindingModule, SuperClassBindingModule,
SpongePlanModule and SpongeClassBindingModule to interfaces by
using @Binds annotation
- Renamed SystemObjectBindingModule to SystemObjectProvidingModule
- Removed sponge related calls in ServerProperties
- Made EmptyImportSystem injectable
This commit completes split partially and was not pushed on commit.
* Changed shade configuration
Further tweaks required.
* Created 'bungeecord' module
Changes to classes:
- Removed use of BungeePingTimerTask in VelocityTaskSystem
- Removed use of RedisBungee in VelocityServerProperties
- Fixed bukkit command.commands.RegisterCommandFilter package
Changes to project structure:
- Dependency versions now in main pom via dependencyManagement
- Repositories now defined in main pom
* Created 'velocity' module
Changes to classes:
- Made RawDataResponse use Gson via reflection since it is no longer
available in dependencies of 'common' module
* Created 'plugin' module
This module is for creating a single deployment artifact and testing of
system interactions.
Fixes to tests:
- Reflection no longer fails to initialize if Bukkit.getServer() is null
- PingCountTimerBukkit no longer fails to be created if Reflection fails
- Removed unnecessary @AfterClass from H2Test
- Jar resource path fixes to Mocker
* Shading configuration
org.slf4j classes are relocated in 'common', 'bukkit' & 'bungeecord'.
In 'sponge' & 'velocity' they are not relocated, allowing injection
as plugin logger, while using slf4j-nop for HikariCP logging.
This allows single release artifact.
* Removed 'Icon' from .gitignore
* Attempt to fix test resources
Because all jar resources are located in 'common', an attempt to fetch
them is made to common/target/Plan-common.jar, which for some reason
is a bad path.
This attempts to remedy that by creating a temporary file from an
InputStream, read with Class#getResourceAsStream
Ignored HTTPSWebServerAuthTest as the certificate path was invalid for
some reason.