Commit Graph

6095 Commits

Author SHA1 Message Date
dependabot[bot]
aa9d45178f
Bump @fullcalendar/bootstrap in /Plan/react/dashboard (#2848)
Bumps [@fullcalendar/bootstrap](https://github.com/fullcalendar/fullcalendar/tree/HEAD/packages/bootstrap4) from 5.11.3 to 5.11.4.
- [Release notes](https://github.com/fullcalendar/fullcalendar/releases)
- [Changelog](https://github.com/fullcalendar/fullcalendar/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fullcalendar/fullcalendar/commits/v5.11.4/packages/bootstrap4)

---
updated-dependencies:
- dependency-name: "@fullcalendar/bootstrap"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:45:39 +02:00
dependabot[bot]
09cd482ea4
Bump @fullcalendar/react from 5.11.3 to 5.11.4 in /Plan/react/dashboard (#2847)
Bumps [@fullcalendar/react](https://github.com/fullcalendar/fullcalendar-react) from 5.11.3 to 5.11.4.
- [Release notes](https://github.com/fullcalendar/fullcalendar-react/releases)
- [Changelog](https://github.com/fullcalendar/fullcalendar-react/blob/main/CHANGELOG.md)
- [Commits](https://github.com/fullcalendar/fullcalendar-react/compare/v5.11.3...v5.11.4)

---
updated-dependencies:
- dependency-name: "@fullcalendar/react"
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:45:22 +02:00
dependabot[bot]
8c7b0d86ae
Bump selenium-java from 4.7.2 to 4.8.0 in /Plan (#2843)
Bumps [selenium-java](https://github.com/SeleniumHQ/selenium) from 4.7.2 to 4.8.0.
- [Release notes](https://github.com/SeleniumHQ/selenium/releases)
- [Commits](https://github.com/SeleniumHQ/selenium/commits/selenium-4.8.0)

---
updated-dependencies:
- dependency-name: org.seleniumhq.selenium:selenium-java
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:42:18 +02:00
dependabot[bot]
06a45309fc
Bump highcharts from 10.3.2 to 10.3.3 in /Plan/react/dashboard (#2845)
Bumps [highcharts](https://github.com/highcharts/highcharts-dist) from 10.3.2 to 10.3.3.
- [Release notes](https://github.com/highcharts/highcharts-dist/releases)
- [Commits](https://github.com/highcharts/highcharts-dist/compare/v10.3.2...v10.3.3)

---
updated-dependencies:
- dependency-name: highcharts
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:42:05 +02:00
dependabot[bot]
e7b2d0a75e
Bump mockitoVersion from 5.0.0 to 5.1.1 in /Plan (#2854)
Bumps `mockitoVersion` from 5.0.0 to 5.1.1.

Updates `org.mockito:mockito-core` from 5.0.0 to 5.1.1
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.0.0...v5.1.1)

Updates `org.mockito:mockito-junit-jupiter` from 5.0.0 to 5.1.1
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v5.0.0...v5.1.1)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-minor
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:41:50 +02:00
dependabot[bot]
47dbece4c0
Bump org.xerial:sqlite-jdbc from 3.40.0.0 to 3.40.1.0 in /Plan (#2856)
Bumps [org.xerial:sqlite-jdbc](https://github.com/xerial/sqlite-jdbc) from 3.40.0.0 to 3.40.1.0.
- [Release notes](https://github.com/xerial/sqlite-jdbc/releases)
- [Changelog](https://github.com/xerial/sqlite-jdbc/blob/master/CHANGELOG)
- [Commits](https://github.com/xerial/sqlite-jdbc/compare/3.40.0.0...3.40.1.0)

---
updated-dependencies:
- dependency-name: org.xerial:sqlite-jdbc
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-02-05 15:41:10 +02:00
Aurora Lahtela
f8e0975c14 Fix dev server leaving zombie node process behind 2023-02-05 15:03:05 +02:00
AuroraLS3
a9348fe2c4 Update versions.txt 5.5 DEV build 2208 2023-02-05 10:35:21 +00:00
Aurora Lahtela
09279cbb66
React html customization / public_html folder (#2862)
* Add public_html folder, configuration and access methods to it
* Make Frontend BETA static resource resolution prefer public_html
* Add resolver for getting any file in public_html from webserver
* Test customized bundle loading from public_html
* Update gradle wrapper to 7.6
* Wrote scripts to React build or run dev server through gradle
* Disable cyclomatic-complexity check on PublicHtmlResolver
* Throw bad request exception on IllegalPathException
* Throw bad request exception on bad chars in URI query
2023-02-05 12:08:29 +02:00
Aurora Lahtela
413e087c4d Improved navigation significantly on mobile
Affects issues:
- Close #2228
2023-02-03 20:29:03 +02:00
Aurora Lahtela
12d22f945f Unregister placeholder api extension synchronously
Affects issues:
- Fixed #2841
2023-02-03 17:16:49 +02:00
Aurora Lahtela
5b6efa0438 Fix ERR_NETWORK_CHANGED on CI 2023-02-03 17:07:35 +02:00
Aurora Lahtela
6de06f6ae2
Delete security_vuln.md 2023-02-02 11:17:14 +02:00
Aurora Lahtela
4e486032f3 Fix some issues with the new navigation button 2023-01-26 14:39:17 +02:00
Aurora Lahtela
362bb44aad Implement a page navigation button
Improve page loading and theme system
- The sidebar is visible while loading with css
  There was an apparent problem when switching pages with the new switcher
- css variables are now used
- Theme color is applied to several buttons and texts
  where previously Plan color was used

Affects issues:
- Implements #2357
2023-01-26 14:18:51 +02:00
Aurora Lahtela
b1a63d57b6 Don't accept redirect in https test 2023-01-25 21:50:03 +02:00
Aurora Lahtela
8dccb060c0 Skip javascript translation on React bundle files
Affects issues:
- Fixed #2799
2023-01-22 14:50:42 +02:00
Aurora Lahtela
63350a4fea Fix PlayerTableRowPatch is applied check 2023-01-22 14:31:10 +02:00
Aurora Lahtela
acf9d92b1d Refactor duplicate code: command confirmation 2023-01-22 13:45:47 +02:00
Aurora Lahtela
e0d80cb3b4 Filter out fonts.gstatic.com from test logs
This should sort out ERR_NETWORK_CHANGED error that appears from time to time
2023-01-22 13:12:52 +02:00
AuroraLS3
4f0d15b320 Update versions.txt 5.5 DEV build 2195 2023-01-22 08:29:54 +00:00
Aurora Lahtela
88b4191f6b
Implement http caching (#2840)
* Implement first response parts of http caching
* Implement cached response for static resources
* Implement HTTP caching for json responses
* Fix last seen value for online players
* Implement http caching for pages (.html)
* Use placeholder cache even with async requests.

Affects issues:
- Close #2813
2023-01-22 10:18:14 +02:00
Aurora Lahtela
0ddda27384 Implement a date formatter for Last-Modified header
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified
2023-01-21 15:22:04 +02:00
Aurora Lahtela
0bce7880cd Add support for getting last modified date to Resource
- Use AssetVersions.yml for jar files
- Use File#lastModified for regular files
2023-01-21 15:03:29 +02:00
Aurora Lahtela
b26678b3dc Fix a couple issues in the react frontend
- Fix card tabs not working with the new react router
- Fix server list card showing "No servers installed" while loading
2023-01-21 12:59:57 +02:00
Aurora Lahtela
d3be0e9f89 Optimized server latest join addresses query
Original benchmark: 19 seconds
Improved benchmark: 150 milliseconds
-> 120x faster
2023-01-21 12:47:13 +02:00
Aurora Lahtela
987fb7b56a Optimized server player list table query
Original benchmark: 4 seconds
Improved benchmark: 500 milliseconds
-> 8x faster
2023-01-21 12:17:46 +02:00
Aurora Lahtela
1b0942c988 Unit test Benchmark utility 2023-01-21 12:04:58 +02:00
Aurora Lahtela
dda7199a1a Fix more sonar smells 2023-01-20 22:54:54 +02:00
Aurora Lahtela
52a80622ce Fix sonar smells in fabric module 2023-01-20 22:17:40 +02:00
Aurora Lahtela
2eba115f6f Wrote tests for some commands 2023-01-20 21:03:15 +02:00
dependabot[bot]
c22da1bf76
Bump i18next from 22.4.8 to 22.4.9 in /Plan/react/dashboard (#2827)
Bumps [i18next](https://github.com/i18next/i18next) from 22.4.8 to 22.4.9.
- [Release notes](https://github.com/i18next/i18next/releases)
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/i18next/compare/v22.4.8...v22.4.9)

---
updated-dependencies:
- dependency-name: i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:05:07 +02:00
dependabot[bot]
04c43fac79
Bump react-i18next from 12.1.1 to 12.1.4 in /Plan/react/dashboard (#2828)
Bumps [react-i18next](https://github.com/i18next/react-i18next) from 12.1.1 to 12.1.4.
- [Release notes](https://github.com/i18next/react-i18next/releases)
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md)
- [Commits](https://github.com/i18next/react-i18next/compare/v12.1.1...v12.1.4)

---
updated-dependencies:
- dependency-name: react-i18next
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:57 +02:00
dependabot[bot]
e21e7aa068
Bump geoip2 from 3.0.2 to 4.0.0 in /Plan (#2787)
Bumps [geoip2](https://github.com/maxmind/GeoIP2-java) from 3.0.2 to 4.0.0.
- [Release notes](https://github.com/maxmind/GeoIP2-java/releases)
- [Changelog](https://github.com/maxmind/GeoIP2-java/blob/main/CHANGELOG.md)
- [Commits](https://github.com/maxmind/GeoIP2-java/compare/v3.0.2...v4.0.0)

---
updated-dependencies:
- dependency-name: com.maxmind.geoip2:geoip2
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:49 +02:00
dependabot[bot]
5bc58a893a
Bump gson from 2.10 to 2.10.1 in /Plan (#2823)
Bumps [gson](https://github.com/google/gson) from 2.10 to 2.10.1.
- [Release notes](https://github.com/google/gson/releases)
- [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md)
- [Commits](https://github.com/google/gson/compare/gson-parent-2.10...gson-parent-2.10.1)

---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:26 +02:00
dependabot[bot]
6e29d62f17
Bump junit-jupiter from 5.9.1 to 5.9.2 in /Plan (#2825)
Bumps [junit-jupiter](https://github.com/junit-team/junit5) from 5.9.1 to 5.9.2.
- [Release notes](https://github.com/junit-team/junit5/releases)
- [Commits](https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2)

---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:11 +02:00
dependabot[bot]
7ae218f558
Bump react-router-dom from 6.4.5 to 6.7.0 in /Plan/react/dashboard (#2836)
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom) from 6.4.5 to 6.7.0.
- [Release notes](https://github.com/remix-run/react-router/releases)
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md)
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.7.0/packages/react-router-dom)

---
updated-dependencies:
- dependency-name: react-router-dom
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:42:57 +02:00
dependabot[bot]
5f66370ec9
Bump io.swagger.core.v3.swagger-gradle-plugin in /Plan (#2824)
Bumps io.swagger.core.v3.swagger-gradle-plugin from 2.2.7 to 2.2.8.

---
updated-dependencies:
- dependency-name: io.swagger.core.v3.swagger-gradle-plugin
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:21 +02:00
dependabot[bot]
468aada307
Bump swaggerVersion from 2.2.7 to 2.2.8 in /Plan (#2826)
Bumps `swaggerVersion` from 2.2.7 to 2.2.8.

Updates `swagger-core-jakarta` from 2.2.7 to 2.2.8

Updates `swagger-jaxrs2-jakarta` from 2.2.7 to 2.2.8

---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-core-jakarta
  dependency-type: direct:production
  update-type: version-update:semver-patch
- dependency-name: io.swagger.core.v3:swagger-jaxrs2-jakarta
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:07 +02:00
dependabot[bot]
446a4c1cb3
Bump mockitoVersion from 4.11.0 to 5.0.0 in /Plan (#2835)
Bumps `mockitoVersion` from 4.11.0 to 5.0.0.

Updates `mockito-core` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0)

Updates `mockito-junit-jupiter` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases)
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0)

---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
  dependency-type: direct:production
  update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-junit-jupiter
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:27:48 +02:00
dependabot[bot]
1c1aa08948
Bump mysql-connector-java from 8.0.31 to 8.0.32 in /Plan (#2834)
Bumps mysql-connector-java from 8.0.31 to 8.0.32.

---
updated-dependencies:
- dependency-name: mysql:mysql-connector-java
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:16:02 +02:00
dependabot[bot]
7a44a91546
Bump axios from 1.2.2 to 1.2.3 in /Plan/react/dashboard (#2837)
Bumps [axios](https://github.com/axios/axios) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/axios/axios/releases)
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md)
- [Commits](https://github.com/axios/axios/compare/1.2.2...v1.2.3)

---
updated-dependencies:
- dependency-name: axios
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:15:43 +02:00
Aurora Lahtela
1f1a8e0de2 Unregister placeholder extension when Plan disables
Affects issues:
- Fixed #2833
2023-01-17 17:52:12 +02:00
AuroraLS3
75e9057919 Update versions.txt 5.5 build 2172 - CRITICAL security vulnerability fix 2023-01-15 08:43:42 +00:00
Aurora Lahtela
9e11d9f484 Removed untrusted data from exception messages in case they end up on the webpage 2023-01-15 10:04:10 +02:00
Aurora Lahtela
f20a04809c Test against and identify path traversal vulnerability in other methods 2023-01-15 09:30:30 +02:00
Aurora Lahtela
b0a1bc1fb1 Prevent malicious join address packet from breaking session serialization 2023-01-15 09:01:28 +02:00
Aurora Lahtela
38785a9505 Added Untrusted-annotation to be more careful around user given data
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
2023-01-14 23:25:35 +02:00
Aurora Lahtela
82274ae658 Fix issue due to 'None' translation in FI language 2023-01-14 12:12:45 +02:00
Aurora Lahtela
bd85f10c55 Fix customized resource lookup Path Traversal vulnerability
Affects issues:
- Fixed #2830
2023-01-13 23:23:12 +02:00