dependabot-preview[bot]
4d82a1a8ae
Bump org.sonarqube from 3.1 to 3.1.1 in /Plan
...
Bumps org.sonarqube from 3.1 to 3.1.1.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-26 05:27:33 +00:00
dependabot-preview[bot]
d73d16b609
Bump HikariCP from 4.0.0 to 4.0.1 in /Plan
...
Bumps [HikariCP](https://github.com/brettwooldridge/HikariCP ) from 4.0.0 to 4.0.1.
- [Release notes](https://github.com/brettwooldridge/HikariCP/releases )
- [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES )
- [Commits](https://github.com/brettwooldridge/HikariCP/compare/HikariCP-4.0.0...HikariCP-4.0.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-26 05:27:21 +00:00
dependabot-preview[bot]
1e0f875897
Bump bstatsVersion from 1.8 to 2.1.0 in /Plan ( #1720 )
...
* Bump bstatsVersion from 1.8 to 2.1.0 in /Plan
Bumps `bstatsVersion` from 1.8 to 2.1.0.
Updates `bstats-bukkit` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0 )
Updates `bstats-sponge` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0 )
Updates `bstats-bungeecord` from 1.8 to 2.1.0
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits/v2.1.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Updated metrics imports
* Relocate Sponge bstats metrics
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Risto Lahtela <24460436+Rsl1122@users.noreply.github.com>
2021-01-25 12:09:36 +02:00
dependabot-preview[bot]
4871d524f7
Bump HikariCP from 3.4.5 to 4.0.0 in /Plan
...
Bumps [HikariCP](https://github.com/brettwooldridge/HikariCP ) from 3.4.5 to 4.0.0.
- [Release notes](https://github.com/brettwooldridge/HikariCP/releases )
- [Changelog](https://github.com/brettwooldridge/HikariCP/blob/dev/CHANGES )
- [Commits](https://github.com/brettwooldridge/HikariCP/compare/HikariCP-3.4.5...HikariCP-4.0.0 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-25 09:36:18 +00:00
Risto Lahtela
e26a272e60
Fixed TPS Storage test
2021-01-25 11:26:30 +02:00
Risto Lahtela
4085ae310a
Fixed TPS Storage test
2021-01-25 11:12:41 +02:00
Risto Lahtela
ccd492c052
Reduced the performance graph size
...
Reduced resolution of data:
- Last 30 days: Full resolution (1 per minute)
- Last 60 - 30 days: 1 per 5 minutes
- 60+ days old: 1 per 20 minutes
Effect:
- Reduced /v1/graphs?type=performance size from 21 MB to 9.15 MB (126k rows in database)
Added new endpoint /v1/graphs?type=optimizedPerformance that doesn't parse series separately
- Sends a single array of arrays instead of one array for each series
- Added a parseDataSeries to graphs.js that translates the data
Effect:
- Reduced from 9.15 MB to 3.35 MB
- Moved some workload to the browser
Affects issues:
- Fixed #1622
2021-01-24 17:40:30 +02:00
Risto Lahtela
f14dfe7a7c
Added a setting to allow X-Forwarded-For to be used for IP security
...
Affects following features:
- IP Whitelist
- Password bruteforce guard
Affects issues:
- Close #1716
2021-01-24 15:59:50 +02:00
Risto Lahtela
bd754c4445
Prevent redirection to another website on login
...
Affects issues:
- Fixed #1717
2021-01-24 12:21:02 +02:00
Risto Lahtela
c44d3d7a7e
Prevented a future accidental XSS vulnerability in Register endpoint error
...
The username parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:38 +02:00
Risto Lahtela
a6c286b0f2
Prevented a future accidental XSS vulnerability in Graph type selection
...
The type parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
8544e5a904
Prevented a future accidental XSS vulnerability in Player UUID parsing
...
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
d64a967497
Prevented a future accidental XSS vulnerability in Server UUID parsing
...
The server parameter was passed to an exception that is currently turned into
json, but in the future the way this exception is handled could have changed.
2021-01-24 11:15:37 +02:00
Risto Lahtela
5c49e95c7d
Fixed XSS in Internal Error page
...
Adding a </pre><xss> to an URL that triggered an internal error could be used
to facilitate an XSS attack
2021-01-24 11:15:37 +02:00
Risto Lahtela
d8626f37a7
Create security_vuln.md
2021-01-24 10:22:49 +02:00
Risto Lahtela
3b52cc5f0c
Stop differentiating between wrong pass and user not existing
2021-01-23 21:54:27 +02:00
Risto Lahtela
5fae224ef6
Fixed ErrorContext of some errors being omitted
2021-01-23 21:53:07 +02:00
Risto Lahtela
46e486e00c
Update versions.txt
2021-01-22 21:49:57 +02:00
Risto Lahtela
94abd68086
Don't register the currently running task again inside the task
...
Affects issues:
- Fixed #1715
2021-01-22 21:44:27 +02:00
Risto Lahtela
97096948dc
Update versions.txt
2021-01-22 15:48:14 +02:00
Risto Lahtela
70b9ac1104
Set FullCalendar to use UTC as timezone
...
Affects issues:
- Possibly fixed #1239
2021-01-22 11:32:10 +02:00
Risto Lahtela
97bc28e2b4
Updated ProtocolSupport Extension
...
Ignored Access to implementation before detect Exception
Affects issues:
- Fixed #1665
2021-01-22 11:14:30 +02:00
Risto Lahtela
8423e392bb
Don't close DataSource with bad connection
...
- Attempt to recursively obtain a valid connection.
This could lead to StackOverFlowException if db goes
down, so that is caught.
Affects issues:
- Possibly fixed #1458
2021-01-22 11:06:12 +02:00
dependabot-preview[bot]
3335765fa2
Bump dagger from 2.31.1 to 2.31.2 in /Plan
...
Bumps [dagger](https://github.com/google/dagger ) from 2.31.1 to 2.31.2.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.31.1...dagger-2.31.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:36:31 +00:00
dependabot-preview[bot]
4d9ad6a8c9
Bump RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT in /Plan
...
Bumps RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:29:27 +00:00
dependabot-preview[bot]
2630aa3e08
Bump dagger-compiler from 2.31.1 to 2.31.2 in /Plan
...
Bumps [dagger-compiler](https://github.com/google/dagger ) from 2.31.1 to 2.31.2.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.31.1...dagger-2.31.2 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:28:11 +00:00
dependabot-preview[bot]
2898378016
Bump mockito-junit-jupiter from 3.7.0 to 3.7.7 in /Plan
...
Bumps [mockito-junit-jupiter](https://github.com/mockito/mockito ) from 3.7.0 to 3.7.7.
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v3.7.0...v3.7.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-22 05:27:14 +00:00
Risto Lahtela
2b737c9973
Fixed offset for graphs with minutes in timezones
...
Timezone offset is now a double.
This fix seems very simple, and it kinda is.
HighCharts represents offset in minutes.
Java gives offset in milliseconds, and that was
incorrectly to be assumed as full hours, so the offset
was rounded to an integer. Using a double will allow
all kinds of offsets that still work with highcharts.
Fixes timezones like
- Nepal (GMT+05:45)
- Newfoundland Time (GMT-03:30)
Affects issues:
- Fixed #1652
2021-01-20 18:12:56 +02:00
Risto Lahtela
6758a56167
Fixed build errors
2021-01-20 17:59:45 +02:00
Risto Lahtela
edddccf329
Updated AAC Extension
...
- Disable AAC Extension if using v5 or newer
The event that is used for data gathering in Plan
for AAC is no longer present as an API in AAC past
version 5.0.0.
Because of this there is no data available for AAC,
and the extension is disabled.
Affects issues:
- Close #1673
2021-01-20 17:37:43 +02:00
Risto Lahtela
fd729360c7
Ignored all UnsupportedOperationExceptions from Extensions
...
Affects issues:
- Fixed #1667
2021-01-20 17:22:56 +02:00
Risto Lahtela
d5a6ccc7a3
Updated Nucleus Extension
...
- Removed warnings
- Update server data more frequently
Affects issues:
- #1688
2021-01-20 17:16:42 +02:00
Risto Lahtela
25d528e2f1
Updated mcMMO Extension
...
- Ignores IndexOutOfBoundsException
Affects issues:
- Fixed #1662
2021-01-20 17:05:40 +02:00
Risto Lahtela
15c9325eb4
Added activity index queries and placeholders.
...
- Added CommonQueries#fetchActivityIndexOf
- Added CommonQueries#getActivityGroupForIndex
- Added %plan_player_activity_index%
- Added %plan_player_activity_group%
Affects issues:
- Close #1663
2021-01-20 16:58:46 +02:00
dependabot-preview[bot]
e220e40a8c
Bump paper-api from 1.13.2-R0.1-SNAPSHOT to 1.16.5-R0.1-SNAPSHOT in /Plan ( #1697 )
...
* Bump paper-api in /Plan
Bumps paper-api from 1.13.2-R0.1-SNAPSHOT to 1.16.5-R0.1-SNAPSHOT.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Removed a method call that is no longer used
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Risto Lahtela <24460436+Rsl1122@users.noreply.github.com>
2021-01-20 16:49:18 +02:00
dependabot-preview[bot]
63bc4a667a
Bump bstatsVersion from 1.4 to 1.8 in /Plan ( #1706 )
...
* Bump bstatsVersion from 1.4 to 1.8 in /Plan
Bumps `bstatsVersion` from 1.4 to 1.8.
Updates `bstats-bukkit` from 1.4 to 1.8
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits )
Updates `bstats-sponge` from 1.4 to 1.8
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits )
Updates `bstats-bungeecord` from 1.4 to 1.8
- [Release notes](https://github.com/Bastian/bStats-Metrics/releases )
- [Commits](https://github.com/Bastian/bStats-Metrics/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
* Update bStats construction
Affects issues:
- Possibly fixed #1680
Co-authored-by: dependabot-preview[bot] <27856297+dependabot-preview[bot]@users.noreply.github.com>
Co-authored-by: Risto Lahtela <24460436+Rsl1122@users.noreply.github.com>
2021-01-20 16:43:37 +02:00
Risto Lahtela
c878e71179
Revert 6db7623037
2021-01-20 10:00:07 +02:00
dependabot-preview[bot]
01a8f5e1d3
Bump dagger from 2.31 to 2.31.1 in /Plan
...
Bumps [dagger](https://github.com/google/dagger ) from 2.31 to 2.31.1.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.31...dagger-2.31.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-20 06:17:02 +00:00
dependabot-preview[bot]
6db7623037
Bump RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT in /Plan
...
Bumps RedisBungee from 0.3.8-SNAPSHOT to 0.6-SNAPSHOT.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-20 06:08:39 +00:00
dependabot-preview[bot]
414e82395c
Bump Extension-FactionsUUID in /Plan
...
Bumps Extension-FactionsUUID from 1.6.9.5-U0.5.16-R0.1 to 1.6.9.5-U0.5.16-R0.2.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-20 06:08:00 +00:00
dependabot-preview[bot]
cc9ee830bb
Bump dagger-compiler from 2.31 to 2.31.1 in /Plan
...
Bumps [dagger-compiler](https://github.com/google/dagger ) from 2.31 to 2.31.1.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.31...dagger-2.31.1 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-20 05:59:32 +00:00
dependabot-preview[bot]
113c9ccb4b
Bump placeholderapi from 2.9.2 to 2.10.9 in /Plan
...
Bumps placeholderapi from 2.9.2 to 2.10.9.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-20 05:58:16 +00:00
Risto Lahtela
1f4fdd8830
Added extension data support to /players page
...
Affects issues:
- #1222
2021-01-19 18:18:26 +02:00
dependabot-preview[bot]
e64967f3c7
Bump mockito-core from 3.6.28 to 3.7.7 in /Plan
...
Bumps [mockito-core](https://github.com/mockito/mockito ) from 3.6.28 to 3.7.7.
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v3.6.28...v3.7.7 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-18 05:48:02 +00:00
dependabot-preview[bot]
c81019ec69
Bump mysql-connector-java from 8.0.22 to 8.0.23 in /Plan
...
Bumps [mysql-connector-java](https://github.com/mysql/mysql-connector-j ) from 8.0.22 to 8.0.23.
- [Release notes](https://github.com/mysql/mysql-connector-j/releases )
- [Changelog](https://github.com/mysql/mysql-connector-j/blob/release/8.0/CHANGES )
- [Commits](https://github.com/mysql/mysql-connector-j/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-18 05:46:22 +00:00
dependabot-preview[bot]
f19c5fe5ad
Bump org.sonarqube from 3.0 to 3.1 in /Plan
...
Bumps org.sonarqube from 3.0 to 3.1.
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-16 17:36:48 +00:00
dependabot-preview[bot]
e35403a4ce
Bump dagger from 2.30.1 to 2.31 in /Plan
...
Bumps [dagger](https://github.com/google/dagger ) from 2.30.1 to 2.31.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.30.1...dagger-2.31 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-15 05:35:21 +00:00
dependabot-preview[bot]
d3bf6ebdbf
Bump dagger-compiler from 2.30.1 to 2.31 in /Plan
...
Bumps [dagger-compiler](https://github.com/google/dagger ) from 2.30.1 to 2.31.
- [Release notes](https://github.com/google/dagger/releases )
- [Changelog](https://github.com/google/dagger/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/dagger/compare/dagger-2.30.1...dagger-2.31 )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-15 05:27:15 +00:00
dependabot-preview[bot]
6249d53888
Bump bungeecord-api from 1.16-R0.3 to 1.16-R0.4 in /Plan
...
Bumps [bungeecord-api](https://github.com/SpigotMC/BungeeCord ) from 1.16-R0.3 to 1.16-R0.4.
- [Release notes](https://github.com/SpigotMC/BungeeCord/releases )
- [Commits](https://github.com/SpigotMC/BungeeCord/commits )
Signed-off-by: dependabot-preview[bot] <support@dependabot.com>
2021-01-15 05:27:06 +00:00
Alexander Trost
1224eea893
contributors: fix the contributors list commas ( #1685 )
...
Signed-off-by: Alexander Trost <galexrt@googlemail.com>
2021-01-06 17:01:42 +02:00