AuroraLS3
a9348fe2c4
Update versions.txt 5.5 DEV build 2208
2023-02-05 10:35:21 +00:00
Aurora Lahtela
09279cbb66
React html customization / public_html folder ( #2862 )
...
* Add public_html folder, configuration and access methods to it
* Make Frontend BETA static resource resolution prefer public_html
* Add resolver for getting any file in public_html from webserver
* Test customized bundle loading from public_html
* Update gradle wrapper to 7.6
* Wrote scripts to React build or run dev server through gradle
* Disable cyclomatic-complexity check on PublicHtmlResolver
* Throw bad request exception on IllegalPathException
* Throw bad request exception on bad chars in URI query
2023-02-05 12:08:29 +02:00
Aurora Lahtela
413e087c4d
Improved navigation significantly on mobile
...
Affects issues:
- Close #2228
2023-02-03 20:29:03 +02:00
Aurora Lahtela
12d22f945f
Unregister placeholder api extension synchronously
...
Affects issues:
- Fixed #2841
2023-02-03 17:16:49 +02:00
Aurora Lahtela
5b6efa0438
Fix ERR_NETWORK_CHANGED on CI
2023-02-03 17:07:35 +02:00
Aurora Lahtela
6de06f6ae2
Delete security_vuln.md
2023-02-02 11:17:14 +02:00
Aurora Lahtela
4e486032f3
Fix some issues with the new navigation button
2023-01-26 14:39:17 +02:00
Aurora Lahtela
362bb44aad
Implement a page navigation button
...
Improve page loading and theme system
- The sidebar is visible while loading with css
There was an apparent problem when switching pages with the new switcher
- css variables are now used
- Theme color is applied to several buttons and texts
where previously Plan color was used
Affects issues:
- Implements #2357
2023-01-26 14:18:51 +02:00
Aurora Lahtela
b1a63d57b6
Don't accept redirect in https test
2023-01-25 21:50:03 +02:00
Aurora Lahtela
8dccb060c0
Skip javascript translation on React bundle files
...
Affects issues:
- Fixed #2799
2023-01-22 14:50:42 +02:00
Aurora Lahtela
63350a4fea
Fix PlayerTableRowPatch is applied check
2023-01-22 14:31:10 +02:00
Aurora Lahtela
acf9d92b1d
Refactor duplicate code: command confirmation
2023-01-22 13:45:47 +02:00
Aurora Lahtela
e0d80cb3b4
Filter out fonts.gstatic.com from test logs
...
This should sort out ERR_NETWORK_CHANGED error that appears from time to time
2023-01-22 13:12:52 +02:00
AuroraLS3
4f0d15b320
Update versions.txt 5.5 DEV build 2195
2023-01-22 08:29:54 +00:00
Aurora Lahtela
88b4191f6b
Implement http caching ( #2840 )
...
* Implement first response parts of http caching
* Implement cached response for static resources
* Implement HTTP caching for json responses
* Fix last seen value for online players
* Implement http caching for pages (.html)
* Use placeholder cache even with async requests.
Affects issues:
- Close #2813
2023-01-22 10:18:14 +02:00
Aurora Lahtela
0ddda27384
Implement a date formatter for Last-Modified header
...
https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Last-Modified
2023-01-21 15:22:04 +02:00
Aurora Lahtela
0bce7880cd
Add support for getting last modified date to Resource
...
- Use AssetVersions.yml for jar files
- Use File#lastModified for regular files
2023-01-21 15:03:29 +02:00
Aurora Lahtela
b26678b3dc
Fix a couple issues in the react frontend
...
- Fix card tabs not working with the new react router
- Fix server list card showing "No servers installed" while loading
2023-01-21 12:59:57 +02:00
Aurora Lahtela
d3be0e9f89
Optimized server latest join addresses query
...
Original benchmark: 19 seconds
Improved benchmark: 150 milliseconds
-> 120x faster
2023-01-21 12:47:13 +02:00
Aurora Lahtela
987fb7b56a
Optimized server player list table query
...
Original benchmark: 4 seconds
Improved benchmark: 500 milliseconds
-> 8x faster
2023-01-21 12:17:46 +02:00
Aurora Lahtela
1b0942c988
Unit test Benchmark utility
2023-01-21 12:04:58 +02:00
Aurora Lahtela
dda7199a1a
Fix more sonar smells
2023-01-20 22:54:54 +02:00
Aurora Lahtela
52a80622ce
Fix sonar smells in fabric module
2023-01-20 22:17:40 +02:00
Aurora Lahtela
2eba115f6f
Wrote tests for some commands
2023-01-20 21:03:15 +02:00
dependabot[bot]
c22da1bf76
Bump i18next from 22.4.8 to 22.4.9 in /Plan/react/dashboard ( #2827 )
...
Bumps [i18next](https://github.com/i18next/i18next ) from 22.4.8 to 22.4.9.
- [Release notes](https://github.com/i18next/i18next/releases )
- [Changelog](https://github.com/i18next/i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/i18next/compare/v22.4.8...v22.4.9 )
---
updated-dependencies:
- dependency-name: i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:05:07 +02:00
dependabot[bot]
04c43fac79
Bump react-i18next from 12.1.1 to 12.1.4 in /Plan/react/dashboard ( #2828 )
...
Bumps [react-i18next](https://github.com/i18next/react-i18next ) from 12.1.1 to 12.1.4.
- [Release notes](https://github.com/i18next/react-i18next/releases )
- [Changelog](https://github.com/i18next/react-i18next/blob/master/CHANGELOG.md )
- [Commits](https://github.com/i18next/react-i18next/compare/v12.1.1...v12.1.4 )
---
updated-dependencies:
- dependency-name: react-i18next
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:57 +02:00
dependabot[bot]
e21e7aa068
Bump geoip2 from 3.0.2 to 4.0.0 in /Plan ( #2787 )
...
Bumps [geoip2](https://github.com/maxmind/GeoIP2-java ) from 3.0.2 to 4.0.0.
- [Release notes](https://github.com/maxmind/GeoIP2-java/releases )
- [Changelog](https://github.com/maxmind/GeoIP2-java/blob/main/CHANGELOG.md )
- [Commits](https://github.com/maxmind/GeoIP2-java/compare/v3.0.2...v4.0.0 )
---
updated-dependencies:
- dependency-name: com.maxmind.geoip2:geoip2
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 19:04:49 +02:00
dependabot[bot]
5bc58a893a
Bump gson from 2.10 to 2.10.1 in /Plan ( #2823 )
...
Bumps [gson](https://github.com/google/gson ) from 2.10 to 2.10.1.
- [Release notes](https://github.com/google/gson/releases )
- [Changelog](https://github.com/google/gson/blob/master/CHANGELOG.md )
- [Commits](https://github.com/google/gson/compare/gson-parent-2.10...gson-parent-2.10.1 )
---
updated-dependencies:
- dependency-name: com.google.code.gson:gson
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:26 +02:00
dependabot[bot]
6e29d62f17
Bump junit-jupiter from 5.9.1 to 5.9.2 in /Plan ( #2825 )
...
Bumps [junit-jupiter](https://github.com/junit-team/junit5 ) from 5.9.1 to 5.9.2.
- [Release notes](https://github.com/junit-team/junit5/releases )
- [Commits](https://github.com/junit-team/junit5/compare/r5.9.1...r5.9.2 )
---
updated-dependencies:
- dependency-name: org.junit.jupiter:junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:43:11 +02:00
dependabot[bot]
7ae218f558
Bump react-router-dom from 6.4.5 to 6.7.0 in /Plan/react/dashboard ( #2836 )
...
Bumps [react-router-dom](https://github.com/remix-run/react-router/tree/HEAD/packages/react-router-dom ) from 6.4.5 to 6.7.0.
- [Release notes](https://github.com/remix-run/react-router/releases )
- [Changelog](https://github.com/remix-run/react-router/blob/main/packages/react-router-dom/CHANGELOG.md )
- [Commits](https://github.com/remix-run/react-router/commits/react-router-dom@6.7.0/packages/react-router-dom )
---
updated-dependencies:
- dependency-name: react-router-dom
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:42:57 +02:00
dependabot[bot]
5f66370ec9
Bump io.swagger.core.v3.swagger-gradle-plugin in /Plan ( #2824 )
...
Bumps io.swagger.core.v3.swagger-gradle-plugin from 2.2.7 to 2.2.8.
---
updated-dependencies:
- dependency-name: io.swagger.core.v3.swagger-gradle-plugin
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:21 +02:00
dependabot[bot]
468aada307
Bump swaggerVersion from 2.2.7 to 2.2.8 in /Plan ( #2826 )
...
Bumps `swaggerVersion` from 2.2.7 to 2.2.8.
Updates `swagger-core-jakarta` from 2.2.7 to 2.2.8
Updates `swagger-jaxrs2-jakarta` from 2.2.7 to 2.2.8
---
updated-dependencies:
- dependency-name: io.swagger.core.v3:swagger-core-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
- dependency-name: io.swagger.core.v3:swagger-jaxrs2-jakarta
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:31:07 +02:00
dependabot[bot]
446a4c1cb3
Bump mockitoVersion from 4.11.0 to 5.0.0 in /Plan ( #2835 )
...
Bumps `mockitoVersion` from 4.11.0 to 5.0.0.
Updates `mockito-core` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
Updates `mockito-junit-jupiter` from 4.11.0 to 5.0.0
- [Release notes](https://github.com/mockito/mockito/releases )
- [Commits](https://github.com/mockito/mockito/compare/v4.11.0...v5.0.0 )
---
updated-dependencies:
- dependency-name: org.mockito:mockito-core
dependency-type: direct:production
update-type: version-update:semver-major
- dependency-name: org.mockito:mockito-junit-jupiter
dependency-type: direct:production
update-type: version-update:semver-major
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:27:48 +02:00
dependabot[bot]
1c1aa08948
Bump mysql-connector-java from 8.0.31 to 8.0.32 in /Plan ( #2834 )
...
Bumps mysql-connector-java from 8.0.31 to 8.0.32.
---
updated-dependencies:
- dependency-name: mysql:mysql-connector-java
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:16:02 +02:00
dependabot[bot]
7a44a91546
Bump axios from 1.2.2 to 1.2.3 in /Plan/react/dashboard ( #2837 )
...
Bumps [axios](https://github.com/axios/axios ) from 1.2.2 to 1.2.3.
- [Release notes](https://github.com/axios/axios/releases )
- [Changelog](https://github.com/axios/axios/blob/v1.x/CHANGELOG.md )
- [Commits](https://github.com/axios/axios/compare/1.2.2...v1.2.3 )
---
updated-dependencies:
- dependency-name: axios
dependency-type: direct:production
update-type: version-update:semver-patch
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-20 18:15:43 +02:00
Aurora Lahtela
1f1a8e0de2
Unregister placeholder extension when Plan disables
...
Affects issues:
- Fixed #2833
2023-01-17 17:52:12 +02:00
AuroraLS3
75e9057919
Update versions.txt 5.5 build 2172 - CRITICAL security vulnerability fix
2023-01-15 08:43:42 +00:00
Aurora Lahtela
9e11d9f484
Removed untrusted data from exception messages in case they end up on the webpage
2023-01-15 10:04:10 +02:00
Aurora Lahtela
f20a04809c
Test against and identify path traversal vulnerability in other methods
2023-01-15 09:30:30 +02:00
Aurora Lahtela
b0a1bc1fb1
Prevent malicious join address packet from breaking session serialization
2023-01-15 09:01:28 +02:00
Aurora Lahtela
38785a9505
Added Untrusted-annotation to be more careful around user given data
...
- Fixed SQL-injection vulnerability in an endpoint
- Fixed XSS on Whitelist deny 403 page
- Fixed XSS on Internal Error 500 page if untrusted data ends up in exception message
2023-01-14 23:25:35 +02:00
Aurora Lahtela
82274ae658
Fix issue due to 'None' translation in FI language
2023-01-14 12:12:45 +02:00
Aurora Lahtela
bd85f10c55
Fix customized resource lookup Path Traversal vulnerability
...
Affects issues:
- Fixed #2830
2023-01-13 23:23:12 +02:00
Aurora Lahtela
205692af65
Updated Finnish Locale
2023-01-08 14:47:25 +02:00
Aurora Lahtela
4580666426
Update locale files with new language
2023-01-08 14:09:45 +02:00
AuroraLS3
c8e720cd24
Update versions.txt 5.5 build 2163
2023-01-07 10:09:22 +00:00
Aurora Lahtela
5ba6e0dc9f
Fix concurrency issues with json cache and database
2023-01-07 11:45:58 +02:00
Aurora Lahtela
9622f6a614
Disable BadAFKThresholdValuePatch
2023-01-06 23:06:17 +02:00
Aurora Lahtela
97b9a18cea
Catch session deserialization errors during enable
2023-01-06 19:40:04 +02:00
dependabot[bot]
85b4a51515
Bump json5 from 1.0.1 to 1.0.2 in /Plan/react/dashboard ( #2817 )
...
Bumps [json5](https://github.com/json5/json5 ) from 1.0.1 to 1.0.2.
- [Release notes](https://github.com/json5/json5/releases )
- [Changelog](https://github.com/json5/json5/blob/main/CHANGELOG.md )
- [Commits](https://github.com/json5/json5/compare/v1.0.1...v1.0.2 )
---
updated-dependencies:
- dependency-name: json5
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2023-01-06 15:24:46 +02:00