duckietm/Arcturus-Morningstar-Extended
1
0
Fork 0
mirror of https://github.com/duckietm/Arcturus-Morningstar-Extended.git synced 2026-06-20 07:26:18 +00:00
Code Issues Packages Projects Releases Wiki Activity
833 Commits 2 Branches 52 Tags
0109c25c802ff102aa4fc2084cc20d1d749f5b4c
Commit Graph

833 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
DuckieTM cdc0620c9b Merge pull request #209 from simoleo89/fix/forum-input-guards 
fix(forums): validate guild forum inputs
 2026-06-15 22:15:49 +02:00
simoleo89 827b130ccc fix(rooms): guard room user moderation packets 2026-06-15 22:15:39 +02:00
DuckieTM b7f153f8e7 Merge pull request #206 from simoleo89/fix/modtool-staff-action-guards 
fix(modtool): harden staff and report workflows
 2026-06-15 22:15:14 +02:00
simoleo89 bea385afe2 fix(rooms): harden room item packet guards 2026-06-15 22:07:24 +02:00
simoleo89 8c7d6db135 fix(catalog): harden marketplace and inventory mutations 2026-06-15 22:01:38 +02:00
simoleo89 95bd84a95f fix(rcon): register guard defaults before startup 2026-06-15 22:01:25 +02:00
simoleo89 22b05b4e52 feat(earnings): gate rewards by user progress 2026-06-15 21:49:45 +02:00
simoleo89 766d8d67d3 feat(earnings): integrate native reward sources 2026-06-15 21:14:35 +02:00
simoleo89 bd9657cf63 docs(earnings): document renderer packet contract 2026-06-15 20:48:43 +02:00
simoleo89 e29e06201c feat(earnings): add emulator rewards center 2026-06-15 20:41:00 +02:00
simoleo89 dac83e8a62 docs(earnings): define emulator rewards center 2026-06-15 20:25:48 +02:00
simoleo89 916ef7af3a fix(modtool): guard ticket lifecycle inputs 2026-06-15 20:15:47 +02:00
simoleo89 044d1141cd fix(modtool): validate report payloads 2026-06-15 20:15:46 +02:00
simoleo89 c98261d8c3 fix(forums): validate guild forum inputs 2026-06-15 20:13:42 +02:00
simoleo89 8ba9132e7e fix(modtool): bound staff supplied messages 2026-06-15 19:54:34 +02:00
simoleo89 36a06647f0 fix(modtool): enforce staff target rank ceilings 2026-06-15 19:51:36 +02:00
DuckieTM c48e01cb8e Merge pull request #205 from Lorenzune/pr-emulator-release-dispatch 
Allow manual emulator release workflow
 2026-06-15 07:25:13 +02:00
DuckieTM 916cf9ba9e Merge pull request #203 from simoleo89/fix/housekeeping-core-peer-rank 
fix(housekeeping): harden privileged staff actions
 2026-06-15 07:24:55 +02:00
DuckieTM 0af489cef2 Merge pull request #199 from simoleo89/fix/modtool-sanction-rank-ceilings 
fix(modtool): enforce permissions and sanction rank ceilings
 2026-06-15 07:24:30 +02:00
DuckieTM 6171ec7bab Merge pull request #198 from simoleo89/chore/deps-resilience-validation 
fix(rcon): harden privileged commands and payloads
 2026-06-15 07:24:12 +02:00
DuckieTM c048713b22 Merge branch 'dev' into chore/deps-resilience-validation 2026-06-15 07:24:02 +02:00
DuckieTM e5e3918513 Merge pull request #190 from simoleo89/fix/catalog-page-mutation-guards 
fix(catalog): harden admin mutations and voucher claims
 2026-06-15 07:22:47 +02:00
DuckieTM 14593b4638 Merge pull request #188 from simoleo89/fix/furnieditor-update-validation 
fix(furni-editor): validate and sync furnidata changes
 2026-06-15 07:22:24 +02:00
DuckieTM c199d805d8 Merge pull request #184 from simoleo89/fix/guild-badge-packet-parts 
fix(guilds): validate badge packets and memberships
 2026-06-15 07:22:01 +02:00
DuckieTM 3282430b67 Merge pull request #183 from simoleo89/fix/command-description-texts 
fix(commands): complete and quiet command descriptions
 2026-06-15 07:21:39 +02:00
DuckieTM 560def21d7 Merge pull request #180 from simoleo89/fix/items-ownership-and-charges 
fix(items): harden ownership and redeem lifecycle
 2026-06-15 07:21:09 +02:00
DuckieTM 5011fdf848 Merge pull request #179 from simoleo89/fix/rooms-self-moderation-scope 
fix(rooms): scope room actions and bound rights removal
 2026-06-15 07:20:41 +02:00
DuckieTM d34b44a656 Merge pull request #177 from simoleo89/style/startup-console 
style(startup): console banner/splash/colors
 2026-06-15 07:20:23 +02:00
DuckieTM 848b8bd5ce Merge pull request #176 from simoleo89/fix/messages-duplicate-aliases 
fix(messages): silence duplicate packet aliases
 2026-06-15 07:19:39 +02:00
DuckieTM 80400f828c Merge pull request #172 from simoleo89/fix/marketplace-claimed-payout 
fix(marketplace): only pay out claimed offers after detach
 2026-06-15 07:19:10 +02:00
DuckieTM 6868dd8d3d Merge pull request #171 from simoleo89/fix/trading-persistence-abort 
fix(trading): harden trade lifecycle
 2026-06-15 07:18:51 +02:00
Lorenzune 9f1e036310 Allow manual emulator release workflow 2026-06-15 02:16:23 +02:00
simoleo89 ec24283e0f fix(housekeeping): protect room owner mutations 2026-06-14 22:17:47 +02:00
simoleo89 93c4565660 fix(housekeeping): bound staff supplied text 2026-06-14 22:14:41 +02:00
simoleo89 31027095ec fix(housekeeping): enforce rank ceilings on rank changes 2026-06-14 21:55:19 +02:00
simoleo89 aa6dcd1062 fix(rcon): bound alert payloads 2026-06-14 21:40:59 +02:00
simoleo89 11554eae7b fix(rcon): validate social and room commands 2026-06-14 21:23:21 +02:00
simoleo89 25273679a1 fix(rcon): constrain remote command execution 2026-06-14 21:18:28 +02:00
simoleo89 15b56f9519 fix(rcon): bound mute and achievement mutations 2026-06-14 21:13:24 +02:00
simoleo89 8412a51ec4 fix(rcon): guard user update mutations 2026-06-14 21:02:28 +02:00
simoleo89 5d8dc670bd fix(rcon): cap subscription duration changes 2026-06-14 21:02:28 +02:00
simoleo89 81c8dfc605 fix(rcon): harden gift creation requests 2026-06-14 21:02:27 +02:00
simoleo89 4747699656 fix(rcon): validate room ownership and clothing grants 2026-06-14 21:02:27 +02:00
simoleo89 dba0337a7b fix(rcon): validate grant requests 2026-06-14 21:02:18 +02:00
simoleo89 3cb24a5185 fix(rcon): constrain setrank requests 2026-06-14 21:01:27 +02:00
simoleo89 775197984f fix(rcon): validate offline badge targets 
GiveBadge could treat a missing offline user as eligible for a badge and insert through a nullable user subquery. Depending on SQL mode this could fail late or persist an orphaned user_id value. Resolve the offline user first, return HABBO_NOT_FOUND when absent, and insert badges with the resolved user id only.
 2026-06-14 21:01:27 +02:00
simoleo89 4eafb54c57 fix(rcon): allow online motto updates outside rooms 
SetMotto updated the in-memory motto and then unconditionally broadcast RoomUserData through the current room. Online users without a current room could throw a null-pointer exception after the state change, making the RCON call report an error despite mutating the user. Only broadcast room data when a room is present and cover the invariant with a contract test.
 2026-06-14 21:01:26 +02:00
simoleo89 d8260ec461 fix(rcon): bind offline respect counters correctly 
GiveRespect inverted the offline SQL parameters for respects_given and respects_received. Online users received the intended counters, but offline users had the two persisted counters swapped. Bind respect_given to respects_given and respect_received to respects_received, with a contract test to keep the RCON offline path aligned.
 2026-06-14 21:01:26 +02:00
simoleo89 b94acdf719 fix(rcon): report missing offline credit targets 
GiveCredits treated offline UPDATE execution as success without checking whether any user row was changed. Nonexistent user ids could therefore return an offline success response while granting nothing. Use executeUpdate(), return HABBO_NOT_FOUND when no row is affected, and keep SQL errors from falling through to the offline success message.
 2026-06-14 21:01:26 +02:00
simoleo89 4330bf5a62 fix(rcon): always release inbound buffers 
RCONServerHandler released the inbound ByteBuf only after successfully parsing, writing, flushing, and closing the response. Any exception before the tail release could leak Netty buffers and let malformed RCON traffic consume memory over time. Guard non-ByteBuf messages, release accepted buffers from a finally block, and add a contract test for the release invariant.
 2026-06-14 21:01:16 +02:00