mirror of
https://github.com/openfrontio/OpenFrontIO.git
synced 2026-06-21 07:40:43 +00:00
275fd0dccc4da57ef5104c83d394c0773b15744c
126 Commits
| Author | SHA1 | Message | Date | |
|---|---|---|---|---|
 Evan
|
275fd0dccc |
refactor: collapse per-env Configs into ClientEnv + ServerEnv (#3906)
## Description: This is a refactor to simplify config handling. Replaces the per-environment DevConfig/PreprodConfig/ProdConfig class hierarchy with two static classes: ClientEnv (browser main thread, reads from window.BOOTSTRAP_CONFIG) and ServerEnv (Node server, reads from process.env). The four config classes are deleted, the abstract DefaultServerConfig is gone, and DefaultConfig is renamed to Config. The values that flow server → client (gameEnv, numWorkers, turnstileSiteKey, jwtAudience, instanceId) used to be baked into the hardcoded per-env classes. They're now real env vars on the server, embedded into a single window.BOOTSTRAP_CONFIG object in index.html at request time (alongside the existing gitCommit/assetManifest/cdnBase globals, which moved into the same object), and read back by ClientEnv on the client. The dev defaults previously hidden inside DevServerConfig are now explicit in start:server-dev (NUM_WORKERS=2, TURNSTILE_SITE_KEY=1x..., JWT_AUDIENCE=localhost, etc.) and in vite.config.ts's html plugin inject.data. Production deploys plumb NUM_WORKERS and TURNSTILE_SITE_KEY through deploy.yml (GitHub vars) into the remote env file; JWT_AUDIENCE is derived from DOMAIN in deploy.sh. The dynamic /api/instance endpoint is gone — INSTANCE_ID rides along in BOOTSTRAP_CONFIG now. ServerEnv is the only thing server code touches; ClientEnv is browser-only. The two classes have intentional overlap (env, numWorkers, jwtIssuer, gameCreationRate, workerIndex, etc.) since they derive identical logic from different sources — there's a TODO in each to consolidate via a shared helper later. The game-logic Config no longer stores a ServerConfig/ClientEnv reference and its serverConfig() getter is gone; the one caller (MultiTabModal) now reads ClientEnv.env() directly. Worker init no longer carries server-config values since nothing in the worker actually reads them. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
dependabot[bot]
|
922e03d5fb |
Bump ip-address from 10.1.0 to 10.2.0 in the npm_and_yarn group across 1 directory (#3862)
Bumps the npm_and_yarn group with 1 update in the / directory: [ip-address](https://github.com/beaugunderson/ip-address). Updates `ip-address` from 10.1.0 to 10.2.0 <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/beaugunderson/ip-address/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
VariableVince
|
eca5794ebb |
Chore(deps): Update and remove dependencies (#3819)
## Description:
Only mentioning removals/major updates/notable changes below, not all
minor upgrades.
### Removed:
- "@aws-sdk/client-s3": not used anywhere (was used in Archive.ts
previously)
- chai, "@types/chai", sinon-chai: not used anywhere, probably leftover.
Vitest uses a bundled version of Chai for its expect asserations under
the hood too.
- protobufjs, "@types/google-protobuf": not used anywhere, probably left
from evan's experiment with it? Removed from vite.config.ts too.
- "@types/jquery": not used anywhere, probably leftover
- sinon, "@types/sinon": not used anywhere just like chai, probably
leftover. And Vitest provides us with the same functionality.
- "@types/systeminformation": dependency systeminformation was removed
last year, this is an unneeded, deprecated and unmaintained remainder.
- vite-tsconfig-paths: removed, and removed the import and usage in
vite.config.ts and replaced it by adding `tsconfigPaths: true` to the
`resolve` block. Because of this message displayed on running the tests:
"The plugin "vite-tsconfig-paths" is detected. Vite now supports
tsconfig paths resolution natively via the resolve.tsconfigPaths option.
You can remove the plugin and set resolve.tsconfigPaths: true in your
Vite config instead."
- vite-plugin-static-copy: removed, we don't use it anymore (was used in
our vite.config.ts once,, probably before Vite natively supported
copying static assets via its publicDir configuration)
### Updated:
- color.js: v0.5 > v0.6, no breaking change affecting us
- cross-env: v7 > v10. It's a publicly archived repo since Nov 2025. But
before that he got it up-to-date from June 2025, porting to TS, dropping
old Node versions, dependencies etc. Seems still good to use for some
amount of time to come.
- dotenv: v16 > v17, now logs an informational message by default when
it loads an environment file. Can be disabled by using
dotenv.config({quite: true}) if needed.
- ejs: v3 > v5: security patches mostly. Vite still uses v3 btw.
- eslint: v9 > v10. Newly enabled rules by default:
'no-unassigned-vars', 'no-useless-assignment' and
'preserve-caught-error'. Mostly faster and minimum support moved to
higher node versions, which shouldn't be a problem.
- "@eslint/compat": v1 > v2. Minimum supported Node versions, which
should not be a problem.
- intl-messageformat: v10 > v11 no breaking changes that affect us
- jdom: v27 > v29. Faster. Most notably minimum support moved to higher
node v22 version, which should not be a problem. Also, see types/node,
kind of expecting v24 to be installed now.
- nanoid: from v3 to v5, no breaking changes that affect us
- "@opentelemetry/sdk-logs": now that addLogRecordProcessor is removed,
changed Logger.ts to pass an (empty) provider array directly to the
LoggerProvider constructor. Follows the changes in
https://github.com/open-telemetry/opentelemetry-js/pull/5588
- "@tailwindcss/vite": supports vite v8 from 4.2.2, and a fix for it in
4.2.4
- tailwindcss: supports vite v8 from 4.2.2
-- in 4.1.15 (we were already above this version) break-words was
deprecated in favor of wrap-break-word. But break-words, which we use in
15 places, will still work as expected
(https://github.com/tailwindlabs/tailwindcss/pull/19157). Same goes for
also deprecated "order-none".
- "@types/node": from v22 to v24, assuming most now use node 24
- vite v7 > v8:
-- is now on 8.0.10 so first bugs are out of it, while v8 itself also
fixed a big number of bugs.
-- in vite.config.ts, fixed Ts error/compilation issue by changing the
manualChunks option in build.rollupOptions.output to use the function
syntax, which is required by the updated types instead of the object
syntax.
- zod: no changes that affect us
### Prettier:
Updated only because of (new because of update?) Prettier errors for
files untouched in this PR originally:
- PathFinder.Parabola.ts
- WorkerMessages.ts
- ClanModal.handlers.test.ts
- ClanModal.rendering.test.ts
- CONTRIBUTING.md
- README.md
### ESLint:
Fixes needed to silence errors coming from newly enabled recommended
rules 'no-useless-assignment' and 'preserve-caught-error':
For 'no-useless-assignment' (default assignment never used because of
unreachable code or they are guaranteed to get a value, so they can be
undefinedat the start. Exception was AttackExecution, so made the
default value of 0 the default case in the switch statement):
- ClientGameRunner
- GameModeSelector
- NameBoxCalculator
- StructureDrawingUtils
- TerritoryLayer
- Diagnostics
- GameRunner
- ColorAllocator
- DefaultConfig
- AttackExecution
- AiAttackBehavior
- Worker.worker
- GamePreviewBuilder
For 'preserve-caught-error', disabled the rule here because the possible
fix `{cause: error}` was introduced in ES2022 while we're still on
target ES2020 currently:
- GameServer
- Privilege
_Error: The value assigned to 'gameMap' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'timeDisplay' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'scalingFactor' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'radius' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'teamColor' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'gl' is not used in subsequent statements.
(no-useless-assignment)
Error: The value assigned to 'power' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'tickExecutionDuration' is not used in
subsequent statements. (no-useless-assignment)
Error: The value assigned to 'selectedIndex' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'mag' is not used in subsequent statements.
(no-useless-assignment)
Error: The value assigned to 'speed' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'matchesCriteria' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'shouldContinue' is not used in subsequent
statements. (no-useless-assignment)
Error: The value assigned to 'description' is not used in subsequent
statements. (no-useless-assignment)
Error: There is no `cause` attached to the symptom error being thrown.
(preserve-caught-error)
Error: There is no `cause` attached to the symptom error being thrown.
(preserve-caught-error)_
All tests pass. TypeScript and ESLint errors resolved.
## Please complete the following:
- [x] I have added screenshots for all UI updates
- [x] I process any text displayed to the user through translateText()
and I've added it to the en.json file
- [x] I have added relevant tests to the test directory
- [x] I confirm I have thoroughly tested these changes and take full
responsibility for any bugs introduced
## Please put your Discord username so you can be contacted if a bug or
regression is found:
tryout33
---------
Co-authored-by: Copilot <copilot@github.com>
|
||
|
VariableVince
|
775d9a0f0c |
Chore(deps): Update pixijs to 8.18.1 (#3812)
## Description: Update pixijs to 8.18.1, mostly because we might want to use the ability to send AutoDetectRenderer an array as "preference". And because we want to stay up-to-date with fixes to a renderer we use. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
VariableVince
|
914c7e750f |
Remove "uuid" dependency (#3811)
## Description: One dependency less: remove uuid. It is only used to get the three random digits after "Anon" if no name is present in localStorage. Crypto.randomUUID also gives us a UUID v4 and can already be used from Utils > generateCryptoRandomUUID. Not noticable when it comes to speed either. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
babyboucher
|
4f20d2b332 |
TypeScript update to 6.0.3 (#3806)
## Description: Updating TypeScript to 6.0.3. Updating TypeScript-eslint to 8.59.1 for TS6 support. Concurrently needed to get updated as well to remove deprecated warning. Most things deleted are now just defaults. ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: Babyboucher |
||
|
dependabot[bot]
|
1aaa3ba99f |
Bump uuid from 11.1.0 to 14.0.0 in the npm_and_yarn group across 1 directory (#3745)
Bumps the npm_and_yarn group with 1 update in the / directory: [uuid](https://github.com/uuidjs/uuid). Updates `uuid` from 11.1.0 to 14.0.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/uuidjs/uuid/releases">uuid's releases</a>.</em></p> <blockquote> <h2>v14.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a> (2026-04-19)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> </ul> <h3>Features</h3> <ul> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>) (<a href="https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3">dc4ddb8</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>) (<a href="https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4">f2c235f</a>)</li> <li>Use GITHUB_TOKEN for release-please and enable npm provenance (<a href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>) (<a href="https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c">ffa3138</a>)</li> </ul> <h2>v13.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a> (2025-09-08)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a href="https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a">bce9d72</a>)</li> </ul> <h2>v12.0.0</h2> <h2><a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a> (2025-09-05)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>)</li> </ul> <h3>Features</h3> <ul> <li>add node@24 to ci matrix (<a href="https://redirect.github.com/uuidjs/uuid/issues/879">#879</a>) (<a href="https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92">42b6178</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>) (<a href="https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530">0f38cf1</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>) (<a href="https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f">ae786e2</a>)</li> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>) (<a href="https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01">c7ee405</a>)</li> </ul> <h3>Bug Fixes</h3> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/uuidjs/uuid/blob/main/CHANGELOG.md">uuid's changelog</a>.</em></p> <blockquote> <h2><a href="https://github.com/uuidjs/uuid/compare/v13.0.0...v14.0.0">14.0.0</a> (2026-04-19)</h2> <h3>Security</h3> <ul> <li>Fixes <a href="https://github.com/uuidjs/uuid/security/advisories/GHSA-w5hq-g745-h8pq">GHSA-w5hq-g745-h8pq</a>: <code>v3()</code>, <code>v5()</code>, and <code>v6()</code> did not validate that writes would remain within the bounds of a caller-supplied buffer, allowing out-of-bounds writes when an invalid <code>offset</code> was provided. A <code>RangeError</code> is now thrown if <code>offset < 0</code> or <code>offset + 16 > buf.length</code>.</li> </ul> <h3>⚠ BREAKING CHANGES</h3> <ul> <li><code>crypto</code> is now expected to be globally defined (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li>drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> <li>upgrade minimum supported TypeScript version to 5.4.3, in keeping with the project's policy of supporting TypeScript versions released within the last two years</li> </ul> <h2><a href="https://github.com/uuidjs/uuid/compare/v12.0.0...v13.0.0">13.0.0</a> (2025-09-08)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>make browser exports the default (<a href="https://redirect.github.com/uuidjs/uuid/issues/901">#901</a>) (<a href="https://github.com/uuidjs/uuid/commit/bce9d72a3ae5b9a3dcd8eb21ef6d1820288a427a">bce9d72</a>)</li> </ul> <h2><a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v12.0.0">12.0.0</a> (2025-09-05)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>)</li> </ul> <h3>Features</h3> <ul> <li>add node@24 to ci matrix (<a href="https://redirect.github.com/uuidjs/uuid/issues/879">#879</a>) (<a href="https://github.com/uuidjs/uuid/commit/42b6178aa21a593257f0a72abacd220f0b7b8a92">42b6178</a>)</li> <li>drop node@16 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/883">#883</a>) (<a href="https://github.com/uuidjs/uuid/commit/0f38cf10366ab074f9328ae2021eea04d5f2e530">0f38cf1</a>)</li> <li>remove CommonJS support (<a href="https://redirect.github.com/uuidjs/uuid/issues/886">#886</a>) (<a href="https://github.com/uuidjs/uuid/commit/ae786e27265f50bcf7cead196c29f1869297c42f">ae786e2</a>)</li> <li>update to typescript@5.2 (<a href="https://redirect.github.com/uuidjs/uuid/issues/887">#887</a>) (<a href="https://github.com/uuidjs/uuid/commit/c7ee40598ed78584d81ab78dffded9fe5ff20b01">c7ee405</a>)</li> </ul> <h3>Bug Fixes</h3> <ul> <li>improve v4() performance (<a href="https://redirect.github.com/uuidjs/uuid/issues/894">#894</a>) (<a href="https://github.com/uuidjs/uuid/commit/5fd974c12718c8848035650b69b8948f12ace197">5fd974c</a>)</li> <li>restore node: prefix (<a href="https://redirect.github.com/uuidjs/uuid/issues/889">#889</a>) (<a href="https://github.com/uuidjs/uuid/commit/e1f42a354593093ba0479f0b4047dae82d28c507">e1f42a3</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/uuidjs/uuid/commit/7c1ea087a8149b57380fc8bb7f68c3a215cb6e4b"><code>7c1ea08</code></a> chore(main): release 14.0.0 (<a href="https://redirect.github.com/uuidjs/uuid/issues/926">#926</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/3d2c5b0342f0fcb52a5ac681c3d47c13e7444b34"><code>3d2c5b0</code></a> Merge commit from fork</li> <li><a href="https://github.com/uuidjs/uuid/commit/f2c235f93059325fa43e1106e624b5291bb523c4"><code>f2c235f</code></a> fix!: expect <code>crypto</code> to be global everywhere (requires node@20+) (<a href="https://redirect.github.com/uuidjs/uuid/issues/935">#935</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/529ef0899f5dd503d2ee90d690585d63d78bc212"><code>529ef08</code></a> chore: upgrade TypeScript and fixup types (<a href="https://redirect.github.com/uuidjs/uuid/issues/927">#927</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/086fd7976f11433edf9ac80be876b3ad243fe087"><code>086fd79</code></a> chore: update dependencies (<a href="https://redirect.github.com/uuidjs/uuid/issues/933">#933</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/dc4ddb87272ed2843faccd130bcc41d492688bd3"><code>dc4ddb8</code></a> feat!: drop node@18 support (<a href="https://redirect.github.com/uuidjs/uuid/issues/934">#934</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/0f1f9c9c9cedbae5a1d363d5406c5dfbabe81404"><code>0f1f9c9</code></a> chore: switch to Biome for parsing and linting (<a href="https://redirect.github.com/uuidjs/uuid/issues/932">#932</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/e2879e64bf125add903c1eff6e0860542c605013"><code>e2879e6</code></a> chore: use maintained version of npm-run-all (<a href="https://redirect.github.com/uuidjs/uuid/issues/930">#930</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/ffa31383e8e4e1f0b4e22e504561272041b8738c"><code>ffa3138</code></a> fix: Use GITHUB_TOKEN for release-please and enable npm provenance (<a href="https://redirect.github.com/uuidjs/uuid/issues/925">#925</a>)</li> <li><a href="https://github.com/uuidjs/uuid/commit/0423d49df2dc8efc300c804731d25f4d7e0fccc4"><code>0423d49</code></a> docs: remove obsolete v1 option notes (<a href="https://redirect.github.com/uuidjs/uuid/issues/915">#915</a>)</li> <li>Additional commits viewable in <a href="https://github.com/uuidjs/uuid/compare/v11.1.0...v14.0.0">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~GitHub%20Actions">GitHub Actions</a>, a new releaser for uuid since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
bf79a0cd56 |
Bump protobufjs from 7.5.3 to 7.5.5 in the npm_and_yarn group across 1 directory (#3698)
Bumps the npm_and_yarn group with 1 update in the / directory: [protobufjs](https://github.com/protobufjs/protobuf.js). Updates `protobufjs` from 7.5.3 to 7.5.5 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/protobufjs/protobuf.js/releases">protobufjs's releases</a>.</em></p> <blockquote> <h2>protobufjs: v7.5.4</h2> <h2><a href="https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4">7.5.4</a> (2025-08-15)</h2> <h3>Bug Fixes</h3> <ul> <li>invalid syntax in descriptor.proto (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2092">#2092</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760">5a3769a</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/protobufjs/protobuf.js/blob/master/CHANGELOG.md">protobufjs's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <h2><a href="https://github.com/protobufjs/protobuf.js/compare/protobufjs-v8.0.0...protobufjs-v8.0.1">8.0.1</a> (2026-03-11)</h2> <h3>Bug Fixes</h3> <ul> <li>bump protobufjs dependency version for cli package (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2128">#2128</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/549b05ecd95e23da40fa1a36a9336c57946b8377">549b05e</a>)</li> <li>correct json syntax in tsconfig.json (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2120">#2120</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/80656255c75000f3e954e036cdfcb5bfd0a8c687">8065625</a>)</li> <li><strong>descriptor:</strong> guard oneof index for non-Type parents (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2122">#2122</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/1cac5cf811d0855b27dcde73a3a04d15efde3728">1cac5cf</a>)</li> <li>do not allow setting <strong>proto</strong> in Message constructor (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2126">#2126</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/f05e3c3bdd0b3c2cddbf8540bb5bd4d394a693ad">f05e3c3</a>)</li> <li>filter invalid characters from the type name (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2127">#2127</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/535df444ac060243722ac5d672db205e5c531d75">535df44</a>)</li> </ul> <h2><a href="https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.4...protobufjs-v8.0.0">8.0.0</a> (2025-12-16)</h2> <h3>⚠ BREAKING CHANGES</h3> <ul> <li>add Edition 2024 Support (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2060">#2060</a>)</li> </ul> <h3>Features</h3> <ul> <li>add Edition 2024 Support (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2060">#2060</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/53e8492cbaae2c741801fa50b5f908ff5129c3d7">53e8492</a>)</li> </ul> <h2><a href="https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.4">7.5.4</a> (2025-08-15)</h2> <h3>Bug Fixes</h3> <ul> <li>invalid syntax in descriptor.proto (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2092">#2092</a>) (<a href="https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760">5a3769a</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/protobufjs/protobuf.js/commit/b7bdfaf91d7bf279326f2d043b633da0a2dbfe47"><code>b7bdfaf</code></a> chore: release 7.5.5</li> <li><a href="https://github.com/protobufjs/protobuf.js/commit/ff7b2afef8754837cc6dc64c864cd111ab477956"><code>ff7b2af</code></a> fix: filter invalid characters from the type name (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2127">#2127</a>)</li> <li><a href="https://github.com/protobufjs/protobuf.js/commit/086b19d00d1d01e801d6ccc2ae3f207bb1b06482"><code>086b19d</code></a> fix: do not allow setting <strong>proto</strong> in Message constructor (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2126">#2126</a>)</li> <li><a href="https://github.com/protobufjs/protobuf.js/commit/827ff8e48253e9041f19ac81168aa046dbdfb041"><code>827ff8e</code></a> chore: release master (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2093">#2093</a>)</li> <li><a href="https://github.com/protobufjs/protobuf.js/commit/5a3769a465fead089a533ad55c21d069299df760"><code>5a3769a</code></a> fix: invalid syntax in descriptor.proto (<a href="https://redirect.github.com/protobufjs/protobuf.js/issues/2092">#2092</a>)</li> <li>See full diff in <a href="https://github.com/protobufjs/protobuf.js/compare/protobufjs-v7.5.3...protobufjs-v7.5.5">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~fenster">fenster</a>, a new releaser for protobufjs since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
dependabot[bot]
|
31baeacdf4 |
Bump dompurify from 3.3.2 to 3.4.0 in the npm_and_yarn group across 1 directory (#3693)
Bumps the npm_and_yarn group with 1 update in the / directory: [dompurify](https://github.com/cure53/DOMPurify). Updates `dompurify` from 3.3.2 to 3.4.0 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cure53/DOMPurify/releases">dompurify's releases</a>.</em></p> <blockquote> <h2>DOMPurify 3.4.0</h2> <p><strong>Most relevant changes:</strong></p> <ul> <li>Fixed a problem with <code>FORBID_TAGS</code> not winning over <code>ADD_TAGS</code>, thanks <a href="https://github.com/kodareef5"><code>@kodareef5</code></a></li> <li>Fixed several minor problems and typos regarding MathML attributes, thanks <a href="https://github.com/DavidOliver"><code>@DavidOliver</code></a></li> <li>Fixed <code>ADD_ATTR</code>/<code>ADD_TAGS</code> function leaking into subsequent array-based calls, thanks <a href="https://github.com/1Jesper1"><code>@1Jesper1</code></a></li> <li>Fixed a missing <code>SAFE_FOR_TEMPLATES</code> scrub in <code>RETURN_DOM</code> path, thanks <a href="https://github.com/bencalif"><code>@bencalif</code></a></li> <li>Fixed a prototype pollution via <code>CUSTOM_ELEMENT_HANDLING</code>, thanks <a href="https://github.com/trace37labs"><code>@trace37labs</code></a></li> <li>Fixed an issue with <code>ADD_TAGS</code> function form bypassing <code>FORBID_TAGS</code>, thanks <a href="https://github.com/eddieran"><code>@eddieran</code></a></li> <li>Fixed an issue with <code>ADD_ATTR</code> predicates skipping URI validation, thanks <a href="https://github.com/christos-eth"><code>@christos-eth</code></a></li> <li>Fixed an issue with <code>USE_PROFILES</code> prototype pollution, thanks <a href="https://github.com/christos-eth"><code>@christos-eth</code></a></li> <li>Fixed an issue leading to possible mXSS via Re-Contextualization, thanks <a href="https://github.com/researchatfluidattacks"><code>@researchatfluidattacks</code></a> and others</li> <li>Fixed an issue with closing tags leading to possible mXSS, thanks <a href="https://github.com/frevadiscor"><code>@frevadiscor</code></a></li> <li>Fixed a problem with the type dentition patcher after Node version bump</li> <li>Fixed freezing BS runs by reducing the tested browsers array</li> <li>Bumped several dependencies where possible</li> <li>Added needed files for OpenSSF scorecard checks</li> </ul> <p><strong>Published Advisories are here:</strong> <a href="https://github.com/cure53/DOMPurify/security/advisories?state=published">https://github.com/cure53/DOMPurify/security/advisories?state=published</a></p> <h2>DOMPurify 3.3.3</h2> <ul> <li>Fixed an engine requirement for Node 20 which caused hiccups, thanks <a href="https://github.com/Rotzbua"><code>@Rotzbua</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cure53/DOMPurify/commit/5b16e0b892e82b1779d62b9928b43c4c4ff290b9"><code>5b16e0b</code></a> Getting 3.x branch ready for 3.4.0 release (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1250">#1250</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/8bcbf73ae7eb56e7b4f1300b66cf543342c7ee27"><code>8bcbf73</code></a> chore: Preparing 3.3.3 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/5faddd60af7b4d612f32a0c6b44432b77c8c490c"><code>5faddd6</code></a> fix: engine requirement (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1210">#1210</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/0f91e3add5c028bc4110c513b0c2571b284c35af"><code>0f91e3a</code></a> Update README.md</li> <li><a href="https://github.com/cure53/DOMPurify/commit/d5ff1a8c605df1df998c2e7df2c4c8ac762b0dea"><code>d5ff1a8</code></a> Merge branch 'main' of github.com:cure53/DOMPurify</li> <li><a href="https://github.com/cure53/DOMPurify/commit/c3efd489010366e755de9d65fd741888fd8b7462"><code>c3efd48</code></a> fix: moved back from jsdom 28 to jsdom 20</li> <li><a href="https://github.com/cure53/DOMPurify/commit/988b888108c8df911ef37e68d0e26c85ad90e885"><code>988b888</code></a> fix: moved back from jsdom 28 to jsdom 20</li> <li><a href="https://github.com/cure53/DOMPurify/commit/2726c74e9c6a0645127d1630e5ca49f64bc9fe67"><code>2726c74</code></a> chore: Preparing 3.3.2 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/6202c7e43e9df01ba606396aed60fbae5583f7a1"><code>6202c7e</code></a> build(deps): bump <code>@tootallnate/once</code> and jsdom (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1204">#1204</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/302b51de22535cc90235472c52e3401bedd46f80"><code>302b51d</code></a> fix: Expanded the regex ever so slightly to also cover script</li> <li>Additional commits viewable in <a href="https://github.com/cure53/DOMPurify/compare/3.3.2...3.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
VariableVince
|
845ebd7d1a |
Chore(deps): Update express-rate-limit (#3667)
## Description: Update express-rate-limit 7.5.0 > 8.3.2. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
dependabot[bot]
|
cb6bb5415d |
Bump vite from 7.3.0 to 7.3.2 in the npm_and_yarn group across 1 directory (#3605)
Bumps the npm_and_yarn group with 1 update in the / directory: [vite](https://github.com/vitejs/vite/tree/HEAD/packages/vite). Updates `vite` from 7.3.0 to 7.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/releases">vite's releases</a>.</em></p> <blockquote> <h2>v7.3.2</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> <h2>v7.3.1</h2> <p>Please refer to <a href="https://github.com/vitejs/vite/blob/v7.3.1/packages/vite/CHANGELOG.md">CHANGELOG.md</a> for details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/vitejs/vite/blob/v7.3.2/packages/vite/CHANGELOG.md">vite's changelog</a>.</em></p> <blockquote> <h2><!-- raw HTML omitted --><a href="https://github.com/vitejs/vite/compare/v7.3.1...v7.3.2">7.3.2</a> (2026-04-06)<!-- raw HTML omitted --></h2> <h3>Bug Fixes</h3> <ul> <li>avoid path traversal with optimize deps sourcemap handler (<a href="https://redirect.github.com/vitejs/vite/issues/22161">#22161</a>) (<a href="https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7">09d8c90</a>)</li> <li>backport <a href="https://redirect.github.com/vitejs/vite/issues/22159">#22159</a>, apply server.fs check to env transport (<a href="https://redirect.github.com/vitejs/vite/issues/22162">#22162</a>) (<a href="https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1">19db0f2</a>)</li> <li>check <code>server.fs</code> after stripping query as well (<a href="https://redirect.github.com/vitejs/vite/issues/22160">#22160</a>) (<a href="https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6">f8103cc</a>)</li> </ul> <h2><!-- raw HTML omitted --><a href="https://github.com/vitejs/vite/compare/v7.3.0...v7.3.1">7.3.1</a> (2026-01-07)<!-- raw HTML omitted --></h2> <h3>Features</h3> <ul> <li>add <code>ignoreOutdatedRequests</code> option to <code>optimizeDeps</code> (<a href="https://redirect.github.com/vitejs/vite/issues/21364">#21364</a>) (<a href="https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e">9d39d37</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/vitejs/vite/commit/cc383e07b66d4c5a9768fcb570e0af812cb8d999"><code>cc383e0</code></a> release: v7.3.2</li> <li><a href="https://github.com/vitejs/vite/commit/09d8c903bde12fee2710314d3b42bc789c686df7"><code>09d8c90</code></a> fix: avoid path traversal with optimize deps sourcemap handler (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22161">#22161</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/f8103cc946f137a54e395fe3f5d08e8209231ed6"><code>f8103cc</code></a> fix: check <code>server.fs</code> after stripping query as well (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22160">#22160</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/19db0f29c3a3ac4e64cc95c270716c77fd223ad1"><code>19db0f2</code></a> fix: backport <a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22159">#22159</a>, apply server.fs check to env transport (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/22162">#22162</a>)</li> <li><a href="https://github.com/vitejs/vite/commit/95e8923f35d0252c9f6eb2d5e358c084542706f1"><code>95e8923</code></a> release: v7.3.1</li> <li><a href="https://github.com/vitejs/vite/commit/9d39d373a7b4e0a93322b70b9dbeb202af06af3e"><code>9d39d37</code></a> feat: add <code>ignoreOutdatedRequests</code> option to <code>optimizeDeps</code> (<a href="https://github.com/vitejs/vite/tree/HEAD/packages/vite/issues/21364">#21364</a>)</li> <li>See full diff in <a href="https://github.com/vitejs/vite/commits/v7.3.2/packages/vite">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
VariableVince
|
74b5affa75 |
Chore(deps): Migrate Express 4 > 5 (#3549)
## Description: Update from Express 4.22 > 5.2.1. And @types/express 4.17 > 5.0.6. ### CodeQL errors unjustified: Please dismiss the unjustified [CodeQL scanning results](https://github.com/openfrontio/OpenFrontIO/security/code-scanning?query=pr%3A3549+tool%3ACodeQL+is%3Aopen) for playground/server.ts: they were flagged for this PR but i didn't touch those specific parts of the file. More importantly: it is a test server, created by Mole/ @Aareksio. I made requests to dismiss the alerts but don't have the permissions to actually dismiss them myself Version 5 was the first major upgrade in 10 years when it was released in Sept 2024. 5.21 is from Dec 2025 so v5 teething problems should be over by now. Many of its dependencies also updated by some major versions. So it seems a worthy update but that is for you to decide. v4 will be EOL when v6 arrives, however that could be a year from now still maybe. - Migration: -- Updated package.json, ran `npm install "express@5"` and `npm install "@types/express@5.0.6"`. -- Used https://expressjs.com/en/guide/migrating-5.html -- Ran the codemods from the migration guide `npx codemod@latest @expressjs/v5-migration-recipe`. -- Checked manually. -- Checked again with help of Gemini 3.1 Pro based on same guide. -- Master.ts: use `*splat` instead of `*`, tested and going to non-existing URL lands back on index.html like it should. -- Worker.ts: MIME type _webp_ is now supported natively so remove added config. -- playground/server.ts: fix type error after upgrading types/express for `name` in `req.params`. And `app.listen` handles user provided callback on error, use that. The latter may not be not needed per se. -- While v5 does this now "When an error is thrown in an async function or a rejected promise is awaited inside an async function, those errors will be passed to the error handler as if calling next(err).", choose to leave our try/catch'es be. Since we use specific errors, probably easier for consistency in log searches and user reporting. - About performance: -- While [Express 5 seems a bit slower than 4](https://www.repoflow.io/blog/express-4-vs-express-5-benchmark-node-18-24), it is not by much especially on Node24 which we're on. Also there's a working group dedicated to improving Express performance, albeit they expect v6/7 to benefit from that more than v5 will. -- While there are faster alternatives in benchmarks, [in real-world usage Express still holds up as one of the best and even beats most 'faster' alternatives](https://medium.com/deno-the-complete-reference/node-js-the-fastest-web-framework-in-2025-static-file-server-case-1df462ad38cd). ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
VariableVince
|
54a63ac481 |
Could help decrease icons disappearing: Update PixiJS (#3478)
## Description: Please put in next v30 update if possible. Upgrade [PixiJS from 8.11.0 to their newest version 8.17.1](https://github.com/pixijs/pixijs/releases) and pixi-filters too. This could help decrease occurance of this issue: https://github.com/openfrontio/OpenFrontIO/issues/2147 Checked "Behavior Change" in their release notes and we aren't touched by those. But some of the fixes, especially GC/memory leak, may help in reducing "dissappearing structure icons". Update to destroy() now using the new unload() could help too; we call destroy() directly on ghoststructures and its possibly called elsewhere under the surface too. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
evanpelle
|
d4321ba81f | add intent based rate limits | ||
|
dependabot[bot]
|
73ad08f0cf |
Build(deps): bump dompurify from 3.2.6 to 3.3.2 in the npm_and_yarn group across 1 directory (#3365)
Bumps the npm_and_yarn group with 1 update in the / directory: [dompurify](https://github.com/cure53/DOMPurify). Updates `dompurify` from 3.2.6 to 3.3.2 <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/cure53/DOMPurify/releases">dompurify's releases</a>.</em></p> <blockquote> <h2>DOMPurify 3.3.2</h2> <ul> <li>Fixed a possible bypass caused by jsdom's faulty raw-text tag parsing, thanks multiple reporters</li> <li>Fixed a prototype pollution issue when working with custom elements, thanks <a href="https://github.com/christos-eth"><code>@christos-eth</code></a></li> <li>Fixed a lenient config parsing in <code>_isValidAttribute</code>, thanks <a href="https://github.com/christos-eth"><code>@christos-eth</code></a></li> <li>Bumped and removed several dependencies, thanks <a href="https://github.com/Rotzbua"><code>@Rotzbua</code></a></li> <li>Fixed the test suite after bumping dependencies, thanks <a href="https://github.com/Rotzbua"><code>@Rotzbua</code></a></li> </ul> <h2>DOMPurify 3.3.1</h2> <ul> <li>Updated <code>ADD_FORBID_CONTENTS</code> setting to extend default list, thanks <a href="https://github.com/MariusRumpf"><code>@MariusRumpf</code></a></li> <li>Updated the ESM import syntax to be more correct, thanks <a href="https://github.com/binhpv"><code>@binhpv</code></a></li> </ul> <h2>DOMPurify 3.3.0</h2> <ul> <li>Added the SVG <code>mask-type</code> attribute to default allow-list, thanks <a href="https://github.com/prasadrajandran"><code>@prasadrajandran</code></a></li> <li>Added support for <code>ADD_ATTR</code> and <code>ADD_TAGS</code> to accept functions, thanks <a href="https://github.com/nelstrom"><code>@nelstrom</code></a></li> <li>Fixed an issue with the <code>slot</code> element being in both SVG and HTML allow-list, thanks <a href="https://github.com/Wim-Valgaeren"><code>@Wim-Valgaeren</code></a></li> </ul> <h2>DOMPurify 3.2.7</h2> <ul> <li>Added new attributes and elements to default allow-list, thanks <a href="https://github.com/elrion018"><code>@elrion018</code></a></li> <li>Added <code>tagName</code> parameter to custom element <code>attributeNameCheck</code>, thanks <a href="https://github.com/nelstrom"><code>@nelstrom</code></a></li> <li>Added better check for animated <code>href</code> attributes, thanks <a href="https://github.com/llamakko"><code>@llamakko</code></a></li> <li>Updated and improved the bundled types, thanks <a href="https://github.com/ssi02014"><code>@ssi02014</code></a></li> <li>Updated several tests to better align with new browser encoding behaviors</li> <li>Improved the handling of potentially risky content inside CDATA elements, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> <li>Improved the regular expression for raw-text elements to cover textareas, thanks <a href="https://github.com/securityMB"><code>@securityMB</code></a> & <a href="https://github.com/terjanq"><code>@terjanq</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/cure53/DOMPurify/commit/5e56114cb24079ce52dbc51f76e494b77afa5153"><code>5e56114</code></a> Getting 3.x branch ready for 3.3.2 release (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1208">#1208</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/e8c95f4a27aa8b041f92b59ab7685a94f7be6208"><code>e8c95f4</code></a> fix: Fixed the broken package-lock.json</li> <li><a href="https://github.com/cure53/DOMPurify/commit/9636037c145b769dad0b52da8313301cbf867f46"><code>9636037</code></a> Update package-lock.json</li> <li><a href="https://github.com/cure53/DOMPurify/commit/5cad4cecf2e647ac66eed25bc02a2415f00dbc8b"><code>5cad4ce</code></a> Getting 3.x branch ready for 3.3.2 releas (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1205">#1205</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/6fc446a589ab3d1d72ae2a5b71167ba38dbd3096"><code>6fc446a</code></a> Merge pull request <a href="https://redirect.github.com/cure53/DOMPurify/issues/1175">#1175</a> from cure53/main</li> <li><a href="https://github.com/cure53/DOMPurify/commit/3b3bf917d2b39460de6d130acebdc9243cf3e6ae"><code>3b3bf91</code></a> Merge branch 'main' of github.com:cure53/DOMPurify</li> <li><a href="https://github.com/cure53/DOMPurify/commit/9863f4195bae6048de9eb2802219218c6904066c"><code>9863f41</code></a> chore: Preparing 3.3.1 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/b4e02954dc4172c3944a755f3e99fbb76be64f7b"><code>b4e0295</code></a> chore: Preparing 3.3.0 release</li> <li><a href="https://github.com/cure53/DOMPurify/commit/077746bb2cfb77836dfb628dca7ffc7ced8a5356"><code>077746b</code></a> build(deps-dev): bump js-yaml from 4.1.0 to 4.1.1 (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1170">#1170</a>)</li> <li><a href="https://github.com/cure53/DOMPurify/commit/4de68bba9aba43dc3bba9348df603b64fc06d591"><code>4de68bb</code></a> build(deps): bump actions/checkout from 5 to 6 (<a href="https://redirect.github.com/cure53/DOMPurify/issues/1171">#1171</a>)</li> <li>Additional commits viewable in <a href="https://github.com/cure53/DOMPurify/compare/3.2.6...3.3.2">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
evanpelle
|
9b96b07820 |
test: add vitest-canvas-mock for local canvas support
Fixes UILayer tests failing locally due to the native canvas package not being compiled. vitest-canvas-mock provides a jsdom-compatible Canvas 2D API mock without requiring native build tools. |
||
|
VariableVince
|
52012e321b |
Fix: npm run perf errors on Windows (#3192)
## Description: Npm script 'perf' errors on Windows: "Error [ERR_MODULE_NOT_FOUND]: Cannot find module '(XXX)\OpenFrontIO\tests\perf\*.ts'". It probably worked fine on Linux or Mac, that i don't know. Replaced it with a file that also runs all tests in the folder, which is then simply ran by the script. There are possibly better ways to address this but this just works. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
Ryan
|
e4280c28e1 |
Add Ranked 1v1 Leaderboard (#3008)
If this PR fixes an issue, link it below. If not, delete these two lines. Resolves #(issue number) ## Description: @wraith4081 's pr updates the stats modal to show both 1v1 and clan stats ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: w.o.n --------- Co-authored-by: Wraith <54374743+wraith4081@users.noreply.github.com> Co-authored-by: iamlewis <lewismmmm@gmail.com> |
||
|
Himansu Rawal
|
8aa3e26e70 |
feat: Prevent GameServer from restarting after ending by introducin… (#2923)
If this PR fixes an issue, link it below. If not, delete these two lines. Resolves #(issue number) #2919 In GameManager.tick(), when a game becomes active but hasn't started, a setTimeout for game.start() is scheduled with a 2-second delay. If the game finishes or is cancelled within those 2 seconds, game.end() is called, which clears the existing interval. However: 1.The 2-second timeout still fires. game.start() executes. 2. A NEW setInterval is created for turn execution. 3.Since the game is already ending/finished, it's removed from GameManager.games, but the interval continues to run forever in the background ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: codimo |
||
|
dependabot[bot]
|
4e4e1799d7 |
Bump diff from 4.0.2 to 4.0.4 in the npm_and_yarn group across 1 directory (#2976)
Bumps the npm_and_yarn group with 1 update in the / directory: [diff](https://github.com/kpdecker/jsdiff). Updates `diff` from 4.0.2 to 4.0.4 <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/kpdecker/jsdiff/commit/f06f3e4cacad5955caf891a8a02c5bb1c954bcb5"><code>f06f3e4</code></a> v4.0.4</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/0179a484ffaec7c8d5d6b69d8c3905473383de75"><code>0179a48</code></a> v4.0.3</li> <li><a href="https://github.com/kpdecker/jsdiff/commit/4568cae5ae7646962bf3c5641907d1fb5af90683"><code>4568cae</code></a> Backport <a href="https://redirect.github.com/kpdecker/jsdiff/pull/649">kpdecker/jsdiff#649</a></li> <li><a href="https://github.com/kpdecker/jsdiff/commit/4de0ffa13ad51db7a27567c2b870fb4e43f0814a"><code>4de0ffa</code></a> Backport <a href="https://redirect.github.com/kpdecker/jsdiff/pull/647">kpdecker/jsdiff#647</a></li> <li>See full diff in <a href="https://github.com/kpdecker/jsdiff/compare/v4.0.2...v4.0.4">compare view</a></li> </ul> </details> <details> <summary>Maintainer changes</summary> <p>This version was pushed to npm by <a href="https://www.npmjs.com/~explodingcabbage">explodingcabbage</a>, a new releaser for diff since your current version.</p> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Ryan
|
247c78151c |
Discord(et al.) embedded URLs (#2740)
## Description: Changes URL embeds within other platforms, e.g. Discord, WhatsApp & X. Updates game URLs to `/game/<code>` instead of `/#join=<code>` (required for embedded URLs). An added benefit of this is that you would be able to change a url from `openfront.io/game/RQDUy8nP?replay` to `api.openfront.io/game/RQDUy8nP?replay` (add api. In front) and be in the right place for the API data. Updates URLs when joining/leaving private lobbies Appends a random string to the end of the URL when inside a private lobby and options change - this is to force discord to update the embedded details. Updates URL in different game states to ?lobby / ?live and ?replay. These do nothing other than being used as a _cache-busting_ solution. ----------------------------------------------- ### **Lobby Info** Discord: <img width="556" height="487" alt="image" src="https://github.com/user-attachments/assets/efd4a06d-506c-4036-9403-ee7c9a669e21" /> WhatsApp: <img width="353" height="339" alt="image" src="https://github.com/user-attachments/assets/3b2d0c69-988c-424f-9dee-f4e6a6868f6b" /> x.com: <img width="588" height="325" alt="image" src="https://github.com/user-attachments/assets/d9e78169-20be-4a3e-8df4-8ad41d08a750" /> ------------------------- ### **Game Win Details** Discord: <img width="506" height="468" alt="image" src="https://github.com/user-attachments/assets/69947774-c943-4a50-b470-5634ed3bf3d7" /> WhatsApp: <img width="770" height="132" alt="image" src="https://github.com/user-attachments/assets/eec28bf8-bf64-4ab8-954e-03dfdd1aae40" /> x.com <img width="584" height="350" alt="image" src="https://github.com/user-attachments/assets/168063e2-b707-422b-b7a1-0025f3ebeb92" /> ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: w.o.n |
||
|
Evan
|
a77c6c3d9d |
Inject server env vars into index.html, including instance id (#2888)
## Description: Should fix the broken 1v1 on staging. The issue was that we had multiple staging environments, and the matchmaker would often route a player to a game on a different staging server, so the client couldn't find the game. So now each deployment has a unique id, and the matchmaker only connects players & servers that have the same instance id. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
evanpelle
|
a7714cd798 | add canvas dev dependency to fix failing UI test | ||
|
Wraith
|
e79c805804 |
refactor(ui): migrate tailwindcss v3 to v4 (#2735)
## Description: migrate tailwindcss v3 to v4 ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: wraith4081 --------- Co-authored-by: iamlewis <lewismmmm@gmail.com> Co-authored-by: Ryan <7389646+ryanbarlow97@users.noreply.github.com> |
||
|
dependabot[bot]
|
d9ccb0ea16 |
Bump qs from 6.13.0 to 6.14.1 in the npm_and_yarn group across 1 directory (#2753)
Bumps the npm_and_yarn group with 1 update in the / directory: [qs](https://github.com/ljharb/qs). Updates `qs` from 6.13.0 to 6.14.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/ljharb/qs/blob/main/CHANGELOG.md">qs's changelog</a>.</em></p> <blockquote> <h2><strong>6.14.1</strong></h2> <ul> <li>[Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li>[Fix] <code>parse</code>: when a custom decoder returns <code>null</code> for a key, ignore that key</li> <li>[Refactor] <code>parse</code>: extract key segment splitting helper</li> <li>[meta] add threat model</li> <li>[actions] add workflow permissions</li> <li>[Tests] <code>stringify</code>: increase coverage</li> <li>[Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code>, <code>es-value-fixtures</code>, <code>for-each</code>, <code>object-inspect</code></li> </ul> <h2><strong>6.14.0</strong></h2> <ul> <li>[New] <code>parse</code>: add <code>throwOnParameterLimitExceeded</code> option (<a href="https://redirect.github.com/ljharb/qs/issues/517">#517</a>)</li> <li>[Refactor] <code>parse</code>: use <code>utils.combine</code> more</li> <li>[patch] <code>parse</code>: add explicit <code>throwOnLimitExceeded</code> default</li> <li>[actions] use shared action; re-add finishers</li> <li>[meta] Fix changelog formatting bug</li> <li>[Deps] update <code>side-channel</code></li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>has-bigints</code>, <code>has-proto</code>, <code>has-symbols</code></li> <li>[Tests] increase coverage</li> </ul> <h2><strong>6.13.1</strong></h2> <ul> <li>[Fix] <code>stringify</code>: avoid a crash when a <code>filter</code> key is <code>null</code></li> <li>[Fix] <code>utils.merge</code>: functions should not be stringified into keys</li> <li>[Fix] <code>parse</code>: avoid a crash with interpretNumericEntities: true, comma: true, and iso charset</li> <li>[Fix] <code>stringify</code>: ensure a non-string <code>filter</code> does not crash</li> <li>[Refactor] use <code>__proto__</code> syntax instead of <code>Object.create</code> for null objects</li> <li>[Refactor] misc cleanup</li> <li>[Tests] <code>utils.merge</code>: add some coverage</li> <li>[Tests] fix a test case</li> <li>[actions] split out node 10-20, and 20+</li> <li>[Dev Deps] update <code>es-value-fixtures</code>, <code>mock-property</code>, <code>object-inspect</code>, <code>tape</code></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/ljharb/qs/commit/3fa11a5f643c76896387bd2d86904a2d0141fdf7"><code>3fa11a5</code></a> v6.14.1</li> <li><a href="https://github.com/ljharb/qs/commit/a62670423c1ccab0dd83c621bfb98c7c024e314d"><code>a626704</code></a> [Dev Deps] update <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/3086902ecf7f088d0d1803887643ac6c03d415b9"><code>3086902</code></a> [Fix] ensure arrayLength applies to <code>[]</code> notation as well</li> <li><a href="https://github.com/ljharb/qs/commit/fc7930e86c2264c1568c9f5606830e19b0bc2af2"><code>fc7930e</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/0b06aac566abee45ef0327667a7cc89e7aed8b58"><code>0b06aac</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/64951f6200a1fb72cc003c6e8226dde3d2ef591f"><code>64951f6</code></a> [Refactor] <code>parse</code>: extract key segment splitting helper</li> <li><a href="https://github.com/ljharb/qs/commit/e1bd2599cdff4c936ea52fb1f16f921cbe7aa88c"><code>e1bd259</code></a> [Dev Deps] update <code>@ljharb/eslint-config</code></li> <li><a href="https://github.com/ljharb/qs/commit/f4b3d39709fef6ddbd85128d1ba4c6b566c4902e"><code>f4b3d39</code></a> [eslint] add eslint 9 optional peer dep</li> <li><a href="https://github.com/ljharb/qs/commit/6e94d9596ca50dffafcef40a5f64eca89962cf34"><code>6e94d95</code></a> [Dev Deps] update <code>eslint</code>, <code>@ljharb/eslint-config</code>, <code>npmignore</code></li> <li><a href="https://github.com/ljharb/qs/commit/973dc3c51c86da9f4e30edeb4b1725158d439102"><code>973dc3c</code></a> [actions] add workflow permissions</li> <li>Additional commits viewable in <a href="https://github.com/ljharb/qs/compare/v6.13.0...v6.14.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> |
||
|
Evan
|
4f3d9df46a |
vite: fix docker build (#2738)
## Description: The sync-assets wasn't executing on docker-build. so instead just import it from resources/ directory, vite logs a warning but I think that's okay for now. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
evanpelle
|
6b14d9cca1 |
Fix Docker build by adding missing files and tsx dependency
- Add scripts/ directory to build stage for sync-assets.mjs - Add index.html to build stage for Vite entry point - Move tsx to production dependencies for server runtime - Copy src/ and tsconfig.json to production stage for tsx These changes enable the Docker build to complete successfully and allow the server to run TypeScript files directly in production. |
||
|
Wraith
|
26f5d40819 |
build: migrate build system to Vite and test runner to Vitest & Remove depracated husky usage (#2703)
- Replace Webpack with Vite for faster client bundling and HMR. - Migrate tests from Jest to Vitest and update configuration. - Update Web Worker instantiation to standard ESM syntax. - Implement Env utility in `src/core` for safe, hybrid environment variable access (Vite vs Node). - Refactor configuration loaders to remove direct `process.env` dependencies in shared code. - Update TypeScript environment definitions and project scripts for the new toolchain. - Remove the [depracated usage of the husky](https://github.com/typicode/husky/releases/tag/v9.0.1). ## Description: migrate build system to Vite and test runner to Vitest & Remove depracated husky usage ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [ ] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: wraith4081 --------- Co-authored-by: evanpelle <evanpelle@gmail.com> |
||
|
Aaron Tidwell
|
9ab1319126 |
Map Generator Go Code Documentation (#2656)
Resolves #2602 ## Description: tldr: `npm run docs:map-generator` Adds documentation to the `map-generator` go code. This has no functional changes, other than the renaming of the package. I used the github url, though this can be set to anything as long as it contains a `.` so that the docs parse it correctly. Go doc best practices seem a little verbose and terse, but attempted to comply Future Facing (to get these docs viewable without running locally): - Wait until the -http issue is sorted, then these are easy to statically host alongside builds - Could use the legacy `godoc` - Could do formatting after outputting the `txt` output ## Change List: - Add documentation to all types/fns in map-generator go code - Ensure this outputs correctly with `go doc` - Add `docs:map-generator` command to package.json. This runs `go doc` in `map-generator` w/ appropriate flags to generate full documentation. (see notes in readme) - rename `map-generator` module to work around pkgsite assuming all packages without a . are stdlib (this makes `-http` work at all) - Add new sections to README and update existing sections - Add additional references to locations in the primary code base where things can be found - Update documentation in the ts theme files to add output color mappings - this ensures that everything needed to trace the input file -> in game rendered asset is fully documented. ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tidwell |
||
|
VariableVince
|
a26d704a2e |
Help prevent supply chain attack: add safer install script (#2627)
## Description: For safer installations, clean install (ci) should be used, preferably with added --ignore-scripts. To make it easier for devs, add a npm script which can be ran by using "npm run inst". Update readme. Evan agreed here https://discord.com/channels/1359946986937258015/1360078040222142564/1432085555126206576 "npm run inst" runs `npm ci --ignore-scripts` which installs dependencies exactly according to the versions in `package-lock.json` and doesn't run scripts. This can prevent being hit by a supply chain attack. Did not re-use the "install" or "ci" npm lifecycle hook, instead used a similar but still short script name "inst". We can change this to something like "safe-install" if needed but i assume "inst" will do. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
Aaron Tidwell
|
2bfe245a72 |
Add format:map-generator command (#2563)
I'd like to submit some PRs in the future to add additional options for logging and debugging to the map-generator, however I don't want to introduce any code style changes in feature requests. ## Description: I noticed there was not any style guide or formatting being done for the go files, and went with the simplest built-in approach w/ [go fmt](https://go.dev/blog/gofmt) - Adds a `format:map-generator` npm command that will run the default `go fmt` in the `map-generator` directory to format the go code. - Runs the formatter and commits the changes to `main.go` and `map_generator.go` - Updates the `map-generator` README: - Updated location for generated files - Updated Links to use markdown links - Add `info.json` example - Add in-game enabling instructions with list of files to modify - Add development tools section with format command ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: tidwell |
||
|
dependabot[bot]
|
e22f24853e |
Bump js-yaml from 4.1.0 to 4.1.1 in the npm_and_yarn group across 1 directory (#2456)
Bumps the npm_and_yarn group with 1 update in the / directory: [js-yaml](https://github.com/nodeca/js-yaml). Updates `js-yaml` from 4.1.0 to 4.1.1 <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/nodeca/js-yaml/blob/master/CHANGELOG.md">js-yaml's changelog</a>.</em></p> <blockquote> <h2>[4.1.1] - 2025-11-12</h2> <h3>Security</h3> <ul> <li>Fix prototype pollution issue in yaml merge (<<) operator.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/nodeca/js-yaml/commit/cc482e775913e6625137572a3712d2826170e53a"><code>cc482e7</code></a> 4.1.1 released</li> <li><a href="https://github.com/nodeca/js-yaml/commit/50968b862e75866ef90e626572fe0b2f97b55f9f"><code>50968b8</code></a> dist rebuild</li> <li><a href="https://github.com/nodeca/js-yaml/commit/d092d866031751cb27c12d93f3e2470ad74d678b"><code>d092d86</code></a> lint fix</li> <li><a href="https://github.com/nodeca/js-yaml/commit/383665ff4248ec2192d1274e934462bb30426879"><code>383665f</code></a> fix prototype pollution in merge (<<)</li> <li><a href="https://github.com/nodeca/js-yaml/commit/0d3ca7a27b03a6c974790a30a89e456007d62976"><code>0d3ca7a</code></a> README.md: HTTP => HTTPS (<a href="https://redirect.github.com/nodeca/js-yaml/issues/678">#678</a>)</li> <li><a href="https://github.com/nodeca/js-yaml/commit/49baadd52af887d2991e2c39a6639baa56d6c71b"><code>49baadd</code></a> doc: 'empty' style option for !!null</li> <li><a href="https://github.com/nodeca/js-yaml/commit/ba3460eb9d3e4478edcbc29edabe17c2157fc9ce"><code>ba3460e</code></a> Fix demo link (<a href="https://redirect.github.com/nodeca/js-yaml/issues/618">#618</a>)</li> <li>See full diff in <a href="https://github.com/nodeca/js-yaml/compare/4.1.0...4.1.1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore <dependency name> major version` will close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself) - `@dependabot ignore <dependency name> minor version` will close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself) - `@dependabot ignore <dependency name>` will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself) - `@dependabot unignore <dependency name>` will remove all of the ignore conditions of the specified dependency - `@dependabot unignore <dependency name> <ignore condition>` will remove the ignore condition of the specified dependency and ignore conditions You can disable automated security fix PRs for this repo from the [Security Alerts page](https://github.com/openfrontio/OpenFrontIO/network/alerts). </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Evan <evanpelle@gmail.com> |
||
|
icslucas
|
b31200a3ac |
MUSIC (#2090)
## Description: add music to the game Describe the PR. add music <img width="549" height="770" alt="image" src="https://github.com/user-attachments/assets/d8457d85-6f63-4024-8b69-572f8c9bb225" /> ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: Lucas |
||
|
evanpelle
|
d2314941fe | Merge branch 'v25' | ||
|
evanpelle
|
eec3b0e2bb |
Fetch archived games from api, allow development against production & staging (#2045)
## Description: Instead of going through the game server to fetch archived games, have the client fetch from api directly. Also loosen up cors restrictions & domain checks so localhost:9000 can talk to staging or production servers related to #1571 ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
evanpelle
|
defb6bb1d4 |
Store full game for singleplayer, add more validation (#2031)
## Description: onunload allows up to 64kb, but reducing the number of hash messages and compressing using gzip, we can reduce the GameRecord size to stay under 64kb. I played a 10 minute game and the compressed GameRecord was only a few kb. Also verify the game is singleplayer and has only 1 player ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
evanpelle
|
8bb3e64cb8 |
Move map generator into main repo (#2006)
## Description: Move the MapGenerator repo into OpenFrontIO so we don't need to copy generated map files over. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
Aotumuri
|
9af1bc35db |
Add basic ICU message format support for translations (#1645)
## Description: This pull request adds support for ICU (Intl MessageFormat) syntax in the translation system. Existing translation files may need to be updated to fully leverage ICU features. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I have read and accepted the CLA agreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: DISCORD_USERNAME |
||
|
Tyler Hanavan
|
0e56211dd3 |
Switch to @swc/jest to speed up tests Fixes #1679 (#1680)
## Description: Switches away from ts-jest in favor of @swc/jest. On my local I observe a ten-fold decrease in how long it takes the test suite to run. No changes are required to how our existing tests are written. Benchmarking old: 24.658s new: 2.268s ts-jest (old) ``` Test Suites: 29 passed, 29 total Tests: 215 passed, 215 total Snapshots: 0 total Time: 24.658 s Ran all test suites. ``` swc-jest (new) ``` Test Suites: 29 passed, 29 total Tests: 215 passed, 215 total Snapshots: 0 total Time: 2.268 s Ran all test suites. ``` Fixes #1679 ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I have read and accepted the CLA agreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: slyty |
||
|
evanpelle
|
77fd82b4b4 |
Use seedrandom to back PseudoRandom.ts (#1828)
## Description: The previous implementation had a bug that biased numbers away from 0, so random.chance(1500+) would always return false. This caused trains to not spawn at all when their spawn rate was sufficiently low. We should be using a library instead of implementing it from scratch anyways. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
Aleksey Orekhovsky
|
aa6bc42854 |
Remove unused processName util and twemoji dependency (#1683)
## Description: This PR removes the unused `processName` utility function from `Util.ts` and its dependency, the `twemoji` package. The `processName` function has been commented out and non-operational for approximately 9 months. This cleanup removes the dead code. As a result, the `twemoji` npm package is no longer needed and has been removed from the project's dependencies, which slightly reduces the overall dependency footprint. ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [X] I have read and accepted the CLA agreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: aaa4xu |
||
|
Aleksey Orekhovsky
|
9c60fbc7d2 |
Reduce docker image size further by removing unused dependencies (#1588)
## Description: This PR continues work on issue #1242 to reduce the size of docker image. It moves frontend-related packages from dependencies to devDependencies and completely removes packages that are no longer referenced anywhere in the codebase. As a result, this further decreases the image size by approximately 25%. I'm slightly concerned about removing some `@opentelemetry/*` packages. Locally the build succeeds and the application appears to work, but I'm currently unable to verify logging through OpenTelemetry. ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [X] I have read and accepted the CLA agreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: aaa4xu |
||
|
Aleksey Orekhovsky
|
97eb48a650 |
Reduce docker image size with multi-stage build and dependency pruning (#1581)
## Description: This PR focuses on trimming down docker image size while keeping runtime behaviour intact. This partially addresses #1242 by slimming the production Docker image by ~33%. ``` $ docker image ls | grep openfront openfrontio latest 992fb420f131 1 minute ago 1.05GB # new evanpelle/openfront-prod <none> 216c629def78 6 hours ago 1.58GB # current prod ``` The savings come from three areas: - Refactor `Dockerfile` into a three‑stage build (dependencies / build / runtime). - Installs dev‑only node packages in a throw‑away layer and copies only production modules to the final image. - Updated `webpack.config.js` to skip copying `resources/maps/**/*` which never referenced by the client. Because the current codebase does not cleanly separate dev/prod requirements, extensive regression testing is necessary; some latent prod usage of dev‑only modules might surface. ## Please complete the following: - [X] I have added screenshots for all UI updates - [X] I process any text displayed to the user through translateText() and I've added it to the en.json file - [X] I have added relevant tests to the test directory - [X] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [X] I have read and accepted the CLA agreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: aaa4xu --------- Co-authored-by: Scott Anderson <662325+scottanderson@users.noreply.github.com> |
||
|
VariableVince
|
563d054ea5 |
Zod v4 update (#1546)
## Description: This contains the update from zod 3.25 to 4. Change imports back from zod/v4 to just zod. No errors in VSCode. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I have read and accepted the CLA aggreement (only required once). ## Please put your Discord username so you can be contacted if a bug or regression is found: tryout33 |
||
|
evanpelle
|
b07a59685e |
fix color allocator not selecting distinct colors (#1404)
## Description: The color allocator only checked if DeltaE met a threshold of 25, but most colors met that threshold, so it wasn't much better than random. Now it goes down the list of assigned colors to find the most unique color to add. Also changed algorithms from deltaE76 to deltaE2000 as that seemed to produce better results. The algorithm is O(n^2) so we cap distinct check at 50 colors, after that fall back to random selection. After 50 colors our color palette is pretty much exhausted anyways. Moved ColorAllocator to its own file ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
Vivacious Box
|
105286ed29 |
Add new icon shapes and filter for filtering icons on the layer (#1348)
## Description: Add triangle shape for missile silos, square for sam, octagon for defense posts, and add a filter in the topbar to highlight structures   ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: Vivacious Box |
||
|
evanpelle
|
adb0d07074 |
Make patterns puchasable with stripe (#1313)
## Description: Patterns now show how much each skin costs and can be purchased * Refactored logic out of TerritoryPatternsModal and into Cosmetics.ts * Role gated cosmetics are not shown if you don't have the role. This is to prevent people trying to get roles just for the cosmetics. * Added purchasable cosmetics. * On purchase the backend adds the flare to the player account <img width="1197" alt="Screenshot 2025-07-01 at 11 45 52 AM" src="https://github.com/user-attachments/assets/b4b4b7ea-f5f4-4c61-9ced-b608f75aa9d7" /> ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
Vivacious Box
|
77dddbf3ee |
New icons (#1287)
## Description: Add a new pixi layer for rendering structure icons Add new sprites for structures  ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: Vivacious Box --------- Co-authored-by: evanpelle <evanpelle@gmail.com> |
||
|
evanpelle
|
af451be606 |
improve astar perf (#1268)
## Description: Created test that has astar pathfind from top left to bottom right of giant world map. * Before these changes: took ~950ms * replaced queue with fastqueue library: ~600ms * Changes heuristic to be more greedy (1.1 * dist => 2 * dist): ~90ms Resulting in a roughly 10x improvement. Other paths also saw improvements as well, although not as dramatic. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |
||
|
evanpelle
|
b48770faf0 |
Move maps generation out of repo, new map structure (#1256)
## Description: Move map generation outside of main repo, it has been rewritten in Go and is much faster. Also refactor how maps are stored, one dir per map. The map binaries are basically identical to before. Some maps like Africa have 1% difference in bytes, but playing it looks exactly the same. Use lazy loading for map data access so only needed files are accessed. Unit tests now load map binary instead of regenerating it from scratch, speeding them up. ## Please complete the following: - [x] I have added screenshots for all UI updates - [x] I process any text displayed to the user through translateText() and I've added it to the en.json file - [x] I have added relevant tests to the test directory - [x] I confirm I have thoroughly tested these changes and take full responsibility for any bugs introduced - [x] I understand that submitting code with bugs that could have been caught through manual testing blocks releases and new features for all contributors ## Please put your Discord username so you can be contacted if a bug or regression is found: evan |