In short:
- cvmts is now bundled/built via parcel and inside of a npm/yarn workspace with multiple nodejs projects
- cvmts now uses the crusttest QEMU management and RFB library (or a fork, if you so prefer).
- cvmts does NOT use node-canvas anymore, instead we opt for the same route crusttest took and just encode jpegs ourselves from the RFB provoded framebuffer via jpeg-turbo. this means funnily enough sharp is back for more for thumbnails, but actually seems to WORK this time
- IPData is now managed in a very similar way to the original cvm 1.2 implementation where a central manager and reference count exist. tbh it wouldn't be that hard to implement multinode either, but for now, I'm not going to take much time on doing that.
this refactor is still incomplete. please do not treat it as generally available while it's not on the default branch. if you want to use it (and report bugs or send fixes) feel free to, but while it may "just work" in certain situations it may be very broken in others.
(yes, I know windows support is partially totaled by this; it's something that can and will be fixed)
* Add Admin Code 25 : XSS Message As Server (why?)
Added the ability to send messages from the server name (without username), with XSS.
Accepts 1 string argument : message text
* remove redundant switch statement and add check for msgArr length
---------
Co-authored-by: Elijah R <62162399+elijahr2411@users.noreply.github.com>
This provides a much more reliable way to handle arguments with spaces,
such as usernames.
The ban process's stdout and stderr are now redirected to the server,
in case they have output that would be good in the server's logs.
IMPORTANT:
This commit contains new config options.
Make sure your local config file is up to date with config.example.toml to avoid issues.
CHANGELOG:
- Fix crash exploit caused by abnormally long WebSocket messages
- Added config option for limiting the maximum amount of active connections from the same IP
- Made per-IP turn limiter configurable
- Fixed an issue where vote updates were not sent to clients in some cases
- Added warning about using qmpSockDir on Windows hosts
- Updated dependencies
- Removed unused code/imports
Previously it was possible to "impersonate" (to those not looking closely) other users by putting whitespace before or after the name of choice. This commit eliminates that.
The previous default of 5 messages is utterly lame and didn't provide enough context to anything, and was also a downgrade from the old server as that had 10 messages by default (of which we're now going back to with this change).
