Recommended Build v7.4.7

This release fixes a spawn related issue introduced in v7.4.6

Recommended Build v7.4.6

This release fixes an issue introduced in v7.4.5 where errors were printed to the console when a player logged in.

Recommended Build v7.4.5

This release updates log4j to 2.17.1 to patch another security advisory, and patches the H2 database driver to depend against a similar remote code execution vulnerability.

Also includes the following fixes:

• SpawnEntityEvent now fires when a player logs in
• Fixes an issue where an exception is thrown complaining about not finding a key, even if not checking for that specific key.

Server owners will want to download spongevanilla-1.12.2-7.4.5.jar

Recommended Build v7.4.4

This release updates log4j to 2.16.0 to patch another security advisory, as well as adjustments to our log xml files.

Server owners will want to download spongevanilla-1.12.2-7.4.4.jar

Recommended Build v7.4.3

This build strengthens protections against clients that were introduced in v7.4.2 and updates log4j to 2.15.0 to properly patch the issue on the server.

Server owners should direct their players to install patched versions of the Minecraft client, where appropriate. For vanilla players, this is as simple as restarting their vanilla client: see https://www.minecraft.net/en-us/article/important-message--security-vulnerability-java-edition

USERS SHOULD UPDATE TO THIS SERVER VERSION AS SOON AS POSSIBLE

Server owners should download spongevanilla-1.12.2-7.4.3.jar

Recommended Build v7.4.2

This is an emergency patch for 7.4.0 to work around an exploit in vanilla Minecraft. Anyone who attempts to send a potentially vulnerable chat message will be told that they cannot send it.

USERS SHOULD UPDATE TO THIS SERVER VERSION AS SOON AS POSSIBLE

IN ADDITION, we strongly recommend that everyone adds the flag -Dlog4j2.formatMsgNoLookups=true to their server/client startup parameters (on the client, you can do this in the launcher by going to installations at the top, hovering over the version of Minecraft you're running, selecting "Edit", the "More Options", then adding the flag in there.)

Full Changelog: v7.4.0...v7.4.1

Server owners should download spongevanilla-1.12.2-7.4.2.jar

Recommended Build v7.4.1

This is an emergency patch for 7.4.0 to work around an exploit in vanilla Minecraft. Anyone who attempts to send a potentially vulnerable chat message will be told that they cannot send it.

USERS SHOULD UPDATE TO THIS SERVER VERSION AS SOON AS POSSIBLE

IN ADDITION, we strongly recommend that everyone adds the flag -Dlog4j2.formatMsgNoLookups=true to their server/client startup parameters (on the client, you can do this in the launcher by going to installations at the top, hovering over the version of Minecraft you're running, selecting "Edit", the "More Options", then adding the flag in there.)

Full Changelog: v7.4.0...v7.4.1

Recommended Build v7.4.0

This is the final release of SpongeVanilla for Minecraft 1.12.2.

Full Changelog: v7.3.0...v7.4.0

Recommended Build v7.3.0

This contains the full release of SpongeAPI 7.3.

Additional fixes and features are:

• Ensured that cancelling DamageEntityEvent cancels all damage effects.
• Offering ConnectedDirectionsData to some blocks will now work as intended.
• Fixed startup crash with Applied Energetics 2.
• Added config option to disable neighbour notifcations in unloaded chunks.
• Fixed Sponge choosing an incorrect transaction when in CraftItemEvent.Preview.
• Fixes CollideEntityEvent containing the wrong cause.
• Fix ItemStack builder not always pruning empty data containers causing an erroneous tag compound to appear.
• Fixed various Configurate - DataContainer translator issues.
• Fixed some entities being activated when they shouldn't be.
• Fixed UserStorageService sometimes throwing exceptions.
• Fixed ClassCastException for AreaEffectCloudProcessor.

Recommended Build v7.2.3

No big things to worry about this time, but here are some things that have changed:

• LaunchProjectileEvent will now be fired if no-one is listening to SpawnEntityEvent but a plugin is listening to LaunchProjectileEvent
• Fixed death event not firing when using mods such as FirstAid that cancel the LivingHurtEvent to do their own damage calculations.
• Increased performance of getting Users from the UserStorageService
• Stagger saving and unloading offline user data to reduce the liklihood of actions such as Nucleus' /invsee causing User {} is not initialized errors to bring down the server.
• When User {} is not initialized errors occur, the server no longer crashes.
• Server#copyWorld() now registers the world.
• Fix command completion when using GenericArguments#allOf
• Ensure that child commands do not have arguments added to the context if there are no arguments to add.
• If chunk-load logging is enabled, queueing a chunk for load is now logged.
• Even more performance and memory improvements!

We also added the following features that are slated for API 7.3. They are available now if you build against API 7.3 snapshots, but note that the APIs are not yet in a release build of API 7 and so are subject to change:

• Simple placeholder support.
• SaveChunkEvent.
• select and whilst instead of stopFilter and skipFilter in BlockRay.
• New world serialisation behaviour - METADATA_ONLY, which saves everything about a world, but not its chunks.