Hab vergessen die repo.json wieder mit zu bumpen, deshalb hat
Dalamud den v1.2.2-Release nicht angenommen — komplette Manifest-
Bump-Checkliste diesmal durchgezogen: csproj, yaml-Description +
Changelog, repo.json (AssemblyVersion + TestingAssemblyVersion +
drei DownloadLink*-URLs + Description + Changelog), CHANGELOG.md,
ROADMAP.md, README.md, Forge-Post-Datei. Inhalt unverändert
gegenüber v1.2.2.
Forge-Auto-Announce workflow failed twice on tag push because the
Discord webhook returned 400 — embed.description hit 5346 chars,
which exceeds Discord's hard 4096-per-field limit. The workflow's
own 5500-total cap (V6 check) didn't catch it because it was a
per-field overflow, not a total-payload overflow.
Both yaml changelog block and forge-post DE-body trimmed:
- yaml v1.2.0 EN-block: 3249 → 2104 chars
- forge-post DE-body: 2069 → 1543 chars
- description final: 3675 chars (with ~420 char headroom)
- total payload: 3740 / 5500
Plugin-Manager-facing changelog still covers all v1.2.0 highlights
plus the post-test bug fixes; just denser. Tag will be force-recreated
on this commit so workflow_dispatch picks up the trimmed files from
the v1.2.0 tag tree.
Backlog item: workflow should add a per-field cap check (4096 for
description, 1024 for field values) so future releases fail-fast
locally before hitting Discord.
Settings.Save() unconditionally ran ClearAllTabs + FilterAllTabsAsync
after every save. The cycle reloads messages from the DB, which silently
wipes any in-session message that wasn't persisted — Privacy-First
configurations block most channels from the DB, so all unlogged
channels (Allgemein/Say/Yell/Shout under default filters) showed up
empty after every settings save.
New HasFilterRelevantChanges helper compares Mutable to Plugin.Config
across:
- PrivacyFilterEnabled
- PrivacyPersistChannels (HashSet<ChatType>)
- PrivacyPersistUnknownChannels
- FilterIncludePreviousSessions
- per-persistent-tab: Identifier (reorder/swap), SelectedChannels,
ExtraChatAll, ExtraChatChannels
Refilter only runs if any of those changed. Cosmetic settings (theme,
tab icons, layout, fonts, language) leave the chat log untouched.
Combined with the prior UpdateFrom Identifier-mapping fix and the
TempTab skip in ClearAllTabs/FilterAllTabs, both persistent and
Auto-Tell tabs now fully survive a settings save.
Reported by Flo from in-game testing 2026-05-05/06: 'der allgemein
chat tab z.b immernoch gecleart wird' / 'alle vom plugin nicht
geloggten channel sind dann leer'.
Also updated yaml changelog, docs/CHANGELOG.md and .github/forge-posts/
v1.2.0.md to describe the actual fix shape rather than the partial
UpdateFrom-only fix that preceded it.
Final release-doc pass for v1.2.0:
- yaml changelog extended with the post-T14 polish notes
(Auto-Tell variety, unread pulse, layout fixes, settings-save
wipe fixes for both persistent and TempTabs)
- docs/CHANGELOG.md date filled in (2026-05-05) and same polish
notes added under Added/Fixed sections
- .github/forge-posts/v1.2.0.md created — DE bullet body, picked
up by forge-announce.yml on tag push (EN side reads the yaml
changelog block)
1920 chars in the forge post — comfortably under the 5500-char
total cap that the workflow enforces.
New workflow: when a vX.Y.Z tag is pushed (or workflow_dispatch
runs with a tag input), reads .github/forge-posts/<tag>.md for the
DE bullet body plus frontmatter (subtitle, versionsnatur), pulls the
matching English block from HellionChat.yaml, builds the Discord
webhook embed and posts it to the Hellion Forge #changelog channel.
Decoupled from release.yml — a fail here doesn't block the release,
and a fail there doesn't block the announce. Hard caps at 5500 chars
total (title + description + footer); major releases that exceed
that get a clear fail message and stay manual.
Tag is read via env: TAG_NAME and validated against ^v\d+\.\d+\.\d+$
before any string interpolation; frontmatter is regex-parsed with
explicit length caps (subtitle 60, versionsnatur 40). Curl posts the
payload via stdin so the secret never appears in process args.
Single retry on transient 5xx after 30s, hard fail on 4xx.
Three new screenshots replace the v1.0.x set: chatWindow (in-game
sidebar with FreeCompany tab), settingsOverview (card grid with all
nine sections), themesPicker (built-in themes plus example custom).
ImageUrls in repo.json + yaml updated; old withSimpleTweaks.png
dropped.
.github/forge-posts/v1.1.0.md seeded for the eventual auto-announce
workflow (Discord changelog post on tag push). Format matches the
forge-announce spec — frontmatter (subtitle, versionsnatur) plus DE
bullet body.
Replaces floating major-version tags with full commit SHAs (Tag-
Kommentar dahinter), so a tag-republish can't slip a different action
into the workflow.
- .gitattributes: linguist-generated path was still pointing at the
pre-v1.0.0 ChatTwo/Resources/ tree, which silently let the renamed
HellionChat/Resources/Language.*.resx files leak into Linguist's
language statistics
- bug_report.yml: drop the "or ChatTwo" filter hint; the plugin only
emits HellionChat.* into /xllog since the v1.0.0 standalone cut
- Move AI_DISCLOSURE, THIRD_PARTY_NOTICES, UPSTREAM_SYNC, ipc.md
into docs/ (ipc.md renamed to IPC.md for consistency)
- Add docs/ROADMAP.md, docs/CHANGELOG.md, docs/CONTRIBUTORS.md,
docs/LEARNING-JOURNEY.md
- Update README to reflect the v1.0.0 standalone state, drop the
development section, refresh the architecture tree, add a
release-cadence block linking to LEARNING-JOURNEY
- Fix stale ChatTwo/* source paths to HellionChat/* across docs
- Update cross-links in PRIVACY, CONTRIBUTING and .github/* so they
point at the new docs/ paths
Pure documentation pass, no code changes.
Closes the remaining gaps in GitHub's community-standards check, adds
explicit privacy and dependency documentation matching the plugin's
"DSGVO-by-design" claim, and removes the stale upstream Crowdin
artefact so the repo no longer suggests it ships its own translation
pipeline.
New community-health files:
- CODE_OF_CONDUCT.md: project-specific, short and direct, single
reporting path to kontakt@hellion-media.de
- CONTRIBUTING.md: scope, accepted vs declined contributions, build
and test instructions, EUPL-1.2 contribution terms, translation
policy split between Hellion-specific (here) and upstream strings
(Chat 2 repo)
- SUPPORT.md: routing for bugs, security, privacy and casual feedback
- .github/PULL_REQUEST_TEMPLATE.md: summary, change-type checklist,
testing notes, compatibility notes for migrations and manifest
fields, contribution checklist
- .github/FUNDING.yml: comments-only file, no platforms enabled,
points donors at the upstream Chat 2 maintainers' Ko-fi pages
New privacy and compliance documentation:
- PRIVACY.md: what the plugin stores locally (config, SQLite,
EmoteCacheV1), retention defaults, the two outbound network calls
(BetterTTV API+CDN with ShowEmotes opt-out, Square Enix Lodestone
font once-off), explicit no-telemetry statement, GDPR
Art. 15/17/18/20/21 rights mapped to plugin features, third-party
privacy-policy links
- THIRD_PARTY_NOTICES.md: direct NuGet dependencies with versions
pinned to v0.5.4 (MessagePack, Microsoft.Data.Sqlite, morelinq,
Pidgin, SixLabors.ImageSharp under Six Labors Split License 1.0),
Dalamud SDK and .NET tooling, bundled Exo 2 font (OFL-1.1) and
plugin icon, network-touch status per component, re-audit commands
Crowdin cleanup:
- crowdin.yml deleted (was upstream Chat 2's project_id 663694,
pointed at /ChatTwo/Resources/Language.resx, never wired to
HellionChat strings)
- README, CONTRIBUTING and CODE_OF_CONDUCT no longer suggest
HellionChat operates a Crowdin project; remaining mentions are
explicitly framed as upstream Chat 2's workflow
Contact and version consistency:
- Maintainer email switched from maintainer@hellion-media.de to
kontakt@hellion-media.de in SECURITY.md and NOTICE.md
- README version references updated to 0.5.4 (header, project status
block) and the update-tag pattern generalised from v0.1.x to v0.X.Y
- bug_report.yml version placeholder bumped to 0.5.4
- Project-documents table added to README footer linking all health
and reference files in one place
Release-body automation:
- .github/workflows/release.yml now extracts the matching version
block from ChatTwo/HellionChat.yaml's changelog and combines it
with a static install / docs footer (custom-repo URL, project
document links, licence) before passing the result to
softprops/action-gh-release@v3 via body_path
- Workflow fails fast if no changelog block exists for the tagged
version, automating the existing "yaml + repo.json + release body
kept in sync" rule
- Tag value passed via env: TAG_NAME with strict ^v\d+\.\d+\.\d+$
validation before any string concatenation, so the tag input cannot
break out into shell evaluation
Two CodeQL alerts opened against the codeql-manual-build workflow's
first scan. Both real, both small fixes.
#1 Medium / Workflow does not contain permissions
build.yml runs read-only against the repo (no push, no release
creation, no API mutations) but never declared a permissions
block, so the default GITHUB_TOKEN scope applied. Pin to
contents: read at workflow level. Release and CodeQL workflows
already have their explicit minimal scopes.
#2 Critical / Unvalidated local pointer arithmetic
ImGuiUtil.WrappedTextWithPos splits its input on newlines and
passes each part through Encoding.UTF8.GetBytes inside a fixed
block. Empty splits (consecutive newlines, blank lines) produced
a zero-length byte array, fixed gave us a valid pointer, and
textEnd = text + bytes.Length collapsed onto text. The downstream
ImGuiNative.CalcWordWrapPositionA calls received identical start
and end pointers, which is undefined behaviour at the native
boundary even if it happens to no-op on the current ImGui build.
Bail before entering the fixed block when bytes.Length == 0 and
render an empty line for the gap, which is what the original
text == null guard was trying to do but could never reach inside
a fixed block over a non-null array.
The default GitHub-managed CodeQL setup builds C# without the Dalamud
assemblies (they live in user AppData, not in the repo or in NuGet),
so call-target resolution sits at 64% and the analysis tile reports
'Low C# analysis quality'. This workflow runs the same Dalamud staging
download we use for the regular build before the CodeQL build step,
which gives the analyser a fully-resolved compilation and pushes both
quality metrics above the 85% thresholds.
Two jobs:
- analyze-csharp on windows-latest with build-mode: manual and the
security-extended query suite, so we get the full SQL-injection,
path-traversal and crypto-misuse rule set on a clean compilation
- analyze-actions on ubuntu-latest with build-mode: none, scans the
workflow files in .github for action-injection patterns
Schedule runs Mondays at 06:17 UTC (low-traffic window).
The repo's CodeQL default setup needs to be switched to advanced in
Settings -> Code security before this workflow takes over, otherwise
both run in parallel and we waste runner minutes.
LICENSE now starts with the EUPL-1.2 standard header so github-linguist
detects the licence correctly in the repo header. The dual-copyright
block (upstream ChatTwo authors plus Hellion Online Media) moves into a
new COPYRIGHT file referenced from the README. NOTICE.md and
UPSTREAM_SYNC.md stay as-is.
New files under .github:
- workflows/build.yml: validates every push to main and every PR
against the current Dalamud staging branch on a Windows runner
- workflows/release.yml: builds Release on every v* tag, locates the
DalamudPackager latest.zip and attaches it to the matching GitHub
Release via softprops/action-gh-release
- dependabot.yml: weekly NuGet sweeps and monthly GitHub Actions
sweeps with conventional-commit prefixes, grouped patch and minor
PRs to cut review noise
- ISSUE_TEMPLATE/bug_report.yml + feature_request.yml + config.yml:
structured intake that pushes security reports through the private
advisory flow and routes upstream-only issues to ChatTwo
- SECURITY.md: documents the vulnerability reporting channels, scope,
and target disclosure window
The release workflow replaces the previous manual upload step. Tag a
release and the ZIP shows up on the release page automatically.
JonKazama-Hellion
dependabot[bot]