F3.2: a future FFXIV patch can introduce ChatTypes that aren't on any
existing whitelist, and the filter currently routes them silently
through the unknown-channel failsafe. Add a dedup HashSet (per runtime,
NonSerialized) so the first hit per ChatType logs a Warning. The
failsafe behaviour itself is unchanged — only visibility is new.
F3.1: future FFXIV patches can add new ChatTypes that aren't on any
existing whitelist. With the field defaulted to false a new install
would silently drop those channels until the user opts in. New configs
now start with PrivacyPersistUnknownChannels=true via a constant in
PrivacyDefaults. Existing configs keep their explicit choice — the
deserializer overrides the initializer, so no migration and no schema
bump.
F9.2: PreloadCache spawned a new Thread without IsBackground, which kept
the plugin unload blocked until the warmup finished (typically
100-300 ms). Setting IsBackground=true plus a named thread matches the
pattern already used in MessageManager (F6.1) and Plugin.RetentionSweep
(F9.3) since v1.4.0.
F4.1: replace the block threading comment with per-method banners that
read like documentation at the call site. F4.2: TryUnsubscribe now logs
Warning instead of Debug — a silent unsubscribe failure leaks a live
subscription across plugin reloads. F4.3: CurrentTitle gets a one-line
banner matching the same convention.
F2.1: ActiveTempTabCount was doing a LINQ Count under _tempTabsLock on
every read, including the hot-path HandleTell guard. Replace with an
Interlocked counter kept in sync with Config.Tabs from inside the
existing mutation paths (SpawnTempTab, DropOldestTempTab, OnLogout).
Initialize from the persisted Tabs list on Initialize() to handle
configs that already contain TempTabs from a prior session.
Plugin.cs SaveConfig snapshot-restore mutates Config.Tabs outside of
AutoTellTabsService; expose ResyncTempTabCounter() and call it after
AddRange so the counter stays consistent. Plugin.cs:168 crash-recovery
RemoveAll runs before Initialize() and is covered by the init snapshot.
yaml.changelog and repo.json.Changelog now use **vX.Y.Z** subblock
headers instead of the older **Hellion Chat X.Y.Z** form. Updated the
three regex patterns (yaml check, repo.json check, version counter)
and re-enabled Block C in preflight.sh — the SKIP workaround is no
longer needed.
Translate all remaining German sections in docs/CHANGELOG.md and
docs/ROADMAP.md to English for consistency across the repository.
Previously English sections left unchanged.
- SettingsOverview: replace dynamic key lookup via ResourceManager with
direct HellionStrings property access; switch static readonly array to
BuildCardDefs() method to ensure correct initialization order
- ThemeAndLayout: replace all ResourceManager.GetString calls with direct
HellionStrings/Language property access throughout DrawThemeSection()
and DrawChatColorsApplyBanner()
Also rework DE/EN string copy for a more natural, less formal tone in the German localization, and to better match the English source text. This includes
Changed HellionChat.yalm but need to Ajust the preflight script to not fail on this non-code change. TODO: Fix the script to only check for code changes in the future.
- Translated project documentation (LEARNING-JOURNEY, CONTRIBUTORS, AI_DISCLOSURE) to English for better accessibility.
- Standardized internal code documentation by converting XML-doc blocks to standard comment format.
- Cleaned up inline comments and removed redundant versioning metadata across the codebase.
- Refactored non-functional text elements to improve readability and maintain a consistent style.
Updated .editorconfig to set indent_style=space and indent_size=4 for C# files. Reformat all .cs files to apply the new indentation settings. No code logic changes, just whitespace reformatting.
also updated some comments in files in shorter and Precise way. No logic changes, just comment rewording for clarity and conciseness.
Add .editorconfig (LF, Allman), .prettierrc.json, .markdownlint.json,
.yamllint.yaml, .gitattributes and .prettierignore. Extend CI with
format and lint checks.
Add .prettierrc.json, .markdownlint.json, .yamllint.yaml, .gitattributes
Run CSharpier, Prettier and markdownlint across the entire codebase.
No logic changes — formatting, using order and line endings only.
The release.yml workflow uses https://gitea.com/actions/release-action@main.
Renovate's gitea-tags manager tries to resolve @main as a tag and 404s,
which crashes the entire renovate run (affecting all repos via autodiscover).
Repo-level ignoreDeps + a packageRule make this defense-in-depth alongside
the global ignoreDeps in /opt/renovate/config.js.
Semgrep rule IDs follow the pattern <pack>.<rule>. The pack name is
csharp.lang.security.sqli.csharp-sqli and the rule inside it is also
called csharp-sqli, so the full ID needs the trailing .csharp-sqli
again. Without it the exclude flag silently filters a different
subset of rules and the actual rule still runs.
Semgrep flags eight CommandText-with-string-interpolation call sites
in MessageStore.cs as SQL-injection patterns. All are safe in this
context: table names and clause fragments come from internal code
constants, the actual values are bound via SqlParameter, and the
plugin SQL surface is local-only with no external input vector.
CodeQL would not flag these because it does dataflow analysis and
sees the constants. Semgrep only matches patterns. Excluding the rule
for this repo only via the new semgrep-exclude-rules input keeps the
rule active for the other Hellion repos where it might catch real
issues (e.g. the web apps).
Calls JonKazama-Hellion/security-workflows for Semgrep SAST + Trivy
filesystem vulnerability scan. Runs on push to main/master, on every
PR, and weekly Monday 06:00 UTC.
Cleanup pass after the v1.4.3 cutover. Five files still carried
gitea.com hosts or dead github.com security-advisory links because
they were not touched in the prior URL sweep.
- forge-announce.yml: Discord embed avatar and tag link
- release-footer.md: custom-repo URL plus six doc/license links
- bug_report.yml, config.yml, PULL_REQUEST_TEMPLATE.md: replace
github.com/.../security/advisories/new with mailto:kontakt@
hellion-media.de. Gitea has no privately-reportable advisory
feature; e-mail is the closest functional equivalent.
Pure string replacement, no logic change.
Migrations: all current users are on schema v16, the v9 to v16 migration
chain ran in v1.2.1 and earlier. Replace the seven in-LoadAsync migration
blocks with a hard schema-gate in the Phase-1 ctor; older configs trigger
a clear "install v1.4.2 first" error. Code-hygiene change, fast-path
saving is negligible. Remove the now-unused TryReadPreV13ThemeOpacity
helper that only served the v13 to v14 block.
AutoTranslate.PreloadCache: was sync ~300 ms in LoadAsync. Move to
Task.Run so plugin-load returns ~300 ms earlier. Trade-off: first
auto-translate use of a session may have a sub-second hitch if the
cache hasn't finished warming. Acceptable, it is first-use cost
instead of every-load cost.
The previous fire-and-forget Task.Run pattern could leave Plugin.FontManager
null when the first UiBuilder.Draw tick fires (ChatLogWindow dereferences
FontManager.FontAwesome / RegularFont / ItalicFont in its draw paths).
Allocate FontManager and call BuildFonts() synchronously, mirroring
ChatTwo Plugin.cs:152. BuildFonts itself is non-blocking — it just
registers IFontHandles with Dalamud's atlas; the actual atlas rebuild
runs on Dalamud's pipeline a few frames later, so the perceived-load
win still holds (LoadAsync no longer waits for atlas build).
BuildFontsAsync in FontManager.cs stays for the Settings-driven manual
rebuild path.
Phase-1 was still doing 7 schema migrations and 25+ service allocations
synchronously, blocking the ctor return. Move all of that to LoadAsync,
keeping only bootstrap-essentials in the ctor: conflict detection,
config load, language init, ImGui init, WindowSystem skeleton.
Decouple the font task from the LoadAsync await — font-build runs
fire-and-forget, so first frames render with Dalamud's default font
until the Hellion-Exo2/NotoSans atlas rebuild completes (visible
"font-pop"). Mirrors ChatTwo's pattern; the perceived-load win comes
from "Finished loading" landing earlier, not from a faster atlas build.
Smoke test in Task 6 surfaced a NullReferenceException at Plugin.cs:885 —
the retention sweep was scheduled in Phase 1 but dereferences
MessageManager.Store, which is only allocated in Phase 2 (LoadAsync).
Move the call after MessageManager init. Drop the comment that wrongly
claimed independence from Phase-2 services.
I-1: rewrite property-shape comment to reflect that all properties (not
just Phase-2 ones) moved to { get; private set; } = null!;.
I-3: drop plan-jargon (Q1=A / Q3=B / Task 5) from source comments;
replace with durable rationale and a version-anchored TODO for the
FontManager.BuildFontsAsync follow-up.
I-4: remove German-word leak ("pflicht") from English comment in
DisposeAsync.
M-5: wrap each cleanup line inside Framework.RunOnFrameworkThread with
CaptureFailure so a single Dispose throw no longer strands subsequent
cleanup. Drops the inline try/swallow on SetChatInteractable. Mirrors
Lightless DisposeFrameworkBoundServicesAsync pattern.
actions/upload-artifact@v7 fails on Gitea Actions — the GitHub
artifact API has compatibility gaps the Gitea runtime layer does not
fully cover, and v7 specifically tripped exitcode 1 on the Strato
runner. The build itself runs fine; the artefact was never consumed
by anything (release.yml does its own latest.zip lookup), so the
cleanest fix is to make build.yml a pure compile-health check
without artefact upload.
Chat 2 has entered a major rework that Infi confirmed makes selective
patches no longer portable. The cherry-pick pipeline as a routine
workflow stops with the v1.4.x cycle. Documentation reflects the new
state across all touchpoints.
UPSTREAM_SYNC.md rewritten: replaces the "How I Cherry-Pick" /
"Reviewing What Is New Upstream" / "Conflict Handling" sections with
"Why Cherry-Picking Stopped", "What Closing the Pipeline Means in
Practice", "What Does Not Change", "What Could Re-Open Later".
Existing cherry-pick trails in the git history stay intact, EUPL-1.2
anchor lines and NOTICE.md remain canonical.
README.md, CONTRIBUTING.md, ROADMAP.md, THIRD_PARTY_NOTICES.md and
the PR template updated to match: cherry-pick references reframed as
historical or pointed at UPSTREAM_SYNC.md for the current state.
NOTICE.md keeps the BetterTTV cherry-pick example as a concrete past
case but adds a paragraph that the pipeline is closed and clarifies
the attribution standard is preserved unchanged.
PULL_REQUEST_TEMPLATE.md drops the "Upstream cherry-pick from Chat 2"
checkbox and the cherry-pick-path compatibility prompt. The upstream
git remote was already removed locally on 2026-05-08 (separate change,
not in this commit).
No source-file edits, no manifest version bump, no changelog entry —
this is documentation-only and ships with the next release.
JonKazama-Hellion
renovate-bot