JonKazama-Hellion/HellionChat
1
0
Fork 0
Code Issues 1 Pull Requests Actions Releases 28 Activity

Compare commits

base: JonKazama-Hellion/HellionChat:v0.5.1
Branches Tags
JonKazama-Hellion/HellionChat:main
JonKazama-Hellion/HellionChat:v1.4.3 JonKazama-Hellion/HellionChat:v1.4.2 JonKazama-Hellion/HellionChat:v1.4.1 JonKazama-Hellion/HellionChat:v1.4.0 JonKazama-Hellion/HellionChat:v1.3.0 JonKazama-Hellion/HellionChat:v1.2.3 JonKazama-Hellion/HellionChat:v1.2.2 JonKazama-Hellion/HellionChat:v1.2.1 JonKazama-Hellion/HellionChat:v1.2.0 JonKazama-Hellion/HellionChat:v1.1.0 JonKazama-Hellion/HellionChat:v1.0.3 JonKazama-Hellion/HellionChat:v1.0.2 JonKazama-Hellion/HellionChat:v1.0.1 JonKazama-Hellion/HellionChat:v1.0.0 JonKazama-Hellion/HellionChat:v0.6.1 JonKazama-Hellion/HellionChat:v0.6.0 JonKazama-Hellion/HellionChat:v0.5.4 JonKazama-Hellion/HellionChat:v0.5.3 JonKazama-Hellion/HellionChat:v0.5.2 JonKazama-Hellion/HellionChat:v0.5.1 JonKazama-Hellion/HellionChat:v0.5.0 JonKazama-Hellion/HellionChat:v0.4.0 JonKazama-Hellion/HellionChat:v0.3.1 JonKazama-Hellion/HellionChat:v0.3.0 JonKazama-Hellion/HellionChat:v0.2.0 JonKazama-Hellion/HellionChat:v0.1.2 JonKazama-Hellion/HellionChat:v0.1.1 JonKazama-Hellion/HellionChat:v0.1.0
..
compare: JonKazama-Hellion/HellionChat:v0.5.3
Branches Tags
JonKazama-Hellion/HellionChat:main
JonKazama-Hellion/HellionChat:v1.4.3 JonKazama-Hellion/HellionChat:v1.4.2 JonKazama-Hellion/HellionChat:v1.4.1 JonKazama-Hellion/HellionChat:v1.4.0 JonKazama-Hellion/HellionChat:v1.3.0 JonKazama-Hellion/HellionChat:v1.2.3 JonKazama-Hellion/HellionChat:v1.2.2 JonKazama-Hellion/HellionChat:v1.2.1 JonKazama-Hellion/HellionChat:v1.2.0 JonKazama-Hellion/HellionChat:v1.1.0 JonKazama-Hellion/HellionChat:v1.0.3 JonKazama-Hellion/HellionChat:v1.0.2 JonKazama-Hellion/HellionChat:v1.0.1 JonKazama-Hellion/HellionChat:v1.0.0 JonKazama-Hellion/HellionChat:v0.6.1 JonKazama-Hellion/HellionChat:v0.6.0 JonKazama-Hellion/HellionChat:v0.5.4 JonKazama-Hellion/HellionChat:v0.5.3 JonKazama-Hellion/HellionChat:v0.5.2 JonKazama-Hellion/HellionChat:v0.5.1 JonKazama-Hellion/HellionChat:v0.5.0 JonKazama-Hellion/HellionChat:v0.4.0 JonKazama-Hellion/HellionChat:v0.3.1 JonKazama-Hellion/HellionChat:v0.3.0 JonKazama-Hellion/HellionChat:v0.2.0 JonKazama-Hellion/HellionChat:v0.1.2 JonKazama-Hellion/HellionChat:v0.1.1 JonKazama-Hellion/HellionChat:v0.1.0

27 Commits
v0.5.1 .. v0.5.3

Author SHA1 Message Date
JonKazama-Hellion 93d52ae819 chore(release): bump version to 0.5.3 
Single-fix patch to close the CodeQL pointer-arithmetic alert that
v0.5.2 left open. v0.5.2 already shipped, so we tag forward instead
of moving the published tag.
 2026-05-02 23:46:26 +02:00
JonKazama-Hellion 48b3d5c6b1 fix(security): validate UTF8 byte buffer length before pointer arithmetic 
CodeQL re-opened the unvalidated-pointer-arithmetic alert at the new
textEnd line because Encoding.GetBytes is a virtual method on
Encoding and the returned array's Length is therefore tracked as
untrusted input for pointer arithmetic.

Compute the expected byte count from the same encoder via
GetByteCount and bail out if the actual buffer length does not match.
That is a real consistency check that would catch a maliciously
swapped Encoding.UTF8 instance, not a dead defensive guard. The
empty-split early-out from the previous fix is folded into the same
condition.
 2026-05-02 23:42:59 +02:00
JonKazama-Hellion e9a9d8a01c merge: icon packaging fix 2026-05-02 23:33:22 +02:00
JonKazama-Hellion a155a57f33 fix(packaging): icon and image urls now reach the built manifest 
Three packaging defects rolled into one fix:

- The custom DalamudPackager.targets override forced HandleImages and
  ImagesPath through the legacy code path. SDK 15 handles images by
  default and the override produced an output manifest with neither
  IconUrl nor ImageUrls populated. Removed.
- The csproj only included images/icon.png explicitly via
  <None Include>, so chatWindow.png and withSimpleTweaks.png never
  reached the build output and never made it into the release ZIP
  either. Switched to a glob include.
- HellionChat.yaml carried no icon_url / image_urls, so even after
  the SDK started writing the manifest correctly, both fields stayed
  unset. Added them pointing at the public raw.githubusercontent
  URLs that already work for the repo.json IconUrl.

Net effect on a fresh release: Dalamud picks up the icon next to the
DLL on dev installs, the plugin-installer card shows the proper
HellionChat logo for users coming through the custom repo, and the
two screenshot images are listed alongside the description so the
plugin installer carousel works the way other Dalamud plugins look.
 2026-05-02 23:33:15 +02:00
JonKazama-Hellion 90b83a0690 chore(release): bump version to 0.5.2 
Patch release. History-order fix for Auto-Tell-Tabs, three default-
config alignments and two CodeQL security findings closed.
 2026-05-02 23:28:35 +02:00
JonKazama-Hellion f10301c3e4 merge: codeql findings #1 and #2 2026-05-02 23:27:12 +02:00
JonKazama-Hellion 8571a936a4 merge: align config defaults with maintainer's live config 2026-05-02 23:27:12 +02:00
JonKazama-Hellion 3f6144836c merge: auto-tell history-order fix 2026-05-02 23:27:12 +02:00
JonKazama-Hellion 53c432a635 fix(security): close codeql findings #1 and #2 
Two CodeQL alerts opened against the codeql-manual-build workflow's
first scan. Both real, both small fixes.

#1 Medium / Workflow does not contain permissions
   build.yml runs read-only against the repo (no push, no release
   creation, no API mutations) but never declared a permissions
   block, so the default GITHUB_TOKEN scope applied. Pin to
   contents: read at workflow level. Release and CodeQL workflows
   already have their explicit minimal scopes.

#2 Critical / Unvalidated local pointer arithmetic
   ImGuiUtil.WrappedTextWithPos splits its input on newlines and
   passes each part through Encoding.UTF8.GetBytes inside a fixed
   block. Empty splits (consecutive newlines, blank lines) produced
   a zero-length byte array, fixed gave us a valid pointer, and
   textEnd = text + bytes.Length collapsed onto text. The downstream
   ImGuiNative.CalcWordWrapPositionA calls received identical start
   and end pointers, which is undefined behaviour at the native
   boundary even if it happens to no-op on the current ImGui build.
   Bail before entering the fixed block when bytes.Length == 0 and
   render an empty line for the gap, which is what the original
   text == null guard was trying to do but could never reach inside
   a fixed block over a non-null array.
 2026-05-02 23:25:41 +02:00
JonKazama-Hellion 340cadf3b9 chore(config): align defaults with maintainer's live config 
Three real-world adjustments to the default config that ships with a
fresh install:

- HellionThemeWindowOpacity 0.92 -> 0.5 so a fresh install lands at
  the more glass-like default the maintainer uses daily
- Use24HourClock false -> true to match a German / European locale.
  Works correctly thanks to the v0.5.1 strict-format fix that uses
  CultureInfo.InvariantCulture instead of the host culture
- HellionParty preset Channel: InputChannel.Party -> null. Auto-
  routing /party into a tab that also collects /alliance and /pvpteam
  surprises the user when they wanted to type into the other ones;
  the tab stays as a read surface

LoadPreviousSession and FilterIncludePreviousSessions stay false to
keep the privacy-strict 'every session starts fresh' line. The
maintainer's personal settings flip them on, but that's an
opt-in choice, not a default we should ship to every fresh install.
RetentionEnabled also stays false for the same opt-in reason.
 2026-05-02 23:24:22 +02:00
JonKazama-Hellion 8d6868aef6 chore(config): align defaults with maintainer's live config 
Four defaults now match what a daily-driver Hellion install ends up at
anyway, so a fresh install does not feel like the wrong product:

- HellionThemeWindowOpacity 0.92 -> 0.5 (more glass-like)
- LoadPreviousSession + FilterIncludePreviousSessions false -> true
  (tabs pick up where they left off after a crash or restart). The
  privacy filter still gates what goes into the store; loading what
  is already in there is not an additional privacy cost.
- Use24HourClock false -> true (matches a German / European locale,
  works with the strict CultureInfo.InvariantCulture format from the
  v0.5.1 fix).

RetentionEnabled stays at false because that one is a documented
opt-in privacy line, not a UX default. The persistent retention sweep
should require an explicit user gesture even though my own install
has it on.
 2026-05-02 23:21:20 +02:00
JonKazama-Hellion 6e8fcc8cc3 merge: codeql manual-build workflow 2026-05-02 23:17:39 +02:00
JonKazama-Hellion 57670ffc76 ci(codeql): replace default setup with manual-build workflow 
The default GitHub-managed CodeQL setup builds C# without the Dalamud
assemblies (they live in user AppData, not in the repo or in NuGet),
so call-target resolution sits at 64% and the analysis tile reports
'Low C# analysis quality'. This workflow runs the same Dalamud staging
download we use for the regular build before the CodeQL build step,
which gives the analyser a fully-resolved compilation and pushes both
quality metrics above the 85% thresholds.

Two jobs:

- analyze-csharp on windows-latest with build-mode: manual and the
  security-extended query suite, so we get the full SQL-injection,
  path-traversal and crypto-misuse rule set on a clean compilation
- analyze-actions on ubuntu-latest with build-mode: none, scans the
  workflow files in .github for action-injection patterns

Schedule runs Mondays at 06:17 UTC (low-traffic window).

The repo's CodeQL default setup needs to be switched to advanced in
Settings -> Code security before this workflow takes over, otherwise
both run in parallel and we waste runner minutes.
 2026-05-02 23:15:20 +02:00
JonKazama-Hellion 2144eedd76 fix(autotell): exclude live tell from history preload 
The live tell that triggers an Auto-Tell-Tab spawn is already in the
message store by the time MessageProcessed fires, because
MessageManager calls Store.UpsertMessage on line 266 before invoking
the event on line 277. PreloadHistory therefore picked up the live
tell as the youngest historic message and the separator landed below
it instead of above.

Pass the live message id through SpawnTempTab into PreloadHistory and
filter it out of the result. Pull one extra row so a successful
exclude does not cost the user a preload-budget slot.
 2026-05-02 23:11:20 +02:00
JonKazama-Hellion 43daef83de merge: readme status badges 2026-05-02 23:05:24 +02:00
dependabot[bot] 4a9ad426e7 chore(deps): Bump Microsoft.Data.Sqlite from 9.0.0 to 10.0.7 (#5) 
---
updated-dependencies:
- dependency-name: Microsoft.Data.Sqlite
  dependency-version: 10.0.7
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-02 23:03:53 +02:00
dependabot[bot] 13beda3a8d chore(actions): bump softprops/action-gh-release from 2 to 3 (#3) 
Bumps [softprops/action-gh-release](https://github.com/softprops/action-gh-release) from 2 to 3.
- [Release notes](https://github.com/softprops/action-gh-release/releases)
- [Changelog](https://github.com/softprops/action-gh-release/blob/master/CHANGELOG.md)
- [Commits](https://github.com/softprops/action-gh-release/compare/v2...v3)

---
updated-dependencies:
- dependency-name: softprops/action-gh-release
  dependency-version: '3'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-02 23:03:49 +02:00
dependabot[bot] 18c05af4db chore(actions): bump actions/upload-artifact from 4 to 7 (#2) 
Bumps [actions/upload-artifact](https://github.com/actions/upload-artifact) from 4 to 7.
- [Release notes](https://github.com/actions/upload-artifact/releases)
- [Commits](https://github.com/actions/upload-artifact/compare/v4...v7)

---
updated-dependencies:
- dependency-name: actions/upload-artifact
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-02 23:03:46 +02:00
dependabot[bot] df6e1e1cbd chore(actions): bump actions/checkout from 4 to 6 (#1) 
Bumps [actions/checkout](https://github.com/actions/checkout) from 4 to 6.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v4...v6)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '6'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
 2026-05-02 23:03:43 +02:00
JonKazama-Hellion 01b1a14511 docs(readme): add status badges above the title 
Seven badges covering build status, CodeQL scanning, license, latest
release, Dalamud API level, .NET version and FFXIV expansion. Quick
visual indicator that the plugin is healthy and which tooling
generation it targets, plus shortcut links to the workflow runs and
security findings.
 2026-05-02 23:00:13 +02:00
JonKazama-Hellion b6af8d559c merge: license detection fix and github workflows 2026-05-02 22:53:11 +02:00
JonKazama-Hellion 22dbfc2e24 chore(repo): fix license detection and add github workflows 
LICENSE now starts with the EUPL-1.2 standard header so github-linguist
detects the licence correctly in the repo header. The dual-copyright
block (upstream ChatTwo authors plus Hellion Online Media) moves into a
new COPYRIGHT file referenced from the README. NOTICE.md and
UPSTREAM_SYNC.md stay as-is.

New files under .github:

- workflows/build.yml: validates every push to main and every PR
  against the current Dalamud staging branch on a Windows runner
- workflows/release.yml: builds Release on every v* tag, locates the
  DalamudPackager latest.zip and attaches it to the matching GitHub
  Release via softprops/action-gh-release
- dependabot.yml: weekly NuGet sweeps and monthly GitHub Actions
  sweeps with conventional-commit prefixes, grouped patch and minor
  PRs to cut review noise
- ISSUE_TEMPLATE/bug_report.yml + feature_request.yml + config.yml:
  structured intake that pushes security reports through the private
  advisory flow and routes upstream-only issues to ChatTwo
- SECURITY.md: documents the vulnerability reporting channels, scope,
  and target disclosure window

The release workflow replaces the previous manual upload step. Tag a
release and the ZIP shows up on the release page automatically.
 2026-05-02 22:50:06 +02:00
JonKazama-Hellion 2f3b01732c merge: untrack test project from public repo 2026-05-02 22:09:34 +02:00
JonKazama-Hellion 88803382dd chore(repo): untrack ChatTwo.Tests, matches upstream layout 
Drop the test project from version control. Upstream Chat 2 also
keeps ChatTwo.Tests outside the public repo, and the test sources
need a Dalamud assembly bundle that only resolves on a configured
Windows dev box anyway. The files stay on disk for local runs but
no longer ship with the source.
 2026-05-02 22:08:47 +02:00
JonKazama-Hellion 74c51163c7 merge: license, notice and upstream sync docs 2026-05-02 22:06:53 +02:00
JonKazama-Hellion 877ff4ba18 chore(license): remove duplicate upstream LICENCE file 
The LICENSE file added in ad2feb5 carries the dual-copyright block
(upstream ChatTwo authors plus Hellion Online Media) and is the one
the README now points at. The original Upstream-only LICENCE was a
verbatim copy of the EUPL text without our Hellion attribution and
became redundant the moment LICENSE landed. GitHub also prefers the
LICENSE filename for its license-detection in the repo header.
 2026-05-02 21:53:06 +02:00
JonKazama-Hellion ad2feb5a27 chore(license): add LICENSE, NOTICE and upstream sync docs 
Three new top-level files plus README update in preparation for
leaving the GitHub fork network:

- LICENSE: full EUPL-1.2 text plus dual copyright notice (upstream
  ChatTwo authors and Hellion Online Media). README previously
  pointed at a non-existent LICENCE file, fixing that compliance
  gap was overdue regardless of the fork-network decision.
- NOTICE.md: acknowledgements addressed directly to Infi and Anna,
  honest framing of why the fork exists alongside upstream rather
  than trying to displace it, plus maintainer contact channels for
  attribution or takedown questions.
- UPSTREAM_SYNC.md: documents the manual cherry-pick workflow with
  -x authorship preservation, the conflict-handling policy, and
  what we will and will not pull from upstream. Replaces the
  GitHub-Fork sync UI we will lose after detaching.
- README.md: version bump to 0.5.1, fork-network detach note, link
  to NOTICE.md and LICENSE, fixed the LICENCE / LICENSE typo.
 2026-05-02 21:51:33 +02:00
28 changed files with 1141 additions and 934 deletions
Expand all files Collapse all files
.github/ISSUE_TEMPLATE/bug_report.yml
+73
View File
@@ -0,0 +1,73 @@
name: Bug report
description: Something in HellionChat is broken or behaves wrong
labels:
- bug
body:
- type: markdown
attributes:
value: |
Thanks for reporting. Please fill in the fields below so I can
reproduce the issue. If this is a security issue, stop here and
use the [private vulnerability advisory](https://github.com/JonKazama-Hellion/HellionChat/security/advisories/new)
instead.
- type: input
id: version
attributes:
label: HellionChat version
description: From Settings → Information → Version
placeholder: "0.5.1"
validations:
required: true
- type: dropdown
id: platform
attributes:
label: Platform
options:
- Windows (XIVLauncher)
- Linux (XIVLauncher Core)
- macOS (XIVLauncher Core / wine)
- Other
validations:
required: true
- type: textarea
id: what-happened
attributes:
label: What happened
description: Plain description, no log dumps yet
validations:
required: true
- type: textarea
id: expected
attributes:
label: What you expected
validations:
required: true
- type: textarea
id: steps
attributes:
label: How to reproduce
description: Step-by-step from "open settings" or "log in" through to the broken behaviour
validations:
required: true
- type: textarea
id: log
attributes:
label: Relevant /xllog excerpt
description: Filter for "HellionChat" or "ChatTwo" if the log is huge
render: text
- type: checkboxes
id: confirm
attributes:
label: Pre-flight
options:
- label: I am running the latest version of HellionChat
required: true
- label: I have searched existing issues for duplicates
required: true
.github/ISSUE_TEMPLATE/config.yml
+14
View File
@@ -0,0 +1,14 @@
blank_issues_enabled: false
contact_links:
- name: Security vulnerability
url: https://github.com/JonKazama-Hellion/HellionChat/security/advisories/new
about: Do not open a public issue for security problems. Use the private advisory instead.
- name: Upstream Chat 2 issue
url: https://github.com/Infiziert90/ChatTwo/issues
about: If the issue exists in upstream Chat 2 too, please report it there so the original maintainers see it as well.
- name: Discord
url: https://discord.com/users/j.j_kazama
about: Quick questions, casual feedback. Bug reports still go through the issue tracker for tracking.
.github/ISSUE_TEMPLATE/feature_request.yml
+55
View File
@@ -0,0 +1,55 @@
name: Feature request
description: Suggest a feature or enhancement for HellionChat
labels:
- enhancement
body:
- type: markdown
attributes:
value: |
Thanks for the suggestion. HellionChat focuses on privacy by
default and a small, well-scoped feature set. Suggestions that
align with that scope are easier to accept than ones that pull
the plugin toward "do everything".
- type: textarea
id: problem
attributes:
label: What problem are you trying to solve
description: The user-side problem, not the proposed solution yet
validations:
required: true
- type: textarea
id: solution
attributes:
label: What you would like HellionChat to do
validations:
required: true
- type: textarea
id: alternatives
attributes:
label: Alternatives you have considered
description: Other plugins, manual workarounds, settings combinations
- type: dropdown
id: scope
attributes:
label: Scope estimate from your side
options:
- "Small (one tab, one toggle, one filter)"
- "Medium (a settings section, persistent state, one new file)"
- "Large (architectural, touches the message pipeline or the database)"
- "I don't know"
validations:
required: true
- type: checkboxes
id: confirm
attributes:
label: Pre-flight
options:
- label: I have searched existing issues for similar requests
required: true
- label: I understand HellionChat is a privacy-focused fork and not a feature parity tool with upstream Chat 2
required: true
.github/dependabot.yml
+42
View File
@@ -0,0 +1,42 @@
version: 2
updates:
# NuGet package updates for the plugin project. Weekly cadence keeps the
# noise down while still catching transitive security advisories within
# a few days of disclosure.
- package-ecosystem: nuget
directory: /ChatTwo
schedule:
interval: weekly
day: monday
time: "07:00"
timezone: Europe/Berlin
open-pull-requests-limit: 5
labels:
- dependencies
- nuget
commit-message:
prefix: "chore(deps)"
groups:
patches:
update-types:
- patch
minor:
update-types:
- minor
# GitHub Actions versions in .github/workflows. Lower cadence because
# Action releases ship less frequently and are usually safe to defer
# for a month.
- package-ecosystem: github-actions
directory: /
schedule:
interval: monthly
time: "07:00"
timezone: Europe/Berlin
open-pull-requests-limit: 3
labels:
- dependencies
- github-actions
commit-message:
prefix: "chore(actions)"
.github/workflows/build.yml
+56
View File
@@ -0,0 +1,56 @@
name: Build
# Verifies that every push to main and every PR still builds against the
# current Dalamud staging branch. Does not produce release artefacts; the
# release workflow handles that on tag.
on:
push:
branches: [main]
pull_request:
branches: [main]
workflow_dispatch:
# Minimum permissions for a build-only workflow: read the repo, nothing
# else. Closes the CodeQL "Workflow does not contain permissions" alert
# and matches the principle-of-least-privilege the security guide
# recommends for workflows that don't push or create releases.
permissions:
contents: read
jobs:
build:
name: Build (Release)
runs-on: windows-latest
timeout-minutes: 15
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Setup .NET 10
uses: actions/setup-dotnet@v4
with:
dotnet-version: 10.0.x
- name: Download Dalamud staging
shell: pwsh
run: |
$hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev"
New-Item -ItemType Directory -Force -Path $hooks | Out-Null
Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip
Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks
- name: Restore
run: dotnet restore ChatTwo/ChatTwo.csproj
- name: Build (Release)
run: dotnet build ChatTwo/ChatTwo.csproj --configuration Release --no-restore
- name: Upload build output
uses: actions/upload-artifact@v7
with:
name: HellionChat-build-${{ github.run_number }}
path: ChatTwo/bin/Release/**/HellionChat/**
if-no-files-found: warn
retention-days: 14
.github/workflows/codeql.yml
+93
View File
@@ -0,0 +1,93 @@
name: CodeQL
# Replaces the GitHub default-setup CodeQL scan. The default setup runs
# without resolving the Dalamud assemblies (they live in a user-AppData
# path) and reports "Low C# analysis quality" because call-target
# resolution sits at ~64%. This workflow downloads the Dalamud staging
# distribution before the build, runs a manual dotnet build, and then
# lets CodeQL analyse the fully-resolved compilation. Quality climbs
# back above the 85% thresholds.
#
# This workflow only consumes trusted inputs: the tag/branch ref via
# the standard checkout action, and the Dalamud distribution URL which
# is pinned to a goatcorp-controlled GitHub Pages target. No user-
# controlled event payload (issue title, PR body, commit message) flows
# into a run-step.
#
# Disable the default setup in the repo before this workflow lands:
# Settings -> Code security -> Code scanning -> "CodeQL analysis" tile
# -> Switch to advanced.
on:
push:
branches: [main]
pull_request:
branches: [main]
schedule:
- cron: '17 6 * * 1'
permissions:
actions: read
contents: read
security-events: write
jobs:
analyze-csharp:
name: Analyze (csharp)
runs-on: windows-latest
timeout-minutes: 30
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Setup .NET 10
uses: actions/setup-dotnet@v4
with:
dotnet-version: 10.0.x
- name: Download Dalamud staging
shell: pwsh
run: |
$hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev"
New-Item -ItemType Directory -Force -Path $hooks | Out-Null
Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip
Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: csharp
build-mode: manual
queries: security-extended
- name: Restore
run: dotnet restore ChatTwo/ChatTwo.csproj
- name: Build (Release)
run: dotnet build ChatTwo/ChatTwo.csproj --configuration Release --no-restore
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
with:
category: /language:csharp
analyze-actions:
name: Analyze (actions)
runs-on: ubuntu-latest
timeout-minutes: 10
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Initialize CodeQL
uses: github/codeql-action/init@v3
with:
languages: actions
build-mode: none
- name: Perform CodeQL analysis
uses: github/codeql-action/analyze@v3
with:
category: /language:actions
.github/workflows/release.yml
+61
View File
@@ -0,0 +1,61 @@
name: Release
# Triggered when a vX.Y.Z tag is pushed. Builds the plugin against the
# current Dalamud staging branch, locates the latest.zip produced by
# DalamudPackager and attaches it to the matching GitHub Release.
# Does not consume any user-controlled event payload, only the tag name
# (validated by the on.tags filter) and the steps output of the locate
# step (path string from Get-ChildItem on a controlled directory).
on:
push:
tags:
- 'v*'
permissions:
contents: write
jobs:
release:
name: Build and attach release ZIP
runs-on: windows-latest
timeout-minutes: 20
steps:
- name: Checkout
uses: actions/checkout@v6
- name: Setup .NET 10
uses: actions/setup-dotnet@v4
with:
dotnet-version: 10.0.x
- name: Download Dalamud staging
shell: pwsh
run: |
$hooks = Join-Path $env:APPDATA "XIVLauncher\addon\Hooks\dev"
New-Item -ItemType Directory -Force -Path $hooks | Out-Null
Invoke-WebRequest -Uri https://goatcorp.github.io/dalamud-distrib/stg/latest.zip -OutFile dalamud.zip
Expand-Archive -Force -Path dalamud.zip -DestinationPath $hooks
- name: Build (Release)
run: dotnet build ChatTwo/ChatTwo.csproj --configuration Release
- name: Locate latest.zip
id: locate
shell: pwsh
run: |
$zip = Get-ChildItem -Path ChatTwo\bin\Release -Recurse -Filter latest.zip | Select-Object -First 1
if (-not $zip)
{
throw "latest.zip not found under ChatTwo\bin\Release"
}
Write-Host "Found: $($zip.FullName)"
"path=$($zip.FullName)" | Out-File -FilePath $env:GITHUB_OUTPUT -Append
- name: Attach to GitHub release
uses: softprops/action-gh-release@v3
with:
files: ${{ steps.locate.outputs.path }}
fail_on_unmatched_files: true
generate_release_notes: false
.gitignore
+3
View File
@@ -374,6 +374,9 @@ FodyWeavers.xsd
#Specs und Plan datein #Specs und Plan datein
/.superpowers/ /.superpowers/
#Test Datein
ChatTwo.Tests
TestResults TestResults
*.db-shm *.db-shm
*.db-wal *.db-wal
COPYRIGHT
+27
View File
@@ -0,0 +1,27 @@
HellionChat — a privacy-focused fork of ChatTwo for FINAL FANTASY XIV
Copyright (c) 2024-2025 Infiziert90 (Infi) and Anna Clemens (ascclemens)
Original ChatTwo authors and copyright holders of the upstream
plugin this fork is built on. Their work covers the message store,
the channel filtering, the sidebar tab system, the FFXIV chat
hooks, the localisation infrastructure and most of the
architecture HellionChat still relies on.
Copyright (c) 2025-2026 Florian Wathling / Hellion Online Media
HellionChat-specific modifications, including the privacy filter,
per-channel retention sweep, export pipeline, Auto-Tell-Tabs,
Hellion theme and font integration, German localisation and the
EUPL-1.2 fork maintenance.
Licensed under the European Union Public Licence (EUPL), Version 1.2
only. The full Licence text lives in the LICENSE file at the root of
this repository. The official Licence website is at:
https://eupl.eu/1.2/en/
This Work is provided "AS IS" without warranties of any kind. See
Article 7 (Disclaimer of Warranty) and Article 8 (Disclaimer of
Liability) of the Licence for the legally binding wording.
Acknowledgements directed at the upstream ChatTwo authors live in
NOTICE.md. The manual upstream-sync workflow lives in UPSTREAM_SYNC.md.
ChatTwo.Tests/AutoTellTabsHistoryTest.cs
-167
View File
@@ -1,167 +0,0 @@
using System;
using System.IO;
using System.Linq;
using ChatTwo.Code;
using ChatTwo.Util;
using Dalamud.Game.Text;
using Dalamud.Game.Text.SeStringHandling;
using Dalamud.Game.Text.SeStringHandling.Payloads;
using JetBrains.Annotations;
using Microsoft.VisualStudio.TestTools.UnitTesting;
namespace ChatTwo.Tests;
// Hellion Chat — Auto-Tell-Tabs history-preload coverage.
//
// These tests exercise MessageStore.GetTellHistoryWithSender, the query the
// AutoTellTabsService uses to populate a freshly spawned temp tab with the
// last conversations with that player.
//
// NOTE: like the rest of ChatTwo.Tests today, these will fail at runtime
// until the project's Dalamud.dll runtime dependency is sorted out (see
// Phase-2 backlog item "Test-Projekt fixen"). Compile-time the suite builds
// fine via DALAMUD_HOME, so the tests guard against API drift even before
// they can be executed locally.
[TestClass]
[TestSubject(typeof(MessageStore))]
public class AutoTellTabsHistoryTest
{
public TestContext TestContext { get; set; }
[TestMethod]
[Timeout(5000)]
public void GetTellHistoryWithSender_FiltersByNameAndWorld()
{
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
const ulong receiver = 99001;
var now = DateTimeOffset.UtcNow;
// Two tells with the target sender, one with a different sender on
// the same world, one with the same name on a different world. Only
// the first two should make it into the result.
var asukaLichIn = TellMessage("Asuka", 76, receiver, now.AddMinutes(-30), ChatType.TellIncoming);
var asukaLichOut = TellMessage("Asuka", 76, receiver, now.AddMinutes(-20), ChatType.TellOutgoing);
var broboLich = TellMessage("Brobo", 76, receiver, now.AddMinutes(-10), ChatType.TellIncoming);
var asukaOmega = TellMessage("Asuka", 90, receiver, now.AddMinutes(-5), ChatType.TellIncoming);
store.UpsertMessage(asukaLichIn);
store.UpsertMessage(asukaLichOut);
store.UpsertMessage(broboLich);
store.UpsertMessage(asukaOmega);
var result = store.GetTellHistoryWithSender(receiver, "Asuka", 76, limit: 50);
Assert.AreEqual(2, result.Count);
// Result is oldest-first so a tab can append messages chronologically.
Assert.AreEqual(asukaLichIn.Id, result[0].Id);
Assert.AreEqual(asukaLichOut.Id, result[1].Id);
}
[TestMethod]
[Timeout(5000)]
public void GetTellHistoryWithSender_RespectsLimit()
{
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
const ulong receiver = 99002;
var now = DateTimeOffset.UtcNow;
for (var i = 0; i < 30; i++)
{
var msg = TellMessage("Asuka", 76, receiver, now.AddMinutes(-i - 1), ChatType.TellIncoming);
store.UpsertMessage(msg);
}
var result = store.GetTellHistoryWithSender(receiver, "Asuka", 76, limit: 5);
Assert.AreEqual(5, result.Count);
}
[TestMethod]
[Timeout(5000)]
public void GetTellHistoryWithSender_ZeroLimitReturnsEmpty()
{
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
const ulong receiver = 99003;
var msg = TellMessage("Asuka", 76, receiver, DateTimeOffset.UtcNow, ChatType.TellIncoming);
store.UpsertMessage(msg);
var result = store.GetTellHistoryWithSender(receiver, "Asuka", 76, limit: 0);
Assert.AreEqual(0, result.Count);
}
[TestMethod]
[Timeout(5000)]
public void GetTellHistoryWithSender_IgnoresOtherReceivers()
{
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
const ulong ourReceiver = 99004;
const ulong otherReceiver = 99005;
var now = DateTimeOffset.UtcNow;
// Tell on the local player's account.
var ours = TellMessage("Asuka", 76, ourReceiver, now.AddMinutes(-1), ChatType.TellIncoming);
// Same sender, but logged against a different local character —
// common when the user has alts. Must not surface.
var foreign = TellMessage("Asuka", 76, otherReceiver, now, ChatType.TellIncoming);
store.UpsertMessage(ours);
store.UpsertMessage(foreign);
var result = store.GetTellHistoryWithSender(ourReceiver, "Asuka", 76, limit: 50);
Assert.AreEqual(1, result.Count);
Assert.AreEqual(ours.Id, result[0].Id);
}
private static Message TellMessage(
string senderName,
uint senderWorld,
ulong receiver,
DateTimeOffset dateTime,
ChatType chatType)
{
var senderSeString = new SeStringBuilder()
.Add(new PlayerPayload(senderName, senderWorld))
.AddText(senderName)
.Add(RawPayload.LinkTerminator)
.Build();
var contentSeString = new SeStringBuilder()
.AddText("test message")
.Build();
var senderChunks = ChunkUtil.ToChunks(senderSeString, ChunkSource.Sender, chatType).ToList();
var contentChunks = ChunkUtil.ToChunks(contentSeString, ChunkSource.Content, chatType).ToList();
var chatCode = new ChatCode((XivChatType)chatType, XivChatRelationKind.LocalPlayer, XivChatRelationKind.LocalPlayer);
return new Message(
Guid.NewGuid(),
receiver,
0,
dateTime,
chatCode,
senderChunks,
contentChunks,
senderSeString,
contentSeString,
Guid.Empty);
}
}
ChatTwo.Tests/ChatTwo.Tests.csproj
-53
View File
@@ -1,53 +0,0 @@
<Project Sdk="Microsoft.NET.Sdk">
<PropertyGroup>
<TargetFrameworks>net10.0-windows</TargetFrameworks>
<IsPackable>false</IsPackable>
</PropertyGroup>
<ItemGroup>
<PackageReference Include="JetBrains.Annotations" Version="2025.2.2" />
<PackageReference Include="Microsoft.NET.Test.Sdk" Version="17.14.1" />
<PackageReference Include="morelinq" Version="4.4.0" />
<PackageReference Include="MSTest.TestAdapter" Version="3.6.3" />
<PackageReference Include="MSTest.TestFramework" Version="3.6.3" />
</ItemGroup>
<ItemGroup>
<ProjectReference Include="..\ChatTwo\ChatTwo.csproj" />
</ItemGroup>
<PropertyGroup>
<DalamudLibPath>$(AppData)\XIVLauncher\addon\Hooks\dev</DalamudLibPath>
</PropertyGroup>
<PropertyGroup Condition="'$([System.Runtime.InteropServices.RuntimeInformation]::IsOSPlatform($([System.Runtime.InteropServices.OSPlatform]::Linux)))'">
<DalamudLibPath>$(DALAMUD_HOME)</DalamudLibPath>
</PropertyGroup>
<PropertyGroup Condition="'$(IsCI)' == 'true'">
<DalamudLibPath>$(HOME)/dalamud</DalamudLibPath>
</PropertyGroup>
<ItemGroup>
<Reference Include="Dalamud">
<HintPath>$(DalamudLibPath)\Dalamud.dll</HintPath>
<Private>false</Private>
</Reference>
<Reference Include="FFXIVClientStructs">
<HintPath>$(DalamudLibPath)\FFXIVClientStructs.dll</HintPath>
<Private>false</Private>
</Reference>
<Reference Include="Lumina">
<HintPath>$(DalamudLibPath)\Lumina.dll</HintPath>
<Private>false</Private>
</Reference>
<Reference Include="Lumina.Excel">
<HintPath>$(DalamudLibPath)\Lumina.Excel.dll</HintPath>
<Private>false</Private>
</Reference>
</ItemGroup>
</Project>
ChatTwo.Tests/MessageStoreTest.cs
-293
View File
@@ -1,293 +0,0 @@
using System;
using System.Collections.Generic;
using System.IO;
using System.Linq;
using ChatTwo.Code;
using ChatTwo.Util;
using Dalamud.Game.Text;
using Dalamud.Game.Text.SeStringHandling;
using Dalamud.Game.Text.SeStringHandling.Payloads;
using JetBrains.Annotations;
using Microsoft.VisualStudio.TestTools.UnitTesting;
using Chat2PartyFinderPayload = ChatTwo.Util.PartyFinderPayload;
namespace ChatTwo.Tests;
[TestClass]
[TestSubject(typeof(MessageStore))]
public class MessageStoreTest {
// From Message.cs
private static readonly byte[] ExtraChatChannelPayloadBytes = [0, 0x27, 18, 0x20];
public TestContext TestContext { get; set; }
public static string GetImportPath() {
string[] importPaths = [
@".\TestData",
@"..\TestData",
@"..\..\TestData",
@"..\..\..\TestData",
];
var importPath = importPaths.FirstOrDefault(Directory.Exists);
if (string.IsNullOrEmpty(importPath)) {
throw new DirectoryNotFoundException("Could not find the import path");
}
return importPath;
}
[TestMethod]
[Timeout(5000)]
public void StoreAndRetrieve() {
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
// Write the message.
var input = BigMessage();
store.UpsertMessage(input);
// Read the message back.
using var messageEnumerator = store.GetMostRecentMessages();
var messages = messageEnumerator.ToList();
Assert.AreEqual(1, messages.Count);
AssertMessagesEqual(input, messages.First());
}
[TestMethod]
[Timeout(5000)]
public void RetrieveMultiple() {
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
// Insert 10 messages in the wrong order of date.
var messages = new List<Message>();
const uint receiver = 12345;
var now = DateTimeOffset.UtcNow;
for (var i = 0; i < 10; i++) {
var message = BigMessage(true, receiver, now.AddSeconds(-i));
TestContext.WriteLine($"Inserting message {i}: {message.Id}");
store.UpsertMessage(message);
messages.Add(message);
}
// Insert a message for a different receiver. This shouldn't be returned
// because of the receiver filtering.
var otherReceiverMsg = BigMessage(receiver: receiver + 1, dateTime: now.AddSeconds(1));
TestContext.WriteLine($"Inserting other receiver message: {otherReceiverMsg.Id}");
store.UpsertMessage(otherReceiverMsg);
// Query the most recent 5 messages. Should return the 4 newest messages
// from the list, as well as the different receiver message because we
// aren't filtering.
using var unfilteredMessageEnumerator = store.GetMostRecentMessages(count: 5);
var outputMessages = unfilteredMessageEnumerator.ToList();
var gotIds = outputMessages.Select(m => m.Id).ToList();
TestContext.WriteLine($"Query 1 got IDs: {string.Join(", ", gotIds)}");
AssertGuidsEqual(new List<Guid> {
messages[3].Id,
messages[2].Id,
messages[1].Id,
messages[0].Id,
otherReceiverMsg.Id
}, gotIds);
// Query the most recent 5 messages but filter by receiver ID.
using var filteredByReceiverMessageEnumerator = store.GetMostRecentMessages(receiver: receiver, count: 5);
outputMessages = filteredByReceiverMessageEnumerator.ToList();
gotIds = outputMessages.Select(m => m.Id).ToList();
TestContext.WriteLine($"Query 2 got IDs: {string.Join(", ", gotIds)}");
AssertGuidsEqual(new List<Guid> {
messages[4].Id,
messages[3].Id,
messages[2].Id,
messages[1].Id,
messages[0].Id,
}, gotIds);
// Query the most recent 5 messages but only since a specific date.
using var filteredByReceiverAndDateMessageEnumerator = store.GetMostRecentMessages(receiver, since: messages[1].Date, count: 5);
outputMessages = filteredByReceiverAndDateMessageEnumerator.ToList();
gotIds = outputMessages.Select(m => m.Id).ToList();
TestContext.WriteLine($"Query 3 got IDs: {string.Join(", ", gotIds)}");
AssertGuidsEqual(new List<Guid> {
messages[1].Id,
messages[0].Id,
}, gotIds);
}
[TestMethod]
[Timeout(5000)]
// This test guards against the data format changing in an incompatible way.
public void RetrieveExisting() {
var input = BigMessage(uniqId: false);
var dbPath = Path.Join(GetImportPath(), "existing.db");
TestContext.WriteLine($"Using existing database: {dbPath}");
Assert.IsTrue(File.Exists(dbPath));
// Uncomment this section to regenerate the existing database.
/*
File.Delete(dbPath);
using (var newStore = new MessageStore(dbPath)) {
newStore.UpsertMessage(input);
}
*/
using var store = new MessageStore(dbPath);
using var existingMessageEnumerator = store.GetMostRecentMessages();
var output = existingMessageEnumerator.ToList();
Assert.AreEqual(1, output.Count);
AssertMessagesEqual(input, output[0]);
}
[TestMethod]
[Timeout(30_000)]
public void ProfileMany() {
const int count = 20_000;
var tempDir = Directory.CreateTempSubdirectory("ChatTwo_test_");
var dbPath = Path.Join(tempDir.FullName, "test.db");
TestContext.WriteLine("Using database path: " + dbPath);
using var store = new MessageStore(dbPath);
for (var i = 0; i < count; i++) {
var message = BigMessage(uniqId: true);
store.UpsertMessage(message);
}
using var messageEnumerator = store.GetMostRecentMessages(count: count);
var messages = messageEnumerator.ToList();
Assert.AreEqual(count, messages.Count);
foreach (var message in messages) {
// Load the message because they are lazily parsed.
Assert.IsTrue(message.Id != Guid.Empty);
}
}
internal static Message BigMessage(bool uniqId = true, uint receiver = 12345, DateTimeOffset? dateTime = null) {
// NOTE: These values aren't valid in the game.
// NOTE: we can't test UiForeground, UiGlow, or AutoTranslatePayload
// because they load data from the game.
var senderSeString = new SeStringBuilder()
.AddText("<")
.Add(new PlayerPayload("Player Name", 12345))
.AddItalics("Player Name")
.Add(RawPayload.LinkTerminator)
.AddText(">: ")
.Build();
var extraChatId = Guid.Parse("03d9e6d4-dc1a-4005-bbe7-66b8c3529277");
var contentSeString = new SeStringBuilder()
.Add(new RawPayload(ExtraChatChannelPayloadBytes.Concat(extraChatId.ToByteArray()).ToArray()))
.AddIcon(BitmapFontIcon.IslandSanctuary)
.AddMapLink(1, 2, 3, 4)
.AddText("map")
.Add(RawPayload.LinkTerminator)
.AddQuestLink(12345)
.AddText("quest")
.Add(RawPayload.LinkTerminator)
.Add(new DalamudLinkPayload())
.AddText("dalamud")
.Add(RawPayload.LinkTerminator)
.AddStatusLink(12345)
.AddText("status")
.Add(RawPayload.LinkTerminator)
.AddPartyFinderLink(12345)
.AddText("party finder")
.Add(RawPayload.LinkTerminator)
.Build();
// Add Chat 2 specific payloads (that can't be serialized into the
// SeString).
var contentChunks = ChunkUtil.ToChunks(contentSeString, ChunkSource.Content, ChatType.Say).ToList();
contentChunks = contentChunks.Concat([
new TextChunk(ChunkSource.Content, new Chat2PartyFinderPayload(12345), "chat 2 party finder"),
new TextChunk(ChunkSource.Content, new AchievementPayload(12345), "chat 2 achievement"),
new TextChunk(ChunkSource.Content, new UriPayload(new Uri("https://dalamud.dev")), "chat 2 uri"),
]).ToList();
var chatCode = new ChatCode((XivChatType)46, XivChatRelationKind.LocalPlayer, XivChatRelationKind.EngagedEnemy);
return new Message(
uniqId ? Guid.NewGuid() : Guid.Parse("f011343e-6a21-49e5-a6f9-238f0f1f8c2c"),
receiver,
54321,
dateTime ?? DateTimeOffset.FromUnixTimeMilliseconds(1713520182440),
chatCode,
ChunkUtil.ToChunks(senderSeString, ChunkSource.Sender, ChatType.Debug).ToList(),
contentChunks,
senderSeString,
contentSeString,
extraChatId
);
}
internal static void AssertMessagesEqual(Message input, Message output) {
// Check basic fields.
Assert.AreEqual(input.Id, output.Id);
Assert.AreEqual(input.Receiver, output.Receiver);
Assert.AreEqual(input.ContentId, output.ContentId);
// Assert time is within 1 second
var timeDifference = Math.Abs(input.Date.ToUniversalTime().Subtract(output.Date.ToUniversalTime()).TotalSeconds);
Assert.IsTrue(timeDifference < 1);
Assert.AreEqual(input.Code, output.Code);
Assert.AreEqual($"{input.SenderSource.Encode():X}", $"{output.SenderSource.Encode():X}");
Assert.AreEqual($"{input.ContentSource.Encode():X}", $"{output.ContentSource.Encode():X}");
Assert.AreEqual(input.SortCodeV2, output.SortCodeV2);
Assert.AreEqual(input.ExtraChatChannel, output.ExtraChatChannel);
// Check chunks.
AssertChunksEqual(input.Sender, output.Sender);
AssertChunksEqual(input.Content, output.Content);
}
private static void AssertChunksEqual(IReadOnlyList<Chunk> inputChunks, IReadOnlyList<Chunk> outputChunks) {
Assert.AreEqual(inputChunks.Count, outputChunks.Count);
for (var i = 0; i < inputChunks.Count; i++) {
var inputChunk = inputChunks[i];
var outputChunk = outputChunks[i];
Assert.AreEqual(inputChunk.Source, outputChunk.Source);
switch (inputChunk.Link) {
case AchievementPayload inputAchievementPayload:
Assert.AreEqual(inputAchievementPayload.Id, ((AchievementPayload) outputChunk.Link)!.Id);
break;
case Chat2PartyFinderPayload inputPartyFinderPayload:
Assert.AreEqual(inputPartyFinderPayload.Id, ((Chat2PartyFinderPayload) outputChunk.Link)!.Id);
break;
case UriPayload inputUriPayload:
Assert.AreEqual(inputUriPayload.Uri, ((UriPayload) outputChunk.Link)!.Uri);
break;
case null:
Assert.IsTrue(outputChunk.Link == null);
break;
default:
Assert.AreEqual($"{inputChunk.Link.Encode():X}", $"{outputChunk.Link!.Encode():X}");
break;
}
switch (inputChunk) {
case TextChunk inputTextChunk:
var outputTextChunk = (TextChunk)outputChunk;
Assert.AreEqual(inputTextChunk.FallbackColour, outputTextChunk.FallbackColour);
Assert.AreEqual(inputTextChunk.Foreground, outputTextChunk.Foreground);
Assert.AreEqual(inputTextChunk.Glow, outputTextChunk.Glow);
Assert.AreEqual(inputTextChunk.Italic, outputTextChunk.Italic);
Assert.AreEqual(inputTextChunk.Content, outputTextChunk.Content);
break;
case IconChunk inputIconChunk:
Assert.AreEqual(inputIconChunk.Icon, ((IconChunk) outputChunk).Icon);
break;
default:
throw new Exception("Unknown chunk type");
}
}
}
private static void AssertGuidsEqual(IReadOnlyList<Guid> expected, IReadOnlyList<Guid> got) {
Assert.AreEqual(expected.Count, got.Count);
for (var i = 0; i < expected.Count; i++) {
Assert.AreEqual(expected[i].ToString(), got[i].ToString());
}
}
}
ChatTwo.Tests/testdata/existing.db
Vendored
BIN
View File
Binary file not shown.
ChatTwo/AutoTellTabsService.cs
+17 -5
View File
@@ -200,7 +200,11 @@ internal sealed class AutoTellTabsService : IDisposable
// Preload first so the tab opens with chronological history above // Preload first so the tab opens with chronological history above
// the current message — and so a slow DB query never causes a // the current message — and so a slow DB query never causes a
// visible "empty tab, then history pops in" effect on screen. // visible "empty tab, then history pops in" effect on screen.
PreloadHistory(tab, partner.Name, partner.World); // The current message is already persisted in the store by the
// time MessageProcessed fires (see MessageManager.cs: UpsertMessage
// runs before the event), so we have to exclude it explicitly to
// avoid the separator landing below the live tell.
PreloadHistory(tab, partner.Name, partner.World, currentMessage.Id);
tab.AddMessage(currentMessage, unread: true); tab.AddMessage(currentMessage, unread: true);
Plugin.Config.Tabs.Add(tab); Plugin.Config.Tabs.Add(tab);
@@ -238,7 +242,7 @@ internal sealed class AutoTellTabsService : IDisposable
return $"{playerName}@World{worldRowId}"; return $"{playerName}@World{worldRowId}";
} }
private void PreloadHistory(Tab tab, string senderName, uint senderWorld) private void PreloadHistory(Tab tab, string senderName, uint senderWorld, Guid currentMessageId)
{ {
var preloadCount = Plugin.Config.AutoTellTabsHistoryPreload; var preloadCount = Plugin.Config.AutoTellTabsHistoryPreload;
if (preloadCount <= 0) if (preloadCount <= 0)
@@ -248,13 +252,21 @@ internal sealed class AutoTellTabsService : IDisposable
try try
{ {
// Pull one extra row because the live tell that triggered this
// spawn is already in the store and would otherwise eat one of
// the user's preload-budget slots.
var history = _store.GetTellHistoryWithSender( var history = _store.GetTellHistoryWithSender(
_messageManager.CurrentContentId, _messageManager.CurrentContentId,
senderName, senderName,
senderWorld, senderWorld,
preloadCount); preloadCount + 1);
if (history.Count == 0) var historicMessages = history
.Where(m => m.Id != currentMessageId)
.Take(preloadCount)
.ToList();
if (historicMessages.Count == 0)
{ {
// No prior tells with this player — leave the tab to start // No prior tells with this player — leave the tab to start
// empty so the user does not see a "history loaded" marker // empty so the user does not see a "history loaded" marker
@@ -265,7 +277,7 @@ internal sealed class AutoTellTabsService : IDisposable
// The history list is already oldest-first, so a plain AddPrune // The history list is already oldest-first, so a plain AddPrune
// loop produces the chronological order the user expects to see // loop produces the chronological order the user expects to see
// when the tab opens. // when the tab opens.
foreach (var message in history) foreach (var message in historicMessages)
{ {
tab.Messages.AddPrune(message, MessageManager.MessageDisplayLimit); tab.Messages.AddPrune(message, MessageManager.MessageDisplayLimit);
} }
ChatTwo/ChatTwo.csproj
Executable → Regular
+11 -12
View File
@@ -4,7 +4,7 @@
0.1.0 is our bootstrap release; the underlying Chat 2 base is 0.1.0 is our bootstrap release; the underlying Chat 2 base is
called out in the yaml changelog so users can see what it called out in the yaml changelog so users can see what it
derives from. --> derives from. -->
<Version>0.5.1</Version> <Version>0.5.3</Version>
<ImplicitUsings>enable</ImplicitUsings> <ImplicitUsings>enable</ImplicitUsings>
<!-- HellionChat fork: assembly is renamed so Dalamud uses <!-- HellionChat fork: assembly is renamed so Dalamud uses
pluginConfigs/HellionChat instead of pluginConfigs/ChatTwo, pluginConfigs/HellionChat instead of pluginConfigs/ChatTwo,
@@ -17,7 +17,7 @@
<ItemGroup> <ItemGroup>
<PackageReference Include="MessagePack" Version="3.1.4" /> <PackageReference Include="MessagePack" Version="3.1.4" />
<PackageReference Include="Microsoft.Data.Sqlite" Version="9.0.0" /> <PackageReference Include="Microsoft.Data.Sqlite" Version="10.0.7" />
<PackageReference Include="morelinq" Version="4.4.0" /> <PackageReference Include="morelinq" Version="4.4.0" />
<PackageReference Include="Pidgin" Version="3.3.0" /> <PackageReference Include="Pidgin" Version="3.3.0" />
<PackageReference Include="SixLabors.ImageSharp" Version="3.1.12" /> <PackageReference Include="SixLabors.ImageSharp" Version="3.1.12" />
@@ -57,17 +57,16 @@
</ItemGroup> </ItemGroup>
<!-- Plugin icon. Copy images/* into the build output so Dalamud
finds the icon next to the DLL, and let the SDK default
DalamudPackager pipeline include the same path in the
release ZIP. Earlier we shipped a custom DalamudPackager
targets override that explicitly set HandleImages and
ImagesPath; that override conflicted with the SDK 15
default and the resulting manifest carried no IconUrl.
Removed in v0.5.2. -->
<ItemGroup> <ItemGroup>
<Folder Include="images\" /> <None Include="images\**">
</ItemGroup>
<!-- Copy images/icon.png next to the built DLL so Dalamud's local
plugin loader finds it at <plugindir>/images/icon.png. The
DalamudPackager.targets file in this directory then includes
the same path inside the release ZIP — see that file for the
full packaging override. -->
<ItemGroup>
<None Include="images\icon.png">
<CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory> <CopyToOutputDirectory>PreserveNewest</CopyToOutputDirectory>
</None> </None>
</ItemGroup> </ItemGroup>
ChatTwo/Configuration.cs
+9 -3
View File
@@ -73,8 +73,10 @@ public class Configuration : IPluginConfiguration
public bool HellionThemeEnabled = true; public bool HellionThemeEnabled = true;
// Window background opacity, 0.51.0. Lower values make the plugin // Window background opacity, 0.51.0. Lower values make the plugin
// panes more glass-like so the game shines through. Default ~92%. // panes more glass-like so the game shines through. Default 0.5
public float HellionThemeWindowOpacity = 0.92f; // matches the maintainer's daily-driver preference; users who want
// a less translucent look bump it up in Aussehen → Theme.
public float HellionThemeWindowOpacity = 0.5f;
// Use the bundled Exo 2 font (OFL-1.1) for the regular plugin font // Use the bundled Exo 2 font (OFL-1.1) for the regular plugin font
// instead of whatever GlobalFontV2.FontId points at. Default ON so a // instead of whatever GlobalFontV2.FontId points at. Default ON so a
@@ -158,7 +160,11 @@ public class Configuration : IPluginConfiguration
public bool PlaySounds = true; public bool PlaySounds = true;
public bool KeepInputFocus = true; public bool KeepInputFocus = true;
public int MaxLinesToRender = 5_000; // 1-10000 public int MaxLinesToRender = 5_000; // 1-10000
public bool Use24HourClock; // Default ON to match a German / European 24h locale. The
// ChatLogWindow.cs format-flip in v0.5.1 honours this strictly via
// CultureInfo.InvariantCulture so the result is consistent across
// host locales.
public bool Use24HourClock = true;
public bool ShowEmotes = true; public bool ShowEmotes = true;
public HashSet<string> BlockedEmotes = []; public HashSet<string> BlockedEmotes = [];
ChatTwo/DalamudPackager.targets
-76
View File
@@ -1,76 +0,0 @@
<?xml version="1.0" encoding="utf-8"?>
<!--
HellionChat — DalamudPackager override.
The default DalamudPackager.targets shipped by the SDK does not set
HandleImages / ImagesPath, so the images/ directory is silently
excluded from the release ZIP. The presence of this file at
$(ProjectDir)DalamudPackager.targets disables the SDK's default
target (it guards on `!Exists('$(PackagerTargetFile)')`) and lets
us call the packager task ourselves with the image fields wired in.
Apart from HandleImages + ImagesPath the property list mirrors the
SDK default verbatim so we don't lose any other manifest field as
the upstream SDK evolves.
-->
<Project>
<Target Name="HellionDalamudPackagerDebug"
AfterTargets="Build"
Condition="'$(Configuration)' == 'Debug'">
<DalamudPackager ProjectDir="$(ProjectDir)"
OutputPath="$(OutputPath)"
AssemblyName="$(AssemblyName)"
MakeZip="false"
Author="$(Author)"
Name="$(Name)"
MinimumDalamudVersion="$(MinimumDalamudVersion)"
Punchline="$(Punchline)"
Description="$(Description)"
ApplicableVersion="$(ApplicableVersion)"
RepoUrl="$(RepoUrl)"
Tags="$(Tags)"
CategoryTags="$(CategoryTags)"
DalamudApiLevel="$(DalamudApiLevel)"
LoadRequiredState="$(LoadRequiredState)"
LoadSync="$(LoadSync)"
CanUnloadAsync="$(CanUnloadAsync)"
LoadPriority="$(LoadPriority)"
ImageUrls="$(ImageUrls)"
IconUrl="$(IconUrl)"
Changelog="$(Changelog)"
AcceptsFeedback="$(AcceptsFeedback)"
FeedbackMessage="$(FeedbackMessage)"
HandleImages="true"
ImagesPath="$(ProjectDir)images" />
</Target>
<Target Name="HellionDalamudPackagerRelease"
AfterTargets="Build"
Condition="'$(Configuration)' == 'Release'">
<DalamudPackager ProjectDir="$(ProjectDir)"
OutputPath="$(OutputPath)"
AssemblyName="$(AssemblyName)"
MakeZip="true"
Author="$(Author)"
Name="$(Name)"
MinimumDalamudVersion="$(MinimumDalamudVersion)"
Punchline="$(Punchline)"
Description="$(Description)"
ApplicableVersion="$(ApplicableVersion)"
RepoUrl="$(RepoUrl)"
Tags="$(Tags)"
CategoryTags="$(CategoryTags)"
DalamudApiLevel="$(DalamudApiLevel)"
LoadRequiredState="$(LoadRequiredState)"
LoadSync="$(LoadSync)"
CanUnloadAsync="$(CanUnloadAsync)"
LoadPriority="$(LoadPriority)"
ImageUrls="$(ImageUrls)"
IconUrl="$(IconUrl)"
Changelog="$(Changelog)"
AcceptsFeedback="$(AcceptsFeedback)"
FeedbackMessage="$(FeedbackMessage)"
HandleImages="true"
ImagesPath="$(ProjectDir)images" />
</Target>
</Project>
ChatTwo/HellionChat.yaml
+66
View File
@@ -33,6 +33,10 @@ description: |-
Based on Chat 2 by Infi and Anna, licensed under EUPL-1.2. Based on Chat 2 by Infi and Anna, licensed under EUPL-1.2.
repo_url: https://github.com/JonKazama-Hellion/HellionChat repo_url: https://github.com/JonKazama-Hellion/HellionChat
accepts_feedback: true accepts_feedback: true
icon_url: https://raw.githubusercontent.com/JonKazama-Hellion/HellionChat/main/ChatTwo/images/icon.png
image_urls:
- https://raw.githubusercontent.com/JonKazama-Hellion/HellionChat/main/ChatTwo/images/chatWindow.png
- https://raw.githubusercontent.com/JonKazama-Hellion/HellionChat/main/ChatTwo/images/withSimpleTweaks.png
tags: tags:
- Social - Social
- UI - UI
@@ -40,6 +44,68 @@ tags:
- Replacement - Replacement
- Privacy - Privacy
changelog: |- changelog: |-
**Hellion Chat 0.5.3 — Pointer arithmetic hardening**
Single hardening fix on top of v0.5.2.
Security:
- Closed CodeQL Critical alert "unvalidated local pointer
arithmetic" in ImGuiUtil.WrapText. The earlier v0.5.2 fix
handled the empty-input edge case but the rule re-fired on the
pointer arithmetic itself because Encoding.GetBytes is virtual
on the base Encoding class and CodeQL therefore tracks its
return as untrusted input. Now compute the expected byte count
via GetByteCount on the same encoder and bail out if a swapped
Encoding ever returned a buffer of the wrong length. Real
consistency check, not a dead defensive guard.
No new features, no migration, configuration version stays at 10.
Based on Chat 2 1.35.3 (upstream Infiziert90/ChatTwo, EUPL-1.2).
**Hellion Chat 0.5.2 — Bugfix patch**
Three corrections to the v0.5.1 surface plus two security findings
closed by the new manual-build CodeQL workflow. No new features, no
migration, configuration version stays at 10.
Bug fixes:
- Auto-Tell-Tabs: the "earlier conversations" separator no longer
lands below the live tell. The triggering message was already
persisted in the store by the time the spawn handler fired, so
it appeared as the youngest historic message. The preload now
excludes the live tell explicitly and pulls one extra row so the
user does not lose a slot to the exclusion.
- General/Aussehen: HellionThemeWindowOpacity ships at 0.5 so a
fresh install lands at the more glass-like default. Existing
users keep their saved value.
- General/Allgemein: Use24HourClock ships at true so a German /
European install starts on 24h time without a manual flip.
- Tabs/Gruppe: the default Gruppe preset no longer auto-routes
/party into the tab. The tab still collects /party, /alliance,
/pvpteam together as a read surface but does not steal the
input focus when you wanted /alliance.
Security:
- Closed CodeQL Critical alert "unvalidated local pointer
arithmetic" in ImGuiUtil.WrapText: empty splits between
consecutive newlines produced a zero-length byte array whose
fixed pointer collapsed onto its end pointer. Bail before the
fixed block when the slice is empty.
- Closed CodeQL Medium alert "workflow does not contain
permissions" by pinning the build workflow to contents: read.
Documentation: README now carries Build, CodeQL, License, Latest
Release, Dalamud API, .NET and FFXIV badges. License detection
picks up EUPL-1.2 correctly via a separated COPYRIGHT file. Added
NOTICE.md and UPSTREAM_SYNC.md after leaving the GitHub fork
network.
Based on Chat 2 1.35.3 (upstream Infiziert90/ChatTwo, EUPL-1.2).
**Hellion Chat 0.5.1 — Backlog Sweep** **Hellion Chat 0.5.1 — Backlog Sweep**
Pure hardening and polish. No new features. Eight backlog items Pure hardening and polish. No new features. Eight backlog items
ChatTwo/Util/ImGuiUtil.cs
+14 -7
View File
@@ -93,19 +93,26 @@ internal static class ImGuiUtil
foreach (var part in csText.Split(["\r\n", "\r", "\n"], StringSplitOptions.None)) foreach (var part in csText.Split(["\r\n", "\r", "\n"], StringSplitOptions.None))
{ {
// Encoding.GetBytes is virtual, so the returned array's
// Length is treated as untrusted by CodeQL for pointer
// arithmetic ("cs/unvalidated-local-pointer-arithmetic").
// Compute the expected byte count against the same encoder
// and bail out if a swapped-in encoding ever returned a
// mismatched buffer. Also drops empty splits so the textEnd
// pointer below cannot collapse onto text.
var expectedLength = Encoding.UTF8.GetByteCount(part);
var bytes = Encoding.UTF8.GetBytes(part); var bytes = Encoding.UTF8.GetBytes(part);
fixed (byte* rawText = bytes) if (expectedLength == 0 || bytes.Length != expectedLength)
{
var text = rawText;
var textEnd = text + bytes.Length;
// empty string
if (text == null)
{ {
ImGui.TextUnformatted(""); ImGui.TextUnformatted("");
continue; continue;
} }
fixed (byte* rawText = bytes)
{
var text = rawText;
var textEnd = text + expectedLength;
var widthLeft = ImGui.GetContentRegionAvail().X; var widthLeft = ImGui.GetContentRegionAvail().X;
var endPrevLine = ImGuiNative.CalcWordWrapPositionA(ImGui.GetFont().Handle, ImGuiHelpers.GlobalScale, text, textEnd, widthLeft); var endPrevLine = ImGuiNative.CalcWordWrapPositionA(ImGui.GetFont().Handle, ImGuiHelpers.GlobalScale, text, textEnd, widthLeft);
if (endPrevLine == null) if (endPrevLine == null)
ChatTwo/Util/TabsUtil.cs
+4 -1
View File
@@ -108,7 +108,10 @@ public static class TabsUtil
[ChatType.LootNotice] = (ChatSourceExt.All, ChatSourceExt.All), [ChatType.LootNotice] = (ChatSourceExt.All, ChatSourceExt.All),
[ChatType.LootRoll] = (ChatSourceExt.All, ChatSourceExt.All), [ChatType.LootRoll] = (ChatSourceExt.All, ChatSourceExt.All),
}, },
Channel = InputChannel.Party, // No automatic input-channel switch; the Gruppe tab is a read
// surface that pulls in Party, CrossParty, Alliance and PvpTeam
// together. Auto-routing /party into this tab would surprise the
// user when they actually wanted /alliance or /pvpteam.
}; };
public static Tab HellionBeginner => new() public static Tab HellionBeginner => new()
ChatTwo/packages.lock.json
+20 -20
View File
@@ -27,13 +27,13 @@
}, },
"Microsoft.Data.Sqlite": { "Microsoft.Data.Sqlite": {
"type": "Direct", "type": "Direct",
"requested": "[9.0.0, )", "requested": "[10.0.7, )",
"resolved": "9.0.0", "resolved": "10.0.7",
"contentHash": "lw6wthgXGx3r/U775k1UkUAWIn0kAT0wj4ZRq0WlhPx4WAOiBsIjgDKgWkXcNTGT0KfHiClkM+tyPVFDvxeObw==", "contentHash": "DZ6G2QuyPrsh5VS+wfiZbNBtYT6p+CkxXjD0aZHF04xso7QsG/uk0JpG30hzYlK6u/wtTzta1Dqfgbc/Sl2sDA==",
"dependencies": { "dependencies": {
"Microsoft.Data.Sqlite.Core": "9.0.0", "Microsoft.Data.Sqlite.Core": "10.0.7",
"SQLitePCLRaw.bundle_e_sqlite3": "2.1.10", "SQLitePCLRaw.bundle_e_sqlite3": "2.1.11",
"SQLitePCLRaw.core": "2.1.10" "SQLitePCLRaw.core": "2.1.11"
} }
}, },
"morelinq": { "morelinq": {
@@ -66,10 +66,10 @@
}, },
"Microsoft.Data.Sqlite.Core": { "Microsoft.Data.Sqlite.Core": {
"type": "Transitive", "type": "Transitive",
"resolved": "9.0.0", "resolved": "10.0.7",
"contentHash": "cFfZjFL+tqzGYw9lB31EkV1IWF5xRQNk2k+MQd+Cf86Gl6zTeAoiZIFw5sRB1Z8OxpEC7nu+nTDsLSjieBAPTw==", "contentHash": "xVrtBg3M1wJlBDkoT0dXEYB/wSc8bIHJPYtw/bu1AqpWgF79uPSs87DAhERR/Ilumre6TKZa1cjMg3VUUObVLA==",
"dependencies": { "dependencies": {
"SQLitePCLRaw.core": "2.1.10" "SQLitePCLRaw.core": "2.1.11"
} }
}, },
"Microsoft.NET.StringTools": { "Microsoft.NET.StringTools": {
@@ -79,29 +79,29 @@
}, },
"SQLitePCLRaw.bundle_e_sqlite3": { "SQLitePCLRaw.bundle_e_sqlite3": {
"type": "Transitive", "type": "Transitive",
"resolved": "2.1.10", "resolved": "2.1.11",
"contentHash": "UxWuisvZ3uVcVOLJQv7urM/JiQH+v3TmaJc1BLKl5Dxfm/nTzTUrqswCqg/INiYLi61AXnHo1M1JPmPqqLnAdg==", "contentHash": "DC4nA7yWnf4UZdgJDF+9Mus4/cb0Y3Sfgi3gDnAoKNAIBwzkskNAbNbyu+u4atT0ruVlZNJfwZmwiEwE5oz9LQ==",
"dependencies": { "dependencies": {
"SQLitePCLRaw.lib.e_sqlite3": "2.1.10", "SQLitePCLRaw.lib.e_sqlite3": "2.1.11",
"SQLitePCLRaw.provider.e_sqlite3": "2.1.10" "SQLitePCLRaw.provider.e_sqlite3": "2.1.11"
} }
}, },
"SQLitePCLRaw.core": { "SQLitePCLRaw.core": {
"type": "Transitive", "type": "Transitive",
"resolved": "2.1.10", "resolved": "2.1.11",
"contentHash": "Ii8JCbC7oiVclaE/mbDEK000EFIJ+ShRPwAvvV89GOZhQ+ZLtlnSWl6ksCNMKu/VGXA4Nfi2B7LhN/QFN9oBcw==" "contentHash": "PK0GLFkfhZzLQeR3PJf71FmhtHox+U3vcY6ZtswoMjrefkB9k6ErNJEnwXqc5KgXDSjige2XXrezqS39gkpQKA=="
}, },
"SQLitePCLRaw.lib.e_sqlite3": { "SQLitePCLRaw.lib.e_sqlite3": {
"type": "Transitive", "type": "Transitive",
"resolved": "2.1.10", "resolved": "2.1.11",
"contentHash": "mAr69tDbnf3QJpRy2nJz8Qdpebdil00fvycyByR58Cn9eARvR+UiG2Vzsp+4q1tV3ikwiYIjlXCQFc12GfebbA==" "contentHash": "Ev2ytaXiOlWZ4b3R67GZBsemTINslLD1DCJr2xiacpn4tbapu0Q4dHEzSvZSMnVWeE5nlObU3VZN2p81q3XOYQ=="
}, },
"SQLitePCLRaw.provider.e_sqlite3": { "SQLitePCLRaw.provider.e_sqlite3": {
"type": "Transitive", "type": "Transitive",
"resolved": "2.1.10", "resolved": "2.1.11",
"contentHash": "uZVTi02C1SxqzgT0HqTWatIbWGb40iIkfc3FpFCpE/r7g6K0PqzDUeefL6P6HPhDtc6BacN3yQysfzP7ks+wSQ==", "contentHash": "Y/0ZkR+r0Cg3DQFuCl1RBnv/tmxpIZRU3HUvelPw6MVaKHwYYR8YNvgs0vuNuXCMvlyJ+Fh88U1D4tah1tt6qw==",
"dependencies": { "dependencies": {
"SQLitePCLRaw.core": "2.1.10" "SQLitePCLRaw.core": "2.1.11"
} }
} }
} }
LICENCE
-287
View File
@@ -1,287 +0,0 @@
EUROPEAN UNION PUBLIC LICENCE v. 1.2
EUPL © the European Union 2007, 2016
This European Union Public Licence (the EUPL) applies to the Work (as defined
below) which is provided under the terms of this Licence. Any use of the Work,
other than as authorised under this Licence is prohibited (to the extent such
use is covered by a right of the copyright holder of the Work).
The Work is provided under the terms of this Licence when the Licensor (as
defined below) has placed the following notice immediately following the
copyright notice for the Work:
Licensed under the EUPL
or has expressed by any other means his willingness to license under the EUPL.
1. Definitions
In this Licence, the following terms have the following meaning:
- The Licence: this Licence.
- The Original Work: the work or software distributed or communicated by the
Licensor under this Licence, available as Source Code and also as Executable
Code as the case may be.
- Derivative Works: the works or software that could be created by the
Licensee, based upon the Original Work or modifications thereof. This Licence
does not define the extent of modification or dependence on the Original Work
required in order to classify a work as a Derivative Work; this extent is
determined by copyright law applicable in the country mentioned in Article 15.
- The Work: the Original Work or its Derivative Works.
- The Source Code: the human-readable form of the Work which is the most
convenient for people to study and modify.
- The Executable Code: any code which has generally been compiled and which is
meant to be interpreted by a computer as a program.
- The Licensor: the natural or legal person that distributes or communicates
the Work under the Licence.
- Contributor(s): any natural or legal person who modifies the Work under the
Licence, or otherwise contributes to the creation of a Derivative Work.
- The Licensee or You: any natural or legal person who makes any usage of
the Work under the terms of the Licence.
- Distribution or Communication: any act of selling, giving, lending,
renting, distributing, communicating, transmitting, or otherwise making
available, online or offline, copies of the Work or providing access to its
essential functionalities at the disposal of any other natural or legal
person.
2. Scope of the rights granted by the Licence
The Licensor hereby grants You a worldwide, royalty-free, non-exclusive,
sublicensable licence to do the following, for the duration of copyright vested
in the Original Work:
- use the Work in any circumstance and for all usage,
- reproduce the Work,
- modify the Work, and make Derivative Works based upon the Work,
- communicate to the public, including the right to make available or display
the Work or copies thereof to the public and perform publicly, as the case may
be, the Work,
- distribute the Work or copies thereof,
- lend and rent the Work or copies thereof,
- sublicense rights in the Work or copies thereof.
Those rights can be exercised on any media, supports and formats, whether now
known or later invented, as far as the applicable law permits so.
In the countries where moral rights apply, the Licensor waives his right to
exercise his moral right to the extent allowed by law in order to make effective
the licence of the economic rights here above listed.
The Licensor grants to the Licensee royalty-free, non-exclusive usage rights to
any patents held by the Licensor, to the extent necessary to make use of the
rights granted on the Work under this Licence.
3. Communication of the Source Code
The Licensor may provide the Work either in its Source Code form, or as
Executable Code. If the Work is provided as Executable Code, the Licensor
provides in addition a machine-readable copy of the Source Code of the Work
along with each copy of the Work that the Licensor distributes or indicates, in
a notice following the copyright notice attached to the Work, a repository where
the Source Code is easily and freely accessible for as long as the Licensor
continues to distribute or communicate the Work.
4. Limitations on copyright
Nothing in this Licence is intended to deprive the Licensee of the benefits from
any exception or limitation to the exclusive rights of the rights owners in the
Work, of the exhaustion of those rights or of other applicable limitations
thereto.
5. Obligations of the Licensee
The grant of the rights mentioned above is subject to some restrictions and
obligations imposed on the Licensee. Those obligations are the following:
Attribution right: The Licensee shall keep intact all copyright, patent or
trademarks notices and all notices that refer to the Licence and to the
disclaimer of warranties. The Licensee must include a copy of such notices and a
copy of the Licence with every copy of the Work he/she distributes or
communicates. The Licensee must cause any Derivative Work to carry prominent
notices stating that the Work has been modified and the date of modification.
Copyleft clause: If the Licensee distributes or communicates copies of the
Original Works or Derivative Works, this Distribution or Communication will be
done under the terms of this Licence or of a later version of this Licence
unless the Original Work is expressly distributed only under this version of the
Licence — for example by communicating EUPL v. 1.2 only. The Licensee
(becoming Licensor) cannot offer or impose any additional terms or conditions on
the Work or Derivative Work that alter or restrict the terms of the Licence.
Compatibility clause: If the Licensee Distributes or Communicates Derivative
Works or copies thereof based upon both the Work and another work licensed under
a Compatible Licence, this Distribution or Communication can be done under the
terms of this Compatible Licence. For the sake of this clause, Compatible
Licence refers to the licences listed in the appendix attached to this Licence.
Should the Licensee's obligations under the Compatible Licence conflict with
his/her obligations under this Licence, the obligations of the Compatible
Licence shall prevail.
Provision of Source Code: When distributing or communicating copies of the Work,
the Licensee will provide a machine-readable copy of the Source Code or indicate
a repository where this Source will be easily and freely available for as long
as the Licensee continues to distribute or communicate the Work.
Legal Protection: This Licence does not grant permission to use the trade names,
trademarks, service marks, or names of the Licensor, except as required for
reasonable and customary use in describing the origin of the Work and
reproducing the content of the copyright notice.
6. Chain of Authorship
The original Licensor warrants that the copyright in the Original Work granted
hereunder is owned by him/her or licensed to him/her and that he/she has the
power and authority to grant the Licence.
Each Contributor warrants that the copyright in the modifications he/she brings
to the Work are owned by him/her or licensed to him/her and that he/she has the
power and authority to grant the Licence.
Each time You accept the Licence, the original Licensor and subsequent
Contributors grant You a licence to their contributions to the Work, under the
terms of this Licence.
7. Disclaimer of Warranty
The Work is a work in progress, which is continuously improved by numerous
Contributors. It is not a finished work and may therefore contain defects or
bugs inherent to this type of development.
For the above reason, the Work is provided under the Licence on an as is basis
and without warranties of any kind concerning the Work, including without
limitation merchantability, fitness for a particular purpose, absence of defects
or errors, accuracy, non-infringement of intellectual property rights other than
copyright as stated in Article 6 of this Licence.
This disclaimer of warranty is an essential part of the Licence and a condition
for the grant of any rights to the Work.
8. Disclaimer of Liability
Except in the cases of wilful misconduct or damages directly caused to natural
persons, the Licensor will in no event be liable for any direct or indirect,
material or moral, damages of any kind, arising out of the Licence or of the use
of the Work, including without limitation, damages for loss of goodwill, work
stoppage, computer failure or malfunction, loss of data or any commercial
damage, even if the Licensor has been advised of the possibility of such damage.
However, the Licensor will be liable under statutory product liability laws as
far such laws apply to the Work.
9. Additional agreements
While distributing the Work, You may choose to conclude an additional agreement,
defining obligations or services consistent with this Licence. However, if
accepting obligations, You may act only on your own behalf and on your sole
responsibility, not on behalf of the original Licensor or any other Contributor,
and only if You agree to indemnify, defend, and hold each Contributor harmless
for any liability incurred by, or claims asserted against such Contributor by
the fact You have accepted any warranty or additional liability.
10. Acceptance of the Licence
The provisions of this Licence can be accepted by clicking on an icon I agree
placed under the bottom of a window displaying the text of this Licence or by
affirming consent in any other similar way, in accordance with the rules of
applicable law. Clicking on that icon indicates your clear and irrevocable
acceptance of this Licence and all of its terms and conditions.
Similarly, you irrevocably accept this Licence and all of its terms and
conditions by exercising any rights granted to You by Article 2 of this Licence,
such as the use of the Work, the creation by You of a Derivative Work or the
Distribution or Communication by You of the Work or copies thereof.
11. Information to the public
In case of any Distribution or Communication of the Work by means of electronic
communication by You (for example, by offering to download the Work from a
remote location) the distribution channel or media (for example, a website) must
at least provide to the public the information requested by the applicable law
regarding the Licensor, the Licence and the way it may be accessible, concluded,
stored and reproduced by the Licensee.
12. Termination of the Licence
The Licence and the rights granted hereunder will terminate automatically upon
any breach by the Licensee of the terms of the Licence.
Such a termination will not terminate the licences of any person who has
received the Work from the Licensee under the Licence, provided such persons
remain in full compliance with the Licence.
13. Miscellaneous
Without prejudice of Article 9 above, the Licence represents the complete
agreement between the Parties as to the Work.
If any provision of the Licence is invalid or unenforceable under applicable
law, this will not affect the validity or enforceability of the Licence as a
whole. Such provision will be construed or reformed so as necessary to make it
valid and enforceable.
The European Commission may publish other linguistic versions or new versions of
this Licence or updated versions of the Appendix, so far this is required and
reasonable, without reducing the scope of the rights granted by the Licence. New
versions of the Licence will be published with a unique version number.
All linguistic versions of this Licence, approved by the European Commission,
have identical value. Parties can take advantage of the linguistic version of
their choice.
14. Jurisdiction
Without prejudice to specific agreement between parties,
- any litigation resulting from the interpretation of this License, arising
between the European Union institutions, bodies, offices or agencies, as a
Licensor, and any Licensee, will be subject to the jurisdiction of the Court
of Justice of the European Union, as laid down in article 272 of the Treaty on
the Functioning of the European Union,
- any litigation arising between other parties and resulting from the
interpretation of this License, will be subject to the exclusive jurisdiction
of the competent court where the Licensor resides or conducts its primary
business.
15. Applicable Law
Without prejudice to specific agreement between parties,
- this Licence shall be governed by the law of the European Union Member State
where the Licensor has his seat, resides or has his registered office,
- this licence shall be governed by Belgian law if the Licensor has no seat,
residence or registered office inside a European Union Member State.
Appendix
Compatible Licences according to Article 5 EUPL are:
- GNU General Public License (GPL) v. 2, v. 3
- GNU Affero General Public License (AGPL) v. 3
- Open Software License (OSL) v. 2.1, v. 3.0
- Eclipse Public License (EPL) v. 1.0
- CeCILL v. 2.0, v. 2.1
- Mozilla Public Licence (MPL) v. 2
- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3
- Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0) for
works other than software
- European Union Public Licence (EUPL) v. 1.1, v. 1.2
- Québec Free and Open-Source Licence — Reciprocity (LiLiQ-R) or Strong
Reciprocity (LiLiQ-R+).
The European Commission may update this Appendix to later versions of the above
licences without producing a new version of the EUPL, as long as they provide
the rights granted in Article 2 of this Licence and protect the covered Source
Code from exclusive appropriation.
All other changes or additions to this Appendix require the production of a new
EUPL version.
LICENSE
+306
View File
@@ -0,0 +1,306 @@
EUROPEAN UNION PUBLIC LICENCE v. 1.2
EUPL (c) the European Union 2007, 2016
This European Union Public Licence (the 'EUPL') applies to the Work (as
defined below) which is provided under the terms of this Licence. Any use
of the Work, other than as authorised under this Licence is prohibited (to
the extent such use is covered by a right of the copyright holder of the
Work).
The Work is provided under the terms of this Licence when the Licensor (as
defined below) has placed the following notice immediately following the
copyright notice for the Work:
Licensed under the EUPL
or has expressed by any other means his willingness to license under the
EUPL.
1. Definitions
In this Licence, the following terms have the following meaning:
- 'The Licence': this Licence.
- 'The Original Work': the work or software distributed or communicated by
the Licensor under this Licence, available as Source Code and also as
Executable Code as the case may be.
- 'Derivative Works': the works or software that could be created by the
Licensee, based upon the Original Work or modifications thereof. This
Licence does not define the extent of modification or dependence on the
Original Work required in order to classify a work as a Derivative Work;
this extent is determined by copyright law applicable in the country
mentioned in Article 15.
- 'The Work': the Original Work or its Derivative Works.
- 'The Source Code': the human-readable form of the Work which is the most
convenient for people to study and modify.
- 'The Executable Code': any code which has generally been compiled and
which is meant to be interpreted by a computer as a program.
- 'The Licensor': the natural or legal person that distributes or
communicates the Work under the Licence.
- 'Contributor(s)': any natural or legal person who modifies the Work under
the Licence, or otherwise contributes to the creation of a Derivative
Work.
- 'The Licensee' or 'You': any natural or legal person who makes any usage
of the Work under the terms of the Licence.
- 'Distribution' or 'Communication': any act of selling, giving, lending,
renting, distributing, communicating, transmitting, or otherwise making
available, online or offline, copies of the Work or providing access to
its essential functionalities at the disposal of any other natural or
legal person.
2. Scope of the rights granted by the Licence
The Licensor hereby grants You a worldwide, royalty-free, non-exclusive,
sublicensable licence to do the following, for the duration of copyright
vested in the Original Work:
- use the Work in any circumstance and for all usage,
- reproduce the Work,
- modify the Work, and make Derivative Works based upon the Work,
- communicate to the public, including the right to make available or
display the Work or copies thereof to the public and perform publicly,
as the case may be, the Work,
- distribute the Work or copies thereof,
- lend and rent the Work or copies thereof,
- sublicense rights in the Work or copies thereof.
Those rights can be exercised on any media, supports and formats, whether
now known or later invented, as far as the applicable law permits so.
In the countries where moral rights apply, the Licensor waives his right
to exercise his moral right to the extent allowed by law in order to make
effective the licence of the economic rights here above listed.
The Licensor grants to the Licensee royalty-free, non-exclusive usage
rights to any patents held by the Licensor, to the extent necessary to
make use of the rights granted on the Work under this Licence.
3. Communication of the Source Code
The Licensor may provide the Work either in its Source Code form, or as
Executable Code. If the Work is provided as Executable Code, the Licensor
provides in addition a machine-readable copy of the Source Code of the
Work along with each copy of the Work that the Licensor distributes or
indicates, in a notice following the copyright notice attached to the
Work, a repository where the Source Code is easily and freely accessible
for as long as the Licensor continues to distribute or communicate the
Work.
4. Limitations on copyright
Nothing in this Licence is intended to deprive the Licensee of the
benefits from any exception or limitation to the exclusive rights of the
rights owners in the Work, of the exhaustion of those rights or of other
applicable limitations thereto.
5. Obligations of the Licensee
The grant of the rights mentioned above is subject to some restrictions
and obligations imposed on the Licensee. Those obligations are the
following:
Attribution right: The Licensee shall keep intact all copyright, patent or
trademarks notices and all notices that refer to the Licence and to the
disclaimer of warranties. The Licensee must include a copy of such notices
and a copy of the Licence with every copy of the Work he/she distributes
or communicates. The Licensee must cause any Derivative Work to carry
prominent notices stating that the Work has been modified and the date of
modification.
Copyleft clause: If the Licensee distributes or communicates copies of the
Original Works or Derivative Works, this Distribution or Communication
will be done under the terms of this Licence or of a later version of
this Licence unless the Original Work is expressly distributed only under
this version of the Licence. The Licensee (becoming Licensor) cannot
offer or impose any additional terms or conditions on the Work or
Derivative Work that alter or restrict the terms of the Licence.
Compatibility clause: If the Licensee Distributes or Communicates
Derivative Works or copies thereof based upon both the Work and another
work licensed under a Compatible Licence, this Distribution or
Communication can be done under the terms of this Compatible Licence. For
the sake of this clause, 'Compatible Licence' refers to the licences
listed in the appendix attached to this Licence. Should the Licensee's
obligations under the Compatible Licence conflict with his/her obligations
under this Licence, the obligations of the Compatible Licence shall
prevail.
Provision of Source Code: When distributing or communicating copies of
the Work, the Licensee will provide a machine-readable copy of the Source
Code or indicate a repository where this Source will be easily and freely
available for as long as the Licensee continues to distribute or
communicate the Work.
Legal Protection: This Licence does not grant permission to use the trade
names, trademarks, service marks, or names of the Licensor, except as
required for reasonable and customary use in describing the origin of the
Work and reproducing the content of the copyright notice.
6. Chain of Authorship
The original Licensor warrants that the copyright in the Original Work
granted hereunder is owned by him/her or licensed to him/her and that
he/she has the power and authority to grant the Licence.
Each Contributor warrants that the copyright in the modifications he/she
brings to the Work are owned by him/her or licensed to him/her and that
he/she has the power and authority to grant the Licence.
Each time You accept the Licence, the original Licensor and subsequent
Contributors grant You a licence to their contributions to the Work,
under the terms of this Licence.
7. Disclaimer of Warranty
The Work is a work in progress, which is continuously improved by
numerous Contributors. It is not a finished work and may therefore contain
defects or 'bugs' inherent to this type of development.
For the above reason, the Work is provided under the Licence on an 'as
is' basis and without warranties of any kind concerning the Work,
including without limitation merchantability, fitness for a particular
purpose, absence of defects or errors, accuracy, non-infringement of
intellectual property rights other than copyright as stated in Article 6
of this Licence.
This disclaimer of warranty is an essential part of the Licence and a
condition for the grant of any rights to the Work.
8. Disclaimer of Liability
Except in the cases of wilful misconduct or damages directly caused to
natural persons, the Licensor will in no event be liable for any direct
or indirect, material or moral, damages of any kind, arising out of the
Licence or of the use of the Work, including without limitation, damages
for loss of goodwill, work stoppage, computer failure or malfunction,
loss of data or any commercial damage, even if the Licensor has been
advised of the possibility of such damage. However, the Licensor will be
liable under statutory product liability laws as far such laws apply to
the Work.
9. Additional agreements
While distributing the Work, You may choose to conclude an additional
agreement, defining obligations or services consistent with this Licence.
However, if accepting obligations, You may act only on your own behalf
and on your sole responsibility, not on behalf of the original Licensor
or any other Contributor, and only if You agree to indemnify, defend, and
hold each Contributor harmless for any liability incurred by, or claims
asserted against such Contributor by the fact You have accepted any
warranty or additional liability.
10. Acceptance of the Licence
The provisions of this Licence can be accepted by clicking on an icon 'I
agree' placed under the bottom of a window displaying the text of this
Licence or by affirming consent in any other similar way, in accordance
with the rules of applicable law. Clicking on that icon indicates your
clear and irrevocable acceptance of this Licence and all of its terms and
conditions.
Similarly, you irrevocably accept this Licence and all of its terms and
conditions by exercising any rights granted to You by Article 2 of this
Licence, such as the use of the Work, the creation by You of a Derivative
Work or the Distribution or Communication by You of the Work or copies
thereof.
11. Information to the public
In case of any Distribution or Communication of the Work by means of
electronic communication by You (for example, by offering to download the
Work from a remote location) the distribution channel or media (for
example, a website) must at least provide to the public the information
requested by the applicable law regarding the Licensor, the Licence and
the way it may be accessible, concluded, stored and reproduced by the
Licensee.
12. Termination of the Licence
The Licence and the rights granted hereunder will terminate automatically
upon any breach by the Licensee of the terms of the Licence.
Such a termination will not terminate the licences of any person who has
received the Work from the Licensee under the Licence, provided such
persons remain in full compliance with the Licence.
13. Miscellaneous
Without prejudice of Article 9 above, the Licence represents the complete
agreement between the Parties as to the Work.
If any provision of the Licence is invalid or unenforceable under
applicable law, this will not affect the validity or enforceability of
the Licence as a whole. Such provision will be construed or reformed so
as necessary to make it valid and enforceable.
The European Commission may publish other linguistic versions or new
versions of this Licence or updated versions of the Appendix, so far this
is required and reasonable, without reducing the scope of the rights
granted by the Licence. New versions of the Licence will be published
with a unique version number.
All linguistic versions of this Licence, approved by the European
Commission, have identical value. Parties can take advantage of the
linguistic version of their choice.
14. Jurisdiction
Without prejudice to specific agreement between parties,
- any litigation resulting from the interpretation of this License,
arising between the European Union institutions, bodies, offices or
agencies, as a Licensor, and any Licensee, will be subject to the
jurisdiction of the Court of Justice of the European Union, as laid
down in article 272 of the Treaty on the Functioning of the European
Union,
- any litigation arising between other parties and resulting from the
interpretation of this License, will be subject to the exclusive
jurisdiction of the competent court where the Licensor resides or
conducts its primary business.
15. Applicable Law
Without prejudice to specific agreement between parties,
- this Licence shall be governed by the law of the European Union Member
State where the Licensor has his seat, resides or has his registered
office,
- this licence shall be governed by Belgian law if the Licensor has no
seat, residence or registered office inside a European Union Member
State.
Appendix
'Compatible Licences' according to Article 5 EUPL are:
- GNU General Public License (GPL) v. 2, v. 3
- GNU Affero General Public License (AGPL) v. 3
- Open Software License (OSL) v. 2.1, v. 3.0
- Eclipse Public License (EPL) v. 1.0
- CeCILL v. 2.0, v. 2.1
- Mozilla Public Licence (MPL) v. 2
- GNU Lesser General Public Licence (LGPL) v. 2.1, v. 3
- Creative Commons Attribution-ShareAlike v. 3.0 Unported (CC BY-SA 3.0)
for works other than software
- European Union Public Licence (EUPL) v. 1.1, v. 1.2
- Quebec Free and Open-Source Licence — Reciprocity (LiLiQ-R) or Strong
Reciprocity (LiLiQ-R+)
The European Commission may update this Appendix to later versions of the
above licences without producing a new version of the EUPL, as long as
they provide the rights granted in Article 2 of this Licence and protect
the covered Source Code from exclusive appropriation.
All other changes or additions to this Appendix require the production of
a new EUPL version.
NOTICE.md
+89
View File
@@ -0,0 +1,89 @@
# Notice
## Acknowledgements
HellionChat is a fork of [Chat 2](https://github.com/Infiziert90/ChatTwo) by
**Infiziert90 (Infi)** and **Anna Clemens**, both of whom kept that plugin
running and maintained for years before I ever opened the source. Without
their work this fork would not exist, full stop. I owe them the architecture,
the message store, the channel filtering, the sidebar tab system, the
hooks into FFXIV's chat, the localisation infrastructure, and countless
small decisions that I only noticed because they had already been made
correctly.
If you find HellionChat useful, please remember that the foundation came
from Chat 2. The code Anna and Infi wrote is doing most of the heavy
lifting in this fork too.
## A direct word to Infi and Anna
Hi. I am Florian (Flo, also Jon Kazama in-game on Phoenix). I forked Chat 2
because I wanted a privacy-by-default version for my own use case and a
small group of friends I play with, not because I thought I could do
anything better than what you built. The opposite is true. ChatTwo's
default of full history and cross-character logging is the right call for
most users. I just have a different threat model and a different
data-handling philosophy that fits a smaller, locally-stored, retention-
limited approach.
What HellionChat adds is mostly Hellion-specific surface area: a privacy
filter, per-channel retention windows, an export pipeline, an Auto-Tell-
Tabs feature for FFXIV club greeters, the Hellion theme and font, German
localisation, and a settings UX rebuild. None of it touches the bones of
what you built. Where I had to modify your code I tried to keep the
edits minimal, isolated to clearly-marked Hellion files, and reversible.
Concrete example: when API 15 hit, I cherry-picked your fix for the
BetterTTV emote regression with `git cherry-pick -x` so authorship and
co-author trail stay intact. That is the standard I want to keep using as
long as both projects are alive. You should never have to look at this
fork and wonder if I quietly ate your work.
If anything in this fork ever steps on something you would not be okay
with, please reach out and I will fix it. Genuinely. The list of contacts
is below.
## Maintainer contact
If something in HellionChat causes problems, especially if it relates back
to Chat 2 or to anything Infi or Anna would want flagged:
- **GitHub Issues:** [JonKazama-Hellion/HellionChat/issues](https://github.com/JonKazama-Hellion/HellionChat/issues)
- **Discord:** `@j.j_kazama`
- **Email (business):** maintainer@hellion-media.de
I respond on weekdays during European business hours. For anything
urgent (security, attribution, takedown), email is the fastest path.
## Why this fork is not upstreamed
The privacy-by-default position fits a small audience. ChatTwo's
full-history-by-default position fits a much larger one, including the
roleplaying community where chat archive is part of the play experience.
Trying to upstream HellionChat's defaults would have meant arguing that
Chat 2's defaults are wrong, and they are not. They are right for the
user base ChatTwo serves. So I keep the fork separate, attribute clearly,
and pull selected upstream patches when they apply.
## Why HellionChat left the GitHub fork network
The Dalamud plugin ecosystem treats the GitHub-Fork relation as a signal
that a fork is either a development branch or a dead mirror. HellionChat
is neither. It is an independently-maintained EUPL-1.2 fork with its own
release cadence, its own custom repo, its own user base. Detaching the
fork-network relation just makes the situation honest. The git history,
the cherry-pick trail, and the attribution stay exactly the same. The
only thing that changes is the GitHub UI no longer says "forked from".
## Trademarks and naming
"Chat 2" and "ChatTwo" are the names Infi and Anna chose for the upstream
plugin. HellionChat does not use either of those names in user-facing
copy except where required to describe origin (settings tab, manifest,
this file, the README). The Hellion brand is mine.
## Questions
This file is the canonical place for "is this attribution correct, is the
maintainer reachable, is the relationship to Chat 2 documented". If
anything in here is wrong, please open an issue or contact me directly.
README.md
+15 -3
View File
@@ -1,10 +1,22 @@
# Hellion Chat # Hellion Chat
**Version 0.3.1** — DSGVO-bewusste Erweiterung von [Chat 2](https://github.com/Infiziert90/ChatTwo) für FINAL FANTASY XIV / Dalamud. [![Build](https://github.com/JonKazama-Hellion/HellionChat/actions/workflows/build.yml/badge.svg?branch=main)](https://github.com/JonKazama-Hellion/HellionChat/actions/workflows/build.yml)
[![CodeQL](https://github.com/JonKazama-Hellion/HellionChat/actions/workflows/github-code-scanning/codeql/badge.svg?branch=main)](https://github.com/JonKazama-Hellion/HellionChat/security/code-scanning)
[![License: EUPL-1.2](https://img.shields.io/badge/License-EUPL--1.2-blue.svg)](LICENSE)
[![Latest release](https://img.shields.io/github/v/release/JonKazama-Hellion/HellionChat?display_name=tag&sort=semver&color=brightgreen)](https://github.com/JonKazama-Hellion/HellionChat/releases/latest)
[![Dalamud API](https://img.shields.io/badge/Dalamud-API_15-purple)](https://github.com/goatcorp/Dalamud)
[![.NET](https://img.shields.io/badge/.NET-10.0-512BD4)](https://dotnet.microsoft.com/)
[![FFXIV](https://img.shields.io/badge/FFXIV-Dawntrail-c3a37f)](https://www.finalfantasyxiv.com/)
**Version 0.5.1** — DSGVO-bewusste Erweiterung von [Chat 2](https://github.com/Infiziert90/ChatTwo) für FINAL FANTASY XIV / Dalamud.
Hellion Chat baut auf Chat 2 auf und ergänzt es um Datenschutz- und Daten-Handling-Kontrollen, die mit den Datenschutz-Regeln in der EU, den USA und Japan im Einklang sind. Alle Chat-2-Funktionen, Befehle und Tastenkürzel funktionieren unverändert. Eigenständiger Plugin-Slot, eigene Konfiguration, eigene Datenbank. Hellion Chat baut auf Chat 2 auf und ergänzt es um Datenschutz- und Daten-Handling-Kontrollen, die mit den Datenschutz-Regeln in der EU, den USA und Japan im Einklang sind. Alle Chat-2-Funktionen, Befehle und Tastenkürzel funktionieren unverändert. Eigenständiger Plugin-Slot, eigene Konfiguration, eigene Datenbank.
Privates Repository, EUPL-1.2-lizenziert. Distribution über Custom-Repo während der Bootstrap-Phase. Eigenständiges Repository, EUPL-1.2-lizenziert. Distribution über Custom-Repo. Selektive Cherry-Picks von Upstream-Chat-2 nach Bedarf, dokumentiert in [UPSTREAM_SYNC.md](UPSTREAM_SYNC.md).
## Acknowledgements
Hellion Chat baut auf [Chat 2](https://github.com/Infiziert90/ChatTwo) von **Infiziert90 (Infi)** und **Anna Clemens** auf, die das Plugin über Jahre gepflegt haben bevor ich den Source-Code überhaupt gesehen habe. Die ganze Kern-Architektur, der Message-Store, die Channel-Logik, das Hook-System und vieles mehr stammt von ihnen. Wenn dir Hellion Chat hilft, dann läuft die Anerkennung dafür zu großen Teilen an Infi und Anna. Eine ausführliche Danksagung liegt in [NOTICE.md](NOTICE.md).
--- ---
@@ -265,7 +277,7 @@ Phase 3 (offen, kein festes Datum):
## Lizenz ## Lizenz
EUPL-1.2 (gleiche Lizenz wie Upstream Chat 2). Siehe `LICENCE`. EUPL-1.2 (gleiche Lizenz wie Upstream Chat 2). Volltext in [LICENSE](LICENSE), Copyright-Notes mit Dual-Holder-Block in [COPYRIGHT](COPYRIGHT), persönliche Danksagung an die Upstream-Autoren in [NOTICE.md](NOTICE.md).
© 20232026 die Chat-2-Autoren (Infi, Anna und die Upstream-Contributors) für die Engine, IPC und Storage-Schicht. © 20232026 die Chat-2-Autoren (Infi, Anna und die Upstream-Contributors) für die Engine, IPC und Storage-Schicht.
© 2026 Hellion Online Media für die Hellion-Chat-Erweiterungen. © 2026 Hellion Online Media für die Hellion-Chat-Erweiterungen.
SECURITY.md
+49
View File
@@ -0,0 +1,49 @@
# Security policy
## Reporting a vulnerability
If you find a security issue in HellionChat, please do not open a public
GitHub issue. Use one of the private channels below instead so we can
investigate and ship a fix before the details go out.
**Preferred:**
[Privately report a vulnerability](https://github.com/JonKazama-Hellion/HellionChat/security/advisories/new)
through GitHub's Security Advisories. This routes the report directly to
me and keeps the conversation off the public timeline.
**Alternative:**
- Email: `maintainer@hellion-media.de`
- Discord: `@j.j_kazama`
I respond on weekdays during European business hours. For urgent
disclosures (active exploitation, user-data exposure) email is the
fastest path.
## What I treat as in scope
- Code paths in HellionChat that touch user-controlled input (chat
messages, plugin config, file paths the user can influence)
- The privacy filter in MessageStore.cs and the export pipeline
- The Configuration migration logic
- The EmoteCache HTTP client and path handling
- The Auto-Tell-Tabs spawn logic and history preload
## What is not in scope
- Issues in upstream Chat 2 that we have not modified — please report
those at <https://github.com/Infiziert90/ChatTwo/issues>
- Issues in Dalamud itself — those go to <https://github.com/goatcorp/Dalamud>
- Issues in the FFXIV game client
- Anything that needs the user to install a malicious plugin first
## Acknowledgement
I list everyone who reports a real issue in the changelog of the release
that fixes it, unless they prefer to stay anonymous. No bug bounty,
nothing financial; this is a hobby plugin.
## Disclosure window
I aim to ship a fix within 14 days for high-severity issues and within
30 days for everything else. If a fix needs more time I will say so in
the private thread.
UPSTREAM_SYNC.md
+110
View File
@@ -0,0 +1,110 @@
# Upstream sync workflow
HellionChat is a standalone EUPL-1.2 fork of [Chat 2](https://github.com/Infiziert90/ChatTwo).
We pull selected patches from upstream manually instead of running an
automated mirror. This file documents how that works so anyone (including
future-me) can do it cleanly.
## One-time setup
Add the upstream repo as a remote on a fresh clone:
```bash
git remote add upstream https://github.com/Infiziert90/ChatTwo.git
git fetch upstream
```
Verify both remotes are wired up:
```bash
git remote -v
# origin https://github.com/JonKazama-Hellion/HellionChat.git (fetch)
# origin https://github.com/JonKazama-Hellion/HellionChat.git (push)
# upstream https://github.com/Infiziert90/ChatTwo.git (fetch)
# upstream https://github.com/Infiziert90/ChatTwo.git (push)
```
You never push to `upstream`. It is read-only for us.
## Reviewing what is new upstream
Before any feature cycle starts I run a quick check:
```bash
git fetch upstream
git log --oneline main..upstream/main | head -30
```
That shows every commit Infi or contributors landed since the last sync.
Read the messages, decide which ones apply.
## What we cherry-pick
**Always:** security fixes, API-version compatibility patches (Dalamud
API 15 → 16 → ...), BetterTTV / emote-cache fixes, regression fixes for
the upstream behaviour we still rely on.
**Sometimes:** small bug fixes in `MessageManager.cs`, `MessageStore.cs`,
`ChatLogWindow.cs`, the Tabs system. Pull them when they touch code we
have not heavily modified.
**Never:** webinterface changes (the entire webinterface tree is gone in
HellionChat), changes that conflict with the privacy filter, changes that
re-add upstream defaults we deliberately reversed (full-history logging,
Tell Exclusive defaults, etc.).
## How we cherry-pick
Always with `-x` so authorship and the original commit hash stay
visible:
```bash
git checkout -b sync/upstream-<topic> main
git cherry-pick -x <upstream-commit-sha>
```
`-x` adds a `(cherry picked from commit <sha>)` line to the commit
message. That preserves the upstream-author credit and lets anyone
reading `git log` trace the change back to ChatTwo. Co-Author trail
intact, no AI lines, no "Hellion" prefix on commits that were not
authored by us.
## Conflict handling
When a cherry-pick conflicts:
1. Resolve the conflict by hand. Do not "fix" upstream code to match
Hellion conventions; that is what the merge marker showed us.
2. If the conflict is fundamental (touches code that no longer exists
in our fork), abort the cherry-pick and document why in
`Hellion Chat Backlog.md` instead. Some upstream patches are not
portable; that is fine.
3. After a successful resolve, the commit message stays identical to
the upstream message, with the `-x` cherry-pick footer Git appends
automatically. Do not rewrite the message to match our format.
## Pushing the sync
Cherry-picked commits go through the same review as our own work: the
sync branch lands in `main` via a no-fast-forward merge, then a release
tag if the user-visible behaviour changes (otherwise just merged).
```bash
git checkout main
git merge --no-ff sync/upstream-<topic> -m "merge: upstream sync — <topic>"
```
## When upstream goes silent
If Chat 2 stops receiving updates entirely we keep this workflow alive
anyway. The remote stays configured, the documentation stays here. The
moment maintenance picks back up we are ready to pull again.
## When upstream takes a direction we cannot follow
If a future ChatTwo release breaks compatibility with our privacy
philosophy in a way we cannot resolve (e.g. mandatory cloud sync,
removal of the local message store, a license change that makes EUPL
incompatible), HellionChat continues on its own from the last
compatible cherry-pick. The history we already inherited stays under
EUPL-1.2 and stays attributed.
repo.json
+6 -6
View File
File diff suppressed because one or more lines are too long