diff --git a/bukkit.yml b/bukkit.yml index 4d3572a..415395d 100644 --- a/bukkit.yml +++ b/bukkit.yml @@ -1,15 +1,15 @@ # This is the main configuration file for Bukkit. # As you can see, there's actually not that much to configure without any plugins. # For a reference for any variable inside this file, check out the Bukkit Wiki at -# http://wiki.bukkit.org/Bukkit.yml +# https://www.spigotmc.org/go/bukkit-yml # # If you need help on this file, feel free to join us on irc or leave a message # on the forums asking for advice. # # IRC: #spigot @ irc.spi.gt -# (If this means nothing to you, just go to http://www.spigotmc.org/pages/irc/ ) -# Forums: http://www.spigotmc.org/ -# Bug tracker: http://www.spigotmc.org/go/bugs +# (If this means nothing to you, just go to https://www.spigotmc.org/go/irc ) +# Forums: https://www.spigotmc.org/ +# Bug tracker: https://www.spigotmc.org/go/bugs settings: @@ -22,16 +22,17 @@ settings: query-plugins: true deprecated-verbose: false shutdown-message: The server is restarting. Please wait... + minimum-api: none spawn-limits: monsters: 70 - animals: 15 - water-animals: 5 + animals: 10 + water-animals: 15 ambient: 15 chunk-gc: - period-in-ticks: 300 - load-threshold: 300 + load-threshold: 0 + period-in-ticks: 200 ticks-per: animal-spawns: 400 monster-spawns: 100 - autosave: 100 + autosave: 200 aliases: now-in-commands.yml diff --git a/commands.yml b/commands.yml index 712ace1..4cfd015 100644 --- a/commands.yml +++ b/commands.yml @@ -1,17 +1,17 @@ # This is the commands configuration file for Bukkit. # For documentation on how to make use of this file, check out the Bukkit Wiki at -# http://wiki.bukkit.org/Commands.yml +# https://www.spigotmc.org/go/commands-yml # # If you need help on this file, feel free to join us on irc or leave a message # on the forums asking for advice. # # IRC: #spigot @ irc.spi.gt -# (If this means nothing to you, just go to http://www.spigotmc.org/pages/irc/ ) -# Forums: http://www.spigotmc.org/ -# Bug tracker: http://www.spigotmc.org/go/bugs +# (If this means nothing to you, just go to https://www.spigotmc.org/go/irc ) +# Forums: https://www.spigotmc.org/ +# Bug tracker: https://www.spigotmc.org/go/bugs command-block-overrides: [] -unrestricted-advancements: false +ignore-vanilla-permissions: false aliases: icanhasbukkit: - version $1- @@ -31,4 +31,3 @@ aliases: - [] stop: - [] -ignore-vanilla-permissions: false diff --git a/java/bin/java b/java/bin/java index ed2282c..e2fa3bf 100755 Binary files a/java/bin/java and b/java/bin/java differ diff --git a/java/conf/security/java.policy b/java/conf/security/java.policy new file mode 100644 index 0000000..1554541 --- /dev/null +++ b/java/conf/security/java.policy @@ -0,0 +1,44 @@ +// +// This system policy file grants a set of default permissions to all domains +// and can be configured to grant additional permissions to modules and other +// code sources. The code source URL scheme for modules linked into a +// run-time image is "jrt". +// +// For example, to grant permission to read the "foo" property to the module +// "com.greetings", the grant entry is: +// +// grant codeBase "jrt:/com.greetings" { +// permission java.util.PropertyPermission "foo", "read"; +// }; +// + +// default permissions granted to all domains +grant { + // allows anyone to listen on dynamic ports + permission java.net.SocketPermission "localhost:0", "listen"; + + // "standard" properies that can be read by anyone + permission java.util.PropertyPermission "java.version", "read"; + permission java.util.PropertyPermission "java.vendor", "read"; + permission java.util.PropertyPermission "java.vendor.url", "read"; + permission java.util.PropertyPermission "java.class.version", "read"; + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.version", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "file.separator", "read"; + permission java.util.PropertyPermission "path.separator", "read"; + permission java.util.PropertyPermission "line.separator", "read"; + permission java.util.PropertyPermission + "java.specification.version", "read"; + permission java.util.PropertyPermission "java.specification.vendor", "read"; + permission java.util.PropertyPermission "java.specification.name", "read"; + permission java.util.PropertyPermission + "java.vm.specification.version", "read"; + permission java.util.PropertyPermission + "java.vm.specification.vendor", "read"; + permission java.util.PropertyPermission + "java.vm.specification.name", "read"; + permission java.util.PropertyPermission "java.vm.version", "read"; + permission java.util.PropertyPermission "java.vm.vendor", "read"; + permission java.util.PropertyPermission "java.vm.name", "read"; +}; diff --git a/java/conf/security/java.security b/java/conf/security/java.security new file mode 100644 index 0000000..af7590c --- /dev/null +++ b/java/conf/security/java.security @@ -0,0 +1,1095 @@ +# +# This is the "master security properties file". +# +# An alternate java.security properties file may be specified +# from the command line via the system property +# +# -Djava.security.properties= +# +# This properties file appends to the master security properties file. +# If both properties files specify values for the same key, the value +# from the command-line properties file is selected, as it is the last +# one loaded. +# +# Also, if you specify +# +# -Djava.security.properties== (2 equals), +# +# then that properties file completely overrides the master security +# properties file. +# +# To disable the ability to specify an additional properties file from +# the command line, set the key security.overridePropertiesFile +# to false in the master security properties file. It is set to true +# by default. + +# In this file, various security properties are set for use by +# java.security classes. This is where users can statically register +# Cryptography Package Providers ("providers" for short). The term +# "provider" refers to a package or set of packages that supply a +# concrete implementation of a subset of the cryptography aspects of +# the Java Security API. A provider may, for example, implement one or +# more digital signature algorithms or message digest algorithms. +# +# Each provider must implement a subclass of the Provider class. +# To register a provider in this master security properties file, +# specify the provider and priority in the format +# +# security.provider.= +# +# This declares a provider, and specifies its preference +# order n. The preference order is the order in which providers are +# searched for requested algorithms (when no specific provider is +# requested). The order is 1-based; 1 is the most preferred, followed +# by 2, and so on. +# +# must specify the name of the Provider as passed to its super +# class java.security.Provider constructor. This is for providers loaded +# through the ServiceLoader mechanism. +# +# must specify the subclass of the Provider class whose +# constructor sets the values of various properties that are required +# for the Java Security API to look up the algorithms or other +# facilities implemented by the provider. This is for providers loaded +# through classpath. +# +# Note: Providers can be dynamically registered instead by calls to +# either the addProvider or insertProviderAt method in the Security +# class. + +# +# List of providers and their preference orders (see above): +# +security.provider.1=SUN +security.provider.2=SunRsaSign +security.provider.3=SunEC +security.provider.4=SunJSSE +security.provider.5=SunJCE +security.provider.6=SunJGSS +security.provider.7=SunSASL +security.provider.8=XMLDSig +security.provider.9=SunPCSC +security.provider.10=JdkLDAP +security.provider.11=JdkSASL +security.provider.12=SunPKCS11 + +# +# A list of preferred providers for specific algorithms. These providers will +# be searched for matching algorithms before the list of registered providers. +# Entries containing errors (parsing, etc) will be ignored. Use the +# -Djava.security.debug=jca property to debug these errors. +# +# The property is a comma-separated list of serviceType.algorithm:provider +# entries. The serviceType (example: "MessageDigest") is optional, and if +# not specified, the algorithm applies to all service types that support it. +# The algorithm is the standard algorithm name or transformation. +# Transformations can be specified in their full standard name +# (ex: AES/CBC/PKCS5Padding), or as partial matches (ex: AES, AES/CBC). +# The provider is the name of the provider. Any provider that does not +# also appear in the registered list will be ignored. +# +# There is a special serviceType for this property only to group a set of +# algorithms together. The type is "Group" and is followed by an algorithm +# keyword. Groups are to simplify and lessen the entries on the property +# line. Current groups are: +# Group.SHA2 = SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256 +# Group.HmacSHA2 = HmacSHA224, HmacSHA256, HmacSHA384, HmacSHA512 +# Group.SHA2RSA = SHA224withRSA, SHA256withRSA, SHA384withRSA, SHA512withRSA +# Group.SHA2DSA = SHA224withDSA, SHA256withDSA, SHA384withDSA, SHA512withDSA +# Group.SHA2ECDSA = SHA224withECDSA, SHA256withECDSA, SHA384withECDSA, \ +# SHA512withECDSA +# Group.SHA3 = SHA3-224, SHA3-256, SHA3-384, SHA3-512 +# Group.HmacSHA3 = HmacSHA3-224, HmacSHA3-256, HmacSHA3-384, HmacSHA3-512 +# +# Example: +# jdk.security.provider.preferred=AES/GCM/NoPadding:SunJCE, \ +# MessageDigest.SHA-256:SUN, Group.HmacSHA2:SunJCE +# +#jdk.security.provider.preferred= + + +# +# Sun Provider SecureRandom seed source. +# +# Select the primary source of seed data for the "NativePRNG", "SHA1PRNG" +# and "DRBG" SecureRandom implementations in the "Sun" provider. +# (Other SecureRandom implementations might also use this property.) +# +# On Unix-like systems (for example, Solaris/Linux/MacOS), the +# "NativePRNG", "SHA1PRNG" and "DRBG" implementations obtains seed data from +# special device files such as file:/dev/random. +# +# On Windows systems, specifying the URLs "file:/dev/random" or +# "file:/dev/urandom" will enable the native Microsoft CryptoAPI seeding +# mechanism for SHA1PRNG and DRBG. +# +# By default, an attempt is made to use the entropy gathering device +# specified by the "securerandom.source" Security property. If an +# exception occurs while accessing the specified URL: +# +# NativePRNG: +# a default value of /dev/random will be used. If neither +# are available, the implementation will be disabled. +# "file" is the only currently supported protocol type. +# +# SHA1PRNG and DRBG: +# the traditional system/thread activity algorithm will be used. +# +# The entropy gathering device can also be specified with the System +# property "java.security.egd". For example: +# +# % java -Djava.security.egd=file:/dev/random MainClass +# +# Specifying this System property will override the +# "securerandom.source" Security property. +# +# In addition, if "file:/dev/random" or "file:/dev/urandom" is +# specified, the "NativePRNG" implementation will be more preferred than +# DRBG and SHA1PRNG in the Sun provider. +# +securerandom.source=file:/dev/random + +# +# A list of known strong SecureRandom implementations. +# +# To help guide applications in selecting a suitable strong +# java.security.SecureRandom implementation, Java distributions should +# indicate a list of known strong implementations using the property. +# +# This is a comma-separated list of algorithm and/or algorithm:provider +# entries. +# +securerandom.strongAlgorithms=NativePRNGBlocking:SUN,DRBG:SUN + +# +# Sun provider DRBG configuration and default instantiation request. +# +# NIST SP 800-90Ar1 lists several DRBG mechanisms. Each can be configured +# with a DRBG algorithm name, and can be instantiated with a security strength, +# prediction resistance support, etc. This property defines the configuration +# and the default instantiation request of "DRBG" SecureRandom implementations +# in the SUN provider. (Other DRBG implementations can also use this property.) +# Applications can request different instantiation parameters like security +# strength, capability, personalization string using one of the +# getInstance(...,SecureRandomParameters,...) methods with a +# DrbgParameters.Instantiation argument, but other settings such as the +# mechanism and DRBG algorithm names are not currently configurable by any API. +# +# Please note that the SUN implementation of DRBG always supports reseeding. +# +# The value of this property is a comma-separated list of all configurable +# aspects. The aspects can appear in any order but the same aspect can only +# appear at most once. Its BNF-style definition is: +# +# Value: +# aspect { "," aspect } +# +# aspect: +# mech_name | algorithm_name | strength | capability | df +# +# // The DRBG mechanism to use. Default "Hash_DRBG" +# mech_name: +# "Hash_DRBG" | "HMAC_DRBG" | "CTR_DRBG" +# +# // The DRBG algorithm name. The "SHA-***" names are for Hash_DRBG and +# // HMAC_DRBG, default "SHA-256". The "AES-***" names are for CTR_DRBG, +# // default "AES-128" when using the limited cryptographic or "AES-256" +# // when using the unlimited. +# algorithm_name: +# "SHA-224" | "SHA-512/224" | "SHA-256" | +# "SHA-512/256" | "SHA-384" | "SHA-512" | +# "AES-128" | "AES-192" | "AES-256" +# +# // Security strength requested. Default "128" +# strength: +# "112" | "128" | "192" | "256" +# +# // Prediction resistance and reseeding request. Default "none" +# // "pr_and_reseed" - Both prediction resistance and reseeding +# // support requested +# // "reseed_only" - Only reseeding support requested +# // "none" - Neither prediction resistance not reseeding +# // support requested +# pr: +# "pr_and_reseed" | "reseed_only" | "none" +# +# // Whether a derivation function should be used. only applicable +# // to CTR_DRBG. Default "use_df" +# df: +# "use_df" | "no_df" +# +# Examples, +# securerandom.drbg.config=Hash_DRBG,SHA-224,112,none +# securerandom.drbg.config=CTR_DRBG,AES-256,192,pr_and_reseed,use_df +# +# The default value is an empty string, which is equivalent to +# securerandom.drbg.config=Hash_DRBG,SHA-256,128,none +# +securerandom.drbg.config= + +# +# Class to instantiate as the javax.security.auth.login.Configuration +# provider. +# +login.configuration.provider=sun.security.provider.ConfigFile + +# +# Default login configuration file +# +#login.config.url.1=file:${user.home}/.java.login.config + +# +# Class to instantiate as the system Policy. This is the name of the class +# that will be used as the Policy object. The system class loader is used to +# locate this class. +# +policy.provider=sun.security.provider.PolicyFile + +# The default is to have a single system-wide policy file, +# and a policy file in the user's home directory. +# +policy.url.1=file:${java.home}/conf/security/java.policy +policy.url.2=file:${user.home}/.java.policy + +# whether or not we expand properties in the policy file +# if this is set to false, properties (${...}) will not be expanded in policy +# files. +# +policy.expandProperties=true + +# whether or not we allow an extra policy to be passed on the command line +# with -Djava.security.policy=somefile. Comment out this line to disable +# this feature. +# +policy.allowSystemProperty=true + +# whether or not we look into the IdentityScope for trusted Identities +# when encountering a 1.1 signed JAR file. If the identity is found +# and is trusted, we grant it AllPermission. Note: the default policy +# provider (sun.security.provider.PolicyFile) does not support this property. +# +policy.ignoreIdentityScope=false + +# +# Default keystore type. +# +keystore.type=pkcs12 + +# +# Controls compatibility mode for JKS and PKCS12 keystore types. +# +# When set to 'true', both JKS and PKCS12 keystore types support loading +# keystore files in either JKS or PKCS12 format. When set to 'false' the +# JKS keystore type supports loading only JKS keystore files and the PKCS12 +# keystore type supports loading only PKCS12 keystore files. +# +keystore.type.compat=true + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when passed to the +# SecurityManager::checkPackageAccess method unless the corresponding +# RuntimePermission("accessClassInPackage."+package) has been granted. +# +package.access=sun.misc.,\ + sun.reflect. + +# +# List of comma-separated packages that start with or equal this string +# will cause a security exception to be thrown when passed to the +# SecurityManager::checkPackageDefinition method unless the corresponding +# RuntimePermission("defineClassInPackage."+package) has been granted. +# +# By default, none of the class loaders supplied with the JDK call +# checkPackageDefinition. +# +package.definition=sun.misc.,\ + sun.reflect. + +# +# Determines whether this properties file can be appended to +# or overridden on the command line via -Djava.security.properties +# +security.overridePropertiesFile=true + +# +# Determines the default key and trust manager factory algorithms for +# the javax.net.ssl package. +# +ssl.KeyManagerFactory.algorithm=SunX509 +ssl.TrustManagerFactory.algorithm=PKIX + +# +# The Java-level namelookup cache policy for successful lookups: +# +# any negative value: caching forever +# any positive value: the number of seconds to cache an address for +# zero: do not cache +# +# default value is forever (FOREVER). For security reasons, this +# caching is made forever when a security manager is set. When a security +# manager is not set, the default behavior in this implementation +# is to cache for 30 seconds. +# +# NOTE: setting this to anything other than the default value can have +# serious security implications. Do not set it unless +# you are sure you are not exposed to DNS spoofing attack. +# +#networkaddress.cache.ttl=-1 + +# The Java-level namelookup cache policy for failed lookups: +# +# any negative value: cache forever +# any positive value: the number of seconds to cache negative lookup results +# zero: do not cache +# +# In some Microsoft Windows networking environments that employ +# the WINS name service in addition to DNS, name service lookups +# that fail may take a noticeably long time to return (approx. 5 seconds). +# For this reason the default caching policy is to maintain these +# results for 10 seconds. +# +networkaddress.cache.negative.ttl=10 + +# +# Properties to configure OCSP for certificate revocation checking +# + +# Enable OCSP +# +# By default, OCSP is not used for certificate revocation checking. +# This property enables the use of OCSP when set to the value "true". +# +# NOTE: SocketPermission is required to connect to an OCSP responder. +# +# Example, +# ocsp.enable=true + +# +# Location of the OCSP responder +# +# By default, the location of the OCSP responder is determined implicitly +# from the certificate being validated. This property explicitly specifies +# the location of the OCSP responder. The property is used when the +# Authority Information Access extension (defined in RFC 5280) is absent +# from the certificate or when it requires overriding. +# +# Example, +# ocsp.responderURL=http://ocsp.example.net:80 + +# +# Subject name of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# distinguished name (defined in RFC 2253) which identifies a certificate in +# the set of certificates supplied during cert path validation. In cases where +# the subject name alone is not sufficient to uniquely identify the certificate +# then both the "ocsp.responderCertIssuerName" and +# "ocsp.responderCertSerialNumber" properties must be used instead. When this +# property is set then those two properties are ignored. +# +# Example, +# ocsp.responderCertSubjectName=CN=OCSP Responder, O=XYZ Corp + +# +# Issuer name of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# distinguished name (defined in RFC 2253) which identifies a certificate in +# the set of certificates supplied during cert path validation. When this +# property is set then the "ocsp.responderCertSerialNumber" property must also +# be set. When the "ocsp.responderCertSubjectName" property is set then this +# property is ignored. +# +# Example, +# ocsp.responderCertIssuerName=CN=Enterprise CA, O=XYZ Corp + +# +# Serial number of the OCSP responder's certificate +# +# By default, the certificate of the OCSP responder is that of the issuer +# of the certificate being validated. This property identifies the certificate +# of the OCSP responder when the default does not apply. Its value is a string +# of hexadecimal digits (colon or space separators may be present) which +# identifies a certificate in the set of certificates supplied during cert path +# validation. When this property is set then the "ocsp.responderCertIssuerName" +# property must also be set. When the "ocsp.responderCertSubjectName" property +# is set then this property is ignored. +# +# Example, +# ocsp.responderCertSerialNumber=2A:FF:00 + +# +# Policy for failed Kerberos KDC lookups: +# +# When a KDC is unavailable (network error, service failure, etc), it is +# put inside a blacklist and accessed less often for future requests. The +# value (case-insensitive) for this policy can be: +# +# tryLast +# KDCs in the blacklist are always tried after those not on the list. +# +# tryLess[:max_retries,timeout] +# KDCs in the blacklist are still tried by their order in the configuration, +# but with smaller max_retries and timeout values. max_retries and timeout +# are optional numerical parameters (default 1 and 5000, which means once +# and 5 seconds). Please notes that if any of the values defined here is +# more than what is defined in krb5.conf, it will be ignored. +# +# Whenever a KDC is detected as available, it is removed from the blacklist. +# The blacklist is reset when krb5.conf is reloaded. You can add +# refreshKrb5Config=true to a JAAS configuration file so that krb5.conf is +# reloaded whenever a JAAS authentication is attempted. +# +# Example, +# krb5.kdc.bad.policy = tryLast +# krb5.kdc.bad.policy = tryLess:2,2000 +# +krb5.kdc.bad.policy = tryLast + +# +# Algorithm restrictions for certification path (CertPath) processing +# +# In some environments, certain algorithms or key lengths may be undesirable +# for certification path building and validation. For example, "MD2" is +# generally no longer considered to be a secure hash algorithm. This section +# describes the mechanism for disabling algorithms based on algorithm name +# and/or key length. This includes algorithms used in certificates, as well +# as revocation information such as CRLs and signed OCSP Responses. +# The syntax of the disabled algorithm string is described as follows: +# DisabledAlgorithms: +# " DisabledAlgorithm { , DisabledAlgorithm } " +# +# DisabledAlgorithm: +# AlgorithmName [Constraint] { '&' Constraint } +# +# AlgorithmName: +# (see below) +# +# Constraint: +# KeySizeConstraint | CAConstraint | DenyAfterConstraint | +# UsageConstraint +# +# KeySizeConstraint: +# keySize Operator KeyLength +# +# Operator: +# <= | < | == | != | >= | > +# +# KeyLength: +# Integer value of the algorithm's key length in bits +# +# CAConstraint: +# jdkCA +# +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# +# The "AlgorithmName" is the standard algorithm name of the disabled +# algorithm. See "Java Cryptography Architecture Standard Algorithm Name +# Documentation" for information about Standard Algorithm Names. Matching +# is performed using a case-insensitive sub-element matching rule. (For +# example, in "SHA1withECDSA" the sub-elements are "SHA1" for hashing and +# "ECDSA" for signatures.) If the assertion "AlgorithmName" is a +# sub-element of the certificate algorithm name, the algorithm will be +# rejected during certification path building and validation. For example, +# the assertion algorithm name "DSA" will disable all certificate algorithms +# that rely on DSA, such as NONEwithDSA, SHA1withDSA. However, the assertion +# will not disable algorithms related to "ECDSA". +# +# A "Constraint" defines restrictions on the keys and/or certificates for +# a specified AlgorithmName: +# +# KeySizeConstraint: +# keySize Operator KeyLength +# The constraint requires a key of a valid size range if the +# "AlgorithmName" is of a key algorithm. The "KeyLength" indicates +# the key size specified in number of bits. For example, +# "RSA keySize <= 1024" indicates that any RSA key with key size less +# than or equal to 1024 bits should be disabled, and +# "RSA keySize < 1024, RSA keySize > 2048" indicates that any RSA key +# with key size less than 1024 or greater than 2048 should be disabled. +# This constraint is only used on algorithms that have a key size. +# +# CAConstraint: +# jdkCA +# This constraint prohibits the specified algorithm only if the +# algorithm is used in a certificate chain that terminates at a marked +# trust anchor in the lib/security/cacerts keystore. If the jdkCA +# constraint is not set, then all chains using the specified algorithm +# are restricted. jdkCA may only be used once in a DisabledAlgorithm +# expression. +# Example: To apply this constraint to SHA-1 certificates, include +# the following: "SHA1 jdkCA" +# +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# This constraint prohibits a certificate with the specified algorithm +# from being used after the date regardless of the certificate's +# validity. JAR files that are signed and timestamped before the +# constraint date with certificates containing the disabled algorithm +# will not be restricted. The date is processed in the UTC timezone. +# This constraint can only be used once in a DisabledAlgorithm +# expression. +# Example: To deny usage of RSA 2048 bit certificates after Feb 3 2020, +# use the following: "RSA keySize == 2048 & denyAfter 2020-02-03" +# +# UsageConstraint: +# usage [TLSServer] [TLSClient] [SignedJAR] +# This constraint prohibits the specified algorithm for +# a specified usage. This should be used when disabling an algorithm +# for all usages is not practical. 'TLSServer' restricts the algorithm +# in TLS server certificate chains when server authentication is +# performed. 'TLSClient' restricts the algorithm in TLS client +# certificate chains when client authentication is performed. +# 'SignedJAR' constrains use of certificates in signed jar files. +# The usage type follows the keyword and more than one usage type can +# be specified with a whitespace delimiter. +# Example: "SHA1 usage TLSServer TLSClient" +# +# When an algorithm must satisfy more than one constraint, it must be +# delimited by an ampersand '&'. For example, to restrict certificates in a +# chain that terminate at a distribution provided trust anchor and contain +# RSA keys that are less than or equal to 1024 bits, add the following +# constraint: "RSA keySize <= 1024 & jdkCA". +# +# All DisabledAlgorithms expressions are processed in the order defined in the +# property. This requires lower keysize constraints to be specified +# before larger keysize constraints of the same algorithm. For example: +# "RSA keySize < 1024 & jdkCA, RSA keySize < 2048". +# +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# +# Note: This property is currently used by Oracle's PKIX implementation. It +# is not guaranteed to be examined and used by other implementations. +# +# Example: +# jdk.certpath.disabledAlgorithms=MD2, DSA, RSA keySize < 2048 +# +# +jdk.certpath.disabledAlgorithms=MD2, MD5, SHA1 jdkCA & usage TLSServer, \ + RSA keySize < 1024, DSA keySize < 1024, EC keySize < 224 + +# +# Algorithm restrictions for signed JAR files +# +# In some environments, certain algorithms or key lengths may be undesirable +# for signed JAR validation. For example, "MD2" is generally no longer +# considered to be a secure hash algorithm. This section describes the +# mechanism for disabling algorithms based on algorithm name and/or key length. +# JARs signed with any of the disabled algorithms or key sizes will be treated +# as unsigned. +# +# The syntax of the disabled algorithm string is described as follows: +# DisabledAlgorithms: +# " DisabledAlgorithm { , DisabledAlgorithm } " +# +# DisabledAlgorithm: +# AlgorithmName [Constraint] { '&' Constraint } +# +# AlgorithmName: +# (see below) +# +# Constraint: +# KeySizeConstraint | DenyAfterConstraint +# +# KeySizeConstraint: +# keySize Operator KeyLength +# +# DenyAfterConstraint: +# denyAfter YYYY-MM-DD +# +# Operator: +# <= | < | == | != | >= | > +# +# KeyLength: +# Integer value of the algorithm's key length in bits +# +# Note: This property is currently used by the JDK Reference +# implementation. It is not guaranteed to be examined and used by other +# implementations. +# +# See "jdk.certpath.disabledAlgorithms" for syntax descriptions. +# +jdk.jar.disabledAlgorithms=MD2, MD5, RSA keySize < 1024, \ + DSA keySize < 1024 + +# +# Algorithm restrictions for Secure Socket Layer/Transport Layer Security +# (SSL/TLS/DTLS) processing +# +# In some environments, certain algorithms or key lengths may be undesirable +# when using SSL/TLS/DTLS. This section describes the mechanism for disabling +# algorithms during SSL/TLS/DTLS security parameters negotiation, including +# protocol version negotiation, cipher suites selection, peer authentication +# and key exchange mechanisms. +# +# Disabled algorithms will not be negotiated for SSL/TLS connections, even +# if they are enabled explicitly in an application. +# +# For PKI-based peer authentication and key exchange mechanisms, this list +# of disabled algorithms will also be checked during certification path +# building and validation, including algorithms used in certificates, as +# well as revocation information such as CRLs and signed OCSP Responses. +# This is in addition to the jdk.certpath.disabledAlgorithms property above. +# +# See the specification of "jdk.certpath.disabledAlgorithms" for the +# syntax of the disabled algorithm string. +# +# Note: The algorithm restrictions do not apply to trust anchors or +# self-signed certificates. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# +# Example: +# jdk.tls.disabledAlgorithms=MD5, SSLv3, DSA, RSA keySize < 2048 +jdk.tls.disabledAlgorithms=SSLv3, RC4, DES, MD5withRSA, DH keySize < 1024, \ + EC keySize < 224, 3DES_EDE_CBC, anon, NULL + +# +# Legacy algorithms for Secure Socket Layer/Transport Layer Security (SSL/TLS) +# processing in JSSE implementation. +# +# In some environments, a certain algorithm may be undesirable but it +# cannot be disabled because of its use in legacy applications. Legacy +# algorithms may still be supported, but applications should not use them +# as the security strength of legacy algorithms are usually not strong enough +# in practice. +# +# During SSL/TLS security parameters negotiation, legacy algorithms will +# not be negotiated unless there are no other candidates. +# +# The syntax of the legacy algorithms string is described as this Java +# BNF-style: +# LegacyAlgorithms: +# " LegacyAlgorithm { , LegacyAlgorithm } " +# +# LegacyAlgorithm: +# AlgorithmName (standard JSSE algorithm name) +# +# See the specification of security property "jdk.certpath.disabledAlgorithms" +# for the syntax and description of the "AlgorithmName" notation. +# +# Per SSL/TLS specifications, cipher suites have the form: +# SSL_KeyExchangeAlg_WITH_CipherAlg_MacAlg +# or +# TLS_KeyExchangeAlg_WITH_CipherAlg_MacAlg +# +# For example, the cipher suite TLS_RSA_WITH_AES_128_CBC_SHA uses RSA as the +# key exchange algorithm, AES_128_CBC (128 bits AES cipher algorithm in CBC +# mode) as the cipher (encryption) algorithm, and SHA-1 as the message digest +# algorithm for HMAC. +# +# The LegacyAlgorithm can be one of the following standard algorithm names: +# 1. JSSE cipher suite name, e.g., TLS_RSA_WITH_AES_128_CBC_SHA +# 2. JSSE key exchange algorithm name, e.g., RSA +# 3. JSSE cipher (encryption) algorithm name, e.g., AES_128_CBC +# 4. JSSE message digest algorithm name, e.g., SHA +# +# See SSL/TLS specifications and "Java Cryptography Architecture Standard +# Algorithm Name Documentation" for information about the algorithm names. +# +# Note: If a legacy algorithm is also restricted through the +# jdk.tls.disabledAlgorithms property or the +# java.security.AlgorithmConstraints API (See +# javax.net.ssl.SSLParameters.setAlgorithmConstraints()), +# then the algorithm is completely disabled and will not be negotiated. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# There is no guarantee the property will continue to exist or be of the +# same syntax in future releases. +# +# Example: +# jdk.tls.legacyAlgorithms=DH_anon, DES_CBC, SSL_RSA_WITH_RC4_128_MD5 +# +jdk.tls.legacyAlgorithms= \ + K_NULL, C_NULL, M_NULL, \ + DH_anon, ECDH_anon, \ + RC4_128, RC4_40, DES_CBC, DES40_CBC, \ + 3DES_EDE_CBC + +# +# The pre-defined default finite field Diffie-Hellman ephemeral (DHE) +# parameters for Transport Layer Security (SSL/TLS/DTLS) processing. +# +# In traditional SSL/TLS/DTLS connections where finite field DHE parameters +# negotiation mechanism is not used, the server offers the client group +# parameters, base generator g and prime modulus p, for DHE key exchange. +# It is recommended to use dynamic group parameters. This property defines +# a mechanism that allows you to specify custom group parameters. +# +# The syntax of this property string is described as this Java BNF-style: +# DefaultDHEParameters: +# DefinedDHEParameters { , DefinedDHEParameters } +# +# DefinedDHEParameters: +# "{" DHEPrimeModulus , DHEBaseGenerator "}" +# +# DHEPrimeModulus: +# HexadecimalDigits +# +# DHEBaseGenerator: +# HexadecimalDigits +# +# HexadecimalDigits: +# HexadecimalDigit { HexadecimalDigit } +# +# HexadecimalDigit: one of +# 0 1 2 3 4 5 6 7 8 9 A B C D E F a b c d e f +# +# Whitespace characters are ignored. +# +# The "DefinedDHEParameters" defines the custom group parameters, prime +# modulus p and base generator g, for a particular size of prime modulus p. +# The "DHEPrimeModulus" defines the hexadecimal prime modulus p, and the +# "DHEBaseGenerator" defines the hexadecimal base generator g of a group +# parameter. It is recommended to use safe primes for the custom group +# parameters. +# +# If this property is not defined or the value is empty, the underlying JSSE +# provider's default group parameter is used for each connection. +# +# If the property value does not follow the grammar, or a particular group +# parameter is not valid, the connection will fall back and use the +# underlying JSSE provider's default group parameter. +# +# Note: This property is currently used by OpenJDK's JSSE implementation. It +# is not guaranteed to be examined and used by other implementations. +# +# Example: +# jdk.tls.server.defaultDHEParameters= +# { \ +# FFFFFFFF FFFFFFFF C90FDAA2 2168C234 C4C6628B 80DC1CD1 \ +# 29024E08 8A67CC74 020BBEA6 3B139B22 514A0879 8E3404DD \ +# EF9519B3 CD3A431B 302B0A6D F25F1437 4FE1356D 6D51C245 \ +# E485B576 625E7EC6 F44C42E9 A637ED6B 0BFF5CB6 F406B7ED \ +# EE386BFB 5A899FA5 AE9F2411 7C4B1FE6 49286651 ECE65381 \ +# FFFFFFFF FFFFFFFF, 2} + +# +# TLS key limits on symmetric cryptographic algorithms +# +# This security property sets limits on algorithms key usage in TLS 1.3. +# When the amount of data encrypted exceeds the algorithm value listed below, +# a KeyUpdate message will trigger a key change. This is for symmetric ciphers +# with TLS 1.3 only. +# +# The syntax for the property is described below: +# KeyLimits: +# " KeyLimit { , KeyLimit } " +# +# WeakKeyLimit: +# AlgorithmName Action Length +# +# AlgorithmName: +# A full algorithm transformation. +# +# Action: +# KeyUpdate +# +# Length: +# The amount of encrypted data in a session before the Action occurs +# This value may be an integer value in bytes, or as a power of two, 2^29. +# +# KeyUpdate: +# The TLS 1.3 KeyUpdate handshake process begins when the Length amount +# is fulfilled. +# +# Note: This property is currently used by OpenJDK's JSSE implementation. It +# is not guaranteed to be examined and used by other implementations. +# +jdk.tls.keyLimits=AES/GCM/NoPadding KeyUpdate 2^37 + +# +# Cryptographic Jurisdiction Policy defaults +# +# Import and export control rules on cryptographic software vary from +# country to country. By default, Java provides two different sets of +# cryptographic policy files[1]: +# +# unlimited: These policy files contain no restrictions on cryptographic +# strengths or algorithms +# +# limited: These policy files contain more restricted cryptographic +# strengths +# +# The default setting is determined by the value of the "crypto.policy" +# Security property below. If your country or usage requires the +# traditional restrictive policy, the "limited" Java cryptographic +# policy is still available and may be appropriate for your environment. +# +# If you have restrictions that do not fit either use case mentioned +# above, Java provides the capability to customize these policy files. +# The "crypto.policy" security property points to a subdirectory +# within /conf/security/policy/ which can be customized. +# Please see the /conf/security/policy/README.txt file or consult +# the Java Security Guide/JCA documentation for more information. +# +# YOU ARE ADVISED TO CONSULT YOUR EXPORT/IMPORT CONTROL COUNSEL OR ATTORNEY +# TO DETERMINE THE EXACT REQUIREMENTS. +# +# [1] Please note that the JCE for Java SE, including the JCE framework, +# cryptographic policy files, and standard JCE providers provided with +# the Java SE, have been reviewed and approved for export as mass market +# encryption item by the US Bureau of Industry and Security. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# +crypto.policy=unlimited + +# +# The policy for the XML Signature secure validation mode. The mode is +# enabled by setting the property "org.jcp.xml.dsig.secureValidation" to +# true with the javax.xml.crypto.XMLCryptoContext.setProperty() method, +# or by running the code with a SecurityManager. +# +# Policy: +# Constraint {"," Constraint } +# Constraint: +# AlgConstraint | MaxTransformsConstraint | MaxReferencesConstraint | +# ReferenceUriSchemeConstraint | KeySizeConstraint | OtherConstraint +# AlgConstraint +# "disallowAlg" Uri +# MaxTransformsConstraint: +# "maxTransforms" Integer +# MaxReferencesConstraint: +# "maxReferences" Integer +# ReferenceUriSchemeConstraint: +# "disallowReferenceUriSchemes" String { String } +# KeySizeConstraint: +# "minKeySize" KeyAlg Integer +# OtherConstraint: +# "noDuplicateIds" | "noRetrievalMethodLoops" +# +# For AlgConstraint, Uri is the algorithm URI String that is not allowed. +# See the XML Signature Recommendation for more information on algorithm +# URI Identifiers. For KeySizeConstraint, KeyAlg is the standard algorithm +# name of the key type (ex: "RSA"). If the MaxTransformsConstraint, +# MaxReferencesConstraint or KeySizeConstraint (for the same key type) is +# specified more than once, only the last entry is enforced. +# +# Note: This property is currently used by the JDK Reference implementation. It +# is not guaranteed to be examined and used by other implementations. +# +jdk.xml.dsig.secureValidationPolicy=\ + disallowAlg http://www.w3.org/TR/1999/REC-xslt-19991116,\ + disallowAlg http://www.w3.org/2001/04/xmldsig-more#rsa-md5,\ + disallowAlg http://www.w3.org/2001/04/xmldsig-more#hmac-md5,\ + disallowAlg http://www.w3.org/2001/04/xmldsig-more#md5,\ + maxTransforms 5,\ + maxReferences 30,\ + disallowReferenceUriSchemes file http https,\ + minKeySize RSA 1024,\ + minKeySize DSA 1024,\ + minKeySize EC 224,\ + noDuplicateIds,\ + noRetrievalMethodLoops + +# +# Serialization process-wide filter +# +# A filter, if configured, is used by java.io.ObjectInputStream during +# deserialization to check the contents of the stream. +# A filter is configured as a sequence of patterns, each pattern is either +# matched against the name of a class in the stream or defines a limit. +# Patterns are separated by ";" (semicolon). +# Whitespace is significant and is considered part of the pattern. +# +# If the system property jdk.serialFilter is also specified, it supersedes +# the security property value defined here. +# +# If a pattern includes a "=", it sets a limit. +# If a limit appears more than once the last value is used. +# Limits are checked before classes regardless of the order in the +# sequence of patterns. +# If any of the limits are exceeded, the filter status is REJECTED. +# +# maxdepth=value - the maximum depth of a graph +# maxrefs=value - the maximum number of internal references +# maxbytes=value - the maximum number of bytes in the input stream +# maxarray=value - the maximum array length allowed +# +# Other patterns, from left to right, match the class or package name as +# returned from Class.getName. +# If the class is an array type, the class or package to be matched is the +# element type. +# Arrays of any number of dimensions are treated the same as the element type. +# For example, a pattern of "!example.Foo", rejects creation of any instance or +# array of example.Foo. +# +# If the pattern starts with "!", the status is REJECTED if the remaining +# pattern is matched; otherwise the status is ALLOWED if the pattern matches. +# If the pattern contains "/", the non-empty prefix up to the "/" is the +# module name; +# if the module name matches the module name of the class then +# the remaining pattern is matched with the class name. +# If there is no "/", the module name is not compared. +# If the pattern ends with ".**" it matches any class in the package and all +# subpackages. +# If the pattern ends with ".*" it matches any class in the package. +# If the pattern ends with "*", it matches any class with the pattern as a +# prefix. +# If the pattern is equal to the class name, it matches. +# Otherwise, the status is UNDECIDED. +# +#jdk.serialFilter=pattern;pattern + +# +# RMI Registry Serial Filter +# +# The filter pattern uses the same format as jdk.serialFilter. +# This filter can override the builtin filter if additional types need to be +# allowed or rejected from the RMI Registry or to decrease limits but not +# to increase limits. +# If the limits (maxdepth, maxrefs, or maxbytes) are exceeded, the object is rejected. +# +# Each non-array type is allowed or rejected if it matches one of the patterns, +# evaluated from left to right, and is otherwise allowed. Arrays of any +# component type, including subarrays and arrays of primitives, are allowed. +# +# Array construction of any component type, including subarrays and arrays of +# primitives, are allowed unless the length is greater than the maxarray limit. +# The filter is applied to each array element. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# +# The built-in filter allows subclasses of allowed classes and +# can approximately be represented as the pattern: +# +#sun.rmi.registry.registryFilter=\ +# maxarray=1000000;\ +# maxdepth=20;\ +# java.lang.String;\ +# java.lang.Number;\ +# java.lang.reflect.Proxy;\ +# java.rmi.Remote;\ +# sun.rmi.server.UnicastRef;\ +# sun.rmi.server.RMIClientSocketFactory;\ +# sun.rmi.server.RMIServerSocketFactory;\ +# java.rmi.activation.ActivationID;\ +# java.rmi.server.UID +# +# RMI Distributed Garbage Collector (DGC) Serial Filter +# +# The filter pattern uses the same format as jdk.serialFilter. +# This filter can override the builtin filter if additional types need to be +# allowed or rejected from the RMI DGC. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# +# The builtin DGC filter can approximately be represented as the filter pattern: +# +#sun.rmi.transport.dgcFilter=\ +# java.rmi.server.ObjID;\ +# java.rmi.server.UID;\ +# java.rmi.dgc.VMID;\ +# java.rmi.dgc.Lease;\ +# maxdepth=5;maxarray=10000 + +# CORBA ORBIorTypeCheckRegistryFilter +# Type check enhancement for ORB::string_to_object processing +# +# An IOR type check filter, if configured, is used by an ORB during +# an ORB::string_to_object invocation to check the veracity of the type encoded +# in the ior string. +# +# The filter pattern consists of a semi-colon separated list of class names. +# The configured list contains the binary class names of the IDL interface types +# corresponding to the IDL stub class to be instantiated. +# As such, a filter specifies a list of IDL stub classes that will be +# allowed by an ORB when an ORB::string_to_object is invoked. +# It is used to specify a white list configuration of acceptable +# IDL stub types which may be contained in a stringified IOR +# parameter passed as input to an ORB::string_to_object method. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be examined and used by other implementations. +# +#com.sun.CORBA.ORBIorTypeCheckRegistryFilter=binary_class_name;binary_class_name + +# +# JCEKS Encrypted Key Serial Filter +# +# This filter, if configured, is used by the JCEKS KeyStore during the +# deserialization of the encrypted Key object stored inside a key entry. +# If not configured or the filter result is UNDECIDED (i.e. none of the patterns +# matches), the filter configured by jdk.serialFilter will be consulted. +# +# If the system property jceks.key.serialFilter is also specified, it supersedes +# the security property value defined here. +# +# The filter pattern uses the same format as jdk.serialFilter. The default +# pattern allows java.lang.Enum, java.security.KeyRep, java.security.KeyRep$Type, +# and javax.crypto.spec.SecretKeySpec and rejects all the others. +jceks.key.serialFilter = java.base/java.lang.Enum;java.base/java.security.KeyRep;\ + java.base/java.security.KeyRep$Type;java.base/javax.crypto.spec.SecretKeySpec;!* + +# +# Enhanced exception message information +# +# By default, exception messages should not include potentially sensitive +# information such as file names, host names, or port numbers. This property +# accepts one or more comma separated values, each of which represents a +# category of enhanced exception message information to enable. Values are +# case-insensitive. Leading and trailing whitespaces, surrounding each value, +# are ignored. Unknown values are ignored. +# +# NOTE: Use caution before setting this property. Setting this property +# exposes sensitive information in Exceptions, which could, for example, +# propagate to untrusted code or be emitted in stack traces that are +# inadvertently disclosed and made accessible over a public network. +# +# The categories are: +# +# hostInfo - IOExceptions thrown by java.net.Socket and the socket types in the +# java.nio.channels package will contain enhanced exception +# message information +# +# The property setting in this file can be overridden by a system property of +# the same name, with the same syntax and possible values. +# +#jdk.includeInExceptions=hostInfo + +# +# Policies for distrusting Certificate Authorities (CAs). +# +# This is a comma separated value of one or more case-sensitive strings, each +# of which represents a policy for determining if a CA should be distrusted. +# The supported values are: +# +# SYMANTEC_TLS : Distrust TLS Server certificates anchored by a Symantec +# root CA and issued after April 16, 2019 unless issued by one of the +# following subordinate CAs which have a later distrust date: +# 1. Apple IST CA 2 - G1, SHA-256 fingerprint: +# AC2B922ECFD5E01711772FEA8ED372DE9D1E2245FCE3F57A9CDBEC77296A424B +# Distrust after December 31, 2019. +# 2. Apple IST CA 8 - G1, SHA-256 fingerprint: +# A4FE7C7F15155F3F0AEF7AAA83CF6E06DEB97CA3F909DF920AC1490882D488ED +# Distrust after December 31, 2019. +# +# Leading and trailing whitespace surrounding each value are ignored. +# Unknown values are ignored. If the property is commented out or set to the +# empty String, no policies are enforced. +# +# Note: This property is currently used by the JDK Reference implementation. +# It is not guaranteed to be supported by other SE implementations. Also, this +# property does not override other security properties which can restrict +# certificates such as jdk.tls.disabledAlgorithms or +# jdk.certpath.disabledAlgorithms; those restrictions are still enforced even +# if this property is not enabled. +# +jdk.security.caDistrustPolicies=SYMANTEC_TLS + diff --git a/java/lib/compressedrefs/libj9dmp29.so b/java/lib/compressedrefs/libj9dmp29.so index f93f61d..7f33f4d 100644 Binary files a/java/lib/compressedrefs/libj9dmp29.so and b/java/lib/compressedrefs/libj9dmp29.so differ diff --git a/java/lib/compressedrefs/libj9gc29.so b/java/lib/compressedrefs/libj9gc29.so index 2b25228..bd0fff9 100644 Binary files a/java/lib/compressedrefs/libj9gc29.so and b/java/lib/compressedrefs/libj9gc29.so differ diff --git a/java/lib/compressedrefs/libj9jit29.so b/java/lib/compressedrefs/libj9jit29.so index c735917..8446a3f 100644 Binary files a/java/lib/compressedrefs/libj9jit29.so and b/java/lib/compressedrefs/libj9jit29.so differ diff --git a/java/lib/compressedrefs/libj9jvmti29.so b/java/lib/compressedrefs/libj9jvmti29.so index 90fc989..85f012c 100644 Binary files a/java/lib/compressedrefs/libj9jvmti29.so and b/java/lib/compressedrefs/libj9jvmti29.so differ diff --git a/java/lib/compressedrefs/libj9prt29.so b/java/lib/compressedrefs/libj9prt29.so index 02e8ea1..43def71 100644 Binary files a/java/lib/compressedrefs/libj9prt29.so and b/java/lib/compressedrefs/libj9prt29.so differ diff --git a/java/lib/compressedrefs/libj9shr29.so b/java/lib/compressedrefs/libj9shr29.so index 43b4c19..20d427c 100644 Binary files a/java/lib/compressedrefs/libj9shr29.so and b/java/lib/compressedrefs/libj9shr29.so differ diff --git a/java/lib/compressedrefs/libj9trc29.so b/java/lib/compressedrefs/libj9trc29.so index 5a60347..b730e61 100644 Binary files a/java/lib/compressedrefs/libj9trc29.so and b/java/lib/compressedrefs/libj9trc29.so differ diff --git a/java/lib/compressedrefs/libj9vm29.so b/java/lib/compressedrefs/libj9vm29.so index 4166dc7..db7048a 100644 Binary files a/java/lib/compressedrefs/libj9vm29.so and b/java/lib/compressedrefs/libj9vm29.so differ diff --git a/java/lib/compressedrefs/libj9vrb29.so b/java/lib/compressedrefs/libj9vrb29.so index 13777b7..5ac9adf 100644 Binary files a/java/lib/compressedrefs/libj9vrb29.so and b/java/lib/compressedrefs/libj9vrb29.so differ diff --git a/java/lib/compressedrefs/libjclse29.so b/java/lib/compressedrefs/libjclse29.so index bb42405..f5ce54f 100644 Binary files a/java/lib/compressedrefs/libjclse29.so and b/java/lib/compressedrefs/libjclse29.so differ diff --git a/java/lib/compressedrefs/libjvm.so b/java/lib/compressedrefs/libjvm.so index 92bb3ec..faf7db7 100644 Binary files a/java/lib/compressedrefs/libjvm.so and b/java/lib/compressedrefs/libjvm.so differ diff --git a/java/lib/compressedrefs/libmanagement.so b/java/lib/compressedrefs/libmanagement.so index 59d6b81..43f90ed 100644 Binary files a/java/lib/compressedrefs/libmanagement.so and b/java/lib/compressedrefs/libmanagement.so differ diff --git a/java/lib/j9vm/libjvm.so b/java/lib/j9vm/libjvm.so index cf2e18d..aa8eecb 100644 Binary files a/java/lib/j9vm/libjvm.so and b/java/lib/j9vm/libjvm.so differ diff --git a/java/lib/java.properties b/java/lib/java.properties index a77d790..6a39365 100644 --- a/java/lib/java.properties +++ b/java/lib/java.properties @@ -1,4 +1,4 @@ -#Mon Jul 08 18:29:17 UTC 2019 +#Mon Jul 15 18:32:55 UTC 2019 EXEL070=ROM image is wrong version EXEL079=\ -Xscmx set size of new shared class cache to J9VM151=Failed to open jimage library diff --git a/java/lib/libfontmanager.so b/java/lib/libfontmanager.so new file mode 100644 index 0000000..f8ee294 Binary files /dev/null and b/java/lib/libfontmanager.so differ diff --git a/java/lib/libjavajpeg.so b/java/lib/libjavajpeg.so new file mode 100644 index 0000000..416ff39 Binary files /dev/null and b/java/lib/libjavajpeg.so differ diff --git a/java/lib/libjli.so b/java/lib/libjli.so new file mode 100644 index 0000000..762eeac Binary files /dev/null and b/java/lib/libjli.so differ diff --git a/java/lib/libsunec.so b/java/lib/libsunec.so new file mode 100644 index 0000000..d931a79 Binary files /dev/null and b/java/lib/libsunec.so differ diff --git a/java/lib/modules b/java/lib/modules index 5a6b0ae..08319ec 100644 Binary files a/java/lib/modules and b/java/lib/modules differ diff --git a/java/lib/openj9-notices.html b/java/lib/openj9-notices.html new file mode 100644 index 0000000..a2df31c --- /dev/null +++ b/java/lib/openj9-notices.html @@ -0,0 +1,263 @@ + + + + +About + + +

About This Content

+ +

January 24, 2018

+

License

+ +This program and the accompanying materials are made available under the terms of the Eclipse Public License 2 which accompanies this distribution and is available at https://www.eclipse.org/legal/epl-2.0/ or the Apache License, Version 2.0 which accompanies this distribution and is available at https://www.apache.org/licenses/LICENSE-2.0. +

+This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: GNU General Public License, version 2 with the GNU Classpath Exception [1] and GNU General Public License, version 2 with the OpenJDK Assembly Exception [2]. +

+[1] https://www.gnu.org/software/classpath/license.html +
+[2] http://openjdk.java.net/legal/assembly-exception.html +
+
+SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 OR LicenseRef-GPL-2.0 WITH Assembly-exception + +

If you did not receive this Content directly from the Eclipse Foundation, the Content is +being redistributed by another party ("Redistributor") and different terms and conditions may +apply to your use of any object code in the Content. Check the Redistributor's license that was +provided with the Content. If no such license exists, contact the Redistributor. Unless otherwise +indicated below, the terms and conditions of the EPL still apply to any source code in the Content +and such source code may be obtained at https://www.eclipse.org.

+ +

Third Party Content

+

The Content includes items that have been sourced from third parties as set out below. If you +did not receive this Content directly from the Eclipse Foundation, the following is provided +for informational purposes only, and you should look to the Redistributor's license for +terms and conditions of use.

+ +

Eclipse OMR

+

Copyright (c) 2017, 2018 IBM Corp. and others

+

+This program and the accompanying materials are made available under the terms of the Eclipse Public License 2 which accompanies this distribution and is available at https://www.eclipse.org/legal/epl-2.0/ or the Apache License, Version 2.0 which accompanies this distribution and is available at https://www.apache.org/licenses/LICENSE-2.0. +

+This Source Code may also be made available under the following Secondary Licenses when the conditions for such availability set forth in the Eclipse Public License, v. 2.0 are satisfied: GNU General Public License, version 2 with the GNU Classpath Exception [1] and GNU General Public License, version 2 with the OpenJDK Assembly Exception [2]. +

+[1] https://www.gnu.org/software/classpath/license.html +
+[2] http://openjdk.java.net/legal/assembly-exception.html +
+
+SPDX-License-Identifier: EPL-2.0 OR Apache-2.0 OR GPL-2.0 WITH Classpath-exception-2.0 OR LicenseRef-GPL-2.0 WITH Assembly-exception +

+Subject to the following notices:
+ 1. Google Test is provided under the Google Test license below.
+ 2. Pugixml is provided under the pugixml license below.
+ 3. config.sub and config.guess are provided under the GPL v3.0 with the Autoconf exception (see below).
+

+You may distribute this program and materials under either the +Eclipse Public License 2 or the Apache V2.0 License as long as you pass through +the exceptions noted above. +

+ +

Google C++ Testing Framework 1.7.0
+

Copyright 2008, Google Inc.
All rights reserved.

+

+Redistribution and use in source and binary forms, with or without +modification, are permitted provided that the following conditions are +met: +

* Redistributions of source code must retain the above copyright +notice, this list of conditions and the following disclaimer.

+

* Redistributions in binary form must reproduce the above +copyright notice, this list of conditions and the following disclaimer +in the documentation and/or other materials provided with the +distribution.

+

* Neither the name of Google Inc. nor the names of its +contributors may be used to endorse or promote products derived from +this software without specific prior written permission.

+

+THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS +"AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT +LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR +A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT +OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, +SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT +LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, +DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY +THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT +(INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE +OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. +

+The source is available at https://github.com/google/googletest. +

+ +
pugixml 1.5
+

Copyright (c) 2006-2015 Arseny Kapoulkine

+

+Permission is hereby granted, free of charge, to any person obtaining a +copy of this software and associated documentation files (the "Software"), +to deal in the Software without restriction, including without limitation +the rights to use, copy, modify, merge, publish, distribute, sublicense, +and/or sell copies of the Software, and to permit persons to whom the +Software is furnished to do so, subject to the following conditions:

+

+The above copyright notice and this permission notice shall be included +in all copies or substantial portions of the Software.

+

+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS +OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, +FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL +THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER +LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, +OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN +THE SOFTWARE. +

+

+The source is available at http://pugixml.org/2014/11/27/pugixml-1.5-release.html. +

+ +
config.sub and config.guess
+

+This file is free software; you can redistribute it and/or modify it +under the terms of the GNU General Public License as published by +the Free Software Foundation; either version 3 of the License, or +(at your option) any later version.

+

+This program is distributed in the hope that it will be useful, but +WITHOUT ANY WARRANTY; without even the implied warranty of +MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU +General Public License for more details.

+

+You should have received a copy of the GNU General Public License +along with this program; if not, see http://www.gnu.org/licenses/

+

+As a special exception to the GNU General Public License, if you +distribute this file as part of a program that contains a +configuration script generated by Autoconf, you may include it under +the same distribution terms that you use for the rest of that +program. This Exception is an additional permission under section 7 +of the GNU General Public License, version 3 ("GPLv3").

+

+The source for config.guess is available at http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.guess;hb=HEAD. +
+The source for config.guess is available at http://git.savannah.gnu.org/gitweb/?p=config.git;a=blob_plain;f=config.sub;hb=HEAD. +

+ +

Unicode 6.0, Unicode 8.0

+UNICODE, INC. LICENSE AGREEMENT - DATA FILES AND SOFTWARE +

+Unicode Data Files include all data files under the directories http://www.unicode.org/Public/, http://www.unicode.org/reports/, and http://www.unicode.org/cldr/data/. Unicode Data Files do not include PDF online code charts under the directory http://www.unicode.org/Public/. Software includes any source code published in the Unicode Standard or under the directories http://www.unicode.org/Public/, http://www.unicode.org/reports/, and http://www.unicode.org/cldr/data/. +

+NOTICE TO USER: Carefully read the following legal agreement. BY DOWNLOADING, INSTALLING, COPYING OR OTHERWISE USING UNICODE INC.'S DATA FILES ("DATA FILES"), AND/OR SOFTWARE ("SOFTWARE"), YOU UNEQUIVOCALLY ACCEPT, AND AGREE TO BE BOUND BY, ALL OF THE TERMS AND CONDITIONS OF THIS AGREEMENT. IF YOU DO NOT AGREE, DO NOT DOWNLOAD, INSTALL, COPY, DISTRIBUTE OR USE THE DATA FILES OR SOFTWARE. +

+COPYRIGHT AND PERMISSION NOTICE +

+Copyright © 1991-2011 Unicode, Inc. All rights reserved. Distributed under the Terms of Use in http://www.unicode.org/copyright.html. +

+Permission is hereby granted, free of charge, to any person obtaining a copy of the Unicode data files and any associated documentation (the "Data Files") or Unicode software and any associated documentation (the "Software") to deal in the Data Files or Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, and/or sell copies of the Data Files or Software, and to permit persons to whom the Data Files or Software are furnished to do so, provided that (a) the above copyright notice(s) and this permission notice appear with all copies of the Data Files or Software, (b) both the above copyright notice(s) and this permission notice appear in associated documentation, and (c) there is clear notice in each modified Data File or in the Software as well as in the documentation associated with the Data File(s) or Software that the data or software has been modified. +

+THE DATA FILES AND SOFTWARE ARE PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS. IN NO EVENT SHALL THE COPYRIGHT HOLDER OR HOLDERS INCLUDED IN THIS NOTICE BE LIABLE FOR ANY CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THE DATA FILES OR SOFTWARE. +

+Except as contained in this notice, the name of a copyright holder shall not be used in advertising or otherwise to promote the sale, use or other dealings in these Data Files or Software without prior written authorization of the copyright holder. +

+Unicode and the Unicode logo are trademarks of Unicode, Inc. in the United States and other countries. All third party trademarks referenced herein are the property of their respective owners. +

+

MurmurHash3

+MurmurHash3 was written by Austin Appleby, and is placed in the public domain. The author hereby disclaims copyright to this source code. +

+Note - The x86 and x64 versions do _not_ produce the same results, as the algorithms are optimized for their respective platforms. You can still compile and run any of them on any platform, but your performance with the non-native version will be less than optimal +

+

libFFI 3.0.13

+libffi - Copyright (c) 1996-2014 Anthony Green, Red Hat, Inc and others. +See source files for details. +

+Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +``Software''), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: +

+The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. +

+THE SOFTWARE IS PROVIDED ``AS IS'', WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +

+

zlib 1.2.3

+ (C) 1995-2012 Jean-loup Gailly and Mark Adler +

+ This software is provided 'as-is', without any express or implied + warranty. In no event will the authors be held liable for any damages + arising from the use of this software. +

+ Permission is granted to anyone to use this software for any purpose, + including commercial applications, and to alter it and redistribute it + freely, subject to the following restrictions: +
+ 1. The origin of this software must not be misrepresented; you must not + claim that you wrote the original software. If you use this software + in a product, an acknowledgment in the product documentation would be + appreciated but is not required. +
+ 2. Altered source versions must be plainly marked as such, and must not be + misrepresented as being the original software. +
+ 3. This notice may not be removed or altered from any source distribution. +

+ Jean-loup Gailly Mark Adler + jloup@gzip.org madler@alumni.caltech.edu +

+

CuTest

+Copyright (c) 2003 Asim Jalis +

+This software is provided 'as-is', without any express or implied +warranty. In no event will the authors be held liable for any damages +arising from the use of this software. +

+Permission is granted to anyone to use this software for any purpose, +including commercial applications, and to alter it and redistribute it +freely, subject to the following restrictions: +

+1. The origin of this software must not be misrepresented; you must not +claim that you wrote the original software. If you use this software in +a product, an acknowledgment in the product documentation would be +appreciated but is not required. +

+2. Altered source versions must be plainly marked as such, and must not +be misrepresented as being the original software. +

+3. This notice may not be removed or altered from any source +distribution. +

+musl 1.1.4 +

+c

+Copyright © 2005-2014 Rich Felker, et al. +

+Permission is hereby granted, free of charge, to any person obtaining +a copy of this software and associated documentation files (the +"Software"), to deal in the Software without restriction, including +without limitation the rights to use, copy, modify, merge, publish, +distribute, sublicense, and/or sell copies of the Software, and to +permit persons to whom the Software is furnished to do so, subject to +the following conditions: +

+The above copyright notice and this permission notice shall be +included in all copies or substantial portions of the Software. +

+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, +EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF +MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. +IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY +CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, +TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE +SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE. +

+ + diff --git a/java/lib/security/default.policy b/java/lib/security/default.policy new file mode 100644 index 0000000..abdbaaa --- /dev/null +++ b/java/lib/security/default.policy @@ -0,0 +1,239 @@ +// +// Permissions required by modules stored in a run-time image and loaded +// by the platform class loader. +// +// NOTE that this file is not intended to be modified. If additional +// permissions need to be granted to the modules in this file, it is +// recommended that they be configured in a separate policy file or +// ${java.home}/conf/security/java.policy. +// + + +grant codeBase "jrt:/java.compiler" { + permission java.security.AllPermission; +}; + + +grant codeBase "jrt:/java.net.http" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.net"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.net.util"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.net.www"; + permission java.lang.RuntimePermission "accessClassInPackage.jdk.internal.misc"; + permission java.net.SocketPermission "*","connect,resolve"; + permission java.net.URLPermission "http:*","*:*"; + permission java.net.URLPermission "https:*","*:*"; + permission java.net.URLPermission "ws:*","*:*"; + permission java.net.URLPermission "wss:*","*:*"; + permission java.net.URLPermission "socket:*","CONNECT"; // proxy + // For request/response body processors, fromFile, asFile + permission java.io.FilePermission "<>","read,write,delete"; + permission java.util.PropertyPermission "*","read"; + permission java.net.NetPermission "getProxySelector"; +}; + +grant codeBase "jrt:/java.scripting" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/java.security.jgss" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/java.smartcardio" { + permission javax.smartcardio.CardPermission "*", "*"; + permission java.lang.RuntimePermission "loadLibrary.j2pcsc"; + permission java.lang.RuntimePermission + "accessClassInPackage.sun.security.jca"; + permission java.lang.RuntimePermission + "accessClassInPackage.sun.security.util"; + permission java.util.PropertyPermission + "javax.smartcardio.TerminalFactory.DefaultType", "read"; + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "sun.arch.data.model", "read"; + permission java.util.PropertyPermission + "sun.security.smartcardio.library", "read"; + permission java.util.PropertyPermission + "sun.security.smartcardio.t0GetResponse", "read"; + permission java.util.PropertyPermission + "sun.security.smartcardio.t1GetResponse", "read"; + permission java.util.PropertyPermission + "sun.security.smartcardio.t1StripLe", "read"; + // needed for looking up native PC/SC library + permission java.io.FilePermission "<>","read"; + permission java.security.SecurityPermission "putProviderProperty.SunPCSC"; + permission java.security.SecurityPermission + "clearProviderProperties.SunPCSC"; + permission java.security.SecurityPermission + "removeProviderProperty.SunPCSC"; +}; + +grant codeBase "jrt:/java.sql" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/java.sql.rowset" { + permission java.security.AllPermission; +}; + + +grant codeBase "jrt:/java.xml.crypto" { + permission java.lang.RuntimePermission + "accessClassInPackage.sun.security.util"; + permission java.util.PropertyPermission "*", "read"; + permission java.security.SecurityPermission "putProviderProperty.XMLDSig"; + permission java.security.SecurityPermission + "clearProviderProperties.XMLDSig"; + permission java.security.SecurityPermission + "removeProviderProperty.XMLDSig"; + permission java.security.SecurityPermission + "com.sun.org.apache.xml.internal.security.register"; + permission java.security.SecurityPermission + "getProperty.jdk.xml.dsig.secureValidationPolicy"; + permission java.lang.RuntimePermission + "accessClassInPackage.com.sun.org.apache.xml.internal.*"; + permission java.lang.RuntimePermission + "accessClassInPackage.com.sun.org.apache.xpath.internal"; + permission java.lang.RuntimePermission + "accessClassInPackage.com.sun.org.apache.xpath.internal.*"; +}; + + +grant codeBase "jrt:/jdk.accessibility" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.awt"; +}; + +grant codeBase "jrt:/jdk.attach" { + permission java.lang.RuntimePermission "accessClassInPackage.com.ibm.oti.util"; + permission java.lang.RuntimePermission "accessClassInPackage.com.ibm.tools.attach.target"; + permission java.lang.RuntimePermission "accessClassInPackage.openj9.tools.attach.diagnostics.base"; + permission java.util.PropertyPermission "com.ibm.tools.attach.*", "read"; + // required by com.ibm.tools.attach.attacher.OpenJ9AttachProvider.listVirtualMachinesImp():commonDir.exists(), + // com.ibm.tools.attach.target.Reply.writeReply():new RandomAccessFile(replyFile, "rw"), + // and com.ibm.tools.attach.target.Reply.deleteReply():replyFile.delete() + permission java.io.FilePermission "<>", "read,write,delete"; + // required by com.ibm.tools.attach.attacher.OpenJ9VirtualMachine.tryAttachTarget():targetServer.accept() + permission java.net.SocketPermission "localhost:1024-", "accept,resolve"; +}; + +grant codeBase "jrt:/jdk.charsets" { + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "sun.nio.cs.map", "read"; + permission java.lang.RuntimePermission "charsetProvider"; + permission java.lang.RuntimePermission + "accessClassInPackage.jdk.internal.misc"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.cs"; +}; + +grant codeBase "jrt:/jdk.crypto.ec" { + permission java.lang.RuntimePermission + "accessClassInPackage.sun.security.*"; + permission java.lang.RuntimePermission "loadLibrary.sunec"; + permission java.security.SecurityPermission "putProviderProperty.SunEC"; + permission java.security.SecurityPermission "clearProviderProperties.SunEC"; + permission java.security.SecurityPermission "removeProviderProperty.SunEC"; +}; + +grant codeBase "jrt:/jdk.crypto.cryptoki" { + permission java.lang.RuntimePermission + "accessClassInPackage.sun.security.*"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.nio.ch"; + permission java.lang.RuntimePermission "loadLibrary.j2pkcs11"; + permission java.util.PropertyPermission "sun.security.pkcs11.allowSingleThreadedModules", "read"; + permission java.util.PropertyPermission "sun.security.pkcs11.disableKeyExtraction", "read"; + permission java.util.PropertyPermission "os.name", "read"; + permission java.util.PropertyPermission "os.arch", "read"; + permission java.util.PropertyPermission "jdk.crypto.KeyAgreement.legacyKDF", "read"; + permission java.security.SecurityPermission "putProviderProperty.*"; + permission java.security.SecurityPermission "clearProviderProperties.*"; + permission java.security.SecurityPermission "removeProviderProperty.*"; + permission java.security.SecurityPermission + "getProperty.auth.login.defaultCallbackHandler"; + permission java.security.SecurityPermission "authProvider.*"; + // Needed for reading PKCS11 config file and NSS library check + permission java.io.FilePermission "<>", "read"; +}; + +grant codeBase "jrt:/jdk.desktop" { + permission java.lang.RuntimePermission "accessClassInPackage.com.sun.awt"; +}; + +grant codeBase "jrt:/jdk.dynalink" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.httpserver" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.internal.le" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.internal.vm.compiler" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.internal.vm.compiler.management" { + permission java.lang.RuntimePermission "accessClassInPackage.org.graalvm.compiler.hotspot"; + permission java.lang.RuntimePermission "accessClassInPackage.jdk.vm.ci.runtime"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.management.spi"; + permission java.lang.RuntimePermission "sun.management.spi.PlatformMBeanProvider.subclass"; +}; + +grant codeBase "jrt:/jdk.jsobject" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.localedata" { + permission java.lang.RuntimePermission "accessClassInPackage.sun.text.*"; + permission java.lang.RuntimePermission "accessClassInPackage.sun.util.*"; +}; + +grant codeBase "jrt:/jdk.naming.dns" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.scripting.nashorn" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.scripting.nashorn.shell" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.security.auth" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.security.jgss" { + permission java.security.AllPermission; +}; + +grant codeBase "jrt:/jdk.zipfs" { + permission java.io.FilePermission "<>", "read,write,delete"; + permission java.lang.RuntimePermission "fileSystemProvider"; + permission java.util.PropertyPermission "os.name", "read"; +}; + +grant codeBase "jrt:/openj9.cuda" { + permission java.util.PropertyPermission "com.ibm.oti.vm.library.version", "read"; + permission java.lang.RuntimePermission "loadLibrary.cuda4j29"; +}; + +grant codeBase "jrt:/openj9.gpu" { + permission java.lang.RuntimePermission "accessClassInPackage.com.ibm.gpu.spi"; + permission com.ibm.gpu.GPUPermission "access"; + permission java.util.PropertyPermission "com.ibm.gpu.verbose", "read"; + permission java.util.PropertyPermission "com.ibm.gpu.enforce", "read"; + permission java.util.PropertyPermission "com.ibm.gpu.enable", "read"; + permission java.util.PropertyPermission "com.ibm.gpu.disable", "read"; +}; + +// permissions needed by applications using java.desktop module +grant { + permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans"; + permission java.lang.RuntimePermission "accessClassInPackage.com.sun.beans.*"; + permission java.lang.RuntimePermission "accessClassInPackage.com.sun.java.swing.plaf.*"; + permission java.lang.RuntimePermission "accessClassInPackage.com.apple.*"; +}; diff --git a/java/lib/security/public_suffix_list.dat b/java/lib/security/public_suffix_list.dat new file mode 100644 index 0000000..9fbf809 Binary files /dev/null and b/java/lib/security/public_suffix_list.dat differ diff --git a/java/lib/server/libjvm.so b/java/lib/server/libjvm.so index cf2e18d..aa8eecb 100644 Binary files a/java/lib/server/libjvm.so and b/java/lib/server/libjvm.so differ diff --git a/minecraft-server.jar b/minecraft-server.jar index 49da5b3..eb9aa31 100644 Binary files a/minecraft-server.jar and b/minecraft-server.jar differ diff --git a/paper.yml b/paper.yml index f57ecbe..1095e5f 100644 --- a/paper.yml +++ b/paper.yml @@ -3,14 +3,56 @@ # with caution, and make sure you know what each option does before configuring. # # If you need help with the configuration or have any questions related to Paper, -# join us in our IRC channel. +# join us in our Discord or IRC channel. # +# Discord: https://paperdiscord.emc.gs # IRC: #paper @ irc.spi.gt ( http://irc.spi.gt/iris/?channels=paper ) -# Wiki: https://paper.readthedocs.org/ -# Paper Forums: https://aquifermc.org/ +# Website: https://papermc.io/ +# Docs: https://paper.readthedocs.org/ verbose: false -config-version: 13 +config-version: 18 +settings: + sleep-between-chunk-saves: false + queue-light-updates-max-loss: 10 + player-auto-save-rate: -1 + max-player-auto-save-per-tick: -1 + load-permissions-yml-before-plugins: true + bungee-online-mode: true + save-player-data: true + region-file-cache-size: 256 + incoming-packet-spam-threshold: 300 + use-alternative-luck-formula: false + use-versioned-world: false + suggest-player-names-when-null-tab-completions: true + enable-player-collisions: true + save-empty-scoreboard-teams: false + velocity-support: + enabled: false + online-mode: false + secret: '' + watchdog: + early-warning-every: 5000 + early-warning-delay: 10000 + spam-limiter: + tab-spam-increment: 1 + tab-spam-limit: 500 + book-size: + page-max: 2560 + total-multiplier: 0.98 + async-chunks: + enable: true + generation: true + thread-per-world-generation: true + load-threads: -1 +messages: + no-permission: '&cI''m sorry, but you do not have permission to perform this command. + Please contact the server administrators if you believe that this is in error.' + kick: + authentication-servers-down: '' + connection-throttle: Connection throttled! Please wait before reconnecting. + flying-player: Flying is not enabled on this server + flying-vehicle: Flying is not enabled on this server timings: enabled: true verbose: true @@ -20,101 +62,73 @@ timings: - settings.bungeecord-addresses history-interval: 300 history-length: 3600 -settings: - min-chunk-load-threads: 8 - sleep-between-chunk-saves: false - load-permissions-yml-before-plugins: true - region-file-cache-size: 256 - enable-player-collisions: true - save-empty-scoreboard-teams: false - bungee-online-mode: true - incoming-packet-spam-threshold: 300 - player-auto-save-rate: -1 - max-player-auto-save-per-tick: -1 - remove-invalid-statistics: false - suggest-player-names-when-null-tab-completions: true - save-player-data: true - use-alternative-luck-formula: false - watchdog: - early-warning-every: 5000 - early-warning-delay: 10000 - spam-limiter: - tab-spam-increment: 10 - tab-spam-limit: 500 - book-size: - page-max: 2560 - total-multiplier: 0.98 -messages: - kick: - flying-player: Flying is not enabled on this server - flying-vehicle: Flying is not enabled on this server - authentication-servers-down: '' + server-name: Unknown Server world-settings: default: + queue-light-updates: false + count-all-mobs-for-spawning: false + fire-physics-event-for-redstone: false + delay-chunk-unloads-by: 10s + save-queue-limit-for-auto-save: 50 + max-chunk-sends-per-tick: 81 + max-chunk-gens-per-tick: 10 + skip-entity-ticking-in-chunks-scheduled-for-unload: true + prevent-moving-into-unloaded-chunks: true + max-auto-save-chunks-per-tick: 24 + falling-block-height-nerf: 0 + tnt-entity-height-nerf: 0 + filter-nbt-data-from-spawn-eggs-and-related: false + max-entity-collisions: 1 + disable-creeper-lingering-effect: false + duplicate-uuid-resolver: saferegen + duplicate-uuid-saferegen-delete-range: 32 + remove-corrupt-tile-entities: true + optimize-explosions: true + portal-search-radius: 128 + disable-teleportation-suffocation-check: true + fixed-chunk-inhabited-time: -1 + use-vanilla-world-scoreboard-name-coloring: false + enable-treasure-maps: true + treasure-maps-return-already-discovered: false + experience-merge-max-value: -1 + disable-thunder: false + skeleton-horse-thunder-spawn-chance: 0.01 + disable-ice-and-snow: false + keep-spawn-loaded-range: 10 + keep-spawn-loaded: false + auto-save-interval: -1 + armor-stands-do-collision-entity-lookups: true + nether-ceiling-void-damage-height: 0 + water-over-lava-flow-speed: 5 + grass-spread-tick-rate: 400 + bed-search-radius: 1 + use-faster-eigencraft-redstone: true + allow-non-player-entities-on-scoreboards: false + disable-explosion-knockback: false + parrots-are-unaffected-by-player-movement: false + container-update-tick-rate: 1 + non-player-arrow-despawn-rate: -1 + creative-arrow-despawn-rate: -1 + prevent-tnt-from-moving-in-water: false + armor-stands-tick: true + spawner-nerfed-mobs-should-jump: false + baby-zombie-movement-speed: 0.5 + allow-leashing-undead-horse: false + all-chunks-are-slime-chunks: false + mob-spawner-tick-rate: 100 max-growth-height: cactus: 3 reeds: 3 - baby-zombie-movement-speed: 0.5 fishing-time-range: MinimumTicks: 100 MaximumTicks: 600 - spawner-nerfed-mobs-should-jump: false despawn-ranges: soft: 32 hard: 128 - keep-spawn-loaded: false - falling-block-height-nerf: 0 - tnt-entity-height-nerf: 0 - water-over-lava-flow-speed: 5 - nether-ceiling-void-damage: false - queue-light-updates: true - game-mechanics: - disable-end-credits: false - disable-chest-cat-detection: false - disable-player-crits: false - disable-sprint-interruption-on-attack: false - allow-permanent-chunk-loaders: false - disable-unloaded-chunk-enderpearl-exploit: true - shield-blocking-delay: 5 - scan-for-legacy-ender-dragon: false - generator-settings: - canyon: true - caves: true - dungeon: true - fortress: true - mineshaft: true - monument: true - stronghold: true - temple: true - village: true - flat-bedrock: false - disable-extreme-hills-emeralds: false - disable-extreme-hills-monster-eggs: false - disable-mesa-additional-gold: false - optimize-explosions: true - fast-drain: - lava: false - water: false - lava-flow-speed: - normal: 30 - nether: 10 - disable-explosion-knockback: false - disable-thunder: false - disable-ice-and-snow: false - mob-spawner-tick-rate: 100 - container-update-tick-rate: 3 - all-chunks-are-slime-chunks: false - portal-search-radius: 128 - disable-teleportation-suffocation-check: true - allow-non-player-entities-on-scoreboards: false - allow-leashing-undead-horse: false - non-player-arrow-despawn-rate: -1 - skeleton-horse-thunder-spawn-chance: 0.01 - fire-physics-event-for-redstone: false - use-chunk-inhabited-timer: true - grass-spread-tick-rate: 400 - keep-spawn-loaded-range: 8 - use-vanilla-world-scoreboard-name-coloring: false + lightning-strike-distance-limit: + sound: -1 + impact-sound: -1 + flash: -1 frosted-ice: enabled: true delay: @@ -127,30 +141,22 @@ world-settings: max-refills: -1 refresh-min: 12h refresh-max: 2d - prevent-tnt-from-moving-in-water: false - use-alternate-fallingblock-onGround-detection: false hopper: - push-based: false cooldown-when-full: true disable-move-event: true - delay-chunk-unloads-by: 10s - skip-entity-ticking-in-chunks-scheduled-for-unload: true - elytra-hit-wall-damage: true - auto-save-interval: -1 - max-auto-save-chunks-per-tick: 24 - save-queue-limit-for-auto-save: 50 - remove-corrupt-tile-entities: true - filter-nbt-data-from-spawn-eggs-and-related: false - enable-treasure-maps: true - treasure-maps-return-already-discovered: false - armor-stands-do-collision-entity-lookups: true - max-entity-collisions: 1 - parrots-are-unaffected-by-player-movement: false - disable-creeper-lingering-effect: false + game-mechanics: + villages-load-chunks: false + scan-for-legacy-ender-dragon: false + disable-chest-cat-detection: false + shield-blocking-delay: 5 + disable-player-crits: false + disable-sprint-interruption-on-attack: false + disable-end-credits: false + disable-unloaded-chunk-enderpearl-exploit: true anti-xray: enabled: false engine-mode: 1 - chunk-edge-mode: 1 + chunk-edge-mode: 2 max-chunk-section-index: 3 update-radius: 2 hidden-blocks: @@ -163,20 +169,11 @@ world-settings: - chest - diamond_ore - redstone_ore - - lit_redstone_ore - clay - emerald_ore - ender_chest replacement-blocks: - stone - - planks - experience-merge-max-value: -1 - max-chunk-sends-per-tick: 81 - max-chunk-gens-per-tick: 10 + - oak_planks squid-spawn-height: maximum: 0.0 - bed-search-radius: 1 - duplicate-uuid-resolver: saferegen - duplicate-uuid-saferegen-delete-range: 32 - armor-stands-tick: true - prevent-moving-into-unloaded-chunks: true diff --git a/plugins/CommandSpy.jar b/plugins/CommandSpy.jar index 54e0ec7..827e483 100644 Binary files a/plugins/CommandSpy.jar and b/plugins/CommandSpy.jar differ diff --git a/plugins/Essentials.jar b/plugins/Essentials.jar index 1686108..a74bdf9 100644 Binary files a/plugins/Essentials.jar and b/plugins/Essentials.jar differ diff --git a/plugins/Extras.jar b/plugins/Extras.jar index f3b6ec3..67aedea 100644 Binary files a/plugins/Extras.jar and b/plugins/Extras.jar differ diff --git a/plugins/FastAsyncWorldEdit.jar b/plugins/FastAsyncWorldEdit.jar index f8c3698..6c0b102 100644 Binary files a/plugins/FastAsyncWorldEdit.jar and b/plugins/FastAsyncWorldEdit.jar differ diff --git a/plugins/FastAsyncWorldEdit/config-legacy.yml b/plugins/FastAsyncWorldEdit/config-legacy.yml new file mode 100644 index 0000000..492e0ab --- /dev/null +++ b/plugins/FastAsyncWorldEdit/config-legacy.yml @@ -0,0 +1,92 @@ +# +# WorldEdit's Configuration File +# +# About editing this file: +# - DO NOT USE TABS. You MUST use spaces or Bukkit will complain and post +# errors. If you use an editor, like Notepad++ (recommended for Windows +# users), you must configure it to "replace tabs with spaces." +# This can be changed in Settings > Preferences > Language Menu. +# - Don't get rid of indentations. They are indented so some entries that are +# in categories, like "max-blocks-changed", are placed in the "limits" +# category. +# - If you want to check the format of this file before putting it +# into WorldEdit, paste it into http://yaml-online-parser.appspot.com/ +# and see if it gives you "ERROR:". +# - Lines starting with # are comments, so they are ignored. +# - If you want to allow blocks, make sure to change "disallowed-blocks" to [] +# + +limits: + max-blocks-changed: + # Ignored, use FAWE config limits + default: -1 + maximum: -1 + max-polygonal-points: + default: -1 + maximum: 20 + max-radius: 100 + max-super-pickaxe-size: 5 + max-brush-radius: 10 + butcher-radius: + default: -1 + maximum: -1 + disallowed-blocks: [] + +use-inventory: + enable: false + allow-override: true + creative-mode-overrides: false + +logging: + log-commands: false + file: worldedit.log + # The format of custom log message. This is java general format string (java.util.Formatter). Arguments are: + # 1$ : date - a Date object representing event time of the log record. + # 2$ : source - a string representing the caller, if available; otherwise, the logger's name. + # 3$ : logger - the logger's name. + # 4$ : level - the log level. + # 5$ : message - the formatted log message returned from the Formatter.formatMessage(LogRecord) method. It uses java.text formatting and does not use the java.util.Formatter format argument. + # 6$ : thrown - a string representing the throwable associated with the log record and its backtrace beginning with a newline character, if any; otherwise, an empty string. + # For details see: + # https://docs.oracle.com/javase/8/docs/api/java/util/Formatter.html + # https://docs.oracle.com/javase/8/docs/api/java/util/logging/SimpleFormatter.html#format-java.util.logging.LogRecord- + format: "[%1$tY-%1$tm-%1$td %1$tH:%1$tM:%1$tS %4$s]: %5$s%6$s%n" + +super-pickaxe: + drop-items: true + many-drop-items: false + +snapshots: + directory: + +navigation-wand: + item: minecraft:compass + max-distance: 100 + +scripting: + timeout: 3000 + dir: craftscripts + +saving: + dir: schematics + +files: + allow-symbolic-links: false + +history: + size: 15 + expiration: 10 + +calculation: + timeout: 100 + +debugging: + trace-unflushed-sessions: false + +wand-item: minecraft:wooden_axe +shell-save-type: +no-double-slash: false +no-op-permissions: false +debug: false +show-help-on-first-use: true +server-side-cui: true diff --git a/plugins/FastAsyncWorldEdit/config.yml b/plugins/FastAsyncWorldEdit/config.yml index fd5b669..5cfb07b 100644 --- a/plugins/FastAsyncWorldEdit/config.yml +++ b/plugins/FastAsyncWorldEdit/config.yml @@ -1,17 +1,14 @@ # These first 6 aren't configurable -issues: "https://github.com/boy0001/FastAsyncWorldedit/issues" +issues: "https://github.com/IntellectualSites/FastAsyncWorldEdit-1.13/issues" wiki: "https://github.com/boy0001/FastAsyncWorldedit/wiki/" -date: "6 Jun 2018 00:00:00 GMT" -build: "https://ci.athion.net/job/FastAsyncWorldEdit/1108" -commit: "https://github.com/boy0001/FastAsyncWorldedit/commit/d9e79f" +date: "10 Aug 2019 21:00:00 GMT" +build: "https://ci.athion.net/job/FastAsyncWorldEdit-Breaking/7" +commit: "https://github.com/IntellectualSites/FastAsyncWorldEdit-1.13/commit/f0cabb7" platform: "bukkit" -# Options: de, ru, tr -# Create a PR to contribute a translation: https://github.com/boy0001/FastAsyncWorldedit/new/master/core/src/main/resources +# Options: cn, de, es, fr, it, nl, ru, tr +# Create a PR to contribute a translation: https://github.com/IntellectualSites/FastAsyncWorldEdit-1.13/tree/master/worldedit-core/src/main/resources language: '' -# Enable or disable automatic updates -# - true = update automatically in the background -update: "false" -# Send anonymous usage statistics +# @deprecated - use bstats config.yml metrics: false # Set true to enable WorldEdit restrictions per region (e.g. PlotSquared or WorldGuard). # To be allowed to WorldEdit in a region, users need the appropriate @@ -96,25 +93,29 @@ experimental: # - IMPROPER USE CAN CAUSE WORLD CORRUPTION! anvil-queue-mode: false # [SAFE] Dynamically increase the number of chunks rendered - # - Requires Paper: ci.destroystokyo.com/job/PaperSpigot/ + # - Requires Paper: ci.destroystokyo.com/job/Paper-1.13/ # - Set your server view distance to 1 (spigot.yml, server.properties) # - Based on tps and player movement - # - Please provide feedback + # - Note: If entities become hidden, increase the server view distance to 3 dynamic-chunk-rendering: -1 - # [SAFE] Allows brushes to be persistent - persistent-brushes: false - # [SAFE] Enable CUI without needing the mod installed (Requires ProtocolLib) - vanilla-cui: false + # Allows brushes to be persistent (default: true) + persistent-brushes: true # Disable using native libraries disable-natives: false # [SAFE] Keep entities that are positioned in non-air blocks when editing an area # Might cause client-side FPS lagg in some situations keep-entities-in-blocks: false + # [SAFE] Experimental scripting support for Java 9 + # - https://github.com/boy0001/FastAsyncWorldedit/wiki/JavaScript-API + modern-craftscripts: false + # [SAFE] Experimental freebuild region restrictions + # - PERM: fawe.freebuild + # - PERM: fawe.freebuild. + freebuild: false # This relates to how FAWE places chunks queue: # This should equal the number of processors you have - # - Set this to 1 if you need reliable `/timings` parallel-threads: 8 progress: # Display constant titles about the progress of a user's edit @@ -227,6 +228,18 @@ paths: clipboard: "clipboard" # Each player has their own sub directory for schematics per-player-schematics: false + commands: "commands" + +# Region restriction settings +region-restrictions-options: + # What type of users are allowed to WorldEdit in a region + # - MEMBER = Players added to a region + # - OWNER = Players who own the region + mode: "MEMBER" + +# Enable or disable core components +enabled-components: + commands: true # The "default" limit group affects those without a specific limit permission. # To grant someone different limits, copy the default limits group # and give it a different name (e.g. newbie). Then give the user the limit @@ -240,7 +253,7 @@ limits: # Max number of blocks checked (e.g. `//count stone` which doesn't change blocks) max-checks: 1000000 # Number of times a change can fail (e.g. if the player can't access that region) - max-fails: 20000000 + max-fails: 50000000 # Allowed brush iterations (e.g. `//brush smooth`) max-iterations: 1000 # Max allowed entities (e.g. cows) @@ -269,3 +282,5 @@ limits: inventory-mode: 0 # Should large edits require confirmation (>16384 chunks) confirm-large: false + # List of blocks to strip nbt from + strip-nbt: [] diff --git a/plugins/ImageOnMap.jar b/plugins/ImageOnMap.jar deleted file mode 100644 index 4e892c3..0000000 Binary files a/plugins/ImageOnMap.jar and /dev/null differ diff --git a/plugins/ImageOnMap/config.yml b/plugins/ImageOnMap/config.yml deleted file mode 100644 index bced5c2..0000000 --- a/plugins/ImageOnMap/config.yml +++ /dev/null @@ -1,18 +0,0 @@ -### ImageOnMap configuration file - - -# Plugin language. Empty: system language. -# Available: en_US (default, fallback) and fr_FR. -lang: - - -# Allows collection of anonymous statistics on plugin environment and usage -# The statistics are publicly visible here: http://mcstats.org/plugin/ImageOnMap -collect-data: false - - -# Images rendered on maps consume Minecraft maps ID, and there are only 32 767 of them. -# You can limit the maximum number of maps a player, or the whole server, can use with ImageOnMap. -# 0 means unlimited. -map-global-limit: 0 -map-player-limit: 0 diff --git a/plugins/LibsDisguises.jar b/plugins/LibsDisguises.jar index 43665da..b8eaf85 100644 Binary files a/plugins/LibsDisguises.jar and b/plugins/LibsDisguises.jar differ diff --git a/plugins/LibsDisguises/config.yml b/plugins/LibsDisguises/config.yml index 3e7b3ac..a4cedd6 100644 --- a/plugins/LibsDisguises/config.yml +++ b/plugins/LibsDisguises/config.yml @@ -1,7 +1,24 @@ -# Shall I notify people of a LibsDisguises update? -NotifyUpdate: false +Permissions: + # By default "libsdisguises.disguise.cow" will allow all options for cow disguise unless another permission has + # defined otherwise. + # If given "libsdisguises.disguise.animals.setburning" then "libsdisguises.disguise.cow" they will still be able to + # use other options like "setbaby". This was provided for backwards compatibility. + # By turning this from 'false' to 'true' the plugin will no longer give them the options unless the player was + # explicitly granted it. Even if by wildcard. The above example means they can only use "setburning" -# The disguise plugin stores all GameProfiles inside a file called 'cache.yml' + # To summarize, "libsdisguises.disguise.cow" will no longer let them do any options on the cow disguise unless it + # was added to their permissions + + # You can read more about permissions here: https://www.spigotmc.org/wiki/lib-s-disguises-setting-up-permissions/ + # The permission used to check OPs who may not have permissions defined, is "libsdisguises.*.*.*" which you can + # negate with your permissions plugin + ExplicitDisguises: false + +# Disables commands with the exception of /libsdisguises. Useful if you don't want the plugin to be used by anything +# but a plugin +DisableCommands: false + +# The disguise plugin stores all GameProfiles inside a folder called "GameProfiles" as a local cache # This means that the plugin doesn't need to constantly call Mojang just to find a skin for an offline player # However some people may prefer to disable this. # Even if you disable this, if there was disguises in the cache already then it will use them @@ -9,7 +26,7 @@ SaveGameProfiles: true # This option is useless if you don't enable SaveGameProfiles! # If a player has been disguised before and their skin saved into the cache -# When they join the server will automatically update the cache incase they changed their skin +# When they join the server will automatically update the cache in case they changed their skin UpdateGameProfiles: true # THIS IS A PREMIUM ONLY FEATURE. TO USE IT, PURCHASE THE PLUGIN. @@ -21,12 +38,12 @@ UpdateGameProfiles: true # This will enable premium only features for the dev builds. # The saved disguises are saved in a json file format inside the plugin folder, there will be no other formats SaveDisguises: - Players: false - Entities: false + Players: false + Entities: false # Does the player keep their disguise after they die? KeepDisguises: - PlayerDeath: true + PlayerDeath: true # Should the plugin use translations? Note that a player must see the message before it will appear in translations.yml Translations: false @@ -39,9 +56,28 @@ Translations: false # CREATE_SCOREBOARD - Creates a new team which copies the attributes of their previous scoreboard team which they are then assigned to. This means they keep nametag color and other options. SelfDisguisesScoreboard: MODIFY_SCOREBOARD +# More options in case you want to disable a specific setting of the scoreboard +Scoreboard: + # Should it modify the scoreboard to turn collisions off? + Collisions: true + # Should it modify the scoreboard teams to disable seeing friendly invisibles? + DisableFriendlyInvisibles: true + # Should the scoreboard warn you if it detects a potential conflict? + # If self disguises are disabled, or the scoreboard is using IGNORE_SCOREBOARD then this does nothing. + WarnConflict: true + +# Shall I notify those with the correct permission when there's a LibsDisguises update? +NotifyUpdate: false + # Whats the permission to get the notification? Permission: 'libsdisguises.update' +# Where should the plugin check for updates? +# SAME_BUILDS - Will check snapshots if you're not using a release build +# RELEASES - Only check for actual releases +# SNAPSHOTS - Only check for new snapshots +UpdatesBranch: SAME_BUILDS + # Whats the max size allowed for command disguiseradius DisguiseRadiusMax: 50 @@ -73,10 +109,10 @@ RemoveHeldItem: false # If you set a disguise to burning, it will no longer be able to be shown as sneaking or invisible. # Set this to true if you want the disguise to get the animations of the disguised entity. Such as invisible, on fire, sprinting, sneaking, blocking -# This is only valid if you set a animation on the disguise itself. Because the entitys animations are applied otherwise. +# This is only valid if you set a animation on the disguise itself. Because the entity's animations are applied otherwise. AddEntityAnimations: true -# When a sheep or wolf is right clicked with dye. The client automatically assumes it was successful and displays the sheeps wool or the wolfs collar as dyed. +# When a sheep or wolf is right clicked with dye. The client automatically assumes it was successful and displays the sheep's wool or the wolfs collar as dyed. # This is a option that either prevents that happening, or it changes their color officially in the plugin so that everyone sees it changed. # Its currently set to false which means that the color is not changed and will refresh itself to the player. # Please note that this will not remove the dye from their hands. This also does not check if the disguised entity is actually a sheep/wolf and wants a say in its color. @@ -95,24 +131,30 @@ ShowNamesAboveDisguises: false # If this is true, then the name shown above the head appears regardless of if you are looking at the disguise directly or not. NameAboveHeadAlwaysVisible: true -# This modifys the bounding box, This is stuff like can a arrow hit them. +# This modifies the bounding box, This is stuff like can a arrow hit them. # If you turn this to true, arrows will act like they hit the disguise in the right place! +# Clients will not see any difference in the hitboxes they are attacking, this is a server-sided calculation! # So someone disguised as a enderdragon will easily get shot down by arrows! # This WILL conflict with NoCheatPlus. Other plugins may also get problems. -# This shouldn't really be enabled for players as it also interferes with their movement because the server thinks the player is larger than he really is. -# That makes the player unable to approach this building because the server thinks he is trying to glitch inside blocks. -# This feature is highly experimental and is garanteed to cause problems for players who are disguised +# This shouldn't really be enabled for players as it also interferes with their movement because the server thinks +# the player is larger than they really are. +# That makes the player unable to approach this building because the server thinks they are trying to glitch inside +# blocks. +# This feature is highly experimental and is guaranteed to cause problems for players who are disguised ModifyBoundingBox: false # This prevents disguised players from being targeted by monsters. # This doesn't prevent their targeting you if already targeting when disguised # They will just ignore you unless provoked. -MonstersIgnoreDisguises: false +MonstersIgnoreDisguises: true # This works only for players, disguised monsters and the like will not be undisguised -# Should the player's disguises be removed if he attacks something? +# Should the player's disguises be removed if they attacks something? +# Blown Disguise message can be changed in translations +# Message can be hidden with an empty translation BlowDisguisesWhenAttacking: false -# Should the player's disguises be removed if he's attacked by something? + +# Should the player's disguises be removed if they're attacked by something? BlowDisguisesWhenAttacked: false #Stop shulker disguises from moving, they're weird. This option only effects PLAYERS that are disguised, other entities disguised as shulkers will NOT be effected! @@ -126,9 +168,9 @@ DisguiseCloneExpire: 10 # Max disguises to store at a time with the DisguiseClone command DisguiseCloneSize: 3 -# This controls if a entitys max health is determined by the entity, or by the disguise. +# This controls if a entity's max health is determined by the entity, or by the disguise. # Wither is 200, a player is 20. With this enabled, a player disguised as a wither will have the boss bar health accurate to the players health. -# Else it will be 1/20 of the boss bar when he is full health. +# Else it will be 1/20 of the boss bar when they are full health. # Setting this in LivingWatcher overrides both values. MaxHealthDeterminedByEntity: true @@ -150,37 +192,54 @@ HideDisguisedPlayersFromTab: false # Always show player disguises in tab? The names will continue to appear in tab until the disguise is removed. ShowPlayerDisguisesInTab: false +# On player disguise, a fake player is added to tablist so the skin can load properly. +# If the viewer sees the player disguise but there's no tablist name, they won't see a skin. +# 2 seconds is normally long enough to load the skin properly, but sometimes the server needs longer +# This is in ticks, there are 20 ticks in every second. 40 ticks = 2 seconds. 200 ticks = 10 seconds. +# This option is ignored if 'ShowPlayerDisguisesInTab' is enabled. +PlayerDisguisesTablistExpires: 40 + # Don't like players able to set themselves invisible when using the disguise commands? Toggle this to true and no one can use setInvisible! Plugins can still use this however. DisableInvisibility: false +# Disguises have a 'setExpires' option which removes the disguise after a set amount of time +# By default, this is set to false which means it expires 9 minutes afterwards, even if they logged off. +# If true, it means they will experience the full 9 minutes, even if they log on for just a minute per day +# Expired message can be hidden with an empty translation message +DynamicExpiry: false + # This will help performance, especially with CPU # Due to safety reasons, self disguises can never have their packets disabled. PacketsEnabled: - # This disables the animation packet. If a disguised entity sends a animation packet and they are using a non-living disguise. People will crash. - # Disabling this also means that if a player disguised as a non-player leaves a bug. People will crash - Animation: true - # Disabling this means that you can't use the setSleeping option on a player disguise. Also you will crash anyone watching when you try to sleep in a bed if disguised as a non-player - # This also sends a chunk packet at key positions else it doesn't work for 1.8. Lazyness means it does it for older versions too currently. - Bed: true - # This disguises the collect packet. If a living entity disguised as a non-living entity picks up a item. People will crash. This fixes it - # This also fixes people crashing if a item disguised as a sleeping player is picked up - Only true if Bed is enabled as well - Collect: true - # This disables a fix for when a disguised entity wearing armor dies, if the disguise can wear armor. It drops unpickupable items to anyone watching. - EntityStatus: true - # Entity equipment is the packets that are sent to ensure that a disguise has or doesn't have armor, and their held item. - # Disabling this means that any disguises which can wear armor or hold items will show the armor/held item that the disguised is wearing. - Equipment: true - # This doesn't actually disable the packet. It would introduce problems. Instead it does the next best thing and caches the data. - # This means that entity metadata will not change, and will only be sent in the spawn packet. - # This is good if performance is extremely in need. - # This is bad to disable unless you are ONLY going to use the disguises for decorations. - # To be honest. This is basically "Disable entity animations". That option is called 'AddEntityAnimations' in the config but unlike that, this is always in effect. - # Animations set by use of the api or through the disguise command are still in effect. - Metadata: true - # Movement packets are the biggest cpu hit. These are majorly used to ensure that the disguises facing direction isn't bugged up. - # If you are using the Item_Frame disguise, when a packet is sent (Roughly every 2min) the disguise will bug up until they move. - Movement: false - # Disable this if you don't mind crashing everytime you see someone riding something disguised as a non-living entity - Riding: true - # When disguised as a wither skull, it sends a look packet every tick so that the wither skull is facing the right way. - WitherSkull: true + # This disables the animation packet. If a disguised entity sends a animation packet and they are using a non-living disguise. People will crash. + # Disabling this also means that if a player disguised as a non-player leaves a bug. People will crash + Animation: true + # Disabling this means that you can't use the setSleeping option on a player disguise. Also you will crash anyone watching when you try to sleep in a bed if disguised as a non-player + # This also sends a chunk packet at key positions + Bed: true + # This disguises the collect packet. If a living entity disguised as a non-living entity picks up a item. People will crash. This fixes it + # This also fixes people crashing if a item disguised as a sleeping player is picked up - Only true if Bed is enabled as well + Collect: true + # This disables a fix for when a disguised entity wearing armor dies, if the disguise can wear armor. It drops unpickupable items to anyone watching. + EntityStatus: true + # Entity equipment is the packets that are sent to ensure that a disguise has or doesn't have armor, and their held item. + # Disabling this means that any disguises which can wear armor or hold items will show the armor/held item that the disguised is wearing. + Equipment: true + # This doesn't actually disable the packet. It would introduce problems. Instead it does the next best thing and caches the data. + # This means that entity metadata will not change, and will only be sent in the spawn packet. + # This is good if performance is extremely in need. + # This is bad to disable unless you are ONLY going to use the disguises for decorations. + # To be honest. This is basically "Disable entity animations". That option is called 'AddEntityAnimations' in the config but unlike that, this is always in effect. + # Animations set by use of the api or through the disguise command are still in effect. + Metadata: true + # Movement packets are the biggest cpu hit. These are majorly used to ensure that the disguises facing direction isn't bugged up. + # If you are using the Item_Frame disguise, when a packet is sent (Roughly every 2min) the disguise will bug up until they move. + Movement: true + # Disable this if you don't mind crashing everytime you see someone riding something disguised as a non-living entity + Riding: true + # When disguised as a wither skull, it sends a look packet every tick so that the wither skull is facing the right way. + WitherSkull: true + +# Added to support a Chinese Minecraft Server which uses their own skin server unless the UUID is not version 4. +# Changing this from 4 to say, 3. Means their server will fetch skins from Mojang instead. +UUIDVersion: 4 diff --git a/plugins/PandaWire.jar b/plugins/PandaWire.jar deleted file mode 100644 index d792013..0000000 Binary files a/plugins/PandaWire.jar and /dev/null differ diff --git a/plugins/PlayerParticles.jar b/plugins/PlayerParticles.jar index 630521d..9492be1 100644 Binary files a/plugins/PlayerParticles.jar and b/plugins/PlayerParticles.jar differ diff --git a/plugins/PlayerParticles/config.yml b/plugins/PlayerParticles/config.yml index dafe845..a26d535 100644 --- a/plugins/PlayerParticles/config.yml +++ b/plugins/PlayerParticles/config.yml @@ -13,7 +13,7 @@ # This value is the version of the plugin that last modified the config file # Changing this value manually will likely result in data loss and errors! # Do not change this manually unless specifically told to by the plugin author -version: 6.4 +version: 6.5 # Check for new versions of the plugin # Default: true diff --git a/plugins/ViaBackwards.jar b/plugins/ViaBackwards.jar index 1c3492e..822f6be 100644 Binary files a/plugins/ViaBackwards.jar and b/plugins/ViaBackwards.jar differ diff --git a/plugins/ViaRewind.jar b/plugins/ViaRewind.jar deleted file mode 100644 index 1295afc..0000000 Binary files a/plugins/ViaRewind.jar and /dev/null differ diff --git a/plugins/ViaVersion/config.yml b/plugins/ViaVersion/config.yml index 023ea5d..c14f520 100644 --- a/plugins/ViaVersion/config.yml +++ b/plugins/ViaVersion/config.yml @@ -67,12 +67,34 @@ quick-move-action-fix: false # Should we use prefix for team colour on 1.13 and above clients team-colour-fix: true # We warn when there's a error converting from pre-1.13 to 1.13, should we suppress these? (Only suggested if spamming) -suppress-1_13-conversion-errors: true +suppress-1_13-conversion-errors: false # 1.13 introduced new auto complete which can trigger "Kicked for spamming" for servers older than 1.13, the following option will disable it completely. disable-1_13-auto-complete: false +# The following option will delay the tab complete request in x ticks if greater than 0, if other tab-complete is received, the previous is cancelled +1_13-tab-complete-delay: 0 +# For 1.13 clients the smallest (1 layer) snow doesn't have collision, this will send these as 2 snowlayers for 1.13+ clients to prevent them bugging through them +fix-low-snow-collision: false +# In 1.14 the client page limit has been upped to 100 (from 50). Some anti-exploit plugins ban when clients go higher than 50. This option cuts edited books to 50 pages. +truncate-1_14-books: false +# This prevents clients using 1.9-1.13 on 1.8 servers from receiving no knockback/having velocity bugs whilst sneaking under a block. +change-1_9-hitbox: false +# Similar to the above, but for 1.14+ players on 1.8-1.13 servers. +# WARNING: This gives 1.14+ players the ability to sneak under blocks, that players under that version cannot (sneaking in places that are only 1.5 blocks high)! +# Another thing to remember is that those players might be missed by projectiles and other hits directed at the very top of their head whilst sneaking. +change-1_14-hitbox: true +# +# Enable serverside block-connections for 1.13+ clients +serverside-blockconnections: true +# Sets the method for the block connections (world for highly experimental (USE AT OWN RISK) world-level or packet for packet-level) +blockconnection-method: packet +# When activated, only the most important blocks are stored in the blockstorage. (fences, glass panes etc. won't connect to solid blocks) +reduce-blockstorage-memory: true +# When activated with serverside-blockconnections, flower parts with blocks above will be sent as stems +# Useful for lobbyservers where users can't build and those stems are used decoratively +flowerstem-when-block-above: false # # ----------------------------------------------------------# -# 1.9 & 1.10 CLIENTS ON 1.8 SERVERS OPTIONS # +# 1.9+ CLIENTS ON 1.8 SERVERS OPTIONS # # ----------------------------------------------------------# # # No collide options, these allow you to configure how collision works. @@ -82,7 +104,7 @@ prevent-collision: true auto-team: true # When enabled if certain metadata can't be read we won't tell you about it suppress-metadata-errors: false -# When enabled 1.9 & 1.10 will be able to block by using shields +# When enabled 1.9+ will be able to block by using shields shield-blocking: true # Enable player tick simulation, this fixes eating, drinking, nether portals. simulate-pt: true @@ -90,15 +112,15 @@ simulate-pt: true nms-player-ticking: true # Should we patch boss bars so they work? (Default: true, disable if you're having issues) bossbar-patch: true -# If your boss bar flickers on 1.9 & 1.10, set this to 'true'. It will keep all boss bars on 100% (not recommended) +# If your boss bar flickers on 1.9+, set this to 'true'. It will keep all boss bars on 100% (not recommended) bossbar-anti-flicker: false -# This will show the new effect indicator in the top-right corner for 1.9 & 1.10 players. +# This will show the new effect indicator in the top-right corner for 1.9+ players. use-new-effect-indicator: true -# Show the new death messages for 1.9 & 1.10 on the death screen +# Show the new death messages for 1.9+ on the death screen use-new-deathmessages: true # Should we cache our items, this will prevent server from being lagged out, however the cost is a constant task caching items item-cache: true -# Patch the Anti xray to work on 1.9 & 1.10 (If your server is 1.8) This can cost more performance, so disable it if you don't use it. +# Patch the anti xray to work on 1.9+ (If your server is 1.8) This can cost more performance, so disable it if you don't use it. anti-xray-patch: true # Should we replace extended pistons to fix 1.10.1 (Only on chunk load) replace-pistons: false @@ -108,9 +130,5 @@ replacement-piston-id: 0 force-json-transform: false # Minimize the cooldown animation in 1.8 servers minimize-cooldown: true -# Enable serverside block-connections for 1.13+ clients -serverside-blockconnections: true -# Sets the method for the block connections (world for world-level or packet for packet-level) -blockconnection-method: world -# When activated, only the most important blocks are stored in the blockstorage. (fences, glass panes etc. won't connect to solid blocks) -reduce-blockstorage-memory: false +# Left handed handling on 1.8 servers +left-handed-handling: true diff --git a/plugins/Weapons.jar b/plugins/Weapons.jar index eaf7229..5ce0aff 100644 Binary files a/plugins/Weapons.jar and b/plugins/Weapons.jar differ diff --git a/plugins/WorldEdit.jar b/plugins/WorldEdit.jar deleted file mode 100644 index fd5d003..0000000 Binary files a/plugins/WorldEdit.jar and /dev/null differ diff --git a/plugins/WorldEdit/config.yml b/plugins/WorldEdit/config.yml deleted file mode 100644 index c4ccb2f..0000000 --- a/plugins/WorldEdit/config.yml +++ /dev/null @@ -1,73 +0,0 @@ -# -# WorldEdit's configuration file -# -# About editing this file: -# - DO NOT USE TABS. You MUST use spaces or Bukkit will complain. If -# you use an editor like Notepad++ (recommended for Windows users), you -# must configure it to "replace tabs with spaces." In Notepad++, this can -# be changed in Settings > Preferences > Language Menu. -# - Don't get rid of the indents. They are indented so some entries are -# in categories (like "max-blocks-changed" is in the "limits" -# category. -# - If you want to check the format of this file before putting it -# into WorldEdit, paste it into http://yaml-online-parser.appspot.com/ -# and see if it gives "ERROR:". -# - Lines starting with # are commentsand so they are ignored. -# - -limits: - allow-extra-data-values: true - max-blocks-changed: - default: 1000000 - maximum: 1000000 - max-polygonal-points: - default: -1 - maximum: 20 - max-radius: 100 - max-super-pickaxe-size: 5 - max-brush-radius: 5 - butcher-radius: - default: -1 - maximum: -1 - disallowed-blocks: [] - -use-inventory: - enable: false - allow-override: true - creative-mode-overrides: false - -logging: - log-commands: false - file: worldedit.log - -super-pickaxe: - drop-items: true - many-drop-items: false - -snapshots: - directory: - -navigation-wand: - item: 345 - max-distance: 100 - -scripting: - timeout: 3000 - dir: craftscripts - -saving: - dir: schematics - -files: - allow-symbolic-links: false - -history: - size: 15 - expiration: 10 - -wand-item: 271 -shell-save-type: -no-double-slash: false -no-op-permissions: false -debug: false -show-help-on-first-use: true diff --git a/plugins/iControlU.jar b/plugins/iControlU.jar index 604c74d..78e7762 100644 Binary files a/plugins/iControlU.jar and b/plugins/iControlU.jar differ diff --git a/server.properties b/server.properties index 931a496..afe4b41 100644 --- a/server.properties +++ b/server.properties @@ -8,6 +8,7 @@ difficulty=1 enable-command-block=true enable-query=false enable-rcon=false +enforce-whitelist=false force-gamemode=false gamemode=1 generate-structures=true @@ -15,7 +16,7 @@ generator-settings= hardcore=false level-name=world level-seed= -level-type=DEFAULT +level-type=default max-build-height=256 max-players=0 max-world-size=29999984 diff --git a/spigot.yml b/spigot.yml index 39c48d2..8192c08 100644 --- a/spigot.yml +++ b/spigot.yml @@ -11,9 +11,35 @@ # Forums: http://www.spigotmc.org/ config-version: 11 +settings: + save-user-cache-on-stop-only: false + sample-count: 12 + bungeecord: false + late-bind: true + player-shuffle: 0 + user-cache-size: 1000 + moved-wrongly-threshold: 100.0 + moved-too-quickly-multiplier: 100.0 + timeout-time: 360 + restart-on-crash: true + restart-script: stop + netty-threads: 8 + debug: false + attribute: + maxHealth: + max: 2048.0 + movementSpeed: + max: 2048.0 + attackDamage: + max: 2048.0 +messages: + whitelist: The server is temporarily down for maintenance. Please try again later! + unknown-command: Unknown command. Type "/help" for help. + server-full: The server is temporarily down for maintenance. Please try again later! + outdated-client: Your client is outdated. Please join with Minecraft version 1.14.4! + outdated-server: The server is outdated. Please join with Minecraft version 1.14.4! + restart: The server is restarting. Please wait... commands: - log: true - tab-complete: 0 spam-exclusions: - /skill silent-commandblock-console: true @@ -22,53 +48,30 @@ commands: - summon - testforblock - tellraw -messages: - whitelist: The server is temporarily down for maintenance. Please try again later! - unknown-command: Unknown command. Type "/help" for help. - server-full: The server is temporarily down for maintenance. Please try again later! - outdated-client: Your client is outdated. Please join with Minecraft version 1.14.3! - outdated-server: The server is outdated. Please join with Minecraft version 1.14.3! - restart: The server is restarting. Please wait... -settings: - timeout-time: 60 - restart-on-crash: true - restart-script: stop - bungeecord: false - netty-threads: 8 - late-bind: true - sample-count: 12 - player-shuffle: 0 - filter-creative-items: false - user-cache-size: 1000 - save-user-cache-on-stop-only: false - int-cache-limit: 1024 - moved-wrongly-threshold: 100.0 - moved-too-quickly-multiplier: 100.0 - attribute: - maxHealth: - max: 2048.0 - movementSpeed: - max: 2048.0 - attackDamage: - max: 2048.0 - debug: false - item-dirty-ticks: 20 -stats: - disable-saving: false - forced-stats: {} + log: true + tab-complete: 0 + send-namespaced: true advancements: disable-saving: true disabled: - minecraft:adventure/adventuring_time + - minecraft:adventure/arbalistic + - minecraft:adventure/hero_of_the_village - minecraft:adventure/kill_a_mob - minecraft:adventure/kill_all_mobs + - minecraft:adventure/ol_betsy - minecraft:adventure/root - minecraft:adventure/shoot_arrow - minecraft:adventure/sleep_in_bed - minecraft:adventure/sniper_duel - minecraft:adventure/summon_iron_golem + - minecraft:adventure/throw_trident - minecraft:adventure/totem_of_undying - minecraft:adventure/trade + - minecraft:adventure/two_birds_one_arrow + - minecraft:adventure/very_very_frightening + - minecraft:adventure/voluntary_exile + - minecraft:adventure/whos_the_pillager_now - minecraft:end/dragon_breath - minecraft:end/dragon_egg - minecraft:end/elytra @@ -82,8 +85,11 @@ advancements: - minecraft:husbandry/break_diamond_hoe - minecraft:husbandry/bred_all_animals - minecraft:husbandry/breed_an_animal + - minecraft:husbandry/complete_catalogue + - minecraft:husbandry/fishy_business - minecraft:husbandry/plant_seed - minecraft:husbandry/root + - minecraft:husbandry/tactical_fishing - minecraft:husbandry/tame_an_animal - minecraft:nether/all_effects - minecraft:nether/all_potions @@ -114,9 +120,36 @@ advancements: - minecraft:story/shiny_gear - minecraft:story/smelt_iron - minecraft:story/upgrade_tools +stats: + disable-saving: false + forced-stats: {} world-settings: default: + random-light-updates: false + view-distance: 5 verbose: false + mob-spawn-range: 3 + hopper-amount: 1 + dragon-death-sound-radius: 0 + seed-village: 10387312 + seed-desert: 14357617 + seed-igloo: 14357618 + seed-jungle: 14357619 + seed-swamp: 14357620 + seed-monument: 10387313 + seed-shipwreck: 165745295 + seed-ocean: 14357621 + seed-outpost: 165745296 + seed-slime: 987234911 + max-tnt-per-tick: 10 + enable-zombie-pigmen-portal-spawns: true + item-despawn-rate: 6000 + arrow-despawn-rate: 1200 + wither-spawn-sound-radius: 0 + hanging-tick-frequency: 100 + zombie-aggressive-towards-villager: false + nerf-spawner-mobs: false + max-entity-collisions: 1 growth: cactus-modifier: 100 cane-modifier: 100 @@ -124,21 +157,26 @@ world-settings: mushroom-modifier: 100 pumpkin-modifier: 100 sapling-modifier: 100 + beetroot-modifier: 100 + carrot-modifier: 100 + potato-modifier: 100 wheat-modifier: 100 netherwart-modifier: 100 vine-modifier: 100 cocoa-modifier: 100 - merge-radius: - item: 4.0 - exp: 6.0 - view-distance: 5 - mob-spawn-range: 3 - item-despawn-rate: 6000 + bamboo-modifier: 100 + sweetberry-modifier: 100 + kelp-modifier: 100 entity-activation-range: + water: 16 animals: 16 monsters: 24 + raiders: 32 misc: 4 tick-inactive-villagers: false + merge-radius: + exp: 3.0 + item: 2.5 entity-tracking-range: players: 48 animals: 48 @@ -148,19 +186,6 @@ world-settings: ticks-per: hopper-transfer: 8 hopper-check: 1 - hopper-amount: 1 - random-light-updates: false - save-structure-info: false - arrow-despawn-rate: 1200 - zombie-aggressive-towards-villager: false - nerf-spawner-mobs: false - enable-zombie-pigmen-portal-spawns: true - dragon-death-sound-radius: 0 - wither-spawn-sound-radius: 0 - seed-village: 10387312 - seed-feature: 14357617 - seed-monument: 10387313 - seed-slime: 987234911 hunger: jump-walk-exhaustion: 0.05 jump-sprint-exhaustion: 0.2 @@ -169,11 +194,8 @@ world-settings: swim-multiplier: 0.01 sprint-multiplier: 0.1 other-multiplier: 0.0 - max-tnt-per-tick: 10 - hanging-tick-frequency: 100 max-tick-time: tile: 20 entity: 20 squid-spawn-range: min: 45.0 - max-entity-collisions: 1