diff --git a/docs/source/Coding/Changelog.md b/docs/source/Coding/Changelog.md index 830a97766c..af36d547f2 100644 --- a/docs/source/Coding/Changelog.md +++ b/docs/source/Coding/Changelog.md @@ -2,10 +2,15 @@ ## Main branch -- Security dependency updates: Django >5.2.8 (<5.3), Django RestFramework 3.16 -- [Feat][pull3599]: Make at_pre_cmd +- Feat (backwards incompatble): Drop Python 3.11 support (supported: Python 3.12, 3.13, 3.14 (req)). (Griatch) +- Security: Django >=6.0.2 (<6.1), Django RestFramework 3.16 (Griatch) +- Update: `XYZGrid` contrib now requires scipy 1.15->1.17. Note: Pathfinding may pick different + shortest routes from before, due to private changes in scipy Dijkstra algorithm (Griatch) +- [Feat][pull3599]: Make `at_pre_cmd` testable in unit tests (blongden) - [Fix]: API /openapi/setattribute endpoints were both POST and PUT, causing schema errors; now changed to PUT only. (Griatch) +- [Feat][issue2627]: Add `settings.AUDIT_MASKS` to customize what Evennia should + obfuscate in server error logs (such as passwords from custom login commands) (Griatch) - [Fix][pull3799]: Fix typo in `basic_tc.py` contrib for beginner tutorial (Tharic99) - [Fix][pull3806]: EvMore wouldn't pass Session to next cmd when exiting (gas-public-wooden-clean) - [Fix][pull3809]: Admin page - Repair link to Account button (UserlandAlchemist) @@ -25,6 +30,25 @@ ANSIString after reset (speeds up EvForm other string ops, fixes compatibility) (count-infinity) - [Fix][pull3853]: Properly handle multimatch separations with native dashes, like 't-shirt-1' (count-infinity) +- [Fix][pull3733]: Allow `CmdSetAttribute` to use categery, view dicts by key (InspectorCaracal) +- [Fix][issue3858]: Fix parsing issues in dice contrib (Griatch) +- Fix: `Typeclass.objects.get_by_tag()` will now always convert tag keys/categories to integers, to + avoid inconsistencies with PostgreSQL databases (Griatch) +- [Fix][issue3513]: Fixed issue where OnDemandHandler could traceback on an + un-pickle-able object and cause an error at server shutdown (Griatch) +- [Fix][issue3649]: The `:j` command in EvEditor would squash empty lines (Griatch) +- [Fix][issue3560]: Tutorial QuestHandler failed to load after server restart (Griatch) +- [Fix][issue3601]: `CmdSet.add(..., allow_duplicates=True)` didn't allow duplicate cmd keys (Griatch) +- [Fix][issue3194]: Make filtering on AttributeProperties consistent across typeclasses (Griatch) +- [Fix][issue2774]: Properly support `\n` in `evennia connections` long descriptions (Griatch) +- [Fix][issue3312]: Handle all edge cases breaking `monitor/monitored` `input_funcs` (Griatch) +- [Fix][issue3154]: Persistent EvMenu caused multiple cmdsets on reload (Griatch) +- [Fix][issue3193]: Formatting of inner nested evtable would break (Griatch) +- [Fix][issue3082]: MXP linking broke EvTable formatting (Griatch) +- [Fix][issue3693]: Using `|/` in EvTable broke padding (Griatch) +- [Fix][pull3864]: Correctly use cached dijkstra results for XYZGrid (jaborsh) +- [Fix][pull3863]: `XYZGrid` performance improvement in teleporter search (jaborsh) +- [Fix][pull3862]: `TraitHandler` typo/bug fixes (jaborsh) - [Doc][pull3801]: Move Evennia doc build system to latest Sphinx/myST (PowershellNinja, also honorary mention to electroglyph) - [Doc][pull3800]: Describe support for Telnet SSH in HAProxy documentation (holl0wstar) @@ -51,6 +75,22 @@ [pull3852]: https://github.com/evennia/evennia/pull/3852 [pull3853]: https://github.com/evennia/evennia/pull/3853 [pull3854]: https://github.com/evennia/evennia/pull/3853 +[pull3733]: https://github.com/evennia/evennia/pull/3853 +[pull3864]: https://github.com/evennia/evennia/pull/3864 +[pull3863]: https://github.com/evennia/evennia/pull/3863 +[pull3862]: https://github.com/evennia/evennia/pull/3862 +[issue3858]: https://github.com/evennia/evennia/issues/3858 +[issue3813]: https://github.com/evennia/evennia/issues/3513 +[issue3649]: https://github.com/evennia/evennia/issues/3649 +[issue3560]: https://github.com/evennia/evennia/issues/3560 +[issue3601]: https://github.com/evennia/evennia/issues/3601 +[issue3194]: https://github.com/evennia/evennia/issues/3194 +[issue2774]: https://github.com/evennia/evennia/issues/2774 +[issue3312]: https://github.com/evennia/evennia/issues/3312 +[issue3154]: https://github.com/evennia/evennia/issues/3154 +[issue3193]: https://github.com/evennia/evennia/issues/3193 +[issue3082]: https://github.com/evennia/evennia/issues/3082 +[issue3693]: https://github.com/evennia/evennia/issues/3693 ## Evennia 5.0.1 diff --git a/docs/source/Setup/Settings-Default.md b/docs/source/Setup/Settings-Default.md index 353ebcccd8..55e0755dbf 100644 --- a/docs/source/Setup/Settings-Default.md +++ b/docs/source/Setup/Settings-Default.md @@ -291,6 +291,25 @@ MAX_CHAR_LIMIT_WARNING = ( # debugging. OBS: Showing full tracebacks to regular users could be a # security problem -turn this off in a production game! IN_GAME_ERRORS = True +# Default masking regexes used by security/audit logging to avoid writing +# cleartext credentials to logs. Each entry is a dict mapping an arbitrary +# label to a regex with a named group `(?P...)` indicating what to mask. +# You can override this list in your settings.py, or append to it to support +# custom login/password commands: +# AUDIT_MASKS += [{"mycmd": r"^mycmd\\s+(?P.+)$"}] +AUDIT_MASKS = [ + {"connect": r'^\s*(?:connect|conn|con|co)\s+("[^"]+"|[^\s]+)\s+(?P.+)$'}, + {"create": r'^\s*(?:create|cre|cr)\s+("[^"]+"|[^\s]+)\s+(?P.+)$'}, + {"userpassword": r'^[@\s]*userpassword\s+(\w+|".+?")\s+=*\s*(?P[\w]+)$'}, + {"userpassword": r"^.*new password set to '(?P[^']+)'\."}, + {"userpassword": r"^.* has changed your password to '(?P[^']+)'\."}, + {"password": r"^[@\s]*(?:password|passwd)\s+(?P.*)$"}, + # Legacy typo-tolerant variants (kept for backwards compatibility with auditing behavior). + {"connect": r'^[@\s]*[connect]{5,8}\s+(".+?"|[^\s]+)\s+(?P.+)$'}, + {"connect": r"^[@\s]*[connect]{5,8}\s+(?P[\w]+)$"}, + {"create": r'^[^@]?[create]{5,6}\s+(\w+|".+?")\s+(?P[\w]+)$'}, + {"create": r"^[^@]?[create]{5,6}\s+(?P[\w]+)$"}, +] # Broadcast "Server restart"-like messages to all sessions. BROADCAST_SERVER_RESTART_MESSAGES = True diff --git a/docs/source/index.md b/docs/source/index.md index 66c14767a5..1f276a4d58 100644 --- a/docs/source/index.md +++ b/docs/source/index.md @@ -1,6 +1,6 @@ # Evennia Documentation -This is the manual of [Evennia](https://www.evennia.com), the open source Python `MU*` creation system. Use the Search bar on the left to find or discover interesting articles. This manual was last updated January 12, 2026, see the [Evennia Changelog](Coding/Changelog.md). Latest released Evennia version is 5.0.1. +This is the manual of [Evennia](https://www.evennia.com), the open source Python `MU*` creation system. Use the Search bar on the left to find or discover interesting articles. This manual was last updated February 15, 2026, see the [Evennia Changelog](Coding/Changelog.md). Latest released Evennia version is 5.0.1. - [Introduction](./Evennia-Introduction.md) - what is this Evennia thing? - [Evennia in Pictures](./Evennia-In-Pictures.md) - a visual overview of Evennia