#help-development

By that mean I the api I create for the user to use

You don't store it, the only person with the key is the user

but the api key would be different for each user

Yup

im lost

you got any visuals?

You generate the key, give the key to the user. The user than at some point comes back and says "is this a valid key?" You check the key and say either yes or no

but don’t I need to store the key that is given?

Easiest way would probably be to have a small server listening for requests, preferably behind some sort of ddos protection

You don't need to store the key. Once you give a user a key, they should be the only person that has it

What the user does with it is their own problem

but then how would I check if the key is valid if its not stored anywhere

Might need to just cancel EntityTargetEvent then, if you want the Creeper to start igniting, get really big, and then stay that way you can cancel ExplosionPrimeEvent

I still want it to fight people though

Like target them and pathfind to them

Again, same way you'd check a password. Sites don't actually store your password anywhere, you're the only one that has it

huh

Well you can still handle Target event any way you want, but I don't think there's a way to prevent a Creeper from igniting if they are close to their target

Ngl im actually lost on how you don't store it

You can check if a key is valid without knowing what it is. Think about a lock and key. If I come up to you with a key, you can see if it unlocks a lock without actually knowing what the key should look like

Essentially, there are two ways to check it, either have a picture of the physical key to compare it to, or use it to try and unlock a lock

uh

how can you check the key if you don't know what it is

that doesn't make sense

How does a lock unlock without having a copy of the key it works with?

uh

with the key being stored?

Locks don't have a key inside of them though

idk why but im still convinced you need to store it

You don't

Have you done a project that works with an api key so I can understand this more?

Ig

I created a creeper which shoots explosive grenades at you when its far

So ig that's good enough

You don't really think websites store the exact password of every user, do you? That'd be a huge security risk

They store the hashes

Yup

(More specifically, the salted hashes, but that's a little out of the scope of this discussion)

The hash is the analogy of the lock here

You can check if a key "unlocks" the hash without knowing the key itself

waa

I'm sorry but I still don't understand

So your validation server would consist of a bunch of hash "locks", and when a user sends you a key, you check to see if it "unlocks" the hash

Give me some word

water

Okay, the unsalted sha256 hash of water is 8df05e5dca9023bac1670068adb05cbe46db2c05c89476736fefcea60c754ef3

doing NMS or what?

sha256?

So basically

sha256 takes in some text

Now I keep that hash anywhere, and whenever you come to me in the future and ask if "water" is a valid key, I check it against that hash

Any text

And it turns it into what seems like gibberish

hm

But the idea is, this sha256 is unique* for each piece of text

So

If I wanna check if your password is right

why do you need to hash something

I take the sha256 of that password

cuz its annoying to decode

Imagine a database breach

oh ok

Will I need some sort of web server for this?

It's not supposed to be decoded

You hash it, and then you compare hashes

If I hash pineapple, and try to enter that as your pass

oh

The serv compares the pineapple hash

To the hash of your password

so its like you compare hashes with hashes

And if its wrong, I got rejected

Ye

And the nice thing about a sha256 hash is it's virtually impossible to reverse, so you can store it anywhere you want

That way no one will actually know what the pass is

But you can still check

but i usually use something called AES?

If someone somehow breaches your servers

What's AES?

AES 128

Encryption isn't good for passwords

Only hashing

If it can be decrypted, anyone who breaches the password can decrypt it too

https://www.baeldung.com/java-aes-encryption-decryption

Yeah that doesn't seem good for passwords

oh ok

AES is bidirectional, that's a huge issue here

^

cuz i was asked to decode a SHA256 (give that the password is 6 digit)
and then....

it took me an hour

like

You can't decode a SHA256

.

something along that line

i forgot what that is

You can only brute force it

Or rainbow table attack it

Yes and no

yes and no?

like basically i used tensorflow to do it

Which is why normally

like cuz tensorflow can allow you to exectute multiple try

Tensorflow can crack SHA256's?

at one go

AI can?

You want to salt your hashes

not AI , i just use GPU operation

oh

So like

cuz stuff will be quicker that way

If I'm a hacker

I have all of your passwords now from the breach

It would be best to, but you could just hardcode the accepted hashes into the jar. It'd be a lot less flexible though

its STILL a brute force, but then instead of 1 operation one time

i do 10000 operation one time

Now

Would it be hard BobLaserShark?

I can have a list of premade hashes

And check if those passwords are part of my hash-table

Which is why you want two components, a hash and a salt

wait

irc

so do the hashes get stored?

Yep, the hash and the salt iirc

A server? It's pretty simple. You can throw it together in a few minutes

auth me?

or what

In the simplest solution, the hash is stored

There are ways to avoid even that though. They get weird fast

would they be able to decompile and find that in the jar

no use

cuz it takes a lot to decode stuff

like if the password is long

They could find the hash, but it would give them nothing

you can only brute force it

but then , it takes ages

hm

You use aes for Password managers as you need to encrypt and then decrypt passwords.

And you said its easy BobLaser right

Billions of years

Making the server is super easy

I have used aes for my password manager + Sha 512 and Blowfish.

So, does the server run off a vps or a web server etc..

For minecraft auth / login system I have only used sha256 like owner can choose encryption.

VPS most likely, but there are other options

You guys are killing me. #general

btw anyone here is good at Machine Learning? Finding collab on my plugins cuz I know (almost) nothing in that field

why general?

I had 8 gpus for brute forcing.

this is part of development

^

It sounds like you're just arguing over decryption algorithms xD

For API key for a password

hm

Which should not require decryption

Aes is safe if you have good encryption key and know how to store it safelly

and does it matter what specs the vps has?

As little as possible. AWS free tier would be enough

Could even run server less for more savings

don't you need to attach your credit card to that?

Aws is too expensive not worth it.

AWS free tier is free, you don't have to pay

No credit card is required to be attached?

You will need one associated with your account, but it won't be charged

Q.How to edit a source code plugin
1.i did download the souce code
2.i did install eclipe
3.i tryed to import the source code file but its not working

any help ?

See that's what I'm sketched about

It's AWS

still

@cunning gale
compile the java and import with maven
OR edit the source code

or put it in a package

of your pulgin

Stay within the limits of free tier and you pay nothing

@dusty estuary can you please teach me how can i do that

Ok

hm

Any other options?

does the source code come with a pom.xml

Hetzner cloud for europe.

OVH vps for US and Europe

I mean any other options like aws

To be honest those are all overpriced. Like Linode, digital ocean. If hosting provider has free plan or give like so much money in credits. Digital ocean will gibe you $100 worth of credits. Then they need to be expensive as hell.

So it's much better to just pay normal price from the beggining.

so I could get a vps that has like 1gb of ram?

google free trial gave you like 300$ or something credit

Hetzner has minimum 2GB of RAM

Hey guys, "Quick" question, how would one "group" two spigot servers under one "name", so when a player joins that name, they're sent to the last server they were on. but only when joining that group, Ive tried two bungeecords with redis-bungee. and i am currently stumped with how to send players between each bungee instance.

I've been using bungee for a while but this just stumps me.

I have also tried setting the different servers' restricted: to true, while forcibly sending them to one or another, depending on which they last were on. But I want to be able to also disable them from /server-ing from one server within the "group" to another.

For example: I want them to be able to /server to Creative. And then be able to /server to SkyBlock, which SkyBlock is registered as TWO sub-servers, that the player is sent to their previous server.

does it require to add a credit card

yes ofc

I've been trying to figure out the best route to go, RedisBungee or some other way, and for RedisBungee, I cannot seem to get the two Proxies to communicate correctly

can i just host it off my second pc?

I have tried a Proxy-behind-Proxy system (ewww; I know. I know), but that caused issues regarding player uuids not being passed. At this time, it seems best to continue dealing with the uuid issues, but i cant seem to get it right entirely

How limited is it?

Plenty for this

1 million requests a month

25 gb of database storage

This is to much limited. I would rather just pay 5€ per month and won't have any limit.

Imagine if soneone would refreah your website all the time

And you will get like 500€ or more bill

No, that's not how it works

It's a lambda, not a website first of all

Let's say someone refreshes once a second, 24/7

Dunno how they managed to do that with the lamda (and you can set up rate limiters btw), but we'll imagine they could

That ends up being ~2.5 million requests, which while it does overflow the free tier allocation, would cost...

Shouldn't this talk belong to #help-server?

?

About three bucks, worst case

36.288.000 requests per day and 1.088.640.000 per month.

2.5 million per month

Learn java, or how to program

Wait

Brute force attacks

From billions of computers.

Usually takes few days

AWS has ddos protection

And rate limiting

What is default rate limit?

Dunno, set it to once every five minutes and we good

AWS is only expensive if you use it wrong

I hear that alot of people used infinite loops and en up with bill that is higher then few 1000 $.

I wouldn't take that risk.

AWS is only expensive if you use it wrong

Hi, I'm having some issue.. I'm using NMS (1.12.2) and setting generic.armor Attribute to a armor. So if player equips one piece of armor it'll work but with multiple it'll just get overriden by the latest worn item.

Its much better and chill if you own a VPS and can do what every you want without any limit.

Then get a vps from aws

that’s another thing it If do something wrong I don’t wanna get charged like $1000

How much does ir cost?

VPS is expensive though

Yeah that why

Aws is expensive

what if I hosted it off my second pc?

Any vps is expensive for this

From free plans they earn money from mistakes like infinite loops

And VPS that they don't have any limits are expensive anyways

No, free plan is just throwing spare server time

Almost any vps has some limits set

Good VPS cost only 5€ per month

Lambda is free

I'm not sure what's the Magic number for the ADD_SCALAR or MULTIPLY_SCALAR_1 operations, but I think one of those is what you're looking for

Based on what you get I think the 0 operation might be the ADD_NUMBER ;p

I think I found the solution

Or wait

as far I researched its add_number

Ugh

I got confused

Then try add scalar?

Checked AWS, their lowest tier VPS is 2usd a month

It was due to UUID range

I will make it random

I don't think it has something to do

About 1.7 euro

Does it even include at least 2GB of RAM?

2 cores

You don't need that for this

I'm talking about the operation used on the attribute

Yeah as I told it aws is expensive.

It's cheaper than your vps

would this be fine or not. For what im doing

If your second PC is always on and accessible to the world, yes

Remember electrical costs though

Wait what does he need to host?

Take a key, check if the key is valid

No more, no less

So, you know, perfect for a lambda

That can be done with every hosting provider

1€ per month or even less

Umm, I have another doubt.. How would I replace the current armor of a player.

I'm listening to InventoryClickEvent for armorEquipment

Pray tell how

how do I even set this up on a vps

You just make a simple php script.

And make a API like json response.

You don't, don't use a vps for this

You only need website hosting for that

This would be really cheap

Don't even bother with website hosting, it's cluttered and bulky for this

I have $1.35 per month, but I know you can get it cheaper then that somewhere else.

providers will also start charging more for high traffic sites, and lots of them don't have the nice safeties AWS has

I would never trust AWS with my credit card 😂

And they suffer more from ddos

One mistake and you would need to sell your house 😂

Not really

so what would I use

You can set a max monthly budget. If you exceed that it'll automatically lock down

With website hosting you can use Cloudflare CDN.

You use your PC or AWS

So website should be much faster

Cloudflare CDN doesn't work well for dynamic sites

As in, not at all

It is amazing for ddos protection

Wouldn't work here though

It will still cache javascript, html, css and images

Not the php though, which is what needs to run

i will use my pc

But still Cloudflare will provite ddos protection on all layers

How will you handle rate limiting then?

Easy with php

I made that multiple times

For online bank, password manager....

That's not true rate limiting. If the PHP is running the request was made

It still limits so much resources

Uh, Can I get the slot of clicked item?

Also cloudflare can do that for you

Or even RapidAPI

Doesn't limit the apparent traffic to your site

But it will close connection in a millisecond.

oh my this sounds compicated

complicated

It really isnt just don't listen to BobLaserShark he makes everythinf sounds complicated.

It is. at this point ziga is hacking together multiple different platforms, twisting the purpose of a few things, and writing a whole lot of code for extra protection

Compared to AWS. Upload a Java function, fill in a text box for request rates, and hit run

@proud basin whats the actual goal of all of this

if you're trying to make some licensing system, dont

API keys

^

because it's been tried, by people who I can tell are much better at this than you (no offense), and there's been no way to implement it

api keys for?

A plugin

you cant lock functionality with an api key

Yes you can

you can maybe lock it from a normal user

It's easy

but anyone with more than 3 braincells can remove the code that locks it

You could say the same of literally every program out there

no I cant

Yes you can

because other programs arent ran on the client

If your code is not obfuscated its not worth it

for example a rest api, the api key allows you to send requests because its on the server, not the client

never trust the client

that's the most important rule of any security system

That's pretty much what we're talking about

sure but its still locking something in the plugin

which means the code can easily be removed

Yup

because the code itself has to be on the client

theres no way to do it without it being brickable easily

Just like any licensed program out there

no

Yes

uh

you cant go onto a cloud service

delete some javascript

and cheat the api

idk what to do at this point

Just use your PC

@vagrant stratus please tell this man that you cant have licensing or like remote locking systems reliably installed on a plugin

If the client "hacks" their API key, just deactivate the key

wtf do u mean hacks their api key

u just delete the code that checks for the licensing key?

jtx whats this api key used for

Okay? And? This is known

just to allow people with it to be able to use the plugin

this is literally like putting a cardboard box in front of a bank vault to prevent people from robbing it

I could remove the license check from say Microsoft office

I made fake license system without a server just with calculation and sha encryption (The same what Windows 7 did). So you can easy know which kid leak your plugin.

No biggie

so its exactly that, its a licensing system

You can implement a licensing system perfectly fine, just obfuscate your code

wtf

OMG

obfuscation has NOTHING TO DO

with protection

iut just makes it harder to read

the actual code stays, and can be fucking deleted

@compact haven how do you think any licensed software that's running on your computer works?

the JVM still needs to read the actual jvm code

argjgggg

Look at Matrix plugin

if licensing systems worked and could be reliably made, do you think those leak sites would still be running

no ! they woulkdnt be

It stilk hasn't been deobfuscated

all the plugins in the world would implement this fantasy licensing system

no one's talking about deobfuscation

It just makes it harder for everyone

you need mappings for that

we're talking about locking functionality

with some flimsy if statement

No license system is fully secure if code is running on my machine

its nopt secure at all

like I said its like preventing robbers from robbing a bank via cardboard boxes

Yes but it will prevent kids from leaking it

It's secure enough

sure they cant just walk right in but they can easily move the boxes or break them lmao

no it wont?

Kid who leaked my plugin even forget to delete his own license key 😂😂😂

oh my god

Yes it will. Why aren't there more de-licensed copies of windows out there?

ur a fool who licesnes their plugins

why am I even talking to you about these

@compact haven

Stop

I'm not its fake licenses

You don't understand

It's like name placeholder that its enjected when plugin is downloaded

You will know if people bough a plugin from it.

also if you're trying to sell the plugin, spigot doesnt allow such abominable licensing systems

just letting u know ^

My code is open source either

If I have a binary, I can change that binary however I want. The moment any program in existence enters user hands, it is insecure. That is true of the majority of licensed software in the world, including IDEs, windows, games, matlab, Photoshop

I don't have premium plugins on Spigot as it doesn't support any legit payment system.

Any developer knows that no licensing system is foolproof if code is being executed on the user machine

which is exactly what I was saying?

The licensing system just has to be good enough, just like windows' license is good enough

Windows 7 even didn't have license check on a server

It has just a math involved

I could sit down and remove all the license checks from windows 10 if I wanted to, it's just not worth my time

Which checked if sum od bytes is equals to 7 or something like that

Yup

This will prevent all normal users which don't know how to code.

And for people which know how to code can just be ashamed 😂

@proud basin your license system is perfectly valid, it will stop most attacks

omg

why does b spigot in any message get deleted

all someone needs to do is remove a few lines of trivial code and upload it to a leak site

but anyways

thats all I'll say

Nothing in computers will ever stop all attacks, so it's foolish to not use some basic security just because there's a work around

@proud basin just want to keep you informed that even with all this tiring work, someone will still circumvent it and upload it for people who dont know what they're doing to use- as long as your plugin is worth the 2 seconds

and yet Microsoft still licenses windows

thats the last im saying on the matter

cya yall

If someone uploads a cracked leak of your plugin, DMCA and sue them

Done

Thats why you contact the owner of that site and it will remove your plugin from it.

Yes I have said that

Everyone gets scared and remove your plugin

Problem solved

Just like Microsoft has cracked versions of windows deleted

It's not hard

You should not be afraid of implementing a security feature just because there's a work around

Because any security feature on any computer can be circumvented at any time

I just prevent leaking it

You just need to make yours harder to circumvent or leak than it worth

Users that changed code and use that I leave alone.

I still provide support for them.

@compact haven It's like saying that it's not worth locking your door because it can be picked

True

duh

It can be picked

you guys h ave taged me 3 times

after I left the convo

Yup

its like u want me to continue arguing

im just blocking all of you since I actually dont care

'and only wanted to inform a mal-informed user

You're still wrong and giving bad advice

you were coaxing to setup some system for no reason

I was pinged as well :/

Just say your advice is bad and you are done

my advice is good lmao

ur advice is bad

Nope

now im going to fucking sleep n leave me alone

Reverse psyhology works too. I know someone who has been robbed and now he always left doors unlocked and has a note in their door: All robbers are welcome here, door is already unlocked for you.

thank you

bye

same issue here actually :/

He hasn't been robbed again.

sorry optic I saw u were online on discord

please do go back to sleep

since I for one actually respect such decisions

bye

awake now :/

Also as a note, you don't have to respond to pings

Just sayin

Your profile picture match your mood😂

sheesh

Yeah he is sleeping I will leave him alone.

You really need to stop pointlessly tagging people :/

Me?

Were you guys fighting about licensing systems LOL

You can turn off tags on reply

oh found my ping.

also, yea this is 100% true

Yes 😁

Yup

Apparently because a license system can be circumvented, it's not worth implementing

Hahah what a joke😂

Imagine locking a door even tho it can be picked

it's because usually if a license server goes down the plugin no longer works, md_5 doesn't want those situations

Yes but we don't do that.

imagine premium plugins no longer working because a license server goes down

If license server goes down plugin should still works.

I installed maven and converted my plugin to Maven, what do I do now? Once I finish the pom.xml, everything looks the same, the export options

Fwiw, I could probably throw together a license system even in Java that would be to troublesome to implement, possibly even not requiring a third party server

and this makes it easy to bypass to an extent 😉

that logic is kinda flawed but I see what you mean

It'd be harder than in c++, but still doable

Prevent leaks from future plugin updates

At least delay them

not by much most likely

this is java you're talking about, not C++

lets not bring that name up shall we

I have blur it

The question then just becomes how much of a pain it would be on me to implement, and how much of a performance hit it would be

“The spigot that’s another color”

blur? you mean leave more than enough to actually be able to find it?

Half of color was blured

I wonder if IBM's encrypted arithmetic could be used here

I would suggest to use the encryption they use for the nuclear codes for your spigot plugins

Meh, that's weak

They use my password manager for that 😂

You didn't hear that from me

https://www.spigotmc.org/threads/pronerium-plugin-anti-piracy.285564/ and here's why you shouldn't bother much with DRM/Anti-Piracy in java

lol

Haha yeah can't be more secure. 😂

Except physicaly write code on a paper

Nice

And lock it

Why ever decrypt it though. Just run it still encrypted

    use a custom openjdk jvm which saves every loaded class file on the disk
    search for the classes in a memory dump
    attach java agent/jvmti agent to recieve loaded class files
    modify existing natives in spigot, which are open-source, to also do agent stuff

One of these four will usually help to an extent

Do we have any event on armor equipment

But its encrypted and decrypted on client side.

put it in a cardboard box and still will be more secure

So user is responsible for their action if password gets hacked.

Like I said, just never decrypt it

Honestly? Why use that system at all?
as MiniDigger said

so I am asking the question everybody should be asking: why?
why would someone as an admin install this? trust some random dude's blobs? which plugin would be worth it? why would spigot even allow such resources? I can imagine resource staff being like "lol, nope" and insta denying such resources. even if your whole system works and couldn't be cracked by competent developers withing reason time (which I highly doubt), there is still the question why any developer force this on their user, any server admin go thru the additional pain, any resource staff allow such potentially malicious resources.
anyways, good luck ^^ 

That too lol

Password managers needs to decrypt your password 😂

So it can be used on a website.

Do they 🧐

I mean I don't and can't decrypt them on server side

There's a surprising amount of stuff that can be done with data while it's still encrypted

Only client can decrypt it

With his master password

Honestly? Why even bother with DRM which you'd most likely have to change every few versions anyways when you can just oh i don't know, focus on making a decent fucking plugin 🤷‍♂️

https://tenor.com/view/but-thats-just-my-opinion-just-what-i-think-my-thoughts-thats-my-two-cents-thats-how-i-see-it-gif-14185830

I believe one of the most recent demonstrations was calculating the md5 sum of fully encrypted data and sending back the encrypted md5 sum, all without ever storing the data unencrypted or even having the decryption key

Did you just said my plugins are trash in a much more nicer way? 😂

Yup, throw on a quick but functional protection and don't worry any more

For many plugins, compiling is more than enough protection

Pretty much. Will it still get bypassed? Definitely, but an anti-piracy is useless anyways if the plugin is shit 😉

Yup

https://github.com/zigazajc007/AdminGUI-Premium/blob/master/src/main/java/com/rabbitcompany/admingui/utils/Hash.java

Hahaha this is how I made a license key XD

Now I'm curious

Well, a good start to disabling that @vague mason
Would be removing

   public String createLicenseKey(String username){
        return new StringBuilder(Hash(username, "SHA-1").toUpperCase().substring(0, 20)).insert(5, "-").insert(11, "-").insert(17, "-").toString();
    }

And seeing what else breaks

@vague mason plz fix your maven

Yup

    String username = "%%__USERNAME__%%";
    String user_id = "%%__USER__%%";

Could probably remove these ones too

Yeah it's more for scaring other users.

for leaking my plugin

Also it looks nice

You'll only scare those that don't know what they're doing, but that's better than nothing 🤣

I recognize that background lol

Yeah exactly. This prevented all kids from leaking my plugin.

and I'm over here like "I could probably create a remover for this"

Any day I can beat the script kiddies that use Kali as their main os is a good day

Plugin is also open source so you won't have any problem with removing it.

Even if it wasn't wouldn't be that hard. The main issue in general would just be obfuscation imo.
But even that you wouldn't wanna make super heavy for a variety of reasons

Now days obfuscators can even optimize your code and makes it faster

Compile time obfuscation ftw

... doesn't help for oss though

Yea, however if a plugins super obfuscated you're less likely to get buyers 😉

But I don't use them

obfuscate Minecraft plugins is really dumb in my opinion

I know i sure as hell wouldn't use a super obfuscated plugin if i ran a server

I have premium open source plugins. XD

Just write it in perl, that's self-obfuscating

Never have figured out how, I write a perl program, save it, and then when I come back it's obfuscated

I want to switch to Zorin OS so bad, but I also want to stay in POP OS.

hahaha nice

windows is where its at lol

Looking at some perl code, i kinda understand it actually.

Yeah bad copy of KDE Plasma

I always wanted to try linux but I feel like I would have to give up some things

It depend on what programs you use.

I'm using it for more then 4 years and I never feel any needs to switch back to WIndows.

http://99-bottles-of-beer.net/language-perl-737.html

    ''=~(        '(?{'        .('`'        |'%')        .('['        ^'-')
    .('`'        |'!')        .('`'        |',')        .'"'.        '\\$'
    .'=='        .('['        ^'+')        .('`'        |'/')        .('['
    ^'+')        .'||'        .(';'        &'=')        .(';'        &'=')
    .';-'        .'-'.        '\\$'        .'=;'        .('['        ^'(')
    .('['        ^'.')        .('`'        |'"')        .('!'        ^'+')
   .'_\\{'      .'(\\$'      .';=('.      '\\$=|'      ."\|".(      '`'^'.'
  ).(('`')|    '/').').'    .'\\"'.+(    '{'^'[').    ('`'|'"')    .('`'|'/'
 ).('['^'/')  .('['^'/').  ('`'|',').(  '`'|('%')).  '\\".\\"'.(  '['^('(')).
 '\\"'.('['^  '#').'!!--'  .'\\$=.\\"'  .('{'^'[').  ('`'|'/').(  '`'|"\&").(
 '{'^"\[").(  '`'|"\"").(  '`'|"\%").(  '`'|"\%").(  '['^(')')).  '\\").\\"'.
 ('{'^'[').(  '`'|"\/").(  '`'|"\.").(  '{'^"\[").(  '['^"\/").(  '`'|"\(").(
 '`'|"\%").(  '{'^"\[").(  '['^"\,").(  '`'|"\!").(  '`'|"\,").(  '`'|(',')).
 '\\"\\}'.+(  '['^"\+").(  '['^"\)").(  '`'|"\)").(  '`'|"\.").(  '['^('/')).
 '+_,\\",'.(  '{'^('[')).  ('\\$;!').(  '!'^"\+").(  '{'^"\/").(  '`'|"\!").(
 '`'|"\+").(  '`'|"\%").(  '{'^"\[").(  '`'|"\/").(  '`'|"\.").(  '`'|"\%").(
 '{'^"\[").(  '`'|"\$").(  '`'|"\/").(  '['^"\,").(  '`'|('.')).  ','.(('{')^
 '[').("\["^  '+').("\`"|  '!').("\["^  '(').("\["^  '(').("\{"^  '[').("\`"|
 ')').("\["^  '/').("\{"^  '[').("\`"|  '!').("\["^  ')').("\`"|  '/').("\["^
 '.').("\`"|  '.').("\`"|  '$')."\,".(  '!'^('+')).  '\\",_,\\"'  .'!'.("\!"^
 '+').("\!"^  '+').'\\"'.  ('['^',').(  '`'|"\(").(  '`'|"\)").(  '`'|"\,").(
 '`'|('%')).  '++\\$="})'  );$:=('.')^  '~';$~='@'|  '(';$^=')'^  '[';$/='`';

It's mostly a regular expression, but it uses some special perl tricks on top

Prints the entirety of 99 bottles of beer

It's horrible and ugly and I love it

https://github.com/mame/quine-relay
There's also this monstrosity

I installed maven and converted my plugin to Maven, what do I do now? Once I finish the pom.xml, everything looks the same, the export options

This is the most useless program I ever saw and I also made a antivirus for Linux, so I know what programs are useless 😂

It's different on how you compile the plugin.

Are you using IntelliJ?

Is there a way to get the plugin causing an event ?

and get which plugin is doing it

Are you trying to create a custom event?

Nope

Trying to debug a teleportation on a server

I don't think you can detect what plugin that causing the teleportation, but I might be wrong.

hmmm

Eclipse

The off-brand of eclipse

Ah, I don't know then, never used Maven in Eclipse.

its the same exact thing Id assume ?

you just have a pom.xml file

Gradle is 10* better then maven

I still kinda understand this actually

Yeah it should be the same

But how do I export it differently?

I heard that theres a way to do that, and have different options such as including the dependencies in the jar

Im trying to make custom recipes and they are working but how can i put itemstacks into the recipe because i made custom items and i want to put them in the recipes

i get this error

You cant really I dont think, I think you just need to use an event Listener with it

checking if the items are the correct items then allowing the event

use RecipeChoice.ExactChoice

https://hub.spigotmc.org/javadocs/spigot/org/bukkit/inventory/RecipeChoice.ExactChoice.html

Lemme see

ty!

keep in mind if nbt data is different it wont work

as long as youre not meddling with nbt it sohuld be fine

Wat could i do with nbt?

persistant data containers and stuff?

yeah

ahhh

if values are different the recipe wont work

like if i wanna store kills in an item?

yeah

is persistent data container the easiest way to store kills?

To a specific item, yeah I'd say so

alr

Can someone explain me what are the Mojang-Mappings ?

What type of kills? Players have statistics now

@eternal oxide sad times NNYa got banned yesterday 😢

Nothing new

now i have noone to provide overly sarcastic comments

at least until the new alt arrives

That will probably be today

what?

i do not understand what that top sentence means lmao

forget it

i've just

nvm

?paste

https://paste.md-5.net/

Can someone tell me why this is happening? https://paste.md-5.net/pubohifavo.cs

You are trying to create a new instance of PrivateVault

PrivateVaults.java:12

Ok, I'll check

Ok - so i am a bit confused about this. if i look at the commits, something like this that choco authored a while back pops up:

However obviously there is no actual code to this and it is just an interface

so... where does the code go?

teh Craft implementation of that Interface

It's fixed now thanks

how do i cast a craftvillager to a regular humanentity?

ah - found it

You shoudl be able to straight cast

entity.CraftVillager cannot be cast to org.bukkit.entity.HumanEntity

Why does tab complete not work with aliases?

um, a HumanEntity I though was an actual player

so not an NPC

^^

Yep, you can;t cast CraftVillager nor Villager to HumanEntity.

Umm may any one help me?

You shoudl be able to cast to LivingEntity but not HumanEntity

oh ok

it does

Doesn't seem to work for me

at least with the args

hm i cant do a getinventory on that tho

you will not see the ailases available as the command

I am using only the args

They don;t have an Inventory. You can use getEquipment()

christ

I'm new to Maven

I just converted my java plugin to maven and this is my pom.xml

<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
  <modelVersion>4.0.0</modelVersion>
  <groupId>me.Simo</groupId>
  <artifactId>TrollMaster</artifactId>
  <version>0.0.1-SNAPSHOT</version>
  <build>
    <sourceDirectory>src</sourceDirectory>
    <resources>
      <resource>
        <directory>src</directory>
        <excludes>
          <exclude>**/*.java</exclude>
        </excludes>
      </resource>
    </resources>
    <plugins>
      <plugin>
        <artifactId>maven-compiler-plugin</artifactId>
        <version>3.8.1</version>
        <configuration>
          <source>1.8</source>
          <target>1.8</target>
        </configuration>
      </plugin>
    </plugins>
  </build>
  
</project>

what should I add?

For some reason, https://media.discordapp.net/attachments/775622008541151253/862258861707493426/20210707_145119.mp4 is happening

Show some code, tab complete works if setup correctly for aliases

also should I remove the spigot.jar from my build path?

Actually I just noticed I get "Unknown command" when I use any alias.. idk why

Yes, all dependencies need to be put in your pom

ayy it works ba ba boey

    public void HandleVillager(PlayerInteractEntityEvent  Event) {
                    HumanEntity Player = Event.getPlayer();
                    LivingEntity Entity = (LivingEntity) Event.getRightClicked();
                    if (Entity.getType() == EntityType.VILLAGER) {
                        Player.openInventory(GUIInventoryCreation());
                        Entity.damage(0);
                        Event.setCancelled(true);
                        System.out.println("Villager Interacted With");
                    }
    }```

Then your alias is not set in yoru plugin.yml correctly

ok but I have it installed as a file, should I just link the repo?

ya i dont need to dmg it

not with this

event class

Hi, is there a way to limit redstone dust in a chunk?

also any tutorials that I watched have a different .xml file

You add the repo and the dependency

it looks different

ok

<name>TrollMaster</name>
  <description>A plugin with a variety of trolls</description>
  
  <properties>
      <mainClass>me.Simo.TrollMaster.Main</mainClass>
      <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
  </properties>
  
  <repositories>
      <repository>
      <id>spigot-repo</id>
      <url>https://hub.spigotmc.org/nexus/content/groups/public/</url>
      </repository>
  </repositories>
  
  <dependencies>
      <dependency>
          <groupId>org.spigotmc</groupId>
          <artifactId>spigot-api</artifactId>
          <version>1.8.8</version>
      </dependency>
  </dependencies>

I have this

only by searchign and preventing placement

as the added part

the dependency part is underlined red

missing artifact

Should I listen to a place event and check the chunk where it is being placed?

Yes, however you may have to run buildtools as I don;t believe 1.8 is supported by the spigot repo anymore

?bt

https://www.spigotmc.org/wiki/buildtools/

wait so what should I put?

it's a 1.8.8 plugin

run that, build 1.8.8 and it will install it to your local maven repo

this is my plugin.yml https://paste.md-5.net/nedevufahu.makefile

ok

that'll automatically go to my maven repo?

oh yeah

looks fine

are you doing somethign silly in yoru onCommand, like comparing the label and not cmd.getName()

All I use is args

do you register a commandExecutor?

yes, the command works the aliases don't

show me your onCommand

https://paste.md-5.net/nacacavavi.js

looks fine

ik

maybe if I restart the server

theres a pom.xml in my spigot folder, after I ran buildtools

do I copy that over to my pom.xml?

the part with the dependencies

no

did it create a spigot jar?

i don't know where to properly learn this

yes

I think so hold on

yep

in the spigot folder

outside it

ok, then its now installed in yoru local repo

how can I apply this skin to a fake player? https://minecraft-heads.com/custom-heads/miscellaneous/6251-dark-blue-00008b

in the same folder as I had my buildtools

so how do i install it?

I think I've set the texture correctly but I think I also need a signature??

You should now be able to build your plugin

yes a value and a signature, you can get it on mineskin.com/org/net whatever

but it's still underlined red

Show you current pom

?paste

https://paste.md-5.net/

https://paste.md-5.net/ubirecefen.xml

the part that I added is the <name>Simo</name> and below

https://mineskin.org/ this? how do I use it

everything else was automatic

I don't have the skin png, just the texture string or whatever

yes, upload the skin file into it and it gives you the texture and signature

wait what

send it

"eyJ0ZXh0dXJlcyI6eyJTS0lOIjp7InVybCI6Imh0dHA6Ly90ZXh0dXJlcy5taW5lY3JhZnQubmV0L3RleHR1cmUvNmE0NjA1MzAxMmM2OGYyODlhYmNmYjE3YWI4MDQyZDVhZmJhOTVkY2FhOTljOTljMWUwMzYwODg2ZDM1In19fQ=="

Your pom is ok. What exactly is underlined red?

I got the skin texture from that website I sent before

I think that is Base64 encoded data

in here

<dependencies>
      <dependency>
          <groupId>org.spigotmc</groupId>
          <artifactId>spigot-api</artifactId>
          <version>1.8.8</version>
      </dependency>
  </dependencies>

the first dependency part

<dependency>

/give @p minecraft:player_head{display:{Name:"{\"text\":\"Dark blue (#00008B)\"}"},SkullOwner:{Id:[I;1390846929,-1328133163,-1764951099,406210083],Properties:{textures:[{Value:"eyJ0ZXh0dXJlcyI6eyJTS0lOIjp7InVybCI6Imh0dHA6Ly90ZXh0dXJlcy5taW5lY3JhZnQubmV0L3RleHR1cmUvNmE0NjA1MzAxMmM2OGYyODlhYmNmYjE3YWI4MDQyZDVhZmJhOTVkY2FhOTljOTljMWUwMzYwODg2ZDM1In19fQ=="}]}}} 1

Missing artifact org.spigotmc:spigot-api:jar:1.8

Hello im trying to update my server with buiçdtools, but I cant, it doesn't make anything

    <repositories>
        <repository>
            <id>spigot-repo</id>
            <url>https://hub.spigotmc.org/nexus/content/repositories/snapshots/</url>
        </repository>
    </repositories>```

http://textures.minecraft.net/texture/6a46053012c68f289abcfb17ab8042d5afba95dcaa99c99c1e0360886d35
theres your texture

that's the command they give on the website to get the head of the skin I want

should I change the url?

I think value is the skin url and when you decode what you get it gives you the url

Thats the url I use

how can i define a world by the name?

how did you get it?

online base64 decoder

I want to be able to do it for other ones

right

Use the java base64 class

it's still red, still the same error

what do I name it? the version, just 1.8.8?

if you built 1.8.8

https://streamable.com/azum0m

I did

I'm having an issue with NBT Tagged Item

so do I now save the texture, and upload it to mineskin?

1.8.8-R0.1-SNAPSHOT

yes

ah

1.16.5-R0.1-SNAPSHOT is mine

yeah that works

format yours the same

@eternal oxide how can i define a world by the name?

oh, or I can just paste in the url

and should I add anything more?

define?

get by name or create a world with a name?

where should I learn what to do in the pom.xml? I can't find any proper tutorial

i want to get the world

... Anyone?

https://streamable.com/azum0m

Bukkit.getWorld("name");

Bukkit.getWorld(name)

How do I count blocks of a specific type in a chunk?

oh cool, now I got this stuff

thx

the texture data is the value and the signature is the signature

loop over x.y.z

                pm.remove("textures", property);
                pm.put("textures", new Property("textures", skinValue, skinSignature));
                
                for (Player pl : Bukkit.getOnlinePlayers()) {
                    pl.hidePlayer(p);
                    pl.showPlayer(p);
                }
                

@supple elk

it looks a bit resource intensive

Is there anything more I should add to my pom.xml, or is this fine?

ok thx, I'll give this a shot

yes, you can use a Chunk Snapshot and count async though

hi, I just want to know : is a PersistentDataContainer work with bungeecord (so in Interserver)?

@supple elk thatll make other players see the skin

I just need it for tab menu

no, its not cross server

    public final void reloadSkinForSelf(Player player) {
        final EntityPlayer ep = ((CraftPlayer) player).getHandle();
        final PacketPlayOutPlayerInfo removeInfo = new PacketPlayOutPlayerInfo(EnumPlayerInfoAction.REMOVE_PLAYER, ep);
        final PacketPlayOutEntityDestroy removeEntity = new PacketPlayOutEntityDestroy(new int[] { player.getEntityId() });
        final PacketPlayOutNamedEntitySpawn addNamed = new PacketPlayOutNamedEntitySpawn(ep);
        final PacketPlayOutPlayerInfo addInfo = new PacketPlayOutPlayerInfo(EnumPlayerInfoAction.ADD_PLAYER, ep);
        final PacketPlayOutRespawn respawn = new PacketPlayOutRespawn(ep.dimension, ep.getWorld().getDifficulty(), ep.getWorld().getWorldData().getType(), ep.playerInteractManager.getGameMode());
        ep.playerConnection.sendPacket(removeInfo);
        ep.playerConnection.sendPacket(removeEntity);
        ep.playerConnection.sendPacket(addNamed);
        ep.playerConnection.sendPacket(addInfo);
        ep.playerConnection.sendPacket(respawn);
        player.updateInventory();
    }

this is the method I use to make it visible for myself

if a lot of people constantly placing redstone, wouldn't it lag the server?

okay

guys can someone help, I don't know what to add to my pom.xml

so this should hopefully work

It could yes

Nothing if its working

ok

when I export it all the options are the same

aren't they supposed to be different?

You don;t export

you are using Maven now

InteliJ or Eclipse?

eclipse

how do I turn it into a working .jar plugin file?

right click yoru pom and run As, then create a profile

is there a better way to count the blocks? Could I save the count somewhere when players are placing redstone and just work with that number? I'm not sure where to save that though

Use the goals clean package

theres just 1 maven build all the way to 6 maven test

in the run as

LETTTSS GOOOOOOO

nice

thanks for the help 😄

at teh bottom run configurations

np

yep

make sure maven is selected on teh left.

maven build?

ok

you click to create a new profile

do I put anything in there?

in to top you set teh name

then under Goals you add clean package

I don't have anything for a new profile

hold on

very top left button, looks liek a new page

oh yeah

and goals just clean package

yep

profiles?

nothing else, just apply and run

ok

also how do I package the dependencies as well? I use Jsoup

that profile will now be avbailale under your run button in the toolbar

and without maven it iddn't

ok

also what's the base directory

cuz my run button isn't able to be pressed

thats usually somethign like ${workspace_loc:/PluginNameHere}

workspace_loc being me.Simo:/TrollMaster?

no

exactly as I typed

oh

you can just press teh Workspace button and select it

and the pluginnamehere, that's just pluginnamehere?

ah yes I hae it

simplest click the workspace button

then select your project there

ok I ran it

and

build failure

now you need to add any dependencies you need

all my packages don't exist

if you right click your pom -> Maven-> add dependency

yes

fill in the groupId and Artifact Id for any dependencies you need

which would be the spigot and jsoup?

those are the only ones

spigot you already added, so just Jsoup

but this is my error

https://hastebin.com/yeviqonaqi.sql

and how do I get the group and artifact ids?

you use nms, so change your spigot-api dependency in your pom to spigot

ok

and the jsoup?

is it just the path to it and then Jsoup?

have you added it as a dependency?

not in the pom.xml

you don;t have to manually add it

you can use as above, - right click your pom -> Maven-> add dependency

then type in the search box org.jsoup

if it doesn;t show up you have to add the repo for it

it doesn't

wait do I write it in "Enter groupId, artifactId or..."?

or in the top where it takes 3 inputs

groupid, artifactid and version

just the search box

okay it's not there

if you have the repo added it will show up in teh bottom box

theres a warning

Index downloads are disabled, search results may be incomplete.

also i don't have it in my pom.xml, idk if it should be there

it won;t be there til its added

ok

it's not there tho

this is the warning

https://stackoverflow.com/questions/24252256/how-do-i-enable-index-downloads-in-eclipse-for-maven-dependency-search

index updates are slow

ok the warning's gone but it still odesn't show up

look bottom right you shoudl see it indexing

it's not

manually add the dependency then

in the pom.xml?

yes

ok and last attempt at this, do I leave the first 3 boxes empty?

and the scope to compile?

you don;t need to use that if you manually add the dependency in the pom

ok

wat's the version?

I have 1.13.1 but there's probably something else, this alone doesn't work

newest looks to be 1.13.1

I have the artifactId to jsoup

https://mvnrepository.com/artifact/org.jsoup/jsoup

Jsoup

and org.jsoup as the group

yes

okay

      <dependency>
          <groupId>org.jsoup</groupId>
          <artifactId>Jsoup</artifactId>
          <version>1.13.1</version>
      </dependency>

it's still red

same error as before

right click your pom and select update project

maven -> update project

ok

done

still red

does getInventory().getViewers().clear() actually closes the inventory from the viewer?

restart your IDE as it should not be red now

|ArtifactId should all be lowercase

its loading

ok

so jsoup not Jsoup

still a nerror

I'll test it here

but it doesn't write anything as the error description

sec

kk

oh, turns out mineskin actually gives you the java code .-.

oh lol

add xml <repository> <id>maven</id> <url>https://mvnrepository.com/artifact/</url> </repository>

oh yeah it works now

or at least there's no red underline

htanks

Failed to execute goal on project TrollMaster: Could not resolve dependencies for project me.Simo:TrollMaster:jar:0.0.1-SNAPSHOT: Failed to collect dependencies at org.jsoup:jsoup:jar:1.13.1: Failed to read artifact descriptor for org.jsoup:jsoup:jar:1.13.1: Could not transfer artifact org.jsoup:jsoup:pom:1.13.1 from/to maven (https://mvnrepository.com/artifact/): Access denied to https://mvnrepository.com/artifact/org/jsoup/jsoup/1.13.1/jsoup-1.13.1.pom. Error code 403, Forbidden -> [Help 1]

the jsoup is still problematic

odd for sure

pog 😮

it says this is the request: For request 'GET /artifact/org/jsoup/jsoup/1.13.1/jsoup-1.13.1.jar'

although it should be: https://mvnrepository.com/artifact/org.jsoup/jsoup/1.13.1

it turns the org.jsoup into org/jsoup

Hello, is there a way to add a repository to Spigot's Library Loader (plugin.yml), because I wanted to dependency located somewhere else than maven central, and it can not find it.