Skip to content

Add default command config#1315

Open
vLuckyyy wants to merge 3 commits intomasterfrom
add-default-command-config
Open

Add default command config#1315
vLuckyyy wants to merge 3 commits intomasterfrom
add-default-command-config

Conversation

@vLuckyyy
Copy link
Member

No description provided.

@vLuckyyy vLuckyyy requested a review from a team as a code owner February 27, 2026 19:43
Copy link
Contributor

@gemini-code-assist gemini-code-assist bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Code Review

This pull request significantly enhances the command configuration system by introducing dynamic default generation, robust stale command cleanup, and null-safe handling for aliases and permissions. While the integration of ConfigurationManager, Scheduler, and Logger via dependency injection is a solid architectural choice, the implementation introduces significant race conditions. The most critical issue is a hardcoded 1-second timer for stale command cleanup, which can lead to the deletion and reset of custom security configurations (permissions, enabled status) on servers where command registration takes longer than one second. Additionally, non-atomic updates to the shared command configuration map from multiple threads can lead to data inconsistency and loss.

}

private void cleanupStaleCommands() {
this.commandConfiguration.commands = mutableMap(this.commandConfiguration.commands);
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

security-medium medium

The CommandConfigurator class performs non-atomic updates to the commandConfiguration.commands map from both the main thread (during command registration) and a scheduled task (during stale command cleanup). The use of ConcurrentHashMap for other fields and the volatile keyword suggests that concurrent access is expected. However, the commands map is replaced with a new copy in both synchronizeDefaults and cleanupStaleCommands, leading to a race condition where one thread's updates can be overwritten by another. This can result in configuration data loss or inconsistency, potentially reverting security-sensitive settings like command permissions or enabled status.

To remediate this, use a thread-safe map (like ConcurrentHashMap) for commandConfiguration.commands and perform atomic updates, or synchronize access to the map.

Comment on lines +159 to +162
if (this.commandConfiguration.commands.remove("") != null) {
this.logger.warning("[CommandConfigurator] Removed invalid empty command key ('') from commands.yml");
changed = true;
}
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

medium

The logic for removing an invalid empty command key is duplicated here and in cleanupStaleCommands. Extracting this into a private helper method would improve code reusability and reduce redundancy.

        changed |= this.removeEmptyCommandKey();

Copy link

@chatgpt-codex-connector chatgpt-codex-connector bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

💡 Codex Review

Here are some automated review suggestions for this pull request.

Reviewed commit: b54dbedcf7

ℹ️ About Codex in GitHub

Your team has set up Codex to review pull requests in this repo. Reviews are triggered when you

  • Open a pull request for review
  • Mark a draft as ready
  • Comment "@codex review".

If Codex has suggestions, it will comment; otherwise it will react with 👍.

Codex can also answer questions or update the PR. Try commenting "@codex address that feedback".

Comment on lines +139 to +141
List<String> staleKeys = this.commandConfiguration.commands.entrySet().stream()
.filter(entry -> entry.getValue() == null || !runtimeNames.contains(entry.getKey()))
.map(Map.Entry::getKey)

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

P2 Badge Exclude compatibility-gated commands from stale cleanup

cleanupStaleCommands deletes every config key that is not in discoveredRuntimeCommands, but command discovery is already filtered by compatibility (EternalCore scans only CompatibilityService.isCompatible types), so version-gated commands can be missing at runtime by design (for example ElderGuardianCommand and EndScreenCommand have @Compatibility(from=...)). On older server versions this logic will remove those valid entries from commands.yml, permanently discarding user overrides that should still exist when the server is upgraded later.

Useful? React with 👍 / 👎.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

1 participant