Skip to content

Release: 4 features, 5 fixes, 1 chore → Main#8021

Merged
h0lybyte merged 10 commits intomainfrom
dev
Mar 15, 2026
Merged

Release: 4 features, 5 fixes, 1 chore → Main#8021
h0lybyte merged 10 commits intomainfrom
dev

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Mar 15, 2026
edited
Loading

Release: Dev → Main

10 atomic commits ready for main

Features

Bug Fixes

Chores

  • chore(kbve): minor version bump. (decb501)

This PR is automatically maintained by CI — KBVE Studio

@h0lybyte
fix(mc): bump Alpine packages to resolve CVE-2026-22184 (zlib) (#8020)
ec20cf3 
Add apk upgrade to final image stages so zlib 1.3.1-r2 → 1.3.2-r0,
fixing the critical buffer overflow CVE flagged by Trivy.
@github-project-automation github-project-automation bot moved this to Review in KBVE Mar 15, 2026
@h0lybyte
feat(discordsh): replace hardcoded registries with proto-driven ItemDb (
6b1969c 
#8022)

* feat(discordsh): replace hardcoded item/gear registries with proto-driven ItemDb

Phase 1 of issue #8010. Adds bevy_items as a dependency and loads all
item definitions from an embedded itemdb.json snapshot via the proto
bridge module. Removes ~360 lines of hardcoded ItemDef/GearDef arrays
from content.rs in favor of runtime conversion from proto Item structs.

Also fixes missing gear special fields (crit_bonus) in excalibur,
glass-stiletto, and shadow-dagger MDX files.

* fix(discordsh): add bevy_items to Docker build workspace and COPY layers
@github-actions
Copy link
Contributor Author

github-actions bot commented Mar 15, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 6 package(s) with unknown licenses.
See the Details below.

License Issues

packages/rust/bevy/bevy_battle/Cargo.toml

PackageVersionLicenseIssue Type
bevy>= 0.18.0, < 0.19.0NullUnknown License
rand>= 0.9.0, < 0.10.0NullUnknown License
serde>= 1.0.0, < 2.0.0NullUnknown License

packages/rust/bevy/bevy_skills/Cargo.toml

PackageVersionLicenseIssue Type
bevy>= 0.18.0, < 0.19.0NullUnknown License
serde>= 1.0.0, < 2.0.0NullUnknown License
serde_json>= 1.0.0, < 2.0.0NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/dtolnay/rust-toolchain stable 🟢 4.8
Details
CheckScoreReason
Code-Review⚠️ 0Found 0/18 approved changesets -- score normalized to 0
Binary-Artifacts🟢 10no binaries found in the repo
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Maintained🟢 33 commit(s) and 1 issue activity found in the last 90 days -- score normalized to 3
Token-Permissions🟢 10GitHub workflow tokens follow principle of least privilege
Packaging⚠️ -1packaging workflow not detected
Pinned-Dependencies⚠️ 0dependency not pinned by hash detected -- score normalized to 0
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Signed-Releases⚠️ -1no releases found
Security-Policy🟢 3security policy file detected
Branch-Protection⚠️ -1internal error: error during branchesHandler.setup: internal error: some github tokens can't read classic branch protection rules: https://github.com/ossf/scorecard-action/blob/main/docs/authentication/fine-grained-auth-token.md
SAST⚠️ 0SAST tool is not run on all commits -- score normalized to 0
cargo/bevy >= 0.18.0, < 0.19.0 UnknownUnknown
cargo/rand >= 0.9.0, < 0.10.0 UnknownUnknown
cargo/serde >= 1.0.0, < 2.0.0 UnknownUnknown
cargo/bevy >= 0.18.0, < 0.19.0 UnknownUnknown
cargo/serde >= 1.0.0, < 2.0.0 UnknownUnknown
cargo/serde_json >= 1.0.0, < 2.0.0 UnknownUnknown

Scanned Files

  • .github/workflows/utils-ci-lint-test.yml
  • packages/rust/bevy/bevy_battle/Cargo.toml
  • packages/rust/bevy/bevy_skills/Cargo.toml

@github-actions github-actions bot changed the title Release: 1 fix → Main Release: 1 feature, 1 fix → Main Mar 15, 2026
@h0lybyte
fix(analytics): add dedicated logflare CH user and fix credentials (#…
32dad97 
…8024)

- Add scoped `logflare` user to ClickHouse (restricted to logflare db)
- Re-seal credentials with correct password and new user
- Update setup Job to verify CH connectivity before proceeding
- Job now removes stale backend before recreating (handles credential rotation)
- Bump Job to v2 to force re-run with corrected credentials

Ref: #8015
@github-actions github-actions bot changed the title Release: 1 feature, 1 fix → Main Release: 1 feature, 2 fixes → Main Mar 15, 2026
@h0lybyte
feat(mapdb): expand flavor text for all 28 mapdb entries (#8025)
5b55f74 
Rewrite all location and resource node entries with richer prose
inspired by fantasy novel style. Add atmosphere, rumors, lore,
crafting applications, and gameplay detail. Remove all em dashes
and tighten prose throughout.
@github-actions github-actions bot changed the title Release: 1 feature, 2 fixes → Main Release: 2 features, 2 fixes → Main Mar 15, 2026
@github-actions github-actions bot changed the title Release: 2 features, 2 fixes → Main Release: 2 features, 2 fixes, 1 chore → Main Mar 15, 2026
@h0lybyte
fix(ci): add Rust 1.94 to lint workflow and fix axum-discordsh clippy…
5fa0a0a 
… warnings (#8026)

Pin Rust 1.94 in utils-ci-lint-test.yml since bevy_items requires
edition 2024 / MSRV 1.94. Fix all clippy collapsible_if warnings and
suppress dead_code on scaffolded github and item_db modules.
@h0lybyte h0lybyte self-requested a review as a code owner March 15, 2026 11:45
@github-actions github-actions bot changed the title Release: 2 features, 2 fixes, 1 chore → Main Release: 2 features, 3 fixes, 1 chore → Main Mar 15, 2026
h0lybyte added 2 commits March 15, 2026 08:00
@h0lybyte
feat(bevy_battle): add generic turn-based battle ECS crate (#8010) (#…
cd56f1d 
…8027)

Extract combat logic from monolithic logic.rs into a reusable bevy_battle
crate for Bevy 0.18. Provides components, message-driven events, and systems
for damage calculation, status effects, class procs, enemy AI, and death
detection — fully game-agnostic with 52 unit tests.
@h0lybyte
fix(proto): resolve duplicate field tags in WorldObjectDef (#8028)
3d61dff 
Fields credits and drafted had tags 37/38 which collided with
resource_type and container_type. Reassign to 40/41.
@github-actions github-actions bot changed the title Release: 2 features, 3 fixes, 1 chore → Main Release: 3 features, 4 fixes, 1 chore → Main Mar 15, 2026
@h0lybyte
fix(isometric): fix multiplayer reconnect and JWT auth failures (#8023)
ac28927 
* fix(isometric): fix reconnect visibility, JWT auth hang, and stale client entities

* fix(isometric): resolve WASM asset loading 404s and auth disconnect error

Set AssetPlugin.file_path to /isometric/assets for WASM builds so Bevy
fetches shaders/textures from the correct deployment URL instead of the
page-relative path. Disable meta file checks. Move frog texture into
the assets directory to fix UnapprovedPathMode error. Fix Disconnect
trigger (EntityEvent, not a Component).

* build(isometric): rebuild WASM + deploy with asset fixes

Rebuild WASM binary with /isometric/assets base path and
AssetMetaCheck::Never. Add texture copy step to build script so
frog_green.png original is preserved alongside brotli-compressed
version. Deploy fresh dist to astro-kbve/public/isometric.
@github-actions github-actions bot changed the title Release: 3 features, 4 fixes, 1 chore → Main Release: 3 features, 5 fixes, 1 chore → Main Mar 15, 2026
@h0lybyte
feat(bevy_skills): add skill progression system for Bevy 0.18 (#8029)
5224837 
Tracks per-entity skill XP and levels using the Message API.
Provides SkillRegistry for definitions, SkillProfile component
for state, XpCurve for progression, and message-driven skill
checks for gating interactions like mining, woodcutting, cooking.
@github-actions github-actions bot changed the title Release: 3 features, 5 fixes, 1 chore → Main Release: 4 features, 5 fixes, 1 chore → Main Mar 15, 2026
@h0lybyte h0lybyte merged commit ef9592a into main Mar 15, 2026
12 checks passed
@github-project-automation github-project-automation bot moved this from Review to Done in KBVE Mar 15, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@h0lybyte h0lybyte Awaiting requested review from h0lybyte h0lybyte is a code owner

Assignees

No one assigned

Labels

auto-pr dev→main

Projects

KBVE
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@h0lybyte