Skip to content

Fix: censor internal convars post load#47

Merged
Maximus7474 merged 1 commit into
mainfrom
fix/censor-internal-commands-post-load
Jul 4, 2026
Merged

Fix: censor internal convars post load#47
Maximus7474 merged 1 commit into
mainfrom
fix/censor-internal-commands-post-load

Conversation

@Maximus7474

@Maximus7474 Maximus7474 commented Jul 4, 2026

Copy link
Copy Markdown
Collaborator

Description

Convar values (resource-api-token & api-port) are accessible by clients with the commands ace permission (generally attributed to group.admin by tx.
This PR addresses this issue by "censoring" the values once they've been loaded into memory by the resource.


Tests

  • Tested in development mode
  • Passes typecheck
  • Builds & runs on Windows
  • Builds & runs on Linux

Additional Notes

@Maximus7474 Maximus7474 self-assigned this Jul 4, 2026
@Maximus7474 Maximus7474 added the bug Something isn't working label Jul 4, 2026
FjamZoo
FjamZoo previously approved these changes Jul 4, 2026
FjamZoo
FjamZoo previously approved these changes Jul 4, 2026
@Maximus7474 Maximus7474 force-pushed the fix/censor-internal-commands-post-load branch from cd999f6 to 3f4f844 Compare July 4, 2026 21:38
@Maximus7474 Maximus7474 merged commit 0da8a98 into main Jul 4, 2026
6 checks passed
@Maximus7474 Maximus7474 deleted the fix/censor-internal-commands-post-load branch July 4, 2026 21:51
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

area: resource bug Something isn't working

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants