Skip to content

Release: 4 features, 5 fixes, 1 refactor, 1 chore → Staging#7250

Merged
h0lybyte merged 12 commits intostagingfrom
dev
Feb 25, 2026
Merged

Release: 4 features, 5 fixes, 1 refactor, 1 chore → Staging#7250
h0lybyte merged 12 commits intostagingfrom
dev

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented Feb 25, 2026
edited
Loading

Release: Dev → Staging

12 atomic commits ready for staging

Features

Bug Fixes

Refactoring

Chores

Other Changes

This PR is automatically maintained by CI

@h0lybyte
fix(mc): auto-trim dead space in resize64 script (#7249)
7b6a49b 
* fix(mc): auto-trim transparent dead space before resizing to 64x64

Crops to the content bounding box before scaling so sprites fill the
full 64x64 frame instead of shrinking into a tiny centered dot.

* feat(mc): add kbve_scythe custom item to resource pack

Trimmed and resized large_sythe.png to 64x64 via resize64 script,
added as kbve_scythe with item definition, model, and texture.
@github-project-automation github-project-automation bot moved this to Review in KBVE Feb 25, 2026
@h0lybyte
fix(kbve.sh): initialize submodules when creating worktrees (#7251)
c6366c3 
Both create_worktree and atomic_function now run
git submodule update --init --recursive after worktree creation
so submodules like apps/mc/pumpkin are checked out automatically.
@github-actions github-actions bot changed the title Release: 1 fix → Staging Release: 2 fixes → Staging Feb 25, 2026
@h0lybyte
fix(mc-e2e): use project-relative vitest include path and add resourc…
8bb0a46 
…e pack test (#7252)

vitest.config.ts used a monorepo-root-relative include path which broke
test discovery when @nx/vitest inferred the test target from the project
directory. Also adds an e2e spec for the HTTP resource pack endpoint on
port 8080.
@github-actions github-actions bot changed the title Release: 2 fixes → Staging Release: 3 fixes → Staging Feb 25, 2026
@github-actions @h0lybyte
feat(mc): add registry-based Docker build caching via nx-container (#…
be99fa5 
…7253)

The MC server was using a bare `docker build` command without any
cross-run caching. Every CI build recompiled all Pumpkin cargo
dependencies from scratch because BuildKit cache mounts are ephemeral
on GitHub Actions runners.

Switch to `@nx-tools/nx-container:build` executor with GHCR
registry-based caching (cache-from/cache-to), matching the pattern
already used by all Axum apps (discordsh, herbmail, memes,
irc-gateway). Cargo-chef layers and dependency builds are now
persisted between CI runs via the `:buildcache` tag.

Co-authored-by: Al @h0lybyte <5599058+h0lybyte@users.noreply.github.com>
@github-actions github-actions bot changed the title Release: 3 fixes → Staging Release: 1 feature, 3 fixes → Staging Feb 25, 2026
@github-actions
chore(kube): update discordsh to v0.1.9 (#7254)
e02ddd6 
Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
@github-actions github-actions bot changed the title Release: 1 feature, 3 fixes → Staging Release: 1 feature, 3 fixes, 1 chore → Staging Feb 25, 2026
@h0lybyte
refactor(mc): organize resource pack textures into category folders (#…
2e10416 
…7255)

Move models and textures into weapons/ and rewards/ subdirectories
for better organization as the item catalog grows.
@github-actions github-actions bot changed the title Release: 1 feature, 3 fixes, 1 chore → Staging Release: 1 feature, 3 fixes, 1 refactor, 1 chore → Staging Feb 25, 2026
github-actions bot and others added 2 commits February 25, 2026 09:06
@github-actions @h0lybyte
Atomic: docker cargo cache (#7256)
ee41418 
* fix(mc): layer Dockerfile into parallel build stages for pumpkin and plugin

Split the monolithic builder stage into separate deps, builder, and
plugin-builder stages so BuildKit can compile the server binary and
plugin cdylib concurrently. The plugin stage reuses cooked third-party
deps via CARGO_TARGET_DIR, eliminating redundant compilation.

* feat(mc): tier workspace crate builds into foundation and core layers

Pre-build workspace crates in dependency order across isolated Docker
layers so only the changed tier recompiles on rebuild:

  deps → foundation (nbt, api-macros, util, data, macros, config)
       → core (world, protocol, inventory)
       → builder | plugin-builder  (parallel via BuildKit)

When only the root pumpkin crate or plugin source changes, foundation
and core layers are fully cached.

---------

Co-authored-by: Al @h0lybyte <5599058+h0lybyte@users.noreply.github.com>
@h0lybyte
fix(mc-e2e): disable auto-inferred vitest test target (#7257)
cbcf266 
The @nx/vitest plugin infers a bare `test` target from vitest.config.ts,
which runs vitest without the Docker container. This causes CI failures in
`nx affected --target=test` since the MC server and resource pack HTTP
server are only available inside the Docker image. The proper e2e pipeline
(`nx e2e mc`) handles container lifecycle and remains unchanged.
@github-actions github-actions bot changed the title Release: 1 feature, 3 fixes, 1 refactor, 1 chore → Staging Release: 1 feature, 4 fixes, 1 refactor, 1 chore → Staging Feb 25, 2026
@h0lybyte h0lybyte self-requested a review as a code owner February 25, 2026 14:21
@github-actions github-actions bot changed the title Release: 1 feature, 4 fixes, 1 refactor, 1 chore → Staging Release: 2 features, 4 fixes, 1 refactor, 1 chore → Staging Feb 25, 2026
@github-advanced-security
Copy link

github-advanced-security bot commented Feb 25, 2026

This pull request sets up GitHub code scanning for this repository. Once the scans have completed and the checks have passed, the analysis results for this pull request branch will appear on this overview. Once you merge this pull request, the 'Security' tab will show more code scanning analysis results (for example, for the default branch). Depending on your configuration and choice of analysis tool, future pull requests will be annotated with code scanning analysis results. For more information about GitHub code scanning, check out the documentation.

@h0lybyte
feat(ci): harden CodeQL with PR gates, scheduled scans, and dependenc…
70d326c 
…y review (#7259)

- Add dev to pull_request branches so PRs are scanned before merge
- Add weekly scheduled scan (Mondays 06:30 UTC) for newly disclosed CVEs
- Upgrade query suite from default to security-and-quality
- Add dependency-review job to block PRs introducing high-severity deps
@github-actions
Copy link
Contributor Author

github-actions bot commented Feb 25, 2026
edited
Loading

Dependency Review

The following issues were found:
  • ✅ 0 vulnerable package(s)
  • ✅ 0 package(s) with incompatible licenses
  • ✅ 0 package(s) with invalid SPDX license definitions
  • ⚠️ 2 package(s) with unknown licenses.
See the Details below.

License Issues

.github/workflows/ci-security.yml

PackageVersionLicenseIssue Type
actions/dependency-review-action4.*.*NullUnknown License

apps/mc/plugins/kbve-mc-plugin/Cargo.toml

PackageVersionLicenseIssue Type
dashmap>= 6.0.0, < 7.0.0NullUnknown License

OpenSSF Scorecard

PackageVersionScoreDetails
actions/actions/dependency-review-action 4.*.* 🟢 7.8
Details
CheckScoreReason
Maintained🟢 1026 commit(s) and 0 issue activity found in the last 90 days -- score normalized to 10
Dangerous-Workflow🟢 10no dangerous workflow patterns detected
Binary-Artifacts🟢 10no binaries found in the repo
CII-Best-Practices⚠️ 0no effort to earn an OpenSSF best practices badge detected
Code-Review🟢 10all changesets reviewed
Packaging⚠️ -1packaging workflow not detected
Security-Policy🟢 9security policy file detected
Token-Permissions🟢 9detected GitHub workflow tokens with excessive permissions
License🟢 10license file detected
Fuzzing⚠️ 0project is not fuzzed
Pinned-Dependencies⚠️ 1dependency not pinned by hash detected -- score normalized to 1
Signed-Releases⚠️ -1no releases found
Branch-Protection🟢 6branch protection is not maximal on development and all release branches
SAST🟢 10SAST tool is run on all commits
cargo/dashmap >= 6.0.0, < 7.0.0 UnknownUnknown

Scanned Files

  • .github/workflows/ci-security.yml
  • apps/mc/plugins/kbve-mc-plugin/Cargo.toml

@h0lybyte
fix(mc): restore workspace manifests after cargo-chef cook and update…
c7067ba 
… Pumpkin submodule (#7260)

cargo-chef cook strips workspace.lints from the root Cargo.toml, breaking
crates that inherit lints. Building individual crates with -p also breaks
tokio feature unification (pumpkin-protocol needs tokio/net transitively).

Fix both by restoring Cargo.toml/Cargo.lock after cook and switching to
full workspace builds at each layer. Also update Pumpkin submodule to
latest upstream master (69a37afd).
@github-actions github-actions bot changed the title Release: 2 features, 4 fixes, 1 refactor, 1 chore → Staging Release: 3 features, 5 fixes, 1 refactor, 1 chore → Staging Feb 25, 2026
@h0lybyte
feat(mc): add rust stone and spartan shield with DashMap item registry (
8eddea3 
#7261)

Refactor give commands from individual executors to a DashMap-backed
item registry. New items only need a single map.insert() entry.

- Add rust_stone block texture (64x64 via resize64) with blockstate,
  model, and item definitions
- Add spartan_shield item texture (64x64) with model and item defs
- Spartan shield: mid-tier durability (200 vs vanilla 336), reflects
  3 thorns damage on hit via ShieldBlockHandler event, flame particles
- Register ShieldBlockHandler for PlayerInteractEntityEvent
- Add dashmap and pumpkin-protocol dependencies
@github-actions github-actions bot changed the title Release: 3 features, 5 fixes, 1 refactor, 1 chore → Staging Release: 4 features, 5 fixes, 1 refactor, 1 chore → Staging Feb 25, 2026
@h0lybyte h0lybyte merged commit c8acfb2 into staging Feb 25, 2026
14 of 15 checks passed
@github-project-automation github-project-automation bot moved this from Review to Done in KBVE Feb 25, 2026
@github-actions github-actions bot mentioned this pull request Feb 25, 2026
Merged
5 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@h0lybyte h0lybyte h0lybyte approved these changes

Assignees

No one assigned

Labels

auto-pr

Projects

KBVE
Status: Done

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@h0lybyte