Skip to content

Refactor SecureJar implementation and add package exclusions #47

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
Su5eD merged 14 commits into from
Nov 16, 2023
Merged

Refactor SecureJar implementation and add package exclusions #47

Su5eD merged 14 commits into from
Nov 16, 2023

Conversation

@Technici4n
Copy link
Contributor

@Technici4n Technici4n commented Nov 11, 2023
edited
Loading

Add SecureJarBuilder

In preparation for the package exclusions and other future additional SecureJar parameters, deprecate the old from methods for removal, and add a builder instead.

Split implementation across new JarContents and JarSigningData

The motivation for this change is that usually we need access to some of the jar's contents when building the JarMetadata. Before this change, this is done by passing an incomplete SecureJar to the jar metadata factory in the constructor of SecureJar. This makes it very hard to reason about the code, because we don't know which parts of SecureJar can be safely referenced in the metadata construction, and we also don't know when the metadata can be used inside of SecureJar.

To fix this, I moved the methods needed for constructing the metadata to a new interface called JarContents. The builder was updated accordingly.

Add option to exclude some folder from the package scan

Finally, I also added the option to exclude some folders from the package scan. This will be useful to skip the assets and data folders of some mods. Some mods have a LOT of assets (for example Continuity+), and scanning those can take a few seconds of startup time.

Allow instantiating JarContents separately and remove SecureJarBuilder

After a bit of testing in FML I noticed that it is convenient to have a builder for JarContents instead of SecureJar.

Documentation

I tried to document many methods I encountered, to break the tradition of SJH being completely undocumented... :)

Future work

I will make another PR to make the package scan parallel (across different jars)... but for now I think this PR is large enough. :)

TODO

  • Actually test with mods. EDIT: Done, tested on ATM 9 with 400 mods, skipping the assets and data scanning worked. :)

@Technici4n Technici4n mentioned this pull request Nov 12, 2023
Merged
Matyrobbrt
Matyrobbrt requested changes Nov 12, 2023
View reviewed changes
Copy link
Member

@Matyrobbrt Matyrobbrt left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Mostly pendantic documentation complaints.

@sciwhiz12 sciwhiz12 added the enhancement New feature or request label Nov 12, 2023
@Su5eD Su5eD merged commit dff4f69 into McModLauncher:main Nov 16, 2023
@Technici4n Technici4n deleted the securejar-changes branch November 16, 2023 13:15
@Technici4n Technici4n mentioned this pull request Nov 18, 2023
Open
@Technici4n Technici4n mentioned this pull request Nov 27, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@Su5eD Su5eD Su5eD approved these changes

@Matyrobbrt Matyrobbrt Matyrobbrt approved these changes

Assignees

No one assigned

Labels

enhancement New feature or request

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

4 participants

@Technici4n @Su5eD @Matyrobbrt @sciwhiz12