If you've submitted a plugin recently, you've noticed an increased delay in plugin approval time. This is because the current requirements for approving plugins is decompiling each plugin update and validating that no malicious code is present in the plugin.
However, developers are extremely busy and can't always do this in a timely fashion. Should we remove plugin approvals, and let plugin developers upload plugins at will, without us checking them?
Please vote in this poll. If we have a majority of votes and at least 100 votes, we will take that action. If we don't get 100 votes, we will do nothing. Cheers!
Page 1 of 12
Created by Wight
- Jan 3, 2017
It's finally here! The event you've all been waiting for!
Coming fresh to your servers in 2017, it's the inaugural release of TShock Mintaka!
Are you excited? I am.
This would not have been possible without the massively appreciated help of DeathCradle, and his OTAPI project. You're the best dude <3
- Compatibility with Terraria 188.8.131.52
- API: Version tick 2.0
- API: Reduced RAM usage by ~80MB (Large server) (@deathcradle)
- API: Added TSPlayer.KillPlayer() (@WhiteXZ)
- API: Added TSPlayer.Logout() (@ProfessorXZ)
- Fixed connections after max slot is reached (@DeathCradle)
- Fixed server crashes caused by client disconnections when attempting to read closed sockets (@Enerdy)
- Added some code to make trapdoors work better (@DogooFalchion)
- AllowCutTilesAndBreakables config option now correctly allows flowers/vines/herbs to be cut in regions without breaking walls (@WhiteXZ)
- REST: /status has been re-added. It will now always point to /v2/server/status and includes an upgrade field describing the newest status route (@WhiteXZ)
- REST: /v3/players/read now includes a muted field (@WhiteXZ)
- Fixed fishing quests not saving/loading correctly when login before join, UUID login, and SSC were enabled together (@DogooFalchion)
Any plugin compiled for an earlier version of TShock must be recompiled to reference this version.
ignoreversion will NOT work.
Because of this, any plugin listed as obsolete in the resource manager will NOT work with this version of TShock.
As always, you can download this release from our Github page.
Created by nicatronTg
- Nov 17, 2016
We've migrated away from the wiki for documentation. We're now using ReadMe.io with a generously provided open source license. The new docs can be found at tshock.readme.io and in the navigation bar at the top of the page. The old docs have been retired, and the wiki will eventually be removed.
There are some really neat benefits from using ReadMe. Right now, we have the documentation for the current version of TShock on there. However, in the top right hand corner, you'll eventually be able to change documentation versions depending on which version you're running. This means that we can update our documentation with each version, and you'll always have the historical record of what changed.
Moving to ReadMe is still a work in progress, especially when it comes to the REST documentation. We're working on that. However, we'd like to extend our thanks to everyone who helped move documentation over. In particular, @Da Bomber played a critical role in helping with the move. Without his help, we wouldn't be using ReadMe right now.
As always, we accept suggestions on any documentation pages. You can "suggest edits" on any page, and send us general feedback on here, on Slack, or on Twitter.
Created by nicatronTg
- Oct 17, 2016
Welcome to TShock for Terraria 4.3.20 for Terraria 184.108.40.206. This is an important security release. You should update as soon as possible. Download now, via Github Releases.
- Security improvement: The auth system is now automatically disabled if a superadmin exists in the database (@Enerdy).
- Removed the auth-verify command since auth now serves its purpose when necessary (@Enerdy).
- Security: /" exploit can no longer break chat mute filters (@Simon311).
- Fixed an issue where sometimes players could connect briefly during server shutdown, leading to errors (@Simon311).
- Fixed wyverns despawning & not behaving like normal (@WhiteXZ).
- Fixed major security issue where InvokeClientConnect could be exploited to do terrible, terrible things (@Simon311, @nicatronTg, @popstarfreas, @ProfessorXZ, @WhiteXZ).
If you only want the security update just update the TerrariaServer executable.
The first time use auth system has been rebuilt. /auth supersedes /auth-verify, and if a SuperAdmin exists, then the auth system will be automatically disabled.
Technical exploit details can be found on the git commit. This can, at minimum, be used to avoid server mutes, change names, bypass grief checks based on timeouts and thresholds, and more. We extend extreme thanks to @Simon311 for testing all implications associated with this issue.
Created by nicatronTg
- Oct 15, 2016
If you've been in Slack, you've noticed that most of our builds are performed by two continuous integration servers: Travis CI & Bamboo. Travis has been building TShock for a long time, but we've always maintained our own build server because of the necessity to offer unstable downloads.
Beginning today, we've shut down Bamboo entirely in favor of Travis. The build logs are now here and the downloads are now here. The build logs are broken down by branch and every release is numbered according to its Travis build number. As always, aside from the master builds, general-devel is unstable and not suggested for use in production.
With that being said, if you are a user who lives on the edge, be prepared to start reporting Travis build numbers and not Bamboo build numbers for bugs.
The rationale behind the change is simple: Bamboo is another server we're running and that's not good from a risk scenario. Bamboo frequently issues security patches that need to be installed same-day, meaning we're left with a vulnerable server running on the internet for sometimes hours before its patched. With Travis, we're not running anything locally. Everything is much nicer and more secure.
Page 1 of 12