Version: 227.0.3

commit d4f265c314
Author: PJB3005 <pieterjan.briers+git@gmail.com>
Date:   Sun Sep 14 14:32:44 2025 +0200

    Fix incorrect path combine in DirLoader and WritableDirProvider

    This (and the other couple past commits) reported by Elelzedel.

commit 7654d38612
Author: PJB3005 <pieterjan.briers+git@gmail.com>
Date:   Sat Sep 13 22:50:51 2025 +0200

    Move CEF cache out of data directory

    Don't want content messing with this...

commit cdcc255123
Author: PJB3005 <pieterjan.briers+git@gmail.com>
Date:   Sat Sep 13 19:11:16 2025 +0200

    Make Robust.Client.WebView.Cef.Program internal.

commit 2f56a6a110
Author: PJB3005 <pieterjan.briers+git@gmail.com>
Date:   Sat Sep 13 19:10:46 2025 +0200

    Update SpaceWizards.NFluidSynth to 0.2.2

commit 16fc48cef2
Author: PJB3005 <pieterjan.briers+git@gmail.com>
Date:   Sat Sep 13 19:09:43 2025 +0200

    Hide IWritableDirProvider.RootDir on client

    This shouldn't be exposed.

(cherry picked from commit 2f07159336bc640e41fbbccfdec4133a68c13bdb)
(cherry picked from commit d6c3212c74373ed2420cc4be2cf10fcd899c2106)
(cherry picked from commit bfa70d7e2ca6758901b680547fcfa9b24e0610b7)
(cherry picked from commit 06e52f5d58efc1491915822c2650f922673c82c6)
(cherry picked from commit 4413695c77fb705054c2f81fa18ec0a189b685dd)

Directory.Packages.props

@@ -55,9 +55,9 @@
     <PackageVersion Include="Serilog" Version="3.1.1" />
     <PackageVersion Include="Serilog.Sinks.Loki" Version="4.0.0-beta3" />
     <PackageVersion Include="SharpZstd.Interop" Version="1.5.2-beta2" />
-    <PackageVersion Include="SixLabors.ImageSharp" Version="3.1.3" />
+    <PackageVersion Include="SixLabors.ImageSharp" Version="3.1.5" />
     <PackageVersion Include="SpaceWizards.HttpListener" Version="0.1.1" />
-    <PackageVersion Include="SpaceWizards.NFluidsynth" Version="0.1.1" />
+    <PackageVersion Include="SpaceWizards.NFluidsynth" Version="0.2.2" />
     <PackageVersion Include="SpaceWizards.SharpFont" Version="1.0.2" />
     <PackageVersion Include="SpaceWizards.Sodium" Version="0.2.1" />
     <PackageVersion Include="System.Numerics.Vectors" Version="4.5.0" />

MSBuild/Robust.Engine.Version.props

@@ -1,4 +1,4 @@
 <Project>
 
-    <!-- This file automatically reset by Tools/version.py -->
+    <!-- This file automatically reset by Tools/version.py -->
 

RELEASE-NOTES.md

@@ -54,6 +54,15 @@ END TEMPLATE-->
 *None yet*
 
 
+## 227.0.3
+
+
+## 227.0.2
+
+
+## 227.0.1
+
+
 ## 227.0.0
 
 ### Breaking changes

Robust.Client.WebView/Cef/Program.cs

@@ -6,7 +6,7 @@ using Xilium.CefGlue;
 
 namespace Robust.Client.WebView.Cef
 {
-    public static class Program
+    internal static class Program
     {
         // This was supposed to be the main entry for the subprocess program... It doesn't work.
         public static int Main(string[] args)

Robust.Client.WebView/Cef/WebViewManagerCef.cs

@@ -5,6 +5,7 @@ using System.Net;
 using System.Reflection;
 using System.Text;
 using Robust.Client.Console;
+using Robust.Client.Utility;
 using Robust.Shared.Configuration;
 using Robust.Shared.ContentPack;
 using Robust.Shared.IoC;
@@ -24,6 +25,7 @@ namespace Robust.Client.WebView.Cef
 
         [Dependency] private readonly IDependencyCollection _dependencyCollection = default!;
         [Dependency] private readonly IPrototypeManager _prototypeManager = default!;
+        [Dependency] private readonly IGameControllerInternal _gameController = default!;
         [Dependency] private readonly IResourceManagerInternal _resourceManager = default!;
         [Dependency] private readonly IClientConsoleHost _consoleHost = default!;
         [Dependency] private readonly IConfigurationManager _cfg = default!;
@@ -61,7 +63,10 @@ namespace Robust.Client.WebView.Cef
 
             var cachePath = "";
             if (_resourceManager.UserData is WritableDirProvider userData)
-                cachePath = userData.GetFullPath(new ResPath("/cef_cache"));
+            {
+                var rootDir = UserDataDir.GetRootUserDataDir(_gameController);
+                cachePath = Path.Combine(rootDir, "cef_cache", "0");
+            }
 
             var settings = new CefSettings()
             {

Robust.Client/Console/Commands/DumpMetadataMembersCommand.cs

@@ -11,7 +11,7 @@ namespace Robust.Client.Console.Commands
 
         public override void Execute(IConsoleShell shell, string argStr, string[] args)
         {
-            var type = Type.GetType(args[0]);
+            var type = GetType(args[0]);
 
             if (type == null)
             {
@@ -25,6 +25,17 @@ namespace Robust.Client.Console.Commands
                 shell.WriteLine(sig);
             }
         }
+
+        private Type? GetType(string name)
+        {
+            foreach (var assembly in AppDomain.CurrentDomain.GetAssemblies())
+            {
+                if (assembly.GetType(name) is { } type)
+                    return type;
+            }
+
+            return null;
+        }
     }
 #endif
 }

Robust.Client/GameController/GameController.cs

@@ -363,7 +363,7 @@ namespace Robust.Client
 
             _prof.Initialize();
 
-            _resManager.Initialize(Options.LoadConfigAndUserData ? userDataDir : null);
+            _resManager.Initialize(Options.LoadConfigAndUserData ? userDataDir : null, hideUserDataDir: true);
 
             var mountOptions = _commandLineArgs != null
                 ? MountOptions.Merge(_commandLineArgs.MountOptions, Options.MountOptions)

Robust.Server/BaseServer.cs

@@ -296,7 +296,7 @@ namespace Robust.Server
                 : null;
 
             // Set up the VFS
-            _resources.Initialize(dataDir);
+            _resources.Initialize(dataDir, hideUserDataDir: false);
 
             var mountOptions = _commandLineArgs != null
                 ? MountOptions.Merge(_commandLineArgs.MountOptions, Options.MountOptions) : Options.MountOptions;

Robust.Shared/ContentPack/AssemblyTypeChecker.Parsing.cs

@@ -32,7 +32,7 @@ namespace Robust.Shared.ContentPack
             String("short").ThenReturn(PrimitiveTypeCode.Int16);
 
         private static readonly Parser<char, PrimitiveTypeCode> UInt16TypeParser =
-            String("ushort").ThenReturn(PrimitiveTypeCode.UInt32);
+            String("ushort").ThenReturn(PrimitiveTypeCode.UInt16);
 
         private static readonly Parser<char, PrimitiveTypeCode> Int32TypeParser =
             String("int").ThenReturn(PrimitiveTypeCode.Int32);

Robust.Shared/ContentPack/DirLoader.cs

@@ -60,7 +60,7 @@ namespace Robust.Shared.ContentPack
 
             internal string GetPath(ResPath relPath)
             {
-                return Path.GetFullPath(Path.Combine(_directory.FullName, relPath.ToRelativeSystemPath()));
+                return PathHelpers.SafeGetResourcePath(_directory.FullName, relPath);
             }
 
             /// <inheritdoc />

Robust.Shared/ContentPack/IResourceManagerInternal.cs

@@ -14,7 +14,11 @@ namespace Robust.Shared.ContentPack
         /// The directory to use for user data.
         /// If null, a virtual temporary file system is used instead.
         /// </param>
-        void Initialize(string? userData);
+        /// <param name="hideUserDataDir">
+        /// If true, <see cref="IWritableDirProvider.RootDir"/> will be hidden on
+        /// <see cref="IResourceManager.UserData"/>.
+        /// </param>
+        void Initialize(string? userData, bool hideUserDataDir);
 
         /// <summary>
         ///     Mounts a single stream as a content file. Useful for unit testing.

Robust.Shared/ContentPack/IWritableDirProvider.cs

@@ -13,7 +13,7 @@ namespace Robust.Shared.ContentPack
     {
         /// <summary>
         /// The root path of this provider.
-        /// Can be null if it's a virtual provider.
+        /// Can be null if it's a virtual provider or the path is protected (e.g. on the client).
         /// </summary>
         string? RootDir { get; }
 

Robust.Shared/ContentPack/PathHelpers.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.IO;
 using System.Runtime.InteropServices;
+using Robust.Shared.Utility;
 
 namespace Robust.Shared.ContentPack
 {
@@ -63,5 +64,27 @@ namespace Robust.Shared.ContentPack
             !OperatingSystem.IsWindows()
             && !OperatingSystem.IsMacOS();
 
+
+        internal static string SafeGetResourcePath(string baseDir, ResPath path)
+        {
+            var relSysPath = path.ToRelativeSystemPath();
+            if (relSysPath.Contains("\\..") || relSysPath.Contains("/.."))
+            {
+                // Hard cap on any exploit smuggling a .. in there.
+                // Since that could allow leaving sandbox.
+                throw new InvalidOperationException($"This branch should never be reached. Path: {path}");
+            }
+
+            var retPath = Path.GetFullPath(Path.Join(baseDir, relSysPath));
+            // better safe than sorry check
+            if (!retPath.StartsWith(baseDir))
+            {
+                // Allow path to match if it's just missing the directory separator at the end.
+                if (retPath != baseDir.TrimEnd('\\'))
+                    throw new InvalidOperationException($"This branch should never be reached. Path: {path}");
+            }
+
+            return retPath;
+        }
     }
 }

Robust.Shared/ContentPack/ResourceManager.cs

@@ -41,13 +41,13 @@ namespace Robust.Shared.ContentPack
         public IWritableDirProvider UserData { get; private set; } = default!;
 
         /// <inheritdoc />
-        public virtual void Initialize(string? userData)
+        public virtual void Initialize(string? userData, bool hideRootDir)
         {
             Sawmill = _logManager.GetSawmill("res");
 
             if (userData != null)
             {
-                UserData = new WritableDirProvider(Directory.CreateDirectory(userData));
+                UserData = new WritableDirProvider(Directory.CreateDirectory(userData), hideRootDir);
             }
             else
             {
@@ -379,7 +379,13 @@ namespace Robust.Shared.ContentPack
             {
                 if (root is DirLoader loader)
                 {
-                    yield return new ResPath(loader.GetPath(new ResPath(@"/")));
+                    var rootDir = loader.GetPath(new ResPath(@"/"));
+
+                    // TODO: GET RID OF THIS.
+                    // This code shouldn't be passing OS disk paths through ResPath.
+                    rootDir = rootDir.Replace(Path.DirectorySeparatorChar, '/');
+
+                    yield return new ResPath(rootDir);
                 }
             }
         }

Robust.Shared/ContentPack/Sandbox.yml

@@ -84,12 +84,146 @@ Types:
       - "bool get_HasContents()"
   Lidgren.Network:
     NetBuffer:
-      All: True
+      Methods:
+      - "byte[] get_Data()"
+      - "void set_Data(byte[])"
+      - "int get_LengthBytes()"
+      - "void set_LengthBytes(int)"
+      - "int get_LengthBits()"
+      - "void set_LengthBits(int)"
+      - "long get_Position()"
+      - "void set_Position(long)"
+      - "int get_PositionInBytes()"
+      - "byte[] PeekDataBuffer()"
+      - "bool PeekBoolean()"
+      - "byte PeekByte()"
+      - "sbyte PeekSByte()"
+      - "byte PeekByte(int)"
+      - "System.Span`1<byte> PeekBytes(System.Span`1<byte>)"
+      - "byte[] PeekBytes(int)"
+      - "void PeekBytes(byte[], int, int)"
+      - "short PeekInt16()"
+      - "ushort PeekUInt16()"
+      - "int PeekInt32()"
+      - "int PeekInt32(int)"
+      - "uint PeekUInt32()"
+      - "uint PeekUInt32(int)"
+      - "ulong PeekUInt64()"
+      - "long PeekInt64()"
+      - "ulong PeekUInt64(int)"
+      - "long PeekInt64(int)"
+      - "float PeekFloat()"
+      - "System.Half PeekHalf()"
+      - "float PeekSingle()"
+      - "double PeekDouble()"
+      - "string PeekString()"
+      - "int PeekStringSize()"
+      - "bool ReadBoolean()"
+      - "byte ReadByte()"
+      - "bool ReadByte(ref byte)"
+      - "sbyte ReadSByte()"
+      - "byte ReadByte(int)"
+      - "System.Span`1<byte> ReadBytes(System.Span`1<byte>)"
+      - "byte[] ReadBytes(int)"
+      - "bool ReadBytes(int, ref byte[])"
+      - "bool TryReadBytes(System.Span`1<byte>)"
+      - "void ReadBytes(byte[], int, int)"
+      - "void ReadBits(System.Span`1<byte>, int)"
+      - "void ReadBits(byte[], int, int)"
+      - "short ReadInt16()"
+      - "ushort ReadUInt16()"
+      - "int ReadInt32()"
+      - "bool ReadInt32(ref int)"
+      - "int ReadInt32(int)"
+      - "uint ReadUInt32()"
+      - "bool ReadUInt32(ref uint)"
+      - "uint ReadUInt32(int)"
+      - "ulong ReadUInt64()"
+      - "long ReadInt64()"
+      - "ulong ReadUInt64(int)"
+      - "long ReadInt64(int)"
+      - "float ReadFloat()"
+      - "System.Half ReadHalf()"
+      - "float ReadSingle()"
+      - "bool ReadSingle(ref float)"
+      - "double ReadDouble()"
+      - "uint ReadVariableUInt32()"
+      - "bool ReadVariableUInt32(ref uint)"
+      - "int ReadVariableInt32()"
+      - "long ReadVariableInt64()"
+      - "ulong ReadVariableUInt64()"
+      - "float ReadSignedSingle(int)"
+      - "float ReadUnitSingle(int)"
+      - "float ReadRangedSingle(float, float, int)"
+      - "int ReadRangedInteger(int, int)"
+      - "long ReadRangedInteger(long, long)"
+      - "string ReadString()"
+      - "bool ReadString(ref string)"
+      - "double ReadTime(Lidgren.Network.NetConnection, bool)"
+      - "System.Net.IPEndPoint ReadIPEndPoint()"
+      - "void SkipPadBits()"
+      - "void ReadPadBits()"
+      - "void SkipPadBits(int)"
+      - "void EnsureBufferSize(int)"
+      - "void Write(bool)"
+      - "void Write(byte)"
+      - "void WriteAt(int, byte)"
+      - "void Write(sbyte)"
+      - "void Write(byte, int)"
+      - "void Write(byte[])"
+      - "void Write(System.ReadOnlySpan`1<byte>)"
+      - "void Write(byte[], int, int)"
+      - "void Write(ushort)"
+      - "void WriteAt(int, ushort)"
+      - "void Write(ushort, int)"
+      - "void Write(short)"
+      - "void WriteAt(int, short)"
+      - "void Write(int)"
+      - "void WriteAt(int, int)"
+      - "void Write(uint)"
+      - "void WriteAt(int, uint)"
+      - "void Write(uint, int)"
+      - "void Write(int, int)"
+      - "void Write(ulong)"
+      - "void WriteAt(int, ulong)"
+      - "void Write(ulong, int)"
+      - "void Write(long)"
+      - "void Write(long, int)"
+      - "void Write(System.Half)"
+      - "void Write(float)"
+      - "void Write(double)"
+      - "int WriteVariableUInt32(uint)"
+      - "int WriteVariableInt32(int)"
+      - "int WriteVariableInt64(long)"
+      - "int WriteVariableUInt64(ulong)"
+      - "void WriteSignedSingle(float, int)"
+      - "void WriteUnitSingle(float, int)"
+      - "void WriteRangedSingle(float, float, float, int)"
+      - "int WriteRangedInteger(int, int, int)"
+      - "int WriteRangedInteger(long, long, long)"
+      - "void Write(string)"
+      - "void Write(System.Net.IPEndPoint)"
+      - "void WriteTime(bool)"
+      - "void WriteTime(double, bool)"
+      - "void WritePadBits()"
+      - "void WritePadBits(int)"
+      - "void Write(Lidgren.Network.NetBuffer)"
+      - "void Zero(int)"
+      - "void .ctor()"
     NetDeliveryMethod: { }
     NetIncomingMessage:
-      All: True
+      Methods:
+      - "Lidgren.Network.NetIncomingMessageType get_MessageType()"
+      - "Lidgren.Network.NetDeliveryMethod get_DeliveryMethod()"
+      - "int get_SequenceChannel()"
+      - "System.Net.IPEndPoint get_SenderEndPoint()"
+      - "Lidgren.Network.NetConnection get_SenderConnection()"
+      - "double get_ReceiveTime()"
+      - "double ReadTime(bool)"
+      - "string ToString()"
     NetOutgoingMessage:
-      All: True
+      Methods:
+      - "string ToString()"
   Nett:
     CommentLocation: { } # Enum
     Toml:

Robust.Shared/ContentPack/WritableDirProvider.cs

@@ -2,6 +2,7 @@
 using System.Collections.Generic;
 using System.Diagnostics;
 using System.IO;
+using System.Threading;
 using Robust.Shared.Utility;
 
 namespace Robust.Shared.ContentPack
@@ -9,17 +10,22 @@ namespace Robust.Shared.ContentPack
     /// <inheritdoc />
     internal sealed class WritableDirProvider : IWritableDirProvider
     {
-        /// <inheritdoc />
+        private readonly bool _hideRootDir;
+
         public string RootDir { get; }
 
+        string? IWritableDirProvider.RootDir => _hideRootDir ? null : RootDir;
+
         /// <summary>
         /// Constructs an instance of <see cref="WritableDirProvider"/>.
         /// </summary>
         /// <param name="rootDir">Root file system directory to allow writing.</param>
-        public WritableDirProvider(DirectoryInfo rootDir)
+        /// <param name="hideRootDir">If true, <see cref="IWritableDirProvider.RootDir"/> is reported as null.</param>
+        public WritableDirProvider(DirectoryInfo rootDir, bool hideRootDir)
         {
             // FullName does not have a trailing separator, and we MUST have a separator.
             RootDir = rootDir.FullName + Path.DirectorySeparatorChar.ToString();
+            _hideRootDir = hideRootDir;
         }
 
         #region File Access
@@ -118,7 +124,7 @@ namespace Robust.Shared.ContentPack
                 throw new FileNotFoundException();
 
             var dirInfo = new DirectoryInfo(GetFullPath(path));
-            return new WritableDirProvider(dirInfo);
+            return new WritableDirProvider(dirInfo, _hideRootDir);
         }
 
         /// <inheritdoc />
@@ -135,11 +141,37 @@ namespace Robust.Shared.ContentPack
                 path = path.Directory;
 
             var fullPath = GetFullPath(path);
-            Process.Start(new ProcessStartInfo
+            if (OperatingSystem.IsWindows())
             {
-                UseShellExecute = true,
-                FileName = fullPath,
-            });
+                Process.Start(new ProcessStartInfo
+                {
+                    FileName = $"{Environment.GetEnvironmentVariable("SystemRoot")}\\explorer.exe",
+                    Arguments = ".",
+                    WorkingDirectory = fullPath,
+                });
+            }
+            else if (OperatingSystem.IsMacOS())
+            {
+                Process.Start(new ProcessStartInfo
+                {
+                    FileName = "open",
+                    Arguments = ".",
+                    WorkingDirectory = fullPath,
+                });
+            }
+            else if (OperatingSystem.IsLinux() || OperatingSystem.IsFreeBSD())
+            {
+                Process.Start(new ProcessStartInfo
+                {
+                    FileName = "xdg-open",
+                    Arguments = ".",
+                    WorkingDirectory = fullPath,
+                });
+            }
+            else
+            {
+                throw new NotSupportedException("Opening OS windows not supported on this OS");
+            }
         }
 
         #endregion
@@ -153,20 +185,7 @@ namespace Robust.Shared.ContentPack
 
             path = path.Clean();
 
-            return GetFullPath(RootDir, path);
-        }
-
-        private static string GetFullPath(string root, ResPath path)
-        {
-            var relPath = path.ToRelativeSystemPath();
-            if (relPath.Contains("\\..") || relPath.Contains("/.."))
-            {
-                // Hard cap on any exploit smuggling a .. in there.
-                // Since that could allow leaving sandbox.
-                throw new InvalidOperationException($"This branch should never be reached. Path: {path}");
-            }
-
-            return Path.GetFullPath(Path.Combine(root, relPath));
+            return PathHelpers.SafeGetResourcePath(RootDir, path);
         }
     }
 }

Robust.UnitTesting/Shared/Resources/WritableDirProviderTest.cs

@@ -24,7 +24,7 @@ namespace Robust.UnitTesting.Shared.Resources
             _testDir = Directory.CreateDirectory(_testDirPath);
             var subDir = Path.Combine(_testDirPath, "writable");
 
-            _dirProvider = new WritableDirProvider(Directory.CreateDirectory(subDir));
+            _dirProvider = new WritableDirProvider(Directory.CreateDirectory(subDir), hideRootDir: false);
         }
 
         [OneTimeTearDown]