fix: Update secrets config in validation workflows for Gitea (#7)

This reverts commit 9dbe10cbe7.

.github/workflows/labeler-approve.yml

@@ -1,4 +1,4 @@
-name: "Labels: Approve"
+name: "Labels: Approve"
 
 on:
   pull_request_review:
@@ -11,8 +11,10 @@ jobs:
     if: github.event.review.state == 'approved'
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-remove-labels@v1
-      with:
-        labels: |
-          Status: Needs Review
-          Status: Awaiting Changes
+    - name: Remove review labels
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        API="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels"
+        curl -sS -X DELETE -H "Authorization: token $GITHUB_TOKEN" "$API/Status%3A%20Needs%20Review" || true
+        curl -sS -X DELETE -H "Authorization: token $GITHUB_TOKEN" "$API/Status%3A%20Awaiting%20Changes" || true

.github/workflows/labeler-changes.yml

@@ -1,4 +1,4 @@
-name: "Labels: Changes"
+name: "Labels: Changes"
 
 on:
   pull_request_review:
@@ -11,9 +11,11 @@ jobs:
     if: github.event.review.state == 'changes_requested'
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-add-labels@v1
-      with:
-        labels: "Status: Awaiting Changes"
-    - uses: actions-ecosystem/action-remove-labels@v1
-      with:
-        labels: "Status: Needs Review"
+    - name: Update labels
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        API="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels"
+        curl -sS -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" \
+          -d '{"labels":["Status: Awaiting Changes"]}' "$API"
+        curl -sS -X DELETE -H "Authorization: token $GITHUB_TOKEN" "$API/Status%3A%20Needs%20Review" || true

.github/workflows/labeler-conflict.yml

@@ -57,8 +57,10 @@ jobs:
 
             if [ -n "$HAS_LABEL" ]; then
               echo "Removing stale conflict label..."
+              # URL-encode the label name (handles spaces, colons, etc.)
+              LABEL_NAME_ENCODED=$(echo "$LABEL_NAME" | jq -rR @uri)
               curl -s -X DELETE -H "Authorization: token $API_TOKEN" \
-                "$API_URL/repos/$REPO_OWNER/$REPO_NAME/issues/$PR_INDEX/labels/$LABEL_NAME"
+                "$API_URL/repos/$REPO_OWNER/$REPO_NAME/issues/$PR_INDEX/labels/$LABEL_NAME_ENCODED"
               echo "Conflict label removed."
             fi
           fi

.github/workflows/labeler-needsreview.yml

@@ -1,4 +1,4 @@
-name: "Labels: Review"
+name: "Labels: Review"
 
 on:
   pull_request_target:
@@ -8,9 +8,11 @@ jobs:
   add_label:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-add-labels@v1
-      with:
-        labels: "S: Needs Review"
-    - uses: actions-ecosystem/action-remove-labels@v1
-      with:
-        labels: "S: Awaiting Changes"
+    - name: Update labels
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        API="${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels"
+        curl -sS -X POST -H "Authorization: token $GITHUB_TOKEN" -H "Content-Type: application/json" \
+          -d '{"labels":["S: Needs Review"]}' "$API"
+        curl -sS -X DELETE -H "Authorization: token $GITHUB_TOKEN" "$API/S%3A%20Awaiting%20Changes" || true

.github/workflows/labeler-review.yml

@@ -1,23 +0,0 @@
-name: "Labels: Approved"
-on:
-  pull_request_review:
-    types: [submitted]
-jobs:
-  add_label:
-    # Change the repository name after you've made sure the team name is correct for your fork!
-    if: ${{ (github.repository == 'space-wizards/space-station-14') && (github.event.review.state == 'APPROVED') }}
-    permissions:
-      contents: read
-      pull-requests: write
-    runs-on: ubuntu-latest
-    steps:
-    - uses: tspascoal/get-user-teams-membership@v3
-      id: checkUserMember
-      with:
-        username: ${{ github.actor }}
-        team: "content-maintainers,junior-maintainers"
-        GITHUB_TOKEN: ${{ secrets.LABELER_PAT }}
-    - if: ${{ steps.checkUserMember.outputs.isTeamMember == 'true' }}
-      uses: actions-ecosystem/action-add-labels@v1
-      with:
-        labels: "S: Approved"

.github/workflows/labeler-stable.yml

@@ -11,6 +11,12 @@ jobs:
   add_label:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-add-labels@v1
-      with:
-        labels: "Branch: Stable"
+    - name: Add branch label
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        curl -sS -X POST \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -H "Content-Type: application/json" \
+          -d '{"labels":["Branch: Stable"]}' \
+          "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels"

.github/workflows/labeler-staging.yml

@@ -11,6 +11,12 @@ jobs:
   add_label:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-add-labels@v1
-      with:
-        labels: "Branch: Staging"
+    - name: Add branch label
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        curl -sS -X POST \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -H "Content-Type: application/json" \
+          -d '{"labels":["Branch: Staging"]}' \
+          "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/${{ github.event.pull_request.number }}/labels"

.github/workflows/labeler-untriaged.yml

@@ -1,4 +1,4 @@
-name: "Labels: Untriaged"
+name: "Labels: Untriaged"
 
 on:
   issues:
@@ -10,7 +10,14 @@ jobs:
   add_label:
     runs-on: ubuntu-latest
     steps:
-    - uses: actions-ecosystem/action-add-labels@v1
-      if: join(github.event.issue.labels) == ''
-      with:
-        labels: "S: Untriaged"
+    - name: Add untriaged label
+      if: github.event.issue.labels[0] == null || github.event.pull_request.labels[0] == null
+      env:
+        GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
+      run: |
+        NUMBER="${{ github.event.pull_request.number || github.event.issue.number }}"
+        curl -sS -X POST \
+          -H "Authorization: token $GITHUB_TOKEN" \
+          -H "Content-Type: application/json" \
+          -d '{"labels":["S: Untriaged"]}' \
+          "${{ github.server_url }}/api/v1/repos/${{ github.repository }}/issues/$NUMBER/labels"

.github/workflows/publish.yml

@@ -15,20 +15,49 @@ jobs:
   build:
     runs-on: ubuntu-latest
     env:
+      CDN_MANIFEST_URL: https://cdn.wylab.me/fork/wylab/manifest
       RUNNER_TOOL_CACHE: /toolcache
     steps:
     - name: Fail if we are attempting to run on the master branch
       if: ${{GITHUB.REF_NAME == 'master' && github.repository == 'space-wizards/space-station-14'}}
       run: exit 1
 
-    - name: Install Python dependencies
-      run: pip install --break-system-packages requests paramiko lxml
+#    - name: Install dependencies
+#      run: sudo apt-get install -y python3-paramiko python3-lxml
 
     - uses: actions/checkout@v4.2.2
       with:
         submodules: 'recursive'
 
-    # Corvax-Secrets-Start
+    - name: Check if build already published
+      id: cdn-check
+      run: |
+        SHA=$(echo "$GITHUB_SHA" | tr '[:upper:]' '[:lower:]')
+        if curl -sSf "$CDN_MANIFEST_URL" | jq -e ".builds[\"$SHA\"]" > /dev/null 2>&1; then
+          echo "Build $SHA already present on CDN; skipping."
+          echo "skip=true" >> "$GITHUB_OUTPUT"
+        else
+          echo "Build $SHA not found on CDN; continuing."
+          echo "skip=false" >> "$GITHUB_OUTPUT"
+        fi
+
+    - name: Cache NuGet packages
+      uses: actions/cache@v4
+      with:
+        path: ~/.nuget/packages
+        key: ${{ runner.os }}-nuget-${{ hashFiles('**/*.csproj', 'global.json') }}
+        restore-keys: |
+          ${{ runner.os }}-nuget-
+
+    - name: Cache RobustToolbox build output
+      uses: actions/cache@v4
+      with:
+        path: RobustToolbox/bin
+        key: ${{ runner.os }}-robust-${{ hashFiles('RobustToolbox/**/*.csproj', 'global.json') }}
+        restore-keys: |
+          ${{ runner.os }}-robust-
+
+    # Wylab-Secrets-Start
     - name: Setup secrets
       env:
         SSH_KEY: ${{ secrets.SECRETS_PRIVATE_KEY }}
@@ -37,39 +66,43 @@ jobs:
         mkdir -p ~/.ssh
         echo "${{ secrets.SECRETS_PRIVATE_KEY }}" > ~/.ssh/id_rsa
         chmod 600 ~/.ssh/id_rsa
-        echo "HOST *" > ~/.ssh/config
-        echo "  Hostname github.com" >> ~/.ssh/config
-        echo "  Port 22" >> ~/.ssh/config
-        echo "  StrictHostKeyChecking no" >> ~/.ssh/config
-        git clone git@github.com:corvax-nexus/secrets.git Secrets
-        cp -R Secrets/Resources/Prototypes Resources/Prototypes/CorvaxSecrets
-        cp -R Secrets/Resources/ServerPrototypes Resources/Prototypes/CorvaxSecretsServer
-        cp -R Secrets/Resources/Locale Resources/Locale/ru-RU/corvax-secrets
-        cp -R Secrets/Resources/Textures Resources/Textures/CorvaxSecrets
-        cp -R Secrets/Resources/Audio Resources/Audio/CorvaxSecrets
-    # Corvax-Secrets-End
+        printf '%s\n' 'Host git.wylab.me' '  Hostname git.wylab.me' '  Port 22' '  User git' '  IdentityFile ~/.ssh/id_rsa' '  StrictHostKeyChecking no' '  UserKnownHostsFile /dev/null' > ~/.ssh/config
+        chmod 600 ~/.ssh/config
+        git clone git@git.wylab.me:wylab/secrets.git Secrets
+        [ -d Secrets/Resources/Prototypes ] && cp -R Secrets/Resources/Prototypes Resources/Prototypes/WylabSecrets
+        [ -d Secrets/Resources/ServerPrototypes ] && cp -R Secrets/Resources/ServerPrototypes Resources/Prototypes/WylabSecretsServer
+        [ -d Secrets/Resources/Locale ] && cp -R Secrets/Resources/Locale Resources/Locale/ru-RU/wylab-secrets
+        [ -d Secrets/Resources/Textures ] && cp -R Secrets/Resources/Textures Resources/Textures/WylabSecrets
+        [ -d Secrets/Resources/Audio ] && cp -R Secrets/Resources/Audio Resources/Audio/WylabSecrets
+    # Wylab-Secrets-End
 
     - name: Setup .NET Core
       uses: actions/setup-dotnet@v4.1.0
       with:
         dotnet-version: 9.0.x
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Get Engine Tag
       run: |
         cd RobustToolbox
         git fetch --depth=1
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Install dependencies
       run: dotnet restore
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Build Packaging
       run: dotnet build Content.Packaging --configuration Release --no-restore /m
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Package server
       run: dotnet run --project Content.Packaging server --platform win-x64 --platform win-arm64 --platform linux-x64 --platform linux-arm64 --platform osx-x64 --platform osx-arm64
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Package client
       run: dotnet run --project Content.Packaging client --no-wipe-release
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Publish version
       run: Tools/publish_multi_request.py
@@ -78,9 +111,10 @@ jobs:
         GITHUB_REPOSITORY: wylab/wylab-station-14
         FORK_ID: wylab
         ROBUST_CDN_URL: https://cdn.wylab.me/
+      if: ${{ steps.cdn-check.outputs.skip != 'true' }}
 
     - name: Trigger Docker image rebuild
-      if: ${{ success() }}
+      if: ${{ success() && steps.cdn-check.outputs.skip != 'true' }}
       env:
         DISPATCH_TOKEN: ${{ secrets.DOCKER_TRIGGER_TOKEN }}
         TARGET_REPO: wylab/WS14-Docker-Linux-Server

.github/workflows/test-packaging.yml

@@ -50,19 +50,19 @@ jobs:
           cd RobustToolbox/
           git submodule update --init --recursive
 
-      # Corvax-Secrets-Start
+      # Wylab-Secrets-Start
       - name: Setup secrets
         env:
           SSH_KEY: ${{ secrets.SECRETS_PRIVATE_KEY }}
         if: ${{ env.SSH_KEY != '' }}
         run: |
-          mkdir ~/.ssh
+          mkdir -p ~/.ssh
           echo "${{ secrets.SECRETS_PRIVATE_KEY }}" > ~/.ssh/id_rsa
           chmod 600 ~/.ssh/id_rsa
-          echo "HOST *" > ~/.ssh/config
-          echo "StrictHostKeyChecking no" >> ~/.ssh/config
+          echo "HOST git.wylab.me" > ~/.ssh/config
+          echo "  StrictHostKeyChecking no" >> ~/.ssh/config
           git -c submodule.Secrets.update=checkout submodule update --init
-      # Corvax-Secrets-End
+      # Wylab-Secrets-End
 
       - name: Setup .NET Core
         uses: actions/setup-dotnet@v4.1.0

.github/workflows/upstream-sync-merge.yml

@@ -0,0 +1,58 @@
+name: Upstream Sync Auto-Merge
+
+on:
+  workflow_run:
+    workflows: ["Build & Test"]
+    types: [completed]
+    branches: [upstream-sync]
+
+jobs:
+  auto-merge:
+    runs-on: ubuntu-latest
+    if: github.event.workflow_run.conclusion == 'success'
+    steps:
+    - name: Find and merge upstream-sync PR
+      uses: actions/github-script@v7
+      with:
+        script: |
+          // Find open PR from upstream-sync branch
+          const { data: prs } = await github.rest.pulls.list({
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            head: `${context.repo.owner}:upstream-sync`,
+            state: 'open'
+          });
+
+          if (prs.length === 0) {
+            console.log('No open upstream-sync PR found');
+            return;
+          }
+
+          const pr = prs[0];
+          console.log(`Found PR #${pr.number}: ${pr.title}`);
+
+          // Merge the PR using rebase
+          try {
+            await github.rest.pulls.merge({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              pull_number: pr.number,
+              merge_method: 'rebase'
+            });
+            console.log(`Successfully merged PR #${pr.number}`);
+          } catch (error) {
+            console.log(`Failed to merge: ${error.message}`);
+            throw error;
+          }
+
+          // Delete the upstream-sync branch after merge
+          try {
+            await github.rest.git.deleteRef({
+              owner: context.repo.owner,
+              repo: context.repo.repo,
+              ref: 'heads/upstream-sync'
+            });
+            console.log('Deleted upstream-sync branch');
+          } catch (error) {
+            console.log(`Failed to delete branch: ${error.message}`);
+          }

.github/workflows/upstream-sync.yml

@@ -0,0 +1,99 @@
+name: Upstream Sync
+
+on:
+  schedule:
+    - cron: '0 6 * * *'  # Daily at 6am UTC
+  workflow_dispatch:  # Manual trigger
+
+jobs:
+  check-and-sync:
+    runs-on: ubuntu-latest
+    steps:
+    - uses: actions/checkout@v4
+      with:
+        fetch-depth: 0
+        token: ${{ secrets.GITHUB_TOKEN }}
+
+    - name: Configure git
+      run: |
+        git config user.name "github-actions[bot]"
+        git config user.email "github-actions[bot]@users.noreply.github.com"
+
+    - name: Add upstream remote
+      run: |
+        git remote add syndicate https://github.com/space-syndicate/space-station-14.git
+        git fetch syndicate master
+
+    - name: Check for upstream updates
+      id: check
+      run: |
+        BEHIND=$(git rev-list HEAD..syndicate/master --count)
+        echo "behind=$BEHIND" >> $GITHUB_OUTPUT
+        if [ "$BEHIND" -gt 0 ]; then
+          echo "Upstream has $BEHIND new commits"
+          echo "has_updates=true" >> $GITHUB_OUTPUT
+        else
+          echo "Already up to date"
+          echo "has_updates=false" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Rebase onto upstream
+      if: steps.check.outputs.has_updates == 'true'
+      id: rebase
+      run: |
+        # Create sync branch
+        git checkout -b upstream-sync
+
+        # Try rebase
+        if git rebase syndicate/master; then
+          echo "rebase_success=true" >> $GITHUB_OUTPUT
+          git push -f origin upstream-sync
+        else
+          git rebase --abort
+          echo "rebase_success=false" >> $GITHUB_OUTPUT
+        fi
+
+    - name: Create PR for CI verification
+      if: steps.check.outputs.has_updates == 'true' && steps.rebase.outputs.rebase_success == 'true'
+      uses: actions/github-script@v7
+      with:
+        script: |
+          const behind = '${{ steps.check.outputs.behind }}';
+
+          // Check if PR already exists
+          const { data: prs } = await github.rest.pulls.list({
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            head: `${context.repo.owner}:upstream-sync`,
+            state: 'open'
+          });
+
+          if (prs.length > 0) {
+            console.log('PR already exists, skipping creation');
+            return;
+          }
+
+          // Create PR
+          await github.rest.pulls.create({
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            title: `Upstream sync: ${behind} new commits from syndicate/master`,
+            head: 'upstream-sync',
+            base: 'master',
+            body: `Automatic rebase of wylab commits onto updated syndicate/master.\n\n**${behind} new upstream commits**\n\nThis PR will be auto-merged when CI passes.`
+          });
+
+    - name: Create issue on rebase conflict
+      if: steps.check.outputs.has_updates == 'true' && steps.rebase.outputs.rebase_success == 'false'
+      uses: actions/github-script@v7
+      with:
+        script: |
+          const behind = '${{ steps.check.outputs.behind }}';
+          await github.rest.issues.create({
+            owner: context.repo.owner,
+            repo: context.repo.repo,
+            title: `Upstream sync failed - ${behind} commits behind`,
+            body: `Automatic rebase onto syndicate/master failed due to conflicts.\n\nManual intervention required:\n\`\`\`bash\ngit fetch syndicate\ngit rebase syndicate/master\n# resolve conflicts\ngit push --force-with-lease origin master\n\`\`\``,
+            labels: ['upstream-sync', 'needs-attention']
+          });
+

.github/workflows/validate-rgas.yml

@@ -15,19 +15,19 @@ jobs:
     - uses: actions/checkout@v4.2.2
     - name: Setup Submodule
       run: git submodule update --init
-    # Corvax-Secrets-Start
+    # Wylab-Secrets-Start
     - name: Setup secrets
       env:
         SSH_KEY: ${{ secrets.SECRETS_PRIVATE_KEY }}
       if: ${{ env.SSH_KEY != '' }}
       run: |
-        mkdir ~/.ssh
+        mkdir -p ~/.ssh
         echo "${{ secrets.SECRETS_PRIVATE_KEY }}" > ~/.ssh/id_rsa
         chmod 600 ~/.ssh/id_rsa
-        echo "HOST *" > ~/.ssh/config
-        echo "StrictHostKeyChecking no" >> ~/.ssh/config
+        echo "HOST git.wylab.me" > ~/.ssh/config
+        echo "  StrictHostKeyChecking no" >> ~/.ssh/config
         git -c submodule.Secrets.update=checkout submodule update --init
-    # Corvax-Secrets-End
+    # Wylab-Secrets-End
     - name: Pull engine updates
       uses: space-wizards/submodule-dependency@v0.1.5
     - uses: PaulRitter/yaml-schema-validator@v1

.github/workflows/validate-rsis.yml

@@ -5,35 +5,57 @@ on:
     branches: [ master, staging, stable ]
   merge_group:
   pull_request:
-    paths:
-      - '**.rsi/**'
+    types: [ opened, reopened, synchronize, ready_for_review ]
+    branches: [ master, staging, stable ]
 
 jobs:
   validate_rsis:
     name: Validate RSIs
     runs-on: ubuntu-latest
     steps:
+      - name: Check for RSI changes
+        id: check_rsi
+        uses: dorny/paths-filter@v3
+        with:
+          filters: |
+            rsi:
+              - '**.rsi/**'
+
+      - name: Skip if no RSI changes
+        if: steps.check_rsi.outputs.rsi != 'true' && github.event_name == 'pull_request'
+        run: echo "No RSI files changed, skipping validation"
+
       - uses: actions/checkout@v4.2.2
+        if: steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request'
+
       - name: Setup Submodule
+        if: steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request'
         run: git submodule update --init
-      # Corvax-Secrets-Start
+
+      # Wylab-Secrets-Start
       - name: Setup secrets
         env:
           SSH_KEY: ${{ secrets.SECRETS_PRIVATE_KEY }}
-        if: ${{ env.SSH_KEY != '' }}
+        if: (steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request') && env.SSH_KEY != ''
         run: |
-          mkdir ~/.ssh
+          mkdir -p ~/.ssh
           echo "${{ secrets.SECRETS_PRIVATE_KEY }}" > ~/.ssh/id_rsa
           chmod 600 ~/.ssh/id_rsa
-          echo "HOST *" > ~/.ssh/config
-          echo "StrictHostKeyChecking no" >> ~/.ssh/config
+          echo "HOST git.wylab.me" > ~/.ssh/config
+          echo "  StrictHostKeyChecking no" >> ~/.ssh/config
           git -c submodule.Secrets.update=checkout submodule update --init
-      # Corvax-Secrets-End
+      # Wylab-Secrets-End
+
       - name: Pull engine updates
+        if: steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request'
         uses: space-wizards/submodule-dependency@v0.1.5
+
       - name: Install Python dependencies
+        if: steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request'
         run: |
           python3 -m pip install --user --break-system-packages pillow jsonschema
+
       - name: Validate RSIs
+        if: steps.check_rsi.outputs.rsi == 'true' || github.event_name != 'pull_request'
         run: |
           python3 RobustToolbox/Schemas/validate_rsis.py Resources/

.github/workflows/validate_mapfiles.yml

@@ -15,19 +15,19 @@ jobs:
     - uses: actions/checkout@v4.2.2
     - name: Setup Submodule
       run: git submodule update --init
-    # Corvax-Secrets-Start
+    # Wylab-Secrets-Start
     - name: Setup secrets
       env:
         SSH_KEY: ${{ secrets.SECRETS_PRIVATE_KEY }}
       if: ${{ env.SSH_KEY != '' }}
       run: |
-        mkdir ~/.ssh
+        mkdir -p ~/.ssh
         echo "${{ secrets.SECRETS_PRIVATE_KEY }}" > ~/.ssh/id_rsa
         chmod 600 ~/.ssh/id_rsa
-        echo "HOST *" > ~/.ssh/config
-        echo "StrictHostKeyChecking no" >> ~/.ssh/config
+        echo "HOST git.wylab.me" > ~/.ssh/config
+        echo "  StrictHostKeyChecking no" >> ~/.ssh/config
         git -c submodule.Secrets.update=checkout submodule update --init
-    # Corvax-Secrets-End
+    # Wylab-Secrets-End
     - name: Pull engine updates
       uses: space-wizards/submodule-dependency@v0.1.5
     - uses: PaulRitter/yaml-schema-validator@v1

Resources/Prototypes/Reagents/toxins.yml

@@ -488,7 +488,7 @@
       - !type:PopupMessage
         conditions:
         - !type:MetabolizerTypeCondition
-          type: [ Animal, Vox, Vampire, Plant ] # Corvax-Wega-Edit + Plant
+          type: [ Animal, Vox, Vampire ] # Corvax-Wega-Edit
           inverted: true
         type: Local
         visualType: MediumCaution
@@ -498,12 +498,12 @@
         probability: 0.1
         conditions:
         - !type:MetabolizerTypeCondition
-          type: [ Animal, Vox, Vampire, Plant ] # Corvax-Wega-Edit + Plant
+          type: [ Animal, Vox, Plant, Vampire ] # Corvax-Wega-Edit: added Vampire
           inverted: true
       - !type:HealthChange
         conditions:
         - !type:MetabolizerTypeCondition
-          type: [ Animal, Vox, Vampire, Plant ] # Corvax-Wega-Edit + Plant
+          type: [ Animal, Vox, Plant, Vampire ] # Corvax-Wega-Edit: added Vampire
           inverted: true
         damage:
           types: