Toxic/minecraft-renew-mod
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
main
minecraft-renew-mod/docs/security-review.md
ToxicCrzay270 5e6a3e0450
Some checks failed
Build / build (push) Successful in 6m29s
Details
Release Dry Run / release-dry-run (push) Failing after 11s
Details
Codex Template Compliance / template-compliance (push) Successful in 4s
Details
Initial Minecraft Renew Mod workspace
2026-05-15 00:42:16 +02:00

1.1 KiB
Raw Permalink Blame History

Security Review

Scope

Project:

minecraft-renew-mod / create-limited-draining

Reviewed version or commit:

Unreleased workspace state

Code Patterns Checked

  • No eval.
  • No dynamic Function constructor.
  • No unsafe HTML injection.
  • No unexpected shell execution.
  • No unexpected external network calls.
  • No secrets committed.
  • No unsafe file writes outside expected Gradle/Minecraft runtime paths.

Dependency Review

Command:

cd create-limited-draining
.\gradlew dependencies --configuration runtimeClasspath

Result:

Completed successfully on 2026-05-15. Gradle resolved runtimeClasspath and reported the expected NeoForge, Create, Ponder, Flywheel, and Registrate dependency tree.

Runtime Review

  • Least-privilege runtime configuration.
  • External dependency repositories documented in Gradle.
  • Local Minecraft run data is ignored.
  • Sensitive data is not persisted unless explicitly required.

Release Notes

Known residual risks:

In-game Hose Pulley behavior still needs manual world testing before publication.
Reference in New Issue View Git Blame Copy Permalink