Skip to content

Commit

Permalink
Add 23w31a
Browse files Browse the repository at this point in the history
  • Loading branch information
@Tisawesomeness
Tisawesomeness committed Aug 12, 2023
1 parent ee83af6 commit eb079f9
Showing 1 changed file with 101 additions and 0 deletions.
101 changes: 101 additions & 0 deletions snapshots/_posts/2023-08-12-23w31a.md
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,101 @@
---
layout: post
title: "Minecraft 23w31a"
date: 2023-08-12 13:18:12 -0500
---

The first snapshot for 1.20.2 is out! See the [changelog](https://www.minecraft.net/en-us/article/minecraft-snapshot-23w31a).

## PSA: Beware of Command Injection in Function Macros

Using function macros with untrusted input could lead to security issues. Macros are substituted using a pure string replace with **no validation** and **no quoting**.

As an example, the command below makes the mob types provided by the macro glow:

```
execute as @e[type=$(mob_type)] run function vuln:make_glow
```

Setting the `mob_type` macro to `player,name=Tis_awesomeness] if function vuln:give_op_item as @e[type=pig` changes the command into:

```
execute as @e[type=player,name=Tis_awesomeness] if function vuln:give_op_item as @e[type=pig] run function vuln:make_glow
```

See the [video](https://www.youtube.com/watch?v=MpG0XswTA_8) for a demonstration.

**Always validate user input in macros and make sure that it is impossible for any macro input to create a valid but unintended command**. Failure to do so could result in arbitrary command execution.

Thanks to `nodenotjs` on the [Minecraft Commands Discord](https://discord.gg/QAFXFtZ) for the example and demonstration.

## Diamond Distribution

2 diamond ore veins generate per chunk at y-levels -64 through -4, with an equal chance for each y-level. The veins are up to 8 ores in size. If the diamonds are exposed to air, there is a 50% chance the ore will disappear.

On average, 4/15 (0.2667) more diamonds generate per chunk. This drops to 2/15 (0.1333) when the diamonds are exposed to air.

At y=-59, approximately 22% more diamonds generate (16% when exposed to air). At y=-4, approximately 83% more diamonds generate (60% when exposed to air).

## Villagers

### Curing

The villager [gossip](https://minecraft.fandom.com/wiki/Villager#Gossiping) values were changed so that curing a villager gives the maximum reputation bonus.

| Type | Amount gained | Share penalty | Max value |
| -------------- | ------------- | ------------- | --------- |
| Major positive | 20 | 100 → 20 | 100 → 20 |
| Minor positive | 25 | 5 | 200 → 25 |

Villagers who were cured multiple times in previous versions will keep their low prices when the world is updated, the gossip values are not updated to the lower maximums. However, curing a villager again will reset the reputation bonuses and prices to one cure.

### Experimental Librarian Changes

Librarians unlock normal enchanted book trades at Novice, Apprentice, and Journeyman levels. The enchantment is selected randomly from the possible normal enchantments, with an equal chance for each enchantment level. A librarian may sell the same book more than once.

### Experimental Wandering Traders

The following trades were modified:

| Item | Amount | Price | Trades until Disabled |
| -------------------- | ------ | ----- | --------------------- |
| Vine | 1 → 3 | 1 | 12 → 4 |
| Brown Mushroom | 1 → 3 | 1 | 12 → 4 |
| Lily Pad | 2 → 5 | 1 | 5 → 2 |
| Packed Ice | 1 | 3 → 1 | 6 |
| Gunpowder | 1 → 4 | 1 | 8 → 2 |
| Tropical Fish Bucket | 1 | 5 → 3 | 4 |
| Pufferfish Bucket | 1 | 5 → 3 | 4 |

The new iron pickaxe trade has a price multiplier of `0.2`, the same as other tools. The rest of the new trades have a price multiplier of `0.05`.

Wandering traders do **not** have a higher **total** amount of each item in stock. They have the same total stock, but offer more of the same items in a single trade.

## Mobs

The iron golem spawn rate was buffed from every 700 ticks (35 seconds) to every 600 ticks (30 seconds), fixing [MC-254100](https://bugs.mojang.com/browse/MC-254100).

To fix [MC-262636](https://bugs.mojang.com/browse/MC-262636), slimes and magma cubes no longer control vehicles.

## Sculk

Sculk sensors now check the distance between the target's **block position** and the sensor's **block position**. Sculk sensors will no longer produce different outputs for vibrations within the same block location, fixing [MC-261657](https://bugs.mojang.com/browse/MC-261657).

## Other

Completing the "Smithing with Style" advancement now gives 150 experience, fixing [MC-262947](https://bugs.mojang.com/browse/MC-262947).

Added the "Sponge sucks" subtitle for a sponge absorbing water.

The game now uses OpenAL Soft's [output limiter extension](https://openal-soft.org/openal-extensions/SOFT_output_limiter.txt) to prevent excessive audio clipping.

## Random Command

The minimum and maximum values of a random command range are the same as a 32-bit signed integer: -2,147,483,648 (-2^31) to 2,147,483,647 (2^31 - 1).

The difference between the maximum and minimum values in a range must be at most 2,147,483,647 (2^31 - 1).

## Function Macros

Variable names can contain underscores and any character satisfying `Character#isLetterOrDigit` ([docs](https://docs.oracle.com/en/java/javase/17/docs/api/java.base/java/lang/Character.html#isLetterOrDigit(char))), including non-ASCII characters.

0 comments on commit eb079f9

Please sign in to comment.