Changelog

Changelog

Track platform updates, new features, and bug fixes.

LatestPlugin

v1.0.1

December 27, 2024

🔒 Security hardening release with comprehensive vulnerability fixes.

Security Improvements

  • Command Validation - Blocks dangerous commands (op, deop, ban, stop) from delivery execution
  • TLS 1.2+ Enforcement - All API connections require modern TLS protocols
  • Debug Redaction - Sensitive data (tokens, UUIDs) auto-redacted in logs
  • Delivery Confirmation Queue - Pending confirmations survive server restarts
  • Input Sanitization - Player names and UUIDs sanitized before command execution
  • API Endpoint Validation - HTTPS and domain whitelist enforcement
  • Rate Limiting - 5-second cooldown on verification attempts
  • IP Change Detection - Security audit logs when tokens used from new IPs

New Features

  • Auto-Discovery - Project ID fetched from API (no hardcoding)
  • Configurable Fallback - Fallback endpoints now require explicit opt-in
  • Admin Audit Logs - New dashboard page for viewing security events

Security Fixes

  • Command injection via delivery commands (Critical)
  • Debug mode exposing sensitive tokens (High)
  • No SSL certificate validation (High)
  • Hardcoded project ID (High)
  • No rate limiting on verification attempts (Medium)
  • Delivery confirmation atomicity issues (Medium)
  • Player name injection in commands (Medium)
Platform

v1.0.0

December 2024

Initial public release of WERM - Web Engine for Realm Monetization.

New Features

  • Server discovery with public listings and search
  • Global wallet system with WERM Credits
  • Server storefronts with customizable products
  • Hybrid delivery engine (webhook + polling)
  • Minecraft plugin for Paper/Spigot 1.8-1.21+
  • Multiple verification methods (Plugin, MOTD, DNS)
  • Cart system with multi-product checkout
  • Gift system for sending products to other players
  • Wishlist functionality
  • Scheduled sales and promotions
  • Server reviews and ratings
  • Multi-currency display support
  • Subscription tiers (Free, Starter, Pro, Enterprise)

Platform Features

  • Dashboard for server management
  • Analytics and sales reporting
  • Payout management system
  • Rate limiting and fraud detection
  • Audit logging for security events
  • Email notifications for orders
  • Offline delivery queue

Plugin History

Plugin

v1.0.0

December 23, 2024

Initial Release

  • Paper/Spigot support for 1.8-1.21+
  • Automatic server verification via plugin
  • Webhook delivery endpoint
  • Polling fallback for firewalled servers
  • Offline player delivery queue
  • Account linking system
  • Command placeholder support
  • Configurable messages

Coming Soon

Features planned for upcoming releases:

Platform

  • REST API for developers
  • Discord integration
  • Two-factor authentication
  • Store migration tools
  • Advanced analytics
  • Custom domains

Plugin

  • In-game store GUI
  • BungeeCord/Velocity support
  • PlaceholderAPI integration
  • Bedrock support (Geyser)

Version Naming

WERM follows semantic versioning (SemVer):

MAJOR.MINOR.PATCH
  • MAJOR - Breaking changes that require migration
  • MINOR - New features, backwards compatible
  • PATCH - Bug fixes and small improvements