Merge branch 'develop' into beta

.flake8

@@ -7,7 +7,6 @@ exclude =
     FDevIDs/
     venv/
     .venv/
-    hotkey/darwin.py  # FIXME: Check under macOS VM at some point
 
 # Show exactly where in a line the error happened
 #show-source = True

.github/ISSUE_TEMPLATE/bug_report.md

@@ -7,22 +7,19 @@ assignees: ''
 
 ---
 
-**Please check the [Known Issues](https://github.com/EDCD/EDMarketConnector/issues/618) in case this has already been reported.**
-
-**Please also check if the issue is covered in our [Troubleshooting Guide](https://github.com/EDCD/EDMarketConnector/wiki/Troubleshooting).** It might be something with a known work around, or where a third party (such as EDSM) is causing logging that is harmless.
-
 **Please complete the following information:**
- - Version: [e.g. 4.0.6 - See 'Help > About E:D Market Connector'.  If running from source using git then please paste the output of `git log --decorate=full | head -1`]
+
+[//]: # (You can gather most of this information with the EDMC System Profiler)
+
+ - Version: [e.g. 5.10.4+39af6c34`]
  - Game Version: [e.g. 'Live' or 'Odyssey']
  - OS: [e.g. Windows 10, Linux Debian 10.6, etc.]
  - OS Locale: [e.g. English, French, Serbian...]
  - If applicable: Browser [e.g. chrome, safari]
- - Please attach **BOTH** log files, by dragging and dropping them into this input:
-     1. `%TEMP%\EDMarketConnector.log` from *immediately* after the bug occurs (re-running the application overwrites this file).
-     1. `%TEMP%\EDMarketConnector\EDMarketConnector-debug.log`.  See [Debug Log File](https://github.com/EDCD/EDMarketConnector/wiki/Troubleshooting#debug-log-files).  NB: If you don't have this log file then you're not running the latest version of the application and should update first to see if we already fixed the bug you're reporting.
 
 **Describe the bug**
-A clear and concise description of what the bug is.
+
+[//]: # (A clear and concise description of what the bug is.)
 
 **To Reproduce**
 Steps to reproduce the behavior:
@@ -32,10 +29,24 @@ Steps to reproduce the behavior:
 4. See error
 
 **Expected behavior**
-A clear and concise description of what you expected to happen.
+
+[//]: # (A clear and concise description of what you expected to happen.)
 
 **Screenshots**
-If applicable, add screenshots to help explain your problem.
+
+[//]: # (If applicable, add screenshots to help explain your problem.)
 
 **Additional context**
-Add any other context about the problem here.
+
+**Please Confirm the Following...**
+
+[//]: # (Add any other context about the problem here.)
+- [ ] I have checked the [Known Issues](https://github.com/EDCD/EDMarketConnector/issues/618) list to ensure this is not a duplicate
+- [ ] I have checked the [Troubleshooting Guide](https://github.com/EDCD/EDMarketConnector/wiki/Troubleshooting) to check for known workarounds
+
+**Logs**
+Please attach both the EDMarketConnector.log and EDMarketConnector-debug.log if available.
+
+You can find these logs at `%TEMP%\EDMarketConnector.log` and `%TEMP%\EDMarketConnector\EDMarketConnector-debug.log`
+
+See [Debug Log File](https://github.com/EDCD/EDMarketConnector/wiki/Troubleshooting#debug-log-files) for information on the Debug Log files

.github/SECURITY.md

@@ -0,0 +1,13 @@
+# Reporting Security Issues
+
+EDMC takes security very seriously. Our users trust us to provide a secure and safe tool to support their experience in Elite.
+
+In general, the best way to report a major security issue with us that should not be publically discussed is to email our maintainer teams. 
+
+The best point of contact for this is edmc@hullseals.space. When contacting, be sure to include as much information in your report. 
+
+As soon as your report is processed, we'll get in touch to make sure we quickly move ahead with fixing the issue and will lay out a timeline for public disclosure and fixes.
+
+Another method of reporting vulnerabilities is to open a new Bug Report [here](https://github.com/EDCD/EDMarketConnector/issues/new?assignees=&labels=bug%2C+unconfirmed&projects=&template=bug_report.md&title=).
+
+If reporting a security issue here, do not include details as to the issue or steps to reproduce, simply indicate you have found a potential security bug and would like us to contact you directly.

.github/pull_request_template.md

@@ -0,0 +1,18 @@
+<!---
+Thank you for submitting a PR for EDMC! Please follow this template to ensure your PR is processed.
+In general, you should be submitting targeting the develop branch. Please make sure you have this selected.
+-->
+# Description
+<!-- What does this PR Do? -->
+
+# Example Images
+<!-- Only if relevant. Remove if irrelevant. -->
+
+# Type of Change
+<!-- What type of change is this? New Feature? Enhancement to Existing Feature? Bug Fix? Translation Update? -->
+
+# How Tested
+<!-- How have you tested this change to ensure it works and doesn't cause new issues -->
+
+# Notes
+<!-- Does this resolve any open issues? Was this PR discussed internally somewhere off GitHub? -->

.github/workflows/codeql.yml

@@ -0,0 +1,95 @@
+# For most projects, this workflow file will not need changing; you simply need
+# to commit it to your repository.
+#
+# You may wish to alter this file to override the set of languages analyzed,
+# or to provide custom queries or build logic.
+#
+# ******** NOTE ********
+# We have attempted to detect the languages in your repository. Please check
+# the `language` matrix defined below to confirm you have the correct set of
+# supported CodeQL languages.
+#
+name: "CodeQL"
+
+on:
+  push:
+    branches-ignore:
+      - 'stable'
+      - 'releases'
+      - 'beta'
+  pull_request:
+    branches: [ develop ]
+  schedule:
+    - cron: '38 5 * * 4'
+
+jobs:
+  analyze:
+    name: Analyze (${{ matrix.language }})
+    # Runner size impacts CodeQL analysis time. To learn more, please see:
+    #   - https://gh.io/recommended-hardware-resources-for-running-codeql
+    #   - https://gh.io/supported-runners-and-hardware-resources
+    #   - https://gh.io/using-larger-runners (GitHub.com only)
+    # Consider using larger runners or machines with greater resources for possible analysis time improvements.
+    runs-on: 'ubuntu-latest'
+    timeout-minutes: 360
+    permissions:
+      # required for all workflows
+      security-events: write
+
+      # required to fetch internal or private CodeQL packs
+      packages: read
+
+      # only required for workflows in private repositories
+      actions: read
+      contents: read
+
+    strategy:
+      fail-fast: false
+      matrix:
+        include:
+        - language: python
+          build-mode: none
+        # CodeQL supports the following values keywords for 'language': 'c-cpp', 'csharp', 'go', 'java-kotlin', 'javascript-typescript', 'python', 'ruby', 'swift'
+        # Use `c-cpp` to analyze code written in C, C++ or both
+        # Use 'java-kotlin' to analyze code written in Java, Kotlin or both
+        # Use 'javascript-typescript' to analyze code written in JavaScript, TypeScript or both
+        # To learn more about changing the languages that are analyzed or customizing the build mode for your analysis,
+        # see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/customizing-your-advanced-setup-for-code-scanning.
+        # If you are analyzing a compiled language, you can modify the 'build-mode' for that language to customize how
+        # your codebase is analyzed, see https://docs.github.com/en/code-security/code-scanning/creating-an-advanced-setup-for-code-scanning/codeql-code-scanning-for-compiled-languages
+    steps:
+    - name: Checkout repository
+      uses: actions/checkout@v4
+
+    # Initializes the CodeQL tools for scanning.
+    - name: Initialize CodeQL
+      uses: github/codeql-action/init@v3
+      with:
+        languages: ${{ matrix.language }}
+        build-mode: ${{ matrix.build-mode }}
+        # If you wish to specify custom queries, you can do so here or in a config file.
+        # By default, queries listed here will override any specified in a config file.
+        # Prefix the list here with "+" to use these queries and those in the config file.
+
+        # For more details on CodeQL's query packs, refer to: https://docs.github.com/en/code-security/code-scanning/automatically-scanning-your-code-for-vulnerabilities-and-errors/configuring-code-scanning#using-queries-in-ql-packs
+        # queries: security-extended,security-and-quality
+
+    # If the analyze step fails for one of the languages you are analyzing with
+    # "We were unable to automatically build your code", modify the matrix above
+    # to set the build mode to "manual" for that language. Then modify this step
+    # to build your code.
+    # ℹ️ Command-line programs to run using the OS shell.
+    # 📚 See https://docs.github.com/en/actions/using-workflows/workflow-syntax-for-github-actions#jobsjob_idstepsrun
+    - if: matrix.build-mode == 'manual'
+      run: |
+        echo 'If you are using a "manual" build mode for one or more of the' \
+          'languages you are analyzing, replace this with the commands to build' \
+          'your code, for example:'
+        echo '  make bootstrap'
+        echo '  make release'
+        exit 1
+
+    - name: Perform CodeQL Analysis
+      uses: github/codeql-action/analyze@v3
+      with:
+        category: "/language:${{matrix.language}}"

.github/workflows/pr-checks.yml

@@ -13,7 +13,7 @@ on:
 
 jobs:
   code-checks:
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
 
     steps:
 
@@ -56,6 +56,7 @@ jobs:
       uses: actions/setup-python@v5
       with:
         python-version-file: '.python-version'
+        cache: 'pip' # caching pip dependencies
     - name: Install dependencies
       run: |
         python -m pip install --upgrade pip

.github/workflows/push-checks.yml

@@ -19,7 +19,7 @@ on:
 jobs:
   push_checks:
 
-    runs-on: ubuntu-22.04
+    runs-on: ubuntu-latest
 
     steps:
     - uses: actions/checkout@v4
@@ -28,6 +28,7 @@ jobs:
     - name: Set up Python
       uses: actions/setup-python@v5
       with:
+        cache: 'pip' # caching pip dependencies
         python-version-file: '.python-version'
     - name: Install dependencies
       run: |

.github/workflows/windows-build.yml

@@ -62,16 +62,16 @@ jobs:
             mv ../EDMarketConnector-release-${{ needs.variables.outputs.sem_ver }}.tar.gz .
 
       - name: Upload build files
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: Built files
+          name: built-files-linux
           path: |
               EDMarketConnector-release-*.tar.gz
 
   windows_build:
     needs: [variables]
     name: Build EDMC
-    runs-on: windows-2019
+    runs-on: windows-latest
 
     defaults:
       run:
@@ -105,6 +105,7 @@ jobs:
         with:
           python-version-file: '.python-version'
           architecture: "x86"
+          cache: 'pip' # caching pip dependencies
 
       - name: Install python tools
         run: |
@@ -131,22 +132,31 @@ jobs:
             Get-ChildItem -Path . -Filter "EDMarketConnector_Installer_*.exe" | Rename-Item -NewName {"EDMarketConnector_Installer_Unsigned_$($_.Name -replace '^EDMarketConnector_Installer_', '')"}
 
       - name: Upload build files
-        uses: actions/upload-artifact@v3
+        uses: actions/upload-artifact@v4
         with:
-          name: Built files
+          name: built-files-windows
           path: |
               EDMarketConnector_Installer_*.exe
               EDMarketConnector-release-*.zip
+  Merge:
+    runs-on: ubuntu-latest
+    needs: [ windows_build, linux_build ]
+    steps:
+      - name: Merge Artifacts
+        uses: actions/upload-artifact/merge@v4
+        with:
+          name: Built files
+          pattern: built-files-*
 
   release:
     name: Release new version
     runs-on: ubuntu-latest
-    needs: [ windows_build, linux_build ]
+    needs: Merge
     if: "${{ github.event_name != 'workflow_dispatch' }}"
 
     steps:
       - name: Download binary
-        uses: actions/download-artifact@v3
+        uses: actions/download-artifact@v4
         with:
           name: Built files
           path: ./
@@ -155,7 +165,7 @@ jobs:
         run: sha256sum EDMarketConnector_Installer_*.exe EDMarketConnector-release-*.{zip,tar.gz} > ./hashes.sum
 
       - name: Create Draft Release
-        uses: "softprops/action-gh-release@v1"
+        uses: "softprops/action-gh-release@v2"
         with:
           token: "${{secrets.GITHUB_TOKEN}}"
           draft: true

.gitignore

@@ -58,3 +58,4 @@ pylint.txt
 
 # Ignore Submodule data directory
 coriolis-data/
+FDevIDs/

.gitmodules

@@ -1,6 +1,3 @@
 [submodule "coriolis-data"]
 	path = coriolis-data
 	url = https://github.com/EDCD/coriolis-data.git
-[submodule "FDevIDs"]
-	path = FDevIDs
-	url = https://github.com/EDCD/FDevIDs.git

.mypy.ini

@@ -6,5 +6,4 @@ scripts_are_modules = True
 ;   `<var> = <value>`
 ; i.e. no typing info.
 check_untyped_defs = True
-; platform = darwin
 explicit_package_bases = True

.python-version

@@ -1 +1 @@
-3.11.7
+3.11.9

ChangeLog.md

@@ -175,7 +175,7 @@ for removal in the next major release! Please look for that change coming soon.
 
 **Changes and Enhancements**
 * Added new `modules.json` and `ships.json` files to improve security and readability
-* Added a core Spanch URL provider plugin
+* Added a core Spansh URL provider plugin
 * Added a new auth response page for successful FDEV authentication
 * Added a new Open Log Folder option to the Help menu
 * Added a new `--start_min` command flag to force the application to start minimized
@@ -241,7 +241,7 @@ Known Issues
 
 Release 5.9.3
 ===
-This release is identical to 5.9.3, except reverts a bad change. 
+This release is identical to 5.9.2, except reverts a bad change. 
 
 - REVERTS Deprecated load_module() is now retired (#1462)
 

Contributing.md

@@ -679,7 +679,7 @@ the following does not work:
 
 ```py
 from sys import platform
-if platform == 'darwin':
+if platform == 'win32':
   ...
 ```
 

EDMC.py

@@ -34,15 +34,15 @@
 import commodity
 import companion
 import edshipyard
-import l10n
+from l10n import translations as tr
 import loadout
 import outfitting
 import shipyard
 import stats
 from commodity import COMMODITY_DEFAULT
 from config import appcmdname, appversion, config
 from monitor import monitor
-from update import EDMCVersion, Updater
+from update import EDMCVersion, Updater, check_for_fdev_updates
 
 sys.path.append(config.internal_plugin_dir)
 # This import must be after the sys.path.append.
@@ -65,7 +65,7 @@ def log_locale(prefix: str) -> None:
                  )
 
 
-l10n.Translations.install_dummy()
+tr.install_dummy()
 
 SERVER_RETRY = 5  # retry pause for Companion servers [s]
 EXIT_SUCCESS, EXIT_SERVER, EXIT_CREDENTIALS, EXIT_VERIFICATION, EXIT_LAGGING, EXIT_SYS_ERR, EXIT_ARGS, \
@@ -162,7 +162,9 @@ def main():  # noqa: C901, CCR001
             updater = Updater()
             newversion: EDMCVersion | None = updater.check_appcast()
             if newversion:
-                print(f'{appversion()} ({newversion.title!r} is available)')
+                # LANG: Update Available Text
+                newverstr: str = tr.tl("{NEWVER} is available").format(NEWVER=newversion.title)
+                print(f'{appversion()} ({newverstr})')
             else:
                 print(appversion())
             return
@@ -495,6 +497,10 @@ def main():  # noqa: C901, CCR001
 
 
 if __name__ == '__main__':
-    main()
+    try:
+        check_for_fdev_updates(silent=True)
+        main()
+    except KeyboardInterrupt:
+        logger.info("Ctrl+C Detected, Attempting Clean Shutdown")
     logger.debug('Exiting')
     sys.exit(EXIT_SUCCESS)