Donut Orders

New Features

• Added Shulker Box delivery support — matching items inside shulkers count toward order fulfillment.
• Shulker contents are scanned from shulkers placed in the delivery GUI and from shulkers anywhere in the seller's inventory.
• Added items.yml for configuring allowed order materials separately from config.yml.
• Added Modrinth update check on plugin startup (update-check.enabled in config.yml).
• Added donutorders as a command alias for /orders.

Improvements

• Allowed materials are validated server-side when creating orders (prevents GUI bypass).
• Invalid material names in items.yml log warnings instead of crashing the plugin.
• /orders admin reload now reloads config.yml, messages.yml, and items.yml.

New Features

• Added permission-based order limits via donutorders.limit.<n> nodes (e.g. donutorders.limit.5, donutorders.limit.10).
• Added support for rank-specific maximum active orders through optional rank-limits configuration.
• Added PlaceholderAPI support: %donutorders_order_limit% returns the player's currently applied limit.
• Added /orders limit <player> admin command (alias: /donutorders limit <player>).

Improvements

• Added a caching system for permission-based limit lookups to avoid scanning permissions on every order creation.
• Limit cache refreshes automatically on player join, config reload, and LuckPerms permission recalculation.
• Order limit reached messages are now configurable via messages.yml.

Configuration

• Added orders.default-limit as an optional config key (takes priority over legacy orders.max-per-player when set).
• Added optional rank-limits configuration section for group-based fallback limits.
• Added messages.order-limit-reached with %limit% and %active_orders% placeholders.

Permissions

• donutorders.admin.limit — allows use of /orders limit <player>.
• donutorders.limit.<n> — grants a custom maximum active order count.

• Fixed Fill Order GUI item movement issue
• Players can now manually move items into order fill slots
• Improved Bedrock / Pocket Edition compatibility
• Shift-click is no longer required to fill orders
• Protected GUI slots still block invalid interactions
• Kept server-side validation and anti-dupe protections intact

Critical Security Patch

• Item Duplication Exploit Fixed: Completely resolved a critical exploit where delayed or replayed ClickSlot inventory packets could trigger order collection multiple times before the server-side database state could update.
• WaterTight Concurrency Protections:
  • Implemented an atomic, in-memory compare-and-set claim lock (tryLockClaim / unlockClaim) to guarantee that concurrent stash claims from replayed/spam packets fail immediately.
  • Added a state-based collection lifecycle: orders now transition to PENDING upon completion/cancellation/expiration and to CLAIMED immediately when collection starts in-memory, ensuring absolute claim idempotency.
  • Implemented automatic SQLite database schema migration (claimed_by and claimed_at columns) to persist claiming information and protect against exploits across server restarts or hot reloads.
  • Added tick-based packet rate-limiting at the listener level to reject rapid click spam (max 2 clicks per tick) and click replays targeting the exact same slot in a single tick.

Improvements & Lifecycle Hardening

• Safe Expiry Flow: Redesigned the order expiration checker to safely transition orders to PENDING (pending collection) rather than performing immediate, unsafe synchronous refunds. Players can now safely retrieve their expired order refunds from their personal stash GUI at any time.
• Thread-Safety & Folia Compatibility: Guaranteed thread-safe SQLite operations by usingHikariCP WAL-mode queries dispatched asynchronously and synchronizing on player entity threads for Vault deposits and item insertions.

Admin & Testing Command

• Concurrency Simulator: Registered the /orders admin simulate command (requires donutorders.admin permission). This executes a live high-latency packet replay and concurrent race simulation in SQLite, spawning 10 concurrent threads racing to collect the exact same stash at the exact same millisecond. Reports back in chat showing exactly 1 successful claim and 9 rejections.

• Fixed a critical issue where items could duplicate when placing them in order slots
• Resolved a bug causing items to return to the sender while still being delivered to the receiver
• Improved inventory handling to prevent unintended item cloning
• Fixed items being silently lost when clicking Cancel in the delivery confirmation screen
• Fixed items being lost when pressing ESC to close the delivery confirmation screen