Security update, fixes CVE-2022-37434 in zlib.
Only applications exposing/using `inflateGetHeader()` seem to be affected,
which is not our case, so this is not critical for Godot.
Remove duplicated copy of zlib in freetype sources to force using the updated
version in `thirdparty/zlib/`.
Co-authored-by: Rémi Verschelde <rverschelde@gmail.com>
(cherry picked from commit 93409b8e64)
As many open source projects have started doing it, we're removing the
current year from the copyright notice, so that we don't need to bump
it every year.
It seems like only the first year of publication is technically
relevant for copyright notices, and even that seems to be something
that many companies stopped listing altogether (in a version controlled
codebase, the commits are a much better source of date of publication
than a hardcoded copyright statement).
We also now list Godot Engine contributors first as we're collectively
the current maintainers of the project, and we clarify that the
"exclusive" copyright of the co-founders covers the timespan before
opensourcing (their further contributions are included as part of Godot
Engine contributors).
Also fixed "cf." Frenchism - it's meant as "refer to / see".
Backported from #70885.
Library code and public headers are now properly separated, we can fix include paths
to remove the redundant subfolder.
(cherry picked from commit 432ac521ef)
In some cases Godot can generate input parameters to Recast that cause it to crash. Specifically when baking NavigationMeshes for input meshes that have axis extents less than half the NavigationMesh CellSize.
This has been fixed upstream in Recast (in 3901c5854c). Updating Godot's Recast integration fixes this crash issue in Godot as well.
(cherry picked from commit 36de150c74)
Fixes the following error:
thirdparty/vhacd/inc/vhacdICHull.h:46:31: error: 'uint32_t' does not name a type
46 | ICHullError Process(const uint32_t nPointsCH, const double minVolume = 0.0);
| ^~~~~~~~
Note the upstream version of the third party library is not affected.
(cherry picked from commit a648d831a9)
Still tracking the `v1.0.1` tag for now, just reverting all the unnecessary
style changes that created a diff with upstream.
(cherry picked from commit 6c78170d8c)
Security update, fixes CVE-2018-25032 in zlib.
Preliminary assessment doesn't show Godot as affected since we don't
seem to call `deflate` with the problematic parameters, but the extent
of the vulnerability is not fully clear upstream yet.
(cherry picked from commit 420d0d50bc)
Fabio Alessandrelli
Rémi Verschelde
DeeJayLSP
bitsawer
Graham Pentheny
Martin Liska
bruvzg
Rémi Verschelde
Haoyu Qiu