Minecraft 23w31a
The first snapshot for 1.20.2 is out! See the changelog.
PSA: Beware of Command Injection in Function Macros
Using function macros with untrusted input could lead to security issues. Macros are substituted using a pure string replace with no validation and no quoting.
As an example, the command below makes the mob types provided by the macro glow:
execute as @e[type=$(mob_type)] run function vuln:make_glow
Setting the mob_type macro to player,name=Tis_awesomeness] if function vuln:give_op_item as @e[type=pig changes the command into:
execute as @e[type=player,name=Tis_awesomeness] if function vuln:give_op_item as @e[type=pig] run function vuln:make_glow
See the video for a demonstration.
Always validate user input in macros and make sure that it is impossible for any macro input to create a valid but unintended command. Failure to do so could result in arbitrary command execution.
Thanks to nodenotjs on the Minecraft Commands Discord for the example and demonstration.
Diamond Distribution
2 diamond ore veins generate per chunk at y-levels -64 through -4, with an equal chance for each y-level. The veins are up to 8 ores in size. If the diamonds are exposed to air, there is a 50% chance the ore will disappear.
On average, 4/15 (0.2667) more diamonds generate per chunk. This drops to 2/15 (0.1333) when the diamonds are exposed to air.
At y=-59, approximately 22% more diamonds generate (16% when exposed to air). At y=-4, approximately 83% more diamonds generate (60% when exposed to air).
Villagers
Curing
The villager gossip values were changed so that curing a villager gives the maximum reputation bonus.
| Type | Amount gained | Share penalty | Max value |
|---|---|---|---|
| Major positive | 20 | 100 → 20 | 100 → 20 |
| Minor positive | 25 | 5 | 200 → 25 |
Villagers who were cured multiple times in previous versions will keep their low prices when the world is updated, the gossip values are not updated to the lower maximums. However, curing a villager again will reset the reputation bonuses and prices to one cure.
Experimental Librarian Changes
Librarians unlock normal enchanted book trades at Novice, Apprentice, and Journeyman levels. The enchantment is selected randomly from the possible normal enchantments, with an equal chance for each enchantment level. A librarian may sell the same book more than once.
Experimental Wandering Traders
The following trades were modified:
| Item | Amount | Price | Trades until Disabled |
|---|---|---|---|
| Vine | 1 → 3 | 1 | 12 → 4 |
| Brown Mushroom | 1 → 3 | 1 | 12 → 4 |
| Lily Pad | 2 → 5 | 1 | 5 → 2 |
| Packed Ice | 1 | 3 → 1 | 6 |
| Gunpowder | 1 → 4 | 1 | 8 → 2 |
| Tropical Fish Bucket | 1 | 5 → 3 | 4 |
| Pufferfish Bucket | 1 | 5 → 3 | 4 |
The new iron pickaxe trade has a price multiplier of 0.2, the same as other tools. The rest of the new trades have a price multiplier of 0.05.
Wandering traders do not have a higher total amount of each item in stock. They have the same total stock, but offer more of the same items in a single trade.
Mobs
The iron golem spawn rate was buffed from every 700 ticks (35 seconds) to every 600 ticks (30 seconds), fixing MC-254100.
To fix MC-262636, slimes and magma cubes no longer control vehicles.
Sculk
Sculk sensors now check the distance between the target’s block position and the sensor’s block position. Sculk sensors will no longer produce different outputs for vibrations within the same block location, fixing MC-261657.
Other
Completing the “Smithing with Style” advancement now gives 150 experience, fixing MC-262947.
Added the “Sponge sucks” subtitle for a sponge absorbing water.
The game now uses OpenAL Soft’s output limiter extension to prevent excessive audio clipping.
Random Command
The minimum and maximum values of a random command range are the same as a 32-bit signed integer: -2,147,483,648 (-2^31) to 2,147,483,647 (2^31 - 1).
The difference between the maximum and minimum values in a range must be at most 2,147,483,647 (2^31 - 1).
Function Macros
Variable names can contain underscores and any character satisfying Character#isLetterOrDigit (docs), including non-ASCII characters.