Preview 1.82.21 Update (Vuln CVE-2025-24070)

[bagusnl]

What's changed? - 1.82.21

• [Fix] Update .NET to 9.0.3 due to CVE-2025-24070, by @bagusnl
  • We are not directly affected but due to the high score of the vuln, we have to update.
  • Read more about the vuln here GHSA-2865-hh9g-w894
• [Fix] Proxy with password always return invalid password, by @neon-nyan
• [Fix] Duplicated entries in Zenless repair, by @neon-nyan
• [Fix] Missing margin in HomePage's Additional Settings subpanel, by @shatyuka
• [Fix] Taskbar progress bar did not reset after update is finished, by @shatyuka
• [New] Anisotropic Filtering in Zenless game settings, by @Cryotechnic
• [Fix] Playtime database did not sync if database stamp is null, by @bagusnl

Templates

Changelog Prefixes

  **[New]**
  **[Imp]**
  **[Fix]**
  **[Loc]**
  **[Doc]**

[Copilot]

Pull Request Overview

This PR updates several components to address security vulnerabilities and improve functionality, including a .NET version bump for CVE-2025-24080, fixes for various UI and functionality issues, and the addition of anisotropic filtering options for the Zenless game settings. Key changes include:

• Adding support for anisotropic filtering in language and game settings.
• Refactoring manifest fetching logic to use an alternate lookup dictionary.
• Updating proxy configuration to support SecureString passwords and improving string null checks in playtime management.

Reviewed Changes

Copilot reviewed 25 out of 32 changed files in this pull request and generated 3 comments.

Show a summary per file

File	Description
Hi3Helper.Core/Lang/Locale/LangZenlessGameSettingsPage.cs	Adds a property for anisotropic filtering language string.
CollapseLauncher/XAMLs/MainApp/Pages/GameSettingsPages/ZenlessGameSettingsPage.Ext.cs	Configures the anisotropic filtering selector.
CollapseLauncher/Classes/RepairManagement/Zenless/ZenlessRepair.Fetch.cs	Switches to an alternate lookup dictionary for assets.
CollapseLauncher/Classes/RepairManagement/Zenless/ZenlessRepair.Extensions.cs	Updates helper methods to use alternate lookup for assets.
CollapseLauncher/Classes/InstallManagement/Base/InstallManagerBase.cs	Updates status flags in completeness status updates.
CollapseLauncher/Classes/Helper/SimpleProtectData.cs	Adds a method to unprotect a string into a SecureString.
CollapseLauncher/Classes/Helper/HttpClientBuilder.cs	Adapts proxy configuration to use SecureString for passwords.
CollapseLauncher/Classes/GameManagement/GameSettings/Zenless/FileClass/GeneralData.cs	Adds anisotropic sampling game setting.
CollapseLauncher/Classes/GameManagement/GameSettings/Zenless/Enums.cs	Defines the new anisotropic sampling enum.
CollapseLauncher/Classes/GameManagement/GamePlaytime/RegistryClass/CollapsePlaytime.cs	Refines string checks and logical conditions for playtime updates.
.github/workflows/qodana-scan.yml, qodana-scan-pr.yml, .github/workflows/build.yml	Updates .NET version and Qodana scan configuration.

Files not reviewed (7)

• CollapseLauncher/CollapseLauncher.csproj: Language not supported
• CollapseLauncher/XAMLs/MainApp/Pages/GameSettingsPages/ZenlessGameSettingsPage.xaml: Language not supported
• CollapseLauncher/XAMLs/MainApp/Pages/HomePage.xaml: Language not supported
• CollapseLauncher/packages.lock.json: Language not supported
• ColorThief: Language not supported
• H.NotifyIcon: Language not supported
• Hi3Helper.Core/Lang/zh_CN.json: Language not supported

[github-actions]

Qodana for .NET

13 new problems were found

Inspection name	Severity	Problems
Possible 'System.NullReferenceException'	🔶 Warning	4
Possible null reference argument for a parameter.	🔶 Warning	2
Unused local variable	🔶 Warning	2
Conditional access qualifier expression is not null according to nullable reference types' annotations	🔶 Warning	1
'??' condition is known to be null or not null	🔶 Warning	1
Non-accessed positional property (non-private accessibility)	🔶 Warning	1
Redundant using directive	🔶 Warning	1
Variable can be declared as non-nullable	🔶 Warning	1

☁️ View the detailed Qodana report

Detected 70 dependencies

Third-party software list

This page lists the third-party software dependencies used in CollapseLauncher

Dependency	Version	Licenses
CommunityToolkit.Common	8.4.0	MIT
CommunityToolkit.Mvvm	8.4.0	MIT
CommunityToolkit.WinUI.Animations	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Behaviors	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Controls.Primitives	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Controls.Sizers	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Converters	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Extensions	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Helpers	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Media	8.2.250129-preview2	MIT
CommunityToolkit.WinUI.Triggers	8.2.250129-preview2	MIT
Costura.Fody	6.0.0	MIT
DependencyPropertyGenerator	1.5.0	MIT
DotNet.ReproducibleBuilds	1.2.25	MIT
EventGenerator.Generator	0.13.1	MIT
Fody	6.9.2	MIT
GitInfo	3.5.0	MIT
Google.Protobuf.Tools	3.30.0	PROTOBUF
Google.Protobuf	3.30.0	BSD-3-Clause
Hi3Helper.ZstdNet	1.6.4	BSD-3-Clause
HtmlAgilityPack	1.11.74	MIT
Markdig.Signed	0.40.0	BSD-2-Clause
Microsoft.CSharp	4.7.0	MIT
Microsoft.Extensions.DependencyInjection.Abstractions	9.0.3	MIT
Microsoft.Extensions.DependencyInjection	9.0.3	MIT
Microsoft.Extensions.Logging.Abstractions	9.0.3	MIT
Microsoft.Extensions.Logging	9.0.3	MIT
Microsoft.Extensions.Options	9.0.3	MIT
Microsoft.Extensions.Primitives	9.0.3	MIT
Microsoft.Graphics.Win2D	1.3.2	MS-ASP-NET-WEB-OPTIMIZATION
Microsoft.NET.ILLink.Tasks	9.0.1	MIT
Microsoft.NET.ILLink.Tasks	9.0.3	MIT
Microsoft.NETCore.Targets	6.0.0-preview.4.21253.7	MIT
Microsoft.Web.WebView2	1.0.3065.39	BSD-3-Clause BSD-MYLEX
Microsoft.Win32.SystemEvents	9.0.3	MIT
Microsoft.Windows.CsWin32	0.3.183	Apache-2.0
Microsoft.Windows.CsWinRT	2.2.0	MIT
Microsoft.Windows.SDK.BuildTools	10.0.22621.3233	PROPRIETARY-LICENSE
Microsoft.Windows.SDK.BuildTools	10.0.26100.1742	PROPRIETARY-LICENSE
Microsoft.Windows.SDK.Win32Docs	0.1.42-alpha	PROPRIETARY-LICENSE
Microsoft.Windows.SDK.Win32Metadata	61.0.15-preview	MIT
Microsoft.Windows.WDK.Win32Metadata	0.12.8-experimental	MIT
Microsoft.WindowsAppSDK	1.6.250205002	MIT MS-DXSDK-D3DX-9.29.952.3
Microsoft.Xaml.Behaviors.WinUI.Managed	3.0.0	MIT
MinVer	6.0.0	Apache-2.0
NuGet.Versioning	6.12.1	Apache-2.0
PhotoSauce.MagicScaler	0.15.0	MIT
PhotoSauce.NativeCodecs.Libwebp	1.4.0-preview1	MIT
Roman-Numerals	2.0.1	MIT
Sentry	5.2.0	MIT
SharpCompress	0.39.0	MIT
SharpHDiffPatch.Core	2.2.8	MIT
System.Buffers	4.6.0	MIT
System.Drawing.Common	9.0.3	MIT
System.IO.Hashing	9.0.3	MIT
System.Net.Http	4.3.4	MIT
System.Security.AccessControl	6.0.1	MIT
System.Security.Cryptography.Algorithms	4.3.0	MIT
System.Security.Cryptography.Encoding	4.3.0	MIT
System.Security.Cryptography.Primitives	4.3.0	MIT
System.Security.Cryptography.ProtectedData	9.0.3	MIT
System.Security.Cryptography.X509Certificates	4.3.0	MIT
System.Text.Encoding.CodePages	9.0.3	MIT
System.Text.Json	9.0.3	MIT
System.Text.RegularExpressions	4.3.1	MIT
System.Threading.Tasks.Extensions	4.5.4	MIT
TaskScheduler	2.12.1	MIT
ThisAssembly.Constants	2.0.6	MIT
Velopack	0.0.1053	MIT
ZstdSharp.Port	0.8.4	MIT

Contact Qodana team

Contact us at [email protected]

• Or via our issue tracker: https://jb.gg/qodana-issue
• Or share your feedback: https://jb.gg/qodana-discussions

[bagusnl]

ACK'd by @neon-nyan via Discord VC