Take me to...


Malware Processor

  1. For obvious reasons - will not be fully disclosed. 
  2. Virus detected - will reject with the message:
    "Malware detected in file."

Hashing Processor

If another file on our DB was uploaded and approved + has the same hash: will reject with the message.
“File is a duplicate of an existing file. {firstFile.DisplayName ?? firstFile.FileName} on {firstFile.Project.Name}" 

Verify Archive (Zip) Processor

Verifies the uploaded file has a specific extension (zip/jar etc…) message display message: 

  1. "Invalid file extension, expected {0}."  

  1. Zip file contains a /../ or ../ file, message display message:
    1. "Archive contains zipslip vunerability."

  2. Validate the zip contents don’t contain blacklisted directories/extensions/files
    1. "Archive contains blacklisted files, extensions or directories: '{0}'." 



Here are the different edge cases for modpacks (in "RejectionMessage"):

  1. Not a zip file: "Invalid file extension, expected zip."
  2. Internal/unexpected fingerprinting error: "Could not compute fingerprints on file."
  3. Doesn't contain a manifest.json file:
    1. Internal error - if manifest.json isn't fingerprinted: "Missing fingerprint for "manifest.json" file."
    2. Error parsing manifest.json: "<div>Error parsing manifest.json:</div><ul><li>[ERROR HERE]</li></ul>"
  4. If the manifest contains an unknown modloader: "Invalid mod loader XXX" (where XXX is the wrong modloader used)
  5. If the manifest is a Fabric modloader but the id isn't in the form of - fabric-x.y.z: "Invalid Fabric mod loader id {0}" (rejected)
  6. If the ProjectID of the manifest.json is not equal to the actual projectId of your project: "Invalid manifest: References project ID {0}, should be {1}."

If any of the following happens - Client Compatible turns to false:

  1. Modpack depends on two or more files of the same project: "Invalid file reference in manifest: File ID {0} references project ID {1}, which appears more than once."

  2. Modpack has a dependency to a fileId that isn't on our system: "Invalid file reference in manifest: File ID {0} does not exist."

  3. Modpack has a dependency to a fileId that isn't associated to the requested projectId: "Invalid file reference in manifest: File {0} (ID: {1}) does not belong to Project {2} (ID: {3})."

  4. Modpack has a dependency to a fileId that isn't compatible with the modpacks modloader: "File {0} is invalid for modpack {1} with mod loader {2}" (rejected) *new reject message

  5. Modpack has a dependency to a fileId that belongs to an projectId that isn't on CurseForge: "Invalid file reference in manifest: File ID {0} references invalid project ID {1}."

  6. Modpack has a dependency to a fileId that belongs to a different root category: "Invalid file reference in manifest: File ID {0} belongs to project ID {1}, which belongs to an invalid root category: {2}."

  7. We do not set clientCompatible to false if the dependency file has a bad status (e.g. not approved)

  8. If a Fabric modpack doesn't contain a Fabric API version: "Fabric modpack doesn't include FabricApi mod" (rejected)

Client Mod Processor (mods)

  1. VerifyArchiveAndComputeFingerprints 
    1. ChildFile: .zip, .jar, .litemod extensions
    2. Non-ChildFile: .jar, .litemod extensions
  2. If zip filename is blacklisted
    "The mod has a blacklisted file name." - Rejected

World of Warcraft

Addon Processor

  1. VerifyArchiveAndComputeFingerprints .zip extension
  2. Assure all Root items in the zip are folders - if we find a file:
    1. "Archive contains root level files." - UnderReview
  3. At least 1 root folder contains a file of the form:
    1. ROOTFOLDER/ROOTFOLDER.toc - if not:
      1. "Archive is missing {0} (name is case sensitive and must not be empty)" - UnderReview

Stardew Valley


  1. VerifyArchiveAndComputeFingerprints .zip extension
  2. If the zip file doesn’t contain at least one manifest.json file:
    1. "Could not find manifest.json. This may be a texturepack or similar and needs installation instructions in the project description" - UnderReview

Minecraft Dungeons


  1. If the uploaded file is not a zip that contains exactly 1 file with the .pak extension:
    1. "Must contain a single PAK file" - Rejected
  2. VerifyArchiveAndComputeFingerprints .zip extension