Replace Sodium blob with git submodule

[REALERvolker1]

Good morning.

I was looking through the source code of this mod, when I noticed a .jar file that I could only view as raw. Pardon me if this is a silly issue, I am not very familiar with the Java language, but it seems like you are statically linking to this dependency. It would be better for build reproducibility if this was addressed. I propose adding it as a git submodule, so the entire source tree could be explored, but ydy.

As of right now, I cannot verify that this mod is not malicious. It would do me (any many others in the anarchy community) a great service if you could change how this is done. Pardon my paranoia -- I just remember the XZ and Fracturiser situations, and I don't want history to repeat itself, especially as members of my group have used this mod and it could have potentially exposed base coordinates, passwords, etc. We just don't know without being able to check it.

Thank you for your time, rfresh.

[rfresh2]

this mod is a compile only dependency. its not included in xaeroplus's output jar, nor can it change anything about xaeroplus' output jar.

Feel free to compare file hashes with their official alpha build: https://discord.com/channels/602796788608401408/1260082015479271535/1260082015479271535

[FaxHack]

The .jar file is not malicious i can confirm that I have checked it and as @rfresh2 stated "this mod is a compile-only dependency. it's not included in Xaeroplus's output jar, nor can it change anything about Xaeroplus' output jar.

Feel free to compare file hashes with their official alpha build: https://discord.com/channels/602796788608401408/1260082015479271535/1260082015479271535"

[rfresh2]

I have removed the sodium 0.6 settings integration for 1.20.1 in XP 2.25.1 because I have now seen that sodium is no longer intending to release the 0.6 backport to 1.20.1.