Bug report
It turns out that it's still possible to abuse the bot to ping @everyone.

Steps to reproduce

1. Type Hello @@everyoneeveryone
2. Everyone will get pinged

The reason for that is because Hello @@everyoneeveryone contains @everyone. This part gets replaced with nothing. So, it turns into Hello @everyone.

A quick fix would be to replace it with a single space instead of nothing. Then Hello @@everyoneeveryone would turn into Hello @ everyone.

Relevant source code

Appears to be fixed. If someone can reproduce this with new DiscordSRV versions, this issue will be reopened.

Perhaps people think that this is a rather useless comment, but arguably the most simple way to avoid the bot mentioning everyone, no matter how convoluted the input it gets from a player is, is to follow the principle of least privilege and not give the bot the permission to mention everyone on Discord. Why would you want DiscordSRV to be able to mention everyone, anyway? What if someone discovers another way to squeeze in a @everyone in the message, continuing the race between exploits and source code fixes ad infinitum?

Perhaps people think that this is a rather useless comment, but arguably the most simple way to avoid the bot mentioning everyone, no matter how convoluted the input it gets from a player is, is to follow the principle of least privilege and not give the bot the permission to mention everyone on Discord. Why would you want DiscordSRV to be able to mention everyone, anyway? What if someone discovers another way to squeeze in a @everyone in the message, continuing the race between exploits and source code fixes ad infinitum?

The mention @everyone permission isn't required. It's still listed on the wiki though, I know. Like I said in #494 (comment), I don't have much time to work on projects anymore.

@stefnotch mind testing 153f4b1? https://ci.scarsz.me/guestAuth/app/rest/builds/id:95/artifacts/content/DiscordSRV-Build-1.17.0-SNAPSHOT-113.jar