We're pleased to be publishing v2.14.0, a new stable release. This release contains primarily bug fixes, with the addition of some new authentication mechanisms for integrating with web clients.
This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.
Many thanks to @al3xandros, donio, @eeeeeta, @emersion, @Eriner, @eskimo, @Herringway, @jwheare, @knolley, @mengzhuo, pathof, @poVoq, @progval, @RNDpacman, and @xnaas for contributing patches, reporting issues, and helping test.
Config changes
- Added
accounts.oauth2andaccounts.jwt-authblocks for configuring OAuth2 and JWT authentication (#2004) - Added
protocolandlocal-addressoptions toaccounts.registration.email-verification, to force emails to be sent over IPv4 (or IPv6) or to force the use of a particular source address (#2142) - Added
limits.realnamelen, a configurable limit on the length of realnames. If unset, no limit is enforced beyond the IRC protocol line length limits (the previous behavior). (#2123, thanks @eskimo!) - Added the
accept-hostnameoption to the webirc config block, allowing Ergo to accept hostnames passed from reverse proxies on theWEBIRCline. Note that this will have no effect under the default/recommended configuration, in which cloaks are used instead (#1686, #2146, thanks @RNDpacman!) - The default/recommended value of
limits.chan-list-modes(the size limit for ban/except/invite lists) was raised to 100 (#2081, #2165, #2167)
Added
- Added support for the
OAUTHBEARERSASL mechanism, allowing Ergo to interoperate with Gamja and an OAuth2 provider (#2004, #2122, thanks @emersion!) - Added support for the
IRCV3BEARERSASL mechanism, allowing Ergo to accept OAuth2 or JWT bearer tokens (#2158) - Added support for the legacy
rfc1459andrfc1459-strictcasemappings (#2099, #2159, thanks @xnaas!) - The new
ergo defaultconfigsubcommand prints a copy of the default config file to standard output (#2157, #2160, thanks @al3xandros!)
Fixed
- Even with
allow-truncation: false(the recommended default), some oversized messages were being accepted and relayed with truncation. These messages will now be rejected with417 ERR_INPUTTOOLONGas expected (#2170) - NICK and QUIT from invisible members of auditorium channels are no longer recorded in history (#2133, #2137, thanks @knolley and @poVoq!)
- If channel registration was disabled, registered channels could become inaccessible after rehash; this has been fixed (#2130, thanks @eeeeeta!)
- Attempts to use unrecognized SASL mechanisms no longer count against the login throttle, improving compatibility with Pidgin (#2156, thanks donio and pathof!)
- Fixed database autoupgrade on Windows, which was previously broken due to the use of a colon in the backup filename (#2139, #2140, thanks @Herringway!)
- Fixed handling of
NS CERT ADD <user> <fp>when an unprivileged user invokes it on themself (#2128, #2098, thanks @Eriner!) - Fixed missing human-readable trailing parameters for two multiline
FAILmessages (#2043, #2162, thanks @jwheare and @progval!) - Fixed symbol sent by
353 RPL_NAMREPLYfor secret channels (#2144, #2145, thanks savoyard!)
Changed
- Trying to claim a registered nickname that is also actually in use by another client now produces
433 ERR_NICKNAMEINUSEas expected (#2135, #2136, thanks savoyard!) SAMODEnow overrides the enforcement oflimits.chan-list-modes(the size limit for ban/except/invite lists) (#2081, #2165)- Certain unsuccessful
MODEchanges no longer send324 RPL_CHANNELMODEISand329 RPL_CREATIONTIME(#2163) - Debug logging for environment variable configuration overrides no longer prints the value, only the key (#2129, #2132, thanks @eeeeeta!)