master #2

Open

Failure wants to merge 133 commits from External:master into master

pull from: External:master

merge into: CEF:master

CEF:master

CEF:fix/update

CEF:irctest_stable

CEF:stable

CEF:goreleaser.1

CEF:casefolding.2

CEF:devel+resume2

CEF:names.1

CEF:implicittls_backport

CEF:dosfix

CEF:cgoreleaser

CEF:devel+issue1969_alignment

CEF:devel+issue774

CEF:devel+pwcheck

CEF:devel+issue1824_lockfree

CEF:metadata

CEF:devel+resume

CEF:labeled-response-all

CEF:devel+dnsbl

CEF:devel+metadata

CEF:devel+passhashingv2

CEF:devel+cloaks

Conversation 0 Commits 133 Files changed 353 +16561 -7692

Failure commented 2026-02-10 07:18:52 -08:00

Owner

Copy link

No description provided.

Failure added 133 commits 2026-02-10 07:18:57 -08:00

fix download link 2bb9980e56

Improve Docker "Persisting Data" Section ... 38862b0529

`pwd` is case sensitive on linux
Add missing `--name ergo`

Merge pull request #2201 from donatj/patch-1 ... 375079e636

Improve Docker "Persisting Data" Section

add unique connection ID to debug logs (#2207) ... efd3764337

Fixes #2206

implement draft/webpush (#2205) 36e5451aa5

fix #2198 (#2199) ... 21ee867ebb

Add require-sasl support to KLINE / UBAN on NUH masks

changelog and version updates for v2.15.0-rc1 (#2209) ab2d842b27

move debug log ID within NS CLIENTS LIST output 92e2aa987e

list push subscription times as well e520ba7e0e

add connID to another logline 2163d96348

delete services debug line 799e1b14f4

Merge pull request #2210 from slingamn/rearrange ... 2a79f64f2d

tweaks to logging and NS PUSH LIST

update changelog 148d743eb1

Merge pull request #2200 from slingamn/download_url ... 9dd7a2bbcb

fix download link

fix buggy persistence of push timestamps ... 7b71839615

getPushSubscriptions() could have a stale view of the latest subscription
renewal and successful push times. We don't want to rebuild on every renewal
or every push, so add a boolean refresh argument that controls rebuilding.

Merge pull request #2211 from slingamn/pushsync ... b38ca31ced

fix buggy persistence of push timestamps

bump webpush-go to release version 881f403164

add more warnings about push notifications and tor 656eea43e7

bump version and changelog for v2.15.0 c92f23b0cb

set up new development version e60afda556

upgrade x dependencies af124cd964

upgrade buntdb b6f6959acc

Merge pull request #2212 from slingamn/deps ... cf7db4bc2a

upgrade dependencies for v2.16 release cycle

add conn ID to SASL auth logline b6a8cc20c2

use slices.Contains in irc/modes 4dfb7cc7ae

remove hashset from mode parsing 07669f9eb4

fix #2213 ... 8fa6e19c2e

We intended to suppress 324 and 329 when there is no valid mode change, only
unknown modes. Fix these checks.

use slices.SortFunc for modes 4851825d4f

return constant strings in 004/005 d1126b53eb

refactor 005 token generation a850602bcc

refactor service help sorting e1b5a05c27

Merge pull request #2214 from slingamn/logline.2 ... d9f663c400

minor refactoring

fix #2215 ... d50f1471eb

Hide the message-redaction capability if allow-individual-delete is disabled.
(Technically REDACT can still be used, but only by ircops, so advertising it
is misleading in the most common case).

Merge pull request #2216 from slingamn/redact ... eb84ede5f7

fix #2215

upgrade to go 1.24 (#2217) 7e18362d35

fix #2218 ... ec3417be79

The client's own QUIT line should respect server-time

Merge pull request #2219 from slingamn/quit_tags ... 4ced4ef328

fix #2218

add SAFERATE to 005 ... 23b65e225b

See discussion at https://github.com/ircv3/ircv3-specifications/pull/556

Merge pull request #2223 from slingamn/saferate ... f3e24c7bdb

add SAFERATE to 005

update filenames in docker documentation aed216a62e

fix CHATHISTORY TARGETS from MySQL backend using server local TZ (#2224) ... 4bcd008416

time.Unix() returns a time.Time with the Location populated to the server's
timezone. Such times will format incorrectly with IRCv3TimestampFormat unless
they are manually converted to UTC.

MVP for HTTP API (#2231) ... ea81ec86e1

Co-authored-by: Klaas Tammling <klaas@tammling.hamburg>

Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2 ... a46732f6ab

Bumps [github.com/golang-jwt/jwt/v5](https://github.com/golang-jwt/jwt) from 5.2.1 to 5.2.2.
- [Release notes](https://github.com/golang-jwt/jwt/releases)
- [Changelog](https://github.com/golang-jwt/jwt/blob/main/VERSION_HISTORY.md)
- [Commits](https://github.com/golang-jwt/jwt/compare/v5.2.1...v5.2.2)

---
updated-dependencies:
- dependency-name: github.com/golang-jwt/jwt/v5
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>

Merge pull request #2232 from ergochat/dependabot/go_modules/github.com/golang-jwt/jwt/v5-5.2.2 ... 9dc2fd52ed

Bump github.com/golang-jwt/jwt/v5 from 5.2.1 to 5.2.2

fix #2228 (#2233) ... 467df24914

If the server is UTF8ONLY, validate that the MOTD is UTF8

fix panic on KILL (#2234) ... 19dbe10c99

Introduced by #2218, reported by knolle

bump irctest d3eb787a1e

bump CI to noble (#2235) f5bb5afdd6

implement command aliases (#2236) ... 7256d83ff0

See #2229

allow customizing the NPC and SCENE nickmasks (#2237) ... 9791606f62

See #2229

block HTTP DoS attacks (#2239) ... a6df370bd9

Block uses of the JS Fetch API to send HTTP message bodies that are also valid
IRC. The constraint on such messages is that they must begin with a valid HTTP
verb; we can detect this and reject them immediately.

fix #2220 (#2240) ... 98e04c10a8

Allow publishing arbitrary ISUPPORT via the config file

safer 005 length limits (#2241) ... 9c3173f573

* Limit the payload to 380 bytes instead of 400
* Don't translate the final parameter

This leaves about 60 bytes for the server name.

use emersion/go-msgauth for DKIM (#2242) ... 68cee9e2cd

Fixes #1041 (support ed25519-sha256 for DKIM)

fix #2244 (#2247) ... 5bab190d33

Fix #2244

Produce an explicit error on receiving the UTF-8 BOM

validate that CHATHISTORY limit parameters are nonnegative ... a4194c38d8

See #2248. Reported by @prdes

Merge pull request #2249 from slingamn/targetspanic ... 2cf569c5d9

validate that CHATHISTORY limit parameters are nonnegative

improve robustness of timestamp parsing (#2250) ... 54b17b0700

* Clamp CHATHISTORY timestamp selectors to be in [0, MaxInt64]
* Convert everything to UTC up front (probably a no-op)

clean up redundant caching 4ab1a10eec

clean up redundant caching (#2251) 43fe72f83e

fix isupport batch name e382036ddb

Merge pull request #2253 from slingamn/batchname ... 808799b100

fix isupport batch name

fix #2252 ... 686ce4d5b2

Fix SAREGISTER creating always-on clients with no user modes.

Also fix UNREGISTER/ERASE not deleting the stored push subscriptions.

Merge pull request #2254 from ergochat/shivaram_alwaysonbug.1 ... 28ed16261c

fix #2252

bump version and changelog for v2.16.0-rc1 (#2255) 66a7a488b7

bump version and changelog for v2.16.0 e200e9fd8f

changelog entry for API config 9b9c39ddd4

set up new development version 0a947115d6

upgrade x dependencies e404942d83

upgrade go-msgauth e7501ef847

Merge pull request #2258 from slingamn/deps ... 7718081440

upgrade dependencies for 2.17 release cycle

clarify channel registration instructions a1c46a4be7

clean up constant redefinition 253972a9d2

Merge pull request #2262 from slingamn/constant ... 4da6511674

clean up constant redefinition

API enhancements (#2261) ... e4aac56bda

Fixes #2257 and #2260

* add `/v1/status` endpoint
* add `/v1/account_list` endpoint
* add fields to `/v1/account_details` response

fix #2147 ... 7138e76151

use strings.CutPrefix when possible

Merge pull request #2264 from slingamn/cutprefix ... 7828218bc7

fix #2147

Fix invalid FAIL codes in REGISTER (#2269) ... 9a186f8e54

* nickserv.go: Update FAIL codes to match spec

* handlers.go: Fix FAIL code

* use ACCOUNT_EXISTS for errNameReserved

* bump irctest to development version

---------

Co-authored-by: Valerie Liu <79415174+ValwareIRC@users.noreply.github.com>

fix #2270 ... 16568c5ab7

REGISTER should strip the guest format when applicable, same as NS REGISTER.

Merge pull request #2271 from slingamn/register ... 7d4f5e4adf

fix #2270

bump irctest to upstream master 0f5603eca2

metadata-2 (#2273) ... 4dcbc48159

Initial implementation of draft/metadata-2

round 1 of follow-up for metadata (#2277) ... 3b7db7fff7

* refactoring
* send an empty batch if necessary, as per spec
* don't broadcast no-op updates
* don't trim spaces before validating the key
* bump irctest to cover metadata
* replay existing metadata to reattaching always-on clients
* use canonicalized name everywhere
* use utils.SafeErrorParam in FAIL lines
* validate key names for sub
* fix error for METADATA CLEAR
* max-keys is enforced for channels as well
* remove unlimited configurations
* maintain the limit exactly without off-by-one cases
* add final channel registration check

update documentation for globalUtf8EnforcementSetting 23844d4103

fix help string for HISTORY 8f18454e8f

Merge pull request #2279 from slingamn/doc ... 17ed01c1ed

fix some documentation

bump irctest a5e435a26b

implement metadata before-connect (#2281) ... 73e51333ad

* metadata spec update: disallow colon entirely

* refactor key validation

* implement metadata before-connect

* play the metadata in reg burst to all clients with the cap

* bump irctest

* remove all case normalization for keys

From spec discussion, we will most likely either require keys to be lowercase,
or else treat them as case-opaque, similar to message tag keys.

fix: actually broadcast prereg updates to subscribers ... cca400de73

Missed in #2281, needs a test presumably :-)

update metadata corresponding to spec edits (#2282) ... 8798676ae9

* spec update: metadata keys are lowercase

* add batch parameter to metadata batches

* fix: connecting clients receive METADATA, not RPL_KEYVALUE

* spec update: send RPL_METADATASUBS in a metadata-subs batch

* move some helpers

* bump irctest to forked hash

This is https://github.com/progval/irctest/pull/314 but I don't want to
couple the merges

* fix: empty value is valid

* fix: deleting a nonexistent key gets a FAIL

bump irctest f918e28513

refactor makefile to label individual targets phony f0b1f34da7

Merge pull request #2283 from slingamn/makefile ... 65295cbafa

refactor makefile to label individual targets phony

add an explicit note covering #2289 064291e902

upgrade to go 1.25 8913bd7fa9

Merge pull request #2290 from slingamn/goupgrade ... 92f069846c

upgrade to go 1.25

fix validation of web push URLs ... 6b8265fb17

They are validated by test message, but it would have been possible
to add an http url.

If an http url was added, it's still possible to remove it via
NS PUSH DELETE.

Merge pull request #2295 from slingamn/shivaram_pushreject ... efc1627d23

fix validation of web push URLs

changes to OPER command ... 6fdac13ad4

* Impose a throttle on OPER attempts regardless of whether they caused a
  password check.
* Never disconnect the client on a failed attempt, even if there was a
  password check.
* Change error numeric to ERR_NOOPERHOST
* Explicit information about the failure in the server log (copying Insp)

Fixes #2296.

configurable idle timeouts ... ed841ee62a

Fixes #2292

Merge pull request #2298 from slingamn/shivaram_operthrottle ... 5cda5bdac9

changes to OPER command

Merge pull request #2299 from ergochat/shivaram_ping.1 ... 68faf82787

configurable idle timeouts

bump irctest 96aa018352

implement FAIL METADATA RATE_LIMITED 0119bbc36f

add METADATA response when MONITOR triggered f91d1d94f6

add persistence for user metadata 0ce9016098

Merge pull request #2301 from slingamn/ratelimited ... aef5d77b3b

more metadata follow-ups

fix #2303 (#2304) ... fdd261a1e6

Fix inconsistent behavior when history.enabled is set but
history.chathistory-maxmessages is not

bump irctest 9ca936a777

pin Alpine to 3.22 (#2306) ... d26aa37f2c

* Upgrade the production image from 3.19 to 3.22 (3.19 went EOL
  2025-11-01)
* Downgrade the build image to 3.22 (3.23 is buggy, see #2305)

add RPL_WHOISKEYVALUE output (#2302) 53664694c4

changelog and version bump for v2.17.0-rc1 (#2308) d5fb189a55

bump version and changelog for v2.17.0 16186d677d

set up new development version 3e9fa38f6b

fix #2309 (#2310) ... 3c4c5dde4d

If bob is monitoring alice, bob should get METADATA lines for alice
even if bob doesn't have extended-monitor.

This implementation also removes the check for extended-monitor
when sending account-notify, away-notify, chghost, setname
(which are explicitly mentioned in the extended-monitor spec)
on the grounds that nothing bad will happen if clients who support
the cap receive notifications for users they're not explicitly tracking.

fix #2311 (#2312) ... 462e568f00

Validate bcrypt-cost config value to prevent silent errors

dependency upgrades for v2.18 release cycle (#2314) 748700877e

bump irctest 05b41e18af

consistent casing for SQL queries (#2315) ... b7ede0730f

Makes it easier to read diffs with other database backends

bump irctest b26571e891

fix #2284 (#2317) ... 13653b5202

Send a configurable NOTICE on first connection that hopm can
detect via target_string

REDACT: fix reason handling (#2319) ... 3179fdffb0

REDACT without a reason parameter was being relayed with an
empty reason parameter instead; fix this.

prep for alternative history databases (#2316) ... 9f54ea07b7

* abstract history DB interface

* make mysql error logging consistent

Consistently propagate database errors to the client, making the client
responsible for logging them.

* move ListCorrespondents from Sequence to Database/Buffer

propagate mysql close error 0b7be24f80

move mysql serialization tools to shared pkgs 6ba60c89c4

fix some redact bugs (#2320) ... 6386b9ef70

* Consistently return UNKNOWN_MSGID for unknown or invalid msgids
* If both client's DMs are stored in persistent history, a single
  server.DeleteMessage will delete the single canonical copy of the message.
  So the second call will fail, which is fine.

fix mysql logline d2c9c80cc1

redact: fix error line for missing channel (#2321) f28b10986e

bump irctest 63a04a5ff0

fix (noopSequence).Ephemeral() 5c0af196da

fix #2324 (#2325) ... 2da19a0760

Validate user limit parameter

use correct name for RPL_INVEXLIST (#2326) ... 2152000312

Rename the constants only; no functional change

bump irctest 3ff0341944

This pull request has changes conflicting with the target branch.

• default.yaml
• go.mod
• go.sum
• irc/caps/defs.go
• irc/client.go
• irc/handlers.go
• irc/mysql/history.go
• irc/mysql/serialization.go
• irc/server.go

View command line instructions

Checkout

From your project repository, check out a new branch and test the changes.

git fetch -u master:External-master

git switch External-master

Merge

Merge the changes and update on Forgejo.

Warning: The "Autodetect manual merge" setting is not enabled for this repository, you will have to mark this pull request as manually merged afterwards.

git switch master

git merge --no-ff External-master

git switch External-master

git rebase master

git switch master

git merge --ff-only External-master

git switch External-master

git rebase master

git switch master

git merge --no-ff External-master

git switch master

git merge --squash External-master

git switch master

git merge --ff-only External-master

git switch master

git merge External-master

git push origin master

Sign in to join this conversation.

Reviewers

No reviewers

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

CEF/ergo!2

No description provided.