Skip to content

v2.8.0

Compare
Choose a tag to compare
@slingamn slingamn released this 14 Nov 05:17
· 437 commits to master since this release
v2.8.0

We're pleased to be publishing Ergo 2.8.0. This release contains many fixes and enhancements, plus one major user-facing feature: user-initiated password resets via e-mail (#734).

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Ergo. Otherwise, you can update the database manually by running ergo upgradedb (see the manual for complete instructions).

As part of this release, our official Docker images have moved from Docker Hub to the GitHub Container Registry, at ghcr.io/ergochat/ergo. The stable and master tags correspond to the respective branches. Tagged releases (e.g. v2.8.0) are available under the corresponding named tags.

Many thanks to @ajaspers, @delthas, @mogad0n, @majiru, @ProgVal, and @tacerus for contributing patches, to @ajaspers for contributing code review, to @ajaspers, @cxxboy, @dallemon, @emersion, @erikh, @eskimo, @jwheare, @kylef, @Mikaela, @mogad0n, @MystaraTheGreat, @ProgVal, @tacerus, @tamiko, and @xnaas for reporting issues and helping test, and to our translators for contributing translations.

Config changes

  • Added accounts.registration.email-verification.password-reset block to configure e-mail-based password reset (#734, #1779)
  • Added accounts.registration.email-verification.timeout to impose a timeout on e-mail sending; the recommended default value is 60s (60 seconds) (#1741)
  • Added server.suppress-lusers to allow hiding the LUSERS counts (#1802, thanks @eskimo!)

Security

  • Added accounts.registration.email-verification.timeout to impose a timeout on e-mail sending; the recommended default value is 60s (60 seconds) (#1741)

Added

  • Added user-initiated password resets via email (#734). This requires e-mail verification of accounts, and must additionally be enabled explicitly: see the email-verification block in default.yaml for more information.
  • Added the draft/extended-monitor capability (#1761, thanks @delthas!)
  • When doing direct sending of verification emails, make email delivery failures directly visible to the end user (#1659, #1741, thanks @tacerus!)
  • For operators, NS INFO now shows the user's email address (you can also view your own address) (#1677, thanks @ajaspers!)
  • Operators with the appropriate permissions will now see IPs in /WHOWAS output (#1702, thanks @ajaspers!)
  • Added the +s d snomask, for operators to receive information about session disconnections that do not result in a full QUIT (#1709, #1728, thanks @mogad0n!)
  • Added support for the SCRAM-SHA-256 SASL authentication mechanism (#175). This mechanism is not currently advertised in CAP LS output because IRCCloud handles it incorrectly. We also recommend against using SCRAM because of its lack of genuine security benefits.
  • /UBAN LIST output now includes the time the ban was created (#1725, #1755, thanks @Mikaela and @mogad0n!)
  • Added support for running as a Type=notify systemd service (#1733)
  • Added a warning to help users detect incorrect uses of /QUOTE (#1530)

Fixed

  • The +M (only registered users can speak) channel mode did not work; this has been fixed (#1696, thanks @Mikaela!)
  • A channel /RENAME that only changed the case of the channel would delete the channel registration; this has been fixed (#1751, thanks @Mikaela!)
  • Fixed allow-truncation: true not actually allowing truncation of overlong lines (#1766, thanks @tacerus!)
  • Fixed several pagination bugs in CHATHISTORY (#1676, thanks @emersion!)
  • Fixed support for kicking multiple users from a channel on the same line, the TARGMAX 005 parameter that advertises this, and the default kick message (#1748, #1777, #1776), thanks @ProgVal!)
  • Fixed /SAMODE on a channel not producing a snomask (#1787, thanks @mogad0n, @ajaspers!)
  • Adding +f to a channel with SAMODE used to require channel operator privileges on the receiving channel; this has been fixed (#1825, thanks @Mikaela!)
  • Fixed parameters sent with 697 ERR_LISTMODEALREADYSET and 698 ERR_LISTMODENOTSET (#1727, thanks @kylef!)
  • Fixed parameter sent with 696 ERR_INVALIDMODEPARAM (#1773, thanks @kylef!)
  • Fixed handling of channel mode +k with an empty parameter (#1774, #1775, thanks @ProgVal!)
  • WHOWAS with an empty string as the parameter now produces an appropriate error response (#1703, thanks @kylef!)
  • Fixed error response to an empty realname on the USER line (#1778, thanks @ProgVal!)
  • Fixed /UBAN ADD of a NUH mask (i.e. a k-line) not killing affected clients (#1736, thanks @mogad0n!)
  • Fixed buggy behavior when +i is configured as a default mode for channels (#1756, thanks @Mikaela!)
  • Fixed issues with channels.operator-only-creation not respecting /SAJOIN or always-on clients (#1757)
  • Protocol-breaking operator vhosts are now disallowed during config validation (#1722)
  • Fixed error message associated with /NS PASSWD on a nonexistent account (#1738, thanks @Mikaela!)
  • Fixed an incorrect CHATHISTORY fail message (#1731, thanks @ProgVal!)
  • Fixed a panic on an invalid configuration case (#1714, thanks @erikh!)

Changed

  • Upgraded the draft/register capability to the latest draft/account-registration iteration (#1740)
  • Unregistered users with +v or higher can now speak in +R (registered-only) channels (#1715, thanks @Mikaela and @ajaspers!)
  • For always-on clients with at least one active connection, 338 RPL_WHOISACTUALLY now displays an arbitrarily chosen client IP address (#1650, thanks @MystaraTheGreat!)
  • # can no longer be used in new account names and nicknames, or as the RELAYMSG separator (#1679)
  • The oragono.io/nope capability was renamed to ergo.chat/nope (#1793)

Removed

  • never is no longer accepted as a value of the replay-joins NickServ setting (/NS SET replay-joins); user accounts which enabled this setting have been reverted to the default value of commands-only (#1676)

Internal