v2.18.0

We're pleased to be publishing v2.18.0, a new stable release. This release adds support for PostgreSQL and SQLite as history backends, expands the HTTP API, and includes bug fixes and minor improvements.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Due to the additional database drivers included in the default build, the size of the Ergo executable binary has increased since v2.17.0 (for example, the Linux binary for x86-64 has increased from 16.2 MiB to 26.1 MiB). See docs/BUILD.md if you need to build a smaller binary. Conversely, if you were already building from source, you may need to adjust your build commands in order to maintain parity; consult that file for details.

Many thanks to @clbm87, @emersion, @felix, flurry, @furudean, @k4ct0, @mauropcorrea, @NyaaaWhatsUpDoc, @poVoq, @progval, @rys, Stryker, and th0th for helpful discussions, contributing patches, reporting issues, and helping test.

Config changes

• Added server.postgresql block to configure a PostgreSQL history backend. (#2322, #2347)
• Added server.sqlite block to configure a SQLite history backend. (#2352)
• Added metadata.operator-only-modification to restrict metadata changes to IRC operators with the metadata capability (#2287, #2369, thanks @clbm87!)
• Added server.initial-notice to send a configurable notice to clients immediately after they connect, which can be used for open proxy detection (e.g., with HOPM) (#2317, thanks Stryker!)

Added

• Added support for PostgreSQL and SQLite as history backends (#2322, #2352, thanks @felix, @NyaaaWhatsUpDoc, @poVoq!)
• Added new HTTP API endpoints (thanks @clbm87, flurry, @furudean, @mauropcorrea!):
  • /v1/list to list channels (#2358)
  • /v1/defcon to view or modify the DEFCON level (#2359)
  • /v1/ns/passwd to change account passwords (#2329)
• Added support for draft/ACCOUNTREQUIRED in 005 ISUPPORT tokens when accounts.require-sasl is enabled (#2341)

Fixed

• Push notifications now include the msgid tag, as required by the specification (#2350)
• Fixed some cases where environment variable config overrides did not apply as expected (e.g., individual oper entries can now be overridden without replacing the entire opers block) (#2275, #2362, thanks th0th!)
• Fixed error cases in CS DEOP and EXTJWT causing client disconnection (#2345, #2346, thanks @k4ct0!)
• Fixed some REDACT responses (#2319, #2320)
• Fixed some FAIL responses to WEBPUSH (#2351)
• The +l (user limit) channel mode now rejects non-positive values with an appropriate error (#2325, thanks @progval!)
• Clients monitoring a user now receive METADATA notifications for that user even without the extended-monitor capability (#2309, #2310)
• Improved handling of PROXY protocol errors on proxy: true listeners (#2334)
• The accounts.bcrypt-cost config value is now validated at config load time (#2311, #2312, thanks @rys!)

Changed

• HTTP API: reorganized NickServ-related endpoints under a /v1/ns/ prefix (/v1/ns/info, /v1/ns/list, /v1/ns/passwd). The previous endpoint names (/v1/account_details, /v1/account_list) are retained as aliases for backwards compatibility. (#2329)
• The /v1/check_auth API endpoint now supports certificate fingerprint authentication (#2354, thanks flurry!)
• Reduced the deadline for proxy: true listeners to read the PROXY protocol header from 1 minute to 5 seconds (#2334)

Internal

• Added build tags to control which optional features are built; see docs/BUILD.md for details (#2356)
• Official release builds use Go 1.26.1 (#2330)

v2.18.0-rc1

We're pleased to be publishing the release candidate for v2.18.0 (the official release should follow within a week or so). This release adds support for PostgreSQL and SQLite as history backends, expands the HTTP API, and includes bug fixes and minor improvements.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Due to the additional database drivers included in the default build, the size of the Ergo executable binary has increased since v2.17.0 (for example, the Linux binary for x86-64 has increased from 16.2 MiB to 26.1 MiB). See docs/BUILD.md if you need to build a smaller binary.

Many thanks to @clbm87, @emersion, @felix, flurry, @furudean, @k4ct0, @mauropcorrea, @NyaaaWhatsUpDoc, @poVoq, @progval, @rys, Stryker, and th0th for helpful discussions, contributing patches, reporting issues, and helping test.

Config changes

• Added server.postgresql block to configure a PostgreSQL history backend. (#2322, #2347)
• Added server.sqlite block to configure a SQLite history backend. (#2352)
• Added server.initial-notice to send a configurable notice to clients immediately after they connect, which can be used for open proxy detection (e.g., with HOPM) (#2317, thanks Stryker!)

Added

• Added support for PostgreSQL and SQLite as history backends (#2322, #2352, thanks @felix, @NyaaaWhatsUpDoc, @poVoq!)
• Added new HTTP API endpoints (thanks @clbm87, flurry, @furudean, @mauropcorrea!):
  • /v1/list to list channels (#2358)
  • /v1/defcon to view or modify the DEFCON level (#2359)
  • /v1/ns/passwd to change account passwords (#2329)
• Added support for draft/ACCOUNTREQUIRED in 005 ISUPPORT tokens when accounts.require-sasl is enabled (#2341)

Fixed

• Push notifications now include the msgid tag, as required by the specification (#2350)
• Fixed some cases where environment variable config overrides did not apply as expected (e.g., individual oper entries can now be overridden without replacing the entire opers block) (#2275, #2362, thanks th0th!)
• Fixed error cases in CS DEOP and EXTJWT causing client disconnection (#2345, #2346, thanks @k4ct0!)
• Fixed some REDACT responses (#2319, #2320)
• Fixed some FAIL responses to WEBPUSH (#2351)
• Fixed the +l (user limit) channel mode to reject non-positive values with an appropriate error (#2325, thanks @progval!)
• Fixed MONITOR so that clients monitoring a user receive METADATA notifications for that user even without the extended-monitor capability (#2309, #2310)
• Improved handling of PROXY protocol errors on proxy: true listeners (#2334)
• Fixed validation of the bcrypt-cost config value to prevent silent errors (#2311, #2312, thanks @rys!)

Changed

• HTTP API: reorganized NickServ-related endpoints under a /v1/ns/ prefix (/v1/ns/info, /v1/ns/list, /v1/ns/passwd). The previous endpoint names (/v1/account_details, /v1/account_list) are retained as aliases for backwards compatibility. (#2329)
• The /v1/check_auth API endpoint now supports certificate fingerprint authentication (#2354, thanks flurry!)
• Reduced the deadline for proxy: true listeners to read the PROXY protocol header from 1 minute to 5 seconds (#2334)

Internal

• Official release builds use Go 1.26.1 (#2330)

v2.17.0

We're pleased to be publishing v2.17.0, a new stable release. This release adds support for the IRCv3 metadata specification, thanks to @thatcher-gaming, as well as bug fixes and minor updates.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Many thanks to @branchgrove, @Brutus5000, @progval, @SarahRoseLives, @thatcher-gaming, @ValwareIRC, and Xogium for contributing patches, reporting issues, and helping test.

Config changes

• Added accounts.metadata block to configure the new metadata feature. If this block is absent, metadata is disabled. See default.yaml for an example. (#2273)
• Added server.idle-timeouts for configurable idle timeouts; when unset, the previous hardcoded defaults are used (#2292, thanks @Brutus5000!)
• Added server.oper-throttle to configure throttling for failed OPER attempts; when unset, this defaults to 1 attempt every 10 seconds (#2296)

Added

• Implemented support for the draft/metadata-2 specification, allowing clients to set and retrieve metadata on accounts and channels (#2273, #2277, #2281, #2282, #2301, thanks @thatcher-gaming!)
• Added /v1/status and /v1/account_list HTTP API endpoints (#2261, thanks @SarahRoseLives!)
• Enhanced /v1/account_details API response with additional fields (#2261, thanks @SarahRoseLives!)

Fixed

• Fixed REGISTER command to strip guest format when applicable, matching NS REGISTER behavior (#2270, #2271, thanks @ValwareIRC and @thatcher-gaming!)
• Fixed invalid FAIL codes in REGISTER command (#2269, thanks @ValwareIRC!)
• Fixed validation of web push URLs to reject non-HTTPS URLs (#2295)
• Fixed inconsistent behavior when history.enabled is set but history.chathistory-maxmessages is not (#2303, #2304, thanks @branchgrove!)

Changed

• The OPER command now imposes a throttle on all attempts, never disconnects the client on failure, and logs non-sensitive information about failed attempts (#2296, #2298, thanks Xogium!)

Internal

• Official release builds use Go 1.25 (#2290)
• Upgraded the Docker base image from Alpine 3.19 to 3.22 (#2306)

v2.17.0-rc1

We're pleased to be publishing the release candidate for v2.17.0 (the official release should follow within a week or so). This release adds support for the IRCv3 metadata specification, thanks to @thatcher-gaming, as well as bug fixes and minor updates.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Many thanks to @branchgrove, @Brutus5000, @progval, @SarahRoseLives, @thatcher-gaming, @ValwareIRC, and Xogium for contributing patches, reporting issues, and helping test.

Config changes

• Added accounts.metadata block to configure the new metadata feature. If this block is absent, metadata is disabled. See default.yaml for an example. (#2273)
• Added server.idle-timeouts for configurable idle timeouts; when unset, the previous hardcoded defaults are used (#2292, thanks @Brutus5000!)
• Added server.oper-throttle to configure throttling for failed OPER attempts; when unset, this defaults to 1 attempt every 10 seconds (#2296)

Added

• Implemented support for the draft/metadata-2 specification, allowing clients to set and retrieve metadata on accounts and channels (#2273, #2277, #2281, #2282, #2301, thanks @thatcher-gaming!)
• Added /v1/status and /v1/account_list HTTP API endpoints (#2261, thanks @SarahRoseLives!)
• Enhanced /v1/account_details API response with additional fields (#2261, thanks @SarahRoseLives!)

Fixed

• Fixed REGISTER command to strip guest format when applicable, matching NS REGISTER behavior (#2270, #2271, thanks @ValwareIRC and @thatcher-gaming!)
• Fixed invalid FAIL codes in REGISTER command (#2269, thanks @ValwareIRC!)
• Fixed validation of web push URLs to reject non-HTTPS URLs (#2295)
• Fixed inconsistent behavior when history.enabled is set but history.chathistory-maxmessages is not (#2303, #2304, thanks @branchgrove!)

Changed

• The OPER command now imposes a throttle on all attempts, never disconnects the client on failure, and logs non-sensitive information about failed attempts (#2296, #2298, thanks Xogium!)

Internal

• Official release builds use Go 1.25 (#2290)
• Upgraded the Docker base image from Alpine 3.19 to 3.22 (#2306)

v2.16.0

We're pleased to be publishing v2.16.0, a new stable release. This release contains bug fixes and some minor updates.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Many thanks to @csmith, @delthas, donio, @emersion, @KlaasT, @knolley, @Mailaender, and @prdes for reporting issues and helping test.

Config changes

• Added api block for configuring the new HTTP API. If this block is absent, the API is disabled (#2231)
• Added server.additional-isupport for publishing arbitrary ISUPPORT tokens (#2220, #2240)
• Added server.command-aliases to configure aliases for server commands (#2229, #2236)
• Added options to roleplay to customize the NUH's sent for NPC and SCENE. Roleplay remains deprecated and disabled by default. (#2237)

Security

• Mitigated HTTP DoS attacks by rejecting IRC sessions that begin with an HTTP verb, such as POST. If you were relying on this to create IRC sessions via an HTTP client, please open an issue. (#2239)

Added

• Added an HTTP API, providing programmatic access to Ergo functionality (#2231, thanks @KlaasT!)
• Added SAFERATE to 005 ISUPPORT tokens (#2223, thanks @delthas!)
• Added support for ed25519-sha256 for DKIM. However, enabling this algorithm is not recommended since mainstream email providers still do not support it. (#1041, #2242)

Fixed

• Fixed CHATHISTORY TARGETS from MySQL backend reporting incorrect timestamps when the server timezone is not UTC (#2224)
• Fixed batch name parameter in draft/isupport responses (#2253)
• Fixed NS UNREGISTER not deleting the stored push subscriptions (#2254)
• Fixed cases where NS SAREGISTER could create clients without applying the default user modes (#2252, #2254, thanks donio!)
• Improved validation of CHATHISTORY parameters (#2248, #2249, thanks @prdes!)
• Added validation to ensure the MOTD is UTF-8 when enforce-utf8 is enabled (the recommended default) (#2228, #2233, thanks @KlaasT!)
• The client's own QUIT line now respects the server-time capability (#2218, #2219)
• Fixed sending unnecessary replies to certain invalid MODE changes (#2213)
• Improved safety of ISUPPORT length limits (#2241)

Changed

• The draft/message-redaction capability is no longer advertised when allow-individual-delete is disabled (#2215, #2216, thanks @delthas!)
• Receiving the UTF-8 BOM (byte-order mark) at the start of an IRC connection now produces an explicit error (#2244, #2247, thanks @csmith, @Mailaender!)

Internal

• Release builds use Go 1.24.3 (#2217)

v2.16.0-rc1

We're pleased to be publishing the release candidate for v2.16.0 (the official release should follow within a week or so). This release contains bug fixes and some minor updates.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Many thanks to @csmith, @delthas, donio, @emersion, @KlaasT, @knolley, @Mailaender, and @prdes for reporting issues and helping test.

Config changes

• Added server.additional-isupport for publishing arbitrary ISUPPORT tokens (#2220, #2240)
• Added server.command-aliases to configure aliases for server commands (#2229, #2236)
• Added options to roleplay to customize the NUH's sent for NPC and SCENE. Roleplay remains deprecated and disabled by default. (#2237)

Security

• Mitigated HTTP DoS attacks by rejecting IRC sessions that begin with an HTTP verb, such as POST. If you were relying on this to create IRC sessions via an HTTP client, please open an issue. (#2239)

Added

• Added an HTTP API, providing programmatic access to Ergo functionality (#2231, thanks @KlaasT!)
• Added SAFERATE to 005 ISUPPORT tokens (#2223, thanks @delthas!)
• Added support for ed25519-sha256 for DKIM. However, enabling this algorithm is not recommended since mainstream email providers still do not support it. (#1041, #2242)

Fixed

• Fixed CHATHISTORY TARGETS from MySQL backend reporting incorrect timestamps when the server timezone is not UTC (#2224)
• Fixed batch name parameter in draft/isupport responses (#2253)
• Fixed NS UNREGISTER not deleting the stored push subscriptions (#2254)
• Fixed cases where NS SAREGISTER could create clients without applying the default user modes (#2252, #2254, thanks donio!)
• Improved validation of CHATHISTORY parameters (#2248, #2249, thanks @prdes!)
• Added validation to ensure the MOTD is UTF-8 when enforce-utf8 is enabled (the recommended default) (#2228, #2233, thanks @KlaasT!)
• The client's own QUIT line now respects the server-time capability (#2218, #2219)
• Fixed sending unnecessary replies to certain invalid MODE changes (#2213)
• Improved safety of ISUPPORT length limits (#2241)

Changed

• The draft/message-redaction capability is no longer advertised when allow-individual-delete is disabled (#2215, #2216, thanks @delthas!)
• Receiving the UTF-8 BOM (byte-order mark) at the start of an IRC connection now produces an explicit error (#2244, #2247, thanks @csmith, @Mailaender!)

Internal

• Release builds use Go 1.24.3 (#2217)

v2.15.0

We're pleased to be publishing v2.15.0, a new stable release. This release adds support for mobile push notifications, via the draft/webpush specification. More information on this is available in the manual and user guide. This feature is still considered to be in an experimental state; default.yaml ships with it disabled, and its configuration may have backwards-incompatible changes in the future.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Ergo. Otherwise, you can update the database manually by running ergo upgradedb (see the manual for complete instructions).

Many thanks to @delthas, @donatj, donio, @emersion, and @eskimo for contributing patches and helping test.

Config changes

• Added webpush block to the config file to configure push notifications. See default.yaml for an example. Note that at this time, default.yaml ships with support for push notifications disabled; operators can enable them by setting webpush.enabled: true. In the absence of such a block, push notifications are disabled.
• We recommend the addition of "WEBPUSH": 1 to fakelag.command-budgets, to speed up mobile reattach when web push is enabled. See default.yaml for an example.

Added

• Added support for the draft/webpush specification (#2205, thanks @emersion, @eskimo!)
• Added support for the draft/extended-isupport specification (#2184, thanks @emersion!)
• UBAN ADD now accepts REQUIRE-SASL with NUH masks, i.e. k-lines (#2198, #2199)
• Ergo now publishes the SAFELIST ISUPPORT parameter (#2196, thanks @delthas!)

Fixed

• Fixed incorrect parameters when pushing 005 (ISUPPORT) updates to clients on rehash (#2177, #2184)

Internal

• Official release builds use Go 1.23.5
• Added a unique identifier to identify connections in debug logs. This has no privacy implications in a standard, non-debug configuration of Ergo. (#2206, thanks donio!)
• Added support for Solaris on amd64 CPUs (#2183)

v2.15.0-rc1

We're pleased to be publishing the release candidate for v2.15.0 (the official release should follow within two weeks or so). This release adds support for mobile push notifications, via the draft/webpush specification. More information on this is available in the manual and user guide. This feature is still considered to be in an experimental state; default.yaml ships with it disabled, and its configuration may have backwards-incompatible changes in the future.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Ergo. Otherwise, you can update the database manually by running ergo upgradedb (see the manual for complete instructions).

Many thanks to @delthas, @donatj, donio, @emersion, and @eskimo for contributing patches and helping test.

Config changes

• Added webpush block to the config file to configure push notifications. See default.yaml for an example. Note that at this time, default.yaml ships with support for push notifications disabled; operators can enable them by setting webpush.enabled: true. In the absence of such a block, push notifications are disabled.
• We recommend the addition of "WEBPUSH": 1 to fakelag.command-budgets, to speed up mobile reattach when web push is enabled. See default.yaml for an example.

Added

• Added support for the draft/webpush specification (#2205, thanks @emersion, @eskimo!)
• Added support for the draft/extended-isupport specification (#2184, thanks @emersion!)
• UBAN ADD now accepts REQUIRE-SASL with NUH masks, i.e. k-lines (#2198, #2199)
• Ergo now publishes the SAFELIST ISUPPORT parameter (#2196, thanks @delthas!)

Fixed

• Fixed incorrect parameters when pushing 005 (ISUPPORT) updates to clients on rehash (#2184)

Internal

• Official release builds use Go 1.23.4
• Added a unique identifier to identify connections in debug logs. This has no privacy implications in a standard, non-debug configuration of Ergo. (#2206, thanks donio!)
• Added support for Solaris on amd64 CPUs (#2183)

v2.14.0

We're pleased to be publishing v2.14.0, a new stable release. This release contains primarily bug fixes, with the addition of some new authentication mechanisms for integrating with web clients.

This release includes changes to the config file format, all of which are fully backwards-compatible and do not require updating the file before upgrading. It includes no changes to the database file format.

Many thanks to @al3xandros, donio, @eeeeeta, @emersion, @Eriner, @eskimo, @Herringway, @jwheare, @knolley, @mengzhuo, pathof, @poVoq, @progval, @RNDpacman, and @xnaas for contributing patches, reporting issues, and helping test.

Config changes

• Added accounts.oauth2 and accounts.jwt-auth blocks for configuring OAuth2 and JWT authentication (#2004)
• Added protocol and local-address options to accounts.registration.email-verification, to force emails to be sent over IPv4 (or IPv6) or to force the use of a particular source address (#2142)
• Added limits.realnamelen, a configurable limit on the length of realnames. If unset, no limit is enforced beyond the IRC protocol line length limits (the previous behavior). (#2123, thanks @eskimo!)
• Added the accept-hostname option to the webirc config block, allowing Ergo to accept hostnames passed from reverse proxies on the WEBIRC line. Note that this will have no effect under the default/recommended configuration, in which cloaks are used instead (#1686, #2146, thanks @RNDpacman!)
• The default/recommended value of limits.chan-list-modes (the size limit for ban/except/invite lists) was raised to 100 (#2081, #2165, #2167)

Added

• Added support for the OAUTHBEARER SASL mechanism, allowing Ergo to interoperate with Gamja and an OAuth2 provider (#2004, #2122, thanks @emersion!)
• Added support for the IRCV3BEARER SASL mechanism, allowing Ergo to accept OAuth2 or JWT bearer tokens (#2158)
• Added support for the legacy rfc1459 and rfc1459-strict casemappings (#2099, #2159, thanks @xnaas!)
• The new ergo defaultconfig subcommand prints a copy of the default config file to standard output (#2157, #2160, thanks @al3xandros!)

Fixed

• Even with allow-truncation: false (the recommended default), some oversized messages were being accepted and relayed with truncation. These messages will now be rejected with 417 ERR_INPUTTOOLONG as expected (#2170)
• NICK and QUIT from invisible members of auditorium channels are no longer recorded in history (#2133, #2137, thanks @knolley and @poVoq!)
• If channel registration was disabled, registered channels could become inaccessible after rehash; this has been fixed (#2130, thanks @eeeeeta!)
• Attempts to use unrecognized SASL mechanisms no longer count against the login throttle, improving compatibility with Pidgin (#2156, thanks donio and pathof!)
• Fixed database autoupgrade on Windows, which was previously broken due to the use of a colon in the backup filename (#2139, #2140, thanks @Herringway!)
• Fixed handling of NS CERT ADD <user> <fp> when an unprivileged user invokes it on themself (#2128, #2098, thanks @Eriner!)
• Fixed missing human-readable trailing parameters for two multiline FAIL messages (#2043, #2162, thanks @jwheare and @progval!)
• Fixed symbol sent by 353 RPL_NAMREPLY for secret channels (#2144, #2145, thanks savoyard!)

Changed

• Trying to claim a registered nickname that is also actually in use by another client now produces 433 ERR_NICKNAMEINUSE as expected (#2135, #2136, thanks savoyard!)
• SAMODE now overrides the enforcement of limits.chan-list-modes (the size limit for ban/except/invite lists) (#2081, #2165)
• Certain unsuccessful MODE changes no longer send 324 RPL_CHANNELMODEIS and 329 RPL_CREATIONTIME (#2163)
• Debug logging for environment variable configuration overrides no longer prints the value, only the key (#2129, #2132, thanks @eeeeeta!)

Internal

• Official release builds use Go 1.22.4
• Added a linux/riscv64 release (#2172, #2173, thanks @mengzhuo!)

v2.14.0-rc2

Due to the discovery of a bug (predating v2.14.0-rc1), we are releasing a new release candidate for v2.14.0 (the official release should follow within a week or so).

Please see the changelog for v2.14.0-rc1 for other changes since v2.13.1.

Fixed

• Even with allow-truncation: false (the recommended default), some oversized messages were being accepted and relayed with truncation. These messages will now be rejected with 417 ERR_INPUTTOOLONG as expected (#2170)