We're pleased to be publishing the release candidate for 2.5.0 (the official release should follow in a week or so).

This release includes enhancements based on the needs of real-world operators, as well as bug fixes. Highlights include:

• UBAN, a new "unified ban" system for server operators, with a corresponding CHANSERV HOWTOBAN command for channel operators (#1447)
• A new forwarding/overflow channel mode +f (#1260)
• Support for PROXY protocol v2 (#1389)

This release includes changes to the config file format, including two breaking changes. One is fairly significant: enabling a websocket listener now requires the use of server.enforce-utf8, as has been the recommended default since 2.2.0 (so continuing to accept legacy non-UTF-8 content will require disabling websockets). The other is that the "unban" operator capability has been removed (it is now included in the "ban" capability). Other config changes are backwards compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

Many thanks to @jlu5, @kylef and @Mikaela for contributing patches, to @bogdomania, @eskimo, @happyhater, @jlu5, @kylef, @LukeHoersten, @Mikaela, @mogad0n, @robinlemon, and @vertisan for reporting issues and helping test, and to our translators for contributing translations.

Config changes

• Enabling websockets now requires server.enforce-utf8 = true (#1483)
• proxy is now a top-level field of the listener config block; in particular, the PROXY protocol (v1 or v2) can now be required ahead of a plaintext connection. The field is still accepted in its legacy position (inside the tls block). (#1389, thanks @robinlemon!)
• Added accounts.multiclient.always-on-expiration, allowing always-on clients to be timed out for inactivity (#810, thanks @bogdomania!)
• local_ prefixes have been stripped from operator capability names, so that, e.g., local_ban is now just ban. The old names are still accepted. (#1442)
• The local_unban operator capability has been removed (unbanning is now contained in the ban permission). (#1442)
• The recommended value of accounts.bcrypt-cost is now 4, the minimum acceptable value (#1497)
• server.ip-limits.custom-limits now accepts networks that contain multiple CIDRs; the old syntax is still accepted (#1421, thanks @Mikaela!
• A new field, history.restrictions.query-cutoff, generalizes the old history.restrictions.enforce-registration-date (the old field is still accepted) (#1490, thanks @Mikaela!)
• Added server.override-services-hostname, allowing the hostname of NickServ, ChanServ, etc. to be overridden (#1407, thanks @Mikaela!)
• Added a boolean hide-sts key to the listener block; this can be used to hide the STS CAP when the listener is secured at layer 3 or 4 (e.g., by a VPN or an E2E mixnet). It will still be necessary to add the relevant IPs to secure-nets. (#1428, thanks @Mikaela!)

Security

• Improved validation of names and encodings for client-only tags (#1385)
• Improved auditability of sensitive operator actions (#1443, thanks @mogad0n!)
• DEFCON 4 and lower now require Tor users to authenticate with SASL (#1450)

Fixed

• Fixed NS UNSUSPEND requiring the casefolded / lowercase version of the account name (#1382, thanks @mogad0n!)
• Fixed client-only tags in direct (user-to-user) PRIVMSG not being replayed (#1411)
• Fixed many bugs in import of Anope and Atheme databases (#1403, #1423, #1424, #1431, #1435, #1439, #1444, thanks @jlu5, @kylef, and @Mikaela!)
• Fixed case-handling bugs in RENAME (i.e., channel rename) (#1456, thanks @mogad0n!)
• Fixed incorrect processing of color code escapes in MOTD files (#1467, thanks @mogad0n!)
• STS is no longer advertised to Tor clients (#1428, thanks @Mikaela!)
• Fixed HELP/HELPOP numerics not including the nick as an argument (#1472, thanks @kylef!)
• Made connection registration snomasks less confusing (#1396, thanks @eskimo!)
• Fixed duplicated nicks in KLINE response (#1379, thanks @mogad0n!)
• The RELAYMSG tag name is now draft/relaymsg, conforming to the amended draft specification (#1468, thanks @jlu5!)
• Fixed SAJOIN not sending a MODE line to the originating client (#1383, thanks @mogad0n!)
• Improved consistency of message sources sent by CS AMODE (#1383, thanks @mogad0n!)
• Fixed duplicated JOIN line sent to some clients using the draft/resume-0.5 extension (#1397, thanks @kylef!)
• Added a warning that MySQL cannot be enabled by rehash (#1452, thanks @Mikaela!)

Changed

• Channel-user modes (e.g., +o, +v) of always-on clients are now persisted in the database (#1345)
• /CHANSERV PURGE now takes ADD, DEL, and LIST subcommands; the separate UNPURGE command has been removed; PURGE ADD now requires a confirmation code (#1294, thanks @mogad0n!)
• The characters <, >, ', ", and ; are no longer allowed in nicknames (previously registered account names containing these characters are still accepted) (#1436, thanks @happyhater!)
• Authenticated clients from Tor now receive their (account-unique) always-on cloaked hostname; this allows channel operators to ban unauthenticated Tor users by banning *!*@tor-network.onion (#1479, thanks @mogad0n!)
• Included the network name in the human-readable final parameter of 001 RPL_WELCOME (#1410)
• RELAYMSG can now take client-only tags (#1470)
• WebSocket listeners will attempt to negotiate the text.ircv3.net subprotocol; negotiating this is optional for clients (#1483)

Added

• Added UBAN, a new command giving server operators a unified interface to D-LINEs (IP bans), K-LINEs (NUH mask bans, which are now deprecated), and account suspensions (NS SUSPEND) (#1447)
• Added CHANSERV HOWTOBAN, a ChanServ subcommand that helps channel operators choose an appropriate ban (#1447)
• Added a new channel mode +f; users who cannot join the channel due to +i or +l will be forwarded to the channel specified by +f. (#1260)
• Added support for the PROXY protocol v2 (#1389, thanks @robinlemon!)
• Added support for /JOIN 0 (part all channels), requiring a confirmation code (#1417, thanks @Mikaela!)
• Added support for grouped nicknames as SASL usernames (#1476, thanks @eskimo!)
• Added history support for INVITE (#1409, thanks @Mikaela!)
• Added a new channel setting accessible via /CS SET: history-cutoff, allowing the channel owner more fine-grained control over who can see history (#1490, thanks @Mikaela!)
• Added the UTF8ONLY ISUPPORT token, allowing the server to advertise to clients that only UTF-8 content is accepted (#1483)
• Added /NICKSERV RENAME, an operator-only command that can change the case of an account name (#1380, thanks @LukeHoersten!)

Internal

• Added caching for serialized messages (#1387)
• Improved memory efficiency of line reading (#1231)

We're pleased to announce Oragono 2.4.0, a new stable release.

This release includes a number of exciting enhancements and fixes. Here are some highlights:

• Support for migrating an Anope or Atheme database to Oragono (#1042)
• A pluggable system for validating external IPs, e.g., via DNSBLs (#68, thanks @moortens!)
• draft/relaymsg, a new draft extension simplifying bridging with other chat systems (thanks @jlu5!)
• New moderation tools: +u ("auditorium", #1300), +U ("op-moderated", #1178), +M ("moderated-registered", #1182, thanks @ajaspers!), and +b m: (an extban for muting users, #307)

This release includes changes to the config file format, including one breaking change: roleplay.enabled now defaults to false (the new recommended default) instead of true when unset. Other config changes are backwards compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

Many thanks to @ajaspers, @jesopo, @moortens, and @RunBarryRun for contributing patches, to @csmith for contributing code reviews, to @ajaspers, @Amiga60077, @bogdomania, @csmith, @edk0, @eskimo, @jlu5, @jwheare, @KoraggKnightWolf, @Mitaka8, @mogad0n, @RyanSquared, and @vertisan for reporting issues and helping test, and to our translators for contributing translations.

Config changes

• Added server.ip-cloaking.enabled-for-always-on, which generates a unique hostname for each always-on client. The recommended default value of this field is true (#1312)
• Added server.coerce-ident; if this is set to a string value, all user/ident fields supplied by clients are ignored and replaced with this value. The recommended default value of this field is ~u. This simplifies bans. (#1340)
• Simplified the config file format for email verification into a new accounts.nick-reservation.email-verification section. The old format (callbacks) is still accepted (#1075)
• The recommended value of roleplay.enabled is now false; this field now defaults to false when unset (#1240, #1271)
• Added server.relaymsg section for configuring the new draft/relaymsg capability; added the new relaymsg operator capability for exercising it (#1119)
• Added allow-environment-overrides config variable, allowing config options to be overridden by environment variables. See the manual for more details. (#1049, thanks @csmith!)
• Added server.ip-check-script for configuring IP check plugins (#68, #1267, thanks @moortens!)
• Added max-concurrency restriction to accounts.auth-script section. The recommended default value is 64 (0 or unset disable the restriction) (#1267)
• Added accounts.registration.allow-before-connect; this allows the use of the new REGISTER command before connecting to the server (#1075)
• Added hidden option in operator blocks: if set to true, operator status is hidden from commands like WHOIS that would otherwise display it (#1194)
• Added accounts.nick-reservation.forbid-anonymous-nick-changes, which forbids anonymous users from changing their nicknames after initially connecting (#1337, thanks @Amiga60077!)
• Added channels.invite-expiration, allowing invites to +i channels to expire after a given amount of time (#1171)

Security

• Added /NICKSERV CLIENTS LOGOUT command for disconnecting clients connected to a user account (#1072, #1272, thanks @ajaspers!)
• Disallowed the use of service nicknames during roleplaying (#1240, thanks @Mitaka8!)
• Improved security properties of INVITE for invite-only channels, including an UNINVITE command (#1171)

Removed

• Removed the request queue system for HostServ, i.e., the REQUEST, APPROVE, and REJECT subcommands of HOSTSERV (#1346)

Fixed

• PONG is now sent with the server name as the first parameter, matching the behavior of other ircds (#1249, thanks @jesopo!)
• It was not possible to set or unset the +T no-CTCP user mode; this has been fixed (#1299, thanks @mogad0n!)
• Fixed edge cases with /NICKSERV SAREGISTER of confusable nicknames (#1322, thanks @mogad0n!)
• Fixed websocket listeners with proxy-before-TLS enabled closing on invalid PROXY lines (#1269, thanks @RyanSquared!)
• Fixed error responses and history for SANICK (#1277, #1278, thanks @eskimo!)
• Ensured that stored realnames of always-on clients are deleted during account unregistration (#1330)
• Whitespace is now stripped from KLINEs (#1327, thanks @mogad0n!)
• Fixed incorrect LUSERS counts caused by KLINE (#1303, thanks @mogad0n!)
• CHATHISTORY queries for invalid channels now get an empty batch instead of a FAIL (#1322)
• fakelag.messages-per-window = 0 no longer causes a panic (#861, thanks @vertisan!)

Added

• Added oragono importdb command for importing a converted Anope or Atheme database; see the manual for details (#1042)
• Added support for the new draft/relaymsg extension, which simplifies bridging IRC with other protocols relaymsg (#1119, thanks @jlu5!)
• Added ip-check-script, a scripting API for restricting access by client IP. We provide oragono-dnsbl, an external script that can query DNSBLs for this purpose (#68, #1267, thanks @moortens!)
• Added channel mode +u. This is an "auditorium" mode that prevents unprivileged users from seeing each other's JOIN and PART lines. It's useful for large public-announcement channels, possibly in conjunction with +m (#1300)
• Added channel mode +U. This is an "op-moderated" mode; messages from unprivileged users are sent only to channel operators, who can then choose to grant them +v. (#1178)
• Added a mute extban +b m:: users matching the ban expression (e.g., +b m:*!*@j6dwi4vacx47y.irc) will be able to join the channel, but will be unable to speak. (#307)
• Added support for the new draft/register extension, which exposes a cleaner account registration API to clients (#1075, thanks @edk0!)
• Added a 379 RPL_WHOISMODES line to the WHOIS response, making it easier for operators to see other users' modes (#769, thanks @Amiga60077 and @KoraggKnightWolf!)
• Added /CHANSERV DEOP command for removing channel operator privileges (#361, thanks @RunBarryRun!)
• Added r flag to /WHO responses for registered nicknames (#1366, thanks @Amiga60077!)

Changed

• Always-on clients now receive a user/ident of ~u by default, instead of ~user; this can be changed by setting the coerce-ident field (#1340)
• /NICKSERV SUSPEND has been modified to take subcommands (ADD, DEL, and LIST); the ADD subcommand now accepts time duration and reason arguments. See /msg NickServ HELP SUSPEND for details. (#1274, thanks @mogad0n!)
• Only the channel founder can kick the channel founder, regardless of either party's modes (#1262)
• /NICKSERV SESSIONS is now /NICKSERV CLIENTS LIST, but the old command is still accepted (#1272, thanks @ajaspers!)
• Improved SETNAME behavior for legacy clients (#1358, thanks @KoraggKnightWolf!)
• Halfops can set the channel topic (#1306)
• Full client certificates are now passed to auth scripts. This allows for more flexible checks on certificates, including verification against an internal CA (#414)

Internal

• Added a logline for debugging client disconnections (#1293)
• Renamed conventional.yaml to traditional.yaml (#1350)
• Integration tests are now run during CI (#1279)

We're pleased to be publishing the release candidate for 2.4.0 (the official release should follow in a week or so).

This release includes a number of exciting enhancements and fixes. Here are some highlights:

• Support for migrating an Anope or Atheme database to Oragono (#1042)
• A pluggable system for validating external IPs, e.g., via DNSBLs (#68, thanks @moortens!)
• draft/relaymsg, a new draft extension simplifying bridging with other chat systems (thanks @jlu5!)
• New moderation tools: +u ("auditorium", #1300), +U ("op-moderated", #1178), +M ("moderated-registered", #1182, thanks @ajaspers!), and +b m: (an extban for muting users, #307)

This release includes changes to the config file format, including one breaking change: roleplay.enabled now defaults to false (the new recommended default) instead of true when unset. Other config changes are backwards compatible and do not require updating the file before upgrading.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

Many thanks to @ajaspers, @jesopo, @moortens, and @RunBarryRun for contributing patches, to @csmith for contributing code reviews, to @ajaspers, @Amiga60077, @bogdomania, @csmith, @edk0, @eskimo, @jlu5, @jwheare, @KoraggKnightWolf, @Mitaka8, @mogad0n, @RyanSquared, and @vertisan for reporting issues and helping test, and to our translators for contributing translations.

Config changes

• Added server.ip-cloaking.enabled-for-always-on, which generates a unique hostname for each always-on client. The recommended default value of this field is true (#1312)
• Added server.coerce-ident; if this is set to a string value, all user/ident fields supplied by clients are ignored and replaced with this value. The recommended default value of this field is ~u. This simplifies bans. (#1340)
• Simplified the config file format for email verification into a new accounts.nick-reservation.email-verification section. The old format (callbacks) is still accepted (#1075)
• The recommended value of roleplay.enabled is now false; this field now defaults to false when unset (#1240, #1271)
• Added server.relaymsg section for configuring the new draft/relaymsg capability; added the new relaymsg operator capability for exercising it (#1119)
• Added allow-environment-overrides config variable, allowing config options to be overridden by environment variables. See the manual for more details. (#1049, thanks @csmith!)
• Added server.ip-check-script for configuring IP check plugins (#68, #1267, thanks @moortens!)
• Added max-concurrency restriction to accounts.auth-script section. The recommended default value is 64 (0 or unset disable the restriction) (#1267)
• Added accounts.registration.allow-before-connect; this allows the use of the new REGISTER command before connecting to the server (#1075)
• Added hidden option in operator blocks: if set to true, operator status is hidden from commands like WHOIS that would otherwise display it (#1194)
• Added accounts.nick-reservation.forbid-anonymous-nick-changes, which forbids anonymous users from changing their nicknames after initially connecting (#1337, thanks @Amiga60077!)
• Added channels.invite-expiration, allowing invites to +i channels to expire after a given amount of time (#1171)

Security

• Added /NICKSERV CLIENTS LOGOUT command for disconnecting clients connected to a user account (#1072, #1272, thanks @ajaspers!)
• Disallowed the use of service nicknames during roleplaying (#1240, thanks @Mitaka8!)
• Improved security properties of INVITE for invite-only channels, including an UNINVITE command (#1171)

Removed

• Removed the request queue system for HostServ, i.e., the REQUEST, APPROVE, and REJECT subcommands of HOSTSERV (#1346)

Fixed

• PONG is now sent with the server name as the first parameter, matching the behavior of other ircds (#1249, thanks @jesopo!)
• It was not possible to set or unset the +T no-CTCP user mode; this has been fixed (#1299, thanks @mogad0n!)
• Fixed edge cases with /NICKSERV SAREGISTER of confusable nicknames (#1322, thanks @mogad0n!)
• Fixed websocket listeners with proxy-before-TLS enabled closing on invalid PROXY lines (#1269, thanks @RyanSquared!)
• Fixed error responses and history for SANICK (#1277, #1278, thanks @eskimo!)
• Ensured that stored realnames of always-on clients are deleted during account unregistration (#1330)
• Whitespace is now stripped from KLINEs (#1327, thanks @mogad0n!)
• Fixed incorrect LUSERS counts caused by KLINE (#1303, thanks @mogad0n!)
• CHATHISTORY queries for invalid channels now get an empty batch instead of a FAIL (#1322)
• fakelag.messages-per-window = 0 no longer causes a panic (#861, thanks @vertisan!)

Added

• Added oragono importdb command for importing a converted Anope or Atheme database; see the manual for details (#1042)
• Added support for the new draft/relaymsg extension, which simplifies bridging IRC with other protocols relaymsg (#1119, thanks @jlu5!)
• Added ip-check-script, a scripting API for restricting access by client IP. We provide oragono-dnsbl, an external script that can query DNSBLs for this purpose (#68, #1267, thanks @moortens!)
• Added channel mode +u. This is an "auditorium" mode that prevents unprivileged users from seeing each other's JOIN and PART lines. It's useful for large public-announcement channels, possibly in conjunction with +m (#1300)
• Added channel mode +U. This is an "op-moderated" mode; messages from unprivileged users are sent only to channel operators, who can then choose to grant them +v. (#1178)
• Added a mute extban +b m:: users matching the ban expression (e.g., +b m:*!*@j6dwi4vacx47y.irc) will be able to join the channel, but will be unable to speak. (#307)
• Added support for the new draft/register extension, which exposes a cleaner account registration API to clients (#1075, thanks @edk0!)
• Added a 379 RPL_WHOISMODES line to the WHOIS response, making it easier for operators to see other users' modes (#769, thanks @Amiga60077 and @KoraggKnightWolf!)
• Added /CHANSERV DEOP command for removing channel operator privileges (#361, thanks @RunBarryRun!)
• Added r flag to /WHO responses for registered nicknames (#1366, thanks @Amiga60077!)

Changed

• Always-on clients now receive a user/ident of ~u by default, instead of ~user; this can be changed by setting the coerce-ident field (#1340)
• /NICKSERV SUSPEND has been modified to take subcommands (ADD, DEL, and LIST); the ADD subcommand now accepts time duration and reason arguments. See /msg NickServ HELP SUSPEND for details. (#1274, thanks @mogad0n!)
• Only the channel founder can kick the channel founder, regardless of either party's modes (#1262)
• /NICKSERV SESSIONS is now /NICKSERV CLIENTS LIST, but the old command is still accepted (#1272, thanks @ajaspers!)
• Improved SETNAME behavior for legacy clients (#1358, thanks @KoraggKnightWolf!)
• Halfops can set the channel topic (#1306)
• Full client certificates are now passed to auth scripts. This allows for more flexible checks on certificates, including verification against an internal CA (#414)

Internal

• Added a logline for debugging client disconnections (#1293)
• Renamed conventional.yaml to traditional.yaml (#1350)
• Integration tests are now run during CI (#1279)

We're pleased to announce Oragono 2.3.0, a new stable release.

This release contains primarily bug fixes, but includes one notable feature enhancement: a change contributed by @hhirtz that updates the draft/rename specification to correspond to the new (soon-to-be) published draft.

Many thanks to @hhirtz for contributing patches, to @bogdomania, @digitalcircuit, @ivan-avalos, @jesopo, @kylef, @Mitaka8, @mogad0n, and @ProgVal for reporting issues and helping test, and to our translators for contributing translations.

This release includes no changes to the config file format or database changes.

Config changes

• The recommended value of lookup-hostnames for configurations that cloak IPs (as has been the default since 2.1.0) is now false (#1228)

Security

• Mitigated a potential DoS attack on websocket listeners (#1226)

Removed

• Removed /HOSTSERV OFFERLIST and related commands; this functionality is superseded by IP cloaking (#1190)

Fixed

• Fixed an edge case in handling no-op nick changes (#1242)
• Fixed edge cases with users transitioning in and out of always-on status (#1218, #1219, thanks @bogdomania!)
• Fixed a race condition related to the registration timeout (#1225, thanks @hhirtz!)
• Fixed incorrectly formatted account tags on some messages (#1254, thanks @digitalcircuit!)
• Improved checks for invalid config files (#1244, thanks @ivan-avalos!)
• Fixed messages to services and *playback not receiving echo-message when applicable (#1204, thanks @kylef!)
• Fixed a help string (#1237, thanks @Mitaka8!)

Changed

• Updated draft/rename implementation to the latest draft (#1223, thanks @hhirtz!)

Internal

• Official release builds now use Go 1.15 (#1195)
• /INFO now includes the Go version (#1234)

Pre-release testing of 2.3.0-rc1 revealed serious bugs (#1251, #1252) that were introduced during the 2.3.0 development window. Accordingly, we're publishing a second release candidate for 2.3.0 that fixes these issues. We expect the official release of 2.3.0 next week; thanks for your patience.

Thanks to @mogad0n for help testing 2.3.0-rc1!

We're pleased to be publishing the release candidate for 2.3.0 (the official release should follow in a week or so).

This release contains primarily bug fixes, but includes one notable feature enhancement: a change contributed by @hhirtz that updates the draft/rename specification to correspond to the new (soon-to-be) published draft.

Many thanks to @hhirtz for contributing patches, to @bogdomania, @jesopo, @kylef, @Mitaka8,and @mogad0n for reporting issues and helping test, and to our translators for contributing translations.

This release includes no changes to the config file format or database changes.

Config changes

• The recommended value of lookup-hostnames for configurations that cloak IPs (as has been the default since 2.1.0) is now false (#1228)

Security

• Mitigated a potential DoS attack on websocket listeners (#1226)

Removed

• Removed /HOSTSERV OFFERLIST and related commands; this functionality is superseded by IP cloaking (#1190)

Fixed

• Fixed an edge case in handling no-op nick changes (#1242)
• Fixed edge cases with users transitioning in and out of always-on status (#1218, #1219, thanks @bogdomania!)
• Fixed a race condition related to the registration timeout (#1225, thanks @hhirtz!)
• Fixed messages to services and *playback not receiving echo-message when applicable (#1204, thanks @kylef!)
• Fixed a help string (#1237, thanks @Mitaka8!)

Changed

• Updated draft/rename implementation to the latest draft (#1223, thanks @hhirtz!)

Internal

• Official release builds now use Go 1.15 (#1195)
• /INFO now includes the Go version (#1234)

We're pleased to announce Oragono 2.2.0, a new stable release.

This release contains several notable enhancements, as well as bug fixes:

• Support for tracking seen/missed messages across multiple devices (#843)
• WHOX support contributed by @jesopo (#938)
• Authentication of users via external scripts (#1107)

Many thanks to @clukawski and @jesopo for contributing patches, to @ajaspers, @bogdomania, @csmith, @daurnimator, @emersonveenstra, @eskil, @eskimo, Geo-, @happyhater, @jesopo, @jwheare, @k4bek4be, @KoraggKnightWolf, @kylef, @LukeHoersten, @mogad0n, r3m, @RyanSquared, savoyard, and @wrmsr for reporting issues and helping test, and to our translators for contributing translations.

This release includes changes to the config file format, including one breaking change: timeout is no longer an acceptable value of accounts.nick-reservation.method. (If you were using it, we suggest strict as a replacement.) All other changes to the config file format are backwards compatible and do not require updating before restart.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

Removed

• Timeout-based nickname enforcement has been removed. We recommend strict as the default enforcement method. Users who configured timeout for their account will be upgraded to strict. With accounts.login-via-pass-command enabled, clients lacking support for SASL can authenticate via the PASS (server password command) by sending account_name:account_password as the server password. (#1027)
• Native support for LDAP has been removed. LDAP is now supported via the external oragono-ldap plugin; see its repository page for details. (#1142, #1107)

Config changes

• Added server.enforce-utf8, controlling whether the server enforces that messages be valid UTF-8; a value of true for this is now the recommended default (#1151)
• Added history.tagmsg-storage for configuring which TAGMSG are stored in history; if this is not configured, TAGMSG will not be stored (#1172)
• All TLS certificate fingerprints in the config file are now named certfp instead of fingerprint (the old name of fingerprint is still accepted) (#1050, thanks @RyanSquared!)
• Added accounts.auth-script section for configuring external authentication scripts (#1107, thanks @daurnimator!)
• Removed accounts.ldap section for configuring LDAP; LDAP is now available via the auth-script plugin interface (#1142)
• Added defcon operator capability, allowing use of the new /DEFCON command (#328)
• Default awaylen, kicklen, and topiclen limits now reflect the 512-character line limit (#1112, thanks @k4bek4be!)
• Added extjwt section for configuring the EXTJWT extension (#948, #1136)
• login-via-pass-command: true is now a recommended default (#1186)

Added

• Added support for WHOX, contributed by @jesopo (#938, thanks!)
• Added support for tracking missed messages across multiple devices; see the "history" section of the manual for details (#843, thanks @jwheare and @wrmsr!)
• Added /NICKSERV SUSPEND and /NICKSERV UNSUSPEND commands, allowing operators to suspend access to an abusive user account (#1135)
• Added support for external authentication systems, via subprocess ("auth-script") invocation (#1107, thanks @daurnimator!)
• Added the /DEFCON command, allowing operators to respond to spam or DoS attacks by disabling features at runtime without a rehash. (This feature requires that the operator have a newly defined capability, named defcon; this can be added to the appropriate oper blocks in the config file.) (#328, thanks @bogdomania!)
• Added support for the EXTJWT draft extension, allowing Oragono to be integrated with other systems like Jitsi (#948, #1136)
• Services (NickServ, ChanServ, etc.) now respond to CTCP VERSION messages (#1055, thanks @jesopo!)
• Added BOT ISUPPORT token, plus a B flag for bots in 352 RPL_WHOREPLY (#1117)
• Added support for the +T no-CTCP user mode (#1007, thanks @clukawski!)
• Added support for persisting the realname of always-on clients (#1065, thanks @clukawski!)
• Added a warning on incorrect arguments to /NICKSERV REGISTER (#1179, thanks @LukeHoersten!)
• /NICKSERV SET PASSWORD now sends a warning (#1208)

Fixed

• Fixed channels with only invisible users not being displayed in /LIST output (#1161, thanks @bogdomania!)
• Fixed INVITE not overriding a +b ban (#1168)
• Fixed incorrect CHGHOST lines during authentication with /NICKSERV IDENTIFY under some circumstances (#1108, thanks Geo-!)
• Fixed incorrect CHGHOST lines sent to users during connection registration (#1125, thanks @jesopo!)
• Fixed a number of issues affecting the znc.in/playback capability, in particular restoring compatibility with Palaver (#1205, thanks @kylef!)
• Fixed interaction of auto-away with the regular /AWAY command (#1207)
• Fixed an incorrect interaction between always-on and /NS SAREGISTER (#1216)
• Fixed a race condition where nicknames of signed-out users could remain in the channel names list (#1166, thanks @eskimo!)
• Fixed the last line of the MOTD being truncated in the absence of a terminating \n (#1167, thanks @eskimo!)
• Fixed away-notify lines not being sent on channel JOIN (#1198, thanks savoyard!)
• Fixed incorrect source of some nickserv messages (#1185)
• Fixed idle time being updated on non-PRIVMSG commands (thanks r3m and @happyhater!)
• Fixed /NICKSERV UNREGISTER and /NICKSERV ERASE not deleting stored user modes (#1157)

Security

• Connections to an STS-only listener no longer reveal the exact server version or server creation time (#802, thanks @csmith!)

Changed

• /DLINE now operates on individual client connections (#1135)
• When using the multiclient feature, each client now has its own independent MONITOR list (#1053, thanks @ajaspers!)
• MONITOR L now lists the nicknames in the form they were originally sent with MONITOR +, without casefolding (#1083)
• We now send the traditional 445 ERR_SUMMONDISABLED and 446 ERR_USERSDISABLED in response to the SUMMON and USERS commands (#1078, thanks @KoraggKnightWolf!)
• RPL_ISUPPORT parameters with no values are now sent without an = (#1067, #1069, #1091, thanks @KoraggKnightWolf and @jesopo!)
• TAGMSG storage is now controlled via the history.tagmsg-storage config block (#1172)
• /NICKSERV CERT ADD with no argument now adds the user's current TLS certificate fingerprint, when applicable (#1059, thanks @emersonveenstra!)

Internal

• The config file containing recommended defaults is now named default.yaml, instead of oragono.yaml (#1130, thanks @k4bek4be!)
• The output of the /INFO command now includes the full git hash, when applicable (#1105)

We're pleased to be publishing the release candidate for 2.2.0 (the official release should follow in a week or so).

This release contains several notable enhancements, as well as bug fixes:

• Support for tracking seen/missed messages across multiple devices (#843)
• WHOX support contributed by @jesopo (#938)
• Authentication of users via external scripts (#1107)

Many thanks to @clukawski and @jesopo for contributing patches, to @ajaspers, @bogdomania, @csmith, @daurnimator, @emersonveenstra, @eskimo, Geo-, @happyhater, @jesopo, @jwheare, @k4bek4be, @KoraggKnightWolf, @LukeHoersten, @mogad0n, r3m, @RyanSquared, and savoyard for reporting issues and helping test, and to our translators for contributing translations.

This release includes changes to the config file format, including one breaking change: timeout is no longer an acceptable value of accounts.nick-reservation.method. (If you were using it, we suggest strict as a replacement.) All other changes to the config file format are backwards compatible and do not require updating before restart.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

Removed

• Timeout-based nickname enforcement has been removed. We recommend strict as the default enforcement method. Users who configured timeout for their account will be upgraded to strict. With accounts.login-via-pass-command enabled, clients lacking support for SASL can authenticate via the PASS (server password command) by sending account_name:account_password as the server password. (#1027)
• Native support for LDAP has been removed. LDAP is now supported via the external oragono-ldap plugin; see its repository page for details. (#1142, #1107)

Config changes

• Added server.enforce-utf8, controlling whether the server enforces that messages be valid UTF-8; a value of true for this is now the recommended default (#1151)
• Added history.tagmsg-storage for configuring which TAGMSG are stored in history; if this is not configured, TAGMSG will not be stored (#1172)
• All TLS certificate fingerprints in the config file are now named certfp instead of fingerprint (the old name of fingerprint is still accepted) (#1050, thanks @RyanSquared!)
• Added accounts.auth-script section for configuring external authentication scripts (#1107, thanks @daurnimator!)
• Removed accounts.ldap section for configuring LDAP; LDAP is now available via the auth-script plugin interface (#1142)
• Added defcon operator capability, allowing use of the new /DEFCON command (#328)
• Default awaylen, kicklen, and topiclen limits now reflect the 512-character line limit (#1112, thanks @k4bek4be!)
• Added extjwt section for configuring the EXTJWT extension (#948, #1136)
• login-via-pass-command: true is now a recommended default (#1186)

Added

• Added support for WHOX, contributed by @jesopo (thanks!)
• Added support for tracking missed messages across multiple devices; see the "history" section of the manual for details (#843, thanks @jwheare and @wrmsr!)
• Added /NICKSERV SUSPEND and /NICKSERV UNSUSPEND commands, allowing operators to suspend access to an abusive user account (#1135)
• Added support for external authentication systems, via subprocess ("auth-script") invocation (#1107, thanks @daurnimator!)
• Added the /DEFCON command, allowing operators to respond to spam or DoS attacks by disabling features at runtime without a rehash. (This feature requires that the operator have a newly defined capability, named defcon; this can be added to the appropriate oper blocks in the config file.) (#328, thanks @bogdomania!)
• Added support for the EXTJWT draft extension, allowing Oragono to be integrated with other systems like Jitsi (#948, #1136)
• Services (NickServ, ChanServ, etc.) now respond to CTCP VERSION messages (#1055, thanks @jesopo!)
• Added BOT ISUPPORT token, plus a B flag for bots in 352 RPL_WHOREPLY (#1117)
• Added support for the +T no-CTCP user mode (#1007, thanks @clukawski!)
• Added support for persisting the realname of always-on clients (#1065, thanks @clukawski!)
• Added a warning on incorrect arguments to /NICKSERV REGISTER (#1179, thanks @LukeHoersten!)

Fixed

• Fixed channels with only invisible users not being displayed in /LIST output (#1161, thanks @bogdomania!)
• Fixed INVITE not overriding a +b ban (#1168)
• Fixed incorrect CHGHOST lines during authentication with /NICKSERV IDENTIFY under some circumstances (#1108, thanks Geo-!)
• Fixed incorrect CHGHOST lines sent to users during connection registration (#1125, thanks @jesopo!)
• Fixed a race condition where nicknames of signed-out users could remain in the channel names list (#1166, thanks @eskimo!)
• Fixed the last line of the MOTD being truncated in the absence of a terminating \n (#1167, thanks @eskimo!)
• Fixed away-notify lines not being sent on channel JOIN (#1198, thanks savoyard!)
• Fixed incorrect source of some nickserv messages (#1185)
• Fixed idle time being updated on non-PRIVMSG commands (thanks r3m and @happyhater!)
• Fixed /NICKSERV UNREGISTER and /NICKSERV ERASE not deleting stored user modes (#1157)

Security

• Connections to an STS-only listener no longer reveal the exact server version or server creation time (#802, thanks @csmith!)

Changed

• /DLINE now operates on individual client connections (#1135)
• When using the multiclient feature, each client now has its own independent MONITOR list (#1053, thanks @ajaspers!)
• MONITOR L now lists the nicknames in the form they were originally sent with MONITOR +, without casefolding (#1083)
• We now send the traditional 445 ERR_SUMMONDISABLED and 446 ERR_USERSDISABLED in response to the SUMMON and USERS commands (#1078, thanks @KoraggKnightWolf!)
• RPL_ISUPPORT parameters with no values are now sent without an = (#1067, @1069, #1091, thanks @KoraggKnightWolf and @jesopo!)
• TAGMSG storage is now controlled via the history.tagmsg-storage config block (#1172)
• /NICKSERV CERT ADD with no argument now adds the user's current TLS certificate fingerprint, when applicable (#1059, thanks @emersonveenstra!)

Internal

• The config file containing recommended defaults is now named default.yaml, instead of oragono.yaml (#1130, thanks @k4bek4be!)
• The output of the /INFO command now includes the full git hash, when applicable (#1105)

We're pleased to announce Oragono 2.1.0, a new stable release.

Since the release of 2.0.0 in March, a number of new communities and organizations have adopted Oragono as a communications tool. This new release incorporates many improvements and fixes derived from the experiences of real-world operators and end users. Highlights include:

• Native support for websockets contributed by @hhirtz, eliminating the need for a separate websockets-to-IRC proxy server
• Tighter control over the relationship between account names and nicknames, eliminating the need for extbans
• Support for sending account verification emails directly from Oragono, including DKIM signatures

Many thanks to @ajaspers and @hhirtz for contributing patches, to @ajaspers, @eklitzke, and @hhirtz for contributing code reviews, to @ajaspers, @bogdomania, @clukawski, Csibesz, @csmith, @eklitzke, @nxths, @hhirtz, @jesopo, @jlnt, @justjanne, @jwheare, @k4bek4be, @KoraggKnightWolf, @kula, @kylef, @Mitaka8, @petteri, @PizzaLover2007, @prawnsalad, @RyanSquared, savoyard, and @xPaw for reporting issues, and to @bogdomania, @boppy, Nuve, stickytoffeepuddingwithcaramel, and @vegax87 for contributing translations.

This release includes changes to the config file format, including one breaking change: support for server.ip-cloaking.secret-environment-variable has been removed. (See below for instructions on how to upgrade if you were using this feature.) All other changes to the config file format are backwards compatible and do not require updating before restart.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

This release includes a change to the MySQL schema. This change will be applied automatically when you restart Oragono. It is fully backwards compatible (i.e., if it is necessary for you to downgrade Oragono back to 2.0.0, it will not be necessary to downgrade the schema).

Config Changes

• Added websocket attribute of individual listeners, and a new server.websockets section, for configuring websocket listeners. (#967, thanks @hhirtz!)
• The recommended default is now to enable IP cloaking. In order to facilitate this, the cloaking secret is now stored in the database, instead of the config file. If you currently have a secret stored in the config file (as server.ip-cloaking.secret), it will be automatically imported into the database. If you were using secret-environment-variable to distribute your cloaking secret, you can import it manually after restart using the new /HOSTSERV SETCLOAKSECRET command. (#952)
• Added accounts.nick-reservation.force-nick-equals-account, which ensures that logged-in clients are using their account name as their nickname. This eliminates the need for extbans and is a new recommended default. (#864)
• Added guest-nickname-format and force-guest-format, which optionally add a prefix like Guest- to the nicknames of unauthenticated users (#749)
• The recommended default is now to enable history storage and playback, with messages expiring after 7 days. (As with all changes in recommended config values, applying this to an existing config file requires explicitly changing the values.) (#1030)
• Added history.retention section for controlling new features related to history storage and deletion (#858)
• The recommended default for accounts.multiclient.always-on is now opt-in (#919)
• Added accounts.default-user-modes; the recommended default is now to set +i on all users automatically (#942, thanks @ajaspers!)
• Added channels.list-delay, allowing restrictions on channel listings as a defence against spambots (#964)
• Added accounts.multiclient.auto-away, allowing always-on clients to be automatically marked as away when all their sessions disconnect
• Added accounts.throttling as a global throttle on the creation of new accounts (#913)
• New format for accounts.callbacks.mailto, allowing direct email sending and DKIM signing (#921)
• Added accounts.login-via-pass-command, providing a new mechanism for legacy clients to authenticate to accounts by sending PASS account:password pre-registration (#1020)
• Added datastore.mysql.socket-path, allowing MySQL connections over UNIX domain sockets (#1016, thanks savoyard and @ajaspers!)
• Added roleplay section for controlling the server's roleplay features (#865)
• The recommended default for accounts.nick-reservation.allow-custom-enforcement is now false (#918)
• The recommended default is now to allow PROXY and WEBIRC lines from localhost (#989, #1011)
• Added channels.registration.operator-only, optionally restricting channel registrations to operators (#685)
• Added server.output-path for controlling where the server writes output files (#1004)
• Operator capability names prefixed with oper: have been normalized to remove the prefix (the old names are still respected in the config file) (#868)
• The log category names localconnect and localconnect-ip have been changed to connect and connect-ip respectively (the old names are still respected in the config file) (#940)

Security

• Fixed incorrect enforcement of ban/invite/exception masks under some circumstances (#983)
• STATUSMSG were being stored in history without the relevant minimum-prefix information, so they could be replayed to unprivileged users. This was fixed by not storing them at all. (#959, thanks @prawnsalad!)
• Fixed invisible users not being hidden from WHO * queries (#991, thanks @ajaspers!)
• Restricted nicknames of some additional common services: OperServ, BotServ, MemoServ, and Global (#1080, thanks @KoraggKnightWolf!)

Fixed

• Fixed incorrect rejection of draft/multiline messages containing blank lines (#1005, thanks @jwheare!)
• Fixed roleplay commands, which were completely broken from v1.1.0 through v2.0.0 (#865, thanks @petteri and @Mitaka8!)
• Fixed /SAMODE applying user mode changes to the operator instead of the target user (#866, thanks @csmith!)
• Fixed some channels not being unregistered during account unregistration (#889)
• Fixed /NICKSERV SET and related commands being unavailable when account registration is disabled (#922, thanks @PizzaLover2007!)
• Fixed TAGMSG not being replayed correctly in history (#1044)
• Fixed incorrect 401 ERR_NOSUCHNICK responses on TAGMSG sent to a service (#1051, thanks @ajaspers!)
• Fixed 301 RPL_AWAY not being sent in WHOIS responses when applicable (#850)
• /OPER with no password no longer disconnects the client (#951)
• Fixed failure to send extended-join responses after account unregistration (#933, thanks @jesopo!)
• Improved validation of channel keys (#1021, thanks @kylef!)
• Fixed labeling of 421 ERR_UNKNOWNCOMMAND responses (#994, thanks @k4bek4be!)
• Fixed incorrect parsing of ident protocol responses (#1002, thanks @justjanne!)
• Fixed registration completing after NICK and an ident response, without waiting for USER (#1057, thanks @KoraggKnightWolf!)
• Fixed messages rejected by the +R mode being stored in history (#1061, thanks @KoraggKnightWolf!)
• Fixed redundant /INVITE commands not sending 443 ERR_USERONCHANNEL (#842, thanks @hhirtz!)
• Fixed /NICKSERV REGISTER response displaying mailto: out of context (#985, thanks @eklitzke!)
• Fixed nickname changes not sending 731 RPL_MONOFFLINE when appropriate (#1076, thanks @ajaspers!)
• Fixed incorrect MONITOR responses in some cases (#1086, thanks @ajaspers!)
• Fixed HostServ approval and rejection notices being sent from the wrong source (#805)
• Error messages for invalid TLS certificate/key pairs are now more informative (#982)
• Fixed error message when attempting to attach a plaintext session to an always-on client (#955, thanks @bogdomania and @xPaw!)
• Increased the TLS handshake timeout, increasing reliability under high CPU contention (#894)
• Fixed CHANMODES ISUPPORT token (#408, #874, thanks @hhirtz!)
• Fixed 002 RPL_MYINFO parameters (#1058, thanks [@KoraggKnightWolf](htt...

We're pleased to be publishing the release candidate for 2.1.0 (the official release should follow in a week or so).

Since the release of 2.0.0 in March, a number of new communities and organizations have adopted Oragono as a communications tool. This new release incorporates many improvements and fixes derived from the experiences of real-world operators and end users. Highlights include:

• Native support for websockets contributed by @hhirtz, eliminating the need for a separate websockets-to-IRC proxy server
• Tighter control over the relationship between account names and nicknames, eliminating the need for extbans
• Support for sending account verification emails directly from Oragono, including DKIM signatures

Many thanks to @ajaspers and @hhirtz for contributing patches, to @ajaspers, @eklitzke, and @hhirtz for contributing code reviews, to @ajaspers, @bogdomania, @clukawski, Csibesz, @csmith, @eklitzke, @nxths, @hhirtz, @jesopo, @jlnt, @justjanne, @jwheare, @k4bek4be, @kula, @kylef, @Mitaka8, @petteri, @PizzaLover2007, @prawnsalad, @RyanSquared, savoyard, and @xPaw for reporting issues, and to @bogdomania, @boppy, Nuve, stickytoffeepuddingwithcaramel, and @vegax87 for contributing translations. for contributing translations.

This release includes changes to the config file format, including one breaking change: support for server.ip-cloaking.secret-environment-variable has been removed. (See below for instructions on how to upgrade if you were using this feature.) All other changes to the config file format are backwards compatible and do not require updating before restart.

This release includes a database change. If you have datastore.autoupgrade set to true in your configuration, it will be automatically applied when you restart Oragono. Otherwise, you can update the database manually by running oragono upgradedb (see the manual for complete instructions).

This release includes a change to the MySQL schema. This change will be applied automatically when you restart Oragono. It is fully backwards compatible (i.e., if it is necessary for you to downgrade Oragono back to 2.0.0, it will not be necessary to downgrade the schema).

Config Changes

• Added websocket attribute of individual listeners, and a new server.websockets section, for configuring websocket listeners. (#967, thanks @hhirtz!)
• The recommended default is now to enable IP cloaking. In order to facilitate this, the cloaking secret is now stored in the database, instead of the config file. If you currently have a secret stored in the config file (as server.ip-cloaking.secret), it will be automatically imported into the database. If you were using secret-environment-variable to distribute your cloaking secret, you can import it manually after restart using the new /HOSTSERV SETCLOAKSECRET command. (#952)
• Added accounts.nick-reservation.force-nick-equals-account, which ensures that logged-in clients are using their account name as their nickname. This eliminates the need for extbans and is a new recommended default. (#864)
• Added guest-nickname-format and force-guest-format, which optionally add a prefix like Guest- to the nicknames of unauthenticated users (#749)
• The recommended default is now to enable history storage and playback, with messages expiring after 7 days. (As with all changes in recommended config values, applying this to an existing config file requires explicitly changing the values.) (#1030)
• Added history.retention section for controlling new features related to history storage and deletion (#858)
• The recommended default for accounts.multiclient.always-on is now opt-in (#919)
• Added accounts.default-user-modes; the recommended default is now to set +i on all users automatically (#942, thanks @ajaspers!)
• Added channels.list-delay, allowing restrictions on channel listings as a defence against spambots (#964)
• Added accounts.multiclient.auto-away, allowing always-on clients to be automatically marked as away when all their sessions disconnect
• Added accounts.throttling as a global throttle on the creation of new accounts (#913)
• New format for accounts.callbacks.mailto, allowing direct email sending and DKIM signing (#921)
• Added accounts.login-via-pass-command, providing a new mechanism for legacy clients to authenticate to accounts by sending PASS account:password pre-registration (#1020)
• Added datastore.mysql.socket-path, allowing MySQL connections over UNIX domain sockets (#1016, thanks savoyard and @ajaspers!)
• Added roleplay section for controlling the server's roleplay features (#865)
• The recommended default for accounts.nick-reservation.allow-custom-enforcement is now false (#918)
• The recommended default is now to allow PROXY and WEBIRC lines from localhost (#989, #1011)
• Added channels.registration.operator-only, optionally restricting channel registrations to operators (#685)
• Added server.output-path for controlling where the server writes output files (#1004)
• Operator capability names prefixed with oper: have been normalized to remove the prefix (the old names are still respected in the config file) (#868)
• The log category names localconnect and localconnect-ip have been changed to connect and connect-ip respectively (the old names are still respected in the config file) (#940)

Security

• Fixed incorrect enforcement of ban/invite/exception masks under some circumstances (#983)
• STATUSMSG were being stored in history without the relevant minimum-prefix information, so they could be replayed to unprivileged users. This was fixed by not storing them at all. (#959, thanks @prawnsalad!)
• Fixed invisible users not being hidden from WHO * queries (#991, thanks @ajaspers!)

Fixed

• Fixed incorrect rejection of draft/multiline messages containing blank lines (#1005, thanks @jwheare!)
• Fixed roleplay commands, which were completely broken from v1.1.0 through v2.0.0 (#865, thanks @petteri and @Mitaka8!)
• Fixed /SAMODE applying user mode changes to the operator instead of the target user (#866, thanks @csmith!)
• Fixed some channels not being unregistered during account unregistration (#889)
• Fixed /NICKSERV SET and related commands being unavailable when account registration is disabled (#922, thanks @PizzaLover2007!)
• Fixed TAGMSG not being replayed correctly in history (#1044)
• Fixed 301 RPL_AWAY not being sent in WHOIS responses when applicable (#850)
• /OPER with no password no longer disconnects the client (#951)
• Fixed failure to send extended-join responses after account unregistration (#933, thanks @jesopo!)
• Improved validation of channel keys (#1021, thanks @kylef!)
• Fixed labeling of 421 ERR_UNKNOWNCOMMAND responses (#994, thanks @k4bek4be!)
• Fixed incorrect parsing of ident protocol responses (#1002, thanks @justjanne!)
• Fixed redundant /INVITE commands not sending 443 ERR_USERONCHANNEL (#842, thanks @hhirtz!)
• Fixed /NICKSERV REGISTER response displaying mailto: out of context (#985, thanks @eklitzke!)
• Fixed HostServ approval and rejection notices being sent from the wrong source (#805)
• Error messages for invalid TLS certificate/key pairs are now more informative (#982)
• Fixed error message when attempting to attach a plaintext session to an always-on client (#955, thanks @bogdomania and @xPaw!)
• Increased the TLS handshake timeout, increasing reliability under high CPU contention (#894)
• Fixed CHANMODES ISUPPORT token (#408, #874, thanks @hhirtz!)
• Fixed edge cases in handling of the +k channel mode parameter (#874, thanks @hhirtz!)
• account-notify lines are now part of the labeled-response batch when applicable (#1018)
• Fixed incorrect help description of channel mode +R (#930, thanks @PizzaLover2007!)
• Fixed 255 RPL_LUSERME response to indicate that the number of federated peer servers is 0 (#846, thanks @RyanSquared!)

Changed

• Account names are now permanent identifiers; they cannot be re-registered after unregistration, and applicable nickname protections remain in force. (#793)
• User modes of always-on clients now persist across server restarts (#819)
• Registered channels with no members remain present on the server, including their in-memory history messages when applicable (#704, thanks [@bogdomania](https://github.com/...