v0.2.3
Bot Linking, Channel Protection & Hardening
v0.2.3 adds multi-bot networking, channel takeover protection, persistent rejoin, and a round of security fixes.
Added
- Bot linking protocol — hub-and-leaf networking with state sync, command relay, and party line chat
- Session relay —
.relay <botname>proxies a DCC console session to a remote bot - Protection frames — cross-network takeover protection and ban sharing between linked bots
- Persistent channel rejoin — periodic check every 30s, handles kick+ban, invite-only, bad key
- Takeover protection — ChanServ-backed escalation: deop, kickban, akick on mass deop
- Enforce +k/+l removal — removes unauthorized key/limit changes reactively and on join
- Channel mode tracking — mode string, key, and limit tracked from MODE and RPL_CHANNELMODEIS
- Config validation — unknown or invalid plugin config keys rejected on load with descriptive errors
Fixed
- ChanServ OP on Rizon — OP request no longer gated on ChanServ being in the channel
- DCC TOCTOU race — duplicate DCC CHAT requests now rejected when already pending
- !seen info disclosure — cross-channel queries now omit channel name and message text
- Zombie on exhausted reconnects — bot exits cleanly instead of hanging indefinitely
- Bot-link security — 1 critical + 5 warning findings fixed from security audit
- Codebase audit — 8 additional warnings fixed from full-codebase sweep
See CHANGELOG.md for the full list of changes.