Sounds serious, from an IRC perspective.

Arathorn · 2023-11-29T18:11:30 1701281490

The issue in question here is https://github.com/matrix-org/matrix-appservice-irc/issues/1... (and https://github.com/matrix-org/matrix-appservice-irc/pull/133...) which accidentally regressed due to other stability work done for Libera (specifically, keeping the IRC-side connections persistent, rather than reconnecting when the bridge starts). As a result there was an race condition edge case where users on the Matrix side could read history in the IRC channel while still connecting the Matrix users on the IRC side. This was one of the straws that broke the camel's back in terms of Libera wanting the bridge disabled. The other was the confusion over https://matrix.org/blog/2023/07/what-happened-with-the-archi....

snvzz · 2023-11-29T20:04:36 1701288276

Not too surprising.

IRC has some particular expectations of privacy, including that users that aren't in a room shouldn't be able to read what's going on in the room, and thus archived rooms are an exception rather than a rule.

wkat4242 · 2023-11-30T04:44:10 1701319450

That these issues haven't seen as much as even a reply since 2021 makes me understand Libera's point a lot better to be honest. Because it is indeed a serious issue.

Arathorn · 2023-11-30T09:55:28 1701338128

The linked issue and the associated PR that fixed it haven't had a reply since 2021 because they were filed and fixed in 2021.

Separately, the original issue regressed in 2023 on the Libera instance, which was tracked as a security issue... but Libera shut down the bridge before we could fix it.

wkat4242 · 2023-11-30T10:38:37 1701340717

Ah I see, I didn't realise. That explains a lot.

PS: I thought I saw the issue listed as "New Issue" and thus open but apparently not. Weird.