{
"$type": "site.standard.document",
"bskyPostRef": {
"cid": "bafyreige3htbedfjhujf4imllbucrwdinydzh2ybfoqvfub4x2umq2mr5u",
"uri": "at://did:plc:bqma3dxvtfkv542aaek7xf6c/app.bsky.feed.post/3md2jjlwl74w2"
},
"path": "/blog/2026/status-update-83/",
"publishedAt": "2026-02-22T04:41:20.980Z",
"site": "https://emersion.fr",
"tags": [
"Goguma v0.9",
"nagjo",
"glhf",
"srht2forgejo",
"go-smee",
"client certificate TLV",
"soju",
"tlstunnel",
"kimchi",
"go-proxyproto",
"hydroxide",
"drmdb",
"SQLite experiments",
"`allow_proxy_ip` directive"
],
"textContent": "Hi!\n\nLast week I’ve released Goguma v0.9! This new version brings a lot of niceties, see the release notes for more details. New since last month are audio previews implemented by delthas, images for users, channels & networks, and usage hints when typing a command. Jean THOMAS has been hard at work to update the iOS port and publish Goguma on AltStore PAL.\n\nIt’s been a while since I’ve started a NPotM, but this time I have something new to show you: nagjo is a small IRC bot for Forgejo. It posts messages on activity in Forgejo (issue opened, pull request merged, commits pushed, and so on), and it expands references to issues and pull requests in messages (writing “can you look at #42?” will reply with the issue’s title and link). It’s very similar to glhf, its GitLab counterpart, but the configuration file enables much more flexible channel routing. I hope that bot can be useful to others too!\n\nUp until now, many of my projects have moved to Codeberg from SourceHut, but the issue tracker was still stuck on todo.sr.ht due to a lack of a migration tool. I’ve hacked together srht2forgejo, a tiny script to create Forgejo issues and comments from a todo.sr.ht archive. It’s not perfect since the author is the migration user’s instead of the original one, but it’s good enough. I’ve now completely migrated all of my projects to Codeberg!\n\nI’ve added a server implementation and tests to go-smee, a small Go library for a Web push forwarding service. It comes in handy when implementing Web push receivers because it’s very simple to set up, I’ve used it when working on nagjo.\n\nI’ve extended the haproxy PROXY protocol to add a new client certificate TLV to relay the raw client certificate from a TLS terminating reverse proxy to a backend server. My goal is enabling client certificate authentication when the soju IRC bouncer sits behind tlstunnel. I’ve also sent patches for the kimchi HTTP server and go-proxyproto.\n\nBecause sending a haproxy patch involved `git-send-email`, I’ve noticed I’ve started hitting a long-standing hydroxide signature bug when sending a message. I wasn’t previously impacted by this, but some users were. It took a bit of time to hunt down the root cause (some breaking changes in ProtonMail’s crypto library), but now it’s fixed.\n\nFélix Poisot has added two new color management options to Sway: the `color_profile` command now has separate `gamma22` and `srgb` transfer functions (some monitors use one, some use the other), and a `--device-primaries` flag to read color primaries from the EDID (as an alternative to supplying a full ICC profile).\n\nWith the help of Alexander Orzechowski, we’ve fixed multiple wlroots issues regarding toplevel capture (aka. window capture) when the toplevel is completely hidden. It should all work fine now, except one last bug which results in a frozen capture if you’re unlucky (aka. you loose the race).\n\nI’ve shipped a number of drmdb improvements. Plane color pipelines are now supported and printed on the snapshot tree and properties table. A warning icon is displayed next to properties which have only been observed on tainted or unstable kernels (as is usually the case for proprietary or vendor kernel modules with custom properties). The device list now shows vendor names for platform devices (extracted from the kernel table). Devices using the new “faux” bus (e.g. vkms) are now properly handled, and all of the possible cursor sizes advertised via the `SIZE_HINTS` property are now printed. I’ve also done some SQLite experiments, however they turned out unsuccessful (see that thread and the merge request for more details).\n\ndelthas has added a new `allow_proxy_ip` directive to the kimchi HTTP server to mark IP addresses as trusted proxies, and has made it so `Forwarded`/`X-Forwarded-For` header fields are not overwritten when the previous hop is a trusted proxy. That way, kimchi can be used in more scenario: behind another HTTP reverse proxy, and behind a TCP proxy which doesn’t have a loopback IP address (e.g. tlstunnel in Docker).\n\nSee you next month!\n *[NPotM]: New Project of the Month",
"title": "Status update, January 2026",
"updatedAt": "2026-01-21T22:00:00.000Z"
}