It's inevitable in a large channel that people will use different EiraIRC versions.

IRC has something called "CTCP" - client to client protocol, which is implemented in every major IRC client. Where you can autonomously request data from an user.

In the case of VERSION, this returns the client version and name.

Here is an example of what I would reply:

# The request
(14:46:38) [Zarthus VERSION]
# The response
(14:46:38) [Zarthus VERSION reply]: mIRC v7.42 via ZNC 1.7.x-git-222-2dbd837 - http://znc.in

CTCP's are prefixed with \001, and end with \001, and used in PRIVMSG for requests, and NOTICE for responses.

A raw CTCP request looks like this:

:[email protected] PRIVMSG Zarthus :\001VERSION\001

And a raw CTCP response looks like this:

:[email protected] NOTICE Zarthus :\001VERSION mIRC v7.42 via ZNC 1.7.x-git-222-2dbd837 - http://znc.in\001`

I believe the default list of CTCP requests include VERSION, PING, CLIENTINFO, and TIME.

All these should have a config option. VERSION leaks, well, your client version. PING leaks distance. TIME leaks local time. CLIENTINFO nobody cares about.

Automated replies are bad. A config option wouldn't hurt.

You use the word "leaks" loosely. Nothing is leaked. It is just obtainable information, which you will find anywhere on IRC. You'll find every website you visit receives more information about you than a session on IRC ever will.

Your VERSION is important data for the requester in most cases. If you're outdated, you should update. You worry about it? You give it to every server you go to. Along with your credentials if you register with their systems, and your creations if you plan to build on them. This server also has access to your IP, and client version. Why should IRC be any different?

PING "leaks" nothing at all. It is merely a test of connection. If you reply, you reply with how much seconds it took. This is the time it took to travel from you, to the server, to the hub, to the other hub, to the other server, to you, and back. There is nothing you can get from this, and for most users this will be 0 to 2 seconds. You want distance? Geolocate their IP address, which most users using EiraIRC are unaware of being broadcasted in the first place. And even then, your IP address is public information, and you give it to every website you visit.

Local time is a non-issue. We all have clocks, timezones are divided and inconsistent. If you want to know where someone is, you're better off just geolocating their IP address, or asking them "hey, where are you from".

Every IRC client implements this option and, while some offer configuration options, nobody has ever been negatively affected by CTCP in my time of using IRC.

Your suggestion is not bad, it's just based off of the wrong assumptions that what you're doing is insecure, which it is not.

And HexChat has never once stated that any of these features are insecure, or leaking information.

Hell, HexChat's version "leaks" more info about your system than it needs to. If it thought it was insecure, it would not do that. People often paste their entire system information in a channel.

Are you going back from "this would be insecure" to "this would be nice to have", or are you just saying all clients should behave as hexchat because "it is the only and best client out there ever."

The only reason ppl ever gave me when I asked them "why do you disable CTCPs?" was "privacy"

HexChat lets you control ALL replies.

There already is a allowCTCP config option - you added it yourself. We just need to make use of it here.

allowCTCP is to allow in-game to IRC CTCPs.

IRC to in-game (actually IRC to bot) should be a different option.

Sure, you can just make a mod to always deny the EiraIRC CTCP events, but that's a pain.