From f1d4975a4ac554372da2145025d8980e47039185 Mon Sep 17 00:00:00 2001 From: user Date: Sun, 15 Feb 2026 03:12:56 +0100 Subject: [PATCH] docs: clean up TODO, draft v1.1.0 and v2.0.0 roadmap Remove shipped items from backlog (waves 3-4, SASL, rate limiting, IRCv3, channel management, state persistence, data update script). Draft v1.1.0 (hardening + wave 5 plugins) and v2.0.0 (multi-server + stable API) milestones. Co-Authored-By: Claude Opus 4.6 --- ROADMAP.md | 21 +++++++++++++++++++-- TODO.md | 33 +++++---------------------------- 2 files changed, 24 insertions(+), 30 deletions(-) diff --git a/ROADMAP.md b/ROADMAP.md index e8b15a6..139197f 100644 --- a/ROADMAP.md +++ b/ROADMAP.md @@ -59,9 +59,26 @@ ## v1.0.0 -- Stable (done) -- [ ] Multi-server support - [x] IRCv3 capability negotiation (CAP LS 302) - [x] Message tags support (IRCv3 @tags parsing) -- [ ] Stable plugin API (versioned) - [x] Channel management commands (kick, ban, unban, topic, mode) - [x] Plugin state persistence (SQLite key-value store) + +## v1.1.0 -- Hardening + Wave 5 Plugins + +- [ ] Message truncation for IRC 512-byte limit +- [ ] Configurable reconnect backoff (exponential) +- [ ] Per-channel plugin enable/disable +- [ ] Integration tests with mock IRC server +- [ ] Bot orchestrator + config merge tests +- [ ] `username` plugin (cross-platform username enumeration) +- [ ] `wayback` plugin (Wayback Machine snapshot lookup) +- [ ] `dork` plugin (Google dork query builder) + +## v2.0.0 -- Multi-Server + Stable API + +- [ ] Multi-server support (per-server config, shared plugins) +- [ ] Stable plugin API (versioned, breaking change policy) +- [ ] Structured logging (JSON output option) +- [ ] `emailcheck` plugin (SMTP VRFY/RCPT TO) +- [ ] `canary` plugin (canary token generator/tracker) diff --git a/TODO.md b/TODO.md index 516c36d..d915706 100644 --- a/TODO.md +++ b/TODO.md @@ -1,21 +1,7 @@ # derp - Backlog -## Wave 3 Plugins (local databases) -- CURRENT +## Plugins -- [ ] `geoip` -- GeoLite2-City mmdb (requires `maxminddb`) -- [ ] `asn` -- GeoLite2-ASN mmdb (same package) -- [ ] `torcheck` -- local Tor exit node list, daily refresh -- [ ] `iprep` -- Firehol/Emerging Threats blocklist feeds -- [ ] `cve` -- local NVD JSON feed mirror - -## Wave 4 Plugins (advanced) - -- [ ] `opslog` -- timestamped operational notes (SQLite) -- [ ] `note` -- per-channel persistent key-value store -- [ ] `subdomain` -- crt.sh + wordlist DNS brute force -- [ ] `headers` -- HTTP header fingerprinting with local sigs -- [ ] `exploitdb` -- local exploit-db CSV search -- [ ] `payload` -- SQLi/XSS/SSTI template library - [ ] `username` -- cross-platform username enumeration - [ ] `emailcheck` -- SMTP VRFY/RCPT TO verification - [ ] `dork` -- Google dork query builder @@ -24,22 +10,12 @@ ## Bot Features -- [x] SASL PLAIN authentication -- [x] Rate limiting (anti-flood, token bucket) -- [x] CTCP responses (VERSION, TIME, PING) -- [x] Admin/owner permission system (hostmask-based) - [ ] Per-channel plugin enable/disable -- [ ] Channel management commands (kick, ban, topic) - [ ] Multi-server support -- [ ] IRCv3 capability negotiation - -## Improvements - -- [ ] Structured logging (JSON output option) -- [ ] Plugin state persistence (SQLite backend) -- [ ] Configurable reconnect backoff (exponential) +- [ ] Stable plugin API (versioned) - [ ] Message truncation for IRC 512-byte limit -- [ ] Data update script for local databases (cron-friendly) +- [ ] Configurable reconnect backoff (exponential) +- [ ] Structured logging (JSON output option) ## Testing @@ -47,3 +23,4 @@ - [ ] Bot orchestrator unit tests - [ ] Config merge edge case tests - [ ] Plugin command tests (encode, hash, dns, etc.) +- [ ] CAP negotiation tests (mock connection)