mosquitto: disable auth_plugin_deny_special_chars to allow '/' in client ids (#4564)

[manuveli]

Summary by CodeRabbit

• Bug Fixes
  • Fixed regression where clients whose IDs contain forward slashes (e.g., govee2mqtt) were incorrectly rejected with "ACL denying access to client with dangerous client id" error following the Mosquitto 2.1 upgrade.
  • Restored support for special characters in client IDs and usernames with authentication plugin.

[home-assistant]

Hi @manuveli

It seems you haven't yet signed a CLA. Please do so here.

Once you do that we will be able to review and accept this pull request.

Thanks!

[home-assistant]

Please take a look at the requested changes, and use the Ready for review button when you are done, thanks 👍

Learn more about our pull request process.

[coderabbitai]

No actionable comments were generated in the recent review. 🎉

ℹ️ Recent review info

⚙️ Run configuration

Configuration used: Organization UI

Review profile: CHILL

Plan: Pro

Run ID: e0e85c46-3aab-4dd6-b1a6-7705b28a39e6

📥 Commits

Reviewing files that changed from the base of the PR and between cc2fe29 and 1896ac4.

📒 Files selected for processing (3)

• mosquitto/CHANGELOG.md
• mosquitto/config.yaml
• mosquitto/rootfs/usr/share/tempio/mosquitto.gtpl

---

📝 Walkthrough

Walkthrough

Version 7.0.1 release fixes a regression where client IDs containing forward slashes were rejected by ACL rules after the Mosquitto 2.1 upgrade. The fix disables special character denial in the authentication plugin configuration while updating the manifest version.

Changes

Cohort / File(s)	Summary
Version 7.0.1 Release mosquitto/CHANGELOG.md, mosquitto/config.yaml	Bumped version from 7.0.0 to 7.0.1 and documented regression fix for client IDs containing forward slashes.
Authentication Configuration mosquitto/rootfs/usr/share/tempio/mosquitto.gtpl	Added auth_plugin_deny_special_chars false directive to permit special characters (including /) in client IDs and usernames when using the go-auth plugin.

Estimated code review effort

🎯 2 (Simple) | ⏱️ ~10 minutes

🚥 Pre-merge checks | ✅ 3

✅ Passed checks (3 passed)

Check name	Status	Explanation
Description Check	✅ Passed	Check skipped - CodeRabbit’s high-level summary is enabled.
Title check	✅ Passed	The title accurately describes the main change: disabling auth_plugin_deny_special_chars to allow forward slashes in client IDs, which directly corresponds to the regression fix documented in the changelog entry and the template configuration change.
Docstring Coverage	✅ Passed	No functions found in the changed files to evaluate docstring coverage. Skipping docstring coverage check.

_{✏️ Tip: You can configure your own custom pre-merge checks in the settings.}

✨ Finishing Touches

🧪 Generate unit tests (beta)

• Create PR with unit tests

---

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share

• X
• Mastodon
• Reddit
• LinkedIn

_{Comment @coderabbitai help to get the list of available commands and usage tips.}

Stale

[sairon]

Nice catch, thanks for the fix!