TRUNK ===== ## New ### Administration - Add 'watch log' command to follow live debug logs at runtime (even if disabled) ### Networking - Honour 'weight' parameter during SRV record selection - Support for RFC 8305 "Happy Eyeballs" to improve IPv4/IPv6 connectivity - Support for TCP Fast Open in server_epoll (pending LuaSocket support) - Support for deferred accept in server_epoll (pending LuaSocket support) ### MUC - Permissions updates: - Room creation restricted to local users (of the parent host) by default - restrict_room_creation = true restricts to admins, false disables all restrictions - Persistent rooms can only be created by local users (parent host) by default - muc_room_allow_persistent = false restricts to admins - Public rooms can only be created by local users (parent host) by default - muc_room_allow_public = false restricts to admins - Commands to show occupants and affiliations in the Shell ### Security and authentication - Advertise supported SASL Channel-Binding types (XEP-0440) - Implement RFC 9266 'tls-exporter' channel binding with TLS 1.3 - New role and permissions framework and API - Ability to disable and enable user accounts ### Storage - New 'keyval+' combined keyval/map store type ## Changes - Support sub-second precision timestamps - mod_blocklist: New option 'migrate_legacy_blocking' to disable migration from mod_privacy - Ability to use SQLite3 storage using LuaSQLite3 instead of LuaDBI ## Removed - Lua 5.1 support - XEP-0090 support removed from mod_time 0.12.0 ====== **2022-03-14** ## New ### Modules - mod_mimicking: Prevent address spoofing - mod_s2s_bidi: Bi-directional server-to-server (XEP-0288) - mod_external_services: generic XEP-0215 support - mod_turn_external: easy setup XEP-0215 for STUN+TURN - mod_http_file_share: File sharing via HTTP (XEP-0363) - mod_http_openmetrics for exposing metrics to stats collectors - mod_smacks: Stream management and resumption (XEP-0198) - mod_auth_ldap: LDAP authentication - mod_cron: One module to rule all the periodic tasks - mod_admin_shell: New home of the Console admin interface - mod_admin_socket: Enable secure connections to the Console - mod_tombstones: Prevent registration of deleted accounts - mod_invites: Create and manage invites - mod_invites_register: Create accounts using invites - mod_invites_adhoc: Create invites via AdHoc command - mod_bookmarks: Synchronise open rooms between clients ### Security and authentication - SNI support (including automatic certificate selection) - ALPN support in mod_net_multiplex - DANE support in low-level network layer - Direct TLS support (c2s and s2s) - SCRAM-SHA-256 - Direct TLS (including https) certificates updated on reload - Pluggable authorization providers (mod_authz_) - Easy use of Mozilla TLS recommendations presets - Unencrypted HTTP port (5280) restricted to loopback by default - require_encryption options default to 'true' if unspecified - Authentication module defaults to 'internal_hashed' if unspecified ### HTTP - CORS handling now provided by mod_http - Built-in HTTP server now handles HEAD requests - Uploads can be handled incrementally ### API - Module statuses (API change) - util.error for encapsulating errors - Promise based API for sending queries - API for adding periodic tasks - More APIs supporting ES6 Promises - Async can be used during shutdown ### Other - Plugin installer - MUC presence broadcast controls - MUC: support for XEP-0421 occupant identifiers - `prosodyctl check connectivity` via observe.jabber.network - STUN/TURN server tests in `prosodyctl check` - libunbound for DNS queries - The POSIX poll() API used by server_epoll on \*nix other than Linux ## Changes - Improved rules for mobile optimizations - Improved rules for what messages should be archived - mod_limits: Exempted JIDs - mod_server_contact_info now loaded on components if enabled - Statistics now based on OpenMetrics - Statistics scheduling can be done by plugin - Offline messages aren't sent to MAM clients - Archive quotas (means?) - Rewritten migrator with archive support - Improved automatic certificate locating and selecting - Logging to syslog no longer missing startup messages - Graceful shutdown sequence that closes ports first and waits for connections to close ## Removed - `daemonize` option deprecated - SASL DIGEST-MD5 removed - mod_auth_cyrus (older LDAP support) - Network backend server_select deprecated (not actually removed yet) 0.11.0 ====== **2018-11-18** New features ------------ - Rewritten more extensible MUC module - Store inactive rooms to disk - Store rooms to disk on shutdown - Voice requests - Tombstones in place of destroyed rooms - PubSub features - Persistence - Affiliations - Access models - "publish-options" - PEP now uses our pubsub code and now shares the above features - Asynchronous operations - Busted for tests - mod\_muc\_mam (XEP-0313 in groupchats) - mod\_vcard\_legacy (XEP-0398) - mod\_vcard4 (XEP-0292) - mod\_csi, mod\_csi\_simple (XEP-0352) - New experimental network backend "epoll" 0.10.0 ====== **2017-10-02** New features ------------ - Rewritten SQL storage module with Archive support - SCRAM-SHA-1-PLUS - `prosodyctl check` - Statistics - Improved TLS configuration - Lua 5.2 support - mod\_blocklist (XEP-0191) - mod\_carbons (XEP-0280) - Pluggable connection timeout handling - mod\_websocket (RFC 7395) - mod\_mam (XEP-0313) Removed ------- - mod\_privacy (XEP-0016) - mod\_compression (XEP-0138)