Fixes and improvements:
* mod_s2s: Fix traceback when outgoing s2s queue is full
* util.uuid: Fix padding of group 2 of UUIDv7 to use zeroes
Minor changes:
* core.modulemanager: Fix shell commands on components
* mod_s2s: Explicitly prevent sending recursive error replies when queue is full
* modulemanager: Allow component modules to specify additional inherited modules
* prosodyctl check features: Use modulemanager to calculate modules that will actually be loaded
* prosodyctl check features: change recommendation from mod_muc_mam to mod_mam
* prosodyctl check config: Fix traceback when zero modules are enabled
* mod_pubsub: Fail early if loaded outside of a component to prevent misconfiguration
* doap: Add XEP-0486
* mod_pubsub/commands: Fix listing item numbers along with item names
* mod_account_activity: Handle authentication provider returning no user info
* mod_mam: Automatically load mod_muc_mam if loaded on a MUC component
* mod_muc: Inherit mod_mam if globally loaded
* See https://blog.prosody.im/prosody-13.0.4-released/
Fixes and improvements:
* mod_storage_sql: Set configurable wait time for locked SQLite3 database
* net.server_event: Port TLS 1.3 channel binding method to libevent backend
* mod_roster: Add command for cleaning out invalid contact JIDs
* migrator: Allow migrating between different configs of the same driver
* mod_admin_shell: Allow pinging any JID with xmpp:ping()
* mod_invites: Accept –admin flag as shortcut for –role prosody:admin
* mod_mam: Add send_legacy_offline_messages_to_mam_clients config option
* mod_limits: Allow configuration of general ‘s2s’ limit, and have s2sout inherit from s2sin
* mod_storage_internal: Return item-not-found for unknown before/after ids
* MUC: Fixes for room avatar caching
Minor changes:
* core.configmanager: Fix referencing previous config options #1950
* MUC: Ensure allow MUC PM setting has valid value (fixes#1933: PM does not work on new MUCs)
* mod_storage_sql: Assert that serialization of archive:set() payload succeeds
* mod_smacks: Remove extra optional from sm element
* mod_s2s_auth_dane_in: Fix caching SHA2-512 hash
* MUC: Fix muc_room_default_presence_broadcast option not working
* util.sslconfig: Fix error when applying ssl={[port]=…}
* net.server_epoll: Restore idle checks after pause (e.g. rate limits)
* util.jid: Validate domainparts using IDNA or as IP literals (fixes#1903: Invalid JID in Roster)
* util.datamanager: Fix detection of index files created on different architectures
* util.startup: Inform process manager about failure to reload config
* mod_muc: Revert f4e16e6265e6 and invalidate avatar cache only on vcard change
* mod_http_file_share: Improve debug logging around unexpected file sizes
* mod_admin_shell: Ensure JIDs are normalized in xmpp:ping()
* mod_invites: Return error when generating password reset for non-existent account
* util.uuid: Update UUIDv7 to match RFC 9562
bsc#1254309: Fix starting prosody
Update prodody.service with content from https://hg.prosody.im/debian/file/default/prosody.service
-----------------------------------------------------------------
i Jan 23 13:05:40 UTC 2026 - Michael Vetter <mvetter@suse.com>
Update to 13.0.2:
Fixes and improvements:
* mod_storage_internal: Fix queries with only start returning extra items
* mod_invites_register: Stricter validation of registration events
Minor changes:
* MUC: Ensure allow MUC PM setting has valid value (fixes#1933: PM does not work on new MUCs)
* mod_storage_sql: Delay showing SQL library error until attempted load
* mod_storage_sql: Handle failure to deploy new UNIQUE index
* mod_storage_sql: Add shell command to create tables and indices (again)
* mod_s2s: Fix log to use formatting instead of concatenation (fixes#1461: Logging issues uncovered by mod_log_json)
* modulemanager, util.pluginloader: Improve error message when load fails but some candidates were filtered
* prosodyctl check config: add recommendation to switch from admin_telnet to shell
* mod_storage_sql: Retrieve all indices to see if the new one exists
* prosodyctl check config: List modules which Prosody cannot successfully load
* net.http.files: Fix issue with caching
* util.jsonschema: Fix handling of false as schema
* mod_invites: Consider password reset a distinct type wrt invite page
* configmanager: Emit config warning when referencing non-existent value
* mod_admin_shell: Add role:list() and role:show() commands
* MUC: Fix nickname registration form error handling (#1930)
* MUC: Fix Error when join stanza sent without resource (#1934)
* MUC: Factor out identification of join stanza
* mod_invites_register: Don’t restrict username for roster invites (thanks lissine)
* mod_admin_shell: Fix matching logic in s2s:close (Thanks Menel)
* mod_authz_internal: Improve error message when invalid role specified
* mod_http_file_share: Add media-src ‘self’ to Content-Security-Policy header
* mod_admin_shell: Visual tweaks to the output of debug:cert_index()
* mod_http: Log problems parsing IP addresses in X-Forwarded-For (Thanks Boris)
* mod_http: Fix IP address normalization (Thanks Boris)
* util.prosodyctl.check: Improve reporting of DNS lookup problems
-----------------------------------------------------------------
i Jan 23 13:05:01 UTC 2026 - Michael Vetter <mvetter@suse.com>
Update to 13.0.1:
Fixes and improvements:
* mod_admin_shell: Add debug:cert_index() command to aid debugging of automatic certificate selection
* mod_tls: Enable Prosody’s certificate checking for incoming s2s connections (fixes#1916: Impossible to override certificate verification policy in 13.0)
* portmanager: Multiple fixes to use correct certificates for direct TLS ports (fixes#1915)
* net.server_epoll: Use correct connection timeout when initiating Direct TLS
* mod_roster: Fix shell commands when a component is involved (fixes#1908: error in prosodyctl shell roster attempting to subscribe a component)
* mod_http_file_share: Explicitly reject all unsupported ranges
* mod_http_file_share: Fix off by one in Range response
* mod_admin_shell, prosodyctl shell: Report command failure when no password entered (fixes#1907: prosodyctl adduser: unexpected account creation on password mismatch)
Minor changes:
* mod_storage_sql: Drop legacy index without confirmation to ease upgrades
* util.adminstream: Fix traceback on double-close (fixes#1913: Prosody fails to completely stop while shell watch:log is active)
* certmanager: Improve logging for all cases where certs are skipped
* mod_tls: Collect full certificate chain validation information
* mod_s2s: Fix error detection with newer versions of OpenSSL
* portmanager: Add debug log message to state which certificate we end up using
* prosodyctl check certs: Use correct hostname in warning message about HTTPS
* prosodyctl check: Be more robust against invalid disco_items, and show warning
* spec/tls: Add TLS/certificate integration tests
* mod_http_file_share: Improve error reporting by using util.error more
* core.storagemanager: Fix tests by removing an assert that upset luarocks
* core.usermanager: Fix COMPAT layer for legacy is_admin() function
* certmanager: Remove obsolete and verbose index log (replaced by shell command)
* doap: Add XEP-0333, XEP-0334, XEP-0156 and mod_http_altconnect
Modules:
* A number of popular modules have transitioned from community modules into Prosody with this release:
+ mod_cloud_notify
+ mod_http_altconnect
* And the following modules are completely new:
+ mod_account_activity
+ mod_flags
+ mod_s2s_auth_dane_in
+ mod_server_info
Administration:
* New ‘prosodyctl check features’ recommends configuration improvements
* mod_announce: Add shell commands to send messages to all users, online users, or limited by roles
* New mod_account_activity plugin records last login/logout time of a user account
* New ‘watch log’ command to follow live debug logs at runtime
* Similarly, ‘watch stanzas’ can be used to capture XML logs in real-time
Networking:
* Honour ‘weight’ parameter during SRV record selection
* Support for RFC 8305 “Happy Eyeballs” to improve IPv4/IPv6 connectivity
* Support for TCP Fast Open in server_epoll (pending LuaSocket support)
* Support for deferred accept in server_epoll (pending LuaSocket support)
MUC:
* Component admins are no longer room owners by default. This can be reverted to the
old behaviour with component_admins_as_room_owners = true, but this has known
incompatibilities with some clients. Instead, use the shell or ad-hoc commands to
gain ownership of rooms when necessary.
* Permissions updates:
+ Room creation restricted to local users (of the parent host) by default
restrict_room_creation = true restricts to admins, false disables all restrictions
+ Persistent rooms can only be created by local users (parent host) by default
muc_room_allow_persistent = false restricts to admins
+ Public rooms can only be created by local users (parent host) by default
muc_room_allow_public = false restricts to admins
* Commands to show occupants and affiliations in the Shell
* Save ‘reason’ text supplied with affiliation change
* Owners can set MUC avatars (functionality previously in community module mod_vcard_muc)
Security and authentication:
* New role and permissions framework and API
* Ability to disable and enable user accounts
* A “grace period” is now supported for deletion requests via in-band registration
* Advertise supported SASL Channel-Binding types (XEP-0440)
* Implement RFC 9266 ‘tls-exporter’ channel binding with TLS 1.3
* Implement ‘tls-server-end-point’ channel binding
* Full DANE support for s2s
* No longer check certificate Common Names per RFC 9525
Storage:
* Performance improvements in internal archive stores
* Ability to use SQLite3 storage with LuaSQLite3 instead of LuaDBI
* SQLCipher support
Module API for developers:
* New ‘keyval+’ combined keyval/map store type
* Config interface API can require that string values be picked from a provided set
* Acceptable interval can be specified for number options
* Method for parsing time periods / intervals from config
* Method for retrieving integer settings from config
* It is now easy for modules to expose a Prosody shell command, by adding a shell-command item
* Modules can now implement a module.ready method which will be called after server initialization
* module:depends() now accepts a second parameter ‘soft’ to enable soft dependencies
Configuration file:
* The configuration file now supports referring and appending to options previously set
* Direct usage of the Lua API in the config file is deprecated, but can now be accessed via Lua.* instead
* Convenience functions for reading values from files, with variant meant for credentials
or secrets (e.g. from systemd-creds)
Changed in this release:
* Support sub-second precision timestamps
* mod_blocklist: New option ‘migrate_legacy_blocking’ to disable migration from mod_privacy
* Moved all modules into the Lua namespace prosody.
* Forwarded header from RFC 7239 supported, disabled by default
* mod_http_file_share now uses roles framework, affecting access from e.g. components
* Intervals of mod_cron managed periodic jobs made configurable
* When mod_smacks is enabled, s2s connections not responding to ack requests are closed.
* Arguments to prosodyctl shell that start with ‘:’ are now turned into method calls
* Support for Type=notify and notify-reload systemd service type added
* Support for the roster group access_model in mod_pep
* Support for systemd socket activation in server_epoll
* mod_invites_adhoc gained a command for creating password resets
* [mod_cloud_notify] imported from community modules for push notification support
* [mod_http_altconnect] imported from community modules, simplifying web clients
Removed in this release:
* Lua 5.1 support
* XEP-0090 support removed from mod_time
* util.rfc6724
See also:
* https://blog.prosody.im/prosody-13.0.0-released/
* https://prosody.im/doc/release/13.0.0
- Update to 0.12.5:
Fixes and improvements:
* mod_blocklist: Drop blocked messages without error, option to restore compliant behavior
Minor changes:
* core.certmanager: Validate that ‘tls_profile’ is one of the valid values
* net.http: Throw error if missing TLS context for HTTPS request
* net.http.parser: Reject overlarge header section earlier
* net.http.files: Validate argument to setup function
* MUC: optimizations for broadcast of visitor presence (thanks Jitsi team)
* net.server_event: Add ‘wrapserver’ API
* scansion: Enable blocklist compat during tests to fix CI
* prosodyctl check: Warn about invalid domain names in the config file
* util.prosodyctl.check: Correct modern replacement for ‘disallow_s2s’
* util.prosodyctl.cert: Ensure old cert is moved out of the way
* util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
* mod_smacks: Destroy timed out session in async context (fixes#1884:
ASYNC-01 in mod_smacks hibernation timeout)
* mod_invites: Fix traceback when token_info isn’t set
* mod_admin_shell: Allow matching on host or bare JID in c2s:show
* mod_admin_adhoc: Fix log messages for reloading modules.
* core.moduleapi: Default labels to empty list to fix error if omitted
* mod_muc_mam: Improve wording of enable setting
* mod_bookmarks: Suppress error publishing empty legacy bookmarks w/ no PEP node
* mod_bookmarks: Clarify log messages on failure to sync to modern PEP bookmarks
* mod_invites_adhoc: Fix result form type (thanks betarays)
* mod_disco: Advertise disco#info and #items on bare JIDs to fix
#1664: mod_disco on account doesn’t return disco#info feature
* util.xtemplate: Fix error on applying each() to zero stanzas
OBS-URL: https://build.opensuse.org/request/show/1234586
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/prosody?expand=0&rev=39
Fixes and improvements:
* mod_blocklist: Drop blocked messages without error, option to restore compliant behavior
Minor changes:
* core.certmanager: Validate that ‘tls_profile’ is one of the valid values
* net.http: Throw error if missing TLS context for HTTPS request
* net.http.parser: Reject overlarge header section earlier
* net.http.files: Validate argument to setup function
* MUC: optimizations for broadcast of visitor presence (thanks Jitsi team)
* net.server_event: Add ‘wrapserver’ API
* scansion: Enable blocklist compat during tests to fix CI
* prosodyctl check: Warn about invalid domain names in the config file
* util.prosodyctl.check: Correct modern replacement for ‘disallow_s2s’
* util.prosodyctl.cert: Ensure old cert is moved out of the way
* util.prosodyctl.check: Improve error handling of UDP socket setup (for #1803)
* mod_smacks: Destroy timed out session in async context (fixes#1884:
ASYNC-01 in mod_smacks hibernation timeout)
* mod_invites: Fix traceback when token_info isn’t set
* mod_admin_shell: Allow matching on host or bare JID in c2s:show
* mod_admin_adhoc: Fix log messages for reloading modules.
* core.moduleapi: Default labels to empty list to fix error if omitted
* mod_muc_mam: Improve wording of enable setting
* mod_bookmarks: Suppress error publishing empty legacy bookmarks w/ no PEP node
* mod_bookmarks: Clarify log messages on failure to sync to modern PEP bookmarks
* mod_invites_adhoc: Fix result form type (thanks betarays)
* mod_disco: Advertise disco#info and #items on bare JIDs to fix
#1664: mod_disco on account doesn’t return disco#info feature
* util.xtemplate: Fix error on applying each() to zero stanzas
OBS-URL: https://build.opensuse.org/package/show/devel:languages:lua/prosody?expand=0&rev=98
2025-01-02 16:07:15 +00:00
8 changed files with 306 additions and 36 deletions
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.
