24.10

Release notes copied from the original ejabberd 24.10 announcement post:

🚀 ejabberd 24.10: The "Bidi" Stream Release

We’re excited to announce ejabberd 24.10, a major release packed with substantial improvements and support for important extensions specified by the XMPP Standard Foundation (XSF). This release represents three months of focused development, bringing around 100 commits to the core repository alongside key updates in dependencies. The improvements span enhanced security and streamlined connectivity—all designed to make ejabberd more powerful and easier to use than ever.

Release Highlights:

• XEP-0288: Bidirectional Server-to-Server Connections
• XEP-0480: SASL Upgrade Tasks
• IQ permission in privileged entities
• PubSub varied fixes
• WebAdmin improvements

If you are upgrading from a previous version, please note minor changes in commands and two changes in hooks. There are no configuration or SQL schema changes in this release.

Below is a detailed breakdown of the new features, fixes, and enhancements:

Support for XEP-0288: Bidirectional Server-to-Server Connections

The new mod_s2s_bidi module introduces support for XEP-0288: Bidirectional Server-to-Server Connections. This update removes the requirement for two connections per server pair in XMPP federations, allowing for more streamlined inter-server communications. However, for full compatibility, ejabberd can still connect to servers that do not support bidirectional connections, using two connections when necessary. The module is enabled by default in the sample configuration.

Support for XEP-0480: SASL Upgrade Tasks

The new mod_scram_upgrade module implements XEP-0480: SASL Upgrade Tasks. Compatible clients can now automatically upgrade encrypted passwords to more secure formats, enhancing security with minimal user intervention.

PubSub Service Improvements

We’ve implemented six noteworthy fixes to improve PubSub functionality:

• PEP notifications are sent only to owners when +notify (3469a51)
• Non-delivery errors for locally generated notifications are now skipped (d4b3095)
• Fix default node config parsing (b439929)
• Fix merging of default node options (ca54f81)
• Fix choice of node config defaults (a9583b4)
• Fall back to default plugin options (36187e0)

IQ permission for privileged entities

The mod_privilege module now supports IQ permission based on version 0.4 of XEP-0356: Privileged Entity. See #3889 for details. This feature is especially useful for XMPP gateways using the Slidge library.

WebAdmin improvements

ejabberd 24.06 release laid the foundation for a more streamlined WebAdmin interface, reusing existing commands instead of using specific code, with a possibly different logic. This major change allows developers to add new pages very fast, just by calling existing commands. It also allows administrators to use the same commands than in ejabberdctl or any other command frontend.

As a result, many new pages and content were added. Building on that, the 24.10 update introduces MAM (Message Archive Management) support, allowing administrators to view message counts, remove all MAM messages, or only for a specific contact, and also view the MAM Archive directly from WebAdmin.

Additionally, WebAdmin now hides pages related to modules that are disabled, preventing unnecessary options from displaying. This affects mod_last, mod_mam, mod_offline, mod_privacy, mod_private, mod_roster, mod_vcard.

Fixes in commands

• set_presence: Now returns an error when the session is not found.

• send_direct_invitation: Improved handling of malformed JIDs.

• update: Fix command output. So far, ejabberd_update:update/0 returned the return value of release_handler_1:eval_script/1. That function returns the list of updated but unpurged modules, i.e., modules where one or more processes are still running an old version of the code. Since commit 5a34020d23f455f80a144bcb0d8ee94770c0dbb1, the ejabberd update command assumes that value to be the list of updated modules instead. As that seems more useful, modify ejabberd_update:update/0 accordingly. This fixes the update command output.

• get_mam_count: New command to retrieve the number of archived messages for a specific account.

Changes in hooks

Two key changes in hooks:

• New check_register_user hook in ejabberd_auth.erl to allow blocking account registration when a tombstone exists.

• Modified room_destroyed hook in mod_muc_room.erl. Until now the hook passed as arguments: LServer, Room, Host. Now it passes: LServer, Room, Host, Persistent That new Persistent argument passes the room persistent option, required by mod_tombstones because only persistent rooms should generate a tombstone, temporary ones should not. And the persistent option should not be completely overwritten, as we must still known its real value even when room is being destroyed.

Log Erlang/OTP and Elixir versions

During server start, ejabberd now shows in the log not only its version number, but also the Erlang/OTP and Elixir versions being used. This will help the administrator to determine what software versions are being used, which is specially useful when investigating some problem, and explaining it to other people for help.

The ejabberd.log file now looks like this:

...
2024-10-22 13:47:05.424 [info] Creating Mnesia disc_only table 'oauth_token'
2024-10-22 13:47:05.427 [info] Creating Mnesia disc table 'oauth_client'
2024-10-22 13:47:05.455 [info] Waiting for Mnesia synchronization to complete
2024-10-22 13:47:05.591 [info] ejabberd 24.10 is started in the node :ejabberd@localhost in 1.93s
2024-10-22 13:47:05.606 [info] Elixir 1.16.3 (compiled with Erlang/OTP 26)
2024-10-22 13:47:05.606 [info] Erlang/OTP 26 [erts-14.2.5.4] [source] [64-bit] [smp:4:4] [ds:4:4:10] [async-threads:1] [jit:ns]

2024-10-22 13:47:05.608 [info] Start accepting TCP connections at 127.0.0.1:7777 for :mod_proxy65_stream
2024-10-22 13:47:05.608 [info] Start accepting UDP connections at [::]:3478 for :ejabberd_stun
2024-10-22 13:47:05.608 [info] Start accepting TCP connections at [::]:1883 for :mod_mqtt
2024-10-22 13:47:05.608 [info] Start accepting TCP connections at [::]:5280 for :ejabberd_http
...

Brand new ProcessOne and ejabberd web sites

We’re excited to unveil the redesigned ProcessOne website, crafted to better showcase our expertise in large-scale messaging across XMPP, MQTT, Matrix, and more. This update highlights our core mission of delivering scalable, reliable messaging solutions, with a fresh layout and streamlined structure that reflect our cutting-edge work in the field.

You now get a cleaner ejabberd page, offering quick access to important URLs for downloads, blog posts, and documentation.

Behind the scenes, we’ve transitioned from WordPress to Ghost, a move inspired by its efficient, user-friendly authoring tools and long-term maintainability. All previous blog content has been preserved, and with this new setup, we’re poised to deliver more frequent updates on messaging, XMPP, ejabberd, and related topics.

We welcome your feedback—join us on our new site to share your thoughts, or let us know about any issue or broken link!

Acknowledgments

We would like to thank the contributions to the source code, documentation, and translation provided for this release by:

• Holger Weiß for PubSub and other fixes
• Michael Slezak for mix release fix
• Guus der Kinderen for the XMPP Interop tests
• Sketch6580, updated the Chinese translation
• Wellington Uemura, updated the Portuguese (Brazil) translation
• Ermete Melchiorre, updated the Italian translation
• Mr. EddX, updated the Bulgarian translation

And also to all the people contributing in the ejabberd chatroom, issue tracker...

Improvements in ejabberd Business Edition

Customers of the ejabberd Business Edition, in addition to all those improvements and bugfixes, also get MUC support in mod_unread.

ejabberd keeps ...

24.07

Release notes copied from the original ejabberd 24.07 announcement post:

🚀 Introducing ejabberd 24.07: Bugfix Release

This ejabberd 24.07 is mostly a bugfix release for the recent 24.06, and also includes a few improvements.

If you upgrade ejabberd from a previous release, please check the WebAdmin Config Changes.

A more detailed explanation of those topics and other features:

WebAdmin API permissions configuration

The ejabberd 24.06 release notes announced the Improved WebAdmin with commands usage, and mentioned some api_permissions configuration details, but it was not explicit enough about this fact: with the default ejabberd configuration, an admin was allowed to log in to WebAdmin from any machine, but was only allowed to run commands from the loopback IP address! The WebAdmin showed the page sections, but they were all empty. In addition, there was a bug that showed similar symptoms when entering the WebAdmin from one host and then logging in as an account in another host. Both problems and their solutions are described in #4249.

Please update your configuration accordingly, adding permission from web admin to execute all commands to accounts logged in with admin privilege:

api_permissions:
  "webadmin commands":
    from: ejabberd_web_admin
    who: admin
    what: "*"

Of course you can customize that access as much as you want: only from specific IP addresses, only to certain accounts, only for specific commands...

New option update_sql_schema_timeout

The new option update_sql_schema_timeout allows the schema update process to use longer timeouts. The default value is set to 5 minutes.

This also makes batch of schema updates to single table use transaction. This should help in not leaving table in inconsistent state if some update steps fail (unless you use MySQL where you can't rollback changes to table schemas).

Acknowledgments

We would like to thank the contributions to the source code, documentation, and translation provided for this release by:

• Holger Weiß for several bugfixes
• Pouriya Jahanbakhsh for hook subscribers support
• Michael Slezak for Elixir logging fix
• heyanyanchina123, fixed mysql.sql archive origin_id
• Sketch6580, updated the Chinese translation
• Ermete Melchiorre, updated the Italian translation
• Wellington Uemura, updated the Portuguese (Brazil)

And also to all the people contributing in the ejabberd chatroom, issue tracker...

ChangeLog

This is a more detailed list of changes in this ejabberd release:

Core

• ejabberd_options: Add trailing @ to @VERSION@ parsing
• mod_http_api: Fix problem parsing tuples when using OTP 27 json library (#4242)
• mod_http_api: Restore args conversion of {"k":"v"} to tuple lists
• mod_matrix_gw: Add misc:json_encode_With_kv_lists and use it in matrix sign function
• mod_muc: Output muc#roominfo_avatarhash in room disco info as per updated XEP-0486 (#4234)
• mod_muc: Improve cross version handling of muc retractions
• node_pep: Add missing feature item-ids to node_pep
• mod_register: Send welcome message as chat too (#4246)
• ejabberd_hooks: Support for ejabberd hook subscribers, useful for mod_prometheus
• ejabberd.app: Don't add iex to included_applications
• make-installers: Fix path in scripts in regular user install (#4258)
• Test: New tests for API commands

Documentation

• mod_matrix_gw: Fix matrix_id_as_jid option documentation
• mod_register: Add example configuration of welcome_message option
• mix.exs: Add ejabberd example config files to the hex package
• Update CODE_OF_CONDUCT.md

ext_mod

• Fetch dependencies from hex.pm when mix is available
• files_to_path is deprecated, use compile_to_path
• Compile all Elixir files in a library with one function call
• Improve error result when problem compiling elixir file
• Handle case when contrib module has no *.ex and no *.erl
• mix.exs: Include Elixir's Logger in the OTP release, useful for mod_libcluster

Logs

• Print message when starting ejabberd application fails
• Use error_logger when printing startup failure message
• Use proper format depending on the formatter (#4256)

SQL

• Add option update_sql_schema_timeout to allow schema update use longer timeouts
• Add ability to specify custom timeout for sql operations
• Allow to configure number of restart in sql_transaction()
• Make sql query in testsuite compatible with pg9.1
• In mysql.sql, fix update instructions for the archive table, origin_id column (#4259)

WebAdmin

• ejabberd.yml.example: Add api_permissions group for webadmin (#4249)
• Don't use host from url in webadmin, prefer host used for authentication
• Fix number of accounts shown in the online-users page
• Fix crash when viewing old shared roster groups (#4245)
• Support groupid with spaces when making shared roster result (#4245)

Full Changelog

24.06...24.07

ejabberd 24.07 download & feedback

As usual, the release is tagged in the Git source code repository on GitHub.

The source package and installers are available in ejabberd Downloads page. To check the *.asc signature files, see How to verify ProcessOne downloads integrity.

For convenience, there are alternative download locations like the ejabberd DEB/RPM Packages Repository and the GitHub Release / Tags.

The ecs container image is available in docker.io/ejabberd/ecs and ghcr.io/processone/ecs. The alternative ejabberd container image is available in ghcr.io/processone/ejabberd.

If you consider that you've found a bug, please search or fill a bug report on GitHub Issues.

24.06

Release notes copied from the original ejabberd 24.06 announcement post:

🚀 Introducing ejabberd 24.06: Deep Work Release!

This new ejabberd 24.06 includes four months of work, close to 200 commits, including several minor improvements in the core ejabberd, and a lot of improvements in the administrative parts of ejabberd, like the WebAdmin and new API commands.

Brief summary

• Webadmin rework
• Improved documentation
• Architecture and API improvements

If you upgrade ejabberd from a previous release, please review those changes:

• SQL Schema Changes
• Commands Changed in API v2
• WebAdmin Hook Changes

A more detailed explanation of those topics and other features:

Support for Erlang/OTP 27 and Elixir 1.17

ejabberd support for Erlang/OTP 27.0 has been improved. In this sense, when using Erlang/OTP 27, the jiffy dependency is not needed, as an equivalent feature is already included in OTP.

The lowest supported Erlang/OTP version continues being 20.0, and the recommendation is using 26.2, which is in fact the one included in the binary installers and container images.

Regarding Elixir, the new 1.17 works correctly. The lowest Elixir supported version is 1.10.3... but in order to benefit from all the ejabberd features, it is highly recommended to use Elixir 1.13.4 or higher with Erlang/OTP 23.0 or higher.

SQL schema changes

There are no changes in the SQL schemas in this release.

Notice that ejabberd can take care to update your MySQL, PostgreSQL and SQLite database schema if you enable the update_sql_schema toplevel option.

That feature was introduced for beta-testing in ejabberd 23.10 and announced in the blog post Automatic schema update in ejabberd.

Starting in this ejabberd 24.06, the update_sql_schema feature is considered stable and the option is enabled by default!

UNIX Socket Domain

The sql_server top-level option now accepts the path to a unix socket domain, expressed as "unix:/path/to/socket", as long as you are using mysql or pgsql in the option sql_type.

Commands changed in API v2

This ejabberd 24.06 release introduces ejabberd Commands API v2. You can continue using API v1; or if you want to update your API client to use APIv2, those are the commands that changed and you may need to update in your client:

Support for banning an account has been improved in API v2:

• ban_account stores the ban information in the account XML private storage, so that command requires mod_private to be enabled
• get_ban_details shows information about the account banning, if any.
• unban_account performs the reverse operation, getting the account to its previous status.

The result value of those two commands was modified to allow their usage in WebAdmin:

• kick_user instead of returning an integer, it returns a restuple.
• rooms_empty_destroy instead of returning a list of rooms that were destroyed, it returns a restuple.

As a side note, this command has been improved, but this change doesn't affect the API:

• join_cluster has been improved to work not only with the ejabberdctl command line script, but also with any other command frontend (mod_http_api, ejabberd_xmlrpc, ejabberd_web_admin, ...).

New commands

Several new commands have been added, specially useful to generate WebAdmin pages:

• get_roster_count
• get_master
• list_cluster_detailed
• srg_add
• srg_add_displayed
• srg_del_displayed
• srg_get_displayed
• srg_set_info
• join_cluster_here

Improved WebAdmin with commands usage

ejabberd already has around 200 commands to perform many administrative tasks, both to get information about the server and its status, and also to perform operations with side-effects. Those commands have its input and output parameters clearly described, and also documented.

This release includes a set of functions (make_command/2 and /4, make_command_raw_value/3, make_table/2 and /4) to use all those commands to generate HTML content in the ejabberd WebAdmin: instead of writing again erlang code to perform those operations and then write code to format it and display as HTML... let's have some frontend functions to call the command and generate the HTML content. With that new feature, writing content for WebAdmin is much easier if a command for that task already exists.

In this sense, most of the ejabberd WebAdmin pages have been rewritten to use the new make_command feature, many new pages are added using the existing commands. Also a few commands and pages are added to manage Shared Roster Groups.

WebAdmin commands permissions configuration

Most WebAdmin pages use commands to generate the content, and access to those commands can be restricted using the api_permissions toplevel option.

The default ejabberd.yml configuration file already defines "admin access" that allows access from loopback IP address and accounts in the admin ACL to execute all commands except stop and start. So, no changes are required in the default configuration file to use the upgrade WebAdmin pages.

Now ejabberd_web_admin is another valid command frontend that can be specified in the from section. You can define fine-grained restrictions for accounts in WebAdmin, for example:

api_permissions:
  "webadmin commands":
    from:
      - ejabberd_web_admin
    who: admin
    what:
      - "*"
      - "![tag:oauth]"

WebAdmin hook changes

There are several changes in WebAdmin hooks that now provide the whole HTTP request instead of only some of its elements.

You can update your code easily, see:

• webadmin_page_node: instead of Path, Query and Lang, gets Request

  -webadmin_page_node(Acc, Node, Path, Query, Lang) ->
  +webadmin_page_node(Acc, Node, #request{path = Path, q = Query, lang = Lang}) ->

• webadmin_page_hostnode: instead of Path, Query and Lang gets Request

  -webadmin_page_hostnode(Acc, Host, Node, Path, Query, Lang) ->
  +webadmin_page_hostnode(Acc, Host, Node, #request{path = Path, q = Query, lang = Lang}) ->

• webadmin_user: instead of just the Lang, gets the whole Request

  -webadmin_user(Acc, User, Server, Lang) ->
  +webadmin_user(Acc, User, Server, #request{lang = Lang}) ->

• webadmin_menu_hostuser: new hook added:

  +webadmin_menu_hostuser(Acc, Host, Username, Lang) ->

• webadmin_page_hostuser: new hook added:

  +webadmin_page_hostuser(Acc, Host, Username, Request) ->

internal command tag and any argument/result

During the development of the WebAdmin commands feature, it was noticed the necessity to define some commands that will be used by WebAdmin (or maybe also by other ejabberd code), but should NOT be accessed by command frontends (like ejabberdctl, mod_http_api, ejabberd_xmlrpc).

Such commands are identified because they have the internal tag.

Those commands can use any arbitrarily-formatted arguments/results, defined as any in the command.

Experimental make format and indent

If you use Emacs with erlang-mode, Vim with some Erlang indenter, VSCode, ... they indent erlang code more or less similarly, but sometimes have some minor differences.

The new make format uses rebar3_format to format and indent files, with those restrictions:

• Only formats a file if it contains a line with this string, and formats only starting in a line with @format-begin

• Formatting can be disabled later in the file by adding another line that contains @format-end

• Furthermore, it is later possible to enable formatting again in the same file, in case there is another piece of the file that should be automatically formatted.

Alternatively, the new...

24.02

Release notes copied from the original ejabberd 24.02 announcement post:

🚀 Introducing ejabberd 24.02: A Huge Release!

ejabberd 24.02 has just been release and well, this is a huge release with 200 commits and more in the libraries. We've packed this update with a plethora of new features, significant improvements, and essential bug fixes, all designed to supercharge your messaging infrastructure.

• 🌐 Matrix Federation Unleashed: Imagine seamlessly connecting with Matrix servers – it's now possible! ejabberd breaks new ground in cross-platform communication, fostering a more interconnected messaging universe. We have still some ground to cover and for that we are waiting for your feedback.
• 🔐 Cutting-Edge Security with TLS 1.3 & SASL2: In an era where security is paramount, ejabberd steps up its game. With support for TLS 1.3 and advanced SASL2 protocols, we increase the overall security for all platform users.
• 🚀 Performance Enhancements with Bind 2: Faster connection times, especially crucial for mobile network users, thanks to Bind 2 and other performance optimizations.
• 🔄 User gains better control over on their messages: The new support for XEP-0424: Message Retraction allows users to manage their message history and remove something they posted by mistake.
• 🔧 Optimized server pings by relying on an existing mechanism coming from XEP-0198
• 📈 Streamlined API Versioning: Our refined API versioning means smoother, more flexible integration for your applications.
• 🧩 Enhanced Elixir, Mix and Rebar3 Support

If you upgrade ejabberd from a previous release, please review those changes:

• Update the SQL schema
• Update API commands as explained below, or use API versioning
• Mix or Rebar3 used by default instead of Rebar to compile ejabberd
• Authentication workaround for Converse.js and Strophe.js

A more detailed explanation of those topics and other features:

Matrix federation

ejabberd is now able to federate with Matrix servers. Detailed instructions to setup Matrix federation with ejabberd will be detailed in another post.

Here is a quick summary of the configuration steps:

First, s2s must be enabled on ejabberd. Then define a listener that uses mod_matrix_gw:

listen:
  -
    port: 8448
    module: ejabberd_http
    tls: true
    certfile: "/opt/ejabberd/conf/server.pem"
    request_handlers:
      "/_matrix": mod_matrix_gw

And add mod_matrix_gw in your modules:

modules:
  mod_matrix_gw:
    matrix_domain: "domain.com"
    key_name: "somename"
    key: "yourkeyinbase64"

Support TLS 1.3, Bind 2, SASL2

• RFC 9266 Channel Bindings for TLS 1.3: This enhances security and reliability.
• XEP-0386: Bind 2: This is going to reduce the connection time for clients. This is especially important if you are using XMPP to connect from a mobile network.
• XEP-0388: Extensible SASL Profile - SASL2
• XEP-0440: SASL Channel-Binding Type Capability: These updates are aimed at bolstering our authentication mechanisms.
• XEP-0474: SASL SCRAM Downgrade Protection

Support for XEP-0424 Message Retraction

With the new support for XEP-0424: Message Retraction, users of MAM message archiving can control their message archiving, with the ability to ask for deletion.

Support for XEP-0198 pings

If stream management is enabled, let mod_ping trigger XEP-0198 <r/>equests rather than sending XEP-0199 pings. This avoids the overhead of the ping IQ stanzas, which, if stream management is enabled, are accompanied by XEP-0198 elements anyway.

Update the SQL schema

The table archive has a text column named origin_id (see commit 975681). You have two methods to update the SQL schema of your existing database:

If using MySQL or PosgreSQL, you can enable the option update_sql_schema and ejabberd will take care to update the SQL schema when needed: add in your ejabberd configuration file the line update_sql_schema: true

If you are using other database, or prefer to update manually the SQL schema:

• MySQL default schema:

ALTER TABLE archive ADD COLUMN origin_id varchar(191) NOT NULL DEFAULT '';
ALTER TABLE archive ALTER COLUMN origin_id DROP DEFAULT;
CREATE INDEX i_archive_username_origin_id USING BTREE ON archive(username(191), origin_id(191));

• MySQL new schema:

ALTER TABLE archive ADD COLUMN origin_id varchar(191) NOT NULL DEFAULT '';
ALTER TABLE archive ALTER COLUMN origin_id DROP DEFAULT;
CREATE INDEX i_archive_sh_username_origin_id USING BTREE ON archive(server_host(191), username(191), origin_id(191));

• PostgreSQL default schema:

ALTER TABLE archive ADD COLUMN origin_id text NOT NULL DEFAULT '';
ALTER TABLE archive ALTER COLUMN origin_id DROP DEFAULT;
CREATE INDEX i_archive_username_origin_id ON archive USING btree (username, origin_id);

• PostgreSQL new schema:

ALTER TABLE archive ADD COLUMN origin_id text NOT NULL DEFAULT '';
ALTER TABLE archive ALTER COLUMN origin_id DROP DEFAULT;
CREATE INDEX i_archive_sh_username_origin_id ON archive USING btree (server_host, username, origin_id);

• MSSQL default schema:

ALTER TABLE [dbo].[archive] ADD [origin_id] VARCHAR (250) NOT NULL;
CREATE INDEX [archive_username_origin_id] ON [archive] (username, origin_id)
WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

• MSSQL new schema:

ALTER TABLE [dbo].[archive] ADD [origin_id] VARCHAR (250) NOT NULL;
CREATE INDEX [archive_sh_username_origin_id] ON [archive] (server_host, username, origin_id)
WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);

• SQLite default schema:

ALTER TABLE archive ADD COLUMN origin_id text NOT NULL DEFAULT '';
CREATE INDEX i_archive_username_origin_id ON archive (username, origin_id);

• SQLite new schema:

ALTER TABLE archive ADD COLUMN origin_id text NOT NULL DEFAULT '';
CREATE INDEX i_archive_sh_username_origin_id ON archive (server_host, username, origin_id);

Authentication workaround for Converse.js and Strophe.js

This ejabberd release includes support for XEP-0474: SASL SCRAM Downgrade Protection, and some clients may not support it correctly yet.

If you are using Converse.js 10.1.6 or older, Movim 0.23 Kojima or older, or any other client based in Strophe.js v1.6.2 or older, you may notice that they cannot authenticate correctly to ejabberd.

To solve that problem, either update to newer versions of those programs (if they exist), or you can enable temporarily the option disable_sasl_scram_downgrade_protection in the ejabberd configuration file ejabberd.yml like this:

disable_sasl_scram_downgrade_protection: true

Support for API versioning

Until now, when a new ejabberd release changed some API command (an argument renamed, a result in a different format...), then you had to update your API client to the new API at the same time that you updated ejabberd.

Now the ejabberd API commands can have different versions, by default the most recent one is used, and the API client can specify the API version it supports.

In fact, this feature was implemented seven years ago, included in ejabberd 16.04, documented in ejabberd Docs: API Versioning... but it was never actually used!

This ejabberd release includes many fixes to get API versioning up to date, and it starts being used by several commands.

Let's say that ejabberd 23.10 implemented API version 0, and this ejabberd 24.02 adds API version 1. You may want to update your API client to use the new API version 1... or you can continue using API version 0 and delay API update a few weeks or months.

To continue using API version 0:

• if using ejabberdctl, use the switch --version 0. For example: ejabberdctl --version 0 get_roster admin localhost
• if using mod_http_api, in ejabberd configuration file add v0 to the request_handlers path. For example: /api/v0: mod_http_api

Check the details in ejabberd Docs: API Versioning.

ejabberd commands API version 1

When you want to update your API client to support ejabberd API version 1, those are the changes to take into account:

• Commands with list arguments
• mod_http_api does not name integer and string results
• ejabberdctl with list arguments
  -...

23.10

Release notes copied from the original ejabberd 23.10 announcement post:

A new ejabberd release, ejabberd 23.10, is now published with more than 150 commits since the previous 23.04. It includes many new features and improvements, and also many more bugfixes.

• Support for XEP-0402: PEP Native Bookmarks
• Support for XEP-0421: Occupant Id
• Many new options and features

A more detailed explanation of improvements and features:

Added support for XEP-0402: PEP Native Bookmarks

XEP-0402: PEP Native Bookmarks describes how to keep a list of chatroom bookmarks as PEP nodes on the PubSub service. That's an improvement over XEP-0048: Bookmark Storage which described how to store in a single Private XML Storage or a single PEP node.

mod_private now supports the bookmark conversion described in XEP-0402:
ejabberd synchronizes XEP-0402 bookmarks, private storage bookmarks and XEP-0048 bookmarks.

In this sense, the bookmarks_to_pep command performs an initial synchronization of bookmarks, getting bookmarks from Private XML Storage and stores them in PEP nodes as described both in XEP-0048 and XEP-0402.

New mod_muc_occupantid module with support for XEP-0421: Occupant Id

XEP-0421: Anonymous unique occupant identifiers for MUCs is useful in anonymous MUC rooms, message correction and message retractions. Right now the only client found to support XEP-0421 is Dino, since version 0.4.

ejabberd now implements XEP-0421 0.1.0 in mod_muc_occupantid. The module is quite simple and has no configurable options: just enabled it in the modules section in your ejabberd.yml configuration file and restart ejabberd or reload_config.

New option auth_external_user_exists_check

The new option auth_external_user_exists_check makes user_check hook work better with authentication methods that don't have a way to determine if user exists. This happens, for example, in the case of jwt and cert based authentication. As result, enabling this option improves mod_offline and mod_mam handling of offline messages to those users. This reuses information stored by mod_last for this purpose.

Improved offline messages handling when using authentication methods without users lists

Authentication methods that manage users list outside of ejabberd, like for example JWT token or tls certificate authentication, had issue with processing of offline messages. Those methods didn't have a way to tell if given user existed when user was not logged in, and that did block processing of offline messages, which were only performed for users that we know did exists. This release adds code that also consults data stored by mod_last for that purpose, and it should fix offline messages for users that were logged at least once before.

Changes in get_roster command

There are some changes in the result output of the get_roster command defined in mod_admin_extra:

• ask is renamed to pending
• group is renamed to groups
• the new groups is a list with all the group names
• a contact that is in several groups is now listed only once, and the groups are properly listed.

For example, let's say that admin@localhost has two contacts: a contact is present in two groups (group1 and group2), the other contact is only present in a group (group3).

The old get_roster command in ejabberd 23.04 and previous versions was like:

$ ejabberdctl get_roster admin localhost
jan@localhost jan   none    subscribe       group1
jan@localhost jan   none    subscribe       group2
tom@localhost tom   none    subscribe       group3

The new get_roster command in ejabberd 23.XX and newer versions returns as result:

$ ejabberdctl get_roster admin localhost
jan@localhost jan   none    subscribe       group1;group2
tom@localhost tom   none    subscribe       group3

Notice that the ejabberdctl command-line tool since now will represent list elements in results separated with ;

New halt command

Until now there were two API commands to stop ejabberd:

• stop stops ejabberd gracefully, calling to stop each of its components (client sessions, modules, listeners, ...)
• stop_kindly first of all sends messages to all the online users and all the online MUC rooms, waits a few seconds, and then stops ejabberd gracefully.

Those comands are useful when there's an ejabberd running for many time, with many users connected, and you want to stop it.

A new command is now added: halt, which abruptly stops the ejabberd node, without taking care to close gracefully any of its components. It also returns error code 1. This command is useful if some problem is detected while ejabberd is starting.

For example, it is now used in the ecs and the ejabberd container images when CTL_ON_CREATE or CTL_ON_START were provided and failed to execute correctly. See docker-ejabberd#97 for details.

MySQL driver improvements

MySQL driver will now use prepared statements whenever possible, this should improve database load. This feature can be disabled with sql_prepared_statement: false.

We also added alternative implementation of upsert that doesn't use replace .. or insert ... on conflict update, as in some versions of MySQL this can lead to excessive deadlocks. We switch between implementations based on version but it's possible to override version check by having:

sql_flags:
  - mysql_alternative_upsert

inside config file.

New unix_socket listener option

When defining a listener, the port option can be a port number or a string in form "unix:/path/to/socket" to create and listen on a unix domain socket /path/to/socket.

The new unix_socket listener option allows to customize some options of that unix socket file.

The configurable options are:

• mode: which should be an octal
• owner: which should be an integer
• group: which should be an integer

Those values have no default: only when they are set, they are changed.

Example configuration:

listen:
  -
    port: "unix://tmp/asd/socket"
    unix_socket:
      mode: '0775'
      owner: 117
      group: 135

New install_contrib_modules top-level option

The new install_contrib_modules top-level option lets you declare a list of modules from ejabberd-contrib that will be installed automatically by ejabberd when it is being started. This option is read during ejabberd start or configuration reload.

This option is equivalent to installing the module manually with the command ejabberdctl module_install whatever. It is useful when deploying ejabberd automatically with a configuration file that mentions a contrib module.

For example, let's enable and configure some modules from ejabberd-contrib, and use the new option to ensure they get installed, all of this the very first time ejabberd runs. Extract from ejabberd.yml:

...

install_contrib_modules:
  - mod_statsdx
  - mod_webadmin_config

modules:
  mod_statsdx:
    hooks: true
  mod_webadmin_config: {}
  ...

The ejabberd.log file will show something like:

2023-09-25 15:32:40.282446+02:00 [info] Loading configuration from _build/relive/conf/ejabberd.yml
Module mod_statsdx has been installed and started.
The mod_statsdx configuration in your ejabberd.yml is used.
Module mod_webadmin_config has been installed and started.
The mod_webadmin_config configuration in your ejabberd.yml is used.
2023-09-25 15:32:42.201199+02:00 [info] Configuration loaded successfully

...
2023-09-25 15:32:43.163099+02:00 [info] ejabberd 23.04.115 is started in the node ejabberd@localhost in 3.15s
2023-09-25 15:32:47.069875+02:00 [info] Reloading configuration from _build/relive/conf/ejabberd.yml
2023-09-25 15:32:47.100917+02:00 [info] Configuration reloaded successfully

New notify_on option in mod_push

mod_push has a new option: notify_on, which possible values:

• all: generate a notification on any kind of XMPP stanzas. This is the default value.
• messages: notifications are only triggered for actual chat messages with a body text (or some encrypted payload).

Add support to register nick in a room

A nick can be registered ...

23.04

Release notes copied from the original ejabberd 23.04 announcement post:

This new ejabberd 23.04 release includes many improvements and bug fixes, and also a few new features.

• Many improvements in SQL databases
• mod_mam supports XEP-0425: Message Moderation
• New mod_muc_rtbl, Real-Time Block List for MUC rooms
• Binaries use Erlang/OTP 25.3, and changes in containers

A more detailed explanation of those topics and other features:

Many improvements in SQL databases

There are many improvements in the SQL databases field (see #3980 and #3982):

• Added support to migrate MySQL and MS SQL to new schema, fixed a long standing bug, and many other improvements.
• Regarding MS SQL, there are schema fixes, added support to new schema, and the corresponding schema migration, along other minor improvements and bugfixes.
• The automated ejabberd testing now also runs tests on upgraded schema databases, and supports for running tests on MS SQL
• And also fixed other minor SQL schema inconsistencies, removed unnecessary indexes and changed PostgreSQL SERIAL to BIGSERIAL columns.

Please upgrade your existing SQL database, check the notes later in this document!

mod_mam supports XEP-0425: Message Moderation

XEP-0425: Message Moderation allows a Multi-User Chat (XEP-0045) moderator to moderate certain groupchat messages by, for example, retracting them from the groupchat history as part of an effort to address and remedy issues such as message spam, indecent language for the venue or exposing private third-party personal information. It also allows the moderators to correct a message on another user's behalf, or flag a message as inappropriate without requiring that it be retracted.

Clients that support this XEP right now are Gajim, Converse.js, Monocles, and have read-only support Poezio and XMPP Web.

New mod_muc_rtbl

This new module implements Real-Time Block List for MUC rooms. It works by observing remote pubsub node conforming with specification described in xmppbl.org.

captcha_url option now accepts auto value

In recent ejabberd releases, captcha_cmd got support for macros (in ejabberd 22.10) and support to use modules (in ejabberd 23.01).

Now captcha_url gets an improvement: if set to auto, it tries to detect the URL automatically considering the ejabberd configuration. This is now the default value. This should be good enough in most cases; but manually setting the URL may be required when using port forwarding or very specific setups.

Erlang/OTP 19.3 is discouraged

This is the last ejabberd release with support for Erlang/OTP 19.3. If not done already, please upgrade to Erlang/OTP 20.0 or newer before the next ejabberd release. Check more details in the ejabberd 22.10 release announcement.

Regarding the binary packages provided for ejabberd:

• The binary installers and container images now use Erlang/OTP 25.3 and Elixir 1.14.3
• The mix, ecs, and ejabberd container images now use Alpine 3.17
• The ejabberd container image now supports an alternate build method, useful to bypass a problem in QEMU and Erlang 25 when building the image for arm64 architecture

Erlang node name in ecs container image

The ecs container image is built using the files from docker-ejabberd/ecs, and published in docker.io/ejabberd/ecs. This image in general gets only minimal fixes, no major or breaking changes, but in this release it got a change that will require the administrator intervention.

The Erlang node name is now by default fixed to ejabberd@localhost, instead of being variably set by the container host name. If you previously allowed ejabberd to decide its node name (which was random), then it will now create a new mnesia database instead of using the previous one:

$ docker exec -it ejabberd ls /home/ejabberd/database/
ejabberd@1ca968a0301a
ejabberd@localhost
...

A simple solution is to create the container providing ERLANG_NODE_ARG with the old erlang node name, for example:

docker run ... -e ERLANG_NODE_ARG=ejabberd@1ca968a0301a

or in docker-compose.yml

version: '3.7'
services:
  main:
    image: ejabberd/ecs
    environment:
      - ERLANG_NODE_ARG=ejabberd@1ca968a0301a

Another solution is to change the mnesia node name in the mnesia spool files.

Other improvements in the ecs container image

In addition to the change in the default erlang node name mentioned previously, the ecs container image got other improvements:

• For every commit in the docker-ejabberd repository relevant to ecs and mix container images, those images are uploaded as artifacts, and available to download in the corresponding runs.
• When a new version is tagged in the docker-ejabberd repository, the image is automatically published in ghcr.io/processone/ecs, in addition to the manual publication in Docker Hub.
• There are new sections in ecs README file: Clustering and Clustering Example.

Documentation improvements

In addition to the normal improvements and fixes, two sections in the ejabberd Documentation are improved:

• Database Configuration -> Microsoft SQL Server
• ejabberd Test Suites
• CAPTCHA

Acknowledgments

We would like to thank the contributions to the source code, documentation, and translation provided for this release by:

• Stu Tomilson, many improvements in SQL
• Saarko, improvements in the containers, and updated the installers
• Silvério Santos for updating the Portuguese translation
• Blake Miller

And also for all the people helping to solve doubts and problems in the ejabberd chatroom and issue tracker.

SQL databases update

Those notes allow to apply the improvements in the SQL database schemas from this ejabberd release to your existing SQL database. Please take into account what database you use, and whether it is the default or the new schema.

PostgreSQL new schema:

Fix a long standing bug in new schema on PostgreSQL. The fix for any existing impacted installations is the same:

ALTER TABLE vcard_search DROP CONSTRAINT vcard_search_pkey;
ALTER TABLE vcard_search ADD PRIMARY KEY (server_host, lusername);

PosgreSQL default or new schema:

To convert columns to allow up to 2 billion rows in these tables. This conversion will require full table rebuilds, and will take a long time if tables already have lots of rows. Optional: this is not necessary if the tables are never likely to grow large.

ALTER TABLE archive ALTER COLUMN id TYPE BIGINT;
ALTER TABLE privacy_list ALTER COLUMN id TYPE BIGINT;
ALTER TABLE pubsub_node ALTER COLUMN nodeid TYPE BIGINT;
ALTER TABLE pubsub_state ALTER COLUMN stateid TYPE BIGINT;
ALTER TABLE spool ALTER COLUMN seq TYPE BIGINT;

PostgreSQL or SQLite default schema:

DROP INDEX i_rosteru_username;
DROP INDEX i_sr_user_jid;
DROP INDEX i_privacy_list_username;
DROP INDEX i_private_storage_username;
DROP INDEX i_muc_online_users_us;
DROP INDEX i_route_domain;
DROP INDEX i_mix_participant_chan_serv;
DROP INDEX i_mix_subscription_chan_serv_ud;
DROP INDEX i_mix_subscription_chan_serv;
DROP INDEX i_mix_pam_us;

PostgreSQL or SQLite new schema:

DROP INDEX i_rosteru_sh_username;
DROP INDEX i_sr_user_sh_jid;
DROP INDEX i_privacy_list_sh_username;
DROP INDEX i_private_storage_sh_username;
DROP INDEX i_muc_online_users_us;
DROP INDEX i_route_domain;
DROP INDEX i_mix_participant_chan_serv;
DROP INDEX i_mix_subscription_chan_serv_ud;
DROP INDEX i_mix_subscription_chan_serv;
DROP INDEX i_mix_pam_us;

And now add index that might be missing

In PostgreSQL:

CREATE INDEX i_push_session_sh_username_timestamp ON push_session USING btree (server_host, username, timestamp);

In SQLite:

CREATE INDEX i_push_session_sh_username_timestamp ON push_session (server_host, username, timestamp);

MySQL default schema:

ALTER TABLE rosterusers DROP INDEX i_rosteru_us...

23.01

Release notes copied from the original ejabberd 23.01 announcement post:

Almost three months after the previous release, ejabberd 23.01 includes many bug fixes, several improvements and some new features.

A new module, mod_mqtt_bridge, can be used to replicate changes to MQTT topics between local and remote servers.

A more detailed explanation of those topics and other features:

Erlang/OTP 19.3 discouraged

Remember that support for Erlang/OTP 19.3 is discouraged, and will be removed in a future release. Please upgrade to Erlang/OTP 20.0 or newer. Check more details in the ejabberd 22.10 release announcement.

New MQTT bridge

This new module allows to synchronize topic changes between local and remote servers. It can be configured to replicate local changes to remote server, or can subscribe to topics on remote server and update local copies when they change.

When connecting to a remote server you can use native or websocket encapsulated protocol, and you can connect using both v4 and v5 protocol. It can authenticate using username/password pair or with client TLS certificates.

New Hooks

Regarding MQTT support, there are several new hooks:

• mqtt_publish: New hook for MQTT publish event
• mqtt_subscribe and mqtt_unsubscribe: New hooks for MQTT subscribe & unsubscribe events

New option log_modules_fully

The loglevel top-level option specifies the verbosity of log files generated by ejabberd.

If you want some specific modules to log everything, independently from whatever value you have configured in loglevel, now you can use the new log_modules_fully option.

For example, if you are investigating some problem in ejabberd_sm and mod_client_state:

loglevel: warning
log_modules_fully: [ejabberd_sm, mod_client_state]

(This option works only on systems with erlang 22 or newer).

Changes in option outgoing_s2s_families

The outgoing_s2s_families top-level option specifies which address families to try, in what order.

The default value has now been changed to try IPv6 first, as servers are within datacenters where IPv6 is more commonly enabled (contrary to clients). And if it's not present, then it'll just fall back to IPv4.

By the way, this option is obsolete and irrelevant when using ejabberd 23.01 and Erlang/OTP 22, or newer versions of them.

Changes in option captcha_cmd

The captcha_cmd top-level option specifies the full path to a script that can generate a CAPTCHA image. Now this option may specify an erlang module name, which should implement a function to generate a CAPTCHA image.

ejabberd does not include any such module, but there are two available in the ejabberd-contrib repository that you can install and try: mod_ecaptcha and mod_captcha_rust.

DOAP file

The protocols implemented or supported by ejabberd are defined in the corresponding source code modules since ejabberd 15.06. Until now, only the XEP number and supported version were tracked. Since now, it's possible to document what ejabberd version first implemented it, the implementation status and an arbitrary comment.

That information until now was only used by the script tools/check_xep_versions.sh. A new script is added, tools/generate-doap.sh, to generate a DOAP file with that information. A new target is added to Makefile: make doap.

And that DOAP file is now published as ejabberd.doap in the git repository. That file is read by the XMPP.org website to show ejabberd's protocols, see XMPP Servers: ejabberd.

VSCode

Support for Visual Studio Code and variants is vastly improved. Thanks to the Erlang LS VSCode extension, the ejabberd git repository includes support for developing, compiling and debugging ejabberd with Visual Studio Code, VSCodium, Coder's code-server and Github Codespaces.

See more details in the ejabberd Docs: VSCode page.

ChangeLog

General

• Add misc:uri_parse/2 to allow declaring default ports for protocols
• CAPTCHA: Add support to define module instead of path to script
• Clustering: Handle mnesia_system_event mnesia_up when other node joins this (#3842)
• ConverseJS: Don't set i18n option because Converse enforces it instead of browser lang (#3951)
• ConverseJS: Try to redirect access to files mod_conversejs to CDN when there is no local copies
• ext_mod: compile C files and install them in ejabberd's priv
• ext_mod: Support to get module status from Elixir modules
• make-binaries: reduce log output
• make-binaries: Bump zlib version to 1.2.13
• MUC: Don't store mucsub presence events in offline storage
• MUC: hibernation_time is not an option worth storing in room state (#3946)
• Multicast: Jid format when multicastc was cached (#3950)
• mysql: Pass ssl options to mysql driver
• pgsql: Do not set standard_conforming_strings to off (#3944)
• OAuth: Accept jid as a HTTP URL query argument
• OAuth: Handle when client is not identified
• PubSub: Expose the pubsub#type field in disco#info query to the node (#3914)
• Translations: Update German translation

Admin

• api_permissions: Fix option crash when doesn't have who: section
• log_modules_fully: New option to list modules that will log everything
• outgoing_s2s_families: Changed option's default to IPv6, and fall back to IPv4
• Fix bash completion when using Relive or other install methods
• Fix portability issue with some shells (#3970)
• Allow admin command to subscribe new users to members_only rooms
• Use alternative split/2 function that works with Erlang/OTP as old as 19.3
• Silent warning in OTP24 about not specified cacerts in SQL connections
• Fix compilation warnings with Elixir 1.14

DOAP

• Support extended -protocol erlang attribute
• Add extended RFCs and XEP details to some protocol attributes
• tools/generate-doap.sh: New script to generate DOAP file, add make doap (#3915)
• ejabberd.doap: New DOAP file describing ejabberd supported protocols

MQTT

• Add MQTT bridge module
• Add support for certificate authentication in MQTT bridge
• Implement reload in MQTT bridge
• Add support for websockets to MQTT bridge
• Recognize ws5/wss5 urls in MQTT bridge
• mqtt_publish: New hook for MQTT publish event
• mqtt_(un)subscribe: New hooks for MQTT subscribe & unsubscribe events

VSCode

• Improve .devcontainer to use use devcontainer image and .vscode
• Add .vscode files to instruct VSCode how to run ejabberd
• Add Erlang LS default configuration
• Add Elvis default configuration

Full Changelog

22.10...23.01

ejabberd 23.01 download & feedback

As usual, the release is tagged in the Git source code repository on GitHub.

The source package and installers are available in ejabberd Downloads page. To check the *.asc signature files, see How to verify ProcessOne downloads integrity.

For convenience, there are alternative download locations like the ejabberd DEB/RPM Packages Repository and the GitHub Release / Tags.

The Docker image is in Docker Hub, and there's an alternative Container image in GitHub Packages.

If you suspect that you've found a bug, please search or fill a bug report on GitHub Issues.

22.10

Release notes copied from the original ejabberd 22.10 announcement post:

This ejabberd 22.10 release includes six months of work, over 140 commits, including relevant improvements in MIX, MUC, SQL, and installers, and bug fixes as usual.

This version brings support for latest MIX protocol version, and significantly improves detection and recovery of SQL connection issues.

There are no breaking changes in SQL schemas, configuration, or commands API. If you develop an ejabberd module, notice two hooks have changed: muc_subscribed and muc_unsubscribed.

A more detailed explanation of those topics and other features:

Erlang/OTP 19.3

You may remember than in the previous ejabberd release, ejabberd 22.05, support for Erlang/OTP 25 was introduced, even if 24.3 is still recommended for stable deployments.

It is expected that around April 2023, GitHub Actions will remove Ubuntu 18 and it will not be possible to run automatic tests for ejabberd using Erlang 19.3, the lowest possible will be Erlang 20.0.

For that reason, the planned schedule is:

• ejabberd 22.10
  • Usage of Erlang 19.3 is discouraged
  • Anybody still using Erlang 19.3 is encouraged to upgrade to 24.3, or at least 20.0
• ejabberd 23.05 (or later)
  • Support for Erlang 19.3 is deprecated
  • Erlang requirement softly increased in `configure.ac`
  • Announce: no warranty ejabberd can compile, start or pass the Common Tests suite using Erlang 19.3
  • Provide instructions for anybody to manually re-enable it and run the tests
• ejabberd 23.xx+1 (or later)
  • Support for Erlang 19.3 is removed completely in the source code

New log_burst_limit_* options

Two options were added in #3865 to configure logging limits in case of high traffic:

• log_burst_limit_window_time defines the time period to rate-limit log messages by.

• log_burst_limit_count defines the number of messages to accept in that time period before starting to drop them.

Support ERL_DIST_PORT option to work without epmd

The option ERL_DIST_PORT is added to ejabberdctl.cfg, disabled by default.

When this option is set to a port number, the Erlang node will not start epmd and will not listen in a range of ports for erlang connections (typically used for ejabberdctl and for clustering). Instead, the erlang node will simply listen in the configured port number.

Please note:

• Erlang/OTP 23.1 or higher is required to use ERL_DIST_PORT
• make relive doesn't support ERL_DIST_PORT, neither rebar3 nor elixir
• To start several ejabberd nodes in the same machine, configure a different port in each node

Support version macros in captcha_cmd option

Support for the @VERSION@ and @SEMVER@ macros was added to the captcha_cmd option in #3835.

Those macros are useful because the example captcha scripts are copied in a path like ejabberd-VERSION/priv/bin that depends on the ejabberd version number and changes for each release. Also, depending on the install method (rebar3 or Elixir's mix), that VERSION may be in XX.YY or in SEMVER format (respectively).

Now, it's possible to configure like this:

captcha_cmd: /opt/ejabberd-@VERSION@/lib/ejabberd-@SEMVER@/priv/bin/captcha.sh

Hook Changes

Two hooks have changed: muc_subscribed and muc_unsubscribed. Now they get the packet and room state, and can modify the sent packets. If you write source code that adds functions to those hooks, please notice that previously they were ran like:

ejabberd_hooks:run(muc_subscribed, ServerHost, [ServerHost, Room, Host, BareJID]);

and now they are ran like this:

{Packet2a, Packet2b} = ejabberd_hooks:run_fold(muc_subscribed, ServerHost, {Packet1a, Packet1b},
[ServerHost, Room, Host, BareJID, StateData]),

being Packet1b a copy of Packet1a without the jid attribute in the muc_subscribe element.

Translations Updates

Several translations were improved: Ukrainian, Chinese (Simplified), French, German, Russian, Portuguese (Brazil), Spanish and Catalan. Thanks to all this people that contribute in ejabberd at Weblate!

WebAdmin page for external modules

A new page is added in ejabberd's WebAdmin to view available external modules, update their source code, install, upgrade and remove them. All this is equivalent to what was already available using API commands from the modules tag.

Many modules in the ejabberd-contrib git repository have been improved, and their documentation updated. Additionally, those modules are now automatically tested, at least compilation, installation and static code analysis.

Documentation Improvements

In addition to the normal improvements and fixes, two sections in the ejabberd Documentation are greatly improved:

• ejabberd for Elixir Developers
• Getting Started with MIX

ChangeLog

General

• Add log_burst_limit_* options (#3865)
• Support ERL_DIST_PORT option to work without epmd
• Auth JWT: Catch all errors from jose_jwt:verify and log debugging details (#3890)
• CAPTCHA: Support @VERSION@ and @SEMVER@ in captcha_cmd option (#3835)
• HTTP: Fix unix socket support (#3894)
• HTTP: Handle invalid values in X-Forwarded-For header more gracefuly
• Listeners: Let module take over socket
• Listeners: Don't register listeners that failed to start in config reload
• mod_admin_extra: Handle empty roster group names
• mod_conversejs: Fix crash when mod_register not enabled (#3824)
• mod_host_meta: Complain at start if listener is not encrypted
• mod_ping: Fix regression on stop_ping in clustering context (#3817)
• mod_pubsub: Don't crash on command failures
• mod_shared_roster: Fix cache invalidation
• mod_shared_roster_ldap: Update roster_get hook to use #roster_item{}
• prosody2ejabberd: Fix parsing of scram password from prosody

MIX

• Fix MIX's filter_nodes
• Return user jid on join
• mod_mix_pam: Add new MIX namespaces to disco features
• mod_mix_pam: Add handling of IQs with newer MIX namespaces
• mod_mix_pam: Do roster pushes on join/leave
• mod_mix_pam: Parse sub elements of the mix join remote result
• mod_mix_pam: Provide MIX channels as roster entries via hook
• mod_mix_pam: Display joined channels on webadmin page
• mod_mix_pam: Adapt to renaming of participant-id from mix_roster_channel record
• mod_roster: Change hook type from #roster{} to #roster_item{}
• mod_roster: Respect MIX `` setting
• mod_roster: Adapt to change of mix_annotate type to boolean in roster_query
• mod_shared_roster: Fix wrong hook type #roster{} (now #roster_item{})

MUC:

• Store role, and use it when joining a moderated room (#3330)
• Don't persist none role (#3330)
• Allow MUC service admins to bypass max_user_conferences limitation
• Show allow_query_users room option in disco info (#3830)
• Don't set affiliation to none if it's already none in mod_muc_room:process_item_change/3
• Fix mucsub unsubscribe notification payload to have muc_unsubcribe in it
• Allow muc_{un}subscribe hooks to modify sent packets
• Pass room state to muc_{un}subscribed hook
• The archive_msg export fun requires MUC Service for room archives
• Export mod_muc_admin:get_room_pid/2
• Export function for getting room diagnostics

SQL

• Handle errors reported from begin/commit inside transaction
• Make connection close errors bubble up from inside sql transaction
• Make first sql reconnect wait shorter time
• React to sql driver process exit earlier
• Skip connection exit message when we triggered reconnection
• Add syntax_tools to applications, required when using ejabberd_sql_pt (#3869)
• Fix mam delete_old_messages_batch for sql backend
• Use INSERT ... ON DUPLICATE KEY UPDATE for upsert on mysql
• Update mysql library
• Catch mysql connection being close earlier

Compile

• make all: Generate start scripts here, not in make install (#3821)
• make clean: Improve this and "distclean"
• make deps: Ensure deps configuration is ran when getting deps (#3823)
• make help: Update with recent changes
• make install: Don't leak DESTDIR in files copied by 'make install'
• make options: Fix error rep...

22.05

A new ejabberd release is finally here! ejabberd 22.05 includes five months of work, 200 commits, including many improvements (MQTT, MUC, PubSub, ...) and bug fixes.

• Improved MQTT, MUC, and ConverseJS integration
• New installers and container
• Support Erlang/OTP 25

When upgrading from the previous version please notice: there are minor changes in SQL schemas, the included rebar and rebar3 binaries require Erlang/OTP 22 or higher, and make rel uses different paths. There are no breaking changes in configuration, and only one change in commands API.

A more detailed explanation of those topics and other features:

New Indexes in SQL for MUC

Two new indexes were added to optimize MUC. Those indexes can be added in the database before upgrading to 22.05, that will not affect older versions.

To update an existing database, depending on the schema used to create it:

• MySQL (mysql.sql or mysql.new.sql):

CREATE INDEX i_muc_room_host_created_at ON muc_room(host(75), created_at);
CREATE INDEX i_muc_room_subscribers_jid USING BTREE ON muc_room_subscribers(jid);

• PostgreSQL (pg.sql or pg.new.sql):

CREATE INDEX i_muc_room_host_created_at ON muc_room USING btree (host, created_at);
CREATE INDEX i_muc_room_subscribers_jid ON muc_room_subscribers USING btree (jid);

• SQLite (lite.sql or lite.new.sql):

CREATE INDEX i_muc_room_host_created_at ON muc_room (host, created_at);
CREATE INDEX i_muc_room_subscribers_jid ON muc_room_subscribers(jid);

• MS SQL (mssql.sql):

CREATE INDEX [muc_room_host_created_at] ON [muc_registered] (host, nick)
    WITH (PAD_INDEX = OFF, STATISTICS_NORECOMPUTE = OFF, ALLOW_ROW_LOCKS = ON, ALLOW_PAGE_LOCKS = ON);
CREATE INDEX [muc_room_subscribers_jid] ON [muc_room_subscribers] (jid);

Fixes in PostgreSQL New Schema

If you moved your PostgreSQL database from old to new schema using mod_admin_update_sql or the update_sql API command, be aware that those methods forgot to perform some updates.

To fix an existing PostgreSQL database schema, apply those changes manually:

ALTER TABLE archive DROP CONSTRAINT i_archive_sh_peer;
ALTER TABLE archive DROP CONSTRAINT i_archive_sh_bare_peer;
CREATE INDEX i_archive_sh_username_peer ON archive USING btree (server_host, username, peer);
CREATE INDEX i_archive_sh_username_bare_peer ON archive USING btree (server_host, username, bare_peer);

DROP TABLE carboncopy;

ALTER TABLE push_session DROP CONSTRAINT i_push_session_susn;
CREATE UNIQUE INDEX i_push_session_susn ON push_session USING btree (server_host, username, service, node);

ALTER TABLE mix_pam DROP CONSTRAINT i_mix_pam;
ALTER TABLE mix_pam DROP CONSTRAINT i_mix_pam_us;
CREATE UNIQUE INDEX i_mix_pam ON mix_pam (username, server_host, channel, service);
CREATE INDEX i_mix_pam_us ON mix_pam (username, server_host);

ALTER TABLE route DROP CONSTRAINT i_route;
CREATE UNIQUE INDEX i_route ON route USING btree (domain, server_host, node, pid);

ALTER TABLE mqtt_pub DROP CONSTRAINT i_mqtt_topic;
CREATE UNIQUE INDEX i_mqtt_topic_server ON mqtt_pub (topic, server_host);

API Changes

The oauth_revoke_token API command has changed its returned result. Check oauth_revoke_token documentation.

API Batch Alternatives

If you use the command delete_old_messages periodically and noticed it can bring your system to an undesirable state with high CPU and memory consumption...

Now you can use delete_old_messages_batch, which performs the operation in batches, by setting the number of messages to delete per batch and the desired rate of messages to delete per minute.

Two companion commands are added: delete_old_messages_status to check the status of the batch operation, and abort_delete_old_messages to abort the batch process.

There are also new equivalent commands to delete old MAM messages.

Erlang/OTP and Elixir

From now, Erlang/OTP 25 is supported. As that's a brand new version, for stable deployments you may prefer to use 24.3 or other lower version.

Notice that ejabberd can be compiled with Erlang as old as 19.3, but the rebar and rebar3 binaries included with ejabberd 22.05 require at least Erlang 22. This means that, to compile ejabberd 22.05 with those tools using an Erlang version between 19.3 and 21.3, you should get yourself a compatible rebar/rebar3 binary. If your operating system doesn't provide a suitable one, you can download the old ones: rebar from ejabberd 21.12 and rebar3 from ejabberd 21.12.

Regarding Elixir supported versions:

• Elixir 1.4 or higher is supported for compilation, but:
• Elixir 1.10 is required to build OTP releases (make rel and make dev)
• Elixir 1.11 is required to run make relive
• Elixir lower than 1.11.4 requires Erlang lower than 24 to build OTP releases

mod_conversejs

mod_conversejs was introduced in ejabberd 21.12 to serve a simple page for the Converse.js XMPP web browser client.

Several improvements in mod_conversejs now allow a simpler configuration, and more customization at the same time:

• The options now support the @HOST@ keyword
• The options now support auto, which uses local or remote Converse files
• The Converse's auth and register options are set based on ejabberd's configuration
• default_domain option now has @HOST@ as default value, not the first defined vhost
• conversejs_options: New option to setup additional options for Converse
• conversejs_resources: New option to serve converse.js files (no need to setup an additional web server)

For example, if you downloaded Converse, now you can setup WebSocket, mod_conversejs, and serve Converse without additional web server, in an encrypted port, as simple as:

listen:
  -
    port: 443
    module: ejabberd_http
    tls: true
    request_handlers:
      /websocket: ejabberd_http_ws
      /conversejs: mod_conversejs

modules:
  mod_conversejs:
    conversejs_resources: "/home/ejabberd/conversejs-9.0.0/package/dist"

With that configuration, Converse is available in https://localhost/conversejs

More details in the mod_conversejs documentation.

New Installers

For many years, the release of a new ejabberd source code package was accompanied with binary installers, built using InstallBuilder and CEAN, and available in the ProcessOne Downloads page.

Since this ejabberd 22.05, there are new installers that use a completely different build method:

• they are built using the tools provided in PR 3781
• they use the most recent stable dependencies
• they are available for linux/amd64 and linux/arm64 architectures
• they are built automatically using the Installers Workflow
• for stable releases, they are available for download in the ejabberd GitHub Releases
• they are built also for every commit in master branch, and available for download in the results of Installers Workflow
• if the installer is ran by root, it installs in /opt/ejabberd* and setups systemd service
• if ran by a regular user, it asks installation path

However, compared to the old installers, those new installers:

• do not ask for domain: now you must edit ejabberd.yml and set the hosts option
• do not register the first Jabber account and grant admin rights: you must do it yourself

Please give those new installers a try, and comment any problem, improvement or ideas.

New Container Image

In addition to the ejabberd/ecs Docker container image published in Docker Hub, there is a new container image published in ejabberd GitHub Packages.

Its usage is similar to the ejabberd/ecs image, with some benefits and changes worth noting:

• it's available for linux/amd64 and linux/arm64 architectures
• it's built also for master branch, in addition to the stable ejabberd releases
• it includes less customizations to the base ejabberd compared to ejabberd/ecs
• it stores data in /opt/ejabberd/ instead of /home/ejabberd/

See its documentation in CONTAINER.

If you used previous images from that GitHub Packages registry please note: until now they were identical to the ones in Docker Hub, but the new 22.05 image is slightly different: it stores data in /opt/ejabberd/ instead of /home/ejabberd/. You can update the paths to the container volumes in this new image, or switch to Docker Hub to continue using the old same images.

Source Code Package

Until now, the source code package available in the [ProcessOne Downloads...