Prosody 0.10.0 released

It's not 1st April, it's 2nd October. Which means the rumours you heard were true. Prosody 0.10.0 is released!

This is the first release of our 0.10 branch. All of our recent releases have been from our stable 0.9 branch, which has served us well since the initial release of 0.9.0 back in 2013.

However time marches on, and we have a long list of new features and modules that we want to share with you.

This release contains over 1500 new commits from many contributors, adding and modifying over 30,000 lines of code.

Features

Carbons

While it has been available in our community modules repository for some time, this release brings official support for Message Carbons (XEP-0280).

This feature allows multiple clients connected to the same account to see the same view of a conversation, making it easy to hop from device-to-device during an ongoing conversation and not worry about missing any messages.

Message Archive Management

Also becoming official is our support for XEP-0313: Message Archive Management.

Like Message Carbons, this feature allows clients to synchronize conversations. However thanks to the server-side archive, it also allows clients that have been offline to "catch up" on conversations that they might have missed. Combined with Message Carbons this provides a complete solution for "every message on every device", which is a key feature expected of modern communication platforms.

Our implementation is flexible, allowing configurable retention times and selecting whether you to store archives in memory, files, an SQL database or anything else that you care to plug into our modular storage API.

Security: Channel binding for SCRAM

Using technological cryptographical wizardry, this new authentication mechanism allows a client to verify that it is speaking to the correct server even if it doesn't recognise the TLS certificate. This is made possible via a feature in the SCRAM authentication protocol that forces the server to prove that it also knows the client's password.

Many thanks to Tobias Markmann for contributing this.

Built-in configuration checker

Prosody now has a very handy utility that attempts to identify common issues with your server setup. This includes checking your config file for syntax errors, but also checks your DNS, certificates and other aspects of your server are looking good.

It's a great first place to check if something isn't working the way you expect.

Metrics support

This release also adds built-in support for gathering metrics about the server operation. Although we've had some community modules capable of measuring various things in previous versions, they were limited by a lack of support in our core code.

The new API is a core part of Prosody, and although it is early days (many more metrics to be added in future releases), the basis is there and module developers are able to start using it today.

Currently the metrics can be aggregated internally, or sent externally to any statsd-compliant server. Other backends are possible via external libraries, for example we have a Datadog integration.

Simplified certificate handling

One of the trickiest parts of setting up a new XMPP service has been setting up certificates. Excluding certificate handling, setting up a new Prosody instance on a Debian/Ubuntu server is as simple as one command (apt install prosody) and editing one line in the config file (change "localhost" to your domain name). But obtaining and configuring the certificates, figuring out whether you need to add in an "intermediate" certificate or not, that was not so simple.

But thankfully new projects like Let's Encrypt and the ACME protocol are solving the problems associated with obtaining and managing certificates.

We have made similar progress in simplifying Prosody's certificate configuration as well. For example, if you use Let's Encrypt, you do not need to add any certificate configuration to Prosody's config file at all! A single command will automatically "import" new/updated certificates for the hosts in your Prosody config file, and instantly activate them in Prosody without a restart.

We expect this new feature to be usable by the large majority of setups. However for those who need a different configuration, the old "manual" method still works to give fine-grained control over the certificate configuration.

Everything you need to know about Prosody's certificate configuration can be found in our documentation.

Lua 5.2 support

Lua 5.2 was a major step in the language's evolution. It has been around for a while, but for a number of reasons (including a desire to stay compatible with LuaJIT), Prosody stuck with Lua 5.1 for a while. But it's time. This release adds initial support for running under Lua 5.2. There may still be some edge cases, so while we encourage people to use Lua 5.2 and report any issues, a stable production server may want to stick with Lua 5.1 for now.

Native websockets

This release also adds official support for websocket connections. Many web clients are already able to take advantage of this, connecting directly to Prosody from Javascript without needing to implement BOSH.

Many thanks to Florian Zeitz for the initial contribution of this module.

Other improvements

Finally, we've made countless other improvements and fixes in this branch. These include support for the newer and simpler, blocking protocol (mod_blocklist), and numerous improvements to our internal APIs for module developers to take advantage of.

Upgrading

If you are upgrading from a previous release, your life will be made easier by reading the release notes!

The Prosody 0.9.x series will continue to be maintained for major bug fixes until at least June 2018.

Download

As usual, download instructions for many platforms can be found on our download page

If you have any questions, comments or other issues with this release, let us know!