mod_client_management: Fail to revoke clients that have used passwords Return an error so the caller can take appropriate action, e.g. encouraging the user to change their password.

mod_client_management: Add support for revocation of clients (when possible) We decided to keep the unified listing of "clients", which includes both SASL2 clients and OAuth grants, etc. To a user, or someone wanting to manage what can access their account, they are largely equivalent. To accomplish this technically, we add a prefix to the id to state what type it really is.

mod_client_management: Include client type in XML response listing

mod_sasl2_fast: Add API method to revoke FAST tokens for a given client

mod_cloud_notify_filters: Fix traceback when invalid JIDs are submitted

mod_client_management: Add XMPP and shell interfaces to fetch client list

.luacheckrc: Add module.once

mod_audit: Add a command to print the audit log on the command-line

mod_audit: Support for adding location (GeoIP) to audit events This can be more privacy-friendly than logging full IP addresses, and also more informative to a user - IP addresses don't mean much to the average person, however if they see activity from outside their expected country, they can immediately identify suspicious activity. As with IPs, this field is configurable for deployments that would like to disable it. Location is also not logged when the geoip library is not available.

mod_isolate_host: potentially pedantic optimization By Zash.