mod_cloud_notify_encrypted: Additional debug logging when enabling/skipping

mod_cloud_notify: Fix default extended timeout from 72 days -> 72 hours

mod_cloud_notify: Only delay hibernation timeout for push-enabled clients

mod_bookmarks2: Update README to reflect 0.12 release

mod_spam_reporting: Remove redundant rockspec dependency on mod_blocklist mod_blocklist is included in the same version that has the plugin installer

mod_sasl2: Further break up success handling, into pre/post stream:features This allows us to enable mod_smacks after sending success, but before sending stream:features. Previously, the features were being calculated before SM was finalized on the session. We can't finalize SM before sending <success> because it may generate stanzas.

mod_sasl2: Store client id if provided

mod_sasl2_bind2: Generate resource from client tag if provided This follows the updated advice in the latest XEP-0386 proposal.

mod_sasl2_bind2: Remove deprecated <jid> element from <bound> This is now communicated via SASL2's <authorization-identity> element.

mod_sasl2_bind2: Update xmlns to match latest XEP proposal (thanks Andrzej)

mod_sasl2, mod_sasl2_bind2: rename event.session -> .origin for consistency

mod_sasl2_bind2: Move <inline> into <bind> feature element This mirrors the equivalent change in SASL2.

mod_sasl2: Move <inline/> into <authentication> This is a small change we've agreed upon in the upcoming version of the XEP.

mod_sasl2: Fix missing namespace on failure condition (thanks tmolitor)

mod_invites_adhoc: Set non-nil defaults for options, fixes traceback (thanks Martin) Fixes an error when attempting to call the :empty() method on the default implicit default nil value.

mod_sasl2, mod_sasl_bind2, mod_sasl2_sm: Bump XEP-0388 namespace This is the namespace for the proposed update to XEP-0388. I.e. not even experimental yet... but this is all a work in progress anyway.

mod_sasl2: Hacky support for channel binding We should work out how to share this code properly between here and mod_saslauth.

mod_sasl2_bind2, mod_sasl2_sm: Move sasl2_sm_success to session ...to allow referencing it across multiple different events.

mod_sasl2_bind2: Indicate to the client when carbons has been enabled

mod_sasl2_sm: Fix event field name

mod_sasl2_sm: Fix typo

mod_sasl2_bind2: Fix event name

mod_sasl2_bind2: Use correct method to get text

mod_sasl2_bind2: Fix namespace (thanks Daniel)

mod_sasl2_sm: Integration with mod_sasl2_bind2

mod_sasl2_bind: Support for Bind 2.0 with SASL2 This is based on an experimental in-progress derivative of the current XEP-0386.

mod_sasl2: Add event for other modules to advertise inline features

mod_sasl2_sm: Use a stanza method that actually exists

mod_sasl2_sm: Experimental mod_isr alternative

mod_sasl2: Fix handling of various failure/error cases

mod_isr: XEP-0397: Instant Stream Resumption

mod_sasl2: Include additional-data in SASL success response

mod_watch_spam_reports: Fix traceback due to misplaced parenthesis (thanks Menel) Just like in 964de9997552

mod_sasl2: Eventually return true from success handler ...while allowing other handlers to run in the priority range -1000 to -2000.

mod_sasl2: Return true to indicate challenge was handled successfully

mod_sasl2: Fix <challenge> generation - We are just adding child text data, so the correct method is :text() - The data should be base64-encoded, but it was being sent raw

mod_sasl2: Return status from event handlers Without this, clients would get "unsupported-stanza-type" even on successfully handled responses.

mod_admin_blocklist: Add config option for which role(s) to consider (0.12+) Fixes that in trunk, a "prosody:operator" (formerly a global admin) is not considered a "prosody:admin", so those were not included in the set.

mod_admin_blocklist: Fix traceback due to misplaced parenthesis get_jids_with_role() throws an exception when 'host' is nil since Prosody trunk rev 7ca5645f46cd

mod_muc_ban_ip: Support for service-wide IP bans from trusted services

mod_register_apps: add monal iOS and macOS versions

mod_auth_imap: Remove unused variable [luacheck]

mod_auth_imap: Fix packaging Since this module consists of multiple files and the additional directory level, we need to tell luarocks which files correspond to what Lua modules names.

mod_muc_bot/README: Update to account for 0.12 going stable

mod_restrict_xmpp: Treat archive query as a read despite using iq-set XEP-0313 uses iq-set to initiate a query, but unlike many other uses of iq-set, this does not mutate anything on the server, so it should not be treated as a write request.

mod_restrict_xmpp: XMPP-layer access control using Prosody's permissions API

Merge role-auth

*/README: Update compatibility info of modules still using legacy is_admin API mod_admin_message mod_admin_probe mod_block_outgoing mod_broadcast mod_data_access mod_muc_config_restrict mod_muc_restrict_rooms

mod_http_oauth2: Update for new new role API

mod_http_admin_api: Update for new new role API

mod_isolate_host: Switch to module:may() (back compatible via compat_roles)

.luacheckrc: Update for module:may() & co.

mod_firewall: Update for role-auth (backwards compatible) Probably worth investigating mod_compat_roles in the future.

mod_rest: Update for mod_tokenauth API changes (backwards-compatible)

mod_invites_adhoc: Update for Prosody's new role API (backwards-compatible)

mod_http_xep227: Updates for new mod_tokenauth (trunk/0.13 only)

mod_http_oauth2: Updates for Prosody's new role API (backwards-compatible)

mod_http_admin_api: Updates for new role auth API in Prosody (trunk/0.13 only)

mod_cloud_notify: Rename field in event for clarity ('node' is ambiguous here) ...because the push protocol is based on XEP-0060, and the 'node' can mean the identifier communicated to the push service.

mod_sentry: Log warning when server returns unexpected response

mod_privilege: process entity IQs (credit to adx) and messages with a constructed entity session

mod_http_muc_log: Use stanza:find to save a few bytes Why don't we have a stanza:get_child_attr(name, namespace, attrname) ?

mod_http_muc_log: Use XEP-0421 ID over nickname for XEP-0308 This prevents someone else from joining with the same nickname as someone who left, and "correcting" their messages.

mod_http_muc_log: Use XEP-0359 ID if available Clients apparently prefer this over message@id for reasons. Only used internally to find items for message edits

mod_http_muc_log: Rename variable for improved clarity

mod_http_muc_log: Remove dead code This might be something left over since a different variant where the loop went like `for n = i-1, i-100, -1 do ... end` i.e. it went trough a fixed number of items instead of all the page until the current message. Then it would have needed something to stop going over the end, but since the checks are simple it shouldn't be much of a problem looping over even a very busy day.

mod_rest: Fill in 'type' field in error registry The 'type' defaults to "modify" in util.error, which doesn't quite fit many of these error conditions. LuaFormatter changed ',' to ';'

mod_http_muc_log: Link to replied-to message using XEP-0461: Message Replies

mod_http_muc_log: Mention relevant XEPs in comments

mod_rest: Add JSON mapping for XEP-0461: Message Replies

mod_compat_roles/README: Fix yaml syntax in metadata block

mod_compat_roles: New module providing compat shim for trunk's new role API The new role API is translated to is_admin() calls on older versions. On newer versions (which have the role API) this module does nothing. It allows modules to drop their use of is_admin() (which is not available in trunk) and switch to the new role API, while remaining compatible with previous Prosody versions.

mod_muc_badge: If room has no title use localpart of room's jid (fixes #1767) Without this patch Prosody shows an HTTP 500 error (Lua 5.1) or a "nil" label in the SVG badge (Lua 5.2) if room has no title set.

mod_s2s_smacks_timeout: Use mod_smacks to close stale s2s connections

replaced 'session' with 'origin' in push_disable session is not defined in this function, trying to access it leads to an error. The correct reference seems to be 'origin'. (This may have come about by copying from the similar code in process_stanza_queue.)

mod_default_bookmarks: Fix support for array of string config in bookmarks 2 part (thanks Menel)

mod_default_bookmarks: Bail on empty 'default_bookmarks' to fix traceback Ipairs fails on nil if the option is unset Thanks more666p0wer for reporting

mod_log_http: Undo mistake in 456b9f608fcf Where'd this "Add" come from?

various: Improve error reporting if missing file server module on 0.12 If there is some error loading net.http.files then it would be swallowed by the pcall and then it would proceed to trying mod_http_files, which might cause unexpected behavior on 0.12 Ref #1765

various: Use 0.12+ API for serving files from the file system over HTTP Using mod_http_files this way is deprecated. Having the base behavior in a separate module makes it easier to have a specialized module with coherent behavior that does not do things when not explicitly enabled.

mod_log_json: Prefer native Lua table.pack over Prosody util.table one Prosody is removing support for Lua 5.1, which was the reason for util.table.pack to exist in the first place, since Lua 5.2+ provides table.pack. In prosody rev 5eaf77114fdb everything was switched over to use table.pack, opening the door for removing util.table.pack at some point. This change here is to prepare for that future eventuality.

mod_http_muc_log: Improve accessibility with descriptive @title attrs Especially relevant here where the link text is just an icon

mod_http_muc_log: Move OOB style from attribute to <style> in header Allows stricter restrictions, i.e. Content-Security-Policy

luacheck: Update with changes from Prosody 0.12

mod_http_muc_log: Drop support for pre-0.11 MUC API The oldest supported Prosody branch is 0.11, therefore we can drop code for the MUC API of Prosody 0.10 and before. The module:shared("rooms") method was never even in a release...

mod_csi_battery_saver: Add support for urn:xmpp:jingle-message:1 (XEP-0353)

mod_cloud_notify: Compat for prosody 0.12

mod_firewall: README: Fix grammar and further improve wording

mod_firewall: README: Clarify when storage access can occur with roster checks

mod_firewall: README: Correct mention of 'JUMP_CHAIN' to 'JUMP CHAIN'

mod_ping_muc/README: Update Compatibility section for 0.12 going stable

mod_http_muc_log: Show XEP-0444 reactions

mod_muc_restrict_media: Don't apply restriction to affiliated users Looks like an oversight. Assuming that all truthy affiliations are valid, and that "outcast" would not reach this point anyway.

mod_pubsub_post/README: Update references to trunk with release numbers

mod_muc_ping: Remove since Prosody mod_muc 0.11+ covers this natively See trunk rev 7c1cdf5f9f83 and trunk rev 224e681c4db2

mod_rest: Add various things to openapi spec These are already in xmpp-schema.json

mod_rest: Add some descriptive details to schema

mod_profile: Obsolete. Remove. Redirect to mod_vcard_legacy

mod_http_admin_api: Update for 0.12 changes to mod_smacks

mod_rest: Provide a log function on temporary session Fixes traceback in places using session.log()

merge upstream

mod_delegation: use clean_xmlns to remove jabber:client namespace from node: for the same reason as in mod_privilege, `jabber:client` namespace is removed with the clean_xmlns method coming from there. Furthermore, the forwarded <iq> stanza use the `jabber:client` xmlns while the stanza may come from a component with e.g. `jabber:component:accept` xmlns, this can lead to inconsistencies between the <iq> stanza and children (like <error> element).

mod_rest: Add an example OAuth client (needs mod_http_oauth2)

mod_muc_occupant_id: Update Compatibility to mention being built-in in 0.12

mod_muc_auto_reserve_nicks: Force refresh of nickname (thanks phryk)

mod_rest: Add mapping of XEP-0380: Explicit Message Encryption Useful since OMEMO etc isn't mapped

mod_rest: Document /archive/ in openapi spec

mod_rest: Treat archive.ids as comma-separated to work in query string Can't easily put an array into a query string. Hope nobody puts commas into their archive ids.

mod_reload_modules: Be aware of component module (thanks Menel) Without this, the component module is seen as a module that is loaded but not configured, and is thus unloaded

mod_onions: Fix for bitop with Lua 5.4

mod_net_proxy: Fix for bitop with Lua 5.4

mod_rest: Fix attempt to index nil in handling of single iq response Fix handling of many responses, break handling of single response :(

mod_rest: Ensure MAM result-iq is included in results from remote hosts Needed for the same reason as the special message handling, the remote route does not pass our origin.send() here

mod_rest: Add special handling to catch MAM results from remote hosts Makes MAM queries to remote hosts works. As the comment says, MAM results from users' local archives or local MUCs are returned via origin.send() which is provided in the event and thus already worked. Results from remote hosts go via normal stanza routing and events, which need this extra handling to catch. This pattern of iq-set, message+, iq-result is generally limited to MAM. Closest similar thing might be MUC join, but to really handle that you would need the webhook callback mechanism.

mod_auth_dovecot: Fix compat with Lua 5.2+ move of unpack() (thanks Tom)

mod_auth_dovecot: Add luarocks metadata to make automatic packaging work This subdirectory is not handled by the luarocks packaging in module browser

upstream merge

mod_privilege: update to v0.4: - now the namespace "urn:xmpp:privilege:2" is exclusively used - IQ permission implementation - README update roster pushes are not implemented yet

mod_rest: Fix 'format' property in schema These are unused anyways so no harm.

mod_rest: Expand mapping of XEP-0045 join stanza The previous 'join' mapping was apparently lost in translation when swithing to datamapper, so might as well map some properties allowing history control. Usually you probably want either zero history or history since the last known time of being joined. Maybe that the former should be the default?