mod_oidc_userinfo_vcard4: Unpack <vcard> from PubSub <item> Forgot about the <item>, so it was previously attempting to extract all properties from that instead of the inner <vcard>

mod_http_oauth2: Use new Lua pattern schema properties

mod_http_oauth2: Include additional OpenID scopes in metadata Drops fallback because this module probably doesn't work with Prosody before the role stuff anyway.

mod_http_oauth2: Validate (unused at this point) localized URIs Client registration may include keys of the form "some_uri#lang-code" pointing to alternate language versions of the various URIs. We don't use this yet but the same validation should apply.

mod_http_oauth2: Declare https as required of URIs in schema If util.jsonschema happens to gain support for 'pattern' (regular expression validation) then this would be picked up. Until then, declarative annotations are nice.

mod_http_oauth2: Enforce https requirement on TOS URI In create_client() it validates that all fields with format=uri are https and match the client_uri host.

mod_http_oauth2: Use new mod_cron API for periodic cleanup Less frequent but this isn't that important after all since, as the comment states, expired codes are not usable anyway. They're also not that large so memory usage probably doesn't matter.

mod_audit_status: Fix error on first start Fixes 'attempt to index a nil value' the first time this module is loaded, since there's no data yet.

mod_muc_rtbl: Use correct occupant object There is no 'occupant' property for this event.

mod_audit: Move underscore to avoid luacheck warning Underscore as prefix is taken as a signal that the variable is unused, but then it is used and luacheck makes noise about that.