mod_http_avatar: Fix displaying the fallback on Firefox

mod_invites_page: Move the JS script to its own file

mod_invites_page: Replace jQuery with vanilla.js in the HTML

mod_register_apps: Add Renga to the list of supported clients

mod_http_oauth2: Make defaults more secure This should be fine since we don't have a lot of clients to be backwards-compatible with.

mod_http_oauth2: Skip consent screen if requested by client and same scopes already granted This follows the intent behind the OpenID Connect 'prompt' parameter when it does not include the 'consent' keyword, that is the client wishes to skip the consent screen. If the user has already granted the exact same scopes to the exact same client in the past, then one can assume that they may grant it again.

mod_audit: Replace argument parsing debug print() with debug logging prosodyctl -v to view

mod_audit_register: Include hostpart with audit events here too mod_audit seems to expect this to be JIDs, not bare usernames.

mod_audit_auth: Include hostpart with audit events mod_audit seems to expect this to be JIDs, not bare usernames.

mod_audit: Fix storing IP prefixes Was essentially calling new_ip(new_ip())

mod_audit: Fix showing session details in module command The namespaced session element was not accounted for.

mod_audit: Also record human-readable name of country Nicer to show in graphs but less machine-usable Throw in continent in case that turns out to be useful one day

mod_audit: Fix recording location info The method :query_by_addr only works for IPv4, even if you open the IPv6 database, which is an odd API. It also returns a table, not a string.

mod_audit: Parse IP into util.ip object once and reuse Mostly for my own sanity

mod_audit: Pass IP address in string form Passing an util.ip object to :text_tag() would be an error.

mod_audit: Fix use of util.ip Yes, weirdly named 'new' function

mod_firewall: Add FROM COUNTRY condition based on GeoIP DB

mod_firewall: Tweak page outline Having 'Sender/recipient matching' under 'Stanza matching' makes more sense to me than the former being a top level item.

mod_aws_profile: Fix use of timer API

mod_auth_oauth_external: Enable experimental http connection pooling Connection pooling may provide a performance boost since it does a few requests per authentication.

mod_storage_s3: Enable connection pooling added in latest trunk Speed boost, something like a 30% improvement with http://localhost Small risk of failed requests due to limits on number of requests per connection or timeouts.

mod_storage_s3: Fix logging Seems request and response loggers is only a thing on http requests and responses from net.http.server, not net.http requests.

mod_storage_s3: Sort imports For pedantic reasons

mod_storage_s3: Implement archive store deletion Not the most efficient way but should work.

mod_storage_s3: Skip archive items matching on date but not full datetime Since it only encodes dates in paths, it would have returned items from outside the specified start..end range if they were from earlier or later in the same (UTC) day.

mod_storage_s3: Move request signing into a net.http hook

mod_client_management: Report on longest lived token when grant does not expire E.g. for mod_http_oauth2 where by default the grant itself is unlimited, while refresh tokens are issued with one week lifetime, but are renewed with each use.

mod_muc_members_json: Fix typo in example and set correct syntax highlighter

mod_muc_members_json: Expand example config and docs for clarity

mod_storage_appendmap: Include timestamps when appending data Meant to give some sense of when each piece of data was added, to aid in debugging changes or manual rollbacks.