Planet Jabber

February 19, 2018

JC Brand

A badge for linking to your XMPP chat

You've probably noticed the coloured badges at the top of project READMEs on Github and Gitlab.

These badges indicate various metrics about the project's current state and its supporting infrastructure.

For example, the README page for converse.js contains the following badge:

Bountysource bounties

It indicates how many open bounties there are for converse.js on Bountysource.

There are dozens such badges available nowadays, just take a look at

Some projects have badges that link to a chatroom, hosted by Gitter, Slack etc.

Converse.js, being an XMPP-based project, has its own XMPP chatroom at

So I created a badge for its README, which points to that chatroom and also indicates how many users are currently in it.

It looks like this:

Link to the Converse.js chatroom on

The Markdown syntax for showing the badge looks like this:

[![Link to XMPP chat](](

The target URL for this badge is, which means that it takes the user to and then once the user has logged in, the room will be opened.

To go to a different room, just specify a different JID (Jabber ID) in the URL parameters.

The image URL is

Here you specify the room JID with the room URL parameter.

The image is an SVG which is generated by a tiny Flask app, which includes a chatbot written with SleekXMPP that checks how many users are in a particular chatroom.

The code is open source, and hosted on Github at jcbrand/xmpp-chat-badge.

If you're using this badge for your project, I'd be happy to hear about it.

You can let me know in the converse.js XMPP chatroom at (or through the web with or by using this website's contact form.

February 19, 2018 12:30

February 16, 2018


ejabberd joins Google Summer of Code 2018

Each year since 2015 ejabberd has joined other Erlang projects in the BEAM Community to invite student developers to Google Summer of Code (GSoC), a global program focused on bringing them into open source software development. Through this program, students have an opportunity to work with an open source organization on a 3 month programming project during their break from school.

This year is no different! ejabberd is offering five intriguing ideas to develop, and five expert ProcessOne mentors to help the participants. Next month, from March 12 until March 27, students can select an organization and a project they wish to work on during the summer – registration will be opened on the GSoC website.

In the meantime, we invite interested students to learn more about the ideas we propose to develop, and get ready for their GSoC applications.

Idea #1: Spam fighting with Blockchain

XMPP being a federated open protocol is subject to spam, using messages and contact addition requests. If it is easy to limit messages spam by blocking messages that are not sent by existing contacts in roster, contact additions spam is both quite inefficient for spammers but also very annoying for users and difficult to block.

By allowing servers to require a small blockchain payment to be attached to contact requests addition, it could be possible to make the cost of mass sending contact addition requests not cost effective to use for spammers.

Idea #2: Support for Things Discovery service in ejabberd

The first step in getting Internet of Things over XMPP to take off is to be able to register things. Implementing XMPP-IOT protocol would allow Things to be installed, configured and claimed by their owner.

Idea #3: Web UI administration improvements

ejabberd comes with a web console to manage the server. However, many administration features are only available from XMPP clients from users with admin rights or from ejabberdctl command-line tools. To spread the use of ejabberd as an easy to use corporate chat services, it is important to make it more manageable through a web browser.

Idea #4: XMPP and HTTP convergence

XMPP is a difficult protocol for a web developer. It is a connected, stateless protocol. However, it’s possible to map a lot of the operations, semantics of XMPP, on top of HTTP using traditional REST. A lot could be done to open up a whole new range of use cases of ejabberd to traditional web developers or to an environment where using XMPP directly is difficult.

Idea #5: MQTT to XMPP session

XMPP is used for many IoT project, as it provides federation and identity for objects, allowing message routing. However, for smaller objects, XMPP is too heavy to be embedded directly and run directly on the object. In those cases, MQTT is often a good choice.

The goal of this project is to provide a connector allowing small devices to connect to ejabberd using MQTT protocol.

by Marek Foss at February 16, 2018 11:22

February 13, 2018

Ignite Realtime Blog

Openfire 4.2.2 Release

@akrherz wrote:

The Ignite Realtime Community is pleased to announce the availability of Openfire 4.2.2. This release signifies our continued effort to provide a stable 4.2 series release while work continues on the next release of Openfire.

The changelog denotes the full listing of Jira issues addressed in this release.

Here is a listing of sha1sum values for the release binaries, which can be found on our download page.

a5912ecef9b217cfc8523a1511a4dbd246c85b79  openfire-4.2.2-1.i686.rpm
452d0cc9be6ac6ca1d48a7cb9eb179288cb188f9  openfire-4.2.2-1.noarch.rpm
81319bf1a2d7043fe8a268928b74d96726958ed9  openfire-4.2.2-1.x86_64.rpm
d0efd045551b889b34b545536dd35dda25731879  openfire_4.2.2_all.deb
adbbdb95d689363c23a3a4f99299a984ea5edb36  openfire_4_2_2_bundledJRE.exe
affa39ff5f8b7dac4fef4c0006fe7368d13d7b0b  openfire_4_2_2_bundledJRE_x64.exe
4dd17b0c63e90c7da95d6cc693529267a8c2c33e  openfire_4_2_2.dmg
3e52c491eecae1d59e60d595b70cb3ae619a3ac0  openfire_4_2_2.exe
740b1e50f736d85672c5ecbe77006a69d9019723  openfire_4_2_2.tar.gz
8ee27f266891cc323f3bd5382286dc80c70549d0  openfire_4_2_2_x64.exe
107b2c77ccf020d254d5343c215beeb06045d3d0  openfire_src_4_2_2.tar.gz

Please let us know of any troubles you find by either visiting our webchat or creating posts in our Discourse Openfire Dev Forum. Thanks for using Openfire!

Posts: 4

Participants: 3

Read full topic

by @akrherz daryl herzmann at February 13, 2018 17:43

February 12, 2018

Peter Saint-Andre

Aristotle Research Report #4: ἀρετή

I'm starting to see that Aristotle's conception of ἀρετή (which I translate as thriving but which is more commonly translated as excellence or virtue) describes a deliberate practice of good judgment, reasoned choice, and planned activity resulting in a balance between extremes of action and emotional reaction in a particular domain of human life....

February 12, 2018 00:00

Aristotelian Questions

My intent in writing a book on Aristotelian ethics is not to present exactly what Aristotle said (I'll leave that to scholars such as J.O. Urmson in his excellent epitome Aristotle's Ethics), but hopefully what he meant and even more pointedly what he means for us 2300+ years later. The goal is to present my own direct encounter with Aristotle, unmediated by millennia of often misguided scholarship and mistranslation. (Ironically, we need some scholarship to do that, so separating the wheat from the chaff is necessary.) Here are some of the questions I'll be trying answer:...

February 12, 2018 00:00

February 11, 2018

Christian Schudt

Experimenting with Entity Capabilities 2.0

Enthusiastic XMPP developers probably already know about the new XEP-0390: Entity Capabilities 2.0 specification which is intended to replace the old one, XEP-0115.

I've recently implemented it and like to share my experience with it.

One of the requirements of the spec was to have both the old and new specification in place for a certain transition period.

It was pretty clear, that we need some kind of abstraction for both specs, which led to the following interface:

public interface EntityCapabilities {

Set<Hashed> getCapabilityHashSet();

byte[] createVerificationString(InfoNode infoNode);

String createCapabilityHashNode(Hashed hashed);

Both have a set of hashes (the old one only has one, which is itself), both can create a verification string from a set of features and identities and both can create a "capability hash node", each using their own algorithm.

The interface Hashed is implemented by the old Entity Caps and also by the XEP-0300 hash element. InfoNode is a disco#info query response (features, identities, extensions).

The class structure looks like this:

Processing Entity Capabilities

When processing a presence stanza or stream features with either or both old and new Entity Capabilities, the flow has become quite complex as you can see in the following flow chart. However, the good news is that it works with only the above interface. Take a look at how it's implemented right now:

Generating Entity Capabilities

The generating entity side is a bit easier:

I hope you liked this little presentation about how both XEP-0115 and XEP-0390 can be implemented behind the same interface.

Entity Capabilties 2.0 will of course be available in the next release.

by Christian Schudt ( at February 11, 2018 23:26

February 07, 2018

Paul Schaub

More XEPs for Smack

I spent the last weekend from Thursday to Sunday in Brussels at the XSF-Summit (here is a very nice post about it by JCBrand) and the FOSDEM. It was really nice to meet all the faces belonging to the JIDs you otherwise only see in the MUCs or on GitHub in real life.

There was a lot of discussion about how to make XMPP more accessible to the masses and one point that came up was to pay more attention to XMPP libraries, as they are often somewhat of a gateway for new developers who discovered the XMPP protocol. A good library with good documentation can help those new developers immensely to get started with XMPP.

During my stay and while on the train, I found some time to work on Smack again and so I added support for 3 more XEPs:

Ge0rG gave a talk about what’s currently wrong with the XMPP protocol.  One suggested improvement was to rely more on Stable and Unique Stanza IDs to improve message identification in various use-cases, so I quickly implemented XEP-0359.

XEP-0372: References is one dependency of XEP-0385: Stateless Inline Media Sharing, which I’m planning to implement next, so the boring lengthy train ride was spent adding support for XEP-0372.

A very nice XEP to implement was XEP-0392: Consistent Color Generation, which is used to generate consistent colors for usernames across different clients. I really like the accessibility aspect of that XEP, as it provides methods to generate colors easily distinguishable by users with color vision deficiency.

I hope my contributions will draw one or two developers who seak to implement a chat client themselves to the awesome XMPP protocol :)

Happy Hacking!

by vanitasvitae at February 07, 2018 14:05

February 04, 2018

Peter Saint-Andre

Aristotle: A First Encounter

Aristotle's views on living well and doing well - what the ancient Greeks called εὐδαιμονία or eudaimonia - are some of the most enduring insights into ethics ever put into words. Yet the deepest meaning of those words is usually obscured by efforts to translate and interpret Aristotle's thoughts. In part the problem is linguistic, in part it is cultural, but ultimately it is philosophical: ancient Greek world views, Aristotle's among them, are very far from our modern ways of thinking and feeling....

February 04, 2018 00:00

February 03, 2018

JC Brand

The 2018 XSF Summit

This year I again attended the XMPP Software Foundation's summit in Brussels. The summit spans two days and is held at Cisco's offices.

It's a rare opportunity to get community members together to discuss and make decisions around protocol extensions (the so-called XEPs). On the second day interesting discussions were had regarding the state of XMPP today, for example how and by whom its used, how to foster and support client development and the merits of federation (i.e. communication between different messaging providers).

We heard that XMPP is heavily used and respected within the Telecoms industry, and that there's a lot of "hidden" use of XMPP that even most of the Summit participants were unaware of.

The distinction was made between XMPP, which represents the protocol, and Jabber®, which represents the ideal of federated instant messaging as used by end users.

Besides what some people may think, XMPP is alive and well, and used extensively in many applications and in various sectors.

Jabber®, on the other hand, not so much. Mindshare has moved largely to siloed (i.e. non-federated and non-standardized) messaging apps like Slack et al.

The Tigase guys Andrzej Wójcik and Daniel Wisnewski gave a demo of the new Internet-of-things module of the Tigase XMPP server which also drew attention at the realtime communications stand at FOSDEM.

Minutes for the XSF Summit

I volunteered to be the minute taker this year, for which I used my favorite notes-taking app: Vimwiki.

With Vimwiki you can generate HTML from your wiki files, so I was able to make the notes available online roughly as I was typing them. which I did by pushing the generated HTML to a git repo and then pulling again via cron on a server and serving with Nginx.

Me writing the notes at the summit.

I N C E P T I O N (an original piece by Guus der Kinderen)

I also wanted to make the minutes available on the XMPP wiki, but Vimwiki's syntax is a little bit different than the Mediawiki syntax.

Pandoc came to the rescue, and with a one-liner I could generate Mediawiki files from all my notes.

So here are the 2018 XSF Summit minutes on the XMPP wiki:

Final thoughts

It was fun to meet up again with kindred spirits and to see some familiar and friendly faces from the XMPP world.

This year was also the first time I attended the fancy XSF dinner. I had the sea bass with endive and beurre blanc.

See you folks next year and thanks for all the fish!

The XSF summit dinner.

February 03, 2018 20:30

Peter Saint-Andre

Songs of Zarathustra Now Published

My short book on Friedrich Nietzsche, Songs of Zarathustra, is now published in paperback and ebook formats, and of course also on my website. Once again both the form and the content are unorthodox: I construe Nietzsche in a more humanistic way than most interpreters, and I do so in a cycle of 73 brief poems (including translations of some of Nietzsche's own verse). Neither aspect is likely to endear me to academics, but then I don't write for a scholarly audience - even though my books are based on a deep reading of the original texts....

February 03, 2018 00:00

February 01, 2018

Tigase Blog

Tigase XMPP Server v7.1.3 Released!

Tigase XMPP Server v7.1.3 has been released! Please review the change notes below to see what has changed since our last release.

by wojtek at February 01, 2018 01:31

January 30, 2018

Daniel Pocock

Imagine the world's biggest Kanban / Scrumboard

Imagine a Kanban board that could aggregate issues from multiple backends, including your CalDAV task list, Bugzilla systems (Fedora, Mozilla, GNOME communities), Github issue lists and the Debian Bug Tracking System, visualize them together and coordinate your upstream fixes and packaging fixes in a single sprint.

It is not so farfetched - all of those systems already provide read access using iCalendar URLs as described in my earlier blog. There are REST APIs to manipulate most of them too. Why not write a front end to poll them and merge the content into a Kanban board view?

We've added this as a potential GSoC project using Python and PyQt.

If you'd like to see this or any of the other proposed projects go ahead, you don't need to be a Debian Developer to suggest ideas, refer a student or be a co-mentor. Many of our projects have relevance in multiple communities. Feel free to get in touch with us through the debian-outreach mailing list.

by Daniel.Pocock at January 30, 2018 18:52

January 27, 2018

Christian Schudt

Babbler 0.7.5 released

I am pleased to announce a new bugfx release 0.7.5 for the XMPP Java client library. It only contains non-security related bug fixes.

Here's what got fixed:

  • Add stream ID to ConsoleDebugger output (Issue #105).
  • Improve CustomIQ example and documentation (Issue #112).
  • PingManager: Make exception for feature-not-implemented (Issue #113).
  • Allow configuration of custom name server for DNS SRV resolution.
  • MUC service discovery should handle items with non-room JIDs (Issue #106).
  • Connecting to stream hosts should not exceed configured response timeout (Issue #111).
  • Fixed DataForm.getReportedFields() to work when null.
  • Fix NullPointerException in RPC Value class (Issue #117).
  • Fix memory leak on WebSocket connection failure (Issue #122)
  • Ensure WebSocket session is closed, if server does not respond with <close/> element.
  • Store avatar image using correct hash code.

by Christian Schudt ( at January 27, 2018 20:16

Peter Saint-Andre

Privacy FTW

Tomorrow (January 28th) is Data Privacy Day. Why not join in the celebration? Here are some suggestions to prevent absolutely everything you do online from being tracked:...

January 27, 2018 00:00

January 25, 2018

Jérôme Poisson

Build a decentralized internet with Libervia (Salut à Toi) !

Among many novelties of Salut à Toi in the next release (0.7), one has specially big potential: Libervia (the web frontend) is now a web framework.
"Yeah but there already so many of them!" I 've heard you saying… That is true, but this one is decentralized.

Building on standards, having tools for decentralization

Using existing accounts

So, Libervia is based on SàT and XMPP in order to help you to build or rebuild the web. But why? Well, first the authentication, which is used on most websites nowadays, use the account you alread have. No, I'm not talking about the account on the big blue stuff or the noisy bird, but about your XMPP account, the one you are using with SàT, Movim, Gajim, Conversations or Pidgin, the one, in which your data can be located in your living room, and the one in which you can use any name you choose; the one that does not tract your activity.

The developer doesn't have to worry about this, and the users don't have to create yet another account on each website, or to use an account from a big central website (and then tell to web data hoovers where, when and to what you did connect).

Other advantage: we take profit for existing software. If you want to integrate other authentication ways (for instance if you want to use your GNU/Linux accounts), you just have to activate the suitable thing on your server (check this prosody list for instance, you'll surely find similar lists for other servers).

Pubsub, the decentralized database

XMPP is not a single technology, but rather a basis for a variety of coherent technologies, and pubsub is one of them. As a reminder, with it you can store data (or "items") in "nodes" (which can been seen as tables or collections in other databases), on "services".

A service can be anywhere on the network : in the same location as your web server, on the other side of the Earth, on the intranet or on a .onion in Tor network. Of course it's possible to keep data locally if needed, in particular for caching.

Let’s talk about cache, pubsub has a really nice property: we can subscribe to a node to be notified when there are changes on it (new data, data update or deletion). Taking benefit from this gives Libervia an automatic cache system: a page can be automatically put in cache, and later can be invalidated as soon as a modification happen. That is an other thing to simplify developer's life, and to improve the speed for the user.

Simplify life

Libervia has been thought to make things easy :

Appearance change

The framework is entirely based on template engine (jinja2). It is really straightforward to create new themes (from doing simple CSS change to major changes in pages structure). You just have to create a new directory with theme name, and to modify what you want, and only what you want: pages from default theme will be used if needed.

Integration between server and client

A bunch of tools are there to facilitate integration between client (in the browser) and the HTTP server. For instance, you just have to set "dynamic = True" in your Libervia page on server side to automatically activate a bidirectionnal dynamic communication system with the browser (based on websockets). A method can be used to send data at any time to the page, and an other one is called when data are emited from the browser.

This will go deeper in the 0.8 release, with the planed integration of Python to Javascript transpileur/interpreters. Libervia is using so far Pyjamas, a project which is not maintained anymore and which is transpiling an obsolete Python 2. To avoid future blocking on a single option, developers will have the choice to use a Python transpiler/interpreter (Brython and Transcript are planed), Simple Javascript ("vanilla"), or if they really like pain, any currenly popular Javascript framework.

Handling common tasks

A translation system is natively integrated (using Babel), and also filters for dates, backend UI templates rendering, or forms creation.

Templates are built to be reusables, so it's easy to include, for instance, comments in page.

A symbiotic ecosystem

I'll stop here for features, though the list is not finished (it's for instance possible to generate static website à la Pelican or Hugo).

This new tool has already been used in severals features in the incoming release, notably with the tickets or merge requests handlers that I have announced recently.

Next release of Salut à Toi will be an achievement, the first version ready for production, and is now a whole ecosystem to communicate, create, or do collaborative work, compatible with the rest of XMPP family.

If you want to stay up to date, follow my blog (which is using Libervia), or join us on our room

If you want to support us, you can either join the association, or help us on Liberapay.

Other news to come soon…

by goffi at January 25, 2018 19:53

Erlang Solutions

MongooseIM 2.1.1 - More than a patch!

About 3 months have passed since the final MongooseIM 2.1.0 release.

Over that time we’ve gathered feedback from community and picked out improvements we really wanted to include in 2.1.0 (but the schedule is merciless!). The outcome is a release that closes the 2.x series.

This is the last stop before the leap into 3.0.0, when you may expect significant changes and features.

You might ask, “why do they call it >>More than a patch<<?“ as there are many catchier titles we could have used.

The reason for that title is honesty, and us admitting our miscalculation. What started as a small revision, sort of closure after 2.1.0, turned into quite an impressive set on changes.

What are these? Keep reading! Oh, and by the way: welcome to MongooseIM 2.1.1!

Secure connections to databases

Security and connection encryption have always been important topics, not only in chat applications.

To always stay ahead of the game, we’ve ensured that you can integrate MongooseIM with external (i.e.: not Mnesia) databases with TLS enabled.

We’ve updated our dependencies where it was necessary and made sure everything is well-documented. With 2.1.1 you may add extra hardening to your platform, no matter if your MySQL/Postgres/etc. is running in the same local network, or in a separate location. For example, you could have a MongooseIM cluster running on bare metal in your data center, while calling MySQL deployed in a cloud (for extra flexibility).

Obviously, it does not apply to Mnesia, which runs alongside MongooseIM and uses Erlang distribution for data exchange.

If you’d like to add a similar level of security to it, you may enable TLS for Erlang distribution protocol. This improvement also does not apply to Redis, as there is no official support for connection encryption in this database yet. We may add some recommendations on enabling it in an unofficial way in the future.


A word of explanation: Deumbrellification is a process of transforming an umbrella structure (an application that contains more applications) into a flat one. It makes developers’ life easier, as it means more intuitive code hierarchy and better integration with certain build systems.

How does it apply to MongooseIM?

For a large part of its lifetime, MongooseIM has been bundled with MySQL and PostgreSQL client libraries. It required a nested structure - the main application was placed in apps/ directory alongside these drivers. In the meantime, two events took place: we’ve begun fetching these drivers as dependencies and we’ve switched from Rebar 2 to Rebar 3.

The former change has left us with more up-to-date libraries downloaded by Rebar, and with a somewhat awkward project structure with only one application remaining in apps/ directory. While we were certain that we want to improve it at some point, it had a low priority because it simply kept working. In order to make MongooseIM usable as a dependency, there was a separate src/ folder with a file inside. It means that, while we had MongooseIM’s application file in src/, the rest of the code was in apps/ejabberd/. Again - not the prettiest solution, but it did its job.

The latter improvement required us to temporarily disable MongooseIM’s application file, because Rebar 3 no longer accepted such a structure. With the release of 2.1.0, community feedback strengthened our resolve to keep going and complete the journey. The full transition to OTP-compliance had to be done sooner rather than later; 2.1.1 is what we aimed for. All of the code is in src/ now, and all dependencies are fetched from other repositories. And, what is important, MongooseIM can be used as a dependency in other Rebar projects again!

For those who forked MongooseIM and modified it for their projects, we’ve prepared a comprehensive guide to what has been changed and how you should migrate your repository in order to sync with the current master.

Event Pusher

At some point a requirement arose for MongooseIM to be able to “publish” data to external endpoints. A fine example of such an event is sending a push notification request with message content to MongoosePush. Over time, it turned out that we need to deliver notifications not only to mobile devices, but also to other channels like Amazon SNS or a chosen HTTP endpoint. These three extensions were developed independently and existed as separate modules in MongooseIM.

In order to reduce maintenance costs and make the development of additional channels easier, we’ve introduced Event Pusher - a unified framework that combines the aforementioned extensions.

It’s an important change for everyone using mod_push, mod_http_notification and mod_aws_sns - these are now deprecated. Please check mod_event_pusher’s documentation to see how you can migrate.

Warning! Highly experimental!

2.1.1 includes a very important extension, which will be a subject of intensive development in upcoming version: the Global Distribution module.

Classic cluster intercommunitation in XMPP involves using distinct domains, and message routing between them requires interlocutors to be aware of the other party’s domain. While being a stable and well-tested solution, it is not very intuitive for many users and not so convenient for modern applications.

Global Distribution extension allows deploying multiple clusters that share a global routing table. It’s a solution for massive-scale projects that need MongooseIM instances in multiple data centers, while remaining transparent to the clients.

GD is highly experimental and verified mostly for 1-1 messaging. We haven’t ensured its proper interaction with other MongooseIM extensions yet. If you consider it a good fit for your use case - by all means try it and give us your feedback. Nevertheless, GD’s main “job” in 2.1.1 is to start maturing with the master branch.

Miscellaneous technical improvements & changes

Warning! Highly technical details ahead! Non-geeks may keep reading at their own risk!

Message Archive Management - moving forward

MAM is a commonly used extension in XMPP community. It has been published in 2012 (when 0.1 version was published) and undergone several important changes since then. First MAM implementation in MongooseIM was based on v0.2 of the XEP-0313. Subsequent updates to this XEP brought more or less significant modifications to the protocol (which involved XML namespace changes). MongooseIM’s mod_mam is compatible with multiple versions by default.

In 2.1.1 it is time to face the fact that v0.2 will soon be 5 years old and most (or perhaps all of them by now) of the client libraries are using v0.3 or newer protocol. From now on, v0.2 support is considered deprecated and will be removed in MongooseIM 3.0.0.

MySQL & UTF8 support

UTF8 support in MySQL has its surprises. One of them is the range of characters that utf8 encoding offers. It turns out that it doesn’t cover the full set. For example, it can’t store 4-byte emojis. In order to fix it, we’ve decided to set utf8mb4 encoding for all tables in our MySQL schema.

But it has created another issue - we’ve hit a limit for index key size because some of the varchar columns used in indices are pretty large. Changing their encoding from utf8 to utf8mb4 added an extra byte to every character, so indices based on them suddenly exceeded the 767-byte limit. We’ve decided to avoid extensive modification of column sizes in all affected tables, so the team has chosen to drop the official support for MySQL versions that do not have the “large prefixes” option implemented. As a part of this step, ROW_TYPE is now set to DYNAMIC.

In 2.1.1 the oldest supported MySQL version is 5.5.14. What is more, all servers of version 5.7.8 or earlier require additional configuration.

Important: No action is required for existing deployments, as we’ve modified only the schema file. All SQL backends in 2.1.1 are still 100% compatible with schema from 2.1.0 but obviously won’t benefit from this improvement, unless migrated.

Build fixes

MongooseIM 2.1.0 introduced an improved Message Archive ID generation method but it actually turned out that new C++ module could not be built on 32-bit systems. This issue has been resolved in 2.1.1 and the server can now be compiled both on 32 and 64-bit architectures.

The second fix helps developers using macOS High Sierra, which uses BoringSSL as default library for secure connections. MongooseIM’s dependency, fast_tls, relies on OpenSSL. Since it was compiled with a flat namespace, it resulted in mysterious runtime errors. 2.1.1 depends on a recent fast_tls version, which is not affected by this problem.


Please feel free to read the detailed changelog where you can find a full list of source code changes and useful links.


Special thanks to our contributors: @andrewvmail @igors!

What’s next?

MongooseIM 3.0.0 will feature several important changes and novelties. One of them will be a standard implementation of Inbox, which should cover most (or hopefully - all) of our community’s needs. Second is further improvements to Global Distribution. We are going to ensure that it is compatible with other MongooseIM extensions. The third goal is restructuring the documentation - we want to significantly improve usability and to introduce a more intuitive hierarchy of topics.

You may expect MongooseIM 3.0.0 release on April 17th!

Test our work on MongooseIM 2.1.1 and share your feedback

Help us improve the MongooseIM platform:

Star our repo: esl/MongooseIM

Report issues: esl/MongooseIM/issues

Share your thoughts via Twitter:

Download: Docker image with new release

Sign up to our dedicated mailing list to stay up to date about MongooseIM, messaging innovations and industry news.

Check out our MongooseIM product page for more information on the MongooseIM platform.

January 25, 2018 14:28

January 23, 2018

Monal IM

What on earth is iPhoneOSNano?

I was looking at the XNU source code today (don’t ask) and stumbled upon this line in a particular file (

SUPPORTED_PLATFORMS = macosx iphoneos iphoneosnano tvos appletvos watchos bridgeos

I can tell you what all of those are including the new Bridge OS that powers the Arm chips on the new Macs. I have never heard of iPhoneOSNano before. There are several references to it as a supported platform if you search for it✓&q=iphoneosnano&type=

Does anyone have any idea what this is?

/* Platform: iPhoneOSNano */
#define __DARWIN_ONLY_64_BIT_INO_T 1
#define __DARWIN_ONLY_VERS_1050 1
#endif /* PLATFORM_iPhoneOSNano */
#ifdef PLATFORM_iPhoneNanoSimulator
/* Platform: iPhoneNanoSimulator */
#define __DARWIN_ONLY_64_BIT_INO_T 1
#define __DARWIN_ONLY_VERS_1050 1
#endif /* PLATFORM_iPhoneNanoSimulator */
Update: Its been there since 2014. No idea what it is though

by Anu at January 23, 2018 05:29

January 22, 2018


Using TLS Authentication for your Go Kafka Client

If you want to access a Kafka server that have enabled TLS, you will need to be able to use certificate to connect from your Sarama / Go client. This article outlines the needed steps to configure it properly.

Configuring your Kafka server to support authentication

If you are managing your own Kafka service and would like to enable authentication, you should read this article from Confluent documentation site: Encryption and Authentication using SSL.

Converting Java keystore and truststore

The first steps to easily handle your certificates from Go is to convert them to a set of PEM files.

Here are the commands to extract the Certificate Authority (CA) certificate:

$ keytool -importkeystore -srckeystore kafka.server.truststore.jks -destkeystore server.p12 -deststoretype PKCS12
$ openssl pkcs12 -in server.p12 -nokeys -out server.cer.pem

You can then convert your client keystore to be usable from Go, with similar commands:

$ keytool -importkeystore -srckeystore kafka.server.keystore.jks -destkeystore client.p12 -deststoretype PKCS12
$ openssl pkcs12 -in client.p12 -nokeys -out client.cer.pem
$ openssl pkcs12 -in client.p12 -nodes -nocerts -out client.key.pem

Go Kafka client supporting TLS authentication

To connect to the server and authenticate with TLS, you just need to generate the proper TLSConfig. Here is the relevant code:

func NewTLSConfig(clientCertFile, clientKeyFile, caCertFile string) (*tls.Config, error) {
 tlsConfig := tls.Config{}

 // Load client cert
 cert, err := tls.LoadX509KeyPair(clientCertFile, clientKeyFile)
 if err != nil {
  return &tlsConfig, err
 tlsConfig.Certificates = []tls.Certificate{cert}

 // Load CA cert
 caCert, err := ioutil.ReadFile(caCertFile)
 if err != nil {
  return &tlsConfig, err
 caCertPool := x509.NewCertPool()
 tlsConfig.RootCAs = caCertPool

 return &tlsConfig, err

The code is then extremely simple to connect:

func main() {
 tlsConfig, err := NewTLSConfig("bundle/client.cer.pem",
 if err != nil {
 // This can be used on test server if domain does not match cert:
 // tlsConfig.InsecureSkipVerify = true

 consumerConfig := sarama.NewConfig()
 consumerConfig.Net.TLS.Enable = true
 consumerConfig.Net.TLS.Config = tlsConfig

 client, err := sarama.NewClient([]string{"localhost:9093"}, consumerConfig)
 if err != nil {
  log.Fatalf("unable to create kafka client: %q", err)

 consumer, err := sarama.NewConsumerFromClient(client)
 if err != nil {
 defer consumer.Close()

 consumerLoop(consumer, "mytopic")

The consumerLoop has nothing special regarding TLS authentication. You can just use your standard Sarama code. You can read the full code on Github: base-client.go.

by Mickaël Rémond at January 22, 2018 14:49

January 18, 2018

Monal IM

Next Mac Beta is up

Another Mac beta is up.  I have fixed all the crashes that came in on the last beta.

by Anu at January 18, 2018 15:00

JC Brand

Converse 3.3 has been released

Last night I released version 3.3.0 of Converse.js, and as often happens with big releases, I made a quick bugfix release (3.3.1) today.

The bugfix release turns off some CSS3 animations for new messages which caused degraded performance on Firefox. On Chrome the animations render smoothly, so if you'd like you can still turn them on with the show_message_load_animation config option.

What's in the release?

Maintaining a long-term open source front-end JavaScript library almost feels like a Sisyphean task sometimes. As soon as you've rolled the big stone up the hill, the whole JS ecosystem, best practices and tooling changes and you find yourself at the bottom of the hill again.

This release is therefore heavy on changes under the hood, with the aim of modernizing and improving the quality of the code.

Besides that, I also spent time squashing lots of small usability bugs and on improving performance.

Converse.js now uses a Virtual DOM

Various views, such as the registration form, are now rendered by means of a Virtual DOM. I wrote a new Backbone view called Backbone.VDOMView for this, and blogged about it here:

No more jQuery

Looking at the git log, I started rewriting code to not use jQuery in January 2017.

So this change has been a year in the works. I often asked myself whether I should spend time on this and not rather do something else, like adding new features, especially since removing jQuery has taken a lot of time.

However, there were some good reasons, or perhaps motivations, for me to remove jQuery.

Before ES6 promises were available, I used $.Deferred. However, jQuery's deferreds weren't compatible with Promises, so when ES6 Promises came around, I had to rewrite lots of code to use Promises.

I used $.show and $.hide quite a bit, and then it turned out that the way jQuery was doing it (by adding/removing display: none to the DOM element) is not good practice and also very slow.

So I started writing my own utility functions to replace jQuery's.

The last straw for me was when jQuery 3 came out, and half of Converse.js's ~240 tests failed once I plugged it in.

After spending some time trying to figure out what backward incompatible changes they made and how I should update the code, I decided to instead rip jQuery out entirely.

It's still used in the tests, but it's no longer included in any build.

Since removing it, I've noticed a remarkable reduction in time to run the tests.

By looking at how quickly the tests run now, the code seems to run much faster without jQuery.

Less weight

Besides removing jQuery, I also updated Converse.js to load translations at runtime, and only the exact translation JSON file that's needed.

Due to these changes, the unminified built has shrunk from 3.38MB to 2.8MB, and the minified build from 1.66MB to 1.2MB.

And this is while adding the virtual DOM code.

Route to a specific chat room via the URL

It's now possible to directly link to a specific chat room, or to the registration page (instead of the login page) via the URL.

For example, the URL will take you immediately to the Converse.js "Discuss" chat room, once you've logged in.

What else?

Lots of other bugfixes and improvements have been added in this release. For more details, check the changelog.

Notable absent from this release are some desired features, such as file sharing, message corrections, message receipts and the like.

I would love to add some of these often requested features, however I had to get the house in order so to speak, by modernizing the code and squashing lots and lots of little usability and performance bugs.

That said, Converse.js takes up a LOT of my free time and not a single line of code in this release was paid for.

If you or your company make use of converse.js, please consider sponsoring it on Patreon or Liberapay.


Thanks goes out to everyone who's made pull requests and bug reports over the last months.

And thanks also to the folks who hang out in the Converse.js Discusss chat room and who have there provided valuable feedback.

January 18, 2018 14:30

January 16, 2018

Monal IM

New Mac beta up

There is a new beta of the Mac client with all of the recent  fixes and addition of group messaging.  I know there are still a few issues, for example it doesn’t save the password for auto joining a bookmarked group. Im curious to see what other issues people encounter. Its been working ok for me the last couple of days as I’ve been using it to lurk on the XMPP developers group chats.

by Anu at January 16, 2018 19:50

Paul Schaub

Smack: Some busy nights

Hello everyone!

This weekend I stayed up late almost every evening. Thus I decided that I wanted to code something, but I wasn’t sure what, so I took a look at the list of published XEPs to maybe find something that is easy to implement, but missing from Smack.

I found that XEP-0394: Message Markup was missing from Smacks list of supported extensions, so I began to code. The next day I finished my work and created Smack#194. One or two nights later I again stayed up late and decided to take another look for an unimplemented XEP. I settled on XEP-0382: Spoiler Messages  this time, which was really easy to implement (apart from the one little attribute, which for whatever reason I struggled to parse until I found a solution). The result of that night is Smack#195.

So if you find yourself laying awake one night with no chance to sleep, just look out for an easy to do task on your favourite free software project. I’m sure this will help you sleep better once the task is done.

Happy Hacking!

by vanitasvitae at January 16, 2018 13:11

Monal IM

The new group chat UI

I’m getting closer to the UI that I would like for group chats. It might not be the greatest thing for power users but I suspect it will work well for most people. Especially those familiar with iMessage or other chat clients already.   Things to note in the picture below, proper nick name support and subjects. I’ve decided to treat the subject like the group name.  I’ve observed that in other chat clients people like to change the group name on a whim mid conversation.  This is not something the muc spec supports as far as I can tell. People  can however change the subject, so subject it shall be.

by Anu at January 16, 2018 05:29

January 12, 2018

Monal IM

Mac has group chat

The Mac client has always had group chat but didn’t have a UI surfacing the functionality. I am adding that now.  I know favorites and auto join have long been asked for. I hope to have that in the iOS client as well. 

by Anu at January 12, 2018 19:52


ejabberd 18.01

ejabberd 18.01 is a bugfix release. This version of ejabberd Community Server is a good candidate for Linux distributions packaging as it concludes a year of development and stabilised all recent changes for production use.


  • Fix TLS driver memory management
  • Fix privacy_set command
  • Report ‘fs’ support as unavailable on SunOS
  • Let mod_block_strangers bounce an error when a message is rejected


As usual, the release is tagged in the Git source code repository on Github.

The source package and binary installers are available at ProcessOne.

If you suspect that you’ve found a bug, please search or fill a bug report on Github.

by Christophe Romain at January 12, 2018 11:29