Debian 13 "Trixie" full freeze has started 2025-05-17, so this is a good time to take a look at some of the features, that this release will bring. Here we will focus on packages related to XMPP, a.k.a. Jabber .

XMPP is a universal communication protocol for instant messaging, push notifications, IoT, WebRTC, and social applications. It has existed since 1999, originally called "Jabber", it has a diverse and active developers community.

Clients

• Dino , a modern XMPP client has been upgraded from 0.4.2 to 0.5.0
  Dino now uses OMEMO encryption by default. It also supports XEP-0447: Stateless File Sharing for unencrypted file transfers. Users can now see preview images or other file details before downloading the file. Multiple widgets are redesigned to be compatible with mobile devices, e.g. running Mobian .
• Gajim , a GTK+-based Jabber client has been upgraded from 1.7.3 to 2.1.1
  There are many new features in Gajim, e.g. XEP-0444: Message Reactions , XEP-0461: Message Replies , XEP-0425: Moderated Message Retraction , XEP-0490: Message Displayed Synchronization , voice message recording, migration to GTK 4, and a lot of UI changes.
• go-sendxmpp , a CLI tool to send messages to contacts or MUCs: 0.5.6 → 0.14.1
  New features are support for sending XEP-0066: Out of Band Data and support for several modern authentication features ( XEP-0388: Extensible SASL Profile , XEP-0386: Bind 2 , XEP-0484: Fast Authentication Streamlining Tokens ). New support of modern SCRAM mechanisms (SCRAM-SHA-1(-PLUS), SCRAM-SHA-256(-PLUS), SCRAM-SHA-515(-PLUS)) and SASL SCRAM Downgrade Protection ( XEP-0474: SASL SCRAM Downgrade Protection ) improve the security of the login process. Also a lot of bugfixes and smaller improvements found their way to the new version, for details see the changelog .
• Kaidan , a simple and user-friendly Jabber/XMPP client is upgraded from 0.8.0 to 0.12.2
  Kaidan supports end-to-end encryption via OMEMO 2, Automatic Trust Management and XMPP Providers . It has been migrated to QT 6 and many features have been added: XEP-0444: Message Reactions , XEP-0461: Message Replies , chat pinning, inline audio player, chat list filtering, local message removal, etc.
• Libervia is upgraded from 0.9.0~hg3993 to 0.9.0~hg4352
  Among other features, it now also contains a gateway to ActivityPub, e.g. to Mastodon.
• Poezio , a console based XMPP client as been updated from 0.14 to 0.15.0
  Better self-ping support. Use the system CA store by default.
• Profanity , a console based XMPP client has been upgraded from 0.13.1 to 0.15.0.
  Add support for XEP-0054: vcard-temp , Improve MAM support, show encryption for messages from history and handle alt+enter as newline char.
• Psi+ , a QT based XMPP client (basic version) has been upgraded from 1.4.554 to 1.4.1456
• xmpp-dns , a CLI tool to check XMPP SRV records: 0.3.4 → 0.4.5
  It now supports showing connection targets defined by XEP-0156: Discovering Alternative XMPP Connection Methods / XEP-0487: Host Meta 2 - One Method To Rule Them All and testing of XEP-0206: XMPP Over BOSH and Websocket connections. A detailed list of changes can be found in the changelog .

Servers

• ejabberd , an extensible realtime platform (XMPP server, MQTT broker, SIP service) has been updated from Version 23.01 to 24.12
  Add support for XEP-0425: Moderated Message Retraction , XEP-0402: PEP Native Bookmarks , and XEP-0424 Message Retraction .
• Prosŏdy , a lightweight extensible XMPP server has been upgraded from 0.12.3 to 13.0.1
  Admins can disable and enable accounts as needed. A new role and permissions framework. Storage and performance improvements.

Libraries

• libomemo-c 0.5.0 to 0.5.1
• libstrophe , an XMPP library in C has been upgraded from 0.12.2 to 0.14.0
  It now supports XEP-0138: Stream Compression and adds various modern SCRAM mechanisms.
• omemo-dr , an OMEMO library used by Gajim is now in Debian, in version 1.0.1
• python-nbxmpp , a non blocking Jabber/XMPP Python 3 library, upgrade from 4.2.2 to 6.1.1
• python-oldmemo , a python-omemo backend for OMEMO 1, 1.0.3 to 1.1.0
• python-omemo , a Python 3 implementation of the OMEMO protocol, 1.0.2 to 1.2.0
• python-twomemo , a python-omemo backend for OMEMO 2, 1.0.3 to 1.1.0
• qxmpp 1.4.0 to 1.10.3
• slixmpp-omemo new 1.2.2
• slixmpp 1.8.3 to 1.10.0
• strophejs , a library for writing XMPP clients has been upgraded from 1.2.14 to 3.1.0

Gateways/Transports

• Biboumi , a gateway between XMPP and IRC, upgrades from 9.0 to 9.0+20241124.
• Debian 13 Trixie includes Slidge 0.2.12 and Matridge 0.2.3 for the first time! It is a gateway between XMPP and Matrix, with support for many chat features.

Not in Trixie

• Spectrum 2 , a gateway from XMPP to various other messaging systems, did not make it into Debian 13, because it depends on Swift , which has release critical bugs and therefore cannot be part of a stable release.

Digital wallets have transformed how people pay and how businesses get paid. With more consumers choosing contactless and mobile transactions, offering these payment options is part of staying relevant.

That’s why your business needs to understand digital wallet security – how it works, where the risks lie, and what it takes to protect customer data and payment information.

In this guide, we’ll walk through how digital wallets function, the benefits they offer, and why security needs to be a central part of any payment strategy.

Why digital wallet security is important

You likely already have some understanding of the importance of digital wallet security. But the scale of risk today makes it worth revisiting.

In 2024, scammers stole $494 million in cryptocurrency through wallet-draining attacks, according to BleepingComputer . These attacks hit over 300,000 wallet addresses, a 67% jump in stolen funds compared to the year before. The number of victims? Up just 3.7%. That means attackers are going after (and reaching) higher-value targets.

And it’s not just about crypto. IBM reports that the average cost of a data breach globally is now $4.45 million , up 15% in just three years. For any business handling payments or user data, it’s a direct, growing risk. Understanding how digital wallets work and how to secure them is quickly becoming part of the baseline for doing business responsibly.

What is a digital wallet?

A digital wallet is a software-based tool that stores payment information securely on a smartphone or similar device. It allows customers to pay online or in-store without needing to enter card details or carry cash.

For businesses, it’s a shift in how people expect to transact. Digital wallets offer speed at the till, fewer failed payments, and a smoother customer experience.

More than just payments

Digital wallets do more than handle payments. Many store loyalty cards, ID, tickets, and even crypto. Some link to bank accounts, others work with preloaded funds.

Services like Apple Pay and Google Pay are already woven into consumers’ everyday lives, helping drive adoption. According to Grandview research, the global mobile wallet market reached USD 7.42 billion in 2022, and it’s expected to grow 28.3% annually through 2030, fuelled by smartphone use, internet access and booming e-commerce.

Source: Grandview Mobile Market research

Security is built in from the start

While we’ve touched on the fact that attacks and risks exist, digital wallets are inherently designed with security as a top priority.

What makes digital wallets valuable and viable is the level of built-in protection. Strong digital wallet security is a core feature, not an add-on. Encryption, tokenisation, and biometric authentication all help reduce fraud and protect customer data. The UK market is catching on fast. According to Worldpay, digital wallets are expected to handle over £200 billion in e-commerce transactions by 2027 . This shift in consumer behaviour is here to stay. So ask yourself if your payment strategy is keeping up the pace.

How do digital wallets work?

Digital wallets use a mix of mobile technology and built-in security to make payments quick and easy. Whether customers are shopping online or tapping their phone in person, there’s no need to enter card details every time.

The process starts with a secure app or platform. Once a user adds their card and verifies their identity, typically using a fingerprint, face scan or PIN, the wallet is ready to use.

For in-store payments, the customer unlocks their phone, chooses a card, and holds the device close to the payment terminal. For online purchases, they simply select the wallet at checkout and approve the payment on their device.

Key tech behind digital wallets:

• Near-field communication (NFC):
  The most common method for contactless payments. NFC allows smartphones, smartwatches and compatible cards to securely exchange payment data with terminals by holding the device a few centimetres away with no physical contact needed.
  
• Magnetic secure transmission (MST):
  MST mimics the magnetic stripe on traditional cards by emitting an encrypted signal. It’s less common than NFC but still supported by some wallets and terminals.
  
• QR codes:
  Used more often in markets where contactless readers aren’t standard, QR codes allow customers to scan and pay using a barcode displayed on-screen.

Once the payment is sent, the point-of-sale system routes the data to the payment processor. From there, it goes through the standard authorisation process with the customer’s bank.

Are digital wallets safe?

We’ve covered what digital wallets are and how they work. Now, let’s get into the bigger question: how secure are they?

The risks businesses should be aware of

We have mentioned that digital wallets are designed with strong safeguards in place, but there are still risks to be made aware of.

These typically come from user behaviour, unsecured environments, or sophisticated cyberattacks.

Here are some of the most common risks:

How to use digital wallets safely

If your business offers or accepts digital wallet payments, security is key to safeguarding your customers and protecting your reputation. With the right steps, keeping digital payments secure can be simple.

Here are some best practices businesses and their customers should follow and encourage to make digital wallet use safer:

• Use strong, unique passwords
  Avoid easy or repeated passwords across accounts. Encourage users to choose complex combinations that aren’t reused elsewhere.
  
• Enable biometric authentication
  Fingerprint or facial recognition adds an extra layer of protection beyond passwords and PINs.
  
• Keep software updated
  Regular updates patch security holes in your device’s operating system and digital wallet apps, reducing vulnerability to attacks.
  
• Separate social media and financial apps
  Using different devices or accounts for social and financial activities can lower the risk of cross-app attacks or data leaks.
  
• Be vigilant about phishing
  Train teams to recognise suspicious emails or messages that try to steal login details. Remind customers not to click on unknown links.
  

Many digital wallets come with built-in security features, including:

• Encryption and tokenisation
  These turn sensitive payment details into unreadable codes or tokens for each transaction, making data breaches far less damaging.
  
• Two-factor authentication (2FA)
  Requiring two forms of verification before access helps ensure only authorised users can make payments.
  
• Fraud monitoring
  Some wallets automatically flag or block suspicious activity to prevent unauthorised transactions.
  

In industries such as telecomms, banking and fintech, developers often rely on secure, reliable programming languages such as Erlang and Elixir to build payment systems that can handle high volumes without compromising security.

These technologies help ensure digital wallets remain both fast and safe for everyday business use.

To conclude

For businesses, digital wallet security is essential for protecting both customers and reputation. Digital wallets include strong built-in protections, but knowing the risks and how to address them helps keep your business and customers safe.

By focusing on security, you create a safer payment environment and earn customer trust. As digital wallets become a standard payment option, staying informed and prepared will keep your business competitive and secure. Ready to discuss strengthening your payment security? Get in touch.

The post The Importance of Digital Wallet Security appeared first on Erlang Solutions .

This release brings three new features: message retraction, blocking participants in group chats, and updated support for modern group chat avatars. Thank you for all your contributions!

What’s New

Gajim 2.2 comes with support for retracting messages via XEP-0424: Message Retraction . This allow you to retract your messages, if you’ve mistakenly sent it to the wrong recipient or group chat. Please note that your counterpart needs to support this feature as well, as a retraction can only be considered an unenforceable request.

In group chats, Gajim now allows you to block individual participants, if need arises. Blocking is available through each participant’s context menu. Block lists are private, but they can be synchronized between devices. This feature is only supported by Gajim as of now.

Finally, official support for XEP-0486: MUC Avatars has been added, which allows group chats to have individual profile pictures.

A note for Windows users: At the time of writing, there are some issues with emoji rendering on Windows. That’s why there is no release of Gajim 2.2 for Windows yet. This issue should soon be resolved and we will post an update once Gajim 2.2 is released on Windows.

More Changes

• Account sidebar now indicates connectivity issues
• Handling of retraction/moderation for corrections has been improved

And much more! Have a look at the changelog for a complete list.

As always, don’t hesitate to contact us at gajim@conference.gajim.org or open an issue on our Gitlab .

A Minimum Viable Product (MVP) is your first real signal to the market, your team, and your investors that you’re solving the right problem in the right way. While it’s often mentioned alongside terms like Proof-of-Concept (PoC), prototype, or pilot, an MVP plays a distinct role: validating real value with real users.

Avoiding common missteps early sets the stage for faster iteration, smarter growth, and long-term success. Startups are under pressure to move quickly, but speed without focus can lead to costly mistakes. Proving value fast is essential, especially with limited resources, but moving too quickly without the right foundation can stall progress just as easily as moving too slowly.

What an MVP should be

An MVP is the leanest version of your product that still delivers real value and helps you learn whether you’re solving the right problem.

It’s not about perfection, but validation. Will users care enough to try, pay, or share?

Importantly, a strong MVP also signals to investors that you can efficiently test ideas, understand your market, and move fast with limited resources.

Focus on what matters, build with intent, and treat your MVP not as a throwaway prototype, but as the foundation of everything to come.

Small by design, smart by strategy

Popularised by Eric Ries in The Lean Startup , the MVP is designed to reduce wasted time, money, and effort. By building only what’s needed to test your core assumptions, you can learn quickly and adjust early, before burning through too much time, money, or energy.

A good MVP doesn’t just mean “basic”

A strong MVP isn’t just a stripped-down prototype. It’s the foundation of your product. Lightweight, but also reliable, secure, and built for change. If it can’t be used, demoed, or trusted, it’s not doing its job.

Focus on what matters, build with intent, and treat your MVP not as a throwaway prototype, but as the foundation of everything to come.

Minimise risk, maximise learning

An MVP helps you move fast and stay focused. It’s not about trial and error. It’s about proving your idea works and showing investors that you’re building something ready to grow.

Common MVP mistakes (and how to avoid them)

Building an MVP is about speed and learning. But moving fast shouldn’t mean skipping the fundamentals. Many startups fall into familiar traps: doing too much too soon, choosing the wrong tools, or cutting corners that cause problems later.

By spotting these mistakes early, you can build smarter, avoid rework, and give your product a better chance of success.

Overbuilding Before Validation

Adding too many features at the start slows you down, increases costs, and weakens your core value. A bloated MVP is harder to test, more expensive to maintain, and often confusing for users.

Why it happens:

• Unclear priorities
• Perfectionism
• Fear of missing out

How to avoid it:

Focus on solving one clear problem well. Use low-code or no-code tools to test ideas quickly without overcommitting time or budget.

Choosing the wrong tech stack

Selecting technology based on trends instead of fit creates long-term issues. The wrong stack can lead to expensive rebuilds, poor stability, development slowdowns, and scaling challenges.

Why it matters:

Your tech choices affect how fast you can iterate, how well you scale, and how easy it is to adapt later.

How to avoid it:

Choose a simple, flexible stack that fits your domain. Use tools that support rapid development and long-term growth. Involve technical partners or advisors with experience to help avoid common mistakes.

Ignoring security and code quality

When speed trumps structure, the result is often messy, unreliable code.

A growing trend, vibe coding , uses AI (especially large language models) to quickly generate code from natural language. While this accelerates initial progress, it often skips testing, documentation, and consistency, leading to hidden risks and technical debt.

Though fast at first, vibe coding can leave fragile code that’s hard to debug, extend, or transfer, with teams diverging in approach and progress stalling over time.

Why does it happen?

• Misunderstanding MVP as “low quality” rather than “focused and efficient”
• Overreliance on AI-generated code without review or standards
• Lack of experienced engineering oversight

Risks include:

• System instability and hidden failures
• Security vulnerabilities and compliance breaches
• Technical debt and poor maintainability
• Loss of trust from investors and partners

How to avoid it:

Prioritise quality from day one:

• Review AI code for security, clarity, and maintainability
• Apply secure authentication and data encryption
• Set shared coding standards and style guides
• Require basic tests and documentation, even for MVPs
• Limit LLM use in critical paths unless thoroughly validated
• Track shortcuts and log them as technical debt to resolve later

A little rigour early on prevents major setbacks down the line.

What smart MVP development looks like

A smart MVP is fast, focused, and built for flexibility. It doesn’t aim to include everything, just enough to test your core idea with real users.

Here’s what that looks like in practice:

Built fast, not rushed

Speed should serve as validation. The best MVPs reach users quickly without creating confusion or technical debt.

Focus on:

• Delivering one clear value
• Releasing early to gather feedback
• Improving in tight, focused cycles

Easy to change, because feedback is coming

A smart MVP is flexible by design. Once feedback starts coming in, you need to be ready to adjust quickly without overhauling everything.

Make this easier with:

• Modular code
• Clear documentation
• A prioritised backlog for fast iteration

Safe and secure – even if it’s lean

Even a small MVP needs to be stable and secure. If users are testing it, they’re trusting it.

Trust depends on:

• Data security and privacy (including GDPR compliance)
• A clear, usable interface
• Consistent, reliable performance

A strong MVP is :

• Right-sized: Solves one problem well
• Stable: Works reliably in demos and tests
• Scalable: Built on a foundation that can grow
• Trustworthy: Respects and protects user data

Smart MVP development means building fast, but building right. When you combine speed with strategy, you don’t just ship faster, you learn faster, improve faster, and grow stronger.

Build fast. Build smart. Build for growth.

A strong MVP helps you validate your idea, attract early users or investors, and gather feedback, without overbuilding or overspending. The goal is not just to launch quickly, but to launch with clarity, purpose, and scalability in mind.

Many teams fall into the same traps: bloated feature sets, the wrong technology choices, or neglecting long-term costs. These missteps waste time, burn cash, and kill momentum. The most effective MVPs are built with focus, tested against the right assumptions, and grounded in a foundation that supports growth from day one.

At Erlang Solutions, we can help your startup launch MVPs that are resilient under pressure and built for the future. If you’re ready to build something that works, let’s talk .

The post Common MVP mistakes: How to build smart without overbuilding appeared first on Erlang Solutions .

XMPP Newsletter Banner

Welcome to the XMPP Newsletter, great to have you here again! This issue covers the month of April 2025.

Like this newsletter, many projects and their efforts in the XMPP community are a result of people’s voluntary work. If you are happy with the services and software you may be using, please consider saying thanks or help these projects! Interested in supporting the Newsletter team? Read more at the bottom .

XSF Announcements

XSF Membership

If you are interested in joining the XMPP Standards Foundation as a member, submissions are open until May 18th, 2025, 00:00 UTC! .

XSF Fiscal Hosting Projects

The XSF offers fiscal hosting for XMPP projects. Please apply via Open Collective . For more information, see the announcement blog post . Current projects you can support:

• Mellium Co-op
• Bifrost bridge
• Prav
• diasp.in

XMPP Events

• Berlin XMPP Meetup [DE / EN]: monthly meeting of XMPP enthusiasts in Berlin, every 2nd Wednesday of the month at 6pm local time.
• XMPP Italian happy hour [IT]: monthly Italian XMPP web meeting, every third Monday of the month at 7:00 PM local time (online event, with web meeting mode and live streaming).
• XMPP Sprint in Berlin : On Friday, 23rd, Saturday, 24th, and Sunday, 25th of May 2025.

XMPP Articles

• XMPP Foundation Urges Meta to Allow Interoperability Under EU Rules by Markus Kasanmascheff for winbuzzer.com
• Monocles , the project responsible for the XMPP Monocles chat Web and Android clients, has started a crowdfunding campaign . The main goal is to create a platform where privacy, digital sovereignty and sustainability take center stage. Your privacy is non-negotiable. The funding period will span from 03.28.2025 to 06.30.2025.
• Prav has taken its second major step towards forming a cooperative society in India. Their blog post “Finalising our bye-laws” details the process, including ways you can help out. This is an important step in Prav’s mission to implement community-driven decision making for their XMPP apps and services and give legal teeth to that structure .

XMPP Software News

XMPP Clients and Applications

• Cheogram has released version 2.17.10-1 for Android. This version introduces an initial implementation of Spaces ( XEP-503 ), among other improvements, bugfixes and more!
• Conversations has released versions 2.18.0 , 2.18.1 and 2.18.2 for Android. Notable changes include the ability to pick a custom backup location, a prominent backup restore option for Quicksy , and improved support for more kinds of URIs. The latter includes tel phone numbers, mailto email addresses, and more interestingly the web+ap scheme for ActivityPub proposed by Fedi Links .
• Dino has released version 0.5 featuring OMEMO encryption by default, improved file transfers, image preview and other file details before downloading, and two completely reworked dialogs. See the release blog post for all the details.
  • At the same time, Dino has also received funding from NLnet to begin development on a slew of new features. This includes message moderation in group chats, local message deletion, modern connection handling with FAST and SASL2, more formatting options with Message Markup, and more! Visit the project page for all the details.
• Gajim has released versions 2.1.0 and 2.1.1 with a new ‘Activity feed’ page, layout improvements for its ‘Start Chat’ dialog and support for ‘Message Display Synchronisation’ ( XEP-0490 ) across group chats among other improvements and bugfixes. Head over to their News section for all the details.

Activity feed in Gajim 2.1

Account and status selection in Gajim 2.1

• Kaidan has received NLnet funding for various improvement across the board , most notably multi-user chat and support for legacy OMEMO. The second point is significant because while Kaidan is using a newer version of the OMEMO end-to-end encryption protocol, other popular clients including Conversations, Monal, and Dino are still using an older version. Since the two are not compatible, this meant Kaidan users were unable to use OMEMO encryption with users of most other clients. By implementing the older spec as well, Kaidan will help bridge that gap.

• Monocles Chat 2.0.6 has been released for Android. This version brings initial support for file captions, the option to pin an unencrypted message to the top of a conversation, providers list support, and the option to register on your own XMPP server, among many other new features and improvements.

Monocles Chat 2.0.6: Initial captions to files and pin message to the top

Monocles Chat 2.0.6: Register on your own XMPP server or pick one from the providers list

• Movim has released version 0.30 (code named “ Encke ”), the biggest Movim evolution in many years! This release brings multi-participant calls , reactions being displayed in the detailed message view, support for Unicode 15.1 with plenty of new emojis to use, and avatars that change when a contact adds to their Story .

Movim 0.30 (Encke): Multi Participant Calls. Bob Cat looking disgruntled by the presence of the ‘Hooman’ on the lower right of the screen!

Movim 0.30 (Encke): Meow OwO bedazzled by the looks of Multi Participant Calls on his mobile device!

• and following right on its heels, Movim also published its first bug-fix release: version 0.30.1 , adding animated pictures support in the image proxy and a new Avatar and Banner Configuration Panel, as well as implementing ( XEP-0392 ) Consistent Color Generation, among many other improvements and bugfixes. Make sure to check out the official announcements at the Movim Blog for all the details!

Movim 0.30.1: Avatar and banner configuration panel

• Prose has released versions 0.8.0 , 0.8.1 , 0.8.2 , 0.8.3 , 0.9.0 , 0.9.1 and 0.10.0 of its web frontend prose-web-app .

XMPP Servers

• MongooseIM has released version 6.3.3 of its Enterprise Instant Messaging Solution. This minor update includes various fixes and improvements. For more information, check out the documentation .
• ProcessOne has published ejabberd 25.04 . This release brings an important security fix, several bug fixes and a new API command.
• Prosody IM is pleased to announce version 13.0.1 , a new minor release from the latest stable branch. It fixes some important bugs that were discovered after the latest release. Read all the details on the release changelog . As always, detailed download and install instructions are available on the download page for your convenience.
• The Prosody app for YunoHost has been updated to provide a bunch of supported XEPs by default, configured for all YunoHost users in just one click. YunoHost is a set of tools to easily manage your own selfhosted services, and while it used to come bundled with the Prosody fork Metronome by default, it has recently bundled its XMPP functionality into a separate “app” so that people can swap in any other XMPP server of their choice.

XMPP Libraries & Tools

• go-xmpp versions 0.2.13 and 0.2.14 has been released.
• libomemo-c version 0.5.1 has been released.
• prose-core-client versions 0.1.103 , 0.1.104 and 0.1.105 have been released.
• python-nbxmpp versions 6.1.0 and 6.1.1 have been released.
• Slidge versions 0.2.9 (codenamed “Trixie <3”), 0.2.10 , 0.2.11 and 0.2.12 have been released.
• Tinder version 2.1.0 has been released.
• Whack version 3.0.0 has been released.

Extensions and specifications

The XMPP Standards Foundation develops extensions to XMPP in its XEP series in addition to XMPP RFCs . Developers and other standards experts from around the world collaborate on these extensions, developing new specifications for emerging practices, and refining existing ways of doing things. Proposed by anybody, the particularly successful ones end up as Final or Active - depending on their type - while others are carefully archived as Deferred. This life cycle is described in XEP-0001 , which contains the formal and canonical definitions for the types, states, and processes. Read more about the standards process . Communication around Standards and Extensions happens in the Standards Mailing List ( online archive ).

Proposed

The XEP development process starts by writing up an idea and submitting it to the XMPP Editor . Within two weeks, the Council decides whether to accept this proposal as an Experimental XEP.

• No XEPs proposed this month.

New

• No New XEPs this month.

Deferred

If an experimental XEP is not updated for more than twelve months, it will be moved off Experimental to Deferred. If there is another update, it will put the XEP back onto Experimental.

• No XEPs deferred this month.

Updated

• Version 1.1.3 of XEP-0313 (Message Archive Management)
  • Fixed typo (XEP Editor (dg))
• Version 0.4.0 of XEP-0377 (Spam Reporting)
  • Add spam report processing opt-in.
  • Add Guus der Kinderen as co-author. (gdk)
• Version 1.0.1 of XEP-0421 (Occupant identifiers for semi-anonymous MUCs)
  • Fixed typo (XEP Editor (dg))
• Version 0.3.0 of XEP-0455 (Service Outage Status)
  • Remove all in-band event signaling. (mp)

Last Call

Last calls are issued once everyone seems satisfied with the current XEP status. After the Council decides whether the XEP seems ready, the XMPP Editor issues a Last Call for comments. The feedback gathered during the Last Call can help improve the XEP before returning it to the Council for advancement to Stable.

• No Last Call this month.

Stable

• No XEPs moved to Stable this month.

Deprecated

• No XEPs deprecated this month.

Rejected

• No XEPs rejected this month.

Spread the news

Please share the news on other networks:

• Mastodon
• LinkedIn
• YouTube
• Lemmy instance (unofficial)
• Reddit (unofficial)
• XMPP Facebook page (unofficial)

Also check out our RSS Feed !

Looking for job offers or want to hire a professional consultant for your XMPP project? Visit our XMPP job board .

Newsletter Contributors & Translations

This is a community effort, and we would like to thank translators for their contributions. Volunteers and more languages are welcome! Translations of the XMPP Newsletter will be released here (with some delay):

• English (original): xmpp.org
  • General contributors: Adrien Bourmault (neox), Alexander “PapaTutuWawa”, Arne, Badri Sunderarajan, Benson Muite, cal0pteryx, emus, Federico, Gonzalo Raúl Nemmi, Jonas Stein, Kris “poVoq”, Licaon_Kter, Ludovic Bocquet, Mario Sabatino, melvo, MSavoritias (fae,ve), nicola, Schimon Zachary, Simone Canaletti, singpolyma, XSF iTeam
• French: jabberfr.org and linuxfr.org
  • Translators: Adrien Bourmault (neox), alkino, anubis, Arkem, Benoît Sibaud, mathieui, nyco, Pierre Jarillon, Ppjet6, Ysabeau
• Italian: notes.nicfab.eu
  • Translators: nicola
• Spanish: xmpp.org
  • Translators: Gonzalo Raúl Nemmi
• German: xmpp.org
  • Translators: Millesimus
• Português (BR): xmpp.org
  • Translators: Paulo

Help us to build the newsletter

This XMPP Newsletter is produced collaboratively by the XMPP community. Each month’s newsletter issue is drafted in this simple pad . At the end of each month, the pad’s content is merged into the XSF GitHub repository . We are always happy to welcome contributors. Do not hesitate to join the discussion in our Comm-Team group chat (MUC) and thereby help us sustain this as a community effort. You have a project and want to spread the news? Please consider sharing your news or events here, and promote it to a large audience.

Tasks we do on a regular basis:

• gathering news in the XMPP universe
• short summaries of news and events
• summary of the monthly communication on extensions (XEPs)
• review of the newsletter draft
• preparation of media images
• translations
• communication via media accounts

Unsubscribe from the XMPP Newsletter

To unsubscribe from this list, please log in first . If you have not previously logged in, you may need to set up an account with the appropriate email address.

License

This newsletter is published under CC BY-SA license .

ElixirConf EU 2025 is only two weeks away! Soon, it will once again be time for the Elixir community from Europe and beyond to come together, connect, and learn from each other about Elixir and its ecosystem. There will be dozens of talks from speakers across the community, training opportunities, and more.

This year’s event is being held in Kraków, Poland from May 15-16, with optional training available on May 14. Both in-person and virtual tickets are available.

Here’s a preview of some of the speakers on the schedule, and what to expect from their talks:

Keynotes

José Valim: Type System and Elixir Updates

No ElixirConf would be complete without an appearance from Dashbit’s José Valim , the creator of Elixir.

Since announcing it at ElixirConf EU 2022 , José and the Elixir team have been hard at work on a type system for the language based on set-theoretic types. Implementation of this system is still underway , and José will offer an update on its progress, as well as other recent activities from the Elixir team and what to expect in the next release. Guillaume Duboc , a PhD student at Université Paris Cité who is working on the type system for his thesis, will provide a more in-depth look at it in a separate talk, “What’s New with Elixir Types”.

James Arthur: Introducing Phoenix.Sync

James Arthur is a TED Prize and Microsoft Prize-winning co-founder of Opendesk , Hazy , and Post Urban , with prior software development experience for Apple and IDEO .

He is currently the CEO of ElectricSQL , developers of the Elixir sync engine Electric , and will be bringing that knowledge to his keynote introducing Phoenix.Sync , a new library that adds real-time sync to Phoenix. Expect a tour through the basics of the library, how to use it to sync data into both backend and frontend applications, and its potential uses in AI systems.

Davide Bettio and Mateusz Front: The AtomVM and New Horizons for Elixir

SECO Mind’s Davide Bettio has years of embedded systems and IoT experience, and began work on AtomVM , a lightweight BEAM implementation tailored for IoT devices, in 2017.

He’ll be joined by Mateusz Front , an Elixir developer at Software Mansion , to explain the results of a collaboration that has proved Elixir can be run on a whole new platform. They’re keeping quiet about the specifics, so you’ll have to check out their keynote to find out what they’ve come up with, along with plenty more information about AtomVM and Elixir runtimes.

Industry Stories

Anita Ludermann: Turn Old Into New: Moving to Elixir Feature by Feature

Anita Ludermann is a software engineer currently at Modell Aachen GmbH , where she has spent the last few years working with a team whose goal is to modernise a legacy codebase by transitioning it to Elixir.

She’ll be offering a first-hand account of what adoption of Elixir and the functional paradigm in general looks like in a real-world industry context, with all the challenges of shifting an entire system to a new language bit by bit while maintaining consistent functionality for the user.

Ettore Berardi: How Elixir Powers the BBC: From PoC to Production at Scale

After a stint at MacMillan Science and Education , Ettore Berardi joined the BBC , where he has now been working for eight years as a tech lead.

He’ll be relaying another story of Elixir adoption in action, namely the four-year process of shifting to Elixir at the BBC, starting with an initial proof of concept and culminating with nearly all BBC app and web traffic being served by Elixir. On top of the technical side of things, he’ll also discuss the realities of building and maintaining Elixir expertise in an environment largely unfamiliar with the language.

Libraries and Frameworks

Gus Workman: Introducing Trellis: Open Source Hardware for Nerves

You may already be familiar with Nerves , a framework for using Elixir to build embedded systems. Gus Workman is the founder of Protolux Electronics , a company specialising in Nerves-based hardware and software.

His talk will introduce Trellis, an open-source hardware platform reminiscent of Raspberry Pi , but specifically built with the purpose of producing custom circuit boards for Nerves and Elixir.

Parker and Shannon Selbert: The Architecture of Oban Web

Oban Web , the live dashboard for the prominent Elixir background job library Oban , recently became fully open source.

Now, Oban’s creator Parker Selbert and Oban core team member Shannon Selbert, co-founders of Soren , will be diving into the internals of the project, touring its key elements and interesting features. They promise to reveal how to structure a complex LiveView application with extensive real-world use, backed by Oban Met , a purpose-built distributed database.

Ridwan Otun and Sola-Aremu ‘Pelumi: Whisperer: An Elixir-Based Multi-Agent Framework

Ridwan Otun and Sola-Aremu ‘Pelumi are two self-described Elixir evangelists working as engineering vice presidents at Juicyway and Bank of America , respectively.
Their talk will introduce Whisperer , a new and recently open-sourced framework that allows users to define, sequence, and orchestrate multi-agent AI systems. It’s another talk that’s well worth checking out if you’re interested in learning how Elixir developers are taking advantage of the new possibilities afforded by agents and LLMs.

Deep Dives

Conor Sinclair: Meta-Programming in Elixir: Dynamic Function Calling with LLMs

Multiverse’s Conor Sinclair is a senior software engineer specialising in frontend and with a passion for Elixir.

He’ll be joining the conference to address the now-ubiquitous topic of LLMs. Conor will be addressing Elixir specifically, walking the audience through the process of creating generic interfaces and using the Langchain library to expose them to LLMs. It’s sure to be a fascinating talk for anyone curious as to how these models interface with an existing application.

Robert Virding: Unveiling the Magic of Erlang/OTP Behaviours: A Deep Dive in the Codebase & Björn Gustavsson: My Beam History

We’ll also be getting talks from two developers whose experience with Erlang and the BEAM goes back to the very beginning. Robert Virding was one of the co-creators of Erlang at Ericsson , and now works for Erlang Solutions as Principle Language Expert.
He’ll be offering a deep dive into the Erlang/OTP codebase, as well as a BEAM VM training session the day before the conference proper. Björn Gustavsson , meanwhile, joined the OTP team in 1996 and later became the main developer for the BEAM, which is partially named for him. His talk will explore his three decades of history with the BEAM.

And More!

Of course, that’s only a fraction of the talks at this year’s event – there are plenty of others, and it’s worth checking out the full list of speakers to see if there’s anything else that catches your eye. If you’ve already committed to attending, the schedule is now available, so you can start deciding which talks to attend.

There’s sure to be something for everyone with an interest in Elixir and the BEAM, and Erlang Solutions will be present at the event as always, so be sure to say hi to our team if you do attend. We hope to see you in Kraków in a few weeks for ElixirConf EU 2025!

The post Looking Forward to ElixirConf EU 2025 appeared first on Erlang Solutions .

“When an operation cannot be expressed by any of the functions in the Enum module, developers will most likely resort to reduce/3.”

From the docs for Enum.reduce/3

In many Elixir applications, I find Enum.reduce is used frequently. Enum.reduce can do anything, but that doesn’t mean it should. In many cases, other Enum functions are more readable, practically as fast, and easier to refactor.

I would also like to discuss situations that are a good fit for Enum.reduce and also introduce you to a custom credo check I’ve created, which can help you identify places where Enum.reduce could be replaced with a simpler option.

Readability

Here are a few common reduce patterns—and their simpler alternatives.  For example, here’s something I see quite often:

Enum.reduce(numbers, [], fn i, result -> [i * 10 | result] end)
|> Enum.reverse()

This is a situation that the Enum.map function was designed for:

Enum.map(numbers, & &1 * 10)

Perhaps you know about Enum.map , but you might see a call to reduce like this:

Enum.reduce(numbers, 0, fn number, result -> (number * 2) + result end)

Let me introduce you to Enum.sum_by !

Enum.sum_by(numbers, & &1 * 2)

Let’s look at something a bit more complex:

Enum.reduce(numbers, [], fn item, acc ->
  if rem(item, 2) == 0 do
    [item * 2 | acc]
  else
    acc
  end
end)
|> Enum.reverse()

This is a perfect case for piping together two Enum functions:

numbers
|> Enum.filter(& rem(&1, 2) == 0)
|> Enum.map(& &1 * 2)

Another option for this case could even be to use Enum.flat_map :

Enum.flat_map(numbers, fn number ->
  if rem(number, 2) == 0 do
    [number * 2]
  else
    []
  end
end)

This is a decent option, but while this achieves the purpose of both filtering and mapping in a single pass, it may not be as intuitive for everybody.

Lastly, say you see something like this and think that it would be difficult to improve:

Enum.reduce(invoices, {[], []}, fn invoice, result ->
  Enum.reduce(invoice.items, result, fn item, {no_tax, with_tax} ->
    if Invoices.Items.taxable?(item) do
      tax = tax_for_value(item.amount, item.product_type)
      item = Map.put(item, :tax, tax)

      if Decimal.equal?(tax, 0) do
        {no_tax ++ [item], with_tax}
      else
        {no_tax, with_tax ++ [item]}
      end
    else
      {no_tax, with_tax}
    end
  end)
end)

But this is just the same:

invoices
|> Enum.flat_map(& &1.items)
|> Enum.filter(&Invoices.Items.taxable?/1)
|> Enum.map(& Map.put(&1, :tax, tax_for_value(&1.amount, &1.product_type)))
|> Enum.split_with(& Decimal.equal?(&1.tax, 0))

Aside from improving readability, splitting code out into pipes like this can make it easier to see the different parts of your logic.  Especially once you’ve created more than a few lines of pipes, it becomes easier to see how I can pull out different pieces when refactoring.  In the above, for example, you might decide to create a calculate_item_taxes function which takes a list of items and performs the logic of the Enum.map line.

Performance

You may have already thought of a counterpoint: when you pipe functions together, you end up creating new lists, which means more work to be done as well as more memory usage (which means more garbage collection).  This is absolutely true, and you should be thinking about this!

But I find that 99% of the time, the data I’m working with makes the performance difference negligible.  If you find that your code is slow because of the amount of data that you need to process, you might try using the Stream module — it has many of the same functions as Enum , but works lazily.  If that doesn’t work, then by all means, create a reduce (and maybe put it into a well-named function)!

As Joe Armstrong said:

“Make it work, then make it beautiful, then if you really, really have to, make it fast.”

For some information about benchmarks that I’ve run to understand this better, see this analysis and discussion .

Good Opportunities for Enum.reduce

Aside from occasional performance reasons, Enum.reduce can often be the simplest solution when you want to transform a data structure over a series of steps.  For example:

• Build a data structure based on an enumerable (like a fragment in an Ecto query )
• Transform a data structure (like replacing variable references in a string )

Find Cases in Your Own Code with credo_unnecessary_reduce

Remember that no one pattern works in all cases, so know what tools you have available! If you’d like to quickly find instances for potential improvements in readability, I built a Credo check to help spot where reduce can be swapped for something simpler.

You can drop it into your project and start catching these anti-patterns automatically.

https://github.com/cheerfulstoic/credo_unnecessary_reduce

Simply add it to your mix.exs file:

{:credo_unnecessary_reduce, "~> 0.1.0"}

…and then enable it in your .credo.exs file:

{CredounnecessaryReduce.Check, []}

The post Reduce, Reuse… Refactor: Clearer Elixir with the Enum Module appeared first on Erlang Solutions .

The tech world doesn’t slow down, and neither do we. From the power of big data in healthcare to keeping you up-to-date about fintech compliance, our latest blog posts explore the important topics shaping today’s digital world.

Whether you’re leading a business, building software, or just curious about the future of tech, check out what the Erlang Solutions team has been talking about.

Understanding Big Data in Healthcare

From smartwatches to digital patient records, healthcare is generating more data than ever before. In our post, Understanding Big Data in Healthcare , we explore how big data is transforming patient care—think predictive health trends, precision medicine, and smarter decision-making.

We also dig into the challenges of handling sensitive information and how tech like Erlang, Elixir, and SAFE can help keep that data secure. It’s a must-read if you’re curious about how data is shaping the future of healthcare.

Understanding Digital Wallets

Digital wallets aren’t just convenient, but they’re quickly becoming essential. In Understanding Digital Wallets , we break down how they work, why they’re gaining momentum, and what they mean for businesses today.

From improved security and cost savings to global access and smoother customer experiences, this blog gives a clear look at the benefits (and a few of the challenges) of going digital.

Women in BEAM

Lorena Mireles takes us through the key takeaways from her Women in BEAM survey, while also sharing her personal journey within the Elixir community.

From representation gaps to the importance of strong role models, this piece highlights real experiences from developers in the BEAM ecosystem and why inclusion still matters in tech.

Top 5 IoT Business Security Basics

Billions of connected devices = billions of entry points for hackers. In Top 5 IoT Business Security Basics , we outline five practical tips to boost your IoT security:

• Use strong, unique passwords
• Encrypt your data
• Run regular security audits
• Train your team
• Disable features you don’t use

Simple, effective, and easy to implement—these tips will help you keep your systems (and customers) safe.

DORA Compliance: What Fintech Businesses Need to Know

As of January 2025, the Digital Operational Resilience Act (DORA) is live, and if you’re in fintech, you need to be ready. Our post, DORA Compliance: What Fintech Businesses Need to Know , breaks down what DORA is, who it affects, and what steps you need to take to stay compliant (if you haven’t already).

We explore its five key pillars and how to build a more resilient, disruption-proof business. With over 22,000 companies affected, it’s a timely read for anyone in the financial space.

To conclude

Staying ahead in tech doesn’t have to be overwhelming. Our goal? To make it easier for you to understand what’s happening and what it means for your business.

Got questions? Let’s chat.

The post Erlang Solutions’ Blog round-up appeared first on Erlang Solutions .

This release brings layout improvements to Gajim’s Start Chat dialog, an improved message search, and includes fixes for some issues with Message Displayed Synchronization. Thank you for all your contributions!

What’s New

Gajim 2.1 comes with a new ‘Activity feed’ which displays events around group chat invitations, contact requests, and updates. This will be the central feed for all kinds of activities in the future (e.g. reactions, replies, mentions, message reminders).

Activity feed in Gajim 2.1

Gajim 2.1.1 brings layout improvements for its Start Chat dialog, which now renders more compact and shows more information. This release also improves message search by displaying the last correction of a message and by not showing moderated messages. Last but not least, some issues with XEP-0490: Message Displayed Synchronization have been fixed.

A note for Windows users: At the time of writing, there are some issues with emoji rendering on Windows. That’s why there is no release of Gajim 2.1 for Windows yet. This issue should soon be resolved and we will post an update once Gajim 2.1 is released on Windows.

More Changes

• Group chats now show voice request errors, if they happen
• Setting your status for multiple accounts though the account sidebar now works properly

And much more! Have a look at the changelog for a complete list.

As always, don’t hesitate to contact us at gajim@conference.gajim.org or open an issue on our Gitlab .