I develop stuff and have opinions on things -
About me/Contact


Poezio 0.8 (aka “we’re still alive”)

Around two years after the release of poezio 0.7.5 (and urgent fixes .1 and .2), I believe it is time to make a new release, if only to have some kind of fixed milestone and a less broken “stable” flagship.

We will not commit to a coherent versioning scheme because it will anyway be changed, and many things originally scheduled for 0.8 are not done yet. Nonetheless, we have quite a decent list of more or less major changes.


What's new

Rewritten OTR plugin

The OTR plugin was entirely rewritten to use the pure-python-otr library (LGPL). It should now be more or less bug-free, with trust saving, and only lacking SMP (in-band verification) and HTML parsing.

The library is not yet fully mature with python3 (some bugs still need to be fixed) but it should not impact its security, only the end-user experience (e.g. generic error messages and other stuff that have been patched from within poezio).

Improved input and roster

The input should now be easier on the eyes when scrolling through a big message, and the extended features (color, bold, underline, tabs…) should now be easier to see and edit (à la weechat, but with a preview of what it will look like).


The roster search was quite broken in previous versions, and I am happy to say that now it works well, while it may still be slow on low-end computers (but we are aware of that issue).

Improved security

TLS encryption is now mandatory, and can be disabled only by setting force_encryption to false. Note that poezio never sent plaintext passwords on an unencrypted connection, and always picked encryption when offered, but that is better now.

Along with mandatory TLS encryption, poezio ships now with a set of allowed cipher suites, shamelessy copied from prosody’s sane defaults. It can also be configured by users who desire more or less security. Obviously, this option could only come after the ability to require encryption, or else it could have meant reduced security for some (no shared ciphers → drop encryption and do plaintext).

Note: this breaks gmail, too, but it’s documented and can be reactivated. (and no, we will not lower the default security for the sake of gmail)

Tabs reordering

The tab numbers were always increasing and there was no way to change the position of a tab. Now we can choose to create gaps or not by closing tabs, and reassign tabs inside them.

For people who keep poezio open for a long time -such as the authors-, it is a meaningful gain to keep the same tabs in the same places across executions or to be able to reorder them without restarting.

Personal Eventing Protocol

Mood, activity, gaming & stuff are now visible and can be set with poezio.

They are shown as small symbols next to your contacts. You can also choose to be notified when you receive them from all of your contacts or specific ones.

Resource locking

Poezio now implements XEP-0296, which means that conversations opened by a contact will now lock and unlock to particular resources depending on messages and presences received.

Error logging

Some errors encountered while running poezio will now be logged in $XDG_DATA_HOME/poezio/errors.log, in order to improve the debugging process. If you take a look from time to time and see errors pertaining to last activity and correction, do not be alarmed. However, if you find poezio doing weird things and new errors appearing in the file around the same time, ask us.

Shiny new documentation

We now have a cool, sphinx-based documentation (see my earlier post about that here).

It has the advantage of being way more complete than the previous one, and cleaner (with automated links for config options, commands, indexes and more formatting options).

Message Carbons

Poezio now supports XEP-0280, whose goal is to replicate private chats with contacts across devices.

If you have a conversation with a contact using yaxim on your phone (or any other client), and then you switch to a background-running poezio on your server, you should have received all the messages you sent and received. This allows you to switch clients depending on your context, while keeping a consistent history.

Carbons are disabled by default, that might change in the future, but for now we do not force people to enable this.

Last message correction

This version has support for XEP-0308, which allows users to correct messages, in a chatroom or private conversations. There is now a /correct command, and a plugin to display previous versions of a message.

Please note that this will probably never work on chatroom servers like conference.jabber.org because the server rewrites every single message ID, which this features relies on. So at best, the message will be corrected on your client, and shown as a duplicate on every other client, even if they support the feature.


New log format

Instead of our own custom format for the logs (that is ambiguous and lacked some info), we adopted the mcabber format with a small twist: we add a non-breakable space after the nicks, in order to separate the nick from the message. (the original syntax is ambiguous but works 99.99% of the time)

This allows us to have a somehow common format between clients, reducing fragmentation (and also re-use the vim syntax files from mcabber).

And many more

Of course, there are a lot more commits for new features or bug fixes like an improved XHTML parser, you can check the CHANGELOG or the git history for more reasons to upgrade.


This stable version will now depend on a fixed SleekXMPP version (the 1.2 series), which should help a lot for packaging and lower the risk of things breaking at a later date.

I am also pleased to announce that the Fedora package is finally up-to-date, thanks to Casper, and I will of course continue to maintain the Archlinux package.

Note about bugs

Poezio is mostly debugged and polished through dogfooding, but this means that if there are features we do not use often, they might break without us noticing (like carbons, server-side bookmarks, tab reordering, or e2e encryption).

This leads to external bug reports with reproduceable results and debug traces being extremely valuable in the process. So if you find a bug that isn’t fixed in the latest git, please report it, thank you.

If you have remarks or suggestions concerning this article, please by all means contact me.