TL;DR
Erlang/OTP 29.0 has been released, introducing new language features, security enhancements, and compiler warnings. Key updates include support for unsafe attributes, default-disabled SSH services, and new cryptographic algorithms. The release impacts Erlang developers and system security practices.
Erlang/OTP 29.0 has been officially released, introducing significant new features, security enhancements, and language updates that impact Erlang developers and system administrators worldwide.
The release includes support for -unsafe attributes, allowing functions to be marked as unsafe and generating warnings for unsafe calls. The SSH daemon now defaults to disabled for shell and exec services, aligning with the ‘secure by default’ principle, and the SFTP subsystem is no longer enabled by default. In SSL, the hybrid quantum-resistant key exchange algorithm x25519mlkem768 is now preferred in default configurations.
New language features include native records, multi-valued comprehensions, and the is_integer/3 guard BIF, enhancing data handling and verification capabilities. The compiler now issues warnings for deprecated constructs like the catch operator, obsolete guard tests, and variable exports from subexpressions, encouraging modernization of codebases. Compiler optimizations have been improved for binary matching and map comprehensions.
Standard library functions now include rand:shuffle/1 and rand:shuffle_s/2 for list permutation. The SSH key exchange algorithm defaults to mlkem768x25519-sha256, providing quantum-resistant security while maintaining backward compatibility. Many of these features aim to improve performance, security, and developer experience.
Why It Matters
This release is significant because it enhances the security posture of Erlang-based systems, especially with default SSH settings and advanced cryptographic algorithms. It also introduces language features that improve code safety and performance, which are critical for high-reliability applications. Developers need to adapt to new warnings and potential incompatibilities, making this a pivotal update for maintaining secure and efficient Erlang systems.
Erlang/OTP 29.0 development tools
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Background
Erlang/OTP 29.0 follows previous updates that have steadily improved language features, security, and tooling support. The release reflects ongoing efforts to modernize Erlang, support quantum-resistant cryptography, and promote safer coding practices. Prior releases have introduced features like native records and multi-valued comprehensions, but this update emphasizes security defaults and compiler warnings to guide developers toward best practices.
“Erlang/OTP 29.0 introduces a host of new features, security improvements, and language enhancements aimed at making Erlang systems more secure, efficient, and developer-friendly.”
— Erlang/OTP Development Team
“The default disabling of SSH shell and exec services aligns with our commitment to secure by default principles, reducing attack surfaces for Erlang-based systems.”
— Erlang/OTP Maintainers
Mastering Linux Security and Hardening: Secure your Linux server and protect it from intruders, malware attacks, and other external threats
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What Remains Unclear
While the release details are comprehensive, it is not yet clear how widely adopted the new features will be in existing codebases, or how quickly developers will migrate to the new standards. Compatibility issues related to deprecated features like catch and obsolete guards may also influence adoption timelines.
Acquiring Card Payments
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
What’s Next
Next steps include widespread adoption of Erlang/OTP 29.0 by the community, with updates to documentation and tooling to support new features. Developers are encouraged to review the release notes and test their systems for compatibility, especially regarding the new compiler warnings and security defaults.
BEAM ECOSYSTEM DEVELOPMENT WITH ERLANG AND ELIXIR: Building fault-tolerant distributed applications using the BEAM virtual machine
As an affiliate, we earn on qualifying purchases.
As an affiliate, we earn on qualifying purchases.
Key Questions
What are the main security improvements in Erlang/OTP 29.0?
The default SSH daemon disables shell and exec services, and the preferred SSL key exchange algorithm now includes quantum-resistant options, enhancing security against both classical and quantum attacks.
What new language features does Erlang/OTP 29.0 introduce?
Native records, multi-valued comprehensions, and the is_integer/3 guard BIF are among the key language enhancements, providing more expressive and safer coding options.
Are there any breaking changes or incompatibilities?
The release introduces some incompatibilities, such as deprecated guard tests and the removal of 32-bit Windows builds. Developers should review the detailed release notes for potential impacts on existing applications.
How does the new default security configuration impact existing systems?
Systems with SSH shell and exec services enabled will need to be reconfigured explicitly to restore these features. This change aims to enhance security by default but requires administrators to verify settings.
