Erlang/OTP 29.0

Erlang/OTP 29.0 has been officially released, marking a major update with new features, security improvements, and some incompatibilities, according to the Erlang/OTP team.

The release introduces support for -unsafe attributes to mark functions as unsafe, with the compiler warning about such calls. The SSH daemon now defaults to disabled for shell and exec services, aligning with the ‘secure by default’ principle, and the SFTP subsystem is no longer enabled by default. In SSL, the hybrid quantum-resistant key exchange algorithm x25519mlkem768 is now preferred. New language features include native records, multi-valued comprehensions, and an improved is_integer/3 guard. The compiler now emits warnings for deprecated constructs like catch, variable exports from subexpressions, and obsolete boolean operators. Enhancements to the stdlib include functions for list permutation, and the SSH default key exchange algorithm has shifted to mlkem768x25519-sha256, offering quantum resistance.

Why It Matters

This update matters because it enhances security by default, introduces advanced language features for more expressive code, and improves performance through compiler optimizations. Developers need to be aware of potential incompatibilities and new warnings to update their codebases accordingly.

Background

Erlang/OTP 29.0 follows previous releases focusing on performance and security. Notably, the support for native records is experimental, and the shift to secure defaults in SSH reflects ongoing security improvements. The release also continues the trend of adding language features to improve developer productivity and code safety.

“Erlang/OTP 29.0 introduces significant new features and security defaults, marking an important step forward for the platform.”

— Erlang/OTP Team

“The new support for -unsafe attributes and compiler warnings aims to improve code safety and maintainability.”

— Erlang/OTP Documentation

Modern OpenSSH In-Depth: The Complete Secure Shell Guide for SSH Server Configuration, Key Management, Tunneling, SFTP File Transfer, and DevOps Automation.

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What Remains Unclear

It is not yet clear how widely adopted the new native records will become, as they are marked experimental. Additionally, the full impact of the new compiler warnings on existing codebases remains to be seen, and some incompatibilities may surface as developers update.

QUANTUM-RESISTANT CRYPTOGRAPHY: IMPLEMENTING ML-KEM, ML-DSA, AND SLH-DSA: Migrate TLS, APIs, and Key Exchange to NIST PQC Standards Before Harvest-Now Decrypt-Later Attacks Strike

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

What’s Next

Next steps include developers adopting Erlang/OTP 29.0, testing their applications against the new features, and monitoring community feedback for any unforeseen issues. Further updates or patches may follow to address initial challenges.

The BEAM Book: Understanding the Erlang Runtime System

AmazonView Latest Price

As an affiliate, we earn on qualifying purchases.

As an affiliate, we earn on qualifying purchases.

Key Questions

What are native records in Erlang/OTP 29.0?

Native records are a new data type introduced as an experimental feature, providing a more efficient and type-safe alternative to traditional tuple-based records.

How does the new default SSH configuration improve security?

The SSH daemon now defaults to disabling shell and exec services, reducing the risk of arbitrary code execution by authenticated users unless explicitly enabled.

What is the significance of the new hybrid quantum-resistant key exchange algorithm?

The x25519mlkem768 algorithm enhances security against quantum attacks while maintaining compatibility with existing systems, marking a step forward in cryptographic robustness.