MSC3231: Token authenticated registration #3231
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Signed-off-by: Callum Brown <callum@calcuode.com>
uhoreg
added
client-server
uhoreg
reviewed
Jun 4, 2021
Signed-off-by: Callum Brown <callum@calcuode.com>
This comment has been minimized.
This comment has been minimized.
|
@cvwright Could I ask that you convert your question into an inline discussion on the PR? It allows for threading an easier management of discussions as the proposal evolves. Otherwise, great question! |
There was a problem hiding this comment.
This is excellent for a first draft! Short and sweet, though no doubt additional conclusions will be added as discussions progress.
I'm happy that token management is left as an implementation detail. One could argue that various features could be piled on top, such as communicating the amount of uses left on a particular token back to the client. But realistically that would only add unnecessary complication (plus not being easy to do with /register).
As for your initial questions:
All the other UIAA auth types start m.login, so should I stick with that even though it's registration rather than login?
My personal preference is to stick with m.login (which is indeed odd as /login does not use UIAA, but alas...) for consistency, as well as not to confuse people with thinking that the various m.login.* types cannot be used for registration. It may be a nice idea to rename them all in a future, sweeping change though.
Is the unstable prefix bit right?
Yep. org.matrix.msc3231* is fair game, and it looks like a prefix is indeed only required for the registration type. I had one small comment about the wording, but otherwise it looks correct.
cvwright
reviewed
Jun 4, 2021
Signed-off-by: Callum Brown <callum@calcuode.com>
Signed-off-by: Callum Brown <callum@calcuode.com>
Signed-off-by: Callum Brown <callum@calcuode.com>
It would be great to have another MSC on the topic of token management. Agreed that this does not feel like the right place for it. Currently Midnight has no HTTP interface for managing or creating tokens. If there were a standard way to do it, I'd be happy to take a stab at implementing that spec. |
|
@anoadragon453 I agree now that it should stick to Or you could have I can't see anywhere in the spec if it says dashes or underscores are preferred. Edit: I've gone with |
As @deepbluev7 mentioned in a Matrix room:
That would also entail specifying how tokens can be invalidated (time based, number of uses etc.) |
|
Also, I've been having a go at a proof-of-concept in Synapse, and found that (similar to captchas) there should be a dummy stage after the token stage if that flow would otherwise only contain the token stage. That avoids the server seeing a complete flow and doing the registration if clients are actually trying to complete a different flow which might have 3PIDs after the token stage. (I'm unsure if that's intelligible...) Should that be mentioned in the MSC? Edit: I don't think it should be. The spec talks about it for m.login.dummy. |
|
Could we please stick to threads on this MSC for any comments people have, so that it will be easier to see, what is resolved and what is still being discussed? Github sadly gets messy quickly otherwise D: Just use a random line, if you can't figure out where to put it. |
This is consistent with the other UIAA auth types, and does not suggest that other `m.login.*` types cannot be used for registration. Signed-off-by: Callum Brown <callum@calcuode.com>
govynnus
force-pushed
the
token-registration
branch
from
46dcf00
to
aa8e896
Compare
Signed-off-by: Callum Brown <callum@calcuode.com>
5 tasks
turt2live
added
proposal-in-review
needs-implementation
Signed-off-by: Callum Brown <callum@calcuode.com>
This allows tokens to be used easily in query parameters Signed-off-by: Callum Brown <callum@calcuode.com>
Signed-off-by: Callum Brown <callum@calcuode.com>
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Oct 14, 2021
Synapse 1.43.0 (2021-09-21) =========================== This release drops support for the deprecated, unstable API for [MSC2858 (Multiple SSO Identity Providers)](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), as well as the undocumented `experimental.msc2858_enabled` config option. Client authors should update their clients to use the stable API, available since Synapse 1.30. The documentation has been updated with configuration for routing `/spaces`, `/hierarchy` and `/summary` to workers. See [the upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.43/docs/upgrade.md#upgrading-to-v1430) for more details. No significant changes since 1.43.0rc2. Synapse 1.43.0rc2 (2021-09-17) ============================== Bugfixes -------- - Added opentracing logging to help debug [\#9424](matrix-org/synapse#9424). ([\#10828](matrix-org/synapse#10828)) Synapse 1.43.0rc1 (2021-09-14) ============================== Features -------- - Allow room creators to send historical events specified by [MSC2716](matrix-org/matrix-spec-proposals#2716) in existing room versions. ([\#10566](matrix-org/synapse#10566)) - Add config option to use non-default manhole password and keys. ([\#10643](matrix-org/synapse#10643)) - Skip final GC at shutdown to improve restart performance. ([\#10712](matrix-org/synapse#10712)) - Allow configuration of the oEmbed URLs used for URL previews. ([\#10714](matrix-org/synapse#10714), [\#10759](matrix-org/synapse#10759)) - Prefer [room version 9](matrix-org/matrix-spec-proposals#3375) for restricted rooms per the [room version capabilities](matrix-org/matrix-spec-proposals#3244) API. ([\#10772](matrix-org/synapse#10772)) Bugfixes -------- - Fix a long-standing bug where room avatars were not included in email notifications. ([\#10658](matrix-org/synapse#10658)) - Fix a bug where the ordering algorithm was skipping the `origin_server_ts` step in the spaces summary resulting in unstable room orderings. ([\#10730](matrix-org/synapse#10730)) - Fix edge case when persisting events into a room where there are multiple events we previously hadn't calculated auth chains for (and hadn't marked as needing to be calculated). ([\#10743](matrix-org/synapse#10743)) - Fix a bug which prevented calls to `/createRoom` that included the `room_alias_name` parameter from being handled by worker processes. ([\#10757](matrix-org/synapse#10757)) - Fix a bug which prevented user registration via SSO to require consent tracking for SSO mapping providers that don't prompt for Matrix ID selection. Contributed by @AndrewFerr. ([\#10733](matrix-org/synapse#10733)) - Only return the stripped state events for the `m.space.child` events in a room for the spaces summary from [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\#10760](matrix-org/synapse#10760)) - Properly handle room upgrades of spaces. ([\#10774](matrix-org/synapse#10774)) - Fix a bug which generated invalid homeserver config when the `frontend_proxy` worker type was passed to the Synapse Worker-based Complement image. ([\#10783](matrix-org/synapse#10783)) Improved Documentation ---------------------- - Minor fix to the `media_repository` developer documentation. Contributed by @cuttingedge1109. ([\#10556](matrix-org/synapse#10556)) - Update the documentation to note that the `/spaces` and `/hierarchy` endpoints can be routed to workers. ([\#10648](matrix-org/synapse#10648)) - Clarify admin API documentation on undoing room deletions. ([\#10735](matrix-org/synapse#10735)) - Split up the modules documentation and add examples for module developers. ([\#10758](matrix-org/synapse#10758)) - Correct 2 typographical errors in the [Log Contexts documentation](https://matrix-org.github.io/synapse/latest/log_contexts.html). ([\#10795](matrix-org/synapse#10795)) - Fix a wording mistake in the sample configuration. Contributed by @BramvdnHeuvel:nltrix.net. ([\#10804](matrix-org/synapse#10804)) Deprecations and Removals ------------------------- - Remove the [unstable MSC2858 API](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), including the undocumented `experimental.msc2858_enabled` config option. The unstable API has been deprecated since Synapse 1.35. Client authors should update their clients to use the stable API introduced in Synapse 1.30 if they have not already done so. ([\#10693](matrix-org/synapse#10693)) Internal Changes ---------------- - Add OpenTracing logging to help debug stuck messages (as described by issue [#9424](matrix-org/synapse#9424)). ([\#10704](matrix-org/synapse#10704)) - Add type annotations to the `synapse.util` package. ([\#10601](matrix-org/synapse#10601)) - Ensure `rooms.creator` field is always populated for easy lookup in [MSC2716](matrix-org/matrix-spec-proposals#2716) usage later. ([\#10697](matrix-org/synapse#10697)) - Add missing type hints to REST servlets. ([\#10707](matrix-org/synapse#10707), [\#10728](matrix-org/synapse#10728), [\#10736](matrix-org/synapse#10736)) - Do not include rooms with unknown room versions in the spaces summary results. ([\#10727](matrix-org/synapse#10727)) - Additional error checking for the `preset` field when creating a room. ([\#10738](matrix-org/synapse#10738)) - Clean up some of the federation event authentication code for clarity. ([\#10744](matrix-org/synapse#10744), [\#10745](matrix-org/synapse#10745), [\#10746](matrix-org/synapse#10746), [\#10771](matrix-org/synapse#10771), [\#10773](matrix-org/synapse#10773), [\#10781](matrix-org/synapse#10781)) - Add an index to `presence_stream` to hopefully speed up startups a little. ([\#10748](matrix-org/synapse#10748)) - Refactor event size checking code to simplify searching the codebase for the origins of certain error strings that are occasionally emitted. ([\#10750](matrix-org/synapse#10750)) - Move tests relating to rooms having encryption out of the user directory tests. ([\#10752](matrix-org/synapse#10752)) - Use `attrs` internally for the URL preview code & update documentation. ([\#10753](matrix-org/synapse#10753)) - Minor speed ups when joining large rooms over federation. ([\#10754](matrix-org/synapse#10754), [\#10755](matrix-org/synapse#10755), [\#10756](matrix-org/synapse#10756), [\#10780](matrix-org/synapse#10780), [\#10784](matrix-org/synapse#10784)) - Add a constant for `m.federate`. ([\#10775](matrix-org/synapse#10775)) - Add a script to update the Debian changelog in a Docker container for systems that are not Debian-based. ([\#10778](matrix-org/synapse#10778)) - Change the format of authenticated users in logs when a user is being puppeted by and admin user. ([\#10779](matrix-org/synapse#10779)) - Remove fixed and flakey tests from the Sytest blacklist. ([\#10788](matrix-org/synapse#10788)) - Improve internal details of the user directory code. ([\#10789](matrix-org/synapse#10789)) - Use direct references to config flags. ([\#10798](matrix-org/synapse#10798)) - Ensure the Rust reporter passes type checking with jaeger-client 4.7's type annotations. ([\#10799](matrix-org/synapse#10799)) Synapse 1.42.0 (2021-09-07) =========================== This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420). No significant changes since 1.42.0rc2. Synapse 1.42.0rc2 (2021-09-06) ============================== Features -------- - Support room version 9 from [MSC3375](matrix-org/matrix-spec-proposals#3375). ([\#10747](matrix-org/synapse#10747)) Internal Changes ---------------- - Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](matrix-org/synapse#10768)) Synapse 1.42.0rc1 (2021-09-01) ============================== Features -------- - Add support for [MSC3231](matrix-org/matrix-spec-proposals#3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. ([\#10142](matrix-org/synapse#10142)) - Add support for [MSC3283](matrix-org/matrix-spec-proposals#3283): Expose `enable_set_displayname` in capabilities. ([\#10452](matrix-org/synapse#10452)) - Port the `PresenceRouter` module interface to the new generic interface. ([\#10524](matrix-org/synapse#10524)) - Add pagination to the spaces summary based on updates to [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\#10613](matrix-org/synapse#10613), [\#10725](matrix-org/synapse#10725)) Bugfixes -------- - Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\#10232](matrix-org/synapse#10232)) - Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\#10561](matrix-org/synapse#10561)) - Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\#10581](matrix-org/synapse#10581), [\#10734](matrix-org/synapse#10734)) - Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\#10593](matrix-org/synapse#10593)) - Rooms with unsupported room versions are no longer returned via `/sync`. ([\#10644](matrix-org/synapse#10644)) - Enforce the maximum length for per-room display names and avatar URLs. ([\#10654](matrix-org/synapse#10654)) - Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\#10677](matrix-org/synapse#10677)) - Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\#10679](matrix-org/synapse#10679)) - Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating. ([\#10684](matrix-org/synapse#10684)) - Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang. ([\#10703](matrix-org/synapse#10703)) - Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\#10713](matrix-org/synapse#10713)) Improved Documentation ---------------------- - Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\#10192](matrix-org/synapse#10192)) - Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\#10595](matrix-org/synapse#10595)) - Fix some of the titles not rendering in the OpenID Connect documentation. ([\#10639](matrix-org/synapse#10639)) - Minor clarifications to the documentation for reverse proxies. ([\#10708](matrix-org/synapse#10708)) - Remove table of contents from the top of installation and contributing documentation pages. ([\#10711](matrix-org/synapse#10711)) Deprecations and Removals ------------------------- - Remove deprecated Shutdown Room and Purge Room Admin API. ([\#8830](matrix-org/synapse#8830)) Internal Changes ---------------- - Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\#10608](matrix-org/synapse#10608)) - Clean up some of the federation event authentication code for clarity. ([\#10614](matrix-org/synapse#10614), [\#10615](matrix-org/synapse#10615), [\#10624](matrix-org/synapse#10624), [\#10640](matrix-org/synapse#10640)) - Add a comment asking developers to leave a reason when bumping the database schema version. ([\#10621](matrix-org/synapse#10621)) - Remove not needed database updates in modify user admin API. ([\#10627](matrix-org/synapse#10627)) - Convert room member storage tuples to `attrs` classes. ([\#10629](matrix-org/synapse#10629), [\#10642](matrix-org/synapse#10642)) - Use auto-attribs for the attrs classes used in sync. ([\#10630](matrix-org/synapse#10630)) - Make `backfill` and `get_missing_events` use the same codepath. ([\#10645](matrix-org/synapse#10645)) - Improve the performance of the `/hierarchy` API (from [MSC2946](matrix-org/matrix-spec-proposals#2946)) by caching responses received over federation. ([\#10647](matrix-org/synapse#10647)) - Run a nightly CI build against Twisted trunk. ([\#10651](matrix-org/synapse#10651), [\#10672](matrix-org/synapse#10672)) - Do not print out stack traces for network errors when fetching data over federation. ([\#10662](matrix-org/synapse#10662)) - Simplify tests for device admin rest API. ([\#10664](matrix-org/synapse#10664)) - Add missing type hints to REST servlets. ([\#10665](matrix-org/synapse#10665), [\#10666](matrix-org/synapse#10666), [\#10674](matrix-org/synapse#10674)) - Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\#10667](matrix-org/synapse#10667)) - Update `complement.sh` to rebuild the base Docker image when run with workers. ([\#10686](matrix-org/synapse#10686)) - Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\#10692](matrix-org/synapse#10692)) - Remove unused `compare_digest` function. ([\#10706](matrix-org/synapse#10706))
Fizzadar
pushed a commit
to Fizzadar/synapse
that referenced
this pull request
Oct 26, 2021
Synapse 1.42.0 (2021-09-07) =========================== This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420). No significant changes since 1.42.0rc2. Synapse 1.42.0rc2 (2021-09-06) ============================== Features -------- - Support room version 9 from [MSC3375](matrix-org/matrix-spec-proposals#3375). ([\matrix-org#10747](matrix-org#10747)) Internal Changes ---------------- - Print a warning when using one of the deprecated `template_dir` settings. ([\matrix-org#10768](matrix-org#10768)) Synapse 1.42.0rc1 (2021-09-01) ============================== Features -------- - Add support for [MSC3231](matrix-org/matrix-spec-proposals#3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. ([\matrix-org#10142](matrix-org#10142)) - Add support for [MSC3283](matrix-org/matrix-spec-proposals#3283): Expose `enable_set_displayname` in capabilities. ([\matrix-org#10452](matrix-org#10452)) - Port the `PresenceRouter` module interface to the new generic interface. ([\matrix-org#10524](matrix-org#10524)) - Add pagination to the spaces summary based on updates to [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\matrix-org#10613](matrix-org#10613), [\matrix-org#10725](matrix-org#10725)) Bugfixes -------- - Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\matrix-org#10232](matrix-org#10232)) - Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\matrix-org#10561](matrix-org#10561)) - Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\matrix-org#10581](matrix-org#10581), [\matrix-org#10734](matrix-org#10734)) - Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\matrix-org#10593](matrix-org#10593)) - Rooms with unsupported room versions are no longer returned via `/sync`. ([\matrix-org#10644](matrix-org#10644)) - Enforce the maximum length for per-room display names and avatar URLs. ([\matrix-org#10654](matrix-org#10654)) - Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\matrix-org#10677](matrix-org#10677)) - Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\matrix-org#10679](matrix-org#10679)) - Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating. ([\matrix-org#10684](matrix-org#10684)) - Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang. ([\matrix-org#10703](matrix-org#10703)) - Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\matrix-org#10713](matrix-org#10713)) Improved Documentation ---------------------- - Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\matrix-org#10192](matrix-org#10192)) - Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\matrix-org#10595](matrix-org#10595)) - Fix some of the titles not rendering in the OpenID Connect documentation. ([\matrix-org#10639](matrix-org#10639)) - Minor clarifications to the documentation for reverse proxies. ([\matrix-org#10708](matrix-org#10708)) - Remove table of contents from the top of installation and contributing documentation pages. ([\matrix-org#10711](matrix-org#10711)) Deprecations and Removals ------------------------- - Remove deprecated Shutdown Room and Purge Room Admin API. ([\matrix-org#8830](matrix-org#8830)) Internal Changes ---------------- - Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\matrix-org#10608](matrix-org#10608)) - Clean up some of the federation event authentication code for clarity. ([\matrix-org#10614](matrix-org#10614), [\matrix-org#10615](matrix-org#10615), [\matrix-org#10624](matrix-org#10624), [\matrix-org#10640](matrix-org#10640)) - Add a comment asking developers to leave a reason when bumping the database schema version. ([\matrix-org#10621](matrix-org#10621)) - Remove not needed database updates in modify user admin API. ([\matrix-org#10627](matrix-org#10627)) - Convert room member storage tuples to `attrs` classes. ([\matrix-org#10629](matrix-org#10629), [\matrix-org#10642](matrix-org#10642)) - Use auto-attribs for the attrs classes used in sync. ([\matrix-org#10630](matrix-org#10630)) - Make `backfill` and `get_missing_events` use the same codepath. ([\matrix-org#10645](matrix-org#10645)) - Improve the performance of the `/hierarchy` API (from [MSC2946](matrix-org/matrix-spec-proposals#2946)) by caching responses received over federation. ([\matrix-org#10647](matrix-org#10647)) - Run a nightly CI build against Twisted trunk. ([\matrix-org#10651](matrix-org#10651), [\matrix-org#10672](matrix-org#10672)) - Do not print out stack traces for network errors when fetching data over federation. ([\matrix-org#10662](matrix-org#10662)) - Simplify tests for device admin rest API. ([\matrix-org#10664](matrix-org#10664)) - Add missing type hints to REST servlets. ([\matrix-org#10665](matrix-org#10665), [\matrix-org#10666](matrix-org#10666), [\matrix-org#10674](matrix-org#10674)) - Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\matrix-org#10667](matrix-org#10667)) - Update `complement.sh` to rebuild the base Docker image when run with workers. ([\matrix-org#10686](matrix-org#10686)) - Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\matrix-org#10692](matrix-org#10692)) - Remove unused `compare_digest` function. ([\matrix-org#10706](matrix-org#10706))
Fizzadar
pushed a commit
to Fizzadar/synapse
that referenced
this pull request
Oct 26, 2021
Synapse 1.44.0 (2021-10-05) =========================== No significant changes since 1.44.0rc3. Synapse 1.44.0rc3 (2021-10-04) ============================== Bugfixes -------- - Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error. ([\matrix-org#10933](matrix-org#10933)) - Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\matrix-org#10968](matrix-org#10968)) Synapse 1.44.0rc2 (2021-09-30) ============================== Bugfixes -------- - Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint to return a 500 error. ([\matrix-org#10938](matrix-org#10938)) - Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\matrix-org#10944](matrix-org#10944)) Improved Documentation ---------------------- - Minor updates to the installation instructions. ([\matrix-org#10919](matrix-org#10919)) Synapse 1.44.0rc1 (2021-09-29) ============================== Features -------- - Only allow the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event. ([\matrix-org#10776](matrix-org#10776)) - Improve oEmbed URL previews by processing the author name, photo, and video information. ([\matrix-org#10814](matrix-org#10814), [\matrix-org#10819](matrix-org#10819)) - Speed up responding with large JSON objects to requests. ([\matrix-org#10868](matrix-org#10868), [\matrix-org#10905](matrix-org#10905)) - Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. ([\matrix-org#10898](matrix-org#10898)) Bugfixes -------- - Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\matrix-org#10690](matrix-org#10690)) - Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\matrix-org#10782](matrix-org#10782)) - Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\matrix-org#10807](matrix-org#10807)) - Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\matrix-org#10810](matrix-org#10810)) - Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters. ([\matrix-org#10827](matrix-org#10827)) - Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using SQLite. ([\matrix-org#10843](matrix-org#10843)) - Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\matrix-org#10859](matrix-org#10859)) - Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database. ([\matrix-org#10873](matrix-org#10873)) - Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper. ([\matrix-org#10875](matrix-org#10875)) - Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked. ([\matrix-org#10881](matrix-org#10881)) - Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\matrix-org#10907](matrix-org#10907)) - Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured storage providers to reclaim space. ([\matrix-org#10911](matrix-org#10911)) - Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\matrix-org#10913](matrix-org#10913)) Improved Documentation ---------------------- - Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\matrix-org#10845](matrix-org#10845)) - Add developer documentation about experimental configuration flags. ([\matrix-org#10865](matrix-org#10865)) - Properly remove deleted files from GitHub pages when generating the documentation. ([\matrix-org#10869](matrix-org#10869)) Internal Changes ---------------- - Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\matrix-org#10659](matrix-org#10659)) - Split out [MSC2716](matrix-org/matrix-spec-proposals#2716) meta events to their own fields in the `/batch_send` response. ([\matrix-org#10777](matrix-org#10777)) - Add missing type hints to REST servlets. ([\matrix-org#10785](matrix-org#10785), [\matrix-org#10817](matrix-org#10817)) - Simplify the internal logic which maintains the user directory database tables. ([\matrix-org#10796](matrix-org#10796)) - Use direct references to config flags. ([\matrix-org#10812](matrix-org#10812), [\matrix-org#10885](matrix-org#10885), [\matrix-org#10893](matrix-org#10893), [\matrix-org#10897](matrix-org#10897)) - Specify the type of token in generic "Invalid token" error messages. ([\matrix-org#10815](matrix-org#10815)) - Make `StateFilter` frozen so it is hashable. ([\matrix-org#10816](matrix-org#10816)) - Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\matrix-org#10820](matrix-org#10820)) - Add type hints to the state database. ([\matrix-org#10823](matrix-org#10823)) - Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you haven't synced recently. ([\matrix-org#10826](matrix-org#10826)) - Track cache eviction rates more finely in Prometheus's monitoring. ([\matrix-org#10829](matrix-org#10829)) - Add missing type hints to `synapse.handlers`. ([\matrix-org#10831](matrix-org#10831), [\matrix-org#10856](matrix-org#10856)) - Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\matrix-org#10833](matrix-org#10833)) - Factor out PNG image data to a constant to be used in several tests. ([\matrix-org#10834](matrix-org#10834)) - Add a test to ensure state events sent by modules get persisted correctly. ([\matrix-org#10835](matrix-org#10835)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint. ([\matrix-org#10838](matrix-org#10838)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`. ([\matrix-org#10839](matrix-org#10839)) - Add type hints to `synapse.http.site`. ([\matrix-org#10867](matrix-org#10867)) - Include outlier status when we log V2 or V3 events. ([\matrix-org#10879](matrix-org#10879)) - Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\matrix-org#10829](matrix-org#10829). ([\matrix-org#10880](matrix-org#10880)) - Clean up some of the federation event authentication code for clarity. ([\matrix-org#10883](matrix-org#10883), [\matrix-org#10884](matrix-org#10884), [\matrix-org#10896](matrix-org#10896), [\matrix-org#10901](matrix-org#10901)) - Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](matrix-org/matrix-spec-proposals#3231). ([\matrix-org#10887](matrix-org#10887)) - Clean up some unnecessary parentheses in places around the codebase. ([\matrix-org#10889](matrix-org#10889)) - Improve type hinting in the user directory code. ([\matrix-org#10891](matrix-org#10891)) - Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\matrix-org#10906](matrix-org#10906)) - Document and summarize changes in schema version `61` – `64`. ([\matrix-org#10917](matrix-org#10917)) - Update release script to sign the newly created git tags. ([\matrix-org#10925](matrix-org#10925)) - Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\matrix-org#10931](matrix-org#10931))
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Nov 19, 2021
Synapse 1.47.0 (2021-11-17) =========================== No significant changes since 1.47.0rc3. Synapse 1.47.0rc3 (2021-11-16) ============================== Bugfixes -------- - Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. ([\#11346](matrix-org/synapse#11346)) - Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version. ([\#11303](matrix-org/synapse#11303), [\#11353](matrix-org/synapse#11353)) Synapse 1.47.0rc2 (2021-11-10) ============================== This fixes an issue with publishing the Debian packages for 1.47.0rc1. It is otherwise identical to 1.47.0rc1. Synapse 1.47.0rc1 (2021-11-09) ============================== Deprecations and Removals ------------------------- - The `user_may_create_room_with_invites` module callback is now deprecated. Please refer to the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1470) for more information. ([\#11206](matrix-org/synapse#11206)) - Remove deprecated admin API to delete rooms (`POST /_synapse/admin/v1/rooms/<room_id>/delete`). ([\#11213](matrix-org/synapse#11213)) Features -------- - Advertise support for Client-Server API r0.6.1. ([\#11097](matrix-org/synapse#11097)) - Add search by room ID and room alias to the List Room admin API. ([\#11099](matrix-org/synapse#11099)) - Add an `on_new_event` third-party rules callback to allow Synapse modules to act after an event has been sent into a room. ([\#11126](matrix-org/synapse#11126)) - Add a module API method to update a user's membership in a room. ([\#11147](matrix-org/synapse#11147)) - Add metrics for thread pool usage. ([\#11178](matrix-org/synapse#11178)) - Support the stable room type field for [MSC3288](matrix-org/matrix-spec-proposals#3288). ([\#11187](matrix-org/synapse#11187)) - Add a module API method to retrieve the current state of a room. ([\#11204](matrix-org/synapse#11204)) - Calculate a default value for `public_baseurl` based on `server_name`. ([\#11210](matrix-org/synapse#11210)) - Add support for serving `/.well-known/matrix/server` files, to redirect federation traffic to port 443. ([\#11211](matrix-org/synapse#11211)) - Add admin APIs to pause, start and check the status of background updates. ([\#11263](matrix-org/synapse#11263)) Bugfixes -------- - Fix a long-standing bug which allowed hidden devices to receive to-device messages, resulting in unnecessary database bloat. ([\#10097](matrix-org/synapse#10097)) - Fix a long-standing bug where messages in the `device_inbox` table for deleted devices would persist indefinitely. Contributed by @dklimpel and @JohannesKleine. ([\#10969](matrix-org/synapse#10969), [\#11212](matrix-org/synapse#11212)) - Do not accept events if a third-party rule `check_event_allowed` callback raises an exception. ([\#11033](matrix-org/synapse#11033)) - Fix long-standing bug where verification requests could fail in certain cases if a federation whitelist was in place but did not include your own homeserver. ([\#11129](matrix-org/synapse#11129)) - Allow an empty list of `state_events_at_start` to be sent when using the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint and the author of the historical messages is already part of the current room state at the given `?prev_event_id`. ([\#11188](matrix-org/synapse#11188)) - Fix a bug introduced in Synapse 1.45.0 which prevented the `synapse_review_recent_signups` script from running. Contributed by @samuel-p. ([\#11191](matrix-org/synapse#11191)) - Delete `to_device` messages for hidden devices that will never be read, reducing database size. ([\#11199](matrix-org/synapse#11199)) - Fix a long-standing bug wherein a missing `Content-Type` header when downloading remote media would cause Synapse to throw an error. ([\#11200](matrix-org/synapse#11200)) - Fix a long-standing bug which could result in serialization errors and potentially duplicate transaction data when sending ephemeral events to application services. Contributed by @Fizzadar at Beeper. ([\#11207](matrix-org/synapse#11207)) - Fix a bug introduced in Synapse 1.35.0 which made it impossible to join rooms that return a `send_join` response containing floats. ([\#11217](matrix-org/synapse#11217)) - Fix long-standing bug where cross signing keys were not included in the response to `/r0/keys/query` the first time a remote user was queried. ([\#11234](matrix-org/synapse#11234)) - Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection. ([\#11240](matrix-org/synapse#11240)) - Fix a bug preventing Synapse from being rolled back to an earlier version when using workers. ([\#11255](matrix-org/synapse#11255), [\#11276](matrix-org/synapse#11276)) - Fix a bug introduced in Synapse 1.37.1 which caused a remote event being processed by a worker to not get processed on restart if the worker was killed. ([\#11262](matrix-org/synapse#11262)) - Only allow old Element/Riot Android clients to send read receipts without a request body. All other clients must include a request body as required by the specification. Contributed by @rogersheu. ([\#11157](matrix-org/synapse#11157)) Updates to the Docker image --------------------------- - Avoid changing user ID when started as a non-root user, and no explicit `UID` is set. ([\#11209](matrix-org/synapse#11209)) Improved Documentation ---------------------- - Improve example HAProxy config in the docs to properly handle HTTP `Host` headers with port information. This is required for federation over port 443 to work correctly. ([\#11128](matrix-org/synapse#11128)) - Add documentation for using Authentik as an OpenID Connect Identity Provider. Contributed by @samip5. ([\#11151](matrix-org/synapse#11151)) - Clarify lack of support for Windows. ([\#11198](matrix-org/synapse#11198)) - Improve code formatting and fix a few typos in docs. Contributed by @sumnerevans at Beeper. ([\#11221](matrix-org/synapse#11221)) - Add documentation for using LemonLDAP as an OpenID Connect Identity Provider. Contributed by @l00ptr. ([\#11257](matrix-org/synapse#11257)) Internal Changes ---------------- - Add type annotations for the `log_function` decorator. ([\#10943](matrix-org/synapse#10943)) - Add type hints to `synapse.events`. ([\#11098](matrix-org/synapse#11098)) - Remove and document unnecessary `RoomStreamToken` checks in application service ephemeral event code. ([\#11137](matrix-org/synapse#11137)) - Add type hints so that `synapse.http` passes `mypy` checks. ([\#11164](matrix-org/synapse#11164)) - Update scripts to pass Shellcheck lints. ([\#11166](matrix-org/synapse#11166)) - Add knock information in admin export. Contributed by Rafael Gonçalves. ([\#11171](matrix-org/synapse#11171)) - Add tests to check that `ClientIpStore.get_last_client_ip_by_device` and `get_user_ip_and_agents` combine database and in-memory data correctly. ([\#11179](matrix-org/synapse#11179)) - Refactor `Filter` to check different fields depending on the data type. ([\#11194](matrix-org/synapse#11194)) - Improve type hints for the relations datastore. ([\#11205](matrix-org/synapse#11205)) - Replace outdated links in the pull request checklist with links to the rendered documentation. ([\#11225](matrix-org/synapse#11225)) - Fix a bug in unit test `test_block_room_and_not_purge`. ([\#11226](matrix-org/synapse#11226)) - In `ObservableDeferred`, run observers in the order they were registered. ([\#11229](matrix-org/synapse#11229)) - Minor speed up to start up times and getting updates for groups by adding missing index to `local_group_updates.stream_id`. ([\#11231](matrix-org/synapse#11231)) - Add `twine` and `towncrier` as dev dependencies, as they're used by the release script. ([\#11233](matrix-org/synapse#11233)) - Allow `stream_writers.typing` config to be a list of one worker. ([\#11237](matrix-org/synapse#11237)) - Remove debugging statement in tests. ([\#11239](matrix-org/synapse#11239)) - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) historical messages backfilling in random order on remote homeservers. ([\#11244](matrix-org/synapse#11244)) - Add an additional test for the `cachedList` method decorator. ([\#11246](matrix-org/synapse#11246)) - Make minor correction to the type of `auth_checkers` callbacks. ([\#11253](matrix-org/synapse#11253)) - Clean up trivial aspects of the Debian package build tooling. ([\#11269](matrix-org/synapse#11269), [\#11273](matrix-org/synapse#11273)) - Blacklist new SyTest that checks that key uploads are valid pending the validation being implemented in Synapse. ([\#11270](matrix-org/synapse#11270)) Synapse 1.46.0 (2021-11-02) =========================== The cause of the [performance regression affecting Synapse 1.44](matrix-org/synapse#11049) has been identified and fixed. ([\#11177](matrix-org/synapse#11177)) Bugfixes -------- - Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. ([\#11196](matrix-org/synapse#11196)) Synapse 1.46.0rc1 (2021-10-27) ============================== Features -------- - Add support for Ubuntu 21.10 "Impish Indri". ([\#11024](matrix-org/synapse#11024)) - Port the Password Auth Providers module interface to the new generic interface. ([\#10548](matrix-org/synapse#10548), [\#11180](matrix-org/synapse#11180)) - Experimental support for the thread relation defined in [MSC3440](matrix-org/matrix-spec-proposals#3440). ([\#11088](matrix-org/synapse#11088), [\#11181](matrix-org/synapse#11181), [\#11192](matrix-org/synapse#11192)) - Users admin API can now also modify user type in addition to allowing it to be set on user creation. ([\#11174](matrix-org/synapse#11174)) Bugfixes -------- - Newly-created public rooms are now only assigned an alias if the room's creation has not been blocked by permission settings. Contributed by @AndrewFerr. ([\#10930](matrix-org/synapse#10930)) - Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#11001](matrix-org/synapse#11001), [\#11009](matrix-org/synapse#11009), [\#11012](matrix-org/synapse#11012)) - Fix 500 error on `/messages` when the server accumulates more than 5 backwards extremities at a given depth for a room. ([\#11027](matrix-org/synapse#11027)) - Fix a bug where setting a user's `external_id` via the admin API returns 500 and deletes user's existing external mappings if that external ID is already mapped. ([\#11051](matrix-org/synapse#11051)) - Fix a long-standing bug where users excluded from the user directory were added into the directory if they belonged to a room which became public or private. ([\#11075](matrix-org/synapse#11075)) - Fix a long-standing bug when attempting to preview URLs which are in the `windows-1252` character encoding. ([\#11077](matrix-org/synapse#11077), [\#11089](matrix-org/synapse#11089)) - Fix broken export-data admin command and add test script checking the command to CI. ([\#11078](matrix-org/synapse#11078)) - Show an error when timestamp in seconds is provided to the `/purge_media_cache` Admin API. ([\#11101](matrix-org/synapse#11101)) - Fix local users who left all their rooms being removed from the user directory, even if the `search_all_users` config option was enabled. ([\#11103](matrix-org/synapse#11103)) - Fix a bug which caused the module API's `get_user_ip_and_agents` function to always fail on workers. `get_user_ip_and_agents` was introduced in 1.44.0 and did not function correctly on worker processes at the time. ([\#11112](matrix-org/synapse#11112)) - Identity server connection is no longer ignoring `ip_range_whitelist`. ([\#11120](matrix-org/synapse#11120)) - Fix a bug introduced in Synapse 1.45.0 breaking the configuration file parsing script. ([\#11145](matrix-org/synapse#11145)) - Fix a performance regression introduced in 1.44.0 which could cause client requests to time out when making large numbers of outbound requests. ([\#11177](matrix-org/synapse#11177), [\#11190](matrix-org/synapse#11190)) - Resolve and share `state_groups` for all [MSC2716](matrix-org/matrix-spec-proposals#2716) historical events in batch. ([\#10975](matrix-org/synapse#10975)) Improved Documentation ---------------------- - Fix broken links relating to module API deprecation in the upgrade notes. ([\#11069](matrix-org/synapse#11069)) - Add more information about what happens when a user is deactivated. ([\#11083](matrix-org/synapse#11083)) - Clarify the the sample log config can be copied from the documentation without issue. ([\#11092](matrix-org/synapse#11092)) - Update the admin API documentation with an updated list of the characters allowed in registration tokens. ([\#11093](matrix-org/synapse#11093)) - Document Synapse's behaviour when dealing with multiple modules registering the same callbacks and/or handlers for the same HTTP endpoints. ([\#11096](matrix-org/synapse#11096)) - Fix instances of `[example]{.title-ref}` in the upgrade documentation as a result of prior RST to Markdown conversion. ([\#11118](matrix-org/synapse#11118)) - Document the version of Synapse each module callback was introduced in. ([\#11132](matrix-org/synapse#11132)) - Document the version of Synapse that introduced each module API method. ([\#11183](matrix-org/synapse#11183)) Internal Changes ---------------- - Fix spurious warnings about losing the logging context on the `ReplicationCommandHandler` when losing the replication connection. ([\#10984](matrix-org/synapse#10984)) - Include rejected status when we log events. ([\#11008](matrix-org/synapse#11008)) - Add some extra logging to the event persistence code. ([\#11014](matrix-org/synapse#11014)) - Rearrange the internal workings of the incremental user directory updates. ([\#11035](matrix-org/synapse#11035)) - Fix a long-standing bug where users excluded from the directory could still be added to the `users_who_share_private_rooms` table after a regular user joins a private room. ([\#11143](matrix-org/synapse#11143)) - Add and improve type hints. ([\#10972](matrix-org/synapse#10972), [\#11055](matrix-org/synapse#11055), [\#11066](matrix-org/synapse#11066), [\#11076](matrix-org/synapse#11076), [\#11095](matrix-org/synapse#11095), [\#11109](matrix-org/synapse#11109), [\#11121](matrix-org/synapse#11121), [\#11146](matrix-org/synapse#11146)) - Mark the Synapse package as containing type annotations and fix export declarations so that Synapse pluggable modules may be type checked against Synapse. ([\#11054](matrix-org/synapse#11054)) - Remove dead code from `MediaFilePaths`. ([\#11056](matrix-org/synapse#11056)) - Be more lenient when parsing oEmbed response versions. ([\#11065](matrix-org/synapse#11065)) - Create a separate module for the retention configuration. ([\#11070](matrix-org/synapse#11070)) - Clean up some of the federation event authentication code for clarity. ([\#11115](matrix-org/synapse#11115), [\#11116](matrix-org/synapse#11116), [\#11122](matrix-org/synapse#11122)) - Add docstrings and comments to the application service ephemeral event sending code. ([\#11138](matrix-org/synapse#11138)) - Update the `sign_json` script to support inline configuration of the signing key. ([\#11139](matrix-org/synapse#11139)) - Fix broken link in the docker image README. ([\#11144](matrix-org/synapse#11144)) - Always dump logs from unit tests during CI runs. ([\#11068](matrix-org/synapse#11068)) - Add tests for `MediaFilePaths` class. ([\#11057](matrix-org/synapse#11057)) - Simplify the user admin API tests. ([\#11048](matrix-org/synapse#11048)) - Add a test for the workaround introduced in [\#11042](matrix-org/synapse#11042) concerning the behaviour of third-party rule modules and `SynapseError`s. ([\#11071](matrix-org/synapse#11071)) Synapse 1.45.1 (2021-10-20) =========================== Bugfixes -------- - Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. ([\#11127](matrix-org/synapse#11127)) Synapse 1.45.0 (2021-10-19) =========================== No functional changes since Synapse 1.45.0rc2. Known Issues ------------ - A suspected [performance regression](matrix-org/synapse#11049) which was first reported after the release of 1.44.0 remains unresolved. We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression. Improved Documentation ---------------------- - Reword changelog to clarify concerns about a suspected performance regression in 1.44.0. ([\#11117](matrix-org/synapse#11117)) Synapse 1.45.0rc2 (2021-10-14) ============================== This release candidate [fixes](matrix-org/synapse#11053) a user directory [bug](matrix-org/synapse#11025) present in 1.45.0rc1. Known Issues ------------ - A suspected [performance regression](matrix-org/synapse#11049) which was first reported after the release of 1.44.0 remains unresolved. We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression. Bugfixes -------- - Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down `/sync` due to a race. ([\#11045](matrix-org/synapse#11045)) - Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a user not in the `users` table. ([\#11053](matrix-org/synapse#11053)) - Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. ([\#11061](matrix-org/synapse#11061)) Internal Changes ---------------- - Add an 'approximate difference' method to `StateFilter`. ([\#10825](matrix-org/synapse#10825)) - Fix inconsistent behavior of `get_last_client_by_ip` when reporting data that has not been stored in the database yet. ([\#10970](matrix-org/synapse#10970)) - Fix a bug introduced in Synapse 1.21.0 that causes opentracing and Prometheus metrics for replication requests to be measured incorrectly. ([\#10996](matrix-org/synapse#10996)) - Ensure that cache config tests do not share state. ([\#11036](matrix-org/synapse#11036)) Synapse 1.45.0rc1 (2021-10-12) ============================== **Note:** Media storage providers module that read from Synapse's configuration need changes as of this version, see the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1450) for more information. Known Issues ------------ - We are investigating [a performance issue](matrix-org/synapse#11049) which was reported after the release of 1.44.0. - We are aware of [a bug](matrix-org/synapse#11025) with the user directory when using application services. A second release candidate is expected which will resolve this. Features -------- - Add [MSC3069](matrix-org/matrix-spec-proposals#3069) support to `/account/whoami`. ([\#9655](matrix-org/synapse#9655)) - Support autodiscovery of oEmbed previews. ([\#10822](matrix-org/synapse#10822)) - Add a `user_may_send_3pid_invite` spam checker callback for modules to allow or deny 3PID invites. ([\#10894](matrix-org/synapse#10894)) - Add a spam checker callback to allow or deny room joins. ([\#10910](matrix-org/synapse#10910)) - Include an `update_synapse_database` script in the distribution. Contributed by @Fizzadar at Beeper. ([\#10954](matrix-org/synapse#10954)) - Include exception information in JSON logging output. Contributed by @Fizzadar at Beeper. ([\#11028](matrix-org/synapse#11028)) Bugfixes -------- - Fix a minor bug in the response to `/_matrix/client/r0/voip/turnServer`. Contributed by @lukaslihotzki. ([\#10922](matrix-org/synapse#10922)) - Fix a bug where empty `yyyy-mm-dd/` directories would be left behind in the media store's `url_cache_thumbnails/` directory. ([\#10924](matrix-org/synapse#10924)) - Fix a bug introduced in Synapse v1.40.0 where the signature checks for room version 8 and 9 could be applied to earlier room versions in some situations. ([\#10927](matrix-org/synapse#10927)) - Fix a long-standing bug wherein deactivated users still count towards the monthly active users limit. ([\#10947](matrix-org/synapse#10947)) - Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#10956](matrix-org/synapse#10956)) - Fix a long-standing bug where rebuilding the user directory wouldn't exclude support and deactivated users. ([\#10960](matrix-org/synapse#10960)) - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint rejecting subsequent batches with unknown batch ID error in existing room versions from the room creator. ([\#10962](matrix-org/synapse#10962)) - Fix a bug that could leak local users' per-room nicknames and avatars when the user directory is rebuilt. ([\#10981](matrix-org/synapse#10981)) - Fix a long-standing bug where the remainder of a batch of user directory changes would be silently dropped if the server left a room early in the batch. ([\#10982](matrix-org/synapse#10982)) - Correct a bugfix introduced in Synapse v1.44.0 that would catch the wrong error if a connection is lost before a response could be written to it. ([\#10995](matrix-org/synapse#10995)) - Fix a long-standing bug where local users' per-room nicknames/avatars were visible to anyone who could see you in the user directory. ([\#11002](matrix-org/synapse#11002)) - Fix a long-standing bug where a user's per-room nickname/avatar would overwrite their profile in the user directory when a room was made public. ([\#11003](matrix-org/synapse#11003)) - Work around a regression, introduced in Synapse v1.39.0, that caused `SynapseError`s raised by the experimental third-party rules module callback `check_event_allowed` to be ignored. ([\#11042](matrix-org/synapse#11042)) - Fix a bug in [MSC2716](matrix-org/matrix-spec-proposals#2716) insertion events in rooms that could cause cross-talk/conflicts between batches. ([\#10877](matrix-org/synapse#10877)) Improved Documentation ---------------------- - Change wording ("reference homeserver") in Synapse repository documentation. Contributed by @maxkratz. ([\#10971](matrix-org/synapse#10971)) - Fix a dead URL in development documentation (SAML) and change wording from "Riot" to "Element". Contributed by @maxkratz. ([\#10973](matrix-org/synapse#10973)) - Add additional content to the Welcome and Overview page of the documentation. ([\#10990](matrix-org/synapse#10990)) - Update links to MSCs in documentation. Contributed by @dklimpel. ([\#10991](matrix-org/synapse#10991)) Internal Changes ---------------- - Improve type hinting in `synapse.util`. ([\#10888](matrix-org/synapse#10888)) - Add further type hints to `synapse.storage.util`. ([\#10892](matrix-org/synapse#10892)) - Fix type hints to be compatible with an upcoming change to Twisted. ([\#10895](matrix-org/synapse#10895)) - Update utility code to handle C implementations of frozendict. ([\#10902](matrix-org/synapse#10902)) - Drop old functionality which maintained database compatibility with Synapse versions before v1.31. ([\#10903](matrix-org/synapse#10903)) - Clean-up configuration helper classes for the `ServerConfig` class. ([\#10915](matrix-org/synapse#10915)) - Use direct references to config flags. ([\#10916](matrix-org/synapse#10916), [\#10959](matrix-org/synapse#10959), [\#10985](matrix-org/synapse#10985)) - Clean up some of the federation event authentication code for clarity. ([\#10926](matrix-org/synapse#10926), [\#10940](matrix-org/synapse#10940), [\#10986](matrix-org/synapse#10986), [\#10987](matrix-org/synapse#10987), [\#10988](matrix-org/synapse#10988), [\#11010](matrix-org/synapse#11010), [\#11011](matrix-org/synapse#11011)) - Refactor various parts of the codebase to use `RoomVersion` objects instead of room version identifier strings. ([\#10934](matrix-org/synapse#10934)) - Refactor user directory tests in preparation for upcoming changes. ([\#10935](matrix-org/synapse#10935)) - Include the event id in the logcontext when handling PDUs received over federation. ([\#10936](matrix-org/synapse#10936)) - Fix logged errors in unit tests. ([\#10939](matrix-org/synapse#10939)) - Fix a broken test to ensure that consent configuration works during registration. ([\#10945](matrix-org/synapse#10945)) - Add type hints to filtering classes. ([\#10958](matrix-org/synapse#10958)) - Add type-hint to `HomeserverTestcase.setup_test_homeserver`. ([\#10961](matrix-org/synapse#10961)) - Fix the test utility function `create_room_as` so that `is_public=True` will explicitly set the `visibility` parameter of room creation requests to `public`. Contributed by @AndrewFerr. ([\#10963](matrix-org/synapse#10963)) - Make the release script more robust and transparent. ([\#10966](matrix-org/synapse#10966)) - Refactor [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` mega function into smaller handler functions. ([\#10974](matrix-org/synapse#10974)) - Log stack traces when a missing opentracing span is detected. ([\#10983](matrix-org/synapse#10983)) - Update GHA config to run tests against Python 3.10 and PostgreSQL 14. ([\#10992](matrix-org/synapse#10992)) - Fix a long-standing bug where `ReadWriteLock`s could drop logging contexts on exit. ([\#10993](matrix-org/synapse#10993)) - Add a `CODEOWNERS` file to automatically request reviews from the `@matrix-org/synapse-core` team on new pull requests. ([\#10994](matrix-org/synapse#10994)) - Add further type hints to `synapse.state`. ([\#11004](matrix-org/synapse#11004)) - Remove the deprecated `BaseHandler` object. ([\#11005](matrix-org/synapse#11005)) - Bump mypy version for CI to 0.910, and pull in new type stubs for dependencies. ([\#11006](matrix-org/synapse#11006)) - Fix CI to run the unit tests without optional deps. ([\#11017](matrix-org/synapse#11017)) - Ensure that cache config tests do not share state. ([\#11019](matrix-org/synapse#11019)) - Add additional type hints to `synapse.server_notices`. ([\#11021](matrix-org/synapse#11021)) - Add additional type hints for `synapse.push`. ([\#11023](matrix-org/synapse#11023)) - When installing the optional developer dependencies, also include the dependencies needed for type-checking and unit testing. ([\#11034](matrix-org/synapse#11034)) - Remove unnecessary list comprehension from `synapse_port_db` to satisfy code style requirements. ([\#11043](matrix-org/synapse#11043)) Synapse 1.44.0 (2021-10-05) =========================== No significant changes since 1.44.0rc3. Synapse 1.44.0rc3 (2021-10-04) ============================== Bugfixes -------- - Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error. ([\#10933](matrix-org/synapse#10933)) - Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\#10968](matrix-org/synapse#10968)) Synapse 1.44.0rc2 (2021-09-30) ============================== Bugfixes -------- - Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint to return a 500 error. ([\#10938](matrix-org/synapse#10938)) - Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\#10944](matrix-org/synapse#10944)) Improved Documentation ---------------------- - Minor updates to the installation instructions. ([\#10919](matrix-org/synapse#10919)) Synapse 1.44.0rc1 (2021-09-29) ============================== Features -------- - Only allow the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event. ([\#10776](matrix-org/synapse#10776)) - Improve oEmbed URL previews by processing the author name, photo, and video information. ([\#10814](matrix-org/synapse#10814), [\#10819](matrix-org/synapse#10819)) - Speed up responding with large JSON objects to requests. ([\#10868](matrix-org/synapse#10868), [\#10905](matrix-org/synapse#10905)) - Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. ([\#10898](matrix-org/synapse#10898)) Bugfixes -------- - Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\#10690](matrix-org/synapse#10690)) - Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\#10782](matrix-org/synapse#10782)) - Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\#10807](matrix-org/synapse#10807)) - Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\#10810](matrix-org/synapse#10810)) - Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters. ([\#10827](matrix-org/synapse#10827)) - Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using SQLite. ([\#10843](matrix-org/synapse#10843)) - Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\#10859](matrix-org/synapse#10859)) - Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database. ([\#10873](matrix-org/synapse#10873)) - Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper. ([\#10875](matrix-org/synapse#10875)) - Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked. ([\#10881](matrix-org/synapse#10881)) - Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\#10907](matrix-org/synapse#10907)) - Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured storage providers to reclaim space. ([\#10911](matrix-org/synapse#10911)) - Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\#10913](matrix-org/synapse#10913)) Improved Documentation ---------------------- - Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\#10845](matrix-org/synapse#10845)) - Add developer documentation about experimental configuration flags. ([\#10865](matrix-org/synapse#10865)) - Properly remove deleted files from GitHub pages when generating the documentation. ([\#10869](matrix-org/synapse#10869)) Internal Changes ---------------- - Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\#10659](matrix-org/synapse#10659)) - Split out [MSC2716](matrix-org/matrix-spec-proposals#2716) meta events to their own fields in the `/batch_send` response. ([\#10777](matrix-org/synapse#10777)) - Add missing type hints to REST servlets. ([\#10785](matrix-org/synapse#10785), [\#10817](matrix-org/synapse#10817)) - Simplify the internal logic which maintains the user directory database tables. ([\#10796](matrix-org/synapse#10796)) - Use direct references to config flags. ([\#10812](matrix-org/synapse#10812), [\#10885](matrix-org/synapse#10885), [\#10893](matrix-org/synapse#10893), [\#10897](matrix-org/synapse#10897)) - Specify the type of token in generic "Invalid token" error messages. ([\#10815](matrix-org/synapse#10815)) - Make `StateFilter` frozen so it is hashable. ([\#10816](matrix-org/synapse#10816)) - Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\#10820](matrix-org/synapse#10820)) - Add type hints to the state database. ([\#10823](matrix-org/synapse#10823)) - Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you haven't synced recently. ([\#10826](matrix-org/synapse#10826)) - Track cache eviction rates more finely in Prometheus's monitoring. ([\#10829](matrix-org/synapse#10829)) - Add missing type hints to `synapse.handlers`. ([\#10831](matrix-org/synapse#10831), [\#10856](matrix-org/synapse#10856)) - Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\#10833](matrix-org/synapse#10833)) - Factor out PNG image data to a constant to be used in several tests. ([\#10834](matrix-org/synapse#10834)) - Add a test to ensure state events sent by modules get persisted correctly. ([\#10835](matrix-org/synapse#10835)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint. ([\#10838](matrix-org/synapse#10838)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`. ([\#10839](matrix-org/synapse#10839)) - Add type hints to `synapse.http.site`. ([\#10867](matrix-org/synapse#10867)) - Include outlier status when we log V2 or V3 events. ([\#10879](matrix-org/synapse#10879)) - Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\#10829](matrix-org/synapse#10829). ([\#10880](matrix-org/synapse#10880)) - Clean up some of the federation event authentication code for clarity. ([\#10883](matrix-org/synapse#10883), [\#10884](matrix-org/synapse#10884), [\#10896](matrix-org/synapse#10896), [\#10901](matrix-org/synapse#10901)) - Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](matrix-org/matrix-spec-proposals#3231). ([\#10887](matrix-org/synapse#10887)) - Clean up some unnecessary parentheses in places around the codebase. ([\#10889](matrix-org/synapse#10889)) - Improve type hinting in the user directory code. ([\#10891](matrix-org/synapse#10891)) - Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\#10906](matrix-org/synapse#10906)) - Document and summarize changes in schema version `61` – `64`. ([\#10917](matrix-org/synapse#10917)) - Update release script to sign the newly created git tags. ([\#10925](matrix-org/synapse#10925)) - Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\#10931](matrix-org/synapse#10931))
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Nov 24, 2021
chat/matrix-synapse: security update
Revisions pulled up:
- chat/matrix-synapse/Makefile 1.34-1.36
- chat/matrix-synapse/PLIST 1.18-1.19
- chat/matrix-synapse/distinfo 1.24,1.27-1.28
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Sat Oct 2 12:23:13 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.43.0
Synapse 1.43.0 (2021-09-21)
=============
This release drops support for the deprecated, unstable API for [MSC2858 (Multiple SSO Identity
Providers)](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), as well as the undocumented `experimental.msc2858_enabled` config
option. Client authors should update their clients to use the stable API, available since Synapse 1.30.
The documentation has been updated with configuration for routing `/spaces`, `/hierarchy` and `/summary` to workers. See [the upgrade
notes](https://github.com/matrix-org/synapse/blob/release-v1.43/docs/upgrade.md#upgrading-to-v1430) for more details.
No significant changes since 1.43.0rc2.
Synapse 1.43.0rc2 (2021-09-17)
===============
Bugfixes
--------
- Added opentracing logging to help debug [\#9424](https://github.com/matrix-org/synapse/issues/9424). ([\#10828](https://github.com/matrix-org/synapse/issues/10828))
Synapse 1.43.0rc1 (2021-09-14)
===============
Features
--------
- Allow room creators to send historical events specified by [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) in existing room versions.
([\#10566](https://github.com/matrix-org/synapse/issues/10566))
- Add config option to use non-default manhole password and keys. ([\#10643](https://github.com/matrix-org/synapse/issues/10643))
- Skip final GC at shutdown to improve restart performance. ([\#10712](https://github.com/matrix-org/synapse/issues/10712))
- Allow configuration of the oEmbed URLs used for URL previews. ([\#10714](https://github.com/matrix-org/synapse/issues/10714), [\#10759](https://github.com/matrix-org/synapse/issues/10759))
- Prefer [room version 9](https://github.com/matrix-org/matrix-doc/pull/3375) for restricted rooms per the [room version capabilities](https://github.com/matrix-org/matrix-doc/pull/3244) API.
([\#10772](https://github.com/matrix-org/synapse/issues/10772))
Bugfixes
--------
- Fix a long-standing bug where room avatars were not included in email notifications. ([\#10658](https://github.com/matrix-org/synapse/issues/10658))
- Fix a bug where the ordering algorithm was skipping the `origin_server_ts` step in the spaces summary resulting in unstable room orderings.
([\#10730](https://github.com/matrix-org/synapse/issues/10730))
- Fix edge case when persisting events into a room where there are multiple events we previously hadn't calculated auth chains for (and hadn't marked as needing to be calculated).
([\#10743](https://github.com/matrix-org/synapse/issues/10743))
- Fix a bug which prevented calls to `/createRoom` that included the `room_alias_name` parameter from being handled by worker processes. ([\#10757](https://github.com/matrix-org/synapse/issues/10757))
- Fix a bug which prevented user registration via SSO to require consent tracking for SSO mapping providers that don't prompt for Matrix ID selection. Contributed by @AndrewFerr.
([\#10733](https://github.com/matrix-org/synapse/issues/10733))
- Only return the stripped state events for the `m.space.child` events in a room for the spaces summary from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946).
([\#10760](https://github.com/matrix-org/synapse/issues/10760))
- Properly handle room upgrades of spaces. ([\#10774](https://github.com/matrix-org/synapse/issues/10774))
- Fix a bug which generated invalid homeserver config when the `frontend_proxy` worker type was passed to the Synapse Worker-based Complement image.
([\#10783](https://github.com/matrix-org/synapse/issues/10783))
Improved Documentation
----------------------
- Minor fix to the `media_repository` developer documentation. Contributed by @cuttingedge1109. ([\#10556](https://github.com/matrix-org/synapse/issues/10556))
- Update the documentation to note that the `/spaces` and `/hierarchy` endpoints can be routed to workers. ([\#10648](https://github.com/matrix-org/synapse/issues/10648))
- Clarify admin API documentation on undoing room deletions. ([\#10735](https://github.com/matrix-org/synapse/issues/10735))
- Split up the modules documentation and add examples for module developers. ([\#10758](https://github.com/matrix-org/synapse/issues/10758))
- Correct 2 typographical errors in the [Log Contexts documentation](https://matrix-org.github.io/synapse/latest/log_contexts.html). ([\#10795](https://github.com/matrix-org/synapse/issues/10795))
- Fix a wording mistake in the sample configuration. Contributed by @bramvdnheuvel:nltrix.net. ([\#10804](https://github.com/matrix-org/synapse/issues/10804))
Deprecations and Removals
-------------------------
- Remove the [unstable MSC2858 API](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), including the undocumented
`experimental.msc2858_enabled` config option. The unstable API has been deprecated since Synapse 1.35. Client authors should update their clients to use the stable API introduced in Synapse 1.30 if
they have not already done so. ([\#10693](https://github.com/matrix-org/synapse/issues/10693))
Internal Changes
----------------
- Add OpenTracing logging to help debug stuck messages (as described by issue [#9424](https://github.com/matrix-org/synapse/issues/9424)).
([\#10704](https://github.com/matrix-org/synapse/issues/10704))
- Add type annotations to the `synapse.util` package. ([\#10601](https://github.com/matrix-org/synapse/issues/10601))
- Ensure `rooms.creator` field is always populated for easy lookup in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) usage later.
([\#10697](https://github.com/matrix-org/synapse/issues/10697))
- Add missing type hints to REST servlets. ([\#10707](https://github.com/matrix-org/synapse/issues/10707), [\#10728](https://github.com/matrix-org/synapse/issues/10728),
[\#10736](https://github.com/matrix-org/synapse/issues/10736))
- Do not include rooms with unknown room versions in the spaces summary results. ([\#10727](https://github.com/matrix-org/synapse/issues/10727))
- Additional error checking for the `preset` field when creating a room. ([\#10738](https://github.com/matrix-org/synapse/issues/10738))
- Clean up some of the federation event authentication code for clarity. ([\#10744](https://github.com/matrix-org/synapse/issues/10744), [\#10745](https://github.com/matrix-org/synapse/issues/10745),
[\#10746](https://github.com/matrix-org/synapse/issues/10746), [\#10771](https://github.com/matrix-org/synapse/issues/10771), [\#10773](https://github.com/matrix-org/synapse/issues/10773),
[\#10781](https://github.com/matrix-org/synapse/issues/10781))
- Add an index to `presence_stream` to hopefully speed up startups a little. ([\#10748](https://github.com/matrix-org/synapse/issues/10748))
- Refactor event size checking code to simplify searching the codebase for the origins of certain error strings that are occasionally emitted.
([\#10750](https://github.com/matrix-org/synapse/issues/10750))
- Move tests relating to rooms having encryption out of the user directory tests. ([\#10752](https://github.com/matrix-org/synapse/issues/10752))
- Use `attrs` internally for the URL preview code & update documentation. ([\#10753](https://github.com/matrix-org/synapse/issues/10753))
- Minor speed ups when joining large rooms over federation. ([\#10754](https://github.com/matrix-org/synapse/issues/10754), [\#10755](https://github.com/matrix-org/synapse/issues/10755),
[\#10756](https://github.com/matrix-org/synapse/issues/10756), [\#10780](https://github.com/matrix-org/synapse/issues/10780), [\#10784](https://github.com/matrix-org/synapse/issues/10784))
- Add a constant for `m.federate`. ([\#10775](https://github.com/matrix-org/synapse/issues/10775))
- Add a script to update the Debian changelog in a Docker container for systems that are not Debian-based. ([\#10778](https://github.com/matrix-org/synapse/issues/10778))
- Change the format of authenticated users in logs when a user is being puppeted by and admin user. ([\#10779](https://github.com/matrix-org/synapse/issues/10779))
- Remove fixed and flakey tests from the Sytest blacklist. ([\#10788](https://github.com/matrix-org/synapse/issues/10788))
- Improve internal details of the user directory code. ([\#10789](https://github.com/matrix-org/synapse/issues/10789))
- Use direct references to config flags. ([\#10798](https://github.com/matrix-org/synapse/issues/10798))
- Ensure the Rust reporter passes type checking with jaeger-client 4.7's type annotations. ([\#10799](https://github.com/matrix-org/synapse/issues/10799))
Synapse 1.42.0 (2021-09-07)
=============
This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For
more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420).
No significant changes since 1.42.0rc2.
Synapse 1.42.0rc2 (2021-09-06)
===============
Features
--------
- Support room version 9 from [MSC3375](https://github.com/matrix-org/matrix-doc/pull/3375). ([\#10747](https://github.com/matrix-org/synapse/issues/10747))
Internal Changes
----------------
- Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](https://github.com/matrix-org/synapse/issues/10768))
Synapse 1.42.0rc1 (2021-09-01)
===============
Features
--------
- Add support for [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate
themselves. Contributed by Callum Brown. ([\#10142](https://github.com/matrix-org/synapse/issues/10142))
- Add support for [MSC3283](https://github.com/matrix-org/matrix-doc/pull/3283): Expose `enable_set_displayname` in capabilities. ([\#10452](https://github.com/matrix-org/synapse/issues/10452))
- Port the `PresenceRouter` module interface to the new generic interface. ([\#10524](https://github.com/matrix-org/synapse/issues/10524))
- Add pagination to the spaces summary based on updates to [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946). ([\#10613](https://github.com/matrix-org/synapse/issues/10613),
[\#10725](https://github.com/matrix-org/synapse/issues/10725))
Bugfixes
--------
- Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\#10232](https://github.com/matrix-org/synapse/issues/10232))
- Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\#10561](https://github.com/matrix-org/synapse/issues/10561))
- Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\#10581](https://github.com/matrix-org/synapse/issues/10581),
[\#10734](https://github.com/matrix-org/synapse/issues/10734))
- Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\#10593](https://github.com/matrix-org/synapse/issues/10593))
- Rooms with unsupported room versions are no longer returned via `/sync`. ([\#10644](https://github.com/matrix-org/synapse/issues/10644))
- Enforce the maximum length for per-room display names and avatar URLs. ([\#10654](https://github.com/matrix-org/synapse/issues/10654))
- Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\#10677](https://github.com/matrix-org/synapse/issues/10677))
- Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\#10679](https://github.com/matrix-org/synapse/issues/10679))
- Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating.
([\#10684](https://github.com/matrix-org/synapse/issues/10684))
- Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang.
([\#10703](https://github.com/matrix-org/synapse/issues/10703))
- Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\#10713](https://github.com/matrix-org/synapse/issues/10713))
Improved Documentation
----------------------
- Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\#10192](https://github.com/matrix-org/synapse/issues/10192))
- Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\#10595](https://github.com/matrix-org/synapse/issues/10595))
- Fix some of the titles not rendering in the OpenID Connect documentation. ([\#10639](https://github.com/matrix-org/synapse/issues/10639))
- Minor clarifications to the documentation for reverse proxies. ([\#10708](https://github.com/matrix-org/synapse/issues/10708))
- Remove table of contents from the top of installation and contributing documentation pages. ([\#10711](https://github.com/matrix-org/synapse/issues/10711))
Deprecations and Removals
-------------------------
- Remove deprecated Shutdown Room and Purge Room Admin API. ([\#8830](https://github.com/matrix-org/synapse/issues/8830))
Internal Changes
----------------
- Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\#10608](https://github.com/matrix-org/synapse/issues/10608))
- Clean up some of the federation event authentication code for clarity. ([\#10614](https://github.com/matrix-org/synapse/issues/10614), [\#10615](https://github.com/matrix-org/synapse/issues/10615),
[\#10624](https://github.com/matrix-org/synapse/issues/10624), [\#10640](https://github.com/matrix-org/synapse/issues/10640))
- Add a comment asking developers to leave a reason when bumping the database schema version. ([\#10621](https://github.com/matrix-org/synapse/issues/10621))
- Remove not needed database updates in modify user admin API. ([\#10627](https://github.com/matrix-org/synapse/issues/10627))
- Convert room member storage tuples to `attrs` classes. ([\#10629](https://github.com/matrix-org/synapse/issues/10629), [\#10642](https://github.com/matrix-org/synapse/issues/10642))
- Use auto-attribs for the attrs classes used in sync. ([\#10630](https://github.com/matrix-org/synapse/issues/10630))
- Make `backfill` and `get_missing_events` use the same codepath. ([\#10645](https://github.com/matrix-org/synapse/issues/10645))
- Improve the performance of the `/hierarchy` API (from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946)) by caching responses received over federation.
([\#10647](https://github.com/matrix-org/synapse/issues/10647))
- Run a nightly CI build against Twisted trunk. ([\#10651](https://github.com/matrix-org/synapse/issues/10651), [\#10672](https://github.com/matrix-org/synapse/issues/10672))
- Do not print out stack traces for network errors when fetching data over federation. ([\#10662](https://github.com/matrix-org/synapse/issues/10662))
- Simplify tests for device admin rest API. ([\#10664](https://github.com/matrix-org/synapse/issues/10664))
- Add missing type hints to REST servlets. ([\#10665](https://github.com/matrix-org/synapse/issues/10665), [\#10666](https://github.com/matrix-org/synapse/issues/10666),
[\#10674](https://github.com/matrix-org/synapse/issues/10674))
- Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\#10667](https://github.com/matrix-org/synapse/issues/10667))
- Update `complement.sh` to rebuild the base Docker image when run with workers. ([\#10686](https://github.com/matrix-org/synapse/issues/10686))
- Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\#10692](https://github.com/matrix-org/synapse/issues/10692))
- Remove unused `compare_digest` function. ([\#10706](https://github.com/matrix-org/synapse/issues/10706))
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Fri Nov 19 14:06:08 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.47.0
Synapse 1.47.0 (2021-11-17)
=============
No significant changes since 1.47.0rc3.
Synapse 1.47.0rc3 (2021-11-16)
===============
Bugfixes
--------
- Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations.
([\#11346](https://github.com/matrix-org/synapse/issues/11346))
- Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version.
([\#11303](https://github.com/matrix-org/synapse/issues/11303), [\#11353](https://github.com/matrix-org/synapse/issues/11353))
Synapse 1.47.0rc2 (2021-11-10)
===============
This fixes an issue with publishing the Debian packages for 1.47.0rc1.
It is otherwise identical to 1.47.0rc1.
Synapse 1.47.0rc1 (2021-11-09)
===============
Deprecations and Removals
-------------------------
- The `user_may_create_room_with_invites` module callback is now deprecated. Please refer to the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1470) for more
information. ([\#11206](https://github.com/matrix-org/synapse/issues/11206))
- Remove deprecated admin API to delete rooms (`POST /_synapse/admin/v1/rooms/<room_id>/delete`). ([\#11213](https://github.com/matrix-org/synapse/issues/11213))
Features
--------
- Advertise support for Client-Server API r0.6.1. ([\#11097](https://github.com/matrix-org/synapse/issues/11097))
- Add search by room ID and room alias to the List Room admin API. ([\#11099](https://github.com/matrix-org/synapse/issues/11099))
- Add an `on_new_event` third-party rules callback to allow Synapse modules to act after an event has been sent into a room. ([\#11126](https://github.com/matrix-org/synapse/issues/11126))
- Add a module API method to update a user's membership in a room. ([\#11147](https://github.com/matrix-org/synapse/issues/11147))
- Add metrics for thread pool usage. ([\#11178](https://github.com/matrix-org/synapse/issues/11178))
- Support the stable room type field for [MSC3288](https://github.com/matrix-org/matrix-doc/pull/3288). ([\#11187](https://github.com/matrix-org/synapse/issues/11187))
- Add a module API method to retrieve the current state of a room. ([\#11204](https://github.com/matrix-org/synapse/issues/11204))
- Calculate a default value for `public_baseurl` based on `server_name`. ([\#11210](https://github.com/matrix-org/synapse/issues/11210))
- Add support for serving `/.well-known/matrix/server` files, to redirect federation traffic to port 443. ([\#11211](https://github.com/matrix-org/synapse/issues/11211))
- Add admin APIs to pause, start and check the status of background updates. ([\#11263](https://github.com/matrix-org/synapse/issues/11263))
Bugfixes
--------
- Fix a long-standing bug which allowed hidden devices to receive to-device messages, resulting in unnecessary database bloat. ([\#10097](https://github.com/matrix-org/synapse/issues/10097))
- Fix a long-standing bug where messages in the `device_inbox` table for deleted devices would persist indefinitely. Contributed by @dklimpel and @JohannesKleine.
([\#10969](https://github.com/matrix-org/synapse/issues/10969), [\#11212](https://github.com/matrix-org/synapse/issues/11212))
- Do not accept events if a third-party rule `check_event_allowed` callback raises an exception. ([\#11033](https://github.com/matrix-org/synapse/issues/11033))
- Fix long-standing bug where verification requests could fail in certain cases if a federation whitelist was in place but did not include your own homeserver.
([\#11129](https://github.com/matrix-org/synapse/issues/11129))
- Allow an empty list of `state_events_at_start` to be sent when using the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint and the author of the historical
messages is already part of the current room state at the given `?prev_event_id`. ([\#11188](https://github.com/matrix-org/synapse/issues/11188))
- Fix a bug introduced in Synapse 1.45.0 which prevented the `synapse_review_recent_signups` script from running. Contributed by @samuel-p.
([\#11191](https://github.com/matrix-org/synapse/issues/11191))
- Delete `to_device` messages for hidden devices that will never be read, reducing database size. ([\#11199](https://github.com/matrix-org/synapse/issues/11199))
- Fix a long-standing bug wherein a missing `Content-Type` header when downloading remote media would cause Synapse to throw an error. ([\#11200](https://github.com/matrix-org/synapse/issues/11200))
- Fix a long-standing bug which could result in serialization errors and potentially duplicate transaction data when sending ephemeral events to application services. Contributed by @Fizzadar at
Beeper. ([\#11207](https://github.com/matrix-org/synapse/issues/11207))
- Fix a bug introduced in Synapse 1.35.0 which made it impossible to join rooms that return a `send_join` response containing floats. ([\#11217](https://github.com/matrix-org/synapse/issues/11217))
- Fix long-standing bug where cross signing keys were not included in the response to `/r0/keys/query` the first time a remote user was queried.
([\#11234](https://github.com/matrix-org/synapse/issues/11234))
- Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection.
([\#11240](https://github.com/matrix-org/synapse/issues/11240))
- Fix a bug preventing Synapse from being rolled back to an earlier version when using workers. ([\#11255](https://github.com/matrix-org/synapse/issues/11255),
[\#11276](https://github.com/matrix-org/synapse/issues/11276))
- Fix a bug introduced in Synapse 1.37.1 which caused a remote event being processed by a worker to not get processed on restart if the worker was killed.
([\#11262](https://github.com/matrix-org/synapse/issues/11262))
- Only allow old Element/Riot Android clients to send read receipts without a request body. All other clients must include a request body as required by the specification. Contributed by @rogersheu.
([\#11157](https://github.com/matrix-org/synapse/issues/11157))
Updates to the Docker image
---------------------------
- Avoid changing user ID when started as a non-root user, and no explicit `UID` is set. ([\#11209](https://github.com/matrix-org/synapse/issues/11209))
Improved Documentation
----------------------
- Improve example HAProxy config in the docs to properly handle HTTP `Host` headers with port information. This is required for federation over port 443 to work correctly.
([\#11128](https://github.com/matrix-org/synapse/issues/11128))
- Add documentation for using Authentik as an OpenID Connect Identity Provider. Contributed by @samip5. ([\#11151](https://github.com/matrix-org/synapse/issues/11151))
- Clarify lack of support for Windows. ([\#11198](https://github.com/matrix-org/synapse/issues/11198))
- Improve code formatting and fix a few typos in docs. Contributed by @sumnerevans at Beeper. ([\#11221](https://github.com/matrix-org/synapse/issues/11221))
- Add documentation for using LemonLDAP as an OpenID Connect Identity Provider. Contributed by @l00ptr. ([\#11257](https://github.com/matrix-org/synapse/issues/11257))
Internal Changes
----------------
- Add type annotations for the `log_function` decorator. ([\#10943](https://github.com/matrix-org/synapse/issues/10943))
- Add type hints to `synapse.events`. ([\#11098](https://github.com/matrix-org/synapse/issues/11098))
- Remove and document unnecessary `RoomStreamToken` checks in application service ephemeral event code. ([\#11137](https://github.com/matrix-org/synapse/issues/11137))
- Add type hints so that `synapse.http` passes `mypy` checks. ([\#11164](https://github.com/matrix-org/synapse/issues/11164))
- Update scripts to pass Shellcheck lints. ([\#11166](https://github.com/matrix-org/synapse/issues/11166))
- Add knock information in admin export. Contributed by Rafael Gonçalves. ([\#11171](https://github.com/matrix-org/synapse/issues/11171))
- Add tests to check that `ClientIpStore.get_last_client_ip_by_device` and `get_user_ip_and_agents` combine database and in-memory data correctly.
([\#11179](https://github.com/matrix-org/synapse/issues/11179))
- Refactor `Filter` to check different fields depending on the data type. ([\#11194](https://github.com/matrix-org/synapse/issues/11194))
- Improve type hints for the relations datastore. ([\#11205](https://github.com/matrix-org/synapse/issues/11205))
- Replace outdated links in the pull request checklist with links to the rendered documentation. ([\#11225](https://github.com/matrix-org/synapse/issues/11225))
- Fix a bug in unit test `test_block_room_and_not_purge`. ([\#11226](https://github.com/matrix-org/synapse/issues/11226))
- In `ObservableDeferred`, run observers in the order they were registered. ([\#11229](https://github.com/matrix-org/synapse/issues/11229))
- Minor speed up to start up times and getting updates for groups by adding missing index to `local_group_updates.stream_id`. ([\#11231](https://github.com/matrix-org/synapse/issues/11231))
- Add `twine` and `towncrier` as dev dependencies, as they're used by the release script. ([\#11233](https://github.com/matrix-org/synapse/issues/11233))
- Allow `stream_writers.typing` config to be a list of one worker. ([\#11237](https://github.com/matrix-org/synapse/issues/11237))
- Remove debugging statement in tests. ([\#11239](https://github.com/matrix-org/synapse/issues/11239))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical messages backfilling in random order on remote homeservers.
([\#11244](https://github.com/matrix-org/synapse/issues/11244))
- Add an additional test for the `cachedList` method decorator. ([\#11246](https://github.com/matrix-org/synapse/issues/11246))
- Make minor correction to the type of `auth_checkers` callbacks. ([\#11253](https://github.com/matrix-org/synapse/issues/11253))
- Clean up trivial aspects of the Debian package build tooling. ([\#11269](https://github.com/matrix-org/synapse/issues/11269), [\#11273](https://github.com/matrix-org/synapse/issues/11273))
- Blacklist new SyTest that checks that key uploads are valid pending the validation being implemented in Synapse. ([\#11270](https://github.com/matrix-org/synapse/issues/11270))
Synapse 1.46.0 (2021-11-02)
=============
The cause of the [performance regression affecting Synapse 1.44](https://github.com/matrix-org/synapse/issues/11049) has been identified and fixed.
([\#11177](https://github.com/matrix-org/synapse/issues/11177))
Bugfixes
--------
- Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. ([\#11196](https://github.com/matrix-org/synapse/issues/11196))
Synapse 1.46.0rc1 (2021-10-27)
===============
Features
--------
- Add support for Ubuntu 21.10 "Impish Indri". ([\#11024](https://github.com/matrix-org/synapse/issues/11024))
- Port the Password Auth Providers module interface to the new generic interface. ([\#10548](https://github.com/matrix-org/synapse/issues/10548),
[\#11180](https://github.com/matrix-org/synapse/issues/11180))
- Experimental support for the thread relation defined in [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11088](https://github.com/matrix-org/synapse/issues/11088),
[\#11181](https://github.com/matrix-org/synapse/issues/11181), [\#11192](https://github.com/matrix-org/synapse/issues/11192))
- Users admin API can now also modify user type in addition to allowing it to be set on user creation. ([\#11174](https://github.com/matrix-org/synapse/issues/11174))
Bugfixes
--------
- Newly-created public rooms are now only assigned an alias if the room's creation has not been blocked by permission settings. Contributed by @AndrewFerr.
([\#10930](https://github.com/matrix-org/synapse/issues/10930))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#11001](https://github.com/matrix-org/synapse/issues/11001),
[\#11009](https://github.com/matrix-org/synapse/issues/11009), [\#11012](https://github.com/matrix-org/synapse/issues/11012))
- Fix 500 error on `/messages` when the server accumulates more than 5 backwards extremities at a given depth for a room. ([\#11027](https://github.com/matrix-org/synapse/issues/11027))
- Fix a bug where setting a user's `external_id` via the admin API returns 500 and deletes user's existing external mappings if that external ID is already mapped.
([\#11051](https://github.com/matrix-org/synapse/issues/11051))
- Fix a long-standing bug where users excluded from the user directory were added into the directory if they belonged to a room which became public or private.
([\#11075](https://github.com/matrix-org/synapse/issues/11075))
- Fix a long-standing bug when attempting to preview URLs which are in the `windows-1252` character encoding. ([\#11077](https://github.com/matrix-org/synapse/issues/11077),
[\#11089](https://github.com/matrix-org/synapse/issues/11089))
- Fix broken export-data admin command and add test script checking the command to CI. ([\#11078](https://github.com/matrix-org/synapse/issues/11078))
- Show an error when timestamp in seconds is provided to the `/purge_media_cache` Admin API. ([\#11101](https://github.com/matrix-org/synapse/issues/11101))
- Fix local users who left all their rooms being removed from the user directory, even if the `search_all_users` config option was enabled.
([\#11103](https://github.com/matrix-org/synapse/issues/11103))
- Fix a bug which caused the module API's `get_user_ip_and_agents` function to always fail on workers. `get_user_ip_and_agents` was introduced in 1.44.0 and did not function correctly on worker
processes at the time. ([\#11112](https://github.com/matrix-org/synapse/issues/11112))
- Identity server connection is no longer ignoring `ip_range_whitelist`. ([\#11120](https://github.com/matrix-org/synapse/issues/11120))
- Fix a bug introduced in Synapse 1.45.0 breaking the configuration file parsing script. ([\#11145](https://github.com/matrix-org/synapse/issues/11145))
- Fix a performance regression introduced in 1.44.0 which could cause client requests to time out when making large numbers of outbound requests.
([\#11177](https://github.com/matrix-org/synapse/issues/11177), [\#11190](https://github.com/matrix-org/synapse/issues/11190))
- Resolve and share `state_groups` for all [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical events in batch. ([\#10975](https://github.com/matrix-org/synapse/issues/10975))
Improved Documentation
----------------------
- Fix broken links relating to module API deprecation in the upgrade notes. ([\#11069](https://github.com/matrix-org/synapse/issues/11069))
- Add more information about what happens when a user is deactivated. ([\#11083](https://github.com/matrix-org/synapse/issues/11083))
- Clarify the the sample log config can be copied from the documentation without issue. ([\#11092](https://github.com/matrix-org/synapse/issues/11092))
- Update the admin API documentation with an updated list of the characters allowed in registration tokens. ([\#11093](https://github.com/matrix-org/synapse/issues/11093))
- Document Synapse's behaviour when dealing with multiple modules registering the same callbacks and/or handlers for the same HTTP endpoints.
([\#11096](https://github.com/matrix-org/synapse/issues/11096))
- Fix instances of `[example]{.title-ref}` in the upgrade documentation as a result of prior RST to Markdown conversion. ([\#11118](https://github.com/matrix-org/synapse/issues/11118))
- Document the version of Synapse each module callback was introduced in. ([\#11132](https://github.com/matrix-org/synapse/issues/11132))
- Document the version of Synapse that introduced each module API method. ([\#11183](https://github.com/matrix-org/synapse/issues/11183))
Internal Changes
----------------
- Fix spurious warnings about losing the logging context on the `ReplicationCommandHandler` when losing the replication connection. ([\#10984](https://github.com/matrix-org/synapse/issues/10984))
- Include rejected status when we log events. ([\#11008](https://github.com/matrix-org/synapse/issues/11008))
- Add some extra logging to the event persistence code. ([\#11014](https://github.com/matrix-org/synapse/issues/11014))
- Rearrange the internal workings of the incremental user directory updates. ([\#11035](https://github.com/matrix-org/synapse/issues/11035))
- Fix a long-standing bug where users excluded from the directory could still be added to the `users_who_share_private_rooms` table after a regular user joins a private room.
([\#11143](https://github.com/matrix-org/synapse/issues/11143))
- Add and improve type hints. ([\#10972](https://github.com/matrix-org/synapse/issues/10972), [\#11055](https://github.com/matrix-org/synapse/issues/11055),
[\#11066](https://github.com/matrix-org/synapse/issues/11066), [\#11076](https://github.com/matrix-org/synapse/issues/11076), [\#11095](https://github.com/matrix-org/synapse/issues/11095),
[\#11109](https://github.com/matrix-org/synapse/issues/11109), [\#11121](https://github.com/matrix-org/synapse/issues/11121), [\#11146](https://github.com/matrix-org/synapse/issues/11146))
- Mark the Synapse package as containing type annotations and fix export declarations so that Synapse pluggable modules may be type checked against Synapse.
([\#11054](https://github.com/matrix-org/synapse/issues/11054))
- Remove dead code from `MediaFilePaths`. ([\#11056](https://github.com/matrix-org/synapse/issues/11056))
- Be more lenient when parsing oEmbed response versions. ([\#11065](https://github.com/matrix-org/synapse/issues/11065))
- Create a separate module for the retention configuration. ([\#11070](https://github.com/matrix-org/synapse/issues/11070))
- Clean up some of the federation event authentication code for clarity. ([\#11115](https://github.com/matrix-org/synapse/issues/11115), [\#11116](https://github.com/matrix-org/synapse/issues/11116),
[\#11122](https://github.com/matrix-org/synapse/issues/11122))
- Add docstrings and comments to the application service ephemeral event sending code. ([\#11138](https://github.com/matrix-org/synapse/issues/11138))
- Update the `sign_json` script to support inline configuration of the signing key. ([\#11139](https://github.com/matrix-org/synapse/issues/11139))
- Fix broken link in the docker image README. ([\#11144](https://github.com/matrix-org/synapse/issues/11144))
- Always dump logs from unit tests during CI runs. ([\#11068](https://github.com/matrix-org/synapse/issues/11068))
- Add tests for `MediaFilePaths` class. ([\#11057](https://github.com/matrix-org/synapse/issues/11057))
- Simplify the user admin API tests. ([\#11048](https://github.com/matrix-org/synapse/issues/11048))
- Add a test for the workaround introduced in [\#11042](https://github.com/matrix-org/synapse/pull/11042) concerning the behaviour of third-party rule modules and `SynapseError`s.
([\#11071](https://github.com/matrix-org/synapse/issues/11071))
Synapse 1.45.1 (2021-10-20)
=============
Bugfixes
--------
- Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. ([\#11127](https://github.com/matrix-org/synapse/issues/11127))
Synapse 1.45.0 (2021-10-19)
=============
No functional changes since Synapse 1.45.0rc2.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Improved Documentation
----------------------
- Reword changelog to clarify concerns about a suspected performance regression in 1.44.0. ([\#11117](https://github.com/matrix-org/synapse/issues/11117))
Synapse 1.45.0rc2 (2021-10-14)
===============
This release candidate [fixes](https://github.com/matrix-org/synapse/issues/11053) a user directory [bug](https://github.com/matrix-org/synapse/issues/11025) present in 1.45.0rc1.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Bugfixes
--------
- Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down `/sync` due to a race. ([\#11045](https://github.com/matrix-org/synapse/issues/11045))
- Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a
user not in the `users` table. ([\#11053](https://github.com/matrix-org/synapse/issues/11053))
- Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. ([\#11061](https://github.com/matrix-org/synapse/issues/11061))
Internal Changes
----------------
- Add an 'approximate difference' method to `StateFilter`. ([\#10825](https://github.com/matrix-org/synapse/issues/10825))
- Fix inconsistent behavior of `get_last_client_by_ip` when reporting data that has not been stored in the database yet. ([\#10970](https://github.com/matrix-org/synapse/issues/10970))
- Fix a bug introduced in Synapse 1.21.0 that causes opentracing and Prometheus metrics for replication requests to be measured incorrectly.
([\#10996](https://github.com/matrix-org/synapse/issues/10996))
- Ensure that cache config tests do not share state. ([\#11036](https://github.com/matrix-org/synapse/issues/11036))
Synapse 1.45.0rc1 (2021-10-12)
===============
**Note:** Media storage providers module that read from Synapse's configuration need changes as of this version, see the [upgrade
notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1450) for more information.
Known Issues
------------
- We are investigating [a performance issue](https://github.com/matrix-org/synapse/issues/11049) which was reported after the release of 1.44.0.
- We are aware of [a bug](https://github.com/matrix-org/synapse/issues/11025) with the user directory when using application services. A second release candidate is expected which will resolve this.
Features
--------
- Add [MSC3069](https://github.com/matrix-org/matrix-doc/pull/3069) support to `/account/whoami`. ([\#9655](https://github.com/matrix-org/synapse/issues/9655))
- Support autodiscovery of oEmbed previews. ([\#10822](https://github.com/matrix-org/synapse/issues/10822))
- Add a `user_may_send_3pid_invite` spam checker callback for modules to allow or deny 3PID invites. ([\#10894](https://github.com/matrix-org/synapse/issues/10894))
- Add a spam checker callback to allow or deny room joins. ([\#10910](https://github.com/matrix-org/synapse/issues/10910))
- Include an `update_synapse_database` script in the distribution. Contributed by @Fizzadar at Beeper. ([\#10954](https://github.com/matrix-org/synapse/issues/10954))
- Include exception information in JSON logging output. Contributed by @Fizzadar at Beeper. ([\#11028](https://github.com/matrix-org/synapse/issues/11028))
Bugfixes
--------
- Fix a minor bug in the response to `/_matrix/client/r0/voip/turnServer`. Contributed by @lukaslihotzki. ([\#10922](https://github.com/matrix-org/synapse/issues/10922))
- Fix a bug where empty `yyyy-mm-dd/` directories would be left behind in the media store's `url_cache_thumbnails/` directory. ([\#10924](https://github.com/matrix-org/synapse/issues/10924))
- Fix a bug introduced in Synapse v1.40.0 where the signature checks for room version 8 and 9 could be applied to earlier room versions in some situations.
([\#10927](https://github.com/matrix-org/synapse/issues/10927))
- Fix a long-standing bug wherein deactivated users still count towards the monthly active users limit. ([\#10947](https://github.com/matrix-org/synapse/issues/10947))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#10956](https://github.com/matrix-org/synapse/issues/10956))
- Fix a long-standing bug where rebuilding the user directory wouldn't exclude support and deactivated users. ([\#10960](https://github.com/matrix-org/synapse/issues/10960))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint rejecting subsequent batches with unknown batch ID error in existing room versions from the room creator.
([\#10962](https://github.com/matrix-org/synapse/issues/10962))
- Fix a bug that could leak local users' per-room nicknames and avatars when the user directory is rebuilt. ([\#10981](https://github.com/matrix-org/synapse/issues/10981))
- Fix a long-standing bug where the remainder of a batch of user directory changes would be silently dropped if the server left a room early in the batch.
([\#10982](https://github.com/matrix-org/synapse/issues/10982))
- Correct a bugfix introduced in Synapse v1.44.0 that would catch the wrong error if a connection is lost before a response could be written to it.
([\#10995](https://github.com/matrix-org/synapse/issues/10995))
- Fix a long-standing bug where local users' per-room nicknames/avatars were visible to anyone who could see you in the user directory. ([\#11002](https://github.com/matrix-org/synapse/issues/11002))
- Fix a long-standing bug where a user's per-room nickname/avatar would overwrite their profile in the user directory when a room was made public.
([\#11003](https://github.com/matrix-org/synapse/issues/11003))
- Work around a regression, introduced in Synapse v1.39.0, that caused `SynapseError`s raised by the experimental third-party rules module callback `check_event_allowed` to be ignored.
([\#11042](https://github.com/matrix-org/synapse/issues/11042))
- Fix a bug in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) insertion events in rooms that could cause cross-talk/conflicts between batches.
([\#10877](https://github.com/matrix-org/synapse/issues/10877))
Improved Documentation
----------------------
- Change wording ("reference homeserver") in Synapse repository documentation. Contributed by @maxkratz. ([\#10971](https://github.com/matrix-org/synapse/issues/10971))
- Fix a dead URL in development documentation (SAML) and change wording from "Riot" to "Element". Contributed by @maxkratz. ([\#10973](https://github.com/matrix-org/synapse/issues/10973))
- Add additional content to the Welcome and Overview page of the documentation. ([\#10990](https://github.com/matrix-org/synapse/issues/10990))
- Update links to MSCs in documentation. Contributed by @dklimpel. ([\#10991](https://github.com/matrix-org/synapse/issues/10991))
Internal Changes
----------------
- Improve type hinting in `synapse.util`. ([\#10888](https://github.com/matrix-org/synapse/issues/10888))
- Add further type hints to `synapse.storage.util`. ([\#10892](https://github.com/matrix-org/synapse/issues/10892))
- Fix type hints to be compatible with an upcoming change to Twisted. ([\#10895](https://github.com/matrix-org/synapse/issues/10895))
- Update utility code to handle C implementations of frozendict. ([\#10902](https://github.com/matrix-org/synapse/issues/10902))
- Drop old functionality which maintained database compatibility with Synapse versions before v1.31. ([\#10903](https://github.com/matrix-org/synapse/issues/10903))
- Clean-up configuration helper classes for the `ServerConfig` class. ([\#10915](https://github.com/matrix-org/synapse/issues/10915))
- Use direct references to config flags. ([\#10916](https://github.com/matrix-org/synapse/issues/10916), [\#10959](https://github.com/matrix-org/synapse/issues/10959),
[\#10985](https://github.com/matrix-org/synapse/issues/10985))
- Clean up some of the federation event authentication code for clarity. ([\#10926](https://github.com/matrix-org/synapse/issues/10926), [\#10940](https://github.com/matrix-org/synapse/issues/10940),
[\#10986](https://github.com/matrix-org/synapse/issues/10986), [\#10987](https://github.com/matrix-org/synapse/issues/10987), [\#10988](https://github.com/matrix-org/synapse/issues/10988),
[\#11010](https://github.com/matrix-org/synapse/issues/11010), [\#11011](https://github.com/matrix-org/synapse/issues/11011))
- Refactor various parts of the codebase to use `RoomVersion` objects instead of room version identifier strings. ([\#10934](https://github.com/matrix-org/synapse/issues/10934))
- Refactor user directory tests in preparation for upcoming changes. ([\#10935](https://github.com/matrix-org/synapse/issues/10935))
- Include the event id in the logcontext when handling PDUs received over federation. ([\#10936](https://github.com/matrix-org/synapse/issues/10936))
- Fix logged errors in unit tests. ([\#10939](https://github.com/matrix-org/synapse/issues/10939))
- Fix a broken test to ensure that consent configuration works during registration. ([\#10945](https://github.com/matrix-org/synapse/issues/10945))
- Add type hints to filtering classes. ([\#10958](https://github.com/matrix-org/synapse/issues/10958))
- Add type-hint to `HomeserverTestcase.setup_test_homeserver`. ([\#10961](https://github.com/matrix-org/synapse/issues/10961))
- Fix the test utility function `create_room_as` so that `is_public=True` will explicitly set the `visibility` parameter of room creation requests to `public`. Contributed by @AndrewFerr.
([\#10963](https://github.com/matrix-org/synapse/issues/10963))
- Make the release script more robust and transparent. ([\#10966](https://github.com/matrix-org/synapse/issues/10966))
- Refactor [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` mega function into smaller handler functions. ([\#10974](https://github.com/matrix-org/synapse/issues/10974))
- Log stack traces when a missing opentracing span is detected. ([\#10983](https://github.com/matrix-org/synapse/issues/10983))
- Update GHA config to run tests against Python 3.10 and PostgreSQL 14. ([\#10992](https://github.com/matrix-org/synapse/issues/10992))
- Fix a long-standing bug where `ReadWriteLock`s could drop logging contexts on exit. ([\#10993](https://github.com/matrix-org/synapse/issues/10993))
- Add a `CODEOWNERS` file to automatically request reviews from the `@matrix-org/synapse-core` team on new pull requests. ([\#10994](https://github.com/matrix-org/synapse/issues/10994))
- Add further type hints to `synapse.state`. ([\#11004](https://github.com/matrix-org/synapse/issues/11004))
- Remove the deprecated `BaseHandler` object. ([\#11005](https://github.com/matrix-org/synapse/issues/11005))
- Bump mypy version for CI to 0.910, and pull in new type stubs for dependencies. ([\#11006](https://github.com/matrix-org/synapse/issues/11006))
- Fix CI to run the unit tests without optional deps. ([\#11017](https://github.com/matrix-org/synapse/issues/11017))
- Ensure that cache config tests do not share state. ([\#11019](https://github.com/matrix-org/synapse/issues/11019))
- Add additional type hints to `synapse.server_notices`. ([\#11021](https://github.com/matrix-org/synapse/issues/11021))
- Add additional type hints for `synapse.push`. ([\#11023](https://github.com/matrix-org/synapse/issues/11023))
- When installing the optional developer dependencies, also include the dependencies needed for type-checking and unit testing. ([\#11034](https://github.com/matrix-org/synapse/issues/11034))
- Remove unnecessary list comprehension from `synapse_port_db` to satisfy code style requirements. ([\#11043](https://github.com/matrix-org/synapse/issues/11043))
Synapse 1.44.0 (2021-10-05)
=============
No significant changes since 1.44.0rc3.
Synapse 1.44.0rc3 (2021-10-04)
===============
Bugfixes
--------
- Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error.
([\#10933](https://github.com/matrix-org/synapse/issues/10933))
- Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\#10968](https://github.com/matrix-org/synapse/issues/10968))
Synapse 1.44.0rc2 (2021-09-30)
===============
Bugfixes
--------
- Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint to return a 500 error.
([\#10938](https://github.com/matrix-org/synapse/issues/10938))
- Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\#10944](https://github.com/matrix-org/synapse/issues/10944))
Improved Documentation
----------------------
- Minor updates to the installation instructions. ([\#10919](https://github.com/matrix-org/synapse/issues/10919))
Synapse 1.44.0rc1 (2021-09-29)
===============
Features
--------
- Only allow the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event.
([\#10776](https://github.com/matrix-org/synapse/issues/10776))
- Improve oEmbed URL previews by processing the author name, photo, and video information. ([\#10814](https://github.com/matrix-org/synapse/issues/10814),
[\#10819](https://github.com/matrix-org/synapse/issues/10819))
- Speed up responding with large JSON objects to requests. ([\#10868](https://github.com/matrix-org/synapse/issues/10868), [\#10905](https://github.com/matrix-org/synapse/issues/10905))
- Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes.
([\#10898](https://github.com/matrix-org/synapse/issues/10898))
Bugfixes
--------
- Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\#10690](https://github.com/matrix-org/synapse/issues/10690))
- Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\#10782](https://github.com/matrix-org/synapse/issues/10782))
- Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\#10807](https://github.com/matrix-org/synapse/issues/10807))
- Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\#10810](https://github.com/matrix-org/synapse/issues/10810))
- Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters.
([\#10827](https://github.com/matrix-org/synapse/issues/10827))
- Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using
SQLite. ([\#10843](https://github.com/matrix-org/synapse/issues/10843))
- Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\#10859](https://github.com/matrix-org/synapse/issues/10859))
- Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database.
([\#10873](https://github.com/matrix-org/synapse/issues/10873))
- Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper.
([\#10875](https://github.com/matrix-org/synapse/issues/10875))
- Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked.
([\#10881](https://github.com/matrix-org/synapse/issues/10881))
- Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\#10907](https://github.com/matrix-org/synapse/issues/10907))
- Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured
storage providers to reclaim space. ([\#10911](https://github.com/matrix-org/synapse/issues/10911))
- Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\#10913](https://github.com/matrix-org/synapse/issues/10913))
Improved Documentation
----------------------
- Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\#10845](https://github.com/matrix-org/synapse/issues/10845))
- Add developer documentation about experimental configuration flags. ([\#10865](https://github.com/matrix-org/synapse/issues/10865))
- Properly remove deleted files from GitHub pages when generating the documentation. ([\#10869](https://github.com/matrix-org/synapse/issues/10869))
Internal Changes
----------------
- Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\#10659](https://github.com/matrix-org/synapse/issues/10659))
- Split out [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) meta events to their own fields in the `/batch_send` response. ([\#10777](https://github.com/matrix-org/synapse/issues/10777))
- Add missing type hints to REST servlets. ([\#10785](https://github.com/matrix-org/synapse/issues/10785), [\#10817](https://github.com/matrix-org/synapse/issues/10817))
- Simplify the internal logic which maintains the user directory database tables. ([\#10796](https://github.com/matrix-org/synapse/issues/10796))
- Use direct references to config flags. ([\#10812](https://github.com/matrix-org/synapse/issues/10812), [\#10885](https://github.com/matrix-org/synapse/issues/10885),
[\#10893](https://github.com/matrix-org/synapse/issues/10893), [\#10897](https://github.com/matrix-org/synapse/issues/10897))
- Specify the type of token in generic "Invalid token" error messages. ([\#10815](https://github.com/matrix-org/synapse/issues/10815))
- Make `StateFilter` frozen so it is hashable. ([\#10816](https://github.com/matrix-org/synapse/issues/10816))
- Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\#10820](https://github.com/matrix-org/synapse/issues/10820))
- Add type hints to the state database. ([\#10823](https://github.com/matrix-org/synapse/issues/10823))
- Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you
haven't synced recently. ([\#10826](https://github.com/matrix-org/synapse/issues/10826))
- Track cache eviction rates more finely in Prometheus's monitoring. ([\#10829](https://github.com/matrix-org/synapse/issues/10829))
- Add missing type hints to `synapse.handlers`. ([\#10831](https://github.com/matrix-org/synapse/issues/10831), [\#10856](https://github.com/matrix-org/synapse/issues/10856))
- Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\#10833](https://github.com/matrix-org/synapse/issues/10833))
- Factor out PNG image data to a constant to be used in several tests. ([\#10834](https://github.com/matrix-org/synapse/issues/10834))
- Add a test to ensure state events sent by modules get persisted correctly. ([\#10835](https://github.com/matrix-org/synapse/issues/10835))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint.
([\#10838](https://github.com/matrix-org/synapse/issues/10838))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`.
([\#10839](https://github.com/matrix-org/synapse/issues/10839))
- Add type hints to `synapse.http.site`. ([\#10867](https://github.com/matrix-org/synapse/issues/10867))
- Include outlier status when we log V2 or V3 events. ([\#10879](https://github.com/matrix-org/synapse/issues/10879))
- Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\#10829](https://github.com/matrix-org/synapse/issues/10829).
([\#10880](https://github.com/matrix-org/synapse/issues/10880))
- Clean up some of the federation event authentication code for clarity. ([\#10883](https://github.com/matrix-org/synapse/issues/10883), [\#10884](https://github.com/matrix-org/synapse/issues/10884),
[\#10896](https://github.com/matrix-org/synapse/issues/10896), [\#10901](https://github.com/matrix-org/synapse/issues/10901))
- Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
([\#10887](https://github.com/matrix-org/synapse/issues/10887))
- Clean up some unnecessary parentheses in places around the codebase. ([\#10889](https://github.com/matrix-org/synapse/issues/10889))
- Improve type hinting in the user directory code. ([\#10891](https://github.com/matrix-org/synapse/issues/10891))
- Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\#10906](https://github.com/matrix-org/synapse/issues/10906))
- Document and summarize changes in schema version `61` – `64`. ([\#10917](https://github.com/matrix-org/synapse/issues/10917))
- Update release script to sign the newly created git tags. ([\#10925](https://github.com/matrix-org/synapse/issues/10925))
- Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\#10931](https://github.com/matrix-org/synapse/issues/10931))
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: gdt
Date: Tue Nov 23 12:47:51 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile distinfo
Log Message:
chat/matrix-synapse: Update to 1.47.1 (security)
Synapse 1.47.1 (2021-11-23)
======This release fixes a security issue in the media store, affecting all prior releases of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild.
Server administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below.
Security advisory
-----------------
The following issue is fixed in 1.47.1.
- **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.**
Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory.
The last two directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact.
Homeservers with the media repository disabled are unaffected. Homeservers configured with a federation whitelist are also unaffected.
Fixed by [91f2bd090](https://github.com/matrix-org/synapse/commit/91f2bd090).
To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/chat/matrix-synapse/distinfo
babolivier
added a commit
to matrix-org/synapse-dinsic
that referenced
this pull request
Dec 6, 2021
Synapse 1.42.0 (2021-09-07) =========================== This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420). No significant changes since 1.42.0rc2. Synapse 1.42.0rc2 (2021-09-06) ============================== Features -------- - Support room version 9 from [MSC3375](matrix-org/matrix-spec-proposals#3375). ([\#10747](matrix-org/synapse#10747)) Internal Changes ---------------- - Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](matrix-org/synapse#10768)) Synapse 1.42.0rc1 (2021-09-01) ============================== Features -------- - Add support for [MSC3231](matrix-org/matrix-spec-proposals#3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. ([\#10142](matrix-org/synapse#10142)) - Add support for [MSC3283](matrix-org/matrix-spec-proposals#3283): Expose `enable_set_displayname` in capabilities. ([\#10452](matrix-org/synapse#10452)) - Port the `PresenceRouter` module interface to the new generic interface. ([\#10524](matrix-org/synapse#10524)) - Add pagination to the spaces summary based on updates to [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\#10613](matrix-org/synapse#10613), [\#10725](matrix-org/synapse#10725)) Bugfixes -------- - Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\#10232](matrix-org/synapse#10232)) - Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\#10561](matrix-org/synapse#10561)) - Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\#10581](matrix-org/synapse#10581), [\#10734](matrix-org/synapse#10734)) - Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\#10593](matrix-org/synapse#10593)) - Rooms with unsupported room versions are no longer returned via `/sync`. ([\#10644](matrix-org/synapse#10644)) - Enforce the maximum length for per-room display names and avatar URLs. ([\#10654](matrix-org/synapse#10654)) - Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\#10677](matrix-org/synapse#10677)) - Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\#10679](matrix-org/synapse#10679)) - Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating. ([\#10684](matrix-org/synapse#10684)) - Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang. ([\#10703](matrix-org/synapse#10703)) - Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\#10713](matrix-org/synapse#10713)) Improved Documentation ---------------------- - Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\#10192](matrix-org/synapse#10192)) - Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\#10595](matrix-org/synapse#10595)) - Fix some of the titles not rendering in the OpenID Connect documentation. ([\#10639](matrix-org/synapse#10639)) - Minor clarifications to the documentation for reverse proxies. ([\#10708](matrix-org/synapse#10708)) - Remove table of contents from the top of installation and contributing documentation pages. ([\#10711](matrix-org/synapse#10711)) Deprecations and Removals ------------------------- - Remove deprecated Shutdown Room and Purge Room Admin API. ([\#8830](matrix-org/synapse#8830)) Internal Changes ---------------- - Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\#10608](matrix-org/synapse#10608)) - Clean up some of the federation event authentication code for clarity. ([\#10614](matrix-org/synapse#10614), [\#10615](matrix-org/synapse#10615), [\#10624](matrix-org/synapse#10624), [\#10640](matrix-org/synapse#10640)) - Add a comment asking developers to leave a reason when bumping the database schema version. ([\#10621](matrix-org/synapse#10621)) - Remove not needed database updates in modify user admin API. ([\#10627](matrix-org/synapse#10627)) - Convert room member storage tuples to `attrs` classes. ([\#10629](matrix-org/synapse#10629), [\#10642](matrix-org/synapse#10642)) - Use auto-attribs for the attrs classes used in sync. ([\#10630](matrix-org/synapse#10630)) - Make `backfill` and `get_missing_events` use the same codepath. ([\#10645](matrix-org/synapse#10645)) - Improve the performance of the `/hierarchy` API (from [MSC2946](matrix-org/matrix-spec-proposals#2946)) by caching responses received over federation. ([\#10647](matrix-org/synapse#10647)) - Run a nightly CI build against Twisted trunk. ([\#10651](matrix-org/synapse#10651), [\#10672](matrix-org/synapse#10672)) - Do not print out stack traces for network errors when fetching data over federation. ([\#10662](matrix-org/synapse#10662)) - Simplify tests for device admin rest API. ([\#10664](matrix-org/synapse#10664)) - Add missing type hints to REST servlets. ([\#10665](matrix-org/synapse#10665), [\#10666](matrix-org/synapse#10666), [\#10674](matrix-org/synapse#10674)) - Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\#10667](matrix-org/synapse#10667)) - Update `complement.sh` to rebuild the base Docker image when run with workers. ([\#10686](matrix-org/synapse#10686)) - Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\#10692](matrix-org/synapse#10692)) - Remove unused `compare_digest` function. ([\#10706](matrix-org/synapse#10706))
babolivier
added a commit
to matrix-org/synapse-dinsic
that referenced
this pull request
Dec 6, 2021
Synapse 1.44.0 (2021-10-05) =========================== No significant changes since 1.44.0rc3. Synapse 1.44.0rc3 (2021-10-04) ============================== Bugfixes -------- - Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error. ([\#10933](matrix-org/synapse#10933)) - Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\#10968](matrix-org/synapse#10968)) Synapse 1.44.0rc2 (2021-09-30) ============================== Bugfixes -------- - Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint to return a 500 error. ([\#10938](matrix-org/synapse#10938)) - Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\#10944](matrix-org/synapse#10944)) Improved Documentation ---------------------- - Minor updates to the installation instructions. ([\#10919](matrix-org/synapse#10919)) Synapse 1.44.0rc1 (2021-09-29) ============================== Features -------- - Only allow the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event. ([\#10776](matrix-org/synapse#10776)) - Improve oEmbed URL previews by processing the author name, photo, and video information. ([\#10814](matrix-org/synapse#10814), [\#10819](matrix-org/synapse#10819)) - Speed up responding with large JSON objects to requests. ([\#10868](matrix-org/synapse#10868), [\#10905](matrix-org/synapse#10905)) - Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. ([\#10898](matrix-org/synapse#10898)) Bugfixes -------- - Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\#10690](matrix-org/synapse#10690)) - Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\#10782](matrix-org/synapse#10782)) - Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\#10807](matrix-org/synapse#10807)) - Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\#10810](matrix-org/synapse#10810)) - Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters. ([\#10827](matrix-org/synapse#10827)) - Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using SQLite. ([\#10843](matrix-org/synapse#10843)) - Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\#10859](matrix-org/synapse#10859)) - Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database. ([\#10873](matrix-org/synapse#10873)) - Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper. ([\#10875](matrix-org/synapse#10875)) - Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked. ([\#10881](matrix-org/synapse#10881)) - Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\#10907](matrix-org/synapse#10907)) - Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured storage providers to reclaim space. ([\#10911](matrix-org/synapse#10911)) - Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\#10913](matrix-org/synapse#10913)) Improved Documentation ---------------------- - Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\#10845](matrix-org/synapse#10845)) - Add developer documentation about experimental configuration flags. ([\#10865](matrix-org/synapse#10865)) - Properly remove deleted files from GitHub pages when generating the documentation. ([\#10869](matrix-org/synapse#10869)) Internal Changes ---------------- - Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\#10659](matrix-org/synapse#10659)) - Split out [MSC2716](matrix-org/matrix-spec-proposals#2716) meta events to their own fields in the `/batch_send` response. ([\#10777](matrix-org/synapse#10777)) - Add missing type hints to REST servlets. ([\#10785](matrix-org/synapse#10785), [\#10817](matrix-org/synapse#10817)) - Simplify the internal logic which maintains the user directory database tables. ([\#10796](matrix-org/synapse#10796)) - Use direct references to config flags. ([\#10812](matrix-org/synapse#10812), [\#10885](matrix-org/synapse#10885), [\#10893](matrix-org/synapse#10893), [\#10897](matrix-org/synapse#10897)) - Specify the type of token in generic "Invalid token" error messages. ([\#10815](matrix-org/synapse#10815)) - Make `StateFilter` frozen so it is hashable. ([\#10816](matrix-org/synapse#10816)) - Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\#10820](matrix-org/synapse#10820)) - Add type hints to the state database. ([\#10823](matrix-org/synapse#10823)) - Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you haven't synced recently. ([\#10826](matrix-org/synapse#10826)) - Track cache eviction rates more finely in Prometheus's monitoring. ([\#10829](matrix-org/synapse#10829)) - Add missing type hints to `synapse.handlers`. ([\#10831](matrix-org/synapse#10831), [\#10856](matrix-org/synapse#10856)) - Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\#10833](matrix-org/synapse#10833)) - Factor out PNG image data to a constant to be used in several tests. ([\#10834](matrix-org/synapse#10834)) - Add a test to ensure state events sent by modules get persisted correctly. ([\#10835](matrix-org/synapse#10835)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint. ([\#10838](matrix-org/synapse#10838)) - Rename [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`. ([\#10839](matrix-org/synapse#10839)) - Add type hints to `synapse.http.site`. ([\#10867](matrix-org/synapse#10867)) - Include outlier status when we log V2 or V3 events. ([\#10879](matrix-org/synapse#10879)) - Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\#10829](matrix-org/synapse#10829). ([\#10880](matrix-org/synapse#10880)) - Clean up some of the federation event authentication code for clarity. ([\#10883](matrix-org/synapse#10883), [\#10884](matrix-org/synapse#10884), [\#10896](matrix-org/synapse#10896), [\#10901](matrix-org/synapse#10901)) - Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](matrix-org/matrix-spec-proposals#3231). ([\#10887](matrix-org/synapse#10887)) - Clean up some unnecessary parentheses in places around the codebase. ([\#10889](matrix-org/synapse#10889)) - Improve type hinting in the user directory code. ([\#10891](matrix-org/synapse#10891)) - Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\#10906](matrix-org/synapse#10906)) - Document and summarize changes in schema version `61` – `64`. ([\#10917](matrix-org/synapse#10917)) - Update release script to sign the newly created git tags. ([\#10925](matrix-org/synapse#10925)) - Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\#10931](matrix-org/synapse#10931))
turt2live
added a commit
that referenced
this pull request
Jan 1, 2022
MSC: #3231 **Note**: This introduces the endpoint as v1 rather than r0 given the global versioning changes landed between the acceptance of the MSC and now.
|
Spec PR: #3616 |
turt2live
added
spec-pr-in-review
turt2live
added a commit
that referenced
this pull request
Jan 5, 2022
* Add registration token UIA type MSC: #3231 **Note**: This introduces the endpoint as v1 rather than r0 given the global versioning changes landed between the acceptance of the MSC and now. * Fix swagger * Changelogs * Update data/api/client-server/registration_tokens.yaml Co-authored-by: Hubert Chathi <hubert@uhoreg.ca> Co-authored-by: Hubert Chathi <hubert@uhoreg.ca>
|
Merged 🎉 |
turt2live
added
merged
squahtx
pushed a commit
to matrix-org/synapse
that referenced
this pull request
Feb 15, 2022
Synapse 1.53.0rc1 (2022-02-15) ============================== Features -------- - Add experimental support for sending to-device messages to application services, as specified by [MSC2409](matrix-org/matrix-spec-proposals#2409). ([\#11215](#11215), [\#11966](#11966)) - Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\#11655](#11655)) - Experimental support for [MSC3666](matrix-org/matrix-spec-proposals#3666): including bundled aggregations in server side search results. ([\#11837](#11837)) - Enable cache time-based expiry by default. The `expiry_time` config flag has been superseded by `expire_caches` and `cache_entry_ttl`. ([\#11849](#11849)) - Add a callback to allow modules to allow or forbid a 3PID (email address, phone number) from being associated to a local account. ([\#11854](#11854)) - Stabilize support and remove unstable endpoints for [MSC3231](matrix-org/matrix-spec-proposals#3231). Clients must switch to the stable identifier and endpoint. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#stablisation-of-msc3231) for more information. ([\#11867](#11867)) - Allow modules to retrieve the current instance's server name and worker name. ([\#11868](#11868)) - Use a dedicated configurable rate limiter for 3PID invites. ([\#11892](#11892)) - Support the stable API endpoint for [MSC3283](matrix-org/matrix-spec-proposals#3283): new settings in `/capabilities` endpoint. ([\#11933](#11933), [\#11989](#11989)) - Support the `dir` parameter on the `/relations` endpoint, per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#11941](#11941)) - Experimental implementation of [MSC3706](matrix-org/matrix-spec-proposals#3706): extensions to `/send_join` to support reduced response size. ([\#11967](#11967)) Bugfixes -------- - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) historical messages backfilling in random order on remote homeservers. ([\#11114](#11114)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\#11890](#11890)) - Fix a long-standing bug where some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11930](#11930)) - Implement an allow list of content types for which we will attempt to preview a URL. This prevents Synapse from making useless longer-lived connections to streaming media servers. ([\#11936](#11936)) - Fix a long-standing bug where pagination tokens from `/sync` and `/messages` could not be provided to the `/relations` API. ([\#11952](#11952)) - Require that modules register their callbacks using keyword arguments. ([\#11975](#11975)) - Fix a long-standing bug where `M_WRONG_ROOM_KEYS_VERSION` errors would not include the specced `current_version` field. ([\#11988](#11988)) Improved Documentation ---------------------- - Fix typo in User Admin API: unpind -> unbind. ([\#11859](#11859)) - Document images returned by the User List Media Admin API can include those generated by URL previews. ([\#11862](#11862)) - Remove outdated MSC1711 FAQ document. ([\#11907](#11907)) - Correct the structured logging configuration example. Contributed by Brad Jones. ([\#11946](#11946)) - Add information on the Synapse release cycle. ([\#11954](#11954)) - Fix broken link in the README to the admin API for password reset. ([\#11955](#11955)) Deprecations and Removals ------------------------- - Drop support for `webclient` listeners and configuring `web_client_location` to a non-HTTP(S) URL. Deprecated configurations are a configuration error. ([\#11895](#11895)) - Remove deprecated `user_may_create_room_with_invites` spam checker callback. See the [upgrade notes](https://matrix-org.github.io/synapse/latest/upgrade.html#removal-of-user_may_create_room_with_invites) for more information. ([\#11950](#11950)) - No longer build `.deb` packages for Ubuntu 21.04 Hirsute Hippo, which has now EOLed. ([\#11961](#11961)) Internal Changes ---------------- - Enhance user registration test helpers to make them more useful for tests involving application services and devices. ([\#11615](#11615), [\#11616](#11616)) - Improve performance when fetching bundled aggregations for multiple events. ([\#11660](#11660), [\#11752](#11752)) - Fix type errors introduced by new annotations in the Prometheus Client library. ([\#11832](#11832)) - Add missing type hints to replication code. ([\#11856](#11856), [\#11938](#11938)) - Ensure that `opentracing` scopes are activated and closed at the right time. ([\#11869](#11869)) - Improve opentracing for incoming federation requests. ([\#11870](#11870)) - Improve internal docstrings in `synapse.util.caches`. ([\#11876](#11876)) - Do not needlessly clear the `get_users_in_room` and `get_users_in_room_with_profiles` caches when any room state changes. ([\#11878](#11878)) - Convert `ApplicationServiceTestCase` to use `simple_async_mock`. ([\#11880](#11880)) - Remove experimental changes to the default push rules which were introduced in Synapse 1.19.0 but never enabled. ([\#11884](#11884)) - Disable coverage calculation for olddeps build. ([\#11888](#11888)) - Preparation to support sending device list updates to application services. ([\#11905](#11905)) - Add a test that checks users receive their own device list updates down `/sync`. ([\#11909](#11909)) - Run Complement tests sequentially. ([\#11910](#11910)) - Various refactors to the application service notifier code. ([\#11911](#11911), [\#11912](#11912)) - Tests: replace mocked `Authenticator` with the real thing. ([\#11913](#11913)) - Various refactors to the typing notifications code. ([\#11914](#11914)) - Use the proper type for the `Content-Length` header in the `UploadResource`. ([\#11927](#11927)) - Remove an unnecessary ignoring of type hints due to fixes in upstream packages. ([\#11939](#11939)) - Add missing type hints. ([\#11953](#11953)) - Fix an import cycle in `synapse.event_auth`. ([\#11965](#11965)) - Unpin `frozendict` but exclude the known bad version 2.1.2. ([\#11969](#11969)) - Prepare for rename of default Complement branch. ([\#11971](#11971)) - Fetch Synapse's version using a helper from `matrix-common`. ([\#11979](#11979))
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Feb 25, 2022
Synapse 1.53.0 (2022-02-22) =========================== No significant changes. Synapse 1.53.0rc1 (2022-02-15) ============================== Features -------- - Add experimental support for sending to-device messages to application services, as specified by [MSC2409](matrix-org/matrix-spec-proposals#2409). ([\#11215](matrix-org/synapse#11215), [\#11966](matrix-org/synapse#11966)) - Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\#11655](matrix-org/synapse#11655)) - Experimental support for [MSC3666](matrix-org/matrix-spec-proposals#3666): including bundled aggregations in server side search results. ([\#11837](matrix-org/synapse#11837)) - Enable cache time-based expiry by default. The `expiry_time` config flag has been superseded by `expire_caches` and `cache_entry_ttl`. ([\#11849](matrix-org/synapse#11849)) - Add a callback to allow modules to allow or forbid a 3PID (email address, phone number) from being associated to a local account. ([\#11854](matrix-org/synapse#11854)) - Stabilize support and remove unstable endpoints for [MSC3231](matrix-org/matrix-spec-proposals#3231). Clients must switch to the stable identifier and endpoint. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#stablisation-of-msc3231) for more information. ([\#11867](matrix-org/synapse#11867)) - Allow modules to retrieve the current instance's server name and worker name. ([\#11868](matrix-org/synapse#11868)) - Use a dedicated configurable rate limiter for 3PID invites. ([\#11892](matrix-org/synapse#11892)) - Support the stable API endpoint for [MSC3283](matrix-org/matrix-spec-proposals#3283): new settings in `/capabilities` endpoint. ([\#11933](matrix-org/synapse#11933), [\#11989](matrix-org/synapse#11989)) - Support the `dir` parameter on the `/relations` endpoint, per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#11941](matrix-org/synapse#11941)) - Experimental implementation of [MSC3706](matrix-org/matrix-spec-proposals#3706): extensions to `/send_join` to support reduced response size. ([\#11967](matrix-org/synapse#11967)) Bugfixes -------- - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) historical messages backfilling in random order on remote homeservers. ([\#11114](matrix-org/synapse#11114)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\#11890](matrix-org/synapse#11890)) - Fix a long-standing bug where some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11930](matrix-org/synapse#11930)) - Implement an allow list of content types for which we will attempt to preview a URL. This prevents Synapse from making useless longer-lived connections to streaming media servers. ([\#11936](matrix-org/synapse#11936)) - Fix a long-standing bug where pagination tokens from `/sync` and `/messages` could not be provided to the `/relations` API. ([\#11952](matrix-org/synapse#11952)) - Require that modules register their callbacks using keyword arguments. ([\#11975](matrix-org/synapse#11975)) - Fix a long-standing bug where `M_WRONG_ROOM_KEYS_VERSION` errors would not include the specced `current_version` field. ([\#11988](matrix-org/synapse#11988)) Improved Documentation ---------------------- - Fix typo in User Admin API: unpind -> unbind. ([\#11859](matrix-org/synapse#11859)) - Document images returned by the User List Media Admin API can include those generated by URL previews. ([\#11862](matrix-org/synapse#11862)) - Remove outdated MSC1711 FAQ document. ([\#11907](matrix-org/synapse#11907)) - Correct the structured logging configuration example. Contributed by Brad Jones. ([\#11946](matrix-org/synapse#11946)) - Add information on the Synapse release cycle. ([\#11954](matrix-org/synapse#11954)) - Fix broken link in the README to the admin API for password reset. ([\#11955](matrix-org/synapse#11955)) Deprecations and Removals ------------------------- - Drop support for `webclient` listeners and configuring `web_client_location` to a non-HTTP(S) URL. Deprecated configurations are a configuration error. ([\#11895](matrix-org/synapse#11895)) - Remove deprecated `user_may_create_room_with_invites` spam checker callback. See the [upgrade notes](https://matrix-org.github.io/synapse/latest/upgrade.html#removal-of-user_may_create_room_with_invites) for more information. ([\#11950](matrix-org/synapse#11950)) - No longer build `.deb` packages for Ubuntu 21.04 Hirsute Hippo, which has now EOLed. ([\#11961](matrix-org/synapse#11961)) Internal Changes ---------------- - Enhance user registration test helpers to make them more useful for tests involving application services and devices. ([\#11615](matrix-org/synapse#11615), [\#11616](matrix-org/synapse#11616)) - Improve performance when fetching bundled aggregations for multiple events. ([\#11660](matrix-org/synapse#11660), [\#11752](matrix-org/synapse#11752)) - Fix type errors introduced by new annotations in the Prometheus Client library. ([\#11832](matrix-org/synapse#11832)) - Add missing type hints to replication code. ([\#11856](matrix-org/synapse#11856), [\#11938](matrix-org/synapse#11938)) - Ensure that `opentracing` scopes are activated and closed at the right time. ([\#11869](matrix-org/synapse#11869)) - Improve opentracing for incoming federation requests. ([\#11870](matrix-org/synapse#11870)) - Improve internal docstrings in `synapse.util.caches`. ([\#11876](matrix-org/synapse#11876)) - Do not needlessly clear the `get_users_in_room` and `get_users_in_room_with_profiles` caches when any room state changes. ([\#11878](matrix-org/synapse#11878)) - Convert `ApplicationServiceTestCase` to use `simple_async_mock`. ([\#11880](matrix-org/synapse#11880)) - Remove experimental changes to the default push rules which were introduced in Synapse 1.19.0 but never enabled. ([\#11884](matrix-org/synapse#11884)) - Disable coverage calculation for olddeps build. ([\#11888](matrix-org/synapse#11888)) - Preparation to support sending device list updates to application services. ([\#11905](matrix-org/synapse#11905)) - Add a test that checks users receive their own device list updates down `/sync`. ([\#11909](matrix-org/synapse#11909)) - Run Complement tests sequentially. ([\#11910](matrix-org/synapse#11910)) - Various refactors to the application service notifier code. ([\#11911](matrix-org/synapse#11911), [\#11912](matrix-org/synapse#11912)) - Tests: replace mocked `Authenticator` with the real thing. ([\#11913](matrix-org/synapse#11913)) - Various refactors to the typing notifications code. ([\#11914](matrix-org/synapse#11914)) - Use the proper type for the `Content-Length` header in the `UploadResource`. ([\#11927](matrix-org/synapse#11927)) - Remove an unnecessary ignoring of type hints due to fixes in upstream packages. ([\#11939](matrix-org/synapse#11939)) - Add missing type hints. ([\#11953](matrix-org/synapse#11953)) - Fix an import cycle in `synapse.event_auth`. ([\#11965](matrix-org/synapse#11965)) - Unpin `frozendict` but exclude the known bad version 2.1.2. ([\#11969](matrix-org/synapse#11969)) - Prepare for rename of default Complement branch. ([\#11971](matrix-org/synapse#11971)) - Fetch Synapse's version using a helper from `matrix-common`. ([\#11979](matrix-org/synapse#11979)) Synapse 1.52.0 (2022-02-08) =========================== No significant changes since 1.52.0rc1. Note that [Twisted 22.1.0](https://github.com/twisted/twisted/releases/tag/twisted-22.1.0) has recently been released, which fixes a [security issue](GHSA-92x2-jw7w-xvvx) within the Twisted library. We do not believe Synapse is affected by this vulnerability, though we advise server administrators who installed Synapse via pip to upgrade Twisted with `pip install --upgrade Twisted` as a matter of good practice. The Docker image `matrixdotorg/synapse` and the Debian packages from `packages.matrix.org` are using the updated library. Synapse 1.52.0rc1 (2022-02-01) ============================== Features -------- - Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\#11621](matrix-org/synapse#11621), [\#11788](matrix-org/synapse#11788), [\#11789](matrix-org/synapse#11789)) - Add an admin API to reset connection timeouts for remote server. ([\#11639](matrix-org/synapse#11639)) - Add an admin API to get a list of rooms that federate with a given remote homeserver. ([\#11658](matrix-org/synapse#11658)) - Add a config flag to inhibit `M_USER_IN_USE` during registration. ([\#11743](matrix-org/synapse#11743)) - Add a module callback to set username at registration. ([\#11790](matrix-org/synapse#11790)) - Allow configuring a maximum file size as well as a list of allowed content types for avatars. ([\#11846](matrix-org/synapse#11846)) Bugfixes -------- - Include the bundled aggregations in the `/sync` response, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\#11612](matrix-org/synapse#11612)) - Fix a long-standing bug when previewing Reddit URLs which do not contain an image. ([\#11767](matrix-org/synapse#11767)) - Fix a long-standing bug that media streams could cause long-lived connections when generating URL previews. ([\#11784](matrix-org/synapse#11784)) - Include a `prev_content` field in state events sent to Application Services. Contributed by @totallynotvaishnav. ([\#11798](matrix-org/synapse#11798)) - Fix a bug introduced in Synapse 0.33.3 causing requests to sometimes log strings such as `HTTPStatus.OK` instead of integer status codes. ([\#11827](matrix-org/synapse#11827)) Improved Documentation ---------------------- - Update pypi installation docs to indicate that we now support Python 3.10. ([\#11820](matrix-org/synapse#11820)) - Add missing steps to the contribution submission process in the documentation. Contributed by @sequentialread. ([\#11821](matrix-org/synapse#11821)) - Remove not needed old table of contents in documentation. ([\#11860](matrix-org/synapse#11860)) - Consolidate the `access_token` information at the top of each relevant page in the Admin API documentation. ([\#11861](matrix-org/synapse#11861)) Deprecations and Removals ------------------------- - Drop support for Python 3.6, which is EOL. ([\#11683](matrix-org/synapse#11683)) - Remove the `experimental_msc1849_support_enabled` flag as the features are now stable. ([\#11843](matrix-org/synapse#11843)) Internal Changes ---------------- - Preparation for database schema simplifications: add `state_key` and `rejection_reason` columns to `events` table. ([\#11792](matrix-org/synapse#11792)) - Add `FrozenEvent.get_state_key` and use it in a couple of places. ([\#11793](matrix-org/synapse#11793)) - Preparation for database schema simplifications: stop reading from `event_reference_hashes`. ([\#11794](matrix-org/synapse#11794)) - Drop unused table `public_room_list_stream`. ([\#11795](matrix-org/synapse#11795)) - Preparation for reducing Postgres serialization errors: allow setting transaction isolation level. Contributed by Nick @ Beeper. ([\#11799](matrix-org/synapse#11799), [\#11847](matrix-org/synapse#11847)) - Docker: skip the initial amd64-only build and go straight to multiarch. ([\#11810](matrix-org/synapse#11810)) - Run Complement on the Github Actions VM and not inside a Docker container. ([\#11811](matrix-org/synapse#11811)) - Log module names at startup. ([\#11813](matrix-org/synapse#11813)) - Improve type safety of bundled aggregations code. ([\#11815](matrix-org/synapse#11815)) - Correct a type annotation in the event validation logic. ([\#11817](matrix-org/synapse#11817), [\#11830](matrix-org/synapse#11830)) - Minor updates and documentation for database schema delta files. ([\#11823](matrix-org/synapse#11823)) - Workaround a type annotation problem in `prometheus_client` 0.13.0. ([\#11834](matrix-org/synapse#11834)) - Minor performance improvement in room state lookup. ([\#11836](matrix-org/synapse#11836)) - Fix some indentation inconsistencies in the sample config. ([\#11838](matrix-org/synapse#11838)) - Add type hints to `tests/rest/admin`. ([\#11851](matrix-org/synapse#11851))
Fizzadar
added a commit
to Fizzadar/synapse
that referenced
this pull request
Mar 7, 2022
Synapse 1.53.0 (2022-02-22) =========================== No significant changes. Synapse 1.53.0rc1 (2022-02-15) ============================== Features -------- - Add experimental support for sending to-device messages to application services, as specified by [MSC2409](matrix-org/matrix-spec-proposals#2409). ([\matrix-org#11215](matrix-org#11215), [\matrix-org#11966](matrix-org#11966)) - Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\matrix-org#11655](matrix-org#11655)) - Experimental support for [MSC3666](matrix-org/matrix-spec-proposals#3666): including bundled aggregations in server side search results. ([\matrix-org#11837](matrix-org#11837)) - Enable cache time-based expiry by default. The `expiry_time` config flag has been superseded by `expire_caches` and `cache_entry_ttl`. ([\matrix-org#11849](matrix-org#11849)) - Add a callback to allow modules to allow or forbid a 3PID (email address, phone number) from being associated to a local account. ([\matrix-org#11854](matrix-org#11854)) - Stabilize support and remove unstable endpoints for [MSC3231](matrix-org/matrix-spec-proposals#3231). Clients must switch to the stable identifier and endpoint. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#stablisation-of-msc3231) for more information. ([\matrix-org#11867](matrix-org#11867)) - Allow modules to retrieve the current instance's server name and worker name. ([\matrix-org#11868](matrix-org#11868)) - Use a dedicated configurable rate limiter for 3PID invites. ([\matrix-org#11892](matrix-org#11892)) - Support the stable API endpoint for [MSC3283](matrix-org/matrix-spec-proposals#3283): new settings in `/capabilities` endpoint. ([\matrix-org#11933](matrix-org#11933), [\matrix-org#11989](matrix-org#11989)) - Support the `dir` parameter on the `/relations` endpoint, per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\matrix-org#11941](matrix-org#11941)) - Experimental implementation of [MSC3706](matrix-org/matrix-spec-proposals#3706): extensions to `/send_join` to support reduced response size. ([\matrix-org#11967](matrix-org#11967)) Bugfixes -------- - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) historical messages backfilling in random order on remote homeservers. ([\matrix-org#11114](matrix-org#11114)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\matrix-org#11890](matrix-org#11890)) - Fix a long-standing bug where some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\matrix-org#11930](matrix-org#11930)) - Implement an allow list of content types for which we will attempt to preview a URL. This prevents Synapse from making useless longer-lived connections to streaming media servers. ([\matrix-org#11936](matrix-org#11936)) - Fix a long-standing bug where pagination tokens from `/sync` and `/messages` could not be provided to the `/relations` API. ([\matrix-org#11952](matrix-org#11952)) - Require that modules register their callbacks using keyword arguments. ([\matrix-org#11975](matrix-org#11975)) - Fix a long-standing bug where `M_WRONG_ROOM_KEYS_VERSION` errors would not include the specced `current_version` field. ([\matrix-org#11988](matrix-org#11988)) Improved Documentation ---------------------- - Fix typo in User Admin API: unpind -> unbind. ([\matrix-org#11859](matrix-org#11859)) - Document images returned by the User List Media Admin API can include those generated by URL previews. ([\matrix-org#11862](matrix-org#11862)) - Remove outdated MSC1711 FAQ document. ([\matrix-org#11907](matrix-org#11907)) - Correct the structured logging configuration example. Contributed by Brad Jones. ([\matrix-org#11946](matrix-org#11946)) - Add information on the Synapse release cycle. ([\matrix-org#11954](matrix-org#11954)) - Fix broken link in the README to the admin API for password reset. ([\matrix-org#11955](matrix-org#11955)) Deprecations and Removals ------------------------- - Drop support for `webclient` listeners and configuring `web_client_location` to a non-HTTP(S) URL. Deprecated configurations are a configuration error. ([\matrix-org#11895](matrix-org#11895)) - Remove deprecated `user_may_create_room_with_invites` spam checker callback. See the [upgrade notes](https://matrix-org.github.io/synapse/latest/upgrade.html#removal-of-user_may_create_room_with_invites) for more information. ([\matrix-org#11950](matrix-org#11950)) - No longer build `.deb` packages for Ubuntu 21.04 Hirsute Hippo, which has now EOLed. ([\matrix-org#11961](matrix-org#11961)) Internal Changes ---------------- - Enhance user registration test helpers to make them more useful for tests involving application services and devices. ([\matrix-org#11615](matrix-org#11615), [\matrix-org#11616](matrix-org#11616)) - Improve performance when fetching bundled aggregations for multiple events. ([\matrix-org#11660](matrix-org#11660), [\matrix-org#11752](matrix-org#11752)) - Fix type errors introduced by new annotations in the Prometheus Client library. ([\matrix-org#11832](matrix-org#11832)) - Add missing type hints to replication code. ([\matrix-org#11856](matrix-org#11856), [\matrix-org#11938](matrix-org#11938)) - Ensure that `opentracing` scopes are activated and closed at the right time. ([\matrix-org#11869](matrix-org#11869)) - Improve opentracing for incoming federation requests. ([\matrix-org#11870](matrix-org#11870)) - Improve internal docstrings in `synapse.util.caches`. ([\matrix-org#11876](matrix-org#11876)) - Do not needlessly clear the `get_users_in_room` and `get_users_in_room_with_profiles` caches when any room state changes. ([\matrix-org#11878](matrix-org#11878)) - Convert `ApplicationServiceTestCase` to use `simple_async_mock`. ([\matrix-org#11880](matrix-org#11880)) - Remove experimental changes to the default push rules which were introduced in Synapse 1.19.0 but never enabled. ([\matrix-org#11884](matrix-org#11884)) - Disable coverage calculation for olddeps build. ([\matrix-org#11888](matrix-org#11888)) - Preparation to support sending device list updates to application services. ([\matrix-org#11905](matrix-org#11905)) - Add a test that checks users receive their own device list updates down `/sync`. ([\matrix-org#11909](matrix-org#11909)) - Run Complement tests sequentially. ([\matrix-org#11910](matrix-org#11910)) - Various refactors to the application service notifier code. ([\matrix-org#11911](matrix-org#11911), [\matrix-org#11912](matrix-org#11912)) - Tests: replace mocked `Authenticator` with the real thing. ([\matrix-org#11913](matrix-org#11913)) - Various refactors to the typing notifications code. ([\matrix-org#11914](matrix-org#11914)) - Use the proper type for the `Content-Length` header in the `UploadResource`. ([\matrix-org#11927](matrix-org#11927)) - Remove an unnecessary ignoring of type hints due to fixes in upstream packages. ([\matrix-org#11939](matrix-org#11939)) - Add missing type hints. ([\matrix-org#11953](matrix-org#11953)) - Fix an import cycle in `synapse.event_auth`. ([\matrix-org#11965](matrix-org#11965)) - Unpin `frozendict` but exclude the known bad version 2.1.2. ([\matrix-org#11969](matrix-org#11969)) - Prepare for rename of default Complement branch. ([\matrix-org#11971](matrix-org#11971)) - Fetch Synapse's version using a helper from `matrix-common`. ([\matrix-org#11979](matrix-org#11979))
babolivier
added a commit
to matrix-org/synapse-dinsic
that referenced
this pull request
Apr 28, 2022
Synapse 1.53.0 (2022-02-22) =========================== No significant changes. Synapse 1.53.0rc1 (2022-02-15) ============================== Features -------- - Add experimental support for sending to-device messages to application services, as specified by [MSC2409](matrix-org/matrix-spec-proposals#2409). ([\#11215](matrix-org/synapse#11215), [\#11966](matrix-org/synapse#11966)) - Remove account data (including client config, push rules and ignored users) upon user deactivation. ([\#11655](matrix-org/synapse#11655)) - Experimental support for [MSC3666](matrix-org/matrix-spec-proposals#3666): including bundled aggregations in server side search results. ([\#11837](matrix-org/synapse#11837)) - Enable cache time-based expiry by default. The `expiry_time` config flag has been superseded by `expire_caches` and `cache_entry_ttl`. ([\#11849](matrix-org/synapse#11849)) - Add a callback to allow modules to allow or forbid a 3PID (email address, phone number) from being associated to a local account. ([\#11854](matrix-org/synapse#11854)) - Stabilize support and remove unstable endpoints for [MSC3231](matrix-org/matrix-spec-proposals#3231). Clients must switch to the stable identifier and endpoint. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#stablisation-of-msc3231) for more information. ([\#11867](matrix-org/synapse#11867)) - Allow modules to retrieve the current instance's server name and worker name. ([\#11868](matrix-org/synapse#11868)) - Use a dedicated configurable rate limiter for 3PID invites. ([\#11892](matrix-org/synapse#11892)) - Support the stable API endpoint for [MSC3283](matrix-org/matrix-spec-proposals#3283): new settings in `/capabilities` endpoint. ([\#11933](matrix-org/synapse#11933), [\#11989](matrix-org/synapse#11989)) - Support the `dir` parameter on the `/relations` endpoint, per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#11941](matrix-org/synapse#11941)) - Experimental implementation of [MSC3706](matrix-org/matrix-spec-proposals#3706): extensions to `/send_join` to support reduced response size. ([\#11967](matrix-org/synapse#11967)) Bugfixes -------- - Fix [MSC2716](matrix-org/matrix-spec-proposals#2716) historical messages backfilling in random order on remote homeservers. ([\#11114](matrix-org/synapse#11114)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\#11890](matrix-org/synapse#11890)) - Fix a long-standing bug where some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11930](matrix-org/synapse#11930)) - Implement an allow list of content types for which we will attempt to preview a URL. This prevents Synapse from making useless longer-lived connections to streaming media servers. ([\#11936](matrix-org/synapse#11936)) - Fix a long-standing bug where pagination tokens from `/sync` and `/messages` could not be provided to the `/relations` API. ([\#11952](matrix-org/synapse#11952)) - Require that modules register their callbacks using keyword arguments. ([\#11975](matrix-org/synapse#11975)) - Fix a long-standing bug where `M_WRONG_ROOM_KEYS_VERSION` errors would not include the specced `current_version` field. ([\#11988](matrix-org/synapse#11988)) Improved Documentation ---------------------- - Fix typo in User Admin API: unpind -> unbind. ([\#11859](matrix-org/synapse#11859)) - Document images returned by the User List Media Admin API can include those generated by URL previews. ([\#11862](matrix-org/synapse#11862)) - Remove outdated MSC1711 FAQ document. ([\#11907](matrix-org/synapse#11907)) - Correct the structured logging configuration example. Contributed by Brad Jones. ([\#11946](matrix-org/synapse#11946)) - Add information on the Synapse release cycle. ([\#11954](matrix-org/synapse#11954)) - Fix broken link in the README to the admin API for password reset. ([\#11955](matrix-org/synapse#11955)) Deprecations and Removals ------------------------- - Drop support for `webclient` listeners and configuring `web_client_location` to a non-HTTP(S) URL. Deprecated configurations are a configuration error. ([\#11895](matrix-org/synapse#11895)) - Remove deprecated `user_may_create_room_with_invites` spam checker callback. See the [upgrade notes](https://matrix-org.github.io/synapse/latest/upgrade.html#removal-of-user_may_create_room_with_invites) for more information. ([\#11950](matrix-org/synapse#11950)) - No longer build `.deb` packages for Ubuntu 21.04 Hirsute Hippo, which has now EOLed. ([\#11961](matrix-org/synapse#11961)) Internal Changes ---------------- - Enhance user registration test helpers to make them more useful for tests involving application services and devices. ([\#11615](matrix-org/synapse#11615), [\#11616](matrix-org/synapse#11616)) - Improve performance when fetching bundled aggregations for multiple events. ([\#11660](matrix-org/synapse#11660), [\#11752](matrix-org/synapse#11752)) - Fix type errors introduced by new annotations in the Prometheus Client library. ([\#11832](matrix-org/synapse#11832)) - Add missing type hints to replication code. ([\#11856](matrix-org/synapse#11856), [\#11938](matrix-org/synapse#11938)) - Ensure that `opentracing` scopes are activated and closed at the right time. ([\#11869](matrix-org/synapse#11869)) - Improve opentracing for incoming federation requests. ([\#11870](matrix-org/synapse#11870)) - Improve internal docstrings in `synapse.util.caches`. ([\#11876](matrix-org/synapse#11876)) - Do not needlessly clear the `get_users_in_room` and `get_users_in_room_with_profiles` caches when any room state changes. ([\#11878](matrix-org/synapse#11878)) - Convert `ApplicationServiceTestCase` to use `simple_async_mock`. ([\#11880](matrix-org/synapse#11880)) - Remove experimental changes to the default push rules which were introduced in Synapse 1.19.0 but never enabled. ([\#11884](matrix-org/synapse#11884)) - Disable coverage calculation for olddeps build. ([\#11888](matrix-org/synapse#11888)) - Preparation to support sending device list updates to application services. ([\#11905](matrix-org/synapse#11905)) - Add a test that checks users receive their own device list updates down `/sync`. ([\#11909](matrix-org/synapse#11909)) - Run Complement tests sequentially. ([\#11910](matrix-org/synapse#11910)) - Various refactors to the application service notifier code. ([\#11911](matrix-org/synapse#11911), [\#11912](matrix-org/synapse#11912)) - Tests: replace mocked `Authenticator` with the real thing. ([\#11913](matrix-org/synapse#11913)) - Various refactors to the typing notifications code. ([\#11914](matrix-org/synapse#11914)) - Use the proper type for the `Content-Length` header in the `UploadResource`. ([\#11927](matrix-org/synapse#11927)) - Remove an unnecessary ignoring of type hints due to fixes in upstream packages. ([\#11939](matrix-org/synapse#11939)) - Add missing type hints. ([\#11953](matrix-org/synapse#11953)) - Fix an import cycle in `synapse.event_auth`. ([\#11965](matrix-org/synapse#11965)) - Unpin `frozendict` but exclude the known bad version 2.1.2. ([\#11969](matrix-org/synapse#11969)) - Prepare for rename of default Complement branch. ([\#11971](matrix-org/synapse#11971)) - Fetch Synapse's version using a helper from `matrix-common`. ([\#11979](matrix-org/synapse#11979))
netbsd-srcmastr
pushed a commit
to NetBSD/pkgsrc
that referenced
this pull request
Jan 18, 2023
chat/matrix-synapse: security update
Revisions pulled up:
- chat/matrix-synapse/Makefile 1.34-1.36
- chat/matrix-synapse/PLIST 1.18-1.19
- chat/matrix-synapse/distinfo 1.24,1.27-1.28
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Sat Oct 2 12:23:13 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.43.0
Synapse 1.43.0 (2021-09-21)
=============
This release drops support for the deprecated, unstable API for [MSC2858 (Multiple SSO Identity
Providers)](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), as well as the undocumented `experimental.msc2858_enabled` config
option. Client authors should update their clients to use the stable API, available since Synapse 1.30.
The documentation has been updated with configuration for routing `/spaces`, `/hierarchy` and `/summary` to workers. See [the upgrade
notes](https://github.com/matrix-org/synapse/blob/release-v1.43/docs/upgrade.md#upgrading-to-v1430) for more details.
No significant changes since 1.43.0rc2.
Synapse 1.43.0rc2 (2021-09-17)
===============
Bugfixes
--------
- Added opentracing logging to help debug [\#9424](https://github.com/matrix-org/synapse/issues/9424). ([\#10828](https://github.com/matrix-org/synapse/issues/10828))
Synapse 1.43.0rc1 (2021-09-14)
===============
Features
--------
- Allow room creators to send historical events specified by [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) in existing room versions.
([\#10566](https://github.com/matrix-org/synapse/issues/10566))
- Add config option to use non-default manhole password and keys. ([\#10643](https://github.com/matrix-org/synapse/issues/10643))
- Skip final GC at shutdown to improve restart performance. ([\#10712](https://github.com/matrix-org/synapse/issues/10712))
- Allow configuration of the oEmbed URLs used for URL previews. ([\#10714](https://github.com/matrix-org/synapse/issues/10714), [\#10759](https://github.com/matrix-org/synapse/issues/10759))
- Prefer [room version 9](https://github.com/matrix-org/matrix-doc/pull/3375) for restricted rooms per the [room version capabilities](https://github.com/matrix-org/matrix-doc/pull/3244) API.
([\#10772](https://github.com/matrix-org/synapse/issues/10772))
Bugfixes
--------
- Fix a long-standing bug where room avatars were not included in email notifications. ([\#10658](https://github.com/matrix-org/synapse/issues/10658))
- Fix a bug where the ordering algorithm was skipping the `origin_server_ts` step in the spaces summary resulting in unstable room orderings.
([\#10730](https://github.com/matrix-org/synapse/issues/10730))
- Fix edge case when persisting events into a room where there are multiple events we previously hadn't calculated auth chains for (and hadn't marked as needing to be calculated).
([\#10743](https://github.com/matrix-org/synapse/issues/10743))
- Fix a bug which prevented calls to `/createRoom` that included the `room_alias_name` parameter from being handled by worker processes. ([\#10757](https://github.com/matrix-org/synapse/issues/10757))
- Fix a bug which prevented user registration via SSO to require consent tracking for SSO mapping providers that don't prompt for Matrix ID selection. Contributed by @AndrewFerr.
([\#10733](https://github.com/matrix-org/synapse/issues/10733))
- Only return the stripped state events for the `m.space.child` events in a room for the spaces summary from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946).
([\#10760](https://github.com/matrix-org/synapse/issues/10760))
- Properly handle room upgrades of spaces. ([\#10774](https://github.com/matrix-org/synapse/issues/10774))
- Fix a bug which generated invalid homeserver config when the `frontend_proxy` worker type was passed to the Synapse Worker-based Complement image.
([\#10783](https://github.com/matrix-org/synapse/issues/10783))
Improved Documentation
----------------------
- Minor fix to the `media_repository` developer documentation. Contributed by @cuttingedge1109. ([\#10556](https://github.com/matrix-org/synapse/issues/10556))
- Update the documentation to note that the `/spaces` and `/hierarchy` endpoints can be routed to workers. ([\#10648](https://github.com/matrix-org/synapse/issues/10648))
- Clarify admin API documentation on undoing room deletions. ([\#10735](https://github.com/matrix-org/synapse/issues/10735))
- Split up the modules documentation and add examples for module developers. ([\#10758](https://github.com/matrix-org/synapse/issues/10758))
- Correct 2 typographical errors in the [Log Contexts documentation](https://matrix-org.github.io/synapse/latest/log_contexts.html). ([\#10795](https://github.com/matrix-org/synapse/issues/10795))
- Fix a wording mistake in the sample configuration. Contributed by @bramvdnheuvel:nltrix.net. ([\#10804](https://github.com/matrix-org/synapse/issues/10804))
Deprecations and Removals
-------------------------
- Remove the [unstable MSC2858 API](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), including the undocumented
`experimental.msc2858_enabled` config option. The unstable API has been deprecated since Synapse 1.35. Client authors should update their clients to use the stable API introduced in Synapse 1.30 if
they have not already done so. ([\#10693](https://github.com/matrix-org/synapse/issues/10693))
Internal Changes
----------------
- Add OpenTracing logging to help debug stuck messages (as described by issue [#9424](https://github.com/matrix-org/synapse/issues/9424)).
([\#10704](https://github.com/matrix-org/synapse/issues/10704))
- Add type annotations to the `synapse.util` package. ([\#10601](https://github.com/matrix-org/synapse/issues/10601))
- Ensure `rooms.creator` field is always populated for easy lookup in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) usage later.
([\#10697](https://github.com/matrix-org/synapse/issues/10697))
- Add missing type hints to REST servlets. ([\#10707](https://github.com/matrix-org/synapse/issues/10707), [\#10728](https://github.com/matrix-org/synapse/issues/10728),
[\#10736](https://github.com/matrix-org/synapse/issues/10736))
- Do not include rooms with unknown room versions in the spaces summary results. ([\#10727](https://github.com/matrix-org/synapse/issues/10727))
- Additional error checking for the `preset` field when creating a room. ([\#10738](https://github.com/matrix-org/synapse/issues/10738))
- Clean up some of the federation event authentication code for clarity. ([\#10744](https://github.com/matrix-org/synapse/issues/10744), [\#10745](https://github.com/matrix-org/synapse/issues/10745),
[\#10746](https://github.com/matrix-org/synapse/issues/10746), [\#10771](https://github.com/matrix-org/synapse/issues/10771), [\#10773](https://github.com/matrix-org/synapse/issues/10773),
[\#10781](https://github.com/matrix-org/synapse/issues/10781))
- Add an index to `presence_stream` to hopefully speed up startups a little. ([\#10748](https://github.com/matrix-org/synapse/issues/10748))
- Refactor event size checking code to simplify searching the codebase for the origins of certain error strings that are occasionally emitted.
([\#10750](https://github.com/matrix-org/synapse/issues/10750))
- Move tests relating to rooms having encryption out of the user directory tests. ([\#10752](https://github.com/matrix-org/synapse/issues/10752))
- Use `attrs` internally for the URL preview code & update documentation. ([\#10753](https://github.com/matrix-org/synapse/issues/10753))
- Minor speed ups when joining large rooms over federation. ([\#10754](https://github.com/matrix-org/synapse/issues/10754), [\#10755](https://github.com/matrix-org/synapse/issues/10755),
[\#10756](https://github.com/matrix-org/synapse/issues/10756), [\#10780](https://github.com/matrix-org/synapse/issues/10780), [\#10784](https://github.com/matrix-org/synapse/issues/10784))
- Add a constant for `m.federate`. ([\#10775](https://github.com/matrix-org/synapse/issues/10775))
- Add a script to update the Debian changelog in a Docker container for systems that are not Debian-based. ([\#10778](https://github.com/matrix-org/synapse/issues/10778))
- Change the format of authenticated users in logs when a user is being puppeted by and admin user. ([\#10779](https://github.com/matrix-org/synapse/issues/10779))
- Remove fixed and flakey tests from the Sytest blacklist. ([\#10788](https://github.com/matrix-org/synapse/issues/10788))
- Improve internal details of the user directory code. ([\#10789](https://github.com/matrix-org/synapse/issues/10789))
- Use direct references to config flags. ([\#10798](https://github.com/matrix-org/synapse/issues/10798))
- Ensure the Rust reporter passes type checking with jaeger-client 4.7's type annotations. ([\#10799](https://github.com/matrix-org/synapse/issues/10799))
Synapse 1.42.0 (2021-09-07)
=============
This version of Synapse removes deprecated room-management admin APIs, removes out-of-date email pushers, and improves error handling for fallback templates for user-interactive authentication. For
more information on these points, server administrators are encouraged to read [the upgrade notes](docs/upgrade.md#upgrading-to-v1420).
No significant changes since 1.42.0rc2.
Synapse 1.42.0rc2 (2021-09-06)
===============
Features
--------
- Support room version 9 from [MSC3375](https://github.com/matrix-org/matrix-doc/pull/3375). ([\#10747](https://github.com/matrix-org/synapse/issues/10747))
Internal Changes
----------------
- Print a warning when using one of the deprecated `template_dir` settings. ([\#10768](https://github.com/matrix-org/synapse/issues/10768))
Synapse 1.42.0rc1 (2021-09-01)
===============
Features
--------
- Add support for [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231): Token authenticated registration. Users can be required to submit a token during registration to authenticate
themselves. Contributed by Callum Brown. ([\#10142](https://github.com/matrix-org/synapse/issues/10142))
- Add support for [MSC3283](https://github.com/matrix-org/matrix-doc/pull/3283): Expose `enable_set_displayname` in capabilities. ([\#10452](https://github.com/matrix-org/synapse/issues/10452))
- Port the `PresenceRouter` module interface to the new generic interface. ([\#10524](https://github.com/matrix-org/synapse/issues/10524))
- Add pagination to the spaces summary based on updates to [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946). ([\#10613](https://github.com/matrix-org/synapse/issues/10613),
[\#10725](https://github.com/matrix-org/synapse/issues/10725))
Bugfixes
--------
- Validate new `m.room.power_levels` events. Contributed by @aaronraimist. ([\#10232](https://github.com/matrix-org/synapse/issues/10232))
- Display an error on User-Interactive Authentication fallback pages when authentication fails. Contributed by Callum Brown. ([\#10561](https://github.com/matrix-org/synapse/issues/10561))
- Remove pushers when deleting an e-mail address from an account. Pushers for old unlinked emails will also be deleted. ([\#10581](https://github.com/matrix-org/synapse/issues/10581),
[\#10734](https://github.com/matrix-org/synapse/issues/10734))
- Reject Client-Server `/keys/query` requests which provide `device_ids` incorrectly. ([\#10593](https://github.com/matrix-org/synapse/issues/10593))
- Rooms with unsupported room versions are no longer returned via `/sync`. ([\#10644](https://github.com/matrix-org/synapse/issues/10644))
- Enforce the maximum length for per-room display names and avatar URLs. ([\#10654](https://github.com/matrix-org/synapse/issues/10654))
- Fix a bug which caused the `synapse_user_logins_total` Prometheus metric not to be correctly initialised on restart. ([\#10677](https://github.com/matrix-org/synapse/issues/10677))
- Improve `ServerNoticeServlet` to avoid duplicate requests and add unit tests. ([\#10679](https://github.com/matrix-org/synapse/issues/10679))
- Fix long-standing issue which caused an error when a thumbnail is requested and there are multiple thumbnails with the same quality rating.
([\#10684](https://github.com/matrix-org/synapse/issues/10684))
- Fix a regression introduced in v1.41.0 which affected the performance of concurrent fetches of large sets of events, in extreme cases causing the process to hang.
([\#10703](https://github.com/matrix-org/synapse/issues/10703))
- Fix a regression introduced in Synapse 1.41 which broke email transmission on Systems using older versions of the Twisted library. ([\#10713](https://github.com/matrix-org/synapse/issues/10713))
Improved Documentation
----------------------
- Add documentation on how to connect Django with Synapse using OpenID Connect and django-oauth-toolkit. Contributed by @HugoDelval. ([\#10192](https://github.com/matrix-org/synapse/issues/10192))
- Advertise https://matrix-org.github.io/synapse documentation in the `README` and `CONTRIBUTING` files. ([\#10595](https://github.com/matrix-org/synapse/issues/10595))
- Fix some of the titles not rendering in the OpenID Connect documentation. ([\#10639](https://github.com/matrix-org/synapse/issues/10639))
- Minor clarifications to the documentation for reverse proxies. ([\#10708](https://github.com/matrix-org/synapse/issues/10708))
- Remove table of contents from the top of installation and contributing documentation pages. ([\#10711](https://github.com/matrix-org/synapse/issues/10711))
Deprecations and Removals
-------------------------
- Remove deprecated Shutdown Room and Purge Room Admin API. ([\#8830](https://github.com/matrix-org/synapse/issues/8830))
Internal Changes
----------------
- Improve type hints for the proxy agent and SRV resolver modules. Contributed by @dklimpel. ([\#10608](https://github.com/matrix-org/synapse/issues/10608))
- Clean up some of the federation event authentication code for clarity. ([\#10614](https://github.com/matrix-org/synapse/issues/10614), [\#10615](https://github.com/matrix-org/synapse/issues/10615),
[\#10624](https://github.com/matrix-org/synapse/issues/10624), [\#10640](https://github.com/matrix-org/synapse/issues/10640))
- Add a comment asking developers to leave a reason when bumping the database schema version. ([\#10621](https://github.com/matrix-org/synapse/issues/10621))
- Remove not needed database updates in modify user admin API. ([\#10627](https://github.com/matrix-org/synapse/issues/10627))
- Convert room member storage tuples to `attrs` classes. ([\#10629](https://github.com/matrix-org/synapse/issues/10629), [\#10642](https://github.com/matrix-org/synapse/issues/10642))
- Use auto-attribs for the attrs classes used in sync. ([\#10630](https://github.com/matrix-org/synapse/issues/10630))
- Make `backfill` and `get_missing_events` use the same codepath. ([\#10645](https://github.com/matrix-org/synapse/issues/10645))
- Improve the performance of the `/hierarchy` API (from [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946)) by caching responses received over federation.
([\#10647](https://github.com/matrix-org/synapse/issues/10647))
- Run a nightly CI build against Twisted trunk. ([\#10651](https://github.com/matrix-org/synapse/issues/10651), [\#10672](https://github.com/matrix-org/synapse/issues/10672))
- Do not print out stack traces for network errors when fetching data over federation. ([\#10662](https://github.com/matrix-org/synapse/issues/10662))
- Simplify tests for device admin rest API. ([\#10664](https://github.com/matrix-org/synapse/issues/10664))
- Add missing type hints to REST servlets. ([\#10665](https://github.com/matrix-org/synapse/issues/10665), [\#10666](https://github.com/matrix-org/synapse/issues/10666),
[\#10674](https://github.com/matrix-org/synapse/issues/10674))
- Flatten the `tests.synapse.rests` package by moving the contents of `v1` and `v2_alpha` into the parent. ([\#10667](https://github.com/matrix-org/synapse/issues/10667))
- Update `complement.sh` to rebuild the base Docker image when run with workers. ([\#10686](https://github.com/matrix-org/synapse/issues/10686))
- Split the event-processing methods in `FederationHandler` into a separate `FederationEventHandler`. ([\#10692](https://github.com/matrix-org/synapse/issues/10692))
- Remove unused `compare_digest` function. ([\#10706](https://github.com/matrix-org/synapse/issues/10706))
To generate a diff of this commit:
cvs rdiff -u -r1.33 -r1.34 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.17 -r1.18 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.23 -r1.24 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: js
Date: Fri Nov 19 14:06:08 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile PLIST distinfo
Log Message:
Update chat/matrix-synapse to 1.47.0
Synapse 1.47.0 (2021-11-17)
=============
No significant changes since 1.47.0rc3.
Synapse 1.47.0rc3 (2021-11-16)
===============
Bugfixes
--------
- Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations.
([\#11346](https://github.com/matrix-org/synapse/issues/11346))
- Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from `device_inbox` column' background process from running when updating from a recent Synapse version.
([\#11303](https://github.com/matrix-org/synapse/issues/11303), [\#11353](https://github.com/matrix-org/synapse/issues/11353))
Synapse 1.47.0rc2 (2021-11-10)
===============
This fixes an issue with publishing the Debian packages for 1.47.0rc1.
It is otherwise identical to 1.47.0rc1.
Synapse 1.47.0rc1 (2021-11-09)
===============
Deprecations and Removals
-------------------------
- The `user_may_create_room_with_invites` module callback is now deprecated. Please refer to the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1470) for more
information. ([\#11206](https://github.com/matrix-org/synapse/issues/11206))
- Remove deprecated admin API to delete rooms (`POST /_synapse/admin/v1/rooms/<room_id>/delete`). ([\#11213](https://github.com/matrix-org/synapse/issues/11213))
Features
--------
- Advertise support for Client-Server API r0.6.1. ([\#11097](https://github.com/matrix-org/synapse/issues/11097))
- Add search by room ID and room alias to the List Room admin API. ([\#11099](https://github.com/matrix-org/synapse/issues/11099))
- Add an `on_new_event` third-party rules callback to allow Synapse modules to act after an event has been sent into a room. ([\#11126](https://github.com/matrix-org/synapse/issues/11126))
- Add a module API method to update a user's membership in a room. ([\#11147](https://github.com/matrix-org/synapse/issues/11147))
- Add metrics for thread pool usage. ([\#11178](https://github.com/matrix-org/synapse/issues/11178))
- Support the stable room type field for [MSC3288](https://github.com/matrix-org/matrix-doc/pull/3288). ([\#11187](https://github.com/matrix-org/synapse/issues/11187))
- Add a module API method to retrieve the current state of a room. ([\#11204](https://github.com/matrix-org/synapse/issues/11204))
- Calculate a default value for `public_baseurl` based on `server_name`. ([\#11210](https://github.com/matrix-org/synapse/issues/11210))
- Add support for serving `/.well-known/matrix/server` files, to redirect federation traffic to port 443. ([\#11211](https://github.com/matrix-org/synapse/issues/11211))
- Add admin APIs to pause, start and check the status of background updates. ([\#11263](https://github.com/matrix-org/synapse/issues/11263))
Bugfixes
--------
- Fix a long-standing bug which allowed hidden devices to receive to-device messages, resulting in unnecessary database bloat. ([\#10097](https://github.com/matrix-org/synapse/issues/10097))
- Fix a long-standing bug where messages in the `device_inbox` table for deleted devices would persist indefinitely. Contributed by @dklimpel and @JohannesKleine.
([\#10969](https://github.com/matrix-org/synapse/issues/10969), [\#11212](https://github.com/matrix-org/synapse/issues/11212))
- Do not accept events if a third-party rule `check_event_allowed` callback raises an exception. ([\#11033](https://github.com/matrix-org/synapse/issues/11033))
- Fix long-standing bug where verification requests could fail in certain cases if a federation whitelist was in place but did not include your own homeserver.
([\#11129](https://github.com/matrix-org/synapse/issues/11129))
- Allow an empty list of `state_events_at_start` to be sent when using the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint and the author of the historical
messages is already part of the current room state at the given `?prev_event_id`. ([\#11188](https://github.com/matrix-org/synapse/issues/11188))
- Fix a bug introduced in Synapse 1.45.0 which prevented the `synapse_review_recent_signups` script from running. Contributed by @samuel-p.
([\#11191](https://github.com/matrix-org/synapse/issues/11191))
- Delete `to_device` messages for hidden devices that will never be read, reducing database size. ([\#11199](https://github.com/matrix-org/synapse/issues/11199))
- Fix a long-standing bug wherein a missing `Content-Type` header when downloading remote media would cause Synapse to throw an error. ([\#11200](https://github.com/matrix-org/synapse/issues/11200))
- Fix a long-standing bug which could result in serialization errors and potentially duplicate transaction data when sending ephemeral events to application services. Contributed by @Fizzadar at
Beeper. ([\#11207](https://github.com/matrix-org/synapse/issues/11207))
- Fix a bug introduced in Synapse 1.35.0 which made it impossible to join rooms that return a `send_join` response containing floats. ([\#11217](https://github.com/matrix-org/synapse/issues/11217))
- Fix long-standing bug where cross signing keys were not included in the response to `/r0/keys/query` the first time a remote user was queried.
([\#11234](https://github.com/matrix-org/synapse/issues/11234))
- Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection.
([\#11240](https://github.com/matrix-org/synapse/issues/11240))
- Fix a bug preventing Synapse from being rolled back to an earlier version when using workers. ([\#11255](https://github.com/matrix-org/synapse/issues/11255),
[\#11276](https://github.com/matrix-org/synapse/issues/11276))
- Fix a bug introduced in Synapse 1.37.1 which caused a remote event being processed by a worker to not get processed on restart if the worker was killed.
([\#11262](https://github.com/matrix-org/synapse/issues/11262))
- Only allow old Element/Riot Android clients to send read receipts without a request body. All other clients must include a request body as required by the specification. Contributed by @rogersheu.
([\#11157](https://github.com/matrix-org/synapse/issues/11157))
Updates to the Docker image
---------------------------
- Avoid changing user ID when started as a non-root user, and no explicit `UID` is set. ([\#11209](https://github.com/matrix-org/synapse/issues/11209))
Improved Documentation
----------------------
- Improve example HAProxy config in the docs to properly handle HTTP `Host` headers with port information. This is required for federation over port 443 to work correctly.
([\#11128](https://github.com/matrix-org/synapse/issues/11128))
- Add documentation for using Authentik as an OpenID Connect Identity Provider. Contributed by @samip5. ([\#11151](https://github.com/matrix-org/synapse/issues/11151))
- Clarify lack of support for Windows. ([\#11198](https://github.com/matrix-org/synapse/issues/11198))
- Improve code formatting and fix a few typos in docs. Contributed by @sumnerevans at Beeper. ([\#11221](https://github.com/matrix-org/synapse/issues/11221))
- Add documentation for using LemonLDAP as an OpenID Connect Identity Provider. Contributed by @l00ptr. ([\#11257](https://github.com/matrix-org/synapse/issues/11257))
Internal Changes
----------------
- Add type annotations for the `log_function` decorator. ([\#10943](https://github.com/matrix-org/synapse/issues/10943))
- Add type hints to `synapse.events`. ([\#11098](https://github.com/matrix-org/synapse/issues/11098))
- Remove and document unnecessary `RoomStreamToken` checks in application service ephemeral event code. ([\#11137](https://github.com/matrix-org/synapse/issues/11137))
- Add type hints so that `synapse.http` passes `mypy` checks. ([\#11164](https://github.com/matrix-org/synapse/issues/11164))
- Update scripts to pass Shellcheck lints. ([\#11166](https://github.com/matrix-org/synapse/issues/11166))
- Add knock information in admin export. Contributed by Rafael Gonçalves. ([\#11171](https://github.com/matrix-org/synapse/issues/11171))
- Add tests to check that `ClientIpStore.get_last_client_ip_by_device` and `get_user_ip_and_agents` combine database and in-memory data correctly.
([\#11179](https://github.com/matrix-org/synapse/issues/11179))
- Refactor `Filter` to check different fields depending on the data type. ([\#11194](https://github.com/matrix-org/synapse/issues/11194))
- Improve type hints for the relations datastore. ([\#11205](https://github.com/matrix-org/synapse/issues/11205))
- Replace outdated links in the pull request checklist with links to the rendered documentation. ([\#11225](https://github.com/matrix-org/synapse/issues/11225))
- Fix a bug in unit test `test_block_room_and_not_purge`. ([\#11226](https://github.com/matrix-org/synapse/issues/11226))
- In `ObservableDeferred`, run observers in the order they were registered. ([\#11229](https://github.com/matrix-org/synapse/issues/11229))
- Minor speed up to start up times and getting updates for groups by adding missing index to `local_group_updates.stream_id`. ([\#11231](https://github.com/matrix-org/synapse/issues/11231))
- Add `twine` and `towncrier` as dev dependencies, as they're used by the release script. ([\#11233](https://github.com/matrix-org/synapse/issues/11233))
- Allow `stream_writers.typing` config to be a list of one worker. ([\#11237](https://github.com/matrix-org/synapse/issues/11237))
- Remove debugging statement in tests. ([\#11239](https://github.com/matrix-org/synapse/issues/11239))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical messages backfilling in random order on remote homeservers.
([\#11244](https://github.com/matrix-org/synapse/issues/11244))
- Add an additional test for the `cachedList` method decorator. ([\#11246](https://github.com/matrix-org/synapse/issues/11246))
- Make minor correction to the type of `auth_checkers` callbacks. ([\#11253](https://github.com/matrix-org/synapse/issues/11253))
- Clean up trivial aspects of the Debian package build tooling. ([\#11269](https://github.com/matrix-org/synapse/issues/11269), [\#11273](https://github.com/matrix-org/synapse/issues/11273))
- Blacklist new SyTest that checks that key uploads are valid pending the validation being implemented in Synapse. ([\#11270](https://github.com/matrix-org/synapse/issues/11270))
Synapse 1.46.0 (2021-11-02)
=============
The cause of the [performance regression affecting Synapse 1.44](https://github.com/matrix-org/synapse/issues/11049) has been identified and fixed.
([\#11177](https://github.com/matrix-org/synapse/issues/11177))
Bugfixes
--------
- Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. ([\#11196](https://github.com/matrix-org/synapse/issues/11196))
Synapse 1.46.0rc1 (2021-10-27)
===============
Features
--------
- Add support for Ubuntu 21.10 "Impish Indri". ([\#11024](https://github.com/matrix-org/synapse/issues/11024))
- Port the Password Auth Providers module interface to the new generic interface. ([\#10548](https://github.com/matrix-org/synapse/issues/10548),
[\#11180](https://github.com/matrix-org/synapse/issues/11180))
- Experimental support for the thread relation defined in [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11088](https://github.com/matrix-org/synapse/issues/11088),
[\#11181](https://github.com/matrix-org/synapse/issues/11181), [\#11192](https://github.com/matrix-org/synapse/issues/11192))
- Users admin API can now also modify user type in addition to allowing it to be set on user creation. ([\#11174](https://github.com/matrix-org/synapse/issues/11174))
Bugfixes
--------
- Newly-created public rooms are now only assigned an alias if the room's creation has not been blocked by permission settings. Contributed by @AndrewFerr.
([\#10930](https://github.com/matrix-org/synapse/issues/10930))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#11001](https://github.com/matrix-org/synapse/issues/11001),
[\#11009](https://github.com/matrix-org/synapse/issues/11009), [\#11012](https://github.com/matrix-org/synapse/issues/11012))
- Fix 500 error on `/messages` when the server accumulates more than 5 backwards extremities at a given depth for a room. ([\#11027](https://github.com/matrix-org/synapse/issues/11027))
- Fix a bug where setting a user's `external_id` via the admin API returns 500 and deletes user's existing external mappings if that external ID is already mapped.
([\#11051](https://github.com/matrix-org/synapse/issues/11051))
- Fix a long-standing bug where users excluded from the user directory were added into the directory if they belonged to a room which became public or private.
([\#11075](https://github.com/matrix-org/synapse/issues/11075))
- Fix a long-standing bug when attempting to preview URLs which are in the `windows-1252` character encoding. ([\#11077](https://github.com/matrix-org/synapse/issues/11077),
[\#11089](https://github.com/matrix-org/synapse/issues/11089))
- Fix broken export-data admin command and add test script checking the command to CI. ([\#11078](https://github.com/matrix-org/synapse/issues/11078))
- Show an error when timestamp in seconds is provided to the `/purge_media_cache` Admin API. ([\#11101](https://github.com/matrix-org/synapse/issues/11101))
- Fix local users who left all their rooms being removed from the user directory, even if the `search_all_users` config option was enabled.
([\#11103](https://github.com/matrix-org/synapse/issues/11103))
- Fix a bug which caused the module API's `get_user_ip_and_agents` function to always fail on workers. `get_user_ip_and_agents` was introduced in 1.44.0 and did not function correctly on worker
processes at the time. ([\#11112](https://github.com/matrix-org/synapse/issues/11112))
- Identity server connection is no longer ignoring `ip_range_whitelist`. ([\#11120](https://github.com/matrix-org/synapse/issues/11120))
- Fix a bug introduced in Synapse 1.45.0 breaking the configuration file parsing script. ([\#11145](https://github.com/matrix-org/synapse/issues/11145))
- Fix a performance regression introduced in 1.44.0 which could cause client requests to time out when making large numbers of outbound requests.
([\#11177](https://github.com/matrix-org/synapse/issues/11177), [\#11190](https://github.com/matrix-org/synapse/issues/11190))
- Resolve and share `state_groups` for all [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) historical events in batch. ([\#10975](https://github.com/matrix-org/synapse/issues/10975))
Improved Documentation
----------------------
- Fix broken links relating to module API deprecation in the upgrade notes. ([\#11069](https://github.com/matrix-org/synapse/issues/11069))
- Add more information about what happens when a user is deactivated. ([\#11083](https://github.com/matrix-org/synapse/issues/11083))
- Clarify the the sample log config can be copied from the documentation without issue. ([\#11092](https://github.com/matrix-org/synapse/issues/11092))
- Update the admin API documentation with an updated list of the characters allowed in registration tokens. ([\#11093](https://github.com/matrix-org/synapse/issues/11093))
- Document Synapse's behaviour when dealing with multiple modules registering the same callbacks and/or handlers for the same HTTP endpoints.
([\#11096](https://github.com/matrix-org/synapse/issues/11096))
- Fix instances of `[example]{.title-ref}` in the upgrade documentation as a result of prior RST to Markdown conversion. ([\#11118](https://github.com/matrix-org/synapse/issues/11118))
- Document the version of Synapse each module callback was introduced in. ([\#11132](https://github.com/matrix-org/synapse/issues/11132))
- Document the version of Synapse that introduced each module API method. ([\#11183](https://github.com/matrix-org/synapse/issues/11183))
Internal Changes
----------------
- Fix spurious warnings about losing the logging context on the `ReplicationCommandHandler` when losing the replication connection. ([\#10984](https://github.com/matrix-org/synapse/issues/10984))
- Include rejected status when we log events. ([\#11008](https://github.com/matrix-org/synapse/issues/11008))
- Add some extra logging to the event persistence code. ([\#11014](https://github.com/matrix-org/synapse/issues/11014))
- Rearrange the internal workings of the incremental user directory updates. ([\#11035](https://github.com/matrix-org/synapse/issues/11035))
- Fix a long-standing bug where users excluded from the directory could still be added to the `users_who_share_private_rooms` table after a regular user joins a private room.
([\#11143](https://github.com/matrix-org/synapse/issues/11143))
- Add and improve type hints. ([\#10972](https://github.com/matrix-org/synapse/issues/10972), [\#11055](https://github.com/matrix-org/synapse/issues/11055),
[\#11066](https://github.com/matrix-org/synapse/issues/11066), [\#11076](https://github.com/matrix-org/synapse/issues/11076), [\#11095](https://github.com/matrix-org/synapse/issues/11095),
[\#11109](https://github.com/matrix-org/synapse/issues/11109), [\#11121](https://github.com/matrix-org/synapse/issues/11121), [\#11146](https://github.com/matrix-org/synapse/issues/11146))
- Mark the Synapse package as containing type annotations and fix export declarations so that Synapse pluggable modules may be type checked against Synapse.
([\#11054](https://github.com/matrix-org/synapse/issues/11054))
- Remove dead code from `MediaFilePaths`. ([\#11056](https://github.com/matrix-org/synapse/issues/11056))
- Be more lenient when parsing oEmbed response versions. ([\#11065](https://github.com/matrix-org/synapse/issues/11065))
- Create a separate module for the retention configuration. ([\#11070](https://github.com/matrix-org/synapse/issues/11070))
- Clean up some of the federation event authentication code for clarity. ([\#11115](https://github.com/matrix-org/synapse/issues/11115), [\#11116](https://github.com/matrix-org/synapse/issues/11116),
[\#11122](https://github.com/matrix-org/synapse/issues/11122))
- Add docstrings and comments to the application service ephemeral event sending code. ([\#11138](https://github.com/matrix-org/synapse/issues/11138))
- Update the `sign_json` script to support inline configuration of the signing key. ([\#11139](https://github.com/matrix-org/synapse/issues/11139))
- Fix broken link in the docker image README. ([\#11144](https://github.com/matrix-org/synapse/issues/11144))
- Always dump logs from unit tests during CI runs. ([\#11068](https://github.com/matrix-org/synapse/issues/11068))
- Add tests for `MediaFilePaths` class. ([\#11057](https://github.com/matrix-org/synapse/issues/11057))
- Simplify the user admin API tests. ([\#11048](https://github.com/matrix-org/synapse/issues/11048))
- Add a test for the workaround introduced in [\#11042](https://github.com/matrix-org/synapse/pull/11042) concerning the behaviour of third-party rule modules and `SynapseError`s.
([\#11071](https://github.com/matrix-org/synapse/issues/11071))
Synapse 1.45.1 (2021-10-20)
=============
Bugfixes
--------
- Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. ([\#11127](https://github.com/matrix-org/synapse/issues/11127))
Synapse 1.45.0 (2021-10-19)
=============
No functional changes since Synapse 1.45.0rc2.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Improved Documentation
----------------------
- Reword changelog to clarify concerns about a suspected performance regression in 1.44.0. ([\#11117](https://github.com/matrix-org/synapse/issues/11117))
Synapse 1.45.0rc2 (2021-10-14)
===============
This release candidate [fixes](https://github.com/matrix-org/synapse/issues/11053) a user directory [bug](https://github.com/matrix-org/synapse/issues/11025) present in 1.45.0rc1.
Known Issues
------------
- A suspected [performance regression](https://github.com/matrix-org/synapse/issues/11049) which was first reported after the release of 1.44.0 remains unresolved.
We have not been able to identify a probable cause. Affected users report that setting up a federation sender worker appears to alleviate symptoms of the regression.
Bugfixes
--------
- Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down `/sync` due to a race. ([\#11045](https://github.com/matrix-org/synapse/issues/11045))
- Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a
user not in the `users` table. ([\#11053](https://github.com/matrix-org/synapse/issues/11053))
- Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. ([\#11061](https://github.com/matrix-org/synapse/issues/11061))
Internal Changes
----------------
- Add an 'approximate difference' method to `StateFilter`. ([\#10825](https://github.com/matrix-org/synapse/issues/10825))
- Fix inconsistent behavior of `get_last_client_by_ip` when reporting data that has not been stored in the database yet. ([\#10970](https://github.com/matrix-org/synapse/issues/10970))
- Fix a bug introduced in Synapse 1.21.0 that causes opentracing and Prometheus metrics for replication requests to be measured incorrectly.
([\#10996](https://github.com/matrix-org/synapse/issues/10996))
- Ensure that cache config tests do not share state. ([\#11036](https://github.com/matrix-org/synapse/issues/11036))
Synapse 1.45.0rc1 (2021-10-12)
===============
**Note:** Media storage providers module that read from Synapse's configuration need changes as of this version, see the [upgrade
notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1450) for more information.
Known Issues
------------
- We are investigating [a performance issue](https://github.com/matrix-org/synapse/issues/11049) which was reported after the release of 1.44.0.
- We are aware of [a bug](https://github.com/matrix-org/synapse/issues/11025) with the user directory when using application services. A second release candidate is expected which will resolve this.
Features
--------
- Add [MSC3069](https://github.com/matrix-org/matrix-doc/pull/3069) support to `/account/whoami`. ([\#9655](https://github.com/matrix-org/synapse/issues/9655))
- Support autodiscovery of oEmbed previews. ([\#10822](https://github.com/matrix-org/synapse/issues/10822))
- Add a `user_may_send_3pid_invite` spam checker callback for modules to allow or deny 3PID invites. ([\#10894](https://github.com/matrix-org/synapse/issues/10894))
- Add a spam checker callback to allow or deny room joins. ([\#10910](https://github.com/matrix-org/synapse/issues/10910))
- Include an `update_synapse_database` script in the distribution. Contributed by @Fizzadar at Beeper. ([\#10954](https://github.com/matrix-org/synapse/issues/10954))
- Include exception information in JSON logging output. Contributed by @Fizzadar at Beeper. ([\#11028](https://github.com/matrix-org/synapse/issues/11028))
Bugfixes
--------
- Fix a minor bug in the response to `/_matrix/client/r0/voip/turnServer`. Contributed by @lukaslihotzki. ([\#10922](https://github.com/matrix-org/synapse/issues/10922))
- Fix a bug where empty `yyyy-mm-dd/` directories would be left behind in the media store's `url_cache_thumbnails/` directory. ([\#10924](https://github.com/matrix-org/synapse/issues/10924))
- Fix a bug introduced in Synapse v1.40.0 where the signature checks for room version 8 and 9 could be applied to earlier room versions in some situations.
([\#10927](https://github.com/matrix-org/synapse/issues/10927))
- Fix a long-standing bug wherein deactivated users still count towards the monthly active users limit. ([\#10947](https://github.com/matrix-org/synapse/issues/10947))
- Fix a long-standing bug which meant that events received over federation were sometimes incorrectly accepted into the room state. ([\#10956](https://github.com/matrix-org/synapse/issues/10956))
- Fix a long-standing bug where rebuilding the user directory wouldn't exclude support and deactivated users. ([\#10960](https://github.com/matrix-org/synapse/issues/10960))
- Fix [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint rejecting subsequent batches with unknown batch ID error in existing room versions from the room creator.
([\#10962](https://github.com/matrix-org/synapse/issues/10962))
- Fix a bug that could leak local users' per-room nicknames and avatars when the user directory is rebuilt. ([\#10981](https://github.com/matrix-org/synapse/issues/10981))
- Fix a long-standing bug where the remainder of a batch of user directory changes would be silently dropped if the server left a room early in the batch.
([\#10982](https://github.com/matrix-org/synapse/issues/10982))
- Correct a bugfix introduced in Synapse v1.44.0 that would catch the wrong error if a connection is lost before a response could be written to it.
([\#10995](https://github.com/matrix-org/synapse/issues/10995))
- Fix a long-standing bug where local users' per-room nicknames/avatars were visible to anyone who could see you in the user directory. ([\#11002](https://github.com/matrix-org/synapse/issues/11002))
- Fix a long-standing bug where a user's per-room nickname/avatar would overwrite their profile in the user directory when a room was made public.
([\#11003](https://github.com/matrix-org/synapse/issues/11003))
- Work around a regression, introduced in Synapse v1.39.0, that caused `SynapseError`s raised by the experimental third-party rules module callback `check_event_allowed` to be ignored.
([\#11042](https://github.com/matrix-org/synapse/issues/11042))
- Fix a bug in [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) insertion events in rooms that could cause cross-talk/conflicts between batches.
([\#10877](https://github.com/matrix-org/synapse/issues/10877))
Improved Documentation
----------------------
- Change wording ("reference homeserver") in Synapse repository documentation. Contributed by @maxkratz. ([\#10971](https://github.com/matrix-org/synapse/issues/10971))
- Fix a dead URL in development documentation (SAML) and change wording from "Riot" to "Element". Contributed by @maxkratz. ([\#10973](https://github.com/matrix-org/synapse/issues/10973))
- Add additional content to the Welcome and Overview page of the documentation. ([\#10990](https://github.com/matrix-org/synapse/issues/10990))
- Update links to MSCs in documentation. Contributed by @dklimpel. ([\#10991](https://github.com/matrix-org/synapse/issues/10991))
Internal Changes
----------------
- Improve type hinting in `synapse.util`. ([\#10888](https://github.com/matrix-org/synapse/issues/10888))
- Add further type hints to `synapse.storage.util`. ([\#10892](https://github.com/matrix-org/synapse/issues/10892))
- Fix type hints to be compatible with an upcoming change to Twisted. ([\#10895](https://github.com/matrix-org/synapse/issues/10895))
- Update utility code to handle C implementations of frozendict. ([\#10902](https://github.com/matrix-org/synapse/issues/10902))
- Drop old functionality which maintained database compatibility with Synapse versions before v1.31. ([\#10903](https://github.com/matrix-org/synapse/issues/10903))
- Clean-up configuration helper classes for the `ServerConfig` class. ([\#10915](https://github.com/matrix-org/synapse/issues/10915))
- Use direct references to config flags. ([\#10916](https://github.com/matrix-org/synapse/issues/10916), [\#10959](https://github.com/matrix-org/synapse/issues/10959),
[\#10985](https://github.com/matrix-org/synapse/issues/10985))
- Clean up some of the federation event authentication code for clarity. ([\#10926](https://github.com/matrix-org/synapse/issues/10926), [\#10940](https://github.com/matrix-org/synapse/issues/10940),
[\#10986](https://github.com/matrix-org/synapse/issues/10986), [\#10987](https://github.com/matrix-org/synapse/issues/10987), [\#10988](https://github.com/matrix-org/synapse/issues/10988),
[\#11010](https://github.com/matrix-org/synapse/issues/11010), [\#11011](https://github.com/matrix-org/synapse/issues/11011))
- Refactor various parts of the codebase to use `RoomVersion` objects instead of room version identifier strings. ([\#10934](https://github.com/matrix-org/synapse/issues/10934))
- Refactor user directory tests in preparation for upcoming changes. ([\#10935](https://github.com/matrix-org/synapse/issues/10935))
- Include the event id in the logcontext when handling PDUs received over federation. ([\#10936](https://github.com/matrix-org/synapse/issues/10936))
- Fix logged errors in unit tests. ([\#10939](https://github.com/matrix-org/synapse/issues/10939))
- Fix a broken test to ensure that consent configuration works during registration. ([\#10945](https://github.com/matrix-org/synapse/issues/10945))
- Add type hints to filtering classes. ([\#10958](https://github.com/matrix-org/synapse/issues/10958))
- Add type-hint to `HomeserverTestcase.setup_test_homeserver`. ([\#10961](https://github.com/matrix-org/synapse/issues/10961))
- Fix the test utility function `create_room_as` so that `is_public=True` will explicitly set the `visibility` parameter of room creation requests to `public`. Contributed by @AndrewFerr.
([\#10963](https://github.com/matrix-org/synapse/issues/10963))
- Make the release script more robust and transparent. ([\#10966](https://github.com/matrix-org/synapse/issues/10966))
- Refactor [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` mega function into smaller handler functions. ([\#10974](https://github.com/matrix-org/synapse/issues/10974))
- Log stack traces when a missing opentracing span is detected. ([\#10983](https://github.com/matrix-org/synapse/issues/10983))
- Update GHA config to run tests against Python 3.10 and PostgreSQL 14. ([\#10992](https://github.com/matrix-org/synapse/issues/10992))
- Fix a long-standing bug where `ReadWriteLock`s could drop logging contexts on exit. ([\#10993](https://github.com/matrix-org/synapse/issues/10993))
- Add a `CODEOWNERS` file to automatically request reviews from the `@matrix-org/synapse-core` team on new pull requests. ([\#10994](https://github.com/matrix-org/synapse/issues/10994))
- Add further type hints to `synapse.state`. ([\#11004](https://github.com/matrix-org/synapse/issues/11004))
- Remove the deprecated `BaseHandler` object. ([\#11005](https://github.com/matrix-org/synapse/issues/11005))
- Bump mypy version for CI to 0.910, and pull in new type stubs for dependencies. ([\#11006](https://github.com/matrix-org/synapse/issues/11006))
- Fix CI to run the unit tests without optional deps. ([\#11017](https://github.com/matrix-org/synapse/issues/11017))
- Ensure that cache config tests do not share state. ([\#11019](https://github.com/matrix-org/synapse/issues/11019))
- Add additional type hints to `synapse.server_notices`. ([\#11021](https://github.com/matrix-org/synapse/issues/11021))
- Add additional type hints for `synapse.push`. ([\#11023](https://github.com/matrix-org/synapse/issues/11023))
- When installing the optional developer dependencies, also include the dependencies needed for type-checking and unit testing. ([\#11034](https://github.com/matrix-org/synapse/issues/11034))
- Remove unnecessary list comprehension from `synapse_port_db` to satisfy code style requirements. ([\#11043](https://github.com/matrix-org/synapse/issues/11043))
Synapse 1.44.0 (2021-10-05)
=============
No significant changes since 1.44.0rc3.
Synapse 1.44.0rc3 (2021-10-04)
===============
Bugfixes
--------
- Fix a bug introduced in Synapse v1.40.0 where changing a user's display name or avatar in a restricted room would cause an authentication error.
([\#10933](https://github.com/matrix-org/synapse/issues/10933))
- Fix `/admin/whois/{user_id}` endpoint, which was broken in v1.44.0rc1. ([\#10968](https://github.com/matrix-org/synapse/issues/10968))
Synapse 1.44.0rc2 (2021-09-30)
===============
Bugfixes
--------
- Fix a bug introduced in v1.44.0rc1 which caused the experimental [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint to return a 500 error.
([\#10938](https://github.com/matrix-org/synapse/issues/10938))
- Fix a bug introduced in v1.44.0rc1 which prevented sending presence events to application services. ([\#10944](https://github.com/matrix-org/synapse/issues/10944))
Improved Documentation
----------------------
- Minor updates to the installation instructions. ([\#10919](https://github.com/matrix-org/synapse/issues/10919))
Synapse 1.44.0rc1 (2021-09-29)
===============
Features
--------
- Only allow the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send?chunk_id=xxx` endpoint to connect to an already existing insertion event.
([\#10776](https://github.com/matrix-org/synapse/issues/10776))
- Improve oEmbed URL previews by processing the author name, photo, and video information. ([\#10814](https://github.com/matrix-org/synapse/issues/10814),
[\#10819](https://github.com/matrix-org/synapse/issues/10819))
- Speed up responding with large JSON objects to requests. ([\#10868](https://github.com/matrix-org/synapse/issues/10868), [\#10905](https://github.com/matrix-org/synapse/issues/10905))
- Add a `user_may_create_room_with_invites` spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes.
([\#10898](https://github.com/matrix-org/synapse/issues/10898))
Bugfixes
--------
- Fix a long-standing bug that caused an `AssertionError` when purging history in certain rooms. Contributed by @Kokokokoka. ([\#10690](https://github.com/matrix-org/synapse/issues/10690))
- Fix a long-standing bug which caused deactivated users that were later reactivated to be missing from the user directory. ([\#10782](https://github.com/matrix-org/synapse/issues/10782))
- Fix a long-standing bug that caused unbanning a user by sending a membership event to fail. Contributed by @aaronraimist. ([\#10807](https://github.com/matrix-org/synapse/issues/10807))
- Fix a long-standing bug where logging contexts would go missing when federation requests time out. ([\#10810](https://github.com/matrix-org/synapse/issues/10810))
- Fix a long-standing bug causing an error in the deprecated `/initialSync` endpoint when using the undocumented `from` and `to` parameters.
([\#10827](https://github.com/matrix-org/synapse/issues/10827))
- Fix a bug causing the `remove_stale_pushers` background job to repeatedly fail and log errors. This bug affected Synapse servers that had been upgraded from version 1.28 or older and are using
SQLite. ([\#10843](https://github.com/matrix-org/synapse/issues/10843))
- Fix a long-standing bug in Unicode support of the room search admin API breaking search for rooms with non-ASCII characters. ([\#10859](https://github.com/matrix-org/synapse/issues/10859))
- Fix a bug introduced in Synapse 1.37.0 which caused `knock` membership events which we sent to remote servers to be incorrectly stored in the local database.
([\#10873](https://github.com/matrix-org/synapse/issues/10873))
- Fix invalidating one-time key count cache after claiming keys. The bug was introduced in Synapse v1.41.0. Contributed by Tulir at Beeper.
([\#10875](https://github.com/matrix-org/synapse/issues/10875))
- Fix a long-standing bug causing application service users to be subject to MAU blocking if the MAU limit had been reached, even if configured not to be blocked.
([\#10881](https://github.com/matrix-org/synapse/issues/10881))
- Fix a long-standing bug which could cause events pulled over federation to be incorrectly rejected. ([\#10907](https://github.com/matrix-org/synapse/issues/10907))
- Fix a long-standing bug causing URL cache files to be stored in storage providers. Server admins may safely delete the `url_cache/` and `url_cache_thumbnails/` directories from any configured
storage providers to reclaim space. ([\#10911](https://github.com/matrix-org/synapse/issues/10911))
- Fix a long-standing bug leading to race conditions when creating media store and config directories. ([\#10913](https://github.com/matrix-org/synapse/issues/10913))
Improved Documentation
----------------------
- Fix some crashes in the Module API example code, by adding JSON encoding/decoding. ([\#10845](https://github.com/matrix-org/synapse/issues/10845))
- Add developer documentation about experimental configuration flags. ([\#10865](https://github.com/matrix-org/synapse/issues/10865))
- Properly remove deleted files from GitHub pages when generating the documentation. ([\#10869](https://github.com/matrix-org/synapse/issues/10869))
Internal Changes
----------------
- Fix GitHub Actions config so we can run sytest on synapse from parallel branches. ([\#10659](https://github.com/matrix-org/synapse/issues/10659))
- Split out [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) meta events to their own fields in the `/batch_send` response. ([\#10777](https://github.com/matrix-org/synapse/issues/10777))
- Add missing type hints to REST servlets. ([\#10785](https://github.com/matrix-org/synapse/issues/10785), [\#10817](https://github.com/matrix-org/synapse/issues/10817))
- Simplify the internal logic which maintains the user directory database tables. ([\#10796](https://github.com/matrix-org/synapse/issues/10796))
- Use direct references to config flags. ([\#10812](https://github.com/matrix-org/synapse/issues/10812), [\#10885](https://github.com/matrix-org/synapse/issues/10885),
[\#10893](https://github.com/matrix-org/synapse/issues/10893), [\#10897](https://github.com/matrix-org/synapse/issues/10897))
- Specify the type of token in generic "Invalid token" error messages. ([\#10815](https://github.com/matrix-org/synapse/issues/10815))
- Make `StateFilter` frozen so it is hashable. ([\#10816](https://github.com/matrix-org/synapse/issues/10816))
- Fix a long-standing bug where an `m.room.message` event containing a null byte would cause an internal server error. ([\#10820](https://github.com/matrix-org/synapse/issues/10820))
- Add type hints to the state database. ([\#10823](https://github.com/matrix-org/synapse/issues/10823))
- Opt out of cache expiry for `get_users_who_share_room_with_user`, to hopefully improve `/sync` performance when you
haven't synced recently. ([\#10826](https://github.com/matrix-org/synapse/issues/10826))
- Track cache eviction rates more finely in Prometheus's monitoring. ([\#10829](https://github.com/matrix-org/synapse/issues/10829))
- Add missing type hints to `synapse.handlers`. ([\#10831](https://github.com/matrix-org/synapse/issues/10831), [\#10856](https://github.com/matrix-org/synapse/issues/10856))
- Extend the Module API to let plug-ins check whether an ID is local and to access IP + User Agent data. ([\#10833](https://github.com/matrix-org/synapse/issues/10833))
- Factor out PNG image data to a constant to be used in several tests. ([\#10834](https://github.com/matrix-org/synapse/issues/10834))
- Add a test to ensure state events sent by modules get persisted correctly. ([\#10835](https://github.com/matrix-org/synapse/issues/10835))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) fields and event types from `chunk` to `batch` to match the `/batch_send` endpoint.
([\#10838](https://github.com/matrix-org/synapse/issues/10838))
- Rename [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` query parameter from `?prev_event` to more obvious usage with `?prev_event_id`.
([\#10839](https://github.com/matrix-org/synapse/issues/10839))
- Add type hints to `synapse.http.site`. ([\#10867](https://github.com/matrix-org/synapse/issues/10867))
- Include outlier status when we log V2 or V3 events. ([\#10879](https://github.com/matrix-org/synapse/issues/10879))
- Break down Grafana's cache expiry time series based on reason for eviction, c.f. [\#10829](https://github.com/matrix-org/synapse/issues/10829).
([\#10880](https://github.com/matrix-org/synapse/issues/10880))
- Clean up some of the federation event authentication code for clarity. ([\#10883](https://github.com/matrix-org/synapse/issues/10883), [\#10884](https://github.com/matrix-org/synapse/issues/10884),
[\#10896](https://github.com/matrix-org/synapse/issues/10896), [\#10901](https://github.com/matrix-org/synapse/issues/10901))
- Allow the `.` and `~` characters when creating registration tokens as per the change to [MSC3231](https://github.com/matrix-org/matrix-doc/pull/3231).
([\#10887](https://github.com/matrix-org/synapse/issues/10887))
- Clean up some unnecessary parentheses in places around the codebase. ([\#10889](https://github.com/matrix-org/synapse/issues/10889))
- Improve type hinting in the user directory code. ([\#10891](https://github.com/matrix-org/synapse/issues/10891))
- Update development testing script `test_postgresql.sh` to use a supported Python version and make re-runs quicker. ([\#10906](https://github.com/matrix-org/synapse/issues/10906))
- Document and summarize changes in schema version `61` – `64`. ([\#10917](https://github.com/matrix-org/synapse/issues/10917))
- Update release script to sign the newly created git tags. ([\#10925](https://github.com/matrix-org/synapse/issues/10925))
- Fix Debian builds due to `dh-virtualenv` no longer being able to build their docs. ([\#10931](https://github.com/matrix-org/synapse/issues/10931))
To generate a diff of this commit:
cvs rdiff -u -r1.34 -r1.35 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.18 -r1.19 pkgsrc/chat/matrix-synapse/PLIST
cvs rdiff -u -r1.26 -r1.27 pkgsrc/chat/matrix-synapse/distinfo
-------------------------------------------------------------------
Module Name: pkgsrc
Committed By: gdt
Date: Tue Nov 23 12:47:51 UTC 2021
Modified Files:
pkgsrc/chat/matrix-synapse: Makefile distinfo
Log Message:
chat/matrix-synapse: Update to 1.47.1 (security)
Synapse 1.47.1 (2021-11-23)
======This release fixes a security issue in the media store, affecting all prior releases of Synapse. Server administrators are encouraged to update Synapse as soon as possible. We are not aware of these vulnerabilities being exploited in the wild.
Server administrators who are unable to update Synapse may use the workarounds described in the linked GitHub Security Advisory below.
Security advisory
-----------------
The following issue is fixed in 1.47.1.
- **[GHSA-3hfw-x7gx-437c](https://github.com/matrix-org/synapse/security/advisories/GHSA-3hfw-x7gx-437c) / [CVE-2021-41281](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-41281): Path traversal when downloading remote media.**
Synapse instances with the media repository enabled can be tricked into downloading a file from a remote server into an arbitrary directory, potentially outside the media store directory.
The last two directories and file name of the path are chosen randomly by Synapse and cannot be controlled by an attacker, which limits the impact.
Homeservers with the media repository disabled are unaffected. Homeservers configured with a federation whitelist are also unaffected.
Fixed by [91f2bd090](https://github.com/matrix-org/synapse/commit/91f2bd090).
To generate a diff of this commit:
cvs rdiff -u -r1.35 -r1.36 pkgsrc/chat/matrix-synapse/Makefile
cvs rdiff -u -r1.27 -r1.28 pkgsrc/chat/matrix-synapse/distinfo
16 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Rendered
Signed-off-by: Callum Brown callum@calcuode.com
A couple questions:
All the other UIAA auth types start[yes]m.login, so should I stick with that even though it's registration rather than login?Is the unstable prefix bit right?[yes]