-
Notifications
You must be signed in to change notification settings - Fork 383
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSC3720: Account status #3720
base: main
Are you sure you want to change the base?
MSC3720: Account status #3720
Conversation
* `deactivated` is a boolean that indicates whether the account has been | ||
deactivated. Omitted if `exists` is `false`. | ||
|
||
The `failures` object in the response lists all user IDs for which no status |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
FWIW, this is different from what /keys/claim
and /keys/query
do. I'm not sure if that was intentional or not. /keys/claim
and /keys/query
list the homeservers for which the request failed, rather individual requests.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This is intentional - sorry for not pointing it out explicitly. I thought that it would be good to allow homeserver implementations to refuse to serve the status of specific accounts while still providing this bit of information for other accounts. I'm happy to change this if people think it would be better to just copy what /keys/...
does.
Synapse implementation: matrix-org/synapse#12001 (added to the PR's description) |
@babolivier Thanks for linking the implementation. Could I ask whether it has been used in any deployments? |
Not as is. A similar feature exists in the fork of Synapse used by the French government deployment (matrix-org/synapse-dinsic#46), which this MSC is based on with a few adjustments (the initial intent of this MSC is to mainline this feature, though as noted in the introduction it also addresses other issues in the ecosystem). The main differences between this MSC and the implementation in
|
Two new endpoints are added to the specification, one to the client-server API | ||
and one to the server-server API. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I think an alternative to this proposal is to do one or both of the following:
- Add error codes to the existing
/profile
endpoint, e.g.404
withM_DEACTIVATED
orM_DOES_NOT_EXIST
. - Add a bulk query profile endpoint.
Was this considered?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Sort of, except that one of the requirements I'm working with (which I haven't mentioned in the MSC) is that the response needs to be easily extensible. As mentioned in this comment, this is a port of a feature used in the Tchap infrastructure. That infrastructure uses Synapse's account validity (which isn't part of the spec and imo doesn't really have a place in there), and uses this feature to also figure out whether a user is expired (a second step of the Synapse work will be adding a config flag to Synapse to optionally include account validity status to this endpoint's response). As far as I can tell, none of the alternatives you've mentioned offer this kind of extensibility.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Also, after giving it some more thought, it feels quite wrong to me to use the profile endpoint for information that's not profile-related.
user. For example, when interacting with a Matrix user, it might be useful for | ||
clients to show whether this user's account has been deactivated, or even exists | ||
at all. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
How would a user interact with non-existent users? You can't make a room to them, I don't think. I'm failing to see when this would come up in a client!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A common use case would be trying to start a DM using an MXID: if the user is on a remote homeserver the only way to know if the MXID maps to an existing user is trying to retrieve extra data on them and see if it works, in a kinda hacky way. Currently (iirc) Element clients do this by trying to retrieve the user's profile and displaying a warning if no profile could be found, but that doesn't necessarily indicate the user doesn't exist.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Basically this is what I mean:
Peek.2022-02-16.17-45.mp4
Note that in this capture "User [...] does not exist" appears but it looks like Element added it given this is the actual response from Synapse on the profile request:
{"errcode":"M_NOT_FOUND","error":"Profile was not found"}
proposals/3720-account-status.md
Outdated
This endpoint takes a `user_id` query parameter indicating which user account(s) | ||
to look up the status of. This parameter may appear multiple times in the | ||
request if the client wishes to look up the statuses of multiple users at once. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
This looks like it will allow bulk username enumeration, which is usually considered a security flaw. Maybe it being authenticated is "OK" and being able to query for users on a homeserver isn't considered private info right now, but something feels off with being able to do it in bulk.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yeah I agree that this can be concerning. Maybe a good compromise could be adding a limit (eg 15) to the number of users that can be looked up in a single request, and encourage homeservers to aggressively rate-limit the endpoint?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(I would like the ability to not limit appservices here, as they have more of a valid need to do bulk lookups)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
(I would like the ability to not limit appservices here, as they have more of a valid need to do bulk lookups)
Sounds like an implementation detail?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Yep, this is just an avocation for keeping bulk fetching / not setting limits in the spec but allowing implementations the leeway of setting their own limits (so as not to write-out bulk lookups in the spec or anything). No limitations in the spec covers my use case :)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Ah fair enough :) Yeah the idea is very much to allow bulk lookups.
See matrix-org/matrix-spec-proposals#3720 Co-authored-by: Sean Quah <8349537+squahtx@users.noreply.github.com>
Synapse 1.54.0rc1 (2022-03-02) ============================== Please note that this will be the last release of Synapse that is compatible with Mjolnir 1.3.1 and earlier. Administrators of servers which have the Mjolnir module installed are advised to upgrade Mjolnir to version 1.3.2 or later. Features -------- - Add support for [MSC3202](matrix-org/matrix-spec-proposals#3202): sending one-time key counts and fallback key usage states to Application Services. ([\#11617](#11617)) - Improve the generated URL previews for some web pages. Contributed by @AndrewRyanChama. ([\#11985](#11985)) - Track cache invalidations in Prometheus metrics, as already happens for cache eviction based on size or time. ([\#12000](#12000)) - Implement experimental support for [MSC3720](matrix-org/matrix-spec-proposals#3720) (account status endpoints). ([\#12001](#12001), [\#12067](#12067)) - Enable modules to set a custom display name when registering a user. ([\#12009](#12009)) - Advertise Matrix 1.1 and 1.2 support on `/_matrix/client/versions`. ([\#12020](#12020), ([\#12022](#12022)) - Support only the stable identifier for [MSC3069](matrix-org/matrix-spec-proposals#3069 `is_guest` on `/_matrix/client/v3/account/whoami`. ([\#12021](#12021)) - Use room version 9 as the default room version (per [MSC3589](matrix-org/matrix-spec-proposals#3589)). ([\#12058](#12058)) - Add module callbacks to react to user deactivation status changes (i.e. deactivations and reactivations) and profile updates. ([\#12062](#12062)) Bugfixes -------- - Fix a bug introduced in Synapse 1.48.0 where an edit of the latest event in a thread would not be properly applied to the thread summary. ([\#11992](#11992)) - Fix long-standing bug where the `get_rooms_for_user` cache was not correctly invalidated for remote users when the server left a room. ([\#11999](#11999)) - Fix a 500 error with Postgres when looking backwards with the [MSC3030](matrix-org/matrix-spec-proposals#3030) `/timestamp_to_event?dir=b` endpoint. ([\#12024](#12024)) - Properly fix a long-standing bug where wrong data could be inserted into the `event_search` table when using SQLite. This could block running `synapse_port_db` with an `argument of type 'int' is not iterable` error. This bug was partially fixed by a change in Synapse 1.44.0. ([\#12037](#12037)) - Fix slow performance of `/logout` in some cases where refresh tokens are in use. The slowness existed since the initial implementation of refresh tokens in version 1.38.0. ([\#12056](#12056)) - Fix a long-standing bug where Synapse would make additional failing requests over federation for missing data. ([\#12077](#12077)) - Fix occasional `Unhandled error in Deferred` error message. ([\#12089](#12089)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\#12098](#12098)) - Fix a long-standing bug which could cause push notifications to malfunction if `use_frozen_dicts` was set in the configuration. ([\#12100](#12100)) - Fix an extremely rare, long-standing bug in `ReadWriteLock` that would cause an error when a newly unblocked writer completes instantly. ([\#12105](#12105)) - Make a `POST` to `/rooms/<room_id>/receipt/m.read/<event_id>` only trigger a push notification if the count of unread messages is different to the one in the last successfully sent push. This reduces server load and load on the receiving device. ([\#11835](#11835)) Updates to the Docker image --------------------------- - The Docker image no longer automatically creates a temporary volume at `/data`. This is not expected to affect normal usage. ([\#11997](#11997)) - Use Python 3.9 in Docker images by default. ([\#12112](#12112)) Improved Documentation ---------------------- - Document support for the `to_device`, `account_data`, `receipts`, and `presence` stream writers for workers. ([\#11599](#11599)) - Explain the meaning of spam checker callbacks' return values. ([\#12003](#12003)) - Clarify information about external Identity Provider IDs. ([\#12004](#12004)) Deprecations and Removals ------------------------- - Deprecate using `synctl` with the config option `synctl_cache_factor` and print a warning if a user still uses this option. ([\#11865](#11865)) - Remove support for the legacy structured logging configuration (please see the the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#legacy-structured-logging-configuration-removal) if you are using `structured: true` in the Synapse configuration). ([\#12008](#12008)) - Drop support for [MSC3283](matrix-org/matrix-spec-proposals#3283) unstable flags now that the stable flags are supported. ([\#12018](#12018)) - Remove the unstable `/spaces` endpoint from [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\#12073](#12073)) Internal Changes ---------------- - Make the `get_room_version` method use `get_room_version_id` to benefit from caching. ([\#11808](#11808)) - Remove unnecessary condition on knock -> leave auth rule check. ([\#11900](#11900)) - Add tests for device list changes between local users. ([\#11972](#11972)) - Optimise calculating `device_list` changes in `/sync`. ([\#11974](#11974)) - Add missing type hints to storage classes. ([\#11984](#11984)) - Refactor the search code for improved readability. ([\#11991](#11991)) - Move common deduplication code down into `_auth_and_persist_outliers`. ([\#11994](#11994)) - Limit concurrent joins from applications services. ([\#11996](#11996)) - Preparation for faster-room-join work: when parsing the `send_join` response, get the `m.room.create` event from `state`, not `auth_chain`. ([\#12005](#12005), [\#12039](#12039)) - Preparation for faster-room-join work: parse MSC3706 fields in send_join response. ([\#12011](#12011)) - Preparation for faster-room-join work: persist information on which events and rooms have partial state to the database. ([\#12012](#12012)) - Preparation for faster-room-join work: Support for calling `/federation/v1/state` on a remote server. ([\#12013](#12013)) - Configure `tox` to use `venv` rather than `virtualenv`. ([\#12015](#12015)) - Fix bug in `StateFilter.return_expanded()` and add some tests. ([\#12016](#12016)) - Use Matrix v1.1 endpoints (`/_matrix/client/v3/auth/...`) in fallback auth HTML forms. ([\#12019](#12019)) - Update the `olddeps` CI job to use an old version of `markupsafe`. ([\#12025](#12025)) - Upgrade Mypy to version 0.931. ([\#12030](#12030)) - Remove legacy `HomeServer.get_datastore()`. ([\#12031](#12031), [\#12070](#12070)) - Minor typing fixes. ([\#12034](#12034), [\#12069](#12069)) - After joining a room, create a dedicated logcontext to process the queued events. ([\#12041](#12041)) - Tidy up GitHub Actions config which builds distributions for PyPI. ([\#12051](#12051)) - Move configuration out of `setup.cfg`. ([\#12052](#12052), [\#12059](#12059)) - Fix error message when a worker process fails to talk to another worker process. ([\#12060](#12060)) - Fix using the `complement.sh` script without specifying a directory or a branch. Contributed by Nico on behalf of Famedly. ([\#12063](#12063)) - Add type hints to `tests/rest/client`. ([\#12066](#12066), [\#12072](#12072), [\#12084](#12084), [\#12094](#12094)) - Add some logging to `/sync` to try and track down #11916. ([\#12068](#12068)) - Inspect application dependencies using `importlib.metadata` or its backport. ([\#12088](#12088)) - Use `assertEqual` instead of the deprecated `assertEquals` in test code. ([\#12092](#12092)) - Move experimental support for [MSC3440](matrix-org/matrix-spec-proposals#3440) to `/versions`. ([\#12099](#12099)) - Add `stop_cancellation` utility function to stop `Deferred`s from being cancelled. ([\#12106](#12106)) - Improve exception handling for concurrent execution. ([\#12109](#12109)) - Advertise support for Python 3.10 in packaging files. ([\#12111](#12111)) - Move CI checks out of tox, to facilitate a move to using poetry. ([\#12119](#12119))
Synapse 1.56.0rc1 (2022-03-29) ============================== Features -------- - Allow modules to store already existing 3PID associations. ([\#12195](#12195)) - Allow registering server administrators using the module API. Contributed by Famedly. ([\#12250](#12250)) Bugfixes -------- - Fix a long-standing bug which caused the `/_matrix/federation/v1/state` and `/_matrix/federation/v1/state_ids` endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". ([\#12087](#12087)) - Fix a long-standing bug where events from ignored users would still be considered for relations. ([\#12227](#12227), [\#12232](#12232), [\#12285](#12285)) - Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. ([\#12228](#12228)) - Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. ([\#12261](#12261)) Improved Documentation ---------------------- - Fix the link to the module documentation in the legacy spam checker warning message. ([\#12231](#12231)) - Remove incorrect prefixes in the worker documentation for some endpoints. ([\#12243](#12243)) - Correct `check_username_for_spam` annotations and docs. ([\#12246](#12246)) - Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @IronTooch. ([\#12275](#12275)) - HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @villepeh. ([\#12279](#12279)) Internal Changes ---------------- - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](matrix-org/matrix-spec-proposals#2666)), as per proposal changes. ([\#12036](#12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](matrix-org/matrix-spec-proposals#2666)), and update/expand documentation. ([\#12038](#12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](matrix-org/matrix-spec-proposals#2716) instead of abusing `auth_event_ids`. ([\#12083](#12083), [\#12304](#12304)) - Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set. ([\#12091](#12091)) - Add tests for database transaction callbacks. ([\#12198](#12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\#12199](#12199)) - Add missing type hints for cache storage. ([\#12216](#12216)) - Add missing type hints for storage. ([\#12248](#12248), [\#12255](#12255)) - Add type hints to tests files. ([\#12224](#12224), [\#12240](#12240), [\#12256](#12256)) - Use type stubs for `psycopg2`. ([\#12269](#12269)) - Improve type annotations for `execute_values`. ([\#12311](#12311)) - Clean-up logic around rebasing URLs for URL image previews. ([\#12219](#12219)) - Use the `ignored_users` table in additional places instead of re-parsing the account data. ([\#12225](#12225)) - Refactor the relations endpoints to add a `RelationsHandler`. ([\#12237](#12237)) - Generate announcement links in the release script. ([\#12242](#12242)) - Improve error message when dependencies check finds a broken installation. ([\#12244](#12244)) - Compress metrics HTTP resource when enabled. Contributed by Nick @ Beeper. ([\#12258](#12258)) - Refuse to start if the PostgreSQL database has a non-`C` locale, unless the config flag `allow_unsafe_db_locale` is set to true. ([\#12262](#12262), [\#12288](#12288)) - Optionally include account validity expiration information to experimental [MSC3720](matrix-org/matrix-spec-proposals#3720) account status responses. ([\#12266](#12266)) - Add a new cache `_get_membership_from_event_id` to speed up push rule calculations in large rooms. ([\#12272](#12272)) - Re-enable Complement concurrency in CI. ([\#12283](#12283)) - Remove unused test utilities. ([\#12291](#12291)) - Enhance logging for inbound federation events. ([\#12301](#12301)) - Fix compatibility with the recently-released Jinja 3.1. ([\#12313](#12313)) - Avoid trying to calculate the state at outlier events. ([\#12314](#12314))
…ing-modules-for-ansible-self-build Synapse 1.56.0 (2022-04-05) =========================== Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), [recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification in order to prevent automated registration from bad actors. This check can be disabled by setting the `enable_registration_without_verification` option in your homeserver configuration file to `true`. More details are available in the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). Synapse will additionally now refuse to start when using PostgreSQL with a non-`C` values for `COLLATE` and `CTYPE`, unless the config flag `allow_unsafe_locale`, found in the database section of the configuration file, is set to `true`. See the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade#change-in-behaviour-for-postgresql-databases-with-unsafe-locale) for details. Internal Changes ---------------- - Bump the version of `black` for compatibility with the latest `click` release. ([\matrix-org#12320](matrix-org#12320)) Synapse 1.56.0rc1 (2022-03-29) ============================== Features -------- - Allow modules to store already existing 3PID associations. ([\matrix-org#12195](matrix-org#12195)) - Allow registering server administrators using the module API. Contributed by Famedly. ([\matrix-org#12250](matrix-org#12250)) Bugfixes -------- - Fix a long-standing bug which caused the `/_matrix/federation/v1/state` and `/_matrix/federation/v1/state_ids` endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". ([\matrix-org#12087](matrix-org#12087)) - Fix a long-standing bug where events from ignored users would still be considered for relations. ([\matrix-org#12227](matrix-org#12227), [\matrix-org#12232](matrix-org#12232), [\matrix-org#12285](matrix-org#12285)) - Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. ([\matrix-org#12228](matrix-org#12228)) - Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. ([\matrix-org#12261](matrix-org#12261)) Improved Documentation ---------------------- - Fix the link to the module documentation in the legacy spam checker warning message. ([\matrix-org#12231](matrix-org#12231)) - Remove incorrect prefixes in the worker documentation for some endpoints. ([\matrix-org#12243](matrix-org#12243)) - Correct `check_username_for_spam` annotations and docs. ([\matrix-org#12246](matrix-org#12246)) - Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @IronTooch. ([\matrix-org#12275](matrix-org#12275)) - HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @villepeh. ([\matrix-org#12279](matrix-org#12279)) Internal Changes ---------------- - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](matrix-org/matrix-spec-proposals#2666)), as per proposal changes. ([\matrix-org#12036](matrix-org#12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](matrix-org/matrix-spec-proposals#2666)), and update/expand documentation. ([\matrix-org#12038](matrix-org#12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](matrix-org/matrix-spec-proposals#2716) instead of abusing `auth_event_ids`. ([\matrix-org#12083](matrix-org#12083), [\matrix-org#12304](matrix-org#12304)) - Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\matrix-org#12091](matrix-org#12091), [\matrix-org#12322](matrix-org#12322)) - Add tests for database transaction callbacks. ([\matrix-org#12198](matrix-org#12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\matrix-org#12199](matrix-org#12199)) - Add missing type hints for cache storage. ([\matrix-org#12216](matrix-org#12216)) - Add missing type hints for storage. ([\matrix-org#12248](matrix-org#12248), [\matrix-org#12255](matrix-org#12255)) - Add type hints to tests files. ([\matrix-org#12224](matrix-org#12224), [\matrix-org#12240](matrix-org#12240), [\matrix-org#12256](matrix-org#12256)) - Use type stubs for `psycopg2`. ([\matrix-org#12269](matrix-org#12269)) - Improve type annotations for `execute_values`. ([\matrix-org#12311](matrix-org#12311)) - Clean-up logic around rebasing URLs for URL image previews. ([\matrix-org#12219](matrix-org#12219)) - Use the `ignored_users` table in additional places instead of re-parsing the account data. ([\matrix-org#12225](matrix-org#12225)) - Refactor the relations endpoints to add a `RelationsHandler`. ([\matrix-org#12237](matrix-org#12237)) - Generate announcement links in the release script. ([\matrix-org#12242](matrix-org#12242)) - Improve error message when dependencies check finds a broken installation. ([\matrix-org#12244](matrix-org#12244)) - Compress metrics HTTP resource when enabled. Contributed by Nick @ Beeper. ([\matrix-org#12258](matrix-org#12258)) - Refuse to start if the PostgreSQL database has a non-`C` locale, unless the config flag `allow_unsafe_db_locale` is set to true. ([\matrix-org#12262](matrix-org#12262), [\matrix-org#12288](matrix-org#12288)) - Optionally include account validity expiration information to experimental [MSC3720](matrix-org/matrix-spec-proposals#3720) account status responses. ([\matrix-org#12266](matrix-org#12266)) - Add a new cache `_get_membership_from_event_id` to speed up push rule calculations in large rooms. ([\matrix-org#12272](matrix-org#12272)) - Re-enable Complement concurrency in CI. ([\matrix-org#12283](matrix-org#12283)) - Remove unused test utilities. ([\matrix-org#12291](matrix-org#12291)) - Enhance logging for inbound federation events. ([\matrix-org#12301](matrix-org#12301)) - Fix compatibility with the recently-released Jinja 3.1. ([\matrix-org#12313](matrix-org#12313)) - Avoid trying to calculate the state at outlier events. ([\matrix-org#12314](matrix-org#12314))
Synapse 1.56.0 (2022-04-05) =========================== Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), [recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification in order to prevent automated registration from bad actors. This check can be disabled by setting the `enable_registration_without_verification` option in your homeserver configuration file to `true`. More details are available in the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). Synapse will additionally now refuse to start when using PostgreSQL with a non-`C` values for `COLLATE` and `CTYPE`, unless the config flag `allow_unsafe_locale`, found in the database section of the configuration file, is set to `true`. See the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade#change-in-behaviour-for-postgresql-databases-with-unsafe-locale) for details. Internal Changes ---------------- - Bump the version of `black` for compatibility with the latest `click` release. ([\#12320](matrix-org/synapse#12320)) Synapse 1.56.0rc1 (2022-03-29) ============================== Features -------- - Allow modules to store already existing 3PID associations. ([\#12195](matrix-org/synapse#12195)) - Allow registering server administrators using the module API. Contributed by Famedly. ([\#12250](matrix-org/synapse#12250)) Bugfixes -------- - Fix a long-standing bug which caused the `/_matrix/federation/v1/state` and `/_matrix/federation/v1/state_ids` endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". ([\#12087](matrix-org/synapse#12087)) - Fix a long-standing bug where events from ignored users would still be considered for relations. ([\#12227](matrix-org/synapse#12227), [\#12232](matrix-org/synapse#12232), [\#12285](matrix-org/synapse#12285)) - Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. ([\#12228](matrix-org/synapse#12228)) - Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. ([\#12261](matrix-org/synapse#12261)) Improved Documentation ---------------------- - Fix the link to the module documentation in the legacy spam checker warning message. ([\#12231](matrix-org/synapse#12231)) - Remove incorrect prefixes in the worker documentation for some endpoints. ([\#12243](matrix-org/synapse#12243)) - Correct `check_username_for_spam` annotations and docs. ([\#12246](matrix-org/synapse#12246)) - Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @IronTooch. ([\#12275](matrix-org/synapse#12275)) - HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @villepeh. ([\#12279](matrix-org/synapse#12279)) Internal Changes ---------------- - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](matrix-org/matrix-spec-proposals#2666)), as per proposal changes. ([\#12036](matrix-org/synapse#12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](matrix-org/matrix-spec-proposals#2666)), and update/expand documentation. ([\#12038](matrix-org/synapse#12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](matrix-org/matrix-spec-proposals#2716) instead of abusing `auth_event_ids`. ([\#12083](matrix-org/synapse#12083), [\#12304](matrix-org/synapse#12304)) - Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\#12091](matrix-org/synapse#12091), [\#12322](matrix-org/synapse#12322)) - Add tests for database transaction callbacks. ([\#12198](matrix-org/synapse#12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\#12199](matrix-org/synapse#12199)) - Add missing type hints for cache storage. ([\#12216](matrix-org/synapse#12216)) - Add missing type hints for storage. ([\#12248](matrix-org/synapse#12248), [\#12255](matrix-org/synapse#12255)) - Add type hints to tests files. ([\#12224](matrix-org/synapse#12224), [\#12240](matrix-org/synapse#12240), [\#12256](matrix-org/synapse#12256)) - Use type stubs for `psycopg2`. ([\#12269](matrix-org/synapse#12269)) - Improve type annotations for `execute_values`. ([\#12311](matrix-org/synapse#12311)) - Clean-up logic around rebasing URLs for URL image previews. ([\#12219](matrix-org/synapse#12219)) - Use the `ignored_users` table in additional places instead of re-parsing the account data. ([\#12225](matrix-org/synapse#12225)) - Refactor the relations endpoints to add a `RelationsHandler`. ([\#12237](matrix-org/synapse#12237)) - Generate announcement links in the release script. ([\#12242](matrix-org/synapse#12242)) - Improve error message when dependencies check finds a broken installation. ([\#12244](matrix-org/synapse#12244)) - Compress metrics HTTP resource when enabled. Contributed by Nick @ Beeper. ([\#12258](matrix-org/synapse#12258)) - Refuse to start if the PostgreSQL database has a non-`C` locale, unless the config flag `allow_unsafe_db_locale` is set to true. ([\#12262](matrix-org/synapse#12262), [\#12288](matrix-org/synapse#12288)) - Optionally include account validity expiration information to experimental [MSC3720](matrix-org/matrix-spec-proposals#3720) account status responses. ([\#12266](matrix-org/synapse#12266)) - Add a new cache `_get_membership_from_event_id` to speed up push rule calculations in large rooms. ([\#12272](matrix-org/synapse#12272)) - Re-enable Complement concurrency in CI. ([\#12283](matrix-org/synapse#12283)) - Remove unused test utilities. ([\#12291](matrix-org/synapse#12291)) - Enhance logging for inbound federation events. ([\#12301](matrix-org/synapse#12301)) - Fix compatibility with the recently-released Jinja 3.1. ([\#12313](matrix-org/synapse#12313)) - Avoid trying to calculate the state at outlier events. ([\#12314](matrix-org/synapse#12314)) Synapse 1.55.2 (2022-03-24) =========================== This patch version reverts the earlier fixes from Synapse 1.55.1, which could cause problems in certain deployments, and instead adds a cap to the version of Jinja to be installed. Again, this is to fix an incompatibility with version 3.1.0 of the [Jinja](https://pypi.org/project/Jinja2/) library, and again, deployments of Synapse using the `matrixdotorg/synapse` Docker image or Debian packages from packages.matrix.org are not affected. Internal Changes ---------------- - Pin Jinja to <3.1.0, as Synapse fails to start with Jinja 3.1.0. ([\#12297](matrix-org/synapse#12297)) - Revert changes from 1.55.1 as they caused problems with older versions of Jinja ([\#12296](matrix-org/synapse#12296)) Synapse 1.55.1 (2022-03-24) =========================== This is a patch release that fixes an incompatibility with version 3.1.0 of the [Jinja](https://pypi.org/project/Jinja2/) library, released on March 24th, 2022. Deployments of Synapse using the `matrixdotorg/synapse` Docker image or Debian packages from packages.matrix.org are not affected. Internal Changes ---------------- - Remove uses of the long-deprecated `jinja2.Markup` which would prevent Synapse from starting with Jinja 3.1.0 or above installed. ([\#12289](matrix-org/synapse#12289)) Synapse 1.55.0 (2022-03-22) =========================== This release removes a workaround introduced in Synapse 1.50.0 for Mjolnir compatibility. **This breaks compatibility with Mjolnir 1.3.1 and earlier. ([\#11700](matrix-org/synapse#11700; Mjolnir users should upgrade Mjolnir before upgrading Synapse to this version. This release also moves the location of the `synctl` script; see the [upgrade notes](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#synctl-script-has-been-moved) for more details. Internal Changes ---------------- - Tweak copy for default Single Sign-On account details template to better adhere to mobile app store guidelines. ([\#12265](matrix-org/synapse#12265), [\#12260](matrix-org/synapse#12260)) Synapse 1.55.0rc1 (2022-03-15) ============================== Features -------- - Add third-party rules callbacks `check_can_shutdown_room` and `check_can_deactivate_user`. ([\#12028](matrix-org/synapse#12028)) - Improve performance of logging in for large accounts. ([\#12132](matrix-org/synapse#12132)) - Add experimental env var `SYNAPSE_ASYNC_IO_REACTOR` that causes Synapse to use the asyncio reactor for Twisted. ([\#12135](matrix-org/synapse#12135)) - Support the stable identifiers from [MSC3440](matrix-org/matrix-spec-proposals#3440): threads. ([\#12151](matrix-org/synapse#12151)) - Add a new Jinja2 template filter to extract the local part of an email address. ([\#12212](matrix-org/synapse#12212)) Bugfixes -------- - Use the proper serialization format for bundled thread aggregations. The bug has existed since Synapse v1.48.0. ([\#12090](matrix-org/synapse#12090)) - Fix a long-standing bug when redacting events with relations. ([\#12113](matrix-org/synapse#12113), [\#12121](matrix-org/synapse#12121), [\#12130](matrix-org/synapse#12130), [\#12189](matrix-org/synapse#12189)) - Fix a bug introduced in Synapse 1.7.2 whereby background updates are never run with the default background batch size. ([\#12157](matrix-org/synapse#12157)) - Fix a bug where non-standard information was returned from the `/hierarchy` API. Introduced in Synapse v1.41.0. ([\#12175](matrix-org/synapse#12175)) - Fix a bug introduced in Synapse 1.54.0 that broke background updates on sqlite homeservers while search was disabled. ([\#12215](matrix-org/synapse#12215)) - Fix a long-standing bug when a `filter` argument with `event_fields` which did not include the `unsigned` field could result in a 500 error on `/sync`. ([\#12234](matrix-org/synapse#12234)) Improved Documentation ---------------------- - Fix complexity checking config example in [Resource Constrained Devices](https://matrix-org.github.io/synapse/v1.54/other/running_synapse_on_single_board_computers.html) docs page. ([\#11998](matrix-org/synapse#11998)) - Improve documentation for demo scripts. ([\#12143](matrix-org/synapse#12143)) - Updates to the Room DAG concepts development document. ([\#12179](matrix-org/synapse#12179)) - Document that the `typing`, `to_device`, `account_data`, `receipts`, and `presence` stream writer can only be used on a single worker. ([\#12196](matrix-org/synapse#12196)) - Document that contributors can sign off privately by email. ([\#12204](matrix-org/synapse#12204)) Deprecations and Removals ------------------------- - **Remove workaround introduced in Synapse 1.50.0 for Mjolnir compatibility. Breaks compatibility with Mjolnir 1.3.1 and earlier. ([\#11700](matrix-org/synapse#11700 - **`synctl` has been moved into into `synapse._scripts` and is exposed as an entry point; see [upgrade notes](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#synctl-script-has-been-moved). ([\#12140](matrix-org/synapse#12140)) - Remove backwards compatibilty with pagination tokens from the `/relations` and `/aggregations` endpoints generated from Synapse < v1.52.0. ([\#12138](matrix-org/synapse#12138)) - The groups/communities feature in Synapse has been deprecated. ([\#12200](matrix-org/synapse#12200)) Internal Changes ---------------- - Simplify the `ApplicationService` class' set of public methods related to interest checking. ([\#11915](matrix-org/synapse#11915)) - Add config settings for background update parameters. ([\#11980](matrix-org/synapse#11980)) - Correct type hints for txredis. ([\#12042](matrix-org/synapse#12042)) - Limit the size of `aggregation_key` on annotations. ([\#12101](matrix-org/synapse#12101)) - Add type hints to tests files. ([\#12108](matrix-org/synapse#12108), [\#12146](matrix-org/synapse#12146), [\#12207](matrix-org/synapse#12207), [\#12208](matrix-org/synapse#12208)) - Move scripts to Synapse package and expose as setuptools entry points. ([\#12118](matrix-org/synapse#12118)) - Add support for cancellation to `ReadWriteLock`. ([\#12120](matrix-org/synapse#12120)) - Fix data validation to compare to lists, not sequences. ([\#12128](matrix-org/synapse#12128)) - Fix CI not attaching source distributions and wheels to the GitHub releases. ([\#12131](matrix-org/synapse#12131)) - Remove unused mocks from `test_typing`. ([\#12136](matrix-org/synapse#12136)) - Give `scripts-dev` scripts suffixes for neater CI config. ([\#12137](matrix-org/synapse#12137)) - Move the snapcraft configuration file to `contrib`. ([\#12142](matrix-org/synapse#12142)) - Enable [MSC3030](matrix-org/matrix-spec-proposals#3030) Complement tests in CI. ([\#12144](matrix-org/synapse#12144)) - Enable [MSC2716](matrix-org/matrix-spec-proposals#2716) Complement tests in CI. ([\#12145](matrix-org/synapse#12145)) - Add test for `ObservableDeferred`'s cancellation behaviour. ([\#12149](matrix-org/synapse#12149)) - Use `ParamSpec` in type hints for `synapse.logging.context`. ([\#12150](matrix-org/synapse#12150)) - Prune unused jobs from `tox` config. ([\#12152](matrix-org/synapse#12152)) - Move CI checks out of tox, to facilitate a move to using poetry. ([\#12153](matrix-org/synapse#12153)) - Avoid generating state groups for local out-of-band leaves. ([\#12154](matrix-org/synapse#12154)) - Avoid trying to calculate the state at outlier events. ([\#12155](matrix-org/synapse#12155), [\#12173](matrix-org/synapse#12173), [\#12202](matrix-org/synapse#12202)) - Fix some type annotations. ([\#12156](matrix-org/synapse#12156)) - Add type hints for `ObservableDeferred` attributes. ([\#12159](matrix-org/synapse#12159)) - Use a prebuilt Action for the `tests-done` CI job. ([\#12161](matrix-org/synapse#12161)) - Reduce number of DB queries made during processing of `/sync`. ([\#12163](matrix-org/synapse#12163)) - Add `delay_cancellation` utility function, which behaves like `stop_cancellation` but waits until the original `Deferred` resolves before raising a `CancelledError`. ([\#12180](matrix-org/synapse#12180)) - Retry HTTP replication failures, this should prevent 502's when restarting stateful workers (main, event persisters, stream writers). Contributed by Nick @ Beeper. ([\#12182](matrix-org/synapse#12182)) - Add cancellation support to `@cached` and `@cachedList` decorators. ([\#12183](matrix-org/synapse#12183)) - Remove unused variables. ([\#12187](matrix-org/synapse#12187)) - Add combined test for HTTP pusher and push rule. Contributed by Nick @ Beeper. ([\#12188](matrix-org/synapse#12188)) - Rename `HomeServer.get_tcp_replication` to `get_replication_command_handler`. ([\#12192](matrix-org/synapse#12192)) - Remove some dead code. ([\#12197](matrix-org/synapse#12197)) - Fix a misleading comment in the function `check_event_for_spam`. ([\#12203](matrix-org/synapse#12203)) - Remove unnecessary `pass` statements. ([\#12206](matrix-org/synapse#12206)) - Update the SSO username picker template to comply with SIWA guidelines. ([\#12210](matrix-org/synapse#12210)) - Improve code documentation for the typing stream over replication. ([\#12211](matrix-org/synapse#12211))
Synapse 1.54.0 (2022-03-08) =========================== Please note that this will be the last release of Synapse that is compatible with Mjolnir 1.3.1 and earlier. Administrators of servers which have the Mjolnir module installed are advised to upgrade Mjolnir to version 1.3.2 or later. Bugfixes -------- - Fix a bug introduced in Synapse 1.54.0rc1 preventing the new module callbacks introduced in this release from being registered by modules. ([\matrix-org#12141](matrix-org#12141)) - Fix a bug introduced in Synapse 1.54.0rc1 where runtime dependency version checks would mistakenly check development dependencies if they were present and would not accept pre-release versions of dependencies. ([\matrix-org#12129](matrix-org#12129), [\matrix-org#12177](matrix-org#12177)) Internal Changes ---------------- - Update release script to insert the previous version when writing "No significant changes" line in the changelog. ([\matrix-org#12127](matrix-org#12127)) - Relax the version guard for "packaging" added in [\matrix-org#12088](matrix-org#12088). ([\matrix-org#12166](matrix-org#12166)) Synapse 1.54.0rc1 (2022-03-02) ============================== Features -------- - Add support for [MSC3202](matrix-org/matrix-spec-proposals#3202): sending one-time key counts and fallback key usage states to Application Services. ([\matrix-org#11617](matrix-org#11617)) - Improve the generated URL previews for some web pages. Contributed by @AndrewRyanChama. ([\matrix-org#11985](matrix-org#11985)) - Track cache invalidations in Prometheus metrics, as already happens for cache eviction based on size or time. ([\matrix-org#12000](matrix-org#12000)) - Implement experimental support for [MSC3720](matrix-org/matrix-spec-proposals#3720) (account status endpoints). ([\matrix-org#12001](matrix-org#12001), [\matrix-org#12067](matrix-org#12067)) - Enable modules to set a custom display name when registering a user. ([\matrix-org#12009](matrix-org#12009)) - Advertise Matrix 1.1 and 1.2 support on `/_matrix/client/versions`. ([\matrix-org#12020](matrix-org#12020), ([\matrix-org#12022](matrix-org#12022)) - Support only the stable identifier for [MSC3069](matrix-org/matrix-spec-proposals#3069 `is_guest` on `/_matrix/client/v3/account/whoami`. ([\matrix-org#12021](matrix-org#12021)) - Use room version 9 as the default room version (per [MSC3589](matrix-org/matrix-spec-proposals#3589)). ([\matrix-org#12058](matrix-org#12058)) - Add module callbacks to react to user deactivation status changes (i.e. deactivations and reactivations) and profile updates. ([\matrix-org#12062](matrix-org#12062)) Bugfixes -------- - Fix a bug introduced in Synapse 1.48.0 where an edit of the latest event in a thread would not be properly applied to the thread summary. ([\matrix-org#11992](matrix-org#11992)) - Fix long-standing bug where the `get_rooms_for_user` cache was not correctly invalidated for remote users when the server left a room. ([\matrix-org#11999](matrix-org#11999)) - Fix a 500 error with Postgres when looking backwards with the [MSC3030](matrix-org/matrix-spec-proposals#3030) `/timestamp_to_event?dir=b` endpoint. ([\matrix-org#12024](matrix-org#12024)) - Properly fix a long-standing bug where wrong data could be inserted into the `event_search` table when using SQLite. This could block running `synapse_port_db` with an `argument of type 'int' is not iterable` error. This bug was partially fixed by a change in Synapse 1.44.0. ([\matrix-org#12037](matrix-org#12037)) - Fix slow performance of `/logout` in some cases where refresh tokens are in use. The slowness existed since the initial implementation of refresh tokens in version 1.38.0. ([\matrix-org#12056](matrix-org#12056)) - Fix a long-standing bug where Synapse would make additional failing requests over federation for missing data. ([\matrix-org#12077](matrix-org#12077)) - Fix occasional `Unhandled error in Deferred` error message. ([\matrix-org#12089](matrix-org#12089)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\matrix-org#12098](matrix-org#12098)) - Fix a long-standing bug which could cause push notifications to malfunction if `use_frozen_dicts` was set in the configuration. ([\matrix-org#12100](matrix-org#12100)) - Fix an extremely rare, long-standing bug in `ReadWriteLock` that would cause an error when a newly unblocked writer completes instantly. ([\matrix-org#12105](matrix-org#12105)) - Make a `POST` to `/rooms/<room_id>/receipt/m.read/<event_id>` only trigger a push notification if the count of unread messages is different to the one in the last successfully sent push. This reduces server load and load on the receiving device. ([\matrix-org#11835](matrix-org#11835)) Updates to the Docker image --------------------------- - The Docker image no longer automatically creates a temporary volume at `/data`. This is not expected to affect normal usage. ([\matrix-org#11997](matrix-org#11997)) - Use Python 3.9 in Docker images by default. ([\matrix-org#12112](matrix-org#12112)) Improved Documentation ---------------------- - Document support for the `to_device`, `account_data`, `receipts`, and `presence` stream writers for workers. ([\matrix-org#11599](matrix-org#11599)) - Explain the meaning of spam checker callbacks' return values. ([\matrix-org#12003](matrix-org#12003)) - Clarify information about external Identity Provider IDs. ([\matrix-org#12004](matrix-org#12004)) Deprecations and Removals ------------------------- - Deprecate using `synctl` with the config option `synctl_cache_factor` and print a warning if a user still uses this option. ([\matrix-org#11865](matrix-org#11865)) - Remove support for the legacy structured logging configuration (please see the the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#legacy-structured-logging-configuration-removal) if you are using `structured: true` in the Synapse configuration). ([\matrix-org#12008](matrix-org#12008)) - Drop support for [MSC3283](matrix-org/matrix-spec-proposals#3283) unstable flags now that the stable flags are supported. ([\matrix-org#12018](matrix-org#12018)) - Remove the unstable `/spaces` endpoint from [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\matrix-org#12073](matrix-org#12073)) Internal Changes ---------------- - Make the `get_room_version` method use `get_room_version_id` to benefit from caching. ([\matrix-org#11808](matrix-org#11808)) - Remove unnecessary condition on knock -> leave auth rule check. ([\matrix-org#11900](matrix-org#11900)) - Add tests for device list changes between local users. ([\matrix-org#11972](matrix-org#11972)) - Optimise calculating `device_list` changes in `/sync`. ([\matrix-org#11974](matrix-org#11974)) - Add missing type hints to storage classes. ([\matrix-org#11984](matrix-org#11984)) - Refactor the search code for improved readability. ([\matrix-org#11991](matrix-org#11991)) - Move common deduplication code down into `_auth_and_persist_outliers`. ([\matrix-org#11994](matrix-org#11994)) - Limit concurrent joins from applications services. ([\matrix-org#11996](matrix-org#11996)) - Preparation for faster-room-join work: when parsing the `send_join` response, get the `m.room.create` event from `state`, not `auth_chain`. ([\matrix-org#12005](matrix-org#12005), [\matrix-org#12039](matrix-org#12039)) - Preparation for faster-room-join work: parse MSC3706 fields in send_join response. ([\matrix-org#12011](matrix-org#12011)) - Preparation for faster-room-join work: persist information on which events and rooms have partial state to the database. ([\matrix-org#12012](matrix-org#12012)) - Preparation for faster-room-join work: Support for calling `/federation/v1/state` on a remote server. ([\matrix-org#12013](matrix-org#12013)) - Configure `tox` to use `venv` rather than `virtualenv`. ([\matrix-org#12015](matrix-org#12015)) - Fix bug in `StateFilter.return_expanded()` and add some tests. ([\matrix-org#12016](matrix-org#12016)) - Use Matrix v1.1 endpoints (`/_matrix/client/v3/auth/...`) in fallback auth HTML forms. ([\matrix-org#12019](matrix-org#12019)) - Update the `olddeps` CI job to use an old version of `markupsafe`. ([\matrix-org#12025](matrix-org#12025)) - Upgrade Mypy to version 0.931. ([\matrix-org#12030](matrix-org#12030)) - Remove legacy `HomeServer.get_datastore()`. ([\matrix-org#12031](matrix-org#12031), [\matrix-org#12070](matrix-org#12070)) - Minor typing fixes. ([\matrix-org#12034](matrix-org#12034), [\matrix-org#12069](matrix-org#12069)) - After joining a room, create a dedicated logcontext to process the queued events. ([\matrix-org#12041](matrix-org#12041)) - Tidy up GitHub Actions config which builds distributions for PyPI. ([\matrix-org#12051](matrix-org#12051)) - Move configuration out of `setup.cfg`. ([\matrix-org#12052](matrix-org#12052), [\matrix-org#12059](matrix-org#12059)) - Fix error message when a worker process fails to talk to another worker process. ([\matrix-org#12060](matrix-org#12060)) - Fix using the `complement.sh` script without specifying a directory or a branch. Contributed by Nico on behalf of Famedly. ([\matrix-org#12063](matrix-org#12063)) - Add type hints to `tests/rest/client`. ([\matrix-org#12066](matrix-org#12066), [\matrix-org#12072](matrix-org#12072), [\matrix-org#12084](matrix-org#12084), [\matrix-org#12094](matrix-org#12094)) - Add some logging to `/sync` to try and track down matrix-org#11916. ([\matrix-org#12068](matrix-org#12068)) - Inspect application dependencies using `importlib.metadata` or its backport. ([\matrix-org#12088](matrix-org#12088)) - Use `assertEqual` instead of the deprecated `assertEquals` in test code. ([\matrix-org#12092](matrix-org#12092)) - Move experimental support for [MSC3440](matrix-org/matrix-spec-proposals#3440) to `/versions`. ([\matrix-org#12099](matrix-org#12099)) - Add `stop_cancellation` utility function to stop `Deferred`s from being cancelled. ([\matrix-org#12106](matrix-org#12106)) - Improve exception handling for concurrent execution. ([\matrix-org#12109](matrix-org#12109)) - Advertise support for Python 3.10 in packaging files. ([\matrix-org#12111](matrix-org#12111)) - Move CI checks out of tox, to facilitate a move to using poetry. ([\matrix-org#12119](matrix-org#12119))
Synapse 1.56.0 (2022-04-05) =========================== Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), [recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification in order to prevent automated registration from bad actors. This check can be disabled by setting the `enable_registration_without_verification` option in your homeserver configuration file to `true`. More details are available in the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). Synapse will additionally now refuse to start when using PostgreSQL with a non-`C` values for `COLLATE` and `CTYPE`, unless the config flag `allow_unsafe_locale`, found in the database section of the configuration file, is set to `true`. See the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade#change-in-behaviour-for-postgresql-databases-with-unsafe-locale) for details. Internal Changes ---------------- - Bump the version of `black` for compatibility with the latest `click` release. ([\matrix-org#12320](matrix-org#12320)) Synapse 1.56.0rc1 (2022-03-29) ============================== Features -------- - Allow modules to store already existing 3PID associations. ([\matrix-org#12195](matrix-org#12195)) - Allow registering server administrators using the module API. Contributed by Famedly. ([\matrix-org#12250](matrix-org#12250)) Bugfixes -------- - Fix a long-standing bug which caused the `/_matrix/federation/v1/state` and `/_matrix/federation/v1/state_ids` endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". ([\matrix-org#12087](matrix-org#12087)) - Fix a long-standing bug where events from ignored users would still be considered for relations. ([\matrix-org#12227](matrix-org#12227), [\matrix-org#12232](matrix-org#12232), [\matrix-org#12285](matrix-org#12285)) - Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. ([\matrix-org#12228](matrix-org#12228)) - Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. ([\matrix-org#12261](matrix-org#12261)) Improved Documentation ---------------------- - Fix the link to the module documentation in the legacy spam checker warning message. ([\matrix-org#12231](matrix-org#12231)) - Remove incorrect prefixes in the worker documentation for some endpoints. ([\matrix-org#12243](matrix-org#12243)) - Correct `check_username_for_spam` annotations and docs. ([\matrix-org#12246](matrix-org#12246)) - Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @IronTooch. ([\matrix-org#12275](matrix-org#12275)) - HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @villepeh. ([\matrix-org#12279](matrix-org#12279)) Internal Changes ---------------- - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](matrix-org/matrix-spec-proposals#2666)), as per proposal changes. ([\matrix-org#12036](matrix-org#12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](matrix-org/matrix-spec-proposals#2666)), and update/expand documentation. ([\matrix-org#12038](matrix-org#12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](matrix-org/matrix-spec-proposals#2716) instead of abusing `auth_event_ids`. ([\matrix-org#12083](matrix-org#12083), [\matrix-org#12304](matrix-org#12304)) - Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\matrix-org#12091](matrix-org#12091), [\matrix-org#12322](matrix-org#12322)) - Add tests for database transaction callbacks. ([\matrix-org#12198](matrix-org#12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\matrix-org#12199](matrix-org#12199)) - Add missing type hints for cache storage. ([\matrix-org#12216](matrix-org#12216)) - Add missing type hints for storage. ([\matrix-org#12248](matrix-org#12248), [\matrix-org#12255](matrix-org#12255)) - Add type hints to tests files. ([\matrix-org#12224](matrix-org#12224), [\matrix-org#12240](matrix-org#12240), [\matrix-org#12256](matrix-org#12256)) - Use type stubs for `psycopg2`. ([\matrix-org#12269](matrix-org#12269)) - Improve type annotations for `execute_values`. ([\matrix-org#12311](matrix-org#12311)) - Clean-up logic around rebasing URLs for URL image previews. ([\matrix-org#12219](matrix-org#12219)) - Use the `ignored_users` table in additional places instead of re-parsing the account data. ([\matrix-org#12225](matrix-org#12225)) - Refactor the relations endpoints to add a `RelationsHandler`. ([\matrix-org#12237](matrix-org#12237)) - Generate announcement links in the release script. ([\matrix-org#12242](matrix-org#12242)) - Improve error message when dependencies check finds a broken installation. ([\matrix-org#12244](matrix-org#12244)) - Compress metrics HTTP resource when enabled. Contributed by Nick @ Beeper. ([\matrix-org#12258](matrix-org#12258)) - Refuse to start if the PostgreSQL database has a non-`C` locale, unless the config flag `allow_unsafe_db_locale` is set to true. ([\matrix-org#12262](matrix-org#12262), [\matrix-org#12288](matrix-org#12288)) - Optionally include account validity expiration information to experimental [MSC3720](matrix-org/matrix-spec-proposals#3720) account status responses. ([\matrix-org#12266](matrix-org#12266)) - Add a new cache `_get_membership_from_event_id` to speed up push rule calculations in large rooms. ([\matrix-org#12272](matrix-org#12272)) - Re-enable Complement concurrency in CI. ([\matrix-org#12283](matrix-org#12283)) - Remove unused test utilities. ([\matrix-org#12291](matrix-org#12291)) - Enhance logging for inbound federation events. ([\matrix-org#12301](matrix-org#12301)) - Fix compatibility with the recently-released Jinja 3.1. ([\matrix-org#12313](matrix-org#12313)) - Avoid trying to calculate the state at outlier events. ([\matrix-org#12314](matrix-org#12314))
Synapse 1.54.0 (2022-03-08) =========================== Please note that this will be the last release of Synapse that is compatible with Mjolnir 1.3.1 and earlier. Administrators of servers which have the Mjolnir module installed are advised to upgrade Mjolnir to version 1.3.2 or later. Bugfixes -------- - Fix a bug introduced in Synapse 1.54.0rc1 preventing the new module callbacks introduced in this release from being registered by modules. ([\#12141](matrix-org/synapse#12141)) - Fix a bug introduced in Synapse 1.54.0rc1 where runtime dependency version checks would mistakenly check development dependencies if they were present and would not accept pre-release versions of dependencies. ([\#12129](matrix-org/synapse#12129), [\#12177](matrix-org/synapse#12177)) Internal Changes ---------------- - Update release script to insert the previous version when writing "No significant changes" line in the changelog. ([\#12127](matrix-org/synapse#12127)) - Relax the version guard for "packaging" added in [\#12088](matrix-org/synapse#12088). ([\#12166](matrix-org/synapse#12166)) Synapse 1.54.0rc1 (2022-03-02) ============================== Features -------- - Add support for [MSC3202](matrix-org/matrix-spec-proposals#3202): sending one-time key counts and fallback key usage states to Application Services. ([\#11617](matrix-org/synapse#11617)) - Improve the generated URL previews for some web pages. Contributed by @AndrewRyanChama. ([\#11985](matrix-org/synapse#11985)) - Track cache invalidations in Prometheus metrics, as already happens for cache eviction based on size or time. ([\#12000](matrix-org/synapse#12000)) - Implement experimental support for [MSC3720](matrix-org/matrix-spec-proposals#3720) (account status endpoints). ([\#12001](matrix-org/synapse#12001), [\#12067](matrix-org/synapse#12067)) - Enable modules to set a custom display name when registering a user. ([\#12009](matrix-org/synapse#12009)) - Advertise Matrix 1.1 and 1.2 support on `/_matrix/client/versions`. ([\#12020](matrix-org/synapse#12020), ([\#12022](matrix-org/synapse#12022)) - Support only the stable identifier for [MSC3069](matrix-org/matrix-spec-proposals#3069 `is_guest` on `/_matrix/client/v3/account/whoami`. ([\#12021](matrix-org/synapse#12021)) - Use room version 9 as the default room version (per [MSC3589](matrix-org/matrix-spec-proposals#3589)). ([\#12058](matrix-org/synapse#12058)) - Add module callbacks to react to user deactivation status changes (i.e. deactivations and reactivations) and profile updates. ([\#12062](matrix-org/synapse#12062)) Bugfixes -------- - Fix a bug introduced in Synapse 1.48.0 where an edit of the latest event in a thread would not be properly applied to the thread summary. ([\#11992](matrix-org/synapse#11992)) - Fix long-standing bug where the `get_rooms_for_user` cache was not correctly invalidated for remote users when the server left a room. ([\#11999](matrix-org/synapse#11999)) - Fix a 500 error with Postgres when looking backwards with the [MSC3030](matrix-org/matrix-spec-proposals#3030) `/timestamp_to_event?dir=b` endpoint. ([\#12024](matrix-org/synapse#12024)) - Properly fix a long-standing bug where wrong data could be inserted into the `event_search` table when using SQLite. This could block running `synapse_port_db` with an `argument of type 'int' is not iterable` error. This bug was partially fixed by a change in Synapse 1.44.0. ([\#12037](matrix-org/synapse#12037)) - Fix slow performance of `/logout` in some cases where refresh tokens are in use. The slowness existed since the initial implementation of refresh tokens in version 1.38.0. ([\#12056](matrix-org/synapse#12056)) - Fix a long-standing bug where Synapse would make additional failing requests over federation for missing data. ([\#12077](matrix-org/synapse#12077)) - Fix occasional `Unhandled error in Deferred` error message. ([\#12089](matrix-org/synapse#12089)) - Fix a bug introduced in Synapse 1.51.0 where incoming federation transactions containing at least one EDU would be dropped if debug logging was enabled for `synapse.8631_debug`. ([\#12098](matrix-org/synapse#12098)) - Fix a long-standing bug which could cause push notifications to malfunction if `use_frozen_dicts` was set in the configuration. ([\#12100](matrix-org/synapse#12100)) - Fix an extremely rare, long-standing bug in `ReadWriteLock` that would cause an error when a newly unblocked writer completes instantly. ([\#12105](matrix-org/synapse#12105)) - Make a `POST` to `/rooms/<room_id>/receipt/m.read/<event_id>` only trigger a push notification if the count of unread messages is different to the one in the last successfully sent push. This reduces server load and load on the receiving device. ([\#11835](matrix-org/synapse#11835)) Updates to the Docker image --------------------------- - The Docker image no longer automatically creates a temporary volume at `/data`. This is not expected to affect normal usage. ([\#11997](matrix-org/synapse#11997)) - Use Python 3.9 in Docker images by default. ([\#12112](matrix-org/synapse#12112)) Improved Documentation ---------------------- - Document support for the `to_device`, `account_data`, `receipts`, and `presence` stream writers for workers. ([\#11599](matrix-org/synapse#11599)) - Explain the meaning of spam checker callbacks' return values. ([\#12003](matrix-org/synapse#12003)) - Clarify information about external Identity Provider IDs. ([\#12004](matrix-org/synapse#12004)) Deprecations and Removals ------------------------- - Deprecate using `synctl` with the config option `synctl_cache_factor` and print a warning if a user still uses this option. ([\#11865](matrix-org/synapse#11865)) - Remove support for the legacy structured logging configuration (please see the the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#legacy-structured-logging-configuration-removal) if you are using `structured: true` in the Synapse configuration). ([\#12008](matrix-org/synapse#12008)) - Drop support for [MSC3283](matrix-org/matrix-spec-proposals#3283) unstable flags now that the stable flags are supported. ([\#12018](matrix-org/synapse#12018)) - Remove the unstable `/spaces` endpoint from [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\#12073](matrix-org/synapse#12073)) Internal Changes ---------------- - Make the `get_room_version` method use `get_room_version_id` to benefit from caching. ([\#11808](matrix-org/synapse#11808)) - Remove unnecessary condition on knock -> leave auth rule check. ([\#11900](matrix-org/synapse#11900)) - Add tests for device list changes between local users. ([\#11972](matrix-org/synapse#11972)) - Optimise calculating `device_list` changes in `/sync`. ([\#11974](matrix-org/synapse#11974)) - Add missing type hints to storage classes. ([\#11984](matrix-org/synapse#11984)) - Refactor the search code for improved readability. ([\#11991](matrix-org/synapse#11991)) - Move common deduplication code down into `_auth_and_persist_outliers`. ([\#11994](matrix-org/synapse#11994)) - Limit concurrent joins from applications services. ([\#11996](matrix-org/synapse#11996)) - Preparation for faster-room-join work: when parsing the `send_join` response, get the `m.room.create` event from `state`, not `auth_chain`. ([\#12005](matrix-org/synapse#12005), [\#12039](matrix-org/synapse#12039)) - Preparation for faster-room-join work: parse MSC3706 fields in send_join response. ([\#12011](matrix-org/synapse#12011)) - Preparation for faster-room-join work: persist information on which events and rooms have partial state to the database. ([\#12012](matrix-org/synapse#12012)) - Preparation for faster-room-join work: Support for calling `/federation/v1/state` on a remote server. ([\#12013](matrix-org/synapse#12013)) - Configure `tox` to use `venv` rather than `virtualenv`. ([\#12015](matrix-org/synapse#12015)) - Fix bug in `StateFilter.return_expanded()` and add some tests. ([\#12016](matrix-org/synapse#12016)) - Use Matrix v1.1 endpoints (`/_matrix/client/v3/auth/...`) in fallback auth HTML forms. ([\#12019](matrix-org/synapse#12019)) - Update the `olddeps` CI job to use an old version of `markupsafe`. ([\#12025](matrix-org/synapse#12025)) - Upgrade Mypy to version 0.931. ([\#12030](matrix-org/synapse#12030)) - Remove legacy `HomeServer.get_datastore()`. ([\#12031](matrix-org/synapse#12031), [\#12070](matrix-org/synapse#12070)) - Minor typing fixes. ([\#12034](matrix-org/synapse#12034), [\#12069](matrix-org/synapse#12069)) - After joining a room, create a dedicated logcontext to process the queued events. ([\#12041](matrix-org/synapse#12041)) - Tidy up GitHub Actions config which builds distributions for PyPI. ([\#12051](matrix-org/synapse#12051)) - Move configuration out of `setup.cfg`. ([\#12052](matrix-org/synapse#12052), [\#12059](matrix-org/synapse#12059)) - Fix error message when a worker process fails to talk to another worker process. ([\#12060](matrix-org/synapse#12060)) - Fix using the `complement.sh` script without specifying a directory or a branch. Contributed by Nico on behalf of Famedly. ([\#12063](matrix-org/synapse#12063)) - Add type hints to `tests/rest/client`. ([\#12066](matrix-org/synapse#12066), [\#12072](matrix-org/synapse#12072), [\#12084](matrix-org/synapse#12084), [\#12094](matrix-org/synapse#12094)) - Add some logging to `/sync` to try and track down #11916. ([\#12068](matrix-org/synapse#12068)) - Inspect application dependencies using `importlib.metadata` or its backport. ([\#12088](matrix-org/synapse#12088)) - Use `assertEqual` instead of the deprecated `assertEquals` in test code. ([\#12092](matrix-org/synapse#12092)) - Move experimental support for [MSC3440](matrix-org/matrix-spec-proposals#3440) to `/versions`. ([\#12099](matrix-org/synapse#12099)) - Add `stop_cancellation` utility function to stop `Deferred`s from being cancelled. ([\#12106](matrix-org/synapse#12106)) - Improve exception handling for concurrent execution. ([\#12109](matrix-org/synapse#12109)) - Advertise support for Python 3.10 in packaging files. ([\#12111](matrix-org/synapse#12111)) - Move CI checks out of tox, to facilitate a move to using poetry. ([\#12119](matrix-org/synapse#12119))
Synapse 1.56.0 (2022-04-05) =========================== Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), [recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification in order to prevent automated registration from bad actors. This check can be disabled by setting the `enable_registration_without_verification` option in your homeserver configuration file to `true`. More details are available in the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). Synapse will additionally now refuse to start when using PostgreSQL with a non-`C` values for `COLLATE` and `CTYPE`, unless the config flag `allow_unsafe_locale`, found in the database section of the configuration file, is set to `true`. See the [upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade#change-in-behaviour-for-postgresql-databases-with-unsafe-locale) for details. Internal Changes ---------------- - Bump the version of `black` for compatibility with the latest `click` release. ([\#12320](matrix-org/synapse#12320)) Synapse 1.56.0rc1 (2022-03-29) ============================== Features -------- - Allow modules to store already existing 3PID associations. ([\#12195](matrix-org/synapse#12195)) - Allow registering server administrators using the module API. Contributed by Famedly. ([\#12250](matrix-org/synapse#12250)) Bugfixes -------- - Fix a long-standing bug which caused the `/_matrix/federation/v1/state` and `/_matrix/federation/v1/state_ids` endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". ([\#12087](matrix-org/synapse#12087)) - Fix a long-standing bug where events from ignored users would still be considered for relations. ([\#12227](matrix-org/synapse#12227), [\#12232](matrix-org/synapse#12232), [\#12285](matrix-org/synapse#12285)) - Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. ([\#12228](matrix-org/synapse#12228)) - Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. ([\#12261](matrix-org/synapse#12261)) Improved Documentation ---------------------- - Fix the link to the module documentation in the legacy spam checker warning message. ([\#12231](matrix-org/synapse#12231)) - Remove incorrect prefixes in the worker documentation for some endpoints. ([\#12243](matrix-org/synapse#12243)) - Correct `check_username_for_spam` annotations and docs. ([\#12246](matrix-org/synapse#12246)) - Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @IronTooch. ([\#12275](matrix-org/synapse#12275)) - HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @villepeh. ([\#12279](matrix-org/synapse#12279)) Internal Changes ---------------- - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](matrix-org/matrix-spec-proposals#2666)), as per proposal changes. ([\#12036](matrix-org/synapse#12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](matrix-org/matrix-spec-proposals#2666)), and update/expand documentation. ([\#12038](matrix-org/synapse#12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](matrix-org/matrix-spec-proposals#2716) instead of abusing `auth_event_ids`. ([\#12083](matrix-org/synapse#12083), [\#12304](matrix-org/synapse#12304)) - Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\#12091](matrix-org/synapse#12091), [\#12322](matrix-org/synapse#12322)) - Add tests for database transaction callbacks. ([\#12198](matrix-org/synapse#12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\#12199](matrix-org/synapse#12199)) - Add missing type hints for cache storage. ([\#12216](matrix-org/synapse#12216)) - Add missing type hints for storage. ([\#12248](matrix-org/synapse#12248), [\#12255](matrix-org/synapse#12255)) - Add type hints to tests files. ([\#12224](matrix-org/synapse#12224), [\#12240](matrix-org/synapse#12240), [\#12256](matrix-org/synapse#12256)) - Use type stubs for `psycopg2`. ([\#12269](matrix-org/synapse#12269)) - Improve type annotations for `execute_values`. ([\#12311](matrix-org/synapse#12311)) - Clean-up logic around rebasing URLs for URL image previews. ([\#12219](matrix-org/synapse#12219)) - Use the `ignored_users` table in additional places instead of re-parsing the account data. ([\#12225](matrix-org/synapse#12225)) - Refactor the relations endpoints to add a `RelationsHandler`. ([\#12237](matrix-org/synapse#12237)) - Generate announcement links in the release script. ([\#12242](matrix-org/synapse#12242)) - Improve error message when dependencies check finds a broken installation. ([\#12244](matrix-org/synapse#12244)) - Compress metrics HTTP resource when enabled. Contributed by Nick @ Beeper. ([\#12258](matrix-org/synapse#12258)) - Refuse to start if the PostgreSQL database has a non-`C` locale, unless the config flag `allow_unsafe_db_locale` is set to true. ([\#12262](matrix-org/synapse#12262), [\#12288](matrix-org/synapse#12288)) - Optionally include account validity expiration information to experimental [MSC3720](matrix-org/matrix-spec-proposals#3720) account status responses. ([\#12266](matrix-org/synapse#12266)) - Add a new cache `_get_membership_from_event_id` to speed up push rule calculations in large rooms. ([\#12272](matrix-org/synapse#12272)) - Re-enable Complement concurrency in CI. ([\#12283](matrix-org/synapse#12283)) - Remove unused test utilities. ([\#12291](matrix-org/synapse#12291)) - Enhance logging for inbound federation events. ([\#12301](matrix-org/synapse#12301)) - Fix compatibility with the recently-released Jinja 3.1. ([\#12313](matrix-org/synapse#12313)) - Avoid trying to calculate the state at outlier events. ([\#12314](matrix-org/synapse#12314))
bc4f22c
to
bda4880
Compare
Rendered
Implementation: matrix-org/synapse#12001