Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3882: Allow an existing session to sign in a new session #3882

Merged
merged 18 commits into from
May 7, 2023

Conversation

hughns
Copy link
Member

@hughns hughns commented Sep 5, 2022

Rendered

Implementations of initial revision:

Implementations of revision 1:

FCP tickyboxes

@hughns hughns changed the title Allow an existing session to sign in a new session MSC3882: Allow an existing session to sign in a new session Sep 5, 2022
@hughns hughns added the client-server Client-Server API label Sep 5, 2022
@turt2live turt2live added proposal A matrix spec change proposal kind:maintenance MSC which clarifies/updates existing spec needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels Sep 5, 2022
@hughns hughns marked this pull request as ready for review September 11, 2022 20:23
squahtx pushed a commit to matrix-org/synapse that referenced this pull request Oct 4, 2022
Synapse 1.69.0rc1 (2022-10-04)
==============================

Please note that legacy Prometheus metric names are now deprecated and will be removed in Synapse 1.73.0.
Server administrators should update their dashboards and alerting rules to avoid using the deprecated metric names.
See the [upgrade notes](https://matrix-org.github.io/synapse/v1.69/upgrade.html#upgrading-to-v1690) for more details.

Features
--------

- Allow application services to set the `origin_server_ts` of a state event by providing the query parameter `ts` in [`PUT /_matrix/client/r0/rooms/{roomId}/state/{eventType}/{stateKey}`](https://spec.matrix.org/v1.4/client-server-api/#put_matrixclientv3roomsroomidstateeventtypestatekey), per [MSC3316](matrix-org/matrix-spec-proposals#3316). Contributed by @lukasdenk. ([\#11866](#11866))
- Allow server admins to require a manual approval process before new accounts can be used (using [MSC3866](matrix-org/matrix-spec-proposals#3866)). ([\#13556](#13556))
- Exponentially backoff from backfilling the same event over and over. ([\#13635](#13635), [\#13936](#13936))
- Add cache invalidation across workers to module API. ([\#13667](#13667), [\#13947](#13947))
- Experimental implementation of [MSC3882](matrix-org/matrix-spec-proposals#3882) to allow an existing device/session to generate a login token for use on a new device/session. ([\#13722](#13722), [\#13868](#13868))
- Experimental support for thread-specific receipts ([MSC3771](matrix-org/matrix-spec-proposals#3771)). ([\#13782](#13782), [\#13893](#13893), [\#13932](#13932), [\#13937](#13937), [\#13939](#13939))
- Add experimental support for [MSC3881: Remotely toggle push notifications for another client](matrix-org/matrix-spec-proposals#3881). ([\#13799](#13799), [\#13831](#13831), [\#13860](#13860))
- Keep track when an event pulled over federation fails its signature check so we can intelligently back-off in the future. ([\#13815](#13815))
- Improve validation for the unspecced, internal-only `_matrix/client/unstable/add_threepid/msisdn/submit_token` endpoint. ([\#13832](#13832))
- Faster remote room joins: record _when_ we first partial-join to a room. ([\#13892](#13892))
- Support a `dir` parameter on the `/relations` endpoint per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#13920](#13920))
- Ask mail servers receiving emails from Synapse to not send automatic replies (e.g. out-of-office responses). ([\#13957](#13957))

Bugfixes
--------

- Send push notifications for invites received over federation. ([\#13719](#13719), [\#14014](#14014))
- Fix a long-standing bug where typing events would be accepted from remote servers not present in a room. Also fix a bug where incoming typing events would cause other incoming events to get stuck during a fast join. ([\#13830](#13830))
- Fix a bug introduced in Synapse v1.53.0 where the experimental implementation of [MSC3715](matrix-org/matrix-spec-proposals#3715) would give incorrect results when paginating forward. ([\#13840](#13840))
- Fix access token leak to logs from proxy agent. ([\#13855](#13855))
- Fix `have_seen_event` cache not being invalidated after we persist an event which causes inefficiency effects like extra `/state` federation calls. ([\#13863](#13863))
- Faster room joins: Fix a bug introduced in 1.66.0 where an error would be logged when syncing after joining a room. ([\#13872](#13872))
- Fix a bug introduced in 1.66.0 where some required fields in the pushrules sent to clients were not present anymore. Contributed by Nico. ([\#13904](#13904))
- Fix packaging to include `Cargo.lock` in `sdist`. ([\#13909](#13909))
- Fix a long-standing bug where device updates could cause delays sending out to-device messages over federation. ([\#13922](#13922))
- Fix a bug introduced in v1.68.0 where Synapse would require `setuptools_rust` at runtime, even though the package is only required at build time. ([\#13952](#13952))
- Fix a long-standing bug where `POST /_matrix/client/v3/keys/query` requests could result in excessively large SQL queries. ([\#13956](#13956))
- Fix a performance regression in the `get_users_in_room` database query. Introduced in v1.67.0. ([\#13972](#13972))
- Fix a bug introduced in v1.68.0 bug where Rust extension wasn't built in `release` mode when using `poetry install`. ([\#14009](#14009))
- Do not return an unspecified `original_event` field when using the stable `/relations` endpoint. Introduced in Synapse v1.57.0. ([\#14025](#14025))
- Correctly handle a race with device lists when a remote user leaves during a partial join. ([\#13885](#13885))
- Correctly handle sending local device list updates to remote servers during a partial join. ([\#13934](#13934))

Improved Documentation
----------------------

- Add `worker_main_http_uri` for the worker generator bash script. ([\#13772](#13772))
- Update URL for the NixOS module for Synapse. ([\#13818](#13818))
- Fix a mistake in sso_mapping_providers.md: `map_user_attributes` is expected to return `display_name`, not `displayname`. ([\#13836](#13836))
- Fix a cross-link from the registration admin API to the `registration_shared_secret` configuration documentation. ([\#13870](#13870))
- Update the man page for the `hash_password` script to correct the default number of bcrypt rounds performed. ([\#13911](#13911), [\#13930](#13930))
- Emphasize the right reasons when to use `(room_id, event_id)` in a database schema. ([\#13915](#13915))
- Add instruction to contributing guide for running unit tests in parallel. Contributed by @ashfame. ([\#13928](#13928))
- Clarify that the `auto_join_rooms` config option can also be used with Space aliases. ([\#13931](#13931))
- Add some cross references to worker documentation. ([\#13974](#13974))
- Linkify urls in config documentation. ([\#14003](#14003))

Deprecations and Removals
-------------------------

- Remove the `complete_sso_login` method from the Module API which was deprecated in Synapse 1.13.0. ([\#13843](#13843))
- Announce that legacy metric names are deprecated, will be turned off by default in Synapse v1.71.0 and removed altogether in Synapse v1.73.0. See the upgrade notes for more information. ([\#14024](#14024))

Internal Changes
----------------

- Speed up creation of DM rooms. ([\#13487](#13487), [\#13800](#13800))
- Port push rules to using Rust. ([\#13768](#13768), [\#13838](#13838), [\#13889](#13889))
- Optimise get rooms for user calls. Contributed by Nick @ Beeper (@Fizzadar). ([\#13787](#13787))
- Update the script which makes full schema dumps. ([\#13792](#13792))
- Use shared methods for cache invalidation when persisting events, remove duplicate codepaths. Contributed by Nick @ Beeper (@Fizzadar). ([\#13796](#13796))
- Improve the `synapse.api.auth.Auth` mock used in unit tests. ([\#13809](#13809))
- Faster Remote Room Joins: tell remote homeservers that we are unable to authorise them if they query a room which has partial state on our server. ([\#13823](#13823))
- Carry IdP Session IDs through user-mapping sessions. ([\#13839](#13839))
- Fix the release script not publishing binary wheels. ([\#13850](#13850))
- Raise issue if complement fails with latest deps. ([\#13859](#13859))
- Correct the comments in the complement dockerfile. ([\#13867](#13867))
- Create a new snapshot of the database schema. ([\#13873](#13873))
- Faster room joins: Send device list updates to most servers in rooms with partial state. ([\#13874](#13874), [\#14013](#14013))
- Add comments to the Prometheus recording rules to make it clear which set of rules you need for Grafana or Prometheus Console. ([\#13876](#13876))
- Only pull relevant backfill points from the database based on the current depth and limit (instead of all) every time we want to `/backfill`. ([\#13879](#13879))
- Faster room joins: Avoid waiting for full state when processing `/keys/changes` requests. ([\#13888](#13888))
- Improve backfill robustness by trying more servers when we get a `4xx` error back. ([\#13890](#13890))
- Fix mypy errors with canonicaljson 1.6.3. ([\#13905](#13905))
- Faster remote room joins: correctly handle remote device list updates during a partial join. ([\#13913](#13913))
- Complement image: propagate SIGTERM to all workers. ([\#13914](#13914))
- Update an innaccurate comment in Synapse's upsert database helper. ([\#13924](#13924))
- Update mypy (0.950 -> 0.981) and mypy-zope (0.3.7 -> 0.3.11). ([\#13925](#13925), [\#13993](#13993))
- Use dedicated `get_local_users_in_room(room_id)` function to find local users when calculating users to copy over during a room upgrade. ([\#13960](#13960))
- Refactor language in user directory `_track_user_joined_room` code to make it more clear that we use both local and remote users. ([\#13966](#13966))
- Revert catch-all exceptions being recorded as event pull attempt failures (only handle what we know about). ([\#13969](#13969))
- Speed up calculating push actions in large rooms. ([\#13973](#13973), [\#13992](#13992))
- Enable update notifications from Github's dependabot. ([\#13976](#13976))
- Prototype a workflow to automatically add changelogs to dependabot PRs. ([\#13998](#13998), [\#14011](#14011), [\#14017](#14017), [\#14021](#14021), [\#14027](#14027))
- Fix type annotations to be compatible with new annotations in development versions of twisted. ([\#14012](#14012))
- Clear out stale entries in `event_push_actions_staging` table. ([\#14020](#14020))
- Bump versions of GitHub actions. ([\#13978](#13978), [\#13979](#13979), [\#13980](#13980), [\#13982](#13982), [\#14015](#14015), [\#14019](#14019), [\#14022](#14022), [\#14023](#14023))
Fizzadar added a commit to beeper/synapse-legacy-fork that referenced this pull request Oct 18, 2022
NOTE: this is absolutely *not* safe for Beeper usage as-is. I have merged
all of the Python code in but all our customizations to the base rules
and push rule evaluator are not yet present in the new Rust module. This
will fail tests as-is and future commits will re-apply our changes in
Rust.

Synapse 1.69.0 (2022-10-17)
===========================

Please note that legacy Prometheus metric names are now deprecated and will be removed in Synapse 1.73.0.
Server administrators should update their dashboards and alerting rules to avoid using the deprecated metric names.
See the [upgrade notes](https://matrix-org.github.io/synapse/v1.69/upgrade.html#upgrading-to-v1690) for more details.

No significant changes since 1.69.0rc4.

Synapse 1.69.0rc4 (2022-10-14)
==============================

Bugfixes
--------

- Fix poor performance of the `event_push_backfill_thread_id` background update, which was introduced in Synapse 1.68.0rc1. ([\matrix-org#14172](matrix-org#14172), [\matrix-org#14181](matrix-org#14181))

Updates to the Docker image
---------------------------

- Fix docker build OOMing in CI for arm64 builds. ([\matrix-org#14173](matrix-org#14173))

Synapse 1.69.0rc3 (2022-10-12)
==============================

Bugfixes
--------

- Fix an issue with Docker images causing the Rust dependencies to not be pinned correctly. Introduced in v1.68.0 ([\matrix-org#14129](matrix-org#14129))
- Fix a bug introduced in Synapse 1.69.0rc1 which would cause registration replication requests to fail if the worker sending the request is not running Synapse 1.69. ([\matrix-org#14135](matrix-org#14135))
- Fix error in background update when rotating existing notifications. Introduced in v1.69.0rc2. ([\matrix-org#14138](matrix-org#14138))

Internal Changes
----------------

- Rename the `url_preview` extra to `url-preview`, for compatability with poetry-core 1.3.0 and [PEP 685](https://peps.python.org/pep-0685/). From-source installations using this extra will need to install using the new name. ([\matrix-org#14085](matrix-org#14085))

Synapse 1.69.0rc2 (2022-10-06)
==============================

Deprecations and Removals
-------------------------

- Deprecate the `generate_short_term_login_token` method in favor of an async `create_login_token` method in the Module API. ([\matrix-org#13842](matrix-org#13842))

Internal Changes
----------------

- Ensure Synapse v1.69 works with upcoming database changes in v1.70. ([\matrix-org#14045](matrix-org#14045))
- Fix a bug introduced in Synapse v1.68.0 where messages could not be sent in rooms with non-integer `notifications` power level. ([\matrix-org#14073](matrix-org#14073))
- Temporarily pin build-system requirements to workaround an incompatibility with poetry-core 1.3.0. This will be reverted before the v1.69.0 release proper, see [\matrix-org#14079](matrix-org#14079). ([\matrix-org#14080](matrix-org#14080))

Synapse 1.69.0rc1 (2022-10-04)
==============================

Features
--------

- Allow application services to set the `origin_server_ts` of a state event by providing the query parameter `ts` in [`PUT /_matrix/client/r0/rooms/{roomId}/state/{eventType}/{stateKey}`](https://spec.matrix.org/v1.4/client-server-api/#put_matrixclientv3roomsroomidstateeventtypestatekey), per [MSC3316](matrix-org/matrix-spec-proposals#3316). Contributed by @lukasdenk. ([\matrix-org#11866](matrix-org#11866))
- Allow server admins to require a manual approval process before new accounts can be used (using [MSC3866](matrix-org/matrix-spec-proposals#3866)). ([\matrix-org#13556](matrix-org#13556))
- Exponentially backoff from backfilling the same event over and over. ([\matrix-org#13635](matrix-org#13635), [\matrix-org#13936](matrix-org#13936))
- Add cache invalidation across workers to module API. ([\matrix-org#13667](matrix-org#13667), [\matrix-org#13947](matrix-org#13947))
- Experimental implementation of [MSC3882](matrix-org/matrix-spec-proposals#3882) to allow an existing device/session to generate a login token for use on a new device/session. ([\matrix-org#13722](matrix-org#13722), [\matrix-org#13868](matrix-org#13868))
- Experimental support for thread-specific receipts ([MSC3771](matrix-org/matrix-spec-proposals#3771)). ([\matrix-org#13782](matrix-org#13782), [\matrix-org#13893](matrix-org#13893), [\matrix-org#13932](matrix-org#13932), [\matrix-org#13937](matrix-org#13937), [\matrix-org#13939](matrix-org#13939))
- Add experimental support for [MSC3881: Remotely toggle push notifications for another client](matrix-org/matrix-spec-proposals#3881). ([\matrix-org#13799](matrix-org#13799), [\matrix-org#13831](matrix-org#13831), [\matrix-org#13860](matrix-org#13860))
- Keep track when an event pulled over federation fails its signature check so we can intelligently back-off in the future. ([\matrix-org#13815](matrix-org#13815))
- Improve validation for the unspecced, internal-only `_matrix/client/unstable/add_threepid/msisdn/submit_token` endpoint. ([\matrix-org#13832](matrix-org#13832))
- Faster remote room joins: record _when_ we first partial-join to a room. ([\matrix-org#13892](matrix-org#13892))
- Support a `dir` parameter on the `/relations` endpoint per [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\matrix-org#13920](matrix-org#13920))
- Ask mail servers receiving emails from Synapse to not send automatic replies (e.g. out-of-office responses). ([\matrix-org#13957](matrix-org#13957))

Bugfixes
--------

- Send push notifications for invites received over federation. ([\matrix-org#13719](matrix-org#13719), [\matrix-org#14014](matrix-org#14014))
- Fix a long-standing bug where typing events would be accepted from remote servers not present in a room. Also fix a bug where incoming typing events would cause other incoming events to get stuck during a fast join. ([\matrix-org#13830](matrix-org#13830))
- Fix a bug introduced in Synapse v1.53.0 where the experimental implementation of [MSC3715](matrix-org/matrix-spec-proposals#3715) would give incorrect results when paginating forward. ([\matrix-org#13840](matrix-org#13840))
- Fix access token leak to logs from proxy agent. ([\matrix-org#13855](matrix-org#13855))
- Fix `have_seen_event` cache not being invalidated after we persist an event which causes inefficiency effects like extra `/state` federation calls. ([\matrix-org#13863](matrix-org#13863))
- Faster room joins: Fix a bug introduced in 1.66.0 where an error would be logged when syncing after joining a room. ([\matrix-org#13872](matrix-org#13872))
- Fix a bug introduced in 1.66.0 where some required fields in the pushrules sent to clients were not present anymore. Contributed by Nico. ([\matrix-org#13904](matrix-org#13904))
- Fix packaging to include `Cargo.lock` in `sdist`. ([\matrix-org#13909](matrix-org#13909))
- Fix a long-standing bug where device updates could cause delays sending out to-device messages over federation. ([\matrix-org#13922](matrix-org#13922))
- Fix a bug introduced in v1.68.0 where Synapse would require `setuptools_rust` at runtime, even though the package is only required at build time. ([\matrix-org#13952](matrix-org#13952))
- Fix a long-standing bug where `POST /_matrix/client/v3/keys/query` requests could result in excessively large SQL queries. ([\matrix-org#13956](matrix-org#13956))
- Fix a performance regression in the `get_users_in_room` database query. Introduced in v1.67.0. ([\matrix-org#13972](matrix-org#13972))
- Fix a bug introduced in v1.68.0 bug where Rust extension wasn't built in `release` mode when using `poetry install`. ([\matrix-org#14009](matrix-org#14009))
- Do not return an unspecified `original_event` field when using the stable `/relations` endpoint. Introduced in Synapse v1.57.0. ([\matrix-org#14025](matrix-org#14025))
- Correctly handle a race with device lists when a remote user leaves during a partial join. ([\matrix-org#13885](matrix-org#13885))
- Correctly handle sending local device list updates to remote servers during a partial join. ([\matrix-org#13934](matrix-org#13934))

Improved Documentation
----------------------

- Add `worker_main_http_uri` for the worker generator bash script. ([\matrix-org#13772](matrix-org#13772))
- Update URL for the NixOS module for Synapse. ([\matrix-org#13818](matrix-org#13818))
- Fix a mistake in sso_mapping_providers.md: `map_user_attributes` is expected to return `display_name`, not `displayname`. ([\matrix-org#13836](matrix-org#13836))
- Fix a cross-link from the registration admin API to the `registration_shared_secret` configuration documentation. ([\matrix-org#13870](matrix-org#13870))
- Update the man page for the `hash_password` script to correct the default number of bcrypt rounds performed. ([\matrix-org#13911](matrix-org#13911), [\matrix-org#13930](matrix-org#13930))
- Emphasize the right reasons when to use `(room_id, event_id)` in a database schema. ([\matrix-org#13915](matrix-org#13915))
- Add instruction to contributing guide for running unit tests in parallel. Contributed by @ashfame. ([\matrix-org#13928](matrix-org#13928))
- Clarify that the `auto_join_rooms` config option can also be used with Space aliases. ([\matrix-org#13931](matrix-org#13931))
- Add some cross references to worker documentation. ([\matrix-org#13974](matrix-org#13974))
- Linkify urls in config documentation. ([\matrix-org#14003](matrix-org#14003))

Deprecations and Removals
-------------------------

- Remove the `complete_sso_login` method from the Module API which was deprecated in Synapse 1.13.0. ([\matrix-org#13843](matrix-org#13843))
- Announce that legacy metric names are deprecated, will be turned off by default in Synapse v1.71.0 and removed altogether in Synapse v1.73.0. See the upgrade notes for more information. ([\matrix-org#14024](matrix-org#14024))

Internal Changes
----------------

- Speed up creation of DM rooms. ([\matrix-org#13487](matrix-org#13487), [\matrix-org#13800](matrix-org#13800))
- Port push rules to using Rust. ([\matrix-org#13768](matrix-org#13768), [\matrix-org#13838](matrix-org#13838), [\matrix-org#13889](matrix-org#13889))
- Optimise get rooms for user calls. Contributed by Nick @ Beeper (@Fizzadar). ([\matrix-org#13787](matrix-org#13787))
- Update the script which makes full schema dumps. ([\matrix-org#13792](matrix-org#13792))
- Use shared methods for cache invalidation when persisting events, remove duplicate codepaths. Contributed by Nick @ Beeper (@Fizzadar). ([\matrix-org#13796](matrix-org#13796))
- Improve the `synapse.api.auth.Auth` mock used in unit tests. ([\matrix-org#13809](matrix-org#13809))
- Faster Remote Room Joins: tell remote homeservers that we are unable to authorise them if they query a room which has partial state on our server. ([\matrix-org#13823](matrix-org#13823))
- Carry IdP Session IDs through user-mapping sessions. ([\matrix-org#13839](matrix-org#13839))
- Fix the release script not publishing binary wheels. ([\matrix-org#13850](matrix-org#13850))
- Raise issue if complement fails with latest deps. ([\matrix-org#13859](matrix-org#13859))
- Correct the comments in the complement dockerfile. ([\matrix-org#13867](matrix-org#13867))
- Create a new snapshot of the database schema. ([\matrix-org#13873](matrix-org#13873))
- Faster room joins: Send device list updates to most servers in rooms with partial state. ([\matrix-org#13874](matrix-org#13874), [\matrix-org#14013](matrix-org#14013))
- Add comments to the Prometheus recording rules to make it clear which set of rules you need for Grafana or Prometheus Console. ([\matrix-org#13876](matrix-org#13876))
- Only pull relevant backfill points from the database based on the current depth and limit (instead of all) every time we want to `/backfill`. ([\matrix-org#13879](matrix-org#13879))
- Faster room joins: Avoid waiting for full state when processing `/keys/changes` requests. ([\matrix-org#13888](matrix-org#13888))
- Improve backfill robustness by trying more servers when we get a `4xx` error back. ([\matrix-org#13890](matrix-org#13890))
- Fix mypy errors with canonicaljson 1.6.3. ([\matrix-org#13905](matrix-org#13905))
- Faster remote room joins: correctly handle remote device list updates during a partial join. ([\matrix-org#13913](matrix-org#13913))
- Complement image: propagate SIGTERM to all workers. ([\matrix-org#13914](matrix-org#13914))
- Update an innaccurate comment in Synapse's upsert database helper. ([\matrix-org#13924](matrix-org#13924))
- Update mypy (0.950 -> 0.981) and mypy-zope (0.3.7 -> 0.3.11). ([\matrix-org#13925](matrix-org#13925), [\matrix-org#13993](matrix-org#13993))
- Use dedicated `get_local_users_in_room(room_id)` function to find local users when calculating users to copy over during a room upgrade. ([\matrix-org#13960](matrix-org#13960))
- Refactor language in user directory `_track_user_joined_room` code to make it more clear that we use both local and remote users. ([\matrix-org#13966](matrix-org#13966))
- Revert catch-all exceptions being recorded as event pull attempt failures (only handle what we know about). ([\matrix-org#13969](matrix-org#13969))
- Speed up calculating push actions in large rooms. ([\matrix-org#13973](matrix-org#13973), [\matrix-org#13992](matrix-org#13992))
- Enable update notifications from Github's dependabot. ([\matrix-org#13976](matrix-org#13976))
- Prototype a workflow to automatically add changelogs to dependabot PRs. ([\matrix-org#13998](matrix-org#13998), [\matrix-org#14011](matrix-org#14011), [\matrix-org#14017](matrix-org#14017), [\matrix-org#14021](matrix-org#14021), [\matrix-org#14027](matrix-org#14027))
- Fix type annotations to be compatible with new annotations in development versions of twisted. ([\matrix-org#14012](matrix-org#14012))
- Clear out stale entries in `event_push_actions_staging` table. ([\matrix-org#14020](matrix-org#14020))
- Bump versions of GitHub actions. ([\matrix-org#13978](matrix-org#13978), [\matrix-org#13979](matrix-org#13979), [\matrix-org#13980](matrix-org#13980), [\matrix-org#13982](matrix-org#13982), [\matrix-org#14015](matrix-org#14015), [\matrix-org#14019](matrix-org#14019), [\matrix-org#14022](matrix-org#14022), [\matrix-org#14023](matrix-org#14023))

# -----BEGIN PGP SIGNATURE-----
#
# iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmNNMOMQHGVyaWtAbWF0
# cml4Lm9yZwAKCRClQuTtGw+sCVnjB/9jpJRVnicteEpDfVX9iLo2qfIfcO/GhUJK
# pJhv4yuY9whAldvJpmNw2f9tfUbAMcvrjlFvNrjihWmXcAGFazC6i3fNBjPgZW2e
# Sxsuuy8xc9X/OqH2EUpHtNZQX3FfSbdBS93Z62ZO3R8tEbCQvjw6FXBdjjjf5uLO
# y5Lsx94+41FJYOhs1Kt4fN92B9WMACR6e/O1YcsDjIXsoZI3uqO1h8filbQIZee7
# DTATE7eIPtShs2Ezaaeuc7tZGVDyPvgWIbuxuT6OGx20zmuChYJgIcVaD1me4UzJ
# i9bVigtpYN0eUxuWnjLf7YC6Ys/Y9wZ7/lhdgaBwdbQKEJdpi+S4
# =JWaO
# -----END PGP SIGNATURE-----
# gpg: Signature made Mon Oct 17 11:39:31 2022 BST
# gpg:                using RSA key 053191DFF4670330465227F7A542E4ED1B0FAC09
# gpg:                issuer "erik@matrix.org"
# gpg: Can't check signature: No public key

# Conflicts:
#	docker/Dockerfile
#	pyproject.toml
#	synapse/_scripts/update_synapse_database.py
#	synapse/handlers/message.py
#	synapse/handlers/receipts.py
#	synapse/logging/context.py
#	synapse/push/baserules.py
#	synapse/push/bulk_push_rule_evaluator.py
#	synapse/push/push_rule_evaluator.py
#	synapse/replication/http/send_event.py
#	synapse/rest/admin/users.py
#	synapse/rest/client/read_marker.py
#	synapse/rest/client/receipts.py
#	synapse/rest/client/room.py
#	synapse/storage/_base.py
#	synapse/storage/databases/main/__init__.py
#	synapse/storage/databases/main/cache.py
#	synapse/storage/databases/main/events.py
#	synapse/storage/databases/main/receipts.py
#	tests/push/test_push_rule_evaluator.py
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Oct 29, 2022
Synapse 1.69.0 (2022-10-17)
===========================

Please note that legacy Prometheus metric names are now deprecated and will be removed in Synapse 1.73.0.
Server administrators should update their dashboards and alerting rules to avoid using the deprecated metric names.
See the [upgrade notes](https://matrix-org.github.io/synapse/v1.69/upgrade.html#upgrading-to-v1690) for more details.


Deprecations and Removals
-------------------------

- Remove the `complete_sso_login` method from the Module API which was
  deprecated in Synapse
  1.13.0. ([\#13843](matrix-org/synapse#13843))

- Announce that legacy metric names are deprecated, will be turned off
  by default in Synapse v1.71.0 and removed altogether in Synapse
  v1.73.0. See the upgrade notes for more
  information. ([\#14024](matrix-org/synapse#14024))

- Deprecate the `generate_short_term_login_token` method in favor of
  an async `create_login_token` method in the Module
  API. ([\#13842](matrix-org/synapse#13842))


Features
--------

- Allow application services to set the `origin_server_ts` of a state
  event by providing the query parameter `ts` in [`PUT
  /_matrix/client/r0/rooms/{roomId}/state/{eventType}/{stateKey}`](https://spec.matrix.org/v1.4/client-server-api/#put_matrixclientv3roomsroomidstateeventtypestatekey),
  per
  [MSC3316](matrix-org/matrix-spec-proposals#3316). Contributed
  by
  @lukasdenk. ([\#11866](matrix-org/synapse#11866))

- Allow server admins to require a manual approval process before new
  accounts can be used (using
  [MSC3866](matrix-org/matrix-spec-proposals#3866)). ([\#13556](matrix-org/synapse#13556))

- Exponentially backoff from backfilling the same event over and
  over. ([\#13635](matrix-org/synapse#13635),
  [\#13936](matrix-org/synapse#13936))

- Add cache invalidation across workers to module
  API. ([\#13667](matrix-org/synapse#13667),
  [\#13947](matrix-org/synapse#13947))

- Experimental implementation of
  [MSC3882](matrix-org/matrix-spec-proposals#3882)
  to allow an existing device/session to generate a login token for
  use on a new
  device/session. ([\#13722](matrix-org/synapse#13722),
  [\#13868](matrix-org/synapse#13868))

- Experimental support for thread-specific receipts
  ([MSC3771](matrix-org/matrix-spec-proposals#3771)). ([\#13782](matrix-org/synapse#13782),
  [\#13893](matrix-org/synapse#13893),
  [\#13932](matrix-org/synapse#13932),
  [\#13937](matrix-org/synapse#13937),
  [\#13939](matrix-org/synapse#13939))

- Add experimental support for [MSC3881: Remotely toggle push
  notifications for another
  client](matrix-org/matrix-spec-proposals#3881). ([\#13799](matrix-org/synapse#13799),
  [\#13831](matrix-org/synapse#13831),
  [\#13860](matrix-org/synapse#13860))

- Keep track when an event pulled over federation fails its signature
  check so we can intelligently back-off in the
  future. ([\#13815](matrix-org/synapse#13815))

- Improve validation for the unspecced, internal-only
  `_matrix/client/unstable/add_threepid/msisdn/submit_token`
  endpoint. ([\#13832](matrix-org/synapse#13832))

- Faster remote room joins: record _when_ we first partial-join to a
  room. ([\#13892](matrix-org/synapse#13892))

- Support a `dir` parameter on the `/relations` endpoint per
  [MSC3715](matrix-org/matrix-spec-proposals#3715). ([\#13920](matrix-org/synapse#13920))

- Ask mail servers receiving emails from Synapse to not send automatic
  replies (e.g. out-of-office
  responses). ([\#13957](matrix-org/synapse#13957))
@turt2live turt2live requested a review from a team February 28, 2023 02:30
@turt2live turt2live added this to Needs idea feedback / initial review in Spec Core Team Backlog via automation Feb 28, 2023
@turt2live turt2live moved this from Needs idea feedback / initial review to Proposed for FCP readiness in Spec Core Team Backlog Feb 28, 2023
@turt2live turt2live self-requested a review February 28, 2023 02:31
@turt2live turt2live requested a review from a team March 7, 2023 04:25
@turt2live
Copy link
Member

turt2live commented Mar 7, 2023

@matrix-org/security - authentication scares me: would you be able to take a look at this for technical design and security considerations please?

@matrix-org/spec-core-team - the author is looking for general technical design review on this one for the moment. It looks like there's also implementations provided: might be able to remove needs-implementation?

Correction: @matrix-org/spec-core-team - the author believes this is ready for FCP. Please review the MSC and implementation with that in mind, and @mscbot fcp merge if the MSC looks good to go.

proposals/3882-login-token-request.md Outdated Show resolved Hide resolved
proposals/3882-login-token-request.md Outdated Show resolved Hide resolved
Copy link
Member

@turt2live turt2live left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

overall seems fine enough to move forward: just a few things to touch up concurrent to FCP.

@mscbot fcp merge

proposals/3882-login-token-request.md Outdated Show resolved Hide resolved
proposals/3882-login-token-request.md Outdated Show resolved Hide resolved
proposals/3882-login-token-request.md Outdated Show resolved Hide resolved
@turt2live turt2live moved this from Proposed for FCP readiness to Ready for FCP ticks in Spec Core Team Backlog Mar 14, 2023
@turt2live
Copy link
Member

hmm, alright then.

@mscbot fcp merge

@mscbot mscbot added finished-final-comment-period and removed final-comment-period This MSC has entered a final comment period in interest to approval, postpone, or delete in 5 days. labels May 7, 2023
@turt2live turt2live merged commit ff99748 into main May 7, 2023
@turt2live turt2live added spec-pr-missing Proposal has been implemented and is being used in the wild but hasn't yet been added to the spec and removed finished-final-comment-period labels May 7, 2023
@turt2live turt2live moved this from In FCP to Requires spec writing in Spec Core Team Backlog May 7, 2023
turt2live added a commit to matrix-org/matrix-spec that referenced this pull request May 19, 2023
@turt2live turt2live self-assigned this May 19, 2023
@turt2live
Copy link
Member

Spec PR: matrix-org/matrix-spec#1530

@turt2live turt2live added spec-pr-in-review A proposal which has been PR'd against the spec and is in review and removed release-blocker spec-pr-missing Proposal has been implemented and is being used in the wild but hasn't yet been added to the spec labels May 19, 2023
@turt2live turt2live moved this from Requires spec writing to Requires spec PR review in Spec Core Team Backlog May 19, 2023
turt2live added a commit to matrix-org/matrix-spec that referenced this pull request May 23, 2023
* Specify MSC3882: Using an existing session to log in another

MSC: matrix-org/matrix-spec-proposals#3882

* Changelog entries

* Update data/api/client-server/login.yaml

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

* Link to endpoint

* Copy/paste `auth` dict definition

* Move get_token API to the correct version prefix (v1, not v3)

* Apply suggestions from code review

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>

---------

Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
@turt2live
Copy link
Member

Merged 🎉

@turt2live turt2live added merged A proposal whose PR has merged into the spec! and removed spec-pr-in-review A proposal which has been PR'd against the spec and is in review labels May 23, 2023
@turt2live turt2live moved this from Requires spec PR review to Done to some definition in Spec Core Team Backlog May 23, 2023
yingziwu added a commit to yingziwu/synapse that referenced this pull request Jun 22, 2023
Synapse 1.86.0 (2023-06-20)
===========================

No significant changes since 1.86.0rc2.

Synapse 1.86.0rc2 (2023-06-14)
==============================

Bugfixes
--------

- Fix an error when having workers of different versions running. ([\matrix-org#15774](matrix-org#15774))

Synapse 1.86.0rc1 (2023-06-13)
==============================

This version was tagged but never released.

Features
--------

- Stable support for [MSC3882](matrix-org/matrix-spec-proposals#3882) to allow an existing device/session to generate a login token for use on a new device/session. ([\matrix-org#15388](matrix-org#15388))
- Support resolving a room's [canonical alias](https://spec.matrix.org/v1.7/client-server-api/#mroomcanonical_alias) via the module API. ([\matrix-org#15450](matrix-org#15450))
- Enable support for [MSC3952](matrix-org/matrix-spec-proposals#3952): intentional mentions. ([\matrix-org#15520](matrix-org#15520))
- Experimental [MSC3861](matrix-org/matrix-spec-proposals#3861) support: delegate auth to an OIDC provider. ([\matrix-org#15582](matrix-org#15582))
- Add Synapse version deploy annotations to Grafana dashboard which enables easy correlation between behavior changes witnessed in a graph to a certain Synapse version and nail down regressions. ([\matrix-org#15674](matrix-org#15674))
- Add a catch-all * to the supported relation types when redacting an event and its related events. This is an update to [MSC3912](matrix-org/matrix-spec-proposals#3861) implementation. ([\matrix-org#15705](matrix-org#15705))
- Speed up `/messages` by backfilling in the background when there are no backward extremities where we are directly paginating. ([\matrix-org#15710](matrix-org#15710))
- Expose a metric reporting the database background update status. ([\matrix-org#15740](matrix-org#15740))

Bugfixes
--------

- Correctly clear caches when we delete a room. ([\matrix-org#15609](matrix-org#15609))
- Check permissions for enabling encryption earlier during room creation to avoid creating broken rooms. ([\matrix-org#15695](matrix-org#15695))

Improved Documentation
----------------------

- Simplify query to find participating servers in a room. ([\matrix-org#15732](matrix-org#15732))

Internal Changes
----------------

- Log when events are (maybe unexpectedly) filtered out of responses in tests. ([\matrix-org#14213](matrix-org#14213))
- Read from column `full_user_id` rather than `user_id` of tables `profiles` and `user_filters`. ([\matrix-org#15649](matrix-org#15649))
- Add support for tracing functions which return `Awaitable`s. ([\matrix-org#15650](matrix-org#15650))
- Cache requests for user's devices over federation. ([\matrix-org#15675](matrix-org#15675))
- Add fully qualified docker image names to Dockerfiles. ([\matrix-org#15689](matrix-org#15689))
- Remove some unused code. ([\matrix-org#15690](matrix-org#15690))
- Improve type hints. ([\matrix-org#15694](matrix-org#15694), [\matrix-org#15697](matrix-org#15697))
- Update docstring and traces on `maybe_backfill()` functions. ([\matrix-org#15709](matrix-org#15709))
- Add context for when/why to use the `long_retries` option when sending Federation requests. ([\matrix-org#15721](matrix-org#15721))
- Removed some unused fields. ([\matrix-org#15723](matrix-org#15723))
- Update federation error to more plainly explain we can only authorize our own membership events. ([\matrix-org#15725](matrix-org#15725))
- Prevent the `latest_deps` and `twisted_trunk` daily GitHub Actions workflows from running on forks of the codebase. ([\matrix-org#15726](matrix-org#15726))
- Improve performance of user directory search. ([\matrix-org#15729](matrix-org#15729))
- Remove redundant table join with `room_memberships` when doing a `is_host_joined()`/`is_host_invited()` call (`membership` is already part of the `current_state_events`). ([\matrix-org#15731](matrix-org#15731))
- Remove superfluous `room_memberships` join from background update. ([\matrix-org#15733](matrix-org#15733))
- Speed up typechecking CI. ([\matrix-org#15752](matrix-org#15752))
- Bump minimum supported Rust version to 1.60.0. ([\matrix-org#15768](matrix-org#15768))

* Bump importlib-metadata from 6.1.0 to 6.6.0. ([\matrix-org#15711](matrix-org#15711))
* Bump library/redis from 6-bullseye to 7-bullseye in /docker. ([\matrix-org#15712](matrix-org#15712))
* Bump log from 0.4.18 to 0.4.19. ([\matrix-org#15761](matrix-org#15761))
* Bump phonenumbers from 8.13.11 to 8.13.13. ([\matrix-org#15763](matrix-org#15763))
* Bump pyasn1 from 0.4.8 to 0.5.0. ([\matrix-org#15713](matrix-org#15713))
* Bump pydantic from 1.10.8 to 1.10.9. ([\matrix-org#15762](matrix-org#15762))
* Bump pyo3-log from 0.8.1 to 0.8.2. ([\matrix-org#15759](matrix-org#15759))
* Bump pyopenssl from 23.1.1 to 23.2.0. ([\matrix-org#15765](matrix-org#15765))
* Bump regex from 1.7.3 to 1.8.4. ([\matrix-org#15769](matrix-org#15769))
* Bump sentry-sdk from 1.22.1 to 1.25.0. ([\matrix-org#15714](matrix-org#15714))
* Bump sentry-sdk from 1.25.0 to 1.25.1. ([\matrix-org#15764](matrix-org#15764))
* Bump serde from 1.0.163 to 1.0.164. ([\matrix-org#15760](matrix-org#15760))
* Bump types-jsonschema from 4.17.0.7 to 4.17.0.8. ([\matrix-org#15716](matrix-org#15716))
* Bump types-pyopenssl from 23.1.0.2 to 23.2.0.0. ([\matrix-org#15766](matrix-org#15766))
* Bump types-requests from 2.31.0.0 to 2.31.0.1. ([\matrix-org#15715](matrix-org#15715))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jun 26, 2023
Synapse 1.86.0 (2023-06-20)
===========================

No significant changes since 1.86.0rc2.


Synapse 1.86.0rc2 (2023-06-14)
==============================

Bugfixes
--------

- Fix an error when having workers of different versions running. ([\#15774](matrix-org/synapse#15774))


Synapse 1.86.0rc1 (2023-06-13)
==============================

This version was tagged but never released.

Features
--------

- Stable support for [MSC3882](matrix-org/matrix-spec-proposals#3882) to allow an existing device/session to generate a login token for use on a new device/session. ([\#15388](matrix-org/synapse#15388))
- Support resolving a room's [canonical alias](https://spec.matrix.org/v1.7/client-server-api/#mroomcanonical_alias) via the module API. ([\#15450](matrix-org/synapse#15450))
- Enable support for [MSC3952](matrix-org/matrix-spec-proposals#3952): intentional mentions. ([\#15520](matrix-org/synapse#15520))
- Experimental [MSC3861](matrix-org/matrix-spec-proposals#3861) support: delegate auth to an OIDC provider. ([\#15582](matrix-org/synapse#15582))
- Add Synapse version deploy annotations to Grafana dashboard which enables easy correlation between behavior changes witnessed in a graph to a certain Synapse version and nail down regressions. ([\#15674](matrix-org/synapse#15674))
- Add a catch-all * to the supported relation types when redacting an event and its related events. This is an update to [MSC3912](matrix-org/matrix-spec-proposals#3861) implementation. ([\#15705](matrix-org/synapse#15705))
- Speed up `/messages` by backfilling in the background when there are no backward extremities where we are directly paginating. ([\#15710](matrix-org/synapse#15710))
- Expose a metric reporting the database background update status. ([\#15740](matrix-org/synapse#15740))


Bugfixes
--------

- Correctly clear caches when we delete a room. ([\#15609](matrix-org/synapse#15609))
- Check permissions for enabling encryption earlier during room creation to avoid creating broken rooms. ([\#15695](matrix-org/synapse#15695))


Improved Documentation
----------------------

- Simplify query to find participating servers in a room. ([\#15732](matrix-org/synapse#15732))


Internal Changes
----------------

- Log when events are (maybe unexpectedly) filtered out of responses in tests. ([\#14213](matrix-org/synapse#14213))
- Read from column `full_user_id` rather than `user_id` of tables `profiles` and `user_filters`. ([\#15649](matrix-org/synapse#15649))
- Add support for tracing functions which return `Awaitable`s. ([\#15650](matrix-org/synapse#15650))
- Cache requests for user's devices over federation. ([\#15675](matrix-org/synapse#15675))
- Add fully qualified docker image names to Dockerfiles. ([\#15689](matrix-org/synapse#15689))
- Remove some unused code. ([\#15690](matrix-org/synapse#15690))
- Improve type hints. ([\#15694](matrix-org/synapse#15694), [\#15697](matrix-org/synapse#15697))
- Update docstring and traces on `maybe_backfill()` functions. ([\#15709](matrix-org/synapse#15709))
- Add context for when/why to use the `long_retries` option when sending Federation requests. ([\#15721](matrix-org/synapse#15721))
- Removed some unused fields. ([\#15723](matrix-org/synapse#15723))
- Update federation error to more plainly explain we can only authorize our own membership events. ([\#15725](matrix-org/synapse#15725))
- Prevent the `latest_deps` and `twisted_trunk` daily GitHub Actions workflows from running on forks of the codebase. ([\#15726](matrix-org/synapse#15726))
- Improve performance of user directory search. ([\#15729](matrix-org/synapse#15729))
- Remove redundant table join with `room_memberships` when doing a `is_host_joined()`/`is_host_invited()` call (`membership` is already part of the `current_state_events`). ([\#15731](matrix-org/synapse#15731))
- Remove superfluous `room_memberships` join from background update. ([\#15733](matrix-org/synapse#15733))
- Speed up typechecking CI. ([\#15752](matrix-org/synapse#15752))
- Bump minimum supported Rust version to 1.60.0. ([\#15768](matrix-org/synapse#15768))

### Updates to locked dependencies

* Bump importlib-metadata from 6.1.0 to 6.6.0. ([\#15711](matrix-org/synapse#15711))
* Bump library/redis from 6-bullseye to 7-bullseye in /docker. ([\#15712](matrix-org/synapse#15712))
* Bump log from 0.4.18 to 0.4.19. ([\#15761](matrix-org/synapse#15761))
* Bump phonenumbers from 8.13.11 to 8.13.13. ([\#15763](matrix-org/synapse#15763))
* Bump pyasn1 from 0.4.8 to 0.5.0. ([\#15713](matrix-org/synapse#15713))
* Bump pydantic from 1.10.8 to 1.10.9. ([\#15762](matrix-org/synapse#15762))
* Bump pyo3-log from 0.8.1 to 0.8.2. ([\#15759](matrix-org/synapse#15759))
* Bump pyopenssl from 23.1.1 to 23.2.0. ([\#15765](matrix-org/synapse#15765))
* Bump regex from 1.7.3 to 1.8.4. ([\#15769](matrix-org/synapse#15769))
* Bump sentry-sdk from 1.22.1 to 1.25.0. ([\#15714](matrix-org/synapse#15714))
* Bump sentry-sdk from 1.25.0 to 1.25.1. ([\#15764](matrix-org/synapse#15764))
* Bump serde from 1.0.163 to 1.0.164. ([\#15760](matrix-org/synapse#15760))
* Bump types-jsonschema from 4.17.0.7 to 4.17.0.8. ([\#15716](matrix-org/synapse#15716))
* Bump types-pyopenssl from 23.1.0.2 to 23.2.0.0. ([\#15766](matrix-org/synapse#15766))
* Bump types-requests from 2.31.0.0 to 2.31.0.1. ([\#15715](matrix-org/synapse#15715))

Synapse 1.85.2 (2023-06-08)
===========================

Bugfixes
--------

- Fix regression where using TLS for HTTP replication between workers did not work. Introduced in v1.85.0. ([\#15746](matrix-org/synapse#15746))


Synapse 1.85.1 (2023-06-07)
===========================

Note: this release only fixes a bug that stopped some deployments from upgrading to v1.85.0. There is no need to upgrade to v1.85.1 if successfully running v1.85.0.

Bugfixes
--------

- Fix bug in schema delta that broke upgrades for some deployments. Introduced in v1.85.0. ([\#15738](matrix-org/synapse#15738), [\#15739](matrix-org/synapse#15739))


Synapse 1.85.0 (2023-06-06)
===========================

No significant changes since 1.85.0rc2.


## Security advisory

The following issues are fixed in 1.85.0 (and RCs).

- [GHSA-26c5-ppr8-f33p](GHSA-26c5-ppr8-f33p) / [CVE-2023-32682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32682) — Low Severity

  It may be possible for a deactivated user to login when using uncommon configurations.

- [GHSA-98px-6486-j7qc](GHSA-98px-6486-j7qc) / [CVE-2023-32683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32683) — Low Severity

  A discovered oEmbed or image URL can bypass the `url_preview_url_blacklist` setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the `url_preview_ip_range_blacklist` setting (by default this only allows public IPs).

See the advisories for more details. If you have any questions, email security@matrix.org.


Synapse 1.85.0rc2 (2023-06-01)
==============================

Bugfixes
--------

- Fix a performance issue introduced in Synapse v1.83.0 which meant that purging rooms was very slow and database-intensive. ([\#15693](matrix-org/synapse#15693))


Deprecations and Removals
-------------------------

- Deprecate calling the `/register` endpoint with an unspecced `user` property for application services. ([\#15703](matrix-org/synapse#15703))


Internal Changes
----------------

- Speed up background jobs `populate_full_user_id_user_filters` and `populate_full_user_id_profiles`. ([\#15700](matrix-org/synapse#15700))


Synapse 1.85.0rc1 (2023-05-30)
==============================

Features
--------

- Improve performance of backfill requests by performing backfill of previously failed requests in the background. ([\#15585](matrix-org/synapse#15585))
- Add a new [admin API](https://matrix-org.github.io/synapse/v1.85/usage/administration/admin_api/index.html) to [create a new device for a user](https://matrix-org.github.io/synapse/v1.85/admin_api/user_admin_api.html#create-a-device). ([\#15611](matrix-org/synapse#15611))
- Add Unix socket support for Redis connections. Contributed by Jason Little. ([\#15644](matrix-org/synapse#15644))


Bugfixes
--------

- Fix a long-standing bug where setting the read marker could fail when using message retention. Contributed by Nick @ Beeper (@Fizzadar). ([\#15464](matrix-org/synapse#15464))
- Fix a long-standing bug where the `url_preview_url_blacklist` configuration setting was not applied to oEmbed or image URLs found while previewing a URL. ([\#15601](matrix-org/synapse#15601))
- Fix a long-standing bug where filters with multiple backslashes were rejected. ([\#15607](matrix-org/synapse#15607))
- Fix a bug introduced in Synapse 1.82.0 where the error message displayed when validation of the `app_service_config_files` config option fails would be incorrectly formatted. ([\#15614](matrix-org/synapse#15614))
- Fix a long-standing bug where deactivated users were still able to login using the custom `org.matrix.login.jwt` login type (if enabled). ([\#15624](matrix-org/synapse#15624))
- Fix a long-standing bug where deactivated users were able to login in uncommon situations. ([\#15634](matrix-org/synapse#15634))


Improved Documentation
----------------------

- Warn users that at least 3.75GB of space is needed for the nix Synapse development environment. ([\#15613](matrix-org/synapse#15613))
- Remove outdated comment from the generated and sample homeserver log configs. ([\#15648](matrix-org/synapse#15648))
- Improve contributor docs to make it more clear that Rust is a necessary prerequisite. Contributed by @grantm. ([\#15668](matrix-org/synapse#15668))


Deprecations and Removals
-------------------------

- Remove the old version of the R30 (30-day retained users) phone-home metric. ([\#10428](matrix-org/synapse#10428))


Internal Changes
----------------

- Create dependabot changelogs at release time. ([\#15481](matrix-org/synapse#15481))
- Add not null constraint to column `full_user_id` of tables `profiles` and `user_filters`. ([\#15537](matrix-org/synapse#15537))
- Allow connecting to HTTP Replication Endpoints by using `worker_name` when constructing the request. ([\#15578](matrix-org/synapse#15578))
- Make the `thread_id` column on `event_push_actions`, `event_push_actions_staging`, and `event_push_summary` non-null. ([\#15597](matrix-org/synapse#15597))
- Run mypy type checking with the minimum supported Python version to catch new usage that isn't backwards-compatible. ([\#15602](matrix-org/synapse#15602))
- Fix subscriptable type usage in Python <3.9. ([\#15604](matrix-org/synapse#15604))
- Update internal terminology. ([\#15606](matrix-org/synapse#15606), [\#15620](matrix-org/synapse#15620))
- Instrument `state` and `state_group` storage-related operations to better picture what's happening when tracing. ([\#15610](matrix-org/synapse#15610), [\#15647](matrix-org/synapse#15647))
- Trace how many new events from the backfill response we need to process. ([\#15633](matrix-org/synapse#15633))
- Re-type config paths in `ConfigError`s to be `StrSequence`s instead of `Iterable[str]`s. ([\#15615](matrix-org/synapse#15615))
- Update Mutual Rooms ([MSC2666](matrix-org/matrix-spec-proposals#2666)) implementation to match new proposal text. ([\#15621](matrix-org/synapse#15621))
- Remove the unstable identifiers from faster joins ([MSC3706](matrix-org/matrix-spec-proposals#3706)). ([\#15625](matrix-org/synapse#15625))
- Fix the olddeps CI. ([\#15626](matrix-org/synapse#15626))
- Remove duplicate timestamp from test logs (`_trial_temp/test.log`). ([\#15636](matrix-org/synapse#15636))
- Fix two memory leaks in `trial` test runs. ([\#15630](matrix-org/synapse#15630))
- Limit the size of the `HomeServerConfig` cache in trial test runs. ([\#15646](matrix-org/synapse#15646))
- Improve type hints. ([\#15658](matrix-org/synapse#15658), [\#15659](matrix-org/synapse#15659))
- Add requesting user id parameter to key claim methods in `TransportLayerClient`. ([\#15663](matrix-org/synapse#15663))
- Speed up rebuilding of the user directory for local users. ([\#15665](matrix-org/synapse#15665))
- Implement "option 2" for [MSC3820](matrix-org/matrix-spec-proposals#3820): Room version 11. ([\#15666](matrix-org/synapse#15666), [\#15678](matrix-org/synapse#15678))

### Updates to locked dependencies

* Bump furo from 2023.3.27 to 2023.5.20. ([\#15642](matrix-org/synapse#15642))
* Bump log from 0.4.17 to 0.4.18. ([\#15681](matrix-org/synapse#15681))
* Bump prometheus-client from 0.16.0 to 0.17.0. ([\#15682](matrix-org/synapse#15682))
* Bump pydantic from 1.10.7 to 1.10.8. ([\#15685](matrix-org/synapse#15685))
* Bump pygithub from 1.58.1 to 1.58.2. ([\#15643](matrix-org/synapse#15643))
* Bump requests from 2.28.2 to 2.31.0. ([\#15651](matrix-org/synapse#15651))
* Bump sphinx from 6.1.3 to 6.2.1. ([\#15641](matrix-org/synapse#15641))
* Bump types-bleach from 6.0.0.1 to 6.0.0.3. ([\#15686](matrix-org/synapse#15686))
* Bump types-pillow from 9.5.0.2 to 9.5.0.4. ([\#15640](matrix-org/synapse#15640))
* Bump types-pyyaml from 6.0.12.9 to 6.0.12.10. ([\#15683](matrix-org/synapse#15683))
* Bump types-requests from 2.30.0.0 to 2.31.0.0. ([\#15684](matrix-org/synapse#15684))
* Bump types-setuptools from 67.7.0.2 to 67.8.0.0. ([\#15639](matrix-org/synapse#15639))

Synapse 1.84.1 (2023-05-26)
===========================

This patch release fixes a major issue with homeservers that do not have an `instance_map` defined but which do use workers.
If you have already upgraded to Synapse 1.84.0 and your homeserver is working normally, then there is no need to update to this patch release.


Bugfixes
--------

- Fix a bug introduced in Synapse v1.84.0 where workers do not start up when no `instance_map` was provided. ([\#15672](matrix-org/synapse#15672))


Internal Changes
----------------

- Add `dch` and `notify-send` to the development Nix flake so that the release script can be used. ([\#15673](matrix-org/synapse#15673))


Synapse 1.84.0 (2023-05-23)
===========================

The `worker_replication_*` configuration settings have been deprecated in favour of configuring the main process consistently with other instances in the `instance_map`. The deprecated settings will be removed in Synapse v1.88.0, but changing your configuration in advance is recommended. See the [upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840) for more information.

Bugfixes
--------

- Fix a bug introduced in Synapse 1.84.0rc1 where errors during startup were not reported correctly on Python < 3.10. ([\#15599](matrix-org/synapse#15599))


Synapse 1.84.0rc1 (2023-05-16)
==============================

Features
--------

- Add an option to prevent media downloads from configured domains. ([\#15197](matrix-org/synapse#15197))
- Add `forget_rooms_on_leave` config option to automatically forget rooms when users leave them or are removed from them. ([\#15224](matrix-org/synapse#15224))
- Add redis TLS configuration options. ([\#15312](matrix-org/synapse#15312))
- Add a config option to delay push notifications by a random amount, to discourage time-based profiling. ([\#15516](matrix-org/synapse#15516))
- Stabilize support for [MSC2659](matrix-org/matrix-spec-proposals#2659): application service ping endpoint. Contributed by Tulir @ Beeper. ([\#15528](matrix-org/synapse#15528))
- Implement [MSC4009](matrix-org/matrix-spec-proposals#4009) to expand the supported characters in Matrix IDs. ([\#15536](matrix-org/synapse#15536))
- Advertise support for Matrix 1.6 on `/_matrix/client/versions`. ([\#15559](matrix-org/synapse#15559))
- Print full error and stack-trace of any exception that occurs during startup/initialization. ([\#15569](matrix-org/synapse#15569))


Bugfixes
--------

- Don't fail on federation over TOR where SRV queries are not supported. Contributed by Zdzichu. ([\#15523](matrix-org/synapse#15523))
- Experimental support for [MSC4010](matrix-org/matrix-spec-proposals#4010) which rejects setting the `"m.push_rules"` via account data. ([\#15554](matrix-org/synapse#15554), [\#15555](matrix-org/synapse#15555))
- Fix a long-standing bug where an invalid membership event could cause an internal server error. ([\#15564](matrix-org/synapse#15564))
- Require at least poetry-core v1.1.0. ([\#15566](matrix-org/synapse#15566), [\#15571](matrix-org/synapse#15571))


Deprecations and Removals
-------------------------

- Remove need for `worker_replication_*` based settings in worker configuration yaml by placing this data directly on the `instance_map` instead. ([\#15491](matrix-org/synapse#15491))


Updates to the Docker image
---------------------------

- Add pkg-config package to Stage 0 to be able to build Dockerfile on ppc64le architecture. ([\#15567](matrix-org/synapse#15567))


Improved Documentation
----------------------

- Clarify documentation of the "Create or modify account" Admin API. ([\#15544](matrix-org/synapse#15544))
- Fix path to the `statistics/database/rooms` admin API in documentation. ([\#15560](matrix-org/synapse#15560))
- Update and improve Mastodon Single Sign-On documentation. ([\#15587](matrix-org/synapse#15587))


Internal Changes
----------------

- Use oEmbed to generate URL previews for YouTube Shorts. ([\#15025](matrix-org/synapse#15025))
- Create new `Client` for use with HTTP Replication between workers. Contributed by Jason Little. ([\#15470](matrix-org/synapse#15470))
- Bump pyicu from 2.10.2 to 2.11. ([\#15509](matrix-org/synapse#15509))
- Remove references to supporting per-user flag for [MSC2654](matrix-org/matrix-spec-proposals#2654). ([\#15522](matrix-org/synapse#15522))
- Don't use a trusted key server when running the demo scripts. ([\#15527](matrix-org/synapse#15527))
- Speed up rebuilding of the user directory for local users. ([\#15529](matrix-org/synapse#15529))
- Speed up deleting of old rows in `event_push_actions`. ([\#15531](matrix-org/synapse#15531))
- Install the `xmlsec` and `mdbook` packages and switch back to the upstream [cachix/devenv](https://github.com/cachix/devenv) repo in the nix development environment. ([\#15532](matrix-org/synapse#15532), [\#15533](matrix-org/synapse#15533), [\#15545](matrix-org/synapse#15545))
- Implement [MSC3987](matrix-org/matrix-spec-proposals#3987) by removing `"dont_notify"` from the list of actions in default push rules. ([\#15534](matrix-org/synapse#15534))
- Move various module API callback registration methods to a dedicated class. ([\#15535](matrix-org/synapse#15535))
- Proxy `/user/devices` federation queries to application services for [MSC3984](matrix-org/matrix-spec-proposals#3984). ([\#15539](matrix-org/synapse#15539))
- Factor out an `is_mine_server_name` method. ([\#15542](matrix-org/synapse#15542))
- Allow running Complement tests using [podman](https://podman.io/) by adding a `PODMAN` environment variable to `scripts-dev/complement.sh`. ([\#15543](matrix-org/synapse#15543))
- Bump serde from 1.0.160 to 1.0.162. ([\#15548](matrix-org/synapse#15548))
- Bump types-setuptools from 67.6.0.5 to 67.7.0.1. ([\#15549](matrix-org/synapse#15549))
- Bump sentry-sdk from 1.19.1 to 1.22.1. ([\#15550](matrix-org/synapse#15550))
- Bump ruff from 0.0.259 to 0.0.265. ([\#15551](matrix-org/synapse#15551))
- Bump hiredis from 2.2.2 to 2.2.3. ([\#15552](matrix-org/synapse#15552))
- Bump types-requests from 2.29.0.0 to 2.30.0.0. ([\#15553](matrix-org/synapse#15553))
- Add `org.matrix.msc3981` info to `/_matrix/client/versions`. ([\#15558](matrix-org/synapse#15558))
- Declare unstable support for [MSC3391](matrix-org/matrix-spec-proposals#3391) under `/_matrix/client/versions` if the experimental implementation is enabled. ([\#15562](matrix-org/synapse#15562))
- Implement [MSC3821](matrix-org/matrix-spec-proposals#3821) to update the redaction rules. ([\#15563](matrix-org/synapse#15563))
- Implement updated redaction rules from [MSC3389](matrix-org/matrix-spec-proposals#3389). ([\#15565](matrix-org/synapse#15565))
- Allow `pip install` to use setuptools_rust 1.6.0 when building Synapse. ([\#15570](matrix-org/synapse#15570))
- Deal with upcoming Github Actions deprecations. ([\#15576](matrix-org/synapse#15576))
- Export `run_as_background_process` from the module API. ([\#15577](matrix-org/synapse#15577))
- Update build system requirements to allow building with poetry-core==1.6.0. ([\#15588](matrix-org/synapse#15588))
- Bump serde from 1.0.162 to 1.0.163. ([\#15589](matrix-org/synapse#15589))
- Bump phonenumbers from 8.13.7 to 8.13.11. ([\#15590](matrix-org/synapse#15590))
- Bump types-psycopg2 from 2.9.21.9 to 2.9.21.10. ([\#15591](matrix-org/synapse#15591))
- Bump types-commonmark from 0.9.2.2 to 0.9.2.3. ([\#15592](matrix-org/synapse#15592))
- Bump types-setuptools from 67.7.0.1 to 67.7.0.2. ([\#15594](matrix-org/synapse#15594))


Synapse 1.83.0 (2023-05-09)
===========================

No significant changes since 1.83.0rc1.


Synapse 1.83.0rc1 (2023-05-02)
==============================

Features
--------

- Experimental support to recursively provide relations per [MSC3981](matrix-org/matrix-spec-proposals#3981). ([\#15315](matrix-org/synapse#15315))
- Experimental support for [MSC3970](matrix-org/matrix-spec-proposals#3970): Scope transaction IDs to devices. ([\#15318](matrix-org/synapse#15318))
- Add an [admin API endpoint](https://matrix-org.github.io/synapse/v1.83/admin_api/experimental_features.html) to support per-user feature flags. ([\#15344](matrix-org/synapse#15344))
- Add a module API to send an HTTP push notification. ([\#15387](matrix-org/synapse#15387))
- Add an [admin API endpoint](https://matrix-org.github.io/synapse/v1.83/admin_api/statistics.html#get-largest-rooms-by-size-in-database) to query the largest rooms by disk space used in the database. ([\#15482](matrix-org/synapse#15482))


Bugfixes
--------

- Disable push rule evaluation for rooms excluded from sync. ([\#15361](matrix-org/synapse#15361))
- Fix a long-standing bug where cached server key results which were directly fetched would not be properly re-used. ([\#15417](matrix-org/synapse#15417))
- Fix a bug introduced in Synapse 1.73.0 where some experimental push rules were returned by default. ([\#15494](matrix-org/synapse#15494))


Improved Documentation
----------------------

- Add Nginx loadbalancing example with sticky mxid for workers. ([\#15411](matrix-org/synapse#15411))
- Update outdated development docs that mention restrictions in versions of SQLite that we no longer support. ([\#15498](matrix-org/synapse#15498))


Internal Changes
----------------

- Speedup tests by caching HomeServerConfig instances. ([\#15284](matrix-org/synapse#15284))
- Add denormalised event stream ordering column to membership state tables for future use. Contributed by Nick @ Beeper (@Fizzadar). ([\#15356](matrix-org/synapse#15356))
- Always use multi-user device resync replication endpoints. ([\#15418](matrix-org/synapse#15418))
- Add column `full_user_id` to tables `profiles` and `user_filters`. ([\#15458](matrix-org/synapse#15458))
- Update support for [MSC3983](matrix-org/matrix-spec-proposals#3983) to allow always returning fallback-keys in a `/keys/claim` request. ([\#15462](matrix-org/synapse#15462))
- Improve type hints. ([\#15465](matrix-org/synapse#15465), [\#15496](matrix-org/synapse#15496), [\#15497](matrix-org/synapse#15497))
- Support claiming more than one OTK at a time. ([\#15468](matrix-org/synapse#15468))
- Bump types-pyyaml from 6.0.12.8 to 6.0.12.9. ([\#15471](matrix-org/synapse#15471))
- Bump pyasn1-modules from 0.2.8 to 0.3.0. ([\#15473](matrix-org/synapse#15473))
- Bump cryptography from 40.0.1 to 40.0.2. ([\#15474](matrix-org/synapse#15474))
- Bump types-netaddr from 0.8.0.7 to 0.8.0.8. ([\#15475](matrix-org/synapse#15475))
- Bump types-jsonschema from 4.17.0.6 to 4.17.0.7. ([\#15476](matrix-org/synapse#15476))
- Ask bug reporters to provide logs as text. ([\#15479](matrix-org/synapse#15479))
- Add a Nix flake for use as a development environment. ([\#15495](matrix-org/synapse#15495))
- Bump anyhow from 1.0.70 to 1.0.71. ([\#15507](matrix-org/synapse#15507))
- Bump types-pillow from 9.4.0.19 to 9.5.0.2. ([\#15508](matrix-org/synapse#15508))
- Bump packaging from 23.0 to 23.1. ([\#15510](matrix-org/synapse#15510))
- Bump types-requests from 2.28.11.16 to 2.29.0.0. ([\#15511](matrix-org/synapse#15511))
- Bump setuptools-rust from 1.5.2 to 1.6.0. ([\#15512](matrix-org/synapse#15512))
- Update the check_schema_delta script to account for when the schema version has been bumped locally. ([\#15466](matrix-org/synapse#15466))


Synapse 1.82.0 (2023-04-25)
===========================

No significant changes since 1.82.0rc1.


Synapse 1.82.0rc1 (2023-04-18)
==============================

Features
--------

- Allow loading the `/directory/room/{roomAlias}` endpoint on workers. ([\#15333](matrix-org/synapse#15333))
- Add some validation to `instance_map` configuration loading. ([\#15431](matrix-org/synapse#15431))
- Allow loading the `/capabilities` endpoint on workers. ([\#15436](matrix-org/synapse#15436))


Bugfixes
--------

- Delete server-side backup keys when deactivating an account. ([\#15181](matrix-org/synapse#15181))
- Fix and document untold assumption that `on_logged_out` module hooks will be called before the deletion of pushers. ([\#15410](matrix-org/synapse#15410))
- Improve robustness when handling a perspective key response by deduplicating received server keys. ([\#15423](matrix-org/synapse#15423))
- Synapse now correctly fails to start if the config option `app_service_config_files` is not a list. ([\#15425](matrix-org/synapse#15425))
- Disable loading `RefreshTokenServlet` (`/_matrix/client/(r0|v3|unstable)/refresh`) on workers. ([\#15428](matrix-org/synapse#15428))


Improved Documentation
----------------------

- Note that the `delete_stale_devices_after` background job always runs on the main process. ([\#15452](matrix-org/synapse#15452))


Deprecations and Removals
-------------------------

- Remove the broken, unspecced registration fallback. Note that the *login* fallback is unaffected by this change. ([\#15405](matrix-org/synapse#15405))


Internal Changes
----------------

- Bump black from 23.1.0 to 23.3.0. ([\#15372](matrix-org/synapse#15372))
- Bump pyopenssl from 23.1.0 to 23.1.1. ([\#15373](matrix-org/synapse#15373))
- Bump types-psycopg2 from 2.9.21.8 to 2.9.21.9. ([\#15374](matrix-org/synapse#15374))
- Bump types-netaddr from 0.8.0.6 to 0.8.0.7. ([\#15375](matrix-org/synapse#15375))
- Bump types-opentracing from 2.4.10.3 to 2.4.10.4. ([\#15376](matrix-org/synapse#15376))
- Bump dawidd6/action-download-artifact from 2.26.0 to 2.26.1. ([\#15404](matrix-org/synapse#15404))
- Bump parameterized from 0.8.1 to 0.9.0. ([\#15412](matrix-org/synapse#15412))
- Bump types-pillow from 9.4.0.17 to 9.4.0.19. ([\#15413](matrix-org/synapse#15413))
- Bump sentry-sdk from 1.17.0 to 1.19.1. ([\#15414](matrix-org/synapse#15414))
- Bump immutabledict from 2.2.3 to 2.2.4. ([\#15415](matrix-org/synapse#15415))
- Bump dawidd6/action-download-artifact from 2.26.1 to 2.27.0. ([\#15441](matrix-org/synapse#15441))
- Bump serde_json from 1.0.95 to 1.0.96. ([\#15442](matrix-org/synapse#15442))
- Bump serde from 1.0.159 to 1.0.160. ([\#15443](matrix-org/synapse#15443))
- Bump pillow from 9.4.0 to 9.5.0. ([\#15444](matrix-org/synapse#15444))
- Bump furo from 2023.3.23 to 2023.3.27. ([\#15445](matrix-org/synapse#15445))
- Bump types-pyopenssl from 23.1.0.0 to 23.1.0.2. ([\#15446](matrix-org/synapse#15446))
- Bump mypy from 1.0.0 to 1.0.1. ([\#15447](matrix-org/synapse#15447))
- Bump psycopg2 from 2.9.5 to 2.9.6. ([\#15448](matrix-org/synapse#15448))
- Improve DB performance of clearing out old data from `stream_ordering_to_exterm`. ([\#15382](matrix-org/synapse#15382), [\#15429](matrix-org/synapse#15429))
- Implement [MSC3989](matrix-org/matrix-spec-proposals#3989) redaction algorithm. ([\#15393](matrix-org/synapse#15393))
- Implement [MSC2175](matrix-org/matrix-spec-proposals#2175) to stop adding `creator` to create events. ([\#15394](matrix-org/synapse#15394))
- Implement [MSC2174](matrix-org/matrix-spec-proposals#2174) to move the `redacts` key to a `content` property. ([\#15395](matrix-org/synapse#15395))
- Trust dtonlay/rust-toolchain in CI. ([\#15406](matrix-org/synapse#15406))
- Explicitly install Synapse during typechecking in CI. ([\#15409](matrix-org/synapse#15409))
- Only load the SSO redirect servlet if SSO is enabled. ([\#15421](matrix-org/synapse#15421))
- Refactor `SimpleHttpClient` to pull out a base class. ([\#15427](matrix-org/synapse#15427))
- Improve type hints. ([\#15432](matrix-org/synapse#15432))
- Convert async to normal tests in `TestSSOHandler`. ([\#15433](matrix-org/synapse#15433))
- Speed up the user directory background update. ([\#15435](matrix-org/synapse#15435))
- Disable directory listing for static resources in `/_matrix/static/`. ([\#15438](matrix-org/synapse#15438))
- Move various module API callback registration methods to a dedicated class. ([\#15453](matrix-org/synapse#15453))


Synapse 1.81.0 (2023-04-11)
===========================

Synapse now attempts the versioned appservice paths before falling back to the
[legacy paths](https://spec.matrix.org/v1.6/application-service-api/#legacy-routes).
Usage of the legacy routes should be considered deprecated.

Additionally, Synapse has supported sending the application service access token
via [the `Authorization` header](https://spec.matrix.org/v1.6/application-service-api/#authorization)
since v1.70.0. For backwards compatibility it is *also* sent as the `access_token`
query parameter. This is insecure and should be considered deprecated.

A future version of Synapse (v1.88.0 or later) will remove support for legacy
application service routes and query parameter authorization.


No significant changes since 1.81.0rc2.


Synapse 1.81.0rc2 (2023-04-06)
==============================

Bugfixes
--------

- Fix the `set_device_id_for_pushers_txn` background update crash. ([\#15391](matrix-org/synapse#15391))


Internal Changes
----------------

- Update CI to run complement under the latest stable go version. ([\#15403](matrix-org/synapse#15403))


Synapse 1.81.0rc1 (2023-04-04)
==============================

Features
--------

- Add the ability to enable/disable registrations when in the OIDC flow. ([\#14978](matrix-org/synapse#14978))
- Add a primitive helper script for listing worker endpoints. ([\#15243](matrix-org/synapse#15243))
- Experimental support for passing One Time Key and device key requests to application services ([MSC3983](matrix-org/matrix-spec-proposals#3983) and [MSC3984](matrix-org/matrix-spec-proposals#3984)). ([\#15314](matrix-org/synapse#15314), [\#15321](matrix-org/synapse#15321))
- Allow loading `/password_policy` endpoint on workers. ([\#15331](matrix-org/synapse#15331))
- Add experimental support for Unix sockets. Contributed by Jason Little. ([\#15353](matrix-org/synapse#15353))
- Build Debian packages for Ubuntu 23.04 (Lunar Lobster). ([\#15381](matrix-org/synapse#15381))


Bugfixes
--------

- Fix a long-standing bug where edits of non-`m.room.message` events would not be correctly bundled. ([\#15295](matrix-org/synapse#15295))
- Fix a bug introduced in Synapse v1.55.0 which could delay remote homeservers being able to decrypt encrypted messages sent by local users. ([\#15297](matrix-org/synapse#15297))
- Add a check to [SQLite port_db script](https://matrix-org.github.io/synapse/latest/postgres.html#porting-from-sqlite)
  to ensure that the sqlite database passed to the script exists before trying to port from it. ([\#15306](matrix-org/synapse#15306))
- Fix a bug introduced in Synapse 1.76.0 where responses from worker deployments could include an internal `_INT_STREAM_POS` key. ([\#15309](matrix-org/synapse#15309))
- Fix a long-standing bug that Synpase only used the [legacy appservice routes](https://spec.matrix.org/v1.6/application-service-api/#legacy-routes). ([\#15317](matrix-org/synapse#15317))
- Fix a long-standing bug preventing users from rejoining rooms after being banned and unbanned over federation. Contributed by Nico. ([\#15323](matrix-org/synapse#15323))
- Fix bug in worker mode where on a rolling restart of workers the "typing" worker would consume 100% CPU until it got restarted. ([\#15332](matrix-org/synapse#15332))
- Fix a long-standing bug where some to_device messages could be dropped when using workers. ([\#15349](matrix-org/synapse#15349))
- Fix a bug introduced in Synapse 1.70.0 where the background sync from a faster join could spin for hours when one of the events involved had been marked for backoff. ([\#15351](matrix-org/synapse#15351))
- Fix missing app variable in mail subject for password resets. Contributed by Cyberes. ([\#15352](matrix-org/synapse#15352))
- Fix a rare bug introduced in Synapse 1.66.0 where initial syncs would fail when the user had been kicked from a faster joined room that had not finished syncing. ([\#15383](matrix-org/synapse#15383))


Improved Documentation
----------------------

- Fix a typo in login requests ratelimit defaults. ([\#15341](matrix-org/synapse#15341))
- Add some clarification to the doc/comments regarding TCP replication. ([\#15354](matrix-org/synapse#15354))
- Note that Synapse 1.74 queued a rebuild of the user directory tables. ([\#15386](matrix-org/synapse#15386))


Internal Changes
----------------

- Use `immutabledict` instead of `frozendict`. ([\#15113](matrix-org/synapse#15113))
- Add developer documentation for the Federation Sender and add a documentation mechanism using Sphinx. ([\#15265](matrix-org/synapse#15265), [\#15336](matrix-org/synapse#15336))
- Make the pushers rely on the `device_id` instead of the `access_token_id` for various operations. ([\#15280](matrix-org/synapse#15280))
- Bump sentry-sdk from 1.15.0 to 1.17.0. ([\#15285](matrix-org/synapse#15285))
- Allow running the Twisted trunk job against other branches. ([\#15302](matrix-org/synapse#15302))
- Remind the releaser to ask for changelog feedback in [#synapse-dev](https://matrix.to/#/#synapse-dev:matrix.org). ([\#15303](matrix-org/synapse#15303))
- Bump dtolnay/rust-toolchain from e12eda571dc9a5ee5d58eecf4738ec291c66f295 to fc3253060d0c959bea12a59f10f8391454a0b02d. ([\#15304](matrix-org/synapse#15304))
- Reject events with an invalid "mentions" property per [MSC3952](matrix-org/matrix-spec-proposals#3952). ([\#15311](matrix-org/synapse#15311))
- As an optimisation, use `TRUNCATE` on Postgres when clearing the user directory tables. ([\#15316](matrix-org/synapse#15316))
- Fix `.gitignore` rule for the Complement source tarball downloaded automatically by `complement.sh`. ([\#15319](matrix-org/synapse#15319))
- Bump serde from 1.0.157 to 1.0.158. ([\#15324](matrix-org/synapse#15324))
- Bump regex from 1.7.1 to 1.7.3. ([\#15325](matrix-org/synapse#15325))
- Bump types-pyopenssl from 23.0.0.4 to 23.1.0.0. ([\#15326](matrix-org/synapse#15326))
- Bump furo from 2022.12.7 to 2023.3.23. ([\#15327](matrix-org/synapse#15327))
- Bump ruff from 0.0.252 to 0.0.259. ([\#15328](matrix-org/synapse#15328))
- Bump cryptography from 40.0.0 to 40.0.1. ([\#15329](matrix-org/synapse#15329))
- Bump mypy-zope from 0.9.0 to 0.9.1. ([\#15330](matrix-org/synapse#15330))
- Speed up unit tests when using SQLite3. ([\#15334](matrix-org/synapse#15334))
- Speed up pydantic CI job. ([\#15339](matrix-org/synapse#15339))
- Speed up sample config CI job. ([\#15340](matrix-org/synapse#15340))
- Fix copyright year in SSO footer template. ([\#15358](matrix-org/synapse#15358))
- Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3. ([\#15369](matrix-org/synapse#15369))
- Bump serde from 1.0.158 to 1.0.159. ([\#15370](matrix-org/synapse#15370))
- Bump serde_json from 1.0.94 to 1.0.95. ([\#15371](matrix-org/synapse#15371))
- Speed up membership queries for users with forgotten rooms. ([\#15385](matrix-org/synapse#15385))
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
client-server Client-Server API kind:maintenance MSC which clarifies/updates existing spec merged A proposal whose PR has merged into the spec! proposal A matrix spec change proposal
Projects
Status: Done to some definition
Spec Core Team Backlog
  
Done to some definition
Development

Successfully merging this pull request may close these issues.

None yet

7 participants