Releases: t2bot/matrix-media-repo
Releases · t2bot/matrix-media-repo
v1.2.8
v1.2.7
Security advisories
This release includes a fix for CVE-2021-29453.
Server administrators are recommended to upgrade as soon as possible. This issue is considered to be exploited in the wild
due to some deployments being affected unexpectedly.
Added
- Added support for structured logging (JSON).
Changed
- Turned color-coded logs off by default. This can be changed in the config.
Fixed
- Fixed memory exhaustion when thumbnailing maliciously crafted images.
v1.2.6
v1.2.5
Added
- Added a
-verify
mode to imports to determine if large imports were successful. - Added optional support for Sentry (error reporting).
Changed
Content-Disposition
of plain text files now defaults toinline
.
Fixed
- Fixed rich oEmbed URL previews (Twitter).
- Fixed photo oEmbed URL previews (Giphy).
- Fixed orientation parsing for some thumbnails.
- Fixed file name being incorrect on the first download from remote servers.
- Fixed a download inefficiency where remote downloads could use extra bandwidth.
- Fixed a problem where secondary imports can never finish.
- Fixed imports not handling duplicate media IDs.
- Fixed some database connection errors not being handled correctly.
v1.2.4
v1.2.3
Added
- Introduced early plugin support (only for antispam for now).
- Includes a simple OCR plugin to help mitigate text-based image spam.
- Added an
X-Robots-Tag
header to help prevent indexing. Thanks @jellykells!
Fixed
v1.2.2
v1.2.1
Added
- Added a new tool,
export_synapse_for_import
, which can be used to do an offline import from Synapse.- After running this tool, use the
gdpr_import
tool to bring the export into the media repo.
- After running this tool, use the
- Added thumbnailing support for some audio waveforms (MP3, WAV, OGG, and FLAC).
- Added audio metadata (duration, etc) to the unstable
/info
endpoint. Aligns with MSC2380. - Added simple thumbnailing for MP4 videos.
- Added an
asAttachment
query parameter to download requests per MSC2702.
Fixed
- Fixed thumbnails for invalid JPEGs.
- Fixed incorrect metrics being published when using the Redis cache.
- Fixed errors generating thumbnails when bad EXIF headers were provided.
- Use
r0
instead ofv1
for federation requests. No changes should be needed to configurations or routing - it'll just work.
v1.2.0
Upgrade notes
This release contains a database change which might take a while. In order to support quotas, this
release tracks how much a user has uploaded, which might take a while to initially calculate. If you have
a large database (more than about 100k uploaded files), run the following steps before upgrading:
- The PostgreSQL script described here.
This can be run while the server is running. - If you have no intention of using stats or quotas, you're done (the stats table will be inaccurate). If
you do plan on using either, runINSERT INTO user_stats SELECT user_id, SUM(size_bytes) FROM media GROUP BY user_id;
which may take a while. - Change the owner of the table and function to your media repo's postgresql user. For example, if your postgres
user ismedia
, then run:ALTER TABLE user_stats OWNER TO media; ALTER FUNCTION track_update_user_media() OWNER TO media;
Added
- Add webp image support. Thanks @Sorunome!
- Add apng image support. Thanks @Sorunome!
- Experimental support for Redis as a cache (in preparation for proper load balancing/HA support).
- Added oEmbed URL preview support.
- Added support for dynamic thumbnails.
- Added a way to prevent certain media from being quarantined (attributes API).
- Added support for quotas.
Changed
- Remove deprecated support for restricting uploads to certain mime types.
- Remove deprecated support for
forUploads
. - Clarified what
uploads.minBytes
is intended to be used for.
Fixed
- GIFs now thumbnail correctly. Thanks @Sorunome!
- Fixed empty Content-Type header on retrieved remote media. Thanks @silkeh!
- Fixed various issues with IPv6 handling. Thanks @silkeh!
- Fixed high database usage for uploads when only one datastore is present.
- Fixed incorrect HTTP status codes for bad thumbnail requests.
- Fixed dimension checking on thumbnails.
- Fixed handling of EXIF metadata. Thanks @Sorunome!
- Fixed handling of URL previews for some encodings.
- Fixed
Cache-Control
headers being present on errors.
v1.1.3
Added
- Added options to cache access tokens for users. This prevents excessive calls to
/account/whoami
on your homeserver, particularly for appservices. - Documentation on how to set up delegation with the media repo and Traefik. Thanks @dereisele!
Changed
- Deprecated support for restricting uploads to certain mime types, due to inability to make it work correctly with encrypted media.
- Removed deprecated
storagePaths
config option. Please use datastores.