v1.3.4

Added

• Dendrite homeservers can now have their media imported safely, and adminApiKind may be set to dendrite.
• Exporting MMR's data to Synapse is now possible with import_to_synapse. To use it, first run gdpr_export or similar.
• Errors encountered during a background task, such as an API-induced export, are exposed as error_message in the admin API.
• MMR will follow redirects on federated downloads up to 5 hops.
• S3-backed datastores can have download requests redirected to a public-facing CDN rather than being proxied through MMR. See publicBaseUrl under the S3 datastore config.

Changed

• Exports now use an internal timeout of 10 minutes instead of 1 minute when downloading files. This may still result in errors if downloading from S3 takes too long.
• MMR now requires Go 1.21 for compilation.
• ARM-supported Docker images are now available through GHCR.
  • The Docker Hub (docker.io) builds are deprecated and will not receive updates starting with v1.4.0
  • Docker Hub images are not guaranteed to have ARM compatibility.
• The latest Docker tag on both Docker Hub and GHCR now points to the latest release instead of the unstable development build.

Fixed

• Exports created with s3_urls now contain valid URLs.
• Exports no longer fail with "The requested range is not satisfiable".
• Exports no longer fail with "index out of range [0] with length 0".
• Requests requiring authentication, but lack a provided access token, will return HTTP 401 instead of HTTP 500 now.
• Downloads when using a self-hosted MinIO instance are no longer slower than expected.
• The DELETE /_matrix/media/unstable/admin/export/:exportId endpoint has been reinstated as described.
• If a server's downloads.maxSize is greater than the uploads.maxSize, remote media is no longer cut off at uploads.maxSize. The media will instead be downloaded at downloads.maxSize and error if greater.
• Content-Type on /download and /thumbnail is now brought in line with MSC2701.

v1.3.3

Fixed

• Improved handling when encountering an error attempting to populate Redis during uploads.
• Fixed Range requests failing by default by internally setting a default chunk size of 10mb.
• Stop logging "no exif data".
• Fixed admin API requests not working when authenticating as the shared secret user.

Changed

• Updated dependencies. Manually compiled deployments may need to recompile libheif as well.

v1.3.2

Fixed

• Fixed thumbnail generation causing thumbnails_index errors in some circumstances.

v1.3.1

From v1.3.0

• Mandatory configuration change: Please see docs.t2bot.io for details.
• Fix improper usage of Content-Disposition: inline and related Content-Type safety (CVE-2023-41318, GHSA-5crw-6j7v-xc72).

Fixed

• Fixed media purge API not being able to delete thumbnails.
• Fixed thumbnails being attempted for disabled media types.
• Fixed SVG and other non-dimensional media failing to be usefully thumbnailed in some cases.

v1.3.0

Mandatory Configuration Change

Please see docs.t2bot.io for details.

Security Fixes

• Fix improper usage of Content-Disposition: inline and related Content-Type safety (CVE-2023-41318, GHSA-5crw-6j7v-xc72).

Deprecations

• The GET /_matrix/media/unstable/local_copy/:server/:mediaId (and unstable/io.t2bot.media variant) endpoint is deprecated and scheduled for removal. If you are using this endpoint, please comment on this issue to explain your use case.

Added

• Added a federation.ignoredHosts config option to block media from individual homeservers.
• Support for MSC2246 (async uploads) is added, with per-user quota limiting options.
• Support for MSC4034 (self-serve usage information) is added, alongside a new "maximum file count" quota limit.
• The GET /_synapse/admin/v1/statistics/users/media endpoint from Synapse is now supported at the same path for local server admins.
• Thumbnailing support for:
  • BMP images.
  • TIFF images.
  • HEIC images.
• New metrics:
  • HTTP response times.
  • Age of downloaded/accessed media.
• Support for PGO builds has been enabled via pgo-fleet.

Removed

• IPFS support has been removed due to maintenance burden.
• Exports initiated through the admin API no longer support ?include_data=false. Exports will always contain data.
• Server-side blurhash calculation has been removed. Clients and bridges already calculate blurhashes locally where applicable.

Changed

• Mandatory configuration change: You must add datastore IDs to your datastore configuration, as matrix-media-repo will no longer manage datastores for you.
• If compiling matrix-media-repo, note that new external dependencies are required. See the docs.
  • Docker images already contain these dependencies.
• Datastores no longer use the enabled flag set on them. Use forKinds: [] instead to disable a datastore's usage.
• Per-user upload quotas now do not allow users to exceed the maximum values, even by 1 byte. Previously, users could exceed the limits by a little bit.
• Updated to Go 1.19, then Go 1.20 in the same release cycle.
• New CGO dependencies are required. See docs.t2bot.io for details.
• Logs are now less noisy by default.
• Connected homeservers must support at least Matrix 1.1 on the Client-Server API. Servers over federation are not affected.
• The example Grafana dashboard has been updated.

Fixed

• URL previews now follow redirects properly.
• Overall memory usage is improved, particularly during media uploads and API-initiated imports.
  • Note: If you use plugins then memory usage will still be somewhat high due to temporary caching of uploads.
  • Note: This affects RSS primarily. VSZ and other memory metrics may be higher than expected due to how Go releases memory to the OS. This is fixed when there's memory pressure.
• Fixed shutdown stall if the config was reloaded more than once while running.

v1.2.13

Deprecations

• In version 1.3.0, IPFS will no longer be supported as a datastore. Please migrate your data if you are using the IPFS support.

Added

• Added the Cross-Origin-Resource-Policy: cross-origin header to all downloads, as per MSC3828.
• Added metrics for tracking which S3 operations are performed against datastores.

Changed

• Swap out the HEIF library for better support towards ARM64 Docker Images.
• The development environment now uses Synapse as a homeserver. Test accounts will need recreating.
• Updated to Go 1.18
• Improved error message when thumbnailer cannot determine image dimensions.

Fixed

• Return default media attributes if none have been explicitly set.

v1.2.12

Note: v1.2.11 was released with a bug (sorry) in one of the new features to that release. Check out its changelog for more information on the new stuff.

Fixed

• Fixed a permissions check issue on the new statistics endpoint released in v1.2.11

v1.2.11

This version has a known bug.

Please use v1.2.12 instead of this version.

---

Added

• New config option to set user agent when requesting URL previews.
• Added support for image/jxl thumbnailing.
• Built-in early support for content ranges (being able to skip around in audio and video). This is only available if caching is enabled.
• New config option for changing the log level.
• New (currently undocumented) binary s3_consistency_check to find objects in S3 which might not be referenced by the media repo database. Note that this can include uploads in progress.
• Admin endpoint to GET users' usage statistics for a server.

Removed

• Support for the in-memory cache has been removed. Redis or having no cache are now the only options.
• Support for the Redis config under features has been removed. It is now only available at the top level of the config. See the sample config for more details.

Fixed

• Fixed media being permanently lost when transferring to an (effectively) readonly S3 datastore.
• Purging non-existent files now won't cause errors.
• Fixed HEIF/HEIC thumbnailing. Note that this thumbnail type might cause increased memory usage.
• Ensure endpoints register in a stable way, making them predictably available.
• Reduced download hits to datastores when using Redis cache.

Changed

• Updated support for post-MSC3069 homeservers.
• Updated the built-in oEmbed providers.json

v1.2.10

Deprecation notices

In a future version (likely the next), the in-memory cache support will be removed. Instead, please use the Redis
caching that is now supported properly by this release, or disable caching if not applicable for your deployment.

Added

• Added support for setting the Redis database number.

Fixed

• Fixed an issue with the Redis config not being recognized at the root level.

v1.2.9

Deprecation notices

In a future version (likely the next), the in-memory cache support will be removed. Instead, please use the Redis
caching that is now supported properly by this release, or disable caching if not applicable for your deployment.

Added

• Added support for HEAD at the /healthz endpoint.
• Added X-Content-Security-Policy: sandbox in contexts where the normal CSP
  header would be served. This is a limited, pre-standard form of CSP supported
  by IE11, in order to have at least some mitigation of XSS attacks.
• Added support for the org.matrix.msc2705.animated query parameter.
• Added support for S3 storage classes (optional).
• Added support for listening on Matrix 1.1 endpoints (/_matrix/media/v3/*).

Changed

• Support the Redis config at the root level of the config, promoting it to a proper feature.

Fixed

• Improved performance of datastore selection when only one datastore is eligible to contain media.
• Fixed blurhash not enabling itself.
• Fixed blurhash implementation to match MSC.