diff --git a/_service b/_service
index b82b1da..ee2edc6 100644
--- a/_service
+++ b/_service
@@ -4,11 +4,11 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param>
- <param name="revision">v1.77.0</param>
+ <param name="revision">v1.85.2</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param>
<!--
- <param name="revision">v1.78.0rc1</param>
+ <param name="revision">v1.86.0rc1</param>
<param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
<param name="versionrewrite-replacement">\1~\2</param>
-->
diff --git a/matrix-synapse-1.77.0.obscpio b/matrix-synapse-1.77.0.obscpio
deleted file mode 100644
index 995f1f8..0000000
--- a/matrix-synapse-1.77.0.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:4e2455043cad14c865dac6530009fbd8ea83aeb76f9d5cbe475794cffd0dcef8
-size 34558477
diff --git a/matrix-synapse-1.85.2.obscpio b/matrix-synapse-1.85.2.obscpio
new file mode 100644
index 0000000..cdb79c8
--- /dev/null
+++ b/matrix-synapse-1.85.2.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:be83625af6474dc950402ef8098bee1d2bfdab646146466f128141c34e406e82
+size 35072525
diff --git a/matrix-synapse-test.spec b/matrix-synapse-test.spec
index e0df2ed..5924640 100644
--- a/matrix-synapse-test.spec
+++ b/matrix-synapse-test.spec
@@ -27,7 +27,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
-Version: 1.77.0
+Version: 1.85.2
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0
diff --git a/matrix-synapse.changes b/matrix-synapse.changes
index c9409f2..6ed93ee 100644
--- a/matrix-synapse.changes
+++ b/matrix-synapse.changes
@@ -1,3 +1,752 @@
+-------------------------------------------------------------------
+Thu Jun 8 17:49:10 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.2
+ - Bugfixes
+ - Fix regression where using TLS for HTTP replication between
+ workers did not work. Introduced in v1.85.0. (#15746)
+
+-------------------------------------------------------------------
+Wed Jun 7 15:28:24 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.1
+ Note: this release only fixes a bug that stopped some deployments
+ from upgrading to v1.85.0. There is no need to upgrade to v1.85.1
+ if successfully running v1.85.0.
+
+ - Bugfixes
+ - Fix bug in schema delta that broke upgrades for some
+ deployments. Introduced in v1.85.0. (#15738, #15739)
+
+-------------------------------------------------------------------
+Tue Jun 6 11:34:10 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- make use that the pythons define and use_python do not diverge by
+ moving them closer to each other.
+
+-------------------------------------------------------------------
+Tue Jun 6 10:06:46 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.0
+ - Security
+
+ - GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity It may be
+ possible for a deactivated user to login when using uncommon
+ configurations. (boo#1212055)
+
+ - GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity A
+ discovered oEmbed or image URL can bypass the
+ url_preview_url_blacklist setting potentially allowing server
+ side request forgery or bypassing network policies. Impact is
+ limited to IP addresses allowed by the
+ url_preview_ip_range_blacklist setting (by default this only
+ allows public IPs). (boo#1212054)
+
+ - Features
+ - Improve performance of backfill requests by performing
+ backfill of previously failed requests in the background.
+ (#15585)
+ - Add a new admin API to create a new device for a user.
+ (#15611)
+ - Add Unix socket support for Redis connections. Contributed by
+ Jason Little. (#15644)
+ - Bugfixes
+ - Fix a performance issue introduced in Synapse v1.83.0 which
+ meant that purging rooms was very slow and
+ database-intensive. (#15693)
+ - Fix a long-standing bug where setting the read marker could
+ fail when using message retention. Contributed by Nick @
+ Beeper (@Fizzadar). (#15464)
+ - Fix a long-standing bug where the url_preview_url_blacklist
+ configuration setting was not applied to oEmbed or image URLs
+ found while previewing a URL. (#15601)
+ - Fix a long-standing bug where filters with multiple
+ backslashes were rejected. (#15607)
+ - Fix a bug introduced in Synapse 1.82.0 where the error
+ message displayed when validation of the
+ app_service_config_files config option fails would be
+ incorrectly formatted. (#15614)
+ - Fix a long-standing bug where deactivated users were still
+ able to login using the custom org.matrix.login.jwt login
+ type (if enabled). (#15624)
+ - Fix a long-standing bug where deactivated users were able to
+ login in uncommon situations. (#15634)
+ - Improved Documentation
+ - Warn users that at least 3.75GB of space is needed for the
+ nix Synapse development environment. (#15613)
+ - Remove outdated comment from the generated and sample
+ homeserver log configs. (#15648)
+ - Improve contributor docs to make it more clear that Rust is a
+ necessary prerequisite. Contributed by @grantm. (#15668)
+ - Deprecations and Removals
+ - Deprecate calling the /register endpoint with an unspecced
+ user property for application services. (#15703)
+ - Remove the old version of the R30 (30-day retained users)
+ phone-home metric. (#10428)
+ - Internal Changes
+ - Speed up background jobs populate_full_user_id_user_filters
+ and populate_full_user_id_profiles. (#15700)
+ - Create dependabot changelogs at release time. (#15481)
+ - Add not null constraint to column full_user_id of tables
+ profiles and user_filters. (#15537)
+ - Allow connecting to HTTP Replication Endpoints by using
+ worker_name when constructing the request. (#15578)
+ - Make the thread_id column on event_push_actions,
+ event_push_actions_staging, and event_push_summary non-null.
+ (#15597)
+ - Run mypy type checking with the minimum supported Python
+ version to catch new usage that isn't backwards-compatible.
+ (#15602)
+ - Fix subscriptable type usage in Python <3.9. (#15604)
+ - Update internal terminology. (#15606, #15620)
+ - Instrument state and state_group storage-related operations
+ to better picture what's happening when tracing. (#15610,
+ #15647)
+ - Trace how many new events from the backfill response we need
+ to process. (#15633)
+ - Re-type config paths in ConfigErrors to be StrSequences
+ instead of Iterable[str]s. (#15615)
+ - Update Mutual Rooms (MSC2666) implementation to match new
+ proposal text. (#15621)
+ - Remove the unstable identifiers from faster joins (MSC3706).
+ (#15625)
+ - Fix the olddeps CI. (#15626)
+ - Remove duplicate timestamp from test logs
+ (_trial_temp/test.log). (#15636)
+ - Fix two memory leaks in trial test runs. (#15630)
+ - Limit the size of the HomeServerConfig cache in trial test
+ runs. (#15646)
+ - Improve type hints. (#15658, #15659)
+ - Add requesting user id parameter to key claim methods in
+ TransportLayerClient. (#15663)
+ - Speed up rebuilding of the user directory for local users.
+ (#15665)
+ - Implement "option 2" for MSC3820: Room version 11. (#15666,
+ #15678)
+
+-------------------------------------------------------------------
+Fri May 26 19:16:23 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.84.1
+ This patch release fixes a major issue with homeservers that do
+ not have an instance_map defined but which do use workers. If you
+ have already upgraded to Synapse 1.84.0 and your homeserver is
+ working normally, then there is no need to update to this patch
+ release.
+
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.84.0 where workers do not
+ start up when no instance_map was provided. (#15672)
+ - Internal Changes
+ - Add dch and notify-send to the development Nix flake so that
+ the release script can be used. (#15673)
+
+-------------------------------------------------------------------
+Wed May 24 00:15:46 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.84.0
+ The worker_replication_* configuration settings have been
+ deprecated in favour of configuring the main process consistently
+ with other instances in the instance_map. The deprecated settings
+ will be removed in Synapse v1.88.0, but changing your
+ configuration in advance is recommended. See the upgrade notes
+ for more information.
+
+ https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840
+
+ - Features
+ - Add an option to prevent media downloads from configured
+ domains. (#15197)
+ - Add forget_rooms_on_leave config option to automatically
+ forget rooms when users leave them or are removed from them.
+ (#15224)
+ - Add redis TLS configuration options. (#15312)
+ - Add a config option to delay push notifications by a random
+ amount, to discourage time-based profiling. (#15516)
+ - Stabilize support for MSC2659: application service ping
+ endpoint. Contributed by Tulir @ Beeper. (#15528)
+ - Implement MSC4009 to expand the supported characters in
+ Matrix IDs. (#15536)
+ - Advertise support for Matrix 1.6 on /_matrix/client/versions.
+ (#15559)
+ - Print full error and stack-trace of any exception that occurs
+ during startup/initialization. (#15569)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.84.0rc1 where errors during
+ startup were not reported correctly on Python < 3.10.
+ (#15599)
+ - Don't fail on federation over TOR where SRV queries are not
+ supported. Contributed by Zdzichu. (#15523)
+ - Experimental support for MSC4010 which rejects setting the
+ "m.push_rules" via account data. (#15554, #15555)
+ - Fix a long-standing bug where an invalid membership event
+ could cause an internal server error. (#15564)
+ - Require at least poetry-core v1.1.0. (#15566, #15571)
+ - Deprecations and Removals
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Updates to the Docker image
+ - Add pkg-config package to Stage 0 to be able to build
+ Dockerfile on ppc64le architecture. (#15567)
+ - Improved Documentation
+ - Clarify documentation of the "Create or modify account" Admin
+ API. (#15544)
+ - Fix path to the statistics/database/rooms admin API in
+ documentation. (#15560)
+ - Update and improve Mastodon Single Sign-On documentation.
+ (#15587)
+ - Internal Changes
+ - Use oEmbed to generate URL previews for YouTube Shorts.
+ (#15025)
+ - Create new Client for use with HTTP Replication between
+ workers. Contributed by Jason Little. (#15470)
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Bump pyicu from 2.10.2 to 2.11. (#15509)
+ - Remove references to supporting per-user flag for MSC2654.
+ (#15522)
+ - Don't use a trusted key server when running the demo scripts.
+ (#15527)
+ - Speed up rebuilding of the user directory for local users.
+ (#15529)
+ - Speed up deleting of old rows in event_push_actions. (#15531)
+ - Install the xmlsec and mdbook packages and switch back to the
+ upstream cachix/devenv repo in the nix development
+ environment. (#15532, #15533, #15545)
+ - Implement MSC3987 by removing "dont_notify" from the list of
+ actions in default push rules. (#15534)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15535)
+ - Proxy /user/devices federation queries to application
+ services for MSC3984. (#15539)
+ - Factor out an is_mine_server_name method. (#15542)
+ - Allow running Complement tests using podman by adding a
+ PODMAN environment variable to scripts-dev/complement.sh.
+ (#15543)
+ - Bump serde from 1.0.160 to 1.0.162. (#15548)
+ - Bump types-setuptools from 67.6.0.5 to 67.7.0.1. (#15549)
+ - Bump sentry-sdk from 1.19.1 to 1.22.1. (#15550)
+ - Bump ruff from 0.0.259 to 0.0.265. (#15551)
+ - Bump hiredis from 2.2.2 to 2.2.3. (#15552)
+ - Bump types-requests from 2.29.0.0 to 2.30.0.0. (#15553)
+ - Add org.matrix.msc3981 info to /_matrix/client/versions.
+ (#15558)
+ - Declare unstable support for MSC3391 under
+ /_matrix/client/versions if the experimental implementation
+ is enabled. (#15562)
+ - Implement MSC3821 to update the redaction rules. (#15563)
+ - Implement updated redaction rules from MSC3389. (#15565)
+ - Allow pip install to use setuptools_rust 1.6.0 when building
+ Synapse. (#15570)
+ - Deal with upcoming Github Actions deprecations. (#15576)
+ - Export run_as_background_process from the module API.
+ (#15577)
+ - Update build system requirements to allow building with
+ poetry-core==1.6.0. (#15588)
+ - Bump serde from 1.0.162 to 1.0.163. (#15589)
+ - Bump phonenumbers from 8.13.7 to 8.13.11. (#15590)
+ - Bump types-psycopg2 from 2.9.21.9 to 2.9.21.10. (#15591)
+ - Bump types-commonmark from 0.9.2.2 to 0.9.2.3. (#15592)
+ - Bump types-setuptools from 67.7.0.1 to 67.7.0.2. (#15594)
+
+-------------------------------------------------------------------
+Tue May 9 18:58:15 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.83.0
+ - Features
+ - Experimental support to recursively provide relations per
+ MSC3981. (#15315)
+ - Experimental support for MSC3970: Scope transaction IDs to
+ devices. (#15318)
+ - Add an admin API endpoint to support per-user feature flags.
+ (#15344)
+ - Add a module API to send an HTTP push notification. (#15387)
+ - Add an admin API endpoint to query the largest rooms by disk
+ space used in the database. (#15482)
+ - Bugfixes
+ - Disable push rule evaluation for rooms excluded from sync.
+ (#15361)
+ - Fix a long-standing bug where cached server key results which
+ were directly fetched would not be properly re-used. (#15417)
+ - Fix a bug introduced in Synapse 1.73.0 where some
+ experimental push rules were returned by default. (#15494)
+ - Improved Documentation
+ - Add Nginx loadbalancing example with sticky mxid for workers.
+ (#15411)
+ - Update outdated development docs that mention restrictions in
+ versions of SQLite that we no longer support. (#15498)
+ - Internal Changes
+ - Speedup tests by caching HomeServerConfig instances. (#15284)
+ - Add denormalised event stream ordering column to membership
+ state tables for future use. Contributed by Nick @ Beeper
+ (@fizzadar). (#15356)
+ - Always use multi-user device resync replication endpoints.
+ (#15418)
+ - Add column full_user_id to tables profiles and user_filters.
+ (#15458)
+ - Update support for MSC3983 to allow always returning
+ fallback-keys in a /keys/claim request. (#15462)
+ - Improve type hints. (#15465, #15496, #15497)
+ - Support claiming more than one OTK at a time. (#15468)
+ - Bump types-pyyaml from 6.0.12.8 to 6.0.12.9. (#15471)
+ - Bump pyasn1-modules from 0.2.8 to 0.3.0. (#15473)
+ - Bump cryptography from 40.0.1 to 40.0.2. (#15474)
+ - Bump types-netaddr from 0.8.0.7 to 0.8.0.8. (#15475)
+ - Bump types-jsonschema from 4.17.0.6 to 4.17.0.7. (#15476)
+ - Ask bug reporters to provide logs as text. (#15479)
+ - Add a Nix flake for use as a development environment.
+ (#15495)
+ - Bump anyhow from 1.0.70 to 1.0.71. (#15507)
+ - Bump types-pillow from 9.4.0.19 to 9.5.0.2. (#15508)
+ - Bump packaging from 23.0 to 23.1. (#15510)
+ - Bump types-requests from 2.28.11.16 to 2.29.0.0. (#15511)
+ - Bump setuptools-rust from 1.5.2 to 1.6.0. (#15512)
+ - Update the check_schema_delta script to account for when the
+ schema version has been bumped locally. (#15466)
+- Allow newer setuptools-rust
+
+-------------------------------------------------------------------
+Tue Apr 25 11:53:22 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.82.0
+ - Features
+ - Allow loading the /directory/room/{roomAlias} endpoint on
+ workers. (#15333)
+ - Add some validation to instance_map configuration loading.
+ (#15431)
+ - Allow loading the /capabilities endpoint on workers. (#15436)
+ - Bugfixes
+ - Delete server-side backup keys when deactivating an account.
+ (#15181)
+ - Fix and document untold assumption that on_logged_out module
+ hooks will be called before the deletion of pushers. (#15410)
+ - Improve robustness when handling a perspective key response
+ by deduplicating received server keys. (#15423)
+ - Synapse now correctly fails to start if the config option
+ app_service_config_files is not a list. (#15425)
+ - Disable loading RefreshTokenServlet
+ (/_matrix/client/(r0|v3|unstable)/refresh) on workers.
+ (#15428)
+ - Improved Documentation
+ - Note that the delete_stale_devices_after background job
+ always runs on the main process. (#15452)
+ - Deprecations and Removals
+ - Remove the broken, unspecced registration fallback. Note that
+ the login fallback is unaffected by this change. (#15405)
+ - Internal Changes
+ - Improve DB performance of clearing out old data from
+ stream_ordering_to_exterm. (#15382, #15429)
+ - Implement MSC3989 redaction algorithm. (#15393)
+ - Implement MSC2175 to stop adding creator to create events.
+ (#15394)
+ - Implement MSC2174 to move the redacts key to a content
+ property. (#15395)
+ - Trust dtonlay/rust-toolchain in CI. (#15406)
+ - Explicitly install Synapse during typechecking in CI.
+ (#15409)
+ - Only load the SSO redirect servlet if SSO is enabled.
+ (#15421)
+ - Refactor SimpleHttpClient to pull out a base class. (#15427)
+ - Improve type hints. (#15432)
+ - Convert async to normal tests in TestSSOHandler. (#15433)
+ - Speed up the user directory background update. (#15435)
+ - Disable directory listing for static resources in
+ /_matrix/static/. (#15438)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15453)
+
+-------------------------------------------------------------------
+Fri Apr 14 12:07:11 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.81.0
+ Synapse now attempts the versioned appservice paths before
+ falling back to the legacy paths. Usage of the legacy routes
+ should be considered deprecated.
+
+ Additionally, Synapse has supported sending the application
+ service access token via the Authorization header since v1.70.0.
+ For backwards compatibility it is also sent as the access_token
+ query parameter. This is insecure and should be considered
+ deprecated.
+
+ A future version of Synapse (v1.88.0 or later) will remove
+ support for legacy application service routes and query parameter
+ authorization.
+
+ - Features
+ - Add the ability to enable/disable registrations when in the
+ OIDC flow. (#14978)
+ - Add a primitive helper script for listing worker endpoints.
+ (#15243)
+ - Experimental support for passing One Time Key and device key
+ requests to application services (MSC3983 and MSC3984).
+ (#15314, #15321)
+ - Allow loading /password_policy endpoint on workers. (#15331)
+ - Add experimental support for Unix sockets. Contributed by
+ Jason Little. (#15353)
+ - Build Debian packages for Ubuntu 23.04 (Lunar Lobster).
+ (#15381)
+ - Bugfixes
+ - Fix the set_device_id_for_pushers_txn background update
+ crash. (#15391)
+ - Fix a long-standing bug where edits of non-m.room.message
+ events would not be correctly bundled. (#15295)
+ - Fix a bug introduced in Synapse v1.55.0 which could delay
+ remote homeservers being able to decrypt encrypted messages
+ sent by local users. (#15297)
+ - Add a check to SQLite port_db script
+ - to ensure that the sqlite database passed to the script
+ exists before trying to port from it. (#15306)
+ - Fix a bug introduced in Synapse 1.76.0 where responses from
+ worker deployments could include an internal _INT_STREAM_POS
+ key. (#15309)
+ - Fix a long-standing bug that Synpase only used the legacy
+ appservice routes. (#15317)
+ - Fix a long-standing bug preventing users from rejoining rooms
+ after being banned and unbanned over federation. Contributed
+ by Nico. (#15323)
+ - Fix bug in worker mode where on a rolling restart of workers
+ the "typing" worker would consume 100% CPU until it got
+ restarted. (#15332)
+ - Fix a long-standing bug where some to_device messages could
+ be dropped when using workers. (#15349)
+ - Fix a bug introduced in Synapse 1.70.0 where the background
+ sync from a faster join could spin for hours when one of the
+ events involved had been marked for backoff. (#15351)
+ - Fix missing app variable in mail subject for password resets.
+ Contributed by Cyberes. (#15352)
+ - Fix a rare bug introduced in Synapse 1.66.0 where initial
+ syncs would fail when the user had been kicked from a faster
+ joined room that had not finished syncing. (#15383)
+ - Improved Documentation
+ - Fix a typo in login requests ratelimit defaults. (#15341)
+ - Add some clarification to the doc/comments regarding TCP
+ replication. (#15354)
+ - Note that Synapse 1.74 queued a rebuild of the user directory
+ tables. (#15386)
+ - Internal Changes
+ - Update CI to run complement under the latest stable go
+ version. (#15403)
+ - Use immutabledict instead of frozendict. (#15113)
+ - Add developer documentation for the Federation Sender and add
+ a documentation mechanism using Sphinx. (#15265, #15336)
+ - Make the pushers rely on the device_id instead of the
+ access_token_id for various operations. (#15280)
+ - Bump sentry-sdk from 1.15.0 to 1.17.0. (#15285)
+ - Allow running the Twisted trunk job against other branches.
+ (#15302)
+ - Remind the releaser to ask for changelog feedback in
+ #synapse-dev. (#15303)
+ - Bump dtolnay/rust-toolchain from
+ e12eda571dc9a5ee5d58eecf4738ec291c66f295 to
+ fc3253060d0c959bea12a59f10f8391454a0b02d. (#15304)
+ - Reject events with an invalid "mentions" property per
+ MSC3952. (#15311)
+ - As an optimisation, use TRUNCATE on Postgres when clearing
+ the user directory tables. (#15316)
+ - Fix .gitignore rule for the Complement source tarball
+ downloaded automatically by complement.sh. (#15319)
+ - Bump serde from 1.0.157 to 1.0.158. (#15324)
+ - Bump regex from 1.7.1 to 1.7.3. (#15325)
+ - Bump types-pyopenssl from 23.0.0.4 to 23.1.0.0. (#15326)
+ - Bump furo from 2022.12.7 to 2023.3.23. (#15327)
+ - Bump ruff from 0.0.252 to 0.0.259. (#15328)
+ - Bump cryptography from 40.0.0 to 40.0.1. (#15329)
+ - Bump mypy-zope from 0.9.0 to 0.9.1. (#15330)
+ - Speed up unit tests when using SQLite3. (#15334)
+ - Speed up pydantic CI job. (#15339)
+ - Speed up sample config CI job. (#15340)
+ - Fix copyright year in SSO footer template. (#15358)
+ - Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3. (#15369)
+ - Bump serde from 1.0.158 to 1.0.159. (#15370)
+ - Bump serde_json from 1.0.94 to 1.0.95. (#15371)
+ - Speed up membership queries for users with forgotten rooms.
+ (#15385)
+
+-------------------------------------------------------------------
+Thu Mar 30 20:56:38 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.80.0
+ - Features
+ - Stabilise support for MSC3966: event_property_contains push
+ condition. (#15187)
+ - Implement MSC2659: application service ping endpoint.
+ Contributed by Tulir @ Beeper. (#15249)
+ - Allow loading /register/available endpoint on workers.
+ (#15268)
+ - Improve performance of creating and authenticating events.
+ (#15195)
+ - Add topic and name events to group of events that are batch
+ persisted when creating a room. (#15229)
+ - Bugfixes
+ - Fix a bug in which the POST
+ /_matrix/client/v3/rooms/{roomId}/report/{eventId} endpoint
+ would return the wrong error if the user did not have
+ permission to view the event. This aligns Synapse's
+ implementation with MSC2249. (#15298, #15300)
+ - Fix a bug introduced in Synapse 1.75.0rc1 where the SQLite
+ port_db script
+ - would fail to open the SQLite database. (#15301)
+ - Fix a long-standing bug in which the user directory would
+ assume any remote membership state events represent a profile
+ change. (#14755, #14756)
+ - Implement MSC3873 to fix a long-standing bug where properties
+ with dots were handled ambiguously in push rules. (#15190)
+ - Faster joins: Fix a bug introduced in Synapse 1.66 where
+ spurious "Failed to find memberships ..." errors would be
+ logged. (#15232)
+ - Fix a long-standing error when sending message into deleted
+ room. (#15235)
+ - Updates to the Docker image
+ - Ensure the Dockerfile builds on platforms that don't have a
+ cryptography wheel. (#15239)
+ - Mirror images to the GitHub Container Registry
+ (ghcr.io/matrix-org/synapse). (#15281, #15282)
+ - Improved Documentation
+ - Add a missing endpoint to the workers documentation. (#15223)
+ - Internal Changes
+ - Add additional functionality to declaring worker types when
+ starting Complement in worker mode. (#14921)
+ - Add Synapse-Trace-Id to access-control-expose-headers header.
+ (#14974)
+ - Make the HttpTransactionCache use the Requester in addition
+ of the just the Request to build the transaction key.
+ (#15200)
+ - Improve log lines when purging rooms. (#15222)
+ - Improve type hints. (#15230, #15231, #15238)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15237)
+ - Configure GitHub Actions for merge queues. (#15244)
+ - Add schema comments about the destinations and
+ destination_rooms tables. (#15247)
+ - Skip processing of auto-join room behaviour if there are no
+ auto-join rooms configured. (#15262)
+ - Remove unused store method
+ _set_destination_retry_timings_emulated. (#15266)
+ - Reorganize URL preview code. (#15269)
+ - Clean-up direct TCP replication code. (#15272, #15274)
+ - Make configure_workers_and_start script used in Complement
+ tests compatible with older versions of Python. (#15275)
+ - Add a /versions flag for MSC3952. (#15293)
+ - Bump hiredis from 2.2.1 to 2.2.2. (#15252)
+ - Bump serde from 1.0.152 to 1.0.155. (#15253)
+ - Bump pysaml2 from 7.2.1 to 7.3.1. (#15254)
+ - Bump msgpack from 1.0.4 to 1.0.5. (#15255)
+ - Bump gitpython from 3.1.30 to 3.1.31. (#15256)
+ - Bump cryptography from 39.0.1 to 39.0.2. (#15257)
+ - Bump pydantic from 1.10.4 to 1.10.6. (#15286)
+ - Bump serde from 1.0.155 to 1.0.157. (#15287)
+ - Bump anyhow from 1.0.69 to 1.0.70. (#15288)
+ - Bump txredisapi from 1.4.7 to 1.4.9. (#15289)
+ - Bump pygithub from 1.57 to 1.58.1. (#15290)
+ - Bump types-requests from 2.28.11.12 to 2.28.11.15. (#15291)
+
+-------------------------------------------------------------------
+Tue Mar 14 19:50:05 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.79.0
+ - Features
+ - Add two new Third Party Rules module API callbacks:
+ on_add_user_third_party_identifier and
+ on_remove_user_third_party_identifier. (#15044)
+ - Experimental support for MSC3967 to not require UIA for
+ setting up cross-signing on first use. (#15077)
+ - Add media information to the command line user data export
+ tool. (#15107)
+ - Add an admin API to delete a specific event report. (#15116)
+ - Add support for knocking to workers. (#15133)
+ - Allow use of the /filter Client-Server APIs on workers.
+ (#15134)
+ - Update support for MSC2677: remove support for server-side
+ aggregation of reactions. (#15172)
+ - Stabilise support for MSC3758: event_property_is push
+ condition. (#15185)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.79.0rc1 where attempting to
+ register a on_remove_user_third_party_identifier module API
+ callback would be a no-op. (#15227)
+ - Fix a rare bug introduced in Synapse 1.73 where events could
+ remain unsent to other homeservers after a faster-join to a
+ room. (#15248)
+ - Fix a bug introduced in Synapse 1.75 that caused experimental
+ support for deleting account data to raise an internal server
+ error while using an account data writer worker. (#14869)
+ - Fix a long-standing bug where Synapse handled an unspecced
+ field on push rules. (#15088)
+ - Fix a long-standing bug where a URL preview would break if
+ the discovered oEmbed failed to download. (#15092)
+ - Fix a long-standing bug where an initial sync would not
+ respond to changes to the list of ignored users if there was
+ an initial sync cached. (#15163)
+ - Add the transaction_id in the events included in many
+ endpoints' responses. (#15174)
+ - Fix a bug introduced in Synapse 1.78.0 where requests to
+ claim dehydrated devices would fail with a 405 error.
+ (#15180)
+ - Stop applying edits when bundling aggregations, per MSC3925.
+ (#15193)
+ - Fix a long-standing bug where the user directory search was
+ not case-insensitive for accented characters. (#15143)
+ - Updates to the Docker image
+ - Improve startup logging in the with-workers Docker image.
+ (#15186)
+ - Improved Documentation
+ - Document how to use caches in a module. (#14026)
+ - Clarify which worker processes the ThirdPartyRules'
+ on_new_event module API callback runs on. (#15071)
+ - Document using Shibboleth as an OpenID Provider. (#15112)
+ - Correct reference to federation_verify_certificates in
+ configuration documentation. (#15139)
+ - Correct small documentation errors in some
+ MatrixFederationHttpClient methods. (#15148)
+ - Correct the description of the behavior of
+ registration_shared_secret_path on startup. (#15168)
+ - Deprecations and Removals
+ - Deprecate the on_threepid_bind module callback, to be
+ replaced by on_add_user_third_party_identifier. See upgrade
+ notes. ([#15044]
+ - Remove the unspecced room_alias field from the /createRoom
+ response. (#15093)
+ - Remove the unspecced PUT on the /knock/{roomIdOrAlias}
+ endpoint. (#15189)
+ - Remove the undocumented and unspecced type parameter to the
+ /thumbnail endpoint. (#15137)
+ - Remove unspecced and buggy PUT method on the unstable
+ /rooms/<room_id>/batch_send endpoint. (#15199)
+ - Internal Changes
+ - Refactor filter_events_for_server. (#15240)
+ - Run the integration test suites with the asyncio reactor
+ enabled in CI. (#14101)
+ - Batch up storing state groups when creating a new room.
+ (#14918)
+ - Update MSC3952 support based on changes to the MSC. (#15051)
+ - Refactor writing json data in FileExfiltrationWriter.
+ (#15095)
+ - Tighten the login ratelimit defaults. (#15135)
+ - Fix a typo in an experimental config setting. (#15138)
+ - Refactor the media modules. (#15146, #15175)
+ - Improve type hints. (#15164)
+ - Move get_event_report and get_event_reports_paginate from
+ RoomStore to RoomWorkerStore. (#15165)
+ - Remove dangling reference to being a reference implementation
+ in docstring. (#15167)
+ - Add an option to force a rebuild of the "editable" complement
+ image. (#15184)
+ - Use nightly rustfmt in CI. (#15188)
+ - Add a get_next_txn method to StreamIdGenerator to match
+ MultiWriterIdGenerator. (#15191)
+ - Combine AbstractStreamIdTracker and
+ AbstractStreamIdGenerator. (#15192)
+ - Automatically fix errors with ruff. (#15194)
+ - Refactor database transaction for query users' devices to
+ reduce database pool contention. (#15215)
+ - Correct test_icu_word_boundary_punctuation so that it passes
+ with the ICU versions available in Alpine and macOS. (#15177)
+
+-------------------------------------------------------------------
+Tue Feb 28 22:35:35 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.78.0
+ - Features
+ - Implement the experimental exact_event_match push rule
+ condition from MSC3758. (#14964)
+ - Add account data to the command line user data export tool.
+ (#14969)
+ - Implement MSC3873 to disambiguate push rule keys with dots in
+ them. (#15004)
+ - Allow Synapse to use a specific Redis logical database in
+ worker-mode deployments. (#15034)
+ - Tag opentracing spans for federation requests with the name
+ of the worker serving the request. (#15042)
+ - Implement the experimental exact_event_property_contains push
+ rule condition from MSC3966. (#15045)
+ - Remove spurious dont_notify action from the defaults for the
+ .m.rule.reaction pushrule. (#15073)
+ - Update the error code returned when user sends a duplicate
+ annotation. (#15075)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.76 where 5s delays would
+ occasionally occur in deployments using workers. (#15150)
+ - Prevent clients from reporting nonexistent events. (#13779)
+ - Return spec-compliant JSON errors when unknown endpoints are
+ requested. (#14605)
+ - Fix a long-standing bug where the room aliases returned could
+ be corrupted. (#15038)
+ - Fix a bug introduced in Synapse 1.76.0 where partially-joined
+ rooms could not be deleted using the purge room API. (#15068)
+ - Fix a long-standing bug where federated joins would fail if
+ the first server in the list of servers to try is not in the
+ room. (#15074)
+ - Fix a bug introduced in Synapse v1.74.0 where searching with
+ colons when using ICU for search term tokenisation would fail
+ with an error. (#15079)
+ - Reduce the likelihood of a rare race condition where
+ rejoining a restricted room over federation would fail.
+ (#15080)
+ - Fix a bug introduced in Synapse 1.76 where workers would fail
+ to start if the health listener was configured. (#15096)
+ - Fix a bug introduced in Synapse 1.75 where the portdb script
+ would fail to run after a room had been faster-joined.
+ (#15108)
+ - Improved Documentation
+ - Document how to start Synapse with Poetry. Contributed by
+ @thezaidbintariq. (#14892, #15022)
+ - Update delegation documentation to clarify that SRV DNS
+ delegation does not eliminate all needs to serve files from
+ .well-known locations. Contributed by @williamkray. (#14959)
+ - Fix a mistake in registration_shared_secret_path docs.
+ (#15078)
+ - Refer to a more recent blog post on the Database Maintenance
+ Tools page. Contributed by @jahway603. (#15083)
+ - Internal Changes
+ - Re-type hint some collections as read-only. (#13755)
+ - Faster joins: don't stall when another user joins during a
+ partial-state room resync. (#14606)
+ - Add a class UnpersistedEventContext to allow for the batching
+ up of storing state groups. (#14675)
+ - Add a check to ensure that locked dependencies have source
+ distributions available. (#14742)
+ - Tweak comment on _is_local_room_accessible as part of room
+ visibility in /hierarchy to clarify the condition for a room
+ being visible. (#14834)
+ - Prevent WARNING: there is already a transaction in progress
+ lines appearing in PostgreSQL's logs on some occasions.
+ (#14840)
+ - Use StrCollection to avoid potential bugs with
+ Collection[str]. (#14929)
+ - Improve performance of /sync in a few situations. (#14973)
+ - Limit concurrent event creation for a room to avoid state
+ resolution when sending bursts of events to a local room.
+ (#14977)
+ - Skip calculating unread push actions in /sync when
+ enable_push is false. (#14980)
+ - Add a schema dump symlinks inside contrib, to make it easier
+ for IDEs to interrogate Synapse's database schema. (#14982)
+ - Improve type hints. (#15008, #15026, #15027, #15028, #15031,
+ #15035, #15052, #15072, #15084)
+ - Update MSC3952 support based on changes to the MSC. (#15037)
+ - Avoid mutating a cached value in get_user_devices_from_cache.
+ (#15040)
+ - Fix a rare exception in logs on start up. (#15041)
+ - Update pyo3-log to v0.8.1. (#15043)
+ - Avoid mutating cached values in
+ _generate_sync_entry_for_account_data. (#15047)
+ - Refactor arguments of try_unbind_threepid and
+ _try_unbind_threepid_with_id_server to not use dictionaries.
+ (#15053)
+ - Merge debug logging from the hotfixes branch. (#15054)
+ - Faster joins: omit device list updates originating from
+ partial state rooms in /sync responses without lazy loading
+ of members enabled. (#15069)
+ - Fix clashing database transaction name. (#15070)
+ - Upper-bound frozendict dependency. This works around us being
+ unable to test installing our wheels against Python 3.11 in
+ CI. (#15114)
+ - Tweak logging for when a worker waits for its view of a
+ replication stream to catch up. (#15120)
+
-------------------------------------------------------------------
Mon Feb 20 12:45:02 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
diff --git a/matrix-synapse.obsinfo b/matrix-synapse.obsinfo
index dfdecf2..c3888c2 100644
--- a/matrix-synapse.obsinfo
+++ b/matrix-synapse.obsinfo
@@ -1,4 +1,4 @@
name: matrix-synapse
-version: 1.77.0
-mtime: 1676375955
-commit: 3e90dfdd81c2c6dcaf1f21f24fbca0a4c820b150
+version: 1.85.2
+mtime: 1686226556
+commit: ac3a70a7dd4070bf3953b8913f7c316d701db588
diff --git a/matrix-synapse.spec b/matrix-synapse.spec
index 30a94ff..97c8d9b 100644
--- a/matrix-synapse.spec
+++ b/matrix-synapse.spec
@@ -27,22 +27,23 @@
%global attrs_version 22.2.0
%global bcrypt_version 4.0.1
%global bleach_version 5.0.1
-%global canonicaljson_version 1.6.4
-%global canonicaljson_max_version 2
-%global cryptography_version 38.0.4
-%global frozendict_version 2.3.4
+%global canonicaljson_version 2.0.0
+%global cryptography_version 40.0.2
+%global immutabledict_version 2.2.4
%global idna_version 3.4
%global ijson_version 3.1.4
%global jsonschema_version 4.17.3
%global matrix_common_version 1.3.0
%global matrix_common_max_version 2
-%global msgpack_version 1.0.4
+%global msgpack_version 1.0.5
%global netaddr_version 0.8.0
+# TODO: 8.13.11
%global phonenumbers_version 8.13.5
-%global prometheus_client_version 0.16.0
+%global prometheus_client_version 0.17.0
%global psutil_version 2.0.0
%global pyOpenSSL_version 23.0.0
%global pyasn1_version 0.4.8
+# TODO 0.3.0
%global pyasn1_modules_version 0.2.8
%global pymacaroons_version 0.13.0
%global service_identity_version 21.1.0
@@ -54,20 +55,22 @@
%global treq_version 22.2.0
%global unpaddedbase64_version 2.1.0
%global matrix_synapse_ldap3_version 0.2.2
-# TODO: bump to 22.0
-%global packaging_version 23.0
-%global psycopg2_version 2.9.5
+%global packaging_version 23.1
+%global psycopg2_version 2.9.6
+# TODO 7.3.1
%global pysaml2_version 7.2.1
%global Authlib_version 1.2.0
%global lxml_version 4.9.2
-%global sentry_sdk_version 1.11.1
+%global sentry_sdk_version 1.22.1
%global PyJWT_version 2.4.0
%global jaeger_client_version 4.8.0
%global opentracing_version 2.4.0
-%global hiredis_version 2.0.0
-%global txredisapi_version 1.4.7
+# TODO: 2.2.3
+%global hiredis_version 2.2.2
+%global txredisapi_version 1.4.9
%global Pympler_version 1.0.1
%global pydantic_version 1.9.1
+# TODO: 2.10.2
%global pyicu_version 2.10.2
%else
# some version locks based on poetry.lock
@@ -78,10 +81,9 @@
%global attrs_version 21.1.1
%global bcrypt_version 3.1.7
%global bleach_version 1.4.3
-%global canonicaljson_version 1.6.3
-%global canonicaljson_max_version 2
+%global canonicaljson_version 2.0.0
%global cryptography_version 3.4.7
-%global frozendict_version 2.1.3
+%global immutabledict_version 2.0
%global idna_version 2.5
%global ijson_version 3.2.0
%global jsonschema_version 3.0.0
@@ -122,8 +124,10 @@
%endif
%define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
-# only switch this back to python3 when frozendict supports the current default python version
-%define pythons python310
+
+%define use_python python3
+
+%define pythons %{use_python}
# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS.
# missing deps
@@ -146,18 +150,11 @@
# https://github.com/matrix-org/synapse/releases or synapse/CHANGES.md
# * Commit+submit
-#if 0%{?suse_version} >= 1550
-#define use_python python38
-#define __python3 #{_bindir}/python3
-#else
-%define use_python python310
-#endif
-
%define modname synapse
%define pkgname matrix-synapse
%define eggname matrix_synapse
Name: %{pkgname}
-Version: 1.77.0
+Version: 1.85.2
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@@ -182,7 +179,6 @@ Patch1: bump-dependencies.patch
Source100: 10719-Fix-instert-of-duplicate-key-into-event_json.patch
BuildRequires: %{use_python}-base >= 3.8
BuildRequires: %{use_python}-pip
-BuildRequires: %{use_python}-poetry-core >= 1.0.0
BuildRequires: %{use_python}-setuptools
BuildRequires: %{use_python}-wheel
BuildRequires: cargo
@@ -192,10 +188,11 @@ BuildRequires: systemd-rpm-macros
BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
BuildRequires: unzip
+BuildRequires: (%{use_python}-poetry-core >= 1.0.0 with %{use_python}-poetry-core =< 1.6.1)
%{?systemd_ordering}
%{sysusers_requires}
%requires_peq %{use_python}-base
-BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust < 1.5.3)
+BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.6.0)
# NOTE: Keep this is in the same order as pyproject.toml.
# some version locks based on poetry.lock
BuildRequires: %{use_python}-Jinja2 >= %{Jinja2_version}
@@ -212,12 +209,12 @@ BuildRequires: %{use_python}-bcrypt >= %{bcrypt_version}
%requires_peq %{use_python}-bcrypt
BuildRequires: %{use_python}-bleach >= %{bleach_version}
%requires_peq %{use_python}-bleach
-BuildRequires: (%{use_python}-canonicaljson >= %{canonicaljson_version} with %{use_python}-canonicaljson < %{canonicaljson_max_version})
+BuildRequires: (%{use_python}-canonicaljson >= %{canonicaljson_version})
%requires_peq %{use_python}-canonicaljson
BuildRequires: %{use_python}-cryptography >= %{cryptography_version}
%requires_peq %{use_python}-cryptography
-BuildRequires: %{use_python}-frozendict >= %{frozendict_version}
-%requires_peq %{use_python}-frozendict
+BuildRequires: (%{use_python}-immutabledict >= %{immutabledict_version})
+%requires_peq %{use_python}-immutabledict
BuildRequires: %{use_python}-idna >= %{idna_version}
%requires_peq %{use_python}-idna
BuildRequires: %{use_python}-ijson >= %{ijson_version}
diff --git a/vendor.tar.zst b/vendor.tar.zst
index 20f20a9..9ebe1db 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:d6344594eb740c0957b46ae301b512bd3750861116a7c4445b75c2bdfc96b485
-size 8526018
+oid sha256:a1a27815d8c0b6e477437aa0e80e78e5a0ae37645b0bf46061fb9e1cc6f485ac
+size 8787173