Accepting request 854270 from network:messaging:matrix

OBS-URL: https://build.opensuse.org/request/show/854270
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/matrix-synapse?expand=0&rev=25

_service

@@ -4,7 +4,7 @@
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="url">https://github.com/matrix-org/synapse.git</param>
     <param name="scm">git</param>
-    <param name="revision">v1.22.1</param>
+    <param name="revision">v1.24.0</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="versionrewrite-replacement">\1</param>
     <!--

matrix-synapse-1.22.1.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:216f06bc9c27dccce79755382fdabccaa46d978f4d86ce616113d137e00339e4
-size 28683277

matrix-synapse-1.24.0.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:2b762205ddb67cb50a76f0579a7247b98682d2a81953979fb7b075e30167f93d
+size 28951565

matrix-synapse-test.spec

@@ -32,7 +32,7 @@
 
 %define         pkgname matrix-synapse
 Name:           %{pkgname}-test
-Version:        1.22.1
+Version:        1.24.0
 Release:        0
 Summary:        Test package for %{pkgname}
 License:        Apache-2.0

matrix-synapse.changes

@@ -1,3 +1,264 @@
+-------------------------------------------------------------------
+Wed Dec  9 11:34:37 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.24.0
+
+  Due to the two security issues highlighted below, server
+  administrators are encouraged to update Synapse. We are not aware
+  of these vulnerabilities being exploited in the wild.
+
+  - Security
+    - There is a denial of service attack (CVE-2020-26257) against
+      the federation APIs in which future events will not be
+      correctly sent to other servers over federation. This affects
+      all servers that participate in open federation. (Fixed in
+      #8776).
+    - Synapse may be affected by OpenSSL CVE-2020-1971.
+      Synapse administrators should ensure that they have the
+      latest versions of the cryptography Python package installed.
+  - Features
+    - Add admin API for logging in as a user. (#8617)
+    - Allow specification of the SAML IdP if the metadata returns
+      multiple IdPs. (#8630)
+    - Add support for re-trying generation of a localpart for
+      OpenID Connect mapping providers. (#8801, #8855)
+    - Allow the Date header through CORS. Contributed by Nicolas
+      Chamo. (#8804)
+    - Add a config option, push.group_by_unread_count, which
+      controls whether unread message counts in push notifications
+      are defined as "the number of rooms with unread messages" or
+      "total unread messages". (#8820)
+    - Add force_purge option to delete-room admin api. (#8843)
+  - Bugfixes
+    - Fix a regression in v1.24.0rc1 which failed to allow SAML
+      mapping providers which were unable to redirect users to an
+      additional page. (#8878)
+    - Fix a bug where appservices may be sent an excessive amount
+      of read receipts and presence. Broke in v1.22.0. (#8744)
+    - Fix a bug in some federation APIs which could lead to
+      unexpected behaviour if different parameters were set in the
+      URI and the request body. (#8776)
+    - Fix a bug where synctl could spawn duplicate copies of a
+      worker. Contributed by Waylon Cude. (#8798)
+    - Allow per-room profiles to be used for the server notice
+      user. (#8799)
+    - Fix a bug where logging could break after a call to SIGHUP.
+      (#8817)
+    - Fix register_new_matrix_user failing with "Bad Request" when
+      trailing slash is included in server URL. Contributed by
+      @angdraug. (#8823)
+    - Fix a minor long-standing bug in login, where we would offer
+      the password login type if a custom auth provider supported
+      it, even if password login was disabled. (#8835)
+    - Fix a long-standing bug which caused Synapse to require
+      unspecified parameters during user-interactive
+      authentication. (#8848)
+    - Fix a bug introduced in v1.20.0 where the user-agent and IP
+      address reported during user registration for CAS, OpenID
+      Connect, and SAML were of the wrong form. (#8784)
+  - Improved Documentation
+    - Clarify the usecase for a msisdn delegate. Contributed by
+      Adrian Wannenmacher. (#8734)
+    - Remove extraneous comma from JSON example in User Admin API
+      docs. (#8771)
+    - Update turn-howto.md with troubleshooting notes. (#8779)
+    - Fix the example on how to set the Content-Type header in
+      nginx for the Client Well-Known URI. (#8793)
+    - Improve the documentation for the admin API to list all media
+      in a room with respect to encrypted events. (#8795)
+    - Update the formatting of the push section of the homeserver
+      config file to better align with the code style guidelines.
+      (#8818)
+    - Improve documentation how to configure prometheus for
+      workers. (#8822)
+    - Update example prometheus console. (#8824)
+  - Deprecations and Removals
+    - Remove old /_matrix/client/*/admin endpoints which were
+      deprecated since Synapse 1.20.0. (#8785)
+    - Disable pretty printing JSON responses for curl. Users who
+      want pretty-printed output should use jq in combination with
+      curl. Contributed by @tulir. (#8833)
+  - Internal Changes
+    - Add a maximum version for pysaml2 on Python 3.5. (#8898)
+    - Add support for the prometheus_client newer than 0.9.0.
+      Contributed by Jordan Bancino. (#8875)
+    - Simplify the way the HomeServer object caches its internal
+      attributes. (#8565, #8851)
+    - Add an example and documentation for clock skew to the SAML2
+      sample configuration to allow for clock/time difference
+      between the homserver and IdP. Contributed by @localguru.
+      (#8731)
+    - Generalise RoomMemberHandler._locally_reject_invite to apply
+      to more flows than just invite. (#8751)
+    - Generalise RoomStore.maybe_store_room_on_invite to handle
+      other, non-invite membership events. (#8754)
+    - Refactor test utilities for injecting HTTP requests. (#8757,
+      #8758, #8759, #8760, #8761, #8777)
+    - Consolidate logic between the OpenID Connect and SAML code.
+      (#8765)
+    - Use TYPE_CHECKING instead of magic MYPY variable. (#8770)
+    - Add a commandline script to sign arbitrary json objects.
+      (#8772)
+    - Minor log line improvements for the SSO mapping code used to
+      generate Matrix IDs from SSO IDs. (#8773)
+    - Add additional error checking for OpenID Connect and SAML
+      mapping providers. (#8774, #8800)
+    - Add type hints to HTTP abstractions. (#8806, #8812)
+    - Remove unnecessary function arguments and add typing to
+      several membership replication classes. (#8809)
+    - Optimise the lookup for an invite from another homeserver
+      when trying to reject it. (#8815)
+    - Add tests for password_auth_providers. (#8819)
+    - Drop redundant database index on event_json. (#8845)
+    - Simplify uk.half-shot.msc2778.login.application_service login
+      handler. (#8847)
+    - Refactor password_auth_provider support code. (#8849)
+    - Add missing ordering to background database updates. (#8850)
+    - Allow for specifying a room version when creating a room in
+      unit tests via RestHelper.create_room_as. (#8854)
+
+-------------------------------------------------------------------
+Wed Nov 18 13:59:26 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.23.0
+  This release changes the way structured logging is configured.
+  See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.
+
+  Note: We are aware of a trivially exploitable denial of service
+  vulnerability in versions of Synapse prior to 1.20.0. Complete
+  details will be disclosed on Monday, November 23rd. If you have
+  not upgraded recently, please do so.
+
+  - Features
+    - Add a push rule that highlights when a jitsi conference is
+      created in a room. (#8286)
+    - Add an admin api to delete a single file or files that were
+      not used for a defined time from server. Contributed by
+      @dklimpel. (#8519)
+    - Split admin API for reported events (GET
+      /_synapse/admin/v1/event_reports) into detail and list
+      endpoints. This is a breaking change to #8217 which was
+      introduced in Synapse v1.21.0. Those who already use this API
+      should check their scripts. Contributed by @dklimpel. (#8539)
+    - Support generating structured logs via the standard logging
+      configuration. (#8607, #8685)
+    - Add an admin API to allow server admins to list users'
+      pushers. Contributed by @dklimpel. (#8610, #8689)
+    - Add an admin API GET /_synapse/admin/v1/users/<user_id>/media
+      to get information about uploaded media. Contributed by
+      @dklimpel. (#8647)
+    - Add an admin API for local user media statistics. Contributed
+      by @dklimpel. (#8700)
+    - Add displayname to Shared-Secret Registration for admins.
+      (#8722)
+  - Bugfixes
+    - Fix fetching of E2E cross signing keys over federation when
+      only one of the master key and device signing key is cached
+      already. (#8455)
+    - Fix a bug where Synapse would blindly forward bad responses
+      from federation to clients when retrieving profile
+      information. (#8580)
+    - Fix a bug where the account validity endpoint would silently
+      fail if the user ID did not have an expiration time. It now
+      returns a 400 error. (#8620)
+    - Fix email notifications for invites without local state.
+      (#8627)
+    - Fix handling of invalid group IDs to return a 400 rather than
+      log an exception and return a 500. (#8628)
+    - Fix handling of User-Agent headers that are invalid UTF-8,
+      which caused user agents of users to not get correctly
+      recorded. (#8632)
+    - Fix a bug in the joined_rooms admin API if the user has never
+      joined any rooms. The bug was introduced, along with the API,
+      in v1.21.0. (#8643)
+    - Fix exception during handling multiple concurrent requests
+      for remote media when using multiple media repositories.
+      (#8682)
+    - Fix bug that prevented Synapse from recovering after losing
+      connection to the database. (#8726)
+    - Fix bug where the /_synapse/admin/v1/send_server_notice API
+      could send notices to non-notice rooms. (#8728)
+    - Fix PostgreSQL port script fails when DB has no backfilled
+      events. Broke in v1.21.0. (#8729)
+    - Fix PostgreSQL port script to correctly handle foreign key
+      constraints. Broke in v1.21.0. (#8730)
+    - Fix PostgreSQL port script so that it can be run again after
+      a failure. Broke in v1.21.0. (#8755)
+  - Improved Documentation
+    - Instructions for Azure AD in the OpenID Connect
+      documentation. Contributed by peterk. (#8582)
+    - Improve the sample configuration for single sign-on
+      providers. (#8635)
+    - Fix the filepath of Dex's example config and the link to
+      Dex's Getting Started guide in the OpenID Connect docs.
+      (#8657)
+    - Note support for Python 3.9. (#8665)
+    - Minor updates to docs on running tests. (#8666)
+    - Interlink prometheus/grafana documentation. (#8667)
+    - Notes on SSO logins and media_repository worker. (#8701)
+    - Document experimental support for running multiple event
+      persisters. (#8706)
+    - Add information regarding the various sources of, and
+      expected contributions to, Synapse's documentation to
+      CONTRIBUTING.md. (#8714)
+    - Migrate documentation docs/admin_api/event_reports to
+      markdown. (#8742)
+    - Add some helpful hints to the README for new Synapse
+      developers. Contributed by @chagai95. (#8746)
+  - Internal Changes
+    - Optimise /createRoom with multiple invited users. (#8559)
+    - Implement and use an `@lru_cache` decorator. (#8595)
+    - Don't instansiate Requester directly. (#8614)
+    - Type hints for RegistrationStore. (#8615)
+    - Change schema to support access tokens belonging to one user
+      but granting access to another. (#8616)
+    - Remove unused OPTIONS handlers. (#8621)
+    - Run mypy as part of the lint.sh script. (#8633)
+    - Correct Synapse's PyPI package name in the OpenID Connect
+      installation instructions. (#8634)
+    - Catch exceptions during initialization of password_providers.
+      Contributed by Nicolai Søborg. (#8636)
+    - Fix typos and spelling errors in the code. (#8639)
+    - Reduce number of OpenTracing spans started. (#8640, #8668,
+      #8670)
+    - Add field total to device list in admin API. (#8644)
+    - Add more type hints to the application services code. (#8655,
+      #8693)
+    - Tell Black to format code for Python 3.5. (#8664)
+    - Don't pull event from DB when handling replication traffic.
+      (#8669)
+    - Abstract some invite-related code in preparation for landing
+      knocking. (#8671, #8688)
+    - Clarify representation of events in logfiles. (#8679)
+    - Don't require hiredis package to be installed to run unit
+      tests. (#8680)
+    - Fix typing info on cache call signature to accept
+      on_invalidate. (#8684)
+    - Fail tests if they do not await coroutines. (#8690)
+    - Improve start time by adding an index to
+      e2e_cross_signing_keys.stream_id. (#8694)
+    - Re-organize the structured logging code to separate the TCP
+      transport handling from the JSON formatting. (#8697)
+    - Use Python 3.8 in Docker images by default. (#8698)
+    - Remove the "draft" status of the Room Details Admin API.
+      (#8702)
+    - Improve the error returned when a non-string displayname or
+      avatar_url is used when updating a user's profile. (#8705)
+    - Block attempts by clients to send server ACLs, or redactions
+      of server ACLs, that would result in the local server being
+      blocked from the room. (#8708)
+    - Add metrics the allow the local sysadmin to track 3PID
+      /requestToken requests. (#8712)
+    - Consolidate duplicated lists of purged tables that are
+      checked in tests. (#8713)
+    - Add some mdui:UIInfo element examples for saml2_config in the
+      homeserver config. (#8718)
+    - Improve the error message returned when a remote server
+      incorrectly sets the Content-Type header in response to a
+      JSON request. (#8719)
+    - Speed up repeated state resolutions on the same room by
+      caching event ID to auth event ID lookups. (#8752)
+
 -------------------------------------------------------------------
 Fri Oct 30 16:04:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
 

matrix-synapse.obsinfo

@@ -1,5 +1,5 @@
 name: matrix-synapse
-version: 1.22.1
-mtime: 1604072013
-commit: b176f1036a247959f64378f3f3fa4b5175b3b5e9
+version: 1.24.0
+mtime: 1607512044
+commit: 9b26a4ac87cead4846c5bada73927cc2a6353a90
 

matrix-synapse.spec

@@ -48,7 +48,7 @@
 %define         modname synapse
 %define         pkgname matrix-synapse
 Name:           %{pkgname}
-Version:        1.22.1
+Version:        1.24.0
 Release:        0
 Summary:        Matrix protocol reference homeserver
 License:        Apache-2.0
@@ -106,7 +106,7 @@ BuildRequires:  python3-netaddr >= 0.7.18
 %requires_eq    python3-netaddr
 BuildRequires:  python3-phonenumbers >= 8.2.0
 %requires_eq    python3-phonenumbers
-BuildRequires:  (python3-prometheus_client >= 0.4.0 with python3-prometheus_client < 0.9.0)
+BuildRequires:  python3-prometheus_client >= 0.4.0
 %requires_eq    python3-prometheus_client
 BuildRequires:  python3-psutil >= 2.0.0
 %requires_eq    python3-psutil