From d8b3e4275b3e46b62642fc437ef09cc7f403941f5fa359626b4a45a2575437dd Mon Sep 17 00:00:00 2001 From: Aleksa Sarai Date: Tue, 29 Jun 2021 12:02:35 +0000 Subject: [PATCH] Accepting request 903055 from home:darix:apps - Update to 1.37.0 OBS-URL: https://build.opensuse.org/request/show/903055 OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=184 --- _service | 4 +- ...ump-cryptography-with-system-openssl.patch | 2 +- matrix-synapse-1.36.0.obscpio | 3 - matrix-synapse-1.37.0.obscpio | 3 + matrix-synapse-1.4.1-paths.patch | 15 +-- matrix-synapse-test.spec | 2 +- matrix-synapse.changes | 113 ++++++++++++++++++ matrix-synapse.obsinfo | 6 +- matrix-synapse.spec | 10 +- 9 files changed, 128 insertions(+), 30 deletions(-) delete mode 100644 matrix-synapse-1.36.0.obscpio create mode 100644 matrix-synapse-1.37.0.obscpio diff --git a/_service b/_service index 2a832e4..35b2ee3 100644 --- a/_service +++ b/_service @@ -4,11 +4,11 @@ @PARENT_TAG@ https://github.com/matrix-org/synapse.git git - v1.36.0 + v1.37.0 v(.*) \1 diff --git a/dont-bump-cryptography-with-system-openssl.patch b/dont-bump-cryptography-with-system-openssl.patch index 7745276..3e6e1c9 100644 --- a/dont-bump-cryptography-with-system-openssl.patch +++ b/dont-bump-cryptography-with-system-openssl.patch @@ -2,7 +2,7 @@ Index: synapse/synapse/python_dependencies.py =================================================================== --- synapse.orig/synapse/python_dependencies.py +++ synapse/synapse/python_dependencies.py -@@ -86,7 +86,8 @@ REQUIREMENTS = [ +@@ -84,7 +84,8 @@ REQUIREMENTS = [ "typing-extensions>=3.7.4", # We enforce that we have a `cryptography` version that bundles an `openssl` # with the latest security patches. diff --git a/matrix-synapse-1.36.0.obscpio b/matrix-synapse-1.36.0.obscpio deleted file mode 100644 index a069b5d..0000000 --- a/matrix-synapse-1.36.0.obscpio +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:0fdedb0b3f4441576d6ea64b67f7f9651352ec15daa4e42808de5642a9e45e67 -size 30339597 diff --git a/matrix-synapse-1.37.0.obscpio b/matrix-synapse-1.37.0.obscpio new file mode 100644 index 0000000..abcd251 --- /dev/null +++ b/matrix-synapse-1.37.0.obscpio @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:e6167fa2244e1349e7ee281413b6c7d03045ad647c6cb2ccdebef5ad7da32dea +size 30452749 diff --git a/matrix-synapse-1.4.1-paths.patch b/matrix-synapse-1.4.1-paths.patch index dca8408..0d9a0bd 100644 --- a/matrix-synapse-1.4.1-paths.patch +++ b/matrix-synapse-1.4.1-paths.patch @@ -50,7 +50,7 @@ Index: synapse/synapse/config/server.py =================================================================== --- synapse.orig/synapse/config/server.py +++ synapse/synapse/config/server.py -@@ -726,7 +726,7 @@ class ServerConfig(Config): +@@ -729,7 +729,7 @@ class ServerConfig(Config): bind_port = 8448 unsecure_port = 8008 @@ -63,8 +63,8 @@ Index: synapse/synapse/config/tls.py =================================================================== --- synapse.orig/synapse/config/tls.py +++ synapse/synapse/config/tls.py -@@ -236,7 +236,7 @@ class TlsConfig(Config): - If the TLS paths are not specified the default will be certs in the +@@ -200,7 +200,7 @@ class TlsConfig(Config): + """If the TLS paths are not specified the default will be certs in the config directory""" - base_key_name = os.path.join(config_dir_path, server_name) @@ -72,12 +72,3 @@ Index: synapse/synapse/config/tls.py if bool(tls_certificate_path) != bool(tls_private_key_path): raise ConfigError( -@@ -255,7 +255,7 @@ class TlsConfig(Config): - acme_enabled = bool(acme_domain) - acme_domain = "matrix.example.com" - -- default_acme_account_file = os.path.join(data_dir_path, "acme_account.key") -+ default_acme_account_file = os.path.join('/etc/matrix-synapse/keys.d', "acme_account.key") - - # this is to avoid the max line length. Sorrynotsorry - proxypassline = ( diff --git a/matrix-synapse-test.spec b/matrix-synapse-test.spec index ac01cae..b718b28 100644 --- a/matrix-synapse-test.spec +++ b/matrix-synapse-test.spec @@ -27,7 +27,7 @@ %define pkgname matrix-synapse Name: %{pkgname}-test -Version: 1.36.0 +Version: 1.37.0 Release: 0 Summary: Test package for %{pkgname} License: Apache-2.0 diff --git a/matrix-synapse.changes b/matrix-synapse.changes index bf297c5..a6c1d64 100644 --- a/matrix-synapse.changes +++ b/matrix-synapse.changes @@ -1,3 +1,116 @@ +------------------------------------------------------------------- +Tue Jun 29 10:44:06 UTC 2021 - Marcus Rueckert + +- Update to 1.37.0 + This release deprecates the current spam checker interface. See + the upgrade notes for more information on how to update to the + new generic module interface. + + This release also removes support for fetching and renewing TLS + certificates using the ACME v1 protocol, which has been fully + decommissioned by Let's Encrypt on June 1st 2021. Admins + previously using this feature should use a reverse proxy to + handle TLS termination, or use an external ACME client (such as + certbot) to retrieve a certificate and key and provide them to + Synapse using the tls_certificate_path and tls_private_key_path + configuration settings. + + - Features + - Implement "room knocking" as per MSC2403. Contributed by + @Sorunome and anoa. (#6739, #9359, #10167, #10212, #10227) + - Add experimental support for backfilling history into rooms + (MSC2716). (#9247) + - Implement a generic interface for third-party plugin modules. + (#10062, #10206) + - Implement config option sso.update_profile_information to + sync SSO users' profile information with the identity + provider each time they login. Currently only displayname is + supported. (#10108) + - Ensure that errors during startup are written to the logs and + the console. (#10191) + - Bugfixes + - Fix a bug introduced in Synapse v1.25.0 that prevented the + ip_range_whitelist configuration option from working for + federation and identity servers. Contributed by @mikure. + (#10115) + - Remove a broken import line in Synapse's admin_cmd worker. + Broke in Synapse v1.33.0. (#10154) + - Fix a bug introduced in Synapse v1.21.0 which could cause + /sync to return immediately with an empty response. (#10157, + #10158) + - Fix a minor bug in the response to + /_matrix/client/r0/user/{user}/openid/request_token causing + expires_in to be a float instead of an integer. Contributed + by @lukaslihotzki. (#10175) + - Always require users to re-authenticate for dangerous + operations: deactivating an account, modifying an account + password, and adding 3PIDs. (#10184) + - Fix a bug introduced in Synpase v1.7.2 where remote server + count metrics collection would be incorrectly delayed on + startup. Found by @heftig. (#10195) + - Fix a bug introduced in Synapse v1.35.1 where an allow key of + a m.room.join_rules event could be applied for incorrect room + versions and configurations. (#10208) + - Fix performance regression in responding to user key requests + over federation. Introduced in Synapse v1.34.0rc1. (#10221) + - Improved Documentation + - Add a new guide to decoding request logs. (#8436) + - Mention in the sample homeserver config that you may need to + configure max upload size in your reverse proxy. Contributed + by @aaronraimist. (#10122) + - Fix broken links in documentation. (#10180) + - Deploy a snapshot of the documentation website upon each new + Synapse release. (#10198) + - Deprecations and Removals + - The current spam checker interface is deprecated in favour of + a new generic modules system. See the upgrade notes for more + information on how to update to the new system. (#10062, + #10210, #10238) + - Stop supporting the unstable spaces prefixes from MSC1772. + (#10161) + - Remove Synapse's support for automatically fetching and + renewing certificates using the ACME v1 protocol. This + protocol has been fully turned off by Let's Encrypt for + existing installations on June 1st 2021. Admins previously + using this feature should use a reverse proxy to handle TLS + termination, or use an external ACME client (such as certbot) + to retrieve a certificate and key and provide them to Synapse + using the tls_certificate_path and tls_private_key_path + configuration settings. (#10194) + - Internal Changes + - Update the database schema versioning to support gradual + migration away from legacy tables. (#9933) + - Add type hints to the federation servlets. (#10080) + - Improve OpenTracing for event persistence. (#10134, #10193) + - Clean up the interface for injecting OpenTracing over HTTP. + (#10143) + - Limit the number of in-flight /keys/query requests from a + single device. (#10144) + - Refactor EventPersistenceQueue. (#10145) + - Document SYNAPSE_TEST_LOG_LEVEL to see the logger output when + running tests. (#10148) + - Update the Complement build tags in GitHub Actions to test + currently experimental features. (#10155) + - Add a synapse_federation_soft_failed_events_total metric to + track how often events are soft failed. (#10156) + - Fetch the corresponding complement branch when performing CI. + (#10160) + - Add some developer documentation about boolean columns in + database schemas. (#10164) + - Add extra logging fields to better debug where events are + being soft failed. (#10168) + - Add debug logging for when we enter and exit Measure blocks. + (#10183) + - Improve comments in structured logging code. (#10188) + - Update MSC3083 support with modifications from the MSC. + (#10189) + - Remove redundant DNS lookup limiter. (#10190) + - Upgrade black linting tool to 21.6b0. (#10197) + - Expose OpenTracing trace id in response headers. (#10199) +- refresh patches to apply cleanly again: + dont-bump-cryptography-with-system-openssl.patch + matrix-synapse-1.4.1-paths.patch + ------------------------------------------------------------------- Tue Jun 15 18:04:01 UTC 2021 - Marcus Rueckert diff --git a/matrix-synapse.obsinfo b/matrix-synapse.obsinfo index aaed0d2..1e20325 100644 --- a/matrix-synapse.obsinfo +++ b/matrix-synapse.obsinfo @@ -1,5 +1,5 @@ name: matrix-synapse -version: 1.36.0 -mtime: 1623768122 -commit: 1c8045f67477599fabc5759205c018e44d770078 +version: 1.37.0 +mtime: 1624958203 +commit: 88f9e8d62e0573b5b6f1c3a8bfe4d87f9aebde47 diff --git a/matrix-synapse.spec b/matrix-synapse.spec index b8ae522..0c28091 100644 --- a/matrix-synapse.spec +++ b/matrix-synapse.spec @@ -29,8 +29,6 @@ %bcond_with opentracing # matrix-synapse-ldap isn't packaged on openSUSE. %bcond_with ldap -# txacme is broken in openSUSE. -%bcond_with acme # sentry-sdk isn't packaged on openSUSE. %bcond_with sentry @@ -52,7 +50,7 @@ %define pkgname matrix-synapse %define eggname matrix_synapse Name: %{pkgname} -Version: 1.36.0 +Version: 1.37.0 Release: 0 Summary: Matrix protocol reference homeserver License: Apache-2.0 @@ -92,7 +90,7 @@ BuildRequires: %{use_python}-PyYAML >= 3.11 %requires_eq %{use_python}-PyYAML BuildRequires: %{use_python}-Twisted >= 20.3.0 %requires_eq %{use_python}-Twisted -BuildRequires: ((%{use_python}-attrs >= 19.1.0 with %{use_python}-attrs < 21.1.0) or %{use_python}-attrs > 21.1.0) +BuildRequires: ((%{use_python}-attrs >= 19.2.0 with %{use_python}-attrs < 21.1.0) or %{use_python}-attrs > 21.1.0) %requires_eq %{use_python}-attrs BuildRequires: %{use_python}-bcrypt >= 3.2.0 %requires_eq %{use_python}-bcrypt @@ -154,10 +152,6 @@ BuildRequires: %{use_python}-matrix-synapse-ldap3 >= 0.1 BuildRequires: %{use_python}-psycopg2 >= 2.8 %requires_eq %{use_python}-psycopg2 %endif -%if %{with acme} -BuildRequires: %{use_python}-txacme >= 0.9.2 -%requires_eq %{use_python}-txacme -%endif %if %{with saml} BuildRequires: %{use_python}-pysaml2 >= 4.5.0 %requires_eq %{use_python}-pysaml2