commit e764601768c899ac8e44b8667858bbe09ecc7b764e3cad77693cf709fe26b580
Author: Marcus Rueckert <mrueckert@suse.com>
Date: Tue Dec 3 17:32:45 2024 +0000
- Update to 1.120.2 (boo#1234110)
OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=353
diff --git a/.gitattributes b/.gitattributes
new file mode 100644
index 0000000..9b03811
--- /dev/null
+++ b/.gitattributes
@@ -0,0 +1,23 @@
+## Default LFS
+*.7z filter=lfs diff=lfs merge=lfs -text
+*.bsp filter=lfs diff=lfs merge=lfs -text
+*.bz2 filter=lfs diff=lfs merge=lfs -text
+*.gem filter=lfs diff=lfs merge=lfs -text
+*.gz filter=lfs diff=lfs merge=lfs -text
+*.jar filter=lfs diff=lfs merge=lfs -text
+*.lz filter=lfs diff=lfs merge=lfs -text
+*.lzma filter=lfs diff=lfs merge=lfs -text
+*.obscpio filter=lfs diff=lfs merge=lfs -text
+*.oxt filter=lfs diff=lfs merge=lfs -text
+*.pdf filter=lfs diff=lfs merge=lfs -text
+*.png filter=lfs diff=lfs merge=lfs -text
+*.rpm filter=lfs diff=lfs merge=lfs -text
+*.tbz filter=lfs diff=lfs merge=lfs -text
+*.tbz2 filter=lfs diff=lfs merge=lfs -text
+*.tgz filter=lfs diff=lfs merge=lfs -text
+*.ttf filter=lfs diff=lfs merge=lfs -text
+*.txz filter=lfs diff=lfs merge=lfs -text
+*.whl filter=lfs diff=lfs merge=lfs -text
+*.xz filter=lfs diff=lfs merge=lfs -text
+*.zip filter=lfs diff=lfs merge=lfs -text
+*.zst filter=lfs diff=lfs merge=lfs -text
diff --git a/.gitignore b/.gitignore
new file mode 100644
index 0000000..57affb6
--- /dev/null
+++ b/.gitignore
@@ -0,0 +1 @@
+.osc
diff --git a/10719-Fix-instert-of-duplicate-key-into-event_json.patch b/10719-Fix-instert-of-duplicate-key-into-event_json.patch
new file mode 100644
index 0000000..20670b7
--- /dev/null
+++ b/10719-Fix-instert-of-duplicate-key-into-event_json.patch
@@ -0,0 +1,71 @@
+From d8917666d6198873bca140c3c511ae230ee698ec Mon Sep 17 00:00:00 2001
+From: Jan Zerebecki <jan.suse@zerebecki.de>
+Date: Mon, 30 Aug 2021 17:31:31 +0200
+Subject: [PATCH] Fix instert of duplicate key into event_json
+
+When an incoming event id is present in event_json but not in events
+synapse fails trying to insert it with "psycopg2.errors.UniqueViolation:
+duplicate key value violates unique constraints", because it is only
+filtered based on those that are in events.
+
+I don't know why those become out of sync, but this happening was
+reported by others before.
+
+Fix this by using an upsert (which inserts or updates existing records)
+instead of a normal insert.
+
+Please verify that this is the safe and correct thing to do before
+merging this. Verify e.g. that it doesn't allow breaking history
+integrity or something like it. As I don't know enough to understand
+what this change entails.
+
+Fixes: https://github.com/matrix-org/synapse/issues/10718
+Signed-off-by: Jan Zerebecki <jan.suse@zerebecki.de>
+---
+ changelog.d/10719.bugfix | 1 +
+ synapse/storage/databases/main/events.py | 22 +++++++++++-----------
+ 2 files changed, 12 insertions(+), 11 deletions(-)
+ create mode 100644 changelog.d/10719.bugfix
+
+diff --git a/changelog.d/10719.bugfix b/changelog.d/10719.bugfix
+new file mode 100644
+index 00000000000..d928f74f6bf
+--- /dev/null
++++ b/changelog.d/10719.bugfix
+@@ -0,0 +1 @@
++Fix instert failure because of duplicate key when an incoming event id is present in the table event_json but not in events.
+diff --git a/synapse/storage/databases/main/events.py b/synapse/storage/databases/main/events.py
+index 40b53274fb3..830af72d5e6 100644
+--- a/synapse/storage/databases/main/events.py
++++ b/synapse/storage/databases/main/events.py
+@@ -1334,19 +1334,19 @@ def get_internal_metadata(event):
+
+ return im
+
+- self.db_pool.simple_insert_many_txn(
++ self.db_pool.simple_upsert_many_txn(
+ txn,
+ table="event_json",
+- values=[
+- {
+- "event_id": event.event_id,
+- "room_id": event.room_id,
+- "internal_metadata": json_encoder.encode(
+- get_internal_metadata(event)
+- ),
+- "json": json_encoder.encode(event_dict(event)),
+- "format_version": event.format_version,
+- }
++ key_names=["event_id"],
++ key_values=[[event.event_id] for event, _ in events_and_contexts],
++ value_names=["room_id", "internal_metadata", "json", "format_version"],
++ value_values=[
++ [
++ event.room_id,
++ json_encoder.encode(get_internal_metadata(event)),
++ json_encoder.encode(event_dict(event)),
++ event.format_version,
++ ]
+ for event, _ in events_and_contexts
+ ],
+ )
diff --git a/17886.patch b/17886.patch
new file mode 100644
index 0000000..5f5831d
--- /dev/null
+++ b/17886.patch
@@ -0,0 +1,161 @@
+From 0f73c759ea142adfe5e200fb19685e1ef4a2f9c4 Mon Sep 17 00:00:00 2001
+From: "dependabot[bot]" <49699333+dependabot[bot]@users.noreply.github.com>
+Date: Mon, 28 Oct 2024 10:26:52 +0000
+Subject: [PATCH 1/3] Bump twisted from 24.7.0 to 24.10.0
+
+Bumps [twisted](https://github.com/twisted/twisted) from 24.7.0 to 24.10.0.
+- [Release notes](https://github.com/twisted/twisted/releases)
+- [Changelog](https://github.com/twisted/twisted/blob/trunk/NEWS.rst)
+- [Commits](https://github.com/twisted/twisted/compare/twisted-24.7.0...twisted-24.10.0)
+
+---
+updated-dependencies:
+- dependency-name: twisted
+ dependency-type: direct:production
+ update-type: version-update:semver-minor
+...
+
+Signed-off-by: dependabot[bot] <support@github.com>
+---
+ poetry.lock | 39 +++++++++++++++++++--------------------
+ 1 file changed, 19 insertions(+), 20 deletions(-)
+
+diff --git a/poetry.lock b/poetry.lock
+index 9ca72814a4..60dcb97486 100644
+--- a/poetry.lock
++++ b/poetry.lock
+@@ -49,18 +49,17 @@ cryptography = "*"
+
+ [[package]]
+ name = "automat"
+-version = "22.10.0"
++version = "24.8.1"
+ description = "Self-service finite-state machines for the programmer on the go."
+ optional = false
+-python-versions = "*"
++python-versions = ">=3.8"
+ files = [
+- {file = "Automat-22.10.0-py2.py3-none-any.whl", hash = "sha256:c3164f8742b9dc440f3682482d32aaff7bb53f71740dd018533f9de286b64180"},
+- {file = "Automat-22.10.0.tar.gz", hash = "sha256:e56beb84edad19dcc11d30e8d9b895f75deeb5ef5e96b84a467066b3b84bb04e"},
++ {file = "Automat-24.8.1-py3-none-any.whl", hash = "sha256:bf029a7bc3da1e2c24da2343e7598affaa9f10bf0ab63ff808566ce90551e02a"},
++ {file = "automat-24.8.1.tar.gz", hash = "sha256:b34227cf63f6325b8ad2399ede780675083e439b20c323d376373d8ee6306d88"},
+ ]
+
+ [package.dependencies]
+-attrs = ">=19.2.0"
+-six = "*"
++typing-extensions = {version = "*", markers = "python_version < \"3.10\""}
+
+ [package.extras]
+ visualize = ["Twisted (>=16.1.1)", "graphviz (>0.5.1)"]
+@@ -2633,18 +2632,18 @@ urllib3 = ">=1.26.0"
+
+ [[package]]
+ name = "twisted"
+-version = "24.7.0"
++version = "24.10.0"
+ description = "An asynchronous networking framework written in Python"
+ optional = false
+ python-versions = ">=3.8.0"
+ files = [
+- {file = "twisted-24.7.0-py3-none-any.whl", hash = "sha256:734832ef98108136e222b5230075b1079dad8a3fc5637319615619a7725b0c81"},
+- {file = "twisted-24.7.0.tar.gz", hash = "sha256:5a60147f044187a127ec7da96d170d49bcce50c6fd36f594e60f4587eff4d394"},
++ {file = "twisted-24.10.0-py3-none-any.whl", hash = "sha256:67aa7c8aa94387385302acf44ade12967c747858c8bcce0f11d38077a11c5326"},
++ {file = "twisted-24.10.0.tar.gz", hash = "sha256:02951299672595fea0f70fa2d5f7b5e3d56836157eda68859a6ad6492d36756e"},
+ ]
+
+ [package.dependencies]
+-attrs = ">=21.3.0"
+-automat = ">=0.8.0"
++attrs = ">=22.2.0"
++automat = ">=24.8.0"
+ constantly = ">=15.1"
+ hyperlink = ">=17.1.1"
+ idna = {version = ">=2.4", optional = true, markers = "extra == \"tls\""}
+@@ -2655,19 +2654,19 @@ typing-extensions = ">=4.2.0"
+ zope-interface = ">=5"
+
+ [package.extras]
+-all-non-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
++all-non-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
+ conch = ["appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)"]
+-dev = ["coverage (>=7.5,<8.0)", "cython-test-exception-raiser (>=1.0.2,<2)", "hypothesis (>=6.56)", "pydoctor (>=23.9.0,<23.10.0)", "pyflakes (>=2.2,<3.0)", "pyhamcrest (>=2)", "python-subunit (>=1.4,<2.0)", "sphinx (>=6,<7)", "sphinx-rtd-theme (>=1.3,<2.0)", "towncrier (>=23.6,<24.0)", "twistedchecker (>=0.7,<1.0)"]
++dev = ["coverage (>=7.5,<8.0)", "cython-test-exception-raiser (>=1.0.2,<2)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "pydoctor (>=23.9.0,<23.10.0)", "pyflakes (>=2.2,<3.0)", "pyhamcrest (>=2)", "python-subunit (>=1.4,<2.0)", "sphinx (>=6,<7)", "sphinx-rtd-theme (>=1.3,<2.0)", "towncrier (>=23.6,<24.0)", "twistedchecker (>=0.7,<1.0)"]
+ dev-release = ["pydoctor (>=23.9.0,<23.10.0)", "pydoctor (>=23.9.0,<23.10.0)", "sphinx (>=6,<7)", "sphinx (>=6,<7)", "sphinx-rtd-theme (>=1.3,<2.0)", "sphinx-rtd-theme (>=1.3,<2.0)", "towncrier (>=23.6,<24.0)", "towncrier (>=23.6,<24.0)"]
+-gtk-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pygobject", "pygobject", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
+-http2 = ["h2 (>=3.0,<5.0)", "priority (>=1.1.0,<2.0)"]
+-macos-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyobjc-core", "pyobjc-core", "pyobjc-framework-cfnetwork", "pyobjc-framework-cfnetwork", "pyobjc-framework-cocoa", "pyobjc-framework-cocoa", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
+-mypy = ["appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "coverage (>=7.5,<8.0)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "idna (>=2.4)", "mypy (>=1.8,<2.0)", "mypy-zope (>=1.0.3,<1.1.0)", "priority (>=1.1.0,<2.0)", "pydoctor (>=23.9.0,<23.10.0)", "pyflakes (>=2.2,<3.0)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "python-subunit (>=1.4,<2.0)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "sphinx (>=6,<7)", "sphinx-rtd-theme (>=1.3,<2.0)", "towncrier (>=23.6,<24.0)", "twistedchecker (>=0.7,<1.0)", "types-pyopenssl", "types-setuptools"]
+-osx-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyobjc-core", "pyobjc-core", "pyobjc-framework-cfnetwork", "pyobjc-framework-cfnetwork", "pyobjc-framework-cocoa", "pyobjc-framework-cocoa", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
++gtk-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pygobject", "pygobject", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
++http2 = ["h2 (>=3.2,<5.0)", "priority (>=1.1.0,<2.0)"]
++macos-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyobjc-core", "pyobjc-core", "pyobjc-framework-cfnetwork", "pyobjc-framework-cfnetwork", "pyobjc-framework-cocoa", "pyobjc-framework-cocoa", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
++mypy = ["appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "coverage (>=7.5,<8.0)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "idna (>=2.4)", "mypy (==1.10.1)", "mypy-zope (==1.0.6)", "priority (>=1.1.0,<2.0)", "pydoctor (>=23.9.0,<23.10.0)", "pyflakes (>=2.2,<3.0)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "python-subunit (>=1.4,<2.0)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "sphinx (>=6,<7)", "sphinx-rtd-theme (>=1.3,<2.0)", "towncrier (>=23.6,<24.0)", "twistedchecker (>=0.7,<1.0)", "types-pyopenssl", "types-setuptools"]
++osx-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyobjc-core", "pyobjc-core", "pyobjc-framework-cfnetwork", "pyobjc-framework-cfnetwork", "pyobjc-framework-cocoa", "pyobjc-framework-cocoa", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)"]
+ serial = ["pyserial (>=3.0)", "pywin32 (!=226)"]
+-test = ["cython-test-exception-raiser (>=1.0.2,<2)", "hypothesis (>=6.56)", "pyhamcrest (>=2)"]
++test = ["cython-test-exception-raiser (>=1.0.2,<2)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "pyhamcrest (>=2)"]
+ tls = ["idna (>=2.4)", "pyopenssl (>=21.0.0)", "service-identity (>=18.1.0)"]
+-windows-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.0,<5.0)", "h2 (>=3.0,<5.0)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)", "twisted-iocpsupport (>=1.0.2)", "twisted-iocpsupport (>=1.0.2)"]
++windows-platform = ["appdirs (>=1.4.0)", "appdirs (>=1.4.0)", "bcrypt (>=3.1.3)", "bcrypt (>=3.1.3)", "cryptography (>=3.3)", "cryptography (>=3.3)", "cython-test-exception-raiser (>=1.0.2,<2)", "cython-test-exception-raiser (>=1.0.2,<2)", "h2 (>=3.2,<5.0)", "h2 (>=3.2,<5.0)", "httpx[http2] (>=0.27)", "httpx[http2] (>=0.27)", "hypothesis (>=6.56)", "hypothesis (>=6.56)", "idna (>=2.4)", "idna (>=2.4)", "priority (>=1.1.0,<2.0)", "priority (>=1.1.0,<2.0)", "pyhamcrest (>=2)", "pyhamcrest (>=2)", "pyopenssl (>=21.0.0)", "pyopenssl (>=21.0.0)", "pyserial (>=3.0)", "pyserial (>=3.0)", "pywin32 (!=226)", "pywin32 (!=226)", "pywin32 (!=226)", "pywin32 (!=226)", "service-identity (>=18.1.0)", "service-identity (>=18.1.0)", "twisted-iocpsupport (>=1.0.2)", "twisted-iocpsupport (>=1.0.2)"]
+
+ [[package]]
+ name = "txredisapi"
+
+From 4a9891444e4fe6e9f283e1942a818d21db3b85d2 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E4=BA=88=E7=BA=BE?= <yushu@srcz.one>
+Date: Wed, 30 Oct 2024 10:36:32 +0800
+Subject: [PATCH 2/3] feat: adapt to Twisted 24.10.0rc1
+
+---
+ synapse/http/proxy.py | 9 ++++++---
+ 1 file changed, 6 insertions(+), 3 deletions(-)
+
+diff --git a/synapse/http/proxy.py b/synapse/http/proxy.py
+index 97aa429e7d..5115ffd1a7 100644
+--- a/synapse/http/proxy.py
++++ b/synapse/http/proxy.py
+@@ -30,7 +30,7 @@
+ from twisted.python import failure
+ from twisted.python.failure import Failure
+ from twisted.web.client import ResponseDone
+-from twisted.web.http_headers import Headers
++from twisted.web.http_headers import Headers, _nameEncoder
+ from twisted.web.iweb import IResponse
+ from twisted.web.resource import IResource
+ from twisted.web.server import Request, Site
+@@ -65,11 +65,14 @@
+ if hasattr(Headers, "_canonicalNameCaps"):
+ # Twisted < 24.7.0rc1
+ _canonicalHeaderName = Headers()._canonicalNameCaps # type: ignore[attr-defined]
+-else:
+- # Twisted >= 24.7.0rc1
++elif hasattr(Headers, "_encodeName"):
++ # 24.7.0rc1 <= Twisted < 24.10.0rc1
+ # But note that `_encodeName` still exists on prior versions,
+ # it just encodes differently
+ _canonicalHeaderName = Headers()._encodeName
++else:
++ # Twisted >= 24.10.0rc1
++ _canonicalHeaderName = _nameEncoder.encode
+
+
+ def parse_connection_header_value(
+
+From 643e7908ad941fdc7aa942b644bf218024848a6a Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?=E4=BA=88=E7=BA=BE?= <yushu@srcz.one>
+Date: Wed, 30 Oct 2024 10:46:14 +0800
+Subject: [PATCH 3/3] chore: create 17886.misc
+
+---
+ changelog.d/17886.misc | 1 +
+ 1 file changed, 1 insertion(+)
+ create mode 100644 changelog.d/17886.misc
+
+diff --git a/changelog.d/17886.misc b/changelog.d/17886.misc
+new file mode 100644
+index 0000000000..d8c77e2f4e
+--- /dev/null
++++ b/changelog.d/17886.misc
+@@ -0,0 +1 @@
++Adapt to Twisted 24.10.0rc1.
diff --git a/README.SUSE b/README.SUSE
new file mode 100644
index 0000000..c9e2392
--- /dev/null
+++ b/README.SUSE
@@ -0,0 +1,8 @@
+ README.SUSE
+-------------
+
+ Bootstrapping a server
+========================
+
+/usr/sbin/matrix-synapse-generate-config servername
+
diff --git a/_multibuild b/_multibuild
new file mode 100644
index 0000000..86087bf
--- /dev/null
+++ b/_multibuild
@@ -0,0 +1,3 @@
+<multibuild>
+ <package>matrix-synapse-test</package>
+</multibuild>
diff --git a/_service b/_service
new file mode 100644
index 0000000..470b884
--- /dev/null
+++ b/_service
@@ -0,0 +1,31 @@
+<services>
+ <service name="obs_scm" mode="manual">
+ <param name="filename">matrix-synapse</param>
+ <param name="versionformat">@PARENT_TAG@</param>
+ <param name="url">https://github.com/element-hq/synapse.git</param>
+ <param name="scm">git</param>
+ <param name="revision">v1.120.2</param>
+ <param name="versionrewrite-pattern">v(.*)</param>
+ <param name="versionrewrite-replacement">\1</param>
+ <!--
+ <param name="revision">v1.121.0rc1</param>
+ <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
+ <param name="versionrewrite-replacement">\1~\2</param>
+ -->
+ </service>
+ <service name="cargo_vendor" mode="manual">
+ <param name="srcdir">synapse</param>
+ <!--
+ <param name="update">true</param>
+ -->
+ </service>
+ <service name="cargo_audit" mode="manual">
+ <param name="srcdir">synapse</param>
+ </service>
+ <service name="set_version" mode="manual"/>
+ <service name="tar" mode="buildtime"/>
+ <service name="recompress" mode="buildtime">
+ <param name="compression">xz</param>
+ <param name="file">*.tar</param>
+ </service>
+</services>
diff --git a/bump-dependencies.patch b/bump-dependencies.patch
new file mode 100644
index 0000000..25b81b3
--- /dev/null
+++ b/bump-dependencies.patch
@@ -0,0 +1,13 @@
+Index: synapse/pyproject.toml
+===================================================================
+--- synapse.orig/pyproject.toml
++++ synapse/pyproject.toml
+@@ -191,7 +191,7 @@ pymacaroons = ">=0.13.0"
+ msgpack = ">=0.5.2"
+ phonenumbers = ">=8.2.0"
+ # we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
+-prometheus-client = ">=0.4.0"
++prometheus-client = ">=0.13.1"
+ # we use `order`, which arrived in attrs 19.2.0.
+ # Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936
+ attrs = ">=19.2.0,!=21.1.0"
diff --git a/matrix-synapse-1.111.0.obscpio b/matrix-synapse-1.111.0.obscpio
new file mode 100644
index 0000000..6e92d64
--- /dev/null
+++ b/matrix-synapse-1.111.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:f9752a3658adfb2eeec225a3f5f4a61b055c345bc28416cb86a1299a461838fe
+size 37170701
diff --git a/matrix-synapse-1.112.0.obscpio b/matrix-synapse-1.112.0.obscpio
new file mode 100644
index 0000000..8a9182d
--- /dev/null
+++ b/matrix-synapse-1.112.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:1d0ac72c80abe374740683f0af068b45baa067a102ae9deaf0f324d20b375f31
+size 37371405
diff --git a/matrix-synapse-1.113.0.obscpio b/matrix-synapse-1.113.0.obscpio
new file mode 100644
index 0000000..29a8061
--- /dev/null
+++ b/matrix-synapse-1.113.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c52f61ef6801829cc218e83767bbc6586471bb7289fcb93d69bbf88a45226952
+size 37584397
diff --git a/matrix-synapse-1.114.0.obscpio b/matrix-synapse-1.114.0.obscpio
new file mode 100644
index 0000000..854d859
--- /dev/null
+++ b/matrix-synapse-1.114.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:8ca30e5576a8dfe93534758716ec01c3fd356a5a1a44f9365615f88728e52bb3
+size 37705229
diff --git a/matrix-synapse-1.115.0.obscpio b/matrix-synapse-1.115.0.obscpio
new file mode 100644
index 0000000..e0bdf71
--- /dev/null
+++ b/matrix-synapse-1.115.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c0317a22a7d06ed656e0a5f39bf252baae8cda33eb3fdb441318502ec8093254
+size 38100493
diff --git a/matrix-synapse-1.116.0.obscpio b/matrix-synapse-1.116.0.obscpio
new file mode 100644
index 0000000..8d581a7
--- /dev/null
+++ b/matrix-synapse-1.116.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:0b35d455d052ac6c51b1acffc979dfeeb9715a3a74392ad6a70fb1a6c8f5eaab
+size 38308365
diff --git a/matrix-synapse-1.117.0.obscpio b/matrix-synapse-1.117.0.obscpio
new file mode 100644
index 0000000..eeb297f
--- /dev/null
+++ b/matrix-synapse-1.117.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:b66127fcd8544971966bc4d3f2660f5f1676cea7438edca30e629a060a47b243
+size 38332941
diff --git a/matrix-synapse-1.118.0.obscpio b/matrix-synapse-1.118.0.obscpio
new file mode 100644
index 0000000..57d7e6f
--- /dev/null
+++ b/matrix-synapse-1.118.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:857e57f8690065299a925fe4c44d88542d3e3593682ef22e4e7d9f08f763acc9
+size 38415885
diff --git a/matrix-synapse-1.119.0.obscpio b/matrix-synapse-1.119.0.obscpio
new file mode 100644
index 0000000..4f104a4
--- /dev/null
+++ b/matrix-synapse-1.119.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:3adb47bf2a9816aea1b1f7318e7ab62af5bc719f4be40e5f3c7f410a6d008ca4
+size 38509581
diff --git a/matrix-synapse-1.120.0.obscpio b/matrix-synapse-1.120.0.obscpio
new file mode 100644
index 0000000..9d25570
--- /dev/null
+++ b/matrix-synapse-1.120.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:c74ce7fab82f4a3634b3bde389eb544db2cc387f5e51e005aa024d506a94a0b8
+size 38536717
diff --git a/matrix-synapse-1.120.2.obscpio b/matrix-synapse-1.120.2.obscpio
new file mode 100644
index 0000000..b76808d
--- /dev/null
+++ b/matrix-synapse-1.120.2.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9076a1d125283e1dea531ac2ad1a871858e39aebaad1c14adaec96576dc25e0c
+size 38553101
diff --git a/matrix-synapse-1.4.1-paths.patch b/matrix-synapse-1.4.1-paths.patch
new file mode 100644
index 0000000..58f932b
--- /dev/null
+++ b/matrix-synapse-1.4.1-paths.patch
@@ -0,0 +1,61 @@
+Index: synapse/contrib/example_log_config.yaml
+===================================================================
+--- synapse.orig/contrib/example_log_config.yaml
++++ synapse/contrib/example_log_config.yaml
+@@ -26,7 +26,7 @@ handlers:
+ file:
+ class: logging.handlers.RotatingFileHandler
+ formatter: fmt
+- filename: /var/log/synapse/homeserver.log
++ filename: /var/log/matrix-synapse/homeserver.log
+ maxBytes: 100000000
+ backupCount: 3
+ filters: [context]
+Index: synapse/synapse/config/key.py
+===================================================================
+--- synapse.orig/synapse/config/key.py
++++ synapse/synapse/config/key.py
+@@ -117,7 +117,7 @@ class KeyConfig(Config):
+ signing_key_path = config.get("signing_key_path")
+ if signing_key_path is None:
+ signing_key_path = os.path.join(
+- config_dir_path, config["server_name"] + ".signing.key"
++ '/etc/matrix-synapse/keys.d', config["server_name"] + ".signing.key"
+ )
+
+ self.signing_key = self.read_signing_keys(signing_key_path, "signing_key")
+@@ -190,7 +190,7 @@ class KeyConfig(Config):
+ generate_secrets: bool = False,
+ **kwargs: Any,
+ ) -> str:
+- base_key_name = os.path.join(config_dir_path, server_name)
++ base_key_name = os.path.join('/etc/matrix-synapse/keys.d', server_name)
+ macaroon_secret_key = ""
+ form_secret = ""
+
+Index: synapse/synapse/config/logger.py
+===================================================================
+--- synapse.orig/synapse/config/logger.py
++++ synapse/synapse/config/logger.py
+@@ -156,7 +156,7 @@ class LoggingConfig(Config):
+ def generate_config_section(
+ self, config_dir_path: str, server_name: str, **kwargs: Any
+ ) -> str:
+- log_config = os.path.join(config_dir_path, server_name + ".log.config")
++ log_config = os.path.join('/etc/matrix-synapse/', server_name + ".log.config")
+ return """\
+ log_config: "%(log_config)s"
+ """ % locals()
+Index: synapse/synapse/config/server.py
+===================================================================
+--- synapse.orig/synapse/config/server.py
++++ synapse/synapse/config/server.py
+@@ -810,7 +810,7 @@ class ServerConfig(Config):
+ bind_port = 8448
+ unsecure_port = 8008
+
+- pid_file = os.path.join(data_dir_path, "homeserver.pid")
++ pid_file = os.path.join("/run/matrix-synapse", "homeserver.pid")
+
+ secure_listeners = []
+ unsecure_listeners = []
diff --git a/matrix-synapse-generate-config.sh b/matrix-synapse-generate-config.sh
new file mode 100644
index 0000000..62d2b8f
--- /dev/null
+++ b/matrix-synapse-generate-config.sh
@@ -0,0 +1,14 @@
+#!/bin/bash
+CONFDIR="/etc/matrix-synapse"
+DATADIR="/var/lib/matrix-synapse"
+/usr/bin/python3 \
+ -m synapse.app.homeserver \
+ --config-path ${CONFDIR}/homeserver.yaml \
+ --config-directory="${CONFDIR}/conf.d/" \
+ --data-directory="${DATADIR}" \
+ --generate-config \
+ --generate-keys \
+ --report-stats=no \
+ --server-name $@
+chown -R root:synapse "${CONFDIR}"
+chmod -R u=rwX,g=rX,o= "${CONFDIR}"
diff --git a/matrix-synapse-test.spec b/matrix-synapse-test.spec
new file mode 100644
index 0000000..a5744a1
--- /dev/null
+++ b/matrix-synapse-test.spec
@@ -0,0 +1,68 @@
+#
+# spec file for package matrix-synapse-test
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+# synapse only supports python >= 3.5, which is not available on pre-15 Leap.
+# However, future versions of matrix-synapse will no longer support python2 and
+# continued use of python2 is not recommended, so we only use the primary
+# python3 flavor. As a result, at no point do we have two versions of the
+# matrix-synapse package.
+
+# Disable debug packages since we're not installing anything.
+%define debug_package %{nil}
+
+%define pkgname matrix-synapse
+Name: %{pkgname}-test
+Version: 1.120.2
+Release: 0
+Summary: Test package for %{pkgname}
+License: AGPL-3.0-or-later
+BuildRequires: %{pkgname} == %{version}
+
+%description
+.
+
+%prep
+touch %{_sourcedir}/%{pkgname}
+
+%build
+
+%install
+
+%check
+
+# Following tests disabled which would need to be run as 'synapse' user which
+# we can not do easily (or at all) within RPM
+# Generate a sample config.
+#python3 -m synapse.app.homeserver \
+# --generate-config \
+# --server localhost \
+# --config-path dummy-homeserver.yaml \
+# --report-stats no
+
+# Start synapse and try to register a user (basic smoke-test).
+# register_new_matrix_user doesn't seem to work inside check so we have to
+# manually run the module.
+#synctl start dummy-homeserver.yaml
+#sleep 2s
+#python3 -m synapse._scripts.register_new_matrix_user \
+# http://localhost:8008 \
+# --config dummy-homeserver.yaml \
+# --admin --user opensuse --password opensuse
+#synctl stop dummy-homeserver.yaml
+
+%changelog
diff --git a/matrix-synapse-user.conf b/matrix-synapse-user.conf
new file mode 100644
index 0000000..7f1dffb
--- /dev/null
+++ b/matrix-synapse-user.conf
@@ -0,0 +1,2 @@
+# Type Name ID GECOS [HOME]
+u synapse - "Matrix Synapse" /var/lib/matrix-synapse
diff --git a/matrix-synapse.changes b/matrix-synapse.changes
new file mode 100644
index 0000000..1b55195
--- /dev/null
+++ b/matrix-synapse.changes
@@ -0,0 +1,12900 @@
+-------------------------------------------------------------------
+Tue Dec 3 17:13:57 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.120.2 (boo#1234110)
+ This patch release fixes multiple security vulnerabilities, some
+ affecting all prior versions of Synapse. Server administrators
+ are encouraged to update Synapse as soon as possible. We are not
+ aware of these vulnerabilities being exploited in the wild.
+
+ Administrators who are unable to update Synapse may use the
+ workarounds described in the linked GitHub Security Advisory
+ below.
+
+ - Security advisory
+ The following issues are fixed in 1.120.1.
+ - GHSA-rfq8-j7rh-8hf2 / CVE-2024-52805 (high): Unsupported
+ content types can lead to memory exhaustion
+ Synapse instances which have a high max_upload_size and which
+ don't have a reverse proxy in front of them that would
+ otherwise limit upload size are affected.
+ Fixed by 4b7154c58501b4bf5e1c2d6c11ebef96529f2fdf.
+ - GHSA-f3r3-h2mq-hx2h / CVE-2024-52815 (high): Malicious
+ invites via federation can break a user's sync
+ Fixed by d82e1ed357b7ee21dff83d06cba7a67840cfd464.
+ - GHSA-vp6v-whfm-rv3g / CVE-2024-53863 (high): Synapse can be
+ forced to thumbnail unexpected file formats, invoking
+ potentially untrustworthy decoders
+ Synapse instances can disable dynamic thumbnailing by setting
+ dynamic_thumbnails to false in the configuration file.
+ Fixed by b64a4e5fbbbf119b6c65aedf0d999b4237d55503.
+ - GHSA-56w4-5538-8v8h / CVE-2024-53867 (moderate): The Sliding
+ Sync feature on Synapse versions between 1.113.0rc1 and
+ 1.120.0 can leak partial room state changes to users no
+ longer in a room
+ Non-state events, like messages, are unaffected.
+ Synapse instances can disable the Sliding Sync feature by
+ setting experimental_features.msc3575_enabled to false in the
+ configuration file.
+ Fixed by 4daa533e82f345ce87b9495d31781af570ba3ead.
+
+ Additionally, we disclose the following vulnerabilities, both
+ have been fixed in Synapse 1.106.0:
+
+ - GHSA-4mhg-xv73-xq2x / CVE-2024-37302 (high): Denial of service
+ through media disk space consumption
+ - GHSA-gjgr-7834-rhxr / CVE-2024-37303 (moderate):
+ Unauthenticated writes to the media repository allow planting
+ of problematic content
+
+ See the advisories for more details. If you have any questions,
+ email security at element.io.
+
+ - Bug fixes
+ - Fix release process to not create duplicate releases. (#17970)
+
+-------------------------------------------------------------------
+Tue Nov 26 14:22:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.120.0
+ This release enables the enforcement of authenticated media by
+ default, with exemptions for media that is already present in the
+ homeserver's media store.
+
+ Most homeservers operating in the public federation will not be
+ impacted by this change, given that the large homeserver
+ matrix.org enabled this in September 2024 and therefore most
+ clients and servers will already have updated as a result.
+
+ Some server administrators may still wish to disable this
+ enforcement for the time being, in the interest of compatibility
+ with older clients and older federated homeservers.
+
+ See the upgrade notes for more information.
+ https://element-hq.github.io/synapse/v1.120/upgrade.html#authenticated-media-is-now-enforced-by-default
+
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.120rc1 which would cause
+ the newly-introduced `delete_old_otks` job to fail in
+ worker-mode deployments. (#17960)
+ - Features
+ - Enforce authenticated media by default. Administrators can
+ revert this by configuring enable_authenticated_media to
+ false. In a future release of Synapse, this option will be
+ removed and become always-on. (#17889)
+ - Add a one-off task to delete old One-Time Keys, to guard
+ against us having old OTKs in the database that the client
+ has long forgotten about. (#17934)
+ - Improved Documentation
+ - Clarify the semantics of the enable_authenticated_media
+ configuration option. (#17913)
+ - Add documentation about backing up Synapse. (#17931)
+ - Deprecations and Removals
+ - Remove support for MSC3886: Simple client rendezvous
+ capability, which has been superseded by MSC4108 and
+ therefore closed. (#17638)
+ - Internal Changes
+ - Addressed some typos in docs and returned error message for
+ unknown MXC ID. (#17865)
+ - Unpin the upload release GHA action. (#17923)
+ - Bump macos version used to build wheels during release, as
+ current version used is end-of-life. (#17924)
+ - Move server event filtering logic to rust. (#17928)
+ - Support new package name of PyPI package python-multipart
+ 0.0.13 so that distro packagers do not need to work around
+ name conflict with PyPI package multipart. (#17932)
+ - Speed up slow initial sliding syncs on large servers.
+ (#17946)
+ - Updates to locked dependencies
+ - Bump anyhow from 1.0.92 to 1.0.93. (#17920)
+ - Bump bleach from 6.1.0 to 6.2.0. (#17918)
+ - Bump immutabledict from 4.2.0 to 4.2.1. (#17941)
+ - Bump packaging from 24.1 to 24.2. (#17940)
+ - Bump phonenumbers from 8.13.49 to 8.13.50. (#17942)
+ - Bump pygithub from 2.4.0 to 2.5.0. (#17917)
+ - Bump ruff from 0.7.2 to 0.7.3. (#17919)
+ - Bump serde from 1.0.214 to 1.0.215. (#17938)
+
+-------------------------------------------------------------------
+Fri Nov 22 02:44:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- allow newer setuptools-rust
+
+-------------------------------------------------------------------
+Wed Nov 13 15:53:23 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- drop 17886.patch
+- refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again
+- Update to 1.119.0
+ Python 3.8 is end-of-life and is no longer supported by Synapse.
+ The minimum supported Python version is now 3.9.
+
+ If you are running Synapse with Python 3.8, please upgrade to
+ Python 3.9 (or greater) before upgrading Synapse.
+
+ - Features
+ - Support MSC4151's stable report room API. (#17374)
+ - Add experimental support for MSC4222 (Adding state_after to
+ sync v2). (#17888)
+ - Bugfixes
+ - Fix bug with sliding sync where $LAZY-loading room members
+ would not return required_state membership in incremental
+ syncs. (#17809)
+ - Check if user has membership in a room before tagging it.
+ Contributed by Lama Alosaimi. (#17839)
+ - Fix a bug in the admin redact endpoint where the background
+ task would not run if a worker was specified in
+ - the config option run_background_tasks_on. (#17847)
+ - Fix bug where some presence and typing timeouts can expire
+ early. (#17850)
+ - Fix detection when the built Rust library was outdated when
+ using source installations. (#17861)
+ - Fix a long-standing bug in Synapse which could cause one-time
+ keys to be issued in the incorrect order, causing message
+ decryption failures. (#17903)
+ - Fix experimental support for MSC4222 (Adding state_after to
+ sync v2) where we would return the full state on incremental
+ syncs when using lazy loaded members and there were no new
+ events in the timeline. (#17915)
+ - Internal Changes
+ - Remove support for python 3.8. (#17908)
+ - Add a test for downloading and thumbnailing a CMYK JPEG.
+ (#17786)
+ - Refactor database calls to remove Generator usage. (#17813,
+ #17814, #17815, #17816, #17817, #17818, #17890)
+ - Include the destination in the error of 'Destination
+ mismatch' on federation requests. (#17830)
+ - The nix flake inside the repository no longer tracks
+ nixpkgs/master to not catch the latest bugs from a PR merged
+ 5 minutes ago. (#17852)
+ - Minor speed-up of sliding sync by computing extensions
+ results in parallel. (#17884)
+ - Bump the default Python version in the Synapse Dockerfile
+ from 3.11 -> 3.12. (#17887)
+ - Remove usage of internal header encoding API. (#17894)
+ - Use unique name for each os.arch variant when uploading Wheel
+ artifacts. (#17905)
+ - Fix tests to run with latest Twisted. (#17906, #17907,
+ #17911)
+ - Update version constraint to allow the latest poetry-core
+ 1.9.1. (#17902)
+ - Update the portdb CI to use Python 3.13 and Postgres 17 as
+ latest dependencies. (#17909)
+ - Add an index to current_state_delta_stream table. (#17912)
+ - Fix building and attaching release artifacts during the
+ release process. (#17921)
+ - Updates to locked dependencies
+ - Bump actions/download-artifact & actions/upload-artifact from
+ 3 to 4 in /.github/workflows. (#17657)
+ - Bump anyhow from 1.0.89 to 1.0.92. (#17858, #17876, #17901)
+ - Bump bytes from 1.7.2 to 1.8.0. (#17877)
+ - Bump cryptography from 43.0.1 to 43.0.3. (#17853)
+ - Bump mypy-zope from 1.0.7 to 1.0.8. (#17898)
+ - Bump phonenumbers from 8.13.47 to 8.13.49. (#17880, #17899)
+ - Bump python-multipart from 0.0.12 to 0.0.16. (#17879)
+ - Bump regex from 1.11.0 to 1.11.1. (#17874)
+ - Bump ruff from 0.6.9 to 0.7.2. (#17868, #17897)
+ - Bump serde from 1.0.210 to 1.0.214. (#17875, #17900)
+ - Bump serde_json from 1.0.128 to 1.0.132. (#17857)
+ - Bump types-psycopg2 from 2.9.21.20240819 to 2.9.21.20241019.
+ (#17855)
+ - Bump types-setuptools from 75.1.0.20241014 to
+ 75.2.0.20241019. (#17856)
+
+-------------------------------------------------------------------
+Wed Oct 30 19:12:19 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Allow Twisted 24.10.0 again with backport of proposed upstream
+ fix
+ https://patch-diff.githubusercontent.com/raw/element-hq/synapse/pull/17886.patch
+
+-------------------------------------------------------------------
+Wed Oct 30 18:19:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- downgrade Twisted to 24.7.0 until https://github.com/element-hq/synapse/pull/17886
+ is merged
+
+-------------------------------------------------------------------
+Tue Oct 29 19:07:58 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.118.0
+ Python 3.8 support will be dropped in the next release
+ Python 3.8 is now end-of-life. As per our Deprecation Policy for
+ Platform Dependencies, Synapse will be dropping support for
+ Python 3.8 in the next release; Synapse 1.119.0.
+
+ Synapse 1.118.x will be the final release to support Python 3.8.
+ If you are running Synapse with Python 3.8, please upgrade before
+ the 1.119.0 release, due in less than one month.
+
+ Python 3.13 and PostgreSQL 17 support
+ On the other end of the spectrum, Synapse 1.118.0 is the first
+ release to support Python 3.13! PostgreSQL 17 is also supported
+ as of this release.
+
+ - Features
+ - Added the display_name_claim option to the JWT configuration.
+ This option allows specifying the claim key that contains the
+ user's display name in the JWT payload. (#17708)
+ - Implement MSC4210: Remove legacy mentions. Contributed by
+ @tulir @ Beeper. (#17783)
+ - Bugfixes
+ - Fix saving of PNG thumbnails, when the original image is in
+ the CMYK color space. (#17736)
+ - Fix bug with sliding sync where the server would not return
+ state that was added to the required_state config. (#17785,
+ #17805)
+ - Fix a bug in MSC4186 Sliding Sync that would cause rooms to
+ stay forgotten and hidden even after rejoining. (#17835)
+ - Improved Documentation
+ - Clarify when the user_may_invite and
+ user_may_send_3pid_invite module callbacks are called.
+ (#17627)
+ - Correct documentation to refer to the --config-path argument
+ instead of --config-file. (#17802)
+ - Fix typo in target_cache_memory_usage docs. (#17825)
+ - Internal Changes
+ - Slight optimization when fetching state/events for Sliding
+ Sync. (#17718)
+ - Add Python 3.13 and Postgres 17 to the test matrix. (#17752)
+ - Test github token before running release script steps.
+ (#17803)
+ - Build debian packages for new Ubuntu versions, and stop
+ building for no longer supported versions. (#17824)
+ - Enable the .org.matrix.msc4028.encrypted_event push rule by
+ default in accordance with MSC4028. Note that the
+ corresponding experimental feature must still be switched on
+ for this push rule to have any effect. (#17826)
+ - Fix some typing issues uncovered by upgrading mypy to 1.11.x.
+ (#17842)
+ - Updates to locked dependencies
+ - Bump mypy from 1.10.1 to 1.11.2. (#17842)
+ - Bump mypy-zope from 1.0.5 to 1.0.7. (#17827)
+ - Bump phonenumbers from 8.13.46 to 8.13.47. (#17797)
+ - Bump psycopg2 from 2.9.9 to 2.9.10. (#17843)
+ - Bump ruff from 0.6.8 to 0.6.9. (#17794)
+ - Bump sentry-sdk from 2.14.0 to 2.15.0. (#17795)
+ - Bump sentry-sdk from 2.15.0 to 2.16.0. (#17829)
+ - Bump sentry-sdk from 2.16.0 to 2.17.0. (#17844)
+ - Bump sigstore/cosign-installer from 3.6.0 to 3.7.0. (#17798)
+ - Bump tomli from 2.0.1 to 2.0.2. (#17796)
+ - Bump types-requests from 2.32.0.20240914 to 2.32.0.20241016.
+ (#17841)
+ - Bump types-setuptools from 75.1.0.20240917 to
+ 75.1.0.20241014. (#17828)
+
+-------------------------------------------------------------------
+Tue Oct 15 13:54:06 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.117.0
+ - Features
+ - Add config option redis.password_path. (#17717)
+ - Bugfixes
+ - Fix a rare bug introduced in v1.29.0 where invalidating a
+ user's access token from a worker could raise an error.
+ (#17779)
+ - In the response to GET /_matrix/client/versions, set the
+ unstable_features flag for MSC4140 to false when server
+ configuration disables support for delayed events. (#17780)
+ - Improve input validation and room membership checks in admin
+ redaction API. (#17792)
+ - Improved Documentation
+ - Clarify the docstring of test_forget_when_not_left. (#17628)
+ - Add documentation note about PYTHONMALLOC for accurate
+ jemalloc memory tracking. Contributed by @hensg. (#17709)
+ - Remove spurious "TODO UPDATE ALL THIS" note in the Debian
+ installation docs. (#17749)
+ - Explain how load balancing works for
+ federation_sender_instances. (#17776)
+ - Internal Changes
+ - Minor performance increase for large accounts using sliding
+ sync. (#17751)
+ - Increase performance of the notifier when there are many
+ syncing users. (#17765, #17766)
+ - Fix performance of streams that don't change often. (#17767)
+ - Improve performance of sliding sync connections that do not
+ ask for any rooms. (#17768)
+ - Reduce overhead of sliding sync E2EE loops. (#17771)
+ - Sliding sync minor performance speed up using new table.
+ (#17787)
+ - Sliding sync minor performance improvement by omitting
+ unchanged data from incremental responses. (#17788)
+ - Speed up sliding sync when there are many active
+ subscriptions. (#17789)
+ - Add missing license headers on new source files. (#17799)
+ - Updates to locked dependencies
+ - Bump phonenumbers from 8.13.45 to 8.13.46. (#17773)
+ - Bump python-multipart from 0.0.10 to 0.0.12. (#17772)
+ - Bump regex from 1.10.6 to 1.11.0. (#17770)
+ - Bump ruff from 0.6.7 to 0.6.8. (#17774)
+
+-------------------------------------------------------------------
+Tue Oct 1 17:19:50 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.116.0
+ - Features
+ - Add implementation of restricting who can overwrite a state
+ event as proposed by MSC3757. (#17513)
+ - Add initial implementation of delayed events as proposed by
+ MSC4140. (#17326)
+ - Add an asynchronous Admin API endpoint to redact all a user's
+ events,
+ - and an endpoint to check on the status of that redaction
+ task. (#17506)
+ - Add support for the tags and not_tags filters for MSC4186
+ Sliding Sync. (#17662)
+ - Guests can use the new media endpoints to download media, as
+ described by MSC4189. (#17675)
+ - Add config option turn_shared_secret_path. (#17690)
+ - Return room tags in MSC4186 Sliding Sync account data
+ extension. (#17707)
+ - Bugfixes
+ - Make sure we get up-to-date state information when using the
+ new MSC4186 Sliding Sync tables to derive room membership.
+ (#17692)
+ - Fix bug where room account data would not correctly be sent
+ down MSC4186 Sliding Sync for old rooms. (#17695)
+ - Fix a bug in MSC4186 Sliding Sync which could prevent /sync
+ from working for certain user accounts. (#17727, #17733)
+ - Ignore invites from ignored users in Sliding Sync. (#17729)
+ - Fix bug in MSC4186 Sliding Sync where the server would
+ incorrectly return a negative bump stamp, which caused
+ Element X apps to stop syncing. (#17748)
+ - Internal Changes
+ - Import pydantic objects from the _pydantic_compat module.
+ This allows check_pydantic_models.py to mock those pydantic
+ objects only in the synapse module, and not interfere with
+ pydantic objects in external dependencies. (#17667)
+ - Use MSC4186 Sliding Sync tables as a bulk shortcut for
+ getting the max event_stream_ordering of rooms. (#17693)
+ - Speed up MSC4186 sliding sync requests a bit where there are
+ many room changes. (#17696)
+ - Refactor MSC4186 sliding sync filter unit tests so the
+ sliding sync API has better test coverage. (#17703)
+ - Fetch bump_stamps more efficiently in MSC4186 Sliding Sync.
+ (#17723)
+ - Shortcut for checking if certain background updates have
+ completed (utilized in MSC4186 Sliding Sync). (#17724)
+ - More efficiently fetch rooms for MSC4186 Sliding Sync.
+ (#17725)
+ - Fix _bulk_get_max_event_pos being inefficient. (#17728)
+ - Add cache to get_tags_for_room(...). (#17730)
+ - Small performance improvement in speeding up MSC4186 Sliding
+ Sync. (#17731)
+ - Minor speed up of initial MSC4186 sliding sync requests.
+ (#17734)
+ - Remove usage of the deprecated cgi module, deprecated in
+ Python 3.11 and removed in Python 3.13. (#17741)
+ - Fix typing of a variable that is not Unknown anymore after
+ updating treq. (#17744)
+ - Updates to locked dependencies
+ - Bump anyhow from 1.0.86 to 1.0.89. (#17685, #17716)
+ - Bump bytes from 1.7.1 to 1.7.2. (#17743)
+ - Bump cryptography from 43.0.0 to 43.0.1. (#17689)
+ - Bump idna from 3.8 to 3.10. (#17758)
+ - Bump msgpack from 1.0.8 to 1.1.0. (#17759)
+ - Bump phonenumbers from 8.13.44 to 8.13.45. (#17762)
+ - Bump prometheus-client from 0.20.0 to 0.21.0. (#17746)
+ - Bump pyasn1 from 0.6.0 to 0.6.1. (#17714)
+ - Bump pyasn1-modules from 0.4.0 to 0.4.1. (#17747)
+ - Bump pydantic from 2.8.2 to 2.9.2. (#17756)
+ - Bump python-multipart from 0.0.9 to 0.0.10. (#17745)
+ - Bump ruff from 0.6.4 to 0.6.7. (#17715, #17760)
+ - Bump sentry-sdk from 2.13.0 to 2.14.0. (#17712)
+ - Bump serde from 1.0.209 to 1.0.210. (#17686)
+ - Bump serde_json from 1.0.127 to 1.0.128. (#17687)
+ - Bump treq from 23.11.0 to 24.9.1. (#17744)
+ - Bump types-pyyaml from 6.0.12.20240808 to 6.0.12.20240917.
+ (#17755)
+ - Bump types-requests from 2.32.0.20240712 to 2.32.0.20240914.
+ (#17713)
+ - Bump types-setuptools from 74.1.0.20240907 to
+ 75.1.0.20240917. (#17757)
+
+-------------------------------------------------------------------
+Tue Sep 17 14:41:36 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.115.0
+ - Features
+ - Improve cross-signing upload when using MSC3861 to use a
+ custom UIA flow stage, with web fallback support. (#17509)
+ - Bugfixes
+ - Return 400 M_BAD_JSON upon attempting to complete various
+ room actions with a non-local user ID and unknown room ID,
+ rather than an internal server error. (#17607)
+ - Fix authenticated media responses using a wrong limit when
+ following redirects over federation. (#17626)
+ - Fix bug where we returned the wrong bump_stamp for invites in
+ sliding sync response, causing incorrect ordering of invites
+ in the room list. (#17674)
+ - Improved Documentation
+ - Clarify that the admin api resource is only loaded on the
+ main process and not workers. (#17590)
+ - Fixed typo in saml2_config config example. (#17594)
+ - Deprecations and Removals
+ - Stabilise MSC4156 by removing the msc4156_enabled config
+ setting and defaulting it to true. (#17650)
+ - Internal Changes
+ - Pre-populate room data used in experimental MSC3575 Sliding
+ Sync /sync endpoint for quick filtering/sorting. (#17652)
+ - Speed up sliding sync by reducing amount of data pulled out
+ of the database for large rooms. (#17683)
+ - Update MSC3861 implementation: load the issuer and account
+ management URLs from OIDC discovery. (#17407)
+ - Pre-populate room data used in experimental MSC3575 Sliding
+ Sync /sync endpoint for quick filtering/sorting. (#17512,
+ #17632, #17633, #17634, #17635, #17636, #17641, #17654,
+ #17673)
+ - Store sliding sync per-connection state in the database.
+ (#17599, #17631)
+ - Make the sliding sync PerConnectionState class immutable.
+ (#17600)
+ - Replace isort and black with ruff. (#17620, #17643)
+ - Sliding Sync: Split up
+ get_room_membership_for_user_at_to_token. (#17629)
+ - Use new database tables for sliding sync. (#17630, #17649)
+ - Prevent duplicate tags being added to Sliding Sync traces.
+ (#17655)
+ - Get bump_stamp from new sliding sync tables which should be
+ faster. (#17658)
+ - Speed up incremental Sliding Sync requests by avoiding extra
+ work. (#17665)
+ - Small performance improvement in speeding up sliding sync.
+ (#17666, #17670, #17672)
+ - Speed up sliding sync by reducing number of database calls.
+ (#17684)
+ - Speed up sync by pulling out fewer events from the database.
+ (#17688)
+ - Updates to locked dependencies
+ - Bump authlib from 1.3.1 to 1.3.2. (#17679)
+ - Bump idna from 3.7 to 3.8. (#17682)
+ - Bump ruff from 0.6.2 to 0.6.4. (#17680)
+ - Bump towncrier from 24.7.1 to 24.8.0. (#17645)
+ - Bump twisted from 24.7.0rc1 to 24.7.0. (#17647)
+ - Bump types-pillow from 10.2.0.20240520 to 10.2.0.20240822.
+ (#17644)
+ - Bump types-psycopg2 from 2.9.21.20240417 to 2.9.21.20240819.
+ (#17646)
+ - Bump types-setuptools from 71.1.0.20240818 to
+ 74.1.0.20240907. (#17681)
+- refresh patches:
+ bump-dependencies.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Mon Sep 2 19:24:17 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.114.0
+ This release enables support for MSC4186 — Simplified Sliding
+ Sync. This allows using the upcoming releases of the Element X
+ mobile apps without having to run a Sliding Sync P
+
+ - Features
+ - Enable native sliding sync support (MSC3575 and MSC4186) by
+ default. (#17648)
+ - Improve cross-signing upload when using MSC3861 to use a
+ custom UIA flow stage, with web fallback support. (#17509)
+ - Make hash_password accept password input from stdin. (#17608)
+ - Add a flag to /versions, org.matrix.simplified_msc3575, to
+ indicate whether experimental sliding sync support has been
+ enabled. (#17571)
+ - Handle changes in timeline_limit in experimental sliding
+ sync. (#17579)
+ - Correctly track read receipts that should be sent down in
+ experimental sliding sync. (#17575, #17589, #17592)
+ - Bugfixes
+ - Fix regression in v1.114.0rc2 that caused workers to fail to
+ start. (#17626)
+ - Fix hierarchy returning 403 when room is accessible through
+ federation. Contributed by Krishan (@kfiven). (#17194)
+ - Fix content-length on federation /thumbnail responses.
+ (#17532)
+ - Fix authenticated media responses using a wrong limit when
+ following redirects over federation. (#17543)
+ - Start handlers for new media endpoints when media resource
+ configured. (#17483)
+ - Fix timeline ordering (using stream_ordering instead of
+ topological ordering) in experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17510)
+ - Fix experimental sliding sync implementation to remember any
+ updates in rooms that were not sent down immediately.
+ (#17535)
+ - Better exclude partially stated rooms if we must await full
+ state in experimental MSC3575 Sliding Sync /sync endpoint.
+ (#17538)
+ - Handle lower-case http headers in _Mulitpart_Parser_Protocol.
+ (#17545)
+ - Fix fetching federation signing keys from servers that omit
+ old_verify_keys. Contributed by @tulir @ Beeper. (#17568)
+ - Fix bug where we would respond with an error when a remote
+ server asked for media that had a length of 0, using the new
+ multipart federation media endpoint. (#17570)
+ - Improved Documentation
+ - Clarify default behaviour of the
+ - auto_accept_invites.worker_to_run_on
+ - option. (#17515)
+ - Improve docstrings for profile methods. (#17559)
+ - Internal Changes
+ - MSC3861: load the issuer and account management URLs from
+ OIDC discovery. (#17407)
+ - Refactor sliding sync class into multiple files. (#17595)
+ - Store sliding sync per-connection state in the database.
+ (#17599)
+ - Make the sliding sync PerConnectionState class immutable.
+ (#17600)
+ - Add support to @tag_args for standalone functions. (#17604)
+ - Speed up incremental syncs in sliding sync by adding some
+ more caching. (#17606)
+ - Always return the user's own read receipts in sliding sync.
+ (#17617)
+ - Replace isort and black with ruff. (#17620)
+ - Refactor sliding sync code to move room list logic out into a
+ separate class. (#17622)
+ - Add more tracing to experimental MSC3575 Sliding Sync /sync
+ endpoint. (#17514)
+ - Fixup comment in sliding sync implementation. (#17531)
+ - Replace override of deprecated method
+ HTTPAdapter.get_connection with
+ get_connection_with_tls_context. (#17536)
+ - Fix performance of device lists in /key/changes and sliding
+ sync. (#17537, #17548)
+ - Bump setuptools from 67.6.0 to 72.1.0. (#17542)
+ - Add a utility function for generating random event IDs.
+ (#17557)
+ - Speed up responding to media requests. (#17558, #17561,
+ #17564, #17566, #17567, #17569)
+ - Test github token before running release script steps.
+ (#17562)
+ - Reduce log spam of multipart files. (#17563)
+ - Refactor per-connection state in experimental sliding sync
+ handler. (#17574)
+ - Add histogram metrics for sliding sync processing time.
+ (#17593)
+
+-------------------------------------------------------------------
+Wed Aug 21 09:48:38 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.113.0
+ - Features
+ - Track which rooms have been sent to clients in the
+ experimental MSC3575 Sliding Sync /sync endpoint. (#17447)
+ - Add Account Data extension support to experimental MSC3575
+ Sliding Sync /sync endpoint. (#17477)
+ - Add receipts extension support to experimental MSC3575
+ Sliding Sync /sync endpoint. (#17489)
+ - Add typing notification extension support to experimental
+ MSC3575 Sliding Sync /sync endpoint. (#17505)
+ - Bugfixes
+ - Update experimental MSC3575 Sliding Sync /sync endpoint to
+ handle invite/knock rooms when filtering. (#17450)
+ - Fix a bug introduced in v1.110.0 which caused /keys/query to
+ return incomplete results, leading to high network activity
+ and CPU usage on Matrix clients. (#17499)
+ - Improved Documentation
+ - Update the allowed_local_3pids config option's msisdn address
+ to a working example. (#17476)
+ - Internal Changes
+ - Change sliding sync to use their own token format in
+ preparation for storing per-connection state. (#17452)
+ - Ensure we don't send down negative bump_stamp in experimental
+ sliding sync endpoint. (#17478)
+ - Do not send down empty room entries down experimental sliding
+ sync endpoint. (#17479)
+ - Refactor Sliding Sync tests to better utilize the
+ SlidingSyncBase. (#17481, #17482)
+ - Add some opentracing tags and logging to the experimental
+ sliding sync implementation. (#17501)
+ - Split and move Sliding Sync tests so we have some more sane
+ test file sizes. (#17504)
+ - Update the limited field description in the Sliding Sync
+ response to accurately describe what it actually represents.
+ (#17507)
+ - Easier to understand timeline assertions in Sliding Sync
+ tests. (#17511)
+ - Reset the sliding sync connection if we don't recognize the
+ per-connection state position. (#17529)
+
+-------------------------------------------------------------------
+Tue Jul 30 17:07:03 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.112.0 (boo#1228596)
+
+ The actual security fix will be in the python3x-Twisted package:
+
+ This security release is to update our locked dependency on
+ Twisted to 24.7.0rc1, which includes a security fix for
+ CVE-2024-41671 / GHSA-c8m8-j448-xjx7: Disordered HTTP pipeline
+ response in twisted.web, again.
+
+ Note that this security fix is also available as Synapse 1.111.1,
+ which does not include the rest of the changes in Synapse
+ 1.112.0.
+
+ This issue means that, if multiple HTTP requests are pipelined in
+ the same TCP connection, Synapse can send responses to the wrong
+ HTTP request. If a reverse proxy was configured to use HTTP
+ pipelining, this could result in responses being sent to the
+ wrong user, severely harming confidentiality.
+
+ With that said, despite being a high severity issue, we consider
+ it unlikely that Synapse installations will be affected. The use
+ of HTTP pipelining in this fashion would cause worse performance
+ for clients (request-response latencies would be increased as
+ users' responses would be artificially blocked behind other
+ users' slow requests). Further, Nginx and Haproxy, two common
+ reverse proxies, do not appear to support configuring their
+ upstreams to use HTTP pipelining and thus would not be affected.
+ For both of these reasons, we consider it unlikely that a Synapse
+ deployment would be set up in such a configuration.
+
+ Despite that, we cannot rule out that some installations may
+ exist with this unusual setup and so we are releasing this
+ security update today.
+
+ pip users: Note that by default, upgrading Synapse using pip will
+ not automatically upgrade Twisted. Please manually install the
+ new version of Twisted using pip install Twisted==24.7.0rc1. Note
+ also that even the --upgrade-strategy=eager flag to pip install
+ -U matrix-synapse will not upgrade Twisted to a patched version
+ because it is only a release candidate at this time.
+
+ - Features
+ - Add to-device extension support to experimental MSC3575
+ Sliding Sync /sync endpoint. (#17416)
+ - Populate name/avatar fields in experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17418)
+ - Populate heroes and room summary fields (joined_count,
+ invited_count) in experimental MSC3575 Sliding Sync /sync
+ endpoint. (#17419)
+ - Populate is_dm room field in experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17429)
+ - Add room subscriptions to experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17432)
+ - Prepare for authenticated media freeze. (#17433)
+ - Add E2EE extension support to experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17454)
+ - Bugfixes
+ - Add configurable option to always include offline users in
+ presence sync results. Contributed by @Michael-Hollister.
+ (#17231)
+ - Fix bug in experimental MSC3575 Sliding Sync /sync endpoint
+ when using room type filters and the user has one or more
+ remote invites. (#17434)
+ - Order heroes by stream_ordering as the Matrix specification
+ states (applies to /sync). (#17435)
+ - Fix rare bug where /sync would break for a user when using
+ workers with multiple stream writers. (#17438)
+ - Improved Documentation
+ - Update the readme image to have a white background, so that
+ it is readable in dark mode. (#17387)
+ - Add Red Hat Enterprise Linux and Rocky Linux 8 and 9
+ installation instructions. (#17423)
+ - Improve documentation for the
+ default_power_level_content_override config option. (#17451)
+ - Internal Changes
+ - Make sure we always use the right logic for enabling the
+ media repo. (#17424)
+ - Fix argument documentation for method
+ RateLimiter.record_action. (#17426)
+ - Reduce volume of 'Waiting for current token' logs, which were
+ introduced in v1.109.0. (#17428)
+ - Limit concurrent remote downloads to 6 per IP address, and
+ decrement remote downloads without a content-length from the
+ ratelimiter after the download is complete. (#17439)
+ - Remove unnecessary call to resume producing in fake channel.
+ (#17449)
+ - Update experimental MSC3575 Sliding Sync /sync endpoint to
+ bump room when it is created. (#17453)
+ - Speed up generating sliding sync responses. (#17458)
+ - Add cache to get_rooms_for_local_user_where_membership_is to
+ speed up sliding sync. (#17460)
+ - Speed up fetching room keys from backup. (#17461)
+ - Speed up sorting of the room list in sliding sync. (#17468)
+ - Implement handling of $ME as a state key in sliding sync.
+ (#17469)
+ - Updates to locked dependencies
+ - Bump bytes from 1.6.0 to 1.6.1. (#17441)
+ - Bump hiredis from 2.3.2 to 3.0.0. (#17464)
+ - Bump jsonschema from 4.22.0 to 4.23.0. (#17444)
+ - Bump matrix-org/done-action from 2 to 3. (#17440)
+ - Bump mypy from 1.9.0 to 1.10.1. (#17445)
+ - Bump pyopenssl from 24.1.0 to 24.2.1. (#17465)
+ - Bump ruff from 0.5.0 to 0.5.4. (#17466)
+ - Bump sentry-sdk from 2.6.0 to 2.8.0. (#17456)
+ - Bump sentry-sdk from 2.8.0 to 2.10.0. (#17467)
+ - Bump setuptools from 67.6.0 to 70.0.0. (#17448)
+ - Bump twine from 5.1.0 to 5.1.1. (#17443)
+ - Bump types-jsonschema from 4.22.0.20240610 to
+ 4.23.0.20240712. (#17446)
+ - Bump ulid from 1.1.2 to 1.1.3. (#17442)
+ - Bump zipp from 3.15.0 to 3.19.1. (#17427)
+
+-------------------------------------------------------------------
+Tue Jul 16 12:42:41 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- new dependency on python-python-multipart
+- Update to 1.111.0
+ - Features
+ - Add rooms data to experimental MSC3575 Sliding Sync /sync
+ endpoint. (#17320)
+ - Add room_types/not_room_types filtering to experimental
+ MSC3575 Sliding Sync /sync endpoint. (#17337)
+ - Return "required state" in experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17342)
+ - Support MSC3916 by adding _matrix/client/v1/media/download
+ endpoint. (#17365)
+ - Support MSC3916
+ by adding _matrix/client/v1/media/thumbnail,
+ _matrix/federation/v1/media/thumbnail endpoints and
+ stabilizing the remaining _matrix/client/v1/media endpoints. (#17388)
+ - Add rooms.bump_stamp for easier client-side sorting in
+ experimental MSC3575 Sliding Sync /sync endpoint. (#17395)
+ - Forget all of a user's rooms upon deactivation, preventing
+ local room purges from being blocked on deactivated users.
+ (#17400)
+ - Declare support for Matrix 1.11. (#17403)
+ - MSC3861: allow overriding the introspection endpoint.
+ (#17406)
+ - Bugfixes
+ - Fix bug where using synapse.app.media_repository worker
+ configuration would break the new media endpoints. (#17420)
+ - Fix rare race which caused no new to-device messages to be
+ received from remote server. (#17362)
+ - Fix bug in experimental MSC3575 Sliding Sync /sync endpoint
+ when using an old database. (#17398)
+ - Improved Documentation
+ - Document the new federation media worker endpoints in the
+ upgrade notes and worker docs. (#17421)
+ - Clarify that url_preview_url_blacklist is a usability
+ feature. (#17356)
+ - Fix broken links in README. (#17379)
+ - Clarify that changelog content and file extension need to
+ match in order for entries to merge. (#17399)
+ - Internal Changes
+ - Route authenticated federation media requests to media
+ repository workers in Complement tests. (#17422)
+ - Make the release script create a release branch for
+ Complement as well. (#17318)
+ - Fix uploading packages to PyPi. (#17363)
+ - Add CI check for the README. (#17367)
+ - Fix linting errors from new ruff version. (#17381, #17411)
+ - Fix building debian packages on non-clean checkouts. (#17390)
+ - Finish up work to allow per-user feature flags. (#17392,
+ #17410)
+ - Allow enabling sliding sync per-user. (#17393)
+ - Updates to locked dependencies
+ - Bump certifi from 2023.7.22 to 2024.7.4. (#17404)
+ - Bump cryptography from 42.0.7 to 42.0.8. (#17382)
+ - Bump ijson from 3.2.3 to 3.3.0. (#17413)
+ - Bump log from 0.4.21 to 0.4.22. (#17384)
+ - Bump mypy-zope from 1.0.4 to 1.0.5. (#17414)
+ - Bump pillow from 10.3.0 to 10.4.0. (#17412)
+ - Bump pydantic from 2.7.1 to 2.8.2. (#17415)
+ - Bump ruff from 0.3.7 to 0.5.0. (#17381)
+ - Bump serde from 1.0.203 to 1.0.204. (#17409)
+ - Bump serde_json from 1.0.117 to 1.0.120. (#17385, #17408)
+ - Bump types-setuptools from 69.5.0.20240423 to
+ 70.1.0.20240627. (#17380)
+
+-------------------------------------------------------------------
+Wed Jul 3 18:33:06 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.110.0
+ - Features
+ - Add initial implementation of an experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17187)
+ - Add experimental support for MSC3823 - Account suspension.
+ (#17255)
+ - Improve ratelimiting in Synapse. (#17256)
+ - Add support for the unstable MSC4151 report room API.
+ (#17270, #17296)
+ - Filter for public and empty rooms added to Admin-API List
+ Room API. (#17276)
+ - Add is_dm filtering to experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17277)
+ - Add is_encrypted filtering to experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17281)
+ - Include user membership in events served to clients, per
+ MSC4115. (#17282)
+ - Do not require user-interactive authentication for uploading
+ cross-signing keys for the first time, per MSC3967. (#17284)
+ - Add stream_ordering sort to experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17293)
+ - register_new_matrix_user now supports a --password-file flag,
+ which
+ - is useful for scripting. (#17294)
+ - register_new_matrix_user now supports a --exists-ok flag to
+ allow registration of users that already exist in the
+ database.
+ - This is useful for scripts that bootstrap user accounts with
+ initial passwords. (#17304)
+ - Add support for via query parameter from MSC4156. (#17322)
+ - Add is_invite filtering to experimental MSC3575 Sliding Sync
+ /sync endpoint. (#17335)
+ - Support MSC3916 by adding a federation /download endpoint.
+ (#17350)
+ - Bugfixes
+ - Fix bug where /sync requests could get blocked indefinitely
+ after an upgrade from Synapse versions before v1.109.0.
+ (#17386, [#17391](https://github.com/ /issues/17391))
+ - Fix searching for users with their exact localpart whose ID
+ includes a hyphen. (#17254)
+ - Fix wrong retention policy being used when filtering events.
+ (#17272)
+ - Fix bug where OTKs were not always included in /sync response
+ when using workers. (#17275)
+ - Fix a long-standing bug where an invalid 'from' parameter to
+ /notifications would result in an Internal Server Error.
+ (#17283)
+ - Fix edge case in /sync returning the wrong the state when
+ using sharded event persisters. (#17295)
+ - Add initial implementation of an experimental MSC3575 Sliding
+ Sync /sync endpoint. (#17301)
+ - Fix email notification subject when invited to a space.
+ (#17336)
+ - Improved Documentation
+ - Add missing quotes for example for exclude_rooms_from_sync.
+ (#17308)
+ - Update header in the README to visually fix the the
+ auto-generated table of contents. (#17329)
+ - Fix stale references to the Foundation's Security Disclosure
+ Policy. (#17341)
+ - Add default values for rc_invites.per_issuer to docs.
+ (#17347)
+ - Fix an error in the docs for search_all_users parameter under
+ user_directory. (#17348)
+ - Internal Changes
+ - Limit size of presence EDUs to 50 entries. (#17371)
+ - Fix building debian package for debian sid. (#17389)
+ - Fix uploading packages to PyPi. (#17363)
+ - Remove unused expire_access_token option in the Synapse
+ Docker config file. Contributed by @AaronDewes. (#17198)
+ - Use fully-qualified PersistedEventPosition when returning
+ RoomsForUser to facilitate proper comparisons and
+ RoomStreamToken generation. (#17265)
+ - Add debug logging for when room keys are uploaded, including
+ whether they are replacing other room keys. (#17266)
+ - Handle OTK uploads off master. (#17271)
+ - Don't try and resync devices for remote users whose servers
+ are marked as down. (#17273)
+ - Re-organize Pydantic models and types used in handlers.
+ (#17279)
+ - Expose the worker instance that persisted the event on
+ event.internal_metadata.instance_name. (#17300)
+ - Update the README with Element branding, improve headers and
+ fix the #synapse:matrix.org support room link rendering.
+ (#17324)
+ - Change path of the experimental MSC3575 Sliding Sync
+ implementation to /org.matrix.simplified_msc3575/sync since
+ our simplified API is slightly incompatible with what's in
+ the current MSC. (#17331)
+ - Handle device lists notifications for large accounts more
+ efficiently in worker mode. (#17333, #17358)
+ - Do not block event sending/receiving while calculating large
+ event auth chains. (#17338)
+ - Tidy up parse_integer docs and call sites to reflect the fact
+ that they require non-negative integers by default, and bring
+ parse_integer_from_args default in alignment. Contributed by
+ Denis Kasak (@dkasak). (#17339)
+
+-------------------------------------------------------------------
+Tue Jun 18 11:01:41 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.109.0
+ - Features
+ - Add the ability to auto-accept invites on the behalf of
+ users. See the auto_accept_invites config option for details.
+ (#17147)
+ - Add experimental MSC3575 Sliding Sync /sync/e2ee endpoint for
+ to-device messages and device encryption info. (#17167)
+ - Support MSC3916 by adding unstable media endpoints to
+ /_matrix/client. (#17213)
+ - Add logging to tasks managed by the task scheduler, showing
+ CPU and database usage. (#17219)
+ - Bugfixes
+ - When rolling back to a previous Synapse version and then
+ forwards again to this release, don't require server
+ operators to manually run SQL. (#17305, #17309)
+ - Fix bug where one-time-keys were not always included in /sync
+ response when using workers. Introduced in v1.109.0rc1.
+ (#17275)
+ - Fix bug where /sync could get stuck due to edge case in
+ device lists handling. Introduced in v1.109.0rc1. (#17292)
+ - Fix deduplicating of membership events to not create unused
+ state groups. (#17164)
+ - Fix bug where duplicate events could be sent down sync when
+ using workers that are overloaded. (#17215)
+ - Ignore attempts to send to-device messages to bad users, to
+ avoid log spam when we try to connect to the bad server.
+ (#17240)
+ - Fix handling of duplicate concurrent uploading of device
+ one-time-keys. (#17241)
+ - Fix reporting of default tags to Sentry, such as worker name.
+ Broke in v1.108.0. (#17251)
+ - Fix bug where typing updates would not be sent when using
+ workers after a restart. (#17252)
+ - Improved Documentation
+ - Update the LemonLDAP documentation to say that claims should
+ be explicitly included in the returned id_token, as Synapse
+ won't request them. (#17204)
+ - Internal Changes
+ - Fix the building of binary wheels for macOS by switching to
+ macOS 12 CI runners. (#17319)
+ - Use the release branch for sytest in release-branch PRs.
+ (#17306)
+ - Improve DB usage when fetching related events. (#17083)
+ - Log exceptions when failing to auto-join new user according
+ to the auto_join_rooms option. (#17176)
+ - Reduce work of calculating outbound device lists updates.
+ (#17211)
+ - Improve performance of calculating device lists changes in
+ /sync. (#17216)
+ - Move towards using MultiWriterIdGenerator everywhere.
+ (#17226)
+ - Replaces all usages of StreamIdGenerator with
+ MultiWriterIdGenerator. (#17229)
+ - Change the allow_unsafe_locale config option to also apply
+ when setting up new databases. (#17238)
+ - Fix errors in logs about closing incorrect logging contexts
+ when media gets rejected by a module. (#17239, #17246)
+ - Clean out invalid destinations from device_federation_outbox
+ table. (#17242)
+ - Stop logging errors when receiving invalid User IDs in key
+ querys requests. (#17250)
+
+-------------------------------------------------------------------
+Tue May 28 12:37:01 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.108.0
+ - Features
+ - Add a feature that allows clients to query the configured
+ federation whitelist. Disabled by default. (#16848, #17199)
+ - Add the ability to allow numeric user IDs with a specific
+ prefix when in the CAS flow. Contributed by Aurélien
+ Grimpard. (#17098)
+ - Bugfixes
+ - Fix bug where push rules would be empty in /sync for some
+ accounts. Introduced in v1.93.0. (#17142)
+ - Add support for optional whitespace around the Federation
+ API's Authorization header's parameter commas. (#17145)
+ - Fix bug where disabling room publication prevented public
+ rooms being created on workers. (#17177, #17184)
+ - Improved Documentation
+ - Document /v1/make_knock and /v1/send_knock/ federation
+ endpoints as worker-compatible. (#17058)
+ - Update User Admin API with note about prefixing OIDC
+ external_id providers. (#17139)
+ - Clarify the state of the created room when using the
+ autocreate_auto_join_room_preset config option. (#17150)
+ - Update the Admin FAQ with the current libjemalloc version for
+ latest Debian stable. Additionally update the name of the
+ "push_rules" stream in the Workers documentation. (#17171)
+ - Internal Changes
+ - Add note to reflect that MSC3886 is closed but will remain
+ supported for some time. (#17151)
+ - Update dependency PyO3 to 0.21. (#17162)
+ - Fixes linter errors found in PR #17147. (#17166)
+ - Bump black from 24.2.0 to 24.4.2. (#17170)
+ - Cache literal sync filter validation for performance.
+ (#17186)
+ - Improve performance by fixing a reactor pause. (#17192)
+ - Route /make_knock and /send_knock federation APIs to the
+ federation reader worker in Complement test runs. (#17195)
+ - Prepare sync handler to be able to return different sync
+ responses (SyncVersion). (#17200)
+ - Organize the sync cache key parameter outside of the sync
+ config (separate concerns). (#17201)
+ - Refactor SyncResultBuilder assembly to its own function.
+ (#17202)
+ - Rename to be obvious: joined_rooms -> joined_room_ids.
+ (#17203, #17208)
+ - Add a short pause when rate-limiting a request. (#17210)
+
+-------------------------------------------------------------------
+Tue May 14 14:41:53 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.107.0
+ - Features
+ - Add preliminary support for MSC3823: Account Suspension.
+ (#17051)
+ - Declare support for Matrix v1.10. Contributed by @clokep.
+ (#17082)
+ - Add support for MSC4115: membership metadata on events.
+ (#17104, #17137)
+ - Bugfixes
+ - Fixed search feature of Element Android on homesevers using
+ SQLite by returning search terms as search highlights.
+ (#17000)
+ - Fixes a bug introduced in v1.52.0 where the destination query
+ parameter for the Destination Rooms Admin API failed to
+ actually filter returned rooms. (#17077)
+ - For MSC3266 room summaries, support queries at the
+ recommended endpoint of
+ /_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}.
+ The existing endpoint of
+ /_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summary
+ is deprecated. (#17078)
+ - Apply user email & picture during OIDC registration if
+ present & selected. (#17120)
+ - Improve error message for cross signing reset with MSC3861
+ enabled. (#17121)
+ - Fix a bug which meant that to-device messages received over
+ federation could be dropped when the server was under load or
+ networking problems caused problems between Synapse processes
+ or the database. (#17127)
+ - Fix bug where StreamChangeCache would not respect configured
+ cache factors. (#17152)
+ - Updates to the Docker image
+ - Correct licensing metadata on Docker image. (#17141)
+ - Improved Documentation
+ - Update the event_cache_size and global_factor configuration
+ options' documentation. (#17071)
+ - Remove broken sphinx docs. (#17073, #17148)
+ - Add RuntimeDirectory to example matrix-synapse.service
+ systemd unit. (#17084)
+ - Fix various small typos throughout the docs. (#17114)
+ - Update enable_notifs configuration documentation. (#17116)
+ - Update the Upgrade Notes with the latest minimum supported
+ Rust version of 1.66.0. Contributed by @jahway603. (#17140)
+ - Internal Changes
+ - Enable MSC3266 by default in the Synapse Complement image.
+ (#17105)
+ - Add optimisation to
+ StreamChangeCache.get_entities_changed(..). (#17130)
+
+-------------------------------------------------------------------
+Tue Apr 30 14:09:46 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.106.0
+ - Features
+ - Send an email if the address is already bound to an user
+ account. (#16819)
+ - Implement the rendezvous mechanism described by MSC4108.
+ (#17056)
+ - Support delegating the rendezvous mechanism described MSC4108
+ to an external implementation. (#17086)
+ - Bugfixes
+ - Add validation to ensure that the limit parameter on
+ /publicRooms is non-negative. (#16920)
+ - Return 400 M_NOT_JSON upon receiving invalid JSON in query
+ parameters across various client and admin endpoints, rather
+ than an internal server error. (#16923)
+ - Make the CSAPI endpoint /keys/device_signing/upload
+ idempotent. (#16943)
+ - Redact membership events if the user requested erasure upon
+ deactivating. (#17076)
+ - Improved Documentation
+ - Add a prompt in the contributing guide to manually configure
+ icu4c. (#17069)
+ - Clarify what part of message retention is still experimental.
+ (#17099)
+ - Internal Changes
+ - Use new receipts column to optimise receipt and push action
+ SQL queries. Contributed by Nick @ Beeper (@Fizzadar).
+ (#17032, #17096)
+ - Fix mypy with latest Twisted release. (#17036)
+ - Bump minimum supported Rust version to 1.66.0. (#17079)
+ - Add helpers to transform Twisted requests to Rust http
+ Requests/Responses. (#17081)
+ - Fix type annotation for visited_chains after mypy upgrade.
+ (#17125)
+
+-------------------------------------------------------------------
+Tue Apr 23 16:37:19 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.105.1 (boo#1223319)
+ - Security
+ - GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity
+ Weakness in auth chain indexing allows DoS from remote room
+ members through disk fill and high CPU usage.
+
+ See the advisories for more details. If you have any
+ questions, email security@element.io.
+
+-------------------------------------------------------------------
+Tue Apr 16 19:29:37 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.105.0
+ - Features
+ - Stabilize support for MSC4010 which clarifies the interaction
+ of push rules and account data. Contributed by @clokep.
+ (#17022)
+ - Stabilize support for MSC3981: /relations recursion.
+ Contributed by @clokep. (#17023)
+ - Add support for moving /pushrules off of main process.
+ (#17037, #17038)
+ - Bugfixes
+ - Fix various long-standing bugs which could cause incorrect
+ state to be returned from /sync in certain situations.
+ (#16930, #16932, #16942, #17064, #17065, #17066)
+ - Fix server notice rooms not always being created as
+ unencrypted rooms, even when
+ encryption_enabled_by_default_for_room_type is in use (server
+ notices are always unencrypted). (#17033)
+ - Fix the .m.rule.encrypted_room_one_to_one and
+ .m.rule.room_one_to_one default underride push rules being in
+ the wrong order. Contributed by @Sumpy1. (#17043)
+ - Internal Changes
+ - Refactor auth chain fetching to reduce duplication. (#17044)
+ - Improve database performance by adding a missing index to
+ access_tokens.refresh_token_id. (#17045, #17054)
+ - Improve database performance by reducing number of receipts
+ fetched when sending push notifications. (#17049)
+
+-------------------------------------------------------------------
+Tue Apr 2 21:08:17 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.104.0
+ - Features
+ - Add an OIDC config to specify extra parameters for the
+ authorization grant URL. IT can be useful to pass an ACR
+ value for example. (#16971)
+ - Add support for OIDC provider returning JWT. (#16972, #17031)
+ - Bugfixes
+ - Fix regression when using OIDC provider. Introduced in
+ v1.104.0rc1. (#17031)
+ - Fix a bug which meant that, under certain circumstances, we
+ might never retry sending events or to-device messages over
+ federation after a failure. (#16925)
+ - Fix various long-standing bugs which could cause incorrect
+ state to be returned from /sync in certain situations.
+ (#16949)
+ - Fix case in which m.fully_read marker would not get updated.
+ Contributed by @SpiritCroc. (#16990)
+ - Fix bug which did not retract a user's pending knocks at
+ rooms when their account was deactivated. Contributed by
+ @hanadi92. (#17010)
+ - Updates to the Docker image
+ - Updated start.py to generate config using the correct user ID
+ when running as root (fixes #16824, #15202). (#16978)
+ - Improved Documentation
+ - Add a query to force a refresh of a remote user's device list
+ to the "Useful SQL for Admins" documentation page. (#16892)
+ - Minor grammatical corrections to the upgrade documentation.
+ (#16965)
+ - Fix the sort order for the documentation version picker, so
+ that newer releases appear above older ones. (#16966)
+ - Remove recommendation for a specific poetry version from
+ contributing guide. (#17002)
+ - Internal Changes
+ - Improve lock performance when a lot of locks are all waiting
+ for a single lock to be released. (#16840)
+ - Update power level default for public rooms. (#16907)
+ - Improve event validation. (#16908)
+ - Multi-worker-docker-container: disable log buffering.
+ (#16919)
+ - Refactor state delta calculation in /sync handler. (#16929)
+ - Clarify docs for some room state functions. (#16950)
+ - Specify IP subnets in canonical form. (#16953)
+ - As done for SAML mapping provider, let's pass the module API
+ to the OIDC one so the mapper can do more logic in its code.
+ (#16974)
+ - Allow containers building on top of Synapse's Complement
+ container is use the included PostgreSQL cluster. (#16985)
+ - Raise poetry-core version cap to 1.9.0. (#16986)
+ - Patch the db conn pool sooner in tests. (#17017)
+- cleaned up TODOs in the poetry section and bumped the minimum
+ versions to what is available in TW
+
+-------------------------------------------------------------------
+Wed Mar 27 12:14:05 UTC 2024 - Adam Majer <adam.majer@suse.de>
+
+- Moved to Element maintained fork as matrix has archived their version
+- Update to 1.103.0
+ - Features
+ - Add a new List Accounts v3 Admin API with improved deactivated
+ user filtering capabilities. (#16874)
+ - Include Retry-After header by default per MSC4041. Contributed
+ by @clokep. (#16947)
+ - Bugfixes
+ - Fix joining remote rooms when a module uses the on_new_event
+ callback. This callback may now pass partial state events
+ instead of the full state for remote rooms. Introduced in
+ v1.76.0. (#16973)
+ - Fix performance issue when joining very large rooms that can
+ cause the server to lock up. Introduced in v1.100.0.
+ Contributed by @ggogel. (#16968)
+ - Improved Documentation
+ - Add HAProxy example for single port operation to reverse proxy
+ documentation. Contributed by Georg Pfuetzenreuter (@tacerus).
+ (#16768)
+ - Improve the documentation around running Complement tests with
+ new configuration parameters. (#16946)
+ - Add docs on upgrading from a very old version. (#16951)
+
+For changes in older version since 1.98.0, see
+https://github.com/element-hq/synapse/releases
+
+-------------------------------------------------------------------
+Fri Mar 22 00:28:47 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- allow newer poetry-core after bump in TW
+
+-------------------------------------------------------------------
+Fri Mar 1 23:54:12 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- bump setuptools-rust to 1.9.0
+
+-------------------------------------------------------------------
+Wed Dec 13 00:53:28 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.98.0
+ Synapse 1.98.0 will be the last Synapse release in 2023; the
+ regular release cadence will resume in January 2024.
+
+ Synapse will soon be forked by Element under an AGPLv3.0 licence
+ (with CLA, for proprietary dual licensing). You can read more
+ about this here:
+
+ https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
+ https://element.io/blog/element-to-adopt-agplv3/
+
+ The Matrix.org Foundation copy of the project will be archived.
+ Any changes needed by server administrators will be communicated
+ via our usual announcements channels, but we are striving to make
+ this as seamless as possible.
+
+ - Features
+ - Synapse now declares support for Matrix v1.7, v1.8, and v1.9.
+ (#16707)
+ - Add on_user_login module API callback allowing to execute
+ custom code after (on) Auth. (#15207)
+ - Support MSC4069: Inhibit profile propagation. (#16636)
+ - Restore tracking of requests and monthly active users when
+ delegating authentication via MSC3861 to an OIDC provider.
+ (#16672)
+ - Add an autojoin setting for server notices rooms, so users
+ may be joined directly instead of receiving an invite.
+ (#16699)
+ - Follow redirects when downloading media over federation (per
+ MSC3860). (#16701)
+ - Bugfixes
+ - Enable refreshable tokens on the admin registration endpoint.
+ (#16642)
+ - Consistently bypass rate limits when using the server notice
+ admin API. (#16670)
+ - Fix a bug introduced in Synapse 1.7.2 where rooms whose power
+ levels lacked an events field could not be upgraded. (#16725)
+ - Fix GET /_synapse/admin/v1/federation/destinations admin API
+ returning null (instead of 0) for retry_last_ts and
+ retry_interval. (#16729)
+ - Improved Documentation
+ - Add schema rollback information to documentation. (#16661)
+ - Fix poetry version typo in the contributors' guide. (#16695)
+ - Switch the example UNIX socket paths to /run. Add HAProxy
+ example configuration for UNIX sockets. (#16700)
+ - Add documentation for how to validate the configuration file
+ with synapse.config script. (#16714)
+ - Internal Changes
+ - Clean-up unused tables. (#16522)
+ - Reduce a little database load while processing state auth
+ chains. (#16552)
+ - Reduce database load of pruning old user_ips. (#16667)
+ - Reduce DB load when forget on leave setting is disabled.
+ (#16668)
+ - Ignore encryption_enabled_by_default_for_room_type setting
+ when creating server notices room, since the notices will be
+ send unencrypted anyway. (#16677)
+ - Correctly read the to-device stream ID on startup using
+ SQLite. (#16682)
+ - Reoranganise test files. (#16684)
+ - Remove old full schema dumps which are no longer used.
+ (#16697)
+ - Raise poetry-core upper bound to <=1.8.1. This allows
+ contributors to import Synapse after poetry installing with
+ Poetry 1.6 and above. Contributed by Mo Balaa. (#16702)
+ - Add a workflow to try and automatically fixup linting in a
+ PR. (#16704)
+
+-------------------------------------------------------------------
+Tue Nov 28 15:22:31 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.97.0
+ Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for
+ proprietary dual licensing). You can read more about this here:
+
+ https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
+ https://element.io/blog/element-to-adopt-agplv3/
+ The Matrix.org Foundation copy of the project will be archived. Any changes needed
+ by server administrators will be communicated via our usual announcements channels,
+ but we are striving to make this as seamless as possible.
+
+ - Features
+ - Add support for asynchronous uploads as defined by MSC2246.
+ Contributed by @sumnerevans at @beeper. (#15503)
+ - Improve the performance of some operations in multi-worker
+ deployments. (#16613, #16616)
+ - Bugfixes
+ - Fix a long-standing bug where some queries updated the same
+ row twice. Introduced in Synapse 1.57.0. (#16609)
+ - Fix a long-standing bug where Synapse would not unbind
+ third-party identifiers for Application Service users when
+ deactivated and would not emit a compliant response. (#16617)
+ - Fix sending out of order POSITION over replication, causing
+ additional database load. (#16639)
+ - Improved Documentation
+ - Note that the option outbound_federation_restricted_to was
+ added in Synapse 1.89.0, and fix a nearby formatting error.
+ (#16628)
+ - Update parameter information for the /timestamp_to_event
+ admin API. (#16631)
+ - Provide an example for a common encrypted media response from
+ the admin user media API and mention possible null values.
+ (#16654)
+ - Internal Changes
+ - Remove whole table locks on push rule modifications.
+ Contributed by Nick @ Beeper (@Fizzadar). (#16051)
+ - Support reactor tick timings on more types of event loops.
+ (#16532)
+ - Improve type hints. (#16564, #16611, #16612)
+ - Avoid executing no-op queries. (#16583)
+ - Simplify persistence code to be per-room. (#16584)
+ - Use standard SQL helpers in persistence code. (#16585)
+ - Avoid updating the stream cache unnecessarily. (#16586)
+ - Improve performance when using opentracing. (#16589)
+ - Run push rule evaluator setup in parallel. (#16590)
+ - Improve tests of the SQL generator. (#16596)
+ - Use more generic database methods. (#16615)
+ - Use dbname instead of the deprecated database connection
+ parameter for psycopg2. (#16618)
+ - Add an internal Admin API endpoint to temporarily grant the
+ ability to update an existing cross-signing key without UIA.
+ (#16634)
+ - Improve references to GitHub issues. (#16637, #16638)
+ - More efficiently handle no-op POSITION over replication.
+ (#16640, #16655)
+ - Speed up deleting of device messages when deleting a device.
+ (#16643)
+ - Speed up persisting large number of outliers. (#16649)
+ - Reduce max concurrency of background tasks, reducing
+ potential max DB load. (#16656, #16660)
+ - Speed up purge room by adding an index to event_push_summary.
+ (#16657)
+- refresh patches:
+ bump-dependencies.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Fri Nov 17 23:44:47 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.96.0
+ Synapse will soon be forked by Element under an AGPLv3.0 licence
+ (with CLA, for proprietary dual licensing). You can read more
+ about this here:
+
+ https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
+ https://element.io/blog/element-to-adopt-agplv3/
+
+ The Matrix.org Foundation copy of the project will be archived.
+ Any changes needed by server administrators will be communicated
+ via our usual announcements channels, but we are striving to make
+ this as seamless as possible.
+
+ - Features
+ - Add experimental support to allow multiple workers to write
+ to receipts stream. (#16432)
+ - Add a new module API for controller presence. (#16544)
+ - Add a new module API callback that allows adding extra fields
+ to events' unsigned section when sent down to clients.
+ (#16549)
+ - Improve the performance of claiming encryption keys. (#16565,
+ #16570)
+ - Bugfixes
+ - Fix "'int' object is not iterable" error in
+ set_device_id_for_pushers background update introduced in
+ Synapse 1.95.0. (#16594)
+ - Fixed a bug in the example Grafana dashboard that prevents it
+ from finding the correct datasource. Contributed by
+ @MichaelSasser. (#16471)
+ - Fix a long-standing, exceedingly rare edge case where the
+ first event persisted by a new event persister worker might
+ not be sent down /sync. (#16473, #16557, #16561, #16578,
+ #16580)
+ - Fix long-standing bug where /sync incorrectly did not mark a
+ room as limited in a sync requests when there were missing
+ remote events. (#16485)
+ - Fix a bug introduced in Synapse 1.41 where HTTP(S) forward
+ proxy authorization would fail when using basic HTTP
+ authentication with a long username:password string. (#16504)
+ - Force TLS certificate verification in user registration
+ script. (#16530)
+ - Fix long-standing bug where /sync could tightloop after
+ restart when using SQLite. (#16540)
+ - Fix ratelimiting of message sending when using workers, where
+ the ratelimit would only be applied after most of the work
+ has been done. (#16558)
+ - Fix a long-standing bug where invited/knocking users would
+ not leave during a room purge. (#16559)
+ - Improved Documentation
+ - Improve documentation of presence router. (#16529)
+ - Add a sentence to the opentracing docs on how you can have
+ jaeger in a different place than synapse. (#16531)
+ - Correctly describe the meaning of unspecified rule lists in
+ the alias_creation_rules and room_list_publication_rules
+ config options and improve their descriptions more generally.
+ (#16541)
+ - Pin the recommended poetry version in contributors' guide.
+ (#16550)
+ - Fix a broken link to the client breakdown in the README.
+ (#16569)
+ - Internal Changes
+ - Improve performance of delete device messages query, cf issue
+ 16479. (#16492)
+ - Reduce memory allocations. (#16505)
+ - Improve replication performance when purging rooms. (#16510)
+ - Run tests against Python 3.12. (#16511)
+ - Run trial & integration tests in continuous integration when
+ .ci directory is modified. (#16512)
+ - Remove duplicate call to mark remote server 'awake' when
+ using a federation sending worker. (#16515)
+ - Enable dirty runs on Complement CI, which is significantly
+ faster. (#16520)
+ - Stop deleting from an unused table. (#16521)
+ - Improve type hints. (#16526, #16551)
+ - Fix running unit tests on Twisted trunk. (#16528)
+ - Reduce some spurious logging in worker mode. (#16555)
+ - Stop porting a table in port db that we're going to nuke and
+ rebuild anyway. (#16563)
+ - Deal with warnings from running complement in CI. (#16567)
+ - Allow building with setuptools_rust 1.8.0. (#16574)
+
+-------------------------------------------------------------------
+Tue Nov 7 09:14:10 UTC 2023 - Dominique Leuenberger <dimstar@opensuse.org>
+
+- Fix build with RPM 4.19: unnumbered patches are no longer
+ supported.
+
+-------------------------------------------------------------------
+Tue Oct 31 20:03:55 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.95.1 (boo#1216770)
+ - Security:
+ - GHSA-mp92-3jfm-3575 / CVE-2023-43796 — Moderate Severity
+ Cached device information of remote users can be queried from
+ Synapse. This can be used to enumerate the remote users known
+ to a homeserver.
+
+-------------------------------------------------------------------
+Tue Oct 24 19:56:22 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.95.0
+ - Bugfixes
+ - Remove legacy unspecced knock_state_events field returned in
+ some responses. (#16403)
+ - Fix a bug introduced in Synapse 1.81.0 where an
+ AttributeError would be raised when
+ _matrix/client/v3/account/whoami is called over a unix
+ socket. Contributed by @Sir-Photch. (#16404)
+ - Properly return inline media when content types have
+ parameters. (#16440)
+ - Prevent the purging of large rooms from timing out when
+ Postgres is in use. The timeout which causes this issue was
+ introduced in Synapse 1.88.0. (#16455)
+ - Improve the performance of purging rooms, particularly
+ encrypted rooms. (#16457)
+ - Fix a bug introduced in Synapse 1.59.0 where servers could be
+ incorrectly marked as available after an error response was
+ received. (#16506)
+ - Improved Documentation
+ - Document internal background update mechanism. (#16420)
+ - Fix a typo in the sql for useful SQL for admins document.
+ (#16477)
+ - Internal Changes
+ - Bump pyo3 from 0.17.1 to 0.19.2. (#16162)
+ - Update registration of media repository URLs. (#16419)
+ - Improve type hints. (#16421, #16468, #16469, #16507)
+ - Refactor some code to simplify and better type receipts
+ stream adjacent code. (#16426)
+ - Factor out MultiWriter token from RoomStreamToken. (#16427)
+ - Improve code comments. (#16428)
+ - Reduce memory allocations. (#16429, #16431, #16433, #16434,
+ #16438, #16444)
+ - Remove unused method. (#16435)
+ - Improve rate limiting logic. (#16441)
+ - Do not block running of CI behind the check for sign-off on
+ PRs. (#16454)
+ - Update the release script to remind releaser to check for
+ special release notes. (#16461)
+ - Update complement.sh to match new public API shape. (#16466)
+ - Clean up logging on event persister endpoints. (#16488)
+ - Remove useless async job to delete device messages on sync,
+ since we only deliver (and hence delete) up to 100 device
+ messages at a time. (#16491)
+
+-------------------------------------------------------------------
+Tue Oct 10 13:20:04 UTC 2023 - Marcus 'darix' Rückert <mrueckert@suse.de>
+
+- Update to 1.94.0 (boo#1216126 CVE-2023-45129)
+ GHSA-5chr-wjw5-3gq4 / CVE-2023-45129 — Moderate Severity
+
+ A malicious server ACL event can impact performance temporarily
+ or permanently leading to a persistent denial of service.
+
+ Homeservers running on a closed federation (which presumably do
+ not need to use server ACLs) are not affected.
+
+ - Features
+ - Render plain, CSS, CSV, JSON and common image formats in the
+ browser (inline) when requested through the /download
+ endpoint. (#15988)
+ - Add experimental support for MSC4028 to push all encrypted
+ events to clients. (#16361)
+ - Minor performance improvement when sending presence to
+ federated servers. (#16385)
+ - Minor performance improvement by caching server ACL checking.
+ (#16360)
+ - Improved Documentation
+ - Add developer documentation concerning gradual schema
+ migrations with column alterations. (#15691)
+ - Improve documentation of the user directory search algorithm.
+ (#16320)
+ - Fix rendering of user admin API documentation around
+ deactivation. This was broken in Synapse 1.91.0. (#16355)
+ - Update documentation around message retention policies.
+ (#16382)
+ - Add note to federation_domain_whitelist config option to
+ clarify its usage. (#16416)
+ - Improve legacy release notes. (#16418)
+ - Deprecations and Removals
+ - Remove Python version from /_synapse/admin/v1/server_version.
+ (#16380)
+ - Internal Changes
+ - Avoid running CI steps when the files they check have not
+ been changed. (#14745, #16387)
+ - Improve type hints. (#14911, #16350, #16356, #16395)
+ - Added support for pydantic v2 in addition to pydantic v1.
+ Contributed by Maxwell G (@gotmax23). (#16332)
+ - Get CI to check PRs have been signed-off. (#16348)
+ - Add missing licence header. (#16359)
+ - Improve type hints, and bump types-psycopg2 from 2.9.21.11 to
+ 2.9.21.14. (#16381)
+ - Improve comments in StateGroupBackgroundUpdateStore. (#16383)
+ - Update maturin configuration. (#16394)
+ - Downgrade replication stream time out error log lines to
+ warning. (#16401)
+
+-------------------------------------------------------------------
+Tue Sep 26 17:35:26 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.93.0
+ The following issues are fixed in 1.93.0 (and RCs).
+
+ GHSA-4f74-84v3-j9q5 / CVE-2023-41335 — Low Severity
+ https://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5
+
+ Temporary storage of plaintext passwords during password changes.
+
+ GHSA-7565-cq32-vx2x / CVE-2023-42453 — Low Severity
+ https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x
+
+ Improper validation of receipts allows forged read receipts.
+
+ See the advisories for more details. If you have any questions, email security@matrix.org.
+
+
+ - Features
+ - Add automatic purge after all users have forgotten a room.
+ (#15488)
+ - Restore room purge/shutdown after a Synapse restart. (#15488)
+ - Support resolving homeservers using matrix-fed DNS SRV
+ records from MSC4040. (#16137)
+ - Add the ability to use G (GiB) and T (TiB) suffixes in
+ configuration options that refer to numbers of bytes.
+ (#16219)
+ - Add span information to requests sent to appservices.
+ Contributed by MTRNord. (#16227)
+ - Add the ability to enable/disable registrations when using
+ CAS. Contributed by Aurélien Grimpard. (#16262)
+ - Allow the /notifications endpoint to be routed to workers.
+ (#16265)
+ - Enable users to easily unsubscribe to notifications emails
+ via the List-Unsubscribe header. (#16274)
+ - Report whether a user is locked in the List Accounts admin
+ API, and exclude locked users by default. (#16328)
+ - Bugfixes
+ - Fix a long-standing bug where multi-device accounts could
+ cause high load due to presence. (#16066, #16170, #16171,
+ #16172, #16174)
+ - Fix a long-standing bug where appservices using MSC2409 to
+ receive to_device messages would only get messages for one
+ user. (#16251)
+ - Fix bug when using workers where Synapse could end up
+ re-requesting the same remote device repeatedly. (#16252)
+ - Fix long-standing bug where we kept re-requesting a remote
+ server's key repeatedly, potentially causing delays in
+ receiving events over federation. (#16257)
+ - Avoid temporary storage of sensitive information. (#16272)
+ - Fix bug introduced in Synapse 1.49.0 when using dehydrated
+ devices (MSC2697) and refresh tokens. Contributed by Hanadi.
+ (#16288)
+ - Fix a long-standing bug where invalid receipts would be
+ accepted. (#16327)
+ - Use standard name for UTF-8 charset in emails. (#16329)
+ - Don't try refetching device lists for users on remote hosts
+ that are marked as "down". (#16298)
+ - Improved Documentation
+ - Fix typos in the documentation. (#16282)
+ - Link to the Alpine Linux community package for Synapse.
+ (#16304)
+ - Use string for federation_client_minimum_tls_version
+ documentation examples. Contributed by @jcgruenhage. (#16353)
+ - Internal Changes
+ - Allow modules to delete rooms. (#15997)
+ - Add GCC and GNU Make to the Nix flake development environment
+ so that ruff can be compiled. (#16090, #16263)
+ - Fix type checking when using the new version of Twisted.
+ (#16235)
+ - Delete device messages asynchronously and in staged batches
+ using the task scheduler. (#16240, #16311, #16312, #16313)
+ - Bump minimum supported Rust version to 1.61.0. (#16248)
+ - Update rust to version 1.71.1 in the nix development
+ environment. (#16260)
+ - Simplify server key storage. (#16261)
+ - Reduce CPU overhead of change password endpoint. (#16264)
+ - Stop purging from tables slated for removal. (#16273)
+ - Improve type hints. (#16276, #16301, #16325, #16326)
+ - Raise setuptools_rust version cap to 1.7.0. (#16277)
+ - Fix using the new task scheduler causing lots of CPU to be
+ used. (#16278)
+ - Upgrade CI run of Python 3.12 from rc1 to rc2. (#16280)
+ - Include values in SQL debug when using execute_values with
+ Postgres. (#16281)
+ - Enable additional linting checks. (#16283)
+ - Refactor receipts_graph Postgres transactions to stop error
+ messages. (#16299)
+ - Small improvements to logging in replication code. (#16309)
+ - Remove a reference cycle in background processes. (#16314)
+ - Only use literal strings for background process names.
+ (#16315)
+ - Refactor get_user_by_id. (#16316)
+ - Speed up task to delete to-device messages. (#16318)
+ - Avoid patching code in tests. (#16349)
+ - Test against PostgreSQL 16. (#16351)
+
+-------------------------------------------------------------------
+Mon Sep 25 23:09:42 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.92.3
+ This release does not affect openSUSE as we do not use the intree
+ libwebp
+
+ Upstream changes:
+ This is again a security update targeted at mitigating
+ CVE-2023-4863. It turns out that libwebp is bundled statically in
+ Pillow wheels so we need to update this dependency instead of
+ libwebp package at the OS level.
+
+ Unlike what was advertised in 1.92.2 changelog this release also
+ impacts PyPI wheels and Debian packages from matrix.org.
+
+ We encourage admins to upgrade as soon as possible.
+
+ Internal Changes
+ - Pillow 10.0.1 is now mandatory because of libwebp
+ CVE-2023-4863, since Pillow provides libwebp in the wheels.
+ (#16347)
+- bump all the dependencies which are not available in tumbleweed.
+
+-------------------------------------------------------------------
+Fri Sep 15 13:57:20 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.92.2
+ Only fix in this is actually changing the upstream docker
+ configuration to mitigate the webp security bug. Does not affect
+ our package.
+
+-------------------------------------------------------------------
+Tue Sep 12 20:21:04 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.92.1
+ - Bugfixes
+ - Revert MSC3861 introspection cache, admin impersonation and
+ account lock. (#16258)
+ - Internal Changes
+ - Fix incorrect docstring for Ratelimiter. (#16255)
+ - Update the release script to work on macOS. (#16266)
+ - Stop building Ubuntu Kinetic since it is EOL and repos seem
+ to be dead.
+
+-------------------------------------------------------------------
+Wed Sep 6 20:43:15 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.91.2
+ - Bugfixes
+ - Revert MSC3861 introspection cache, admin impersonation and
+ account lock. (#16258)
+
+-------------------------------------------------------------------
+Mon Sep 4 14:06:47 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.91.1
+ - Bugfixes
+ - Fix a performance regression introduced in Synapse 1.91.0
+ where event persistence would cause an excessive linear
+ growth in CPU usage. (#16220)
+
+-------------------------------------------------------------------
+Mon Sep 4 01:12:17 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.91.0
+ - Features
+ - Implements an admin API to lock an user without deactivating
+ them. Based on MSC3939. (#15870)
+ - Allow specifying client_secret_path as alternative to
+ client_secret for OIDC providers. This avoids leaking the
+ client secret in the homeserver config. Contributed by @Ma27.
+ (#16030)
+ - Allow customising the IdP display name, icon, and brand for
+ SAML and CAS providers (in addition to OIDC provider).
+ (#16094)
+ - Add an admins query parameter to the List Accounts admin API,
+ to include only admins or to exclude admins in user queries.
+ (#16114)
+ - Bugfixes
+ - Fix long-standing bug where concurrent requests to change a
+ user's push rules could cause a deadlock. Contributed by Nick
+ @ Beeper (@Fizzadar). (#16052)
+ - Fix a long-standing bug in /sync where timeout=0 does not
+ skip caching, resulting in slow calls in cases where there
+ are no new changes. Contributed by @PlasmaIntec. (#16080)
+ - Fix performance of state resolutions for large, old rooms
+ that did not have the full auth chain persisted. (#16116)
+ - Filter out user agent references to the sliding sync proxy
+ and rust-sdk from the user_daily_visits table to ensure that
+ Element X can be represented fully. (#16124)
+ - User constent and third-party changes capability cannot be
+ enabled when using experimental MSC3861 support. (#16127,
+ #16134)
+ - Fix a rare race that could block new events from being sent
+ for up to two minutes. Introduced in v1.90.0. (#16133,
+ #16169)
+ - Fix performance degredation when there are a lot of in-flight
+ replication requests. (#16148)
+ - Fix a bug introduced in 1.87 where synapse would send an
+ excessive amount of federation requests to servers which have
+ been offline for a long time. Contributed by Nico. (#16156,
+ #16164)
+ - Improved Documentation
+ - Structured logging docs: add a link to explain the ELK stack
+ (#16091)
+ - Internal Changes
+ - Update dehydrated devices implementation. (#16010)
+ - Fix database performance of read/write worker locks. (#16061)
+ - Fix building the nix development environment on MacOS
+ systems. (#16063)
+ - Override global statement timeout when creating indexes in
+ Postgres. (#16085)
+ - Fix the type annotation on run_db_interaction in the Module
+ API. (#16089)
+ - Clean-up the presence code. (#16092)
+ - Run pyupgrade for Python 3.8+. (#16110)
+ - Rename pagination and purge locks and add comments to explain
+ why they exist and how they work. (#16112)
+ - Attempt to fix the twisted trunk job. (#16115)
+ - Cache token introspection response from OIDC provider.
+ (#16117)
+ - Add cache to get_server_keys_json_for_remote. (#16123)
+ - Add an admin endpoint to allow authorizing server to signal
+ token revocations. (#16125)
+ - Add response time metrics for introspection requests for
+ delegated auth. (#16131)
+ - MSC3861: allow impersonation by an admin user using
+ _oidc_admin_impersonate_user_id query parameter. (#16132)
+ - Increase performance of read/write locks. (#16149)
+ - Improve presence tests. (#16150, #16151, #16158)
+ - Raised the poetry-core version cap to 1.7.0. (#16152)
+ - Fix assertion in user directory unit tests. (#16157)
+ - Reduce scope of locks when paginating to alleviate DB
+ contention. (#16159)
+ - Reduce DB contention on worker locks. (#16160)
+ - Task scheduler: mark task as active if we are scheduling as
+ soon as possible. (#16165)
+ - Implements a task scheduler for resumable potentially long
+ running tasks. (#15891)
+
+-------------------------------------------------------------------
+Tue Aug 15 11:40:35 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.90.0
+ - Features
+ - Scope transaction IDs to devices (implement MSC3970).
+ (#15629)
+ - Remove old rows from the
+ cache_invalidation_stream_by_instance table automatically
+ (this table is unused in SQLite). (#15868)
+ - Bugfixes
+ - Fix a long-standing bug where purging history and paginating
+ simultaneously could lead to database corruption when using
+ workers. (#15791)
+ - Fix a long-standing bug where profile endpoint returned a 404
+ when the user's display name was empty. (#16012)
+ - Fix a long-standing bug where the synapse_port_db failed to
+ configure sequences for application services and partial
+ stated rooms. (#16043)
+ - Fix long-standing bug with deletion in dehydrated devices v2.
+ (#16046)
+ - Updates to the Docker image
+ - Add org.opencontainers.image.version labels to Docker
+ containers published by Matrix.org. Contributed by Mo Balaa.
+ (#15972, #16009)
+ - Improved Documentation
+ - Add a internal documentation page describing the "streams"
+ used within Synapse. (#16015)
+ - Clarify comment on the keys/upload over replication enpoint.
+ (#16016)
+ - Do not expose Admin API in caddy reverse proxy example.
+ Contributed by @NilsIrl. (#16027)
+ - Deprecations and Removals
+ - Remove support for legacy application service paths. (#15964)
+ - Move support for application service query parameter
+ authorization behind a configuration option. (#16017)
+ - Internal Changes
+ - Update SQL queries to inline boolean parameters as supported
+ in SQLite 3.27. (#15525)
+ - Allow for the configuration of the backoff algorithm for
+ federation destinations. (#15754)
+ - Allow modules to check whether the current worker is
+ configured to run background tasks. (#15991)
+ - Update support for MSC3958 to match the latest revision of
+ the MSC. (#15992)
+ - Allow modules to schedule delayed background calls. (#15993)
+ - Properly overwrite the redacts content-property for
+ forwards-compatibility with room versions 1 through 10.
+ (#16013)
+ - Fix building the nix development environment on MacOS
+ systems. (#16019)
+ - Remove leading and trailing spaces when setting a display
+ name. (#16031)
+ - Combine duplicated code. (#16023)
+ - Collect additional metrics from ResponseCache for eviction.
+ (#16028)
+ - Fix endpoint improperly declaring support for MSC3814.
+ (#16068)
+ - Drop backwards compat hack for event serialization. (#16069)
+ - Updates to locked dependencies
+ - Update PyYAML to 6.0.1. (#16011)
+ - Bump cryptography from 41.0.2 to 41.0.3. (#16048)
+ - Bump furo from 2023.5.20 to 2023.7.26. (#16077)
+ - Bump immutabledict from 2.2.4 to 3.0.0. (#16034)
+ - Update certifi to 2023.7.22 and pygments to 2.15.1. (#16044)
+ - Bump jsonschema from 4.18.3 to 4.19.0. (#16081)
+ - Bump phonenumbers from 8.13.14 to 8.13.18. (#16076)
+ - Bump regex from 1.9.1 to 1.9.3. (#16073)
+ - Bump serde from 1.0.171 to 1.0.175. (#15982)
+ - Bump serde from 1.0.175 to 1.0.179. (#16033)
+ - Bump serde from 1.0.179 to 1.0.183. (#16074)
+ - Bump serde_json from 1.0.103 to 1.0.104. (#16032)
+ - Bump service-identity from 21.1.0 to 23.1.0. (#16038)
+ - Bump types-commonmark from 0.9.2.3 to 0.9.2.4. (#16037)
+ - Bump types-jsonschema from 4.17.0.8 to 4.17.0.10. (#16036)
+ - Bump types-netaddr from 0.8.0.8 to 0.8.0.9. (#16035)
+ - Bump types-opentracing from 2.4.10.5 to 2.4.10.6. (#16078)
+ - Bump types-setuptools from 68.0.0.0 to 68.0.0.3. (#16079)
+
+-------------------------------------------------------------------
+Tue Aug 1 12:10:11 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.89.0
+ - Features
+ - Add Unix Socket support for HTTP Replication Listeners.
+ Document and provide usage instructions for utilizing Unix
+ sockets in Synapse. Contributed by Jason Little. (#15708,
+ #15924)
+ - Allow + in Matrix IDs, per MSC4009. (#15911)
+ - Support room version 11 from MSC3820. (#15912)
+ - Allow configuring the set of workers to proxy outbound
+ federation traffic through via
+ outbound_federation_restricted_to. (#15913, #15969)
+ - Implement MSC3814, dehydrated devices v2/shrivelled sessions
+ and move MSC2697 behind a config flag. Contributed by Nico
+ from Famedly, H-Shay and poljar. (#15929)
+ - Bugfixes
+ - Fix a long-standing bug where remote invites weren't
+ correctly pushed. (#15820)
+ - Fix background schema updates failing over a large upgrade
+ gap. (#15887)
+ - Fix a bug introduced in 1.86.0 where Synapse starting with an
+ empty experimental_features configuration setting. (#15925)
+ - Fixed deploy annotations in the provided Grafana dashboard
+ config, so that it shows for any homeserver and not just
+ matrix.org. Contributed by @wrjlewis. (#15957)
+ - Ensure a long state res does not starve CPU by occasionally
+ yielding to the reactor. (#15960)
+ - Properly handle redactions of creation events. (#15973)
+ - Fix a bug where resyncing stale device lists could block
+ responding to federation transactions, and thus delay
+ receiving new data from the remote server. (#15975)
+ - Improved Documentation
+ - Better clarify how to run a worker instance (pass both
+ configs). (#15921)
+ - Improve the documentation for the login as a user admin API.
+ (#15938)
+ - Fix broken Arch Linux package link. Contributed by
+ @SnipeXandrej. (#15981)
+ - Deprecations and Removals
+ - Remove support for calling the /register endpoint with an
+ unspecced user property for application services. (#15928)
+ - Internal Changes
+ - Mark get_user_in_directory private since it is only used in
+ tests. Also remove the cache from it. (#15884)
+ - Document which Python version runs on a given Linux
+ distribution so we can more easily clean up later. (#15909)
+ - Add details to warning in log when we fail to fetch an alias.
+ (#15922)
+ - Remove unneeded __init__. (#15926)
+ - Fix bug with read/write lock implementation. This is
+ currently unused so has no observable effects. (#15933,
+ #15958)
+ - Unbreak the nix development environment by pinning the Rust
+ version to 1.70.0. (#15940)
+ - Update presence metrics to differentiate remote vs local
+ users. (#15952)
+ - Stop reading from column user_id of table profiles. (#15955)
+ - Build packages for Debian Trixie. (#15961)
+ - Reduce the amount of state we pull out. (#15968)
+ - Speed up updating state in large rooms. (#15971)
+
+-------------------------------------------------------------------
+Wed Jul 26 12:32:53 UTC 2023 - Dirk Müller <dmueller@suse.com>
+
+- switch to _multibuild
+
+-------------------------------------------------------------------
+Tue Jul 18 14:17:11 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.88.0
+ This release
+
+ - raises the minimum supported version of Python to 3.8, as
+ Python 3.7 is now end-of-life, and
+ - removes deprecated config options related to worker deployment.
+
+ See the upgrade notes for more information.
+ https://github.com/matrix-org/synapse/blob/release-v1.88/docs/upgrade.md#upgrading-to-v1880
+
+ - Features
+ - Add not_user_type param to the list accounts admin API.
+ (#15844)
+ - Bugfixes
+ - Revert "Stop writing to column user_id of tables profiles and
+ user_filters", which was introduced in Synapse 1.88.0rc1.
+ (#15953)
+ - Pin pydantic to ^=1.7.4 to avoid backwards-incompatible API
+ changes from the 2.0.0 release. Contributed by @PaarthShah.
+ (#15862)
+ - Correctly resize thumbnails with pillow version >=10.
+ (#15876)
+ - Improved Documentation
+ - Fixed header levels on the Admin API "Users" documentation
+ page. Contributed by @sumnerevans at @beeper. (#15852)
+ - Remove deprecated worker_replication_host,
+ worker_replication_http_port and worker_replication_http_tls
+ configuration options. (#15872)
+ - Deprecations and Removals
+ - Remove deprecated worker_replication_host,
+ worker_replication_http_port and worker_replication_http_tls
+ configuration options. See the upgrade notes for more
+ details. (#15860)
+ - Remove support for Python 3.7 and hence for Debian Buster.
+ (#15851, #15892, #15893, #15917)
+ - Internal Changes
+ - Add foreign key constraint to event_forward_extremities.
+ (#15751, #15907)
+ - Add read/write style cross-worker locks. (#15782)
+ - Stop writing to column user_id of tables profiles and
+ user_filters. (#15787)
+ - Use lower isolation level when cleaning old presence stream
+ data to avoid serialization errors. (#15826)
+ - Add tracing to media /upload code paths. (#15850, #15888)
+ - Add a timeout that aborts any Postgres statement taking more
+ than 1 hour. (#15853)
+ - Fix the devenv up configuration which was ignoring the config
+ overrides. (#15854)
+ - Optimised cleanup of old entries in device_lists_stream.
+ (#15861)
+ - Update the Matrix clients link in the It works! Synapse is
+ running landing page. (#15874)
+ - Fix building Synapse with the nightly Rust compiler. (#15906)
+ - Add Server to Access-Control-Expose-Headers header. (#15908)
+
+-------------------------------------------------------------------
+Wed Jul 5 09:53:07 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.87.0
+ Please note that this will be the last release of Synapse that is
+ compatible with Python 3.7 and earlier. This is due to Python 3.7
+ now having reached End of Life; see our deprecation policy for
+ more details.
+
+ - Features
+ - Improve /messages response time by avoiding backfill when we
+ already have messages to return. (#15737)
+ - Add spam checker module API for logins. (#15838)
+ - Bugfixes
+ - Pin pydantic to ^1.7.4 to avoid backwards-incompatible API
+ changes from the 2.0.0 release. Resolves #15858. Contributed
+ by @PaarthShah. (#15862)
+ - Fix a long-standing bug where media files were served in an
+ unsafe manner. Contributed by @joshqou. (#15680)
+ - Avoid invalidating a cache that was just prefilled. (#15758)
+ - Fix requesting multiple keys at once over federation, related
+ to MSC3983. (#15770)
+ - Fix joining rooms through aliases where the alias server
+ isn't a real homeserver. Contributed by @tulir @ Beeper.
+ (#15776)
+ - Fix a bug in push rules handling leading to an invalid (per
+ spec) is_user_mention rule sent to clients. Also fix wrong
+ rule names for is_user_mention and is_room_mention. (#15781)
+ - Fix a bug introduced in 1.57.0 where the wrong table would be
+ locked on updating database rows when using SQLite as the
+ database backend. (#15788)
+ - Fix Sytest environmental variable evaluation in CI. (#15804)
+ - Fix forgotten rooms missing from initial sync after rejoining
+ them. Contributed by Nico from Famedly. (#15815)
+ - Fix sqlite user_filters upgrade introduced in v1.86.0.
+ (#15817)
+ - Improved Documentation
+ - Document looping_call() functionality that will wait for the
+ given function to finish before scheduling another. (#15772)
+ - Fix a typo in the Admin API. (#15805)
+ - Fix typo in MSC number in faster remote room join
+ architecture doc. (#15812)
+ - Deprecations and Removals
+ - Remove experimental MSC2716 implementation to incrementally
+ import history into existing rooms. (#15748)
+ - Internal Changes
+ - Split out 2022 changes from the changelog so the rendered
+ version in GitHub doesn't timeout as much. (#15846)
+ - Replace EventContext fields prev_group and delta_ids with
+ field state_group_deltas. (#15233)
+ - Regularly try to send transactions to other servers after
+ they failed instead of waiting for a new event to be
+ available before trying. (#15743)
+ - Fix requesting multiple keys at once over federation, related
+ to MSC3983. (#15755)
+ - Allow for the configuration of max request retries and
+ min/max retry delays in the matrix federation client.
+ (#15783)
+ - Switch from matrix:// to matrix-federation:// scheme for
+ internal Synapse routing of outbound federation traffic.
+ (#15806)
+ - Fix harmless exceptions being printed when running the port
+ DB script. (#15814)
+ - Updates to locked dependencies
+ - Bump attrs from 22.2.0 to 23.1.0. (#15801)
+ - Bump cryptography from 40.0.2 to 41.0.1. (#15800)
+ - Bump ijson from 3.2.0.post0 to 3.2.1. (#15802)
+ - Bump phonenumbers from 8.13.13 to 8.13.14. (#15798)
+ - Bump ruff from 0.0.265 to 0.0.272. (#15799)
+ - Bump ruff from 0.0.272 to 0.0.275. (#15833)
+ - Bump serde_json from 1.0.96 to 1.0.97. (#15797)
+ - Bump serde_json from 1.0.97 to 1.0.99. (#15832)
+ - Bump towncrier from 22.12.0 to 23.6.0. (#15831)
+ - Bump types-opentracing from 2.4.10.4 to 2.4.10.5. (#15830)
+ - Bump types-setuptools from 67.8.0.0 to 68.0.0.0. (#15835)
+
+-------------------------------------------------------------------
+Tue Jun 20 23:00:07 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.86.0
+ - Features
+ - Stable support for MSC3882 to allow an existing
+ device/session to generate a login token for use on a new
+ device/session. (#15388)
+ - Support resolving a room's canonical alias via the module
+ API. (#15450)
+ - Enable support for MSC3952: intentional mentions. (#15520)
+ - Experimental MSC3861 support: delegate auth to an OIDC
+ provider. (#15582)
+ - Add Synapse version deploy annotations to Grafana dashboard
+ which enables easy correlation between behavior changes
+ witnessed in a graph to a certain Synapse version and nail
+ down regressions. (#15674)
+ - Add a catch-all * to the supported relation types when
+ redacting an event and its related events. This is an update
+ to MSC3912 implementation. (#15705)
+ - Speed up /messages by backfilling in the background when
+ there are no backward extremities where we are directly
+ paginating. (#15710)
+ - Expose a metric reporting the database background update
+ status. (#15740)
+ - Bugfixes
+ - Fix an error when having workers of different versions
+ running. (#15774)
+ - Correctly clear caches when we delete a room. (#15609)
+ - Check permissions for enabling encryption earlier during room
+ creation to avoid creating broken rooms. (#15695)
+ - Improved Documentation
+ - Simplify query to find participating servers in a room.
+ (#15732)
+ - Internal Changes
+ - Log when events are (maybe unexpectedly) filtered out of
+ responses in tests. (#14213)
+ - Read from column full_user_id rather than user_id of tables
+ profiles and user_filters. (#15649)
+ - Add support for tracing functions which return Awaitables.
+ (#15650)
+ - Cache requests for user's devices over federation. (#15675)
+ - Add fully qualified docker image names to Dockerfiles.
+ (#15689)
+ - Remove some unused code. (#15690)
+ - Improve type hints. (#15694, #15697)
+ - Update docstring and traces on maybe_backfill() functions.
+ (#15709)
+ - Add context for when/why to use the long_retries option when
+ sending Federation requests. (#15721)
+ - Removed some unused fields. (#15723)
+ - Update federation error to more plainly explain we can only
+ authorize our own membership events. (#15725)
+ - Prevent the latest_deps and twisted_trunk daily GitHub
+ Actions workflows from running on forks of the codebase.
+ (#15726)
+ - Improve performance of user directory search. (#15729)
+ - Remove redundant table join with room_memberships when doing
+ a is_host_joined()/is_host_invited() call (membership is
+ already part of the current_state_events). (#15731)
+ - Remove superfluous room_memberships join from background
+ update. (#15733)
+ - Speed up typechecking CI. (#15752)
+ - Bump minimum supported Rust version to 1.60.0. (#15768)
+ - Updates to locked dependencies
+ - Bump importlib-metadata from 6.1.0 to 6.6.0. (#15711)
+ - Bump library/redis from 6-bullseye to 7-bullseye in /docker.
+ (#15712)
+ - Bump log from 0.4.18 to 0.4.19. (#15761)
+ - Bump phonenumbers from 8.13.11 to 8.13.13. (#15763)
+ - Bump pyasn1 from 0.4.8 to 0.5.0. (#15713)
+ - Bump pydantic from 1.10.8 to 1.10.9. (#15762)
+ - Bump pyo3-log from 0.8.1 to 0.8.2. (#15759)
+ - Bump pyopenssl from 23.1.1 to 23.2.0. (#15765)
+ - Bump regex from 1.7.3 to 1.8.4. (#15769)
+ - Bump sentry-sdk from 1.22.1 to 1.25.0. (#15714)
+ - Bump sentry-sdk from 1.25.0 to 1.25.1. (#15764)
+ - Bump serde from 1.0.163 to 1.0.164. (#15760)
+ - Bump types-jsonschema from 4.17.0.7 to 4.17.0.8. (#15716)
+ - Bump types-pyopenssl from 23.1.0.2 to 23.2.0.0. (#15766)
+ - Bump types-requests from 2.31.0.0 to 2.31.0.1. (#15715)
+
+-------------------------------------------------------------------
+Thu Jun 8 17:49:10 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.2
+ - Bugfixes
+ - Fix regression where using TLS for HTTP replication between
+ workers did not work. Introduced in v1.85.0. (#15746)
+
+-------------------------------------------------------------------
+Wed Jun 7 15:28:24 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.1
+ Note: this release only fixes a bug that stopped some deployments
+ from upgrading to v1.85.0. There is no need to upgrade to v1.85.1
+ if successfully running v1.85.0.
+
+ - Bugfixes
+ - Fix bug in schema delta that broke upgrades for some
+ deployments. Introduced in v1.85.0. (#15738, #15739)
+
+-------------------------------------------------------------------
+Tue Jun 6 11:34:10 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- make use that the pythons define and use_python do not diverge by
+ moving them closer to each other.
+
+-------------------------------------------------------------------
+Tue Jun 6 10:06:46 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.85.0
+ - Security
+
+ - GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity It may be
+ possible for a deactivated user to login when using uncommon
+ configurations. (boo#1212055)
+
+ - GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity A
+ discovered oEmbed or image URL can bypass the
+ url_preview_url_blacklist setting potentially allowing server
+ side request forgery or bypassing network policies. Impact is
+ limited to IP addresses allowed by the
+ url_preview_ip_range_blacklist setting (by default this only
+ allows public IPs). (boo#1212054)
+
+ - Features
+ - Improve performance of backfill requests by performing
+ backfill of previously failed requests in the background.
+ (#15585)
+ - Add a new admin API to create a new device for a user.
+ (#15611)
+ - Add Unix socket support for Redis connections. Contributed by
+ Jason Little. (#15644)
+ - Bugfixes
+ - Fix a performance issue introduced in Synapse v1.83.0 which
+ meant that purging rooms was very slow and
+ database-intensive. (#15693)
+ - Fix a long-standing bug where setting the read marker could
+ fail when using message retention. Contributed by Nick @
+ Beeper (@Fizzadar). (#15464)
+ - Fix a long-standing bug where the url_preview_url_blacklist
+ configuration setting was not applied to oEmbed or image URLs
+ found while previewing a URL. (#15601)
+ - Fix a long-standing bug where filters with multiple
+ backslashes were rejected. (#15607)
+ - Fix a bug introduced in Synapse 1.82.0 where the error
+ message displayed when validation of the
+ app_service_config_files config option fails would be
+ incorrectly formatted. (#15614)
+ - Fix a long-standing bug where deactivated users were still
+ able to login using the custom org.matrix.login.jwt login
+ type (if enabled). (#15624)
+ - Fix a long-standing bug where deactivated users were able to
+ login in uncommon situations. (#15634)
+ - Improved Documentation
+ - Warn users that at least 3.75GB of space is needed for the
+ nix Synapse development environment. (#15613)
+ - Remove outdated comment from the generated and sample
+ homeserver log configs. (#15648)
+ - Improve contributor docs to make it more clear that Rust is a
+ necessary prerequisite. Contributed by @grantm. (#15668)
+ - Deprecations and Removals
+ - Deprecate calling the /register endpoint with an unspecced
+ user property for application services. (#15703)
+ - Remove the old version of the R30 (30-day retained users)
+ phone-home metric. (#10428)
+ - Internal Changes
+ - Speed up background jobs populate_full_user_id_user_filters
+ and populate_full_user_id_profiles. (#15700)
+ - Create dependabot changelogs at release time. (#15481)
+ - Add not null constraint to column full_user_id of tables
+ profiles and user_filters. (#15537)
+ - Allow connecting to HTTP Replication Endpoints by using
+ worker_name when constructing the request. (#15578)
+ - Make the thread_id column on event_push_actions,
+ event_push_actions_staging, and event_push_summary non-null.
+ (#15597)
+ - Run mypy type checking with the minimum supported Python
+ version to catch new usage that isn't backwards-compatible.
+ (#15602)
+ - Fix subscriptable type usage in Python <3.9. (#15604)
+ - Update internal terminology. (#15606, #15620)
+ - Instrument state and state_group storage-related operations
+ to better picture what's happening when tracing. (#15610,
+ #15647)
+ - Trace how many new events from the backfill response we need
+ to process. (#15633)
+ - Re-type config paths in ConfigErrors to be StrSequences
+ instead of Iterable[str]s. (#15615)
+ - Update Mutual Rooms (MSC2666) implementation to match new
+ proposal text. (#15621)
+ - Remove the unstable identifiers from faster joins (MSC3706).
+ (#15625)
+ - Fix the olddeps CI. (#15626)
+ - Remove duplicate timestamp from test logs
+ (_trial_temp/test.log). (#15636)
+ - Fix two memory leaks in trial test runs. (#15630)
+ - Limit the size of the HomeServerConfig cache in trial test
+ runs. (#15646)
+ - Improve type hints. (#15658, #15659)
+ - Add requesting user id parameter to key claim methods in
+ TransportLayerClient. (#15663)
+ - Speed up rebuilding of the user directory for local users.
+ (#15665)
+ - Implement "option 2" for MSC3820: Room version 11. (#15666,
+ #15678)
+
+-------------------------------------------------------------------
+Fri May 26 19:16:23 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.84.1
+ This patch release fixes a major issue with homeservers that do
+ not have an instance_map defined but which do use workers. If you
+ have already upgraded to Synapse 1.84.0 and your homeserver is
+ working normally, then there is no need to update to this patch
+ release.
+
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.84.0 where workers do not
+ start up when no instance_map was provided. (#15672)
+ - Internal Changes
+ - Add dch and notify-send to the development Nix flake so that
+ the release script can be used. (#15673)
+
+-------------------------------------------------------------------
+Wed May 24 00:15:46 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.84.0
+ The worker_replication_* configuration settings have been
+ deprecated in favour of configuring the main process consistently
+ with other instances in the instance_map. The deprecated settings
+ will be removed in Synapse v1.88.0, but changing your
+ configuration in advance is recommended. See the upgrade notes
+ for more information.
+
+ https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840
+
+ - Features
+ - Add an option to prevent media downloads from configured
+ domains. (#15197)
+ - Add forget_rooms_on_leave config option to automatically
+ forget rooms when users leave them or are removed from them.
+ (#15224)
+ - Add redis TLS configuration options. (#15312)
+ - Add a config option to delay push notifications by a random
+ amount, to discourage time-based profiling. (#15516)
+ - Stabilize support for MSC2659: application service ping
+ endpoint. Contributed by Tulir @ Beeper. (#15528)
+ - Implement MSC4009 to expand the supported characters in
+ Matrix IDs. (#15536)
+ - Advertise support for Matrix 1.6 on /_matrix/client/versions.
+ (#15559)
+ - Print full error and stack-trace of any exception that occurs
+ during startup/initialization. (#15569)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.84.0rc1 where errors during
+ startup were not reported correctly on Python < 3.10.
+ (#15599)
+ - Don't fail on federation over TOR where SRV queries are not
+ supported. Contributed by Zdzichu. (#15523)
+ - Experimental support for MSC4010 which rejects setting the
+ "m.push_rules" via account data. (#15554, #15555)
+ - Fix a long-standing bug where an invalid membership event
+ could cause an internal server error. (#15564)
+ - Require at least poetry-core v1.1.0. (#15566, #15571)
+ - Deprecations and Removals
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Updates to the Docker image
+ - Add pkg-config package to Stage 0 to be able to build
+ Dockerfile on ppc64le architecture. (#15567)
+ - Improved Documentation
+ - Clarify documentation of the "Create or modify account" Admin
+ API. (#15544)
+ - Fix path to the statistics/database/rooms admin API in
+ documentation. (#15560)
+ - Update and improve Mastodon Single Sign-On documentation.
+ (#15587)
+ - Internal Changes
+ - Use oEmbed to generate URL previews for YouTube Shorts.
+ (#15025)
+ - Create new Client for use with HTTP Replication between
+ workers. Contributed by Jason Little. (#15470)
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Bump pyicu from 2.10.2 to 2.11. (#15509)
+ - Remove references to supporting per-user flag for MSC2654.
+ (#15522)
+ - Don't use a trusted key server when running the demo scripts.
+ (#15527)
+ - Speed up rebuilding of the user directory for local users.
+ (#15529)
+ - Speed up deleting of old rows in event_push_actions. (#15531)
+ - Install the xmlsec and mdbook packages and switch back to the
+ upstream cachix/devenv repo in the nix development
+ environment. (#15532, #15533, #15545)
+ - Implement MSC3987 by removing "dont_notify" from the list of
+ actions in default push rules. (#15534)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15535)
+ - Proxy /user/devices federation queries to application
+ services for MSC3984. (#15539)
+ - Factor out an is_mine_server_name method. (#15542)
+ - Allow running Complement tests using podman by adding a
+ PODMAN environment variable to scripts-dev/complement.sh.
+ (#15543)
+ - Bump serde from 1.0.160 to 1.0.162. (#15548)
+ - Bump types-setuptools from 67.6.0.5 to 67.7.0.1. (#15549)
+ - Bump sentry-sdk from 1.19.1 to 1.22.1. (#15550)
+ - Bump ruff from 0.0.259 to 0.0.265. (#15551)
+ - Bump hiredis from 2.2.2 to 2.2.3. (#15552)
+ - Bump types-requests from 2.29.0.0 to 2.30.0.0. (#15553)
+ - Add org.matrix.msc3981 info to /_matrix/client/versions.
+ (#15558)
+ - Declare unstable support for MSC3391 under
+ /_matrix/client/versions if the experimental implementation
+ is enabled. (#15562)
+ - Implement MSC3821 to update the redaction rules. (#15563)
+ - Implement updated redaction rules from MSC3389. (#15565)
+ - Allow pip install to use setuptools_rust 1.6.0 when building
+ Synapse. (#15570)
+ - Deal with upcoming Github Actions deprecations. (#15576)
+ - Export run_as_background_process from the module API.
+ (#15577)
+ - Update build system requirements to allow building with
+ poetry-core==1.6.0. (#15588)
+ - Bump serde from 1.0.162 to 1.0.163. (#15589)
+ - Bump phonenumbers from 8.13.7 to 8.13.11. (#15590)
+ - Bump types-psycopg2 from 2.9.21.9 to 2.9.21.10. (#15591)
+ - Bump types-commonmark from 0.9.2.2 to 0.9.2.3. (#15592)
+ - Bump types-setuptools from 67.7.0.1 to 67.7.0.2. (#15594)
+
+-------------------------------------------------------------------
+Tue May 9 18:58:15 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.83.0
+ - Features
+ - Experimental support to recursively provide relations per
+ MSC3981. (#15315)
+ - Experimental support for MSC3970: Scope transaction IDs to
+ devices. (#15318)
+ - Add an admin API endpoint to support per-user feature flags.
+ (#15344)
+ - Add a module API to send an HTTP push notification. (#15387)
+ - Add an admin API endpoint to query the largest rooms by disk
+ space used in the database. (#15482)
+ - Bugfixes
+ - Disable push rule evaluation for rooms excluded from sync.
+ (#15361)
+ - Fix a long-standing bug where cached server key results which
+ were directly fetched would not be properly re-used. (#15417)
+ - Fix a bug introduced in Synapse 1.73.0 where some
+ experimental push rules were returned by default. (#15494)
+ - Improved Documentation
+ - Add Nginx loadbalancing example with sticky mxid for workers.
+ (#15411)
+ - Update outdated development docs that mention restrictions in
+ versions of SQLite that we no longer support. (#15498)
+ - Internal Changes
+ - Speedup tests by caching HomeServerConfig instances. (#15284)
+ - Add denormalised event stream ordering column to membership
+ state tables for future use. Contributed by Nick @ Beeper
+ (@fizzadar). (#15356)
+ - Always use multi-user device resync replication endpoints.
+ (#15418)
+ - Add column full_user_id to tables profiles and user_filters.
+ (#15458)
+ - Update support for MSC3983 to allow always returning
+ fallback-keys in a /keys/claim request. (#15462)
+ - Improve type hints. (#15465, #15496, #15497)
+ - Support claiming more than one OTK at a time. (#15468)
+ - Bump types-pyyaml from 6.0.12.8 to 6.0.12.9. (#15471)
+ - Bump pyasn1-modules from 0.2.8 to 0.3.0. (#15473)
+ - Bump cryptography from 40.0.1 to 40.0.2. (#15474)
+ - Bump types-netaddr from 0.8.0.7 to 0.8.0.8. (#15475)
+ - Bump types-jsonschema from 4.17.0.6 to 4.17.0.7. (#15476)
+ - Ask bug reporters to provide logs as text. (#15479)
+ - Add a Nix flake for use as a development environment.
+ (#15495)
+ - Bump anyhow from 1.0.70 to 1.0.71. (#15507)
+ - Bump types-pillow from 9.4.0.19 to 9.5.0.2. (#15508)
+ - Bump packaging from 23.0 to 23.1. (#15510)
+ - Bump types-requests from 2.28.11.16 to 2.29.0.0. (#15511)
+ - Bump setuptools-rust from 1.5.2 to 1.6.0. (#15512)
+ - Update the check_schema_delta script to account for when the
+ schema version has been bumped locally. (#15466)
+- Allow newer setuptools-rust
+
+-------------------------------------------------------------------
+Tue Apr 25 11:53:22 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.82.0
+ - Features
+ - Allow loading the /directory/room/{roomAlias} endpoint on
+ workers. (#15333)
+ - Add some validation to instance_map configuration loading.
+ (#15431)
+ - Allow loading the /capabilities endpoint on workers. (#15436)
+ - Bugfixes
+ - Delete server-side backup keys when deactivating an account.
+ (#15181)
+ - Fix and document untold assumption that on_logged_out module
+ hooks will be called before the deletion of pushers. (#15410)
+ - Improve robustness when handling a perspective key response
+ by deduplicating received server keys. (#15423)
+ - Synapse now correctly fails to start if the config option
+ app_service_config_files is not a list. (#15425)
+ - Disable loading RefreshTokenServlet
+ (/_matrix/client/(r0|v3|unstable)/refresh) on workers.
+ (#15428)
+ - Improved Documentation
+ - Note that the delete_stale_devices_after background job
+ always runs on the main process. (#15452)
+ - Deprecations and Removals
+ - Remove the broken, unspecced registration fallback. Note that
+ the login fallback is unaffected by this change. (#15405)
+ - Internal Changes
+ - Improve DB performance of clearing out old data from
+ stream_ordering_to_exterm. (#15382, #15429)
+ - Implement MSC3989 redaction algorithm. (#15393)
+ - Implement MSC2175 to stop adding creator to create events.
+ (#15394)
+ - Implement MSC2174 to move the redacts key to a content
+ property. (#15395)
+ - Trust dtonlay/rust-toolchain in CI. (#15406)
+ - Explicitly install Synapse during typechecking in CI.
+ (#15409)
+ - Only load the SSO redirect servlet if SSO is enabled.
+ (#15421)
+ - Refactor SimpleHttpClient to pull out a base class. (#15427)
+ - Improve type hints. (#15432)
+ - Convert async to normal tests in TestSSOHandler. (#15433)
+ - Speed up the user directory background update. (#15435)
+ - Disable directory listing for static resources in
+ /_matrix/static/. (#15438)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15453)
+
+-------------------------------------------------------------------
+Fri Apr 14 12:07:11 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.81.0
+ Synapse now attempts the versioned appservice paths before
+ falling back to the legacy paths. Usage of the legacy routes
+ should be considered deprecated.
+
+ Additionally, Synapse has supported sending the application
+ service access token via the Authorization header since v1.70.0.
+ For backwards compatibility it is also sent as the access_token
+ query parameter. This is insecure and should be considered
+ deprecated.
+
+ A future version of Synapse (v1.88.0 or later) will remove
+ support for legacy application service routes and query parameter
+ authorization.
+
+ - Features
+ - Add the ability to enable/disable registrations when in the
+ OIDC flow. (#14978)
+ - Add a primitive helper script for listing worker endpoints.
+ (#15243)
+ - Experimental support for passing One Time Key and device key
+ requests to application services (MSC3983 and MSC3984).
+ (#15314, #15321)
+ - Allow loading /password_policy endpoint on workers. (#15331)
+ - Add experimental support for Unix sockets. Contributed by
+ Jason Little. (#15353)
+ - Build Debian packages for Ubuntu 23.04 (Lunar Lobster).
+ (#15381)
+ - Bugfixes
+ - Fix the set_device_id_for_pushers_txn background update
+ crash. (#15391)
+ - Fix a long-standing bug where edits of non-m.room.message
+ events would not be correctly bundled. (#15295)
+ - Fix a bug introduced in Synapse v1.55.0 which could delay
+ remote homeservers being able to decrypt encrypted messages
+ sent by local users. (#15297)
+ - Add a check to SQLite port_db script
+ - to ensure that the sqlite database passed to the script
+ exists before trying to port from it. (#15306)
+ - Fix a bug introduced in Synapse 1.76.0 where responses from
+ worker deployments could include an internal _INT_STREAM_POS
+ key. (#15309)
+ - Fix a long-standing bug that Synpase only used the legacy
+ appservice routes. (#15317)
+ - Fix a long-standing bug preventing users from rejoining rooms
+ after being banned and unbanned over federation. Contributed
+ by Nico. (#15323)
+ - Fix bug in worker mode where on a rolling restart of workers
+ the "typing" worker would consume 100% CPU until it got
+ restarted. (#15332)
+ - Fix a long-standing bug where some to_device messages could
+ be dropped when using workers. (#15349)
+ - Fix a bug introduced in Synapse 1.70.0 where the background
+ sync from a faster join could spin for hours when one of the
+ events involved had been marked for backoff. (#15351)
+ - Fix missing app variable in mail subject for password resets.
+ Contributed by Cyberes. (#15352)
+ - Fix a rare bug introduced in Synapse 1.66.0 where initial
+ syncs would fail when the user had been kicked from a faster
+ joined room that had not finished syncing. (#15383)
+ - Improved Documentation
+ - Fix a typo in login requests ratelimit defaults. (#15341)
+ - Add some clarification to the doc/comments regarding TCP
+ replication. (#15354)
+ - Note that Synapse 1.74 queued a rebuild of the user directory
+ tables. (#15386)
+ - Internal Changes
+ - Update CI to run complement under the latest stable go
+ version. (#15403)
+ - Use immutabledict instead of frozendict. (#15113)
+ - Add developer documentation for the Federation Sender and add
+ a documentation mechanism using Sphinx. (#15265, #15336)
+ - Make the pushers rely on the device_id instead of the
+ access_token_id for various operations. (#15280)
+ - Bump sentry-sdk from 1.15.0 to 1.17.0. (#15285)
+ - Allow running the Twisted trunk job against other branches.
+ (#15302)
+ - Remind the releaser to ask for changelog feedback in
+ #synapse-dev. (#15303)
+ - Bump dtolnay/rust-toolchain from
+ e12eda571dc9a5ee5d58eecf4738ec291c66f295 to
+ fc3253060d0c959bea12a59f10f8391454a0b02d. (#15304)
+ - Reject events with an invalid "mentions" property per
+ MSC3952. (#15311)
+ - As an optimisation, use TRUNCATE on Postgres when clearing
+ the user directory tables. (#15316)
+ - Fix .gitignore rule for the Complement source tarball
+ downloaded automatically by complement.sh. (#15319)
+ - Bump serde from 1.0.157 to 1.0.158. (#15324)
+ - Bump regex from 1.7.1 to 1.7.3. (#15325)
+ - Bump types-pyopenssl from 23.0.0.4 to 23.1.0.0. (#15326)
+ - Bump furo from 2022.12.7 to 2023.3.23. (#15327)
+ - Bump ruff from 0.0.252 to 0.0.259. (#15328)
+ - Bump cryptography from 40.0.0 to 40.0.1. (#15329)
+ - Bump mypy-zope from 0.9.0 to 0.9.1. (#15330)
+ - Speed up unit tests when using SQLite3. (#15334)
+ - Speed up pydantic CI job. (#15339)
+ - Speed up sample config CI job. (#15340)
+ - Fix copyright year in SSO footer template. (#15358)
+ - Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3. (#15369)
+ - Bump serde from 1.0.158 to 1.0.159. (#15370)
+ - Bump serde_json from 1.0.94 to 1.0.95. (#15371)
+ - Speed up membership queries for users with forgotten rooms.
+ (#15385)
+
+-------------------------------------------------------------------
+Thu Mar 30 20:56:38 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.80.0
+ - Features
+ - Stabilise support for MSC3966: event_property_contains push
+ condition. (#15187)
+ - Implement MSC2659: application service ping endpoint.
+ Contributed by Tulir @ Beeper. (#15249)
+ - Allow loading /register/available endpoint on workers.
+ (#15268)
+ - Improve performance of creating and authenticating events.
+ (#15195)
+ - Add topic and name events to group of events that are batch
+ persisted when creating a room. (#15229)
+ - Bugfixes
+ - Fix a bug in which the POST
+ /_matrix/client/v3/rooms/{roomId}/report/{eventId} endpoint
+ would return the wrong error if the user did not have
+ permission to view the event. This aligns Synapse's
+ implementation with MSC2249. (#15298, #15300)
+ - Fix a bug introduced in Synapse 1.75.0rc1 where the SQLite
+ port_db script
+ - would fail to open the SQLite database. (#15301)
+ - Fix a long-standing bug in which the user directory would
+ assume any remote membership state events represent a profile
+ change. (#14755, #14756)
+ - Implement MSC3873 to fix a long-standing bug where properties
+ with dots were handled ambiguously in push rules. (#15190)
+ - Faster joins: Fix a bug introduced in Synapse 1.66 where
+ spurious "Failed to find memberships ..." errors would be
+ logged. (#15232)
+ - Fix a long-standing error when sending message into deleted
+ room. (#15235)
+ - Updates to the Docker image
+ - Ensure the Dockerfile builds on platforms that don't have a
+ cryptography wheel. (#15239)
+ - Mirror images to the GitHub Container Registry
+ (ghcr.io/matrix-org/synapse). (#15281, #15282)
+ - Improved Documentation
+ - Add a missing endpoint to the workers documentation. (#15223)
+ - Internal Changes
+ - Add additional functionality to declaring worker types when
+ starting Complement in worker mode. (#14921)
+ - Add Synapse-Trace-Id to access-control-expose-headers header.
+ (#14974)
+ - Make the HttpTransactionCache use the Requester in addition
+ of the just the Request to build the transaction key.
+ (#15200)
+ - Improve log lines when purging rooms. (#15222)
+ - Improve type hints. (#15230, #15231, #15238)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15237)
+ - Configure GitHub Actions for merge queues. (#15244)
+ - Add schema comments about the destinations and
+ destination_rooms tables. (#15247)
+ - Skip processing of auto-join room behaviour if there are no
+ auto-join rooms configured. (#15262)
+ - Remove unused store method
+ _set_destination_retry_timings_emulated. (#15266)
+ - Reorganize URL preview code. (#15269)
+ - Clean-up direct TCP replication code. (#15272, #15274)
+ - Make configure_workers_and_start script used in Complement
+ tests compatible with older versions of Python. (#15275)
+ - Add a /versions flag for MSC3952. (#15293)
+ - Bump hiredis from 2.2.1 to 2.2.2. (#15252)
+ - Bump serde from 1.0.152 to 1.0.155. (#15253)
+ - Bump pysaml2 from 7.2.1 to 7.3.1. (#15254)
+ - Bump msgpack from 1.0.4 to 1.0.5. (#15255)
+ - Bump gitpython from 3.1.30 to 3.1.31. (#15256)
+ - Bump cryptography from 39.0.1 to 39.0.2. (#15257)
+ - Bump pydantic from 1.10.4 to 1.10.6. (#15286)
+ - Bump serde from 1.0.155 to 1.0.157. (#15287)
+ - Bump anyhow from 1.0.69 to 1.0.70. (#15288)
+ - Bump txredisapi from 1.4.7 to 1.4.9. (#15289)
+ - Bump pygithub from 1.57 to 1.58.1. (#15290)
+ - Bump types-requests from 2.28.11.12 to 2.28.11.15. (#15291)
+
+-------------------------------------------------------------------
+Tue Mar 14 19:50:05 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.79.0
+ - Features
+ - Add two new Third Party Rules module API callbacks:
+ on_add_user_third_party_identifier and
+ on_remove_user_third_party_identifier. (#15044)
+ - Experimental support for MSC3967 to not require UIA for
+ setting up cross-signing on first use. (#15077)
+ - Add media information to the command line user data export
+ tool. (#15107)
+ - Add an admin API to delete a specific event report. (#15116)
+ - Add support for knocking to workers. (#15133)
+ - Allow use of the /filter Client-Server APIs on workers.
+ (#15134)
+ - Update support for MSC2677: remove support for server-side
+ aggregation of reactions. (#15172)
+ - Stabilise support for MSC3758: event_property_is push
+ condition. (#15185)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.79.0rc1 where attempting to
+ register a on_remove_user_third_party_identifier module API
+ callback would be a no-op. (#15227)
+ - Fix a rare bug introduced in Synapse 1.73 where events could
+ remain unsent to other homeservers after a faster-join to a
+ room. (#15248)
+ - Fix a bug introduced in Synapse 1.75 that caused experimental
+ support for deleting account data to raise an internal server
+ error while using an account data writer worker. (#14869)
+ - Fix a long-standing bug where Synapse handled an unspecced
+ field on push rules. (#15088)
+ - Fix a long-standing bug where a URL preview would break if
+ the discovered oEmbed failed to download. (#15092)
+ - Fix a long-standing bug where an initial sync would not
+ respond to changes to the list of ignored users if there was
+ an initial sync cached. (#15163)
+ - Add the transaction_id in the events included in many
+ endpoints' responses. (#15174)
+ - Fix a bug introduced in Synapse 1.78.0 where requests to
+ claim dehydrated devices would fail with a 405 error.
+ (#15180)
+ - Stop applying edits when bundling aggregations, per MSC3925.
+ (#15193)
+ - Fix a long-standing bug where the user directory search was
+ not case-insensitive for accented characters. (#15143)
+ - Updates to the Docker image
+ - Improve startup logging in the with-workers Docker image.
+ (#15186)
+ - Improved Documentation
+ - Document how to use caches in a module. (#14026)
+ - Clarify which worker processes the ThirdPartyRules'
+ on_new_event module API callback runs on. (#15071)
+ - Document using Shibboleth as an OpenID Provider. (#15112)
+ - Correct reference to federation_verify_certificates in
+ configuration documentation. (#15139)
+ - Correct small documentation errors in some
+ MatrixFederationHttpClient methods. (#15148)
+ - Correct the description of the behavior of
+ registration_shared_secret_path on startup. (#15168)
+ - Deprecations and Removals
+ - Deprecate the on_threepid_bind module callback, to be
+ replaced by on_add_user_third_party_identifier. See upgrade
+ notes. ([#15044]
+ - Remove the unspecced room_alias field from the /createRoom
+ response. (#15093)
+ - Remove the unspecced PUT on the /knock/{roomIdOrAlias}
+ endpoint. (#15189)
+ - Remove the undocumented and unspecced type parameter to the
+ /thumbnail endpoint. (#15137)
+ - Remove unspecced and buggy PUT method on the unstable
+ /rooms/<room_id>/batch_send endpoint. (#15199)
+ - Internal Changes
+ - Refactor filter_events_for_server. (#15240)
+ - Run the integration test suites with the asyncio reactor
+ enabled in CI. (#14101)
+ - Batch up storing state groups when creating a new room.
+ (#14918)
+ - Update MSC3952 support based on changes to the MSC. (#15051)
+ - Refactor writing json data in FileExfiltrationWriter.
+ (#15095)
+ - Tighten the login ratelimit defaults. (#15135)
+ - Fix a typo in an experimental config setting. (#15138)
+ - Refactor the media modules. (#15146, #15175)
+ - Improve type hints. (#15164)
+ - Move get_event_report and get_event_reports_paginate from
+ RoomStore to RoomWorkerStore. (#15165)
+ - Remove dangling reference to being a reference implementation
+ in docstring. (#15167)
+ - Add an option to force a rebuild of the "editable" complement
+ image. (#15184)
+ - Use nightly rustfmt in CI. (#15188)
+ - Add a get_next_txn method to StreamIdGenerator to match
+ MultiWriterIdGenerator. (#15191)
+ - Combine AbstractStreamIdTracker and
+ AbstractStreamIdGenerator. (#15192)
+ - Automatically fix errors with ruff. (#15194)
+ - Refactor database transaction for query users' devices to
+ reduce database pool contention. (#15215)
+ - Correct test_icu_word_boundary_punctuation so that it passes
+ with the ICU versions available in Alpine and macOS. (#15177)
+
+-------------------------------------------------------------------
+Tue Feb 28 22:35:35 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.78.0
+ - Features
+ - Implement the experimental exact_event_match push rule
+ condition from MSC3758. (#14964)
+ - Add account data to the command line user data export tool.
+ (#14969)
+ - Implement MSC3873 to disambiguate push rule keys with dots in
+ them. (#15004)
+ - Allow Synapse to use a specific Redis logical database in
+ worker-mode deployments. (#15034)
+ - Tag opentracing spans for federation requests with the name
+ of the worker serving the request. (#15042)
+ - Implement the experimental exact_event_property_contains push
+ rule condition from MSC3966. (#15045)
+ - Remove spurious dont_notify action from the defaults for the
+ .m.rule.reaction pushrule. (#15073)
+ - Update the error code returned when user sends a duplicate
+ annotation. (#15075)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.76 where 5s delays would
+ occasionally occur in deployments using workers. (#15150)
+ - Prevent clients from reporting nonexistent events. (#13779)
+ - Return spec-compliant JSON errors when unknown endpoints are
+ requested. (#14605)
+ - Fix a long-standing bug where the room aliases returned could
+ be corrupted. (#15038)
+ - Fix a bug introduced in Synapse 1.76.0 where partially-joined
+ rooms could not be deleted using the purge room API. (#15068)
+ - Fix a long-standing bug where federated joins would fail if
+ the first server in the list of servers to try is not in the
+ room. (#15074)
+ - Fix a bug introduced in Synapse v1.74.0 where searching with
+ colons when using ICU for search term tokenisation would fail
+ with an error. (#15079)
+ - Reduce the likelihood of a rare race condition where
+ rejoining a restricted room over federation would fail.
+ (#15080)
+ - Fix a bug introduced in Synapse 1.76 where workers would fail
+ to start if the health listener was configured. (#15096)
+ - Fix a bug introduced in Synapse 1.75 where the portdb script
+ would fail to run after a room had been faster-joined.
+ (#15108)
+ - Improved Documentation
+ - Document how to start Synapse with Poetry. Contributed by
+ @thezaidbintariq. (#14892, #15022)
+ - Update delegation documentation to clarify that SRV DNS
+ delegation does not eliminate all needs to serve files from
+ .well-known locations. Contributed by @williamkray. (#14959)
+ - Fix a mistake in registration_shared_secret_path docs.
+ (#15078)
+ - Refer to a more recent blog post on the Database Maintenance
+ Tools page. Contributed by @jahway603. (#15083)
+ - Internal Changes
+ - Re-type hint some collections as read-only. (#13755)
+ - Faster joins: don't stall when another user joins during a
+ partial-state room resync. (#14606)
+ - Add a class UnpersistedEventContext to allow for the batching
+ up of storing state groups. (#14675)
+ - Add a check to ensure that locked dependencies have source
+ distributions available. (#14742)
+ - Tweak comment on _is_local_room_accessible as part of room
+ visibility in /hierarchy to clarify the condition for a room
+ being visible. (#14834)
+ - Prevent WARNING: there is already a transaction in progress
+ lines appearing in PostgreSQL's logs on some occasions.
+ (#14840)
+ - Use StrCollection to avoid potential bugs with
+ Collection[str]. (#14929)
+ - Improve performance of /sync in a few situations. (#14973)
+ - Limit concurrent event creation for a room to avoid state
+ resolution when sending bursts of events to a local room.
+ (#14977)
+ - Skip calculating unread push actions in /sync when
+ enable_push is false. (#14980)
+ - Add a schema dump symlinks inside contrib, to make it easier
+ for IDEs to interrogate Synapse's database schema. (#14982)
+ - Improve type hints. (#15008, #15026, #15027, #15028, #15031,
+ #15035, #15052, #15072, #15084)
+ - Update MSC3952 support based on changes to the MSC. (#15037)
+ - Avoid mutating a cached value in get_user_devices_from_cache.
+ (#15040)
+ - Fix a rare exception in logs on start up. (#15041)
+ - Update pyo3-log to v0.8.1. (#15043)
+ - Avoid mutating cached values in
+ _generate_sync_entry_for_account_data. (#15047)
+ - Refactor arguments of try_unbind_threepid and
+ _try_unbind_threepid_with_id_server to not use dictionaries.
+ (#15053)
+ - Merge debug logging from the hotfixes branch. (#15054)
+ - Faster joins: omit device list updates originating from
+ partial state rooms in /sync responses without lazy loading
+ of members enabled. (#15069)
+ - Fix clashing database transaction name. (#15070)
+ - Upper-bound frozendict dependency. This works around us being
+ unable to test installing our wheels against Python 3.11 in
+ CI. (#15114)
+ - Tweak logging for when a worker waits for its view of a
+ replication stream to catch up. (#15120)
+
+-------------------------------------------------------------------
+Mon Feb 20 12:45:02 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- lock matrix-synapse until frozendict can enable python 3.11
+ support
+
+-------------------------------------------------------------------
+Tue Feb 14 15:18:22 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.77.0
+ - Features
+ - Experimental support for MSC3952: intentional mentions.
+ (#14823, #14943, #14957, #14958)
+ - Experimental support to suppress notifications from message
+ edits (MSC3958). (#14960, #15016)
+ - Add profile information, devices and connections to the
+ command line user data export tool. (#14894)
+ - Improve performance when joining or sending an event in large
+ rooms. (#14962)
+ - Improve performance of joining and leaving large rooms with
+ many local users. (#14971)
+ - Bugfixes
+ - Fix bug where retried replication requests would return a
+ failure. Introduced in v1.76.0. (#15024)
+ - Fix a bug introduced in Synapse 1.53.0 where next_batch
+ tokens from /sync could not be used with the /relations
+ endpoint. (#14866)
+ - Fix a bug introduced in Synapse 1.35.0 where the module API's
+ send_local_online_presence_to would fail to send presence
+ updates over federation. (#14880)
+ - Fix a bug introduced in Synapse 1.70.0 where the background
+ updates to add non-thread unique indexes on receipts could
+ fail when upgrading from 1.67.0 or earlier. (#14915)
+ - Fix a regression introduced in Synapse 1.69.0 which can
+ result in database corruption when database migrations are
+ interrupted on sqlite. (#14926)
+ - Fix a bug introduced in Synapse 1.68.0 where we were unable
+ to service remote joins in rooms with @room notification
+ levels set to null in their (malformed) power levels.
+ (#14942)
+ - Fix a bug introduced in Synapse 1.64.0 where boolean power
+ levels were erroneously permitted in v10 rooms. (#14944)
+ - Fix a long-standing bug where sending messages on servers
+ with presence enabled would spam "Re-starting finished log
+ context" log lines. (#14947)
+ - Fix a bug introduced in Synapse 1.68.0 where logging from the
+ Rust module was not properly logged. (#14976)
+ - Fix various long-standing bugs in Synapse's config, event and
+ request handling where booleans were unintentionally accepted
+ where an integer was expected. (#14945)
+ - Internal Changes
+ - Prepare for future database schema changes. (#15036)
+ - Add missing type hints. (#14879, #14886, #14887, #14904,
+ #14927, #14956, #14983, #14984, #14985, #14987, #14988,
+ #14990, #14991, #14992, #15007)
+ - Use StrCollection to avoid potential bugs with
+ Collection[str]. (#14922)
+ - Allow running the complement tests suites with the asyncio
+ reactor enabled. (#14858)
+ - Improve performance of /sync in a few situations. (#14908,
+ #14970)
+ - Document how to handle Dependabot pull requests. (#14916)
+ - Fix typo in release script. (#14920)
+ - Update build system requirements to allow building with
+ poetry-core 1.5.0. (#14949, #15019)
+ - Add an lnav config file for Synapse logs to /contrib/lnav.
+ (#14953)
+ - Faster joins: Refactor internal handling of servers in room
+ to never store an empty list. (#14954)
+ - Faster joins: tag v2/send_join/ requests to indicate if they
+ served a partial join response. (#14950)
+ - Allow running cargo without the extension-module option.
+ (#14965)
+ - Preparatory work for adding a denormalised event stream
+ ordering column in the future. Contributed by Nick @ Beeper
+ (@Fizzadar). (#14979, 9cd7610, f10caa7; see #15014)
+ - Add tests for _flatten_dict. (#14981, #15002)
+
+-------------------------------------------------------------------
+Tue Jan 31 23:13:24 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.76.0
+ The 1.76 release is the first to enable faster joins (MSC3706 and
+ MSC3902) by default. Admins can opt-out: see the upgrade notes
+ for more details.
+
+ The upgrade from 1.75 to 1.76 changes the account data
+ replication streams in a backwards-incompatible manner. Server
+ operators running a multi-worker deployment should consult the
+ upgrade notes.
+
+ Those who are poetry installing from source using our lockfile
+ should ensure their poetry version is 1.3.2 or higher; see
+ upgrade notes.
+
+ Notes on faster joins
+
+ The faster joins project sees the most benefit when joining a
+ room with a large number of members (joined or historical). We
+ expect it to be particularly useful for joining large public
+ rooms like the Matrix HQ or Synapse Admins rooms.
+
+ After a faster join, Synapse considers that room "partially
+ joined". In this state, you should be able to
+
+ - read incoming messages;
+ - see incoming state changes, e.g. room topic changes; and
+ - send messages, if the room is unencrypted.
+
+ Synapse has to spend more effort to complete the join in the
+ background. Once this finishes, you will be able to
+
+ - send messages, if the room is in encrypted;
+ - retrieve room history from before your join, if permitted by
+ the room settings; and
+ - access the full list of room members.
+
+ - Features
+ - Update the default room version to v10 (MSC 3904).
+ Contributed by @FSG-Cat. (#14111)
+ - Add a set_displayname() method to the module API for setting
+ a user's display name. (#14629)
+ - Add a dedicated listener configuration for health endpoint.
+ (#14747)
+ - Implement support for MSC3890: Remotely silence local
+ notifications. (#14775)
+ - Implement experimental support for MSC3930: Push rules for
+ (MSC3381) Polls. (#14787)
+ - Per MSC3925, bundle the whole of the replacement with any
+ edited events, and optionally inhibit server-side
+ replacement. (#14811)
+ - Faster joins: always serve a partial join response to servers
+ that request it with the stable query param. (#14839)
+ - Faster joins: allow non-lazy-loading ("eager") syncs to
+ complete after a partial join by omitting partial state rooms
+ until they become fully stated. (#14870)
+ - Faster joins: request partial joins by default. Admins can
+ opt-out of this for the time being---see the upgrade notes.
+ (#14905)
+ - Bugfixes
+ - Faster joins: Fix a bug introduced in Synapse 1.69 where
+ device list EDUs could fail to be handled after a restart
+ when a faster join sync is in progress. (#14914)
+ - Add index to improve performance of the /timestamp_to_event
+ endpoint used for jumping to a specific date in the timeline
+ of a room. (#14799)
+ - Fix a long-standing bug where Synapse would exhaust the stack
+ when processing many federation requests where the remote
+ homeserver has disconencted early. (#14812, #14842)
+ - Fix rare races when using workers. (#14820)
+ - Fix a bug introduced in Synapse 1.64.0 when using room
+ version 10 with frozen events enabled. (#14864)
+ - Fix a long-standing bug where the populate_room_stats
+ background job could fail on broken rooms. (#14873)
+ - Faster joins: Fix a bug in worker deployments where the room
+ stats and user directory would not get updated when finishing
+ a fast join until another event is sent or received. (#14874)
+ - Faster joins: Fix incompatibility with joins into restricted
+ rooms where no local users have the ability to invite.
+ (#14882)
+ - Fix a regression introduced in Synapse 1.69.0 which can
+ result in database corruption when database migrations are
+ interrupted on sqlite. (#14910)
+ - Updates to the Docker image
+ - Bump default Python version in the Dockerfile from 3.9 to
+ 3.11. (#14875)
+ - Improved Documentation
+ - Describe the ideas and the internal machinery behind faster
+ joins. (#14677)
+ - Include x_forwarded entry in the HTTP listener example
+ configs and remove the remaining worker_main_http_uri
+ entries. (#14667)
+ - Remove duplicate commands from the Code Style documentation
+ page; point to the Contributing Guide instead. (#14773)
+ - Add missing documentation for tag to listeners section.
+ (#14803)
+ - Updated documentation in configuration manual for
+ user_directory.search_all_users. (#14818)
+ - Add worker_manhole to configuration manual. (#14824)
+ - Fix the example config missing the id field in application
+ service documentation. (#14845)
+ - Minor corrections to the logging configuration documentation.
+ (#14868)
+ - Document the export user data command. Contributed by
+ @thezaidbintariq. (#14883)
+ - Deprecations and Removals
+ - Poetry 1.3.2 or higher is now required when poetry installing
+ from source. (#14860)
+ - Internal Changes
+ - Faster joins: Improve performance of looking up partial-state
+ status of rooms. (#14917)
+ - Faster remote room joins (worker mode): do not populate
+ external hosts-in-room cache when sending events as this
+ requires blocking for full state. (#14749)
+ - Enable Complement tests for Faster Remote Room Joins against
+ worker-mode Synapse. (#14752)
+ - Add some clarifying comments and refactor a portion of the
+ Keyring class for readability. (#14804)
+ - Add local poetry config files (poetry.toml) to .gitignore.
+ (#14807)
+ - Add missing type hints. (#14816, #14885, #14889)
+ - Refactor push tests. (#14819)
+ - Re-enable some linting that was disabled when we switched to
+ ruff. (#14821)
+ - Add cargo fmt and cargo clippy to the lint script. (#14822)
+ - Drop unused table presence. (#14825)
+ - Merge the two account data and the two device list
+ replication streams. (#14826, #14833)
+ - Faster joins: use stable identifiers from MSC3706. (#14832,
+ #14841)
+ - Add a parameter to control whether the federation client
+ performs a partial state join. (#14843)
+ - Add check to avoid starting duplicate partial state syncs.
+ (#14844)
+ - Add an early return when handling no-op presence updates.
+ (#14855)
+ - Fix wait_for_stream_position to correctly wait for the right
+ instance to advance its token. (#14856, #14872)
+ - Always notify replication when a stream advances
+ automatically. (#14877)
+ - Reduce max time we wait for stream positions. (#14881)
+ - Faster joins: allow the resync process more time to fetch
+ /state ids. (#14912)
+ - Bump regex from 1.7.0 to 1.7.1. (#14848)
+ - Bump peaceiris/actions-gh-pages from 3.9.1 to 3.9.2. (#14861)
+ - Bump ruff from 0.0.215 to 0.0.224. (#14862)
+ - Bump types-pillow from 9.4.0.0 to 9.4.0.3. (#14863)
+ - Bump types-opentracing from 2.4.10 to 2.4.10.1. (#14896)
+ - Bump ruff from 0.0.224 to 0.0.230. (#14897)
+ - Bump types-requests from 2.28.11.7 to 2.28.11.8. (#14899)
+ - Bump types-psycopg2 from 2.9.21.2 to 2.9.21.4. (#14900)
+ - Bump types-commonmark from 0.9.2 to 0.9.2.1. (#14901)
+
+-------------------------------------------------------------------
+Tue Jan 17 13:47:48 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.75.0
+ - Features
+ - Add a cached function to synapse.module_api that returns a
+ decorator to cache return values of functions. (#14663)
+ - Add experimental support for MSC3391 (removing account data).
+ (#14714)
+ - Support RFC7636 Proof Key for Code Exchange for OAuth single
+ sign-on. (#14750)
+ - Support non-OpenID compliant userinfo claims for subject and
+ picture. (#14753)
+ - Improve performance of /sync when filtering all rooms,
+ message types, or senders. (#14786)
+ - Improve performance of the /hierarchy endpoint. (#14263)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.75.0rc1 where device lists
+ could be miscalculated with some sync filters. (#14810)
+ - Fix race where calling /members or /state with an at
+ parameter could fail for newly created rooms, when using
+ multiple workers. (#14817)
+ - Fix the MAU Limits section of the Grafana dashboard relying
+ on a specific job name for the workers of a Synapse
+ deployment. (#14644)
+ - Fix a bug introduced in Synapse 1.70.0 which could cause
+ spurious UNIQUE constraint failed errors in the rotate_notifs
+ background job. (#14669)
+ - Ensure stream IDs are always updated after caches get
+ invalidated with workers. Contributed by Nick @ Beeper
+ (@Fizzadar). (#14723)
+ - Remove the unspecced device field from /pushrules responses.
+ (#14727)
+ - Fix a bug introduced in Synapse 1.73.0 where the
+ picture_claim configured under oidc_providers was unused (the
+ default value of "picture" was used instead). (#14751)
+ - Unescape HTML entities in URL preview titles making use of
+ oEmbed responses. (#14781)
+ - Disable sending confirmation email when 3pid is disabled.
+ (#14725)
+ - Improved Documentation
+ - Declare support for Python 3.11. (#14673)
+ - Fix target_memory_usage being used in the description for the
+ actual cache_autotune sub-option target_cache_memory_usage.
+ (#14674)
+ - Move email to Server section in config file documentation.
+ (#14730)
+ - Fix broken links in the Synapse documentation. (#14744)
+ - Add missing worker settings to shared configuration
+ documentation. (#14748)
+ - Document using Twitter as a OAuth 2.0 authentication
+ provider. (#14778)
+ - Fix Synapse 1.74 upgrade notes to correctly explain how to
+ install pyICU when installing Synapse from PyPI. (#14797)
+ - Update link to towncrier in contribution guide. (#14801)
+ - Use htmltest to check links in the Synapse documentation.
+ (#14743)
+ - Internal Changes
+ - Faster remote room joins: stream the un-partial-stating of
+ events over replication. (#14545, #14546)
+ - Use ruff instead of flake8. (#14633, #14741)
+ - Change handle_new_client_event signature so that a 429 does
+ not reach clients on PartialStateConflictError, and
+ internally retry when needed instead. (#14665)
+ - Remove dependency on jQuery on reCAPTCHA page. (#14672)
+ - Faster joins: make compute_state_after_events consistent with
+ other state-fetching functions that take a StateFilter.
+ (#14676)
+ - Add missing type hints. (#14680, #14681, #14687)
+ - Improve type annotations for the helper methods on a
+ CachedFunction. (#14685)
+ - Check that the SQLite database file exists before porting to
+ PostgreSQL. (#14692)
+ - Add .direnv/ directory to .gitignore to prevent local state
+ generated by the direnv development tool from being
+ committed. (#14707)
+ - Batch up replication requests to request the resyncing of
+ remote users's devices. (#14716)
+ - If debug logging is enabled, log the msgids of any to-device
+ messages that are returned over /sync. (#14724)
+ - Change GHA CI job to follow best practices. (#14772)
+ - Switch to our fork of dh-virtualenv to work around an
+ upstream Python 3.11 incompatibility. (#14774)
+ - Skip testing built wheels for PyPy 3.7 on Linux x86_64 as we
+ lack new required dependencies in the build environment.
+ (#14802)
+
+-------------------------------------------------------------------
+Tue Dec 20 20:16:04 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.74.0
+ - Features
+ - Improve user search for international display names. (#14464)
+ - Stop using deprecated keyIds parameter when calling
+ /_matrix/key/v2/server. (#14490, #14525)
+ - Add new push.enabled config option to allow opting out of
+ push notification calculation. (#14551, #14619)
+ - Advertise support for Matrix 1.5 on /_matrix/client/versions.
+ (#14576)
+ - Improve opentracing and logging for to-device message
+ handling. (#14598)
+ - Allow selecting "prejoin" events by state keys in addition to
+ event types. (#14642)
+ - Bugfixes
+ - Fix a long-standing bug where a device list update might not
+ be sent to clients in certain circumstances. (#14435, #14592,
+ #14604)
+ - Suppress a spurious warning when POST
+ /rooms/<room_id>/<membership>/, POST /join/<room_id_or_alias,
+ or the unspecced PUT /join/<room_id_or_alias>/<txn_id>
+ receive an empty HTTP request body. (#14600)
+ - Return spec-compliant JSON errors when unknown endpoints are
+ requested. (#14620, #14621)
+ - Update html templates to load images over HTTPS. Contributed
+ by @ashfame. (#14625)
+ - Fix a long-standing bug where the user directory would return
+ 1 more row than requested. (#14631)
+ - Reject invalid read receipt requests with empty room or event
+ IDs. Contributed by Nick @ Beeper (@Fizzadar). (#14632)
+ - Fix a bug introduced in Synapse 1.67.0 where not specifying a
+ config file or a server URL would lead to the
+ register_new_matrix_user script failing. (#14637)
+ - Fix a long-standing bug where the user directory and
+ room/user stats might be out of sync. (#14639, #14643)
+ - Fix a bug introduced in Synapse 1.72.0 where the background
+ updates to add non-thread unique indexes on receipts would
+ fail if they were previously interrupted. (#14650)
+ - Improve validation of field size limits in events. (#14664)
+ - Fix bugs introduced in Synapse 1.55.0 and 1.69.0 where
+ application services would not be notified of events in the
+ correct rooms, due to stale caches. (#14670)
+ - Improved Documentation
+ - Add release note and update documentation regarding optional
+ ICU support in user search. (#14712)
+ - Update worker settings for pusher and federation_sender
+ functionality. (#14493)
+ - Add links to third party package repositories, and point to
+ the bug which highlights Ubuntu's out-of-date packages.
+ (#14517)
+ - Remove old, incorrect minimum postgres version note and
+ replace with a link to the Dependency Deprecation Policy.
+ (#14590)
+ - Add Single-Sign On setup instructions for Mastodon-based
+ instances. (#14594)
+ - Change turn_allow_guests example value to lowercase true.
+ (#14634)
+ - Internal Changes
+ - Optimise push badge count calculations. Contributed by Nick @
+ Beeper (@Fizzadar). (#14255)
+ - Faster remote room joins: stream the un-partial-stating of
+ rooms over replication. (#14473, #14474)
+ - Share the ClientRestResource for both workers and the main
+ process. (#14528)
+ - Add --editable flag to complement.sh which uses an editable
+ install of Synapse for faster turn-around times whilst
+ developing iteratively. (#14548)
+ - Faster joins: use servers list approximation to send read
+ receipts when in partial state instead of waiting for the
+ full state of the room. (#14549)
+ - Modernize unit tests configuration related to workers.
+ (#14568)
+ - Bump jsonschema from 4.17.0 to 4.17.3. (#14591)
+ - Fix Rust lint CI. (#14602)
+ - Bump JasonEtco/create-an-issue from 2.5.0 to 2.8.1. (#14607)
+ - Alter some unit test environment parameters to decrease time
+ spent running tests. (#14610)
+ - Switch to Go recommended installation method for gotestfmt
+ template in CI. (#14611)
+ - Bump phonenumbers from 8.13.0 to 8.13.1. (#14612)
+ - Bump types-setuptools from 65.5.0.3 to 65.6.0.1. (#14613)
+ - Bump twine from 4.0.1 to 4.0.2. (#14614)
+ - Bump types-requests from 2.28.11.2 to 2.28.11.5. (#14615)
+ - Bump cryptography from 38.0.3 to 38.0.4. (#14616)
+ - Remove useless cargo install with apt from Dockerfile.
+ (#14636)
+ - Bump certifi from 2021.10.8 to 2022.12.7. (#14645)
+ - Bump flake8-bugbear from 22.10.27 to 22.12.6. (#14656)
+ - Bump packaging from 21.3 to 22.0. (#14657)
+ - Bump types-pillow from 9.3.0.1 to 9.3.0.4. (#14658)
+ - Bump serde from 1.0.148 to 1.0.150. (#14659)
+ - Bump phonenumbers from 8.13.1 to 8.13.2. (#14660)
+ - Bump authlib from 1.1.0 to 1.2.0. (#14661)
+ - Move StateFilter to synapse.types. (#14668)
+ - Improve type hints. (#14597, #14646, #14671)
+
+-------------------------------------------------------------------
+Tue Dec 6 13:39:40 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.73.0
+ Please note that legacy Prometheus metric names have been removed
+ in this release; see the upgrade notes for more details.
+
+ https://github.com/matrix-org/synapse/blob/release-v1.73/docs/upgrade.md#legacy-prometheus-metric-names-have-now-been-removed
+
+ - Features
+ - Speed-up /messages with filter_events_for_client
+ optimizations. (#14527)
+ - Improve DB performance by reducing amount of data that gets
+ read in device_lists_changes_in_room. (#14534)
+ - Adds support for handling avatar in SSO OIDC login.
+ Contributed by @ashfame. (#13917)
+ - Move MSC3030 /timestamp_to_event endpoints to stable v1
+ location
+ (/_matrix/client/v1/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction>,
+ /_matrix/federation/v1/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction>).
+ (#14471)
+ - Reduce database load of Client-Server endpoints which return
+ bundled aggregations. (#14491, #14508, #14510)
+ - Add unstable support for an Extensible Events room version
+ (org.matrix.msc1767.10) via MSC1767, MSC3931, MSC3932, and
+ MSC3933. (#14520, #14521, #14524)
+ - Prune user's old devices on login if they have too many.
+ (#14038, #14580)
+ - Bugfixes
+ - Fix a regression in Synapse 1.73.0rc1 where Synapse's main
+ process would stop responding to HTTP requests when a user
+ with a large number of devices logs in. (#14582)
+ - Fix a long-standing bug where paginating from the start of a
+ room did not work. Contributed by @gnunicorn. (#14149)
+ - Fix a bug introduced in Synapse 1.58.0 where a user with
+ presence state org.matrix.msc3026.busy would mistakenly be
+ set to online when calling /sync or /events on a worker
+ process. (#14393)
+ - Fix a bug introduced in Synapse 1.70.0 where a receipt's
+ thread ID was not sent over federation. (#14466)
+ - Fix a long-standing bug where the List media admin API would
+ fail when processing an image with broken thumbnail
+ information. (#14537)
+ - Fix a bug introduced in Synapse 1.67.0 where two logging
+ context warnings would be logged on startup. (#14574)
+ - In application service transactions that include the
+ experimental org.matrix.msc3202.device_one_time_key_counts
+ key, include a duplicate key of
+ org.matrix.msc3202.device_one_time_keys_count to match the
+ name proposed by MSC3202. (#14565)
+ - Fix a bug introduced in Synapse 0.9 where Synapse would fail
+ to fetch server keys whose IDs contain a forward slash.
+ (#14490)
+ - Improved Documentation
+ - Fixed link to 'Synapse administration endpoints'. (#14499)
+ - Deprecations and Removals
+ - Remove legacy Prometheus metrics names. They were deprecated
+ in Synapse v1.69.0 and disabled by default in Synapse
+ v1.71.0. (#14538)
+ - Internal Changes
+ - Improve type hinting throughout Synapse. (#14055, #14412,
+ #14529, #14452).
+ - Remove old stream ID tracking code. Contributed by Nick
+ @beeper (@Fizzadar). (#14376, #14468)
+ - Remove the worker_main_http_uri configuration setting. This
+ is now handled via internal replication. (#14400, #14476)
+ - Refactor federation_sender and pusher configuration loading.
+ (#14496)
+ - (#14509, #14573)
+ - Faster joins: do not wait for full state when creating events
+ to send. (#14403)
+ - Faster joins: filter out non local events when a room doesn't
+ have its full state. (#14404)
+ - Faster joins: send events to initial list of servers if we
+ don't have the full state yet. (#14408)
+ - Faster joins: use servers list approximation received during
+ send_join (potentially updated with received membership
+ events) in assert_host_in_room. (#14515)
+ - Fix type logic in TCP replication code that prevented
+ correctly ignoring blank commands. (#14449)
+ - Remove option to skip locking of tables when performing
+ emulated upserts, to avoid a class of bugs in future.
+ (#14469)
+ - scripts-dev/federation_client: Fix routing on servers with
+ .well-known files. (#14479)
+ - Reduce default third party invite rate limit to 216 invites
+ per day. (#14487)
+ - Refactor conversion of device list changes in room to
+ outbound pokes to track unconverted rows using a (stream ID,
+ room ID) position instead of updating the
+ converted_to_destinations flag on every row. (#14516)
+ - Add more prompts to the bug report form. (#14522)
+ - Extend editorconfig rules on indent and line length to .pyi
+ files. (#14526)
+ - Run Rust CI when Cargo.lock changes. This is particularly
+ useful for dependabot updates. (#14571)
+ - Fix a possible variable shadow in create_new_client_event.
+ (#14575)
+ - Bump various dependencies in the poetry.lock file and in CI
+ scripts. (#14557, #14559, #14560, #14500, #14501, #14502,
+ #14503, #14504, #14505).
+- Bump dependencies to follow poetry bumps:
+ phonenumbers 8.12.44 -> 8.13.00
+ sentry-sdk 1.10.1 -> 1.11.0
+
+-------------------------------------------------------------------
+Tue Nov 22 13:18:00 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.72.0
+ Please note that Synapse now only supports PostgreSQL 11+,
+ because PostgreSQL 10 has reached end-of-life, c.f. our
+ Deprecation Policy.
+
+ - Features
+ - Add experimental support for MSC3912: Relation-based
+ redactions. (#14260)
+ - Build Debian packages for Ubuntu 22.10 (Kinetic Kudu).
+ (#14396)
+ - Add an Admin API endpoint for user lookup based on
+ third-party ID (3PID). Contributed by @ashfame. (#14405)
+ - Faster joins: include heroes' membership events in the
+ partial join response, for rooms without a name or canonical
+ alias. (#14442)
+ - Bugfixes
+ - Update forgotten references to legacy metrics in the included
+ Grafana dashboard. (#14477)
+ - Faster joins: do not block creation of or queries for room
+ aliases during the resync. (#14292)
+ - Fix a bug introduced in Synapse 1.64.0rc1 which could cause
+ log spam when fetching events from other homeservers.
+ (#14347)
+ - Fix a bug introduced in 1.66 which would not send certain
+ pushrules to clients. Contributed by Nico. (#14356)
+ - Fix a bug introduced in v1.71.0rc1 where the power level
+ event was incorrectly created during initial room creation.
+ (#14361)
+ - Fix the refresh token endpoint to be under /r0 and /v3
+ instead of /v1. Contributed by Tulir @ Beeper. (#14364)
+ - Fix a long-standing bug where Synapse would raise an error
+ when encountering an unrecognised field in a /sync filter,
+ instead of ignoring it for forward compatibility. (#14369)
+ - Fix a background database update, introduced in Synapse
+ 1.64.0, which could cause poor database performance. (#14374)
+ - Fix PostgreSQL sometimes using table scans for queries
+ against the event_search table, taking a long time and a
+ large amount of IO. (#14409)
+ - Fix rendering of some HTML templates (including emails).
+ Introduced in v1.71.0. (#14448)
+ - Fix a bug introduced in Synapse 1.70.0 where the background
+ updates to add non-thread unique indexes on receipts could
+ fail when upgrading from 1.67.0 or earlier. (#14453)
+ - Updates to the Docker image
+ - Add all Stream Writer worker types to
+ configure_workers_and_start.py. (#14197)
+ - Remove references to legacy worker types in the multi-worker
+ Dockerfile. (#14294)
+ - Improved Documentation
+ - Upload documentation PRs to Netlify. (#12947, #14370)
+ - Add addtional TURN server configuration example based on
+ eturnal and adjust general TURN server doc structure.
+ (#14293)
+ - Add example on how to load balance /sync requests.
+ Contributed by aceArt. (#14297)
+ - Edit sample Nginx reverse proxy configuration to use
+ HTTP/1.1. Contributed by Brad Jones. (#14414)
+ - Deprecations and Removals
+ - Remove support for PostgreSQL 10. (#14392, #14397)
+ - Internal Changes
+ - Run unit tests against Python 3.11. (#13812)
+ - Add TLS support for generic worker endpoints. (#14128,
+ #14455)
+ - Switch to a maintained action for installing Rust in CI.
+ (#14313)
+ - Add override ability to complement.sh command line script to
+ request certain types of workers. (#14324)
+ - Enabling testing of MSC3874 (filtering of /messages by
+ relation type) in complement. (#14339)
+ - Concisely log a failure to resolve state due to missing
+ prev_events. (#14346)
+ - Use a maintained Github action to install Rust. (#14351)
+ - Cleanup old worker datastore classes. Contributed by Nick @
+ Beeper (@Fizzadar). (#14375)
+ - Test against PostgreSQL 15 in CI. (#14394)
+ - Remove unreachable code. (#14410)
+ - Clean-up event persistence code. (#14411)
+ - Update docstring to clarify that
+ get_partial_state_events_batch does not just give you
+ completely arbitrary partial-state events. (#14417)
+ - Fix mypy errors introduced by bumping the locked version of
+ attrs and gitpython. (#14433)
+ - Make Dependabot only bump Rust deps in the lock file.
+ (#14434)
+ - Fix an incorrect stub return type for PushRuleEvaluator.run.
+ (#14451)
+ - Improve performance of /context in large rooms. (#14461)
+- bump dependencies based on poetry lock
+ Pillow 9.2.0 => 9.3.0
+ attrs 21.4.0 => 22.1.0
+ Twisted 22.4.0 => 22.10.0
+ cryptography 36.0.1 => 38.0.3
+ jsonschema 4.4.6 => 4.17.0
+
+-------------------------------------------------------------------
+Tue Nov 8 13:05:47 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.71.0
+ Please note that, as announced in the release notes for Synapse
+ 1.69.0, legacy Prometheus metric names are now disabled by
+ default. They will be removed altogether in Synapse 1.73.0. If
+ not already done, server administrators should update their
+ dashboards and alerting rules to avoid using the deprecated
+ metric names. See the upgrade notes for more details.
+
+ Note: in line with our deprecation policy for platform
+ dependencies, this will be the last release to support PostgreSQL
+ 10, which reaches upstream end-of-life on November 10th, 2022.
+ Future releases of Synapse will require PostgreSQL 11+.
+ - Features
+ - Support back-channel logouts from OpenID Connect providers.
+ (#11414)
+ - Allow use of Postgres and SQLlite full-text search operators in
+ search queries. (#11635, #14310, #14311)
+ - Implement MSC3664, Pushrules for relations. Contributed by
+ Nico. (#11804)
+ - Improve aesthetics of HTML templates. Note that these changes
+ do not retroactively apply to templates which have been
+ customised by server admins. (#13652)
+ - Enable write-ahead logging for SQLite installations.
+ Contributed by @asymmetric. (#13897)
+ - Show erasure status when listing users in the Admin API.
+ (#14205)
+ - Provide a specific error code when a /sync request provides a
+ filter which doesn't represent a JSON object. (#14262)
+ - Bugfixes
+ - Fix a long-standing bug where the update_synapse_database
+ script could not be run with multiple databases. Contributed by
+ @thefinn93 @ Beeper. (#13422)
+ - Fix a bug which prevented setting an avatar on homeservers
+ which have an explicit port in their server_name and have
+ max_avatar_size and/or allowed_avatar_mimetypes configuration.
+ Contributed by @ashfame. (#13927)
+ - Check appservice user interest against the local users instead
+ of all users in the room to align with MSC3905. (#13958)
+ - Fix a long-standing bug where Synapse would accidentally
+ include extra information in the response to PUT
+ /_matrix/federation/v2/invite/{roomId}/{eventId}. (#14064)
+ - Fix a bug introduced in Synapse 1.64.0 where presence updates
+ could be missing from /sync responses. (#14243)
+ - Fix a bug introduced in Synapse 1.60.0 which caused an error to
+ be logged when Synapse received a SIGHUP signal if debug
+ logging was enabled. (#14258)
+ - Prevent history insertion (MSC2716) during an partial join
+ (MSC3706). (#14291)
+ - Fix a bug introduced in Synapse 1.34.0 where device names would
+ be returned via a federation user key query request when
+ allow_device_name_lookup_over_federation was set to false.
+ (#14304)
+ - Fix a bug introduced in Synapse 0.34.0 where logs could include
+ error spam when background processes are measured as taking a
+ negative amount of time. (#14323)
+ - Fix a bug introduced in Synapse 1.70.0 where clients were
+ unable to PUT new dehydrated devices. (#14336)
+ - Improved Documentation
+ - Document the changes to monthly active user metrics due to
+ deprecation of legacy Prometheus metric names. (#14358, #14360)
+ - Explain how to disable the use of trusted_key_servers. (#13999)
+ - Add workers settings to configuration manual. (#14086)
+ - Correct the name of the config option
+ encryption_enabled_by_default_for_room_type. (#14110)
+ - Update docstrings of SynapseError and FederationError to
+ bettter describe what they are used for and the effects of
+ using them are. (#14191)
+ - Deprecations and Removals
+ - Disable legacy Prometheus metric names by default. They can
+ still be re-enabled for now, but they will be removed
+ altogether in Synapse 1.73.0. (#14353)
+ - Internal Changes
+ - Run unit tests against Python 3.11. (#13812)
+ - Remove unused @lru_cache decorator. (#13595)
+ - Save login tokens in database and prevent login token reuse.
+ (#13844)
+ - Refactor OIDC tests to better mimic an actual OIDC provider.
+ (#13910)
+ - Fix type annotation causing import time error in the Complement
+ forking launcher. (#14084)
+ - Refactor MSC3030 /timestamp_to_event endpoint to loop over
+ federation destinations with standard pattern and error
+ handling. (#14096)
+ - Add initial power level event to batch of bulk persisted events
+ when creating a new room. (#14228)
+ - Refactor /key/ endpoints to use RestServlet classes. (#14229)
+ - Switch to using the matrix-org/backend-meta version of
+ triage-incoming for new issues in CI. (#14230)
+ - Build wheels on macos 11, not 10.15. (#14249)
+ - Add debugging to help diagnose lost device list updates.
+ (#14268)
+ - Add Rust cache to CI for trial runs. (#14287)
+ - Improve type hinting of RawHeaders. (#14303)
+ - Use Poetry 1.2.0 in the Twisted Trunk CI job. (#14305)
+- follow poetry version bumps:
+ Jinja2 3.1.2
+ Pillow 9.2.0
+ prometheus-client 0.15.0
+ psycopg2 2.9.5
+ pysaml2 7.2.1
+ sentry-sdk 1.10.1
+ Authlib 0.15.1
+
+-------------------------------------------------------------------
+Fri Oct 28 14:48:00 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.70.1
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.70.0rc1 where the access
+ tokens sent to application services as headers were
+ malformed. Application services which were obtaining access
+ tokens from query parameters were not affected. (#14301)
+ - Fix room creation being rate limited too aggressively since
+ Synapse v1.69.0. (#14314)
+
+-------------------------------------------------------------------
+Wed Oct 26 11:56:57 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.70.0
+ - Features
+ - Support for MSC3856: threads list API. (#13394, #14171,
+ #14175)
+ - Support for thread-specific notifications & receipts (MSC3771
+ and MSC3773). (#13776, #13824, #13877, #13878, #14050,
+ #14140, #14159, #14163, #14174, #14222)
+ - Stop fetching missing prev_events after we already know their
+ signature is invalid. (#13816)
+ - Send application service access tokens as a header (and query
+ parameter). Implements MSC2832. (#13996)
+ - Ignore server ACL changes when generating pushes. Implements
+ MSC3786. (#13997)
+ - Experimental support for redirecting to an implementation of
+ a MSC3886 HTTP rendezvous service. (#14018)
+ - The /relations endpoint can now be used on workers. (#14028)
+ - Advertise support for Matrix 1.3 and 1.4 on
+ /_matrix/client/versions. (#14032, #14184)
+ - Improve validation of request bodies for the Device
+ Management and MSC2697 Device Dehyrdation client-server API
+ endpoints. (#14054)
+ - Experimental support for MSC3874. (#14148)
+ - Improve the validation of the following PUT endpoints:
+ /directory/room/{roomAlias}, /directory/list/room/{roomId}
+ and /directory/list/appservice/{networkId}/{roomId}. (#14179)
+ - Build and publish binary wheels for aarch64 platforms.
+ (#14212)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.70.0rc1 where the
+ information returned from the /threads API could be stale
+ when threaded events are redacted. (#14248)
+ - Fix a bug introduced in Synapse 1.70.0rc1 leading to broken
+ outbound federation when using Python 3.7. (#14280)
+ - Fix a bug introduced in Synapse 1.70.0rc1 where edits to
+ non-message events were aggregated by the homeserver.
+ (#14283)
+ - Prevent device names from appearing in device list updates
+ when allow_device_name_lookup_over_federation is false.
+ (#10015)
+ - Fix a long-standing bug where redactions were not being sent
+ over federation if we did not have the original event.
+ (#13813)
+ - Fix a long-standing bug where edits of non-m.room.message
+ events would not be correctly bundled or have their new
+ content applied. (#14034)
+ - Fix a bug introduced in Synapse 1.53.0 when querying
+ /publicRooms with both a room_type filter and a
+ third_party_instance_id. (#14053)
+ - Fix a bug introduced in Synapse 1.35.0 where errors parsing a
+ /send_join or /state response would produce excessive,
+ low-quality Sentry events. (#14065)
+ - Fix a long-standing bug where Synapse would error on the
+ optional 'invite_room_state' field not being provided to PUT
+ /_matrix/federation/v2/invite/{roomId}/{eventId}. (#14083)
+ - Fix a bug where invalid oEmbed fields would cause the entire
+ response to be discarded. Introduced in Synapse 1.18.0.
+ (#14089)
+ - Fix a bug introduced in Synapse 1.37.0 in which an incorrect
+ key name was used for sending and receiving room metadata
+ when knocking on a room. (#14102)
+ - Fix a bug introduced in v1.69.0rc1 where the joined hosts for
+ a given event were not being properly cached. (#14125)
+ - Fix a bug introduced in Synapse 1.30.0 where purging and
+ rejoining a room without restarting in-between would result
+ in a broken room. (#14161, #14164)
+ - Fix MSC3030 /timestamp_to_event endpoint returning
+ potentially inaccurate closest events with outliers present.
+ (#14215)
+ - Updates to the Docker image
+ - Update the version of frozendict in Docker images and Debian
+ packages from 2.3.3 to 2.3.4, which may fix memory leak
+ problems. (#13955)
+ - Use the minimal Rust profile when building Synapse. (#14141)
+ - Prevent a class of database sharding errors when using
+ Dockerfile-workers to spawn multiple instances of the same
+ worker. Contributed by Jason Little. (#14165)
+ - Set LD_PRELOAD to use jemalloc memory allocator in
+ Dockerfile-workers. (#14182)
+ - Fix pre-startup logging being lost when using the
+ Dockerfile-workers image. (#14195)
+ - Improved Documentation
+ - Add sample worker files for pusher and federation_sender.
+ (#14077)
+ - Improve the listener example on the metrics documentation.
+ (#14078)
+ - Expand Google OpenID Connect example config to map email
+ attribute. Contributed by @ptman. (#14081)
+ - The changelog entry ending in a full stop or exclamation mark
+ is not optional. (#14087)
+ - Fix links to jemalloc documentation, which were broken in
+ #13491. (#14093)
+ - Remove not needed replication listener in docker compose
+ example. (#14107)
+ - Fix name of alias_creation_rules option in the config manual
+ documentation. (#14124)
+ - Clarify comment on event contexts. (#14145)
+ - Fix dead link to the Admin Registration API. (#14189)
+ - Deprecations and Removals
+ - Remove the experimental implementation of MSC3772. (#14094)
+ - Remove the unstable identifier for MSC3715. (#14106, #14146)
+ - Internal Changes
+ - Build ABI3 wheels for CPython. (#14253)
+ - For the aarch64 architecture, only build wheels for CPython
+ manylinux. (#14259)
+ - Optimise queries used to get a users rooms during sync.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13991)
+ - Update authlib from 0.15.5 to 1.1.0. (#14006)
+ - Make parse_server_name consistent in handling invalid server
+ names. (#14007)
+ - Don't repeatedly wake up the same users for batched events.
+ (#14033)
+ - Complement test image: capture logs from nginx. (#14063)
+ - Don't create noisy Sentry events when a requester drops
+ connection to the metrics server mid-request. (#14072)
+ - Run the integration test suites with the asyncio reactor
+ enabled in CI. (#14092)
+ - Add debug logs to figure out why an event was filtered out of
+ the client response. (#14095)
+ - Indicate what endpoint came back with a JSON response we were
+ unable to parse. (#14097)
+ - Break up calls to fetch rooms for many users. Contributed by
+ Nick @ Beeper (@Fizzadar). (#14109)
+ - Faster joins: prioritise the server we joined by when
+ restarting a partial join resync. (#14126)
+ - Cache Rust build cache when building docker images. (#14130)
+ - Enable dependabot for Rust dependencies. (#14132)
+ - Bump typing-extensions from 4.1.1 to 4.4.0. (#14134)
+ - Use the minimal Rust profile when building Synapse. (#14141)
+ - Remove unused configuration code. (#14142)
+ - Prepare for the gotestfmt repository move. (#14144)
+ - Invalidate rooms for user caches on replicated event, fix
+ sync cache race in synapse workers. Contributed by Nick @
+ Beeper (@Fizzadar). (#14155)
+ - Enable url previews when testing with complement. (#14198)
+ - When authenticating batched events, check for auth events in
+ batch as well as DB. (#14214)
+ - Update CI config to avoid GitHub Actions deprecation
+ warnings. (#14216, #14224)
+ - Update dependency requirements to allow building with
+ poetry-core 1.3.2. (#14217)
+ - Rename the cache_memory extra to cache-memory, for
+ compatability with poetry-core 1.3.0 and PEP 685. From-source
+ installations using this extra will need to install using the
+ new name. (#14221)
+ - Specify dev-dependencies using lower bounds, to reduce the
+ likelihood of a dependabot merge conflict. The lockfile
+ continues to pin to specific versions. (#14227)
+- Drop https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
+
+-------------------------------------------------------------------
+Thu Oct 20 10:44:17 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- As 14221.patch is modified to skip the parts we dont need
+ (changelog snippets) remove the url from the spec file.
+
+-------------------------------------------------------------------
+Tue Oct 18 14:52:09 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- All the shebang line fixing should skip the vendor directory so
+ that we do not break the checksum checks in cargo.
+
+-------------------------------------------------------------------
+Tue Oct 18 12:44:57 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
+ Same fix for the cache_memory as for url_preview
+
+-------------------------------------------------------------------
+Tue Oct 18 10:45:30 UTC 2022 - pgajdos@suse.com
+
+- python-six is not required
+ https://trello.com/c/MO53MocR/143-remove-python3-six
+
+-------------------------------------------------------------------
+Mon Oct 17 19:49:55 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.69.0
+ Please note that legacy Prometheus metric names are now
+ deprecated and will be removed in Synapse 1.73.0. Server
+ administrators should update their dashboards and alerting rules
+ to avoid using the deprecated metric names. See the upgrade notes
+ for more details.
+
+ - Features
+ - Allow application services to set the origin_server_ts of a
+ state event by providing the query parameter ts in PUT
+ /_matrix/client/r0/rooms/{roomId}/state/{eventType}/{stateKey},
+ per MSC3316. Contributed by @lukasdenk. (#11866)
+ - Allow server admins to require a manual approval process
+ before new accounts can be used (using MSC3866). (#13556)
+ - Exponentially backoff from backfilling the same event over
+ and over. (#13635, #13936)
+ - Add cache invalidation across workers to module API. (#13667,
+ #13947)
+ - Experimental implementation of MSC3882 to allow an existing
+ device/session to generate a login token for use on a new
+ device/session. (#13722, #13868)
+ - Experimental support for thread-specific receipts (MSC3771).
+ (#13782, #13893, #13932, #13937, #13939)
+ - Add experimental support for MSC3881: Remotely toggle push
+ notifications for another client. (#13799, #13831, #13860)
+ - Keep track when an event pulled over federation fails its
+ signature check so we can intelligently back-off in the
+ future. (#13815)
+ - Improve validation for the unspecced, internal-only
+ _matrix/client/unstable/add_threepid/msisdn/submit_token
+ endpoint. (#13832)
+ - Faster remote room joins: record when we first partial-join
+ to a room. (#13892)
+ - Support a dir parameter on the /relations endpoint per
+ MSC3715. (#13920)
+ - Ask mail servers receiving emails from Synapse to not send
+ automatic replies (e.g. out-of-office responses). (#13957)
+ - Bugfixes
+ - Fix poor performance of the event_push_backfill_thread_id
+ background update, which was introduced in Synapse 1.68.0rc1.
+ (#14172, #14181)
+ - Fix an issue with Docker images causing the Rust dependencies
+ to not be pinned correctly. Introduced in v1.68.0 (#14129)
+ - Fix a bug introduced in Synapse 1.69.0rc1 which would cause
+ registration replication requests to fail if the worker
+ sending the request is not running Synapse 1.69. (#14135)
+ - Fix error in background update when rotating existing
+ notifications. Introduced in v1.69.0rc2. (#14138)
+ - Send push notifications for invites received over federation.
+ (#13719, #14014)
+ - Fix a long-standing bug where typing events would be accepted
+ from remote servers not present in a room. Also fix a bug
+ where incoming typing events would cause other incoming
+ events to get stuck during a fast join. (#13830)
+ - Fix a bug introduced in Synapse v1.53.0 where the
+ experimental implementation of MSC3715 would give incorrect
+ results when paginating forward. (#13840)
+ - Fix access token leak to logs from proxy agent. (#13855)
+ - Fix have_seen_event cache not being invalidated after we
+ persist an event which causes inefficiency effects like extra
+ /state federation calls. (#13863)
+ - Faster room joins: Fix a bug introduced in 1.66.0 where an
+ error would be logged when syncing after joining a room.
+ (#13872)
+ - Fix a bug introduced in 1.66.0 where some required fields in
+ the pushrules sent to clients were not present anymore.
+ Contributed by Nico. (#13904)
+ - Fix packaging to include Cargo.lock in sdist. (#13909)
+ - Fix a long-standing bug where device updates could cause
+ delays sending out to-device messages over federation.
+ (#13922)
+ - Fix a bug introduced in v1.68.0 where Synapse would require
+ setuptools_rust at runtime, even though the package is only
+ required at build time. (#13952)
+ - Fix a long-standing bug where POST
+ /_matrix/client/v3/keys/query requests could result in
+ excessively large SQL queries. (#13956)
+ - Fix a performance regression in the get_users_in_room
+ database query. Introduced in v1.67.0. (#13972)
+ - Fix a bug introduced in v1.68.0 bug where Rust extension
+ wasn't built in release mode when using poetry install.
+ (#14009)
+ - Do not return an unspecified original_event field when using
+ the stable /relations endpoint. Introduced in Synapse
+ v1.57.0. (#14025)
+ - Correctly handle a race with device lists when a remote user
+ leaves during a partial join. (#13885)
+ - Correctly handle sending local device list updates to remote
+ servers during a partial join. (#13934)
+ - Improved Documentation
+ - Add worker_main_http_uri for the worker generator bash
+ script. (#13772)
+ - Update URL for the NixOS module for Synapse. (#13818)
+ - Fix a mistake in sso_mapping_providers.md:
+ map_user_attributes is expected to return display_name, not
+ displayname. (#13836)
+ - Fix a cross-link from the registration admin API to the
+ registration_shared_secret configuration documentation.
+ (#13870)
+ - Update the man page for the hash_password script to correct
+ the default number of bcrypt rounds performed. (#13911,
+ #13930)
+ - Emphasize the right reasons when to use (room_id, event_id)
+ in a database schema. (#13915)
+ - Add instruction to contributing guide for running unit tests
+ in parallel. Contributed by @ashfame. (#13928)
+ - Clarify that the auto_join_rooms config option can also be
+ used with Space aliases. (#13931)
+ - Add some cross references to worker documentation. (#13974)
+ - Linkify urls in config documentation. (#14003)
+ - Updates to the Docker image
+ - Fix docker build OOMing in CI for arm64 builds. (#14173)
+ - Deprecations and Removals
+ - Remove the complete_sso_login method from the Module API
+ which was deprecated in Synapse 1.13.0. (#13843)
+ - Announce that legacy metric names are deprecated, will be
+ turned off by default in Synapse v1.71.0 and removed
+ altogether in Synapse v1.73.0. See the upgrade notes for more
+ information. (#14024)
+ - Deprecate the generate_short_term_login_token method in favor
+ of an async create_login_token method in the Module API.
+ (#13842)
+ - Internal Changes
+ - Rename the url_preview extra to url-preview, for
+ compatability with poetry-core 1.3.0 and PEP 685. From-source
+ installations using this extra will need to install using the
+ new name. (#14085)
+ - Ensure Synapse v1.69 works with upcoming database changes in
+ v1.70. (#14045)
+ - Fix a bug introduced in Synapse v1.68.0 where messages could
+ not be sent in rooms with non-integer notifications power
+ level. (#14073)
+ - Temporarily pin build-system requirements to workaround an
+ incompatibility with poetry-core 1.3.0. This will be reverted
+ before the v1.69.0 release proper, see #14079. (#14080)
+ - Speed up creation of DM rooms. (#13487, #13800)
+ - Port push rules to using Rust. (#13768, #13838, #13889)
+ - Optimise get rooms for user calls. Contributed by Nick @
+ Beeper (@Fizzadar). (#13787)
+ - Update the script which makes full schema dumps. (#13792)
+ - Use shared methods for cache invalidation when persisting
+ events, remove duplicate codepaths. Contributed by Nick @
+ Beeper (@Fizzadar). (#13796)
+ - Improve the synapse.api.auth.Auth mock used in unit tests.
+ (#13809)
+ - Faster Remote Room Joins: tell remote homeservers that we are
+ unable to authorise them if they query a room which has
+ partial state on our server. (#13823)
+ - Carry IdP Session IDs through user-mapping sessions. (#13839)
+ - Fix the release script not publishing binary wheels. (#13850)
+ - Raise issue if complement fails with latest deps. (#13859)
+ - Correct the comments in the complement dockerfile. (#13867)
+ - Create a new snapshot of the database schema. (#13873)
+ - Faster room joins: Send device list updates to most servers
+ in rooms with partial state. (#13874, #14013)
+ - Add comments to the Prometheus recording rules to make it
+ clear which set of rules you need for Grafana or Prometheus
+ Console. (#13876)
+ - Only pull relevant backfill points from the database based on
+ the current depth and limit (instead of all) every time we
+ want to /backfill. (#13879)
+ - Faster room joins: Avoid waiting for full state when
+ processing /keys/changes requests. (#13888)
+ - Improve backfill robustness by trying more servers when we
+ get a 4xx error back. (#13890)
+ - Fix mypy errors with canonicaljson 1.6.3. (#13905)
+ - Faster remote room joins: correctly handle remote device list
+ updates during a partial join. (#13913)
+ - Complement image: propagate SIGTERM to all workers. (#13914)
+ - Update an innaccurate comment in Synapse's upsert database
+ helper. (#13924)
+ - Update mypy (0.950 -> 0.981) and mypy-zope (0.3.7 -> 0.3.11).
+ (#13925, #13993)
+ - Use dedicated get_local_users_in_room(room_id) function to
+ find local users when calculating users to copy over during a
+ room upgrade. (#13960)
+ - Refactor language in user directory _track_user_joined_room
+ code to make it more clear that we use both local and remote
+ users. (#13966)
+ - Revert catch-all exceptions being recorded as event pull
+ attempt failures (only handle what we know about). (#13969)
+ - Speed up calculating push actions in large rooms. (#13973,
+ #13992)
+ - Enable update notifications from Github's dependabot.
+ (#13976)
+ - Prototype a workflow to automatically add changelogs to
+ dependabot PRs. (#13998, #14011, #14017, #14021, #14027)
+ - Fix type annotations to be compatible with new annotations in
+ development versions of twisted. (#14012)
+ - Clear out stale entries in event_push_actions_staging table.
+ (#14020)
+ - Bump versions of GitHub actions. (#13978, #13979, #13980,
+ #13982, #14015, #14019, #14022, #14023)
+- modified bump-dependencies.patch:
+ to undo the upper bound for poetry-core again as we already have
+ a newer version in TW
+- drop patches which are included in the update:
+ - 14085-extra-check.patch
+ - 13952.patch
+- refreshed patches:
+ - matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Sat Oct 15 10:02:06 UTC 2022 - Ben Greiner <code@bnavigator.de>
+
+- Replace fragile workaround which is not specification compliant
+ with 14085-extra-check.patch -- gh#matrix-org/synapse#14085
+- Fix python site-packages fdupes
+
+-------------------------------------------------------------------
+Fri Oct 14 13:34:26 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Add workaround for poetry >= 1.3.0 (boo#1204312)
+ Also add the unnormalized name to the Metadata so that the
+ checks inside synapse work correctly.
+
+-------------------------------------------------------------------
+Sun Oct 9 21:58:05 UTC 2022 - Ben Greiner <code@bnavigator.de>
+
+- Reduce BuildRequires footprint with poetry-core instead of poetry
+
+-------------------------------------------------------------------
+Fri Sep 30 09:37:21 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/13952.patch
+ this prevents setuptools-rust being enforced as a runtime
+ dependency. Drop dependency in the package again.
+
+-------------------------------------------------------------------
+Wed Sep 28 01:07:43 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- synapse checks for setuptools-rust as a runtime dep. add this
+ until we figured out a better solution
+
+-------------------------------------------------------------------
+Tue Sep 27 20:50:59 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.68.0
+ Please note that Synapse will now refuse to start if configured
+ to use a version of SQLite older than 3.27.
+
+ In addition, please note that installing Synapse from a source
+ checkout now requires a recent Rust compiler. Those using
+ packages will not be affected. On most platforms, installing with
+ pip install matrix-synapse will not be affected. See the upgrade
+ notes.
+
+ - Features
+ - Keep track of when we fail to process a pulled event over
+ federation so we can intelligently back off in the future.
+ (#13589, #13814)
+ - Add an admin API endpoint to fetch messages within a
+ particular window of time. (#13672)
+ - Add an admin API endpoint to find a user based on their
+ external ID in an auth provider. (#13810)
+ - Cancel the processing of key query requests when they time
+ out. (#13680)
+ - Improve validation of request bodies for the following
+ client-server API endpoints:
+ /account/3pid/msisdn/requestToken,
+ /org.matrix.msc3720/account_status, /account/3pid/add,
+ /account/3pid/bind, /account/3pid/delete and
+ /account/3pid/unbind. (#13687, #13736)
+ - Document the timestamp when a user accepts the consent, if
+ consent tracking is used. (#13741)
+ - Add a listeners[x].request_id_header configuration option to
+ specify which request header to extract and use as the
+ request ID in order to correlate requests from a reverse
+ proxy. (#13801)
+ - Bugfixes
+ - Fix packaging to include Cargo.lock in sdist. (#13909)
+ - Fix building from packaged sdist. Broken in v1.68.0rc1.
+ (#13866)
+ - Fix a bug introduced in Synapse 1.41.0 where the /hierarchy
+ API returned non-standard information (a room_id field under
+ each entry in children_state). (#13506)
+ - Fix a long-standing bug where previously rejected events
+ could end up in room state because they pass auth checks
+ given the current state of the room. (#13723)
+ - Fix a long-standing bug where Synapse fails to start if a
+ signing key file contains an empty line. (#13738)
+ - Fix a long-standing bug where Synapse would fail to handle
+ malformed user IDs or room aliases gracefully in certain
+ cases. (#13746)
+ - Fix a long-standing bug where device lists would remain
+ cached when remote users left and rejoined the last room
+ shared with the local homeserver. (#13749, #13826)
+ - Fix a long-standing bug that could cause stale caches in some
+ rare cases on the first startup of Synapse with replication.
+ (#13766)
+ - Fix a long-standing spec compliance bug where Synapse would
+ accept a trailing slash on the end of /get_missing_events
+ federation requests. (#13789)
+ - Delete associated data from event_failed_pull_attempts,
+ insertion_events, insertion_event_extremities,
+ insertion_event_extremities, insertion_event_extremities when
+ purging the room. (#13825)
+ - Improved Documentation
+ - Note that libpq is required on ARM-based Macs. (#13480)
+ - Fix a mistake in the config manual introduced in Synapse
+ 1.22.0: the event_cache_size is scaled by
+ caches.global_factor. (#13726)
+ - Fix a typo in the documentation for the login ratelimiting
+ configuration. (#13727)
+ - Define Synapse's compatability policy for SQLite versions.
+ (#13728)
+ - Add docs for the common fix of deleting the
+ matrix_synapse.egg-info/ directory for fixing Python
+ dependency problems. (#13785)
+ - Update request log format documentation to mention the format
+ used when the authenticated user is controlling another user.
+ (#13794)
+ - Deprecations and Removals
+ - Synapse will now refuse to start if configured to use SQLite
+ < 3.27. (#13760)
+ - Don't include redundant prev_state in new events. Contributed
+ by Denis Kariakin (@dakariakin). (#13791)
+ - Internal Changes
+ - Fix the release script not publishing binary wheels. (#13850)
+ - Lower minimum supported rustc version to 1.58.1. (#13857)
+ - Lock Rust dependencies' versions. (#13858)
+ - Add a stub Rust crate. (#12595, #13734, #13735, #13743,
+ #13763, #13769, #13778)
+ - Bump the minimum dependency of matrix_common to 1.3.0 to make
+ use of the MXCUri class. Use MXCUri to simplify media
+ retention test code. (#13162)
+ - Add and populate the event_stream_ordering column on the
+ receipts table for future optimisation of push action
+ processing. Contributed by Nick @ Beeper (@Fizzadar).
+ (#13703)
+ - Rename the EventFormatVersions enum values so that they line
+ up with room version numbers. (#13706)
+ - Update trial old deps CI to use Poetry 1.2.0. (#13707,
+ #13725)
+ - Add experimental configuration option to allow disabling
+ legacy Prometheus metric names. (#13714, #13717, #13718)
+ - Fix typechecking with latest types-jsonschema. (#13724)
+ - Strip number suffix from instance name to consolidate
+ services that traces are spread over. (#13729)
+ - Instrument get_metadata_for_events for understandable traces
+ in Jaeger. (#13730)
+ - Remove old queries to join room memberships to current state
+ events. Contributed by Nick @ Beeper (@Fizzadar). (#13745)
+ - Avoid raising an error due to malformed user IDs in
+ get_current_hosts_in_room. Malformed user IDs cannot
+ currently join a room, so this error would not be hit.
+ (#13748)
+ - Update the docstrings for get_users_in_room and
+ get_current_hosts_in_room to explain the impact of partial
+ state. (#13750)
+ - Use an additional database query when persisting receipts.
+ (#13752)
+ - Preparatory work for storing thread IDs for notifications and
+ receipts. (#13753)
+ - Re-type hint some collections as read-only. (#13754)
+ - Remove unused Prometheus recording rules from
+ synapse-v2.rules and add comments describing where the rest
+ are used. (#13756)
+ - Add a check for editable installs if the Rust library needs
+ rebuilding. (#13759)
+ - Tag traces with the instance name to be able to easily jump
+ into the right logs and filter traces by instance. (#13761)
+ - Concurrently fetch room push actions when calculating badge
+ counts. Contributed by Nick @ Beeper (@Fizzadar). (#13765)
+ - Update the script which makes full schema dumps. (#13770)
+ - Deduplicate is_server_notices_room. (#13780)
+ - Simplify the dependency DAG in the tests workflow. (#13784)
+ - Remove an old, incorrect migration file. (#13788)
+ - Remove unused method in synapse.api.auth.Auth. (#13795)
+ - Fix a memory leak when running the unit tests. (#13798)
+ - Use partial indices on SQLite. (#13802)
+ - Check that portdb generates the same postgres schema as that
+ in the source tree. (#13808)
+ - Fix Docker build when Rust .so has been built locally first.
+ (#13811)
+ - Complement: Initialise the Postgres database directly inside
+ the target image instead of the base Postgres image to fix
+ building using Buildah. (#13819)
+ - Support providing an index predicate clause when doing
+ upserts. (#13822)
+ - Minor speedups to linting in CI. (#13827)
+- update dependencies
+ bcrypt to 3.1.7
+ matrix-common to 1.3.0
+- add handling for the rust based parts:
+ - new dependencies
+ - setuptools-rust
+ - cargo
+ - update _service file to also vendor the cargo dependencies
+
+-------------------------------------------------------------------
+Tue Sep 13 14:16:44 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.67.0
+ This release removes using the deprecated direct TCP replication
+ configuration for workers. Server admins should use Redis
+ instead. See the upgrade notes.
+
+ The minimum version of poetry supported for managing source
+ checkouts is now 1.2.0.
+
+ Notice: from the next major release (v1.68.0) installing Synapse
+ from a source checkout will require a recent Rust compiler. Those
+ using packages or pip install matrix-synapse will not be
+ affected. See the upgrade notes.
+
+ Notice: from the next major release (1.68.0), running Synapse
+ with a SQLite database will require SQLite version 3.27.0 or
+ higher. (The current minimum version is SQLite 3.22.0.) See
+ #12983 and the upgrade notes for more details.
+
+ https://matrix-org.github.io/synapse/v1.67/upgrade.html#upgrading-to-v1670
+
+ - Features
+ - Support setting the registration shared secret in a file, via
+ a new registration_shared_secret_path configuration option.
+ (#13614)
+ - Change the default startup behaviour so that any missing
+ "additional" configuration files (signing key, etc) are
+ generated automatically. (#13615)
+ - Improve performance of sending messages in rooms with
+ thousands of local users. (#13634)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.13 where the List Rooms
+ admin API would return integers instead of booleans for the
+ federatable and public fields when using a Sqlite database.
+ (#13509)
+ - Fix bug that user cannot /forget rooms after the last member
+ has left the room. (#13546)
+ - Faster Room Joins: fix /make_knock blocking indefinitely when
+ the room in question is a partial-stated room. (#13583)
+ - Fix loading the current stream position behind the actual
+ position. (#13585)
+ - Fix a longstanding bug in register_new_matrix_user which
+ meant it was always necessary to explicitly give a server
+ URL. (#13616)
+ - Fix the running of MSC1763 retention purge_jobs in
+ deployments with background jobs running on a worker by
+ forcing them back onto the main worker. Contributed by Brad @
+ Beeper. (#13632)
+ - Fix a long-standing bug that downloaded media for URL
+ previews was not deleted while database background updates
+ were running. (#13657)
+ - Fix MSC3030 /timestamp_to_event endpoint to return the
+ correct next event when the events have the same timestamp.
+ (#13658)
+ - Fix bug where we wedge media plugins if clients disconnect
+ early. Introduced in v1.22.0. (#13660)
+ - Fix a long-standing bug which meant that keys for
+ unwhitelisted servers were not returned by
+ /_matrix/key/v2/query. (#13683)
+ - Fix a bug introduced in Synapse v1.20.0 that would cause the
+ unstable unread counts from MSC2654 to be calculated even if
+ the feature is disabled. (#13694)
+ - Updates to the Docker image
+ - Update docker image to use a stable version of poetry.
+ (#13688)
+ - Improved Documentation
+ - Improve the description of the "chain cover index" used
+ internally by Synapse. (#13602)
+ - Document how "monthly active users" is calculated and used.
+ (#13617)
+ - Improve documentation around user registration. (#13640)
+ - Remove documentation of legacy frontend_proxy worker app.
+ (#13645)
+ - Clarify documentation that HTTP replication traffic can be
+ protected with a shared secret. (#13656)
+ - Remove unintentional colons from config manual headers.
+ (#13665)
+ - Update docs to make enabling metrics more clear. (#13678)
+ - Clarify (room_id, event_id) global uniqueness and how we
+ should scope our database schemas. (#13701)
+ - Deprecations and Removals
+ - Drop support for calling
+ /_matrix/client/v3/rooms/{roomId}/invite without an
+ id_access_token, which was not permitted by the spec.
+ Contributed by @Vetchu. (#13241)
+ - Remove redundant _get_joined_users_from_context cache.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13569)
+ - Remove the ability to use direct TCP replication with
+ workers. Direct TCP replication was deprecated in Synapse
+ v1.18.0. Workers now require using Redis. (#13647)
+ - Remove support for unstable private read receipts. (#13653,
+ #13692)
+ - Internal Changes
+ - Extend the release script to wait for GitHub Actions to
+ finish and to be usable as a guide for the whole process.
+ (#13483)
+ - Add experimental configuration option to allow disabling
+ legacy Prometheus metric names. (#13540)
+ - Cache user IDs instead of profiles to reduce cache memory
+ usage. Contributed by Nick @ Beeper (@Fizzadar). (#13573,
+ #13600)
+ - Optimize how Synapse calculates domains to fetch from during
+ backfill. (#13575)
+ - Comment about a better future where we can get the state diff
+ between two events. (#13586)
+ - Instrument _check_sigs_and_hash_and_fetch to trace time spent
+ in child concurrent calls for understandable traces in
+ Jaeger. (#13588)
+ - Improve performance of @cachedList. (#13591)
+ - Minor speed up of fetching large numbers of push rules.
+ (#13592)
+ - Optimise push action fetching queries. Contributed by Nick @
+ Beeper (@Fizzadar). (#13597)
+ - Rename event_map to unpersisted_events when computing the
+ auth differences. (#13603)
+ - Refactor get_users_in_room(room_id) mis-use with dedicated
+ get_current_hosts_in_room(room_id) function. (#13605)
+ - Use dedicated get_local_users_in_room(room_id) function to
+ find local users when calculating
+ join_authorised_via_users_server of a /make_join request.
+ (#13606)
+ - Refactor get_users_in_room(room_id) mis-use to lookup single
+ local user with dedicated check_local_user_in_room(...)
+ function. (#13608)
+ - Drop unused column application_services_state.last_txn.
+ (#13627)
+ - Improve readability of Complement CI logs by printing failure
+ results last. (#13639)
+ - Generalise the @cancellable annotation so it can be used on
+ functions other than just servlet methods. (#13662)
+ - Introduce a CommonUsageMetrics class to share some usage
+ metrics between the Prometheus exporter and the phone home
+ stats. (#13671)
+ - Add some logging to help track down #13444. (#13679)
+ - Update poetry lock file for v1.2.0. (#13689)
+ - Add cache to is_partial_state_room. (#13693)
+ - Update the Grafana dashboard that is included with Synapse in
+ the contrib directory. (#13697)
+ - Only run trial CI on all python versions on non-PRs. (#13698)
+ - Fix typechecking with latest types-jsonschema. (#13712)
+ - Reduce number of CI checks we run for PRs. (#13713)
+
+-------------------------------------------------------------------
+Wed Aug 31 22:26:31 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.66.0
+ This release removes the ability for homeservers to delegate
+ email ownership verification and password reset confirmation to
+ identity servers. This removal was originally planned for Synapse
+ 1.64, but was later deferred until now. See the upgrade notes for
+ more details.
+
+ Deployments with multiple workers should note that the direct TCP
+ replication configuration was deprecated in Synapse v1.18.0 and
+ will be removed in Synapse v1.67.0. In particular, the TCP
+ replication listener type (not to be confused with the
+ replication resource on the http listener type) and the
+ worker_replication_port config option will be removed .
+
+ To migrate to Redis, add the redis config, then remove the TCP
+ replication listener from config of the master and
+ worker_replication_port from worker config. Note that a HTTP
+ listener with a replication resource is still required. See the
+ worker documentation for more details.
+
+ - Features
+ - Improve validation of request bodies for the following
+ client-server API endpoints: /account/password,
+ /account/password/email/requestToken, /account/deactivate and
+ /account/3pid/email/requestToken. (#13188, #13563)
+ - Add forgotten status to Room Details Admin API. (#13503)
+ - Add an experimental implementation for MSC3852 (Expose user
+ agents on Device). (#13549)
+ - Add org.matrix.msc2716v4 experimental room version with
+ updated content fields. Part of MSC2716 (Importing history).
+ (#13551)
+ - Add support for compression to federation responses. (#13537)
+ - Improve performance of sending messages in rooms with
+ thousands of local users. (#13522, #13547)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.66.0rc1 where the new rate
+ limit metrics were misreported
+ (synapse_rate_limit_sleep_affected_hosts,
+ synapse_rate_limit_reject_affected_hosts). (#13649)
+ - Faster room joins: make /joined_members block whilst the room
+ is partial stated. (#13514)
+ - Fix a bug introduced in Synapse 1.21.0 where the
+ /event_reports Admin API could return a total count which was
+ larger than the number of results you can actually query for.
+ (#13525)
+ - Fix a bug introduced in Synapse 1.52.0 where sending server
+ notices fails if max_avatar_size or allowed_avatar_mimetypes
+ is set and not system_mxid_avatar_url. (#13566)
+ - Fix a bug where the opentracing.force_tracing_for_users
+ config option would not apply to /sendToDevice and
+ /keys/upload requests. (#13574)
+ - Improved Documentation
+ - Add openssl example for generating registration HMAC digest.
+ (#13472)
+ - Tidy up Synapse's README. (#13491)
+ - Document that event purging related to the
+ redaction_retention_period config option is executed only
+ every 5 minutes. (#13492)
+ - Add a warning to retention documentation regarding the
+ possibility of database corruption. (#13497)
+ - Document that the DOCKER_BUILDKIT=1 flag is needed to build
+ the docker image. (#13515)
+ - Add missing links in user_consent section of configuration
+ manual. (#13536)
+ - Fix the doc and some warnings that were referring to the
+ nonexistent custom_templates_directory setting (instead of
+ custom_template_directory). (#13538)
+ - Deprecations and Removals
+ - Remove the ability for homeservers to delegate email
+ ownership verification
+ - and password reset confirmation to identity servers. See
+ upgrade notes for more details.
+ - Internal Changes
+ - Update the rejected state of events during
+ de-partial-stating. (#13459)
+ - Avoid blocking lazy-loading /syncs during partial joins due
+ to remote memberships. Pull remote memberships from auth
+ events instead of the room state. (#13477)
+ - Refuse to start when faster joins is enabled on a deployment
+ with workers, since worker configurations are not currently
+ supported. (#13531)
+ - Allow use of both @trace and @tag_args stacked on the same
+ function. (#13453)
+ - Instrument the federation/backfill part of /messages for
+ understandable traces in Jaeger. (#13489)
+ - Instrument FederationStateIdsServlet (/state_ids) for
+ understandable traces in Jaeger. (#13499, #13554)
+ - Track HTTP response times over 10 seconds from /messages
+ (synapse_room_message_list_rest_servlet_response_time_seconds).
+ (#13533)
+ - Add metrics to track how the rate limiter is affecting
+ requests (sleep/reject). (#13534, #13541)
+ - Add metrics to time how long it takes us to do backfill
+ processing
+ (synapse_federation_backfill_processing_before_time_seconds,
+ synapse_federation_backfill_processing_after_time_seconds).
+ (#13535, #13584)
+ - Add metrics to track rate limiter queue timing
+ (synapse_rate_limit_queue_wait_time_seconds). (#13544)
+ - Update metrics to track /messages response time by room size.
+ (#13545)
+ - Refactor methods in synapse.api.auth.Auth to use Requester
+ objects everywhere instead of user IDs. (#13024)
+ - Clean-up tests for notifications. (#13471)
+ - Add some miscellaneous comments to document sync, especially
+ around compute_state_delta. (#13474)
+ - Use literals in place of HTTPStatus constants in tests.
+ (#13479, #13488)
+ - Add comments about how event push actions are rotated.
+ (#13485)
+ - Modify HTML template content to better support mobile
+ devices' screen sizes. (#13493)
+ - Add a linter script which will reject non-strict types in
+ Pydantic models. (#13502)
+ - Reduce the number of tests using legacy TCP replication.
+ (#13543)
+ - Allow specifying additional request fields when using the
+ HomeServerTestCase.login helper method. (#13549)
+ - Make HomeServerTestCase load any configured homeserver
+ modules automatically. (#13558)
+- sync update package dependencies from the pyproject.toml
+ adds pydantic >= 1.7.4 (>= 1.9.1 in poetry mode)
+
+-------------------------------------------------------------------
+Tue Aug 16 17:58:42 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.65.0
+ - Features
+ - Add support for stable prefixes for MSC2285 (private read
+ receipts). (#13273)
+ - Add new unstable error codes
+ ORG.MATRIX.MSC3848.ALREADY_JOINED,
+ ORG.MATRIX.MSC3848.NOT_JOINED, and
+ ORG.MATRIX.MSC3848.INSUFFICIENT_POWER described in MSC3848.
+ (#13343)
+ - Use stable prefixes for MSC3827. (#13370)
+ - Add a new module API method to translate a room alias into a
+ room ID. (#13428)
+ - Add a new module API method to create a room. (#13429)
+ - Add remote join capability to the module API's
+ update_room_membership method (in a backwards compatible
+ manner). (#13441)
+ - Bugfixes
+ - Update the version of the LDAP3 auth provider module included
+ in the matrixdotorg/synapse DockerHub images and the Debian
+ packages hosted on packages.matrix.org to 0.2.2. This version
+ fixes a regression in the module. (#13470)
+ - Fix a bug introduced in Synapse v1.41.0 where the /hierarchy
+ API returned non-standard information (a room_id field under
+ each entry in children_state). (#13365)
+ - Fix a bug introduced in Synapse 0.24.0 that would respond
+ with the wrong error status code to /joined_members requests
+ when the requester is not a current member of the room.
+ Contributed by @andrewdoh. (#13374)
+ - Fix bug in handling of typing events for appservices.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13392)
+ - Fix a bug introduced in Synapse 1.57.0 where rooms listed in
+ exclude_rooms_from_sync in the configuration file would not
+ be properly excluded from incremental syncs. (#13408)
+ - Fix a bug in the experimental faster-room-joins support which
+ could cause it to get stuck in an infinite loop. (#13353)
+ - Faster room joins: fix a bug which caused rejected events to
+ become un-rejected during state syncing. (#13413)
+ - Faster room joins: fix error when running out of servers to
+ sync partial state with, so that Synapse raises the intended
+ error instead. (#13432)
+ - Updates to the Docker image
+ - Make Docker images build on armv7 by installing cryptography
+ dependencies in the 'requirements' stage. Contributed by
+ Jasper Spaans. (#13372)
+ - Improved Documentation
+ - Update the 'registration tokens' page to acknowledge that the
+ relevant MSC was merged into version 1.2 of the Matrix
+ specification. Contributed by @moan0s. (#11897)
+ - Document which HTTP resources support gzip compression.
+ (#13221)
+ - Add steps describing how to elevate an existing user to
+ administrator by manipulating the database. (#13230)
+ - Fix wrong headline for url_preview_accept_language in
+ documentation. (#13437)
+ - Remove redundant 'Contents' section from the Configuration
+ Manual. Contributed by @dklimpel. (#13438)
+ - Update documentation for config setting macaroon_secret_key.
+ (#13443)
+ - Update outdated information on sso_mapping_providers
+ documentation. (#13449)
+ - Fix example code in module documentation of
+ password_auth_provider_callbacks. (#13450)
+ - Make the configuration for the cache clearer. (#13481)
+ - Internal Changes
+ - Revert 'Remove the unspecced room_id field in the /hierarchy
+ response. (#13365)' to give more time for clients to update.
+ (#13501)
+ - Extend the release script to automatically push a new SyTest
+ branch, rather than having that be a manual process. (#12978)
+ - Make minor clarifications to the error messages given when we
+ fail to join a room via any server. (#13160)
+ - Enable Complement CI tests in the 'latest deps' test run.
+ (#13213)
+ - Fix long-standing bugged logic which was never hit in get_pdu
+ asking every remote destination even after it finds an event.
+ (#13346)
+ - Faster room joins: avoid blocking when pulling events with
+ partially missing prev events. (#13355)
+ - Instrument /messages for understandable traces in Jaeger.
+ (#13368)
+ - Remove an unused argument to get_relations_for_event.
+ (#13383)
+ - Add a merge-back command to the release script, which
+ automates merging the correct branches after a release.
+ (#13393)
+ - Adding missing type hints to tests. (#13397)
+ - Faster Room Joins: don't leave a stuck room partial state
+ flag if the join fails. (#13403)
+ - Refactor _resolve_state_at_missing_prevs to compute an
+ EventContext instead. (#13404, #13431)
+ - Faster Room Joins: prevent Synapse from answering federated
+ join requests for a room which it has not fully joined yet.
+ (#13416)
+ - Re-enable running Complement tests against Synapse with
+ workers. (#13420)
+ - Prevent unnecessary lookups to any external get_event cache.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13435)
+ - Add some tracing to give more insight into local room joins.
+ (#13439)
+ - Rename class RateLimitConfig to RatelimitSettings and
+ FederationRateLimitConfig to FederationRatelimitSettings.
+ (#13442)
+ - Add some comments about how event push actions are stored.
+ (#13445, #13455)
+ - Improve rebuild speed for the "synapse-workers" docker image.
+ (#13447)
+ - Fix @tag_args being off-by-one with the arguments when
+ tagging a span (tracing). (#13452)
+ - Update type of EventContext.rejected. (#13460)
+ - Use literals in place of HTTPStatus constants in tests.
+ (#13463, #13469)
+ - Correct a misnamed argument in state res v2 internals.
+ (#13467)
+
+-------------------------------------------------------------------
+Tue Aug 2 11:32:12 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.64.0
+ As of this release, Synapse no longer allows the tasks of
+ verifying email address ownership, and password reset
+ confirmation, to be delegated to an identity server. For more
+ information, see the upgrade notes.
+
+ Synapse v1.66.0 will remove the ability to delegate the tasks of
+ verifying email address ownership, and password reset
+ confirmation, to an identity server.
+
+ If you require your homeserver to verify e-mail addresses or to
+ support password resets via e-mail, please configure your
+ homeserver with SMTP access so that it can send e-mails on its
+ own behalf. Consult the configuration documentation for more
+ information.
+
+ - Features
+ - Improve error messages when media thumbnails cannot be
+ served. (#13038)
+ - Allow pagination from remote event after discovering it from
+ MSC3030 /timestamp_to_event. (#13205)
+ - Add a room_type field in the responses for the list room and
+ room details admin APIs. Contributed by @andrewdoh. (#13208)
+ - Add support for room version 10. (#13220)
+ - Add per-room rate limiting for room joins. For each room,
+ Synapse now monitors the rate of join events in that room,
+ and throttles additional joins if that rate grows too large.
+ (#13253, #13254, #13255, #13276)
+ - Support Implicit TLS (TLS without using a STARTTLS upgrade,
+ typically on port 465) for sending emails, enabled by the new
+ option force_tls. Contributed by Jan Schär. (#13317)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.15.0 where adding a user
+ through the Synapse Admin API with a phone number would fail
+ if the enable_email_notifs and email_notifs_for_new_users
+ options were enabled. Contributed by @thomasweston12.
+ (#13263)
+ - Fix a bug introduced in Synapse 1.40.0 where a user invited
+ to a restricted room would be briefly unable to join.
+ (#13270)
+ - Fix a long-standing bug where, in rare instances, Synapse
+ could store the incorrect state for a room after a state
+ resolution. (#13278)
+ - Fix a bug introduced in v1.18.0 where the synapse_pushers
+ metric would overcount pushers when they are replaced.
+ (#13296)
+ - Disable autocorrection and autocapitalisation on the username
+ text field shown during registration when using SSO. (#13350)
+ - Update locked version of frozendict to 2.3.3, which has fixes
+ for memory leaks affecting /sync. (#13284, #13352)
+ - Improved Documentation
+ - Provide an example of using the Admin API. Contributed by
+ @jejo86. (#13231)
+ - Move the documentation for how URL previews work to the URL
+ preview module. (#13233, #13261)
+ - Add another contrib script to help set up worker processes.
+ Contributed by @villepeh. (#13271)
+ - Document that certain config options were added or changed in
+ Synapse 1.62. Contributed by @behrmann. (#13314)
+ - Document the new rc_invites.per_issuer throttling option
+ added in Synapse 1.63. (#13333)
+ - Mention that BuildKit is needed when building Docker images
+ for tests. (#13338)
+ - Improve Caddy reverse proxy documentation. (#13344)
+ - Deprecations and Removals
+ - Drop tables that were formerly used for groups/communities.
+ (#12967)
+ - Drop support for delegating email verification to an external
+ server. (#13192)
+ - Drop support for calling /_matrix/client/v3/account/3pid/bind
+ without an id_access_token, which was not permitted by the
+ spec. Contributed by @Vetchu. (#13239)
+ - Stop building .deb packages for Ubuntu 21.10 (Impish Indri),
+ which has reached end of life. (#13326)
+ - Internal Changes
+ - Use lower transaction isolation level when purging rooms to
+ avoid serialization errors. Contributed by Nick @ Beeper.
+ (#12942)
+ - Remove code which incorrectly attempted to reconcile state
+ with remote servers when processing incoming events. (#12943)
+ - Make the AS login method call Auth.get_user_by_req for
+ checking the AS token. (#13094)
+ - Always use a version of canonicaljson that supports the C
+ implementation of frozendict. (#13172)
+ - Add prometheus counters for ephemeral events and to device
+ messages pushed to app services. Contributed by Brad @
+ Beeper. (#13175)
+ - Refactor receipts servlet logic to avoid duplicated code.
+ (#13198)
+ - Preparation for database schema simplifications: populate
+ state_key and rejection_reason for existing rows in the
+ events table. (#13215)
+ - Remove unused database table event_reference_hashes. (#13218)
+ - Further reduce queries used sending events when creating new
+ rooms. Contributed by Nick @ Beeper (@Fizzadar). (#13224)
+ - Call the v2 identity service /3pid/unbind endpoint, rather
+ than v1. Contributed by @Vetchu. (#13240)
+ - Use an asynchronous cache wrapper for the get event cache.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13242, #13308)
+ - Optimise federation sender and appservice pusher event stream
+ processing queries. Contributed by Nick @ Beeper (@Fizzadar).
+ (#13251)
+ - Log the stack when waiting for an entire room to be
+ un-partial stated. (#13257)
+ - Fix spurious warning when fetching state after a missing prev
+ event. (#13258)
+ - Clean-up tests for notifications. (#13260)
+ - Do not fail build if complement with workers fails. (#13266)
+ - Don't pull out state in compute_event_context for
+ unconflicted state. (#13267, #13274)
+ - Reduce the rebuild time for the complement-synapse docker
+ image. (#13279)
+ - Don't pull out the full state when creating an event.
+ (#13281, #13307)
+ - Upgrade from Poetry 1.1.12 to 1.1.14, to fix bugs when
+ locking packages. (#13285)
+ - Make DictionaryCache expire full entries if they haven't been
+ queried in a while, even if specific keys have been queried
+ recently. (#13292)
+ - Use HTTPStatus constants in place of literals in tests.
+ (#13297)
+ - Improve performance of query
+ _get_subset_users_in_room_with_profiles. (#13299)
+ - Up batch size of bulk_get_push_rules and
+ _get_joined_profiles_from_event_ids. (#13300)
+ - Remove unnecessary json.dumps from tests. (#13303)
+ - Reduce memory usage of sending dummy events. (#13310)
+ - Prevent formatting changes of #3679 from appearing in git
+ blame. (#13311)
+ - Change get_users_in_room and get_rooms_for_user caches to
+ enable pruning of old entries. (#13313)
+ - Validate federation destinations and log an error if a
+ destination is invalid. (#13318)
+ - Fix FederationClient.get_pdu() returning events from the
+ cache as outliers instead of original events we saw over
+ federation. (#13320)
+ - Reduce memory usage of state caches. (#13323)
+ - Reduce the amount of state we store in the state_cache.
+ (#13324)
+ - Add missing type hints to open tracing module. (#13328,
+ #13345, #13362)
+ - Remove old base slaved store and de-duplicate cache ID
+ generators. Contributed by Nick @ Beeper (@Fizzadar).
+ (#13329, #13349)
+ - When reporting metrics is enabled, use ~8x less data to
+ describe DB transaction metrics. (#13342)
+ - Faster room joins: skip soft fail checks while Synapse only
+ has partial room state, since the current membership of event
+ senders may not be accurately known. (#13354)
+
+-------------------------------------------------------------------
+Wed Jul 20 13:54:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.63.1
+ - Features
+ - Add a rate limit for local users sending invites. (#13125)
+ - Implement MSC3827: Filtering of /publicRooms by room type.
+ (#13031)
+ - Improve validation logic in the account data REST endpoints.
+ (#13148)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.63.0 where push actions
+ were incorrectly calculated for appservice users. This caused
+ performance issues on servers with large numbers of
+ appservices. (#13332)
+ - Fix a long-standing bug where application services were not
+ able to join remote federated rooms without a profile.
+ (#13131)
+ - Fix a long-standing bug where _get_state_map_for_room might
+ raise errors when third party event rules callbacks are
+ present. (#13174)
+ - Fix a long-standing bug where the synapse_port_db script
+ could fail to copy rows with negative row ids. (#13226)
+ - Fix a bug introduced in 1.54.0 where appservices would not
+ receive room-less EDUs, like presence, when both MSC2409 and
+ MSC3202 are enabled. (#13236)
+ - Fix a bug introduced in 1.62.0 where rows were not deleted
+ from event_push_actions table on large servers. (#13194)
+ - Fix a bug introduced in 1.62.0 where notification counts
+ would get stuck after a highlighted message. (#13223)
+ - Fix exception when using experimental MSC3030
+ /timestamp_to_event endpoint to look for remote federated
+ imported events before room creation. (#13197)
+ - Fix MSC3202-enabled appservices not receiving to-device
+ messages, preventing messages from being decrypted. (#13235)
+ - Updates to the Docker image
+ - Bump the version of lxml in matrix.org Docker images Debian
+ packages from 4.8.0 to 4.9.1. (#13207)
+ - Improved Documentation
+ - Clarify that homeserver server names are included in the
+ reported data when the report_stats config option is enabled.
+ (#13321)
+ - Add an explanation of the --report-stats argument to the
+ docs. (#13029)
+ - Add a helpful example bash script to the contrib directory
+ for creating multiple worker configuration files of the same
+ type. Contributed by @villepeh. (#13032)
+ - Add missing links to config options. (#13166)
+ - Add documentation for homeserver usage statistics collection.
+ (#13086)
+ - Add documentation for the existing databases option in the
+ homeserver configuration manual. (#13212)
+ - Clean up references to sample configuration and redirect
+ users to the configuration manual instead. (#13077, #13139)
+ - Document how the Synapse team does reviews. (#13132)
+ - Fix wrong section header for
+ allow_public_rooms_over_federation in the homeserver config
+ documentation. (#13116)
+ - Deprecations and Removals
+ - Remove obsolete and for 8 years unused
+ RoomEventsStoreTestCase. Contributed by @arkamar. (#13200)
+ - Internal Changes
+ - Add type annotations to synapse.logging, tests.server and
+ tests.utils. (#13028, #13103, #13159, #13136)
+ - Enforce type annotations for tests.test_server. (#13135)
+ - Support temporary experimental return values for spam checker
+ module callbacks. (#13044)
+ - Add support to complement.sh for skipping the docker build.
+ (#13143, #13158)
+ - Add support to complement.sh for setting the log level using
+ the SYNAPSE_TEST_LOG_LEVEL environment variable. (#13152)
+ - Enable Complement testing in the 'Twisted Trunk' CI runs.
+ (#13079, #13157)
+ - Improve startup times in Complement test runs against
+ workers, particularly in CPU-constrained environments.
+ (#13127)
+ - Update config used by Complement to allow device name lookup
+ over federation. (#13167)
+ - Faster room joins: handle race between persisting an event
+ and un-partial stating a room. (#13100)
+ - Faster room joins: fix race in recalculation of current room
+ state. (#13151)
+ - Faster room joins: skip waiting for full state when
+ processing incoming events over federation. (#13144)
+ - Raise a DependencyError on missing dependencies instead of a
+ ConfigError. (#13113)
+ - Avoid stripping line breaks from SQL sent to the database.
+ (#13129)
+ - Apply ratelimiting earlier in processing of /send requests.
+ (#13134)
+ - Improve exception handling when processing events received
+ over federation. (#13145)
+ - Check that auto_vacuum is disabled when porting a SQLite
+ database to Postgres, as VACUUMs must not be performed
+ between runs of the script. (#13195)
+ - Reduce DB usage of /sync when a large number of unread
+ messages have recently been sent in a room. (#13119, #13153)
+ - Reduce memory consumption when processing incoming events in
+ large rooms. (#13078, #13222)
+ - Reduce number of queries used to get profile information.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13209)
+ - Reduce number of events queried during room creation.
+ Contributed by Nick @ Beeper (@Fizzadar). (#13210)
+ - More aggressively rotate push actions. (#13211)
+ - Add max_line_length setting for Python files to the
+ .editorconfig. Contributed by @sumnerevans @ Beeper. (#13228)
+
+-------------------------------------------------------------------
+Tue Jul 5 12:48:31 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.62.0
+ Authors of spam-checker plugins should consult the upgrade notes
+ to learn about the enriched signatures for spam checker
+ callbacks, which are supported with this release of Synapse.
+
+ - Features
+ - Port the spam-checker API callbacks to a new, richer API.
+ This is part of an ongoing change to let spam-checker modules
+ inform users of the reason their event or operation is
+ rejected. (#12857, #13047)
+ - Allow server admins to customise the response of the
+ /.well-known/matrix/client endpoint. (#13035)
+ - Add metrics measuring the CPU and DB time spent in state
+ resolution. (#13036)
+ - Speed up fetching of device list changes in /sync and
+ /keys/changes. (#13045, #13098)
+ - Improve URL previews for sites which only provide Twitter
+ Card metadata, e.g. LWN.net. (#13056)
+ - Bugfixes
+ - Update the version of the ldap3 plugin included in the
+ matrixdotorg/synapse DockerHub images and the Debian packages
+ hosted on packages.matrix.org to 0.2.1. This fixes a bug with
+ usernames containing uppercase characters. (#13156)
+ - Fix a bug introduced in Synapse 1.62.0rc1 affecting unread
+ counts for users on small servers. (#13168)
+ - Fix unread counts for users on large servers. Introduced in
+ v1.62.0rc1. (#13140)
+ - Fix DB performance when deleting old push notifications.
+ Introduced in v1.62.0rc1. (#13141)
+ - Update MSC3786 implementation to check state_key. (#12939)
+ - Fix a bug introduced in Synapse 1.58 where Synapse would not
+ report full version information when installed from a git
+ checkout. This is a best-effort affair and not guaranteed to
+ be stable. (#12973)
+ - Fix a bug introduced in Synapse 1.60 where Synapse would fail
+ to start if the sqlite3 module was not available. (#12979)
+ - Fix a bug where non-standard information was required when
+ requesting the /hierarchy API over federation. Introduced in
+ Synapse v1.41.0. (#12991)
+ - Fix a long-standing bug which meant that rate limiting was
+ not restrictive enough in some cases. (#13018)
+ - Fix a bug introduced in Synapse 1.58 where profile requests
+ for a malformed user ID would ccause an internal error.
+ Synapse now returns 400 Bad Request in this situation.
+ (#13041)
+ - Fix some inconsistencies in the event authentication code.
+ (#13087, #13088)
+ - Fix a long-standing bug where room directory requests would
+ cause an internal server error if given a malformed room
+ alias. (#13106)
+ - Improved Documentation
+ - Add documentation for how to configure Synapse with Workers
+ using Docker Compose. Includes example worker config and
+ docker-compose.yaml. Contributed by @Thumbscrew. (#12737)
+ - Ensure the Poetry cheat sheet is available in the online
+ documentation. (#13022)
+ - Mention removed community/group worker endpoints in
+ upgrade.md. Contributed by @olmari. (#13023)
+ - Add instructions for running Complement with
+ gotestfmt-formatted output locally. (#13073)
+ - Update OpenTracing docs to reference the configuration manual
+ rather than the configuration file. (#13076)
+ - Update information on downstream Debian packages. (#13095)
+ - Remove documentation for the Delete Group Admin API which no
+ longer exists. (#13112)
+ - Deprecations and Removals
+ - Remove the unspecced DELETE /directory/list/room/{roomId}
+ endpoint, which hid rooms from the public room directory.
+ Instead, PUT to the same URL with a visibility of "private".
+ (#13123)
+ - Internal Changes
+ - Add tests for cancellation of GET /rooms/$room_id/members and
+ GET /rooms/$room_id/state requests. (#12674)
+ - Report login failures due to unknown third party identifiers
+ in the same way as failures due to invalid passwords. This
+ prevents an attacker from using the error response to
+ determine if the identifier exists. Contributed by Daniel
+ Aloni. (#12738)
+ - Merge the Complement testing Docker images into a single,
+ multi-purpose image. (#12881, #13075)
+ - Simplify the database schema for event_edges. (#12893)
+ - Clean up the test code for client disconnection. (#12929)
+ - Remove code generating comments in configuration. (#12941)
+ - Add Cross-Origin-Resource-Policy: cross-origin header to
+ content repository's thumbnail and download endpoints.
+ (#12944)
+ - Replace noop background updates with DELETE delta. (#12954,
+ #13050)
+ - Use lower isolation level when inserting read receipts to
+ avoid serialization errors. Contributed by Nick @ Beeper.
+ (#12957)
+ - Reduce the amount of state we pull from the DB. (#12963)
+ - Enable testing against PostgreSQL databases in Complement CI.
+ (#12965, #13034)
+ - Fix an inaccurate comment. (#12969)
+ - Remove the delete_device method and always call
+ delete_devices. (#12970)
+ - Use a GitHub form for issues rather than a hard-to-read,
+ easy-to-ignore template. (#12982)
+ - Move MSC3715 behind an experimental config flag. (#12984)
+ - Add type hints to tests. (#12985, #13099)
+ - Refactor macaroon tokens generation and move the unsubscribe
+ link in notification emails to /_synapse/client/unsubscribe.
+ (#12986)
+ - Fix documentation for running complement tests. (#12990)
+ - Faster joins: add issue links to the TODO comments in the
+ code. (#13004)
+ - Reduce DB usage of /sync when a large number of unread
+ messages have recently been sent in a room. (#13005, #13096,
+ #13118)
+ - Replaced usage of PyJWT with methods from Authlib in
+ org.matrix.login.jwt. Contributed by Hannes Lerchl. (#13011)
+ - Modernize the contrib/graph/ scripts. (#13013)
+ - Remove redundant room_version parameters from event auth
+ functions. (#13017)
+ - Decouple synapse.api.auth_blocking.AuthBlocking from
+ synapse.api.auth.Auth. (#13021)
+ - Add type annotations to
+ synapse.storage.databases.main.devices. (#13025)
+ - Set default sync_response_cache_duration to two minutes.
+ (#13042)
+ - Rename CI test runs. (#13046)
+ - Increase timeout of complement CI test runs. (#13048)
+ - Refactor entry points so that they all have a main function.
+ (#13052)
+ - Refactor the Dockerfile-workers configuration script to use
+ Jinja2 templates in Synapse workers' Supervisord blocks.
+ (#13054)
+ - Add headers to individual options in config documentation to
+ allow for linking. (#13055)
+ - Make Complement CI logs easier to read. (#13057, #13058,
+ #13069)
+ - Don't instantiate modules with keyword arguments. (#13060)
+ - Fix type checking errors against Twisted trunk. (#13061)
+ - Allow MSC3030 timestamp_to_event calls from anyone on
+ world-readable rooms. (#13062)
+ - Add a CI job to check that schema deltas are in the correct
+ folder. (#13063)
+ - Avoid rechecking event auth rules which are independent of
+ room state. (#13065)
+ - Reduce the duplication of code that invokes the rate limiter.
+ (#13070)
+ - Add a Subject Alternative Name to the certificate generated
+ for Complement tests. (#13071)
+ - Add more tests for room upgrades. (#13074)
+ - Pin dependencies maintained by matrix.org to semantic version
+ bounds. (#13082)
+ - Correctly report prometheus DB stats for
+ get_earliest_token_for_stats. (#13085)
+ - Fix a long-standing bug where a finished logging context
+ would be re-started when Synapse failed to persist an event
+ from federation. (#13089)
+ - Simplify the alias deletion logic as an application service.
+ (#13093)
+ - Add type annotations to tests.test_server. (#13124)
+- Drop PyJWT dependency. Replaced by Authlib
+- Implement upper version limits to match pyproject.toml
+- Refreshed patches for new code:
+ bump-dependencies.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Tue Jun 28 15:55:03 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.61.1 (boo#1201229)
+ This patch release fixes a security issue regarding URL previews,
+ affecting all prior versions of Synapse. Server administrators
+ are encouraged to update Synapse as soon as possible. We are not
+ aware of these vulnerabilities being exploited in the wild.
+
+ Server administrators who are unable to update Synapse may use
+ the workarounds described in the linked GitHub Security Advisory
+ below.
+
+ The following issue is fixed in 1.61.1.
+
+ GHSA-22p3-qrh9-cx32 / CVE-2022-31052
+
+ Synapse instances with the url_preview_enabled homeserver config
+ option set to true are affected. URL previews of some web pages
+ can lead to unbounded recursion, causing the request to either
+ fail, or in some cases crash the running Synapse process.
+
+ Requesting URL previews requires authentication. Nevertheless, it
+ is possible to exploit this maliciously, either by malicious
+ users on the homeserver, or by remote users sending URLs that a
+ local user's client may automatically request a URL preview for.
+
+ Homeservers with the url_preview_enabled configuration option set
+ to false (the default) are unaffected. Instances with the
+ enable_media_repo configuration option set to false are also
+ unaffected, as this also disables URL preview functionality.
+
+ Fixed by fa1308061802ac7b7d20e954ba7372c5ac292333.
+
+-------------------------------------------------------------------
+Fri Jun 17 10:00:40 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- force python 3.10 on TW
+
+-------------------------------------------------------------------
+Tue Jun 14 15:39:50 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- update the dependencies
+ - drop PyNaCL dependency as it is not longer needed
+ - refreshed some of the version dependencies to use poetry.lock
+ for version numbers instead of the pyproject.toml
+
+-------------------------------------------------------------------
+Tue Jun 14 15:37:21 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.61.0
+ This release removes support for the non-standard feature known
+ both as 'groups' and as 'communities', which have been superseded
+ by Spaces.
+
+ - Features
+ - Add new media_retention options to the homeserver config for
+ routinely cleaning up non-recently accessed media. (#12732,
+ #12972, #12977)
+ - Experimental support for MSC3772: Push rule for mutually
+ related events. (#12740, #12859)
+ - Update to the check_event_for_spam module callback: Deprecate
+ the current callback signature, replace it with a new
+ signature that is both less ambiguous (replacing booleans
+ with explicit allow/block) and more powerful (ability to
+ return explicit error codes). (#12808)
+ - Add storage and module API methods to get monthly active
+ users (and their corresponding appservices) within an
+ optionally specified time range. (#12838, #12917)
+ - Support the new error code
+ ORG.MATRIX.MSC3823.USER_ACCOUNT_SUSPENDED from MSC3823.
+ (#12845, #12923)
+ - Add a configurable background job to delete stale devices.
+ (#12855)
+ - Improve URL previews for pages with empty elements. (#12951)
+ - Allow updating a user's password using the admin API without
+ logging out their devices. Contributed by @jcgruenhage.
+ (#12952)
+ - Bugfixes
+ - Always send an access_token in /thirdparty/ requests to
+ appservices, as required by the Application Service API
+ specification. (#12746)
+ - Implement MSC3816: sending the root event in a thread should
+ count as having 'participated' in it. (#12766)
+ - Delete events from the federation_inbound_events_staging
+ table when a room is purged through the admin API. (#12784)
+ - Fix a bug where we did not correctly handle invalid device
+ list updates over federation. Contributed by Carl Bordum
+ Hansen. (#12829)
+ - Fix a bug which allowed multiple async operations to access
+ database locks concurrently. Contributed by @sumnerevans @
+ Beeper. (#12832)
+ - Fix an issue introduced in Synapse 0.34 where the
+ /notifications endpoint would only return notifications if a
+ user registered at least one pusher. Contributed by Famedly.
+ (#12840)
+ - Fix a bug where servers using a Postgres database would fail
+ to backfill from an insertion event when MSC2716 is enabled
+ (experimental_features.msc2716_enabled). (#12843)
+ - Fix MSC3787 rooms being omitted from room directory, room
+ summary and space hierarchy responses. (#12858)
+ - Fix a bug introduced in Synapse 1.54.0 which could sometimes
+ cause exceptions when handling federated traffic. (#12877)
+ - Fix a bug introduced in Synapse 1.59.0 which caused room
+ deletion to fail with a foreign key violation error. (#12889)
+ - Fix a long-standing bug which caused the /messages endpoint
+ to return an incorrect end attribute when there were no more
+ events. Contributed by @Vetchu. (#12903)
+ - Fix a bug introduced in Synapse 1.58.0 where /sync would fail
+ if the most recent event in a room was a redaction of an
+ event that has since been purged. (#12905)
+ - Fix a potential memory leak when generating thumbnails.
+ (#12932)
+ - Fix a long-standing bug where a URL preview would break if
+ the image failed to download. (#12950)
+ - Improved Documentation
+ - Mention removed community/group worker endpoints in
+ upgrade.md. Contributed by @olmari. (#13023)
+ - Fix typographical errors in documentation. (#12863)
+ - Fix documentation incorrectly stating the sendToDevice
+ endpoint can be directed at generic workers. Contributed by
+ Nick @ Beeper. (#12867)
+ - Deprecations and Removals
+ - Remove support for the non-standard groups/communities
+ feature from Synapse. (#12553, #12558, #12563, #12895,
+ #12897, #12899, #12900, #12936, #12966)
+ - Remove contributed kick_users.py script. This is broken under
+ Python 3, and is not added to the environment when pip
+ installing Synapse. (#12908)
+ - Remove contrib/jitsimeetbridge. This was an unused experiment
+ that hasn't been meaningfully changed since 2014. (#12909)
+ - Remove unused contrib/experiements/cursesio.py script, which
+ fails to run under Python 3. (#12910)
+ - Remove unused contrib/experiements/test_messaging.py script.
+ This fails to run on Python 3. (#12911)
+ - Internal Changes
+ - Test Synapse against Complement with workers. (#12810,
+ #12933)
+ - Reduce the amount of state we pull from the DB. (#12811,
+ #12964)
+ - Try other homeservers when re-syncing state for rooms with
+ partial state. (#12812)
+ - Resume state re-syncing for rooms with partial state after a
+ Synapse restart. (#12813)
+ - Remove Mutual Rooms' (MSC2666) endpoint dependency on the
+ User Directory. (#12836)
+ - Experimental: expand check_event_for_spam with ability to
+ return additional fields. This enables spam-checker
+ implementations to experiment with mechanisms to give users
+ more information about why they are blocked and whether any
+ action is needed from them to be unblocked. (#12846)
+ - Remove dont_notify from the .m.rule.room.server_acl rule.
+ (#12849)
+ - Remove the unstable /hierarchy endpoint from MSC2946.
+ (#12851)
+ - Pull out less state when handling gaps in room DAG. (#12852,
+ #12904)
+ - Clean-up the push rules datastore. (#12856)
+ - Correct a type annotation in the URL preview source code.
+ (#12860)
+ - Update pyjwt dependency to 2.4.0. (#12865)
+ - Enable the /account/whoami endpoint on synapse worker
+ processes. Contributed by Nick @ Beeper. (#12866)
+ - Enable the batch_send endpoint on synapse worker processes.
+ Contributed by Nick @ Beeper. (#12868)
+ - Don't generate empty AS transactions when the AS is flagged
+ as down. Contributed by Nick @ Beeper. (#12869)
+ - Fix up the variable state_store naming. (#12871)
+ - Faster room joins: when querying the current state of the
+ room, wait for state to be populated. (#12872)
+ - Avoid running queries which will never result in deletions.
+ (#12879)
+ - Use constants for EDU types. (#12884)
+ - Reduce database load of /sync when presence is enabled.
+ (#12885)
+ - Refactor have_seen_events to reduce memory consumed when
+ processing federation traffic. (#12886)
+ - Refactor receipt linearization code. (#12888)
+ - Add type annotations to synapse.logging.opentracing. (#12894)
+ - Remove PyNaCl occurrences directly used in Synapse code.
+ (#12902)
+ - Bump types-jsonschema from 4.4.1 to 4.4.6. (#12912)
+ - Rename storage classes. (#12913)
+ - Preparation for database schema simplifications: stop reading
+ from event_edges.room_id. (#12914)
+ - Check if we are in a virtual environment before overriding
+ the PYTHONPATH environment variable in the demo script.
+ (#12916)
+ - Improve the logging when signature checks on events fail.
+ (#12925)
+
+-------------------------------------------------------------------
+Tue May 31 16:57:15 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.60.0
+ This release of Synapse adds a unique index to the
+ state_group_edges table, in order to prevent accidentally
+ introducing duplicate information (for example, because a
+ database backup was restored multiple times). If your Synapse
+ database already has duplicate rows in this table, this could
+ fail with an error and require manual remediation.
+
+ Additionally, the signature of the check_event_for_spam module
+ callback has changed. The previous signature has been deprecated
+ and remains working for now. Module authors should update their
+ modules to use the new signature where possible.
+
+ See the upgrade notes for more details.
+ https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#upgrading-to-v1600
+
+ - Features
+ - Add an option allowing users to use their password to
+ reauthenticate for privileged actions even though password
+ login is disabled. (#12883)
+ - Measure the time taken in spam-checking callbacks and expose
+ those measurements as metrics. (#12513)
+ - Add a default_power_level_content_override config option to
+ set default room power levels per room preset. (#12618)
+ - Add support for MSC3787: Allowing knocks to restricted rooms.
+ (#12623)
+ - Send USER_IP commands on a different Redis channel, in order
+ to reduce traffic to workers that do not process these
+ commands. (#12672, #12809)
+ - Synapse will now reload cache config when it receives a
+ SIGHUP signal. (#12673)
+ - Add a config options to allow for auto-tuning of caches.
+ (#12701)
+ - Update MSC2716 implementation to process marker events from
+ the current state to avoid markers being lost in timeline
+ gaps for federated servers which would cause the imported
+ history to be undiscovered. (#12718)
+ - Add a drop_federated_event callback to SpamChecker to
+ disregard inbound federated events before they take up much
+ processing power, in an emergency. (#12744)
+ - Implement MSC3818: Copy room type on upgrade. (#12786,
+ #12792)
+ - Update to the check_event_for_spam module callback. Deprecate
+ the current callback signature, replace it with a new
+ signature that is both less ambiguous (replacing booleans
+ with explicit allow/block) and more powerful (ability to
+ return explicit error codes). (#12808)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.60.0rc1 that would break
+ some imports from synapse.module_api. (#12918)
+ - Explicitly close ijson coroutines once we are done with them,
+ instead of leaving the garbage collector to close them.
+ (#12875)
+ - Fix a bug introduced in Synapse 1.7.0 that would prevent
+ events from being sent to clients if there's a retention
+ policy in the room when the support for retention policies is
+ disabled. (#12611)
+ - Fix a bug introduced in Synapse 1.57.0 where /messages would
+ throw a 500 error when querying for a non-existent room.
+ (#12683)
+ - Add a unique index to state_group_edges to prevent duplicates
+ being accidentally introduced and the consequential impact to
+ performance. (#12687)
+ - Fix a long-standing bug where an empty room would be created
+ when a user with an insufficient power level tried to upgrade
+ a room. (#12696)
+ - Fix a bug introduced in Synapse 1.30.0 where empty rooms
+ could be automatically created if a monthly active users
+ limit is set. (#12713)
+ - Fix push to dismiss notifications when read on another
+ client. Contributed by @SpiritCroc @ Beeper. (#12721)
+ - Fix poor database performance when reading the cache
+ invalidation stream for large servers with lots of workers.
+ (#12747)
+ - Delete events from the federation_inbound_events_staging
+ table when a room is purged through the admin API. (#12770)
+ - Give a meaningful error message when a client tries to create
+ a room with an invalid alias localpart. (#12779)
+ - Fix a bug introduced in 1.43.0 where a file (providers.json)
+ was never closed. Contributed by @arkamar. (#12794)
+ - Fix a long-standing bug where finished log contexts would be
+ re-started when failing to contact remote homeservers.
+ (#12803)
+ - Fix a bug, introduced in Synapse 1.21.0, that led to media
+ thumbnails being unusable before the index has been added in
+ the background. (#12823)
+ - Updates to the Docker image
+ - Fix the docker file after a dependency update. (#12853)
+ - Improved Documentation
+ - Fix a typo in the Media Admin API documentation. (#12715)
+ - Update the OpenID Connect example for Keycloak to be
+ compatible with newer versions of Keycloak. Contributed by
+ @nhh. (#12727)
+ - Fix typo in server listener documentation. (#12742)
+ - Link to the configuration manual from the welcome page of the
+ documentation. (#12748)
+ - Fix typo in run_background_tasks_on option name in
+ configuration manual documentation. (#12749)
+ - Add information regarding the rc_invites ratelimiting option
+ to the configuration docs. (#12759)
+ - Add documentation for cancellation of request processing.
+ (#12761)
+ - Recommend using docker to run tests against postgres.
+ (#12765)
+ - Add missing user directory endpoint from the generic worker
+ documentation. Contributed by @olmari. (#12773)
+ - Add additional info to documentation of config option
+ cache_autotuning. (#12776)
+ - Update configuration manual documentation to document
+ size-related suffixes. (#12777)
+ - Fix invalid YAML syntax in the example documentation for the
+ url_preview_accept_language config option. (#12785)
+ - Deprecations and Removals
+ - Require a body in POST requests to
+ /rooms/{roomId}/receipt/{receiptType}/{eventId}, as required
+ by the Matrix specification. This breaks compatibility with
+ Element Android 1.2.0 and earlier: users of those clients
+ will be unable to send read receipts. (#12709)
+ - Internal Changes
+ - Improve URL previews by not including the content of media
+ tags in the generated description. (#12887)
+ - Improve event caching mechanism to avoid having multiple
+ copies of an event in memory at a time. (#10533)
+ - Preparation for faster-room-join work: return subsets of room
+ state which we already have, immediately. (#12498)
+ - Add @cancellable decorator, for use on endpoint methods that
+ can be cancelled when clients disconnect. (#12586, #12588,
+ #12630, #12694, #12698, #12699, #12700, #12705)
+ - Enable cancellation of GET /rooms/$room_id/members, GET
+ /rooms/$room_id/state and GET
+ /rooms/$room_id/state/$event_type/* requests. (#12708)
+ - Improve documentation of the synapse.push module. (#12676)
+ - Refactor functions to on PushRuleEvaluatorForEvent. (#12677)
+ - Preparation for database schema simplifications: stop writing
+ to event_reference_hashes. (#12679)
+ - Remove code which updates unused database column
+ application_services_state.last_txn. (#12680)
+ - Refactor EventContext class. (#12689)
+ - Remove an unneeded class in the push code. (#12691)
+ - Consolidate parsing of relation information from events.
+ (#12693)
+ - Convert namespace class Codes into a string enum. (#12703)
+ - Optimize private read receipt filtering. (#12711)
+ - Drop the logging level of status messages for the URL preview
+ cache expiry job from INFO to DEBUG. (#12720)
+ - Downgrade some OIDC errors to warnings in the logs, to reduce
+ the noise of Sentry reports. (#12723)
+ - Update configs used by Complement to allow more invites/3PID
+ validations during tests. (#12731)
+ - Fix a long-standing bug where the user directory background
+ process would fail to make forward progress if a user
+ included a null codepoint in their display name or avatar.
+ (#12762)
+ - Tweak the mypy plugin so that @cached can accept
+ on_invalidate=None. (#12769)
+ - Move methods that call add_push_rule to the PushRuleStore
+ class. (#12772)
+ - Make handling of federation Authorization header (more)
+ compliant with RFC7230. (#12774)
+ - Refactor resolve_state_groups_for_events to not pull out full
+ state when no state resolution happens. (#12775)
+ - Do not keep going if there are 5 back-to-back background
+ update failures. (#12781)
+ - Fix federation when using the demo scripts. (#12783)
+ - The hash_password script now fails when it is called without
+ specifying a config file. Contributed by @jae1911. (#12789)
+ - Improve and fix type hints. (#12567, #12477, #12717, #12753,
+ #12695, #12734, #12716, #12726, #12790, #12833)
+ - Update EventContext get_current_event_ids and
+ get_prev_event_ids to accept state filters and update calls
+ where possible. (#12791)
+ - Remove Caddy from the Synapse workers image used in
+ Complement. (#12818)
+ - Add Complement's shared registration secret to the Complement
+ worker image. This fixes tests that depend on it. (#12819)
+ - Support registering Application Services when running with
+ workers under Complement. (#12826)
+ - Disable 'faster room join' Complement tests when testing
+ against Synapse with workers. (#12842)
+
+-------------------------------------------------------------------
+Wed May 18 12:10:11 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.59.1
+ This release fixes a long-standing issue which could prevent
+ Synapse's user directory for updating properly.
+
+ - Bugfixes
+ - Fix a long-standing bug where the user directory background
+ process would fail to make forward progress if a user
+ included a null codepoint in their display name or avatar.
+ Contributed by Nick @ Beeper. (#12762)
+
+-------------------------------------------------------------------
+Tue May 17 10:27:39 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.59.0
+ Synapse 1.59 makes several changes that server administrators
+ should be aware of:
+
+ - Device name lookup over federation is now disabled by default.
+ (#12616)
+ - The synapse.app.appservice and synapse.app.user_dir worker
+ application types are now deprecated. (#12452, #12654)
+
+ See the upgrade notes for more details.
+
+ Additionally, this release removes the non-standard m.login.jwt
+ login type from Synapse. It can be replaced with
+ org.matrix.login.jwt for identical behaviour. This is only used
+ if jwt_config.enabled is set to true in the configuration.
+ (#12597)
+
+ - Features
+ - Support MSC3266 room summaries over federation. (#11507)
+ - Implement changes to MSC2285 (hidden read receipts).
+ Contributed by @SimonBrandner. (#12168, #12635, #12636,
+ #12670)
+ - Extend the module API to allow modules to change actions for
+ existing push rules of local users. (#12406)
+ - Add the notify_appservices_from_worker configuration option
+ (superseding notify_appservices) to allow a generic worker to
+ be designated as the worker to send traffic to Application
+ Services. (#12452)
+ - Add the update_user_directory_from_worker configuration
+ option (superseding update_user_directory) to allow a generic
+ worker to be designated as the worker to update the user
+ directory. (#12654)
+ - Add new enable_registration_token_3pid_bypass configuration
+ option to allow registrations via token as an alternative to
+ verifying a 3pid. (#12526)
+ - Implement MSC3786: Add a default push rule to ignore
+ m.room.server_acl events. (#12601)
+ - Add new mau_appservice_trial_days configuration option to
+ specify a different trial period for users registered via an
+ appservice. (#12619)
+ - Bugfixes
+ - Fix DB performance regression introduced in Synapse
+ 1.59.0rc2. (#12745)
+ - Fix a bug introduced in Synapse 1.58.0 where /sync would fail
+ if the most recent event in a room was rejected. (#12729)
+ - Fix a bug introduced in Synapse 1.48.0 where the latest
+ thread reply provided failed to include the proper bundled
+ aggregations. (#12273)
+ - Fix a bug introduced in Synapse 1.22.0 where attempting to
+ send a large amount of read receipts to an application
+ service all at once would result in duplicate content and
+ abnormally high memory usage. Contributed by Brad & Nick @
+ Beeper. (#12544)
+ - Fix a bug introduced in Synapse 1.57.0 which could cause
+ Failed to calculate hosts in room errors to be logged for
+ outbound federation. (#12570)
+ - Fix a long-standing bug where status codes would almost
+ always get logged as 200!, irrespective of the actual status
+ code, when clients disconnect before a request has finished
+ processing. (#12580)
+ - Fix race when persisting an event and deleting a room that
+ could lead to outbound federation breaking. (#12594)
+ - Fix a bug introduced in Synapse 1.53.0 where bundled
+ aggregations for annotations/edits were incorrectly
+ calculated. (#12633)
+ - Fix a long-standing bug where rooms containing power levels
+ with string values could not be upgraded. (#12657)
+ - Prevent memory leak from reoccurring when presence is
+ disabled. (#12656)
+ - Updates to the Docker image
+ - Explicitly opt-in to using BuildKit-specific features in the
+ Dockerfile. This fixes issues with building images in some
+ GitLab CI environments. (#12541)
+ - Update the "Build docker images" GitHub Actions workflow to
+ use docker/metadata-action to generate docker image tags,
+ instead of a custom shell script. Contributed by @henryclw.
+ (#12573)
+ - Improved Documentation
+ - Update SQL statements and replace use of old table
+ user_stats_historical in docs for Synapse Admins. (#12536)
+ - Add missing linebreak to pipx install instructions. (#12579)
+ - Add information about the TCP replication module to docs.
+ (#12621)
+ - Fixes to the formatting of README.rst. (#12627)
+ - Fix docs on how to run specific Complement tests using the
+ complement.sh test runner. (#12664)
+ - Deprecations and Removals
+ - Remove unstable identifiers from MSC3069. (#12596)
+ - Remove the unspecified m.login.jwt login type and the
+ unstable uk.half-shot.msc2778.login.application_service from
+ - MSC2778. (#12597)
+ - Synapse now requires at least Python 3.7.1 (up from 3.7.0),
+ for compatibility with the latest Twisted trunk. (#12613)
+ - Internal Changes
+ - Use supervisord to supervise Postgres and Caddy in the
+ Complement image to reduce restart time. (#12480)
+ - Immediately retry any requests that have backed off when a
+ server comes back online. (#12500)
+ - Use make_awaitable instead of defer.succeed for return values
+ of mocks in tests. (#12505)
+ - Consistently check if an object is a frozendict. (#12564)
+ - Protect module callbacks with read semantics against
+ cancellation. (#12568)
+ - Improve comments and error messages around access tokens.
+ (#12577)
+ - Improve docstrings for the receipts store. (#12581)
+ - Use constants for read-receipts in tests. (#12582)
+ - Log status code of cancelled requests as 499 and avoid
+ logging stack traces for them. (#12587, #12663)
+ - Remove special-case for twisted logger from default log
+ config. (#12589)
+ - Use getClientAddress instead of the deprecated getClientIP.
+ (#12599)
+ - Add link to documentation in Grafana Dashboard. (#12602)
+ - Reduce log spam when running multiple event persisters.
+ (#12610)
+ - Add extra debug logging to federation sender. (#12614)
+ - Prevent remote homeservers from requesting local user device
+ names by default. (#12616)
+ - Add a consistency check on events which we read from the
+ database. (#12620)
+ - Remove use of the constantly library and switch to enums for
+ EventRedactBehaviour. Contributed by @andrewdoh. (#12624)
+ - Remove unused code related to receipts. (#12632)
+ - Minor improvements to the scripts for running Synapse in
+ worker mode under Complement. (#12637)
+ - Move pympler back in to the all extras. (#12652)
+ - Fix spelling of M_UNRECOGNIZED in comments. (#12665)
+ - Release script: confirm the commit to be tagged before
+ tagging. (#12556)
+ - Fix a typo in the announcement text generated by the Synapse
+ release development script. (#12612)
+ - Typechecking
+ - Fix scripts-dev to pass typechecking. (#12356)
+ - Add some type hints to datastore. (#12485)
+ - Remove unused # type: ignores. (#12531)
+ - Allow unused # type: ignore comments in bleeding edge CI
+ jobs. (#12576)
+ - Remove redundant lines of config from mypy.ini. (#12608)
+ - Update to mypy 0.950. (#12650)
+ - Use Concatenate to better annotate _do_execute. (#12666)
+ - Use ParamSpec to refine type hints. (#12667)
+ - Fix mypy against latest pillow stubs. (#12671)
+
+-------------------------------------------------------------------
+Thu May 5 18:33:27 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.58.1
+ This patch release includes a fix to the Debian packages,
+ installing the systemd and cache_memory extra package groups,
+ which were incorrectly omitted in v1.58.0. This primarily
+ prevented Synapse from starting when the
+ systemd.journal.JournalHandler log handler was configured. See
+ #12631 for further information.
+
+ Otherwise, no significant changes since 1.58.0.
+
+-------------------------------------------------------------------
+Tue May 3 11:14:28 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.58.0
+ As of this release, the groups/communities feature in Synapse is
+ now disabled by default. See #11584 for details. As mentioned in
+ the upgrade notes, this feature will be removed in Synapse 1.61.
+
+ - Features
+ - Implement MSC3383 for including the destination in
+ server-to-server authentication headers. Contributed by @Bubu
+ and @jcgruenhage for Famedly. (#11398)
+ - Docker images and Debian packages from matrix.org now contain
+ a locked set of Python dependencies, greatly improving build
+ reproducibility. (Board, #11537)
+ - Enable processing of device list updates asynchronously.
+ (#12365, #12465)
+ - Implement MSC2815 to allow room moderators to view redacted
+ event content. Contributed by @tulir @ Beeper. (#12427)
+ - Build Debian packages for Ubuntu 22.04 "Jammy Jellyfish".
+ (#12543)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.58.0rc1 where the main
+ process could consume excessive amounts of CPU and memory
+ while handling sentry logging failures. (#12554)
+ - Fix a bug introduced in Synapse 1.58.0rc1 where opentracing
+ contexts were not correctly sent to whitelisted remote
+ servers with device lists updates. (#12555)
+ - Prevent a sync request from removing a user's busy presence
+ status. (#12213)
+ - Fix bug with incremental sync missing events when
+ rejoining/backfilling. Contributed by Nick @ Beeper. (#12319)
+ - Fix a long-standing bug which incorrectly caused GET
+ /_matrix/client/v3/rooms/{roomId}/event/{eventId} to return
+ edited events rather than the original. (#12476)
+ - Fix a bug introduced in Synapse 1.27.0 where the admin API
+ for deleting forward extremities would always return a count
+ of 1, no matter how many extremities were deleted. (#12496)
+ - Fix a long-standing bug where the image thumbnails embedded
+ into email notifications were broken. (#12510)
+ - Fix a bug in the implementation of MSC3202 where Synapse
+ would use the field name device_unused_fallback_keys, rather
+ than device_unused_fallback_key_types. (#12520)
+ - Fix a bug introduced in Synapse 0.99.3 which could cause
+ Synapse to consume large amounts of RAM when back-paginating
+ in a large room. (#12522)
+ - Improved Documentation
+ - Fix rendering of the documentation site when using the
+ 'print' feature. (#12340)
+ - Add a manual documenting config file options. (#12368,
+ #12527)
+ - Update documentation to reflect that both the
+ run_background_tasks_on option and the options for moving
+ stream writers off of the main process are no longer
+ experimental. (#12451)
+ - Update worker documentation and replace old federation_reader
+ with generic_worker. (#12457)
+ - Strongly recommend Poetry for development. (#12475)
+ - Add some example configurations for workers and update
+ architectural diagram. (#12492)
+ - Fix a broken link in README.rst. (#12495)
+ - Add HAProxy delegation example with CORS headers to docs.
+ (#12501)
+ - Remove extraneous comma in User Admin API's device deletion
+ section so that the example JSON is actually valid and works.
+ Contributed by @olmari. (#12533)
+ - Deprecations and Removals
+ - The groups/communities feature in Synapse is now disabled by
+ default. (#12344)
+ - Remove unstable identifiers from MSC3440. (#12382)
+ - Internal Changes
+ - Reduce unnecessary work when handling remote device list
+ updates. (#12557)
+ - Preparation for faster-room-join work: start a background
+ process to resynchronise the room state after a room join.
+ (#12394)
+ - Preparation for faster-room-join work: Implement a tracking
+ mechanism to allow functions to wait for full room state to
+ arrive. (#12399)
+ - Remove an unstable identifier from MSC3083. (#12395)
+ - Run CI in the locked Poetry environment, and remove
+ corresponding tox jobs. (#12425, #12434, #12438, #12441,
+ #12449, #12478, #12514, #12472)
+ - Change Mutual Rooms' unstable_features flag to
+ uk.half-shot.msc2666.mutual_rooms which matches the current
+ iteration of MSC2666. (#12445)
+ - Fix typo in the release script help string. (#12450)
+ - Fix a minor typo in the Debian changelogs generated by the
+ release script. (#12497)
+ - Reintroduce the list of targets to the linter script, to
+ avoid linting unwanted local-only directories during
+ development. (#12455)
+ - Limit length of device_id to less than 512 characters.
+ (#12454)
+ - Dockerfile-workers: reduce the amount we install in the
+ image. (#12464)
+ - Dockerfile-workers: give the master its own log config.
+ (#12466)
+ - complement-synapse-workers: factor out separate entry point
+ script. (#12467)
+ - Back out experimental implementation of MSC2314. (#12474)
+ - Fix grammatical error in federation error response when the
+ room version of a room is unknown. (#12483)
+ - Remove unnecessary configuration overrides in tests. (#12511)
+ - Refactor the relations code for clarity. (#12519)
+ - Add type hints so docker and stubs directories pass mypy
+ --disallow-untyped-defs. (#12528)
+ - Update delay_cancellation to accept any awaitable, rather
+ than just Deferreds. (#12468)
+ - Handle cancellation in
+ EventsWorkerStore._get_events_from_cache_or_db. (#12529)
+- port to pyproject, wheel and poetry based builds
+- refreshed patch matrix-synapse-1.4.1-paths.patch
+- moved dont-bump-cryptography-with-system-openssl.patch
+ to bump-dependencies.patch to reflect better that the patch is
+ not cryptography specific and update the patch to patch the
+ pyproject.toml.
+
+-------------------------------------------------------------------
+Thu Apr 21 10:19:32 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.57.1
+ - Updates to the Docker image
+ - Include version 0.2.0 of the Synapse LDAP Auth Provider
+ module in the Docker image. This matches the version that was
+ present in the Docker image for Synapse v1.56.0.
+
+-------------------------------------------------------------------
+Tue Apr 19 13:18:59 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.57.0
+ This version includes a change to the way transaction IDs are
+ managed for application services. If your deployment uses a
+ dedicated worker for application service traffic, it must be
+ stopped when the database is upgraded (which normally happens
+ when the main process is upgraded), to ensure the change is made
+ safely without any risk of reusing transaction IDs.
+
+ See the upgrade notes for more details.
+ https://github.com/matrix-org/synapse/blob/v1.57.0rc1/docs/upgrade.md#upgrading-to-v1570
+
+ - Features
+ - Send device list changes to application services as specified
+ by MSC3202, using unstable prefixes. The
+ msc3202_transaction_extensions experimental homeserver config
+ option must be enabled and org.matrix.msc3202: true must be
+ present in the application service registration file for
+ device list changes to be sent. The "left" field is currently
+ always empty. (#11881)
+ - Optimise fetching large quantities of missing room state over
+ federation. (#12040)
+ - Offload the update_client_ip background job from the main
+ process to the background worker, when using Redis-based
+ replication. (#12251)
+ - Move update_client_ip background job from the main process to
+ the background worker. (#12252)
+ - Add a module callback to react to new 3PID (email address,
+ phone number) associations. (#12302)
+ - Add a configuration option to remove a specific set of rooms
+ from sync responses. (#12310)
+ - Add a module callback to react to account data changes.
+ (#12327)
+ - Allow setting user admin status using the module API.
+ Contributed by Famedly. (#12341)
+ - Reduce overhead of restarting synchrotrons. (#12367, #12372)
+ - Update /messages to use historic pagination tokens if no from
+ query parameter is given. (#12370)
+ - Add a module API for reading and writing global account data.
+ (#12391)
+ - Support the stable v1 endpoint for /relations, per MSC2675.
+ (#12403)
+ - Include bundled aggregations in search results (MSC3666).
+ (#12436)
+ - Bugfixes
+ - Fix a long-standing bug where updates to the server notices
+ user profile (display name/avatar URL) in the configuration
+ would not be applied to pre-existing rooms. Contributed by
+ Jorge Florian. (#12115)
+ - Fix a long-standing bug where events from ignored users were
+ still considered for bundled aggregations. (#12235, #12338)
+ - Fix non-member state events not resolving for historical
+ events when used in MSC2716 /batch_send
+ state_events_at_start. (#12329)
+ - Fix a long-standing bug affecting URL previews that would
+ generate a 500 response instead of a 403 if the previewed URL
+ includes a port that isn't allowed by the relevant blacklist.
+ (#12333)
+ - Default to private room visibility rather than public when a
+ client does not specify one, according to spec. (#12350)
+ - Fix a spec compliance issue where requests to the
+ /publicRooms federation API would specify limit as a string.
+ (#12364, #12410)
+ - Fix a bug introduced in Synapse 1.49.0 which caused the
+ synapse_event_persisted_position metric to have invalid
+ values. (#12390)
+ - Updates to the Docker image
+ - Bundle locked versions of dependencies into the Docker image.
+ (#12385, #12439)
+ - Fix up healthcheck generation for workers docker image.
+ (#12405)
+ - Improved Documentation
+ - Clarify documentation for running SyTest against Synapse,
+ including use of Postgres and worker mode. (#12271)
+ - Document the behaviour of LoggingTransaction.call_after and
+ LoggingTransaction.call_on_exception methods when
+ transactions are retried. (#12315)
+ - Update dead links in check-newsfragment.sh to point to the
+ correct documentation URL. (#12331)
+ - Upgrade the version of mdbook in CI to 0.4.17. (#12339)
+ - Updates to the Room DAG concepts development document to
+ clarify that we mark events as outliers because we don't have
+ any state for them. (#12345)
+ - Update the link to Redis pub/sub documentation in the workers
+ documentation. (#12369)
+ - Remove documentation for converting a legacy structured
+ logging configuration to the new format. (#12392)
+ - Deprecations and Removals
+ - Remove the unused and unstable /aggregations endpoint which
+ was removed from MSC2675. (#12293)
+ - Internal Changes
+ - Remove lingering unstable references to MSC2403 (knocking).
+ (#12165)
+ - Avoid trying to calculate the state at outlier events.
+ (#12191, #12316, #12330, #12332, #12409)
+ - Omit sending "offline" presence updates to application
+ services after they are initially configured. (#12193)
+ - Switch to using a sequence to generate AS transaction IDs.
+ Contributed by Nick @ Beeper. If running synapse with a
+ dedicated appservice worker, this MUST be stopped before
+ upgrading the main process and database. (#12209)
+ - Add missing type hints for storage. (#12267)
+ - Add missing type definitions for scripts in docker folder.
+ Contributed by Jorge Florian. (#12280)
+ - Move MSC2654 support behind an experimental configuration
+ flag. (#12295)
+ - Update docstrings to explain how to decipher live and
+ historic pagination tokens. (#12317)
+ - Add ground work for speeding up device list updates for users
+ in large numbers of rooms. (#12321)
+ - Fix typechecker problems exposed by signedjson 1.1.2.
+ (#12326)
+ - Remove the tox packaging job: it will be redundant once
+ #11537 lands. (#12334)
+ - Ignore .envrc for direnv users. (#12335)
+ - Remove the (broadly unused, dev-only) dockerfile for pg
+ tests. (#12336)
+ - Remove redundant get_success calls in test code. (#12346)
+ - Add type annotations for tests/unittest.py. (#12347)
+ - Move single-use methods out of TestCase. (#12348)
+ - Remove broken and unused development scripts. (#12349,
+ #12351, #12355)
+ - Convert Linearizer tests from inlineCallbacks to async.
+ (#12353)
+ - Update docstrings for ReadWriteLock tests. (#12354)
+ - Refactor Linearizer, convert methods to async and use an
+ async context manager. (#12357)
+ - Fix a long-standing bug where Linearizers could get stuck if
+ a cancellation were to happen at the wrong time. (#12358)
+ - Make StreamToken.from_string and RoomStreamToken.parse
+ propagate cancellations instead of replacing them with
+ SynapseErrors. (#12366)
+ - Add type hints to tests files. (#12371)
+ - Allow specifying the Postgres database's port when running
+ unit tests with Postgres. (#12376)
+ - Remove temporary pin of signedjson<=1.1.1 that was added in
+ Synapse 1.56.0. (#12379)
+ - Add opentracing spans to calls to external cache. (#12380)
+ - Lay groundwork for using poetry to manage Synapse's
+ dependencies. (#12381, #12407, #12412, #12418)
+ - Make missing importlib_metadata dependency explicit. (#12384,
+ #12400)
+ - Update type annotations for compatiblity with
+ prometheus_client 0.14. (#12389)
+ - Remove support for the unstable identifiers specified in
+ MSC3288. (#12398)
+ - Add missing type hints to configuration classes. (#12402)
+ - Add files used to build the Docker image used for complement
+ testing into the Synapse repository. (#12404)
+ - Do not include groups in the sync response when disabled.
+ (#12408)
+ - Improve type hints related to HTTP query parameters. (#12415)
+ - Stop maintaining a list of lint targets. (#12420)
+ - Make synapse._scripts pass type checks. (#12421, #12422)
+ - Add some type hints to datastore. (#12423)
+ - Enable certificate checking during complement tests. (#12435)
+ - Explicitly specify the tls extra for Twisted dependency.
+ (#12444)
+- refreshed patches:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Tue Apr 5 14:16:27 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.56.0
+ Synapse will now refuse to start up if open registration is
+ enabled, in order to help mitigate abuse across the federation.
+ If you would like to provide registration to anyone, consider
+ adding email, recaptcha or token-based verification in order to
+ prevent automated registration from bad actors. This check can be
+ disabled by setting the enable_registration_without_verification
+ option in your homeserver configuration file to true. More
+ details are available in the upgrade notes.
+
+ Synapse will additionally now refuse to start when using
+ PostgreSQL with a non-C values for COLLATE and CTYPE, unless the
+ config flag allow_unsafe_locale, found in the database section of
+ the configuration file, is set to true. See the upgrade notes for
+ details.
+
+ - Features
+ - Allow modules to store already existing 3PID associations.
+ (#12195)
+ - Allow registering server administrators using the module API.
+ Contributed by Famedly. (#12250)
+ - Bugfixes
+ - Fix a long-standing bug which caused the
+ /_matrix/federation/v1/state and
+ /_matrix/federation/v1/state_ids endpoints to return
+ incorrect or invalid data when called for an event which we
+ have stored as an "outlier". (#12087)
+ - Fix a long-standing bug where events from ignored users would
+ still be considered for relations. (#12227, #12232, #12285)
+ - Fix a bug introduced in Synapse 1.53.0 where an unnecessary
+ query could be performed when fetching bundled aggregations
+ for threads. (#12228)
+ - Fix a bug introduced in Synapse 1.52.0 where admins could not
+ deactivate and GDPR-erase a user if Synapse was configured
+ with limits on avatars. (#12261)
+ - Improved Documentation
+ - Fix the link to the module documentation in the legacy spam
+ checker warning message. (#12231)
+ - Remove incorrect prefixes in the worker documentation for
+ some endpoints. (#12243)
+ - Correct check_username_for_spam annotations and docs.
+ (#12246)
+ - Correct Authentik OpenID typo, and add notes on
+ troubleshooting. Contributed by @IronTooch. (#12275)
+ - HAProxy reverse proxy guide update to stop sending
+ IPv4-mapped address to homeserver. Contributed by @villepeh.
+ (#12279)
+ - Internal Changes
+ - Bump the version of black for compatibility with the latest
+ click release. (#12320)
+ - Rename shared_rooms to mutual_rooms (MSC2666), as per
+ proposal changes. (#12036)
+ - Remove check on update_user_directory for shared rooms
+ handler (MSC2666), and update/expand documentation. (#12038)
+ - Refactor create_new_client_event to use a new parameter,
+ state_event_ids, which accurately describes the usage with
+ MSC2716 instead of abusing auth_event_ids. (#12083, #12304)
+ - Refuse to start if registration is enabled without email,
+ captcha, or token-based verification unless the new config
+ flag enable_registration_without_verification is set to true.
+ (#12091, #12322)
+ - Add tests for database transaction callbacks. (#12198)
+ - Handle cancellation in DatabasePool.runInteraction. (#12199)
+ - Add missing type hints for cache storage. (#12216)
+ - Add missing type hints for storage. (#12248, #12255)
+ - Add type hints to tests files. (#12224, #12240, #12256)
+ - Use type stubs for psycopg2. (#12269)
+ - Improve type annotations for execute_values. (#12311)
+ - Clean-up logic around rebasing URLs for URL image previews.
+ (#12219)
+ - Use the ignored_users table in additional places instead of
+ re-parsing the account data. (#12225)
+ - Refactor the relations endpoints to add a RelationsHandler.
+ (#12237)
+ - Generate announcement links in the release script. (#12242)
+ - Improve error message when dependencies check finds a broken
+ installation. (#12244)
+ - Compress metrics HTTP resource when enabled. Contributed by
+ Nick @ Beeper. (#12258)
+ - Refuse to start if the PostgreSQL database has a non-C
+ locale, unless the config flag allow_unsafe_db_locale is set
+ to true. (#12262, #12288)
+ - Optionally include account validity expiration information to
+ experimental MSC3720 account status responses. (#12266)
+ - Add a new cache _get_membership_from_event_id to speed up
+ push rule calculations in large rooms. (#12272)
+ - Re-enable Complement concurrency in CI. (#12283)
+ - Remove unused test utilities. (#12291)
+ - Enhance logging for inbound federation events. (#12301)
+ - Fix compatibility with the recently-released Jinja 3.1.
+ (#12313)
+ - Avoid trying to calculate the state at outlier events.
+ (#12314)
+- refreshed patches:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+- synced dependencies with package changes
+
+-------------------------------------------------------------------
+Thu Mar 24 23:29:03 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.55.2
+ This patch version reverts the earlier fixes from Synapse 1.55.1,
+ which could cause problems in certain deployments, and instead
+ adds a cap to the version of Jinja to be installed. Again, this
+ is to fix an incompatibility with version 3.1.0 of the Jinja
+ library, and again, deployments of Synapse using the
+ matrixdotorg/synapse Docker image or Debian packages from
+ packages.matrix.org are not affected.
+
+ - Internal Changes
+ - Pin Jinja to <3.1.0, as Synapse fails to start with Jinja
+ 3.1.0. (#12297)
+ - Revert changes from 1.55.1 as they caused problems with older
+ versions of Jinja (#12296)
+- Changes from 1.55.1
+ This is a patch release that fixes an incompatibility with
+ version 3.1.0 of the Jinja library, released on March 24th, 2022.
+ Deployments of Synapse using the matrixdotorg/synapse Docker
+ image or Debian packages from packages.matrix.org are not
+ affected.
+
+ - Internal Changes
+ - Remove uses of the long-deprecated jinja2.Markup which would
+ prevent Synapse from starting with Jinja 3.1.0 or above
+ installed. (#12289)
+
+-------------------------------------------------------------------
+Tue Mar 22 19:59:01 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.55.0
+ This release removes a workaround introduced in Synapse 1.50.0
+ for Mjolnir compatibility. This breaks compatibility with Mjolnir
+ 1.3.1 and earlier. (#11700); Mjolnir users should upgrade Mjolnir
+ before upgrading Synapse to this version.
+
+ This release also moves the location of the synctl script; see
+ the upgrade notes for more details.
+
+ - Features
+ - Add third-party rules callbacks check_can_shutdown_room and
+ check_can_deactivate_user. (#12028)
+ - Improve performance of logging in for large accounts.
+ (#12132)
+ - Add experimental env var SYNAPSE_ASYNC_IO_REACTOR that causes
+ Synapse to use the asyncio reactor for Twisted. (#12135)
+ - Support the stable identifiers from MSC3440: threads.
+ (#12151)
+ - Add a new Jinja2 template filter to extract the local part of
+ an email address. (#12212)
+ - Bugfixes
+ - Use the proper serialization format for bundled thread
+ aggregations. The bug has existed since Synapse v1.48.0.
+ (#12090)
+ - Fix a long-standing bug when redacting events with relations.
+ (#12113, #12121, #12130, #12189)
+ - Fix a bug introduced in Synapse 1.7.2 whereby background
+ updates are never run with the default background batch size.
+ (#12157)
+ - Fix a bug where non-standard information was returned from
+ the /hierarchy API. Introduced in Synapse v1.41.0. (#12175)
+ - Fix a bug introduced in Synapse 1.54.0 that broke background
+ updates on sqlite homeservers while search was disabled.
+ (#12215)
+ - Fix a long-standing bug when a filter argument with
+ event_fields which did not include the unsigned field could
+ result in a 500 error on /sync. (#12234)
+ - Improved Documentation
+ - Fix complexity checking config example in Resource
+ Constrained Devices docs page. (#11998)
+ - Improve documentation for demo scripts. (#12143)
+ - Updates to the Room DAG concepts development document.
+ (#12179)
+ - Document that the typing, to_device, account_data, receipts,
+ and presence stream writer can only be used on a single
+ worker. (#12196)
+ - Document that contributors can sign off privately by email.
+ (#12204)
+ - Deprecations and Removals
+ - Remove workaround introduced in Synapse 1.50.0 for Mjolnir
+ compatibility. Breaks compatibility with Mjolnir 1.3.1 and
+ earlier. (#11700)
+ - **synctl has been moved into into synapse._scripts and is
+ exposed as an entry point; see upgrade notes. (#12140)
+ - Remove backwards compatibilty with pagination tokens from the
+ /relations and /aggregations endpoints generated from Synapse
+ < v1.52.0. (#12138)
+ - The groups/communities feature in Synapse has been
+ deprecated. (#12200)
+ - Internal Changes
+ - Tweak copy for default Single Sign-On account details
+ template to better adhere to mobile app store guidelines.
+ (#12265, #12260)
+ - Simplify the ApplicationService class' set of public methods
+ related to interest checking. (#11915)
+ - Add config settings for background update parameters.
+ (#11980)
+ - Correct type hints for txredis. (#12042)
+ - Limit the size of aggregation_key on annotations. (#12101)
+ - Add type hints to tests files. (#12108, #12146, #12207,
+ #12208)
+ - Move scripts to Synapse package and expose as setuptools
+ entry points. (#12118)
+ - Add support for cancellation to ReadWriteLock. (#12120)
+ - Fix data validation to compare to lists, not sequences.
+ (#12128)
+ - Fix CI not attaching source distributions and wheels to the
+ GitHub releases. (#12131)
+ - Remove unused mocks from test_typing. (#12136)
+ - Give scripts-dev scripts suffixes for neater CI config.
+ (#12137)
+ - Move the snapcraft configuration file to contrib. (#12142)
+ - Enable MSC3030 Complement tests in CI. (#12144)
+ - Enable MSC2716 Complement tests in CI. (#12145)
+ - Add test for ObservableDeferred's cancellation behaviour.
+ (#12149)
+ - Use ParamSpec in type hints for synapse.logging.context.
+ (#12150)
+ - Prune unused jobs from tox config. (#12152)
+ - Move CI checks out of tox, to facilitate a move to using
+ poetry. (#12153)
+ - Avoid generating state groups for local out-of-band leaves.
+ (#12154)
+ - Avoid trying to calculate the state at outlier events.
+ (#12155, #12173, #12202)
+ - Fix some type annotations. (#12156)
+ - Add type hints for ObservableDeferred attributes. (#12159)
+ - Use a prebuilt Action for the tests-done CI job. (#12161)
+ - Reduce number of DB queries made during processing of /sync.
+ (#12163)
+ - Add delay_cancellation utility function, which behaves like
+ stop_cancellation but waits until the original Deferred
+ resolves before raising a CancelledError. (#12180)
+ - Retry HTTP replication failures, this should prevent 502's
+ when restarting stateful workers (main, event persisters,
+ stream writers). Contributed by Nick @ Beeper. (#12182)
+ - Add cancellation support to @cached and @cachedList
+ decorators. (#12183)
+ - Remove unused variables. (#12187)
+ - Add combined test for HTTP pusher and push rule. Contributed
+ by Nick @ Beeper. (#12188)
+ - Rename HomeServer.get_tcp_replication to
+ get_replication_command_handler. (#12192)
+ - Remove some dead code. (#12197)
+ - Fix a misleading comment in the function
+ check_event_for_spam. (#12203)
+ - Remove unnecessary pass statements. (#12206)
+ - Update the SSO username picker template to comply with SIWA
+ guidelines. (#12210)
+ - Improve code documentation for the typing stream over
+ replication. (#12211)
+- refreshed patches:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Tue Mar 8 18:44:40 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.54.0
+ Please note that this will be the last release of Synapse that is
+ compatible with Mjolnir 1.3.1 and earlier. Administrators of
+ servers which have the Mjolnir module installed are advised to
+ upgrade Mjolnir to version 1.3.2 or later.
+
+ - Features
+ - Add support for MSC3202: sending one-time key counts and
+ fallback key usage states to Application Services. (#11617)
+ - Improve the generated URL previews for some web pages.
+ Contributed by @AndrewRyanChama. (#11985)
+ - Track cache invalidations in Prometheus metrics, as already
+ happens for cache eviction based on size or time. (#12000)
+ - Implement experimental support for MSC3720 (account status
+ endpoints). (#12001, #12067)
+ - Enable modules to set a custom display name when registering
+ a user. (#12009)
+ - Advertise Matrix 1.1 and 1.2 support on
+ /_matrix/client/versions. (#12020, (#12022)
+ - Support only the stable identifier for MSC3069's is_guest on
+ /_matrix/client/v3/account/whoami. (#12021)
+ - Use room version 9 as the default room version (per MSC3589).
+ (#12058)
+ - Add module callbacks to react to user deactivation status
+ changes (i.e. deactivations and reactivations) and profile
+ updates. (#12062)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.54.0rc1 preventing the new
+ module callbacks introduced in this release from being
+ registered by modules. (#12141)
+ - Fix a bug introduced in Synapse 1.54.0rc1 where runtime
+ dependency version checks would mistakenly check development
+ dependencies if they were present and would not accept
+ pre-release versions of dependencies. (#12129, #12177)
+ - Fix a bug introduced in Synapse 1.48.0 where an edit of the
+ latest event in a thread would not be properly applied to the
+ thread summary. (#11992)
+ - Fix long-standing bug where the get_rooms_for_user cache was
+ not correctly invalidated for remote users when the server
+ left a room. (#11999)
+ - Fix a 500 error with Postgres when looking backwards with the
+ MSC3030 /timestamp_to_event?dir=b endpoint. (#12024)
+ - Properly fix a long-standing bug where wrong data could be
+ inserted into the event_search table when using SQLite. This
+ could block running synapse_port_db with an argument of type
+ 'int' is not iterable error. This bug was partially fixed by
+ a change in Synapse 1.44.0. (#12037)
+ - Fix slow performance of /logout in some cases where refresh
+ tokens are in use. The slowness existed since the initial
+ implementation of refresh tokens in version 1.38.0. (#12056)
+ - Fix a long-standing bug where Synapse would make additional
+ failing requests over federation for missing data. (#12077)
+ - Fix occasional Unhandled error in Deferred error message.
+ (#12089)
+ - Fix a bug introduced in Synapse 1.51.0 where incoming
+ federation transactions containing at least one EDU would be
+ dropped if debug logging was enabled for synapse.8631_debug.
+ (#12098)
+ - Fix a long-standing bug which could cause push notifications
+ to malfunction if use_frozen_dicts was set in the
+ configuration. (#12100)
+ - Fix an extremely rare, long-standing bug in ReadWriteLock
+ that would cause an error when a newly unblocked writer
+ completes instantly. (#12105)
+ - Make a POST to /rooms/<room_id>/receipt/m.read/<event_id>
+ only trigger a push notification if the count of unread
+ messages is different to the one in the last successfully
+ sent push. This reduces server load and load on the receiving
+ device. (#11835)
+ - Updates to the Docker image
+ - The Docker image no longer automatically creates a temporary
+ volume at /data. This is not expected to affect normal usage.
+ (#11997)
+ - Use Python 3.9 in Docker images by default. (#12112)
+ - Improved Documentation
+ - Document support for the to_device, account_data, receipts,
+ and presence stream writers for workers. (#11599)
+ - Explain the meaning of spam checker callbacks' return values.
+ (#12003)
+ - Clarify information about external Identity Provider IDs.
+ (#12004)
+ - Deprecations and Removals
+ - Deprecate using synctl with the config option
+ synctl_cache_factor and print a warning if a user still uses
+ this option. (#11865)
+ - Remove support for the legacy structured logging
+ configuration (please see the the upgrade notes if you are
+ using structured: true in the Synapse configuration).
+ (#12008)
+ - Drop support for MSC3283 unstable flags now that the stable
+ flags are supported. (#12018)
+ - Remove the unstable /spaces endpoint from MSC2946. (#12073)
+ - Internal Changes
+ - Update release script to insert the previous version when
+ writing "No significant changes" line in the changelog.
+ (#12127)
+ - Relax the version guard for "packaging" added in #12088.
+ (#12166)
+ - Make the get_room_version method use get_room_version_id to
+ benefit from caching. (#11808)
+ - Remove unnecessary condition on knock -> leave auth rule
+ check. (#11900)
+ - Add tests for device list changes between local users.
+ (#11972)
+ - Optimise calculating device_list changes in /sync. (#11974)
+ - Add missing type hints to storage classes. (#11984)
+ - Refactor the search code for improved readability. (#11991)
+ - Move common deduplication code down into
+ _auth_and_persist_outliers. (#11994)
+ - Limit concurrent joins from applications services. (#11996)
+ - Preparation for faster-room-join work: when parsing the
+ send_join response, get the m.room.create event from state,
+ not auth_chain. (#12005, #12039)
+ - Preparation for faster-room-join work: parse MSC3706 fields
+ in send_join response. (#12011)
+ - Preparation for faster-room-join work: persist information on
+ which events and rooms have partial state to the database.
+ (#12012)
+ - Preparation for faster-room-join work: Support for calling
+ /federation/v1/state on a remote server. (#12013)
+ - Configure tox to use venv rather than virtualenv. (#12015)
+ - Fix bug in StateFilter.return_expanded() and add some tests.
+ (#12016)
+ - Use Matrix v1.1 endpoints (/_matrix/client/v3/auth/...) in
+ fallback auth HTML forms. (#12019)
+ - Update the olddeps CI job to use an old version of
+ markupsafe. (#12025)
+ - Upgrade Mypy to version 0.931. (#12030)
+ - Remove legacy HomeServer.get_datastore(). (#12031, #12070)
+ - Minor typing fixes. (#12034, #12069)
+ - After joining a room, create a dedicated logcontext to
+ process the queued events. (#12041)
+ - Tidy up GitHub Actions config which builds distributions for
+ PyPI. (#12051)
+ - Move configuration out of setup.cfg. (#12052, #12059)
+ - Fix error message when a worker process fails to talk to
+ another worker process. (#12060)
+ - Fix using the complement.sh script without specifying a
+ directory or a branch. Contributed by Nico on behalf of
+ Famedly. (#12063)
+ - Add type hints to tests/rest/client. (#12066, #12072, #12084,
+ #12094)
+ - Add some logging to /sync to try and track down #11916.
+ (#12068)
+ - Inspect application dependencies using importlib.metadata or
+ its backport. (#12088)
+ - Use assertEqual instead of the deprecated assertEquals in
+ test code. (#12092)
+ - Move experimental support for MSC3440 to /versions. (#12099)
+ - Add stop_cancellation utility function to stop Deferreds from
+ being cancelled. (#12106)
+ - Improve exception handling for concurrent execution. (#12109)
+ - Advertise support for Python 3.10 in packaging files.
+ (#12111)
+ - Move CI checks out of tox, to facilitate a move to using
+ poetry. (#12119)
+- bump dependencies to follow upstream
+ ijson >= 3.1.4 from 3.1
+ packaging >= 16.1
+- refreshed patches:
+ - dont-bump-cryptography-with-system-openssl.patch
+
+-------------------------------------------------------------------
+Tue Feb 22 12:11:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.53.0
+ - Features
+ - Add experimental support for sending to-device messages to
+ application services, as specified by MSC2409. (#11215,
+ #11966)
+ - Add a background database update to purge account data for
+ deactivated users. (#11655)
+ - Experimental support for MSC3666: including bundled
+ aggregations in server side search results. (#11837)
+ - Enable cache time-based expiry by default. The expiry_time
+ config flag has been superseded by expire_caches and
+ cache_entry_ttl. (#11849)
+ - Add a callback to allow modules to allow or forbid a 3PID
+ (email address, phone number) from being associated to a
+ local account. (#11854)
+ - Stabilize support and remove unstable endpoints for MSC3231.
+ Clients must switch to the stable identifier and endpoint.
+ See the upgrade notes for more information. (#11867)
+ - Allow modules to retrieve the current instance's server name
+ and worker name. (#11868)
+ - Use a dedicated configurable rate limiter for 3PID invites.
+ (#11892)
+ - Support the stable API endpoint for MSC3283: new settings in
+ /capabilities endpoint. (#11933, #11989)
+ - Support the dir parameter on the /relations endpoint, per
+ MSC3715. (#11941)
+ - Experimental implementation of MSC3706: extensions to
+ /send_join to support reduced response size. (#11967)
+ - Bugfixes
+ - Fix MSC2716 historical messages backfilling in random order
+ on remote homeservers. (#11114)
+ - Fix a bug introduced in Synapse 1.51.0 where incoming
+ federation transactions containing at least one EDU would be
+ dropped if debug logging was enabled for synapse.8631_debug.
+ (#11890)
+ - Fix a long-standing bug where some unknown endpoints would
+ return HTML error pages instead of JSON M_UNRECOGNIZED
+ errors. (#11930)
+ - Implement an allow list of content types for which we will
+ attempt to preview a URL. This prevents Synapse from making
+ useless longer-lived connections to streaming media servers.
+ (#11936)
+ - Fix a long-standing bug where pagination tokens from /sync
+ and /messages could not be provided to the /relations API.
+ (#11952)
+ - Require that modules register their callbacks using keyword
+ arguments. (#11975)
+ - Fix a long-standing bug where M_WRONG_ROOM_KEYS_VERSION
+ errors would not include the specced current_version field.
+ (#11988)
+ - Improved Documentation
+ - Fix typo in User Admin API: unpind -> unbind. (#11859)
+ - Document images returned by the User List Media Admin API can
+ include those generated by URL previews. (#11862)
+ - Remove outdated MSC1711 FAQ document. (#11907)
+ - Correct the structured logging configuration example.
+ Contributed by Brad Jones. (#11946)
+ - Add information on the Synapse release cycle. (#11954)
+ - Fix broken link in the README to the admin API for password
+ reset. (#11955)
+ - Deprecations and Removals
+ - Drop support for webclient listeners and configuring
+ web_client_location to a non-HTTP(S) URL. Deprecated
+ configurations are a configuration error. (#11895)
+ - Remove deprecated user_may_create_room_with_invites spam
+ checker callback. See the upgrade notes for more information.
+ (#11950)
+ - No longer build .deb packages for Ubuntu 21.04 Hirsute Hippo,
+ which has now EOLed. (#11961)
+ - Internal Changes
+ - Enhance user registration test helpers to make them more
+ useful for tests involving application services and devices.
+ (#11615, #11616)
+ - Improve performance when fetching bundled aggregations for
+ multiple events. (#11660, #11752)
+ - Fix type errors introduced by new annotations in the
+ Prometheus Client library. (#11832)
+ - Add missing type hints to replication code. (#11856, #11938)
+ - Ensure that opentracing scopes are activated and closed at
+ the right time. (#11869)
+ - Improve opentracing for incoming federation requests.
+ (#11870)
+ - Improve internal docstrings in synapse.util.caches. (#11876)
+ - Do not needlessly clear the get_users_in_room and
+ get_users_in_room_with_profiles caches when any room state
+ changes. (#11878)
+ - Convert ApplicationServiceTestCase to use simple_async_mock.
+ (#11880)
+ - Remove experimental changes to the default push rules which
+ were introduced in Synapse 1.19.0 but never enabled. (#11884)
+ - Disable coverage calculation for olddeps build. (#11888)
+ - Preparation to support sending device list updates to
+ application services. (#11905)
+ - Add a test that checks users receive their own device list
+ updates down /sync. (#11909)
+ - Run Complement tests sequentially. (#11910)
+ - Various refactors to the application service notifier code.
+ (#11911, #11912)
+ - Tests: replace mocked Authenticator with the real thing.
+ (#11913)
+ - Various refactors to the typing notifications code. (#11914)
+ - Use the proper type for the Content-Length header in the
+ UploadResource. (#11927)
+ - Remove an unnecessary ignoring of type hints due to fixes in
+ upstream packages. (#11939)
+ - Add missing type hints. (#11953)
+ - Fix an import cycle in synapse.event_auth. (#11965)
+ - Unpin frozendict but exclude the known bad version 2.1.2.
+ (#11969)
+ - Prepare for rename of default Complement branch. (#11971)
+ - Fetch Synapse's version using a helper from matrix-common.
+ (#11979)
+- refresh patches:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Wed Feb 9 23:24:56 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.52.0
+
+ Note that Twisted 22.1.0 has recently been released, which fixes
+ a security issue within the Twisted library. We do not believe
+ Synapse is affected by this vulnerability, though we advise
+ server administrators who installed Synapse via pip to upgrade
+ Twisted with pip install --upgrade Twisted treq as a matter of
+ good practice. The Docker image matrixdotorg/synapse and the
+ Debian packages from packages.matrix.org are using the updated
+ library.
+
+ - Features
+ - Remove account data (including client config, push rules and
+ ignored users) upon user deactivation. (#11621, #11788,
+ #11789)
+ - Add an admin API to reset connection timeouts for remote
+ server. (#11639)
+ - Add an admin API to get a list of rooms that federate with a
+ given remote homeserver. (#11658)
+ - Add a config flag to inhibit M_USER_IN_USE during
+ registration. (#11743)
+ - Add a module callback to set username at registration.
+ (#11790)
+ - Allow configuring a maximum file size as well as a list of
+ allowed content types for avatars. (#11846)
+ - Bugfixes
+ - Include the bundled aggregations in the /sync response, per
+ MSC2675. (#11612)
+ - Fix a long-standing bug when previewing Reddit URLs which do
+ not contain an image. (#11767)
+ - Fix a long-standing bug that media streams could cause
+ long-lived connections when generating URL previews. (#11784)
+ - Include a prev_content field in state events sent to
+ Application Services. Contributed by @totallynotvaishnav.
+ (#11798)
+ - Fix a bug introduced in Synapse 0.33.3 causing requests to
+ sometimes log strings such as HTTPStatus.OK instead of
+ integer status codes. (#11827)
+ - Improved Documentation
+ - Update pypi installation docs to indicate that we now support
+ Python 3.10. (#11820)
+ - Add missing steps to the contribution submission process in
+ the documentation. Contributed by @sequentialread. (#11821)
+ - Remove not needed old table of contents in documentation.
+ (#11860)
+ - Consolidate the access_token information at the top of each
+ relevant page in the Admin API documentation. (#11861)
+ - Deprecations and Removals
+ - Drop support for Python 3.6, which is EOL. (#11683)
+ - Remove the experimental_msc1849_support_enabled flag as the
+ features are now stable. (#11843)
+ - Internal Changes
+ - Preparation for database schema simplifications: add
+ state_key and rejection_reason columns to events table.
+ (#11792)
+ - Add FrozenEvent.get_state_key and use it in a couple of
+ places. (#11793)
+ - Preparation for database schema simplifications: stop reading
+ from event_reference_hashes. (#11794)
+ - Drop unused table public_room_list_stream. (#11795)
+ - Preparation for reducing Postgres serialization errors: allow
+ setting transaction isolation level. Contributed by Nick @
+ Beeper. (#11799, #11847)
+ - Docker: skip the initial amd64-only build and go straight to
+ multiarch. (#11810)
+ - Run Complement on the Github Actions VM and not inside a
+ Docker container. (#11811)
+ - Log module names at startup. (#11813)
+ - Improve type safety of bundled aggregations code. (#11815)
+ - Correct a type annotation in the event validation logic.
+ (#11817, #11830)
+ - Minor updates and documentation for database schema delta
+ files. (#11823)
+ - Workaround a type annotation problem in prometheus_client
+ 0.13.0. (#11834)
+ - Minor performance improvement in room state lookup. (#11836)
+ - Fix some indentation inconsistencies in the sample config.
+ (#11838)
+ - Add type hints to tests/rest/admin. (#11851)
+
+-------------------------------------------------------------------
+Thu Feb 3 12:08:51 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- With the previous change we would not need use_python anymore
+ because we also can find now the packages that provide python3-X
+
+ But i keep the conditional around for e.g. testing with python
+ 3.10.
+
+-------------------------------------------------------------------
+Thu Feb 3 12:04:47 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Replace requires_eq with requires_peq: (boo#1195316)
+ The only difference between the 2 macros is that the new macro
+ also considers provides so we can track package names over
+ renames.
+
+-------------------------------------------------------------------
+Tue Jan 25 13:44:47 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.51.0
+
+ Synapse 1.51.0 deprecates webclient listeners and non-HTTP(S)
+ web_client_locations. Support for these will be removed in
+ Synapse 1.53.0, at which point Synapse will not be capable of
+ directly serving a web client for Matrix. See the upgrade notes.
+
+ - Features
+ - Add track_puppeted_user_ips config flag to record client IP
+ addresses against puppeted users, and include the puppeted
+ users in monthly active user counts. (#11561, #11749, #11757)
+ - Include whether the requesting user has participated in a
+ thread when generating a summary for MSC3440. (#11577)
+ - Return an M_FORBIDDEN error code instead of M_UNKNOWN when a
+ spam checker module prevents a user from creating a room.
+ (#11672)
+ - Add a flag to the synapse_review_recent_signups script to
+ ignore and filter appservice users. (#11675, #11770)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.40.0 that caused Synapse to
+ fail to process incoming federation traffic after handling a
+ large amount of events in a v1 room. (#11806)
+ - Fix a long-standing issue which could cause Synapse to
+ incorrectly accept data in the unsigned field of events
+ - received over federation. (#11530)
+ - Fix a long-standing bug where Synapse wouldn't cache a
+ response indicating that a remote user has no devices.
+ (#11587)
+ - Fix an error that occurs whilst trying to get the federation
+ status of a destination server that was working normally.
+ This admin API was newly introduced in Synapse v1.49.0.
+ (#11593)
+ - Fix bundled aggregations not being included in the /sync
+ response, per MSC2675. (#11612, #11659, #11791)
+ - Fix the /_matrix/client/v1/room/{roomId}/hierarchy endpoint
+ returning incorrect fields which have been present since
+ Synapse 1.49.0. (#11667)
+ - Fix preview of some GIF URLs (like tenor.com). Contributed by
+ Philippe Daouadi. (#11669)
+ - Fix a bug where only the first 50 rooms from a space were
+ returned from the /hierarchy API. This has existed since the
+ introduction of the API in Synapse v1.41.0. (#11695)
+ - Fix a bug introduced in Synapse v1.18.0 where password reset
+ and address validation emails would not be sent if their
+ subject was configured to use the 'app' template variable.
+ Contributed by @br4nnigan. (#11710, #11745)
+ - Make the 'List Rooms' Admin API sort stable. Contributed by
+ Daniël Sonck. (#11737)
+ - Fix a long-standing bug where space hierarchy over federation
+ would only work correctly some of the time. (#11775)
+ - Fix a bug introduced in Synapse v1.46.0 that prevented
+ on_logged_out module callbacks from being correctly awaited
+ by Synapse. (#11786)
+ - Improved Documentation
+ - Warn against using a Let's Encrypt certificate for TLS/DTLS
+ TURN server client connections, and suggest using ZeroSSL
+ certificate instead. This works around client-side
+ connectivity errors caused by WebRTC libraries that reject
+ Let's Encrypt certificates. Contibuted by @AndrewFerr.
+ (#11686)
+ - Document the new SYNAPSE_TEST_PERSIST_SQLITE_DB environment
+ variable in the contributing guide. (#11715)
+ - Document that the minimum supported PostgreSQL version is now
+ 10. (#11725)
+ - Fix typo in demo docs: differnt. (#11735)
+ - Update room spec URL in config files. (#11739)
+ - Mention python3-venv and libpq-dev dependencies in the
+ contribution guide. (#11740)
+ - Update documentation for configuring login with Facebook.
+ (#11755)
+ - Update installation instructions to note that Python 3.6 is
+ no longer supported. (#11781)
+ - Deprecations and Removals
+ - Remove the unstable /send_relation endpoint. (#11682)
+ - Remove python_twisted_reactor_pending_calls Prometheus
+ metric. (#11724)
+ - Remove the password_hash field from the response dictionaries
+ of the Users Admin API. (#11576)
+ - Deprecate support for webclient listeners and non-HTTP(S)
+ web_client_location configuration. (#11774, #11783)
+ - Internal Changes
+ - Run pyupgrade --py37-plus --keep-percent-format on Synapse.
+ (#11685)
+ - Use buildkit's cache feature to speed up docker builds.
+ (#11691)
+ - Use auto_attribs and native type hints for attrs classes.
+ (#11692, #11768)
+ - Remove debug logging for #4422, which has been closed since
+ Synapse 0.99. (#11693)
+ - Remove fallback code for Python 2. (#11699)
+ - Add a test for an edge case in the /sync logic. (#11701)
+ - Add the option to write SQLite test dbs to disk when running
+ tests. (#11702)
+ - Improve Complement test output for Gitub Actions. (#11707)
+ - Fix docstring on add_account_data_for_user. (#11716)
+ - Complement environment variable name change and update
+ .gitignore. (#11718)
+ - Simplify calculation of Prometheus metrics for garbage
+ collection. (#11723)
+ - Improve accuracy of python_twisted_reactor_tick_time
+ Prometheus metric. (#11724, #11771)
+ - Minor efficiency improvements when inserting many values into
+ the database. (#11742)
+ - Invite PR authors to give themselves credit in the changelog.
+ (#11744)
+ - Add optional debugging to investigate issue 8631. (#11760)
+ - Remove log_function utility function and its uses. (#11761)
+ - Add a unit test that checks both client and webclient
+ resources will function when simultaneously enabled. (#11765)
+ - Allow overriding complement commit using COMPLEMENT_REF.
+ (#11766)
+ - Add some comments and type annotations for
+ _update_outliers_txn. (#11776)
+
+-------------------------------------------------------------------
+Mon Jan 24 14:41:42 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.50.2
+
+ Please note that we now only support Python 3.7+ and PostgreSQL
+ 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have
+ reached end-of-life.
+
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.40.0 that caused Synapse to
+ fail to process incoming federation traffic after handling a
+ large amount of events in a v1 room. (#11806)
+
+-------------------------------------------------------------------
+Tue Jan 18 17:11:16 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.50.1
+
+ Please note that we now only support Python 3.7+ and PostgreSQL
+ 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have
+ reached end-of-life.
+
+ - Bugfixes:
+ - Fix a bug introduced in Synapse 1.50.0rc1 that could cause
+ Matrix clients to be unable to connect to Synapse instances
+ with the webclient resource enabled. (#11764)
+
+-------------------------------------------------------------------
+Tue Jan 18 16:24:25 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- you shall not commit your python 3.10 test. Back to 3.8
+
+-------------------------------------------------------------------
+Tue Jan 18 11:57:01 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- bump minimum python in the BuildRequires to 3.8
+
+-------------------------------------------------------------------
+Tue Jan 18 11:53:13 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.50.0
+
+ Please note that we now only support Python 3.7+ and PostgreSQL
+ 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have
+ reached end-of-life.
+
+ - Features
+ - Allow guests to send state events per MSC3419. (#11378)
+ - Add experimental support for part of MSC3202: allowing
+ application services to masquerade as specific devices.
+ (#11538)
+ - Add admin API to get users' account data. (#11664)
+ - Include the room topic in the stripped state included with
+ invites and knocking. (#11666)
+ - Send and handle cross-signing messages using the stable
+ prefix. (#10520)
+ - Support unprefixed versions of fallback key property names.
+ (#11541)
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.0.0 whereby some device
+ list updates would not be sent to remote homeservers if there
+ were too many to send at once. (#11729)
+ - Fix a bug introduced in Synapse v1.50.0rc1 whereby outbound
+ federation could fail because too many EDUs were produced for
+ device updates. (#11730)
+ - Fix a long-standing bug where relations from other rooms
+ could be included in the bundled aggregations of an event.
+ (#11516)
+ - Fix a long-standing bug which could cause AssertionErrors to
+ be written to the log when Synapse was restarted after
+ purging events from the database. (#11536, #11642)
+ - Fix a bug introduced in Synapse 1.17.0 where a pusher created
+ for an email with capital letters would fail to be created.
+ (#11547)
+ - Fix a long-standing bug where responses included bundled
+ aggregations when they should not, per MSC2675. (#11592,
+ #11623)
+ - Fix a long-standing bug that some unknown endpoints would
+ return HTML error pages instead of JSON M_UNRECOGNIZED
+ errors. (#11602)
+ - Fix a bug introduced in Synapse 1.19.3 which could sometimes
+ cause AssertionErrors when backfilling rooms over federation.
+ (#11632)
+ - Improved Documentation
+ - Document that now the minimum supported PostgreSQL version is
+ 10. (#11725)
+ - Update Synapse install command for FreeBSD as the package is
+ now prefixed with py38. Contributed by @itchychips. (#11267)
+ - Document the usage of refresh tokens. (#11427)
+ - Add details for how to configure a TURN server when behind a
+ NAT. Contibuted by @AndrewFerr. (#11553)
+ - Add references for using Postgres to the Docker
+ documentation. (#11640)
+ - Fix the documentation link in newly-generated configuration
+ files. (#11678)
+ - Correct the documentation for nginx to use a case-sensitive
+ url pattern. Fixes an error introduced in v1.21.0. (#11680)
+ - Clarify SSO mapping provider documentation by writing def or
+ async def before the names of methods, as appropriate.
+ (#11681)
+ - Deprecations and Removals
+ - Replace mock package by its standard library version.
+ (#11588)
+ - Drop support for Python 3.6 and Ubuntu 18.04. (#11633)
+ - Internal Changes
+ - Fix a typechecker problem related to our (ab)use of
+ nacl.signing.SigningKeys. (#11714)
+ - Allow specific, experimental events to be created without
+ prev_events. Used by MSC2716. (#11243)
+ - A test helper (wait_for_background_updates) no longer depends
+ on classes defining a store property. (#11331)
+ - Add type hints to synapse.appservice. (#11360)
+ - Add missing type hints to synapse.config module. (#11480)
+ - Add test to ensure we share the same state_group across the
+ whole historical batch when using the MSC2716 /batch_send
+ endpoint. (#11487)
+ - Refactor tests.util.setup_test_homeserver and
+ tests.server.setup_test_homeserver. (#11503)
+ - Move glob_to_regex and re_word_boundary to
+ matrix-python-common. (#11505, #11687)
+ - Use HTTPStatus constants in place of literals in
+ tests.rest.client.test_auth. (#11520)
+ - Add a receipt types constant for m.read. (#11531)
+ - Clean up synapse.rest.admin. (#11535)
+ - Add missing errcode to parse_string and parse_boolean.
+ (#11542)
+ - Use HTTPStatus constants in place of literals in
+ synapse.http. (#11543)
+ - Add missing type hints to storage classes. (#11546, #11549,
+ #11551, #11555, #11575, #11589, #11594, #11652, #11653,
+ #11654, #11657)
+ - Fix an inaccurate and misleading comment in the /sync code.
+ (#11550)
+ - Add missing type hints to synapse.logging.context. (#11556)
+ - Stop populating unused database column
+ state_events.prev_state. (#11558)
+ - Minor efficiency improvements in event persistence. (#11560)
+ - Add some safety checks that storage functions are used
+ correctly. (#11564, #11580)
+ - Make get_device return None if the device doesn't exist
+ rather than raising an exception. (#11565)
+ - Split the HTML parsing code from the URL preview resource
+ code. (#11566)
+ - Remove redundant COALESCE()s around COUNT()s in database
+ queries. (#11570)
+ - Add missing type hints to synapse.http. (#11571)
+ - Add MSC2716 and MSC3030 to /versions -> unstable_features to
+ detect server support. (#11582)
+ - Add type hints to synapse/tests/rest/admin. (#11590)
+ - Drop end-of-life Python 3.6 and Postgres 9.6 from CI.
+ (#11595)
+ - Update black version and run it on all the files. (#11596)
+ - Add opentracing type stubs and fix associated mypy errors.
+ (#11603, #11622)
+ - Improve OpenTracing support for requests which use a
+ ResponseCache. (#11607)
+ - Improve OpenTracing support for incoming HTTP requests.
+ (#11618)
+ - A number of improvements to opentracing support. (#11619)
+ - Refactor the way that the outlier flag is set on events
+ received over federation. (#11634)
+ - Improve the error messages from get_create_event_for_room.
+ (#11638)
+ - Remove redundant get_current_events_token method. (#11643)
+ - Convert namedtuples to attrs. (#11665, #11574)
+ - Update the /capabilities response to include whether support
+ for MSC3440 is available. (#11690)
+ - Send the Accept header in HTTP requests made using
+ SimpleHttpClient.get_json. (#11677)
+ - Work around Mjolnir compatibility issue by adding an import
+ for glob_to_regex in synapse.util, where it moved from.
+ (#11696)
+
+-------------------------------------------------------------------
+Fri Jan 7 22:44:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
+
+- use frozendict >= 2.1.3 as it should fix the issue people saw on
+ debian and that library version fixes other python modules for us
+
+-------------------------------------------------------------------
+Tue Dec 28 03:45:30 UTC 2021 - Aleksa Sarai <asarai@suse.com>
+
+- Add explicit minimum versions for more dependencies.
+
+-------------------------------------------------------------------
+Tue Dec 21 18:39:09 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.49.2
+ - Bugfixes
+ - Fix a performance regression in /sync handling, introduced in
+ 1.49.0. (#11583)
+ - Internal Changes
+ - Work around a build problem on Debian Buster. (#11625)
+
+-------------------------------------------------------------------
+Tue Dec 14 14:29:19 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.49.0
+ The wiki has been migrated to the documentation website We've
+ decided to move the existing, somewhat stagnant pages from the
+ GitHub wiki to the documentation website.
+
+ This was done for two reasons. The first was to ensure that
+ changes are checked by multiple authors before being committed
+ (everyone makes mistakes!) and the second was visibility of the
+ documentation. Not everyone knows that Synapse has some very
+ useful information hidden away in its GitHub wiki pages. Bringing
+ them to the documentation website should help with visibility, as
+ well as keep all Synapse documentation in one, easily-searchable
+ location.
+
+ Note that contributions to the documentation website happen
+ through GitHub pull requests. Please visit
+ #synapse-dev:matrix.org if you need help with the process!
+
+ - Features
+ - Add MSC3030 experimental client and federation API endpoints
+ to get the closest event to a given timestamp. (#9445)
+ - Include bundled relation aggregations during a limited /sync
+ request and /relations request, per MSC2675. (#11284, #11478)
+ - Add plugin support for controlling database background
+ updates. (#11306, #11475, #11479)
+ - Support the stable API endpoints for MSC2946: the room
+ /hierarchy endpoint. (#11329)
+ - Add admin API to get some information about federation status
+ with remote servers. (#11407)
+ - Support expiry of refresh tokens and expiry of the overall
+ session when refresh tokens are in use. (#11425)
+ - Stabilise support for MSC2918 refresh tokens as they have now
+ been merged into the Matrix specification. (#11435, #11522)
+ - Update MSC2918 refresh token support to confirm with the
+ latest revision: accept the refresh_tokens parameter in the
+ request body rather than in the URL parameters. (#11430)
+ - Support configuring the lifetime of non-refreshable access
+ tokens separately to refreshable access tokens. (#11445)
+ - Expose synapse_homeserver and synapse_worker commands as
+ entry points to run Synapse's main process and worker
+ processes, respectively. Contributed by @Ma27. (#11449)
+ - synctl stop will now wait for Synapse to exit before
+ returning. (#11459, #11490)
+ - Extend the "delete room" admin api to work correctly on rooms
+ which have previously been partially deleted. (#11523)
+ - Add support for the
+ /_matrix/client/v3/login/sso/redirect/{idpId} API from Matrix
+ v1.1. This endpoint was overlooked when support for v3
+ endpoints was added in Synapse 1.48.0rc1. (#11451)
+ - Bugfixes
+ - Fix using MSC2716 batch sending in combination with event
+ persistence workers. Contributed by @tulir at Beeper.
+ (#11220)
+ - Fix a long-standing bug where all requests that read events
+ from the database could get stuck as a result of losing the
+ database connection, properly this time. Also fix a race
+ condition introduced in the previous insufficient fix in
+ Synapse 1.47.0. (#11376)
+ - The /send_join response now includes the stable event field
+ instead of the unstable field from MSC3083. (#11413)
+ - Fix a bug introduced in Synapse 1.47.0 where send_join could
+ fail due to an outdated ijson version. (#11439, #11441,
+ #11460)
+ - Fix a bug introduced in Synapse 1.36.0 which could cause
+ problems fetching event-signing keys from trusted key
+ servers. (#11440)
+ - Fix a bug introduced in Synapse 1.47.1 where the media
+ repository would fail to work if the media store path
+ contained any symbolic links. (#11446)
+ - Fix an LruCache corruption bug, introduced in Synapse 1.38.0,
+ that would cause certain requests to fail until the next
+ Synapse restart. (#11454)
+ - Fix a long-standing bug where invites from ignored users were
+ included in incremental syncs. (#11511)
+ - Fix a regression in Synapse 1.48.0 where presence workers
+ would not clear their presence updates over replication on
+ shutdown. (#11518)
+ - Fix a regression in Synapse 1.48.0 where the module API's
+ looping_background_call method would spam errors to the logs
+ when given a non-async function. (#11524)
+ - Updates to the Docker image
+ - Update Dockerfile-workers to healthcheck all workers in the
+ container. (#11429)
+ - Improved Documentation
+ - Update the media repository documentation. (#11415)
+ - Update section about backward extremities in the room DAG
+ concepts doc to correct the misconception about backward
+ extremities indicating whether we have fetched an events'
+ prev_events. (#11469)
+ - Internal Changes
+ - Add Final annotation to string constants in
+ synapse.api.constants so that they get typed as Literals.
+ (#11356)
+ - Add a check to ensure that users cannot start the Synapse
+ master process when worker_app is set. (#11416)
+ - Add a note about postgres memory management and hugepages to
+ postgres doc. (#11467)
+ - Add missing type hints to synapse.config module. (#11465)
+ - Add missing type hints to synapse.federation. (#11483)
+ - Add type annotations to tests.storage.test_appservice.
+ (#11488, #11492)
+ - Add type annotations to some of the configuration surrounding
+ refresh tokens. (#11428)
+ - Add type hints to synapse/tests/rest/admin. (#11501)
+ - Add type hints to storage classes. (#11411)
+ - Add wiki pages to documentation website. (#11402)
+ - Clean up tests.storage.test_main to remove use of legacy
+ code. (#11493)
+ - Clean up tests.test_visibility to remove legacy code.
+ (#11495)
+ - Convert status codes to HTTPStatus in synapse.rest.admin.
+ (#11452, #11455)
+ - Extend the scripts-dev/sign_json script to support signing
+ events. (#11486)
+ - Improve internal types in push code. (#11409)
+ - Improve type annotations in synapse.module_api. (#11029)
+ - Improve type hints for LruCache. (#11453)
+ - Preparation for database schema simplifications: disambiguate
+ queries on state_key. (#11497)
+ - Refactor backfilled into specific behavior function arguments
+ (_persist_events_and_state_updates and downstream calls).
+ (#11417)
+ - Refactor get_version_string to fix-up types and duplicated
+ code. (#11468)
+ - Refactor various parts of the /sync handler. (#11494, #11515)
+ - Remove unnecessary json.dumps from tests.rest.admin. (#11461)
+ - Save the OpenID Connect session ID on login. (#11482)
+ - Update and clean up recently ported documentation pages.
+ (#11466)
+
+-------------------------------------------------------------------
+Tue Nov 30 14:59:49 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.48.0
+ This release removes support for the long-deprecated
+ trust_identity_server_for_password_resets configuration flag.
+ This release also fixes some performance issues with some
+ background database updates introduced in Synapse 1.47.0.
+ - Features
+ - Experimental support for the thread relation defined in
+ MSC3440. (#11161)
+ - Support filtering by relation senders & types per MSC3440.
+ (#11236)
+ - Add support for the /_matrix/client/v3 and /_matrix/media/v3
+ APIs from Matrix v1.1. (#11318, #11371)
+ - Support the stable version of MSC2778: the
+ m.login.application_service login type. Contributed by
+ @tulir. (#11335)
+ - Add a new version of delete room admin API DELETE
+ /_synapse/admin/v2/rooms/<room_id> to run it in the
+ background. Contributed by @dklimpel. (#11223)
+ - Allow the admin Delete Room API to block a room without the
+ need to join it. (#11228)
+ - Add an admin API to un-shadow-ban a user. (#11347)
+ - Add an admin API to run background database schema updates.
+ (#11352)
+ - Add an admin API for blocking a room. (#11324)
+ - Update the JWT login type to support custom a sub claim.
+ (#11361)
+ - Store and allow querying of arbitrary event relations.
+ (#11391)
+ - Bugfixes
+ - Fix a long-standing bug wherein display names or avatar URLs
+ containing null bytes cause an internal server error when
+ stored in the DB. (#11230)
+ - Prevent MSC2716 historical state events from being pushed to
+ an application service via /transactions. (#11265)
+ - Fix a long-standing bug where uploading extremely thin images
+ (e.g. 1000x1) would fail. Contributed by @Neeeflix. (#11288)
+ - Fix a bug, introduced in Synapse 1.46.0, which caused the
+ check_3pid_auth and on_logged_out callbacks in legacy
+ password authentication provider modules to not be
+ registered. Modules using the generic module interface were
+ not affected. (#11340)
+ - Fix a bug introduced in 1.41.0 where space hierarchy
+ responses would be incorrectly reused if multiple users were
+ to make the same request at the same time. (#11355)
+ - Fix a bug introduced in 1.45.0 where the read_templates
+ method of the module API would error. (#11377)
+ - Fix an issue introduced in 1.47.0 which prevented servers
+ re-joining rooms they had previously left, if their signing
+ keys were replaced. (#11379)
+ - Fix a bug introduced in 1.13.0 where creating and publishing
+ a room could cause errors if room_list_publication_rules is
+ configured. (#11392)
+ - Improve performance of various background database updates.
+ (#11421, #11422)
+ - Improved Documentation
+ - Suggest users of the Debian packages add configuration to
+ /etc/matrix-synapse/conf.d/ to prevent, upon upgrade, being
+ asked to choose between their configuration and the
+ maintainer's. (#11281)
+ - Fix typos in the documentation for the username_available
+ admin API. Contributed by Stanislav Motylkov. (#11286)
+ - Add Single Sign-On, SAML and CAS pages to the documentation.
+ (#11298)
+ - Change the word 'Home server' as one word 'homeserver' in
+ documentation. (#11320)
+ - Fix missing quotes for wildcard domains in
+ federation_certificate_verification_whitelist. (#11381)
+ - Deprecations and Removals
+ - Remove deprecated trust_identity_server_for_password_resets
+ configuration flag. (#11333, #11395)
+ - Internal Changes
+ - Add type annotations to synapse.metrics. (#10847)
+ - Split out federated PDU retrieval function into a non-cached
+ version. (#11242)
+ - Clean up code relating to to-device messages and sending
+ ephemeral events to application services. (#11247)
+ - Fix a small typo in the error response when a relation type
+ other than 'm.annotation' is passed to GET
+ /rooms/{room_id}/aggregations/{event_id}. (#11278)
+ - Drop unused database tables room_stats_historical and
+ user_stats_historical. (#11280)
+ - Require all files in synapse/ and tests/ to pass mypy unless
+ specifically excluded. (#11282, #11285, #11359)
+ - Add missing type hints to synapse.app. (#11287)
+ - Remove unused parameters on
+ FederationEventHandler._check_event_auth. (#11292)
+ - Add type hints to synapse._scripts. (#11297)
+ - Fix an issue which prevented the
+ remove_deleted_devices_from_device_inbox background database
+ schema update from running when updating from a recent
+ Synapse version. (#11303)
+ - Add type hints to storage classes. (#11307, #11310, #11311,
+ #11312, #11313, #11314, #11316, #11322, #11332, #11339,
+ #11342)
+ - Add type hints to synapse.util. (#11321, #11328)
+ - Improve type annotations in Synapse's test suite. (#11323,
+ #11330)
+ - Test that room alias deletion works as intended. (#11327)
+ - Add type annotations for some methods and properties in the
+ module API. (#11341)
+ - Fix running scripts-dev/complement.sh, which was broken in
+ v1.47.0rc1. (#11368)
+ - Rename internal functions for token generation to better
+ reflect what they do. (#11369, #11370)
+ - Add type hints to configuration classes. (#11377)
+ - Publish a develop image to Docker Hub. (#11380)
+ - Keep fallback key marked as used if it's re-uploaded.
+ (#11382)
+ - Use auto_attribs on the attrs class RefreshTokenLookupResult.
+ (#11386)
+ - Rename unstable access_token_lifetime configuration option to
+ refreshable_access_token_lifetime to make it clear it only
+ concerns refreshable access tokens. (#11388)
+ - Do not run the broken MSC2716 tests when running
+ scripts-dev/complement.sh. (#11389)
+ - Remove dead code from supporting ACME. (#11393)
+ - Refactor including the bundled relations when serializing an
+ event. (#11408)
+
+-------------------------------------------------------------------
+Sun Nov 28 18:35:03 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- bump ijson to make it clear that we really need 3.1
+ https://github.com/matrix-org/synapse/pull/11439
+
+-------------------------------------------------------------------
+Tue Nov 23 14:45:19 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.47.1 (boo#1193005)
+ This release fixes a security issue in the media store, affecting
+ all prior releases of Synapse. Server administrators are
+ encouraged to update Synapse as soon as possible. We are not
+ aware of these vulnerabilities being exploited in the wild.
+ Server administrators who are unable to update Synapse may use
+ the workarounds described in the linked GitHub Security Advisory
+ below.
+
+ - Security Advisory:
+ GHSA-3hfw-x7gx-437c / CVE-2021-41281: Path traversal when
+ downloading remote media.
+ Synapse instances with the media repository enabled can be
+ tricked into downloading a file from a remote server into an
+ arbitrary directory, potentially outside the media store
+ directory. The last two directories and file name of the path
+ are chosen randomly by Synapse and cannot be controlled by an
+ attacker, which limits the impact. Homeservers with the media
+ repository disabled are unaffected. Homeservers configured with
+ a federation whitelist are also unaffected. Fixed by
+ 91f2bd090.
+
+-------------------------------------------------------------------
+Wed Nov 17 14:19:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.47.0
+ - Deprecations and Removals
+ - The user_may_create_room_with_invites module callback is now
+ deprecated. Please refer to the upgrade notes for more
+ information. (#11206)
+ - Remove deprecated admin API to delete rooms (POST
+ /_synapse/admin/v1/rooms/<room_id>/delete). (#11213)
+ - Features
+ - Advertise support for Client-Server API r0.6.1. (#11097)
+ - Add search by room ID and room alias to the List Room admin
+ API. (#11099)
+ - Add an on_new_event third-party rules callback to allow
+ Synapse modules to act after an event has been sent into a
+ room. (#11126)
+ - Add a module API method to update a user's membership in a
+ room. (#11147)
+ - Add metrics for thread pool usage. (#11178)
+ - Support the stable room type field for MSC3288. (#11187)
+ - Add a module API method to retrieve the current state of a
+ room. (#11204)
+ - Calculate a default value for public_baseurl based on
+ server_name. (#11210)
+ - Add support for serving /.well-known/matrix/server files, to
+ redirect federation traffic to port 443. (#11211)
+ - Add admin APIs to pause, start and check the status of
+ background updates. (#11263)
+ - Bugfixes
+ - Fix a bug introduced in 1.47.0rc1 which caused worker
+ processes to not halt startup in the presence of outstanding
+ database migrations. (#11346)
+ - Fix a bug introduced in 1.47.0rc1 which prevented the 'remove
+ deleted devices from device_inbox column' background process
+ from running when updating from a recent Synapse version.
+ (#11303, #11353)
+ - Fix a long-standing bug which allowed hidden devices to
+ receive to-device messages, resulting in unnecessary database
+ bloat. (#10097)
+ - Fix a long-standing bug where messages in the device_inbox
+ table for deleted devices would persist indefinitely.
+ Contributed by @dklimpel and @JohannesKleine. (#10969,
+ #11212)
+ - Do not accept events if a third-party rule
+ check_event_allowed callback raises an exception. (#11033)
+ - Fix long-standing bug where verification requests could fail
+ in certain cases if a federation whitelist was in place but
+ did not include your own homeserver. (#11129)
+ - Allow an empty list of state_events_at_start to be sent when
+ using the MSC2716 /batch_send endpoint and the author of the
+ historical messages is already part of the current room state
+ at the given ?prev_event_id. (#11188)
+ - Fix a bug introduced in Synapse 1.45.0 which prevented the
+ synapse_review_recent_signups script from running.
+ Contributed by @samuel-p. (#11191)
+ - Delete to_device messages for hidden devices that will never
+ be read, reducing database size. (#11199)
+ - Fix a long-standing bug wherein a missing Content-Type header
+ when downloading remote media would cause Synapse to throw an
+ error. (#11200)
+ - Fix a long-standing bug which could result in serialization
+ errors and potentially duplicate transaction data when
+ sending ephemeral events to application services. Contributed
+ by @Fizzadar at Beeper. (#11207)
+ - Fix a bug introduced in Synapse 1.35.0 which made it
+ impossible to join rooms that return a send_join response
+ containing floats. (#11217)
+ - Fix long-standing bug where cross signing keys were not
+ included in the response to /r0/keys/query the first time a
+ remote user was queried. (#11234)
+ - Fix a long-standing bug where all requests that read events
+ from the database could get stuck as a result of losing the
+ database connection. (#11240)
+ - Fix a bug preventing Synapse from being rolled back to an
+ earlier version when using workers. (#11255, #11276)
+ - Fix a bug introduced in Synapse 1.37.1 which caused a remote
+ event being processed by a worker to not get processed on
+ restart if the worker was killed. (#11262)
+ - Only allow old Element/Riot Android clients to send read
+ receipts without a request body. All other clients must
+ include a request body as required by the specification.
+ Contributed by @rogersheu. (#11157)
+ - Updates to the Docker image
+ - Avoid changing user ID when started as a non-root user, and
+ no explicit UID is set. (#11209)
+ - Improved Documentation
+ - Improve example HAProxy config in the docs to properly handle
+ HTTP Host headers with port information. This is required for
+ federation over port 443 to work correctly. (#11128)
+ - Add documentation for using Authentik as an OpenID Connect
+ Identity Provider. Contributed by @samip5. (#11151)
+ - Clarify lack of support for Windows. (#11198)
+ - Improve code formatting and fix a few typos in docs.
+ Contributed by @sumnerevans at Beeper. (#11221)
+ - Add documentation for using LemonLDAP as an OpenID Connect
+ Identity Provider. Contributed by @l00ptr. (#11257)
+ - Internal Changes
+ - Add type annotations for the log_function decorator. (#10943)
+ - Add type hints to synapse.events. (#11098)
+ - Remove and document unnecessary RoomStreamToken checks in
+ application service ephemeral event code. (#11137)
+ - Add type hints so that synapse.http passes mypy checks.
+ (#11164)
+ - Update scripts to pass Shellcheck lints. (#11166)
+ - Add knock information in admin export. Contributed by Rafael
+ Gonçalves. (#11171)
+ - Add tests to check that
+ ClientIpStore.get_last_client_ip_by_device and
+ get_user_ip_and_agents combine database and in-memory data
+ correctly. (#11179)
+ - Refactor Filter to check different fields depending on the
+ data type. (#11194)
+ - Improve type hints for the relations datastore. (#11205)
+ - Replace outdated links in the pull request checklist with
+ links to the rendered documentation. (#11225)
+ - Fix a bug in unit test test_block_room_and_not_purge.
+ (#11226)
+ - In ObservableDeferred, run observers in the order they were
+ registered. (#11229)
+ - Minor speed up to start up times and getting updates for
+ groups by adding missing index to
+ local_group_updates.stream_id. (#11231)
+ - Add twine and towncrier as dev dependencies, as they're used
+ by the release script. (#11233)
+ - Allow stream_writers.typing config to be a list of one
+ worker. (#11237)
+ - Remove debugging statement in tests. (#11239)
+ - Fix MSC2716 historical messages backfilling in random order
+ on remote homeservers. (#11244)
+ - Add an additional test for the cachedList method decorator.
+ (#11246)
+ - Make minor correction to the type of auth_checkers callbacks.
+ (#11253)
+ - Clean up trivial aspects of the Debian package build tooling.
+ (#11269, #11273)
+ - Blacklist new SyTest that checks that key uploads are valid
+ pending the validation being implemented in Synapse. (#11270)
+
+-------------------------------------------------------------------
+Tue Nov 2 19:25:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.46.0
+ The cause of the performance regression affecting Synapse 1.44
+ has been identified and fixed. (#11177)
+ - Features
+ - Add support for Ubuntu 21.10 "Impish Indri". (#11024)
+ - Port the Password Auth Providers module interface to the new
+ generic interface. (#10548, #11180)
+ - Experimental support for the thread relation defined in
+ MSC3440. (#11088, #11181, #11192)
+ - Users admin API can now also modify user type in addition to
+ allowing it to be set on user creation. (#11174)
+ - Bugfixes
+ - Fix a bug introduced in v1.46.0rc1 where URL previews of some
+ XML documents would fail. (#11196)
+ - Newly-created public rooms are now only assigned an alias if
+ the room's creation has not been blocked by permission
+ settings. Contributed by @AndrewFerr. (#10930)
+ - Fix a long-standing bug which meant that events received over
+ federation were sometimes incorrectly accepted into the room
+ state. (#11001, #11009, #11012)
+ - Fix 500 error on /messages when the server accumulates more
+ than 5 backwards extremities at a given depth for a room.
+ (#11027)
+ - Fix a bug where setting a user's external_id via the admin
+ API returns 500 and deletes user's existing external mappings
+ if that external ID is already mapped. (#11051)
+ - Fix a long-standing bug where users excluded from the user
+ directory were added into the directory if they belonged to a
+ room which became public or private. (#11075)
+ - Fix a long-standing bug when attempting to preview URLs which
+ are in the windows-1252 character encoding. (#11077, #11089)
+ - Fix broken export-data admin command and add test script
+ checking the command to CI. (#11078)
+ - Show an error when timestamp in seconds is provided to the
+ /purge_media_cache Admin API. (#11101)
+ - Fix local users who left all their rooms being removed from
+ the user directory, even if the search_all_users config
+ option was enabled. (#11103)
+ - Fix a bug which caused the module API's
+ get_user_ip_and_agents function to always fail on workers.
+ get_user_ip_and_agents was introduced in 1.44.0 and did not
+ function correctly on worker processes at the time. (#11112)
+ - Identity server connection is no longer ignoring
+ ip_range_whitelist. (#11120)
+ - Fix a bug introduced in Synapse 1.45.0 breaking the
+ configuration file parsing script. (#11145)
+ - Fix a performance regression introduced in 1.44.0 which could
+ cause client requests to time out when making large numbers
+ of outbound requests. (#11177, #11190)
+ - Resolve and share state_groups for all MSC2716 historical
+ events in batch. (#10975)
+ - Improved Documentation
+ - Fix broken links relating to module API deprecation in the
+ upgrade notes. (#11069)
+ - Add more information about what happens when a user is
+ deactivated. (#11083)
+ - Clarify the the sample log config can be copied from the
+ documentation without issue. (#11092)
+ - Update the admin API documentation with an updated list of
+ the characters allowed in registration tokens. (#11093)
+ - Document Synapse's behaviour when dealing with multiple
+ modules registering the same callbacks and/or handlers for
+ the same HTTP endpoints. (#11096)
+ - Fix instances of [example]{.title-ref} in the upgrade
+ documentation as a result of prior RST to Markdown
+ conversion. (#11118)
+ - Document the version of Synapse each module callback was
+ introduced in. (#11132)
+ - Document the version of Synapse that introduced each module
+ API method. (#11183)
+ - Internal Changes
+ - Fix spurious warnings about losing the logging context on the
+ ReplicationCommandHandler when losing the replication
+ connection. (#10984)
+ - Include rejected status when we log events. (#11008)
+ - Add some extra logging to the event persistence code.
+ (#11014)
+ - Rearrange the internal workings of the incremental user
+ directory updates. (#11035)
+ - Fix a long-standing bug where users excluded from the
+ directory could still be added to the
+ users_who_share_private_rooms table after a regular user
+ joins a private room. (#11143)
+ - Add and improve type hints. (#10972, #11055, #11066, #11076,
+ #11095, #11109, #11121, #11146)
+ - Mark the Synapse package as containing type annotations and
+ fix export declarations so that Synapse pluggable modules may
+ be type checked against Synapse. (#11054)
+ - Remove dead code from MediaFilePaths. (#11056)
+ - Be more lenient when parsing oEmbed response versions.
+ (#11065)
+ - Create a separate module for the retention configuration.
+ (#11070)
+ - Clean up some of the federation event authentication code for
+ clarity. (#11115, #11116, #11122)
+ - Add docstrings and comments to the application service
+ ephemeral event sending code. (#11138)
+ - Update the sign_json script to support inline configuration
+ of the signing key. (#11139)
+ - Fix broken link in the docker image README. (#11144)
+ - Always dump logs from unit tests during CI runs. (#11068)
+ - Add tests for MediaFilePaths class. (#11057)
+ - Simplify the user admin API tests. (#11048)
+ - Add a test for the workaround introduced in #11042 concerning
+ the behaviour of third-party rule modules and SynapseErrors.
+ (#11071)
+
+-------------------------------------------------------------------
+Thu Oct 21 12:34:00 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.45.1
+ - Bugfixes
+ - Revert change to counting of deactivated users towards the
+ monthly active users limit, introduced in 1.45.0rc1. (#11127)
+
+-------------------------------------------------------------------
+Wed Oct 20 09:47:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.45.0
+ - Known Issues
+ - A suspected performance regression which was first reported
+ after the release of 1.44.0 remains unresolved.
+ - We have not been able to identify a probable cause. Affected
+ users report that setting up a federation sender worker
+ appears to alleviate symptoms of the regression.
+ - Features
+ - Add MSC3069 support to /account/whoami. (#9655)
+ - Support autodiscovery of oEmbed previews. (#10822)
+ - Add a user_may_send_3pid_invite spam checker callback for
+ modules to allow or deny 3PID invites. (#10894)
+ - Add a spam checker callback to allow or deny room joins.
+ (#10910)
+ - Include an update_synapse_database script in the
+ distribution. Contributed by @Fizzadar at Beeper. (#10954)
+ - Include exception information in JSON logging output.
+ Contributed by @Fizzadar at Beeper. (#11028)
+ - Bugfixes
+ - Fix a long-standing bug when using multiple event persister
+ workers where events were not correctly sent down /sync due
+ to a race. (#11045)
+ - Fix a bug introduced in Synapse 1.45.0rc1 where the user
+ directory would stop updating if it processed an event from a
+ - user not in the users table. (#11053)
+ - Fix a bug introduced in Synapse 1.44.0 when logging errors
+ during oEmbed processing. (#11061)
+ - Fix a minor bug in the response to
+ /_matrix/client/r0/voip/turnServer. Contributed by
+ @lukaslihotzki. (#10922)
+ - Fix a bug where empty yyyy-mm-dd/ directories would be left
+ behind in the media store's url_cache_thumbnails/ directory.
+ (#10924)
+ - Fix a bug introduced in Synapse v1.40.0 where the signature
+ checks for room version 8 and 9 could be applied to earlier
+ room versions in some situations. (#10927)
+ - Fix a long-standing bug wherein deactivated users still count
+ towards the monthly active users limit. (#10947)
+ - Fix a long-standing bug which meant that events received over
+ federation were sometimes incorrectly accepted into the room
+ state. (#10956)
+ - Fix a long-standing bug where rebuilding the user directory
+ wouldn't exclude support and deactivated users. (#10960)
+ - Fix MSC2716 /batch_send endpoint rejecting subsequent batches
+ with unknown batch ID error in existing room versions from
+ the room creator. (#10962)
+ - Fix a bug that could leak local users' per-room nicknames and
+ avatars when the user directory is rebuilt. (#10981)
+ - Fix a long-standing bug where the remainder of a batch of
+ user directory changes would be silently dropped if the
+ server left a room early in the batch. (#10982)
+ - Correct a bugfix introduced in Synapse v1.44.0 that would
+ catch the wrong error if a connection is lost before a
+ response could be written to it. (#10995)
+ - Fix a long-standing bug where local users' per-room
+ nicknames/avatars were visible to anyone who could see you in
+ the user directory. (#11002)
+ - Fix a long-standing bug where a user's per-room
+ nickname/avatar would overwrite their profile in the user
+ directory when a room was made public. (#11003)
+ - Work around a regression, introduced in Synapse v1.39.0, that
+ caused SynapseErrors raised by the experimental third-party
+ rules module callback check_event_allowed to be ignored.
+ (#11042)
+ - Fix a bug in MSC2716 insertion events in rooms that could
+ cause cross-talk/conflicts between batches. (#10877)
+ - Internal Changes
+ - Add an 'approximate difference' method to StateFilter.
+ (#10825)
+ - Fix inconsistent behavior of get_last_client_by_ip when
+ reporting data that has not been stored in the database yet.
+ (#10970)
+ - Fix a bug introduced in Synapse 1.21.0 that causes
+ opentracing and Prometheus metrics for replication requests
+ to be measured incorrectly. (#10996)
+ - Ensure that cache config tests do not share state. (#11036)
+ - Improve type hinting in synapse.util. (#10888)
+ - Add further type hints to synapse.storage.util. (#10892)
+ - Fix type hints to be compatible with an upcoming change to
+ Twisted. (#10895)
+ - Update utility code to handle C implementations of
+ frozendict. (#10902)
+ - Drop old functionality which maintained database
+ compatibility with Synapse versions before v1.31. (#10903)
+ - Clean-up configuration helper classes for the ServerConfig
+ class. (#10915)
+ - Use direct references to config flags. (#10916, #10959,
+ #10985)
+ - Clean up some of the federation event authentication code for
+ clarity. (#10926, #10940, #10986, #10987, #10988, #11010,
+ #11011)
+ - Refactor various parts of the codebase to use RoomVersion
+ objects instead of room version identifier strings. (#10934)
+ - Refactor user directory tests in preparation for upcoming
+ changes. (#10935)
+ - Include the event id in the logcontext when handling PDUs
+ received over federation. (#10936)
+ - Fix logged errors in unit tests. (#10939)
+ - Fix a broken test to ensure that consent configuration works
+ during registration. (#10945)
+ - Add type hints to filtering classes. (#10958)
+ - Add type-hint to HomeserverTestcase.setup_test_homeserver.
+ (#10961)
+ - Fix the test utility function create_room_as so that
+ is_public=True will explicitly set the visibility parameter
+ of room creation requests to public. Contributed by
+ @AndrewFerr. (#10963)
+ - Make the release script more robust and transparent. (#10966)
+ - Refactor MSC2716 /batch_send mega function into smaller
+ handler functions. (#10974)
+ - Log stack traces when a missing opentracing span is detected.
+ (#10983)
+ - Update GHA config to run tests against Python 3.10 and
+ PostgreSQL 14. (#10992)
+ - Fix a long-standing bug where ReadWriteLocks could drop
+ logging contexts on exit. (#10993)
+ - Add a CODEOWNERS file to automatically request reviews from
+ the @matrix-org/synapse-core team on new pull requests.
+ (#10994)
+ - Add further type hints to synapse.state. (#11004)
+ - Remove the deprecated BaseHandler object. (#11005)
+ - Bump mypy version for CI to 0.910, and pull in new type stubs
+ for dependencies. (#11006)
+ - Fix CI to run the unit tests without optional deps. (#11017)
+ - Ensure that cache config tests do not share state. (#11019)
+ - Add additional type hints to synapse.server_notices. (#11021)
+ - Add additional type hints for synapse.push. (#11023)
+ - When installing the optional developer dependencies, also
+ include the dependencies needed for type-checking and unit
+ testing. (#11034)
+ - Remove unnecessary list comprehension from synapse_port_db to
+ satisfy code style requirements. (#11043)
+ - Improved Documentation
+ - Reword changelog to clarify concerns about a suspected
+ performance regression in 1.44.0. (#11117)
+ - Change wording ("reference homeserver") in Synapse repository
+ documentation. Contributed by @maxkratz. (#10971)
+ - Fix a dead URL in development documentation (SAML) and change
+ wording from "Riot" to "Element". Contributed by @maxkratz.
+ (#10973)
+ - Add additional content to the Welcome and Overview page of
+ the documentation. (#10990)
+ - Update links to MSCs in documentation. Contributed by
+ @dklimpel. (#10991)
+
+-------------------------------------------------------------------
+Tue Oct 5 13:44:42 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.44.0
+ - Features
+ - Only allow the MSC2716 /batch_send?chunk_id=xxx endpoint to
+ connect to an already existing insertion event. (#10776)
+ - Improve oEmbed URL previews by processing the author name,
+ photo, and video information. (#10814, #10819)
+ - Speed up responding with large JSON objects to requests.
+ (#10868, #10905)
+ - Add a user_may_create_room_with_invites spam checker callback
+ to allow modules to allow or deny a room creation request
+ based on the invites and/or 3PID invites it includes.
+ (#10898)
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.40.0 where changing a
+ user's display name or avatar in a restricted room would
+ cause an authentication error. (#10933)
+ - Fix /admin/whois/{user_id} endpoint, which was broken in
+ v1.44.0rc1. (#10968)
+ - Fix a bug introduced in v1.44.0rc1 which caused the
+ experimental MSC2716 /batch_send endpoint to return a 500
+ error. (#10938)
+ - Fix a bug introduced in v1.44.0rc1 which prevented sending
+ presence events to application services. (#10944)
+ - Fix a long-standing bug that caused an AssertionError when
+ purging history in certain rooms. Contributed by @Kokokokoka.
+ (#10690)
+ - Fix a long-standing bug which caused deactivated users that
+ were later reactivated to be missing from the user directory.
+ (#10782)
+ - Fix a long-standing bug that caused unbanning a user by
+ sending a membership event to fail. Contributed by
+ @aaronraimist. (#10807)
+ - Fix a long-standing bug where logging contexts would go
+ missing when federation requests time out. (#10810)
+ - Fix a long-standing bug causing an error in the deprecated
+ /initialSync endpoint when using the undocumented from and to
+ parameters. (#10827)
+ - Fix a bug causing the remove_stale_pushers background job to
+ repeatedly fail and log errors. This bug affected Synapse
+ servers that had been upgraded from version 1.28 or older and
+ are using SQLite. (#10843)
+ - Fix a long-standing bug in Unicode support of the room search
+ admin API breaking search for rooms with non-ASCII
+ characters. (#10859)
+ - Fix a bug introduced in Synapse 1.37.0 which caused knock
+ membership events which we sent to remote servers to be
+ incorrectly stored in the local database. (#10873)
+ - Fix invalidating one-time key count cache after claiming
+ keys. The bug was introduced in Synapse v1.41.0. Contributed
+ by Tulir at Beeper. (#10875)
+ - Fix a long-standing bug causing application service users to
+ be subject to MAU blocking if the MAU limit had been reached,
+ even if configured not to be blocked. (#10881)
+ - Fix a long-standing bug which could cause events pulled over
+ federation to be incorrectly rejected. (#10907)
+ - Fix a long-standing bug causing URL cache files to be stored
+ in storage providers. Server admins may safely delete the
+ url_cache/ and url_cache_thumbnails/ directories from any
+ configured storage providers to reclaim space. (#10911)
+ - Fix a long-standing bug leading to race conditions when
+ creating media store and config directories. (#10913)
+ - Improved Documentation
+ - Minor updates to the installation instructions. (#10919)
+ - Fix some crashes in the Module API example code, by adding
+ JSON encoding/decoding. (#10845)
+ - Add developer documentation about experimental configuration
+ flags. (#10865)
+ - Properly remove deleted files from GitHub pages when
+ generating the documentation. (#10869)
+ - Internal Changes
+ - Fix GitHub Actions config so we can run sytest on synapse
+ from parallel branches. (#10659)
+ - Split out MSC2716 meta events to their own fields in the
+ /batch_send response. (#10777)
+ - Add missing type hints to REST servlets. (#10785, #10817)
+ - Simplify the internal logic which maintains the user
+ directory database tables. (#10796)
+ - Use direct references to config flags. (#10812, #10885,
+ #10893, #10897)
+ - Specify the type of token in generic "Invalid token" error
+ messages. (#10815)
+ - Make StateFilter frozen so it is hashable. (#10816)
+ - Fix a long-standing bug where an m.room.message event
+ containing a null byte would cause an internal server error.
+ (#10820)
+ - Add type hints to the state database. (#10823)
+ - Opt out of cache expiry for
+ get_users_who_share_room_with_user, to hopefully improve
+ /sync performance when you
+ - haven't synced recently. (#10826)
+ - Track cache eviction rates more finely in Prometheus's
+ monitoring. (#10829)
+ - Add missing type hints to synapse.handlers. (#10831, #10856)
+ - Extend the Module API to let plug-ins check whether an ID is
+ local and to access IP + User Agent data. (#10833)
+ - Factor out PNG image data to a constant to be used in several
+ tests. (#10834)
+ - Add a test to ensure state events sent by modules get
+ persisted correctly. (#10835)
+ - Rename MSC2716 fields and event types from chunk to batch to
+ match the /batch_send endpoint. (#10838)
+ - Rename MSC2716 /batch_send query parameter from ?prev_event
+ to more obvious usage with ?prev_event_id. (#10839)
+ - Add type hints to synapse.http.site. (#10867)
+ - Include outlier status when we log V2 or V3 events. (#10879)
+ - Break down Grafana's cache expiry time series based on reason
+ for eviction, c.f. #10829. (#10880)
+ - Clean up some of the federation event authentication code for
+ clarity. (#10883, #10884, #10896, #10901)
+ - Allow the . and ~ characters when creating registration
+ tokens as per the change to MSC3231. (#10887)
+ - Clean up some unnecessary parentheses in places around the
+ codebase. (#10889)
+ - Improve type hinting in the user directory code. (#10891)
+ - Update development testing script test_postgresql.sh to use a
+ supported Python version and make re-runs quicker. (#10906)
+ - Document and summarize changes in schema version 61 – 64.
+ (#10917)
+ - Update release script to sign the newly created git tags.
+ (#10925)
+ - Fix Debian builds due to dh-virtualenv no longer being able
+ to build their docs. (#10931)
+
+-------------------------------------------------------------------
+Tue Sep 21 13:41:59 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.43.0
+ This release drops support for the deprecated, unstable API for
+ MSC2858, as well as the undocumented experimental.msc2858_enabled
+ config option. Client authors should update their clients to use
+ the stable API, available since Synapse 1.30.
+
+ - Features
+ - Allow room creators to send historical events specified by
+ MSC2716 in existing room versions. (#10566)
+ - Add config option to use non-default manhole password and
+ keys. (#10643)
+ - Skip final GC at shutdown to improve restart performance.
+ (#10712)
+ - Allow configuration of the oEmbed URLs used for URL previews.
+ (#10714, #10759)
+ - Prefer room version 9 for restricted rooms per the room
+ version capabilities API. (#10772)
+ - Bugfixes
+ - Added opentracing logging to help debug #9424. (#10828)
+ - Fix a long-standing bug where room avatars were not included
+ in email notifications. (#10658)
+ - Fix a bug where the ordering algorithm was skipping the
+ origin_server_ts step in the spaces summary resulting in
+ unstable room orderings. (#10730)
+ - Fix edge case when persisting events into a room where there
+ are multiple events we previously hadn't calculated auth
+ chains for (and hadn't marked as needing to be calculated).
+ (#10743)
+ - Fix a bug which prevented calls to /createRoom that included
+ the room_alias_name parameter from being handled by worker
+ processes. (#10757)
+ - Fix a bug which prevented user registration via SSO to
+ require consent tracking for SSO mapping providers that don't
+ prompt for Matrix ID selection. Contributed by @AndrewFerr.
+ (#10733)
+ - Only return the stripped state events for the m.space.child
+ events in a room for the spaces summary from MSC2946.
+ (#10760)
+ - Properly handle room upgrades of spaces. (#10774)
+ - Fix a bug which generated invalid homeserver config when the
+ frontend_proxy worker type was passed to the Synapse
+ Worker-based Complement image. (#10783)
+ - Improved Documentation
+ - Minor fix to the media_repository developer documentation.
+ Contributed by @cuttingedge1109. (#10556)
+ - Update the documentation to note that the /spaces and
+ /hierarchy endpoints can be routed to workers. (#10648)
+ - Clarify admin API documentation on undoing room deletions.
+ (#10735)
+ - Split up the modules documentation and add examples for
+ module developers. (#10758)
+ - Correct 2 typographical errors in the Log Contexts
+ documentation. (#10795)
+ - Fix a wording mistake in the sample configuration.
+ Contributed by @BramvdnHeuvel:nltrix.net. (#10804)
+ - Deprecations and Removals
+ - Remove the unstable MSC2858 API, including the undocumented
+ experimental.msc2858_enabled config option. The unstable API
+ has been deprecated since Synapse 1.35. Client authors should
+ update their clients to use the stable API introduced in
+ Synapse 1.30 if they have not already done so. (#10693)
+ - Internal Changes
+ - Add OpenTracing logging to help debug stuck messages (as
+ described by issue #9424). (#10704)
+ - Add type annotations to the synapse.util package. (#10601)
+ - Ensure rooms.creator field is always populated for easy
+ lookup in MSC2716 usage later. (#10697)
+ - Add missing type hints to REST servlets. (#10707, #10728,
+ #10736)
+ - Do not include rooms with unknown room versions in the spaces
+ summary results. (#10727)
+ - Additional error checking for the preset field when creating
+ a room. (#10738)
+ - Clean up some of the federation event authentication code for
+ clarity. (#10744, #10745, #10746, #10771, #10773, #10781)
+ - Add an index to presence_stream to hopefully speed up
+ startups a little. (#10748)
+ - Refactor event size checking code to simplify searching the
+ codebase for the origins of certain error strings that are
+ occasionally emitted. (#10750)
+ - Move tests relating to rooms having encryption out of the
+ user directory tests. (#10752)
+ - Use attrs internally for the URL preview code & update
+ documentation. (#10753)
+ - Minor speed ups when joining large rooms over federation.
+ (#10754, #10755, #10756, #10780, #10784)
+ - Add a constant for m.federate. (#10775)
+ - Add a script to update the Debian changelog in a Docker
+ container for systems that are not Debian-based. (#10778)
+ - Change the format of authenticated users in logs when a user
+ is being puppeted by and admin user. (#10779)
+ - Remove fixed and flakey tests from the Sytest blacklist.
+ (#10788)
+ - Improve internal details of the user directory code. (#10789)
+ - Use direct references to config flags. (#10798)
+ - Ensure the Rust reporter passes type checking with
+ jaeger-client 4.7's type annotations. (#10799)
+
+-------------------------------------------------------------------
+Tue Sep 21 11:34:59 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- disable 10719-Fix-instert-of-duplicate-key-into-event_json.patch
+ until upstream decided if they want to accept it
+
+-------------------------------------------------------------------
+Tue Sep 7 16:11:58 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.42.0
+ This version of Synapse removes deprecated room-management admin
+ APIs, removes out-of-date email pushers, and improves error
+ handling for fallback templates for user-interactive
+ authentication. For more information on these points, server
+ administrators are encouraged to read the upgrade notes.
+
+ - Features
+ - Support room version 9 from MSC3375. (#10747)
+ - Add support for MSC3231: Token authenticated registration.
+ Users can be required to submit a token during registration
+ to authenticate themselves. Contributed by Callum Brown.
+ (#10142)
+ - Add support for MSC3283: Expose enable_set_displayname in
+ capabilities. (#10452)
+ - Port the PresenceRouter module interface to the new generic
+ interface. (#10524)
+ - Add pagination to the spaces summary based on updates to
+ MSC2946. (#10613, #10725)
+ - Bugfixes
+ - Validate new m.room.power_levels events. Contributed by
+ @aaronraimist. (#10232)
+ - Display an error on User-Interactive Authentication fallback
+ pages when authentication fails. Contributed by Callum Brown.
+ (#10561)
+ - Remove pushers when deleting an e-mail address from an
+ account. Pushers for old unlinked emails will also be
+ deleted. (#10581, #10734)
+ - Reject Client-Server /keys/query requests which provide
+ device_ids incorrectly. (#10593)
+ - Rooms with unsupported room versions are no longer returned
+ via /sync. (#10644)
+ - Enforce the maximum length for per-room display names and
+ avatar URLs. (#10654)
+ - Fix a bug which caused the synapse_user_logins_total
+ Prometheus metric not to be correctly initialised on restart.
+ (#10677)
+ - Improve ServerNoticeServlet to avoid duplicate requests and
+ add unit tests. (#10679)
+ - Fix long-standing issue which caused an error when a
+ thumbnail is requested and there are multiple thumbnails with
+ the same quality rating. (#10684)
+ - Fix a regression introduced in v1.41.0 which affected the
+ performance of concurrent fetches of large sets of events, in
+ extreme cases causing the process to hang. (#10703)
+ - Fix a regression introduced in Synapse 1.41 which broke email
+ transmission on Systems using older versions of the Twisted
+ library. (#10713)
+ - Improved Documentation
+ - Add documentation on how to connect Django with Synapse using
+ OpenID Connect and django-oauth-toolkit. Contributed by
+ @HugoDelval. (#10192)
+ - Advertise https://matrix-org.github.io/synapse documentation
+ in the README and CONTRIBUTING files. (#10595)
+ - Fix some of the titles not rendering in the OpenID Connect
+ documentation. (#10639)
+ - Minor clarifications to the documentation for reverse
+ proxies. (#10708)
+ - Remove table of contents from the top of installation and
+ contributing documentation pages. (#10711)
+ - Deprecations and Removals
+ - Remove deprecated Shutdown Room and Purge Room Admin API.
+ (#8830)
+ - Internal Changes
+ - Print a warning when using one of the deprecated template_dir
+ settings. (#10768)
+ - Improve type hints for the proxy agent and SRV resolver
+ modules. Contributed by @dklimpel. (#10608)
+ - Clean up some of the federation event authentication code for
+ clarity. (#10614, #10615, #10624, #10640)
+ - Add a comment asking developers to leave a reason when
+ bumping the database schema version. (#10621)
+ - Remove not needed database updates in modify user admin API.
+ (#10627)
+ - Convert room member storage tuples to attrs classes. (#10629,
+ #10642)
+ - Use auto-attribs for the attrs classes used in sync. (#10630)
+ - Make backfill and get_missing_events use the same codepath.
+ (#10645)
+ - Improve the performance of the /hierarchy API (from MSC2946)
+ by caching responses received over federation. (#10647)
+ - Run a nightly CI build against Twisted trunk. (#10651,
+ #10672)
+ - Do not print out stack traces for network errors when
+ fetching data over federation. (#10662)
+ - Simplify tests for device admin rest API. (#10664)
+ - Add missing type hints to REST servlets. (#10665, #10666,
+ #10674)
+ - Flatten the tests.synapse.rests package by moving the
+ contents of v1 and v2_alpha into the parent. (#10667)
+ - Update complement.sh to rebuild the base Docker image when
+ run with workers. (#10686)
+ - Split the event-processing methods in FederationHandler into
+ a separate FederationEventHandler. (#10692)
+ - Remove unused compare_digest function. (#10706)
+
+-------------------------------------------------------------------
+Thu Sep 2 09:52:14 UTC 2021 - Jan Zerebecki <jan.suse@zerebecki.de>
+
+- Add 10719-Fix-instert-of-duplicate-key-into-event_json.patch
+
+-------------------------------------------------------------------
+Tue Aug 31 14:21:51 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.41.1 (boo#1190037 boo#1190038)
+ Due to the two security issues highlighted below, server
+ administrators are encouraged to update Synapse. We are not aware
+ of these vulnerabilities being exploited in the wild.
+
+ - Security advisory
+ The following issues are fixed in v1.41.1.
+
+ - GHSA-3x4c-pq33-4w3q / CVE-2021-39164: Enumerating a private
+ room's list of members and their display names.
+
+ If an unauthorized user both knows the Room ID of a private
+ room and that room's history visibility is set to shared,
+ then they may be able to enumerate the room's members,
+ including their display names.
+
+ The unauthorized user must be on the same homeserver as a
+ user who is a member of the target room.
+
+ Fixed by 52c7a51cf.
+
+ - GHSA-jj53-8fmw-f2w2 / CVE-2021-39163: Disclosing a private
+ room's name, avatar, topic, and number of members.
+
+ If an unauthorized user knows the Room ID of a private room,
+ then its name, avatar, topic, and number of members may be
+ disclosed through Group / Community features.
+
+ The unauthorized user must be on the same homeserver as a
+ user who is a member of the target room, and their homeserver
+ must allow non-administrators to create groups
+ (enable_group_creation in the Synapse configuration; off by
+ default).
+
+ Fixed by cb35df940a, #10723.
+
+ - Bugfixes
+ - Fix a regression introduced in Synapse 1.41 which broke email
+ transmission on systems using older versions of the Twisted
+ library. (#10713)
+
+-------------------------------------------------------------------
+Tue Aug 24 16:07:40 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.41.0
+ - Features
+ - Enable room capabilities (MSC3244) by default and set room
+ version 8 as the preferred room version when creating
+ restricted rooms. (#10571)
+ - Add get_userinfo_by_id method to ModuleApi. (#9581)
+ - Initial local support for MSC3266, Room Summary over the
+ unstable /rooms/{roomIdOrAlias}/summary API. (#10394)
+ - Experimental support for MSC3288, sending room_type to the
+ identity server for 3pid invites over the /store-invite API.
+ (#10435)
+ - Add support for sending federation requests through a proxy.
+ Contributed by @Bubu and @dklimpel. (#10475)
+ - Add support for "marker" events which makes historical events
+ discoverable for servers that already have all of the
+ scrollback history (part of MSC2716). (#10498)
+ - Add a configuration setting for the time a /sync response is
+ cached for. (#10513)
+ - The default logging handler for new installations is now
+ PeriodicallyFlushingMemoryHandler, a buffered logging handler
+ which periodically flushes itself. (#10518)
+ - Add support for new redaction rules for historical events
+ specified in MSC2716. (#10538)
+ - Add a setting to disable TLS when sending email. (#10546)
+ - Add pagination to the spaces summary based on updates to
+ MSC2946. (#10549, #10560, #10569, #10574, #10575, #10579,
+ #10583)
+ - Admin API to delete several media for a specific user.
+ Contributed by @dklimpel. (#10558, #10628)
+ - Add support for routing /createRoom to workers. (#10564)
+ - Update the Synapse Grafana dashboard. (#10570)
+ - Add an admin API (GET /_synapse/admin/username_available) to
+ check if a username is available (regardless of registration
+ settings). (#10578)
+ - Allow editing a user's external_ids via the "Edit User" admin
+ API. Contributed by @dklimpel. (#10598)
+ - The Synapse manhole no longer needs coroutines to be wrapped
+ in defer.ensureDeferred. (#10602)
+ - Add option to allow modules to run periodic tasks on all
+ instances, rather than just the one configured to run
+ background tasks. (#10638)
+ - Bugfixes
+ - Add some clarification to the sample config file. Contributed
+ by @Kentokamoto. (#10129)
+ - Fix a long-standing bug where protocols which are not
+ implemented by any appservices were incorrectly returned via
+ GET /_matrix/client/r0/thirdparty/protocols. (#10532)
+ - Fix exceptions in logs when failing to get remote room list.
+ (#10541)
+ - Fix longstanding bug which caused the user "status" to be
+ reset when the user went offline. Contributed by @dklimpel.
+ (#10550)
+ - Allow public rooms to be previewed in the spaces summary APIs
+ from MSC2946. (#10580)
+ - Fix a bug introduced in v1.37.1 where an error could occur in
+ the asynchronous processing of PDUs when the queue was empty.
+ (#10592)
+ - Fix errors on /sync when read receipt data is a string. Only
+ affects homeservers with the experimental flag for MSC2285
+ enabled. Contributed by @SimonBrandner. (#10606)
+ - Additional validation for the spaces summary API to avoid
+ errors like ValueError: Stop argument for islice() must be
+ None or an integer. The missing validation has existed since
+ v1.31.0. (#10611)
+ - Revert behaviour introduced in v1.38.0 that strips
+ org.matrix.msc2732.device_unused_fallback_key_types from
+ /sync when its value is empty. This field should instead
+ always be present according to MSC2732. (#10623)
+ - Improved Documentation
+ - Add documentation for configuration a forward proxy. (#10443)
+ - Updated the reverse proxy documentation to highlight the
+ homserver configuration that is needed to make Synapse aware
+ that is is intentionally reverse proxied. (#10551)
+ - Update CONTRIBUTING.md to fix index links and the
+ instructions for SyTest in docker. (#10599)
+ - Deprecations and Removals
+ - No longer build .deb packages for Ubuntu 20.10 LTS Groovy
+ Gorilla, which has now EOLed. (#10588)
+ - The template_dir configuration settings in the sso,
+ account_validity and email sections of the configuration file
+ are now deprecated in favour of the global
+ templates.custom_template_directory setting. See the upgrade
+ notes for more information. (#10596)
+ - Internal Changes
+ - Improve event caching mechanism to avoid having multiple
+ copies of an event in memory at a time. (#10119)
+ - Reduce errors in PostgreSQL logs due to concurrent
+ serialization errors. (#10504)
+ - Include room ID in ignored EDU log messages. Contributed by
+ @ilmari. (#10507)
+ - Add pagination to the spaces summary based on updates to
+ MSC2946. (#10527, #10530)
+ - Fix CI to not break when run against branches rather than
+ pull requests. (#10529)
+ - Mark all events stemming from the MSC2716 /batch_send
+ endpoint as historical. (#10537)
+ - Clean up some of the federation event authentication code for
+ clarity. (#10539, #10591)
+ - Convert Transaction and Edu objects to attrs. (#10542)
+ - Update /batch_send endpoint to only return state_events
+ created by the state_events_from_before passed in. (#10552)
+ - Update contributing.md to warn against rebasing an open PR.
+ (#10563)
+ - Remove the unused public rooms replication stream. (#10565)
+ - Clarify error message when failing to join a restricted room.
+ (#10572)
+ - Remove references to BuildKite in favour of GitHub Actions.
+ (#10573)
+ - Move /batch_send endpoint defined by MSC2716 to the /v2_alpha
+ directory. (#10576)
+ - Allow multiple custom directories in read_templates. (#10587)
+ - Re-organize the synapse.federation.transport.server module to
+ create smaller files. (#10590)
+ - Flatten the synapse.rest.client package by moving the
+ contents of v1 and v2_alpha into the parent. (#10600)
+ - Build Debian packages for Debian 12 (Bookworm). (#10612)
+ - Fix up a couple of links to the database schema
+ documentation. (#10620)
+ - Fix a broken link to the upgrade notes. (#10631)
+
+-------------------------------------------------------------------
+Tue Aug 10 13:38:13 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.40.0
+ - Features
+ - Support MSC3289: room version 8. (#10449)
+ - Add support for MSC2033: device_id on /account/whoami.
+ (#9918)
+ - Update support for MSC2716 - Incrementally importing history
+ into existing rooms. (#10245, #10432, #10463)
+ - Update support for MSC3083 to consider changes in the MSC
+ around which servers can issue join events. (#10254, #10447,
+ #10489)
+ - Initial support for MSC3244, Room version capabilities over
+ the /capabilities API. (#10283)
+ - Add a buffered logging handler which periodically flushes
+ itself. (#10407, #10515)
+ - Add support for https connections to a proxy server.
+ Contributed by @Bubu and @dklimpel. (#10411)
+ - Support for MSC2285 (hidden read receipts). Contributed by
+ @SimonBrandner. (#10413)
+ - Email notifications now state whether an invitation is to a
+ room or a space. (#10426)
+ - Allow setting transaction limit for database connections.
+ (#10440, #10511)
+ - Add creation_ts to "list users" admin API. (#10448)
+ - Bugfixes
+ - Mark the experimental room version from MSC2716 as unstable.
+ (#10449)
+ - Fix the PeriodicallyFlushingMemoryHandler inhibiting
+ application shutdown because of its background thread.
+ (#10517)
+ - Fix a bug introduced in Synapse v1.40.0rc1 that could cause
+ Synapse to respond with an error when clients would update
+ read receipts. (#10531)
+ - Improve character set detection in URL previews by supporting
+ underscores (in addition to hyphens). Contributed by
+ @srividyut. (#10410)
+ - Fix events being incorrectly rejected over federation if they
+ reference auth events that the server needed to fetch.
+ (#10439)
+ - Fix synapse_federation_server_oldest_inbound_pdu_in_staging
+ Prometheus metric to not report a max age of 51 years when
+ the queue is empty. (#10455)
+ - Fix a bug which caused an explicit assignment of power-level
+ 0 to a user to be misinterpreted in rare circumstances.
+ (#10499)
+ - Improved Documentation
+ - Fix broken links in upgrade.md. Contributed by @dklimpel.
+ (#10543)
+ - Fix hierarchy of providers on the OpenID page. (#10445)
+ - Consolidate development documentation to docs/development/.
+ (#10453)
+ - Add some developer docs to explain room DAG concepts like
+ outliers, state_groups, depth, etc. (#10464)
+ - Document how to use Complement while developing a new Synapse
+ feature. (#10483)
+ - Internal Changes
+ - Fix release script to open the correct URL for the release.
+ (#10516)
+ - Prune inbound federation queues for a room if they get too
+ large. (#10390)
+ - Add type hints to synapse.federation.transport.client module.
+ (#10408)
+ - Remove shebang line from module files. (#10415)
+ - Drop backwards-compatibility code that was required to
+ support Ubuntu Xenial. (#10429)
+ - Use a docker image cache for the prerequisites for the debian
+ package build. (#10431)
+ - Improve servlet type hints. (#10437, #10438)
+ - Replace usage of or_ignore in simple_insert with
+ simple_upsert usage, to stop spamming postgres logs with
+ spurious ERROR messages. (#10442)
+ - Update the tests-done Github Actions status. (#10444, #10512)
+ - Update type annotations to work with forthcoming Twisted
+ 21.7.0 release. (#10446, #10450)
+ - Cancel redundant GHA workflows when a new commit is pushed.
+ (#10451)
+ - Mitigate media repo XSS attacks on IE11 via the non-standard
+ X-Content-Security-Policy header. (#10468)
+ - Additional type hints in the state handler. (#10482)
+ - Update syntax used to run complement tests. (#10488)
+ - Fix up type annotations to work with Twisted 21.7. (#10490)
+ - Improve type annotations for ObservableDeferred. (#10491)
+ - Extend release script to also tag and create GitHub releases.
+ (#10496)
+ - Fix a bug which caused production debian packages to be
+ incorrectly marked as 'prerelease'. (#10500)
+
+-------------------------------------------------------------------
+Thu Jul 29 11:49:07 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.39.0
+ The Third-Party Event Rules module interface has been deprecated
+ in favour of the generic module interface introduced in Synapse
+ v1.37.0. Support for the old interface is planned to be removed
+ in September 2021. See the upgrade notes for more information.
+
+ - Features
+ - Add the ability to override the account validity feature with
+ a module. (#9884)
+ - The spaces summary API now returns any joinable rooms, not
+ only rooms which are world-readable. (#10298, #10305)
+ - Add a new version of the R30 phone-home metric, which removes
+ a false impression of retention given by the old R30 metric.
+ (#10332, #10427)
+ - Allow providing credentials to http_proxy. (#10360)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.38 which caused an
+ exception at startup when SAML authentication was enabled.
+ (#10477)
+ - Fix a long-standing bug where Synapse would not inform
+ clients that a device had exhausted its one-time-key pool,
+ potentially causing problems decrypting events. (#10485)
+ - Fix reporting old R30 stats as R30v2 stats.
+ Introduced in v1.39.0rc1. (#10486)
+ - Always include device_one_time_keys_count key in /sync
+ response to work around a bug in Element Android that broke
+ encryption for new devices. (#10457)
+ - Fix error while dropping locks on shutdown. Introduced in
+ v1.38.0. (#10433)
+ - Add base starting insertion event when no chunk ID is
+ specified in the historical batch send API. (#10250)
+ - Fix historical batch send endpoint (MSC2716) rejecting
+ batches with messages from multiple senders. (#10276)
+ - Fix purging rooms that other homeservers are still sending
+ events for. Contributed by @ilmari. (#10317)
+ - Fix errors during backfill caused by previously purged
+ redaction events. Contributed by Andreas Rammhold (@andir).
+ (#10343)
+ - Fix the user directory becoming broken (and noisy errors
+ being logged) when knocking and room statistics are in use.
+ (#10344)
+ - Fix newly added
+ synapse_federation_server_oldest_inbound_pdu_in_staging
+ prometheus metric to measure age rather than timestamp.
+ (#10355)
+ - Fix PostgreSQL sometimes using table scans for queries
+ against state_groups_state table, taking a long time and a
+ large amount of IO. (#10359)
+ - Fix make_room_admin failing for users that have left a
+ private room. (#10367)
+ - Fix a number of logged errors caused by remote servers being
+ down. (#10400, #10414)
+ - Responses from /make_{join,leave,knock} no longer include
+ signatures, which will turn out to be invalid after events
+ are returned to /send_{join,leave,knock}. (#10404)
+ - Improved Documentation
+ - Updated installation dependencies for newer macOS versions
+ and ARM Macs. Contributed by Luke Walsh. (#9971)
+ - Simplify structure of room admin API. (#10313)
+ - Refresh the logcontext dev documentation. (#10353), (#10337)
+ - Add delegation example for caddy in the reverse proxy
+ documentation. Contributed by @moritzdietz. (#10368)
+ - Fix and clarify some links in docs and contrib. (#10370),
+ (#10322), (#10399)
+ - Make deprecation notice of the spam checker doc more obvious.
+ (#10395)
+ - Add instructions on installing Debian packages for release
+ candidates. (#10396)
+ - Deprecations and Removals
+ - Remove functionality associated with the unused
+ room_stats_historical and user_stats_historical tables.
+ Contributed by @xmunoz. (#9721)
+ - The third-party event rules module interface is deprecated in
+ favour of the generic module interface introduced in Synapse
+ v1.37.0. See the upgrade notes for more information. (#10386)
+ - Internal Changes
+ - Fix an error which prevented the Github Actions workflow to
+ build the docker images from running. (#10461)
+ - Fix release script to correctly version debian changelog when
+ doing RCs. (#10465)
+ - Move docker image build to Github Actions. (#10416)
+ - Convert room_depth.min_depth column to a BIGINT. (#10289)
+ - Add tests to characterise the current behaviour of R30
+ phone-home metrics. (#10315)
+ - Rebuild event context and auth when processing specific
+ results from ThirdPartyEventRules modules. (#10316)
+ - Minor change to the code that populates user_daily_visits.
+ (#10324)
+ - Re-enable Sytests that were disabled for the 1.37.1 release.
+ (#10345, #10357)
+ - Run pyupgrade on the codebase. (#10347, #10348)
+ - Switch application_services_txns.txn_id database column to
+ BIGINT. (#10349)
+ - Convert internal type variable syntax to reflect wider
+ ecosystem use. (#10350, #10380, #10381, #10382, #10418)
+ - Make the Github Actions workflow configuration more
+ efficient. (#10383)
+ - Add type hints to get_{domain,localpart}_from_id. (#10385)
+ - When building Debian packages for prerelease versions, set
+ the Section accordingly. (#10391)
+ - Add type hints and comments to event auth code. (#10393)
+ - Stagger sending of presence update to remote servers,
+ reducing CPU spikes caused by starting many connections to
+ remote servers at once. (#10398)
+ - Remove unused events_by_room code (tech debt). (#10421)
+ - Add a github actions job which records success of other jobs.
+ (#10430)
+
+-------------------------------------------------------------------
+Thu Jul 22 16:20:00 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.38.1
+ Always include device_one_time_keys_count key in /sync response
+ to work around a bug in Element Android that broke encryption for
+ new devices. (#10457)
+
+-------------------------------------------------------------------
+Fri Jul 16 15:32:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- oidc can be enabled on TW as the Authlib package is in the distro
+
+-------------------------------------------------------------------
+Fri Jul 16 14:48:15 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- drop all conditionals that were enabled anyway
+- rename remaining conditionals to have a synapse_ prefix
+
+-------------------------------------------------------------------
+Wed Jul 14 15:03:02 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.38.0
+ This release includes a database schema update which could result
+ in elevated disk usage. See the upgrade notes for more
+ information.
+
+ - Features
+ - Implement refresh tokens as specified by MSC2918. (#9450)
+ - Add support for evicting cache entries based on last access
+ time. (#10205)
+ - Omit empty fields from the /sync response. Contributed by
+ @deepbluev7. (#10214)
+ - Improve validation on federation send_{join,leave,knock}
+ endpoints. (#10225, #10243)
+ - Add SSO external_ids to the Query User Account admin API.
+ (#10261)
+ - Mark events received over federation which fail a spam check
+ as "soft-failed". (#10263)
+ - Add metrics for new inbound federation staging area. (#10284)
+ - Add script to print information about recently registered
+ users. (#10290)
+ - Bugfixes
+ - Fix bug where inbound federation in a room could be delayed
+ due to not correctly dropping a lock. Introduced in v1.37.1.
+ (#10336)
+ - Fix a long-standing bug which meant that invite rejections
+ and knocks were not sent out over federation in a timely
+ manner. (#10223)
+ - Fix a bug introduced in v1.26.0 where only users who have set
+ profile information could be deactivated with erasure
+ enabled. (#10252)
+ - Fix a long-standing bug where Synapse would return errors
+ after 231 events were handled by the server. (#10264, #10267,
+ #10282, #10286, #10291, #10314, #10326)
+ - Fix the prometheus synapse_federation_server_pdu_process_time
+ metric. Broke in v1.37.1. (#10279)
+ - Ensure that inbound events from federation that were being
+ processed when Synapse was restarted get promptly processed
+ on start up. (#10303)
+ - Improved Documentation
+ - Update links to documentation in the sample config.
+ Contributed by @dklimpel. (#10287)
+ - Fix broken links in INSTALL.md. Contributed by @dklimpel.
+ (#10331)
+ - Move the upgrade notes to docs/upgrade.md and convert them to
+ markdown. (#10166)
+ - Choose Welcome & Overview as the default page for synapse
+ documentation website. (#10242)
+ - Adjust the URL in the README.rst file to point to
+ irc.libera.chat. (#10258)
+ - Fix homeserver config option name in presence router
+ documentation. (#10288)
+ - Fix link pointing at the wrong section in the modules
+ documentation page. (#10302)
+ - Internal Changes
+ - Drop Origin and Accept from the value of the
+ Access-Control-Allow-Headers response header. (#10114)
+ - Add type hints to the federation servlets. (#10213)
+ - Improve the reliability of auto-joining remote rooms.
+ (#10237)
+ - Update the release script to use the semver terminology and
+ determine the release branch based on the next version.
+ (#10239)
+ - Fix type hints for computing auth events. (#10253)
+ - Improve the performance of the spaces summary endpoint by
+ only recursing into spaces (and not rooms in general).
+ (#10256)
+ - Move event authentication methods from Auth to
+ EventAuthHandler. (#10268)
+ - Re-enable a SyTest after it has been fixed. (#10292)
+
+-------------------------------------------------------------------
+Wed Jun 30 14:03:06 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.37.1
+ This release resolves issues (such as #9490) where one busy room
+ could cause head-of-line blocking, starving Synapse from
+ processing events in other rooms, and causing all federated
+ traffic to fall behind. Synapse 1.37.1 processes inbound
+ federation traffic asynchronously, ensuring that one busy room
+ won't impact others. Please upgrade to Synapse 1.37.1 as soon as
+ possible, in order to increase resilience to other traffic
+ spikes.
+
+ - Features
+ - Handle inbound events from federation asynchronously.
+ (#10269, #10272)
+
+-------------------------------------------------------------------
+Tue Jun 29 10:44:06 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.37.0
+ This release deprecates the current spam checker interface. See
+ the upgrade notes for more information on how to update to the
+ new generic module interface.
+
+ This release also removes support for fetching and renewing TLS
+ certificates using the ACME v1 protocol, which has been fully
+ decommissioned by Let's Encrypt on June 1st 2021. Admins
+ previously using this feature should use a reverse proxy to
+ handle TLS termination, or use an external ACME client (such as
+ certbot) to retrieve a certificate and key and provide them to
+ Synapse using the tls_certificate_path and tls_private_key_path
+ configuration settings.
+
+ - Features
+ - Implement "room knocking" as per MSC2403. Contributed by
+ @Sorunome and anoa. (#6739, #9359, #10167, #10212, #10227)
+ - Add experimental support for backfilling history into rooms
+ (MSC2716). (#9247)
+ - Implement a generic interface for third-party plugin modules.
+ (#10062, #10206)
+ - Implement config option sso.update_profile_information to
+ sync SSO users' profile information with the identity
+ provider each time they login. Currently only displayname is
+ supported. (#10108)
+ - Ensure that errors during startup are written to the logs and
+ the console. (#10191)
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.25.0 that prevented the
+ ip_range_whitelist configuration option from working for
+ federation and identity servers. Contributed by @mikure.
+ (#10115)
+ - Remove a broken import line in Synapse's admin_cmd worker.
+ Broke in Synapse v1.33.0. (#10154)
+ - Fix a bug introduced in Synapse v1.21.0 which could cause
+ /sync to return immediately with an empty response. (#10157,
+ #10158)
+ - Fix a minor bug in the response to
+ /_matrix/client/r0/user/{user}/openid/request_token causing
+ expires_in to be a float instead of an integer. Contributed
+ by @lukaslihotzki. (#10175)
+ - Always require users to re-authenticate for dangerous
+ operations: deactivating an account, modifying an account
+ password, and adding 3PIDs. (#10184)
+ - Fix a bug introduced in Synpase v1.7.2 where remote server
+ count metrics collection would be incorrectly delayed on
+ startup. Found by @heftig. (#10195)
+ - Fix a bug introduced in Synapse v1.35.1 where an allow key of
+ a m.room.join_rules event could be applied for incorrect room
+ versions and configurations. (#10208)
+ - Fix performance regression in responding to user key requests
+ over federation. Introduced in Synapse v1.34.0rc1. (#10221)
+ - Improved Documentation
+ - Add a new guide to decoding request logs. (#8436)
+ - Mention in the sample homeserver config that you may need to
+ configure max upload size in your reverse proxy. Contributed
+ by @aaronraimist. (#10122)
+ - Fix broken links in documentation. (#10180)
+ - Deploy a snapshot of the documentation website upon each new
+ Synapse release. (#10198)
+ - Deprecations and Removals
+ - The current spam checker interface is deprecated in favour of
+ a new generic modules system. See the upgrade notes for more
+ information on how to update to the new system. (#10062,
+ #10210, #10238)
+ - Stop supporting the unstable spaces prefixes from MSC1772.
+ (#10161)
+ - Remove Synapse's support for automatically fetching and
+ renewing certificates using the ACME v1 protocol. This
+ protocol has been fully turned off by Let's Encrypt for
+ existing installations on June 1st 2021. Admins previously
+ using this feature should use a reverse proxy to handle TLS
+ termination, or use an external ACME client (such as certbot)
+ to retrieve a certificate and key and provide them to Synapse
+ using the tls_certificate_path and tls_private_key_path
+ configuration settings. (#10194)
+ - Internal Changes
+ - Update the database schema versioning to support gradual
+ migration away from legacy tables. (#9933)
+ - Add type hints to the federation servlets. (#10080)
+ - Improve OpenTracing for event persistence. (#10134, #10193)
+ - Clean up the interface for injecting OpenTracing over HTTP.
+ (#10143)
+ - Limit the number of in-flight /keys/query requests from a
+ single device. (#10144)
+ - Refactor EventPersistenceQueue. (#10145)
+ - Document SYNAPSE_TEST_LOG_LEVEL to see the logger output when
+ running tests. (#10148)
+ - Update the Complement build tags in GitHub Actions to test
+ currently experimental features. (#10155)
+ - Add a synapse_federation_soft_failed_events_total metric to
+ track how often events are soft failed. (#10156)
+ - Fetch the corresponding complement branch when performing CI.
+ (#10160)
+ - Add some developer documentation about boolean columns in
+ database schemas. (#10164)
+ - Add extra logging fields to better debug where events are
+ being soft failed. (#10168)
+ - Add debug logging for when we enter and exit Measure blocks.
+ (#10183)
+ - Improve comments in structured logging code. (#10188)
+ - Update MSC3083 support with modifications from the MSC.
+ (#10189)
+ - Remove redundant DNS lookup limiter. (#10190)
+ - Upgrade black linting tool to 21.6b0. (#10197)
+ - Expose OpenTracing trace id in response headers. (#10199)
+- refresh patches to apply cleanly again:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Tue Jun 15 18:04:01 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.36.0
+ - Features
+ - Add new endpoint /_matrix/client/r0/rooms/{roomId}/aliases
+ from Client-Server API r0.6.1 (previously MSC2432). (#9224)
+ - Improve performance of incoming federation transactions in
+ large rooms. (#9953, #9973)
+ - Rewrite logic around verifying JSON object and fetching
+ server keys to be more performant and use less memory.
+ (#10035)
+ - Add new admin APIs for unprotecting local media from
+ quarantine. Contributed by @dklimpel. (#10040)
+ - Add new admin APIs to remove media by media ID from
+ quarantine. Contributed by @dklimpel. (#10044)
+ - Make reason and score parameters optional for reporting
+ content. Implements MSC2414. Contributed by Callum Brown.
+ (#10077)
+ - Add support for routing more requests to workers. (#10084)
+ - Report OpenTracing spans for database activity. (#10113,
+ #10136, #10141)
+ - Significantly reduce memory usage of joining large remote
+ rooms. (#10117)
+ - Bugfixes
+ - Fix a bug which caused presence updates to stop working some
+ time after a restart, when using a presence writer worker.
+ Broke in v1.33.0. (#10149)
+ - Fix a bug when using federation sender worker where it would
+ send out more presence updates than necessary, leading to
+ high resource usage. Broke in v1.33.0. (#10163)
+ - Fix a bug where Synapse could send the same presence update
+ to a remote twice. (#10165)
+ - Fixed a bug causing replication requests to fail when
+ receiving a lot of events via federation. (#10082)
+ - Fix a bug in the force_tracing_for_users option introduced in
+ Synapse v1.35 which meant that the OpenTracing spans produced
+ were missing most tags. (#10092)
+ - Fixed a bug that could cause Synapse to stop notifying
+ application services. Contributed by Willem Mulder. (#10107)
+ - Fix bug where the server would attempt to fetch the same
+ history in the room from a remote server multiple times in
+ parallel. (#10116)
+ - Fix a bug introduced in Synapse 1.33.0 which caused
+ replication requests to fail when receiving a lot of very
+ large events via federation. (#10118)
+ - Fix bug when using workers where pagination requests failed
+ if a remote server returned zero events from /backfill.
+ Introduced in 1.35.0. (#10133)
+ - Improved Documentation
+ - Clarify security note regarding hosting Synapse on the same
+ domain as other web applications. (#9221)
+ - Update CAPTCHA documentation to mention turning off the
+ verify origin feature. Contributed by @aaronraimist. (#10046)
+ - Tweak wording of database recommendation in INSTALL.md.
+ Contributed by @aaronraimist. (#10057)
+ - Add initial infrastructure for rendering Synapse
+ documentation with mdbook. (#10086)
+ - Convert the remaining Admin API documentation files to
+ markdown. (#10089)
+ - Make a link in docs use HTTPS. Contributed by @RhnSharma.
+ (#10130)
+ - Fix broken link in Docker docs. (#10132)
+ - Deprecations and Removals
+ - Remove the experimental spaces_enabled flag. The spaces
+ features are always available now. (#10063)
+ - Internal Changes
+ - Tell CircleCI to build Docker images from main branch.
+ (#9906)
+ - Simplify naming convention for release branches to only
+ include the major and minor version numbers. (#10013)
+ - Add parse_strings_from_args for parsing an array from query
+ parameters. (#10048, #10137)
+ - Remove some dead code regarding TLS certificate handling.
+ (#10054)
+ - Remove redundant, unmaintained convert_server_keys script.
+ (#10055)
+ - Improve the error message printed by synctl when synapse
+ fails to start. (#10059)
+ - Fix GitHub Actions lint for newsfragments. (#10069)
+ - Update opentracing to inject the right context into the
+ carrier. (#10074)
+ - Fix up BatchingQueue implementation. (#10078)
+ - Log method and path when dropping request due to size limit.
+ (#10091)
+ - In Github Actions workflows, summarize the Sytest results in
+ an easy-to-read format. (#10094)
+ - Make /sync do fewer state resolutions. (#10102)
+ - Add missing type hints to the admin API servlets. (#10105)
+ - Improve opentracing annotations for Notifier. (#10111)
+ - Enable Prometheus metrics for the jaeger client library.
+ (#10112)
+ - Work to improve the responsiveness of /sync requests.
+ (#10124)
+ - OpenTracing: use a consistent name for background processes.
+ (#10135)
+
+-------------------------------------------------------------------
+Thu Jun 3 15:16:29 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.35.1:
+ - Bugfixes
+ - Fix a bug introduced in v1.35.0 where invite-only rooms would
+ be shown to all users in a space, regardless of if the user
+ had access to it. (#10109)
+
+-------------------------------------------------------------------
+Tue Jun 1 16:27:57 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.35.0
+ - Deprecations and Removals
+ - The core Synapse development team plan to drop support for
+ the unstable API of MSC2858, including the undocumented
+ experimental.msc2858_enabled config option, in August 2021.
+ Client authors should ensure that their clients are updated
+ to use the stable API (which has been supported since Synapse
+ 1.30) well before that time, to give their users time to
+ upgrade. (#10101)
+ - Features
+ - Add experimental support to allow a user who could join a
+ restricted room to view it in the spaces summary. (#9922,
+ #10007, #10038)
+ - Reduce memory usage when joining very large rooms over
+ federation. (#9958)
+ - Add a configuration option which allows enabling opentracing
+ by user id. (#9978)
+ - Enable experimental support for MSC2946 (spaces summary API)
+ and MSC3083 (restricted join rules) by default. (#10011)
+ - Bugfixes
+ - Fixed a bug causing replication requests to fail when
+ receiving a lot of events via federation. Introduced in
+ v1.33.0. (#10082)
+ - Fix HTTP response size limit to allow joining very large
+ rooms over federation. Introduced in v1.33.0. (#10093)
+ - Fix a bug introduced in v1.35.0rc1 when calling the spaces
+ summary API via a GET request. (#10079)
+ - Fix a bug introduced in v1.26.0 which meant that
+ synapse_port_db would not correctly initialise some postgres
+ sequences, requiring manual updates afterwards. (#9991)
+ - Fix synctl's --no-daemonize parameter to work correctly with
+ worker processes. (#9995)
+ - Fix a validation bug introduced in v1.34.0 in the ordering of
+ spaces in the space summary API. (#10002)
+ - Fixed deletion of new presence stream states from database.
+ (#10014, #10033)
+ - Fixed a bug with very high resolution image uploads throwing
+ internal server errors. (#10029)
+ - Updates to the Docker image
+ - Fix bug introduced in Synapse 1.33.0 which caused a
+ Permission denied: '/homeserver.log' error when starting
+ Synapse with the generated log configuration. Contributed by
+ Sergio Miguéns Iglesias. (#10045)
+ - Improved Documentation
+ - Add hardened systemd files as proposed in #9760 and added
+ them to contrib/. Change the docs to reflect the presence of
+ these files. (#9803)
+ - Clarify documentation around SSO mapping providers generating
+ unique IDs and localparts. (#9980)
+ - Updates to the PostgreSQL documentation (postgres.md).
+ (#9988, #9989)
+ - Fix broken link in user directory documentation. Contributed
+ by @junquera. (#10016)
+ - Add missing room state entry to the table of contents of room
+ admin API. (#10043)
+ - Deprecations and Removals
+ - Removed support for the deprecated tls_fingerprints
+ configuration setting. Contributed by Jerin J Titus. (#9280)
+ - Internal Changes
+ - Log method and path when dropping request due to size limit.
+ (#10091)
+ - Allow sending full presence to users via workers other than
+ the one that called ModuleApi.send_local_online_presence_to.
+ (#9823)
+ - Update comments in the space summary handler. (#9974)
+ - Minor enhancements to the @cachedList descriptor. (#9975)
+ - Split multipart email sending into a dedicated handler.
+ (#9977)
+ - Run black on files in the scripts directory. (#9981)
+ - Add missing type hints to synapse.util module. (#9982)
+ - Simplify a few helper functions. (#9984, #9985, #9986)
+ - Remove unnecessary property from SQLBaseStore. (#9987)
+ - Remove keylen param on LruCache. (#9993)
+ - Update the Grafana dashboard in contrib/. (#10001)
+ - Add a batching queue implementation. (#10017)
+ - Reduce memory usage when verifying signatures on large
+ numbers of events at once. (#10018)
+ - Properly invalidate caches for destination retry timings
+ every (instead of expiring entries every 5 minutes). (#10036)
+ - Fix running complement tests with Synapse workers. (#10039)
+ - Fix typo in get_state_ids_for_event docstring where the
+ return type was incorrect. (#10050)
+- new dependency python3-ijson
+- refresh patches to apply cleanly again
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Sun May 30 17:50:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- fix requires on Tumbleweed. the %if is ugly but there is no
+ better solution right now short of adding our own macro to
+ generates the requires based on the provides of other packages.
+
+-------------------------------------------------------------------
+Wed May 19 15:50:36 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Switch package to use sysuser
+- Cleanup duplicated buildrequires and switch to %requires_eq for
+ the base python as well
+
+-------------------------------------------------------------------
+Mon May 17 12:18:10 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.34.0
+ This release deprecates the room_invite_state_types configuration
+ setting. See the upgrade notes for instructions on updating your
+ configuration file to use the new room_prejoin_state setting.
+
+ This release also deprecates the POST
+ /_synapse/admin/v1/rooms/<room_id>/delete admin API route. Server
+ administrators are encouraged to update their scripts to use the
+ new DELETE /_synapse/admin/v1/rooms/<room_id> route instead.
+
+ - Features
+ - Add experimental option to track memory usage of the caches.
+ (#9881)
+ - Add support for DELETE /_synapse/admin/v1/rooms/<room_id>.
+ (#9889)
+ - Add limits to how often Synapse will GC, ensuring that large
+ servers do not end up GC thrashing if gc_thresholds has not
+ been correctly set. (#9902)
+ - Improve performance of sending events for worker-based
+ deployments using Redis. (#9905, #9950, #9951)
+ - Improve performance after joining a large room when presence
+ is enabled. (#9910, #9916)
+ - Support stable identifiers for MSC1772 Spaces. m.space.child
+ events will now be taken into account when populating the
+ experimental spaces summary response. Please see the upgrade
+ notes if you have customised room_invite_state_types in your
+ configuration. (#9915, #9966)
+ - Improve performance of backfilling in large rooms. (#9935)
+ - Add a config option to allow you to prevent device display
+ names from being shared over federation. Contributed by
+ @aaronraimist. (#9945)
+ - Update support for MSC2946: Spaces Summary. (#9947, #9954)
+ - Bugfixes
+ - Fix a bug introduced in v1.32.0 where the associated
+ connection was improperly logged for SQL logging statements.
+ (#9895)
+ - Correct the type hint for the user_may_create_room_alias
+ method of spam checkers. It is provided a RoomAlias, not a
+ str. (#9896)
+ - Fix bug where user directory could get out of sync if room
+ visibility and membership changed in quick succession.
+ (#9910)
+ - Include the origin_server_ts property in the experimental
+ MSC2946 support to allow clients to properly sort rooms.
+ (#9928)
+ - Fix bugs introduced in v1.23.0 which made the PostgreSQL port
+ script fail when run with a newly-created SQLite database.
+ (#9930)
+ - Fix a bug introduced in Synapse 1.29.0 which caused
+ m.room_key_request to-device messages sent from one user to
+ another to be dropped. (#9961, #9965)
+ - Fix a bug introduced in v1.27.0 preventing users and
+ appservices exempt from ratelimiting from creating rooms with
+ many invitees. (#9968)
+ - Updates to the Docker image
+ - Add startup_delay to docker healthcheck to reduce waiting
+ time for coming online and update the documentation with
+ extra options. Contributed by @maquis196. (#9913)
+ - Improved Documentation
+ - Add port argument to the Postgres database sample config
+ section. (#9911)
+ - Deprecations and Removals
+ - Mark as deprecated POST
+ /_synapse/admin/v1/rooms/<room_id>/delete. (#9889)
+ - Internal Changes
+ - Reduce the length of Synapse's access tokens. (#5588)
+ - Export jemalloc stats to Prometheus if it is being used.
+ (#9882)
+ - Add type hints to presence handler. (#9885)
+ - Reduce memory usage of the LRU caches. (#9886)
+ - Add type hints to the synapse.handlers module. (#9896)
+ - Time response time for external cache requests. (#9904)
+ - Minor fixes to the make_full_schema.sh script. (#9931)
+ - Move database schema files into a common directory. (#9932)
+ - Add debug logging for lost/delayed to-device messages.
+ (#9959)
+- enable cache_memory feature: new BR Pympler
+
+-------------------------------------------------------------------
+Tue May 11 13:46:25 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.33.2
+ Due to the security issue highlighted below, server
+ administrators are encouraged to update Synapse. We are not aware
+ of these vulnerabilities being exploited in the wild.
+
+ Security advisory
+ This release fixes a denial of service attack (CVE-2021-29471)
+ against Synapse's push rules implementation. Server admins are
+ encouraged to upgrade.
+
+ - Internal Changes
+ - Unpin attrs dependency. (#9946)
+
+-------------------------------------------------------------------
+Thu May 6 14:44:02 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.33.1
+ - Bugfixes
+ - Fix bug where /sync would break if using the latest version
+ of attrs dependency, by pinning to a previous version.
+ (#9937)
+- sync BuildRequires with synapse/python_dependencies.py
+ - Jinja2 dep is now always required
+
+-------------------------------------------------------------------
+Wed May 5 18:45:30 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.33.0
+ - Features
+ - Update experimental support for MSC3083: restricting room
+ access via group membership. (#9800, #9814)
+ - Add experimental support for handling presence on a worker.
+ (#9819, #9820, #9828, #9850)
+ - Return a new template when an user attempts to renew their
+ account multiple times with the same token, stating that
+ their account is set to expire. This replaces the invalid
+ token template that would previously be shown in this case.
+ This change concerns the optional account validity feature.
+ (#9832)
+ - Bugfixes
+ - Fix tight loop when handling presence replication when using
+ workers. Introduced in v1.33.0rc1. (#9900)
+ - Fixes the OIDC SSO flow when using a public_baseurl value
+ including a non-root URL path. (#9726)
+ - Fix thumbnail generation for some sites with non-standard
+ content types. Contributed by @rkfg. (#9788)
+ - Add some sanity checks to identity server passed to 3PID
+ bind/unbind endpoints. (#9802)
+ - Limit the size of HTTP responses read over federation.
+ (#9833)
+ - Fix a bug which could cause Synapse to get stuck in a loop of
+ resyncing device lists. (#9867)
+ - Fix a long-standing bug where errors from federation did not
+ propagate to the client. (#9868)
+ - Improved Documentation
+ - Add a note to the docker docs mentioning that we mirror
+ upstream's supported Docker platforms. (#9801)
+ - Internal Changes
+ - Add a dockerfile for running Synapse in worker-mode under
+ Complement. (#9162)
+ - Apply pyupgrade across the codebase. (#9786)
+ - Move some replication processing out of generic_worker.
+ (#9796)
+ - Replace HomeServer.get_config() with inline references.
+ (#9815)
+ - Rename some handlers and config modules to not duplicate the
+ top-level module. (#9816)
+ - Fix a long-standing bug which caused max_upload_size to not
+ be correctly enforced. (#9817)
+ - Reduce CPU usage of the user directory by reusing existing
+ calculated room membership. (#9821)
+ - Small speed up for joining large remote rooms. (#9825)
+ - Introduce flake8-bugbear to the test suite and fix some of
+ its lint violations. (#9838)
+ - Only store the raw data in the in-memory caches, rather than
+ objects that include references to e.g. the data stores.
+ (#9845)
+ - Limit length of accepted email addresses. (#9855)
+ - Remove redundant synapse.types.Collection type definition.
+ (#9856)
+ - Handle recently added rate limits correctly when using
+ --no-rate-limit with the demo scripts. (#9858)
+ - Disable invite rate-limiting by default when running the unit
+ tests. (#9871)
+ - Pass a reactor into SynapseSite to make testing easier.
+ (#9874)
+ - Make DomainSpecificString an attrs class. (#9875)
+ - Add type hints to synapse.api.auth and
+ synapse.api.auth_blocking modules. (#9876)
+ - Remove redundant _PushHTTPChannel test class. (#9878)
+ - Remove backwards-compatibility code for Python versions <
+ 3.6. (#9879)
+ - Small performance improvement around handling new local
+ presence updates. (#9887)
+- refreshed patches:
+ dont-bump-cryptography-with-system-openssl.patch
+ matrix-synapse-1.4.1-paths.patch
+
+-------------------------------------------------------------------
+Thu Apr 22 11:12:46 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to v1.32.2
+ - Bugfixes
+ - Fix a regression in Synapse 1.32.0 and 1.32.1 which caused
+ LoggingContext errors in plugins. (#9857)
+
+-------------------------------------------------------------------
+Wed Apr 21 14:08:11 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to v1.32.1
+
+ This release fixes a regression in Synapse 1.32.0 that caused
+ connected Prometheus instances to become unstable. If you ran
+ Synapse 1.32.0 with Prometheus metrics, first upgrade to Synapse
+ 1.32.1 and follow these instructions to clean up any excess
+ writeahead logs.
+
+ - Bugfixes
+ - Fix a regression in Synapse 1.32.0 which caused Synapse to
+ report large numbers of Prometheus time series, potentially
+ overwhelming Prometheus instances. (#9854)
+
+-------------------------------------------------------------------
+Tue Apr 20 17:15:24 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to v1.32.0
+ This release removes the deprecated GET
+ /_synapse/admin/v1/users/<user_id> admin API. Please use the v2
+ API instead, which has improved capabilities.
+
+ This release requires Application Services to use type
+ m.login.application_services when registering users via the
+ /_matrix/client/r0/register endpoint to comply with the spec.
+ Please ensure your Application Services are up to date.
+
+ - Features
+ - Add a Synapse module for routing presence updates between
+ users. (#9491)
+ - Add an admin API to manage ratelimit for a specific user.
+ (#9648)
+ - Include request information in structured logging output.
+ (#9654)
+ - Add order_by to the admin API GET /_synapse/admin/v2/users.
+ Contributed by @dklimpel. (#9691)
+ - Replace the room_invite_state_types configuration setting
+ with room_prejoin_state. (#9700)
+ - Add experimental support for MSC3083: restricting room access
+ via group membership. (#9717, #9735)
+ - Update experimental support for Spaces: include m.room.create
+ in the room state sent with room-invites. (#9710)
+ - Synapse now requires Python 3.6 or later. It also requires
+ Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
+ - Bugfixes
+ - Fix the log lines of nested logging contexts. Broke in
+ 1.32.0rc1. (#9829)
+ - Prevent synapse_forward_extremities and
+ synapse_excess_extremity_events Prometheus metrics from
+ initially reporting zero-values after startup. (#8926)
+ - Fix recently added ratelimits to correctly honour the
+ application service rate_limited flag. (#9711)
+ - Fix longstanding bug which caused duplicate key value
+ violates unique constraint
+ "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key"
+ errors. (#9725)
+ - Fix bug where sharded federation senders could get stuck
+ repeatedly querying the DB in a loop, using lots of CPU.
+ (#9770)
+ - Fix duplicate logging of exceptions thrown during federation
+ transaction processing. (#9780)
+ - Updates to the Docker image
+ - Move opencontainers labels to the final Docker image such
+ that users can inspect them. (#9765)
+ - Improved Documentation
+ - Make the allowed_local_3pids regex example in the sample
+ config stricter. (#9719)
+ - Deprecations and Removals
+ - Remove old admin API GET /_synapse/admin/v1/users/<user_id>.
+ (#9401)
+ - Make /_matrix/client/r0/register expect a type of
+ m.login.application_service when an Application Service
+ registers a user, to align with the relevant spec. (#9548)
+ - Internal Changes
+ - Replace deprecated imp module with successor importlib.
+ Contributed by Cristina Muñoz. (#9718)
+ - Experiment with GitHub Actions for CI. (#9661)
+ - Introduce flake8-bugbear to the test suite and fix some of
+ its lint violations. (#9682)
+ - Update scripts-dev/complement.sh to use a local checkout of
+ Complement, allow running a subset of tests and have it use
+ Synapse's Complement test blacklist. (#9685)
+ - Improve Jaeger tracing for to_device messages. (#9686)
+ - Add release helper script for automating part of the Synapse
+ release process. (#9713)
+ - Add type hints to expiring cache. (#9730)
+ - Convert various testcases to HomeserverTestCase. (#9736)
+ - Start linting mypy with no_implicit_optional. (#9742)
+ - Add missing type hints to federation handler and server.
+ (#9743)
+ - Check that a ConfigError is raised, rather than simply
+ Exception, when appropriate in homeserver config file
+ generation tests. (#9753)
+ - Fix incompatibility with tox 2.5. (#9769)
+ - Enable Complement tests for MSC2946: Spaces Summary API.
+ (#9771)
+ - Use mock from the standard library instead of a separate
+ package. (#9772)
+ - Update Black configuration to target Python 3.6. (#9781)
+ - Add option to skip unit tests when building Debian packages.
+ (#9793)
+
+-------------------------------------------------------------------
+Tue Apr 6 13:17:11 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.31.0
+ Note: As announced in v1.25.0, and in line with the deprecation
+ policy for platform dependencies, this is the last release to
+ support Python 3.5 and PostgreSQL 9.5. Future versions of Synapse
+ will require Python 3.6+ and PostgreSQL 9.6+, as per our
+ deprecation policy.
+
+ - Features
+ - Add support to OpenID Connect login for requiring attributes
+ on the userinfo response. Contributed by Hubbte King. (#9609)
+ - Add initial experimental support for a "space summary" API.
+ (#9643, #9652, #9653)
+ - Add support for the busy presence state as described in
+ MSC3026. (#9644)
+ - Add support for credentials for proxy authentication in the
+ HTTPS_PROXY environment variable. (#9657)
+ - Bugfixes
+ - Fix a longstanding bug that could cause issues when editing a
+ reply to a message. (#9585)
+ - Fix the /capabilities endpoint to return m.change_password as
+ disabled if the local password database is not used for
+ authentication. Contributed by @dklimpel. (#9588)
+ - Check if local passwords are enabled before setting them for
+ the user. (#9636)
+ - Fix a bug where federation sending can stall due to
+ concurrent access database exceptions when it falls behind.
+ (#9639)
+ - Fix a bug introduced in Synapse 1.30.1 which meant the
+ suggested pip incantation to install an updated cryptography
+ was incorrect. (#9699)
+ - Updates to the Docker image
+ - Speed up Docker builds and make it nicer to test against
+ Complement while developing (install all dependencies before
+ copying the project). (#9610)
+ - Include opencontainers labels in the Docker image. (#9612)
+ - Improved Documentation
+ - Add a document describing the deprecation policy for platform
+ dependencies. (#9723)
+ - Clarify that register_new_matrix_user is present also when
+ installed via non-pip package. (#9074)
+ - Update source install documentation to mention platform
+ prerequisites before the source install steps. (#9667)
+ - Improve worker documentation for fallback/web auth endpoints.
+ (#9679)
+ - Update the sample configuration for OIDC authentication.
+ (#9695)
+ - Internal Changes
+ - Revert using dmypy run in lint script. (#9720)
+ - Pin flake8-bugbear's version. (#9734)
+ - Preparatory steps for removing redundant outlier data from
+ event_json.internal_metadata column. (#9411)
+ - Add type hints to the caching module. (#9442)
+ - Introduce flake8-bugbear to the test suite and fix some of
+ its lint violations. (#9499, #9659)
+ - Add additional type hints to the Homeserver object. (#9631,
+ #9638, #9675, #9681)
+ - Only save remote cross-signing and device keys if they're
+ different from the current ones. (#9634)
+ - Rename storage function to fix spelling and not conflict with
+ another function's name. (#9637)
+ - Improve performance of federation catch up by sending the
+ latest events in the room to the remote, rather than just the
+ last event sent by the local server. (#9640, #9664)
+ - In the federation_client commandline client, stop
+ automatically adding the URL prefix, so that servlets on
+ other prefixes can be tested. (#9645)
+ - In the federation_client commandline client, handle inline
+ signing_keys in homeserver.yaml. (#9647)
+ - Fixed some antipattern issues to improve code quality.
+ (#9649)
+ - Add a storage method for pulling all current user presence
+ state from the database. (#9650)
+ - Import HomeServer from the proper module. (#9665)
+ - Increase default join ratelimiting burst rate. (#9674)
+ - Add type hints to third party event rules and visibility
+ modules. (#9676)
+ - Bump mypy-zope to 0.2.13 to fix "Cannot determine consistent
+ method resolution order (MRO)" errors when running mypy a
+ second time. (#9678)
+ - Use interpreter from $PATH via /usr/bin/env instead of
+ absolute paths in various scripts. (#9689)
+ - Make it possible to use dmypy. (#9692)
+ - Suppress "CryptographyDeprecationWarning: int_from_bytes is
+ deprecated". (#9698)
+ - Use dmypy run in lint script for improved performance in
+ type-checking while developing. (#9701)
+ - Fix undetected mypy error when using Python 3.6. (#9703)
+ - Fix type-checking CI on develop. (#9709)
+
+-------------------------------------------------------------------
+Fri Mar 26 12:39:34 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.30.1
+ This release is identical to Synapse 1.30.0, with the exception
+ of explicitly setting a minimum version of Python's Cryptography
+ library to ensure that users of Synapse are protected from the
+ recent OpenSSL security advisories, especially CVE-2021-3449.
+ - Internal Changes
+ - Enforce that `cryptography` dependency is up to date to
+ ensure it has the most recent openssl patches. (#9697)
+
+- Note: we do not bump the cryptography dependency in our package
+ as we use the system OpenSSL which gets the fix.
+
+ Add dont-bump-cryptography-with-system-openssl.patch to comment
+ out the dependency because otherwise the newer version
+ requirement is enforced on startup
+
+-------------------------------------------------------------------
+Mon Mar 22 14:02:31 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.30.0
+ Note that this release deprecates the ability for appservices to
+ call POST /_matrix/client/r0/register without the body parameter
+ type. Appservice developers should use a type value of
+ m.login.application_service as per the spec. In future releases,
+ calling this endpoint with an access token - but without a
+ m.login.application_service type - will fail.
+
+ - Features
+ - Add prometheus metrics for number of users successfully
+ registering and logging in. (#9510, #9511, #9573)
+ - Add synapse_federation_last_sent_pdu_time and
+ synapse_federation_last_received_pdu_time prometheus metrics,
+ which monitor federation delays by reporting the timestamps
+ of messages sent and received to a set of remote servers.
+ (#9540)
+ - Add support for generating JSON Web Tokens dynamically for
+ use as OIDC client secrets. (#9549)
+ - Optimise handling of incomplete room history for incoming
+ federation. (#9601)
+ - Finalise support for allowing clients to pick an SSO Identity
+ Provider (MSC2858). (#9617)
+ - Tell spam checker modules about the SSO IdP a user registered
+ through if one was used. (#9626)
+ - Bugfixes
+ - Fix long-standing bug when generating thumbnails for some
+ images with transparency: TypeError: cannot unpack
+ non-iterable int object. (#9473)
+ - Purge chain cover indexes for events that were purged prior
+ to Synapse v1.29.0. (#9542, #9583)
+ - Fix bug where federation requests were not correctly retried
+ on 5xx responses. (#9567)
+ - Fix re-activating an account via the admin API when local
+ passwords are disabled. (#9587)
+ - Fix a bug introduced in Synapse 1.20 which caused incoming
+ federation transactions to stack up, causing slow recovery
+ from outages. (#9597)
+ - Fix a bug introduced in v1.28.0 where the OpenID Connect
+ callback endpoint could error with a MacaroonInitException.
+ (#9620)
+ - Fix Internal Server Error on GET
+ /_synapse/client/saml2/authn_response request. (#9623)
+ - Updates to the Docker image
+ - Use jemalloc if available in docker. (#8553)
+ - Improved Documentation
+ - Add relayd entry to reverse proxy example configurations.
+ (#9508)
+ - Improve the SAML2 upgrade notes for 1.27.0. (#9550)
+ - Link to the "List user's media" admin API from the media
+ admin API docs. (#9571)
+ - Clarify the spam checker modules documentation example to
+ mention that parse_config is a required method. (#9580)
+ - Clarify the sample configuration for stats settings. (#9604)
+ - Deprecations and Removals
+ - The synapse_federation_last_sent_pdu_age and
+ synapse_federation_last_received_pdu_age prometheus metrics
+ have been removed. They are replaced by
+ synapse_federation_last_sent_pdu_time and
+ synapse_federation_last_received_pdu_time. (#9540)
+ - Registering an Application Service user without using the
+ m.login.application_service login type will be unsupported in
+ an upcoming Synapse release. (#9559)
+ - Internal Changes
+ - Add tests to ResponseCache. (#9458)
+ - Add type hints to purge room and server notice admin API.
+ (#9520)
+ - Add extra logging to ObservableDeferred when callbacks throw
+ exceptions. (#9523)
+ - Fix incorrect type hints. (#9528, #9543, #9591, #9608, #9618)
+ - Add an additional test for purging a room. (#9541)
+ - Add a .git-blame-ignore-revs file with the hashes of
+ auto-formatting. (#9560)
+ - Increase the threshold before which outbound federation to a
+ server goes into "catch up" mode, which is expensive for the
+ remote server to handle. (#9561)
+ - Fix spurious errors reported by the config-lint.sh script.
+ (#9562)
+ - Fix type hints and tests for BlacklistingAgentWrapper and
+ BlacklistingReactorWrapper. (#9563)
+ - Do not have mypy ignore type hints from unpaddedbase64.
+ (#9568)
+ - Improve efficiency of calculating the auth chain in large
+ rooms. (#9576)
+ - Convert synapse.types.Requester to an attrs class. (#9586)
+ - Add logging for redis connection setup. (#9590)
+ - Improve logging when processing incoming transactions.
+ (#9596)
+ - Remove unused stats.retention setting, and emit a warning if
+ stats are disabled. (#9604)
+ - Prevent attempting to bundle aggregations for state events in
+ /context APIs. (#9619)
+
+-------------------------------------------------------------------
+Mon Mar 8 21:27:57 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.29.0
+ Note that synapse now expects an X-Forwarded-Proto header when
+ used with a reverse proxy. Please see UPGRADE.rst for more
+ details on this change.
+
+ - Features
+ - Add rate limiters to cross-user key sharing requests. (#8957)
+ - Add order_by to the admin API GET
+ /_synapse/admin/v1/users/<user_id>/media. Contributed by
+ @dklimpel. (#8978)
+ - Add some configuration settings to make users' profile data
+ more private. (#9203)
+ - The no_proxy and NO_PROXY environment variables are now
+ respected in proxied HTTP clients with the lowercase form
+ taking precedence if both are present. Additionally, the
+ lowercase https_proxy environment variable is now respected
+ in proxied HTTP clients on top of existing support for the
+ uppercase HTTPS_PROXY form and takes precedence if both are
+ present. Contributed by Timothy Leung. (#9372)
+ - Add a configuration option,
+ user_directory.prefer_local_users, which when enabled will
+ make it more likely for users on the same server as you to
+ appear above other users. (#9383, #9385)
+ - Add support for regenerating thumbnails if they have been
+ deleted but the original image is still stored. (#9438)
+ - Add support for X-Forwarded-Proto header when using a reverse
+ proxy. (#9472, #9501, #9512, #9539)
+ - Bugfixes
+ - Fix a bug where users' pushers were not all deleted when they
+ deactivated their account. (#9285, #9516)
+ - Fix a bug where a lot of unnecessary presence updates were
+ sent when joining a room. (#9402)
+ - Fix a bug that caused multiple calls to the experimental
+ shared_rooms endpoint to return stale results. (#9416)
+ - Fix a bug in single sign-on which could cause a "No session
+ cookie found" error. (#9436)
+ - Fix bug introduced in v1.27.0 where allowing a user to choose
+ their own username when logging in via single sign-on did not
+ work unless an idp_icon was defined. (#9440)
+ - Fix a bug introduced in v1.26.0 where some sequences were not
+ properly configured when running synapse_port_db. (#9449)
+ - Fix deleting pushers when using sharded pushers. (#9465,
+ #9466, #9479, #9536)
+ - Fix missing startup checks for the consistency of certain
+ PostgreSQL sequences. (#9470)
+ - Fix a long-standing bug where the media repository could leak
+ file descriptors while previewing media. (#9497)
+ - Properly purge the event chain cover index when purging
+ history. (#9498)
+ - Fix missing chain cover index due to a schema delta not being
+ applied correctly. Only affected servers that ran development
+ versions. (#9503)
+ - Fix a bug introduced in v1.25.0 where /_synapse/admin/join/
+ would fail when given a room alias. (#9506)
+ - Prevent presence background jobs from running when presence
+ is disabled. (#9530)
+ - Fix rare edge case that caused a background update to fail if
+ the server had rejected an event that had duplicate auth
+ events. (#9537)
+ - Improved Documentation
+ - Update the example systemd config to propagate reloads to
+ individual units. (#9463)
+ - Internal Changes
+ - Add documentation and type hints to parse_duration. (#9432)
+ - Remove vestiges of uploads_path configuration setting.
+ (#9462)
+ - Add a comment about systemd-python. (#9464)
+ - Test that we require validated email for email pushers.
+ (#9496)
+ - Allow python to generate bytecode for synapse. (#9502)
+ - Fix incorrect type hints. (#9515, #9518)
+ - Add type hints to device and event report admin API. (#9519)
+ - Add type hints to user admin API. (#9521)
+ - Bump the versions of mypy and mypy-zope used for static type
+ checking. (#9529)
+
+-------------------------------------------------------------------
+Thu Feb 25 22:00:48 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.28.0
+ This release fixes the documentation included in v1.27.0 around
+ the callback URI for SAML2 identity providers. If your server is
+ configured to use single sign-on via a SAML2 IdP, you may need to
+ make configuration changes. Please review UPGRADE.rst for more
+ details on these changes.
+
+ Removal warning
+ - The v1 list accounts API is deprecated and will be removed in a
+ future release. This API was undocumented and misleading. It
+ can be replaced by the v2 list accounts API, which has been
+ available since Synapse 1.7.0 (2019-12-13).
+
+ - Please check if you're using any scripts which use the admin
+ API and replace GET /_synapse/admin/v1/users/<user_id> with GET
+ /_synapse/admin/v2/users.
+
+ - Features
+ - New admin API to get the context of an event:
+ /_synapse/admin/rooms/{roomId}/context/{eventId}. (#9150)
+ - Further improvements to the user experience of registration
+ via single sign-on. (#9300, #9301)
+ - Add hook to spam checker modules that allow checking file
+ uploads and remote downloads. (#9311)
+ - Add support for receiving OpenID Connect authentication
+ responses via form POSTs rather than GETs. (#9376)
+ - Add the shadow-banning status to the admin API for user info.
+ (#9400)
+ - Bugfixes
+ - Fix long-standing bug where sending email notifications would
+ fail for rooms that the server had since left. (#9257)
+ - Fix bug in Synapse 1.27.0rc1 which meant the "session
+ expired" error page during SSO registration was badly
+ formatted. (#9296)
+ - Assert a maximum length for some parameters for spec
+ compliance. (#9321, #9393)
+ - Fix additional errors when previewing URLs: "AttributeError
+ 'NoneType' object has no attribute 'xpath'" and "ValueError:
+ Unicode strings with encoding declaration are not supported.
+ Please use bytes input or XML fragments without
+ declaration.". (#9333)
+ - Fix a bug causing Synapse to impose the wrong type
+ constraints on fields when processing responses from
+ appservices to /_matrix/app/v1/thirdparty/user/{protocol}.
+ (#9361)
+ - Fix bug where Synapse would occasionally stop reconnecting to
+ Redis after the connection was lost. (#9391)
+ - Fix a long-standing bug when upgrading a room: "TypeError:
+ '>' not supported between instances of 'NoneType' and 'int'".
+ (#9395)
+ - Reduce the amount of memory used when generating the URL
+ preview of a file that is larger than the max_spider_size.
+ (#9421)
+ - Fix a long-standing bug in the deduplication of old presence,
+ resulting in no deduplication. (#9425)
+ - The ui_auth.session_timeout config option can now be
+ specified in terms of number of seconds/minutes/etc/.
+ Contributed by Rishabh Arya. (#9426)
+ - Fix a bug introduced in v1.27.0: "TypeError: int() argument
+ must be a string, a bytes-like object or a number, not
+ 'NoneType." related to the user directory. (#9428)
+ - Updates to the Docker image
+ - Drop support for ARMv7 in Docker images. (#9433)
+ - Improved Documentation
+ - Reorganize CHANGELOG.md. (#9281)
+ - Add note to auto_join_rooms config option explaining existing
+ rooms must be publicly joinable. (#9291)
+ - Correct name of Synapse's service file in TURN howto. (#9308)
+ - Fix the braces in the oidc_providers section of the sample
+ config. (#9317)
+ - Update installation instructions on Fedora. (#9322)
+ - Add HTTP/2 support to the nginx example configuration.
+ Contributed by David Vo. (#9390)
+ - Update docs for using Gitea as OpenID provider. (#9404)
+ - Document that pusher instances are shardable. (#9407)
+ - Fix erroneous documentation from v1.27.0 about updating the
+ SAML2 callback URL. (#9434)
+ - Deprecations and Removals
+ - Deprecate old admin API GET
+ /_synapse/admin/v1/users/<user_id>. (#9429)
+ - Internal Changes
+ - Revert change in v1.28.0rc1 to remove the deprecated SAML
+ endpoint. (#9474)
+ - Fix 'object name reserved for internal use' errors with
+ recent versions of SQLite. (#9003)
+ - Add experimental support for running Synapse with PyPy.
+ (#9123)
+ - Deny access to additional IP addresses by default. (#9240)
+ - Update the Cursor type hints to better match PEP 249. (#9299)
+ - Add debug logging for SRV lookups. Contributed by @Bubu.
+ (#9305)
+ - Improve logging for OIDC login flow. (#9307)
+ - Share the code for handling required attributes between the
+ CAS and SAML handlers. (#9326)
+ - Clean up the code to load the metadata for OpenID Connect
+ identity providers. (#9362)
+ - Convert tests to use HomeserverTestCase. (#9377, #9396)
+ - Update the version of black used to 20.8b1. (#9381)
+ - Allow OIDC config to override discovered values. (#9384)
+ - Remove some dead code from the acceptance of room invites
+ path. (#9394)
+ - Clean up an unused method in the presence handler code.
+ (#9408)
+
+-------------------------------------------------------------------
+Tue Feb 16 14:12:41 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.27.0
+ Note that this release includes a change in Synapse to use Redis
+ as a cache ─ as well as a pub/sub mechanism ─ if Redis support is
+ enabled for workers. No action is needed by server
+ administrators, and we do not expect resource usage of the Redis
+ instance to change dramatically.
+
+ This release also changes the callback URI for OpenID Connect
+ (OIDC) identity providers. If your server is configured to use
+ single sign-on via an OIDC/OAuth2 IdP, you may need to make
+ configuration changes. Please review UPGRADE.rst for more details
+ on these changes.
+
+ This release also changes escaping of variables in the HTML
+ templates for SSO or email notifications. If you have customised
+ these templates, please review UPGRADE.rst for more details on
+ these changes.
+
+ - Features
+ - Further improvements to the user experience of registration
+ via single sign-on. (#9297)
+ - Add an admin API for getting and deleting forward extremities
+ for a room. (#9062)
+ - Add an admin API for retrieving the current room state of a
+ room. (#9168)
+ - Add experimental support for allowing clients to pick an SSO
+ Identity Provider (MSC2858). (#9183, #9242)
+ - Add an admin API endpoint for shadow-banning users. (#9209)
+ - Add ratelimits to the 3PID /requestToken APIs. (#9238)
+ - Add support to the OpenID Connect integration for adding the
+ user's email address. (#9245)
+ - Add ratelimits to invites in rooms and to specific users.
+ (#9258)
+ - Improve the user experience of setting up an account via
+ single-sign on. (#9262, #9272, #9275, #9276, #9277, #9286,
+ #9287)
+ - Add phone home stats for encrypted messages. (#9283)
+ - Update the redirect URI for OIDC authentication. (#9288)
+ - Bugfixes
+ - Fix ratelimiting introduced in v1.27.0rc1 for invites to
+ respect the ratelimit flag on application services. (#9302)
+ - Do not automatically calculate public_baseurl since it can be
+ wrong in some situations. Reverts behaviour introduced in
+ v1.26.0. (#9313)
+ - Fix spurious errors in logs when deleting a non-existant
+ pusher. (#9121)
+ - Fix a long-standing bug where Synapse would return a 500
+ error when a thumbnail did not exist (and auto-generation of
+ thumbnails was not enabled). (#9163)
+ - Fix a long-standing bug where an internal server error was
+ raised when attempting to preview an HTML document in an
+ unknown character encoding. (#9164)
+ - Fix a long-standing bug where invalid data could cause errors
+ when calculating the presentable room name for push. (#9165)
+ - Fix bug where we sometimes didn't detect that Redis
+ connections had died, causing workers to not see new data.
+ (#9218)
+ - Fix a bug where None was passed to Synapse modules instead of
+ an empty dictionary if an empty module config block was
+ provided in the homeserver config. (#9229)
+ - Fix a bug in the make_room_admin admin API where it failed if
+ the admin with the greatest power level was not in the room.
+ Contributed by Pankaj Yadav. (#9235)
+ - Prevent password hashes from getting dropped if a client
+ failed threepid validation during a User Interactive Auth
+ stage. Removes a workaround for an ancient bug in Riot Web
+ <v0.7.4. (#9265)
+ - Fix single-sign-on when the endpoints are routed to synapse
+ workers. (#9271)
+ - Improved Documentation
+ - Clarify the sample configuration for changes made to the
+ template loading code. (#9310)
+ - Add docs for using Gitea as OpenID provider. (#9134)
+ - Add link to Matrix VoIP tester for turn-howto. (#9135)
+ - Add notes on integrating with Facebook for SSO login. (#9244)
+ - Deprecations and Removals
+ - The service_url parameter in cas_config is deprecated in
+ favor of public_baseurl. (#9199)
+ - Add new endpoint /_synapse/client/saml2 for SAML2
+ authentication callbacks, and deprecate the old endpoint
+ /_matrix/saml2. (#9289)
+ - Internal Changes
+ - Add tests to test_user.UsersListTestCase for List Users Admin
+ API. (#9045)
+ - Various improvements to the federation client. (#9129)
+ - Speed up chain cover calculation when persisting a batch of
+ state events at once. (#9176)
+ - Add a long_description_type to the package metadata. (#9180)
+ - Speed up batch insertion when using PostgreSQL. (#9181,
+ #9188)
+ - Emit an error at startup if different Identity Providers are
+ configured with the same idp_id. (#9184)
+ - Improve performance of concurrent use of StreamIDGenerators.
+ (#9190)
+ - Add some missing source directories to the automatic linting
+ script. (#9191)
+ - Precompute joined hosts and store in Redis. (#9198, #9227)
+ - Clean-up template loading code. (#9200)
+ - Fix the Python 3.5 old dependencies build. (#9217)
+ - Update isort to v5.7.0 to bypass a bug where it would
+ disagree with black about formatting. (#9222)
+ - Add type hints to handlers code. (#9223, #9232)
+ - Fix Debian package building on Ubuntu 16.04 LTS (Xenial).
+ (#9254)
+ - Minor performance improvement during TLS handshake. (#9255)
+ - Refactor the generation of summary text for email
+ notifications. (#9260)
+ - Restore PyPy compatibility by not calling CPython-specific GC
+ methods when under PyPy. (#9270)
+
+-------------------------------------------------------------------
+Thu Feb 11 17:23:36 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- no longer have a 2nd changes file for the test package. OBS uses
+ the main changes file now.
+
+-------------------------------------------------------------------
+Thu Jan 28 01:01:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.26.0
+ This release brings a new schema version for Synapse and rolling
+ back to a previous version is not trivial. Please review
+ UPGRADE.rst for more details on these changes and for general
+ upgrade guidance.
+
+ - Features
+ - Add support for multiple SSO Identity Providers. (#9015,
+ #9017, #9036, #9067, #9081, #9082, #9105, #9107, #9109,
+ #9110, #9127, #9153, #9154, #9177)
+ - During user-interactive authentication via single-sign-on,
+ give a better error if the user uses the wrong account on the
+ SSO IdP. (#9091)
+ - Give the public_baseurl a default value, if it is not
+ explicitly set in the configuration file. (#9159)
+ - Improve performance when calculating ignored users in large
+ rooms. (#9024)
+ - Implement MSC2176 in an experimental room version. (#8984)
+ - Add an admin API for protecting local media from quarantine.
+ (#9086)
+ - Remove a user's avatar URL and display name when deactivated
+ with the Admin API. (#8932)
+ - Update /_synapse/admin/v1/users/<user_id>/joined_rooms to
+ work for both local and remote users. (#8948)
+ - Add experimental support for handling to-device messages on
+ worker processes. (#9042, #9043, #9044, #9130)
+ - Add experimental support for handling /keys/claim and
+ /room_keys APIs on worker processes. (#9068)
+ - Add experimental support for handling /devices API on worker
+ processes. (#9092)
+ - Add experimental support for moving off receipts and account
+ data persistence off master. (#9104, #9166)
+ - Bugfixes
+ - Fix receipts and account data not being sent down sync.
+ Introduced in v1.26.0rc1. (#9193, #9195)
+ - Fix chain cover update to handle events with duplicate auth
+ events. Introduced in v1.26.0rc1. (#9210)
+ - Fix a long-standing issue where an internal server error
+ would occur when requesting a profile over federation that
+ did not include a display name / avatar URL. (#9023)
+ - Fix a long-standing bug where some caches could grow larger
+ than configured. (#9028)
+ - Fix error handling during insertion of client IPs into the
+ database. (#9051)
+ - Fix bug where we didn't correctly record CPU time spent in
+ on_new_event block. (#9053)
+ - Fix a minor bug which could cause confusing error messages
+ from invalid configurations. (#9054)
+ - Fix incorrect exit code when there is an error at startup.
+ (#9059)
+ - Fix JSONDecodeError spamming the logs when sending
+ transactions to remote servers. (#9070)
+ - Fix "Failed to send request" errors when a client provides an
+ invalid room alias. (#9071)
+ - Fix bugs in federation catchup logic that caused outbound
+ federation to be delayed for large servers after start up.
+ Introduced in v1.8.0 and v1.21.0. (#9114, #9116)
+ - Fix corruption of pushers data when a postgres bouncer is
+ used. (#9117)
+ - Fix minor bugs in handling the clientRedirectUrl parameter
+ for SSO login. (#9128)
+ - Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors
+ when .well-known files that are too large. (#9108)
+ - Fix "UnboundLocalError: local variable 'length' referenced
+ before assignment" errors when the response body exceeds the
+ expected size. This bug was introduced in v1.25.0. (#9145)
+ - Fix a long-standing bug "ValueError: invalid literal for
+ int() with base 10" when /publicRooms is requested with an
+ invalid server parameter. (#9161)
+ - Improved Documentation
+ - Add some extra docs for getting Synapse running on macOS.
+ (#8997)
+ - Correct a typo in the systemd-with-workers documentation.
+ (#9035)
+ - Correct a typo in INSTALL.md. (#9040)
+ - Add missing user_mapping_provider configuration to the
+ Keycloak OIDC example. Contributed by @chris-ruecker. (#9057)
+ - Quote pip install packages when extras are used to avoid
+ shells interpreting bracket characters. (#9151)
+ - Deprecations and Removals
+ - Remove broken and unmaintained demo/webserver.py script.
+ (#9039)
+ - Internal Changes
+ - Add an oidc- prefix to any idp_ids which are given in the
+ oidc_providers configuration. (#9189)
+ - Bump minimum psycopg2 version to v2.8. (#9204)
+ - Improve efficiency of large state resolutions. (#8868, #9029,
+ #9115, #9118, #9124)
+ - Various clean-ups to the structured logging and logging
+ context code. (#8939)
+ - Ensure rejected events get added to some metadata tables.
+ (#9016)
+ - Ignore date-rotated homeserver logs saved to disk. (#9018)
+ - Remove an unused column from access_tokens table. (#9025)
+ - Add a -noextras factor to tox.ini, to support running the
+ tests with no optional dependencies. (#9030)
+ - Fix running unit tests when optional dependencies are not
+ installed. (#9031)
+ - Allow bumping schema version when using split out state
+ database. (#9033)
+ - Configure the linters to run on a consistent set of files.
+ (#9038)
+ - Various cleanups to device inbox store. (#9041)
+ - Drop unused database tables. (#9055)
+ - Remove unused SynapseService class. (#9058)
+ - Remove unnecessary declarations in the tests for the admin
+ API. (#9063)
+ - Remove SynapseRequest.get_user_agent. (#9069)
+ - Remove redundant Homeserver.get_ip_from_request method.
+ (#9080)
+ - Add type hints to media repository. (#9093)
+ - Fix the wrong arguments being passed to
+ BlacklistingAgentWrapper from MatrixFederationAgent.
+ Contributed by Timothy Leung. (#9098)
+ - Reduce the scope of caught exceptions in
+ BlacklistingAgentWrapper. (#9106)
+ - Improve UsernamePickerTestCase. (#9112)
+ - Remove dependency on distutils. (#9125)
+ - Enforce that replication HTTP clients are called with keyword
+ arguments only. (#9144)
+ - Fix the Python 3.5 / old dependencies build in CI. (#9146)
+ - Replace the old perspectives option in the Synapse docker
+ config file template with trusted_key_servers. (#9157)
+
+-------------------------------------------------------------------
+Mon Jan 25 09:28:42 UTC 2021 - Ben Greiner <code@bnavigator.de>
+
+- Remove python singlespec macro usage: This package only builds
+ against the primary python3 flavor. No need to pull in and expand
+ legacy python36
+- Remove Leap 42 python2 handling in matrix-synapse-test.spec
+
+-------------------------------------------------------------------
+Wed Jan 13 12:28:54 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.25.0
+ Ending Support for Python 3.5 and Postgres 9.5 With this release,
+ the Synapse team is announcing a formal deprecation policy for
+ our platform dependencies, like Python and PostgreSQL:
+
+ All future releases of Synapse will follow the upstream
+ end-of-life schedules.
+
+ Which means:
+
+ This is the last release which guarantees support for Python 3.5.
+ We will end support for PostgreSQL 9.5 early next month. We will
+ end support for Python 3.6 and PostgreSQL 9.6 near the end of the
+ year. Crucially, this means we will not produce .deb packages
+ for Debian 9 (Stretch) or Ubuntu 16.04 (Xenial) beyond the
+ transition period described below.
+
+ The website https://endoflife.date/ has convenient summaries of
+ the support schedules for projects like Python and PostgreSQL.
+
+ If you are unable to upgrade your environment to a supported
+ version of Python or Postgres, we encourage you to consider using
+ the Synapse Docker images instead.
+
+ Transition Period We will make a good faith attempt to avoid
+ breaking compatibility in all releases through the end of March
+ 2021. However, critical security vulnerabilities in dependencies
+ or other unanticipated circumstances may arise which necessitate
+ breaking compatibility earlier.
+
+ We intend to continue producing .deb packages for Debian 9
+ (Stretch) and Ubuntu 16.04 (Xenial) through the transition
+ period.
+
+ Removal warning The old Purge Room API and Shutdown Room API are
+ deprecated and will be removed in a future release. They will be
+ replaced by the Delete Room APIe
+
+ POST /_synapse/admin/v1/rooms/<room_id>/delete replaces
+ POST /_synapse/admin/v1/purge_room and
+ POST /_synapse/admin/v1/shutdown_room/<room_id>.
+
+ - Features
+ - Add an admin API that lets server admins get power in rooms
+ in which local users have power. (#8756)
+ - Add optional HTTP authentication to replication endpoints.
+ (#8853)
+ - Improve the error messages printed as a result of
+ configuration problems for extension modules. (#8874)
+ - Add the number of local devices to Room Details Admin API.
+ Contributed by @dklimpel. (#8886)
+ - Add X-Robots-Tag header to stop web crawlers from indexing
+ media. Contributed by Aaron Raimist. (#8887)
+ - Spam-checkers may now define their methods as async. (#8890)
+ - Add support for allowing users to pick their own user ID
+ during a single-sign-on login. (#8897, #8900, #8911, #8938,
+ #8941, #8942, #8951)
+ - Add an email.invite_client_location configuration option to
+ send a web client location to the invite endpoint on the
+ identity server which allows customisation of the email
+ template. (#8930)
+ - The search term in the list room and list user Admin APIs is
+ now treated as case-insensitive. (#8931)
+ - Apply an IP range blacklist to push and key revocation
+ requests. (#8821, #8870, #8954)
+ - Add an option to allow re-use of user-interactive
+ authentication sessions for a period of time. (#8970)
+ - Allow running the redact endpoint on workers. (#8994)
+ - Bugfixes
+ - Fix HTTP proxy support when using a proxy that is on a
+ blacklisted IP. Introduced in v1.25.0rc1. Contributed by
+ @Bubu. (#9084)
+ - Fix bug where we might not correctly calculate the current
+ state for rooms with multiple extremities. (#8827)
+ - Fix a long-standing bug in the register admin endpoint
+ (/_synapse/admin/v1/register) when the mac field was not
+ provided. The endpoint now properly returns a 400 error.
+ Contributed by @edwargix. (#8837)
+ - Fix a long-standing bug on Synapse instances supporting
+ Single-Sign-On, where users would be prompted to enter their
+ password to confirm certain actions, even though they have
+ not set a password. (#8858)
+ - Fix a longstanding bug where a 500 error would be returned if
+ the Content-Length header was not provided to the upload
+ media resource. (#8862)
+ - Add additional validation to pusher URLs to be compliant with
+ the specification. (#8865)
+ - Fix the error code that is returned when a user tries to
+ register on a homeserver on which new-user registration has
+ been disabled. (#8867)
+ - Fix a bug where PUT /_synapse/admin/v2/users/<user_id> failed
+ to create a new user when avatar_url is specified. Bug
+ introduced in Synapse v1.9.0. (#8872)
+ - Fix a 500 error when attempting to preview an empty HTML
+ file. (#8883)
+ - Fix occasional deadlock when handling SIGHUP. (#8918)
+ - Fix login API to not ratelimit application services that have
+ ratelimiting disabled. (#8920)
+ - Fix bug where we ratelimited auto joining of rooms on
+ registration (using auto_join_rooms config). (#8921)
+ - Fix a bug where deactivated users appeared in the user
+ directory when their profile information was updated. (#8933,
+ #8964)
+ - Fix bug introduced in Synapse v1.24.0 which would cause an
+ exception on startup if both enabled and localdb_enabled were
+ set to False in the password_config setting of the
+ configuration file. (#8937)
+ - Fix a bug where 500 errors would be returned if the
+ m.room_history_visibility event had invalid content. (#8945)
+ - Fix a bug causing common English words to not be considered
+ for a user directory search. (#8959)
+ - Fix bug where application services couldn't register new
+ ghost users if the server had reached its MAU limit. (#8962)
+ - Fix a long-standing bug where a m.image event without a url
+ would cause errors on push. (#8965)
+ - Fix a small bug in v2 state resolution algorithm, which could
+ also cause performance issues for rooms with large numbers of
+ power levels. (#8971)
+ - Add validation to the sendToDevice API to raise a missing
+ parameters error instead of a 500 error. (#8975)
+ - Add validation of group IDs to raise a 400 error instead of a
+ 500 eror. (#8977)
+ - Improved Documentation
+ - Fix the "Event persist rate" section of the included grafana
+ dashboard by adding missing prometheus rules. (#8802)
+ - Combine related media admin API docs. (#8839)
+ - Fix an error in the documentation for the SAML username
+ mapping provider. (#8873)
+ - Clarify comments around template directories in
+ sample_config.yaml. (#8891)
+ - Moved instructions for database setup, adjusted heading
+ levels and improved syntax highlighting in INSTALL.md.
+ Contributed by fossterer. (#8987)
+ - Update the example value of group_creation_prefix in the
+ sample configuration. (#8992)
+ - Link the Synapse developer room to the development section in
+ the docs. (#9002)
+ - Deprecations and Removals
+ - Deprecate Shutdown Room and Purge Room Admin APIs. (#8829)
+ - Internal Changes
+ - Properly store the mapping of external ID to Matrix ID for
+ CAS users. (#8856, #8958)
+ - Remove some unnecessary stubbing from unit tests. (#8861)
+ - Remove unused FakeResponse class from unit tests. (#8864)
+ - Pass room_id to get_auth_chain_difference. (#8879)
+ - Add type hints to push module. (#8880, #8882, #8901, #8940,
+ #8943, #9020)
+ - Simplify logic for handling user-interactive-auth via
+ single-sign-on servers. (#8881)
+ - Skip the SAML tests if the requirements (pysaml2 and xmlsec1)
+ aren't available. (#8905)
+ - Fix multiarch docker image builds. (#8906)
+ - Don't publish latest docker image until all archs are built.
+ (#8909)
+ - Various clean-ups to the structured logging and logging
+ context code. (#8916, #8935)
+ - Automatically drop stale forward-extremities under some
+ specific conditions. (#8929)
+ - Refactor test utilities for injecting HTTP requests. (#8946)
+ - Add a maximum size of 50 kilobytes to .well-known lookups.
+ (#8950)
+ - Fix bug in generate_log_config script which made it write
+ empty files. (#8952)
+ - Clean up tox.ini file; disable coverage checking for non-test
+ runs. (#8963)
+ - Add type hints to the admin and room list handlers. (#8973)
+ - Add type hints to the receipts and user directory handlers.
+ (#8976)
+ - Drop the unused local_invites table. (#8979)
+ - Add type hints to the base storage code. (#8980)
+ - Support using PyJWT v2.0.0 in the test suite. (#8986)
+ - Fix tests.federation.transport.RoomDirectoryFederationTests
+ and ensure it runs in CI. (#8998)
+ - Add type hints to the crypto module. (#8999)
+
+-------------------------------------------------------------------
+Wed Dec 9 11:34:37 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.24.0
+
+ Due to the two security issues highlighted below, server
+ administrators are encouraged to update Synapse. We are not aware
+ of these vulnerabilities being exploited in the wild.
+
+ - Security
+ - There is a denial of service attack (CVE-2020-26257) against
+ the federation APIs in which future events will not be
+ correctly sent to other servers over federation. This affects
+ all servers that participate in open federation. (Fixed in
+ #8776).
+ - Synapse may be affected by OpenSSL CVE-2020-1971.
+ Synapse administrators should ensure that they have the
+ latest versions of the cryptography Python package installed.
+ - Features
+ - Add admin API for logging in as a user. (#8617)
+ - Allow specification of the SAML IdP if the metadata returns
+ multiple IdPs. (#8630)
+ - Add support for re-trying generation of a localpart for
+ OpenID Connect mapping providers. (#8801, #8855)
+ - Allow the Date header through CORS. Contributed by Nicolas
+ Chamo. (#8804)
+ - Add a config option, push.group_by_unread_count, which
+ controls whether unread message counts in push notifications
+ are defined as "the number of rooms with unread messages" or
+ "total unread messages". (#8820)
+ - Add force_purge option to delete-room admin api. (#8843)
+ - Bugfixes
+ - Fix a regression in v1.24.0rc1 which failed to allow SAML
+ mapping providers which were unable to redirect users to an
+ additional page. (#8878)
+ - Fix a bug where appservices may be sent an excessive amount
+ of read receipts and presence. Broke in v1.22.0. (#8744)
+ - Fix a bug in some federation APIs which could lead to
+ unexpected behaviour if different parameters were set in the
+ URI and the request body. (#8776)
+ - Fix a bug where synctl could spawn duplicate copies of a
+ worker. Contributed by Waylon Cude. (#8798)
+ - Allow per-room profiles to be used for the server notice
+ user. (#8799)
+ - Fix a bug where logging could break after a call to SIGHUP.
+ (#8817)
+ - Fix register_new_matrix_user failing with "Bad Request" when
+ trailing slash is included in server URL. Contributed by
+ @angdraug. (#8823)
+ - Fix a minor long-standing bug in login, where we would offer
+ the password login type if a custom auth provider supported
+ it, even if password login was disabled. (#8835)
+ - Fix a long-standing bug which caused Synapse to require
+ unspecified parameters during user-interactive
+ authentication. (#8848)
+ - Fix a bug introduced in v1.20.0 where the user-agent and IP
+ address reported during user registration for CAS, OpenID
+ Connect, and SAML were of the wrong form. (#8784)
+ - Improved Documentation
+ - Clarify the usecase for a msisdn delegate. Contributed by
+ Adrian Wannenmacher. (#8734)
+ - Remove extraneous comma from JSON example in User Admin API
+ docs. (#8771)
+ - Update turn-howto.md with troubleshooting notes. (#8779)
+ - Fix the example on how to set the Content-Type header in
+ nginx for the Client Well-Known URI. (#8793)
+ - Improve the documentation for the admin API to list all media
+ in a room with respect to encrypted events. (#8795)
+ - Update the formatting of the push section of the homeserver
+ config file to better align with the code style guidelines.
+ (#8818)
+ - Improve documentation how to configure prometheus for
+ workers. (#8822)
+ - Update example prometheus console. (#8824)
+ - Deprecations and Removals
+ - Remove old /_matrix/client/*/admin endpoints which were
+ deprecated since Synapse 1.20.0. (#8785)
+ - Disable pretty printing JSON responses for curl. Users who
+ want pretty-printed output should use jq in combination with
+ curl. Contributed by @tulir. (#8833)
+ - Internal Changes
+ - Add a maximum version for pysaml2 on Python 3.5. (#8898)
+ - Add support for the prometheus_client newer than 0.9.0.
+ Contributed by Jordan Bancino. (#8875)
+ - Simplify the way the HomeServer object caches its internal
+ attributes. (#8565, #8851)
+ - Add an example and documentation for clock skew to the SAML2
+ sample configuration to allow for clock/time difference
+ between the homserver and IdP. Contributed by @localguru.
+ (#8731)
+ - Generalise RoomMemberHandler._locally_reject_invite to apply
+ to more flows than just invite. (#8751)
+ - Generalise RoomStore.maybe_store_room_on_invite to handle
+ other, non-invite membership events. (#8754)
+ - Refactor test utilities for injecting HTTP requests. (#8757,
+ #8758, #8759, #8760, #8761, #8777)
+ - Consolidate logic between the OpenID Connect and SAML code.
+ (#8765)
+ - Use TYPE_CHECKING instead of magic MYPY variable. (#8770)
+ - Add a commandline script to sign arbitrary json objects.
+ (#8772)
+ - Minor log line improvements for the SSO mapping code used to
+ generate Matrix IDs from SSO IDs. (#8773)
+ - Add additional error checking for OpenID Connect and SAML
+ mapping providers. (#8774, #8800)
+ - Add type hints to HTTP abstractions. (#8806, #8812)
+ - Remove unnecessary function arguments and add typing to
+ several membership replication classes. (#8809)
+ - Optimise the lookup for an invite from another homeserver
+ when trying to reject it. (#8815)
+ - Add tests for password_auth_providers. (#8819)
+ - Drop redundant database index on event_json. (#8845)
+ - Simplify uk.half-shot.msc2778.login.application_service login
+ handler. (#8847)
+ - Refactor password_auth_provider support code. (#8849)
+ - Add missing ordering to background database updates. (#8850)
+ - Allow for specifying a room version when creating a room in
+ unit tests via RestHelper.create_room_as. (#8854)
+
+-------------------------------------------------------------------
+Wed Nov 18 13:59:26 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.23.0
+ This release changes the way structured logging is configured.
+ See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.
+
+ Note: We are aware of a trivially exploitable denial of service
+ vulnerability in versions of Synapse prior to 1.20.0. Complete
+ details will be disclosed on Monday, November 23rd. If you have
+ not upgraded recently, please do so.
+
+ - Features
+ - Add a push rule that highlights when a jitsi conference is
+ created in a room. (#8286)
+ - Add an admin api to delete a single file or files that were
+ not used for a defined time from server. Contributed by
+ @dklimpel. (#8519)
+ - Split admin API for reported events (GET
+ /_synapse/admin/v1/event_reports) into detail and list
+ endpoints. This is a breaking change to #8217 which was
+ introduced in Synapse v1.21.0. Those who already use this API
+ should check their scripts. Contributed by @dklimpel. (#8539)
+ - Support generating structured logs via the standard logging
+ configuration. (#8607, #8685)
+ - Add an admin API to allow server admins to list users'
+ pushers. Contributed by @dklimpel. (#8610, #8689)
+ - Add an admin API GET /_synapse/admin/v1/users/<user_id>/media
+ to get information about uploaded media. Contributed by
+ @dklimpel. (#8647)
+ - Add an admin API for local user media statistics. Contributed
+ by @dklimpel. (#8700)
+ - Add displayname to Shared-Secret Registration for admins.
+ (#8722)
+ - Bugfixes
+ - Fix fetching of E2E cross signing keys over federation when
+ only one of the master key and device signing key is cached
+ already. (#8455)
+ - Fix a bug where Synapse would blindly forward bad responses
+ from federation to clients when retrieving profile
+ information. (#8580)
+ - Fix a bug where the account validity endpoint would silently
+ fail if the user ID did not have an expiration time. It now
+ returns a 400 error. (#8620)
+ - Fix email notifications for invites without local state.
+ (#8627)
+ - Fix handling of invalid group IDs to return a 400 rather than
+ log an exception and return a 500. (#8628)
+ - Fix handling of User-Agent headers that are invalid UTF-8,
+ which caused user agents of users to not get correctly
+ recorded. (#8632)
+ - Fix a bug in the joined_rooms admin API if the user has never
+ joined any rooms. The bug was introduced, along with the API,
+ in v1.21.0. (#8643)
+ - Fix exception during handling multiple concurrent requests
+ for remote media when using multiple media repositories.
+ (#8682)
+ - Fix bug that prevented Synapse from recovering after losing
+ connection to the database. (#8726)
+ - Fix bug where the /_synapse/admin/v1/send_server_notice API
+ could send notices to non-notice rooms. (#8728)
+ - Fix PostgreSQL port script fails when DB has no backfilled
+ events. Broke in v1.21.0. (#8729)
+ - Fix PostgreSQL port script to correctly handle foreign key
+ constraints. Broke in v1.21.0. (#8730)
+ - Fix PostgreSQL port script so that it can be run again after
+ a failure. Broke in v1.21.0. (#8755)
+ - Improved Documentation
+ - Instructions for Azure AD in the OpenID Connect
+ documentation. Contributed by peterk. (#8582)
+ - Improve the sample configuration for single sign-on
+ providers. (#8635)
+ - Fix the filepath of Dex's example config and the link to
+ Dex's Getting Started guide in the OpenID Connect docs.
+ (#8657)
+ - Note support for Python 3.9. (#8665)
+ - Minor updates to docs on running tests. (#8666)
+ - Interlink prometheus/grafana documentation. (#8667)
+ - Notes on SSO logins and media_repository worker. (#8701)
+ - Document experimental support for running multiple event
+ persisters. (#8706)
+ - Add information regarding the various sources of, and
+ expected contributions to, Synapse's documentation to
+ CONTRIBUTING.md. (#8714)
+ - Migrate documentation docs/admin_api/event_reports to
+ markdown. (#8742)
+ - Add some helpful hints to the README for new Synapse
+ developers. Contributed by @chagai95. (#8746)
+ - Internal Changes
+ - Optimise /createRoom with multiple invited users. (#8559)
+ - Implement and use an `@lru_cache` decorator. (#8595)
+ - Don't instansiate Requester directly. (#8614)
+ - Type hints for RegistrationStore. (#8615)
+ - Change schema to support access tokens belonging to one user
+ but granting access to another. (#8616)
+ - Remove unused OPTIONS handlers. (#8621)
+ - Run mypy as part of the lint.sh script. (#8633)
+ - Correct Synapse's PyPI package name in the OpenID Connect
+ installation instructions. (#8634)
+ - Catch exceptions during initialization of password_providers.
+ Contributed by Nicolai Søborg. (#8636)
+ - Fix typos and spelling errors in the code. (#8639)
+ - Reduce number of OpenTracing spans started. (#8640, #8668,
+ #8670)
+ - Add field total to device list in admin API. (#8644)
+ - Add more type hints to the application services code. (#8655,
+ #8693)
+ - Tell Black to format code for Python 3.5. (#8664)
+ - Don't pull event from DB when handling replication traffic.
+ (#8669)
+ - Abstract some invite-related code in preparation for landing
+ knocking. (#8671, #8688)
+ - Clarify representation of events in logfiles. (#8679)
+ - Don't require hiredis package to be installed to run unit
+ tests. (#8680)
+ - Fix typing info on cache call signature to accept
+ on_invalidate. (#8684)
+ - Fail tests if they do not await coroutines. (#8690)
+ - Improve start time by adding an index to
+ e2e_cross_signing_keys.stream_id. (#8694)
+ - Re-organize the structured logging code to separate the TCP
+ transport handling from the JSON formatting. (#8697)
+ - Use Python 3.8 in Docker images by default. (#8698)
+ - Remove the "draft" status of the Room Details Admin API.
+ (#8702)
+ - Improve the error returned when a non-string displayname or
+ avatar_url is used when updating a user's profile. (#8705)
+ - Block attempts by clients to send server ACLs, or redactions
+ of server ACLs, that would result in the local server being
+ blocked from the room. (#8708)
+ - Add metrics the allow the local sysadmin to track 3PID
+ /requestToken requests. (#8712)
+ - Consolidate duplicated lists of purged tables that are
+ checked in tests. (#8713)
+ - Add some mdui:UIInfo element examples for saml2_config in the
+ homeserver config. (#8718)
+ - Improve the error message returned when a remote server
+ incorrectly sets the Content-Type header in response to a
+ JSON request. (#8719)
+ - Speed up repeated state resolutions on the same room by
+ caching event ID to auth event ID lookups. (#8752)
+
+-------------------------------------------------------------------
+Fri Oct 30 16:04:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.22.1
+ - Fix a bug where an appservice may not be forwarded events for a
+ room it was recently invited to. Broke in v1.22.0. (#8676)
+ - Fix Object of type frozendict is not JSON serializable
+ exceptions when using third-party event rules. Broke in
+ v1.22.0. (#8678)
+
+-------------------------------------------------------------------
+Tue Oct 27 12:19:54 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.22.0
+ - Features
+ - Add a configuration option for always using the "userinfo
+ endpoint" for OpenID Connect. This fixes support for some
+ identity providers, e.g. GitLab. Contributed by Benjamin
+ Koch. (#7658)
+ - Add ability for ThirdPartyEventRules modules to query and
+ manipulate whether a room is in the public rooms directory.
+ (#8292, #8467)
+ - Add support for olm fallback keys (MSC2732). (#8312, #8501)
+ - Add support for running background tasks in a separate worker
+ process. (#8369, #8458, #8489, #8513, #8544, #8599)
+ - Add support for device dehydration (MSC2697). (#8380)
+ - Add support for MSC2409, which allows sending typing, read
+ receipts, and presence events to appservices. (#8437, #8590)
+ - Change default room version to "6", per MSC2788. (#8461)
+ - Add the ability to send non-membership events into a room via
+ the ModuleApi. (#8479)
+ - Increase default upload size limit from 10M to 50M.
+ Contributed by @Akkowicz. (#8502)
+ - Add support for modifying event content in ThirdPartyRules
+ modules. (#8535, #8564)
+ - Bugfixes
+ - Fix bugs where ephemeral events were not sent to appservices.
+ Broke in v1.22.0rc1. (#8648, #8656)
+ - Fix user_daily_visits table to not have duplicate rows per
+ user/device due to multiple user agents. Broke in v1.22.0rc1.
+ (#8654)
+ - Fix a longstanding bug where invalid ignored users in account
+ data could break clients. (#8454)
+ - Fix a bug where backfilling a room with an event that was
+ missing the redacts field would break. (#8457)
+ - Don't attempt to respond to some requests if the client has
+ already disconnected. (#8465)
+ - Fix message duplication if something goes wrong after
+ persisting the event. (#8476)
+ - Fix incremental sync returning an incorrect prev_batch token
+ in timeline section, which when used to paginate returned
+ events that were included in the incremental sync. Broken
+ since v0.16.0. (#8486)
+ - Expose the uk.half-shot.msc2778.login.application_service to
+ clients from the login API. This feature was added in
+ v1.21.0, but was not exposed as a potential login flow.
+ (#8504)
+ - Fix error code for /profile/{userId}/displayname to be
+ M_BAD_JSON. (#8517)
+ - Fix a bug introduced in v1.7.0 that could cause Synapse to
+ insert values from non-state m.room.retention events into the
+ room_retention database table. (#8527)
+ - Fix not sending events over federation when using sharded
+ event writers. (#8536)
+ - Fix a long standing bug where email notifications for
+ encrypted messages were blank. (#8545)
+ - Fix increase in the number of There was no active span...
+ errors logged when using OpenTracing. (#8567)
+ - Fix a bug that prevented errors encountered during execution
+ of the synapse_port_db from being correctly printed. (#8585)
+ - Fix appservice transactions to only include a maximum of 100
+ persistent and 100 ephemeral events. (#8606)
+ - Updates to the Docker image
+ - Added multi-arch support (arm64,arm/v7) for the docker
+ images. Contributed by @maquis196. (#7921)
+ - Add support for passing commandline args to the synapse
+ process. Contributed by @samuel-p. (#8390)
+ - Improved Documentation
+ - Update the directions for using the manhole with coroutines.
+ (#8462)
+ - Improve readme by adding new shield.io badges. (#8493)
+ - Added note about docker in manhole.md regarding which ip
+ address to bind to. Contributed by @maquis196. (#8526)
+ - Document the new behaviour of the allowed_lifetime_min and
+ allowed_lifetime_max settings in the room retention
+ configuration. (#8529)
+ - Deprecations and Removals
+ - Drop unused device_max_stream_id table. (#8589)
+ - Internal Changes
+ - Check for unreachable code with mypy. (#8432)
+ - Add unit test for event persister sharding. (#8433)
+ - Allow events to be sent to clients sooner when using sharded
+ event persisters. (#8439, #8488, #8496, #8499)
+ - Configure public_baseurl when using demo scripts. (#8443)
+ - Add SQL logging on queries that happen during startup.
+ (#8448)
+ - Speed up unit tests when using PostgreSQL. (#8450)
+ - Remove redundant database loads of stream_ordering for events
+ we already have. (#8452)
+ - Reduce inconsistencies between codepaths for membership and
+ non-membership events. (#8463)
+ - Combine SpamCheckerApi with the more generic ModuleApi.
+ (#8464)
+ - Additional testing for ThirdPartyEventRules. (#8468)
+ - Add -d option to ./scripts-dev/lint.sh to lint files that
+ have changed since the last git commit. (#8472)
+ - Unblacklist some sytests. (#8474)
+ - Include the log level in the phone home stats. (#8477)
+ - Remove outdated sphinx documentation, scripts and
+ configuration. (#8480)
+ - Clarify error message when plugin config parsers raise an
+ error. (#8492)
+ - Remove the deprecated Handlers object. (#8494)
+ - Fix a threadsafety bug in unit tests. (#8497)
+ - Add user agent to user_daily_visits table. (#8503)
+ - Add type hints to various parts of the code base. (#8407,
+ #8505, #8507, #8547, #8562, #8609)
+ - Remove unused code from the test framework. (#8514)
+ - Apply some internal fixes to the HomeServer class to make its
+ code more idiomatic and statically-verifiable. (#8515)
+ - Factor out common code between
+ RoomMemberHandler._locally_reject_invite and
+ EventCreationHandler.create_event. (#8537)
+ - Improve database performance by executing more queries
+ without starting transactions. (#8542)
+ - Rename Cache to DeferredCache, to better reflect its purpose.
+ (#8548)
+ - Move metric registration code down into LruCache. (#8561,
+ #8591)
+ - Replace DeferredCache with the lighter-weight LruCache where
+ possible. (#8563)
+ - Add virtualenv-generated folders to .gitignore. (#8566)
+ - Add get_immediate method to DeferredCache. (#8568)
+ - Fix mypy not properly checking across the codebase,
+ additionally, fix a typing assertion error in
+ handlers/auth.py. (#8569)
+ - Fix synmark benchmark runner. (#8571)
+ - Modify DeferredCache.get() to return Deferreds instead of
+ ObservableDeferreds. (#8572)
+ - Adjust a protocol-type definition to fit sqlite3 assertions.
+ (#8577)
+ - Support macOS on the synmark benchmark runner. (#8578)
+ - Update mypy static type checker to 0.790. (#8583, #8600)
+ - Re-organize the structured logging code to separate the TCP
+ transport handling from the JSON formatting. (#8587)
+ - Remove extraneous unittest logging decorators from unit
+ tests. (#8592)
+ - Minor optimisations in caching code. (#8593, #8594)
+
+-------------------------------------------------------------------
+Thu Oct 15 17:16:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- prepare to support more optional features in the buildrequires
+ (oidc/redis). failing atm due to missing libraries
+
+-------------------------------------------------------------------
+Thu Oct 15 16:45:55 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.21.2
+ - Security advisory
+ - HTML pages served via Synapse were vulnerable to cross-site
+ scripting (XSS) attacks. All server administrators are
+ encouraged to upgrade. (#8444) (CVE-2020-26891)
+ - This fix was originally included in v1.21.0 but was missing a
+ security advisory. This was reported by Denis Kasak.
+ - Bugfixes
+ - Fix rare bug where sending an event would fail due to a racey
+ assertion. (#8530)
+ - An updated version of the authlib dependency is included in
+ the Docker and Debian images to fix an issue using OpenID
+ Connect. See #8534 for details.
+
+-------------------------------------------------------------------
+Wed Oct 14 16:09:43 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.21.1
+ This release fixes a regression in v1.21.0 that prevented debian
+ packages from being built. It is otherwise identical to v1.21.0.
+
+-------------------------------------------------------------------
+Mon Oct 12 17:08:13 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.21.0
+ - Features
+ - Convert additional templates from inline HTML to Jinja2
+ templates. (#8444)
+ - Require the user to confirm that their password should be
+ reset after clicking the email confirmation link. (#8004)
+ - Add an admin API GET /_synapse/admin/v1/event_reports to read
+ entries of table event_reports. Contributed by @dklimpel.
+ (#8217)
+ - Consolidate the SSO error template across all configuration.
+ (#8248, #8405)
+ - Add a configuration option to specify a whitelist of domains
+ that a user can be redirected to after validating their email
+ or phone number. (#8275, #8417)
+ - Add experimental support for sharding event persister.
+ (#8294, #8387, #8396, #8419)
+ - Add the room topic and avatar to the room details admin API.
+ (#8305)
+ - Add an admin API for querying rooms where a user is a member.
+ Contributed by @dklimpel. (#8306)
+ - Add uk.half-shot.msc2778.login.application_service login type
+ to allow appservices to login. (#8320)
+ - Add a configuration option that allows existing users to log
+ in with OpenID Connect. Contributed by @BBBSnowball and
+ @OmmyZhang. (#8345)
+ - Add prometheus metrics for replication requests. (#8406)
+ - Support passing additional single sign-on parameters to the
+ client. (#8413)
+ - Add experimental reporting of metrics on expensive rooms for
+ state-resolution. (#8420)
+ - Add experimental prometheus metric to track numbers of
+ "large" rooms for state resolutiom. (#8425)
+ - Add prometheus metrics to track federation delays. (#8430)
+ - Bugfixes
+ - Fix duplication of events on high traffic servers, caused by
+ PostgreSQL could not serialize access due to concurrent
+ update errors. (#8456)
+ - Fix a regression in v1.21.0rc1 which broke thumbnails of
+ remote media. (#8438)
+ - Do not expose the experimental
+ uk.half-shot.msc2778.login.application_service flow in the
+ login API, which caused a compatibility problem with Element
+ iOS. (#8440)
+ - Fix malformed log line in new federation "catch up" logic.
+ (#8442)
+ - Fix DB query on startup for negative streams which caused
+ long start up times. Introduced in #8374. (#8447)
+ - Fix a bug in the media repository where remote thumbnails
+ with the same size but different crop methods would overwrite
+ each other. Contributed by @deepbluev7. (#7124)
+ - Fix inconsistent handling of non-existent push rules, and
+ stop tracking the enabled state of removed push rules.
+ (#7796)
+ - Fix a longstanding bug when storing a media file with an
+ empty upload_name. (#7905)
+ - Fix messages not being sent over federation until an event is
+ sent into the same room. (#8230, #8247, #8258, #8272, #8322)
+ - Fix a longstanding bug where files that could not be
+ thumbnailed would result in an Internal Server Error. (#8236,
+ #8435)
+ - Upgrade minimum version of canonicaljson to version 1.4.0, to
+ fix an unicode encoding issue. (#8262)
+ - Fix longstanding bug which could lead to incomplete database
+ upgrades on SQLite. (#8265)
+ - Fix stack overflow when stderr is redirected to the logging
+ system, and the logging system encounters an error. (#8268)
+ - Fix a bug which cause the logging system to report errors, if
+ DEBUG was enabled and no context filter was applied. (#8278)
+ - Fix edge case where push could get delayed for a user until a
+ later event was pushed. (#8287)
+ - Fix fetching malformed events from remote servers. (#8324)
+ - Fix UnboundLocalError from occuring when appservices send a
+ malformed register request. (#8329)
+ - Don't send push notifications to expired user accounts.
+ (#8353)
+ - Fix a regression in v1.19.0 with reactivating users through
+ the admin API. (#8362)
+ - Fix a bug where during device registration the length of the
+ device name wasn't limited. (#8364)
+ - Include guest_access in the fields that are checked for null
+ bytes when updating room_stats_state. Broke in v1.7.2.
+ (#8373)
+ - Fix theoretical race condition where events are not sent down
+ /sync if the synchrotron worker is restarted without
+ restarting other workers. (#8374)
+ - Fix a bug which could cause errors in rooms with malformed
+ membership events, on servers using sqlite. (#8385)
+ - Fix "Re-starting finished log context" warning when receiving
+ an event we already had over federation. (#8398)
+ - Fix incorrect handling of timeouts on outgoing HTTP requests.
+ (#8400)
+ - Fix a regression in v1.20.0 in the synapse_port_db script
+ regarding the ui_auth_sessions_ips table. (#8410)
+ - Remove unnecessary 3PID registration check when resetting
+ password via an email address. Bug introduced in v0.34.0rc2.
+ (#8414)
+ - Improved Documentation
+ - Add /_synapse/client to the reverse proxy documentation.
+ (#8227)
+ - Add note to the reverse proxy settings documentation about
+ disabling Apache's mod_security2. Contributed by Julian
+ Fietkau (@jfietkau). (#8375)
+ - Improve description of server_name config option in
+ homserver.yaml. (#8415)
+ - Deprecations and Removals
+ - Drop support for prometheus_client older than 0.4.0. (#8426)
+ - Internal Changes
+ - Fix tests on distros which disable TLSv1.0. Contributed by
+ @danc86. (#8208)
+ - Simplify the distributor code to avoid unnecessary work.
+ (#8216)
+ - Remove the populate_stats_process_rooms_2 background job and
+ restore functionality to populate_stats_process_rooms.
+ (#8243)
+ - Clean up type hints for PaginationConfig. (#8250, #8282)
+ - Track the latest event for every destination and room for
+ catch-up after federation outage. (#8256)
+ - Fix non-user visible bug in implementation of
+ MultiWriterIdGenerator.get_current_token_for_writer. (#8257)
+ - Switch to the JSON implementation from the standard library.
+ (#8259)
+ - Add type hints to synapse.util.async_helpers. (#8260)
+ - Simplify tests that mock asynchronous functions. (#8261)
+ - Add type hints to StreamToken and RoomStreamToken classes.
+ (#8279)
+ - Change StreamToken.room_key to be a RoomStreamToken instance.
+ (#8281)
+ - Refactor notifier code to correctly use the max event stream
+ position. (#8288)
+ - Use slotted classes where possible. (#8296)
+ - Support testing the local Synapse checkout against the
+ Complement homeserver test suite. (#8317)
+ - Update outdated usages of metaclass to python 3 syntax.
+ (#8326)
+ - Move lint-related dependencies to package-extra field, update
+ CONTRIBUTING.md to utilise this. (#8330, #8377)
+ - Use the admin_patterns helper in additional locations.
+ (#8331)
+ - Fix test logging to allow braces in log output. (#8335)
+ - Remove __future__ imports related to Python 2 compatibility.
+ (#8337)
+ - Simplify super() calls to Python 3 syntax. (#8344)
+ - Fix bad merge from release-v1.20.0 branch to develop. (#8354)
+ - Factor out a _send_dummy_event_for_room method. (#8370)
+ - Improve logging of state resolution. (#8371)
+ - Add type annotations to SimpleHttpClient. (#8372)
+ - Refactor ID generators to use async with syntax. (#8383)
+ - Add EventStreamPosition type. (#8388)
+ - Create a mechanism for marking tests "logcontext clean".
+ (#8399)
+ - A pair of tiny cleanups in the federation request code.
+ (#8401)
+ - Add checks on startup that PostgreSQL sequences are
+ consistent with their associated tables. (#8402)
+ - Do not include appservice users when calculating the total
+ MAU for a server. (#8404)
+ - Typing fixes for synapse.handlers.federation. (#8422)
+ - Various refactors to simplify stream token handling. (#8423)
+ - Make stream token serializing/deserializing async. (#8427)
+
+-------------------------------------------------------------------
+Thu Sep 24 19:02:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.20.1
+ - Bugfixes
+ - Fix a bug introduced in v1.20.0 which caused the
+ synapse_port_db script to fail. (#8386)
+ - Fix a bug introduced in v1.20.0 which caused variables to be
+ incorrectly escaped in Jinja2 templates. (#8394)
+
+-------------------------------------------------------------------
+Fri Sep 18 16:29:17 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.20.0
+ - Removal warning
+ - Some older clients used a disallowed character (:) in the
+ client_secret parameter of various endpoints. The incorrect
+ behaviour was allowed for backwards compatibility, but is now
+ being removed from Synapse as most users have updated their
+ client. Further context can be found at #6766.
+ - Historically, the Synapse Admin API has been accessible under
+ the prefixes:
+ /_matrix/client/api/v1/admin,
+ /_matrix/client/unstable/admin,
+ /_matrix/client/r0/admin
+ /_synapse/admin
+
+ In a future release, we will be dropping support for
+ accessing Synapse's Admin API using the /_matrix/client/*
+ prefixes. This makes it easier for homeserver admins to lock
+ down external access to the Admin API endpoints.
+ - Features
+ - Add flags to the /versions endpoint for whether new rooms
+ default to using E2EE. (#8343)
+ - Add an endpoint to query your shared rooms with another user
+ as an implementation of MSC2666. (#7785)
+ - Iteratively encode JSON to avoid blocking the reactor.
+ (#8013, #8116)
+ - Add support for shadow-banning users (ignoring any message
+ send requests). (#8034, #8092, #8095, #8142, #8152, #8157,
+ #8158, #8176)
+ - Use the default template file when its equivalent is not
+ found in a custom template directory. (#8037, #8107, #8252)
+ - Add unread messages count to sync responses, as specified in
+ MSC2654. (#8059, #8254, #8270, #8274)
+ - Optimise /federation/v1/user/devices/ API by only returning
+ devices with encryption keys. (#8198)
+ - Bugfixes
+ - Fix rate limiting of federation /send requests. (#8342)
+ - Fix a longstanding bug where back pagination over federation
+ could get stuck if it failed to handle a received event.
+ (#8349)
+ - Partially mitigate bug where newly joined servers couldn't
+ get past events in a room when there is a malformed event.
+ (#8350)
+ - Fix joining rooms over federation that include malformed
+ events. (#8324)
+ - Fix a bug introduced in v1.20.0rc1 where the wrong exception
+ was raised when invalid JSON data is encountered. (#8291)
+ - Fix a bug introduced in v1.20.0rc1 causing some features
+ related to notifications to misbehave following the
+ implementation of unread counts. (#8280)
+ - Fix a memory leak by limiting the length of time that
+ messages will be queued for a remote server that has been
+ unreachable. (#7864)
+ - Fix Re-starting finished log context PUT-nnnn warning when
+ event persistence failed. (#8081)
+ - Synapse now correctly enforces the valid characters in the
+ client_secret parameter used in various endpoints. (#8101)
+ - Fix a bug introduced in v1.7.2 impacting message retention
+ policies that would allow federated homeservers to dictate a
+ retention period that's lower than the configured minimum
+ allowed duration in the configuration file. (#8104)
+ - Fix a long-standing bug where invalid JSON would be accepted
+ by Synapse. (#8106)
+ - Fix a bug introduced in Synapse v1.12.0 which could cause
+ /sync requests to fail with a 404 if you had a very old
+ outstanding room invite. (#8110)
+ - Return a proper error code when the rooms of an invalid group
+ are requested. (#8129)
+ - Fix a bug which could cause a leaked postgres connection if
+ synapse was set to daemonize. (#8131)
+ - Clarify the error code if a user tries to register with a
+ numeric ID. This bug was introduced in v1.15.0. (#8135)
+ - Fix a bug where appservices with ratelimiting disabled would
+ still be ratelimited when joining rooms. This bug was
+ introduced in v1.19.0. (#8139)
+ - Fix logging in via OpenID Connect with a provider that uses
+ integer user IDs. (#8190)
+ - Fix a longstanding bug where user directory updates could
+ break when unexpected profile data was included in events.
+ (#8223)
+ - Fix a longstanding bug where stats updates could break when
+ unexpected profile data was included in events. (#8226)
+ - Fix slow start times for large servers by removing a table
+ scan of the users table from startup code. (#8271)
+ - Improved Documentation
+ - Link to matrix-synapse-rest-password-provider in the password
+ provider documentation. (#8111)
+ - Updated documentation to note that Synapse does not follow
+ HTTP 308 redirects due to an upstream library not supporting
+ them. Contributed by Ryan Cole. (#8120)
+ - Explain better what GDPR-erased means when deactivating a
+ user. (#8189)
+ - Internal Changes
+ - Blacklist MSC2753 SyTests until it is implemented. (#8285)
+ - Add filter name to the /users admin API, which filters by
+ user ID or displayname. Contributed by Awesome Technologies
+ Innovationslabor GmbH. (#7377, #8163)
+ - Reduce run times of some unit tests by advancing the reactor
+ a fewer number of times. (#7757)
+ - Don't fail /submit_token requests on incorrect session ID if
+ request_token_inhibit_3pid_errors is turned on. (#7991)
+ - Convert various parts of the codebase to async/await. (#8071,
+ #8072, #8074, #8075, #8076, #8087, #8100, #8119, #8121,
+ #8133, #8156, #8162, #8166, #8168, #8173, #8191, #8192,
+ #8193, #8194, #8195, #8197, #8199, #8200, #8201, #8202,
+ #8207, #8213, #8214)
+ - Remove some unused database functions. (#8085)
+ - Add type hints to various parts of the codebase. (#8090,
+ #8127, #8187, #8241, #8140, #8183, #8232, #8235, #8237,
+ #8244)
+ - Return the previous stream token if a non-member event is a
+ duplicate. (#8093, #8112)
+ - Separate get_current_token into two since there are two
+ different use cases for it. (#8113)
+ - Remove ChainedIdGenerator. (#8123)
+ - Reduce the amount of whitespace in JSON stored and sent in
+ responses. (#8124)
+ - Update the test federation client to handle streaming
+ responses. (#8130)
+ - Micro-optimisations to get_auth_chain_ids. (#8132)
+ - Refactor StreamIdGenerator and MultiWriterIdGenerator to have
+ the same interface. (#8161)
+ - Add functions to MultiWriterIdGen used by events stream.
+ (#8164, #8179)
+ - Fix tests that were broken due to the merge of 1.19.1.
+ (#8167)
+ - Make SlavedIdTracker.advance have the same interface as
+ MultiWriterIDGenerator. (#8171)
+ - Remove unused is_guest parameter from, and add safeguard to,
+ MessageHandler.get_room_data. (#8174, #8181)
+ - Standardize the mypy configuration. (#8175)
+ - Refactor some of LoginRestServlet's helper methods, and move
+ them to AuthHandler for easier reuse. (#8182)
+ - Fix wait_for_stream_position to allow multiple waiters on
+ same stream ID. (#8196)
+ - Make MultiWriterIDGenerator work for streams that use
+ negative values. (#8203)
+ - Refactor queries for device keys and cross-signatures.
+ (#8204, #8205, #8222, #8224, #8225, #8231, #8233, #8234)
+ - Fix type hints for functions decorated with @cached. (#8240)
+ - Remove obsolete order field from federation send queues.
+ (#8245)
+ - Stop sub-classing from object. (#8249)
+ - Add more logging to debug slow startup. (#8264)
+ - Do not attempt to upgrade database schema on worker
+ processes. (#8266, #8276)
+
+-------------------------------------------------------------------
+Fri Sep 18 16:23:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to synapse 1.19.3
+ - Bugfixes
+ - Partially mitigate bug where newly joined servers couldn't
+ get past events in a room when there is a malformed event.
+ (#8350)
+
+-------------------------------------------------------------------
+Wed Sep 16 14:03:45 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to synapse 1.19.2
+ - Bugfixes
+ - Fix joining rooms over federation that include malformed
+ events. (#8324)
+
+-------------------------------------------------------------------
+Thu Aug 27 13:10:02 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to synapse to 1.19.1
+ - Bugfixes
+ - Fix a bug introduced in v1.19.0 where appservices with
+ ratelimiting disabled would still be ratelimited when joining
+ rooms. (#8139)
+ - Fix a bug introduced in v1.19.0 that would cause e.g. profile
+ updates to fail due to incorrect application of rate limits
+ on join requests. (#8153)
+
+-------------------------------------------------------------------
+Mon Aug 17 14:36:41 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to synapse 1.19.0
+ - Features
+ - Add option to allow server admins to join rooms which fail
+ complexity checks. Contributed by @lugino-emeritus. (#7902)
+ - Add an option to purge room or not with delete room admin
+ endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete).
+ Contributed by @dklimpel. (#7964)
+ - Add rate limiting to users joining rooms. (#8008)
+ - Add a /health endpoint to every configured HTTP listener that
+ can be used as a health check endpoint by load balancers.
+ (#8048)
+ - Allow login to be blocked based on the values of SAML
+ attributes. (#8052)
+ - Allow guest access to the GET
+ /_matrix/client/r0/rooms/{room_id}/members endpoint,
+ according to MSC2689. Contributed by Awesome Technologies
+ Innovationslabor GmbH. (#7314)
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.7.2 which caused
+ inaccurate membership counts in the room directory. (#7977)
+ - Fix a long standing bug: 'Duplicate key value violates unique
+ constraint "event_relations_id"' when message retention is
+ configured. (#7978)
+ - Fix "no create event in auth events" when trying to reject
+ invitation after inviter leaves. Bug introduced in Synapse
+ v1.10.0. (#7980)
+ - Fix various comments and minor discrepencies in server
+ notices code. (#7996)
+ - Fix a long standing bug where HTTP HEAD requests resulted in
+ a 400 error. (#7999)
+ - Fix a long-standing bug which caused two copies of some log
+ lines to be written when synctl was used along with a
+ MemoryHandler logger. (#8011, #8012)
+ - Updates to the Docker image
+ - We no longer publish Docker images with the -py3 tag suffix,
+ as announced in the upgrade notes. (#8056)
+ - Improved Documentation
+ - Document how to set up a client .well-known file and fix
+ several pieces of outdated documentation. (#7899)
+ - Improve workers docs. (#7990, #8000)
+ - Fix typo in docs/workers.md. (#7992)
+ - Add documentation for how to undo a room shutdown. (#7998,
+ #8010)
+ - Internal Changes
+ - Reduce the amount of whitespace in JSON stored and sent in
+ responses. Contributed by David Vo. (#7372)
+ - Switch to the JSON implementation from the standard library
+ and bump the minimum version of the canonicaljson library to
+ 1.2.0. (#7936, #7979)
+ - Convert various parts of the codebase to async/await. (#7947,
+ #7948, #7949, #7951, #7963, #7973, #7975, #7976, #7981,
+ #7987, #7989, #8003, #8014, #8016, #8027, #8031, #8032,
+ #8035, #8042, #8044, #8045, #8061, #8062, #8063, #8066,
+ #8069, #8070)
+ - Move some database-related log lines from the default logger
+ to the database/transaction loggers. (#7952)
+ - Add a script to detect source code files using non-unix line
+ terminators. (#7965, #7970)
+ - Log the SAML session ID during creation. (#7971)
+ - Implement new experimental push rules for some users. (#7997)
+ - Remove redundant and unreliable signature check for v1
+ Identity Service lookup responses. (#8001)
+ - Improve the performance of the register endpoint. (#8009)
+ - Reduce less useful output in the newsfragment CI step. Add a
+ link to the changelog section of the contributing guide on
+ error. (#8024)
+ - Rename storage layer objects to be more sensible. (#8033)
+ - Change the default log config to reduce disk I/O and storage
+ for new servers. (#8040)
+ - Add an assertion on prev_events in create_new_client_event.
+ (#8041)
+ - Add a comment to ServerContextFactory about the use of
+ SSLv23_METHOD. (#8043)
+ - Log OPTIONS requests at DEBUG rather than INFO level to
+ reduce amount logged at INFO. (#8049)
+ - Reduce amount of outbound request logging at INFO level.
+ (#8050)
+ - It is no longer necessary to explicitly define filters in the
+ logging configuration. (Continuing to do so is redundant but
+ harmless.) (#8051)
+ - Add and improve type hints. (#8058, #8064, #8060, #8067)
+
+-------------------------------------------------------------------
+Thu Jul 30 11:40:22 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to synapse 1.18.0.
+ * Features
+ + Include room states on invite events that are sent to application
+ services.
+ + Add delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete).
+ + Add experimental support for running multiple federation sender
+ processes.
+ + Add the option to validate the iss and aud claims for JWT logins.
+ + Add support for handling registration requests across multiple client
+ reader workers.
+ + Add an admin API to list the users in a room. Contributed by Awesome
+ Technologies Innovationslabor GmbH.
+ + Allow email subjects to be customised through Synapse's configuration.
+ + Add the ability to re-activate an account from the admin API.
+ + Add experimental support for running multiple pusher workers.
+ + Add experimental support for moving typing off master.
+ + Report CPU metrics to prometheus for time spent processing replication
+ commands.
+ + Support oEmbed for media previews.
+ + Abort federation requests where the client disconnects before the
+ ratelimiter expires.
+ + Cache responses to /_matrix/federation/v1/state_ids to reduce duplicated
+ work.
+ * Bugfixes
+ * Fix detection of out of sync remote device lists when receiving events
+ from remote users.
+ * Fix bug where Synapse fails to process an incoming event over federation
+ if the server is missing too much of the event's auth chain.
+ * Fix a bug causing Synapse to misinterpret the value off for
+ encryption_enabled_by_default_for_room_type in its configuration file(s)
+ if that value isn't surrounded by quotes. This bug was introduced in
+ v1.16.0.
+ * Fix bug where we did not always pass in app_name or server_name to email
+ templates, including e.g. for registration emails.
+ * Errors which occur while using the non-standard JWT login now return the
+ proper error: 403 Forbidden with an error code of M_FORBIDDEN.
+ * Fix "AttributeError: 'str' object has no attribute 'get'" error message
+ when applying per-room message retention policies. The bug was introduced
+ in Synapse 1.7.0.
+ * Fix a bug introduced in Synapse 1.10.0 which could cause a "no create
+ event in auth events" error during room creation.
+ * Fix a bug which allowed empty rooms to be rejoined over federation.
+ * Fix 'Unable to find a suitable guest user ID' error when using multiple
+ client_reader workers.
+ * Fix a long standing bug where the tracing of async functions with
+ opentracing was broken.
+ * Fix "TypeError in synapse.notifier" exceptions.
+ * Fix deprecation warning due to invalid escape sequences.
+
+
+-------------------------------------------------------------------
+Mon Jul 13 11:55:06 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- allow newer prometheus client (follow up to change in the code)
+
+-------------------------------------------------------------------
+Mon Jul 13 11:19:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.17.0
+ - Bugfixes
+ - Fix inconsistent handling of upper and lower case in email
+ addresses when used as identifiers for login, etc.
+ Contributed by @dklimpel. (#7021)
+ - Fix "Tried to close a non-active scope!" error messages when
+ opentracing is enabled. (#7732)
+ - Fix incorrect error message when database CTYPE was set
+ incorrectly. (#7760)
+ - Fix to not ignore set_tweak actions in Push Rules that have
+ no value, as permitted by the specification. (#7766)
+ - Fix synctl to handle empty config files correctly.
+ Contributed by @kotovalexarian. (#7779)
+ - Fixes a long standing bug in worker mode where worker
+ information was saved in the devices table instead of the
+ original IP address and user agent. (#7797)
+ - Fix 'stuck invites' which happen when we are unable to reject
+ a room invite received over federation. (#7804, #7809, #7810)
+ - Updates to the Docker image
+ - Include libwebp in the Docker file to properly handle webp
+ image uploads. (#7791)
+ - Improved Documentation
+ - Improve the documentation of the non-standard JSON web token
+ login type. (#7776)
+ - Update doc links for caddy. Contributed by Nicolai Søborg.
+ (#7789)
+ - Internal Changes
+ - Refactor getting replication updates from database. (#7740)
+ - Send push notifications with a high or low priority depending
+ upon whether they may generate user-observable effects.
+ (#7765)
+ - Use symbolic names for replication stream names. (#7768)
+ - Add early returns to _check_for_soft_fail. (#7769)
+ - Fix up synapse.handlers.federation to pass mypy. (#7770)
+ - Convert the appserver handler to async/await. (#7775)
+ - Allow to use higher versions of prometheus_client <0.9.0
+ which are expected to introduce no breaking changes.
+ Contributed by Oliver Kurz. (#7780)
+ - Update linting scripts and codebase to be compatible with
+ isort v5. (#7786)
+ - Stop populating unused table local_invites. (#7793)
+ - Ensure that strings (not bytes) are passed into JSON
+ serialization. (#7799)
+ - Switch from simplejson to the standard library json. (#7800)
+ - Add signing_key property to HomeServer to save code
+ duplication. (#7805)
+ - Improve stacktraces from exceptions in background processes.
+ (#7808)
+ - Fix various spelling errors in comments and log lines.
+ (#7811)
+
+-------------------------------------------------------------------
+Fri Jul 10 12:03:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.16.1
+ - Drop table local_rejections_stream which was incorrectly added
+ in Synapse 1.16.0. (#7816, b1beb3ff5)
+
+-------------------------------------------------------------------
+Wed Jul 8 10:28:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.16.0
+ - Features
+ - Add an option to enable encryption by default for new rooms.
+ (#7639)
+ - Add support for running multiple media repository workers.
+ See docs/workers.md for instructions. (#7706)
+ - Media can now be marked as safe from quarantined. (#7718)
+ - Expand the configuration options for auto-join rooms. (#7763)
+ - Bugfixes
+ - Remove user_id from the response to GET
+ /_matrix/client/r0/presence/{userId}/status to match the
+ specification. (#7606)
+ - In worker mode, ensure that replicated data has not already
+ been received. (#7648)
+ - Fix intermittent exception during startup, introduced in
+ Synapse 1.14.0. (#7663)
+ - Include a user-agent for federation and well-known requests.
+ (#7677)
+ - Accept the proper field (phone) for the m.id.phone identifier
+ type. The legacy field of number is still accepted as a
+ fallback. Bug introduced in v0.20.0. (#7687)
+ - Fix "Starting db txn 'get_completed_ui_auth_stages' from
+ sentinel context" warning. The bug was introduced in 1.13.0.
+ (#7688)
+ - Compare the URI and method during user interactive
+ authentication (instead of the URI twice). Bug introduced in
+ 1.13.0. (#7689)
+ - Fix a long standing bug where the response to the GET
+ room_keys/version endpoint had the incorrect type for the
+ etag field. (#7691)
+ - Fix logged error during device resync in opentracing. Broke
+ in v1.14.0. (#7698)
+ - Do not break push rule evaluation when receiving an event
+ with a non-string body. This is a long-standing bug. (#7701)
+ - Fixs a long standing bug which resulted in an exception:
+ "TypeError: argument of type 'ObservableDeferred' is not
+ iterable". (#7708)
+ - The synapse_port_db script no longer fails when the
+ ui_auth_sessions table is non-empty. This bug has existed
+ since v1.13.0. (#7711)
+ - Synapse will now fetch media from the proper specified URL
+ (using the r0 prefix instead of the unspecified v1). (#7714)
+ - Fix the tables ignored by synapse_port_db to be in sync the
+ current database schema. (#7717)
+ - Fix missing Content-Length on HTTP responses from the metrics
+ handler. (#7730)
+ - Fix large state resolutions from stalling Synapse for seconds
+ at a time. (#7735, #7746)
+ - Improved Documentation
+ - Spelling correction in sample_config.yaml. (#7652)
+ - Added instructions for how to use Keycloak via OpenID Connect
+ to authenticate with Synapse. (#7659)
+ - Corrected misspelling of PostgreSQL. (#7724)
+ - Deprecations and Removals
+ - Deprecate m.login.jwt login method in favour of
+ org.matrix.login.jwt, as m.login.jwt is not part of the
+ Matrix spec. (#7675)
+ - Internal Changes
+ - Refactor getting replication updates from database. (#7636)
+ - Clean-up the login fallback code. (#7657)
+ - Increase the default SAML session expiry time to 15 minutes.
+ (#7664)
+ - Convert the device message and pagination handlers to
+ async/await. (#7678)
+ - Convert typing handler to async/await. (#7679)
+ - Require parameterized package version to be at least 0.7.0.
+ (#7680)
+ - Refactor handling of listeners configuration settings.
+ (#7681)
+ - Replace uses of six.iterkeys/iteritems/itervalues with
+ keys()/items()/values(). (#7692)
+ - Add support for using rust-python-jaeger-reporter library to
+ reduce jaeger tracing overhead. (#7697)
+ - Make Tox actions work on Debian 10. (#7703)
+ - Replace all remaining uses of six with native Python 3
+ equivalents. Contributed by @ilmari. (#7704)
+ - Fix broken link in sample config. (#7712)
+ - Speed up state res v2 across large state differences. (#7725)
+ - Convert directory handler to async/await. (#7727)
+ - Move flake8 to the end of scripts-dev/lint.sh as it takes the
+ longest and could cause the script to exit early. (#7738)
+ - Explain the "test" conditional requirement for dependencies
+ is not all of the modules necessary to run the unit tests.
+ (#7751)
+ - Add some metrics for inbound and outbound federation
+ latencies: synapse_federation_server_pdu_process_time and
+ synapse_event_processing_lag_by_event. (#7755)(#7771)
+
+-------------------------------------------------------------------
+Thu Jul 2 15:34:54 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.15.2
+ - Security
+ - A malicious homeserver could force Synapse to reset the state
+ in a room to a small subset of the correct state. This
+ affects all Synapse deployments which federate with untrusted
+ servers. (96e9afe6)
+ - HTML pages served via Synapse were vulnerable to clickjacking
+ attacks. This predominantly affects homeservers with
+ single-sign-on enabled, but all server administrators are
+ encouraged to upgrade. (ea26e9a9)
+
+-------------------------------------------------------------------
+Tue Jun 16 18:36:01 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.15.1
+ - Fix a bug introduced in v1.15.0 that would crash Synapse on
+ start when using certain password auth providers. (#7684)
+ - Fix a bug introduced in v1.15.0 which meant that some 3PID
+ management endpoints were not accessible on the correct URL.
+
+-------------------------------------------------------------------
+Thu Jun 11 14:28:57 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.15.0
+ - Features
+ - Advertise support for Client-Server API r0.6.0 and remove
+ related unstable feature flags. (#6585)
+ - Add an option to disable autojoining rooms for guest
+ accounts. (#6637)
+ - For SAML authentication, add the ability to pass email
+ addresses to be added to new users' accounts via SAML
+ attributes. Contributed by Christopher Cooper. (#7385)
+ - Add admin APIs to allow server admins to manage users'
+ devices. Contributed by @dklimpel. (#7481)
+ - Add support for generating thumbnails for WebP images.
+ Previously, users would see an empty box instead of preview
+ image. Contributed by @WGH-. (#7586)
+ - Support the standardized m.login.sso user-interactive
+ authentication flow. (#7630)
+ - Bugfixes
+ - Allow new users to be registered via the admin API even if
+ the monthly active user limit has been reached. Contributed
+ by @dklimpel. (#7263)
+ - Fix email notifications not being enabled for new users when
+ created via the Admin API. (#7267)
+ - Fix str placeholders in an instance of
+ PrepareDatabaseException. Introduced in Synapse v1.8.0.
+ (#7575)
+ - Fix a bug in automatic user creation during first time login
+ with m.login.jwt. Regression in v1.6.0. Contributed by @olof.
+ (#7585)
+ - Fix a bug causing the cross-signing keys to be ignored when
+ resyncing a device list. (#7594)
+ - Fix metrics failing when there is a large number of active
+ background processes. (#7597)
+ - Fix bug where returning rooms for a group would fail if it
+ included a room that the server was not in. (#7599)
+ - Fix duplicate key violation when persisting read markers.
+ (#7607)
+ - Prevent an entire iteration of the device list resync loop
+ from failing if one server responds with a malformed result.
+ (#7609)
+ - Fix exceptions when fetching events from a remote host fails.
+ (#7622)
+ - Make synctl restart start synapse if it wasn't running.
+ (#7624)
+ - Pass device information through to the login endpoint when
+ using the login fallback. (#7629)
+ - Advertise the m.login.token login flow when OpenID Connect is
+ enabled. (#7631)
+ - Fix bug in account data replication stream. (#7656)
+ - Improved Documentation
+ - Update the OpenBSD installation instructions. (#7587)
+ - Advertise Python 3.8 support in setup.py. (#7602)
+ - Add a link to #synapse:matrix.org in the troubleshooting
+ section of the README. (#7603)
+ - Clarifications to the admin api documentation. (#7647)
+ - Internal Changes
+ - Convert the identity handler to async/await. (#7561)
+ - Improve query performance for fetching state from a
+ PostgreSQL database. Contributed by @ilmari. (#7567)
+ - Speed up processing of federation stream RDATA rows. (#7584)
+ - Add comment to systemd example to show postgresql dependency.
+ (#7591)
+ - Refactor Ratelimiter to limit the amount of expensive config
+ value accesses. (#7595)
+ - Convert groups handlers to async/await. (#7600)
+ - Clean up exception handling in SAML2ResponseResource. (#7614)
+ - Check that all asynchronous tasks succeed and general cleanup
+ of MonthlyActiveUsersTestCase and TestMauLimit. (#7619)
+ - Convert get_user_id_by_threepid to async/await. (#7620)
+ - Switch to upstream dh-virtualenv rather than our fork for
+ Debian package builds. (#7621)
+ - Update CI scripts to check the number in the newsfile
+ fragment. (#7623)
+ - Check if the localpart of a Matrix ID is reserved for guest
+ users earlier in the registration flow, as well as when
+ responding to requests to /register/available. (#7625)
+ - Minor cleanups to OpenID Connect integration. (#7628)
+ - Attempt to fix flaky test:
+ PhoneHomeStatsTestCase.test_performance_100. (#7634)
+ - Fix typos of m.olm.curve25519-aes-sha2 and
+ m.megolm.v1.aes-sha2 in comments, test files. (#7637)
+ - Convert user directory, state deltas, and stats handlers to
+ async/await. (#7640)
+ - Remove some unused constants. (#7644)
+ - Fix type information on assert_*_is_admin methods. (#7645)
+ - Convert registration handler to async/await. (#7649)
+
+-------------------------------------------------------------------
+Thu Jun 4 20:54:32 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- make sure we do not pull too new prometheus bindings
+
+-------------------------------------------------------------------
+Thu May 28 11:05:04 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.14.0
+ - Features
+ - Synapse's cache factor can now be configured in
+ homeserver.yaml by the caches.global_factor setting.
+ Additionally, caches.per_cache_factors controls the cache
+ factors for individual caches. (#6391)
+ - Add OpenID Connect login/registration support. Contributed by
+ Quentin Gliech, on behalf of les Connecteurs. (#7256, #7457)
+ - Add room details admin endpoint. Contributed by Awesome
+ Technologies Innovationslabor GmbH. (#7317)
+ - Allow for using more than one spam checker module at once.
+ (#7435)
+ - Add additional authentication checks for m.room.power_levels
+ event per MSC2209. (#7502)
+ - Implement room version 6 per MSC2240. (#7506)
+ - Add highly experimental option to move event persistence off
+ master. (#7281, #7374, #7436, #7440, #7475, #7490, #7491,
+ #7492, #7493, #7495, #7515, #7516, #7517, #7542)
+ - Bugfixes
+ - Fix cache config to not apply cache factor to event cache.
+ Regression in v1.14.0rc1. (#7578)
+ - Fix bug where ReplicationStreamer was not always started when
+ replication was enabled. Bug introduced in v1.14.0rc1.
+ (#7579)
+ - Fix specifying individual cache factors for caches with
+ special characters in their name. Regression in v1.14.0rc1.
+ (#7580)
+ - Fix a bug where event updates might not be sent over
+ replication to worker processes after the stream falls
+ behind. (#7384)
+ - Allow expired user accounts to log out their device sessions.
+ (#7443)
+ - Fix a bug that would cause Synapse not to resync out-of-sync
+ device lists. (#7453)
+ - Prevent rooms with 0 members or with invalid version strings
+ from breaking group queries. (#7465)
+ - Workaround for an upstream Twisted bug that caused Synapse to
+ become unresponsive after startup. (#7473)
+ - Fix Redis reconnection logic that can result in missed
+ updates over replication if master reconnects to Redis
+ without restarting. (#7482)
+ - When sending m.room.member events, omit displayname and
+ avatar_url if they aren't set instead of setting them to
+ null. Contributed by Aaron Raimist. (#7497)
+ - Fix incorrect method label on
+ synapse_http_matrixfederationclient_{requests,responses}
+ prometheus metrics. (#7503)
+ - Ignore incoming presence events from other homeservers if
+ presence is disabled locally. (#7508)
+ - Fix a long-standing bug that broke the update remote profile
+ background process. (#7511)
+ - Hash passwords as early as possible during password reset.
+ (#7538)
+ - Fix bug where a local user leaving a room could fail under
+ rare circumstances. (#7548)
+ - Fix "Missing RelayState parameter" error when using user
+ interactive authentication with SAML for some SAML providers.
+ (#7552)
+ - Fix exception 'GenericWorkerReplicationHandler' object has no
+ attribute 'send_federation_ack', introduced in v1.13.0.
+ (#7564)
+ - synctl now warns if it was unable to stop Synapse and will
+ not attempt to start Synapse if nothing was stopped.
+ Contributed by Romain Bouyé. (#6590)
+ - Documentation
+ - Fix the OIDC client_auth_method value in the sample config.
+ (#7581)
+ - Update information about mapping providers for SAML and
+ OpenID. (#7458)
+ - Add additional reverse proxy example for Caddy v2.
+ Contributed by Jeff Peeler. (#7463)
+ - Fix copy-paste error in ServerNoticesConfig docstring.
+ Contributed by @ptman. (#7477)
+ - Improve the formatting of reverse_proxy.md. (#7514)
+ - Change the systemd worker service to check that the worker
+ config file exists instead of silently failing. Contributed
+ by David Vo. (#7528)
+ - Minor clarifications to the TURN docs. (#7533)
+ - Internal changes
+ - Add typing annotations in synapse.federation. (#7382)
+ - Convert the room handler to async/await. (#7396)
+ - Improve performance of get_e2e_cross_signing_key. (#7428)
+ - Improve performance of mark_as_sent_devices_by_remote.
+ (#7429, #7562)
+ - Add type hints to the SAML handler. (#7445)
+ - Remove storage method get_hosts_in_room that is no longer
+ called anywhere. (#7448)
+ - Fix some typos in the notice_expiry templates. (#7449)
+ - Convert the federation handler to async/await. (#7459)
+ - Convert the search handler to async/await. (#7460)
+ - Add type hints to synapse.event_auth. (#7505)
+ - Convert the room member handler to async/await. (#7507)
+ - Add type hints to room member handler. (#7513)
+ - Fix typing annotations in tests.replication. (#7518)
+ - Remove some redundant Python 2 support code. (#7519)
+ - All endpoints now respond with a 200 OK for OPTIONS requests.
+ (#7534, #7560)
+ - Synapse now exports detailed allocator statistics and basic
+ GC timings as Prometheus metrics (pypy_gc_time_seconds_total
+ and pypy_memory_bytes) when run under PyPy. Contributed by
+ Ivan Shapovalov. (#7536)
+ - Remove Ubuntu Cosmic and Disco from the list of distributions
+ which we provide .debs for, due to end-of-life. (#7539)
+ - Make worker processes return a stubbed-out response to GET
+ /presence requests. (#7545)
+ - Optimise some references to hs.config. (#7546)
+ - On upgrade room only send canonical alias once. (#7547)
+ - Fix some indentation inconsistencies in the sample config.
+ (#7550)
+ - Include synapse.http.site in type checking. (#7553)
+ - Fix some test code to not mangle stacktraces, to make it
+ easier to debug errors. (#7554)
+ - Refresh apt cache when building dh_virtualenv docker image.
+ (#7555)
+ - Stop logging some expected HTTP request errors as exceptions.
+ (#7556, #7563)
+ - Convert sending mail to async/await. (#7557)
+ - Simplify reap_monthly_active_users. (#7558)
+
+-------------------------------------------------------------------
+Tue May 19 14:54:57 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.13.0
+ This release brings some potential changes necessary for certain
+ configurations of Synapse:
+
+ - If your Synapse is configured to use SSO and have a custom
+ sso_redirect_confirm_template_dir configuration option set, you
+ will need to duplicate the new sso_auth_confirm.html,
+ sso_auth_success.html and sso_account_deactivated.html
+ templates into that directory.
+ - Synapse plugins using the complete_sso_login method of
+ synapse.module_api.ModuleApi should instead switch to the
+ async/await version, complete_sso_login_async, which includes
+ additional checks. The former version is now deprecated.
+ - A bug was introduced in Synapse 1.4.0 which could cause the
+ room directory to be incomplete or empty if Synapse was
+ upgraded directly from v1.2.1 or earlier, to versions between
+ v1.4.0 and v1.12.x.
+
+ Please review UPGRADE.rst for more details on these changes and
+ for general upgrade guidance.
+
+ For the complete list of changes please refer to
+ https://github.com/matrix-org/synapse/releases/tag/v1.13.0
+
+-------------------------------------------------------------------
+Thu Apr 23 15:51:48 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.12.4
+ - Features:
+ - Always send users their own device updates. (#7160)
+ - Add support for handling GET requests for account_data on a
+ worker. (#7311)
+ - Bugfixes:
+ - Fix a bug that prevented cross-signing with users on
+ worker-mode synapses. (#7255)
+ - Do not treat display names as globs in push rules. (#7271)
+ - Fix a bug with cross-signing devices belonging to remote
+ users who did not share a room with any user on the local
+ homeserver. (#7289)
+
+-------------------------------------------------------------------
+Fri Apr 3 12:21:52 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.12.3
+ - Remove the pin to Pillow 7.0 which was introduced in Synapse
+ 1.12.2, and correctly fix the issue with building the Debian
+ packages. (#7212)
+
+-------------------------------------------------------------------
+Thu Apr 2 18:27:05 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.12.2
+ - This release fixes an issue with building the debian packages.
+
+-------------------------------------------------------------------
+Thu Apr 2 16:28:51 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.12.1
+ - Fix starting workers when federation sending not split out.
+ (#7133). Introduced in v1.12.0.
+ - Avoid importing sqlite3 when using the postgres backend.
+ Contributed by David Vo. (#7155). Introduced in v1.12.0rc1.
+ - Fix a bug which could cause outbound federation traffic to stop
+ working if a client uploaded an incorrect e2e device signature.
+ (#7177). Introduced in v1.11.0.
+
+-------------------------------------------------------------------
+Tue Mar 24 15:31:47 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- use %requires_eq for runtime dependencies to make sure we always
+ use the versions we built with. we ran into cases where the
+ distro package was new enough according to the setup dependencies
+ but those were not up2date with the actual code.
+
+-------------------------------------------------------------------
+Mon Mar 23 14:36:36 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.12.0
+ Synapse may be vulnerable to request-smuggling attacks when it is
+ used with a reverse-proxy. The vulnerabilties are fixed in
+ Twisted 20.3.0, and are described in
+ [CVE-2020-10108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108)
+ and
+ [CVE-2020-10109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109).
+ For a good introduction to this class of request-smuggling
+ attacks, see
+ https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn.
+
+ We are not aware of these vulnerabilities being exploited in the
+ wild, and do not believe that they are exploitable with current
+ versions of any reverse proxies. Nevertheless, we recommend that
+ all Synapse administrators ensure that they have the latest
+ versions of the Twisted library to ensure that their installation
+ remains secure.
+
+ - Features
+ - Changes related to room alias management
+ ([MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432)):
+ - Publishing/removing a room from the room directory now
+ requires the user to have a power level capable of
+ modifying the canonical alias, instead of the room aliases.
+ ([\#6965](https://github.com/matrix-org/synapse/issues/6965))
+ - Validate the `alt_aliases` property of canonical alias
+ events.
+ ([\#6971](https://github.com/matrix-org/synapse/issues/6971))
+ - Users with a power level sufficient to modify the canonical
+ alias of a room can now delete room aliases.
+ ([\#6986](https://github.com/matrix-org/synapse/issues/6986))
+ - Implement updated authorization rules and redaction rules
+ for aliases events, from
+ [MSC2261](https://github.com/matrix-org/matrix-doc/pull/2261)
+ and
+ [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432).
+ ([\#7037](https://github.com/matrix-org/synapse/issues/7037))
+ - Stop sending m.room.aliases events during room creation and
+ upgrade.
+ ([\#6941](https://github.com/matrix-org/synapse/issues/6941))
+ - Synapse no longer uses room alias events to calculate room
+ names for push notifications.
+ ([\#6966](https://github.com/matrix-org/synapse/issues/6966))
+ - The room list endpoint no longer returns a list of aliases.
+ ([\#6970](https://github.com/matrix-org/synapse/issues/6970))
+ - Remove special handling of aliases events from
+ [MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260)
+ added in v1.10.0rc1.
+ ([\#7034](https://github.com/matrix-org/synapse/issues/7034))
+ - Expose the `synctl`, `hash_password` and `generate_config`
+ commands in the snapcraft package. Contributed by @devec0.
+ ([\#6315](https://github.com/matrix-org/synapse/issues/6315))
+ - Check that server_name is correctly set before running
+ database updates.
+ ([\#6982](https://github.com/matrix-org/synapse/issues/6982))
+ - Break down monthly active users by `appservice_id` and emit
+ via Prometheus.
+ ([\#7030](https://github.com/matrix-org/synapse/issues/7030))
+ - Render a configurable and comprehensible error page if
+ something goes wrong during the SAML2 authentication process.
+ ([\#7058](https://github.com/matrix-org/synapse/issues/7058),
+ [\#7067](https://github.com/matrix-org/synapse/issues/7067))
+ - Add an optional parameter to control whether other sessions
+ are logged out when a user's password is modified.
+ ([\#7085](https://github.com/matrix-org/synapse/issues/7085))
+ - Add prometheus metrics for the number of active pushers.
+ ([\#7103](https://github.com/matrix-org/synapse/issues/7103),
+ [\#7106](https://github.com/matrix-org/synapse/issues/7106))
+ - Improve performance when making HTTPS requests to sygnal,
+ sydent, etc, by sharing the SSL context object between
+ connections.
+ ([\#7094](https://github.com/matrix-org/synapse/issues/7094))
+ - Bugfixes
+ - When a user's profile is updated via the admin API, also
+ generate a displayname/avatar update for that user in each
+ room.
+ ([\#6572](https://github.com/matrix-org/synapse/issues/6572))
+ - Fix a couple of bugs in email configuration handling.
+ ([\#6962](https://github.com/matrix-org/synapse/issues/6962))
+ - Fix an issue affecting worker-based deployments where
+ replication would stop working, necessitating a full restart,
+ after joining a large room.
+ ([\#6967](https://github.com/matrix-org/synapse/issues/6967))
+ - Fix `duplicate key` error which was logged when rejoining a
+ room over federation.
+ ([\#6968](https://github.com/matrix-org/synapse/issues/6968))
+ - Prevent user from setting 'deactivated' to anything other
+ than a bool on the v2 PUT /users Admin API.
+ ([\#6990](https://github.com/matrix-org/synapse/issues/6990))
+ - Fix py35-old CI by using native tox package.
+ ([\#7018](https://github.com/matrix-org/synapse/issues/7018))
+ - Fix a bug causing `org.matrix.dummy_event` to be included in
+ responses from `/sync`.
+ ([\#7035](https://github.com/matrix-org/synapse/issues/7035))
+ - Fix a bug that renders UTF-8 text files incorrectly when
+ loaded from media. Contributed by @TheStranjer.
+ ([\#7044](https://github.com/matrix-org/synapse/issues/7044))
+ - Fix a bug that would cause Synapse to respond with an error
+ about event visibility if a client tried to request the state
+ of a room at a given token.
+ ([\#7066](https://github.com/matrix-org/synapse/issues/7066))
+ - Repair a data-corruption issue which was introduced in
+ Synapse 1.10, and fixed in Synapse 1.11, and which could
+ cause `/sync` to return with 404 errors about missing events
+ and unknown rooms.
+ ([\#7070](https://github.com/matrix-org/synapse/issues/7070))
+ - Fix a bug causing account validity renewal emails to be sent
+ even if the feature is turned off in some cases.
+ ([\#7074](https://github.com/matrix-org/synapse/issues/7074))
+ - Improved Documentation
+ - Updated CentOS8 install instructions. Contributed by Richard
+ Kellner.
+ ([\#6925](https://github.com/matrix-org/synapse/issues/6925))
+ - Fix `POSTGRES_INITDB_ARGS` in the
+ `contrib/docker/docker-compose.yml` example docker-compose
+ configuration.
+ ([\#6984](https://github.com/matrix-org/synapse/issues/6984))
+ - Change date in [INSTALL.md](./INSTALL.md#tls-certificates)
+ for last date of getting TLS certificates to November 2019.
+ ([\#7015](https://github.com/matrix-org/synapse/issues/7015))
+ - Document that the fallback auth endpoints must be routed to
+ the same worker node as the register endpoints.
+ ([\#7048](https://github.com/matrix-org/synapse/issues/7048))
+ - Deprecations and Removals
+ - Remove the unused query_auth federation endpoint per
+ [MSC2451](https://github.com/matrix-org/matrix-doc/pull/2451).
+ ([\#7026](https://github.com/matrix-org/synapse/issues/7026))
+ - Internal Changes
+ - Add type hints to `logging/context.py`.
+ ([\#6309](https://github.com/matrix-org/synapse/issues/6309))
+ - Add some clarifications to `README.md` in the database schema
+ directory.
+ ([\#6615](https://github.com/matrix-org/synapse/issues/6615))
+ - Refactoring work in preparation for changing the event
+ redaction algorithm.
+ ([\#6874](https://github.com/matrix-org/synapse/issues/6874),
+ [\#6875](https://github.com/matrix-org/synapse/issues/6875),
+ [\#6983](https://github.com/matrix-org/synapse/issues/6983),
+ [\#7003](https://github.com/matrix-org/synapse/issues/7003))
+ - Improve performance of v2 state resolution for large rooms.
+ ([\#6952](https://github.com/matrix-org/synapse/issues/6952),
+ [\#7095](https://github.com/matrix-org/synapse/issues/7095))
+ - Reduce time spent doing GC, by freezing objects on startup.
+ ([\#6953](https://github.com/matrix-org/synapse/issues/6953))
+ - Minor perfermance fixes to `get_auth_chain_ids`.
+ ([\#6954](https://github.com/matrix-org/synapse/issues/6954))
+ - Don't record remote cross-signing keys in the `devices`
+ table.
+ ([\#6956](https://github.com/matrix-org/synapse/issues/6956))
+ - Use flake8-comprehensions to enforce good hygiene of
+ list/set/dict comprehensions.
+ ([\#6957](https://github.com/matrix-org/synapse/issues/6957))
+ - Merge worker apps together.
+ ([\#6964](https://github.com/matrix-org/synapse/issues/6964),
+ [\#7002](https://github.com/matrix-org/synapse/issues/7002),
+ [\#7055](https://github.com/matrix-org/synapse/issues/7055),
+ [\#7104](https://github.com/matrix-org/synapse/issues/7104))
+ - Remove redundant `store_room` call from
+ `FederationHandler._process_received_pdu`.
+ ([\#6979](https://github.com/matrix-org/synapse/issues/6979))
+ - Update warning for incorrect database collation/ctype to
+ include link to documentation.
+ ([\#6985](https://github.com/matrix-org/synapse/issues/6985))
+ - Add some type annotations to the database storage classes.
+ ([\#6987](https://github.com/matrix-org/synapse/issues/6987))
+ - Port `synapse.handlers.presence` to async/await.
+ ([\#6991](https://github.com/matrix-org/synapse/issues/6991),
+ [\#7019](https://github.com/matrix-org/synapse/issues/7019))
+ - Add some type annotations to the federation base & client
+ classes.
+ ([\#6995](https://github.com/matrix-org/synapse/issues/6995))
+ - Port `synapse.rest.keys` to async/await.
+ ([\#7020](https://github.com/matrix-org/synapse/issues/7020))
+ - Add a type check to `is_verified` when processing room keys.
+ ([\#7045](https://github.com/matrix-org/synapse/issues/7045))
+ - Add type annotations and comments to the auth handler.
+ ([\#7063](https://github.com/matrix-org/synapse/issues/7063))
+
+-------------------------------------------------------------------
+Tue Mar 3 21:43:02 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.11.1
+ This release includes a security fix impacting installations
+ using Single Sign-On (i.e. SAML2 or CAS) for authentication.
+ Administrators of such installations are encouraged to upgrade as
+ soon as possible.
+
+ - Bugfixes
+ - Add a confirmation step to the SSO login flow before
+ redirecting users to the redirect URL.
+ ([b2bd54a2](https://github.com/matrix-org/synapse/commit/b2bd54a2e31d9a248f73fadb184ae9b4cbdb49f9),
+ [65c73cdf](https://github.com/matrix-org/synapse/commit/65c73cdfec1876a9fec2fd2c3a74923cd146fe0b),
+ [a0178df1](https://github.com/matrix-org/synapse/commit/a0178df10422a76fd403b82d2b2a4ed28a9a9d1e))
+ - Fixed set a user as an admin with the admin API `PUT
+ /_synapse/admin/v2/users/<user_id>`. Contributed by
+ @dklimpel.
+ ([\#6910](https://github.com/matrix-org/synapse/issues/6910))
+ - Fix bug introduced in Synapse 1.11.0 which sometimes caused
+ errors when joining rooms over federation, with `'coroutine'
+ object has no attribute 'event_id'`.
+ ([\#6996](https://github.com/matrix-org/synapse/issues/6996))
+
+-------------------------------------------------------------------
+Fri Feb 21 15:12:49 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- track series file to make updating patches easier
+
+-------------------------------------------------------------------
+Fri Feb 21 12:58:18 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.11.0.
+
+ * Limit the number of events that can be requested by the backfill federation
+ API to 100.
+ * Reject device display names over 100 characters in length to prevent abuse.
+ * Implement new aliases endpoint as per MSC2432.
+ * Stop sending m.room.alias events wheng adding / removing aliases. Check
+ alt_aliases in the latest m.room.canonical_alias event when deleting an
+ alias.
+ * Change the default power levels of invites, tombstones and server ACLs for
+ new rooms.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Tue Feb 18 01:44:41 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.10.1.
+
+ * Fix a bug introduced in Synapse 1.10.0 which would cause room state to be
+ cleared in the database if Synapse was upgraded direct from 1.2.1 or
+ earlier to 1.10.0.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed Feb 12 16:01:46 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- bump requires on python3-signedjson to follow code change
+
+-------------------------------------------------------------------
+Wed Feb 12 13:51:08 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.10.0.
+
+ WARNING to client developers: As of this release Synapse validates
+ client_secret parameters in the Client-Server API as per the spec. See #6766
+ for details.
+
+ + Add experimental support for updated authorization rules for aliases
+ events, from MSC2260.
+ + Variety of E2EE improvements, most notably:
+ * Fix bug where querying a remote user's device keys that weren't cached
+ resulted in only returning a single device.
+ * Fix bug where Synapse didn't invalidate cache of remote users' devices
+ when Synapse left a room.
+ * Detect unknown remote devices and mark cache as stale.
+ * Attempt to resync remote users' devices when detected as stale.
+ * When a client asks for a remote user's device keys check if the local
+ cache for that user has been marked as potentially stale.
+ * Detect unexpected sender keys on remote encrypted events and resync
+ device lists.
+ * Fix an issue with cross-signing where device signatures were not sent to
+ remote servers.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Tue Jan 28 14:34:39 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- update to 1.9.1
+ Fix bug where setting mau_limit_reserved_threepids config would
+ cause Synapse to refuse to start. (#6793)
+
+-------------------------------------------------------------------
+Thu Jan 23 16:06:38 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
+
+- package cleanup
+ - make sure we have all libraries to actually install the package:
+ - buildrequires all runtime requirements
+ - (build)require python3-typing_extensions
+ - having it use the python package name is not really useful here.
+ - refreshed and renamed better-paths.patch to
+ matrix-synapse-1.4.1-paths.patch
+ - also fix existing synapse user
+ - group to synapse instead of nogroup
+ - home directory to /var/lib/matrix-synapse
+ - shell to /bin/false (which actually exists)
+ - improvements to the logging configuration:
+ - install copy of the current /etc/matrix-synapse/log.yaml as
+ /etc/matrix-synapse/log.systemd.yaml
+ - install /etc/matrix-synapse/log.file.yaml which logs to
+ /var/log/matrix-synapse/homeserver.log
+ - add the log directory /var/log/matrix-synapse/
+ - added README.SUSE
+ - better way to bootstrap a new config:
+ 1. ExecStartPre would have never worked anyway
+ 2. added %{_sbindir}/matrix-synapse-generate-config
+ Usage:
+ %{_sbindir}/matrix-synapse-generate-config servername
+ - fix group and shell for the synapse user
+ - added better-paths.patch
+ - put the pid file into /run/matrix-synapse/
+ - use a default logging config in /etc/matrix-synapse/log.yaml
+ to have systemd logging by default
+ - use full path in the service file
+ - actually use source 50 instead of the service file in the tarball
+ - make permissions tighter on the config files as it contains
+ passwords and other secrets:
+ root:synapse u=rwX,g=rX,o=
+
+-------------------------------------------------------------------
+Thu Jan 23 13:45:22 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.9.0.
+
+ WARNING: As of this release, Synapse no longer supports versions of SQLite
+ before 3.11, and will refuse to start when configured to use an older
+ version. Administrators are recommended to migrate their database to Postgres
+ (see instructions here).
+
+ WARNING: If your Synapse deployment uses workers, note that the reverse-proxy
+ configurations for the synapse.app.media_repository,
+ synapse.app.federation_reader and synapse.app.event_creator workers have
+ changed, with the addition of a few paths (see the updated configurations
+ here). Existing configurations will continue to work.
+
+ + Allow admin to create or modify a user.
+ + Add new quarantine media admin APIs to quarantine by media ID or by user
+ who uploaded the media.
+ + Add a new admin API to list and filter rooms on the server.
+ + Add org.matrix.e2e_cross_signing to unstable_features in /versions.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Fri Jan 10 13:41:50 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.8.0.
+
+ WARNING: As of this release Synapse will refuse to start if the log_file
+ config option is specified. Support for the option was removed in v1.3.0.
+
+ * Add v2 APIs for the send_join and send_leave federation endpoints (as
+ described in MSC1802).
+ * Add a develop script to generate full SQL schemas.
+ * Add custom SAML username mapping functinality through an external provider
+ plugin.
+ * Automatically delete empty groups/communities.
+ * Add option limit_profile_requests_to_users_who_share_rooms to prevent
+ requirement of a local user sharing a room with another user to query their
+ profile information.
+ * Add an export_signing_key script to extract the public part of signing keys
+ when rotating them.
+ * Add experimental config option to specify multiple databases.
+ * Raise an error if someone tries to use the log_file config option.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed Jan 1 03:26:40 UTC 2020 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.7.3.
+
+ * Fix exceptions caused by state resolution choking on malformed events.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Sat Dec 21 00:57:27 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Use packaged service file not the one in the repo (the one in the repo is
+ completely broken for openSUSE).
+
+-------------------------------------------------------------------
+Fri Dec 20 18:09:31 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.7.2.
+
+ * Fix a regression introduced in Synapse 1.7.1 which caused errors when
+ attempting to backfill rooms over federation.
+ * Fix a bug introduced in Synapse 1.7.0 which caused an error on startup when
+ upgrading from versions before 1.3.0.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed Dec 18 12:02:59 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.7.1.
+
+ This update fixes several major security issues. Users are very strongly
+ recommended to update as soon as possible.
+
+ * Fix a bug which could cause room events to be incorrectly authorized using
+ events from a different room.
+ * Fix a bug causing responses to the /context client endpoint to not use the
+ pruned version of the event.
+ * Fix a cause of state resets in room versions 2 onwards.
+ * Fix a bug which could cause the federation server to incorrectly return
+ errors when handling certain obscure event graphs.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Fri Dec 13 13:23:59 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.7.0.
+
+ * Implement per-room message retention policies.
+ * Add etag and count fields to key backup endpoints to help clients guess if
+ there are new keys.
+ * Configure privacy-preserving settings by default for the room directory.
+ * Add ephemeral messages support by partially implementing MSC2228.
+ * Add support for MSC 2367, which allows specifying a reason on all
+ membership events.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+ https://github.com/matrix-org/synapse/releases/tag/v1.7.0
+ Please make sure to read the Upgrade notes referenced in the
+ above.
+
+-------------------------------------------------------------------
+Thu Nov 28 17:41:02 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Drop matrix-synapse-ldap from enabled conditional requirements, because the
+ package is not longer available in openSUSE repos. If someone really wants
+ the feature they can help re-package it.
+
+-------------------------------------------------------------------
+Thu Nov 28 12:04:57 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.6.1.
+
+ * Clean up local threepids from user on account deactivation.
+ * Fix startup error when http proxy is defined.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Thu Nov 28 08:48:16 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.6.0.
+
+ + Add federation support for cross-signing.
+ + Increase default room version from 4 to 5, thereby enforcing server key
+ validity period checks.
+ + Add support for outbound http proxying via http_proxy/HTTPS_PROXY env vars.
+ + Implement label-based filtering on /sync and /messages (MSC2326).
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Mon Nov 18 11:16:03 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.5.1.
+
+ * Limit the length of data returned by url previews, to prevent DoS attacks.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed Oct 30 02:20:29 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.5.0.
+
+ + Improve quality of thumbnails for 1-bit/8-bit color palette images.
+ + Add ability to upload cross-signing signatures.
+ + Allow uploading of cross-signing keys.
+ + CAS login now provides a default display name for users if a
+ displayname_attribute is set in the configuration file.
+ + Reject all pending invites for a user during deactivation.
+ + Add config option to suppress client side resource limit alerting.
+
+ * Improve signature checking on some federation APIs.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Fri Oct 18 13:36:18 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.4.1.
+
+ * Fix bug where redacted events were sometimes incorrectly censored in the
+ database, breaking APIs that attempted to fetch such events.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Thu Oct 3 22:16:13 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Do not include ACME support by default (txacme is broken in openSUSE).
+- Update to 1.4.0. boo#1153017
+
+ * Significant improvements to data privacy.
+ * Expansion of OpenTracing support.
+ * Enable "forward extremities" mitigation by default.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Thu Jul 25 16:18:56 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.2.0.
+
+ * Add support for OpenTracing.
+ * Add default push rule to ignore reactions.
+ * Enable aggregations (reactions and edits) support by default.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+- Remove unneeded patches:
+ - 0001-requirements-prometheus_client.patch
+
+-------------------------------------------------------------------
+Fri Jul 5 15:29:57 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.1.0.
+
+ As of v1.1.0, Synapse no longer supports Python 2, nor Postgres version 9.4.
+ Thus, we no longer package a Python 2 version of this package. Some other key
+ changes include:
+
+ * Add monthly active users to phonehome stats.
+ * Allow server admins to define implementations of extra rules for allowing
+ or denying incoming events.
+ * Add --data-dir and --open-private-ports options.
+ * The minimum TLS version used for outgoing federation requests can now be
+ set with federation_client_minimum_tls_version.
+ * Optimise devices changed query to not pull unnecessary rows from the
+ database, reducing database load.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+- Rebase patches:
+ * 0001-requirements-prometheus_client.patch
+
+-------------------------------------------------------------------
+Fri Jun 28 08:16:05 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Obsolete the old split-Python packages, so that upgrading works smoothly.
+
+-------------------------------------------------------------------
+Tue Jun 25 10:48:03 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Un-Requires prometheus_client<0.4.0. The Requires made it impossible to use
+ matrix-synapse on openSUSE for very little good reason (prometheus metrics
+ will still work on post-0.4.0 prometheus_client, but with changed names).
+ Debian and many other distributions do the same here.
+ + 0001-requirements-prometheus_client.patch
+
+-------------------------------------------------------------------
+Wed Jun 12 02:26:48 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 1.0.0.
+
+ This is the first stable release of synapse. It includes a large number of
+ changes but the highlights are:
+
+ * Ability to configured default room version (with the default now being v4,
+ which has improved state resolution algorithms and event IDs).
+ * The complete removal of "perspectives" support, with all homeservers now
+ being required to use valid TLS certificates (there has been a transition
+ period for several months from the release of 0.99).
+ * Experimental support for "relations" (reactions and edits).
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Fri May 31 00:04:50 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 0.99.5.2.
+
+ Fix bug where we leaked extremities when we soft failed events, leading to
+ performance degradation.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Tue May 28 01:18:34 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Rework testing to use a separate specfile for testing matrix-synapse.
+
+-------------------------------------------------------------------
+Thu May 23 00:13:47 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 0.99.5.1.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed May 15 13:19:23 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 0.99.4.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed May 8 00:47:56 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 0.99.3.2.
+
+ This includes two security fixes:
+ * Switch to using a cryptographically-secure random number generator for
+ token strings, ensuring they cannot be predicted by an attacker.
+ * Blacklist 0.0.0.0 and :: by default for URL previews.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Sun Apr 14 18:35:48 UTC 2019 - Aleksa Sarai <asarai@suse.com>
+
+- Update to 0.99.3.
+
+ The primary changes to previous versions are that self-signed certificates
+ will no longer be generated, and instead LetsEncrypt certificates will be
+ requested instead. Users are strongly recommended to update to this version,
+ because pre-0.99 servers (using self-signed certificates and the perspectives
+ system) will no longer be able to federate with post-1.0 servers.
+
+ The full changelog is included in
+ /usr/share/doc/packages/matrix-synapse/CHANGES.md.
+
+-------------------------------------------------------------------
+Wed Feb 20 11:42:00 UTC 2019 - Oliver Kurz <okurz@suse.com>
+
+- Fix build on python3 based repos
+
+-------------------------------------------------------------------
+Sat Feb 2 15:32:06 UTC 2019 - fcrozat@suse.com
+
+- Fix systemd service to follow paths used by package and ensure
+ proper version version is used.
+- Add explicit requires on python-lxml, required when using
+ url preview.
+
+-------------------------------------------------------------------
+Mon Jan 14 07:44:26 UTC 2019 - ecsos@opensuse.org
+
+- For test purpose a matrix server will be start. But never been
+ stopped. Fix that server will be stoped after test.
+
+-------------------------------------------------------------------
+Sun Jan 13 18:22:20 UTC 2019 - Oliver Kurz <okurz@suse.com>
+
+- Update to 0.34.1.1
+ This release fixes CVE-2019-5885 and is recommended for all users of Synapse
+ 0.34.1. This release is compatible with Python 2.7 and 3.5+. Python 3.7 is
+ fully supported.
+ * Bugfixes
+ - Fix spontaneous logout on upgrade (#4374)
+ * Internal Changes
+ - Add better logging for unexpected errors while sending transactions
+ (#4361, #4362)
+ - Getting URL previews of IP addresses no longer fails on Python 3.
+ (#4215)
+ - drop undocumented dependency on dateutil (#4266)
+ - Update the example systemd config to use a virtualenv (#4273)
+ - Update link to kernel DCO guide (#4274)
+ - Make isort tox check print diff when it fails (#4283)
+ - Log room_id in Unknown room errors (#4297)
+ - Documentation improvements for coturn setup. Contributed by Krithin
+ Sitaram. (#4333)
+ - Update pull request template to use absolute links (#4341)
+ - Update README to not lie about required restart when updating TLS
+ certificates (#4343)
+ - Update debian packaging for compatibility with transitional package
+ (#4349)
+ - Fix command hint to generate a config file when trying to start without
+ a config file (#4353)
+ - Add better logging for unexpected errors while sending transactions
+ (#4358)
+ * Features
+ - Special-case a support user for use in verifying behaviour of a given
+ server. The support user does not appear in user directory or monthly
+ active user counts. (#4141, #4344)
+ - Support for serving .well-known files (#4262)
+ - Rework SAML2 authentication (#4265, #4267)
+ - SAML2 authentication: Initialise user display name from SAML2 data
+ (#4272)
+ - Synapse can now have its conditional/extra dependencies installed by
+ pip. This functionality can be used by using `pip install
+ matrix-synapse[feature]`, where feature is a comma separated list with
+ the possible values `email.enable_notifs`, `matrix-synapse-ldap3`,
+ `postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If
+ you want to install all optional dependencies, you can use "all"
+ instead. (#4298, #4325, #4327)
+ - Add routes for reading account data. (#4303)
+ - Add opt-in support for v2 rooms (#4307)
+ - Add a script to generate a clean config file (#4315)
+ - Return server data in /login response (#4319)
+ * Bugfixes
+ - Fix contains_url check to be consistent with other instances in
+ code-base and check that value is an instance of string. (#3405)
+ - Fix CAS login when username is not valid in an MXID (#4264)
+ - Send CORS headers for /media/config (#4279)
+ - Add 'sandbox' to CSP for media reprository (#4284)
+ - Make the new landing page prettier. (#4294)
+ - Fix deleting E2E room keys when using old SQLite versions. (#4295)
+ - The metric synapse_admin_mau:current previously did not update when
+ config.mau_stats_only was set to True (#4305)
+ - Fixed per-room account data filters (#4309)
+ - Fix indentation in default config (#4313)
+ - Fix synapse:latest docker upload (#4316)
+ - Fix test_metric.py compatibility with prometheus_client 0.5. Contributed
+ by Maarten de Vries <maarten@de-vri.es>. (#4317)
+ - Avoid packaging _trial_temp directory in -py3 debian packages (#4326)
+ - Check jinja version for consent resource (#4327)
+ - fix NPE in /messages by checking if all events were filtered out (#4330)
+ - Fix `python -m synapse.config` on Python 3. (#4356)
+ * Deprecations and Removals
+ - Remove the deprecated v1/register API on Python 2. It was never ported
+ to Python 3. (#4334)
+
+-------------------------------------------------------------------
+Sat Dec 29 10:11:21 UTC 2018 - Oliver Kurz <okurz@suse.com>
+
+- Switch to python3 by default on newer product versions as suggested by upstream
+
+-------------------------------------------------------------------
+Sun Dec 23 10:00:29 UTC 2018 - ecsos@opensuse.org
+
+- Update to 0.34.0
+ Synapse 0.34.0 is the first release to fully support Python 3.
+ Synapse will now run on Python versions 3.5 or 3.6
+ (as well as 2.7). Support for Python 3.7 remains experimental.
+
+ * Features
+ - Add 'sandbox' to CSP for media reprository (#4284)
+ - Make the new landing page prettier. (#4294)
+ - Fix deleting E2E room keys when using old SQLite versions. (#4295)
+ - Add a welcome page for the client API port. Credit to @krombel! (#4289)
+ - Remove Matrix console from the default distribution (#4290)
+ - Add option to track MAU stats (but not limit people) (#3830)
+ - Add an option to enable recording IPs for appservice users (#3831)
+ - Rename login type m.login.cas to m.login.sso (#4220)
+ - Add an option to disable search for homeservers that may not be interested in it. (#4230)
+ * Bugfixes
+ - Pushrules can now again be made with non-ASCII rule IDs. (#4165)
+ - The media repository now no longer fails to decode UTF-8 filenames when downloading remote media. (#4176)
+ - URL previews now correctly decode non-UTF-8 text if the header contains a <meta http-equiv="Content-Type" header. (#4183)
+ - Fix an issue where public consent URLs had two slashes. (#4192)
+ - Fallback auth now accepts the session parameter on Python 3. (#4197)
+ - Remove riot.im from the list of trusted Identity Servers in the default configuration (#4207)
+ - fix start up failure when mau_limit_reserved_threepids set and db is postgres (#4211)
+ - Fix auto join failures for servers that require user consent (#4223)
+ - Fix exception caused by non-ascii event IDs (#4241)
+ - Pushers can now be unsubscribed from on Python 3. (#4250)
+ - Fix UnicodeDecodeError when postgres is configured to give non-English errors (#4253)
+ * Internal Changes
+ - Debian packages utilising a virtualenv with bundled dependencies can now be built. (#4212)
+ - Disable pager when running git-show in CI (#4291)
+ - A coveragerc file has been added. (#4180)
+ - Add a GitHub pull request template and add multiple issue templates (#4182)
+ - Update README to reflect the fact that #1491 is fixed (#4188)
+ - Run the AS senders as background processes to fix warnings (#4189)
+ - Add some diagnostics to the tests to detect logcontext problems (#4190)
+ - Add missing jpeg package prerequisite for OpenBSD in README. (#4193)
+ - Add a note saying you need to manually reclaim disk space after using the Purge History API (#4200)
+ - More logcontext checking in unittests (#4205)
+ - Ignore __pycache__ directories in the database schema folder (#4214)
+ - Add note to UPGRADE.rst about removing riot.im from list of trusted identity servers (#4224)
+ - Added automated coverage reporting to CI. (#4225)
+ - Garbage-collect after each unit test to fix logcontext leaks (#4227)
+ - add more detail to logging regarding "More than one row matched" error (#4234)
+ - Drop sent_transactions table (#4244)
+ - Add a basic .editorconfig (#4257)
+ - Update README.rst and UPGRADE.rst for Python 3. (#4260)
+ - Remove obsolete verbose and log_file settings from homeserver.yaml for Docker image. (#4261)
+
+-------------------------------------------------------------------
+Wed Nov 21 18:47:13 UTC 2018 - ecsos@opensuse.org
+
+- Update to 0.33.9
+ * Features
+ - Include flags to optionally add m.login.terms to the registration flow when consent tracking is enabled. (#4004, #4133, #4142, #4184)
+ - Support for replacing rooms with new ones (#4091, #4099, #4100, #4101)
+ * Bugfixes
+ - Fix exceptions when using the email mailer on Python 3. (#4095)
+ - Fix e2e key backup with more than 9 backup versions (#4113)
+ - Searches that request profile info now no longer fail with a 500. (#4122)
+ - fix return code of empty key backups (#4123)
+ - If the typing stream ID goes backwards (as on a worker when the master restarts), the worker's typing handler will no longer
+ erroneously report rooms containing new typing events. (#4127)
+ - Fix table lock of device_lists_remote_cache which could freeze the application (#4132)
+ - Fix exception when using state res v2 algorithm (#4135)
+ - Generating the user consent URI no longer fails on Python 3. (#4140, #4163)
+ - Loading URL previews from the DB cache on Postgres will no longer cause Unicode type errors when responding to the request,
+ and URL - - previews will no longer fail if the remote server returns a Content-Type header with the chartype in quotes. (#4157)
+ - The hash_password script now works on Python 3. (#4161)
+ - Fix noop checks when updating device keys, reducing spurious device list update notifications. (#4164)
+ * Deprecations and Removals
+ - The disused and un-specced identicon generator has been removed. (#4106)
+ - The obsolete and non-functional /pull federation endpoint has been removed. (#4118)
+ - The deprecated v1 key exchange endpoints have been removed. (#4119)
+ - Synapse will no longer fetch keys using the fallback deprecated v1 key exchange method and will now always use v2. (#4120)
+ * Internal Changes
+ - Fix build of Docker image with docker-compose (#3778)
+ - Delete unreferenced state groups during history purge (#4006)
+ - The "Received rdata" log messages on workers is now logged at DEBUG, not INFO. (#4108)
+ - Reduce replication traffic for device lists (#4109)
+ - Fix synapse_replication_tcp_protocol_*_commands metric label to be full command name, rather than just the first character (#4110)
+ - Log some bits about room creation (#4121)
+ - Fix tox failure on old systems (#4124)
+ - Add STATE_V2_TEST room version (#4128)
+ - Clean up event accesses and tests (#4137)
+ - The default logging config will now set an explicit log file encoding of UTF-8. (#4138)
+ - Add helpers functions for getting prev and auth events of an event (#4139)
+ - Add some tests for the HTTP pusher. (#4149)
+ - add purge_history.sh and purge_remote_media.sh scripts to contrib/ (#4155)
+ - HTTP tests have been refactored to contain less boilerplate. (#4156)
+ - Drop incoming events from federation for unknown rooms (#4165)
+
+-------------------------------------------------------------------
+Thu Nov 1 22:28:54 UTC 2018 - ecsos@opensuse.org
+
+- Update to 0.33.8
+ * Features
+ - Servers with auto-join rooms will now automatically create those rooms when the first user registers (#3975)
+ - Add config option to control alias creation (#4051)
+ - The register_new_matrix_user script is now ported to Python 3. (#4085)
+ - Configure Docker image to listen on both ipv4 and ipv6. (#4089)
+ * Bugfixes
+ - Fix HTTP error response codes for federated group requests. (#3969)
+ - Fix issue where Python 3 users couldn't paginate /publicRooms (#4046)
+ - Fix URL previewing to work in Python 3.7 (#4050)
+ - synctl will use the right python executable to run worker processes (#4057)
+ - Manhole now works again on Python 3, instead of failing with a "couldn't match all kex parts" when connecting. (#4060, #4067)
+ - Fix some metrics being racy and causing exceptions when polled by Prometheus. (#4061)
+ - Fix bug which prevented email notifications from being sent unless an absolute path was given for email_templates. (#4068)
+ - Correctly account for cpu usage by background threads (#4074)
+ - Fix race condition where config defined reserved users were not being added to
+ - the monthly active user list prior to the homeserver reactor firing up (#4081)
+ - Fix bug which prevented backslashes being used in event field filters (#4083)
+ * Internal Changes
+ - Add information about the matrix-docker-ansible-deploy playbook (#3698)
+ - Add initial implementation of new state resolution algorithm (#3786)
+ - Reduce database load when fetching state groups (#4011)
+ - Various cleanups in the federation client code (#4031)
+ - Run the CircleCI builds in docker containers (#4041)
+ - Only colourise synctl output when attached to tty (#4049)
+ - Refactor room alias creation code (#4063)
+ - Make the Python scripts in the top-level scripts folders meet pep8 and pass flake8. (#4068)
+ - The README now contains example for the Caddy web server. Contributed by steamp0rt. (#4072)
+ - Add psutil as an explicit dependency (#4073)
+ - Clean up threading and logcontexts in pushers (#4075)
+ - Correctly manage logcontexts during startup to fix some "Unexpected logging context" warnings (#4076)
+ - Give some more things logcontexts (#4077)
+ - Clean up some bits of code which were flagged by the linter (#4082)
+
+-------------------------------------------------------------------
+Thu Oct 18 20:32:10 UTC 2018 - ecsos@opensuse.org
+
+- Update to 0.33.7
+ * Features
+ - Ship the example email templates as part of the package (#4052)
+ - Add support for end-to-end key backup (MSC1687) (#4019)
+ * Bugfixes
+ - Fix bug which made get_missing_events return too few events (#4045)
+ - Fix bug in event persistence logic which caused 'NoneType is not iterable' (#3995)
+ - Fix exception in background metrics collection (#3996)
+ - Fix exception handling in fetching remote profiles (#3997)
+ - Fix handling of rejected threepid invites (#3999)
+ - Workers now start on Python 3. (#4027)
+ - Synapse now starts on Python 3.7. (#4033)
+ * Internal Changes
+ - Log exceptions in looping calls (#4008)
+ - Optimisation for serving federation requests (#4017)
+ - Add metric to count number of non-empty sync responses (#4022)
+
+-------------------------------------------------------------------
+Sat Oct 6 08:42:56 UTC 2018 - ecsos@opensuse.org
+
+- Update to 0.33.6
+ * Features
+ - Adding the ability to change MAX_UPLOAD_SIZE for the docker container variables. (#3883)
+ - Report "python_version" in the phone home stats (#3894)
+ - Always LL ourselves if we're in a room (#3916)
+ - Include eventid in log lines when processing incoming federation transactions (#3959)
+ - Remove spurious check which made 'localhost' servers not work (#3964)
+ * Bugfixes
+ - Fix problem when playing media from Chrome using direct URL (thanks @remjey!) (#3578)
+ - support registering regular users non-interactively with register_new_matrix_user script (#3836)
+ - Fix broken invite email links for self hosted riots (#3868)
+ - Don't ratelimit autojoins (#3879)
+ - Fix 500 error when deleting unknown room alias (#3889)
+ - Fix some b'abcd' noise in logs and metrics (#3892, #3895)
+ - When we join a room, always try the server we used for the alias lookup first, to avoid unresponsive and out-of-date servers. (#3899)
+ - Fix incorrect server-name indication for outgoing federation requests (#3907)
+ - Fix adding client IPs to the database failing on Python 3. (#3908)
+ - Fix bug where things occaisonally were not being timed out correctly. (#3910)
+ - Fix bug where outbound federation would stop talking to some servers when using workers (#3914)
+ - Fix some instances of ExpiringCache not expiring cache items (#3932, #3980)
+ - Fix out-of-bounds error when LLing yourself (#3936)
+ - Sending server notices regarding user consent now works on Python 3. (#3938)
+ - Fix exceptions from metrics handler (#3956)
+ - Fix error message for events with m.room.create missing from auth_events (#3960)
+ - Fix errors due to concurrent monthly_active_user upserts (#3961)
+ - Fix exceptions when processing incoming events over federation (#3968)
+ - Replaced all occurences of e.message with str(e). Contributed by Schnuffle (#3970)
+ - Fix lazy loaded sync in the presence of rejected state events (#3986)
+ - Fix error when logging incomplete HTTP requests (#3990)
+ * Internal Changes
+ - Unit tests can now be run under PostgreSQL in Docker using test_postgresql.sh. (#3699)
+ - Speed up calculation of typing updates for replication (#3794)
+ - Remove documentation regarding installation on Cygwin, the use of WSL is recommended instead. (#3873)
+ - Fix typo in README, synaspse -> synapse (#3897)
+ - Increase the timeout when filling missing events in federation requests (#3903)
+ - Improve the logging when handling a federation transaction (#3904, #3966)
+ - Improve logging of outbound federation requests (#3906, #3909)
+ - Fix the docker image building on python 3 (#3911)
+ - Add a regression test for logging failed HTTP requests on Python 3. (#3912)
+ - Comments and interface cleanup for on_receive_pdu (#3924)
+ - Fix spurious exceptions when remote http client closes conncetion (#3925)
+ - Log exceptions thrown by background tasks (#3927)
+ - Add a cache to get_destination_retry_timings (#3933, #3991)
+ - Automate pushes to docker hub (#3946)
+ - Require attrs 16.0.0 or later (#3947)
+ - Fix incompatibility with python3 on alpine (#3948)
+ - Run the test suite on the oldest supported versions of our dependencies in CI. (#3952)
+ - CircleCI now only runs merged jobs on PRs, and commit jobs on develop, master, and release branches. (#3957)
+ - Fix docstrings and add tests for state store methods (#3958)
+ - fix docstring for FederationClient.get_state_for_room (#3963)
+ - Run notify_app_services as a bg process (#3965)
+ - Clarifications in FederationHandler (#3967)
+ - Further reduce the docker image size (#3972)
+ - Build py3 docker images for docker hub too (#3976)
+ - Updated the installation instructions to point to the matrix-synapse package on PyPI. (#3985)
+ - Disable USE_FROZEN_DICTS for unittests by default. (#3987)
+ - Remove unused Jenkins and development related files from the repo. (#3988)
+ - Improve stacktraces in certain exceptions in the logs (#3989)
+ - Pin to prometheus_client<0.4 to avoid renaming all of our metrics (#4002)
+
+- Changes from 0.33.5.1
+ * Internal Changes
+ - Fix incompatibility with older Twisted version in tests. Thanks @OlegGirko! (#3940)
+
+- Changes from 0.33.5
+ * Features
+ - Python 3.5 and 3.6 support is now in beta. (#3576)
+ - Implement event_format filter param in /sync (#3790)
+ - Add synapse_admin_mau:registered_reserved_users metric to expose number of real reaserved users (#3846)
+ * Bugfixes
+ - Remove connection ID for replication prometheus metrics, as it creates a large number of new series. (#3788)
+ - guest users should not be part of mau total (#3800)
+ - Bump dependency on pyopenssl 16.x, to avoid incompatibility with recent Twisted. (#3804)
+ - Fix existing room tags not coming down sync when joining a room (#3810)
+ - Fix jwt import check (#3824)
+ - fix VOIP crashes under Python 3 (#3821) (#3835)
+ - Fix manhole so that it works with latest openssh clients (#3841)
+ - Fix outbound requests occasionally wedging, which can result in federation breaking between servers. (#3845)
+ - Show heroes if room name/canonical alias has been deleted (#3851)
+ - Fix handling of redacted events from federation (#3859)
+ - (#3874)
+ - Mitigate outbound federation randomly becoming wedged (#3875)
+ * Internal Changes
+ - CircleCI tests now run on the potential merge of a PR. (#3704)
+ - http/ is now ported to Python 3. (#3771)
+ - Improve human readable error messages for threepid registration/account update (#3789)
+ - Make /sync slightly faster by avoiding needless copies (#3795)
+ - handlers/ is now ported to Python 3. (#3803)
+ - Limit the number of PDUs/EDUs per federation transaction (#3805)
+ - Only start postgres instance for postgres tests on Travis CI (#3806)
+ - tests/ is now ported to Python 3. (#3808)
+ - crypto/ is now ported to Python 3. (#3822)
+ - rest/ is now ported to Python 3. (#3823)
+ - add some logging for the keyring queue (#3826)
+ - speed up lazy loading by 2-3x (#3827)
+ - Improved Dockerfile to remove build requirements after building reducing the image size. (#3834)
+ - Disable lazy loading for incremental syncs for now (#3840)
+ - federation/ is now ported to Python 3. (#3847)
+ - Log when we retry outbound requests (#3853)
+ - Removed some excess logging messages. (#3855)
+ - Speed up purge history for rooms that have been previously purged (#3856)
+ - Refactor some HTTP timeout code. (#3857)
+ - Fix running merged builds on CircleCI (#3858)
+ - Fix typo in replication stream exception. (#3860)
+ - Add in flight real time metrics for Measure blocks (#3871)
+ - Disable buffering and automatic retrying in treq requests to prevent timeouts. (#3872)
+ - mention jemalloc in the README (#3877)
+ - Remove unmaintained "nuke-room-from-db.sh" script (#3888)
+
+-------------------------------------------------------------------
+Tue Sep 11 10:03:08 UTC 2018 - fcrozat@suse.com
+
+- Update to version 0.33.4:
+ * Features:
+ - Support profile API endpoints on workers (#3659)
+ - Server notices for resource limit blocking (#3680)
+ - Allow guests to use /rooms/:roomId/event/:eventId (#3724)
+ - Add mau_trial_days config param, so that users only get counted as MAU after N days. (#3749)
+ - Require twisted 17.1 or later (fixes #3741). (#3751)
+ * Bugfixes:
+ - Fix error collecting prometheus metrics when run on dedicated thread due to threading concurrency issues (#3722)
+ - Fix bug where we resent “limit exceeded” server notices repeatedly (#3747)
+ - Fix bug where we broke sync when using limit_usage_by_mau but hadn’t configured server notices (#3753)
+ - Fix ‘federation_domain_whitelist’ such that an empty list correctly blocks all outbound federation traffic (#3754)
+ - Fix tagging of server notice rooms (#3755, #3756)
+ - Fix ‘admin_uri’ config variable and error parameter to be ‘admin_contact’ to match the spec. (#3758)
+ - Don’t return non-LL-member state in incremental sync state blocks (#3760)
+ - Fix bug in sending presence over federation (#3768)
+ - Fix bug where preserved threepid user comes to sign up and server is mau blocked (#3777)
+
+-------------------------------------------------------------------
+Thu Sep 6 12:24:04 UTC 2018 - fcrozat@suse.com
+
+- Update to version 0.33.3.1:
+ * SECURITY FIXES:
+ - Fix an issue where event signatures were not always correctly validated (#3796)
+ - Fix an issue where server_acls could be circumvented for incoming events (#3796)
+
+-------------------------------------------------------------------
+Mon Aug 27 13:30:05 UTC 2018 - fcrozat@suse.com
+
+- Update to version 0.33.3:
+ * Features:
+ - Add support for the SNI extension to federation TLS connections. Thanks to @vojeroen! (#3439)
+ - Add /_media/r0/config (#3184)
+ - speed up /members API and add at and membership params as per MSC1227 (#3568)
+ - implement summary block in /sync response as per MSC688 (#3574)
+ - Add lazy-loading support to /messages as per MSC1227 (#3589)
+ - Add ability to limit number of monthly active users on the server (#3633)
+ - Support more federation endpoints on workers (#3653)
+ - Basic support for room versioning (#3654)
+ - Ability to disable client/server Synapse via conf toggle (#3655)
+ - Ability to whitelist specific threepids against monthly active user limiting (#3662)
+ - Add some metrics for the appservice and federation event sending loops (#3664)
+ - Where server is disabled, block ability for locked out users to read new messages (#3670)
+ - set admin uri via config, to be used in error messages where the user should contact the administrator (#3687)
+ - Synapse's presence functionality can now be disabled with the "use_presence" configuration option. (#3694)
+ - For resource limit blocked users, prevent writing into rooms (#3708)
+ * Bugfixes:
+ - Fix occasional glitches in the synapse_event_persisted_position metric (#3658)
+ - Fix bug on deleting 3pid when using identity servers that don't support unbind API (#3661)
+ - Make the tests pass on Twisted < 18.7.0 (#3676)
+ - Don’t ship recaptcha_ajax.js, use it directly from Google (#3677)
+ - Fixes test_reap_monthly_active_users so it passes under postgres (#3681)
+ - Fix mau blocking calulation bug on login (#3689)
+ - Fix missing yield in synapse.storage.monthly_active_users.initialise_reserved_users (#3692)
+ - Improve HTTP request logging to include all requests (#3700)
+ - Avoid timing out requests while we are streaming back the response (#3701)
+ - Support more federation endpoints on workers (#3705, #3713)
+ - Fix "Starting db txn 'get_all_updated_receipts' from sentinel context" warning (#3710)
+ - Fix bug where state_cache cache factor ignored environment variables (#3719)
+ * Deprecations and Removals:
+ - The Shared-Secret registration method of the legacy v1/register REST endpoint has been removed. For a replacement, please see the admin/register API documentation. (#3703)
+
+- Changes from version 0.33.2:
+ * Features:
+ - add support for the lazy_loaded_members filter as per MSC1227 (#2970)
+ - add support for the include_redundant_members filter param as per MSC1227 (#3331)
+ - Add metrics to track resource usage by background processes (#3553, #3556, #3604, #3610)
+ - Add code label to synapse_http_server_response_time_seconds prometheus metric (#3554)
+ - Add support for client_reader to handle more APIs (#3555, #3597)
+ - make the /context API filter & lazy-load aware as per MSC1227 (#3567)
+ - Add ability to limit number of monthly active users on the server (#3630)
+ - When we fail to join a room over federation, pass the error code back to the client. (#3639)
+ - Add a new /admin/register API for non-interactively creating users. (#3415)
+ * Bugfixes:
+ - Make /directory/list API return 404 for room not found instead of 400. Thanks to @fuzzmz! (#3620)
+ - Default inviter_display_name to mxid for email invites (#3391)
+ - Don't generate TURN credentials if no TURN config options are set (#3514)
+ - Correctly announce deleted devices over federation (#3520)
+ - Catch failures saving metrics captured by Measure, and instead log the faulty metrics information for further analysis. (#3548)
+ - Unicode passwords are now normalised before hashing, preventing the instance where two different devices or browsers might send a different UTF-8 sequence for the password. (#3569)
+ - Fix potential stack overflow and deadlock under heavy load (#3570)
+ - Respond with M_NOT_FOUND when profiles are not found locally or over federation. Fixes #3585 (#3585)
+ - Fix failure to persist events over federation under load (#3601)
+ - Fix updating of cached remote profiles (#3605)
+ - Fix 'tuple index out of range' error (#3607)
+ - Only import secrets when available (fix for py < 3.6) (#3626)
+
+-------------------------------------------------------------------
+Thu Aug 9 07:04:39 UTC 2018 - okurz@suse.com
+
+- Update to 0.33.1
+ * Bug Fixes:
+ * Fix a potential issue where servers could request events for rooms they
+ have not joined
+ * Fix a potential issue where users could see events in private rooms
+ before they joined
+
+-------------------------------------------------------------------
+Fri Jul 20 19:32:51 UTC 2018 - okurz@suse.com
+
+- Update to 0.33.0
+ * Bug Fixes:
+ * Use more portable syntax in our use of the attrs package, widening the supported versions (#3498)
+ * Fix queued federation requests being processed in the wrong order (#3533)
+ * Ensure that erasure requests are correctly honoured for publicly accessible rooms when accessed over federation. (#3546)
+ * Disable a noisy warning about logcontexts (#3561)
+
+ * Features:
+ * Enforce the specified API for report_event (#3316)
+ * Include CPU time from database threads in request/block metrics. (#3496, #3501)
+ * Add CPU metrics for _fetch_event_list (#3497)
+ * optimisation for /sync (#3505, #3521)
+ * Optimisation to make handling incoming federation requests more efficient. (#3541)
+
+-------------------------------------------------------------------
+Wed Jul 11 04:35:16 UTC 2018 - okurz@suse.com
+
+- Update to 0.32.2
+ * Bug Fixes:
+ * Strip access_token from outgoing requests (#3327)
+ * Redact AS tokens in logs (#3349)
+ * Fix federation backfill from SQLite servers (#3355)
+ * Fix event-purge-by-ts admin API (#3363)
+ * Fix event filtering in get_missing_events handler (#3371)
+ * Synapse is now stricter regarding accepting events which it cannot
+ retrieve the prev_events for. (#3456)
+ * Fix bug where synapse would explode when receiving unicode in HTTP
+ User-Agent header (#3470)
+ * Invalidate cache on correct thread to avoid race (#3473)
+
+ * Features:
+ * Add blacklist & whitelist of servers allowed to send events to a
+ room via ``m.room.server_acl`` event.
+ * Cache factor override system for specific caches (#3334)
+ * Add metrics to track appservice transactions (#3344)
+ * Try to log more helpful info when a sig verification fails (#3372)
+ * Synapse now uses the best performing JSON encoder/decoder according
+ to your runtime (simplejson on CPython, stdlib json on PyPy). (#3462)
+ * Add optional ip_range_whitelist param to AS registration files to
+ lock AS IP access (#3465)
+ * Reject invalid server names in federation requests (#3480)
+ * Reject invalid server names in homeserver.yaml (#3483)
+
+-------------------------------------------------------------------
+Tue Jul 10 13:36:51 UTC 2018 - okurz@suse.com
+
+- Update to version 0.31.2:
+ * Bug Fixes:
+ * SECURITY UPDATE: Prevent unauthorised users from setting state events in
+ a room when there is no ``m.room.power_levels`` event in force in the
+ room. (PR #3397)
+
+- Change to package version format without leading "v"
+
+-------------------------------------------------------------------
+Tue Jul 10 11:07:11 UTC 2018 - okurz@suse.com
+
+- Replace deprecated tar_scm by obs_scm
+
+-------------------------------------------------------------------
+Sun Jun 10 13:37:54 UTC 2018 - okurz@suse.com
+
+- Update to version v0.31.1:
+ * Bug Fixes:
+ * Fix event filtering in get_missing_events handler (PR #3371)
+ (boo#1096833, CVE-2018-12291)
+ * Fix metric documentation tables (PR #3341)
+ * Fix LaterGauge error handling (694968f)
+ * Fix replication metrics (b7e7fd2)
+ * Fix federation backfill bugs (PR #3261)
+ * federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx!
+ * Fix logcontext resource usage tracking (PR #3258)
+ * Fix error in handling receipts (PR #3235)
+ * Stop the transaction cache caching failures (PR #3255)
+
+ * Features:
+ * Let users leave the server notice room after joining (PR #3287)
+ * Add in flight request metrics (PR #3252)
+
+ * Changes:
+ * Switch to the Python Prometheus library (PR #3256, #3274)
+ * Cohort analytics (PR #3163, #3241, #3251)
+ * Add lxml to docker image for web previews (PR #3239) Thanks to @ptman!
+ * daily user type phone home stats (PR #3264)
+ * Docs on consent bits (PR #3268)
+ * Remove users from user directory on deactivate (PR #3277)
+ * Avoid sending consent notice to guest users (PR #3288)
+ * disable CPUMetrics if no /proc/self/stat (PR #3299)
+ * Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat!
+ * Allow overriding the server_notices user's avatar (PR #3273)
+ * Support for putting %(consent_uri)s in messages (PR #3271)
+ * Block attempts to send server notices to remote users (PR #3270)
+ * Docs on consent bits (PR #3268)
+ * ConsentResource to gather policy consent from users (PR #3213)
+ * Infrastructure for a server notices room (PR #3232)
+ * Send users a server notice about consent (PR #3236)
+ * Reject attempts to send event before privacy consent is given (PR #3257)
+ * Don't support limitless pagination (PR #3265)
+
+-------------------------------------------------------------------
+Fri May 18 22:00:00 UTC 2018 - cunix@bitmessage.ch
+
+- Update to version v0.29.1:
+ * Potentially breaking change:
+ * Make Client-Server API return 401 for invalid token (PR #3161). Thanks to @NotAFile.
+
+ * Bug Fixes:
+ * synapse fails to start under Twisted >= 18.4 (PR #3157)
+ * Fix a class of logcontext leaks (PR #3170)
+ * Fix a couple of logcontext leaks in unit tests (PR #3172)
+ * Fix logcontext leak in media repo (PR #3174)
+ * Escape label values in prometheus metrics (PR #3175, #3186)
+ * Fix 'Unhandled Error' logs with Twisted 18.4 (PR #3182) Thanks to @Half-Shot!
+ * Fix logcontext leaks in rate limiter (PR #3183)
+ * notifications: Convert next_token to string according to the spec (PR #3190) Thanks to @mujx!
+ * nuke-room-from-db.sh: fix deletion from search table (PR #3194) Thanks to @rubo77!
+ * add guard for None on purge_history api (PR #3160) Thanks to @krombel!
+
+ * Features:
+ * Add a Dockerfile for synapse (PR #2846) Thanks to @kaiyou!
+
+ * Changes:
+ * Update docker documentation (PR #3222)
+
+ * nuke-room-from-db.sh: added postgresql option and help (PR #2337) Thanks to @rubo77!
+ * Part user from rooms on account deactivate (PR #3201)
+ * Make 'unexpected logging context' into warnings (PR #3007)
+ * Set Server header in SynapseRequest (PR #3208)
+ * remove duplicates from groups tables (PR #3129)
+ * Improve exception handling for background processes (PR #3138)
+ * Add missing consumeErrors to improve exception handling (PR #3139)
+ * reraise exceptions more carefully (PR #3142)
+ * Remove redundant call to preserve_fn (PR #3143)
+ * Trap exceptions thrown within run_in_background (PR #3144)
+
+ * Refactor /context to reuse pagination storage functions (PR #3193)
+ * Refactor recent events func to use pagination func (PR #3195)
+ * Refactor pagination DB API to return concrete type (PR #3196)
+ * Refactor get_recent_events_for_room return type (PR #3198)
+ * Refactor sync APIs to reuse pagination API (PR #3199)
+ * Remove unused code path from member change DB func (PR #3200)
+ * Refactor request handling wrappers (PR #3203)
+ * transaction_id, destination defined twice (PR #3209) Thanks to @damir-manapov!
+ * Refactor event storage to prepare for changes in state calculations (PR #3141)
+ * Set Server header in SynapseRequest (PR #3208)
+ * Use deferred.addTimeout instead of time_bound_deferred (PR #3127, #3178)
+ * Use run_in_background in preference to preserve_fn (PR #3140)
+
+ * Construct HMAC as bytes on py3 (PR #3156) Thanks to @NotAFile!
+ * run config tests on py3 (PR #3159) Thanks to @NotAFile!
+ * Open certificate files as bytes (PR #3084) Thanks to @NotAFile!
+ * Open config file in non-bytes mode (PR #3085) Thanks to @NotAFile!
+ * Make event properties raise AttributeError instead (PR #3102) Thanks to @NotAFile!
+ * Use six.moves.urlparse (PR #3108) Thanks to @NotAFile!
+ * Add py3 tests to tox with folders that work (PR #3145) Thanks to @NotAFile!
+ * Don't yield in list comprehensions (PR #3150) Thanks to @NotAFile!
+ * Move more xrange to six (PR #3151) Thanks to @NotAFile!
+ * make imports local (PR #3152) Thanks to @NotAFile!
+ * move httplib import to six (PR #3153) Thanks to @NotAFile!
+ * Replace stringIO imports with six (PR #3154, #3168) Thanks to @NotAFile!
+ * more bytes strings (PR #3155) Thanks to @NotAFile!
+
+-------------------------------------------------------------------
+Mon May 14 20:32:40 UTC 2018 - okurz@suse.com
+
+- Fixed systemd service file installation
+- Fixed rpmlint warnings
+- Changed to specific "synapse" user and group
+
+-------------------------------------------------------------------
+Fri May 4 11:18:46 UTC 2018 - okurz@suse.com
+
+- Update to version v0.28.1:
+ * SECURITY UPDATE
+ Clamp the allowed values of event depth received over federation to be
+ [0, 2^63 - 1]. This mitigates an attack where malicious events
+ injected with depth = 2^63 - 1 render rooms unusable. Depth is used to
+ determine the cosmetic ordering of events within a room, and so the ordering
+ of events in such a room will default to using stream_ordering rather than depth
+ (topological_ordering).
+
+ This is a temporary solution to mitigate abuse in the wild, whilst a long term solution
+ is being implemented to improve how the depth parameter is used.
+
+ Full details at
+ https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI/edit#
+
+ Pin Twisted to <18.4 until we stop using the private _OpenSSLECCurve API.
+
+ * Bug Fixes:
+ * Return 401 for invalid access_token on logout (PR #2938) Thanks to @dklug!
+ * Return a 404 rather than a 500 on rejoining empty rooms (PR #3080)
+ * fix federation_domain_whitelist (PR #3099)
+ * Avoid creating events with huge numbers of prev_events (PR #3113)
+ * Reject events which have lots of prev_events (PR #3118)
+ * Fix quarantine media admin API and search reindex (PR #3130)
+ * Fix media admin APIs (PR #3134)
+
+ * Features:
+ * Add metrics for event processing lag (PR #3090)
+ * Add metrics for ResponseCache (PR #3092)
+
+ * Changes:
+ * Synapse on PyPy (PR #2760) Thanks to @Valodim!
+ * move handling of auto_join_rooms to RegisterHandler (PR #2996) Thanks to @krombel!
+ * Improve handling of SRV records for federation connections (PR #3016) Thanks to @silkeh!
+ * Document the behaviour of ResponseCache (PR #3059)
+ * Preparation for py3 (PR #3061, #3073, #3074, #3075, #3103, #3104, #3106, #3107, #3109, #3110) Thanks to @NotAFile!
+ * update prometheus dashboard to use new metric names (PR #3069) Thanks to @krombel!
+ * use python3-compatible prints (PR #3074) Thanks to @NotAFile!
+ * Send federation events concurrently (PR #3078)
+ * Limit concurrent event sends for a room (PR #3079)
+ * Improve R30 stat definition (PR #3086)
+ * Send events to ASes concurrently (PR #3088)
+ * Refactor ResponseCache usage (PR #3093)
+ * Clarify that SRV may not point to a CNAME (PR #3100) Thanks to @silkeh!
+ * Use str(e) instead of e.message (PR #3103) Thanks to @NotAFile!
+ * Use six.itervalues in some places (PR #3106) Thanks to @NotAFile!
+ * Refactor store.have_events (PR #3117)
+
+
+-------------------------------------------------------------------
+Fri Apr 27 06:19:26 UTC 2018 - okurz@suse.com
+
+- Disable web-client for package self-test to get rid of unfulfilled dependency
+
+-------------------------------------------------------------------
+Fri Apr 20 18:32:40 UTC 2018 - okurz@suse.com
+
+- Introduce package self-test based on _multibuild
+
+-------------------------------------------------------------------
+Mon Apr 16 19:47:23 UTC 2018 - okurz@suse.com
+
+- Update to version v0.27.4:
+ * Bug fixes:
+ * URL quote path segments over federation (#3082)
+ * Add room_id to the response of rooms/{roomId}/join (PR #2986) Thanks to @jplatte!
+ * Fix replication after switch to simplejson (PR #3015)
+ * Fix replication after switch to simplejson (PR #3015)
+ * 404 correctly on missing paths via NoResource (PR #3022)
+ * Fix error when claiming e2e keys from offline servers (PR #3034)
+ * fix tests/storage/test_user_directory.py (PR #3042)
+ * use PUT instead of POST for federating groups/m.join_policy (PR #3070) Thanks to @krombel!
+ * postgres port script: fix state_groups_pkey error (PR #3072)
+
+ * Features:
+ * Add joinability for groups (PR #3045)
+ * Implement group join API (PR #3046)
+ * Add counter metrics for calculating state delta (PR #3033)
+ * R30 stats (PR #3041)
+ * Measure time it takes to calculate state group ID (PR #3043)
+ * Add basic performance statistics to phone home (PR #3044)
+ * Add response size metrics (PR #3071)
+ * phone home cache size configurations (PR #3063)
+
+ * Changes:
+ * Update canonicaljson dependency (#3095)
+ * Add a blurb explaining the main synapse worker (PR #2886) Thanks to @turt2live!
+ * Replace old style error catching with 'as' keyword (PR #3000) Thanks to @NotAFile!
+ * Use .iter* to avoid copies in StateHandler (PR #3006)
+ * Linearize calls to _generate_user_id (PR #3029)
+ * Remove last usage of ujson (PR #3030)
+ * Use simplejson throughout (PR #3048)
+ * Use static JSONEncoders (PR #3049)
+ * Remove uses of events.content (PR #3060)
+ * Improve database cache performance (PR #3068)
+
+-------------------------------------------------------------------
+Thu Mar 29 05:51:42 UTC 2018 - okurz@suse.com
+
+- Update to version v0.27.2:
+ * Bug fixes:
+ * Fix bug which broke TCP replication between workers (PR #3015)
+ * Fix broken ldap_config config option (PR #2683) Thanks to @seckrv!
+ * Fix error message when user is not allowed to unban (PR #2761) Thanks to
+ @turt2live!
+ * Fix publicised groups GET API (singular) over federation (PR #2772)
+ * Fix user directory when using user_directory_search_all_users config
+ option (PR #2803, #2831)
+ * Fix error on /publicRooms when no rooms exist (PR #2827)
+ * Fix bug in quarantine_media (PR #2837)
+ * Fix url_previews when no Content-Type is returned from URL (PR #2845)
+ * Fix rare race in sync API when joining room (PR #2944)
+ * Fix slow event search, switch back from GIST to GIN indexes (PR #2769,
+ #2848)
+
+ * Fix bug where an invalid event caused server to stop functioning
+ correctly, due to parsing and serializing bugs in ujson library.
+
+ * Features:
+ * Add ability for ASes to override message send time (PR #2754)
+ * Add support for custom storage providers for media repository (PR #2867,
+ #2777, #2783, #2789, #2791, #2804, #2812, #2814, #2857, #2868, #2767)
+ * Add purge API features, see docs/admin_api/purge_history_api.rst for
+ full details (PR #2858, #2867, #2882, #2946, #2962, #2943)
+ * Add support for whitelisting 3PIDs that users can register. (PR #2813)
+ * Add /room/{id}/event/{id} API (PR #2766)
+ * Add an admin API to get all the media in a room (PR #2818) Thanks to
+ @turt2live!
+ * Add federation_domain_whitelist option (PR #2820, #2821)
+
+ * Changes:
+ * Continue to factor out processing from main process and into worker
+ processes. See updated docs/workers.rst (PR #2892 - #2904, #2913, #2920
+ - #2926, #2947, #2847, #2854, #2872, #2873, #2874, #2928, #2929, #2934,
+ #2856, #2976 - #2984, #2987 - #2989, #2991 - #2993, #2995, #2784)
+ * Ensure state cache is used when persisting events (PR #2864, #2871,
+ #2802, #2835, #2836, #2841, #2842, #2849)
+ * Change the default config to bind on both IPv4 and IPv6 on all platforms
+ (PR #2435) Thanks to @silkeh!
+ * No longer require a specific version of saml2 (PR #2695) Thanks to @okurz!
+ * Remove verbosity/log_file from generated config (PR #2755)
+ * Add and improve metrics and logging (PR #2770, #2778, #2785, #2786,
+ #2787, #2793, #2794, #2795, #2809, #2810, #2833, #2834, #2844, #2965,
+ #2927, #2975, #2790, #2796, #2838)
+ * When using synctl with workers, don't start the main synapse
+ automatically (PR #2774)
+ * Minor performance improvements (PR #2773, #2792)
+ * Use a connection pool for non-federation outbound connections (PR #2817)
+ * Make it possible to run unit tests against postgres (PR #2829)
+ * Update pynacl dependency to 1.2.1 or higher (PR #2888) Thanks to @bachp!
+ * Remove ability for AS users to call /events and /sync (PR #2948)
+ * Use bcrypt.checkpw (PR #2949) Thanks to @krombel!
+
+- Change spec-file to use service downloaded and recompressed file directly
+- Remove patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch
+ now included in upstream changes
+
+-------------------------------------------------------------------
+Sun Jan 7 10:02:56 UTC 2018 - okurz@suse.com
+
+- Update to version v0.26.0:
+ * Bug fixes:
+ * Fix database port script (PR #2673)
+ * Fix internal server error on login with ldap_auth_provider (PR #2678) Thanks
+ to @jkolo!
+ * Fix error on sqlite 3.7 (PR #2697)
+ * Fix OPTIONS on preview_url (PR #2707)
+ * Fix error handling on dns lookup (PR #2711)
+ * Fix wrong avatars when inviting multiple users when creating room (PR #2717)
+ * Fix 500 when joining matrix-dev (PR #2719)
+
+ * Features:
+ * Add ability for ASes to publicise groups for their users (PR #2686)
+ * Add all local users to the user_directory and optionally search them (PR
+ * #2723)
+ * Add support for custom login types for validating users (PR #2729)
+
+ * Changes:
+ * Update example Prometheus config to new format (PR #2648) Thanks to
+ @krombel!
+ * Rename redact_content option to include_content in Push API (PR #2650)
+ * Declare support for r0.3.0 (PR #2677)
+ * Improve upserts (PR #2684, #2688, #2689, #2713)
+ * Improve documentation of workers (PR #2700)
+ * Improve tracebacks on exceptions (PR #2705)
+ * Allow guest access to group APIs for reading (PR #2715)
+ * Support for posting content in federation_client script (PR #2716)
+ * Delete devices and pushers on logouts etc (PR #2722)
+
+
+-------------------------------------------------------------------
+Mon Nov 20 14:37:18 UTC 2017 - okurz@suse.com
+
+- Update to version v0.25.1:
+ * Bug fixes:
+ * Fix login with LDAP and other password provider modules (PR #2678). Thanks to @jkolo!
+ * Fix port script (PR #2673)
+ * Fix port script (PR #2577)
+ * Fix error when running synapse with no logfile (PR #2581)
+ * Fix UI auth when deleting devices (PR #2591)
+ * Fix typo when checking if user is invited to group (PR #2599)
+ * Fix the port script to drop NUL values in all tables (PR #2611)
+ * Fix appservices being backlogged and not receiving new events due to a bug in
+ notify_interested_services (PR #2631) Thanks to @xyzz!
+ * Fix updating rooms avatar/display name when modified by admin (PR #2636)
+ * Thanks to @farialima!
+ * Fix bug in state group storage (PR #2649)
+ * Fix 500 on invalid utf-8 in request (PR #2663)
+
+ * Features:
+ * Add is_public to groups table to allow for private groups (PR #2582)
+ * Add a route for determining who you are (PR #2668) Thanks to @turt2live!
+ * Add more features to the password providers (PR #2608, #2610, #2620,
+ #2622, #2623, #2624, #2626, #2628, #2629)
+ * Add a hook for custom rest endpoints (PR #2627)
+ * Add API to update group room visibility (PR #2651)
+
+ * Changes:
+ * Ignore tags when generating URL preview descriptions (PR #2576) Thanks to
+ @maximevaillancourt!
+ * Register some /unstable endpoints in /r0 as well (PR #2579) Thanks to @krombel!
+ * Support /keys/upload on /r0 as well as /unstable (PR #2585)
+ * Front-end proxy: pass through auth header (PR #2586)
+ * Allow ASes to deactivate their own users (PR #2589)
+ * Remove refresh tokens (PR #2613)
+ * Automatically set default displayname on register (PR #2617)
+ * Log login requests (PR #2618)
+ * Always return is_public in the /groups/:group_id/rooms API (PR #2630)
+ * Avoid no-op media deletes (PR #2637) Thanks to @spantaleev!
+ * Fix various embarrassing typos around user_directory and add some doc. (PR #2643)
+ * Return whether a user is an admin within a group (PR #2647)
+ * Namespace visibility options for groups (PR #2657)
+ * Downcase UserIDs on registration (PR #2662)
+ * Cache failures when fetching URL previews (PR #2669)
+
+ * Add patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch
+
+
+-------------------------------------------------------------------
+Tue Nov 14 12:57:17 UTC 2017 - okurz@suse.com
+
+- Update to version v0.24.1:
+ * Bug fixes:
+ * Fix updating group profiles over federation (PR #2567)
+ * Fix handling SERVFAILs when doing AAAA lookups for federation (PR #2477)
+ * Fix incompatibility with newer versions of ujson (PR #2483) Thanks to
+ @jeremycline!
+ * Fix notification keywords that start/end with non-word chars (PR #2500)
+ * Fix stack overflow and logcontexts from linearizer (PR #2532)
+ * Fix 500 error when fields missing from power_levels event (PR #2552)
+ * Fix 500 error when we get an error handling a PDU (PR #2553)
+ * Fix regression in performance of syncs (PR #2470)
+ * Fix caching error in the push evaluator (PR #2332)
+ * Fix bug where pusherpool didn't start and broke some rooms (PR #2342)
+ * Fix port script for user directory tables (PR #2375)
+ * Fix device lists notifications when user rejoins a room (PR #2443, #2449)
+ * Fix sync to always send down current state events in timeline (PR #2451)
+ * Fix bug where guest users were incorrectly kicked (PR #2453)
+ * Fix bug talking to IPv6 only servers using SRV records (PR #2462)
+ * Fix synapse_port_db failure. Thanks to Pneumaticat! (PR #1904)
+ * Fix caching to not cache error responses (PR #1913)
+ * Fix APIs to make kick & ban reasons work (PR #1917)
+ * Fix bugs in the /keys/changes api (PR #1921)
+ * Fix bug where users couldn't forget rooms they were banned from (PR #1922)
+ * Fix issue with long language values in pushers API (PR #1925)
+ * Fix a race in transaction queue (PR #1930)
+ * Fix dynamic thumbnailing to preserve aspect ratio. Thanks to jkolo! (PR
+ #1945)
+ * Fix device list update to not constantly resync (PR #1964)
+ * Fix potential for huge memory usage when getting device that have
+ changed (PR #1969)
+ * Fix bug where pusher pool didn't start and caused issues when
+ interacting with some rooms (PR #2342)
+ * Fix bug with storing registration sessions that caused frequent CPU churn
+ (PR #2319)
+ * Fix users not getting notifications when AS listened to that user_id (PR
+ #2216) Thanks to @slipeer!
+ * Fix users without push set up not getting notifications after joining rooms
+ (PR #2236)
+ * Fix preview url API to trim long descriptions (PR #2243)
+ * Fix bug where we used cached but unpersisted state group as prev group,
+ resulting in broken state of restart (PR #2263)
+ * Fix removing of pushers when using workers (PR #2267)
+ * Fix CORS headers to allow Authorization header (PR #2285) Thanks to @krombel!
+ * Fix bug in anonymous usage statistic reporting (PR #2281)
+ * Fix API to allow clients to upload one-time-keys with new sigs (PR #2206)
+ * Fix bug where users got pushed for rooms they had muted (PR #2200)
+ * Fix nuke-room script to work with current schema (PR #1927) Thanks
+ @zuckschwerdt!
+ * Fix db port script to not assume postgres tables are in the public schema
+ (PR #2024) Thanks @jerrykan!
+ * Fix getting latest device IP for user with no devices (PR #2118)
+ * Fix rejection of invites to unreachable servers (PR #2145)
+ * Fix code for reporting old verify keys in synapse (PR #2156)
+ * Fix invite state to always include all events (PR #2163)
+ * Fix bug where synapse would always fetch state for any missing event (PR #2170)
+ * Fix a leak with timed out HTTP connections (PR #2180)
+ * Fix bug where we didn't time out HTTP requests to ASes (PR #2192)
+ * Fix joining rooms over federation where not all servers in the room saw the
+ new server had joined (PR #2094)
+ * Fix bug where current_state_events renamed to current_state_ids (PR #1849)
+ * Fix routing loop when fetching remote media (PR #1992)
+ * Fix current_state_events table to not lie (PR #1996)
+ * Fix CAS login to handle PartialDownloadError (PR #1997)
+ * Fix assertion to stop transaction queue getting wedged (PR #2010)
+ * Fix presence to fallback to last_active_ts if it beats the last sync time.
+ Thanks @Half-Shot! (PR #2014)
+ * Fix bug when federation received a PDU while a room join is in progress (PR
+ #2016)
+ * Fix resetting state on rejected events (PR #2025)
+ * Fix installation issues in readme. Thanks @ricco386 (PR #2037)
+ * Fix caching of remote servers' signature keys (PR #2042)
+ * Fix some leaking log context (PR #2048, #2049, #2057, #2058)
+ * Fix rejection of invites not reaching sync (PR #2056)
+ * Fix bug in handling of incoming device list updates over federation.
+
+ * Features:
+ * Add Group Server (PR #2352, #2363, #2374, #2377, #2378, #2382, #2410, #2426,
+ #2430, #2454, #2471, #2472, #2544)
+ * Add support for channel notifications (PR #2501)
+ * Add basic implementation of backup media store (PR #2538)
+ * Add config option to auto-join new users to rooms (PR #2545)
+ * Add a frontend proxy worker (PR #2344)
+ * Add support for event_id_only push format (PR #2450)
+ * Add a PoC for filtering spammy events (PR #2456)
+ * Add a config option to block all room invites (PR #2457)
+ * Add a user directory API (PR #2252, and many more)
+ * Add shutdown room API to remove room from local server (PR #2291)
+ * Add API to quarantine media (PR #2292)
+ * Add new config option to not send event contents to push servers (PR #2301)
+ Thanks to @cjdelisle!
+ * Add per user rate-limiting overrides (PR #2208)
+ * Add config option to limit maximum number of events requested by ``/sync``
+ and ``/messages`` (PR #2221) Thanks to @psaavedra!
+ * Add username availability checker API (PR #2183)
+ * Add read marker API (PR #2120)
+ * Add delete_devices API (PR #1993)
+ * Add phone number registration/login support (PR #1994, #2055)
+ * Add some administration functionalities. Thanks to morteza-araby! (PR #1784)
+
+ * Changes:
+ * Make the spam checker a module (PR #2474)
+ * Delete expired url cache data (PR #2478)
+ * Ignore incoming events for rooms that we have left (PR #2490)
+ * Allow spam checker to reject invites too (PR #2492)
+ * Add room creation checks to spam checker (PR #2495)
+ * Spam checking: add the invitee to user_may_invite (PR #2502)
+ * Process events from federation for different rooms in parallel (PR #2520)
+ * Allow error strings from spam checker (PR #2531)
+ * Improve error handling for missing files in config (PR #2551)
+ * Make 'affinity' package optional, as it is not supported on some platforms
+ * Use bcrypt module instead of py-bcrypt (PR #2288) Thanks to @kyrias!
+ * Improve performance of generating push notifications (PR #2343, #2357, #2365,
+ #2366, #2371)
+ * Improve DB performance for device list handling in sync (PR #2362)
+ * Include a sample prometheus config (PR #2416)
+ * Document known to work postgres version (PR #2433) Thanks to @ptman!
+ * Improve performance of storing user IPs (PR #2307, #2308)
+ * Slightly improve performance of verifying access tokens (PR #2320)
+ * Slightly improve performance of event persistence (PR #2321)
+ * Increase default cache factor size from 0.1 to 0.5 (PR #2330)
+ * Various performance fixes (PR #2177, #2233, #2230, #2238, #2248, #2256,
+ #2274)
+ * Deduplicate sync filters (PR #2219) Thanks to @krombel!
+ * Correct a typo in UPGRADE.rst (PR #2231) Thanks to @aaronraimist!
+ * Add count of one time keys to sync stream (PR #2237)
+ * Only store event_auth for state events (PR #2247)
+ * Store URL cache preview downloads separately (PR #2299)
+ * Various small performance fixes (PR #2201, #2202, #2224, #2226, #2227, #2228,
+ #2229)
+ * Update username availability checker API (PR #2209, #2213)
+ * When purging, don't de-delta state groups we're about to delete (PR #2214)
+ * Documentation to check synapse version (PR #2215) Thanks to @hamber-dick!
+ * Add an index to event_search to speed up purge history API (PR #2218)
+ * Always mark remotes as up if we receive a signed request from them (PR #2190)
+ * Enable guest access for the 3pl/3pid APIs (PR #1986)
+ * Add setting to support TURN for guests (PR #2011)
+ * Various performance improvements (PR #2075, #2076, #2080, #2083, #2108,
+ #2158, #2176, #2185)
+ * Make synctl a bit more user friendly (PR #2078, #2127) Thanks @APwhitehat!
+ * Replace HTTP replication with TCP replication (PR #2082, #2097, #2098,
+ #2099, #2103, #2014, #2016, #2115, #2116, #2117)
+ * Support authenticated SMTP (PR #2102) Thanks @DanielDent!
+ * Add a counter metric for successfully-sent transactions (PR #2121)
+ * Propagate errors sensibly from proxied IS requests (PR #2147)
+ * Add more granular event send metrics (PR #2178)
+ * Use JSONSchema for validation of filters. Thanks @pik! (PR #1783)
+ * Reread log config on SIGHUP (PR #1982)
+ * Speed up public room list (PR #1989)
+ * Add helpful texts to logger config options (PR #1990)
+ * Minor ``/sync`` performance improvements. (PR #2002, #2013, #2022)
+ * Add some debug to help diagnose weird federation issue (PR #2035)
+ * Correctly limit retries for all federation requests (PR #2050, #2061)
+ * Don't lock table when persisting new one time keys (PR #2053)
+ * Reduce some CPU work on DB threads (PR #2054)
+ * Cache hosts in room (PR #2060)
+ * Batch sending of device list pokes (PR #2063)
+ * Speed up persist event path in certain edge cases (PR #2070)
+ * Reduce database table sizes (PR #1873, #1916, #1923, #1963)
+ * Update contrib/ to not use syutil. Thanks to andrewshadura! (PR #1907)
+ * Don't fetch current state when sending an event in common case (PR #1955)
+
+
+-------------------------------------------------------------------
+Tue Nov 14 12:52:53 UTC 2017 - okurz@suse.com
+
+- Update to version v0.24.1+4.632baf79:
+ * Disallow capital letters in userids
+ * Allow = in mxids and groupids
+ * Validate group ids when parsing
+ * Fix a logcontext leak in the media repo
+ * Correctly wire in update group profile over federation
+ * replace 'except:' with 'except Exception:'
+ * fix vars named `l`
+ * Bump version and changelog
+ * Add jitter to validity period of attestations
+ * Revert "Add jitter to validity period of attestations"
+
+-------------------------------------------------------------------
+Tue Jul 4 08:39:45 UTC 2017 - jengelh@inai.de
+
+- Do not suppress errors from useradd procedure.
+- Trim description to the essence of the package. It is not
+ supposed to be a manual or architectural document.
+- Remove redundant %clean section. Replace %__-type macro
+ indirections.
+
+-------------------------------------------------------------------
+Thu Jun 29 20:53:00 UTC 2017 - okurz@suse.com
+
+- Prevent conflicts between python2/3 version of packages
+
+-------------------------------------------------------------------
+Sun Jun 18 12:05:47 UTC 2017 - okurz@suse.com
+
+- Initial version of matrix-synapse version 0.19.2
diff --git a/matrix-synapse.obsinfo b/matrix-synapse.obsinfo
new file mode 100644
index 0000000..d8e5a6f
--- /dev/null
+++ b/matrix-synapse.obsinfo
@@ -0,0 +1,4 @@
+name: matrix-synapse
+version: 1.120.2
+mtime: 1733241520
+commit: 6f689d452c5632df558e76bc5a24111e555a3c8a
diff --git a/matrix-synapse.service b/matrix-synapse.service
new file mode 100644
index 0000000..476c610
--- /dev/null
+++ b/matrix-synapse.service
@@ -0,0 +1,21 @@
+[Unit]
+Description=Synapse Matrix homeserver
+
+[Service]
+Type=simple
+SyslogIdentifier=matrix-synapse
+Restart=on-failure
+RestartSec=3
+
+User=synapse
+Group=synapse
+WorkingDirectory=/var/lib/matrix-synapse
+
+ExecStart=@PYTHON_FLAVOR@ -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/
+
+# Adjust the cache factor if necessary.
+#Environment=SYNAPSE_CACHE_FACTOR=2.0
+
+[Install]
+WantedBy=multi-user.target
+
diff --git a/matrix-synapse.spec b/matrix-synapse.spec
new file mode 100644
index 0000000..8554290
--- /dev/null
+++ b/matrix-synapse.spec
@@ -0,0 +1,403 @@
+#
+# spec file for package matrix-synapse
+#
+# Copyright (c) 2024 SUSE LLC
+#
+# All modifications and additions to the file contributed by third parties
+# remain the property of their copyright owners, unless otherwise agreed
+# upon. The license for this file, and modifications and additions to the
+# file, is the same license as for the pristine package itself (unless the
+# license for the pristine package is not an Open Source License, in which
+# case the license is the MIT License). An "Open Source License" is a
+# license that conforms to the Open Source Definition (Version 1.9)
+# published by the Open Source Initiative.
+
+# Please submit bugfixes or comments via https://bugs.opensuse.org/
+#
+
+
+%bcond_without use_poetry_for_dependencies
+
+# NOTE: Keep this is in the same order as pyproject.toml.
+%if %{with use_poetry_for_dependencies}
+%global Twisted_version 24.7.0
+%global Jinja2_version 3.1.4
+%global Pillow_version 10.4.0
+%global PyYAML_version 6.0.2
+%global attrs_version 23.2.0
+%global bcrypt_version 4.2.0
+%global bleach_version 6.1.0
+%global canonicaljson_version 2.0.0
+%global cryptography_version 43.0.3
+%global immutabledict_version 4.2.1
+%global idna_version 3.8
+%global ijson_version 3.3.0
+%global jsonschema_version 4.20.0
+%global matrix_common_version 1.3.0
+%global matrix_common_max_version 2
+%global msgpack_version 1.1.0
+# TODO 1.3.0
+%global netaddr_version 1.2.1
+# TODO 8.13.50
+%global phonenumbers_version 8.13.49
+%global prometheus_client_version 0.20.0
+%global psutil_version 2.0.0
+%global pyOpenSSL_version 24.2.1
+%global pyasn1_version 0.6.0
+%global pyasn1_modules_version 0.3.0
+%global pymacaroons_version 0.13.0
+%global service_identity_version 24.1.0
+%global signedjson_version 1.1.4
+%global signedjson_max_version 2
+%global sortedcontainers_version 2.4.0
+%global systemd_version 235
+%global typing_extensions_version 4.1.1
+%global treq_version 23.11.0
+%global unpaddedbase64_version 2.1.0
+%global matrix_synapse_ldap3_version 0.3.0
+%global packaging_version 24.0
+%global psycopg2_version 2.9.9
+%global pysaml2_version 7.3.1
+%global Authlib_version 1.3.2
+%global lxml_version 5.3.0
+%global sentry_sdk_version 2.13.0
+%global PyJWT_version 2.6.0
+%global jaeger_client_version 4.8.0
+%global opentracing_version 2.4.0
+# todo: 3.0.0
+%global hiredis_version 2.3.2
+%global txredisapi_version 1.4.10
+%global Pympler_version 1.0.1
+%global pydantic_version 2.7.1
+%global pyicu_version 2.13.1
+%global python_multipart_version 0.0.9
+%else
+# some version locks based on poetry.lock
+%global Jinja2_version 3.0
+%global Pillow_version 10.0.1
+%global PyYAML_version 5.3
+%global Twisted_version 18.9.0
+%global attrs_version 21.1.1
+%global bcrypt_version 3.1.7
+%global bleach_version 1.4.3
+%global canonicaljson_version 2.0.0
+%global cryptography_version 3.4.7
+%global immutabledict_version 2.0
+%global idna_version 2.5
+%global ijson_version 3.2.0
+%global jsonschema_version 3.0.0
+%global matrix_common_version 1.3.0
+%global matrix_common_max_version 2
+%global msgpack_version 0.5.2
+%global netaddr_version 0.7.18
+%global phonenumbers_version 8.13.37
+%global prometheus_client_version 0.4.0
+%global psutil_version 2.0.0
+%global pyOpenSSL_version 16.0.0
+%global pyasn1_version 0.1.9
+%global pyasn1_modules_version 0.0.7
+%global pymacaroons_version 0.13.0
+%global service_identity_version 18.1.0
+%global signedjson_version 1.1.0
+%global signedjson_max_version 2
+%global sortedcontainers_version 1.5.2
+%global systemd_version 231
+%global typing_extensions_version 3.10.0
+%global treq_version 15.1
+%global unpaddedbase64_version 2.1.0
+%global matrix_synapse_ldap3_version 0.2.1
+%global packaging_version 20.0
+%global psycopg2_version 2.8
+%global pysaml2_version 4.5.0
+%global Authlib_version 0.15.1
+%global lxml_version 4.8.0
+%global sentry_sdk_version 1.5.11
+%global PyJWT_version 1.6.4
+%global jaeger_client_version 4.0.0
+%global opentracing_version 2.2.0
+%global hiredis_version 2.0.0
+%global txredisapi_version 1.4.7
+%global Pympler_version 1.0.1
+%global pydantic_version 1.7.4
+%global pyicu_version 2.10.2
+%global python_multipart_version 0.0.9
+%endif
+
+%define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
+
+%define use_python python3
+
+%define pythons %{use_python}
+
+# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS.
+# missing deps
+%if 0%{?suse_version} >= 1550
+%bcond_without synapse_oidc
+%else
+%bcond_with synapse_oidc
+%endif
+%bcond_with synapse_redis
+%bcond_with synapse_opentracing
+%bcond_with synapse_sentry
+# matrix-synapse-ldap isn't packaged on openSUSE.
+%bcond_with synapse_ldap
+
+## Package updates
+#
+# * Update version in _service to the most recent released one
+# * Call `osc service dr`
+# * Update changelog manually from
+# https://github.com/matrix-org/synapse/releases or synapse/CHANGES.md
+# * Commit+submit
+
+%define modname synapse
+%define pkgname matrix-synapse
+%define eggname matrix_synapse
+Name: %{pkgname}
+Version: 1.120.2
+Release: 0
+Summary: Matrix protocol reference homeserver
+License: AGPL-3.0-or-later
+Group: Productivity/Networking/Instant Messenger
+URL: https://github.com/element-hq/synapse
+Source0: %{pkgname}-%{version}.tar.xz
+Source1: vendor.tar.zst
+Source47: matrix-synapse-user.conf
+Source48: README.SUSE
+Source49: matrix-synapse.tmpfiles.d
+Source50: %{pkgname}.service
+Source51: matrix-synapse-generate-config.sh
+# track series file so we can easily use quilt
+# cd synapse ; ln -s .. patches ; quilt push -a
+# to clean up your working copy afterwards: git reset --hard ; rm -rv .pc patches
+Source99: series
+Patch0: matrix-synapse-1.4.1-paths.patch
+Patch1: bump-dependencies.patch
+# https://github.com/matrix-org/synapse/pull/10719
+# disable by marking as source until we get a decision upstream
+Source100: 10719-Fix-instert-of-duplicate-key-into-event_json.patch
+BuildRequires: %{use_python}-base >= 3.11
+BuildRequires: %{use_python}-pip
+BuildRequires: %{use_python}-poetry-core >= 1.1.0
+BuildRequires: %{use_python}-setuptools
+BuildRequires: %{use_python}-wheel
+BuildRequires: cargo
+BuildRequires: fdupes
+BuildRequires: python-rpm-macros
+BuildRequires: systemd-rpm-macros
+BuildRequires: sysuser-shadow
+BuildRequires: sysuser-tools
+BuildRequires: unzip
+%{?systemd_ordering}
+%{sysusers_requires}
+%requires_peq %{use_python}-base
+BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.11)
+# NOTE: Keep this is in the same order as pyproject.toml.
+# some version locks based on poetry.lock
+BuildRequires: %{use_python}-Jinja2 >= %{Jinja2_version}
+%requires_peq %{use_python}-Jinja2
+BuildRequires: %{use_python}-Pillow >= %{Pillow_version}
+%requires_peq %{use_python}-Pillow
+BuildRequires: %{use_python}-PyYAML >= %{PyYAML_version}
+%requires_peq %{use_python}-PyYAML
+BuildRequires: %{use_python}-Twisted >= %{Twisted_version}
+%requires_peq %{use_python}-Twisted
+BuildRequires: %{use_python}-attrs >= %{attrs_version}
+%requires_peq %{use_python}-attrs
+BuildRequires: %{use_python}-bcrypt >= %{bcrypt_version}
+%requires_peq %{use_python}-bcrypt
+BuildRequires: %{use_python}-bleach >= %{bleach_version}
+%requires_peq %{use_python}-bleach
+BuildRequires: (%{use_python}-canonicaljson >= %{canonicaljson_version})
+%requires_peq %{use_python}-canonicaljson
+BuildRequires: %{use_python}-cryptography >= %{cryptography_version}
+%requires_peq %{use_python}-cryptography
+BuildRequires: (%{use_python}-immutabledict >= %{immutabledict_version})
+%requires_peq %{use_python}-immutabledict
+BuildRequires: %{use_python}-idna >= %{idna_version}
+%requires_peq %{use_python}-idna
+BuildRequires: %{use_python}-ijson >= %{ijson_version}
+%requires_peq %{use_python}-ijson
+BuildRequires: %{use_python}-jsonschema >= %{jsonschema_version}
+%requires_peq %{use_python}-jsonschema
+BuildRequires: (%{use_python}-matrix_common >= %{matrix_common_version} with %{use_python}-matrix_common < %{matrix_common_max_version})
+%requires_peq %{use_python}-matrix_common
+BuildRequires: (%{use_python}-python-multipart >= %{python_multipart_version})
+%requires_peq %{use_python}-python-multipart
+BuildRequires: %{use_python}-msgpack >= %{msgpack_version}
+%requires_peq %{use_python}-msgpack
+BuildRequires: %{use_python}-netaddr >= %{netaddr_version}
+%requires_peq %{use_python}-netaddr
+BuildRequires: %{use_python}-phonenumbers >= %{phonenumbers_version}
+%requires_peq %{use_python}-phonenumbers
+BuildRequires: %{use_python}-prometheus_client >= %{prometheus_client_version}
+%requires_peq %{use_python}-prometheus_client
+BuildRequires: %{use_python}-psutil >= %{psutil_version}
+%requires_peq %{use_python}-psutil
+BuildRequires: %{use_python}-pyOpenSSL >= %{pyOpenSSL_version}
+%requires_peq %{use_python}-pyOpenSSL
+BuildRequires: %{use_python}-pyasn1 >= %{pyasn1_version}
+%requires_peq %{use_python}-pyasn1
+BuildRequires: %{use_python}-pyasn1-modules >= %{pyasn1_modules_version}
+%requires_peq %{use_python}-pyasn1-modules
+BuildRequires: %{use_python}-pymacaroons >= %{pymacaroons_version}
+%requires_peq %{use_python}-pymacaroons
+BuildRequires: %{use_python}-service_identity >= %{service_identity_version}
+%requires_peq %{use_python}-service_identity
+BuildRequires: (%{use_python}-signedjson >= %{signedjson_version} with %{use_python}-signedjson < %{signedjson_max_version})
+%requires_peq %{use_python}-signedjson
+BuildRequires: %{use_python}-sortedcontainers >= %{sortedcontainers_version}
+%requires_peq %{use_python}-sortedcontainers
+BuildRequires: %{use_python}-systemd >= %{systemd_version}
+%requires_peq %{use_python}-systemd
+BuildRequires: %{use_python}-typing_extensions >= %{typing_extensions_version}
+%requires_peq %{use_python}-typing_extensions
+BuildRequires: %{use_python}-treq >= %{treq_version}
+%requires_peq %{use_python}-treq
+BuildRequires: %{use_python}-unpaddedbase64 >= %{unpaddedbase64_version}
+%requires_peq %{use_python}-unpaddedbase64
+# Specify all CONDITIONAL_REQUIREMENTS (we Require them to avoid no-recommends
+# breaking very commonly-used bits of matrix-synapse such as postgresql).
+%if %{with synapse_ldap}
+BuildRequires: %{use_python}-matrix-synapse-ldap3 >= %{matrix_synapse_ldap3_version}
+%requires_peq %{use_python}-matrix-synapse-ldap3
+%endif
+BuildRequires: %{use_python}-packaging >= %{packaging_version}
+%requires_peq %{use_python}-packaging
+BuildRequires: %{use_python}-pydantic >= %{pydantic_version}
+%requires_peq %{use_python}-pydantic
+BuildRequires: %{use_python}-psycopg2 >= %{psycopg2_version}
+%requires_peq %{use_python}-psycopg2
+BuildRequires: %{use_python}-pysaml2 >= %{pysaml2_version}
+%requires_peq %{use_python}-pysaml2
+%if %{with synapse_oidc}
+BuildRequires: %{use_python}-Authlib >= %{Authlib_version}
+%requires_peq %{use_python}-Authlib
+%endif
+BuildRequires: %{use_python}-lxml >= %{lxml_version}
+%requires_peq %{use_python}-lxml
+%if %{with synapse_sentry}
+BuildRequires: %{use_python}-sentry-sdk >= %{sentry_sdk_version}
+%requires_peq %{use_python}-sentry-sdk
+%endif
+%if %{with synapse_opentracing}
+BuildRequires: %{use_python}-jaeger-client >= %{jaeger_client_version}
+%requires_peq %{use_python}-jaeger-client
+BuildRequires: %{use_python}-opentracing >= %{opentracing_version}
+%requires_peq %{use_python}-opentracing
+%endif
+%if %{with synapse_redis}
+BuildRequires: %{use_python}-hiredis >= %{hiredis_version}
+%requires_peq %{use_python}-hiredis
+BuildRequires: %{use_python}-txredisapi >= %{txredisapi_version}
+%requires_peq %{use_python}-txredisapi
+%endif
+BuildRequires: %{use_python}-Pympler >= %{Pympler_version}
+%requires_peq %{use_python}-Pympler
+BuildRequires: %{use_python}-PyICU >= %{pyicu_version}
+%requires_peq %{use_python}-PyICU
+# We only provide/obsolete python2 to ensure that users upgrade.
+Obsoletes: python2-matrix-synapse < %{version}-%{release}
+Provides: python2-matrix-synapse = %{version}-%{release}
+Obsoletes: %{use_python}-matrix-synapse < %{version}-%{release}
+Provides: %{use_python}-matrix-synapse = %{version}-%{release}
+
+%description
+Synapse is a Python-based reference "homeserver" implementation of
+Matrix. Matrix is a system for federated Instant Messaging and VoIP.
+
+%prep
+%autosetup -p1 -a1
+
+# Remove all un-needed #!-lines.
+find synapse/ -type f -not -path './vendor/**' -exec sed -i '1{/^#!/d}' {} \;
+# Replace all #!/usr/bin/env lines to use #!/usr/bin/$1 directly.
+find ./ -type f -not -path './vendor/**' -exec \
+ sed -i '1s|^#!/usr/bin/env |#!/usr/bin/|' {} \;
+# Force the usage of the default python3 sys executable
+find ./ -type f -not -path './vendor/**' \
+ -exec sed -i '1s|^#!/usr/bin/python.*$|#!%{__python3}|' {} \;
+
+# Update the python flavour in the service file.
+sed -i 's|@PYTHON_FLAVOR@|%{__python3}|g' %{S:50}
+
+%build
+%pyproject_wheel
+%sysusers_generate_pre %{SOURCE47} %{name}
+
+%install
+cp %{S:48} README.SUSE
+# We install scripts into /usr/lib to avoid silly conflicts with other pkgs.
+install -d -m 0755 %{buildroot}%{_libexecdir}/%{pkgname}
+%pyproject_install
+
+install -d -m 0755 %{buildroot}%{_bindir} %{buildroot}%{_libexecdir}/%{pkgname}/
+# move scripts to the old place.
+mv %{buildroot}%{_bindir}/* %{buildroot}%{_libexecdir}/%{pkgname}/
+# While we provide a systemd service, link synctl so it's simpler to use.
+ln -s %{_libexecdir}/%{pkgname}/synctl %{buildroot}%{_bindir}/synctl
+
+# Install default matrix-synapse configuration.
+# TODO: Switch to the debian default config.
+install -d -m 0750 \
+ %{buildroot}%{_sysconfdir}/%{pkgname}/ \
+ %{buildroot}%{_sysconfdir}/%{pkgname}/{conf,keys}.d/
+install -D -m 0640 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.yaml
+install -D -m 0640 contrib/systemd/log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.systemd.yaml
+install -D -m 0640 contrib/example_log_config.yaml %{buildroot}%{_sysconfdir}/%{pkgname}/log.file.yaml
+
+# Man pages.
+install -D -m 0644 -t %{buildroot}%{_mandir}/man1 debian/*.1
+
+# system configuration.
+mkdir -p %{buildroot}%{_sbindir}
+ln -s %{_sbindir}/service %{buildroot}%{_sbindir}/rc%{pkgname}
+#
+install -D -m 0644 %{S:50} %{buildroot}%{_unitdir}/%{pkgname}.service
+install -D -m 0644 %{S:49} %{buildroot}%{_tmpfilesdir}/%{pkgname}.conf
+install -D -m 0644 %{SOURCE47} %{buildroot}%{_sysusersdir}/%{name}.conf
+#
+install -D -m 0755 %{S:51} %{buildroot}%{_sbindir}/matrix-synapse-generate-config
+
+# User directory.
+install -d -m 0750 %{buildroot}%{_rundir}/%{pkgname}
+install -d -m 0750 %{buildroot}%{_localstatedir}/lib/%{pkgname}
+install -d -m 0750 %{buildroot}%{_localstatedir}/log/%{pkgname}
+
+%fdupes %{buildroot}%{python3_sitearch}
+
+%pre -f %{name}.pre
+%service_add_pre %{pkgname}.service
+
+%post
+%tmpfiles_create %{_tmpfilesdir}/%{pkgname}.conf
+%service_add_post %{pkgname}.service
+
+%preun
+%service_del_preun %{pkgname}.service
+
+%postun
+%service_del_postun %{pkgname}.service
+
+%files -n %{pkgname}
+%doc *.rst CHANGES.md README.SUSE
+%license LICENSE
+%config(noreplace) %attr(-,root,synapse) %{_sysconfdir}/%{pkgname}/
+%dir %attr(0750,%{modname},%{modname}) %{_localstatedir}/lib/%{pkgname}
+%dir %attr(0750,%{modname},%{modname}) %{_localstatedir}/log/%{pkgname}
+%{python3_sitearch}/%{modname}
+%{python3_sitearch}/%{eggname}-*-info
+# Python helper scripts.
+%{_bindir}/synctl
+%{_libexecdir}/%{pkgname}
+# systemd service.
+%{_sbindir}/rc%{pkgname}
+%{_sbindir}/matrix-synapse-generate-config
+%{_unitdir}/%{pkgname}.service
+%{_sysusersdir}/%{name}.conf
+%{_tmpfilesdir}/%{pkgname}.conf
+# Man pages.
+%{_mandir}/man*/*
+%ghost %dir %attr(750,%{modname},%{modname}) /run/matrix-synapse
+
+%changelog
diff --git a/matrix-synapse.tmpfiles.d b/matrix-synapse.tmpfiles.d
new file mode 100644
index 0000000..16659ca
--- /dev/null
+++ b/matrix-synapse.tmpfiles.d
@@ -0,0 +1,2 @@
+# Type Path Mode UID GID Age Argument
+d /run/matrix-synapse 0750 synapse synapse - -
diff --git a/series b/series
new file mode 100644
index 0000000..ea78dfb
--- /dev/null
+++ b/series
@@ -0,0 +1,2 @@
+matrix-synapse-1.4.1-paths.patch
+bump-dependencies.patch
diff --git a/vendor.tar.zst b/vendor.tar.zst
new file mode 100644
index 0000000..c33fd7b
--- /dev/null
+++ b/vendor.tar.zst
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:761c8237499e33695ef7b70e81f01f59565df51cbed197022ea79bd2220020f1
+size 7163969