|
|
|
|
@ -1,708 +1,3 @@
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Feb 11 13:24:15 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.124.0
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix regression in performance of sending events due to
|
|
|
|
|
superfluous reads and locks. Introduced in v1.124.0rc1.
|
|
|
|
|
(#18141)
|
|
|
|
|
- Fix regression where persisting events in some rooms could
|
|
|
|
|
fail after a previous unclean shutdown. Introduced in
|
|
|
|
|
v1.124.0rc1. (#18137)
|
|
|
|
|
- Add rate limit rc_presence.per_user. This prevents load from
|
|
|
|
|
excessive presence updates sent by clients via sync api. Also
|
|
|
|
|
rate limit /_matrix/client/v3/presence as per the spec.
|
|
|
|
|
Contributed by @rda0. (#18000)
|
|
|
|
|
- Deactivated users will no longer automatically accept an
|
|
|
|
|
invite when auto_accept_invites is enabled. (#18073)
|
|
|
|
|
- Fix join being denied after being invited over federation.
|
|
|
|
|
Also fixes other out-of-band membership transitions. (#18075)
|
|
|
|
|
- Updates contributed docker-compose.yml file to PostgreSQL
|
|
|
|
|
v15, as v12 is no longer supported by Synapse. Contributed by
|
|
|
|
|
@maxkratz. (#18089)
|
|
|
|
|
- Fix rare edge case where state groups could be deleted while
|
|
|
|
|
we are persisting new events that reference them. (#18107,
|
|
|
|
|
#18130, #18131)
|
|
|
|
|
- Raise an error if someone is using an incorrect suffix in a
|
|
|
|
|
config duration string. (#18112)
|
|
|
|
|
- Fix a bug where the Delete Room Admin API would fail if the
|
|
|
|
|
block parameter was set to true and a worker other than the
|
|
|
|
|
main process was configured to handle background tasks.
|
|
|
|
|
(#18119)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Increase the length of the generated nonce parameter when
|
|
|
|
|
perfoming OIDC logins to comply with the TI-Messenger spec.
|
|
|
|
|
(#18109)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump dawidd6/action-download-artifact from 7 to 8. (#18108)
|
|
|
|
|
- Bump log from 0.4.22 to 0.4.25. (#18098)
|
|
|
|
|
- Bump python-multipart from 0.0.18 to 0.0.20. (#18096)
|
|
|
|
|
- Bump serde_json from 1.0.135 to 1.0.137. (#18099)
|
|
|
|
|
- Bump types-bleach from 6.1.0.20240331 to 6.2.0.20241123.
|
|
|
|
|
(#18082)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Feb 10 17:44:27 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- enable support for building against 3.11 on older distros
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 28 16:33:21 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.123.0
|
|
|
|
|
- Features
|
|
|
|
|
- Implement MSC4133 for custom profile fields. Contributed by
|
|
|
|
|
@clokep. (#17488)
|
|
|
|
|
- Add a query parameter type to the Room State Admin API that
|
|
|
|
|
filters the state event. (#18035)
|
|
|
|
|
- Support the new /auth_metadata endpoint defined in MSC2965.
|
|
|
|
|
(#18093)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix membership caches not updating in state reset scenarios.
|
|
|
|
|
(#17732)
|
|
|
|
|
- Fix rare race where on upgrade to v1.122.0 a long running
|
|
|
|
|
database upgrade could lock out new events from being
|
|
|
|
|
received or sent. (#18091)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Document tls option for a worker instance in instance_map.
|
|
|
|
|
(#18064)
|
|
|
|
|
- Deprecations and Removals
|
|
|
|
|
- Remove the unstable MSC4151 implementation. The stable
|
|
|
|
|
support remains, per Matrix 1.13. (#18052)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Increase invite rate limits (rc_invites.per_issuer) for
|
|
|
|
|
Complement. (#18072)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump jinja2 from 3.1.4 to 3.1.5. (#18067)
|
|
|
|
|
- Bump mypy from 1.12.1 to 1.13.0. (#18083)
|
|
|
|
|
- Bump pillow from 11.0.0 to 11.1.0. (#18084)
|
|
|
|
|
- Bump pyo3 from 0.23.3 to 0.23.4. (#18079)
|
|
|
|
|
- Bump pyopenssl from 24.2.1 to 24.3.0. (#18062)
|
|
|
|
|
- Bump serde_json from 1.0.134 to 1.0.135. (#18081)
|
|
|
|
|
- Bump ulid from 1.1.3 to 1.1.4. (#18080)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 14 17:11:47 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.122.0
|
|
|
|
|
Please note that this version of Synapse drops support for
|
|
|
|
|
PostgreSQL 11 and 12. The minimum version of PostgreSQL supported
|
|
|
|
|
is now version 13.
|
|
|
|
|
|
|
|
|
|
- Deprecations and Removals
|
|
|
|
|
- Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034)
|
|
|
|
|
- Features
|
|
|
|
|
- Added the email.tlsname config option. This allows specifying
|
|
|
|
|
the domain name used to validate the SMTP server's TLS
|
|
|
|
|
certificate separately from the email.smtp_host to connect
|
|
|
|
|
to. (#17849)
|
|
|
|
|
- Module developers will have access to the user ID of the
|
|
|
|
|
requester when adding check_username_for_spam callbacks to
|
|
|
|
|
spam_checker_module_callbacks. Contributed by
|
|
|
|
|
Wilson@Pangea.chat. (#17916)
|
|
|
|
|
- Add endpoints to the Admin API to fetch the number of invites
|
|
|
|
|
the provided user has sent after a given timestamp, fetch the
|
|
|
|
|
number of rooms the provided user has joined after a given
|
|
|
|
|
timestamp, and get report IDs of event reports against a
|
|
|
|
|
provided user (i.e. where the user was the sender of the
|
|
|
|
|
reported event). (#17948)
|
|
|
|
|
- Support stable account suspension from MSC3823. (#17964)
|
|
|
|
|
- Add macaroon_secret_key_path config option. (#17983)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix bug when rejecting withdrew invite with a
|
|
|
|
|
third_party_rules module, where the invite would be stuck for
|
|
|
|
|
the client. (#17930)
|
|
|
|
|
- Properly purge state groups tables when purging a room with
|
|
|
|
|
the Admin API. (#18024)
|
|
|
|
|
- Fix a bug preventing the admin redaction endpoint from
|
|
|
|
|
working on messages from remote users. (#18029, #18043)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Update synapse.app.generic_worker documentation to only
|
|
|
|
|
recommend GET requests for stream writer routes by default,
|
|
|
|
|
unless the worker is also configured as a stream writer.
|
|
|
|
|
Contributed by @evoL. (#17954)
|
|
|
|
|
- Add documentation for the previously-undocumented
|
|
|
|
|
last_seen_ts query parameter to the query user Admin API.
|
|
|
|
|
(#17976)
|
|
|
|
|
- Improve documentation for the TaskScheduler class. (#17992)
|
|
|
|
|
- Fix example in reverse proxy docs to include server port.
|
|
|
|
|
(#17994)
|
|
|
|
|
- Update Alpine Linux Synapse Package Maintainer within the
|
|
|
|
|
installation instructions. (#17846)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Add RoomID & EventID rust types. (#17996)
|
|
|
|
|
- Fix various type errors across the codebase. (#17998)
|
|
|
|
|
- Disable DB statement timeout when doing a room purge since it
|
|
|
|
|
can be quite long. (#18017)
|
|
|
|
|
- Remove some remaining uses of
|
|
|
|
|
twisted.internet.defer.returnValue. Contributed by Colin
|
|
|
|
|
Watson. (#18020)
|
|
|
|
|
- Refactor get_profile to no longer include fields with a value
|
|
|
|
|
of None. (#18063)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump anyhow from 1.0.93 to 1.0.95. (#18012, #18045)
|
|
|
|
|
- Bump authlib from 1.3.2 to 1.4.0. (#18048)
|
|
|
|
|
- Bump dawidd6/action-download-artifact from 6 to 7. (#17981)
|
|
|
|
|
- Bump http from 1.1.0 to 1.2.0. (#18013)
|
|
|
|
|
- Bump mypy from 1.11.2 to 1.12.1. (#17999)
|
|
|
|
|
- Bump mypy-zope from 1.0.8 to 1.0.9. (#18047)
|
|
|
|
|
- Bump pillow from 10.4.0 to 11.0.0. (#18015)
|
|
|
|
|
- Bump pydantic from 2.9.2 to 2.10.3. (#18014)
|
|
|
|
|
- Bump pyicu from 2.13.1 to 2.14. (#18060)
|
|
|
|
|
- Bump pyo3 from 0.23.2 to 0.23.3. (#18001)
|
|
|
|
|
- Bump python-multipart from 0.0.16 to 0.0.18. (#17985)
|
|
|
|
|
- Bump sentry-sdk from 2.17.0 to 2.19.2. (#18061)
|
|
|
|
|
- Bump serde from 1.0.215 to 1.0.217. (#18031, #18059)
|
|
|
|
|
- Bump serde_json from 1.0.133 to 1.0.134. (#18044)
|
|
|
|
|
- Bump twine from 5.1.1 to 6.0.1. (#18049)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 11 16:11:34 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- switch to primary_python to directly follow the default python
|
|
|
|
|
without the python3 indirection
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Dec 11 15:58:41 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.121.0
|
|
|
|
|
This release candidate contains the security fixes from v1.120.2.
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Support for MSC4190: device management for Application
|
|
|
|
|
Services. (#17705)
|
|
|
|
|
- Update MSC4186 Sliding Sync to include invite, ban, kick,
|
|
|
|
|
targets when $LAZY-loading room members. (#17947)
|
|
|
|
|
- Use stable M_USER_LOCKED error code for locked accounts, as
|
|
|
|
|
per Matrix 1.12. (#17965)
|
|
|
|
|
- MSC4076: Add disable_badge_count to pusher configuration.
|
|
|
|
|
(#17975)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix long-standing bug where read receipts could get overly
|
|
|
|
|
delayed being sent over federation. (#17933)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Add OIDC example configuration for Forgejo (fork of Gitea).
|
|
|
|
|
(#17872)
|
|
|
|
|
- Link to element-docker-demo from contrib/docker*. (#17953)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- MSC4108: Add a Content-Type header on the PUT response to
|
|
|
|
|
work around a faulty behavior in some caching reverse
|
|
|
|
|
proxies. (#17253)
|
|
|
|
|
- Fix incorrect comment in new schema delta. (#17936)
|
|
|
|
|
- Raise setuptools_rust version cap to 1.10.2. (#17944)
|
|
|
|
|
- Enable encrypted appservice related experimental features in
|
|
|
|
|
the complement docker image. (#17945)
|
|
|
|
|
- Return whether the user is suspended when querying the user
|
|
|
|
|
account in the Admin API. (#17952)
|
|
|
|
|
- Fix new scheduled tasks jumping the queue. (#17962)
|
|
|
|
|
- Bump pyo3 and dependencies to v0.23.2. (#17966)
|
|
|
|
|
- Update setuptools-rust and fix building abi3 wheels in latest
|
|
|
|
|
version. (#17969)
|
|
|
|
|
- Consolidate SSO redirects through
|
|
|
|
|
/_matrix/client/v3/login/sso/redirect(/{idpId}). (#17972)
|
|
|
|
|
- Fix Docker and Complement config to be able to use
|
|
|
|
|
public_baseurl. (#17986)
|
|
|
|
|
- Fix building wheels for MacOS which was temporarily disabled
|
|
|
|
|
in Synapse 1.120.2. (#17993)
|
|
|
|
|
- Fix release process to not create duplicate releases.
|
|
|
|
|
(#17970, #17995)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump bytes from 1.8.0 to 1.9.0. (#17982)
|
|
|
|
|
- Bump pysaml2 from 7.3.1 to 7.5.0. (#17978)
|
|
|
|
|
- Bump serde_json from 1.0.132 to 1.0.133. (#17939)
|
|
|
|
|
- Bump tomli from 2.0.2 to 2.1.0. (#17959)
|
|
|
|
|
- Bump tomli from 2.1.0 to 2.2.1. (#17979)
|
|
|
|
|
- Bump tornado from 6.4.1 to 6.4.2. (#17955)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Dec 9 23:07:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- BuildIgnore cargo and rust as they both obsolete the version we
|
|
|
|
|
currently need
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 3 17:13:57 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.120.2 (boo#1234110)
|
|
|
|
|
This patch release fixes multiple security vulnerabilities, some
|
|
|
|
|
affecting all prior versions of Synapse. Server administrators
|
|
|
|
|
are encouraged to update Synapse as soon as possible. We are not
|
|
|
|
|
aware of these vulnerabilities being exploited in the wild.
|
|
|
|
|
|
|
|
|
|
Administrators who are unable to update Synapse may use the
|
|
|
|
|
workarounds described in the linked GitHub Security Advisory
|
|
|
|
|
below.
|
|
|
|
|
|
|
|
|
|
- Security advisory
|
|
|
|
|
The following issues are fixed in 1.120.1.
|
|
|
|
|
- GHSA-rfq8-j7rh-8hf2 / CVE-2024-52805 (high): Unsupported
|
|
|
|
|
content types can lead to memory exhaustion
|
|
|
|
|
Synapse instances which have a high max_upload_size and which
|
|
|
|
|
don't have a reverse proxy in front of them that would
|
|
|
|
|
otherwise limit upload size are affected.
|
|
|
|
|
Fixed by 4b7154c58501b4bf5e1c2d6c11ebef96529f2fdf.
|
|
|
|
|
- GHSA-f3r3-h2mq-hx2h / CVE-2024-52815 (high): Malicious
|
|
|
|
|
invites via federation can break a user's sync
|
|
|
|
|
Fixed by d82e1ed357b7ee21dff83d06cba7a67840cfd464.
|
|
|
|
|
- GHSA-vp6v-whfm-rv3g / CVE-2024-53863 (high): Synapse can be
|
|
|
|
|
forced to thumbnail unexpected file formats, invoking
|
|
|
|
|
potentially untrustworthy decoders
|
|
|
|
|
Synapse instances can disable dynamic thumbnailing by setting
|
|
|
|
|
dynamic_thumbnails to false in the configuration file.
|
|
|
|
|
Fixed by b64a4e5fbbbf119b6c65aedf0d999b4237d55503.
|
|
|
|
|
- GHSA-56w4-5538-8v8h / CVE-2024-53867 (moderate): The Sliding
|
|
|
|
|
Sync feature on Synapse versions between 1.113.0rc1 and
|
|
|
|
|
1.120.0 can leak partial room state changes to users no
|
|
|
|
|
longer in a room
|
|
|
|
|
Non-state events, like messages, are unaffected.
|
|
|
|
|
Synapse instances can disable the Sliding Sync feature by
|
|
|
|
|
setting experimental_features.msc3575_enabled to false in the
|
|
|
|
|
configuration file.
|
|
|
|
|
Fixed by 4daa533e82f345ce87b9495d31781af570ba3ead.
|
|
|
|
|
|
|
|
|
|
Additionally, we disclose the following vulnerabilities, both
|
|
|
|
|
have been fixed in Synapse 1.106.0:
|
|
|
|
|
|
|
|
|
|
- GHSA-4mhg-xv73-xq2x / CVE-2024-37302 (high): Denial of service
|
|
|
|
|
through media disk space consumption
|
|
|
|
|
- GHSA-gjgr-7834-rhxr / CVE-2024-37303 (moderate):
|
|
|
|
|
Unauthenticated writes to the media repository allow planting
|
|
|
|
|
of problematic content
|
|
|
|
|
|
|
|
|
|
See the advisories for more details. If you have any questions,
|
|
|
|
|
email security at element.io.
|
|
|
|
|
|
|
|
|
|
- Bug fixes
|
|
|
|
|
- Fix release process to not create duplicate releases. (#17970)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Nov 26 14:22:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.120.0
|
|
|
|
|
This release enables the enforcement of authenticated media by
|
|
|
|
|
default, with exemptions for media that is already present in the
|
|
|
|
|
homeserver's media store.
|
|
|
|
|
|
|
|
|
|
Most homeservers operating in the public federation will not be
|
|
|
|
|
impacted by this change, given that the large homeserver
|
|
|
|
|
matrix.org enabled this in September 2024 and therefore most
|
|
|
|
|
clients and servers will already have updated as a result.
|
|
|
|
|
|
|
|
|
|
Some server administrators may still wish to disable this
|
|
|
|
|
enforcement for the time being, in the interest of compatibility
|
|
|
|
|
with older clients and older federated homeservers.
|
|
|
|
|
|
|
|
|
|
See the upgrade notes for more information.
|
|
|
|
|
https://element-hq.github.io/synapse/v1.120/upgrade.html#authenticated-media-is-now-enforced-by-default
|
|
|
|
|
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix a bug introduced in Synapse v1.120rc1 which would cause
|
|
|
|
|
the newly-introduced `delete_old_otks` job to fail in
|
|
|
|
|
worker-mode deployments. (#17960)
|
|
|
|
|
- Features
|
|
|
|
|
- Enforce authenticated media by default. Administrators can
|
|
|
|
|
revert this by configuring enable_authenticated_media to
|
|
|
|
|
false. In a future release of Synapse, this option will be
|
|
|
|
|
removed and become always-on. (#17889)
|
|
|
|
|
- Add a one-off task to delete old One-Time Keys, to guard
|
|
|
|
|
against us having old OTKs in the database that the client
|
|
|
|
|
has long forgotten about. (#17934)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Clarify the semantics of the enable_authenticated_media
|
|
|
|
|
configuration option. (#17913)
|
|
|
|
|
- Add documentation about backing up Synapse. (#17931)
|
|
|
|
|
- Deprecations and Removals
|
|
|
|
|
- Remove support for MSC3886: Simple client rendezvous
|
|
|
|
|
capability, which has been superseded by MSC4108 and
|
|
|
|
|
therefore closed. (#17638)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Addressed some typos in docs and returned error message for
|
|
|
|
|
unknown MXC ID. (#17865)
|
|
|
|
|
- Unpin the upload release GHA action. (#17923)
|
|
|
|
|
- Bump macos version used to build wheels during release, as
|
|
|
|
|
current version used is end-of-life. (#17924)
|
|
|
|
|
- Move server event filtering logic to rust. (#17928)
|
|
|
|
|
- Support new package name of PyPI package python-multipart
|
|
|
|
|
0.0.13 so that distro packagers do not need to work around
|
|
|
|
|
name conflict with PyPI package multipart. (#17932)
|
|
|
|
|
- Speed up slow initial sliding syncs on large servers.
|
|
|
|
|
(#17946)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump anyhow from 1.0.92 to 1.0.93. (#17920)
|
|
|
|
|
- Bump bleach from 6.1.0 to 6.2.0. (#17918)
|
|
|
|
|
- Bump immutabledict from 4.2.0 to 4.2.1. (#17941)
|
|
|
|
|
- Bump packaging from 24.1 to 24.2. (#17940)
|
|
|
|
|
- Bump phonenumbers from 8.13.49 to 8.13.50. (#17942)
|
|
|
|
|
- Bump pygithub from 2.4.0 to 2.5.0. (#17917)
|
|
|
|
|
- Bump ruff from 0.7.2 to 0.7.3. (#17919)
|
|
|
|
|
- Bump serde from 1.0.214 to 1.0.215. (#17938)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Nov 22 02:44:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- allow newer setuptools-rust
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 13 15:53:23 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- drop 17886.patch
|
|
|
|
|
- refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again
|
|
|
|
|
- Update to 1.119.0
|
|
|
|
|
Python 3.8 is end-of-life and is no longer supported by Synapse.
|
|
|
|
|
The minimum supported Python version is now 3.9.
|
|
|
|
|
|
|
|
|
|
If you are running Synapse with Python 3.8, please upgrade to
|
|
|
|
|
Python 3.9 (or greater) before upgrading Synapse.
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Support MSC4151's stable report room API. (#17374)
|
|
|
|
|
- Add experimental support for MSC4222 (Adding state_after to
|
|
|
|
|
sync v2). (#17888)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix bug with sliding sync where $LAZY-loading room members
|
|
|
|
|
would not return required_state membership in incremental
|
|
|
|
|
syncs. (#17809)
|
|
|
|
|
- Check if user has membership in a room before tagging it.
|
|
|
|
|
Contributed by Lama Alosaimi. (#17839)
|
|
|
|
|
- Fix a bug in the admin redact endpoint where the background
|
|
|
|
|
task would not run if a worker was specified in
|
|
|
|
|
- the config option run_background_tasks_on. (#17847)
|
|
|
|
|
- Fix bug where some presence and typing timeouts can expire
|
|
|
|
|
early. (#17850)
|
|
|
|
|
- Fix detection when the built Rust library was outdated when
|
|
|
|
|
using source installations. (#17861)
|
|
|
|
|
- Fix a long-standing bug in Synapse which could cause one-time
|
|
|
|
|
keys to be issued in the incorrect order, causing message
|
|
|
|
|
decryption failures. (#17903)
|
|
|
|
|
- Fix experimental support for MSC4222 (Adding state_after to
|
|
|
|
|
sync v2) where we would return the full state on incremental
|
|
|
|
|
syncs when using lazy loaded members and there were no new
|
|
|
|
|
events in the timeline. (#17915)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Remove support for python 3.8. (#17908)
|
|
|
|
|
- Add a test for downloading and thumbnailing a CMYK JPEG.
|
|
|
|
|
(#17786)
|
|
|
|
|
- Refactor database calls to remove Generator usage. (#17813,
|
|
|
|
|
#17814, #17815, #17816, #17817, #17818, #17890)
|
|
|
|
|
- Include the destination in the error of 'Destination
|
|
|
|
|
mismatch' on federation requests. (#17830)
|
|
|
|
|
- The nix flake inside the repository no longer tracks
|
|
|
|
|
nixpkgs/master to not catch the latest bugs from a PR merged
|
|
|
|
|
5 minutes ago. (#17852)
|
|
|
|
|
- Minor speed-up of sliding sync by computing extensions
|
|
|
|
|
results in parallel. (#17884)
|
|
|
|
|
- Bump the default Python version in the Synapse Dockerfile
|
|
|
|
|
from 3.11 -> 3.12. (#17887)
|
|
|
|
|
- Remove usage of internal header encoding API. (#17894)
|
|
|
|
|
- Use unique name for each os.arch variant when uploading Wheel
|
|
|
|
|
artifacts. (#17905)
|
|
|
|
|
- Fix tests to run with latest Twisted. (#17906, #17907,
|
|
|
|
|
#17911)
|
|
|
|
|
- Update version constraint to allow the latest poetry-core
|
|
|
|
|
1.9.1. (#17902)
|
|
|
|
|
- Update the portdb CI to use Python 3.13 and Postgres 17 as
|
|
|
|
|
latest dependencies. (#17909)
|
|
|
|
|
- Add an index to current_state_delta_stream table. (#17912)
|
|
|
|
|
- Fix building and attaching release artifacts during the
|
|
|
|
|
release process. (#17921)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump actions/download-artifact & actions/upload-artifact from
|
|
|
|
|
3 to 4 in /.github/workflows. (#17657)
|
|
|
|
|
- Bump anyhow from 1.0.89 to 1.0.92. (#17858, #17876, #17901)
|
|
|
|
|
- Bump bytes from 1.7.2 to 1.8.0. (#17877)
|
|
|
|
|
- Bump cryptography from 43.0.1 to 43.0.3. (#17853)
|
|
|
|
|
- Bump mypy-zope from 1.0.7 to 1.0.8. (#17898)
|
|
|
|
|
- Bump phonenumbers from 8.13.47 to 8.13.49. (#17880, #17899)
|
|
|
|
|
- Bump python-multipart from 0.0.12 to 0.0.16. (#17879)
|
|
|
|
|
- Bump regex from 1.11.0 to 1.11.1. (#17874)
|
|
|
|
|
- Bump ruff from 0.6.9 to 0.7.2. (#17868, #17897)
|
|
|
|
|
- Bump serde from 1.0.210 to 1.0.214. (#17875, #17900)
|
|
|
|
|
- Bump serde_json from 1.0.128 to 1.0.132. (#17857)
|
|
|
|
|
- Bump types-psycopg2 from 2.9.21.20240819 to 2.9.21.20241019.
|
|
|
|
|
(#17855)
|
|
|
|
|
- Bump types-setuptools from 75.1.0.20241014 to
|
|
|
|
|
75.2.0.20241019. (#17856)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Oct 30 19:12:19 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Allow Twisted 24.10.0 again with backport of proposed upstream
|
|
|
|
|
fix
|
|
|
|
|
https://patch-diff.githubusercontent.com/raw/element-hq/synapse/pull/17886.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Oct 30 18:19:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- downgrade Twisted to 24.7.0 until https://github.com/element-hq/synapse/pull/17886
|
|
|
|
|
is merged
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 29 19:07:58 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.118.0
|
|
|
|
|
Python 3.8 support will be dropped in the next release
|
|
|
|
|
Python 3.8 is now end-of-life. As per our Deprecation Policy for
|
|
|
|
|
Platform Dependencies, Synapse will be dropping support for
|
|
|
|
|
Python 3.8 in the next release; Synapse 1.119.0.
|
|
|
|
|
|
|
|
|
|
Synapse 1.118.x will be the final release to support Python 3.8.
|
|
|
|
|
If you are running Synapse with Python 3.8, please upgrade before
|
|
|
|
|
the 1.119.0 release, due in less than one month.
|
|
|
|
|
|
|
|
|
|
Python 3.13 and PostgreSQL 17 support
|
|
|
|
|
On the other end of the spectrum, Synapse 1.118.0 is the first
|
|
|
|
|
release to support Python 3.13! PostgreSQL 17 is also supported
|
|
|
|
|
as of this release.
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Added the display_name_claim option to the JWT configuration.
|
|
|
|
|
This option allows specifying the claim key that contains the
|
|
|
|
|
user's display name in the JWT payload. (#17708)
|
|
|
|
|
- Implement MSC4210: Remove legacy mentions. Contributed by
|
|
|
|
|
@tulir @ Beeper. (#17783)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix saving of PNG thumbnails, when the original image is in
|
|
|
|
|
the CMYK color space. (#17736)
|
|
|
|
|
- Fix bug with sliding sync where the server would not return
|
|
|
|
|
state that was added to the required_state config. (#17785,
|
|
|
|
|
#17805)
|
|
|
|
|
- Fix a bug in MSC4186 Sliding Sync that would cause rooms to
|
|
|
|
|
stay forgotten and hidden even after rejoining. (#17835)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Clarify when the user_may_invite and
|
|
|
|
|
user_may_send_3pid_invite module callbacks are called.
|
|
|
|
|
(#17627)
|
|
|
|
|
- Correct documentation to refer to the --config-path argument
|
|
|
|
|
instead of --config-file. (#17802)
|
|
|
|
|
- Fix typo in target_cache_memory_usage docs. (#17825)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Slight optimization when fetching state/events for Sliding
|
|
|
|
|
Sync. (#17718)
|
|
|
|
|
- Add Python 3.13 and Postgres 17 to the test matrix. (#17752)
|
|
|
|
|
- Test github token before running release script steps.
|
|
|
|
|
(#17803)
|
|
|
|
|
- Build debian packages for new Ubuntu versions, and stop
|
|
|
|
|
building for no longer supported versions. (#17824)
|
|
|
|
|
- Enable the .org.matrix.msc4028.encrypted_event push rule by
|
|
|
|
|
default in accordance with MSC4028. Note that the
|
|
|
|
|
corresponding experimental feature must still be switched on
|
|
|
|
|
for this push rule to have any effect. (#17826)
|
|
|
|
|
- Fix some typing issues uncovered by upgrading mypy to 1.11.x.
|
|
|
|
|
(#17842)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump mypy from 1.10.1 to 1.11.2. (#17842)
|
|
|
|
|
- Bump mypy-zope from 1.0.5 to 1.0.7. (#17827)
|
|
|
|
|
- Bump phonenumbers from 8.13.46 to 8.13.47. (#17797)
|
|
|
|
|
- Bump psycopg2 from 2.9.9 to 2.9.10. (#17843)
|
|
|
|
|
- Bump ruff from 0.6.8 to 0.6.9. (#17794)
|
|
|
|
|
- Bump sentry-sdk from 2.14.0 to 2.15.0. (#17795)
|
|
|
|
|
- Bump sentry-sdk from 2.15.0 to 2.16.0. (#17829)
|
|
|
|
|
- Bump sentry-sdk from 2.16.0 to 2.17.0. (#17844)
|
|
|
|
|
- Bump sigstore/cosign-installer from 3.6.0 to 3.7.0. (#17798)
|
|
|
|
|
- Bump tomli from 2.0.1 to 2.0.2. (#17796)
|
|
|
|
|
- Bump types-requests from 2.32.0.20240914 to 2.32.0.20241016.
|
|
|
|
|
(#17841)
|
|
|
|
|
- Bump types-setuptools from 75.1.0.20240917 to
|
|
|
|
|
75.1.0.20241014. (#17828)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 15 13:54:06 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.117.0
|
|
|
|
|
- Features
|
|
|
|
|
- Add config option redis.password_path. (#17717)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Fix a rare bug introduced in v1.29.0 where invalidating a
|
|
|
|
|
user's access token from a worker could raise an error.
|
|
|
|
|
(#17779)
|
|
|
|
|
- In the response to GET /_matrix/client/versions, set the
|
|
|
|
|
unstable_features flag for MSC4140 to false when server
|
|
|
|
|
configuration disables support for delayed events. (#17780)
|
|
|
|
|
- Improve input validation and room membership checks in admin
|
|
|
|
|
redaction API. (#17792)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Clarify the docstring of test_forget_when_not_left. (#17628)
|
|
|
|
|
- Add documentation note about PYTHONMALLOC for accurate
|
|
|
|
|
jemalloc memory tracking. Contributed by @hensg. (#17709)
|
|
|
|
|
- Remove spurious "TODO UPDATE ALL THIS" note in the Debian
|
|
|
|
|
installation docs. (#17749)
|
|
|
|
|
- Explain how load balancing works for
|
|
|
|
|
federation_sender_instances. (#17776)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Minor performance increase for large accounts using sliding
|
|
|
|
|
sync. (#17751)
|
|
|
|
|
- Increase performance of the notifier when there are many
|
|
|
|
|
syncing users. (#17765, #17766)
|
|
|
|
|
- Fix performance of streams that don't change often. (#17767)
|
|
|
|
|
- Improve performance of sliding sync connections that do not
|
|
|
|
|
ask for any rooms. (#17768)
|
|
|
|
|
- Reduce overhead of sliding sync E2EE loops. (#17771)
|
|
|
|
|
- Sliding sync minor performance speed up using new table.
|
|
|
|
|
(#17787)
|
|
|
|
|
- Sliding sync minor performance improvement by omitting
|
|
|
|
|
unchanged data from incremental responses. (#17788)
|
|
|
|
|
- Speed up sliding sync when there are many active
|
|
|
|
|
subscriptions. (#17789)
|
|
|
|
|
- Add missing license headers on new source files. (#17799)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump phonenumbers from 8.13.45 to 8.13.46. (#17773)
|
|
|
|
|
- Bump python-multipart from 0.0.10 to 0.0.12. (#17772)
|
|
|
|
|
- Bump regex from 1.10.6 to 1.11.0. (#17770)
|
|
|
|
|
- Bump ruff from 0.6.7 to 0.6.8. (#17774)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 1 17:19:50 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.116.0
|
|
|
|
|
- Features
|
|
|
|
|
- Add implementation of restricting who can overwrite a state
|
|
|
|
|
event as proposed by MSC3757. (#17513)
|
|
|
|
|
- Add initial implementation of delayed events as proposed by
|
|
|
|
|
MSC4140. (#17326)
|
|
|
|
|
- Add an asynchronous Admin API endpoint to redact all a user's
|
|
|
|
|
events,
|
|
|
|
|
- and an endpoint to check on the status of that redaction
|
|
|
|
|
task. (#17506)
|
|
|
|
|
- Add support for the tags and not_tags filters for MSC4186
|
|
|
|
|
Sliding Sync. (#17662)
|
|
|
|
|
- Guests can use the new media endpoints to download media, as
|
|
|
|
|
described by MSC4189. (#17675)
|
|
|
|
|
- Add config option turn_shared_secret_path. (#17690)
|
|
|
|
|
- Return room tags in MSC4186 Sliding Sync account data
|
|
|
|
|
extension. (#17707)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Make sure we get up-to-date state information when using the
|
|
|
|
|
new MSC4186 Sliding Sync tables to derive room membership.
|
|
|
|
|
(#17692)
|
|
|
|
|
- Fix bug where room account data would not correctly be sent
|
|
|
|
|
down MSC4186 Sliding Sync for old rooms. (#17695)
|
|
|
|
|
- Fix a bug in MSC4186 Sliding Sync which could prevent /sync
|
|
|
|
|
from working for certain user accounts. (#17727, #17733)
|
|
|
|
|
- Ignore invites from ignored users in Sliding Sync. (#17729)
|
|
|
|
|
- Fix bug in MSC4186 Sliding Sync where the server would
|
|
|
|
|
incorrectly return a negative bump stamp, which caused
|
|
|
|
|
Element X apps to stop syncing. (#17748)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Import pydantic objects from the _pydantic_compat module.
|
|
|
|
|
This allows check_pydantic_models.py to mock those pydantic
|
|
|
|
|
objects only in the synapse module, and not interfere with
|
|
|
|
|
pydantic objects in external dependencies. (#17667)
|
|
|
|
|
- Use MSC4186 Sliding Sync tables as a bulk shortcut for
|
|
|
|
|
getting the max event_stream_ordering of rooms. (#17693)
|
|
|
|
|
- Speed up MSC4186 sliding sync requests a bit where there are
|
|
|
|
|
many room changes. (#17696)
|
|
|
|
|
- Refactor MSC4186 sliding sync filter unit tests so the
|
|
|
|
|
sliding sync API has better test coverage. (#17703)
|
|
|
|
|
- Fetch bump_stamps more efficiently in MSC4186 Sliding Sync.
|
|
|
|
|
(#17723)
|
|
|
|
|
- Shortcut for checking if certain background updates have
|
|
|
|
|
completed (utilized in MSC4186 Sliding Sync). (#17724)
|
|
|
|
|
- More efficiently fetch rooms for MSC4186 Sliding Sync.
|
|
|
|
|
(#17725)
|
|
|
|
|
- Fix _bulk_get_max_event_pos being inefficient. (#17728)
|
|
|
|
|
- Add cache to get_tags_for_room(...). (#17730)
|
|
|
|
|
- Small performance improvement in speeding up MSC4186 Sliding
|
|
|
|
|
Sync. (#17731)
|
|
|
|
|
- Minor speed up of initial MSC4186 sliding sync requests.
|
|
|
|
|
(#17734)
|
|
|
|
|
- Remove usage of the deprecated cgi module, deprecated in
|
|
|
|
|
Python 3.11 and removed in Python 3.13. (#17741)
|
|
|
|
|
- Fix typing of a variable that is not Unknown anymore after
|
|
|
|
|
updating treq. (#17744)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump anyhow from 1.0.86 to 1.0.89. (#17685, #17716)
|
|
|
|
|
- Bump bytes from 1.7.1 to 1.7.2. (#17743)
|
|
|
|
|
- Bump cryptography from 43.0.0 to 43.0.1. (#17689)
|
|
|
|
|
- Bump idna from 3.8 to 3.10. (#17758)
|
|
|
|
|
- Bump msgpack from 1.0.8 to 1.1.0. (#17759)
|
|
|
|
|
- Bump phonenumbers from 8.13.44 to 8.13.45. (#17762)
|
|
|
|
|
- Bump prometheus-client from 0.20.0 to 0.21.0. (#17746)
|
|
|
|
|
- Bump pyasn1 from 0.6.0 to 0.6.1. (#17714)
|
|
|
|
|
- Bump pyasn1-modules from 0.4.0 to 0.4.1. (#17747)
|
|
|
|
|
- Bump pydantic from 2.8.2 to 2.9.2. (#17756)
|
|
|
|
|
- Bump python-multipart from 0.0.9 to 0.0.10. (#17745)
|
|
|
|
|
- Bump ruff from 0.6.4 to 0.6.7. (#17715, #17760)
|
|
|
|
|
- Bump sentry-sdk from 2.13.0 to 2.14.0. (#17712)
|
|
|
|
|
- Bump serde from 1.0.209 to 1.0.210. (#17686)
|
|
|
|
|
- Bump serde_json from 1.0.127 to 1.0.128. (#17687)
|
|
|
|
|
- Bump treq from 23.11.0 to 24.9.1. (#17744)
|
|
|
|
|
- Bump types-pyyaml from 6.0.12.20240808 to 6.0.12.20240917.
|
|
|
|
|
(#17755)
|
|
|
|
|
- Bump types-requests from 2.32.0.20240712 to 2.32.0.20240914.
|
|
|
|
|
(#17713)
|
|
|
|
|
- Bump types-setuptools from 74.1.0.20240907 to
|
|
|
|
|
75.1.0.20240917. (#17757)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 17 14:41:36 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.115.0
|
|
|
|
|
- Features
|
|
|
|
|
- Improve cross-signing upload when using MSC3861 to use a
|
|
|
|
|
custom UIA flow stage, with web fallback support. (#17509)
|
|
|
|
|
- Bugfixes
|
|
|
|
|
- Return 400 M_BAD_JSON upon attempting to complete various
|
|
|
|
|
room actions with a non-local user ID and unknown room ID,
|
|
|
|
|
rather than an internal server error. (#17607)
|
|
|
|
|
- Fix authenticated media responses using a wrong limit when
|
|
|
|
|
following redirects over federation. (#17626)
|
|
|
|
|
- Fix bug where we returned the wrong bump_stamp for invites in
|
|
|
|
|
sliding sync response, causing incorrect ordering of invites
|
|
|
|
|
in the room list. (#17674)
|
|
|
|
|
- Improved Documentation
|
|
|
|
|
- Clarify that the admin api resource is only loaded on the
|
|
|
|
|
main process and not workers. (#17590)
|
|
|
|
|
- Fixed typo in saml2_config config example. (#17594)
|
|
|
|
|
- Deprecations and Removals
|
|
|
|
|
- Stabilise MSC4156 by removing the msc4156_enabled config
|
|
|
|
|
setting and defaulting it to true. (#17650)
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Pre-populate room data used in experimental MSC3575 Sliding
|
|
|
|
|
Sync /sync endpoint for quick filtering/sorting. (#17652)
|
|
|
|
|
- Speed up sliding sync by reducing amount of data pulled out
|
|
|
|
|
of the database for large rooms. (#17683)
|
|
|
|
|
- Update MSC3861 implementation: load the issuer and account
|
|
|
|
|
management URLs from OIDC discovery. (#17407)
|
|
|
|
|
- Pre-populate room data used in experimental MSC3575 Sliding
|
|
|
|
|
Sync /sync endpoint for quick filtering/sorting. (#17512,
|
|
|
|
|
#17632, #17633, #17634, #17635, #17636, #17641, #17654,
|
|
|
|
|
#17673)
|
|
|
|
|
- Store sliding sync per-connection state in the database.
|
|
|
|
|
(#17599, #17631)
|
|
|
|
|
- Make the sliding sync PerConnectionState class immutable.
|
|
|
|
|
(#17600)
|
|
|
|
|
- Replace isort and black with ruff. (#17620, #17643)
|
|
|
|
|
- Sliding Sync: Split up
|
|
|
|
|
get_room_membership_for_user_at_to_token. (#17629)
|
|
|
|
|
- Use new database tables for sliding sync. (#17630, #17649)
|
|
|
|
|
- Prevent duplicate tags being added to Sliding Sync traces.
|
|
|
|
|
(#17655)
|
|
|
|
|
- Get bump_stamp from new sliding sync tables which should be
|
|
|
|
|
faster. (#17658)
|
|
|
|
|
- Speed up incremental Sliding Sync requests by avoiding extra
|
|
|
|
|
work. (#17665)
|
|
|
|
|
- Small performance improvement in speeding up sliding sync.
|
|
|
|
|
(#17666, #17670, #17672)
|
|
|
|
|
- Speed up sliding sync by reducing number of database calls.
|
|
|
|
|
(#17684)
|
|
|
|
|
- Speed up sync by pulling out fewer events from the database.
|
|
|
|
|
(#17688)
|
|
|
|
|
- Updates to locked dependencies
|
|
|
|
|
- Bump authlib from 1.3.1 to 1.3.2. (#17679)
|
|
|
|
|
- Bump idna from 3.7 to 3.8. (#17682)
|
|
|
|
|
- Bump ruff from 0.6.2 to 0.6.4. (#17680)
|
|
|
|
|
- Bump towncrier from 24.7.1 to 24.8.0. (#17645)
|
|
|
|
|
- Bump twisted from 24.7.0rc1 to 24.7.0. (#17647)
|
|
|
|
|
- Bump types-pillow from 10.2.0.20240520 to 10.2.0.20240822.
|
|
|
|
|
(#17644)
|
|
|
|
|
- Bump types-psycopg2 from 2.9.21.20240417 to 2.9.21.20240819.
|
|
|
|
|
(#17646)
|
|
|
|
|
- Bump types-setuptools from 71.1.0.20240818 to
|
|
|
|
|
74.1.0.20240907. (#17681)
|
|
|
|
|
- refresh patches:
|
|
|
|
|
bump-dependencies.patch
|
|
|
|
|
matrix-synapse-1.4.1-paths.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Mon Sep 2 19:24:17 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
@ -1610,7 +905,7 @@ Fri Nov 17 23:44:47 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
The Matrix.org Foundation copy of the project will be archived.
|
|
|
|
|
Any changes needed by server administrators will be communicated
|
|
|
|
|
via our usual announcements channels, but we are striving to make
|
|
|
|
|
this as seamless as possible.
|
|
|
|
|
this as seamless as possible.
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Add experimental support to allow multiple workers to write
|
|
|
|
|
@ -2439,7 +1734,7 @@ Tue Jun 6 10:06:46 UTC 2023 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
side request forgery or bypassing network policies. Impact is
|
|
|
|
|
limited to IP addresses allowed by the
|
|
|
|
|
url_preview_ip_range_blacklist setting (by default this only
|
|
|
|
|
allows public IPs). (boo#1212054)
|
|
|
|
|
allows public IPs). (boo#1212054)
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Improve performance of backfill requests by performing
|
|
|
|
|
@ -3562,7 +2857,7 @@ Tue Dec 20 20:16:04 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Bump phonenumbers from 8.13.1 to 8.13.2. (#14660)
|
|
|
|
|
- Bump authlib from 1.1.0 to 1.2.0. (#14661)
|
|
|
|
|
- Move StateFilter to synapse.types. (#14668)
|
|
|
|
|
- Improve type hints. (#14597, #14646, #14671)
|
|
|
|
|
- Improve type hints. (#14597, #14646, #14671)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 6 13:39:40 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -3572,7 +2867,7 @@ Tue Dec 6 13:39:40 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
in this release; see the upgrade notes for more details.
|
|
|
|
|
|
|
|
|
|
https://github.com/matrix-org/synapse/blob/release-v1.73/docs/upgrade.md#legacy-prometheus-metric-names-have-now-been-removed
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Speed-up /messages with filter_events_for_client
|
|
|
|
|
optimizations. (#14527)
|
|
|
|
|
@ -4034,7 +3329,7 @@ Wed Oct 26 11:56:57 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Specify dev-dependencies using lower bounds, to reduce the
|
|
|
|
|
likelihood of a dependabot merge conflict. The lockfile
|
|
|
|
|
continues to pin to specific versions. (#14227)
|
|
|
|
|
- Drop https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
|
|
|
|
|
- Drop https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Oct 20 10:44:17 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -4051,7 +3346,7 @@ Tue Oct 18 14:52:09 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 18 12:44:57 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
|
|
|
|
|
- Added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/14221.patch
|
|
|
|
|
Same fix for the cache_memory as for url_preview
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
@ -4287,7 +3582,7 @@ Sun Oct 9 21:58:05 UTC 2022 - Ben Greiner <code@bnavigator.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Sep 30 09:37:21 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/13952.patch
|
|
|
|
|
- added https://patch-diff.githubusercontent.com/raw/matrix-org/synapse/pull/13952.patch
|
|
|
|
|
this prevents setuptools-rust being enforced as a runtime
|
|
|
|
|
dependency. Drop dependency in the package again.
|
|
|
|
|
|
|
|
|
|
@ -4295,7 +3590,7 @@ Fri Sep 30 09:37:21 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
Wed Sep 28 01:07:43 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- synapse checks for setuptools-rust as a runtime dep. add this
|
|
|
|
|
until we figured out a better solution
|
|
|
|
|
until we figured out a better solution
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Sep 27 20:50:59 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -4719,7 +4014,7 @@ Wed Aug 31 22:26:31 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Allow specifying additional request fields when using the
|
|
|
|
|
HomeServerTestCase.login helper method. (#13549)
|
|
|
|
|
- Make HomeServerTestCase load any configured homeserver
|
|
|
|
|
modules automatically. (#13558)
|
|
|
|
|
modules automatically. (#13558)
|
|
|
|
|
- sync update package dependencies from the pyproject.toml
|
|
|
|
|
adds pydantic >= 1.7.4 (>= 1.9.1 in poetry mode)
|
|
|
|
|
|
|
|
|
|
@ -4838,7 +4133,7 @@ Tue Aug 16 17:58:42 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Use literals in place of HTTPStatus constants in tests.
|
|
|
|
|
(#13463, #13469)
|
|
|
|
|
- Correct a misnamed argument in state res v2 internals.
|
|
|
|
|
(#13467)
|
|
|
|
|
(#13467)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 2 11:32:12 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -4996,7 +4291,7 @@ Tue Aug 2 11:32:12 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jul 20 13:54:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.63.1
|
|
|
|
|
- Update to 1.63.1
|
|
|
|
|
- Features
|
|
|
|
|
- Add a rate limit for local users sending invites. (#13125)
|
|
|
|
|
- Implement MSC3827: Filtering of /publicRooms by room type.
|
|
|
|
|
@ -5103,7 +4398,7 @@ Wed Jul 20 13:54:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jul 5 12:48:31 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.62.0
|
|
|
|
|
- Update to 1.62.0
|
|
|
|
|
Authors of spam-checker plugins should consult the upgrade notes
|
|
|
|
|
to learn about the enriched signatures for spam checker
|
|
|
|
|
callbacks, which are supported with this release of Synapse.
|
|
|
|
|
@ -5669,7 +4964,7 @@ Tue May 17 10:27:39 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
login type from Synapse. It can be replaced with
|
|
|
|
|
org.matrix.login.jwt for identical behaviour. This is only used
|
|
|
|
|
if jwt_config.enabled is set to true in the configuration.
|
|
|
|
|
(#12597)
|
|
|
|
|
(#12597)
|
|
|
|
|
|
|
|
|
|
- Features
|
|
|
|
|
- Support MSC3266 room summaries over federation. (#11507)
|
|
|
|
|
@ -5809,7 +5104,7 @@ Thu May 5 18:33:27 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
systemd.journal.JournalHandler log handler was configured. See
|
|
|
|
|
#12631 for further information.
|
|
|
|
|
|
|
|
|
|
Otherwise, no significant changes since 1.58.0.
|
|
|
|
|
Otherwise, no significant changes since 1.58.0.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue May 3 11:14:28 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -5936,7 +5231,7 @@ Thu Apr 21 10:19:32 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Updates to the Docker image
|
|
|
|
|
- Include version 0.2.0 of the Synapse LDAP Auth Provider
|
|
|
|
|
module in the Docker image. This matches the version that was
|
|
|
|
|
present in the Docker image for Synapse v1.56.0.
|
|
|
|
|
present in the Docker image for Synapse v1.56.0.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 19 13:18:59 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -6105,7 +5400,7 @@ Tue Apr 19 13:18:59 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Apr 5 14:16:27 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.56.0
|
|
|
|
|
- Update to 1.56.0
|
|
|
|
|
Synapse will now refuse to start up if open registration is
|
|
|
|
|
enabled, in order to help mitigate abuse across the federation.
|
|
|
|
|
If you would like to provide registration to anyone, consider
|
|
|
|
|
@ -6197,7 +5492,7 @@ Tue Apr 5 14:16:27 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Fix compatibility with the recently-released Jinja 3.1.
|
|
|
|
|
(#12313)
|
|
|
|
|
- Avoid trying to calculate the state at outlier events.
|
|
|
|
|
(#12314)
|
|
|
|
|
(#12314)
|
|
|
|
|
- refreshed patches:
|
|
|
|
|
dont-bump-cryptography-with-system-openssl.patch
|
|
|
|
|
matrix-synapse-1.4.1-paths.patch
|
|
|
|
|
@ -6897,7 +6192,7 @@ Tue Jan 18 16:24:25 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 18 11:57:01 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- bump minimum python in the BuildRequires to 3.8
|
|
|
|
|
- bump minimum python in the BuildRequires to 3.8
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Jan 18 11:53:13 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -7044,7 +6339,7 @@ Fri Jan 7 22:44:45 UTC 2022 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 28 03:45:30 UTC 2021 - Aleksa Sarai <asarai@suse.com>
|
|
|
|
|
|
|
|
|
|
- Add explicit minimum versions for more dependencies.
|
|
|
|
|
- Add explicit minimum versions for more dependencies.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Dec 21 18:39:09 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -7309,7 +6604,7 @@ Tue Nov 30 14:59:49 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
scripts-dev/complement.sh. (#11389)
|
|
|
|
|
- Remove dead code from supporting ACME. (#11393)
|
|
|
|
|
- Refactor including the bundled relations when serializing an
|
|
|
|
|
event. (#11408)
|
|
|
|
|
event. (#11408)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Sun Nov 28 18:35:03 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -7340,7 +6635,7 @@ Tue Nov 23 14:45:19 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
attacker, which limits the impact. Homeservers with the media
|
|
|
|
|
repository disabled are unaffected. Homeservers configured with
|
|
|
|
|
a federation whitelist are also unaffected. Fixed by
|
|
|
|
|
91f2bd090.
|
|
|
|
|
91f2bd090.
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Nov 17 14:19:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -7750,7 +7045,7 @@ Wed Oct 20 09:47:52 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Oct 5 13:44:42 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.44.0
|
|
|
|
|
- Update to 1.44.0
|
|
|
|
|
- Features
|
|
|
|
|
- Only allow the MSC2716 /batch_send?chunk_id=xxx endpoint to
|
|
|
|
|
connect to an already existing insertion event. (#10776)
|
|
|
|
|
@ -8082,7 +7377,7 @@ Tue Sep 7 16:11:58 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Sep 2 09:52:14 UTC 2021 - Jan Zerebecki <jan.suse@zerebecki.de>
|
|
|
|
|
|
|
|
|
|
- Add 10719-Fix-instert-of-duplicate-key-into-event_json.patch
|
|
|
|
|
- Add 10719-Fix-instert-of-duplicate-key-into-event_json.patch
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Aug 31 14:21:51 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -8462,7 +7757,7 @@ Thu Jul 22 16:20:00 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 16 15:32:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- oidc can be enabled on TW as the Authlib package is in the distro
|
|
|
|
|
- oidc can be enabled on TW as the Authlib package is in the distro
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Fri Jul 16 14:48:15 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -8768,7 +8063,7 @@ Tue Jun 15 18:04:01 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Work to improve the responsiveness of /sync requests.
|
|
|
|
|
(#10124)
|
|
|
|
|
- OpenTracing: use a consistent name for background processes.
|
|
|
|
|
(#10135)
|
|
|
|
|
(#10135)
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Jun 3 15:16:29 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
@ -8879,7 +8174,7 @@ Sun May 30 17:50:21 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed May 19 15:50:36 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Switch package to use sysuser
|
|
|
|
|
- Switch package to use sysuser
|
|
|
|
|
- Cleanup duplicated buildrequires and switch to %requires_eq for
|
|
|
|
|
the base python as well
|
|
|
|
|
|
|
|
|
|
@ -9280,10 +8575,10 @@ Fri Mar 26 12:39:34 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
- Internal Changes
|
|
|
|
|
- Enforce that `cryptography` dependency is up to date to
|
|
|
|
|
ensure it has the most recent openssl patches. (#9697)
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
- Note: we do not bump the cryptography dependency in our package
|
|
|
|
|
as we use the system OpenSSL which gets the fix.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
Add dont-bump-cryptography-with-system-openssl.patch to comment
|
|
|
|
|
out the dependency because otherwise the newer version
|
|
|
|
|
requirement is enforced on startup
|
|
|
|
|
@ -9572,7 +8867,7 @@ Thu Feb 25 22:00:48 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Tue Feb 16 14:12:41 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.27.0
|
|
|
|
|
- Update to 1.27.0
|
|
|
|
|
Note that this release includes a change in Synapse to use Redis
|
|
|
|
|
as a cache ─ as well as a pub/sub mechanism ─ if Redis support is
|
|
|
|
|
enabled for workers. No action is needed by server
|
|
|
|
|
@ -9820,13 +9115,13 @@ Mon Jan 25 09:28:42 UTC 2021 - Ben Greiner <code@bnavigator.de>
|
|
|
|
|
|
|
|
|
|
- Remove python singlespec macro usage: This package only builds
|
|
|
|
|
against the primary python3 flavor. No need to pull in and expand
|
|
|
|
|
legacy python36
|
|
|
|
|
legacy python36
|
|
|
|
|
- Remove Leap 42 python2 handling in matrix-synapse-test.spec
|
|
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Wed Jan 13 12:28:54 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.25.0
|
|
|
|
|
- Update to 1.25.0
|
|
|
|
|
Ending Support for Python 3.5 and Postgres 9.5 With this release,
|
|
|
|
|
the Synapse team is announcing a formal deprecation policy for
|
|
|
|
|
our platform dependencies, like Python and PostgreSQL:
|
|
|
|
|
@ -10420,7 +9715,7 @@ Thu Oct 15 17:16:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
-------------------------------------------------------------------
|
|
|
|
|
Thu Oct 15 16:45:55 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
|
|
|
|
|
|
|
|
|
- Update to 1.21.2
|
|
|
|
|
- Update to 1.21.2
|
|
|
|
|
- Security advisory
|
|
|
|
|
- HTML pages served via Synapse were vulnerable to cross-site
|
|
|
|
|
scripting (XSS) attacks. All server administrators are
|
|
|
|
|
|