10 changed files with 75 additions and 793 deletions
--- a/4
+++ b/4
@ -4,11 +4,11 @@
    <param name="versionformat">@PARENT_TAG@</param>
    <param name="url">https://github.com/element-hq/synapse.git</param>
    <param name="scm">git</param>
-    <param name="revision">v1.124.0</param>
+    <param name="revision">v1.114.0</param>
    <param name="versionrewrite-pattern">v(.*)</param>
    <param name="versionrewrite-replacement">\1</param>
    <!--
-    <param name="revision">v1.125.0rc1</param>
+    <param name="revision">v1.115.0rc1</param>
    <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
    <param name="versionrewrite-replacement">\1~\2</param>
    -->
--- a/bump-dependencies.patch
+++ b/bump-dependencies.patch
@ -2,7 +2,7 @@ Index: synapse/pyproject.toml
 ===================================================================
 --- synapse.orig/pyproject.toml
 +++ synapse/pyproject.toml
-@@ -191,7 +191,7 @@ pymacaroons = ">=0.13.0"
+@@ -190,7 +190,7 @@ pymacaroons = ">=0.13.0"
 msgpack = ">=0.5.2"
 phonenumbers = ">=8.2.0"
 # we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
--- a/matrix-synapse-1.114.0.obscpio
+++ b/matrix-synapse-1.114.0.obscpio
@ -0,0 +1,3 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:8ca30e5576a8dfe93534758716ec01c3fd356a5a1a44f9365615f88728e52bb3
 size 37705229
--- a/matrix-synapse-1.124.0.obscpio
+++ b/matrix-synapse-1.124.0.obscpio
@ -1,3 +0,0 @@
 version https://git-lfs.github.com/spec/v1
 oid sha256:ca8a0a7ab9b05ac6ba6aebbd21ee3a8558c5b38307258171304a3f05138085f3
 size 38803469
--- a/matrix-synapse-1.4.1-paths.patch
+++ b/matrix-synapse-1.4.1-paths.patch
@ -15,7 +15,7 @@ Index: synapse/synapse/config/key.py
 ===================================================================
 --- synapse.orig/synapse/config/key.py
 +++ synapse/synapse/config/key.py
-@@ -117,7 +117,7 @@ class KeyConfig(Config):
+@@ -110,7 +110,7 @@ class KeyConfig(Config):
             signing_key_path = config.get("signing_key_path")
             if signing_key_path is None:
                 signing_key_path = os.path.join(
@ -24,7 +24,7 @@ Index: synapse/synapse/config/key.py
                 )
             self.signing_key = self.read_signing_keys(signing_key_path, "signing_key")
-@@ -190,7 +190,7 @@ class KeyConfig(Config):
+@@ -183,7 +183,7 @@ class KeyConfig(Config):
         generate_secrets: bool = False,
         **kwargs: Any,
     ) -> str:
@ -37,20 +37,20 @@ Index: synapse/synapse/config/logger.py
 ===================================================================
 --- synapse.orig/synapse/config/logger.py
 +++ synapse/synapse/config/logger.py
-@@ -156,7 +156,7 @@ class LoggingConfig(Config):
+@@ -149,7 +149,7 @@ class LoggingConfig(Config):
     def generate_config_section(
         self, config_dir_path: str, server_name: str, **kwargs: Any
     ) -> str:
 -        log_config = os.path.join(config_dir_path, server_name + ".log.config")
 +        log_config = os.path.join('/etc/matrix-synapse/', server_name + ".log.config")
-         return """\
+         return (
             """\
         log_config: "%(log_config)s"
         """ % locals()
 Index: synapse/synapse/config/server.py
 ===================================================================
 --- synapse.orig/synapse/config/server.py
 +++ synapse/synapse/config/server.py
-@@ -810,7 +810,7 @@ class ServerConfig(Config):
+@@ -793,7 +793,7 @@ class ServerConfig(Config):
             bind_port = 8448
             unsecure_port = 8008
--- a/matrix-synapse-test.spec
+++ b/matrix-synapse-test.spec
@ -1,7 +1,7 @@
 #
 # spec file for package matrix-synapse-test
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -27,7 +27,7 @@
 %define         pkgname matrix-synapse
 Name:           %{pkgname}-test
-Version:        1.124.0
+Version:        1.114.0
 Release:        0
 Summary:        Test package for %{pkgname}
 License:        AGPL-3.0-or-later
--- a/matrix-synapse.changes
+++ b/matrix-synapse.changes
@ -1,708 +1,3 @@
 -------------------------------------------------------------------
 Tue Feb 11 13:24:15 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.124.0
  - Bugfixes
    - Fix regression in performance of sending events due to
      superfluous reads and locks. Introduced in v1.124.0rc1.
      (#18141)
    - Fix regression where persisting events in some rooms could
      fail after a previous unclean shutdown. Introduced in
      v1.124.0rc1. (#18137)
    - Add rate limit rc_presence.per_user. This prevents load from
      excessive presence updates sent by clients via sync api. Also
      rate limit /_matrix/client/v3/presence as per the spec.
      Contributed by @rda0. (#18000)
    - Deactivated users will no longer automatically accept an
      invite when auto_accept_invites is enabled. (#18073)
    - Fix join being denied after being invited over federation.
      Also fixes other out-of-band membership transitions. (#18075)
    - Updates contributed docker-compose.yml file to PostgreSQL
      v15, as v12 is no longer supported by Synapse. Contributed by
      @maxkratz. (#18089)
    - Fix rare edge case where state groups could be deleted while
      we are persisting new events that reference them. (#18107,
      #18130, #18131)
    - Raise an error if someone is using an incorrect suffix in a
      config duration string. (#18112)
    - Fix a bug where the Delete Room Admin API would fail if the
      block parameter was set to true and a worker other than the
      main process was configured to handle background tasks.
      (#18119)
  - Internal Changes
    - Increase the length of the generated nonce parameter when
      perfoming OIDC logins to comply with the TI-Messenger spec.
      (#18109)
  - Updates to locked dependencies
    - Bump dawidd6/action-download-artifact from 7 to 8. (#18108)
    - Bump log from 0.4.22 to 0.4.25. (#18098)
    - Bump python-multipart from 0.0.18 to 0.0.20. (#18096)
    - Bump serde_json from 1.0.135 to 1.0.137. (#18099)
    - Bump types-bleach from 6.1.0.20240331 to 6.2.0.20241123.
      (#18082)
 -------------------------------------------------------------------
 Mon Feb 10 17:44:27 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
 - enable support for building against 3.11 on older distros
 -------------------------------------------------------------------
 Tue Jan 28 16:33:21 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.123.0
  - Features
    - Implement MSC4133 for custom profile fields. Contributed by
      @clokep. (#17488)
    - Add a query parameter type to the Room State Admin API that
      filters the state event. (#18035)
    - Support the new /auth_metadata endpoint defined in MSC2965.
      (#18093)
  - Bugfixes
    - Fix membership caches not updating in state reset scenarios.
      (#17732)
    - Fix rare race where on upgrade to v1.122.0 a long running
      database upgrade could lock out new events from being
      received or sent. (#18091)
  - Improved Documentation
    - Document tls option for a worker instance in instance_map.
      (#18064)
  - Deprecations and Removals
    - Remove the unstable MSC4151 implementation. The stable
      support remains, per Matrix 1.13. (#18052)
  - Internal Changes
    - Increase invite rate limits (rc_invites.per_issuer) for
      Complement. (#18072)
  - Updates to locked dependencies
    - Bump jinja2 from 3.1.4 to 3.1.5. (#18067)
    - Bump mypy from 1.12.1 to 1.13.0. (#18083)
    - Bump pillow from 11.0.0 to 11.1.0. (#18084)
    - Bump pyo3 from 0.23.3 to 0.23.4. (#18079)
    - Bump pyopenssl from 24.2.1 to 24.3.0. (#18062)
    - Bump serde_json from 1.0.134 to 1.0.135. (#18081)
    - Bump ulid from 1.1.3 to 1.1.4. (#18080)
 -------------------------------------------------------------------
 Tue Jan 14 17:11:47 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.122.0
  Please note that this version of Synapse drops support for
  PostgreSQL 11 and 12. The minimum version of PostgreSQL supported
  is now version 13.
  - Deprecations and Removals
    - Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034)
  - Features
    - Added the email.tlsname config option. This allows specifying
      the domain name used to validate the SMTP server's TLS
      certificate separately from the email.smtp_host to connect
      to. (#17849)
    - Module developers will have access to the user ID of the
      requester when adding check_username_for_spam callbacks to
      spam_checker_module_callbacks. Contributed by
      Wilson@Pangea.chat. (#17916)
    - Add endpoints to the Admin API to fetch the number of invites
      the provided user has sent after a given timestamp, fetch the
      number of rooms the provided user has joined after a given
      timestamp, and get report IDs of event reports against a
      provided user (i.e. where the user was the sender of the
      reported event). (#17948)
    - Support stable account suspension from MSC3823. (#17964)
    - Add macaroon_secret_key_path config option. (#17983)
  - Bugfixes
    - Fix bug when rejecting withdrew invite with a
      third_party_rules module, where the invite would be stuck for
      the client. (#17930)
    - Properly purge state groups tables when purging a room with
      the Admin API. (#18024)
    - Fix a bug preventing the admin redaction endpoint from
      working on messages from remote users. (#18029, #18043)
  - Improved Documentation
    - Update synapse.app.generic_worker documentation to only
      recommend GET requests for stream writer routes by default,
      unless the worker is also configured as a stream writer.
      Contributed by @evoL. (#17954)
    - Add documentation for the previously-undocumented
      last_seen_ts query parameter to the query user Admin API.
      (#17976)
    - Improve documentation for the TaskScheduler class. (#17992)
    - Fix example in reverse proxy docs to include server port.
      (#17994)
    - Update Alpine Linux Synapse Package Maintainer within the
      installation instructions. (#17846)
  - Internal Changes
    - Add RoomID & EventID rust types. (#17996)
    - Fix various type errors across the codebase. (#17998)
    - Disable DB statement timeout when doing a room purge since it
      can be quite long. (#18017)
    - Remove some remaining uses of
      twisted.internet.defer.returnValue. Contributed by Colin
      Watson. (#18020)
    - Refactor get_profile to no longer include fields with a value
      of None. (#18063)
  - Updates to locked dependencies
    - Bump anyhow from 1.0.93 to 1.0.95. (#18012, #18045)
    - Bump authlib from 1.3.2 to 1.4.0. (#18048)
    - Bump dawidd6/action-download-artifact from 6 to 7. (#17981)
    - Bump http from 1.1.0 to 1.2.0. (#18013)
    - Bump mypy from 1.11.2 to 1.12.1. (#17999)
    - Bump mypy-zope from 1.0.8 to 1.0.9. (#18047)
    - Bump pillow from 10.4.0 to 11.0.0. (#18015)
    - Bump pydantic from 2.9.2 to 2.10.3. (#18014)
    - Bump pyicu from 2.13.1 to 2.14. (#18060)
    - Bump pyo3 from 0.23.2 to 0.23.3. (#18001)
    - Bump python-multipart from 0.0.16 to 0.0.18. (#17985)
    - Bump sentry-sdk from 2.17.0 to 2.19.2. (#18061)
    - Bump serde from 1.0.215 to 1.0.217. (#18031, #18059)
    - Bump serde_json from 1.0.133 to 1.0.134. (#18044)
    - Bump twine from 5.1.1 to 6.0.1. (#18049)
 -------------------------------------------------------------------
 Wed Dec 11 16:11:34 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - switch to primary_python to directly follow the default python
  without the python3 indirection
 -------------------------------------------------------------------
 Wed Dec 11 15:58:41 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.121.0
  This release candidate contains the security fixes from v1.120.2.
  - Features
    - Support for MSC4190: device management for Application
      Services. (#17705)
    - Update MSC4186 Sliding Sync to include invite, ban, kick,
      targets when $LAZY-loading room members. (#17947)
    - Use stable M_USER_LOCKED error code for locked accounts, as
      per Matrix 1.12. (#17965)
    - MSC4076: Add disable_badge_count to pusher configuration.
      (#17975)
  - Bugfixes
    - Fix long-standing bug where read receipts could get overly
      delayed being sent over federation. (#17933)
  - Improved Documentation
    - Add OIDC example configuration for Forgejo (fork of Gitea).
      (#17872)
    - Link to element-docker-demo from contrib/docker*. (#17953)
  - Internal Changes
    - MSC4108: Add a Content-Type header on the PUT response to
      work around a faulty behavior in some caching reverse
      proxies. (#17253)
    - Fix incorrect comment in new schema delta. (#17936)
    - Raise setuptools_rust version cap to 1.10.2. (#17944)
    - Enable encrypted appservice related experimental features in
      the complement docker image. (#17945)
    - Return whether the user is suspended when querying the user
      account in the Admin API. (#17952)
    - Fix new scheduled tasks jumping the queue. (#17962)
    - Bump pyo3 and dependencies to v0.23.2. (#17966)
    - Update setuptools-rust and fix building abi3 wheels in latest
      version. (#17969)
    - Consolidate SSO redirects through
      /_matrix/client/v3/login/sso/redirect(/{idpId}). (#17972)
    - Fix Docker and Complement config to be able to use
      public_baseurl. (#17986)
    - Fix building wheels for MacOS which was temporarily disabled
      in Synapse 1.120.2. (#17993)
    - Fix release process to not create duplicate releases.
      (#17970, #17995)
  - Updates to locked dependencies
    - Bump bytes from 1.8.0 to 1.9.0. (#17982)
    - Bump pysaml2 from 7.3.1 to 7.5.0. (#17978)
    - Bump serde_json from 1.0.132 to 1.0.133. (#17939)
    - Bump tomli from 2.0.2 to 2.1.0. (#17959)
    - Bump tomli from 2.1.0 to 2.2.1. (#17979)
    - Bump tornado from 6.4.1 to 6.4.2. (#17955)
 -------------------------------------------------------------------
 Mon Dec  9 23:07:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - BuildIgnore cargo and rust as they both obsolete the version we
  currently need
 -------------------------------------------------------------------
 Tue Dec  3 17:13:57 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.120.2 (boo#1234110)
  This patch release fixes multiple security vulnerabilities, some
  affecting all prior versions of Synapse. Server administrators
  are encouraged to update Synapse as soon as possible. We are not
  aware of these vulnerabilities being exploited in the wild.
  Administrators who are unable to update Synapse may use the
  workarounds described in the linked GitHub Security Advisory
  below.
  - Security advisory
    The following issues are fixed in 1.120.1.
    - GHSA-rfq8-j7rh-8hf2 / CVE-2024-52805 (high): Unsupported
      content types can lead to memory exhaustion
      Synapse instances which have a high max_upload_size and which
      don't have a reverse proxy in front of them that would
      otherwise limit upload size are affected.
      Fixed by 4b7154c58501b4bf5e1c2d6c11ebef96529f2fdf.
    - GHSA-f3r3-h2mq-hx2h / CVE-2024-52815 (high): Malicious
      invites via federation can break a user's sync
      Fixed by d82e1ed357b7ee21dff83d06cba7a67840cfd464.
    - GHSA-vp6v-whfm-rv3g / CVE-2024-53863 (high): Synapse can be
      forced to thumbnail unexpected file formats, invoking
      potentially untrustworthy decoders
      Synapse instances can disable dynamic thumbnailing by setting
      dynamic_thumbnails to false in the configuration file.
      Fixed by b64a4e5fbbbf119b6c65aedf0d999b4237d55503.
    - GHSA-56w4-5538-8v8h / CVE-2024-53867 (moderate): The Sliding
      Sync feature on Synapse versions between 1.113.0rc1 and
      1.120.0 can leak partial room state changes to users no
      longer in a room
      Non-state events, like messages, are unaffected.
      Synapse instances can disable the Sliding Sync feature by
      setting experimental_features.msc3575_enabled to false in the
      configuration file.
      Fixed by 4daa533e82f345ce87b9495d31781af570ba3ead.
  Additionally, we disclose the following vulnerabilities, both
  have been fixed in Synapse 1.106.0:
  - GHSA-4mhg-xv73-xq2x / CVE-2024-37302 (high): Denial of service
    through media disk space consumption
  - GHSA-gjgr-7834-rhxr / CVE-2024-37303 (moderate):
    Unauthenticated writes to the media repository allow planting
    of problematic content
  See the advisories for more details. If you have any questions,
  email security at element.io.
  - Bug fixes
    - Fix release process to not create duplicate releases. (#17970)
 -------------------------------------------------------------------
 Tue Nov 26 14:22:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.120.0
  This release enables the enforcement of authenticated media by
  default, with exemptions for media that is already present in the
  homeserver's media store.
  Most homeservers operating in the public federation will not be
  impacted by this change, given that the large homeserver
  matrix.org enabled this in September 2024 and therefore most
  clients and servers will already have updated as a result.
  Some server administrators may still wish to disable this
  enforcement for the time being, in the interest of compatibility
  with older clients and older federated homeservers.
  See the upgrade notes for more information.
  https://element-hq.github.io/synapse/v1.120/upgrade.html#authenticated-media-is-now-enforced-by-default
  - Bugfixes
    - Fix a bug introduced in Synapse v1.120rc1 which would cause
      the newly-introduced `delete_old_otks` job to fail in
      worker-mode deployments. (#17960)
  - Features
    - Enforce authenticated media by default. Administrators can
      revert this by configuring enable_authenticated_media to
      false. In a future release of Synapse, this option will be
      removed and become always-on. (#17889)
    - Add a one-off task to delete old One-Time Keys, to guard
      against us having old OTKs in the database that the client
      has long forgotten about. (#17934)
  - Improved Documentation
    - Clarify the semantics of the enable_authenticated_media
      configuration option. (#17913)
    - Add documentation about backing up Synapse. (#17931)
  - Deprecations and Removals
    - Remove support for MSC3886: Simple client rendezvous
      capability, which has been superseded by MSC4108 and
      therefore closed. (#17638)
  - Internal Changes
    - Addressed some typos in docs and returned error message for
      unknown MXC ID. (#17865)
    - Unpin the upload release GHA action. (#17923)
    - Bump macos version used to build wheels during release, as
      current version used is end-of-life. (#17924)
    - Move server event filtering logic to rust. (#17928)
    - Support new package name of PyPI package python-multipart
      0.0.13 so that distro packagers do not need to work around
      name conflict with PyPI package multipart. (#17932)
    - Speed up slow initial sliding syncs on large servers.
      (#17946)
  - Updates to locked dependencies
    - Bump anyhow from 1.0.92 to 1.0.93. (#17920)
    - Bump bleach from 6.1.0 to 6.2.0. (#17918)
    - Bump immutabledict from 4.2.0 to 4.2.1. (#17941)
    - Bump packaging from 24.1 to 24.2. (#17940)
    - Bump phonenumbers from 8.13.49 to 8.13.50. (#17942)
    - Bump pygithub from 2.4.0 to 2.5.0. (#17917)
    - Bump ruff from 0.7.2 to 0.7.3. (#17919)
    - Bump serde from 1.0.214 to 1.0.215. (#17938)
 -------------------------------------------------------------------
 Fri Nov 22 02:44:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - allow newer setuptools-rust
 -------------------------------------------------------------------
 Wed Nov 13 15:53:23 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - drop 17886.patch
 - refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again
 - Update to 1.119.0
  Python 3.8 is end-of-life and is no longer supported by Synapse.
  The minimum supported Python version is now 3.9.
  If you are running Synapse with Python 3.8, please upgrade to
  Python 3.9 (or greater) before upgrading Synapse.
  - Features
    - Support MSC4151's stable report room API. (#17374)
    - Add experimental support for MSC4222 (Adding state_after to
      sync v2). (#17888)
  - Bugfixes
    - Fix bug with sliding sync where $LAZY-loading room members
      would not return required_state membership in incremental
      syncs. (#17809)
    - Check if user has membership in a room before tagging it.
      Contributed by Lama Alosaimi. (#17839)
    - Fix a bug in the admin redact endpoint where the background
      task would not run if a worker was specified in
    - the config option run_background_tasks_on. (#17847)
    - Fix bug where some presence and typing timeouts can expire
      early. (#17850)
    - Fix detection when the built Rust library was outdated when
      using source installations. (#17861)
    - Fix a long-standing bug in Synapse which could cause one-time
      keys to be issued in the incorrect order, causing message
      decryption failures. (#17903)
    - Fix experimental support for MSC4222 (Adding state_after to
      sync v2) where we would return the full state on incremental
      syncs when using lazy loaded members and there were no new
      events in the timeline. (#17915)
  - Internal Changes
    - Remove support for python 3.8. (#17908)
    - Add a test for downloading and thumbnailing a CMYK JPEG.
      (#17786)
    - Refactor database calls to remove Generator usage. (#17813,
      #17814, #17815, #17816, #17817, #17818, #17890)
    - Include the destination in the error of 'Destination
      mismatch' on federation requests. (#17830)
    - The nix flake inside the repository no longer tracks
      nixpkgs/master to not catch the latest bugs from a PR merged
      5 minutes ago. (#17852)
    - Minor speed-up of sliding sync by computing extensions
      results in parallel. (#17884)
    - Bump the default Python version in the Synapse Dockerfile
      from 3.11 -> 3.12. (#17887)
    - Remove usage of internal header encoding API. (#17894)
    - Use unique name for each os.arch variant when uploading Wheel
      artifacts. (#17905)
    - Fix tests to run with latest Twisted. (#17906, #17907,
      #17911)
    - Update version constraint to allow the latest poetry-core
      1.9.1. (#17902)
    - Update the portdb CI to use Python 3.13 and Postgres 17 as
      latest dependencies. (#17909)
    - Add an index to current_state_delta_stream table. (#17912)
    - Fix building and attaching release artifacts during the
      release process. (#17921)
  - Updates to locked dependencies
    - Bump actions/download-artifact & actions/upload-artifact from
      3 to 4 in /.github/workflows. (#17657)
    - Bump anyhow from 1.0.89 to 1.0.92. (#17858, #17876, #17901)
    - Bump bytes from 1.7.2 to 1.8.0. (#17877)
    - Bump cryptography from 43.0.1 to 43.0.3. (#17853)
    - Bump mypy-zope from 1.0.7 to 1.0.8. (#17898)
    - Bump phonenumbers from 8.13.47 to 8.13.49. (#17880, #17899)
    - Bump python-multipart from 0.0.12 to 0.0.16. (#17879)
    - Bump regex from 1.11.0 to 1.11.1. (#17874)
    - Bump ruff from 0.6.9 to 0.7.2. (#17868, #17897)
    - Bump serde from 1.0.210 to 1.0.214. (#17875, #17900)
    - Bump serde_json from 1.0.128 to 1.0.132. (#17857)
    - Bump types-psycopg2 from 2.9.21.20240819 to 2.9.21.20241019.
      (#17855)
    - Bump types-setuptools from 75.1.0.20241014 to
      75.2.0.20241019. (#17856)
 -------------------------------------------------------------------
 Wed Oct 30 19:12:19 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Allow Twisted 24.10.0 again with backport of proposed upstream
  fix
  https://patch-diff.githubusercontent.com/raw/element-hq/synapse/pull/17886.patch
 -------------------------------------------------------------------
 Wed Oct 30 18:19:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - downgrade Twisted to 24.7.0 until https://github.com/element-hq/synapse/pull/17886
  is merged
 -------------------------------------------------------------------
 Tue Oct 29 19:07:58 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.118.0
  Python 3.8 support will be dropped in the next release
  Python 3.8 is now end-of-life. As per our Deprecation Policy for
  Platform Dependencies, Synapse will be dropping support for
  Python 3.8 in the next release; Synapse 1.119.0.
  Synapse 1.118.x will be the final release to support Python 3.8.
  If you are running Synapse with Python 3.8, please upgrade before
  the 1.119.0 release, due in less than one month.
 	Python 3.13 and PostgreSQL 17 support
  On the other end of the spectrum, Synapse 1.118.0 is the first
  release to support Python 3.13! PostgreSQL 17 is also supported
  as of this release.
  - Features
    - Added the display_name_claim option to the JWT configuration.
      This option allows specifying the claim key that contains the
      user's display name in the JWT payload. (#17708)
    - Implement MSC4210: Remove legacy mentions. Contributed by
      @tulir @ Beeper. (#17783)
  - Bugfixes
    - Fix saving of PNG thumbnails, when the original image is in
      the CMYK color space. (#17736)
    - Fix bug with sliding sync where the server would not return
      state that was added to the required_state config. (#17785,
      #17805)
    - Fix a bug in MSC4186 Sliding Sync that would cause rooms to
      stay forgotten and hidden even after rejoining. (#17835)
  - Improved Documentation
    - Clarify when the user_may_invite and
      user_may_send_3pid_invite module callbacks are called.
      (#17627)
    - Correct documentation to refer to the --config-path argument
      instead of --config-file. (#17802)
    - Fix typo in target_cache_memory_usage docs. (#17825)
  - Internal Changes
    - Slight optimization when fetching state/events for Sliding
      Sync. (#17718)
    - Add Python 3.13 and Postgres 17 to the test matrix. (#17752)
    - Test github token before running release script steps.
      (#17803)
    - Build debian packages for new Ubuntu versions, and stop
      building for no longer supported versions. (#17824)
    - Enable the .org.matrix.msc4028.encrypted_event push rule by
      default in accordance with MSC4028. Note that the
      corresponding experimental feature must still be switched on
      for this push rule to have any effect. (#17826)
    - Fix some typing issues uncovered by upgrading mypy to 1.11.x.
      (#17842)
  - Updates to locked dependencies
    - Bump mypy from 1.10.1 to 1.11.2. (#17842)
    - Bump mypy-zope from 1.0.5 to 1.0.7. (#17827)
    - Bump phonenumbers from 8.13.46 to 8.13.47. (#17797)
    - Bump psycopg2 from 2.9.9 to 2.9.10. (#17843)
    - Bump ruff from 0.6.8 to 0.6.9. (#17794)
    - Bump sentry-sdk from 2.14.0 to 2.15.0. (#17795)
    - Bump sentry-sdk from 2.15.0 to 2.16.0. (#17829)
    - Bump sentry-sdk from 2.16.0 to 2.17.0. (#17844)
    - Bump sigstore/cosign-installer from 3.6.0 to 3.7.0. (#17798)
    - Bump tomli from 2.0.1 to 2.0.2. (#17796)
    - Bump types-requests from 2.32.0.20240914 to 2.32.0.20241016.
      (#17841)
    - Bump types-setuptools from 75.1.0.20240917 to
      75.1.0.20241014. (#17828)
 -------------------------------------------------------------------
 Tue Oct 15 13:54:06 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.117.0
  - Features
    - Add config option redis.password_path. (#17717)
  - Bugfixes
    - Fix a rare bug introduced in v1.29.0 where invalidating a
      user's access token from a worker could raise an error.
      (#17779)
    - In the response to GET /_matrix/client/versions, set the
      unstable_features flag for MSC4140 to false when server
      configuration disables support for delayed events. (#17780)
    - Improve input validation and room membership checks in admin
      redaction API. (#17792)
  - Improved Documentation
    - Clarify the docstring of test_forget_when_not_left. (#17628)
    - Add documentation note about PYTHONMALLOC for accurate
      jemalloc memory tracking. Contributed by @hensg. (#17709)
    - Remove spurious "TODO UPDATE ALL THIS" note in the Debian
      installation docs. (#17749)
    - Explain how load balancing works for
      federation_sender_instances. (#17776)
  - Internal Changes
    - Minor performance increase for large accounts using sliding
      sync. (#17751)
    - Increase performance of the notifier when there are many
      syncing users. (#17765, #17766)
    - Fix performance of streams that don't change often. (#17767)
    - Improve performance of sliding sync connections that do not
      ask for any rooms. (#17768)
    - Reduce overhead of sliding sync E2EE loops. (#17771)
    - Sliding sync minor performance speed up using new table.
      (#17787)
    - Sliding sync minor performance improvement by omitting
      unchanged data from incremental responses. (#17788)
    - Speed up sliding sync when there are many active
      subscriptions. (#17789)
    - Add missing license headers on new source files. (#17799)
  - Updates to locked dependencies
    - Bump phonenumbers from 8.13.45 to 8.13.46. (#17773)
    - Bump python-multipart from 0.0.10 to 0.0.12. (#17772)
    - Bump regex from 1.10.6 to 1.11.0. (#17770)
    - Bump ruff from 0.6.7 to 0.6.8. (#17774)
 -------------------------------------------------------------------
 Tue Oct  1 17:19:50 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.116.0
  - Features
    - Add implementation of restricting who can overwrite a state
      event as proposed by MSC3757. (#17513)
    - Add initial implementation of delayed events as proposed by
      MSC4140. (#17326)
    - Add an asynchronous Admin API endpoint to redact all a user's
      events,
    - and an endpoint to check on the status of that redaction
      task. (#17506)
    - Add support for the tags and not_tags filters for MSC4186
      Sliding Sync. (#17662)
    - Guests can use the new media endpoints to download media, as
      described by MSC4189. (#17675)
    - Add config option turn_shared_secret_path. (#17690)
    - Return room tags in MSC4186 Sliding Sync account data
      extension. (#17707)
  - Bugfixes
    - Make sure we get up-to-date state information when using the
      new MSC4186 Sliding Sync tables to derive room membership.
      (#17692)
    - Fix bug where room account data would not correctly be sent
      down MSC4186 Sliding Sync for old rooms. (#17695)
    - Fix a bug in MSC4186 Sliding Sync which could prevent /sync
      from working for certain user accounts. (#17727, #17733)
    - Ignore invites from ignored users in Sliding Sync. (#17729)
    - Fix bug in MSC4186 Sliding Sync where the server would
      incorrectly return a negative bump stamp, which caused
      Element X apps to stop syncing. (#17748)
  - Internal Changes
    - Import pydantic objects from the _pydantic_compat module.
      This allows check_pydantic_models.py to mock those pydantic
      objects only in the synapse module, and not interfere with
      pydantic objects in external dependencies. (#17667)
    - Use MSC4186 Sliding Sync tables as a bulk shortcut for
      getting the max event_stream_ordering of rooms. (#17693)
    - Speed up MSC4186 sliding sync requests a bit where there are
      many room changes. (#17696)
    - Refactor MSC4186 sliding sync filter unit tests so the
      sliding sync API has better test coverage. (#17703)
    - Fetch bump_stamps more efficiently in MSC4186 Sliding Sync.
      (#17723)
    - Shortcut for checking if certain background updates have
      completed (utilized in MSC4186 Sliding Sync). (#17724)
    - More efficiently fetch rooms for MSC4186 Sliding Sync.
      (#17725)
    - Fix _bulk_get_max_event_pos being inefficient. (#17728)
    - Add cache to get_tags_for_room(...). (#17730)
    - Small performance improvement in speeding up MSC4186 Sliding
      Sync. (#17731)
    - Minor speed up of initial MSC4186 sliding sync requests.
      (#17734)
    - Remove usage of the deprecated cgi module, deprecated in
      Python 3.11 and removed in Python 3.13. (#17741)
    - Fix typing of a variable that is not Unknown anymore after
      updating treq. (#17744)
  - Updates to locked dependencies
    - Bump anyhow from 1.0.86 to 1.0.89. (#17685, #17716)
    - Bump bytes from 1.7.1 to 1.7.2. (#17743)
    - Bump cryptography from 43.0.0 to 43.0.1. (#17689)
    - Bump idna from 3.8 to 3.10. (#17758)
    - Bump msgpack from 1.0.8 to 1.1.0. (#17759)
    - Bump phonenumbers from 8.13.44 to 8.13.45. (#17762)
    - Bump prometheus-client from 0.20.0 to 0.21.0. (#17746)
    - Bump pyasn1 from 0.6.0 to 0.6.1. (#17714)
    - Bump pyasn1-modules from 0.4.0 to 0.4.1. (#17747)
    - Bump pydantic from 2.8.2 to 2.9.2. (#17756)
    - Bump python-multipart from 0.0.9 to 0.0.10. (#17745)
    - Bump ruff from 0.6.4 to 0.6.7. (#17715, #17760)
    - Bump sentry-sdk from 2.13.0 to 2.14.0. (#17712)
    - Bump serde from 1.0.209 to 1.0.210. (#17686)
    - Bump serde_json from 1.0.127 to 1.0.128. (#17687)
    - Bump treq from 23.11.0 to 24.9.1. (#17744)
    - Bump types-pyyaml from 6.0.12.20240808 to 6.0.12.20240917.
      (#17755)
    - Bump types-requests from 2.32.0.20240712 to 2.32.0.20240914.
      (#17713)
    - Bump types-setuptools from 74.1.0.20240907 to
      75.1.0.20240917. (#17757)
 -------------------------------------------------------------------
 Tue Sep 17 14:41:36 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 - Update to 1.115.0
  - Features
    - Improve cross-signing upload when using MSC3861 to use a
      custom UIA flow stage, with web fallback support. (#17509)
  - Bugfixes
    - Return 400 M_BAD_JSON upon attempting to complete various
      room actions with a non-local user ID and unknown room ID,
      rather than an internal server error. (#17607)
    - Fix authenticated media responses using a wrong limit when
      following redirects over federation. (#17626)
    - Fix bug where we returned the wrong bump_stamp for invites in
      sliding sync response, causing incorrect ordering of invites
      in the room list. (#17674)
  - Improved Documentation
    - Clarify that the admin api resource is only loaded on the
      main process and not workers. (#17590)
    - Fixed typo in saml2_config config example. (#17594)
  - Deprecations and Removals
    - Stabilise MSC4156 by removing the msc4156_enabled config
      setting and defaulting it to true. (#17650)
  - Internal Changes
    - Pre-populate room data used in experimental MSC3575 Sliding
      Sync /sync endpoint for quick filtering/sorting. (#17652)
    - Speed up sliding sync by reducing amount of data pulled out
      of the database for large rooms. (#17683)
    - Update MSC3861 implementation: load the issuer and account
      management URLs from OIDC discovery. (#17407)
    - Pre-populate room data used in experimental MSC3575 Sliding
      Sync /sync endpoint for quick filtering/sorting. (#17512,
      #17632, #17633, #17634, #17635, #17636, #17641, #17654,
      #17673)
    - Store sliding sync per-connection state in the database.
      (#17599, #17631)
    - Make the sliding sync PerConnectionState class immutable.
      (#17600)
    - Replace isort and black with ruff. (#17620, #17643)
    - Sliding Sync: Split up
      get_room_membership_for_user_at_to_token. (#17629)
    - Use new database tables for sliding sync. (#17630, #17649)
    - Prevent duplicate tags being added to Sliding Sync traces.
      (#17655)
    - Get bump_stamp from new sliding sync tables which should be
      faster. (#17658)
    - Speed up incremental Sliding Sync requests by avoiding extra
      work. (#17665)
    - Small performance improvement in speeding up sliding sync.
      (#17666, #17670, #17672)
    - Speed up sliding sync by reducing number of database calls.
      (#17684)
    - Speed up sync by pulling out fewer events from the database.
      (#17688)
  - Updates to locked dependencies
    - Bump authlib from 1.3.1 to 1.3.2. (#17679)
    - Bump idna from 3.7 to 3.8. (#17682)
    - Bump ruff from 0.6.2 to 0.6.4. (#17680)
    - Bump towncrier from 24.7.1 to 24.8.0. (#17645)
    - Bump twisted from 24.7.0rc1 to 24.7.0. (#17647)
    - Bump types-pillow from 10.2.0.20240520 to 10.2.0.20240822.
      (#17644)
    - Bump types-psycopg2 from 2.9.21.20240417 to 2.9.21.20240819.
      (#17646)
    - Bump types-setuptools from 71.1.0.20240818 to
      74.1.0.20240907. (#17681)
 - refresh patches:
  bump-dependencies.patch
  matrix-synapse-1.4.1-paths.patch
 -------------------------------------------------------------------
 Mon Sep  2 19:24:17 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
--- a/matrix-synapse.obsinfo
+++ b/matrix-synapse.obsinfo
@ -1,4 +1,4 @@
 name: matrix-synapse
-version: 1.124.0
+version: 1.114.0
-mtime: 1739271410
+mtime: 1725293314
-commit: c1b7c6b12e7b9b2cf586a3210145f70a5e30ed67
+commit: 5eec67b6ef4b76caa2324a80e01e361bfa84a929
--- a/matrix-synapse.spec
+++ b/matrix-synapse.spec
@ -1,7 +1,7 @@
 #
 # spec file for package matrix-synapse
 #
-# Copyright (c) 2025 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -20,27 +20,28 @@
 # NOTE: Keep this is in the same order as pyproject.toml.
 %if %{with use_poetry_for_dependencies}
-%global Twisted_version               24.7.0
+%global Jinja2_version                3.1.4
-%global Jinja2_version                3.1.5
+%global Pillow_version                10.4.0
-%global Pillow_version                11.1.0
+# TODO: 6.0.2
-%global PyYAML_version                6.0.2
+%global PyYAML_version                6.0.1
 %global attrs_version                 23.2.0
 %global bcrypt_version                4.2.0
 %global bleach_version                6.1.0
 %global canonicaljson_version         2.0.0
-%global cryptography_version          43.0.3
+%global cryptography_version          43.0.0
-%global immutabledict_version         4.2.1
+%global immutabledict_version         4.2.0
-%global idna_version                  3.8
+%global idna_version                  3.7
 %global ijson_version                 3.3.0
 %global jsonschema_version            4.20.0
 %global matrix_common_version         1.3.0
 %global matrix_common_max_version     2
-%global msgpack_version               1.1.0
+%global msgpack_version               1.0.8
-%global netaddr_version               1.3.0
+# TODO 1.3.0
-%global phonenumbers_version          8.13.52
+%global netaddr_version               1.2.1
 # TODO 8.13.44
 %global phonenumbers_version          8.13.39
 %global prometheus_client_version     0.20.0
 %global psutil_version                2.0.0
 # TODO: 24.3.0
 %global pyOpenSSL_version             24.2.1
 %global pyasn1_version                0.6.0
 %global pyasn1_modules_version        0.3.0
@ -56,12 +57,11 @@
 %global matrix_synapse_ldap3_version  0.3.0
 %global packaging_version             24.0
 %global psycopg2_version              2.9.9
-%global pysaml2_version               7.5.0
+%global pysaml2_version               7.3.1
-# TODO: 1.4.0
+%global Authlib_version               1.3.1
-%global Authlib_version               1.3.2
+# TODO 5.3.0
-%global lxml_version                  5.3.0
+%global lxml_version                  5.2.2
-# TODO: 2.19.2
+%global sentry_sdk_version            2.13.0
 %global sentry_sdk_version            2.19.0
 %global PyJWT_version                 2.6.0
 %global jaeger_client_version         4.8.0
 %global opentracing_version           2.4.0
@ -76,7 +76,7 @@
 # some version locks based on poetry.lock
 %global Jinja2_version                3.0
 %global Pillow_version                10.0.1
-%global PyYAML_version                5.3
+%global PyYAML_version                3.13
 %global Twisted_version               18.9.0
 %global attrs_version                 21.1.1
 %global bcrypt_version                3.1.7
@ -126,11 +126,7 @@
 %define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
-%if 0%{?suse_version} >= 1600
+%define use_python python3
 %define use_python %{primary_python}
 %else
 %define use_python python311
 %endif
 %define pythons %{use_python}
@ -159,7 +155,7 @@
 %define         pkgname matrix-synapse
 %define         eggname matrix_synapse
 Name:           %{pkgname}
-Version:        1.124.0
+Version:        1.114.0
 Release:        0
 Summary:        Matrix protocol reference homeserver
 License:        AGPL-3.0-or-later
@ -181,21 +177,12 @@ Patch1:         bump-dependencies.patch
 # https://github.com/matrix-org/synapse/pull/10719
 # disable by marking as source until we get a decision upstream
 Source100:      10719-Fix-instert-of-duplicate-key-into-event_json.patch
-BuildRequires:  %{use_python}-base >= 3.11
+BuildRequires:  %{use_python}-base >= 3.8
 BuildRequires:  %{use_python}-pip
 BuildRequires:  %{use_python}-poetry-core >= 1.1.0
 BuildRequires:  %{use_python}-setuptools
 BuildRequires:  %{use_python}-wheel
-# workaround for:
+BuildRequires:  cargo
 # zypper in cargo1.79 cargo cargo-packaging
 # Problem: 1: the to be installed cargo-1.81.0-150500.27.21.1.x86_64 obsoletes 'cargo1.79' provided by the to be installed cargo1.79-1.79.0-150500.11.3.1.x86_64
 #   Solution 1: do not install cargo1.79-1.79.0-150500.11.3.1.x86_64
 #   Solution 2: do not install cargo-1.81.0-150500.27.21.1.x86_64
 #
 #!BuildIgnore: cargo
 #!BuildIgnore: rust
 %global rust_version 1.82
 BuildRequires:  cargo%{rust_version}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 BuildRequires:  systemd-rpm-macros
@ -205,7 +192,7 @@ BuildRequires:  unzip
 %{?systemd_ordering}
 %{sysusers_requires}
 %requires_peq   %{use_python}-base
-BuildRequires:  (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.11)
+BuildRequires:  (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.9.0)
 # NOTE: Keep this is in the same order as pyproject.toml.
 # some version locks based on poetry.lock
 BuildRequires:  %{use_python}-Jinja2 >= %{Jinja2_version}
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:b9c901122378e1d64dc5f5bca1852dc1c5bc7d7271cbcd2777674d644f3fcc05
+oid sha256:87d43a1ae29ef0be416730d4765189d904505ee047e99780202657f6d8284389
-size 4120195
+size 7122019