b7078adbe3
Accepting request 1314344 from network:messaging:matrix
Ana Guerrero2025-10-29 20:08:33 +00:00
60d136545d
- Update to 1.141.0 - Features - Allow using MSC4190 behavior without the opt-in registration flag. Contributed by @tulir @ Beeper. (#19031) - Stabilize support for MSC4326: Device masquerading for appservices. Contributed by @tulir @ Beeper. (#19033) - Bugfixes - Fix users being unable to log in if their password, or the server's configured pepper, was too long. (#19101) - Fix a bug introduced in 1.136.0 that would prevent Synapse from being able to be reload-ed more than once when running under systemd. (#19060) - Fix a bug introduced in 1.140.0 where an internal server error could be raised when hashing user passwords that are too long. (#19078) - Updates to the Docker image - Update docker image to use Debian trixie as the base and thus Python 3.13. (#19064) - Internal Changes - Move unique snowflake homeserver background tasks to start_background_tasks (the standard pattern for this kind of thing). (#19037) - Drop a deprecated field of the PyGitHub dependency in the release script and raise the dependency's minimum version to 1.59.0. (#19039) - Update TODO list of conflicting areas where we encounter metrics being clobbered (ApplicationService). (#19040)
Marcus Rueckert2025-10-29 12:04:09 +00:00
b053144bae
- Fix a bug introduced in 1.139.1 where a client could receive an Internal Server Error if they set device_keys: null in the request to POST /_matrix/client/v3/keys/upload. (#19023)
Marcus Rueckert2025-10-11 13:10:34 +00:00
0bd34b9854
- Update to 1.139.2 - Update KeyUploadServlet to handle case where client sends device_keys: null (#19023) Introduced in 1.139.1
Marcus Rueckert2025-10-07 19:01:38 +00:00
a9291159fc
- Update to 1.139.1 (boo#1251231) - Security Fixes - Fix CVE-2025-61672 / GHSA-fh66-fcv5-jjfr. Lack of validation for device keys in Synapse before 1.139.1 allows an attacker registered on the victim homeserver to degrade federation functionality, unpredictably breaking outbound federation to other homeservers. (#17097) - Deprecations and Removals - Drop support for unstable field names from the long-accepted MSC2732 (Olm fallback keys) proposal. This change allows unit tests to pass following the security patch above. (#18996)
Marcus Rueckert2025-10-07 13:11:15 +00:00
d18424da1c
Accepting request 1308371 from network:messaging:matrix
Ana Guerrero2025-10-01 16:57:35 +00:00
2476a807c7
Accepting request 1306939 from network:messaging:matrix
Ana Guerrero2025-09-25 16:44:54 +00:00
416d37506f
- Update to 1.138.2 - Fix a performance regression related to the experimental Delayed Events (MSC4140) feature. (#18926)
Marcus Rueckert2025-09-24 13:21:07 +00:00
005d66a620
Accepting request 1303352 from network:messaging:matrix
Ana Guerrero2025-09-09 18:30:46 +00:00
f6087c103b
- Update to 1.135.2 This is the Synapse portion of the Matrix coordinated security release. This release includes support for room version 12 which fixes a number of security vulnerabilities, including CVE-2025-49090. The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients. - Bugfixes - Fix invalidation of storage cache that was broken in 1.135.0. (#18786) - Internal Changes - Add a parameter to upgrade_rooms(..) to allow auto join local users. (#82) - Speed up upgrading a room with large numbers of banned users. (#18574)
Marcus Rueckert2025-08-11 19:43:06 +00:00
dab555ed5c
Accepting request 1289572 from network:messaging:matrix
Ana Guerrero2025-07-02 10:11:26 +00:00
1930d2b680
- Update to 1.133.0 - Features - Add support for the MSC4260 user report API. (#18120) - Bugfixes - Fix an issue where, during state resolution for v11 rooms, Synapse would incorrectly calculate the power level of the creator when there was no power levels event in the room. (#18534, #18547) - Fix long-standing bug where sliding sync did not honour the room_id_to_include config option. (#18535) - Fix an issue where "Lock timeout is getting excessive" warnings would be logged even when the lock timeout was <10 minutes. (#18543) - Fix an issue where Synapse could calculate the wrong power level for the creator of the room if there was no power levels event. (#18545) - Improved Documentation - Generate config documentation from JSON Schema file. (#18528) - Fix typo in user type documentation. (#18568) - Internal Changes - Increase performance of introspecting access tokens when using delegated auth. (#18357, #18561) - Log user deactivations. (#18541) - Enable flake8-logging and flake8-logging-format rules in Ruff and fix related issues throughout the codebase. (#18542) - Clean up old, unused rows from the device_federation_inbox table. (#18546) - Run config schema CI on develop and release branches. (#18551) - Add support for Twisted 25.5.0+ releases. (#18577)
Marcus Rueckert2025-07-01 16:06:57 +00:00
1016083bcf
- Update to 1.129.0 - Features - Add passthrough_authorization_parameters in OIDC configuration to allow passing parameters to the authorization grant URL. (#18232) - Add total_event_count, total_message_count, and total_e2ee_event_count fields to the homeserver usage statistics. (#18260) - Bugfixes - Fix force_tracing_for_users config when using delegated auth. (#18334) - Fix the token introspection cache logging access tokens when MAS integration is in use. (#18335) - Stop caching introspection failures when delegating auth to MAS. (#18339) - Fix ExternalIDReuse exception after migrating to MAS on workers with a high traffic. (#18342) - Fix minor performance regression caused by tracking of room participation. Regressed in v1.128.0. (#18345) - Updates to the Docker image - Optimize the build of the complement-synapse image. (#18294) - Internal Changes - Revert the slow background update introduced by #18068 in v1.128.0. (#18372) - Revert "Add total event, unencrypted message, and e2ee event counts to stats reporting", added in v1.129.0rc1. (#18373) - Disable statement timeout during room purge. (#18133) - Add cache to storage functions used to auth requests when using delegated auth. (#18337)
Marcus Rueckert2025-05-06 12:50:59 +00:00
7fcf96c07b
- Update to 1.127.1 Fix CVE-2025-30355 / GHSA-v56r-hwv5-mxg6. High severity vulnerability affecting federation. The vulnerability has been exploited in the wild.
Marcus Rueckert2025-03-26 21:58:17 +00:00
2c64585e4f
Accepting request 1255975 from network:messaging:matrix
Ana Guerrero2025-03-25 21:12:40 +00:00
301e83f74f
- Update to 1.127.0 - Features - Update MSC4140 implementation to no longer cancel a user's own delayed state events with an event type & state key that match a more recent state event sent by that user. (#17810) - Improved Documentation - Fixed a minor typo in the Synapse documentation. Contributed by @karuto12. (#18224) - Internal Changes - Remove undocumented SYNAPSE_USE_FROZEN_DICTS environment variable. (#18123) - Fix detection of workflow failures in the release script. (#18211) - Add caching support to media endpoints. (#18235) - Updates to locked dependencies - Bump anyhow from 1.0.96 to 1.0.97. (#18201) - Bump bcrypt from 4.2.1 to 4.3.0. (#18207) - Bump bytes from 1.10.0 to 1.10.1. (#18227) - Bump http from 1.2.0 to 1.3.1. (#18245) - Bump sentry-sdk from 2.19.2 to 2.22.0. (#18205) - Bump serde from 1.0.218 to 1.0.219. (#18228) - Bump serde_json from 1.0.139 to 1.0.140. (#18202) - Bump ulid from 1.2.0 to 1.2.1. (#18246)
Marcus Rueckert2025-03-25 13:23:09 +00:00
95e89ed4b0
Accepting request 1254393 from network:messaging:matrix
Ana Guerrero2025-03-19 21:33:28 +00:00
acecdd444e
- revert previous change as the dependencies are missing in the distro
Marcus Rueckert2025-03-12 11:58:33 +00:00
5f7deceb2b
Accepting request 1237892 from network:messaging:matrix
Ana Guerrero2025-01-15 16:43:19 +00:00
8778bdbcb5
- Update to 1.122.0 Please note that this version of Synapse drops support for PostgreSQL 11 and 12. The minimum version of PostgreSQL supported is now version 13. - Deprecations and Removals - Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034) - Features - Added the email.tlsname config option. This allows specifying the domain name used to validate the SMTP server's TLS certificate separately from the email.smtp_host to connect to. (#17849) - Module developers will have access to the user ID of the requester when adding check_username_for_spam callbacks to spam_checker_module_callbacks. Contributed by Wilson@Pangea.chat. (#17916) - Add endpoints to the Admin API to fetch the number of invites the provided user has sent after a given timestamp, fetch the number of rooms the provided user has joined after a given timestamp, and get report IDs of event reports against a provided user (i.e. where the user was the sender of the reported event). (#17948) - Support stable account suspension from MSC3823. (#17964) - Add macaroon_secret_key_path config option. (#17983) - Bugfixes - Fix bug when rejecting withdrew invite with a third_party_rules module, where the invite would be stuck for the client. (#17930) - Properly purge state groups tables when purging a room with the Admin API. (#18024) - Fix a bug preventing the admin redaction endpoint from
Marcus Rueckert2025-01-14 17:13:10 +00:00
2352946053
Accepting request 1230166 from network:messaging:matrix
Ana Guerrero2024-12-11 20:05:25 +00:00
2ddfac5fd1
- switch to primary_python to directly follow the default python without the python3 indirection
Marcus Rueckert2024-12-11 16:12:09 +00:00
57fe3bc8cc
Accepting request 1224013 from network:messaging:matrix
Ana Guerrero2024-11-14 15:09:14 +00:00
029fd6c091
- drop 17886.patch - refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again - Update to 1.119.0
Marcus Rueckert2024-11-13 16:03:02 +00:00
Ana Guerrero
Marcus Rueckert
Dominique Leuenberger
OBS User buildservice-autocommit