f6087c103b- Update to 1.135.2 This is the Synapse portion of the Matrix coordinated security release. This release includes support for room version 12 which fixes a number of security vulnerabilities, including CVE-2025-49090. The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients. - Bugfixes - Fix invalidation of storage cache that was broken in 1.135.0. (#18786) - Internal Changes - Add a parameter to upgrade_rooms(..) to allow auto join local users. (#82) - Speed up upgrading a room with large numbers of banned users. (#18574)Marcus Rueckert2025-08-11 19:43:06 +00:00
dab555ed5cAccepting request 1289572 from network:messaging:matrixAna Guerrero2025-07-02 10:11:26 +00:00
1930d2b680- Update to 1.133.0 - Features - Add support for the MSC4260 user report API. (#18120) - Bugfixes - Fix an issue where, during state resolution for v11 rooms, Synapse would incorrectly calculate the power level of the creator when there was no power levels event in the room. (#18534, #18547) - Fix long-standing bug where sliding sync did not honour the room_id_to_include config option. (#18535) - Fix an issue where "Lock timeout is getting excessive" warnings would be logged even when the lock timeout was <10 minutes. (#18543) - Fix an issue where Synapse could calculate the wrong power level for the creator of the room if there was no power levels event. (#18545) - Improved Documentation - Generate config documentation from JSON Schema file. (#18528) - Fix typo in user type documentation. (#18568) - Internal Changes - Increase performance of introspecting access tokens when using delegated auth. (#18357, #18561) - Log user deactivations. (#18541) - Enable flake8-logging and flake8-logging-format rules in Ruff and fix related issues throughout the codebase. (#18542) - Clean up old, unused rows from the device_federation_inbox table. (#18546) - Run config schema CI on develop and release branches. (#18551) - Add support for Twisted 25.5.0+ releases. (#18577)Marcus Rueckert2025-07-01 16:06:57 +00:00
1016083bcf- Update to 1.129.0 - Features - Add passthrough_authorization_parameters in OIDC configuration to allow passing parameters to the authorization grant URL. (#18232) - Add total_event_count, total_message_count, and total_e2ee_event_count fields to the homeserver usage statistics. (#18260) - Bugfixes - Fix force_tracing_for_users config when using delegated auth. (#18334) - Fix the token introspection cache logging access tokens when MAS integration is in use. (#18335) - Stop caching introspection failures when delegating auth to MAS. (#18339) - Fix ExternalIDReuse exception after migrating to MAS on workers with a high traffic. (#18342) - Fix minor performance regression caused by tracking of room participation. Regressed in v1.128.0. (#18345) - Updates to the Docker image - Optimize the build of the complement-synapse image. (#18294) - Internal Changes - Revert the slow background update introduced by #18068 in v1.128.0. (#18372) - Revert "Add total event, unencrypted message, and e2ee event counts to stats reporting", added in v1.129.0rc1. (#18373) - Disable statement timeout during room purge. (#18133) - Add cache to storage functions used to auth requests when using delegated auth. (#18337)Marcus Rueckert2025-05-06 12:50:59 +00:00
7fcf96c07b- Update to 1.127.1 Fix CVE-2025-30355 / GHSA-v56r-hwv5-mxg6. High severity vulnerability affecting federation. The vulnerability has been exploited in the wild.Marcus Rueckert2025-03-26 21:58:17 +00:00
2c64585e4fAccepting request 1255975 from network:messaging:matrixAna Guerrero2025-03-25 21:12:40 +00:00
301e83f74f- Update to 1.127.0 - Features - Update MSC4140 implementation to no longer cancel a user's own delayed state events with an event type & state key that match a more recent state event sent by that user. (#17810) - Improved Documentation - Fixed a minor typo in the Synapse documentation. Contributed by @karuto12. (#18224) - Internal Changes - Remove undocumented SYNAPSE_USE_FROZEN_DICTS environment variable. (#18123) - Fix detection of workflow failures in the release script. (#18211) - Add caching support to media endpoints. (#18235) - Updates to locked dependencies - Bump anyhow from 1.0.96 to 1.0.97. (#18201) - Bump bcrypt from 4.2.1 to 4.3.0. (#18207) - Bump bytes from 1.10.0 to 1.10.1. (#18227) - Bump http from 1.2.0 to 1.3.1. (#18245) - Bump sentry-sdk from 2.19.2 to 2.22.0. (#18205) - Bump serde from 1.0.218 to 1.0.219. (#18228) - Bump serde_json from 1.0.139 to 1.0.140. (#18202) - Bump ulid from 1.2.0 to 1.2.1. (#18246)Marcus Rueckert2025-03-25 13:23:09 +00:00
95e89ed4b0Accepting request 1254393 from network:messaging:matrixAna Guerrero2025-03-19 21:33:28 +00:00
acecdd444e- revert previous change as the dependencies are missing in the distroMarcus Rueckert2025-03-12 11:58:33 +00:00
5f7deceb2bAccepting request 1237892 from network:messaging:matrixAna Guerrero2025-01-15 16:43:19 +00:00
8778bdbcb5- Update to 1.122.0 Please note that this version of Synapse drops support for PostgreSQL 11 and 12. The minimum version of PostgreSQL supported is now version 13. - Deprecations and Removals - Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034) - Features - Added the email.tlsname config option. This allows specifying the domain name used to validate the SMTP server's TLS certificate separately from the email.smtp_host to connect to. (#17849) - Module developers will have access to the user ID of the requester when adding check_username_for_spam callbacks to spam_checker_module_callbacks. Contributed by Wilson@Pangea.chat. (#17916) - Add endpoints to the Admin API to fetch the number of invites the provided user has sent after a given timestamp, fetch the number of rooms the provided user has joined after a given timestamp, and get report IDs of event reports against a provided user (i.e. where the user was the sender of the reported event). (#17948) - Support stable account suspension from MSC3823. (#17964) - Add macaroon_secret_key_path config option. (#17983) - Bugfixes - Fix bug when rejecting withdrew invite with a third_party_rules module, where the invite would be stuck for the client. (#17930) - Properly purge state groups tables when purging a room with the Admin API. (#18024) - Fix a bug preventing the admin redaction endpoint fromMarcus Rueckert2025-01-14 17:13:10 +00:00
2352946053Accepting request 1230166 from network:messaging:matrixAna Guerrero2024-12-11 20:05:25 +00:00
2ddfac5fd1- switch to primary_python to directly follow the default python without the python3 indirectionMarcus Rueckert2024-12-11 16:12:09 +00:00
57fe3bc8ccAccepting request 1224013 from network:messaging:matrixAna Guerrero2024-11-14 15:09:14 +00:00
029fd6c091- drop 17886.patch - refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again - Update to 1.119.0Marcus Rueckert2024-11-13 16:03:02 +00:00
Ana Guerrero
Marcus Rueckert
Dominique Leuenberger
OBS User buildservice-autocommit
Oliver Kurz