Marcus Rueckert
045a451866
- Update to 1.33.1 OBS-URL: https://build.opensuse.org/request/show/891065 OBS-URL: https://build.opensuse.org/package/show/network:messaging:matrix/matrix-synapse?expand=0&rev=175
4141 lines
200 KiB
Plaintext
4141 lines
200 KiB
Plaintext
-------------------------------------------------------------------
|
||
Thu May 6 14:44:02 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.33.1
|
||
- Bugfixes
|
||
- Fix bug where /sync would break if using the latest version
|
||
of attrs dependency, by pinning to a previous version.
|
||
(#9937)
|
||
- sync BuildRequires with synapse/python_dependencies.py
|
||
- Jinja2 dep is now always required
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 5 18:45:30 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.33.0
|
||
- Features
|
||
- Update experimental support for MSC3083: restricting room
|
||
access via group membership. (#9800, #9814)
|
||
- Add experimental support for handling presence on a worker.
|
||
(#9819, #9820, #9828, #9850)
|
||
- Return a new template when an user attempts to renew their
|
||
account multiple times with the same token, stating that
|
||
their account is set to expire. This replaces the invalid
|
||
token template that would previously be shown in this case.
|
||
This change concerns the optional account validity feature.
|
||
(#9832)
|
||
- Bugfixes
|
||
- Fix tight loop when handling presence replication when using
|
||
workers. Introduced in v1.33.0rc1. (#9900)
|
||
- Fixes the OIDC SSO flow when using a public_baseurl value
|
||
including a non-root URL path. (#9726)
|
||
- Fix thumbnail generation for some sites with non-standard
|
||
content types. Contributed by @rkfg. (#9788)
|
||
- Add some sanity checks to identity server passed to 3PID
|
||
bind/unbind endpoints. (#9802)
|
||
- Limit the size of HTTP responses read over federation.
|
||
(#9833)
|
||
- Fix a bug which could cause Synapse to get stuck in a loop of
|
||
resyncing device lists. (#9867)
|
||
- Fix a long-standing bug where errors from federation did not
|
||
propagate to the client. (#9868)
|
||
- Improved Documentation
|
||
- Add a note to the docker docs mentioning that we mirror
|
||
upstream's supported Docker platforms. (#9801)
|
||
- Internal Changes
|
||
- Add a dockerfile for running Synapse in worker-mode under
|
||
Complement. (#9162)
|
||
- Apply pyupgrade across the codebase. (#9786)
|
||
- Move some replication processing out of generic_worker.
|
||
(#9796)
|
||
- Replace HomeServer.get_config() with inline references.
|
||
(#9815)
|
||
- Rename some handlers and config modules to not duplicate the
|
||
top-level module. (#9816)
|
||
- Fix a long-standing bug which caused max_upload_size to not
|
||
be correctly enforced. (#9817)
|
||
- Reduce CPU usage of the user directory by reusing existing
|
||
calculated room membership. (#9821)
|
||
- Small speed up for joining large remote rooms. (#9825)
|
||
- Introduce flake8-bugbear to the test suite and fix some of
|
||
its lint violations. (#9838)
|
||
- Only store the raw data in the in-memory caches, rather than
|
||
objects that include references to e.g. the data stores.
|
||
(#9845)
|
||
- Limit length of accepted email addresses. (#9855)
|
||
- Remove redundant synapse.types.Collection type definition.
|
||
(#9856)
|
||
- Handle recently added rate limits correctly when using
|
||
--no-rate-limit with the demo scripts. (#9858)
|
||
- Disable invite rate-limiting by default when running the unit
|
||
tests. (#9871)
|
||
- Pass a reactor into SynapseSite to make testing easier.
|
||
(#9874)
|
||
- Make DomainSpecificString an attrs class. (#9875)
|
||
- Add type hints to synapse.api.auth and
|
||
synapse.api.auth_blocking modules. (#9876)
|
||
- Remove redundant _PushHTTPChannel test class. (#9878)
|
||
- Remove backwards-compatibility code for Python versions <
|
||
3.6. (#9879)
|
||
- Small performance improvement around handling new local
|
||
presence updates. (#9887)
|
||
- refreshed patches:
|
||
dont-bump-cryptography-with-system-openssl.patch
|
||
matrix-synapse-1.4.1-paths.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 22 11:12:46 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to v1.32.2
|
||
- Bugfixes
|
||
- Fix a regression in Synapse 1.32.0 and 1.32.1 which caused
|
||
LoggingContext errors in plugins. (#9857)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Apr 21 14:08:11 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to v1.32.1
|
||
|
||
This release fixes a regression in Synapse 1.32.0 that caused
|
||
connected Prometheus instances to become unstable. If you ran
|
||
Synapse 1.32.0 with Prometheus metrics, first upgrade to Synapse
|
||
1.32.1 and follow these instructions to clean up any excess
|
||
writeahead logs.
|
||
|
||
- Bugfixes
|
||
- Fix a regression in Synapse 1.32.0 which caused Synapse to
|
||
report large numbers of Prometheus time series, potentially
|
||
overwhelming Prometheus instances. (#9854)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 20 17:15:24 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to v1.32.0
|
||
This release removes the deprecated GET
|
||
/_synapse/admin/v1/users/<user_id> admin API. Please use the v2
|
||
API instead, which has improved capabilities.
|
||
|
||
This release requires Application Services to use type
|
||
m.login.application_services when registering users via the
|
||
/_matrix/client/r0/register endpoint to comply with the spec.
|
||
Please ensure your Application Services are up to date.
|
||
|
||
- Features
|
||
- Add a Synapse module for routing presence updates between
|
||
users. (#9491)
|
||
- Add an admin API to manage ratelimit for a specific user.
|
||
(#9648)
|
||
- Include request information in structured logging output.
|
||
(#9654)
|
||
- Add order_by to the admin API GET /_synapse/admin/v2/users.
|
||
Contributed by @dklimpel. (#9691)
|
||
- Replace the room_invite_state_types configuration setting
|
||
with room_prejoin_state. (#9700)
|
||
- Add experimental support for MSC3083: restricting room access
|
||
via group membership. (#9717, #9735)
|
||
- Update experimental support for Spaces: include m.room.create
|
||
in the room state sent with room-invites. (#9710)
|
||
- Synapse now requires Python 3.6 or later. It also requires
|
||
Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
|
||
- Bugfixes
|
||
- Fix the log lines of nested logging contexts. Broke in
|
||
1.32.0rc1. (#9829)
|
||
- Prevent synapse_forward_extremities and
|
||
synapse_excess_extremity_events Prometheus metrics from
|
||
initially reporting zero-values after startup. (#8926)
|
||
- Fix recently added ratelimits to correctly honour the
|
||
application service rate_limited flag. (#9711)
|
||
- Fix longstanding bug which caused duplicate key value
|
||
violates unique constraint
|
||
"remote_media_cache_thumbnails_media_origin_media_id_thumbna_key"
|
||
errors. (#9725)
|
||
- Fix bug where sharded federation senders could get stuck
|
||
repeatedly querying the DB in a loop, using lots of CPU.
|
||
(#9770)
|
||
- Fix duplicate logging of exceptions thrown during federation
|
||
transaction processing. (#9780)
|
||
- Updates to the Docker image
|
||
- Move opencontainers labels to the final Docker image such
|
||
that users can inspect them. (#9765)
|
||
- Improved Documentation
|
||
- Make the allowed_local_3pids regex example in the sample
|
||
config stricter. (#9719)
|
||
- Deprecations and Removals
|
||
- Remove old admin API GET /_synapse/admin/v1/users/<user_id>.
|
||
(#9401)
|
||
- Make /_matrix/client/r0/register expect a type of
|
||
m.login.application_service when an Application Service
|
||
registers a user, to align with the relevant spec. (#9548)
|
||
- Internal Changes
|
||
- Replace deprecated imp module with successor importlib.
|
||
Contributed by Cristina Muñoz. (#9718)
|
||
- Experiment with GitHub Actions for CI. (#9661)
|
||
- Introduce flake8-bugbear to the test suite and fix some of
|
||
its lint violations. (#9682)
|
||
- Update scripts-dev/complement.sh to use a local checkout of
|
||
Complement, allow running a subset of tests and have it use
|
||
Synapse's Complement test blacklist. (#9685)
|
||
- Improve Jaeger tracing for to_device messages. (#9686)
|
||
- Add release helper script for automating part of the Synapse
|
||
release process. (#9713)
|
||
- Add type hints to expiring cache. (#9730)
|
||
- Convert various testcases to HomeserverTestCase. (#9736)
|
||
- Start linting mypy with no_implicit_optional. (#9742)
|
||
- Add missing type hints to federation handler and server.
|
||
(#9743)
|
||
- Check that a ConfigError is raised, rather than simply
|
||
Exception, when appropriate in homeserver config file
|
||
generation tests. (#9753)
|
||
- Fix incompatibility with tox 2.5. (#9769)
|
||
- Enable Complement tests for MSC2946: Spaces Summary API.
|
||
(#9771)
|
||
- Use mock from the standard library instead of a separate
|
||
package. (#9772)
|
||
- Update Black configuration to target Python 3.6. (#9781)
|
||
- Add option to skip unit tests when building Debian packages.
|
||
(#9793)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Apr 6 13:17:11 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.31.0
|
||
Note: As announced in v1.25.0, and in line with the deprecation
|
||
policy for platform dependencies, this is the last release to
|
||
support Python 3.5 and PostgreSQL 9.5. Future versions of Synapse
|
||
will require Python 3.6+ and PostgreSQL 9.6+, as per our
|
||
deprecation policy.
|
||
|
||
- Features
|
||
- Add support to OpenID Connect login for requiring attributes
|
||
on the userinfo response. Contributed by Hubbte King. (#9609)
|
||
- Add initial experimental support for a "space summary" API.
|
||
(#9643, #9652, #9653)
|
||
- Add support for the busy presence state as described in
|
||
MSC3026. (#9644)
|
||
- Add support for credentials for proxy authentication in the
|
||
HTTPS_PROXY environment variable. (#9657)
|
||
- Bugfixes
|
||
- Fix a longstanding bug that could cause issues when editing a
|
||
reply to a message. (#9585)
|
||
- Fix the /capabilities endpoint to return m.change_password as
|
||
disabled if the local password database is not used for
|
||
authentication. Contributed by @dklimpel. (#9588)
|
||
- Check if local passwords are enabled before setting them for
|
||
the user. (#9636)
|
||
- Fix a bug where federation sending can stall due to
|
||
concurrent access database exceptions when it falls behind.
|
||
(#9639)
|
||
- Fix a bug introduced in Synapse 1.30.1 which meant the
|
||
suggested pip incantation to install an updated cryptography
|
||
was incorrect. (#9699)
|
||
- Updates to the Docker image
|
||
- Speed up Docker builds and make it nicer to test against
|
||
Complement while developing (install all dependencies before
|
||
copying the project). (#9610)
|
||
- Include opencontainers labels in the Docker image. (#9612)
|
||
- Improved Documentation
|
||
- Add a document describing the deprecation policy for platform
|
||
dependencies. (#9723)
|
||
- Clarify that register_new_matrix_user is present also when
|
||
installed via non-pip package. (#9074)
|
||
- Update source install documentation to mention platform
|
||
prerequisites before the source install steps. (#9667)
|
||
- Improve worker documentation for fallback/web auth endpoints.
|
||
(#9679)
|
||
- Update the sample configuration for OIDC authentication.
|
||
(#9695)
|
||
- Internal Changes
|
||
- Revert using dmypy run in lint script. (#9720)
|
||
- Pin flake8-bugbear's version. (#9734)
|
||
- Preparatory steps for removing redundant outlier data from
|
||
event_json.internal_metadata column. (#9411)
|
||
- Add type hints to the caching module. (#9442)
|
||
- Introduce flake8-bugbear to the test suite and fix some of
|
||
its lint violations. (#9499, #9659)
|
||
- Add additional type hints to the Homeserver object. (#9631,
|
||
#9638, #9675, #9681)
|
||
- Only save remote cross-signing and device keys if they're
|
||
different from the current ones. (#9634)
|
||
- Rename storage function to fix spelling and not conflict with
|
||
another function's name. (#9637)
|
||
- Improve performance of federation catch up by sending the
|
||
latest events in the room to the remote, rather than just the
|
||
last event sent by the local server. (#9640, #9664)
|
||
- In the federation_client commandline client, stop
|
||
automatically adding the URL prefix, so that servlets on
|
||
other prefixes can be tested. (#9645)
|
||
- In the federation_client commandline client, handle inline
|
||
signing_keys in homeserver.yaml. (#9647)
|
||
- Fixed some antipattern issues to improve code quality.
|
||
(#9649)
|
||
- Add a storage method for pulling all current user presence
|
||
state from the database. (#9650)
|
||
- Import HomeServer from the proper module. (#9665)
|
||
- Increase default join ratelimiting burst rate. (#9674)
|
||
- Add type hints to third party event rules and visibility
|
||
modules. (#9676)
|
||
- Bump mypy-zope to 0.2.13 to fix "Cannot determine consistent
|
||
method resolution order (MRO)" errors when running mypy a
|
||
second time. (#9678)
|
||
- Use interpreter from $PATH via /usr/bin/env instead of
|
||
absolute paths in various scripts. (#9689)
|
||
- Make it possible to use dmypy. (#9692)
|
||
- Suppress "CryptographyDeprecationWarning: int_from_bytes is
|
||
deprecated". (#9698)
|
||
- Use dmypy run in lint script for improved performance in
|
||
type-checking while developing. (#9701)
|
||
- Fix undetected mypy error when using Python 3.6. (#9703)
|
||
- Fix type-checking CI on develop. (#9709)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Mar 26 12:39:34 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.30.1
|
||
This release is identical to Synapse 1.30.0, with the exception
|
||
of explicitly setting a minimum version of Python's Cryptography
|
||
library to ensure that users of Synapse are protected from the
|
||
recent OpenSSL security advisories, especially CVE-2021-3449.
|
||
- Internal Changes
|
||
- Enforce that `cryptography` dependency is up to date to
|
||
ensure it has the most recent openssl patches. (#9697)
|
||
|
||
- Note: we do not bump the cryptography dependency in our package
|
||
as we use the system OpenSSL which gets the fix.
|
||
|
||
Add dont-bump-cryptography-with-system-openssl.patch to comment
|
||
out the dependency because otherwise the newer version
|
||
requirement is enforced on startup
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 22 14:02:31 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.30.0
|
||
Note that this release deprecates the ability for appservices to
|
||
call POST /_matrix/client/r0/register without the body parameter
|
||
type. Appservice developers should use a type value of
|
||
m.login.application_service as per the spec. In future releases,
|
||
calling this endpoint with an access token - but without a
|
||
m.login.application_service type - will fail.
|
||
|
||
- Features
|
||
- Add prometheus metrics for number of users successfully
|
||
registering and logging in. (#9510, #9511, #9573)
|
||
- Add synapse_federation_last_sent_pdu_time and
|
||
synapse_federation_last_received_pdu_time prometheus metrics,
|
||
which monitor federation delays by reporting the timestamps
|
||
of messages sent and received to a set of remote servers.
|
||
(#9540)
|
||
- Add support for generating JSON Web Tokens dynamically for
|
||
use as OIDC client secrets. (#9549)
|
||
- Optimise handling of incomplete room history for incoming
|
||
federation. (#9601)
|
||
- Finalise support for allowing clients to pick an SSO Identity
|
||
Provider (MSC2858). (#9617)
|
||
- Tell spam checker modules about the SSO IdP a user registered
|
||
through if one was used. (#9626)
|
||
- Bugfixes
|
||
- Fix long-standing bug when generating thumbnails for some
|
||
images with transparency: TypeError: cannot unpack
|
||
non-iterable int object. (#9473)
|
||
- Purge chain cover indexes for events that were purged prior
|
||
to Synapse v1.29.0. (#9542, #9583)
|
||
- Fix bug where federation requests were not correctly retried
|
||
on 5xx responses. (#9567)
|
||
- Fix re-activating an account via the admin API when local
|
||
passwords are disabled. (#9587)
|
||
- Fix a bug introduced in Synapse 1.20 which caused incoming
|
||
federation transactions to stack up, causing slow recovery
|
||
from outages. (#9597)
|
||
- Fix a bug introduced in v1.28.0 where the OpenID Connect
|
||
callback endpoint could error with a MacaroonInitException.
|
||
(#9620)
|
||
- Fix Internal Server Error on GET
|
||
/_synapse/client/saml2/authn_response request. (#9623)
|
||
- Updates to the Docker image
|
||
- Use jemalloc if available in docker. (#8553)
|
||
- Improved Documentation
|
||
- Add relayd entry to reverse proxy example configurations.
|
||
(#9508)
|
||
- Improve the SAML2 upgrade notes for 1.27.0. (#9550)
|
||
- Link to the "List user's media" admin API from the media
|
||
admin API docs. (#9571)
|
||
- Clarify the spam checker modules documentation example to
|
||
mention that parse_config is a required method. (#9580)
|
||
- Clarify the sample configuration for stats settings. (#9604)
|
||
- Deprecations and Removals
|
||
- The synapse_federation_last_sent_pdu_age and
|
||
synapse_federation_last_received_pdu_age prometheus metrics
|
||
have been removed. They are replaced by
|
||
synapse_federation_last_sent_pdu_time and
|
||
synapse_federation_last_received_pdu_time. (#9540)
|
||
- Registering an Application Service user without using the
|
||
m.login.application_service login type will be unsupported in
|
||
an upcoming Synapse release. (#9559)
|
||
- Internal Changes
|
||
- Add tests to ResponseCache. (#9458)
|
||
- Add type hints to purge room and server notice admin API.
|
||
(#9520)
|
||
- Add extra logging to ObservableDeferred when callbacks throw
|
||
exceptions. (#9523)
|
||
- Fix incorrect type hints. (#9528, #9543, #9591, #9608, #9618)
|
||
- Add an additional test for purging a room. (#9541)
|
||
- Add a .git-blame-ignore-revs file with the hashes of
|
||
auto-formatting. (#9560)
|
||
- Increase the threshold before which outbound federation to a
|
||
server goes into "catch up" mode, which is expensive for the
|
||
remote server to handle. (#9561)
|
||
- Fix spurious errors reported by the config-lint.sh script.
|
||
(#9562)
|
||
- Fix type hints and tests for BlacklistingAgentWrapper and
|
||
BlacklistingReactorWrapper. (#9563)
|
||
- Do not have mypy ignore type hints from unpaddedbase64.
|
||
(#9568)
|
||
- Improve efficiency of calculating the auth chain in large
|
||
rooms. (#9576)
|
||
- Convert synapse.types.Requester to an attrs class. (#9586)
|
||
- Add logging for redis connection setup. (#9590)
|
||
- Improve logging when processing incoming transactions.
|
||
(#9596)
|
||
- Remove unused stats.retention setting, and emit a warning if
|
||
stats are disabled. (#9604)
|
||
- Prevent attempting to bundle aggregations for state events in
|
||
/context APIs. (#9619)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 8 21:27:57 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.29.0
|
||
Note that synapse now expects an X-Forwarded-Proto header when
|
||
used with a reverse proxy. Please see UPGRADE.rst for more
|
||
details on this change.
|
||
|
||
- Features
|
||
- Add rate limiters to cross-user key sharing requests. (#8957)
|
||
- Add order_by to the admin API GET
|
||
/_synapse/admin/v1/users/<user_id>/media. Contributed by
|
||
@dklimpel. (#8978)
|
||
- Add some configuration settings to make users' profile data
|
||
more private. (#9203)
|
||
- The no_proxy and NO_PROXY environment variables are now
|
||
respected in proxied HTTP clients with the lowercase form
|
||
taking precedence if both are present. Additionally, the
|
||
lowercase https_proxy environment variable is now respected
|
||
in proxied HTTP clients on top of existing support for the
|
||
uppercase HTTPS_PROXY form and takes precedence if both are
|
||
present. Contributed by Timothy Leung. (#9372)
|
||
- Add a configuration option,
|
||
user_directory.prefer_local_users, which when enabled will
|
||
make it more likely for users on the same server as you to
|
||
appear above other users. (#9383, #9385)
|
||
- Add support for regenerating thumbnails if they have been
|
||
deleted but the original image is still stored. (#9438)
|
||
- Add support for X-Forwarded-Proto header when using a reverse
|
||
proxy. (#9472, #9501, #9512, #9539)
|
||
- Bugfixes
|
||
- Fix a bug where users' pushers were not all deleted when they
|
||
deactivated their account. (#9285, #9516)
|
||
- Fix a bug where a lot of unnecessary presence updates were
|
||
sent when joining a room. (#9402)
|
||
- Fix a bug that caused multiple calls to the experimental
|
||
shared_rooms endpoint to return stale results. (#9416)
|
||
- Fix a bug in single sign-on which could cause a "No session
|
||
cookie found" error. (#9436)
|
||
- Fix bug introduced in v1.27.0 where allowing a user to choose
|
||
their own username when logging in via single sign-on did not
|
||
work unless an idp_icon was defined. (#9440)
|
||
- Fix a bug introduced in v1.26.0 where some sequences were not
|
||
properly configured when running synapse_port_db. (#9449)
|
||
- Fix deleting pushers when using sharded pushers. (#9465,
|
||
#9466, #9479, #9536)
|
||
- Fix missing startup checks for the consistency of certain
|
||
PostgreSQL sequences. (#9470)
|
||
- Fix a long-standing bug where the media repository could leak
|
||
file descriptors while previewing media. (#9497)
|
||
- Properly purge the event chain cover index when purging
|
||
history. (#9498)
|
||
- Fix missing chain cover index due to a schema delta not being
|
||
applied correctly. Only affected servers that ran development
|
||
versions. (#9503)
|
||
- Fix a bug introduced in v1.25.0 where /_synapse/admin/join/
|
||
would fail when given a room alias. (#9506)
|
||
- Prevent presence background jobs from running when presence
|
||
is disabled. (#9530)
|
||
- Fix rare edge case that caused a background update to fail if
|
||
the server had rejected an event that had duplicate auth
|
||
events. (#9537)
|
||
- Improved Documentation
|
||
- Update the example systemd config to propagate reloads to
|
||
individual units. (#9463)
|
||
- Internal Changes
|
||
- Add documentation and type hints to parse_duration. (#9432)
|
||
- Remove vestiges of uploads_path configuration setting.
|
||
(#9462)
|
||
- Add a comment about systemd-python. (#9464)
|
||
- Test that we require validated email for email pushers.
|
||
(#9496)
|
||
- Allow python to generate bytecode for synapse. (#9502)
|
||
- Fix incorrect type hints. (#9515, #9518)
|
||
- Add type hints to device and event report admin API. (#9519)
|
||
- Add type hints to user admin API. (#9521)
|
||
- Bump the versions of mypy and mypy-zope used for static type
|
||
checking. (#9529)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 25 22:00:48 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.28.0
|
||
This release fixes the documentation included in v1.27.0 around
|
||
the callback URI for SAML2 identity providers. If your server is
|
||
configured to use single sign-on via a SAML2 IdP, you may need to
|
||
make configuration changes. Please review UPGRADE.rst for more
|
||
details on these changes.
|
||
|
||
Removal warning
|
||
- The v1 list accounts API is deprecated and will be removed in a
|
||
future release. This API was undocumented and misleading. It
|
||
can be replaced by the v2 list accounts API, which has been
|
||
available since Synapse 1.7.0 (2019-12-13).
|
||
|
||
- Please check if you're using any scripts which use the admin
|
||
API and replace GET /_synapse/admin/v1/users/<user_id> with GET
|
||
/_synapse/admin/v2/users.
|
||
|
||
- Features
|
||
- New admin API to get the context of an event:
|
||
/_synapse/admin/rooms/{roomId}/context/{eventId}. (#9150)
|
||
- Further improvements to the user experience of registration
|
||
via single sign-on. (#9300, #9301)
|
||
- Add hook to spam checker modules that allow checking file
|
||
uploads and remote downloads. (#9311)
|
||
- Add support for receiving OpenID Connect authentication
|
||
responses via form POSTs rather than GETs. (#9376)
|
||
- Add the shadow-banning status to the admin API for user info.
|
||
(#9400)
|
||
- Bugfixes
|
||
- Fix long-standing bug where sending email notifications would
|
||
fail for rooms that the server had since left. (#9257)
|
||
- Fix bug in Synapse 1.27.0rc1 which meant the "session
|
||
expired" error page during SSO registration was badly
|
||
formatted. (#9296)
|
||
- Assert a maximum length for some parameters for spec
|
||
compliance. (#9321, #9393)
|
||
- Fix additional errors when previewing URLs: "AttributeError
|
||
'NoneType' object has no attribute 'xpath'" and "ValueError:
|
||
Unicode strings with encoding declaration are not supported.
|
||
Please use bytes input or XML fragments without
|
||
declaration.". (#9333)
|
||
- Fix a bug causing Synapse to impose the wrong type
|
||
constraints on fields when processing responses from
|
||
appservices to /_matrix/app/v1/thirdparty/user/{protocol}.
|
||
(#9361)
|
||
- Fix bug where Synapse would occasionally stop reconnecting to
|
||
Redis after the connection was lost. (#9391)
|
||
- Fix a long-standing bug when upgrading a room: "TypeError:
|
||
'>' not supported between instances of 'NoneType' and 'int'".
|
||
(#9395)
|
||
- Reduce the amount of memory used when generating the URL
|
||
preview of a file that is larger than the max_spider_size.
|
||
(#9421)
|
||
- Fix a long-standing bug in the deduplication of old presence,
|
||
resulting in no deduplication. (#9425)
|
||
- The ui_auth.session_timeout config option can now be
|
||
specified in terms of number of seconds/minutes/etc/.
|
||
Contributed by Rishabh Arya. (#9426)
|
||
- Fix a bug introduced in v1.27.0: "TypeError: int() argument
|
||
must be a string, a bytes-like object or a number, not
|
||
'NoneType." related to the user directory. (#9428)
|
||
- Updates to the Docker image
|
||
- Drop support for ARMv7 in Docker images. (#9433)
|
||
- Improved Documentation
|
||
- Reorganize CHANGELOG.md. (#9281)
|
||
- Add note to auto_join_rooms config option explaining existing
|
||
rooms must be publicly joinable. (#9291)
|
||
- Correct name of Synapse's service file in TURN howto. (#9308)
|
||
- Fix the braces in the oidc_providers section of the sample
|
||
config. (#9317)
|
||
- Update installation instructions on Fedora. (#9322)
|
||
- Add HTTP/2 support to the nginx example configuration.
|
||
Contributed by David Vo. (#9390)
|
||
- Update docs for using Gitea as OpenID provider. (#9404)
|
||
- Document that pusher instances are shardable. (#9407)
|
||
- Fix erroneous documentation from v1.27.0 about updating the
|
||
SAML2 callback URL. (#9434)
|
||
- Deprecations and Removals
|
||
- Deprecate old admin API GET
|
||
/_synapse/admin/v1/users/<user_id>. (#9429)
|
||
- Internal Changes
|
||
- Revert change in v1.28.0rc1 to remove the deprecated SAML
|
||
endpoint. (#9474)
|
||
- Fix 'object name reserved for internal use' errors with
|
||
recent versions of SQLite. (#9003)
|
||
- Add experimental support for running Synapse with PyPy.
|
||
(#9123)
|
||
- Deny access to additional IP addresses by default. (#9240)
|
||
- Update the Cursor type hints to better match PEP 249. (#9299)
|
||
- Add debug logging for SRV lookups. Contributed by @Bubu.
|
||
(#9305)
|
||
- Improve logging for OIDC login flow. (#9307)
|
||
- Share the code for handling required attributes between the
|
||
CAS and SAML handlers. (#9326)
|
||
- Clean up the code to load the metadata for OpenID Connect
|
||
identity providers. (#9362)
|
||
- Convert tests to use HomeserverTestCase. (#9377, #9396)
|
||
- Update the version of black used to 20.8b1. (#9381)
|
||
- Allow OIDC config to override discovered values. (#9384)
|
||
- Remove some dead code from the acceptance of room invites
|
||
path. (#9394)
|
||
- Clean up an unused method in the presence handler code.
|
||
(#9408)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 16 14:12:41 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.27.0
|
||
Note that this release includes a change in Synapse to use Redis
|
||
as a cache ─ as well as a pub/sub mechanism ─ if Redis support is
|
||
enabled for workers. No action is needed by server
|
||
administrators, and we do not expect resource usage of the Redis
|
||
instance to change dramatically.
|
||
|
||
This release also changes the callback URI for OpenID Connect
|
||
(OIDC) identity providers. If your server is configured to use
|
||
single sign-on via an OIDC/OAuth2 IdP, you may need to make
|
||
configuration changes. Please review UPGRADE.rst for more details
|
||
on these changes.
|
||
|
||
This release also changes escaping of variables in the HTML
|
||
templates for SSO or email notifications. If you have customised
|
||
these templates, please review UPGRADE.rst for more details on
|
||
these changes.
|
||
|
||
- Features
|
||
- Further improvements to the user experience of registration
|
||
via single sign-on. (#9297)
|
||
- Add an admin API for getting and deleting forward extremities
|
||
for a room. (#9062)
|
||
- Add an admin API for retrieving the current room state of a
|
||
room. (#9168)
|
||
- Add experimental support for allowing clients to pick an SSO
|
||
Identity Provider (MSC2858). (#9183, #9242)
|
||
- Add an admin API endpoint for shadow-banning users. (#9209)
|
||
- Add ratelimits to the 3PID /requestToken APIs. (#9238)
|
||
- Add support to the OpenID Connect integration for adding the
|
||
user's email address. (#9245)
|
||
- Add ratelimits to invites in rooms and to specific users.
|
||
(#9258)
|
||
- Improve the user experience of setting up an account via
|
||
single-sign on. (#9262, #9272, #9275, #9276, #9277, #9286,
|
||
#9287)
|
||
- Add phone home stats for encrypted messages. (#9283)
|
||
- Update the redirect URI for OIDC authentication. (#9288)
|
||
- Bugfixes
|
||
- Fix ratelimiting introduced in v1.27.0rc1 for invites to
|
||
respect the ratelimit flag on application services. (#9302)
|
||
- Do not automatically calculate public_baseurl since it can be
|
||
wrong in some situations. Reverts behaviour introduced in
|
||
v1.26.0. (#9313)
|
||
- Fix spurious errors in logs when deleting a non-existant
|
||
pusher. (#9121)
|
||
- Fix a long-standing bug where Synapse would return a 500
|
||
error when a thumbnail did not exist (and auto-generation of
|
||
thumbnails was not enabled). (#9163)
|
||
- Fix a long-standing bug where an internal server error was
|
||
raised when attempting to preview an HTML document in an
|
||
unknown character encoding. (#9164)
|
||
- Fix a long-standing bug where invalid data could cause errors
|
||
when calculating the presentable room name for push. (#9165)
|
||
- Fix bug where we sometimes didn't detect that Redis
|
||
connections had died, causing workers to not see new data.
|
||
(#9218)
|
||
- Fix a bug where None was passed to Synapse modules instead of
|
||
an empty dictionary if an empty module config block was
|
||
provided in the homeserver config. (#9229)
|
||
- Fix a bug in the make_room_admin admin API where it failed if
|
||
the admin with the greatest power level was not in the room.
|
||
Contributed by Pankaj Yadav. (#9235)
|
||
- Prevent password hashes from getting dropped if a client
|
||
failed threepid validation during a User Interactive Auth
|
||
stage. Removes a workaround for an ancient bug in Riot Web
|
||
<v0.7.4. (#9265)
|
||
- Fix single-sign-on when the endpoints are routed to synapse
|
||
workers. (#9271)
|
||
- Improved Documentation
|
||
- Clarify the sample configuration for changes made to the
|
||
template loading code. (#9310)
|
||
- Add docs for using Gitea as OpenID provider. (#9134)
|
||
- Add link to Matrix VoIP tester for turn-howto. (#9135)
|
||
- Add notes on integrating with Facebook for SSO login. (#9244)
|
||
- Deprecations and Removals
|
||
- The service_url parameter in cas_config is deprecated in
|
||
favor of public_baseurl. (#9199)
|
||
- Add new endpoint /_synapse/client/saml2 for SAML2
|
||
authentication callbacks, and deprecate the old endpoint
|
||
/_matrix/saml2. (#9289)
|
||
- Internal Changes
|
||
- Add tests to test_user.UsersListTestCase for List Users Admin
|
||
API. (#9045)
|
||
- Various improvements to the federation client. (#9129)
|
||
- Speed up chain cover calculation when persisting a batch of
|
||
state events at once. (#9176)
|
||
- Add a long_description_type to the package metadata. (#9180)
|
||
- Speed up batch insertion when using PostgreSQL. (#9181,
|
||
#9188)
|
||
- Emit an error at startup if different Identity Providers are
|
||
configured with the same idp_id. (#9184)
|
||
- Improve performance of concurrent use of StreamIDGenerators.
|
||
(#9190)
|
||
- Add some missing source directories to the automatic linting
|
||
script. (#9191)
|
||
- Precompute joined hosts and store in Redis. (#9198, #9227)
|
||
- Clean-up template loading code. (#9200)
|
||
- Fix the Python 3.5 old dependencies build. (#9217)
|
||
- Update isort to v5.7.0 to bypass a bug where it would
|
||
disagree with black about formatting. (#9222)
|
||
- Add type hints to handlers code. (#9223, #9232)
|
||
- Fix Debian package building on Ubuntu 16.04 LTS (Xenial).
|
||
(#9254)
|
||
- Minor performance improvement during TLS handshake. (#9255)
|
||
- Refactor the generation of summary text for email
|
||
notifications. (#9260)
|
||
- Restore PyPy compatibility by not calling CPython-specific GC
|
||
methods when under PyPy. (#9270)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Feb 11 17:23:36 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- no longer have a 2nd changes file for the test package. OBS uses
|
||
the main changes file now.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 28 01:01:53 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.26.0
|
||
This release brings a new schema version for Synapse and rolling
|
||
back to a previous version is not trivial. Please review
|
||
UPGRADE.rst for more details on these changes and for general
|
||
upgrade guidance.
|
||
|
||
- Features
|
||
- Add support for multiple SSO Identity Providers. (#9015,
|
||
#9017, #9036, #9067, #9081, #9082, #9105, #9107, #9109,
|
||
#9110, #9127, #9153, #9154, #9177)
|
||
- During user-interactive authentication via single-sign-on,
|
||
give a better error if the user uses the wrong account on the
|
||
SSO IdP. (#9091)
|
||
- Give the public_baseurl a default value, if it is not
|
||
explicitly set in the configuration file. (#9159)
|
||
- Improve performance when calculating ignored users in large
|
||
rooms. (#9024)
|
||
- Implement MSC2176 in an experimental room version. (#8984)
|
||
- Add an admin API for protecting local media from quarantine.
|
||
(#9086)
|
||
- Remove a user's avatar URL and display name when deactivated
|
||
with the Admin API. (#8932)
|
||
- Update /_synapse/admin/v1/users/<user_id>/joined_rooms to
|
||
work for both local and remote users. (#8948)
|
||
- Add experimental support for handling to-device messages on
|
||
worker processes. (#9042, #9043, #9044, #9130)
|
||
- Add experimental support for handling /keys/claim and
|
||
/room_keys APIs on worker processes. (#9068)
|
||
- Add experimental support for handling /devices API on worker
|
||
processes. (#9092)
|
||
- Add experimental support for moving off receipts and account
|
||
data persistence off master. (#9104, #9166)
|
||
- Bugfixes
|
||
- Fix receipts and account data not being sent down sync.
|
||
Introduced in v1.26.0rc1. (#9193, #9195)
|
||
- Fix chain cover update to handle events with duplicate auth
|
||
events. Introduced in v1.26.0rc1. (#9210)
|
||
- Fix a long-standing issue where an internal server error
|
||
would occur when requesting a profile over federation that
|
||
did not include a display name / avatar URL. (#9023)
|
||
- Fix a long-standing bug where some caches could grow larger
|
||
than configured. (#9028)
|
||
- Fix error handling during insertion of client IPs into the
|
||
database. (#9051)
|
||
- Fix bug where we didn't correctly record CPU time spent in
|
||
on_new_event block. (#9053)
|
||
- Fix a minor bug which could cause confusing error messages
|
||
from invalid configurations. (#9054)
|
||
- Fix incorrect exit code when there is an error at startup.
|
||
(#9059)
|
||
- Fix JSONDecodeError spamming the logs when sending
|
||
transactions to remote servers. (#9070)
|
||
- Fix "Failed to send request" errors when a client provides an
|
||
invalid room alias. (#9071)
|
||
- Fix bugs in federation catchup logic that caused outbound
|
||
federation to be delayed for large servers after start up.
|
||
Introduced in v1.8.0 and v1.21.0. (#9114, #9116)
|
||
- Fix corruption of pushers data when a postgres bouncer is
|
||
used. (#9117)
|
||
- Fix minor bugs in handling the clientRedirectUrl parameter
|
||
for SSO login. (#9128)
|
||
- Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors
|
||
when .well-known files that are too large. (#9108)
|
||
- Fix "UnboundLocalError: local variable 'length' referenced
|
||
before assignment" errors when the response body exceeds the
|
||
expected size. This bug was introduced in v1.25.0. (#9145)
|
||
- Fix a long-standing bug "ValueError: invalid literal for
|
||
int() with base 10" when /publicRooms is requested with an
|
||
invalid server parameter. (#9161)
|
||
- Improved Documentation
|
||
- Add some extra docs for getting Synapse running on macOS.
|
||
(#8997)
|
||
- Correct a typo in the systemd-with-workers documentation.
|
||
(#9035)
|
||
- Correct a typo in INSTALL.md. (#9040)
|
||
- Add missing user_mapping_provider configuration to the
|
||
Keycloak OIDC example. Contributed by @chris-ruecker. (#9057)
|
||
- Quote pip install packages when extras are used to avoid
|
||
shells interpreting bracket characters. (#9151)
|
||
- Deprecations and Removals
|
||
- Remove broken and unmaintained demo/webserver.py script.
|
||
(#9039)
|
||
- Internal Changes
|
||
- Add an oidc- prefix to any idp_ids which are given in the
|
||
oidc_providers configuration. (#9189)
|
||
- Bump minimum psycopg2 version to v2.8. (#9204)
|
||
- Improve efficiency of large state resolutions. (#8868, #9029,
|
||
#9115, #9118, #9124)
|
||
- Various clean-ups to the structured logging and logging
|
||
context code. (#8939)
|
||
- Ensure rejected events get added to some metadata tables.
|
||
(#9016)
|
||
- Ignore date-rotated homeserver logs saved to disk. (#9018)
|
||
- Remove an unused column from access_tokens table. (#9025)
|
||
- Add a -noextras factor to tox.ini, to support running the
|
||
tests with no optional dependencies. (#9030)
|
||
- Fix running unit tests when optional dependencies are not
|
||
installed. (#9031)
|
||
- Allow bumping schema version when using split out state
|
||
database. (#9033)
|
||
- Configure the linters to run on a consistent set of files.
|
||
(#9038)
|
||
- Various cleanups to device inbox store. (#9041)
|
||
- Drop unused database tables. (#9055)
|
||
- Remove unused SynapseService class. (#9058)
|
||
- Remove unnecessary declarations in the tests for the admin
|
||
API. (#9063)
|
||
- Remove SynapseRequest.get_user_agent. (#9069)
|
||
- Remove redundant Homeserver.get_ip_from_request method.
|
||
(#9080)
|
||
- Add type hints to media repository. (#9093)
|
||
- Fix the wrong arguments being passed to
|
||
BlacklistingAgentWrapper from MatrixFederationAgent.
|
||
Contributed by Timothy Leung. (#9098)
|
||
- Reduce the scope of caught exceptions in
|
||
BlacklistingAgentWrapper. (#9106)
|
||
- Improve UsernamePickerTestCase. (#9112)
|
||
- Remove dependency on distutils. (#9125)
|
||
- Enforce that replication HTTP clients are called with keyword
|
||
arguments only. (#9144)
|
||
- Fix the Python 3.5 / old dependencies build in CI. (#9146)
|
||
- Replace the old perspectives option in the Synapse docker
|
||
config file template with trusted_key_servers. (#9157)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 25 09:28:42 UTC 2021 - Ben Greiner <code@bnavigator.de>
|
||
|
||
- Remove python singlespec macro usage: This package only builds
|
||
against the primary python3 flavor. No need to pull in and expand
|
||
legacy python36
|
||
- Remove Leap 42 python2 handling in matrix-synapse-test.spec
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 13 12:28:54 UTC 2021 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.25.0
|
||
Ending Support for Python 3.5 and Postgres 9.5 With this release,
|
||
the Synapse team is announcing a formal deprecation policy for
|
||
our platform dependencies, like Python and PostgreSQL:
|
||
|
||
All future releases of Synapse will follow the upstream
|
||
end-of-life schedules.
|
||
|
||
Which means:
|
||
|
||
This is the last release which guarantees support for Python 3.5.
|
||
We will end support for PostgreSQL 9.5 early next month. We will
|
||
end support for Python 3.6 and PostgreSQL 9.6 near the end of the
|
||
year. Crucially, this means we will not produce .deb packages
|
||
for Debian 9 (Stretch) or Ubuntu 16.04 (Xenial) beyond the
|
||
transition period described below.
|
||
|
||
The website https://endoflife.date/ has convenient summaries of
|
||
the support schedules for projects like Python and PostgreSQL.
|
||
|
||
If you are unable to upgrade your environment to a supported
|
||
version of Python or Postgres, we encourage you to consider using
|
||
the Synapse Docker images instead.
|
||
|
||
Transition Period We will make a good faith attempt to avoid
|
||
breaking compatibility in all releases through the end of March
|
||
2021. However, critical security vulnerabilities in dependencies
|
||
or other unanticipated circumstances may arise which necessitate
|
||
breaking compatibility earlier.
|
||
|
||
We intend to continue producing .deb packages for Debian 9
|
||
(Stretch) and Ubuntu 16.04 (Xenial) through the transition
|
||
period.
|
||
|
||
Removal warning The old Purge Room API and Shutdown Room API are
|
||
deprecated and will be removed in a future release. They will be
|
||
replaced by the Delete Room APIe
|
||
|
||
POST /_synapse/admin/v1/rooms/<room_id>/delete replaces
|
||
POST /_synapse/admin/v1/purge_room and
|
||
POST /_synapse/admin/v1/shutdown_room/<room_id>.
|
||
|
||
- Features
|
||
- Add an admin API that lets server admins get power in rooms
|
||
in which local users have power. (#8756)
|
||
- Add optional HTTP authentication to replication endpoints.
|
||
(#8853)
|
||
- Improve the error messages printed as a result of
|
||
configuration problems for extension modules. (#8874)
|
||
- Add the number of local devices to Room Details Admin API.
|
||
Contributed by @dklimpel. (#8886)
|
||
- Add X-Robots-Tag header to stop web crawlers from indexing
|
||
media. Contributed by Aaron Raimist. (#8887)
|
||
- Spam-checkers may now define their methods as async. (#8890)
|
||
- Add support for allowing users to pick their own user ID
|
||
during a single-sign-on login. (#8897, #8900, #8911, #8938,
|
||
#8941, #8942, #8951)
|
||
- Add an email.invite_client_location configuration option to
|
||
send a web client location to the invite endpoint on the
|
||
identity server which allows customisation of the email
|
||
template. (#8930)
|
||
- The search term in the list room and list user Admin APIs is
|
||
now treated as case-insensitive. (#8931)
|
||
- Apply an IP range blacklist to push and key revocation
|
||
requests. (#8821, #8870, #8954)
|
||
- Add an option to allow re-use of user-interactive
|
||
authentication sessions for a period of time. (#8970)
|
||
- Allow running the redact endpoint on workers. (#8994)
|
||
- Bugfixes
|
||
- Fix HTTP proxy support when using a proxy that is on a
|
||
blacklisted IP. Introduced in v1.25.0rc1. Contributed by
|
||
@Bubu. (#9084)
|
||
- Fix bug where we might not correctly calculate the current
|
||
state for rooms with multiple extremities. (#8827)
|
||
- Fix a long-standing bug in the register admin endpoint
|
||
(/_synapse/admin/v1/register) when the mac field was not
|
||
provided. The endpoint now properly returns a 400 error.
|
||
Contributed by @edwargix. (#8837)
|
||
- Fix a long-standing bug on Synapse instances supporting
|
||
Single-Sign-On, where users would be prompted to enter their
|
||
password to confirm certain actions, even though they have
|
||
not set a password. (#8858)
|
||
- Fix a longstanding bug where a 500 error would be returned if
|
||
the Content-Length header was not provided to the upload
|
||
media resource. (#8862)
|
||
- Add additional validation to pusher URLs to be compliant with
|
||
the specification. (#8865)
|
||
- Fix the error code that is returned when a user tries to
|
||
register on a homeserver on which new-user registration has
|
||
been disabled. (#8867)
|
||
- Fix a bug where PUT /_synapse/admin/v2/users/<user_id> failed
|
||
to create a new user when avatar_url is specified. Bug
|
||
introduced in Synapse v1.9.0. (#8872)
|
||
- Fix a 500 error when attempting to preview an empty HTML
|
||
file. (#8883)
|
||
- Fix occasional deadlock when handling SIGHUP. (#8918)
|
||
- Fix login API to not ratelimit application services that have
|
||
ratelimiting disabled. (#8920)
|
||
- Fix bug where we ratelimited auto joining of rooms on
|
||
registration (using auto_join_rooms config). (#8921)
|
||
- Fix a bug where deactivated users appeared in the user
|
||
directory when their profile information was updated. (#8933,
|
||
#8964)
|
||
- Fix bug introduced in Synapse v1.24.0 which would cause an
|
||
exception on startup if both enabled and localdb_enabled were
|
||
set to False in the password_config setting of the
|
||
configuration file. (#8937)
|
||
- Fix a bug where 500 errors would be returned if the
|
||
m.room_history_visibility event had invalid content. (#8945)
|
||
- Fix a bug causing common English words to not be considered
|
||
for a user directory search. (#8959)
|
||
- Fix bug where application services couldn't register new
|
||
ghost users if the server had reached its MAU limit. (#8962)
|
||
- Fix a long-standing bug where a m.image event without a url
|
||
would cause errors on push. (#8965)
|
||
- Fix a small bug in v2 state resolution algorithm, which could
|
||
also cause performance issues for rooms with large numbers of
|
||
power levels. (#8971)
|
||
- Add validation to the sendToDevice API to raise a missing
|
||
parameters error instead of a 500 error. (#8975)
|
||
- Add validation of group IDs to raise a 400 error instead of a
|
||
500 eror. (#8977)
|
||
- Improved Documentation
|
||
- Fix the "Event persist rate" section of the included grafana
|
||
dashboard by adding missing prometheus rules. (#8802)
|
||
- Combine related media admin API docs. (#8839)
|
||
- Fix an error in the documentation for the SAML username
|
||
mapping provider. (#8873)
|
||
- Clarify comments around template directories in
|
||
sample_config.yaml. (#8891)
|
||
- Moved instructions for database setup, adjusted heading
|
||
levels and improved syntax highlighting in INSTALL.md.
|
||
Contributed by fossterer. (#8987)
|
||
- Update the example value of group_creation_prefix in the
|
||
sample configuration. (#8992)
|
||
- Link the Synapse developer room to the development section in
|
||
the docs. (#9002)
|
||
- Deprecations and Removals
|
||
- Deprecate Shutdown Room and Purge Room Admin APIs. (#8829)
|
||
- Internal Changes
|
||
- Properly store the mapping of external ID to Matrix ID for
|
||
CAS users. (#8856, #8958)
|
||
- Remove some unnecessary stubbing from unit tests. (#8861)
|
||
- Remove unused FakeResponse class from unit tests. (#8864)
|
||
- Pass room_id to get_auth_chain_difference. (#8879)
|
||
- Add type hints to push module. (#8880, #8882, #8901, #8940,
|
||
#8943, #9020)
|
||
- Simplify logic for handling user-interactive-auth via
|
||
single-sign-on servers. (#8881)
|
||
- Skip the SAML tests if the requirements (pysaml2 and xmlsec1)
|
||
aren't available. (#8905)
|
||
- Fix multiarch docker image builds. (#8906)
|
||
- Don't publish latest docker image until all archs are built.
|
||
(#8909)
|
||
- Various clean-ups to the structured logging and logging
|
||
context code. (#8916, #8935)
|
||
- Automatically drop stale forward-extremities under some
|
||
specific conditions. (#8929)
|
||
- Refactor test utilities for injecting HTTP requests. (#8946)
|
||
- Add a maximum size of 50 kilobytes to .well-known lookups.
|
||
(#8950)
|
||
- Fix bug in generate_log_config script which made it write
|
||
empty files. (#8952)
|
||
- Clean up tox.ini file; disable coverage checking for non-test
|
||
runs. (#8963)
|
||
- Add type hints to the admin and room list handlers. (#8973)
|
||
- Add type hints to the receipts and user directory handlers.
|
||
(#8976)
|
||
- Drop the unused local_invites table. (#8979)
|
||
- Add type hints to the base storage code. (#8980)
|
||
- Support using PyJWT v2.0.0 in the test suite. (#8986)
|
||
- Fix tests.federation.transport.RoomDirectoryFederationTests
|
||
and ensure it runs in CI. (#8998)
|
||
- Add type hints to the crypto module. (#8999)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 9 11:34:37 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.24.0
|
||
|
||
Due to the two security issues highlighted below, server
|
||
administrators are encouraged to update Synapse. We are not aware
|
||
of these vulnerabilities being exploited in the wild.
|
||
|
||
- Security
|
||
- There is a denial of service attack (CVE-2020-26257) against
|
||
the federation APIs in which future events will not be
|
||
correctly sent to other servers over federation. This affects
|
||
all servers that participate in open federation. (Fixed in
|
||
#8776).
|
||
- Synapse may be affected by OpenSSL CVE-2020-1971.
|
||
Synapse administrators should ensure that they have the
|
||
latest versions of the cryptography Python package installed.
|
||
- Features
|
||
- Add admin API for logging in as a user. (#8617)
|
||
- Allow specification of the SAML IdP if the metadata returns
|
||
multiple IdPs. (#8630)
|
||
- Add support for re-trying generation of a localpart for
|
||
OpenID Connect mapping providers. (#8801, #8855)
|
||
- Allow the Date header through CORS. Contributed by Nicolas
|
||
Chamo. (#8804)
|
||
- Add a config option, push.group_by_unread_count, which
|
||
controls whether unread message counts in push notifications
|
||
are defined as "the number of rooms with unread messages" or
|
||
"total unread messages". (#8820)
|
||
- Add force_purge option to delete-room admin api. (#8843)
|
||
- Bugfixes
|
||
- Fix a regression in v1.24.0rc1 which failed to allow SAML
|
||
mapping providers which were unable to redirect users to an
|
||
additional page. (#8878)
|
||
- Fix a bug where appservices may be sent an excessive amount
|
||
of read receipts and presence. Broke in v1.22.0. (#8744)
|
||
- Fix a bug in some federation APIs which could lead to
|
||
unexpected behaviour if different parameters were set in the
|
||
URI and the request body. (#8776)
|
||
- Fix a bug where synctl could spawn duplicate copies of a
|
||
worker. Contributed by Waylon Cude. (#8798)
|
||
- Allow per-room profiles to be used for the server notice
|
||
user. (#8799)
|
||
- Fix a bug where logging could break after a call to SIGHUP.
|
||
(#8817)
|
||
- Fix register_new_matrix_user failing with "Bad Request" when
|
||
trailing slash is included in server URL. Contributed by
|
||
@angdraug. (#8823)
|
||
- Fix a minor long-standing bug in login, where we would offer
|
||
the password login type if a custom auth provider supported
|
||
it, even if password login was disabled. (#8835)
|
||
- Fix a long-standing bug which caused Synapse to require
|
||
unspecified parameters during user-interactive
|
||
authentication. (#8848)
|
||
- Fix a bug introduced in v1.20.0 where the user-agent and IP
|
||
address reported during user registration for CAS, OpenID
|
||
Connect, and SAML were of the wrong form. (#8784)
|
||
- Improved Documentation
|
||
- Clarify the usecase for a msisdn delegate. Contributed by
|
||
Adrian Wannenmacher. (#8734)
|
||
- Remove extraneous comma from JSON example in User Admin API
|
||
docs. (#8771)
|
||
- Update turn-howto.md with troubleshooting notes. (#8779)
|
||
- Fix the example on how to set the Content-Type header in
|
||
nginx for the Client Well-Known URI. (#8793)
|
||
- Improve the documentation for the admin API to list all media
|
||
in a room with respect to encrypted events. (#8795)
|
||
- Update the formatting of the push section of the homeserver
|
||
config file to better align with the code style guidelines.
|
||
(#8818)
|
||
- Improve documentation how to configure prometheus for
|
||
workers. (#8822)
|
||
- Update example prometheus console. (#8824)
|
||
- Deprecations and Removals
|
||
- Remove old /_matrix/client/*/admin endpoints which were
|
||
deprecated since Synapse 1.20.0. (#8785)
|
||
- Disable pretty printing JSON responses for curl. Users who
|
||
want pretty-printed output should use jq in combination with
|
||
curl. Contributed by @tulir. (#8833)
|
||
- Internal Changes
|
||
- Add a maximum version for pysaml2 on Python 3.5. (#8898)
|
||
- Add support for the prometheus_client newer than 0.9.0.
|
||
Contributed by Jordan Bancino. (#8875)
|
||
- Simplify the way the HomeServer object caches its internal
|
||
attributes. (#8565, #8851)
|
||
- Add an example and documentation for clock skew to the SAML2
|
||
sample configuration to allow for clock/time difference
|
||
between the homserver and IdP. Contributed by @localguru.
|
||
(#8731)
|
||
- Generalise RoomMemberHandler._locally_reject_invite to apply
|
||
to more flows than just invite. (#8751)
|
||
- Generalise RoomStore.maybe_store_room_on_invite to handle
|
||
other, non-invite membership events. (#8754)
|
||
- Refactor test utilities for injecting HTTP requests. (#8757,
|
||
#8758, #8759, #8760, #8761, #8777)
|
||
- Consolidate logic between the OpenID Connect and SAML code.
|
||
(#8765)
|
||
- Use TYPE_CHECKING instead of magic MYPY variable. (#8770)
|
||
- Add a commandline script to sign arbitrary json objects.
|
||
(#8772)
|
||
- Minor log line improvements for the SSO mapping code used to
|
||
generate Matrix IDs from SSO IDs. (#8773)
|
||
- Add additional error checking for OpenID Connect and SAML
|
||
mapping providers. (#8774, #8800)
|
||
- Add type hints to HTTP abstractions. (#8806, #8812)
|
||
- Remove unnecessary function arguments and add typing to
|
||
several membership replication classes. (#8809)
|
||
- Optimise the lookup for an invite from another homeserver
|
||
when trying to reject it. (#8815)
|
||
- Add tests for password_auth_providers. (#8819)
|
||
- Drop redundant database index on event_json. (#8845)
|
||
- Simplify uk.half-shot.msc2778.login.application_service login
|
||
handler. (#8847)
|
||
- Refactor password_auth_provider support code. (#8849)
|
||
- Add missing ordering to background database updates. (#8850)
|
||
- Allow for specifying a room version when creating a room in
|
||
unit tests via RestHelper.create_room_as. (#8854)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 18 13:59:26 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.23.0
|
||
This release changes the way structured logging is configured.
|
||
See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.
|
||
|
||
Note: We are aware of a trivially exploitable denial of service
|
||
vulnerability in versions of Synapse prior to 1.20.0. Complete
|
||
details will be disclosed on Monday, November 23rd. If you have
|
||
not upgraded recently, please do so.
|
||
|
||
- Features
|
||
- Add a push rule that highlights when a jitsi conference is
|
||
created in a room. (#8286)
|
||
- Add an admin api to delete a single file or files that were
|
||
not used for a defined time from server. Contributed by
|
||
@dklimpel. (#8519)
|
||
- Split admin API for reported events (GET
|
||
/_synapse/admin/v1/event_reports) into detail and list
|
||
endpoints. This is a breaking change to #8217 which was
|
||
introduced in Synapse v1.21.0. Those who already use this API
|
||
should check their scripts. Contributed by @dklimpel. (#8539)
|
||
- Support generating structured logs via the standard logging
|
||
configuration. (#8607, #8685)
|
||
- Add an admin API to allow server admins to list users'
|
||
pushers. Contributed by @dklimpel. (#8610, #8689)
|
||
- Add an admin API GET /_synapse/admin/v1/users/<user_id>/media
|
||
to get information about uploaded media. Contributed by
|
||
@dklimpel. (#8647)
|
||
- Add an admin API for local user media statistics. Contributed
|
||
by @dklimpel. (#8700)
|
||
- Add displayname to Shared-Secret Registration for admins.
|
||
(#8722)
|
||
- Bugfixes
|
||
- Fix fetching of E2E cross signing keys over federation when
|
||
only one of the master key and device signing key is cached
|
||
already. (#8455)
|
||
- Fix a bug where Synapse would blindly forward bad responses
|
||
from federation to clients when retrieving profile
|
||
information. (#8580)
|
||
- Fix a bug where the account validity endpoint would silently
|
||
fail if the user ID did not have an expiration time. It now
|
||
returns a 400 error. (#8620)
|
||
- Fix email notifications for invites without local state.
|
||
(#8627)
|
||
- Fix handling of invalid group IDs to return a 400 rather than
|
||
log an exception and return a 500. (#8628)
|
||
- Fix handling of User-Agent headers that are invalid UTF-8,
|
||
which caused user agents of users to not get correctly
|
||
recorded. (#8632)
|
||
- Fix a bug in the joined_rooms admin API if the user has never
|
||
joined any rooms. The bug was introduced, along with the API,
|
||
in v1.21.0. (#8643)
|
||
- Fix exception during handling multiple concurrent requests
|
||
for remote media when using multiple media repositories.
|
||
(#8682)
|
||
- Fix bug that prevented Synapse from recovering after losing
|
||
connection to the database. (#8726)
|
||
- Fix bug where the /_synapse/admin/v1/send_server_notice API
|
||
could send notices to non-notice rooms. (#8728)
|
||
- Fix PostgreSQL port script fails when DB has no backfilled
|
||
events. Broke in v1.21.0. (#8729)
|
||
- Fix PostgreSQL port script to correctly handle foreign key
|
||
constraints. Broke in v1.21.0. (#8730)
|
||
- Fix PostgreSQL port script so that it can be run again after
|
||
a failure. Broke in v1.21.0. (#8755)
|
||
- Improved Documentation
|
||
- Instructions for Azure AD in the OpenID Connect
|
||
documentation. Contributed by peterk. (#8582)
|
||
- Improve the sample configuration for single sign-on
|
||
providers. (#8635)
|
||
- Fix the filepath of Dex's example config and the link to
|
||
Dex's Getting Started guide in the OpenID Connect docs.
|
||
(#8657)
|
||
- Note support for Python 3.9. (#8665)
|
||
- Minor updates to docs on running tests. (#8666)
|
||
- Interlink prometheus/grafana documentation. (#8667)
|
||
- Notes on SSO logins and media_repository worker. (#8701)
|
||
- Document experimental support for running multiple event
|
||
persisters. (#8706)
|
||
- Add information regarding the various sources of, and
|
||
expected contributions to, Synapse's documentation to
|
||
CONTRIBUTING.md. (#8714)
|
||
- Migrate documentation docs/admin_api/event_reports to
|
||
markdown. (#8742)
|
||
- Add some helpful hints to the README for new Synapse
|
||
developers. Contributed by @chagai95. (#8746)
|
||
- Internal Changes
|
||
- Optimise /createRoom with multiple invited users. (#8559)
|
||
- Implement and use an `@lru_cache` decorator. (#8595)
|
||
- Don't instansiate Requester directly. (#8614)
|
||
- Type hints for RegistrationStore. (#8615)
|
||
- Change schema to support access tokens belonging to one user
|
||
but granting access to another. (#8616)
|
||
- Remove unused OPTIONS handlers. (#8621)
|
||
- Run mypy as part of the lint.sh script. (#8633)
|
||
- Correct Synapse's PyPI package name in the OpenID Connect
|
||
installation instructions. (#8634)
|
||
- Catch exceptions during initialization of password_providers.
|
||
Contributed by Nicolai Søborg. (#8636)
|
||
- Fix typos and spelling errors in the code. (#8639)
|
||
- Reduce number of OpenTracing spans started. (#8640, #8668,
|
||
#8670)
|
||
- Add field total to device list in admin API. (#8644)
|
||
- Add more type hints to the application services code. (#8655,
|
||
#8693)
|
||
- Tell Black to format code for Python 3.5. (#8664)
|
||
- Don't pull event from DB when handling replication traffic.
|
||
(#8669)
|
||
- Abstract some invite-related code in preparation for landing
|
||
knocking. (#8671, #8688)
|
||
- Clarify representation of events in logfiles. (#8679)
|
||
- Don't require hiredis package to be installed to run unit
|
||
tests. (#8680)
|
||
- Fix typing info on cache call signature to accept
|
||
on_invalidate. (#8684)
|
||
- Fail tests if they do not await coroutines. (#8690)
|
||
- Improve start time by adding an index to
|
||
e2e_cross_signing_keys.stream_id. (#8694)
|
||
- Re-organize the structured logging code to separate the TCP
|
||
transport handling from the JSON formatting. (#8697)
|
||
- Use Python 3.8 in Docker images by default. (#8698)
|
||
- Remove the "draft" status of the Room Details Admin API.
|
||
(#8702)
|
||
- Improve the error returned when a non-string displayname or
|
||
avatar_url is used when updating a user's profile. (#8705)
|
||
- Block attempts by clients to send server ACLs, or redactions
|
||
of server ACLs, that would result in the local server being
|
||
blocked from the room. (#8708)
|
||
- Add metrics the allow the local sysadmin to track 3PID
|
||
/requestToken requests. (#8712)
|
||
- Consolidate duplicated lists of purged tables that are
|
||
checked in tests. (#8713)
|
||
- Add some mdui:UIInfo element examples for saml2_config in the
|
||
homeserver config. (#8718)
|
||
- Improve the error message returned when a remote server
|
||
incorrectly sets the Content-Type header in response to a
|
||
JSON request. (#8719)
|
||
- Speed up repeated state resolutions on the same room by
|
||
caching event ID to auth event ID lookups. (#8752)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 30 16:04:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.22.1
|
||
- Fix a bug where an appservice may not be forwarded events for a
|
||
room it was recently invited to. Broke in v1.22.0. (#8676)
|
||
- Fix Object of type frozendict is not JSON serializable
|
||
exceptions when using third-party event rules. Broke in
|
||
v1.22.0. (#8678)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Oct 27 12:19:54 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.22.0
|
||
- Features
|
||
- Add a configuration option for always using the "userinfo
|
||
endpoint" for OpenID Connect. This fixes support for some
|
||
identity providers, e.g. GitLab. Contributed by Benjamin
|
||
Koch. (#7658)
|
||
- Add ability for ThirdPartyEventRules modules to query and
|
||
manipulate whether a room is in the public rooms directory.
|
||
(#8292, #8467)
|
||
- Add support for olm fallback keys (MSC2732). (#8312, #8501)
|
||
- Add support for running background tasks in a separate worker
|
||
process. (#8369, #8458, #8489, #8513, #8544, #8599)
|
||
- Add support for device dehydration (MSC2697). (#8380)
|
||
- Add support for MSC2409, which allows sending typing, read
|
||
receipts, and presence events to appservices. (#8437, #8590)
|
||
- Change default room version to "6", per MSC2788. (#8461)
|
||
- Add the ability to send non-membership events into a room via
|
||
the ModuleApi. (#8479)
|
||
- Increase default upload size limit from 10M to 50M.
|
||
Contributed by @Akkowicz. (#8502)
|
||
- Add support for modifying event content in ThirdPartyRules
|
||
modules. (#8535, #8564)
|
||
- Bugfixes
|
||
- Fix bugs where ephemeral events were not sent to appservices.
|
||
Broke in v1.22.0rc1. (#8648, #8656)
|
||
- Fix user_daily_visits table to not have duplicate rows per
|
||
user/device due to multiple user agents. Broke in v1.22.0rc1.
|
||
(#8654)
|
||
- Fix a longstanding bug where invalid ignored users in account
|
||
data could break clients. (#8454)
|
||
- Fix a bug where backfilling a room with an event that was
|
||
missing the redacts field would break. (#8457)
|
||
- Don't attempt to respond to some requests if the client has
|
||
already disconnected. (#8465)
|
||
- Fix message duplication if something goes wrong after
|
||
persisting the event. (#8476)
|
||
- Fix incremental sync returning an incorrect prev_batch token
|
||
in timeline section, which when used to paginate returned
|
||
events that were included in the incremental sync. Broken
|
||
since v0.16.0. (#8486)
|
||
- Expose the uk.half-shot.msc2778.login.application_service to
|
||
clients from the login API. This feature was added in
|
||
v1.21.0, but was not exposed as a potential login flow.
|
||
(#8504)
|
||
- Fix error code for /profile/{userId}/displayname to be
|
||
M_BAD_JSON. (#8517)
|
||
- Fix a bug introduced in v1.7.0 that could cause Synapse to
|
||
insert values from non-state m.room.retention events into the
|
||
room_retention database table. (#8527)
|
||
- Fix not sending events over federation when using sharded
|
||
event writers. (#8536)
|
||
- Fix a long standing bug where email notifications for
|
||
encrypted messages were blank. (#8545)
|
||
- Fix increase in the number of There was no active span...
|
||
errors logged when using OpenTracing. (#8567)
|
||
- Fix a bug that prevented errors encountered during execution
|
||
of the synapse_port_db from being correctly printed. (#8585)
|
||
- Fix appservice transactions to only include a maximum of 100
|
||
persistent and 100 ephemeral events. (#8606)
|
||
- Updates to the Docker image
|
||
- Added multi-arch support (arm64,arm/v7) for the docker
|
||
images. Contributed by @maquis196. (#7921)
|
||
- Add support for passing commandline args to the synapse
|
||
process. Contributed by @samuel-p. (#8390)
|
||
- Improved Documentation
|
||
- Update the directions for using the manhole with coroutines.
|
||
(#8462)
|
||
- Improve readme by adding new shield.io badges. (#8493)
|
||
- Added note about docker in manhole.md regarding which ip
|
||
address to bind to. Contributed by @maquis196. (#8526)
|
||
- Document the new behaviour of the allowed_lifetime_min and
|
||
allowed_lifetime_max settings in the room retention
|
||
configuration. (#8529)
|
||
- Deprecations and Removals
|
||
- Drop unused device_max_stream_id table. (#8589)
|
||
- Internal Changes
|
||
- Check for unreachable code with mypy. (#8432)
|
||
- Add unit test for event persister sharding. (#8433)
|
||
- Allow events to be sent to clients sooner when using sharded
|
||
event persisters. (#8439, #8488, #8496, #8499)
|
||
- Configure public_baseurl when using demo scripts. (#8443)
|
||
- Add SQL logging on queries that happen during startup.
|
||
(#8448)
|
||
- Speed up unit tests when using PostgreSQL. (#8450)
|
||
- Remove redundant database loads of stream_ordering for events
|
||
we already have. (#8452)
|
||
- Reduce inconsistencies between codepaths for membership and
|
||
non-membership events. (#8463)
|
||
- Combine SpamCheckerApi with the more generic ModuleApi.
|
||
(#8464)
|
||
- Additional testing for ThirdPartyEventRules. (#8468)
|
||
- Add -d option to ./scripts-dev/lint.sh to lint files that
|
||
have changed since the last git commit. (#8472)
|
||
- Unblacklist some sytests. (#8474)
|
||
- Include the log level in the phone home stats. (#8477)
|
||
- Remove outdated sphinx documentation, scripts and
|
||
configuration. (#8480)
|
||
- Clarify error message when plugin config parsers raise an
|
||
error. (#8492)
|
||
- Remove the deprecated Handlers object. (#8494)
|
||
- Fix a threadsafety bug in unit tests. (#8497)
|
||
- Add user agent to user_daily_visits table. (#8503)
|
||
- Add type hints to various parts of the code base. (#8407,
|
||
#8505, #8507, #8547, #8562, #8609)
|
||
- Remove unused code from the test framework. (#8514)
|
||
- Apply some internal fixes to the HomeServer class to make its
|
||
code more idiomatic and statically-verifiable. (#8515)
|
||
- Factor out common code between
|
||
RoomMemberHandler._locally_reject_invite and
|
||
EventCreationHandler.create_event. (#8537)
|
||
- Improve database performance by executing more queries
|
||
without starting transactions. (#8542)
|
||
- Rename Cache to DeferredCache, to better reflect its purpose.
|
||
(#8548)
|
||
- Move metric registration code down into LruCache. (#8561,
|
||
#8591)
|
||
- Replace DeferredCache with the lighter-weight LruCache where
|
||
possible. (#8563)
|
||
- Add virtualenv-generated folders to .gitignore. (#8566)
|
||
- Add get_immediate method to DeferredCache. (#8568)
|
||
- Fix mypy not properly checking across the codebase,
|
||
additionally, fix a typing assertion error in
|
||
handlers/auth.py. (#8569)
|
||
- Fix synmark benchmark runner. (#8571)
|
||
- Modify DeferredCache.get() to return Deferreds instead of
|
||
ObservableDeferreds. (#8572)
|
||
- Adjust a protocol-type definition to fit sqlite3 assertions.
|
||
(#8577)
|
||
- Support macOS on the synmark benchmark runner. (#8578)
|
||
- Update mypy static type checker to 0.790. (#8583, #8600)
|
||
- Re-organize the structured logging code to separate the TCP
|
||
transport handling from the JSON formatting. (#8587)
|
||
- Remove extraneous unittest logging decorators from unit
|
||
tests. (#8592)
|
||
- Minor optimisations in caching code. (#8593, #8594)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 15 17:16:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- prepare to support more optional features in the buildrequires
|
||
(oidc/redis). failing atm due to missing libraries
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 15 16:45:55 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.21.2
|
||
- Security advisory
|
||
- HTML pages served via Synapse were vulnerable to cross-site
|
||
scripting (XSS) attacks. All server administrators are
|
||
encouraged to upgrade. (#8444) (CVE-2020-26891)
|
||
- This fix was originally included in v1.21.0 but was missing a
|
||
security advisory. This was reported by Denis Kasak.
|
||
- Bugfixes
|
||
- Fix rare bug where sending an event would fail due to a racey
|
||
assertion. (#8530)
|
||
- An updated version of the authlib dependency is included in
|
||
the Docker and Debian images to fix an issue using OpenID
|
||
Connect. See #8534 for details.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 14 16:09:43 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.21.1
|
||
This release fixes a regression in v1.21.0 that prevented debian
|
||
packages from being built. It is otherwise identical to v1.21.0.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Oct 12 17:08:13 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.21.0
|
||
- Features
|
||
- Convert additional templates from inline HTML to Jinja2
|
||
templates. (#8444)
|
||
- Require the user to confirm that their password should be
|
||
reset after clicking the email confirmation link. (#8004)
|
||
- Add an admin API GET /_synapse/admin/v1/event_reports to read
|
||
entries of table event_reports. Contributed by @dklimpel.
|
||
(#8217)
|
||
- Consolidate the SSO error template across all configuration.
|
||
(#8248, #8405)
|
||
- Add a configuration option to specify a whitelist of domains
|
||
that a user can be redirected to after validating their email
|
||
or phone number. (#8275, #8417)
|
||
- Add experimental support for sharding event persister.
|
||
(#8294, #8387, #8396, #8419)
|
||
- Add the room topic and avatar to the room details admin API.
|
||
(#8305)
|
||
- Add an admin API for querying rooms where a user is a member.
|
||
Contributed by @dklimpel. (#8306)
|
||
- Add uk.half-shot.msc2778.login.application_service login type
|
||
to allow appservices to login. (#8320)
|
||
- Add a configuration option that allows existing users to log
|
||
in with OpenID Connect. Contributed by @BBBSnowball and
|
||
@OmmyZhang. (#8345)
|
||
- Add prometheus metrics for replication requests. (#8406)
|
||
- Support passing additional single sign-on parameters to the
|
||
client. (#8413)
|
||
- Add experimental reporting of metrics on expensive rooms for
|
||
state-resolution. (#8420)
|
||
- Add experimental prometheus metric to track numbers of
|
||
"large" rooms for state resolutiom. (#8425)
|
||
- Add prometheus metrics to track federation delays. (#8430)
|
||
- Bugfixes
|
||
- Fix duplication of events on high traffic servers, caused by
|
||
PostgreSQL could not serialize access due to concurrent
|
||
update errors. (#8456)
|
||
- Fix a regression in v1.21.0rc1 which broke thumbnails of
|
||
remote media. (#8438)
|
||
- Do not expose the experimental
|
||
uk.half-shot.msc2778.login.application_service flow in the
|
||
login API, which caused a compatibility problem with Element
|
||
iOS. (#8440)
|
||
- Fix malformed log line in new federation "catch up" logic.
|
||
(#8442)
|
||
- Fix DB query on startup for negative streams which caused
|
||
long start up times. Introduced in #8374. (#8447)
|
||
- Fix a bug in the media repository where remote thumbnails
|
||
with the same size but different crop methods would overwrite
|
||
each other. Contributed by @deepbluev7. (#7124)
|
||
- Fix inconsistent handling of non-existent push rules, and
|
||
stop tracking the enabled state of removed push rules.
|
||
(#7796)
|
||
- Fix a longstanding bug when storing a media file with an
|
||
empty upload_name. (#7905)
|
||
- Fix messages not being sent over federation until an event is
|
||
sent into the same room. (#8230, #8247, #8258, #8272, #8322)
|
||
- Fix a longstanding bug where files that could not be
|
||
thumbnailed would result in an Internal Server Error. (#8236,
|
||
#8435)
|
||
- Upgrade minimum version of canonicaljson to version 1.4.0, to
|
||
fix an unicode encoding issue. (#8262)
|
||
- Fix longstanding bug which could lead to incomplete database
|
||
upgrades on SQLite. (#8265)
|
||
- Fix stack overflow when stderr is redirected to the logging
|
||
system, and the logging system encounters an error. (#8268)
|
||
- Fix a bug which cause the logging system to report errors, if
|
||
DEBUG was enabled and no context filter was applied. (#8278)
|
||
- Fix edge case where push could get delayed for a user until a
|
||
later event was pushed. (#8287)
|
||
- Fix fetching malformed events from remote servers. (#8324)
|
||
- Fix UnboundLocalError from occuring when appservices send a
|
||
malformed register request. (#8329)
|
||
- Don't send push notifications to expired user accounts.
|
||
(#8353)
|
||
- Fix a regression in v1.19.0 with reactivating users through
|
||
the admin API. (#8362)
|
||
- Fix a bug where during device registration the length of the
|
||
device name wasn't limited. (#8364)
|
||
- Include guest_access in the fields that are checked for null
|
||
bytes when updating room_stats_state. Broke in v1.7.2.
|
||
(#8373)
|
||
- Fix theoretical race condition where events are not sent down
|
||
/sync if the synchrotron worker is restarted without
|
||
restarting other workers. (#8374)
|
||
- Fix a bug which could cause errors in rooms with malformed
|
||
membership events, on servers using sqlite. (#8385)
|
||
- Fix "Re-starting finished log context" warning when receiving
|
||
an event we already had over federation. (#8398)
|
||
- Fix incorrect handling of timeouts on outgoing HTTP requests.
|
||
(#8400)
|
||
- Fix a regression in v1.20.0 in the synapse_port_db script
|
||
regarding the ui_auth_sessions_ips table. (#8410)
|
||
- Remove unnecessary 3PID registration check when resetting
|
||
password via an email address. Bug introduced in v0.34.0rc2.
|
||
(#8414)
|
||
- Improved Documentation
|
||
- Add /_synapse/client to the reverse proxy documentation.
|
||
(#8227)
|
||
- Add note to the reverse proxy settings documentation about
|
||
disabling Apache's mod_security2. Contributed by Julian
|
||
Fietkau (@jfietkau). (#8375)
|
||
- Improve description of server_name config option in
|
||
homserver.yaml. (#8415)
|
||
- Deprecations and Removals
|
||
- Drop support for prometheus_client older than 0.4.0. (#8426)
|
||
- Internal Changes
|
||
- Fix tests on distros which disable TLSv1.0. Contributed by
|
||
@danc86. (#8208)
|
||
- Simplify the distributor code to avoid unnecessary work.
|
||
(#8216)
|
||
- Remove the populate_stats_process_rooms_2 background job and
|
||
restore functionality to populate_stats_process_rooms.
|
||
(#8243)
|
||
- Clean up type hints for PaginationConfig. (#8250, #8282)
|
||
- Track the latest event for every destination and room for
|
||
catch-up after federation outage. (#8256)
|
||
- Fix non-user visible bug in implementation of
|
||
MultiWriterIdGenerator.get_current_token_for_writer. (#8257)
|
||
- Switch to the JSON implementation from the standard library.
|
||
(#8259)
|
||
- Add type hints to synapse.util.async_helpers. (#8260)
|
||
- Simplify tests that mock asynchronous functions. (#8261)
|
||
- Add type hints to StreamToken and RoomStreamToken classes.
|
||
(#8279)
|
||
- Change StreamToken.room_key to be a RoomStreamToken instance.
|
||
(#8281)
|
||
- Refactor notifier code to correctly use the max event stream
|
||
position. (#8288)
|
||
- Use slotted classes where possible. (#8296)
|
||
- Support testing the local Synapse checkout against the
|
||
Complement homeserver test suite. (#8317)
|
||
- Update outdated usages of metaclass to python 3 syntax.
|
||
(#8326)
|
||
- Move lint-related dependencies to package-extra field, update
|
||
CONTRIBUTING.md to utilise this. (#8330, #8377)
|
||
- Use the admin_patterns helper in additional locations.
|
||
(#8331)
|
||
- Fix test logging to allow braces in log output. (#8335)
|
||
- Remove __future__ imports related to Python 2 compatibility.
|
||
(#8337)
|
||
- Simplify super() calls to Python 3 syntax. (#8344)
|
||
- Fix bad merge from release-v1.20.0 branch to develop. (#8354)
|
||
- Factor out a _send_dummy_event_for_room method. (#8370)
|
||
- Improve logging of state resolution. (#8371)
|
||
- Add type annotations to SimpleHttpClient. (#8372)
|
||
- Refactor ID generators to use async with syntax. (#8383)
|
||
- Add EventStreamPosition type. (#8388)
|
||
- Create a mechanism for marking tests "logcontext clean".
|
||
(#8399)
|
||
- A pair of tiny cleanups in the federation request code.
|
||
(#8401)
|
||
- Add checks on startup that PostgreSQL sequences are
|
||
consistent with their associated tables. (#8402)
|
||
- Do not include appservice users when calculating the total
|
||
MAU for a server. (#8404)
|
||
- Typing fixes for synapse.handlers.federation. (#8422)
|
||
- Various refactors to simplify stream token handling. (#8423)
|
||
- Make stream token serializing/deserializing async. (#8427)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 24 19:02:21 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.20.1
|
||
- Bugfixes
|
||
- Fix a bug introduced in v1.20.0 which caused the
|
||
synapse_port_db script to fail. (#8386)
|
||
- Fix a bug introduced in v1.20.0 which caused variables to be
|
||
incorrectly escaped in Jinja2 templates. (#8394)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 18 16:29:17 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.20.0
|
||
- Removal warning
|
||
- Some older clients used a disallowed character (:) in the
|
||
client_secret parameter of various endpoints. The incorrect
|
||
behaviour was allowed for backwards compatibility, but is now
|
||
being removed from Synapse as most users have updated their
|
||
client. Further context can be found at #6766.
|
||
- Historically, the Synapse Admin API has been accessible under
|
||
the prefixes:
|
||
/_matrix/client/api/v1/admin,
|
||
/_matrix/client/unstable/admin,
|
||
/_matrix/client/r0/admin
|
||
/_synapse/admin
|
||
|
||
In a future release, we will be dropping support for
|
||
accessing Synapse's Admin API using the /_matrix/client/*
|
||
prefixes. This makes it easier for homeserver admins to lock
|
||
down external access to the Admin API endpoints.
|
||
- Features
|
||
- Add flags to the /versions endpoint for whether new rooms
|
||
default to using E2EE. (#8343)
|
||
- Add an endpoint to query your shared rooms with another user
|
||
as an implementation of MSC2666. (#7785)
|
||
- Iteratively encode JSON to avoid blocking the reactor.
|
||
(#8013, #8116)
|
||
- Add support for shadow-banning users (ignoring any message
|
||
send requests). (#8034, #8092, #8095, #8142, #8152, #8157,
|
||
#8158, #8176)
|
||
- Use the default template file when its equivalent is not
|
||
found in a custom template directory. (#8037, #8107, #8252)
|
||
- Add unread messages count to sync responses, as specified in
|
||
MSC2654. (#8059, #8254, #8270, #8274)
|
||
- Optimise /federation/v1/user/devices/ API by only returning
|
||
devices with encryption keys. (#8198)
|
||
- Bugfixes
|
||
- Fix rate limiting of federation /send requests. (#8342)
|
||
- Fix a longstanding bug where back pagination over federation
|
||
could get stuck if it failed to handle a received event.
|
||
(#8349)
|
||
- Partially mitigate bug where newly joined servers couldn't
|
||
get past events in a room when there is a malformed event.
|
||
(#8350)
|
||
- Fix joining rooms over federation that include malformed
|
||
events. (#8324)
|
||
- Fix a bug introduced in v1.20.0rc1 where the wrong exception
|
||
was raised when invalid JSON data is encountered. (#8291)
|
||
- Fix a bug introduced in v1.20.0rc1 causing some features
|
||
related to notifications to misbehave following the
|
||
implementation of unread counts. (#8280)
|
||
- Fix a memory leak by limiting the length of time that
|
||
messages will be queued for a remote server that has been
|
||
unreachable. (#7864)
|
||
- Fix Re-starting finished log context PUT-nnnn warning when
|
||
event persistence failed. (#8081)
|
||
- Synapse now correctly enforces the valid characters in the
|
||
client_secret parameter used in various endpoints. (#8101)
|
||
- Fix a bug introduced in v1.7.2 impacting message retention
|
||
policies that would allow federated homeservers to dictate a
|
||
retention period that's lower than the configured minimum
|
||
allowed duration in the configuration file. (#8104)
|
||
- Fix a long-standing bug where invalid JSON would be accepted
|
||
by Synapse. (#8106)
|
||
- Fix a bug introduced in Synapse v1.12.0 which could cause
|
||
/sync requests to fail with a 404 if you had a very old
|
||
outstanding room invite. (#8110)
|
||
- Return a proper error code when the rooms of an invalid group
|
||
are requested. (#8129)
|
||
- Fix a bug which could cause a leaked postgres connection if
|
||
synapse was set to daemonize. (#8131)
|
||
- Clarify the error code if a user tries to register with a
|
||
numeric ID. This bug was introduced in v1.15.0. (#8135)
|
||
- Fix a bug where appservices with ratelimiting disabled would
|
||
still be ratelimited when joining rooms. This bug was
|
||
introduced in v1.19.0. (#8139)
|
||
- Fix logging in via OpenID Connect with a provider that uses
|
||
integer user IDs. (#8190)
|
||
- Fix a longstanding bug where user directory updates could
|
||
break when unexpected profile data was included in events.
|
||
(#8223)
|
||
- Fix a longstanding bug where stats updates could break when
|
||
unexpected profile data was included in events. (#8226)
|
||
- Fix slow start times for large servers by removing a table
|
||
scan of the users table from startup code. (#8271)
|
||
- Improved Documentation
|
||
- Link to matrix-synapse-rest-password-provider in the password
|
||
provider documentation. (#8111)
|
||
- Updated documentation to note that Synapse does not follow
|
||
HTTP 308 redirects due to an upstream library not supporting
|
||
them. Contributed by Ryan Cole. (#8120)
|
||
- Explain better what GDPR-erased means when deactivating a
|
||
user. (#8189)
|
||
- Internal Changes
|
||
- Blacklist MSC2753 SyTests until it is implemented. (#8285)
|
||
- Add filter name to the /users admin API, which filters by
|
||
user ID or displayname. Contributed by Awesome Technologies
|
||
Innovationslabor GmbH. (#7377, #8163)
|
||
- Reduce run times of some unit tests by advancing the reactor
|
||
a fewer number of times. (#7757)
|
||
- Don't fail /submit_token requests on incorrect session ID if
|
||
request_token_inhibit_3pid_errors is turned on. (#7991)
|
||
- Convert various parts of the codebase to async/await. (#8071,
|
||
#8072, #8074, #8075, #8076, #8087, #8100, #8119, #8121,
|
||
#8133, #8156, #8162, #8166, #8168, #8173, #8191, #8192,
|
||
#8193, #8194, #8195, #8197, #8199, #8200, #8201, #8202,
|
||
#8207, #8213, #8214)
|
||
- Remove some unused database functions. (#8085)
|
||
- Add type hints to various parts of the codebase. (#8090,
|
||
#8127, #8187, #8241, #8140, #8183, #8232, #8235, #8237,
|
||
#8244)
|
||
- Return the previous stream token if a non-member event is a
|
||
duplicate. (#8093, #8112)
|
||
- Separate get_current_token into two since there are two
|
||
different use cases for it. (#8113)
|
||
- Remove ChainedIdGenerator. (#8123)
|
||
- Reduce the amount of whitespace in JSON stored and sent in
|
||
responses. (#8124)
|
||
- Update the test federation client to handle streaming
|
||
responses. (#8130)
|
||
- Micro-optimisations to get_auth_chain_ids. (#8132)
|
||
- Refactor StreamIdGenerator and MultiWriterIdGenerator to have
|
||
the same interface. (#8161)
|
||
- Add functions to MultiWriterIdGen used by events stream.
|
||
(#8164, #8179)
|
||
- Fix tests that were broken due to the merge of 1.19.1.
|
||
(#8167)
|
||
- Make SlavedIdTracker.advance have the same interface as
|
||
MultiWriterIDGenerator. (#8171)
|
||
- Remove unused is_guest parameter from, and add safeguard to,
|
||
MessageHandler.get_room_data. (#8174, #8181)
|
||
- Standardize the mypy configuration. (#8175)
|
||
- Refactor some of LoginRestServlet's helper methods, and move
|
||
them to AuthHandler for easier reuse. (#8182)
|
||
- Fix wait_for_stream_position to allow multiple waiters on
|
||
same stream ID. (#8196)
|
||
- Make MultiWriterIDGenerator work for streams that use
|
||
negative values. (#8203)
|
||
- Refactor queries for device keys and cross-signatures.
|
||
(#8204, #8205, #8222, #8224, #8225, #8231, #8233, #8234)
|
||
- Fix type hints for functions decorated with @cached. (#8240)
|
||
- Remove obsolete order field from federation send queues.
|
||
(#8245)
|
||
- Stop sub-classing from object. (#8249)
|
||
- Add more logging to debug slow startup. (#8264)
|
||
- Do not attempt to upgrade database schema on worker
|
||
processes. (#8266, #8276)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Sep 18 16:23:29 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to synapse 1.19.3
|
||
- Bugfixes
|
||
- Partially mitigate bug where newly joined servers couldn't
|
||
get past events in a room when there is a malformed event.
|
||
(#8350)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Sep 16 14:03:45 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to synapse 1.19.2
|
||
- Bugfixes
|
||
- Fix joining rooms over federation that include malformed
|
||
events. (#8324)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 27 13:10:02 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to synapse to 1.19.1
|
||
- Bugfixes
|
||
- Fix a bug introduced in v1.19.0 where appservices with
|
||
ratelimiting disabled would still be ratelimited when joining
|
||
rooms. (#8139)
|
||
- Fix a bug introduced in v1.19.0 that would cause e.g. profile
|
||
updates to fail due to incorrect application of rate limits
|
||
on join requests. (#8153)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 17 14:36:41 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to synapse 1.19.0
|
||
- Features
|
||
- Add option to allow server admins to join rooms which fail
|
||
complexity checks. Contributed by @lugino-emeritus. (#7902)
|
||
- Add an option to purge room or not with delete room admin
|
||
endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete).
|
||
Contributed by @dklimpel. (#7964)
|
||
- Add rate limiting to users joining rooms. (#8008)
|
||
- Add a /health endpoint to every configured HTTP listener that
|
||
can be used as a health check endpoint by load balancers.
|
||
(#8048)
|
||
- Allow login to be blocked based on the values of SAML
|
||
attributes. (#8052)
|
||
- Allow guest access to the GET
|
||
/_matrix/client/r0/rooms/{room_id}/members endpoint,
|
||
according to MSC2689. Contributed by Awesome Technologies
|
||
Innovationslabor GmbH. (#7314)
|
||
- Bugfixes
|
||
- Fix a bug introduced in Synapse v1.7.2 which caused
|
||
inaccurate membership counts in the room directory. (#7977)
|
||
- Fix a long standing bug: 'Duplicate key value violates unique
|
||
constraint "event_relations_id"' when message retention is
|
||
configured. (#7978)
|
||
- Fix "no create event in auth events" when trying to reject
|
||
invitation after inviter leaves. Bug introduced in Synapse
|
||
v1.10.0. (#7980)
|
||
- Fix various comments and minor discrepencies in server
|
||
notices code. (#7996)
|
||
- Fix a long standing bug where HTTP HEAD requests resulted in
|
||
a 400 error. (#7999)
|
||
- Fix a long-standing bug which caused two copies of some log
|
||
lines to be written when synctl was used along with a
|
||
MemoryHandler logger. (#8011, #8012)
|
||
- Updates to the Docker image
|
||
- We no longer publish Docker images with the -py3 tag suffix,
|
||
as announced in the upgrade notes. (#8056)
|
||
- Improved Documentation
|
||
- Document how to set up a client .well-known file and fix
|
||
several pieces of outdated documentation. (#7899)
|
||
- Improve workers docs. (#7990, #8000)
|
||
- Fix typo in docs/workers.md. (#7992)
|
||
- Add documentation for how to undo a room shutdown. (#7998,
|
||
#8010)
|
||
- Internal Changes
|
||
- Reduce the amount of whitespace in JSON stored and sent in
|
||
responses. Contributed by David Vo. (#7372)
|
||
- Switch to the JSON implementation from the standard library
|
||
and bump the minimum version of the canonicaljson library to
|
||
1.2.0. (#7936, #7979)
|
||
- Convert various parts of the codebase to async/await. (#7947,
|
||
#7948, #7949, #7951, #7963, #7973, #7975, #7976, #7981,
|
||
#7987, #7989, #8003, #8014, #8016, #8027, #8031, #8032,
|
||
#8035, #8042, #8044, #8045, #8061, #8062, #8063, #8066,
|
||
#8069, #8070)
|
||
- Move some database-related log lines from the default logger
|
||
to the database/transaction loggers. (#7952)
|
||
- Add a script to detect source code files using non-unix line
|
||
terminators. (#7965, #7970)
|
||
- Log the SAML session ID during creation. (#7971)
|
||
- Implement new experimental push rules for some users. (#7997)
|
||
- Remove redundant and unreliable signature check for v1
|
||
Identity Service lookup responses. (#8001)
|
||
- Improve the performance of the register endpoint. (#8009)
|
||
- Reduce less useful output in the newsfragment CI step. Add a
|
||
link to the changelog section of the contributing guide on
|
||
error. (#8024)
|
||
- Rename storage layer objects to be more sensible. (#8033)
|
||
- Change the default log config to reduce disk I/O and storage
|
||
for new servers. (#8040)
|
||
- Add an assertion on prev_events in create_new_client_event.
|
||
(#8041)
|
||
- Add a comment to ServerContextFactory about the use of
|
||
SSLv23_METHOD. (#8043)
|
||
- Log OPTIONS requests at DEBUG rather than INFO level to
|
||
reduce amount logged at INFO. (#8049)
|
||
- Reduce amount of outbound request logging at INFO level.
|
||
(#8050)
|
||
- It is no longer necessary to explicitly define filters in the
|
||
logging configuration. (Continuing to do so is redundant but
|
||
harmless.) (#8051)
|
||
- Add and improve type hints. (#8058, #8064, #8060, #8067)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 30 11:40:22 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to synapse 1.18.0.
|
||
* Features
|
||
+ Include room states on invite events that are sent to application
|
||
services.
|
||
+ Add delete room admin endpoint (POST /_synapse/admin/v1/rooms/<room_id>/delete).
|
||
+ Add experimental support for running multiple federation sender
|
||
processes.
|
||
+ Add the option to validate the iss and aud claims for JWT logins.
|
||
+ Add support for handling registration requests across multiple client
|
||
reader workers.
|
||
+ Add an admin API to list the users in a room. Contributed by Awesome
|
||
Technologies Innovationslabor GmbH.
|
||
+ Allow email subjects to be customised through Synapse's configuration.
|
||
+ Add the ability to re-activate an account from the admin API.
|
||
+ Add experimental support for running multiple pusher workers.
|
||
+ Add experimental support for moving typing off master.
|
||
+ Report CPU metrics to prometheus for time spent processing replication
|
||
commands.
|
||
+ Support oEmbed for media previews.
|
||
+ Abort federation requests where the client disconnects before the
|
||
ratelimiter expires.
|
||
+ Cache responses to /_matrix/federation/v1/state_ids to reduce duplicated
|
||
work.
|
||
* Bugfixes
|
||
* Fix detection of out of sync remote device lists when receiving events
|
||
from remote users.
|
||
* Fix bug where Synapse fails to process an incoming event over federation
|
||
if the server is missing too much of the event's auth chain.
|
||
* Fix a bug causing Synapse to misinterpret the value off for
|
||
encryption_enabled_by_default_for_room_type in its configuration file(s)
|
||
if that value isn't surrounded by quotes. This bug was introduced in
|
||
v1.16.0.
|
||
* Fix bug where we did not always pass in app_name or server_name to email
|
||
templates, including e.g. for registration emails.
|
||
* Errors which occur while using the non-standard JWT login now return the
|
||
proper error: 403 Forbidden with an error code of M_FORBIDDEN.
|
||
* Fix "AttributeError: 'str' object has no attribute 'get'" error message
|
||
when applying per-room message retention policies. The bug was introduced
|
||
in Synapse 1.7.0.
|
||
* Fix a bug introduced in Synapse 1.10.0 which could cause a "no create
|
||
event in auth events" error during room creation.
|
||
* Fix a bug which allowed empty rooms to be rejoined over federation.
|
||
* Fix 'Unable to find a suitable guest user ID' error when using multiple
|
||
client_reader workers.
|
||
* Fix a long standing bug where the tracing of async functions with
|
||
opentracing was broken.
|
||
* Fix "TypeError in synapse.notifier" exceptions.
|
||
* Fix deprecation warning due to invalid escape sequences.
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 13 11:55:06 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- allow newer prometheus client (follow up to change in the code)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jul 13 11:19:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.17.0
|
||
- Bugfixes
|
||
- Fix inconsistent handling of upper and lower case in email
|
||
addresses when used as identifiers for login, etc.
|
||
Contributed by @dklimpel. (#7021)
|
||
- Fix "Tried to close a non-active scope!" error messages when
|
||
opentracing is enabled. (#7732)
|
||
- Fix incorrect error message when database CTYPE was set
|
||
incorrectly. (#7760)
|
||
- Fix to not ignore set_tweak actions in Push Rules that have
|
||
no value, as permitted by the specification. (#7766)
|
||
- Fix synctl to handle empty config files correctly.
|
||
Contributed by @kotovalexarian. (#7779)
|
||
- Fixes a long standing bug in worker mode where worker
|
||
information was saved in the devices table instead of the
|
||
original IP address and user agent. (#7797)
|
||
- Fix 'stuck invites' which happen when we are unable to reject
|
||
a room invite received over federation. (#7804, #7809, #7810)
|
||
- Updates to the Docker image
|
||
- Include libwebp in the Docker file to properly handle webp
|
||
image uploads. (#7791)
|
||
- Improved Documentation
|
||
- Improve the documentation of the non-standard JSON web token
|
||
login type. (#7776)
|
||
- Update doc links for caddy. Contributed by Nicolai Søborg.
|
||
(#7789)
|
||
- Internal Changes
|
||
- Refactor getting replication updates from database. (#7740)
|
||
- Send push notifications with a high or low priority depending
|
||
upon whether they may generate user-observable effects.
|
||
(#7765)
|
||
- Use symbolic names for replication stream names. (#7768)
|
||
- Add early returns to _check_for_soft_fail. (#7769)
|
||
- Fix up synapse.handlers.federation to pass mypy. (#7770)
|
||
- Convert the appserver handler to async/await. (#7775)
|
||
- Allow to use higher versions of prometheus_client <0.9.0
|
||
which are expected to introduce no breaking changes.
|
||
Contributed by Oliver Kurz. (#7780)
|
||
- Update linting scripts and codebase to be compatible with
|
||
isort v5. (#7786)
|
||
- Stop populating unused table local_invites. (#7793)
|
||
- Ensure that strings (not bytes) are passed into JSON
|
||
serialization. (#7799)
|
||
- Switch from simplejson to the standard library json. (#7800)
|
||
- Add signing_key property to HomeServer to save code
|
||
duplication. (#7805)
|
||
- Improve stacktraces from exceptions in background processes.
|
||
(#7808)
|
||
- Fix various spelling errors in comments and log lines.
|
||
(#7811)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 10 12:03:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.16.1
|
||
- Drop table local_rejections_stream which was incorrectly added
|
||
in Synapse 1.16.0. (#7816, b1beb3ff5)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 8 10:28:25 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.16.0
|
||
- Features
|
||
- Add an option to enable encryption by default for new rooms.
|
||
(#7639)
|
||
- Add support for running multiple media repository workers.
|
||
See docs/workers.md for instructions. (#7706)
|
||
- Media can now be marked as safe from quarantined. (#7718)
|
||
- Expand the configuration options for auto-join rooms. (#7763)
|
||
- Bugfixes
|
||
- Remove user_id from the response to GET
|
||
/_matrix/client/r0/presence/{userId}/status to match the
|
||
specification. (#7606)
|
||
- In worker mode, ensure that replicated data has not already
|
||
been received. (#7648)
|
||
- Fix intermittent exception during startup, introduced in
|
||
Synapse 1.14.0. (#7663)
|
||
- Include a user-agent for federation and well-known requests.
|
||
(#7677)
|
||
- Accept the proper field (phone) for the m.id.phone identifier
|
||
type. The legacy field of number is still accepted as a
|
||
fallback. Bug introduced in v0.20.0. (#7687)
|
||
- Fix "Starting db txn 'get_completed_ui_auth_stages' from
|
||
sentinel context" warning. The bug was introduced in 1.13.0.
|
||
(#7688)
|
||
- Compare the URI and method during user interactive
|
||
authentication (instead of the URI twice). Bug introduced in
|
||
1.13.0. (#7689)
|
||
- Fix a long standing bug where the response to the GET
|
||
room_keys/version endpoint had the incorrect type for the
|
||
etag field. (#7691)
|
||
- Fix logged error during device resync in opentracing. Broke
|
||
in v1.14.0. (#7698)
|
||
- Do not break push rule evaluation when receiving an event
|
||
with a non-string body. This is a long-standing bug. (#7701)
|
||
- Fixs a long standing bug which resulted in an exception:
|
||
"TypeError: argument of type 'ObservableDeferred' is not
|
||
iterable". (#7708)
|
||
- The synapse_port_db script no longer fails when the
|
||
ui_auth_sessions table is non-empty. This bug has existed
|
||
since v1.13.0. (#7711)
|
||
- Synapse will now fetch media from the proper specified URL
|
||
(using the r0 prefix instead of the unspecified v1). (#7714)
|
||
- Fix the tables ignored by synapse_port_db to be in sync the
|
||
current database schema. (#7717)
|
||
- Fix missing Content-Length on HTTP responses from the metrics
|
||
handler. (#7730)
|
||
- Fix large state resolutions from stalling Synapse for seconds
|
||
at a time. (#7735, #7746)
|
||
- Improved Documentation
|
||
- Spelling correction in sample_config.yaml. (#7652)
|
||
- Added instructions for how to use Keycloak via OpenID Connect
|
||
to authenticate with Synapse. (#7659)
|
||
- Corrected misspelling of PostgreSQL. (#7724)
|
||
- Deprecations and Removals
|
||
- Deprecate m.login.jwt login method in favour of
|
||
org.matrix.login.jwt, as m.login.jwt is not part of the
|
||
Matrix spec. (#7675)
|
||
- Internal Changes
|
||
- Refactor getting replication updates from database. (#7636)
|
||
- Clean-up the login fallback code. (#7657)
|
||
- Increase the default SAML session expiry time to 15 minutes.
|
||
(#7664)
|
||
- Convert the device message and pagination handlers to
|
||
async/await. (#7678)
|
||
- Convert typing handler to async/await. (#7679)
|
||
- Require parameterized package version to be at least 0.7.0.
|
||
(#7680)
|
||
- Refactor handling of listeners configuration settings.
|
||
(#7681)
|
||
- Replace uses of six.iterkeys/iteritems/itervalues with
|
||
keys()/items()/values(). (#7692)
|
||
- Add support for using rust-python-jaeger-reporter library to
|
||
reduce jaeger tracing overhead. (#7697)
|
||
- Make Tox actions work on Debian 10. (#7703)
|
||
- Replace all remaining uses of six with native Python 3
|
||
equivalents. Contributed by @ilmari. (#7704)
|
||
- Fix broken link in sample config. (#7712)
|
||
- Speed up state res v2 across large state differences. (#7725)
|
||
- Convert directory handler to async/await. (#7727)
|
||
- Move flake8 to the end of scripts-dev/lint.sh as it takes the
|
||
longest and could cause the script to exit early. (#7738)
|
||
- Explain the "test" conditional requirement for dependencies
|
||
is not all of the modules necessary to run the unit tests.
|
||
(#7751)
|
||
- Add some metrics for inbound and outbound federation
|
||
latencies: synapse_federation_server_pdu_process_time and
|
||
synapse_event_processing_lag_by_event. (#7755)(#7771)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 2 15:34:54 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.15.2
|
||
- Security
|
||
- A malicious homeserver could force Synapse to reset the state
|
||
in a room to a small subset of the correct state. This
|
||
affects all Synapse deployments which federate with untrusted
|
||
servers. (96e9afe6)
|
||
- HTML pages served via Synapse were vulnerable to clickjacking
|
||
attacks. This predominantly affects homeservers with
|
||
single-sign-on enabled, but all server administrators are
|
||
encouraged to upgrade. (ea26e9a9)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 16 18:36:01 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.15.1
|
||
- Fix a bug introduced in v1.15.0 that would crash Synapse on
|
||
start when using certain password auth providers. (#7684)
|
||
- Fix a bug introduced in v1.15.0 which meant that some 3PID
|
||
management endpoints were not accessible on the correct URL.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 11 14:28:57 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.15.0
|
||
- Features
|
||
- Advertise support for Client-Server API r0.6.0 and remove
|
||
related unstable feature flags. (#6585)
|
||
- Add an option to disable autojoining rooms for guest
|
||
accounts. (#6637)
|
||
- For SAML authentication, add the ability to pass email
|
||
addresses to be added to new users' accounts via SAML
|
||
attributes. Contributed by Christopher Cooper. (#7385)
|
||
- Add admin APIs to allow server admins to manage users'
|
||
devices. Contributed by @dklimpel. (#7481)
|
||
- Add support for generating thumbnails for WebP images.
|
||
Previously, users would see an empty box instead of preview
|
||
image. Contributed by @WGH-. (#7586)
|
||
- Support the standardized m.login.sso user-interactive
|
||
authentication flow. (#7630)
|
||
- Bugfixes
|
||
- Allow new users to be registered via the admin API even if
|
||
the monthly active user limit has been reached. Contributed
|
||
by @dklimpel. (#7263)
|
||
- Fix email notifications not being enabled for new users when
|
||
created via the Admin API. (#7267)
|
||
- Fix str placeholders in an instance of
|
||
PrepareDatabaseException. Introduced in Synapse v1.8.0.
|
||
(#7575)
|
||
- Fix a bug in automatic user creation during first time login
|
||
with m.login.jwt. Regression in v1.6.0. Contributed by @olof.
|
||
(#7585)
|
||
- Fix a bug causing the cross-signing keys to be ignored when
|
||
resyncing a device list. (#7594)
|
||
- Fix metrics failing when there is a large number of active
|
||
background processes. (#7597)
|
||
- Fix bug where returning rooms for a group would fail if it
|
||
included a room that the server was not in. (#7599)
|
||
- Fix duplicate key violation when persisting read markers.
|
||
(#7607)
|
||
- Prevent an entire iteration of the device list resync loop
|
||
from failing if one server responds with a malformed result.
|
||
(#7609)
|
||
- Fix exceptions when fetching events from a remote host fails.
|
||
(#7622)
|
||
- Make synctl restart start synapse if it wasn't running.
|
||
(#7624)
|
||
- Pass device information through to the login endpoint when
|
||
using the login fallback. (#7629)
|
||
- Advertise the m.login.token login flow when OpenID Connect is
|
||
enabled. (#7631)
|
||
- Fix bug in account data replication stream. (#7656)
|
||
- Improved Documentation
|
||
- Update the OpenBSD installation instructions. (#7587)
|
||
- Advertise Python 3.8 support in setup.py. (#7602)
|
||
- Add a link to #synapse:matrix.org in the troubleshooting
|
||
section of the README. (#7603)
|
||
- Clarifications to the admin api documentation. (#7647)
|
||
- Internal Changes
|
||
- Convert the identity handler to async/await. (#7561)
|
||
- Improve query performance for fetching state from a
|
||
PostgreSQL database. Contributed by @ilmari. (#7567)
|
||
- Speed up processing of federation stream RDATA rows. (#7584)
|
||
- Add comment to systemd example to show postgresql dependency.
|
||
(#7591)
|
||
- Refactor Ratelimiter to limit the amount of expensive config
|
||
value accesses. (#7595)
|
||
- Convert groups handlers to async/await. (#7600)
|
||
- Clean up exception handling in SAML2ResponseResource. (#7614)
|
||
- Check that all asynchronous tasks succeed and general cleanup
|
||
of MonthlyActiveUsersTestCase and TestMauLimit. (#7619)
|
||
- Convert get_user_id_by_threepid to async/await. (#7620)
|
||
- Switch to upstream dh-virtualenv rather than our fork for
|
||
Debian package builds. (#7621)
|
||
- Update CI scripts to check the number in the newsfile
|
||
fragment. (#7623)
|
||
- Check if the localpart of a Matrix ID is reserved for guest
|
||
users earlier in the registration flow, as well as when
|
||
responding to requests to /register/available. (#7625)
|
||
- Minor cleanups to OpenID Connect integration. (#7628)
|
||
- Attempt to fix flaky test:
|
||
PhoneHomeStatsTestCase.test_performance_100. (#7634)
|
||
- Fix typos of m.olm.curve25519-aes-sha2 and
|
||
m.megolm.v1.aes-sha2 in comments, test files. (#7637)
|
||
- Convert user directory, state deltas, and stats handlers to
|
||
async/await. (#7640)
|
||
- Remove some unused constants. (#7644)
|
||
- Fix type information on assert_*_is_admin methods. (#7645)
|
||
- Convert registration handler to async/await. (#7649)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 4 20:54:32 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- make sure we do not pull too new prometheus bindings
|
||
|
||
-------------------------------------------------------------------
|
||
Thu May 28 11:05:04 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.14.0
|
||
- Features
|
||
- Synapse's cache factor can now be configured in
|
||
homeserver.yaml by the caches.global_factor setting.
|
||
Additionally, caches.per_cache_factors controls the cache
|
||
factors for individual caches. (#6391)
|
||
- Add OpenID Connect login/registration support. Contributed by
|
||
Quentin Gliech, on behalf of les Connecteurs. (#7256, #7457)
|
||
- Add room details admin endpoint. Contributed by Awesome
|
||
Technologies Innovationslabor GmbH. (#7317)
|
||
- Allow for using more than one spam checker module at once.
|
||
(#7435)
|
||
- Add additional authentication checks for m.room.power_levels
|
||
event per MSC2209. (#7502)
|
||
- Implement room version 6 per MSC2240. (#7506)
|
||
- Add highly experimental option to move event persistence off
|
||
master. (#7281, #7374, #7436, #7440, #7475, #7490, #7491,
|
||
#7492, #7493, #7495, #7515, #7516, #7517, #7542)
|
||
- Bugfixes
|
||
- Fix cache config to not apply cache factor to event cache.
|
||
Regression in v1.14.0rc1. (#7578)
|
||
- Fix bug where ReplicationStreamer was not always started when
|
||
replication was enabled. Bug introduced in v1.14.0rc1.
|
||
(#7579)
|
||
- Fix specifying individual cache factors for caches with
|
||
special characters in their name. Regression in v1.14.0rc1.
|
||
(#7580)
|
||
- Fix a bug where event updates might not be sent over
|
||
replication to worker processes after the stream falls
|
||
behind. (#7384)
|
||
- Allow expired user accounts to log out their device sessions.
|
||
(#7443)
|
||
- Fix a bug that would cause Synapse not to resync out-of-sync
|
||
device lists. (#7453)
|
||
- Prevent rooms with 0 members or with invalid version strings
|
||
from breaking group queries. (#7465)
|
||
- Workaround for an upstream Twisted bug that caused Synapse to
|
||
become unresponsive after startup. (#7473)
|
||
- Fix Redis reconnection logic that can result in missed
|
||
updates over replication if master reconnects to Redis
|
||
without restarting. (#7482)
|
||
- When sending m.room.member events, omit displayname and
|
||
avatar_url if they aren't set instead of setting them to
|
||
null. Contributed by Aaron Raimist. (#7497)
|
||
- Fix incorrect method label on
|
||
synapse_http_matrixfederationclient_{requests,responses}
|
||
prometheus metrics. (#7503)
|
||
- Ignore incoming presence events from other homeservers if
|
||
presence is disabled locally. (#7508)
|
||
- Fix a long-standing bug that broke the update remote profile
|
||
background process. (#7511)
|
||
- Hash passwords as early as possible during password reset.
|
||
(#7538)
|
||
- Fix bug where a local user leaving a room could fail under
|
||
rare circumstances. (#7548)
|
||
- Fix "Missing RelayState parameter" error when using user
|
||
interactive authentication with SAML for some SAML providers.
|
||
(#7552)
|
||
- Fix exception 'GenericWorkerReplicationHandler' object has no
|
||
attribute 'send_federation_ack', introduced in v1.13.0.
|
||
(#7564)
|
||
- synctl now warns if it was unable to stop Synapse and will
|
||
not attempt to start Synapse if nothing was stopped.
|
||
Contributed by Romain Bouyé. (#6590)
|
||
- Documentation
|
||
- Fix the OIDC client_auth_method value in the sample config.
|
||
(#7581)
|
||
- Update information about mapping providers for SAML and
|
||
OpenID. (#7458)
|
||
- Add additional reverse proxy example for Caddy v2.
|
||
Contributed by Jeff Peeler. (#7463)
|
||
- Fix copy-paste error in ServerNoticesConfig docstring.
|
||
Contributed by @ptman. (#7477)
|
||
- Improve the formatting of reverse_proxy.md. (#7514)
|
||
- Change the systemd worker service to check that the worker
|
||
config file exists instead of silently failing. Contributed
|
||
by David Vo. (#7528)
|
||
- Minor clarifications to the TURN docs. (#7533)
|
||
- Internal changes
|
||
- Add typing annotations in synapse.federation. (#7382)
|
||
- Convert the room handler to async/await. (#7396)
|
||
- Improve performance of get_e2e_cross_signing_key. (#7428)
|
||
- Improve performance of mark_as_sent_devices_by_remote.
|
||
(#7429, #7562)
|
||
- Add type hints to the SAML handler. (#7445)
|
||
- Remove storage method get_hosts_in_room that is no longer
|
||
called anywhere. (#7448)
|
||
- Fix some typos in the notice_expiry templates. (#7449)
|
||
- Convert the federation handler to async/await. (#7459)
|
||
- Convert the search handler to async/await. (#7460)
|
||
- Add type hints to synapse.event_auth. (#7505)
|
||
- Convert the room member handler to async/await. (#7507)
|
||
- Add type hints to room member handler. (#7513)
|
||
- Fix typing annotations in tests.replication. (#7518)
|
||
- Remove some redundant Python 2 support code. (#7519)
|
||
- All endpoints now respond with a 200 OK for OPTIONS requests.
|
||
(#7534, #7560)
|
||
- Synapse now exports detailed allocator statistics and basic
|
||
GC timings as Prometheus metrics (pypy_gc_time_seconds_total
|
||
and pypy_memory_bytes) when run under PyPy. Contributed by
|
||
Ivan Shapovalov. (#7536)
|
||
- Remove Ubuntu Cosmic and Disco from the list of distributions
|
||
which we provide .debs for, due to end-of-life. (#7539)
|
||
- Make worker processes return a stubbed-out response to GET
|
||
/presence requests. (#7545)
|
||
- Optimise some references to hs.config. (#7546)
|
||
- On upgrade room only send canonical alias once. (#7547)
|
||
- Fix some indentation inconsistencies in the sample config.
|
||
(#7550)
|
||
- Include synapse.http.site in type checking. (#7553)
|
||
- Fix some test code to not mangle stacktraces, to make it
|
||
easier to debug errors. (#7554)
|
||
- Refresh apt cache when building dh_virtualenv docker image.
|
||
(#7555)
|
||
- Stop logging some expected HTTP request errors as exceptions.
|
||
(#7556, #7563)
|
||
- Convert sending mail to async/await. (#7557)
|
||
- Simplify reap_monthly_active_users. (#7558)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 19 14:54:57 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.13.0
|
||
This release brings some potential changes necessary for certain
|
||
configurations of Synapse:
|
||
|
||
- If your Synapse is configured to use SSO and have a custom
|
||
sso_redirect_confirm_template_dir configuration option set, you
|
||
will need to duplicate the new sso_auth_confirm.html,
|
||
sso_auth_success.html and sso_account_deactivated.html
|
||
templates into that directory.
|
||
- Synapse plugins using the complete_sso_login method of
|
||
synapse.module_api.ModuleApi should instead switch to the
|
||
async/await version, complete_sso_login_async, which includes
|
||
additional checks. The former version is now deprecated.
|
||
- A bug was introduced in Synapse 1.4.0 which could cause the
|
||
room directory to be incomplete or empty if Synapse was
|
||
upgraded directly from v1.2.1 or earlier, to versions between
|
||
v1.4.0 and v1.12.x.
|
||
|
||
Please review UPGRADE.rst for more details on these changes and
|
||
for general upgrade guidance.
|
||
|
||
For the complete list of changes please refer to
|
||
https://github.com/matrix-org/synapse/releases/tag/v1.13.0
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 23 15:51:48 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.12.4
|
||
- Features:
|
||
- Always send users their own device updates. (#7160)
|
||
- Add support for handling GET requests for account_data on a
|
||
worker. (#7311)
|
||
- Bugfixes:
|
||
- Fix a bug that prevented cross-signing with users on
|
||
worker-mode synapses. (#7255)
|
||
- Do not treat display names as globs in push rules. (#7271)
|
||
- Fix a bug with cross-signing devices belonging to remote
|
||
users who did not share a room with any user on the local
|
||
homeserver. (#7289)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 3 12:21:52 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.12.3
|
||
- Remove the pin to Pillow 7.0 which was introduced in Synapse
|
||
1.12.2, and correctly fix the issue with building the Debian
|
||
packages. (#7212)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 2 18:27:05 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.12.2
|
||
- This release fixes an issue with building the debian packages.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Apr 2 16:28:51 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.12.1
|
||
- Fix starting workers when federation sending not split out.
|
||
(#7133). Introduced in v1.12.0.
|
||
- Avoid importing sqlite3 when using the postgres backend.
|
||
Contributed by David Vo. (#7155). Introduced in v1.12.0rc1.
|
||
- Fix a bug which could cause outbound federation traffic to stop
|
||
working if a client uploaded an incorrect e2e device signature.
|
||
(#7177). Introduced in v1.11.0.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 24 15:31:47 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- use %requires_eq for runtime dependencies to make sure we always
|
||
use the versions we built with. we ran into cases where the
|
||
distro package was new enough according to the setup dependencies
|
||
but those were not up2date with the actual code.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Mar 23 14:36:36 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.12.0
|
||
Synapse may be vulnerable to request-smuggling attacks when it is
|
||
used with a reverse-proxy. The vulnerabilties are fixed in
|
||
Twisted 20.3.0, and are described in
|
||
[CVE-2020-10108](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10108)
|
||
and
|
||
[CVE-2020-10109](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-10109).
|
||
For a good introduction to this class of request-smuggling
|
||
attacks, see
|
||
https://portswigger.net/research/http-desync-attacks-request-smuggling-reborn.
|
||
|
||
We are not aware of these vulnerabilities being exploited in the
|
||
wild, and do not believe that they are exploitable with current
|
||
versions of any reverse proxies. Nevertheless, we recommend that
|
||
all Synapse administrators ensure that they have the latest
|
||
versions of the Twisted library to ensure that their installation
|
||
remains secure.
|
||
|
||
- Features
|
||
- Changes related to room alias management
|
||
([MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432)):
|
||
- Publishing/removing a room from the room directory now
|
||
requires the user to have a power level capable of
|
||
modifying the canonical alias, instead of the room aliases.
|
||
([\#6965](https://github.com/matrix-org/synapse/issues/6965))
|
||
- Validate the `alt_aliases` property of canonical alias
|
||
events.
|
||
([\#6971](https://github.com/matrix-org/synapse/issues/6971))
|
||
- Users with a power level sufficient to modify the canonical
|
||
alias of a room can now delete room aliases.
|
||
([\#6986](https://github.com/matrix-org/synapse/issues/6986))
|
||
- Implement updated authorization rules and redaction rules
|
||
for aliases events, from
|
||
[MSC2261](https://github.com/matrix-org/matrix-doc/pull/2261)
|
||
and
|
||
[MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432).
|
||
([\#7037](https://github.com/matrix-org/synapse/issues/7037))
|
||
- Stop sending m.room.aliases events during room creation and
|
||
upgrade.
|
||
([\#6941](https://github.com/matrix-org/synapse/issues/6941))
|
||
- Synapse no longer uses room alias events to calculate room
|
||
names for push notifications.
|
||
([\#6966](https://github.com/matrix-org/synapse/issues/6966))
|
||
- The room list endpoint no longer returns a list of aliases.
|
||
([\#6970](https://github.com/matrix-org/synapse/issues/6970))
|
||
- Remove special handling of aliases events from
|
||
[MSC2260](https://github.com/matrix-org/matrix-doc/pull/2260)
|
||
added in v1.10.0rc1.
|
||
([\#7034](https://github.com/matrix-org/synapse/issues/7034))
|
||
- Expose the `synctl`, `hash_password` and `generate_config`
|
||
commands in the snapcraft package. Contributed by @devec0.
|
||
([\#6315](https://github.com/matrix-org/synapse/issues/6315))
|
||
- Check that server_name is correctly set before running
|
||
database updates.
|
||
([\#6982](https://github.com/matrix-org/synapse/issues/6982))
|
||
- Break down monthly active users by `appservice_id` and emit
|
||
via Prometheus.
|
||
([\#7030](https://github.com/matrix-org/synapse/issues/7030))
|
||
- Render a configurable and comprehensible error page if
|
||
something goes wrong during the SAML2 authentication process.
|
||
([\#7058](https://github.com/matrix-org/synapse/issues/7058),
|
||
[\#7067](https://github.com/matrix-org/synapse/issues/7067))
|
||
- Add an optional parameter to control whether other sessions
|
||
are logged out when a user's password is modified.
|
||
([\#7085](https://github.com/matrix-org/synapse/issues/7085))
|
||
- Add prometheus metrics for the number of active pushers.
|
||
([\#7103](https://github.com/matrix-org/synapse/issues/7103),
|
||
[\#7106](https://github.com/matrix-org/synapse/issues/7106))
|
||
- Improve performance when making HTTPS requests to sygnal,
|
||
sydent, etc, by sharing the SSL context object between
|
||
connections.
|
||
([\#7094](https://github.com/matrix-org/synapse/issues/7094))
|
||
- Bugfixes
|
||
- When a user's profile is updated via the admin API, also
|
||
generate a displayname/avatar update for that user in each
|
||
room.
|
||
([\#6572](https://github.com/matrix-org/synapse/issues/6572))
|
||
- Fix a couple of bugs in email configuration handling.
|
||
([\#6962](https://github.com/matrix-org/synapse/issues/6962))
|
||
- Fix an issue affecting worker-based deployments where
|
||
replication would stop working, necessitating a full restart,
|
||
after joining a large room.
|
||
([\#6967](https://github.com/matrix-org/synapse/issues/6967))
|
||
- Fix `duplicate key` error which was logged when rejoining a
|
||
room over federation.
|
||
([\#6968](https://github.com/matrix-org/synapse/issues/6968))
|
||
- Prevent user from setting 'deactivated' to anything other
|
||
than a bool on the v2 PUT /users Admin API.
|
||
([\#6990](https://github.com/matrix-org/synapse/issues/6990))
|
||
- Fix py35-old CI by using native tox package.
|
||
([\#7018](https://github.com/matrix-org/synapse/issues/7018))
|
||
- Fix a bug causing `org.matrix.dummy_event` to be included in
|
||
responses from `/sync`.
|
||
([\#7035](https://github.com/matrix-org/synapse/issues/7035))
|
||
- Fix a bug that renders UTF-8 text files incorrectly when
|
||
loaded from media. Contributed by @TheStranjer.
|
||
([\#7044](https://github.com/matrix-org/synapse/issues/7044))
|
||
- Fix a bug that would cause Synapse to respond with an error
|
||
about event visibility if a client tried to request the state
|
||
of a room at a given token.
|
||
([\#7066](https://github.com/matrix-org/synapse/issues/7066))
|
||
- Repair a data-corruption issue which was introduced in
|
||
Synapse 1.10, and fixed in Synapse 1.11, and which could
|
||
cause `/sync` to return with 404 errors about missing events
|
||
and unknown rooms.
|
||
([\#7070](https://github.com/matrix-org/synapse/issues/7070))
|
||
- Fix a bug causing account validity renewal emails to be sent
|
||
even if the feature is turned off in some cases.
|
||
([\#7074](https://github.com/matrix-org/synapse/issues/7074))
|
||
- Improved Documentation
|
||
- Updated CentOS8 install instructions. Contributed by Richard
|
||
Kellner.
|
||
([\#6925](https://github.com/matrix-org/synapse/issues/6925))
|
||
- Fix `POSTGRES_INITDB_ARGS` in the
|
||
`contrib/docker/docker-compose.yml` example docker-compose
|
||
configuration.
|
||
([\#6984](https://github.com/matrix-org/synapse/issues/6984))
|
||
- Change date in [INSTALL.md](./INSTALL.md#tls-certificates)
|
||
for last date of getting TLS certificates to November 2019.
|
||
([\#7015](https://github.com/matrix-org/synapse/issues/7015))
|
||
- Document that the fallback auth endpoints must be routed to
|
||
the same worker node as the register endpoints.
|
||
([\#7048](https://github.com/matrix-org/synapse/issues/7048))
|
||
- Deprecations and Removals
|
||
- Remove the unused query_auth federation endpoint per
|
||
[MSC2451](https://github.com/matrix-org/matrix-doc/pull/2451).
|
||
([\#7026](https://github.com/matrix-org/synapse/issues/7026))
|
||
- Internal Changes
|
||
- Add type hints to `logging/context.py`.
|
||
([\#6309](https://github.com/matrix-org/synapse/issues/6309))
|
||
- Add some clarifications to `README.md` in the database schema
|
||
directory.
|
||
([\#6615](https://github.com/matrix-org/synapse/issues/6615))
|
||
- Refactoring work in preparation for changing the event
|
||
redaction algorithm.
|
||
([\#6874](https://github.com/matrix-org/synapse/issues/6874),
|
||
[\#6875](https://github.com/matrix-org/synapse/issues/6875),
|
||
[\#6983](https://github.com/matrix-org/synapse/issues/6983),
|
||
[\#7003](https://github.com/matrix-org/synapse/issues/7003))
|
||
- Improve performance of v2 state resolution for large rooms.
|
||
([\#6952](https://github.com/matrix-org/synapse/issues/6952),
|
||
[\#7095](https://github.com/matrix-org/synapse/issues/7095))
|
||
- Reduce time spent doing GC, by freezing objects on startup.
|
||
([\#6953](https://github.com/matrix-org/synapse/issues/6953))
|
||
- Minor perfermance fixes to `get_auth_chain_ids`.
|
||
([\#6954](https://github.com/matrix-org/synapse/issues/6954))
|
||
- Don't record remote cross-signing keys in the `devices`
|
||
table.
|
||
([\#6956](https://github.com/matrix-org/synapse/issues/6956))
|
||
- Use flake8-comprehensions to enforce good hygiene of
|
||
list/set/dict comprehensions.
|
||
([\#6957](https://github.com/matrix-org/synapse/issues/6957))
|
||
- Merge worker apps together.
|
||
([\#6964](https://github.com/matrix-org/synapse/issues/6964),
|
||
[\#7002](https://github.com/matrix-org/synapse/issues/7002),
|
||
[\#7055](https://github.com/matrix-org/synapse/issues/7055),
|
||
[\#7104](https://github.com/matrix-org/synapse/issues/7104))
|
||
- Remove redundant `store_room` call from
|
||
`FederationHandler._process_received_pdu`.
|
||
([\#6979](https://github.com/matrix-org/synapse/issues/6979))
|
||
- Update warning for incorrect database collation/ctype to
|
||
include link to documentation.
|
||
([\#6985](https://github.com/matrix-org/synapse/issues/6985))
|
||
- Add some type annotations to the database storage classes.
|
||
([\#6987](https://github.com/matrix-org/synapse/issues/6987))
|
||
- Port `synapse.handlers.presence` to async/await.
|
||
([\#6991](https://github.com/matrix-org/synapse/issues/6991),
|
||
[\#7019](https://github.com/matrix-org/synapse/issues/7019))
|
||
- Add some type annotations to the federation base & client
|
||
classes.
|
||
([\#6995](https://github.com/matrix-org/synapse/issues/6995))
|
||
- Port `synapse.rest.keys` to async/await.
|
||
([\#7020](https://github.com/matrix-org/synapse/issues/7020))
|
||
- Add a type check to `is_verified` when processing room keys.
|
||
([\#7045](https://github.com/matrix-org/synapse/issues/7045))
|
||
- Add type annotations and comments to the auth handler.
|
||
([\#7063](https://github.com/matrix-org/synapse/issues/7063))
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Mar 3 21:43:02 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- Update to 1.11.1
|
||
This release includes a security fix impacting installations
|
||
using Single Sign-On (i.e. SAML2 or CAS) for authentication.
|
||
Administrators of such installations are encouraged to upgrade as
|
||
soon as possible.
|
||
|
||
- Bugfixes
|
||
- Add a confirmation step to the SSO login flow before
|
||
redirecting users to the redirect URL.
|
||
([b2bd54a2](https://github.com/matrix-org/synapse/commit/b2bd54a2e31d9a248f73fadb184ae9b4cbdb49f9),
|
||
[65c73cdf](https://github.com/matrix-org/synapse/commit/65c73cdfec1876a9fec2fd2c3a74923cd146fe0b),
|
||
[a0178df1](https://github.com/matrix-org/synapse/commit/a0178df10422a76fd403b82d2b2a4ed28a9a9d1e))
|
||
- Fixed set a user as an admin with the admin API `PUT
|
||
/_synapse/admin/v2/users/<user_id>`. Contributed by
|
||
@dklimpel.
|
||
([\#6910](https://github.com/matrix-org/synapse/issues/6910))
|
||
- Fix bug introduced in Synapse 1.11.0 which sometimes caused
|
||
errors when joining rooms over federation, with `'coroutine'
|
||
object has no attribute 'event_id'`.
|
||
([\#6996](https://github.com/matrix-org/synapse/issues/6996))
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 21 15:12:49 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- track series file to make updating patches easier
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Feb 21 12:58:18 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.11.0.
|
||
|
||
* Limit the number of events that can be requested by the backfill federation
|
||
API to 100.
|
||
* Reject device display names over 100 characters in length to prevent abuse.
|
||
* Implement new aliases endpoint as per MSC2432.
|
||
* Stop sending m.room.alias events wheng adding / removing aliases. Check
|
||
alt_aliases in the latest m.room.canonical_alias event when deleting an
|
||
alias.
|
||
* Change the default power levels of invites, tombstones and server ACLs for
|
||
new rooms.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Feb 18 01:44:41 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.10.1.
|
||
|
||
* Fix a bug introduced in Synapse 1.10.0 which would cause room state to be
|
||
cleared in the database if Synapse was upgraded direct from 1.2.1 or
|
||
earlier to 1.10.0.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 12 16:01:46 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- bump requires on python3-signedjson to follow code change
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 12 13:51:08 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.10.0.
|
||
|
||
WARNING to client developers: As of this release Synapse validates
|
||
client_secret parameters in the Client-Server API as per the spec. See #6766
|
||
for details.
|
||
|
||
+ Add experimental support for updated authorization rules for aliases
|
||
events, from MSC2260.
|
||
+ Variety of E2EE improvements, most notably:
|
||
* Fix bug where querying a remote user's device keys that weren't cached
|
||
resulted in only returning a single device.
|
||
* Fix bug where Synapse didn't invalidate cache of remote users' devices
|
||
when Synapse left a room.
|
||
* Detect unknown remote devices and mark cache as stale.
|
||
* Attempt to resync remote users' devices when detected as stale.
|
||
* When a client asks for a remote user's device keys check if the local
|
||
cache for that user has been marked as potentially stale.
|
||
* Detect unexpected sender keys on remote encrypted events and resync
|
||
device lists.
|
||
* Fix an issue with cross-signing where device signatures were not sent to
|
||
remote servers.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jan 28 14:34:39 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- update to 1.9.1
|
||
Fix bug where setting mau_limit_reserved_threepids config would
|
||
cause Synapse to refuse to start. (#6793)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 23 16:06:38 UTC 2020 - Marcus Rueckert <mrueckert@suse.de>
|
||
|
||
- package cleanup
|
||
- make sure we have all libraries to actually install the package:
|
||
- buildrequires all runtime requirements
|
||
- (build)require python3-typing_extensions
|
||
- having it use the python package name is not really useful here.
|
||
- refreshed and renamed better-paths.patch to
|
||
matrix-synapse-1.4.1-paths.patch
|
||
- also fix existing synapse user
|
||
- group to synapse instead of nogroup
|
||
- home directory to /var/lib/matrix-synapse
|
||
- shell to /bin/false (which actually exists)
|
||
- improvements to the logging configuration:
|
||
- install copy of the current /etc/matrix-synapse/log.yaml as
|
||
/etc/matrix-synapse/log.systemd.yaml
|
||
- install /etc/matrix-synapse/log.file.yaml which logs to
|
||
/var/log/matrix-synapse/homeserver.log
|
||
- add the log directory /var/log/matrix-synapse/
|
||
- added README.SUSE
|
||
- better way to bootstrap a new config:
|
||
1. ExecStartPre would have never worked anyway
|
||
2. added %{_sbindir}/matrix-synapse-generate-config
|
||
Usage:
|
||
%{_sbindir}/matrix-synapse-generate-config servername
|
||
- fix group and shell for the synapse user
|
||
- added better-paths.patch
|
||
- put the pid file into /run/matrix-synapse/
|
||
- use a default logging config in /etc/matrix-synapse/log.yaml
|
||
to have systemd logging by default
|
||
- use full path in the service file
|
||
- actually use source 50 instead of the service file in the tarball
|
||
- make permissions tighter on the config files as it contains
|
||
passwords and other secrets:
|
||
root:synapse u=rwX,g=rX,o=
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jan 23 13:45:22 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.9.0.
|
||
|
||
WARNING: As of this release, Synapse no longer supports versions of SQLite
|
||
before 3.11, and will refuse to start when configured to use an older
|
||
version. Administrators are recommended to migrate their database to Postgres
|
||
(see instructions here).
|
||
|
||
WARNING: If your Synapse deployment uses workers, note that the reverse-proxy
|
||
configurations for the synapse.app.media_repository,
|
||
synapse.app.federation_reader and synapse.app.event_creator workers have
|
||
changed, with the addition of a few paths (see the updated configurations
|
||
here). Existing configurations will continue to work.
|
||
|
||
+ Allow admin to create or modify a user.
|
||
+ Add new quarantine media admin APIs to quarantine by media ID or by user
|
||
who uploaded the media.
|
||
+ Add a new admin API to list and filter rooms on the server.
|
||
+ Add org.matrix.e2e_cross_signing to unstable_features in /versions.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jan 10 13:41:50 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.8.0.
|
||
|
||
WARNING: As of this release Synapse will refuse to start if the log_file
|
||
config option is specified. Support for the option was removed in v1.3.0.
|
||
|
||
* Add v2 APIs for the send_join and send_leave federation endpoints (as
|
||
described in MSC1802).
|
||
* Add a develop script to generate full SQL schemas.
|
||
* Add custom SAML username mapping functinality through an external provider
|
||
plugin.
|
||
* Automatically delete empty groups/communities.
|
||
* Add option limit_profile_requests_to_users_who_share_rooms to prevent
|
||
requirement of a local user sharing a room with another user to query their
|
||
profile information.
|
||
* Add an export_signing_key script to extract the public part of signing keys
|
||
when rotating them.
|
||
* Add experimental config option to specify multiple databases.
|
||
* Raise an error if someone tries to use the log_file config option.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jan 1 03:26:40 UTC 2020 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.7.3.
|
||
|
||
* Fix exceptions caused by state resolution choking on malformed events.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Dec 21 00:57:27 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Use packaged service file not the one in the repo (the one in the repo is
|
||
completely broken for openSUSE).
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 20 18:09:31 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.7.2.
|
||
|
||
* Fix a regression introduced in Synapse 1.7.1 which caused errors when
|
||
attempting to backfill rooms over federation.
|
||
* Fix a bug introduced in Synapse 1.7.0 which caused an error on startup when
|
||
upgrading from versions before 1.3.0.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Dec 18 12:02:59 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.7.1.
|
||
|
||
This update fixes several major security issues. Users are very strongly
|
||
recommended to update as soon as possible.
|
||
|
||
* Fix a bug which could cause room events to be incorrectly authorized using
|
||
events from a different room.
|
||
* Fix a bug causing responses to the /context client endpoint to not use the
|
||
pruned version of the event.
|
||
* Fix a cause of state resets in room versions 2 onwards.
|
||
* Fix a bug which could cause the federation server to incorrectly return
|
||
errors when handling certain obscure event graphs.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Dec 13 13:23:59 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.7.0.
|
||
|
||
* Implement per-room message retention policies.
|
||
* Add etag and count fields to key backup endpoints to help clients guess if
|
||
there are new keys.
|
||
* Configure privacy-preserving settings by default for the room directory.
|
||
* Add ephemeral messages support by partially implementing MSC2228.
|
||
* Add support for MSC 2367, which allows specifying a reason on all
|
||
membership events.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
https://github.com/matrix-org/synapse/releases/tag/v1.7.0
|
||
Please make sure to read the Upgrade notes referenced in the
|
||
above.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 28 17:41:02 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Drop matrix-synapse-ldap from enabled conditional requirements, because the
|
||
package is not longer available in openSUSE repos. If someone really wants
|
||
the feature they can help re-package it.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 28 12:04:57 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.6.1.
|
||
|
||
* Clean up local threepids from user on account deactivation.
|
||
* Fix startup error when http proxy is defined.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 28 08:48:16 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.6.0.
|
||
|
||
+ Add federation support for cross-signing.
|
||
+ Increase default room version from 4 to 5, thereby enforcing server key
|
||
validity period checks.
|
||
+ Add support for outbound http proxying via http_proxy/HTTPS_PROXY env vars.
|
||
+ Implement label-based filtering on /sync and /messages (MSC2326).
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 18 11:16:03 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.5.1.
|
||
|
||
* Limit the length of data returned by url previews, to prevent DoS attacks.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Oct 30 02:20:29 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.5.0.
|
||
|
||
+ Improve quality of thumbnails for 1-bit/8-bit color palette images.
|
||
+ Add ability to upload cross-signing signatures.
|
||
+ Allow uploading of cross-signing keys.
|
||
+ CAS login now provides a default display name for users if a
|
||
displayname_attribute is set in the configuration file.
|
||
+ Reject all pending invites for a user during deactivation.
|
||
+ Add config option to suppress client side resource limit alerting.
|
||
|
||
* Improve signature checking on some federation APIs.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Oct 18 13:36:18 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.4.1.
|
||
|
||
* Fix bug where redacted events were sometimes incorrectly censored in the
|
||
database, breaking APIs that attempted to fetch such events.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 3 22:16:13 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Do not include ACME support by default (txacme is broken in openSUSE).
|
||
- Update to 1.4.0. boo#1153017
|
||
|
||
* Significant improvements to data privacy.
|
||
* Expansion of OpenTracing support.
|
||
* Enable "forward extremities" mitigation by default.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jul 25 16:18:56 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.2.0.
|
||
|
||
* Add support for OpenTracing.
|
||
* Add default push rule to ignore reactions.
|
||
* Enable aggregations (reactions and edits) support by default.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
- Remove unneeded patches:
|
||
- 0001-requirements-prometheus_client.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 5 15:29:57 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.1.0.
|
||
|
||
As of v1.1.0, Synapse no longer supports Python 2, nor Postgres version 9.4.
|
||
Thus, we no longer package a Python 2 version of this package. Some other key
|
||
changes include:
|
||
|
||
* Add monthly active users to phonehome stats.
|
||
* Allow server admins to define implementations of extra rules for allowing
|
||
or denying incoming events.
|
||
* Add --data-dir and --open-private-ports options.
|
||
* The minimum TLS version used for outgoing federation requests can now be
|
||
set with federation_client_minimum_tls_version.
|
||
* Optimise devices changed query to not pull unnecessary rows from the
|
||
database, reducing database load.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
- Rebase patches:
|
||
* 0001-requirements-prometheus_client.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jun 28 08:16:05 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Obsolete the old split-Python packages, so that upgrading works smoothly.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jun 25 10:48:03 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Un-Requires prometheus_client<0.4.0. The Requires made it impossible to use
|
||
matrix-synapse on openSUSE for very little good reason (prometheus metrics
|
||
will still work on post-0.4.0 prometheus_client, but with changed names).
|
||
Debian and many other distributions do the same here.
|
||
+ 0001-requirements-prometheus_client.patch
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jun 12 02:26:48 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 1.0.0.
|
||
|
||
This is the first stable release of synapse. It includes a large number of
|
||
changes but the highlights are:
|
||
|
||
* Ability to configured default room version (with the default now being v4,
|
||
which has improved state resolution algorithms and event IDs).
|
||
* The complete removal of "perspectives" support, with all homeservers now
|
||
being required to use valid TLS certificates (there has been a transition
|
||
period for several months from the release of 0.99).
|
||
* Experimental support for "relations" (reactions and edits).
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 31 00:04:50 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 0.99.5.2.
|
||
|
||
Fix bug where we leaked extremities when we soft failed events, leading to
|
||
performance degradation.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Tue May 28 01:18:34 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Rework testing to use a separate specfile for testing matrix-synapse.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu May 23 00:13:47 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 0.99.5.1.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 15 13:19:23 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 0.99.4.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed May 8 00:47:56 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 0.99.3.2.
|
||
|
||
This includes two security fixes:
|
||
* Switch to using a cryptographically-secure random number generator for
|
||
token strings, ensuring they cannot be predicted by an attacker.
|
||
* Blacklist 0.0.0.0 and :: by default for URL previews.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Apr 14 18:35:48 UTC 2019 - Aleksa Sarai <asarai@suse.com>
|
||
|
||
- Update to 0.99.3.
|
||
|
||
The primary changes to previous versions are that self-signed certificates
|
||
will no longer be generated, and instead LetsEncrypt certificates will be
|
||
requested instead. Users are strongly recommended to update to this version,
|
||
because pre-0.99 servers (using self-signed certificates and the perspectives
|
||
system) will no longer be able to federate with post-1.0 servers.
|
||
|
||
The full changelog is included in
|
||
/usr/share/doc/packages/matrix-synapse/CHANGES.md.
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Feb 20 11:42:00 UTC 2019 - Oliver Kurz <okurz@suse.com>
|
||
|
||
- Fix build on python3 based repos
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Feb 2 15:32:06 UTC 2019 - fcrozat@suse.com
|
||
|
||
- Fix systemd service to follow paths used by package and ensure
|
||
proper version version is used.
|
||
- Add explicit requires on python-lxml, required when using
|
||
url preview.
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Jan 14 07:44:26 UTC 2019 - ecsos@opensuse.org
|
||
|
||
- For test purpose a matrix server will be start. But never been
|
||
stopped. Fix that server will be stoped after test.
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jan 13 18:22:20 UTC 2019 - Oliver Kurz <okurz@suse.com>
|
||
|
||
- Update to 0.34.1.1
|
||
This release fixes CVE-2019-5885 and is recommended for all users of Synapse
|
||
0.34.1. This release is compatible with Python 2.7 and 3.5+. Python 3.7 is
|
||
fully supported.
|
||
* Bugfixes
|
||
- Fix spontaneous logout on upgrade (#4374)
|
||
* Internal Changes
|
||
- Add better logging for unexpected errors while sending transactions
|
||
(#4361, #4362)
|
||
- Getting URL previews of IP addresses no longer fails on Python 3.
|
||
(#4215)
|
||
- drop undocumented dependency on dateutil (#4266)
|
||
- Update the example systemd config to use a virtualenv (#4273)
|
||
- Update link to kernel DCO guide (#4274)
|
||
- Make isort tox check print diff when it fails (#4283)
|
||
- Log room_id in Unknown room errors (#4297)
|
||
- Documentation improvements for coturn setup. Contributed by Krithin
|
||
Sitaram. (#4333)
|
||
- Update pull request template to use absolute links (#4341)
|
||
- Update README to not lie about required restart when updating TLS
|
||
certificates (#4343)
|
||
- Update debian packaging for compatibility with transitional package
|
||
(#4349)
|
||
- Fix command hint to generate a config file when trying to start without
|
||
a config file (#4353)
|
||
- Add better logging for unexpected errors while sending transactions
|
||
(#4358)
|
||
* Features
|
||
- Special-case a support user for use in verifying behaviour of a given
|
||
server. The support user does not appear in user directory or monthly
|
||
active user counts. (#4141, #4344)
|
||
- Support for serving .well-known files (#4262)
|
||
- Rework SAML2 authentication (#4265, #4267)
|
||
- SAML2 authentication: Initialise user display name from SAML2 data
|
||
(#4272)
|
||
- Synapse can now have its conditional/extra dependencies installed by
|
||
pip. This functionality can be used by using `pip install
|
||
matrix-synapse[feature]`, where feature is a comma separated list with
|
||
the possible values `email.enable_notifs`, `matrix-synapse-ldap3`,
|
||
`postgres`, `resources.consent`, `saml2`, `url_preview`, and `test`. If
|
||
you want to install all optional dependencies, you can use "all"
|
||
instead. (#4298, #4325, #4327)
|
||
- Add routes for reading account data. (#4303)
|
||
- Add opt-in support for v2 rooms (#4307)
|
||
- Add a script to generate a clean config file (#4315)
|
||
- Return server data in /login response (#4319)
|
||
* Bugfixes
|
||
- Fix contains_url check to be consistent with other instances in
|
||
code-base and check that value is an instance of string. (#3405)
|
||
- Fix CAS login when username is not valid in an MXID (#4264)
|
||
- Send CORS headers for /media/config (#4279)
|
||
- Add 'sandbox' to CSP for media reprository (#4284)
|
||
- Make the new landing page prettier. (#4294)
|
||
- Fix deleting E2E room keys when using old SQLite versions. (#4295)
|
||
- The metric synapse_admin_mau:current previously did not update when
|
||
config.mau_stats_only was set to True (#4305)
|
||
- Fixed per-room account data filters (#4309)
|
||
- Fix indentation in default config (#4313)
|
||
- Fix synapse:latest docker upload (#4316)
|
||
- Fix test_metric.py compatibility with prometheus_client 0.5. Contributed
|
||
by Maarten de Vries <maarten@de-vri.es>. (#4317)
|
||
- Avoid packaging _trial_temp directory in -py3 debian packages (#4326)
|
||
- Check jinja version for consent resource (#4327)
|
||
- fix NPE in /messages by checking if all events were filtered out (#4330)
|
||
- Fix `python -m synapse.config` on Python 3. (#4356)
|
||
* Deprecations and Removals
|
||
- Remove the deprecated v1/register API on Python 2. It was never ported
|
||
to Python 3. (#4334)
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Dec 29 10:11:21 UTC 2018 - Oliver Kurz <okurz@suse.com>
|
||
|
||
- Switch to python3 by default on newer product versions as suggested by upstream
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Dec 23 10:00:29 UTC 2018 - ecsos@opensuse.org
|
||
|
||
- Update to 0.34.0
|
||
Synapse 0.34.0 is the first release to fully support Python 3.
|
||
Synapse will now run on Python versions 3.5 or 3.6
|
||
(as well as 2.7). Support for Python 3.7 remains experimental.
|
||
|
||
* Features
|
||
- Add 'sandbox' to CSP for media reprository (#4284)
|
||
- Make the new landing page prettier. (#4294)
|
||
- Fix deleting E2E room keys when using old SQLite versions. (#4295)
|
||
- Add a welcome page for the client API port. Credit to @krombel! (#4289)
|
||
- Remove Matrix console from the default distribution (#4290)
|
||
- Add option to track MAU stats (but not limit people) (#3830)
|
||
- Add an option to enable recording IPs for appservice users (#3831)
|
||
- Rename login type m.login.cas to m.login.sso (#4220)
|
||
- Add an option to disable search for homeservers that may not be interested in it. (#4230)
|
||
* Bugfixes
|
||
- Pushrules can now again be made with non-ASCII rule IDs. (#4165)
|
||
- The media repository now no longer fails to decode UTF-8 filenames when downloading remote media. (#4176)
|
||
- URL previews now correctly decode non-UTF-8 text if the header contains a <meta http-equiv="Content-Type" header. (#4183)
|
||
- Fix an issue where public consent URLs had two slashes. (#4192)
|
||
- Fallback auth now accepts the session parameter on Python 3. (#4197)
|
||
- Remove riot.im from the list of trusted Identity Servers in the default configuration (#4207)
|
||
- fix start up failure when mau_limit_reserved_threepids set and db is postgres (#4211)
|
||
- Fix auto join failures for servers that require user consent (#4223)
|
||
- Fix exception caused by non-ascii event IDs (#4241)
|
||
- Pushers can now be unsubscribed from on Python 3. (#4250)
|
||
- Fix UnicodeDecodeError when postgres is configured to give non-English errors (#4253)
|
||
* Internal Changes
|
||
- Debian packages utilising a virtualenv with bundled dependencies can now be built. (#4212)
|
||
- Disable pager when running git-show in CI (#4291)
|
||
- A coveragerc file has been added. (#4180)
|
||
- Add a GitHub pull request template and add multiple issue templates (#4182)
|
||
- Update README to reflect the fact that #1491 is fixed (#4188)
|
||
- Run the AS senders as background processes to fix warnings (#4189)
|
||
- Add some diagnostics to the tests to detect logcontext problems (#4190)
|
||
- Add missing jpeg package prerequisite for OpenBSD in README. (#4193)
|
||
- Add a note saying you need to manually reclaim disk space after using the Purge History API (#4200)
|
||
- More logcontext checking in unittests (#4205)
|
||
- Ignore __pycache__ directories in the database schema folder (#4214)
|
||
- Add note to UPGRADE.rst about removing riot.im from list of trusted identity servers (#4224)
|
||
- Added automated coverage reporting to CI. (#4225)
|
||
- Garbage-collect after each unit test to fix logcontext leaks (#4227)
|
||
- add more detail to logging regarding "More than one row matched" error (#4234)
|
||
- Drop sent_transactions table (#4244)
|
||
- Add a basic .editorconfig (#4257)
|
||
- Update README.rst and UPGRADE.rst for Python 3. (#4260)
|
||
- Remove obsolete verbose and log_file settings from homeserver.yaml for Docker image. (#4261)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Nov 21 18:47:13 UTC 2018 - ecsos@opensuse.org
|
||
|
||
- Update to 0.33.9
|
||
* Features
|
||
- Include flags to optionally add m.login.terms to the registration flow when consent tracking is enabled. (#4004, #4133, #4142, #4184)
|
||
- Support for replacing rooms with new ones (#4091, #4099, #4100, #4101)
|
||
* Bugfixes
|
||
- Fix exceptions when using the email mailer on Python 3. (#4095)
|
||
- Fix e2e key backup with more than 9 backup versions (#4113)
|
||
- Searches that request profile info now no longer fail with a 500. (#4122)
|
||
- fix return code of empty key backups (#4123)
|
||
- If the typing stream ID goes backwards (as on a worker when the master restarts), the worker's typing handler will no longer
|
||
erroneously report rooms containing new typing events. (#4127)
|
||
- Fix table lock of device_lists_remote_cache which could freeze the application (#4132)
|
||
- Fix exception when using state res v2 algorithm (#4135)
|
||
- Generating the user consent URI no longer fails on Python 3. (#4140, #4163)
|
||
- Loading URL previews from the DB cache on Postgres will no longer cause Unicode type errors when responding to the request,
|
||
and URL - - previews will no longer fail if the remote server returns a Content-Type header with the chartype in quotes. (#4157)
|
||
- The hash_password script now works on Python 3. (#4161)
|
||
- Fix noop checks when updating device keys, reducing spurious device list update notifications. (#4164)
|
||
* Deprecations and Removals
|
||
- The disused and un-specced identicon generator has been removed. (#4106)
|
||
- The obsolete and non-functional /pull federation endpoint has been removed. (#4118)
|
||
- The deprecated v1 key exchange endpoints have been removed. (#4119)
|
||
- Synapse will no longer fetch keys using the fallback deprecated v1 key exchange method and will now always use v2. (#4120)
|
||
* Internal Changes
|
||
- Fix build of Docker image with docker-compose (#3778)
|
||
- Delete unreferenced state groups during history purge (#4006)
|
||
- The "Received rdata" log messages on workers is now logged at DEBUG, not INFO. (#4108)
|
||
- Reduce replication traffic for device lists (#4109)
|
||
- Fix synapse_replication_tcp_protocol_*_commands metric label to be full command name, rather than just the first character (#4110)
|
||
- Log some bits about room creation (#4121)
|
||
- Fix tox failure on old systems (#4124)
|
||
- Add STATE_V2_TEST room version (#4128)
|
||
- Clean up event accesses and tests (#4137)
|
||
- The default logging config will now set an explicit log file encoding of UTF-8. (#4138)
|
||
- Add helpers functions for getting prev and auth events of an event (#4139)
|
||
- Add some tests for the HTTP pusher. (#4149)
|
||
- add purge_history.sh and purge_remote_media.sh scripts to contrib/ (#4155)
|
||
- HTTP tests have been refactored to contain less boilerplate. (#4156)
|
||
- Drop incoming events from federation for unknown rooms (#4165)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Nov 1 22:28:54 UTC 2018 - ecsos@opensuse.org
|
||
|
||
- Update to 0.33.8
|
||
* Features
|
||
- Servers with auto-join rooms will now automatically create those rooms when the first user registers (#3975)
|
||
- Add config option to control alias creation (#4051)
|
||
- The register_new_matrix_user script is now ported to Python 3. (#4085)
|
||
- Configure Docker image to listen on both ipv4 and ipv6. (#4089)
|
||
* Bugfixes
|
||
- Fix HTTP error response codes for federated group requests. (#3969)
|
||
- Fix issue where Python 3 users couldn't paginate /publicRooms (#4046)
|
||
- Fix URL previewing to work in Python 3.7 (#4050)
|
||
- synctl will use the right python executable to run worker processes (#4057)
|
||
- Manhole now works again on Python 3, instead of failing with a "couldn't match all kex parts" when connecting. (#4060, #4067)
|
||
- Fix some metrics being racy and causing exceptions when polled by Prometheus. (#4061)
|
||
- Fix bug which prevented email notifications from being sent unless an absolute path was given for email_templates. (#4068)
|
||
- Correctly account for cpu usage by background threads (#4074)
|
||
- Fix race condition where config defined reserved users were not being added to
|
||
- the monthly active user list prior to the homeserver reactor firing up (#4081)
|
||
- Fix bug which prevented backslashes being used in event field filters (#4083)
|
||
* Internal Changes
|
||
- Add information about the matrix-docker-ansible-deploy playbook (#3698)
|
||
- Add initial implementation of new state resolution algorithm (#3786)
|
||
- Reduce database load when fetching state groups (#4011)
|
||
- Various cleanups in the federation client code (#4031)
|
||
- Run the CircleCI builds in docker containers (#4041)
|
||
- Only colourise synctl output when attached to tty (#4049)
|
||
- Refactor room alias creation code (#4063)
|
||
- Make the Python scripts in the top-level scripts folders meet pep8 and pass flake8. (#4068)
|
||
- The README now contains example for the Caddy web server. Contributed by steamp0rt. (#4072)
|
||
- Add psutil as an explicit dependency (#4073)
|
||
- Clean up threading and logcontexts in pushers (#4075)
|
||
- Correctly manage logcontexts during startup to fix some "Unexpected logging context" warnings (#4076)
|
||
- Give some more things logcontexts (#4077)
|
||
- Clean up some bits of code which were flagged by the linter (#4082)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Oct 18 20:32:10 UTC 2018 - ecsos@opensuse.org
|
||
|
||
- Update to 0.33.7
|
||
* Features
|
||
- Ship the example email templates as part of the package (#4052)
|
||
- Add support for end-to-end key backup (MSC1687) (#4019)
|
||
* Bugfixes
|
||
- Fix bug which made get_missing_events return too few events (#4045)
|
||
- Fix bug in event persistence logic which caused 'NoneType is not iterable' (#3995)
|
||
- Fix exception in background metrics collection (#3996)
|
||
- Fix exception handling in fetching remote profiles (#3997)
|
||
- Fix handling of rejected threepid invites (#3999)
|
||
- Workers now start on Python 3. (#4027)
|
||
- Synapse now starts on Python 3.7. (#4033)
|
||
* Internal Changes
|
||
- Log exceptions in looping calls (#4008)
|
||
- Optimisation for serving federation requests (#4017)
|
||
- Add metric to count number of non-empty sync responses (#4022)
|
||
|
||
-------------------------------------------------------------------
|
||
Sat Oct 6 08:42:56 UTC 2018 - ecsos@opensuse.org
|
||
|
||
- Update to 0.33.6
|
||
* Features
|
||
- Adding the ability to change MAX_UPLOAD_SIZE for the docker container variables. (#3883)
|
||
- Report "python_version" in the phone home stats (#3894)
|
||
- Always LL ourselves if we're in a room (#3916)
|
||
- Include eventid in log lines when processing incoming federation transactions (#3959)
|
||
- Remove spurious check which made 'localhost' servers not work (#3964)
|
||
* Bugfixes
|
||
- Fix problem when playing media from Chrome using direct URL (thanks @remjey!) (#3578)
|
||
- support registering regular users non-interactively with register_new_matrix_user script (#3836)
|
||
- Fix broken invite email links for self hosted riots (#3868)
|
||
- Don't ratelimit autojoins (#3879)
|
||
- Fix 500 error when deleting unknown room alias (#3889)
|
||
- Fix some b'abcd' noise in logs and metrics (#3892, #3895)
|
||
- When we join a room, always try the server we used for the alias lookup first, to avoid unresponsive and out-of-date servers. (#3899)
|
||
- Fix incorrect server-name indication for outgoing federation requests (#3907)
|
||
- Fix adding client IPs to the database failing on Python 3. (#3908)
|
||
- Fix bug where things occaisonally were not being timed out correctly. (#3910)
|
||
- Fix bug where outbound federation would stop talking to some servers when using workers (#3914)
|
||
- Fix some instances of ExpiringCache not expiring cache items (#3932, #3980)
|
||
- Fix out-of-bounds error when LLing yourself (#3936)
|
||
- Sending server notices regarding user consent now works on Python 3. (#3938)
|
||
- Fix exceptions from metrics handler (#3956)
|
||
- Fix error message for events with m.room.create missing from auth_events (#3960)
|
||
- Fix errors due to concurrent monthly_active_user upserts (#3961)
|
||
- Fix exceptions when processing incoming events over federation (#3968)
|
||
- Replaced all occurences of e.message with str(e). Contributed by Schnuffle (#3970)
|
||
- Fix lazy loaded sync in the presence of rejected state events (#3986)
|
||
- Fix error when logging incomplete HTTP requests (#3990)
|
||
* Internal Changes
|
||
- Unit tests can now be run under PostgreSQL in Docker using test_postgresql.sh. (#3699)
|
||
- Speed up calculation of typing updates for replication (#3794)
|
||
- Remove documentation regarding installation on Cygwin, the use of WSL is recommended instead. (#3873)
|
||
- Fix typo in README, synaspse -> synapse (#3897)
|
||
- Increase the timeout when filling missing events in federation requests (#3903)
|
||
- Improve the logging when handling a federation transaction (#3904, #3966)
|
||
- Improve logging of outbound federation requests (#3906, #3909)
|
||
- Fix the docker image building on python 3 (#3911)
|
||
- Add a regression test for logging failed HTTP requests on Python 3. (#3912)
|
||
- Comments and interface cleanup for on_receive_pdu (#3924)
|
||
- Fix spurious exceptions when remote http client closes conncetion (#3925)
|
||
- Log exceptions thrown by background tasks (#3927)
|
||
- Add a cache to get_destination_retry_timings (#3933, #3991)
|
||
- Automate pushes to docker hub (#3946)
|
||
- Require attrs 16.0.0 or later (#3947)
|
||
- Fix incompatibility with python3 on alpine (#3948)
|
||
- Run the test suite on the oldest supported versions of our dependencies in CI. (#3952)
|
||
- CircleCI now only runs merged jobs on PRs, and commit jobs on develop, master, and release branches. (#3957)
|
||
- Fix docstrings and add tests for state store methods (#3958)
|
||
- fix docstring for FederationClient.get_state_for_room (#3963)
|
||
- Run notify_app_services as a bg process (#3965)
|
||
- Clarifications in FederationHandler (#3967)
|
||
- Further reduce the docker image size (#3972)
|
||
- Build py3 docker images for docker hub too (#3976)
|
||
- Updated the installation instructions to point to the matrix-synapse package on PyPI. (#3985)
|
||
- Disable USE_FROZEN_DICTS for unittests by default. (#3987)
|
||
- Remove unused Jenkins and development related files from the repo. (#3988)
|
||
- Improve stacktraces in certain exceptions in the logs (#3989)
|
||
- Pin to prometheus_client<0.4 to avoid renaming all of our metrics (#4002)
|
||
|
||
- Changes from 0.33.5.1
|
||
* Internal Changes
|
||
- Fix incompatibility with older Twisted version in tests. Thanks @OlegGirko! (#3940)
|
||
|
||
- Changes from 0.33.5
|
||
* Features
|
||
- Python 3.5 and 3.6 support is now in beta. (#3576)
|
||
- Implement event_format filter param in /sync (#3790)
|
||
- Add synapse_admin_mau:registered_reserved_users metric to expose number of real reaserved users (#3846)
|
||
* Bugfixes
|
||
- Remove connection ID for replication prometheus metrics, as it creates a large number of new series. (#3788)
|
||
- guest users should not be part of mau total (#3800)
|
||
- Bump dependency on pyopenssl 16.x, to avoid incompatibility with recent Twisted. (#3804)
|
||
- Fix existing room tags not coming down sync when joining a room (#3810)
|
||
- Fix jwt import check (#3824)
|
||
- fix VOIP crashes under Python 3 (#3821) (#3835)
|
||
- Fix manhole so that it works with latest openssh clients (#3841)
|
||
- Fix outbound requests occasionally wedging, which can result in federation breaking between servers. (#3845)
|
||
- Show heroes if room name/canonical alias has been deleted (#3851)
|
||
- Fix handling of redacted events from federation (#3859)
|
||
- (#3874)
|
||
- Mitigate outbound federation randomly becoming wedged (#3875)
|
||
* Internal Changes
|
||
- CircleCI tests now run on the potential merge of a PR. (#3704)
|
||
- http/ is now ported to Python 3. (#3771)
|
||
- Improve human readable error messages for threepid registration/account update (#3789)
|
||
- Make /sync slightly faster by avoiding needless copies (#3795)
|
||
- handlers/ is now ported to Python 3. (#3803)
|
||
- Limit the number of PDUs/EDUs per federation transaction (#3805)
|
||
- Only start postgres instance for postgres tests on Travis CI (#3806)
|
||
- tests/ is now ported to Python 3. (#3808)
|
||
- crypto/ is now ported to Python 3. (#3822)
|
||
- rest/ is now ported to Python 3. (#3823)
|
||
- add some logging for the keyring queue (#3826)
|
||
- speed up lazy loading by 2-3x (#3827)
|
||
- Improved Dockerfile to remove build requirements after building reducing the image size. (#3834)
|
||
- Disable lazy loading for incremental syncs for now (#3840)
|
||
- federation/ is now ported to Python 3. (#3847)
|
||
- Log when we retry outbound requests (#3853)
|
||
- Removed some excess logging messages. (#3855)
|
||
- Speed up purge history for rooms that have been previously purged (#3856)
|
||
- Refactor some HTTP timeout code. (#3857)
|
||
- Fix running merged builds on CircleCI (#3858)
|
||
- Fix typo in replication stream exception. (#3860)
|
||
- Add in flight real time metrics for Measure blocks (#3871)
|
||
- Disable buffering and automatic retrying in treq requests to prevent timeouts. (#3872)
|
||
- mention jemalloc in the README (#3877)
|
||
- Remove unmaintained "nuke-room-from-db.sh" script (#3888)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Sep 11 10:03:08 UTC 2018 - fcrozat@suse.com
|
||
|
||
- Update to version 0.33.4:
|
||
* Features:
|
||
- Support profile API endpoints on workers (#3659)
|
||
- Server notices for resource limit blocking (#3680)
|
||
- Allow guests to use /rooms/:roomId/event/:eventId (#3724)
|
||
- Add mau_trial_days config param, so that users only get counted as MAU after N days. (#3749)
|
||
- Require twisted 17.1 or later (fixes #3741). (#3751)
|
||
* Bugfixes:
|
||
- Fix error collecting prometheus metrics when run on dedicated thread due to threading concurrency issues (#3722)
|
||
- Fix bug where we resent “limit exceeded” server notices repeatedly (#3747)
|
||
- Fix bug where we broke sync when using limit_usage_by_mau but hadn’t configured server notices (#3753)
|
||
- Fix ‘federation_domain_whitelist’ such that an empty list correctly blocks all outbound federation traffic (#3754)
|
||
- Fix tagging of server notice rooms (#3755, #3756)
|
||
- Fix ‘admin_uri’ config variable and error parameter to be ‘admin_contact’ to match the spec. (#3758)
|
||
- Don’t return non-LL-member state in incremental sync state blocks (#3760)
|
||
- Fix bug in sending presence over federation (#3768)
|
||
- Fix bug where preserved threepid user comes to sign up and server is mau blocked (#3777)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Sep 6 12:24:04 UTC 2018 - fcrozat@suse.com
|
||
|
||
- Update to version 0.33.3.1:
|
||
* SECURITY FIXES:
|
||
- Fix an issue where event signatures were not always correctly validated (#3796)
|
||
- Fix an issue where server_acls could be circumvented for incoming events (#3796)
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Aug 27 13:30:05 UTC 2018 - fcrozat@suse.com
|
||
|
||
- Update to version 0.33.3:
|
||
* Features:
|
||
- Add support for the SNI extension to federation TLS connections. Thanks to @vojeroen! (#3439)
|
||
- Add /_media/r0/config (#3184)
|
||
- speed up /members API and add at and membership params as per MSC1227 (#3568)
|
||
- implement summary block in /sync response as per MSC688 (#3574)
|
||
- Add lazy-loading support to /messages as per MSC1227 (#3589)
|
||
- Add ability to limit number of monthly active users on the server (#3633)
|
||
- Support more federation endpoints on workers (#3653)
|
||
- Basic support for room versioning (#3654)
|
||
- Ability to disable client/server Synapse via conf toggle (#3655)
|
||
- Ability to whitelist specific threepids against monthly active user limiting (#3662)
|
||
- Add some metrics for the appservice and federation event sending loops (#3664)
|
||
- Where server is disabled, block ability for locked out users to read new messages (#3670)
|
||
- set admin uri via config, to be used in error messages where the user should contact the administrator (#3687)
|
||
- Synapse's presence functionality can now be disabled with the "use_presence" configuration option. (#3694)
|
||
- For resource limit blocked users, prevent writing into rooms (#3708)
|
||
* Bugfixes:
|
||
- Fix occasional glitches in the synapse_event_persisted_position metric (#3658)
|
||
- Fix bug on deleting 3pid when using identity servers that don't support unbind API (#3661)
|
||
- Make the tests pass on Twisted < 18.7.0 (#3676)
|
||
- Don’t ship recaptcha_ajax.js, use it directly from Google (#3677)
|
||
- Fixes test_reap_monthly_active_users so it passes under postgres (#3681)
|
||
- Fix mau blocking calulation bug on login (#3689)
|
||
- Fix missing yield in synapse.storage.monthly_active_users.initialise_reserved_users (#3692)
|
||
- Improve HTTP request logging to include all requests (#3700)
|
||
- Avoid timing out requests while we are streaming back the response (#3701)
|
||
- Support more federation endpoints on workers (#3705, #3713)
|
||
- Fix "Starting db txn 'get_all_updated_receipts' from sentinel context" warning (#3710)
|
||
- Fix bug where state_cache cache factor ignored environment variables (#3719)
|
||
* Deprecations and Removals:
|
||
- The Shared-Secret registration method of the legacy v1/register REST endpoint has been removed. For a replacement, please see the admin/register API documentation. (#3703)
|
||
|
||
- Changes from version 0.33.2:
|
||
* Features:
|
||
- add support for the lazy_loaded_members filter as per MSC1227 (#2970)
|
||
- add support for the include_redundant_members filter param as per MSC1227 (#3331)
|
||
- Add metrics to track resource usage by background processes (#3553, #3556, #3604, #3610)
|
||
- Add code label to synapse_http_server_response_time_seconds prometheus metric (#3554)
|
||
- Add support for client_reader to handle more APIs (#3555, #3597)
|
||
- make the /context API filter & lazy-load aware as per MSC1227 (#3567)
|
||
- Add ability to limit number of monthly active users on the server (#3630)
|
||
- When we fail to join a room over federation, pass the error code back to the client. (#3639)
|
||
- Add a new /admin/register API for non-interactively creating users. (#3415)
|
||
* Bugfixes:
|
||
- Make /directory/list API return 404 for room not found instead of 400. Thanks to @fuzzmz! (#3620)
|
||
- Default inviter_display_name to mxid for email invites (#3391)
|
||
- Don't generate TURN credentials if no TURN config options are set (#3514)
|
||
- Correctly announce deleted devices over federation (#3520)
|
||
- Catch failures saving metrics captured by Measure, and instead log the faulty metrics information for further analysis. (#3548)
|
||
- Unicode passwords are now normalised before hashing, preventing the instance where two different devices or browsers might send a different UTF-8 sequence for the password. (#3569)
|
||
- Fix potential stack overflow and deadlock under heavy load (#3570)
|
||
- Respond with M_NOT_FOUND when profiles are not found locally or over federation. Fixes #3585 (#3585)
|
||
- Fix failure to persist events over federation under load (#3601)
|
||
- Fix updating of cached remote profiles (#3605)
|
||
- Fix 'tuple index out of range' error (#3607)
|
||
- Only import secrets when available (fix for py < 3.6) (#3626)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Aug 9 07:04:39 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to 0.33.1
|
||
* Bug Fixes:
|
||
* Fix a potential issue where servers could request events for rooms they
|
||
have not joined
|
||
* Fix a potential issue where users could see events in private rooms
|
||
before they joined
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Jul 20 19:32:51 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to 0.33.0
|
||
* Bug Fixes:
|
||
* Use more portable syntax in our use of the attrs package, widening the supported versions (#3498)
|
||
* Fix queued federation requests being processed in the wrong order (#3533)
|
||
* Ensure that erasure requests are correctly honoured for publicly accessible rooms when accessed over federation. (#3546)
|
||
* Disable a noisy warning about logcontexts (#3561)
|
||
|
||
* Features:
|
||
* Enforce the specified API for report_event (#3316)
|
||
* Include CPU time from database threads in request/block metrics. (#3496, #3501)
|
||
* Add CPU metrics for _fetch_event_list (#3497)
|
||
* optimisation for /sync (#3505, #3521)
|
||
* Optimisation to make handling incoming federation requests more efficient. (#3541)
|
||
|
||
-------------------------------------------------------------------
|
||
Wed Jul 11 04:35:16 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to 0.32.2
|
||
* Bug Fixes:
|
||
* Strip access_token from outgoing requests (#3327)
|
||
* Redact AS tokens in logs (#3349)
|
||
* Fix federation backfill from SQLite servers (#3355)
|
||
* Fix event-purge-by-ts admin API (#3363)
|
||
* Fix event filtering in get_missing_events handler (#3371)
|
||
* Synapse is now stricter regarding accepting events which it cannot
|
||
retrieve the prev_events for. (#3456)
|
||
* Fix bug where synapse would explode when receiving unicode in HTTP
|
||
User-Agent header (#3470)
|
||
* Invalidate cache on correct thread to avoid race (#3473)
|
||
|
||
* Features:
|
||
* Add blacklist & whitelist of servers allowed to send events to a
|
||
room via ``m.room.server_acl`` event.
|
||
* Cache factor override system for specific caches (#3334)
|
||
* Add metrics to track appservice transactions (#3344)
|
||
* Try to log more helpful info when a sig verification fails (#3372)
|
||
* Synapse now uses the best performing JSON encoder/decoder according
|
||
to your runtime (simplejson on CPython, stdlib json on PyPy). (#3462)
|
||
* Add optional ip_range_whitelist param to AS registration files to
|
||
lock AS IP access (#3465)
|
||
* Reject invalid server names in federation requests (#3480)
|
||
* Reject invalid server names in homeserver.yaml (#3483)
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 10 13:36:51 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version 0.31.2:
|
||
* Bug Fixes:
|
||
* SECURITY UPDATE: Prevent unauthorised users from setting state events in
|
||
a room when there is no ``m.room.power_levels`` event in force in the
|
||
room. (PR #3397)
|
||
|
||
- Change to package version format without leading "v"
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 10 11:07:11 UTC 2018 - okurz@suse.com
|
||
|
||
- Replace deprecated tar_scm by obs_scm
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jun 10 13:37:54 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version v0.31.1:
|
||
* Bug Fixes:
|
||
* Fix event filtering in get_missing_events handler (PR #3371)
|
||
(boo#1096833, CVE-2018-12291)
|
||
* Fix metric documentation tables (PR #3341)
|
||
* Fix LaterGauge error handling (694968f)
|
||
* Fix replication metrics (b7e7fd2)
|
||
* Fix federation backfill bugs (PR #3261)
|
||
* federation: fix LaterGauge usage (PR #3328) Thanks to @intelfx!
|
||
* Fix logcontext resource usage tracking (PR #3258)
|
||
* Fix error in handling receipts (PR #3235)
|
||
* Stop the transaction cache caching failures (PR #3255)
|
||
|
||
* Features:
|
||
* Let users leave the server notice room after joining (PR #3287)
|
||
* Add in flight request metrics (PR #3252)
|
||
|
||
* Changes:
|
||
* Switch to the Python Prometheus library (PR #3256, #3274)
|
||
* Cohort analytics (PR #3163, #3241, #3251)
|
||
* Add lxml to docker image for web previews (PR #3239) Thanks to @ptman!
|
||
* daily user type phone home stats (PR #3264)
|
||
* Docs on consent bits (PR #3268)
|
||
* Remove users from user directory on deactivate (PR #3277)
|
||
* Avoid sending consent notice to guest users (PR #3288)
|
||
* disable CPUMetrics if no /proc/self/stat (PR #3299)
|
||
* Add private IPv6 addresses to example config for url preview blacklist (PR #3317) Thanks to @thegcat!
|
||
* Allow overriding the server_notices user's avatar (PR #3273)
|
||
* Support for putting %(consent_uri)s in messages (PR #3271)
|
||
* Block attempts to send server notices to remote users (PR #3270)
|
||
* Docs on consent bits (PR #3268)
|
||
* ConsentResource to gather policy consent from users (PR #3213)
|
||
* Infrastructure for a server notices room (PR #3232)
|
||
* Send users a server notice about consent (PR #3236)
|
||
* Reject attempts to send event before privacy consent is given (PR #3257)
|
||
* Don't support limitless pagination (PR #3265)
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 18 22:00:00 UTC 2018 - cunix@bitmessage.ch
|
||
|
||
- Update to version v0.29.1:
|
||
* Potentially breaking change:
|
||
* Make Client-Server API return 401 for invalid token (PR #3161). Thanks to @NotAFile.
|
||
|
||
* Bug Fixes:
|
||
* synapse fails to start under Twisted >= 18.4 (PR #3157)
|
||
* Fix a class of logcontext leaks (PR #3170)
|
||
* Fix a couple of logcontext leaks in unit tests (PR #3172)
|
||
* Fix logcontext leak in media repo (PR #3174)
|
||
* Escape label values in prometheus metrics (PR #3175, #3186)
|
||
* Fix 'Unhandled Error' logs with Twisted 18.4 (PR #3182) Thanks to @Half-Shot!
|
||
* Fix logcontext leaks in rate limiter (PR #3183)
|
||
* notifications: Convert next_token to string according to the spec (PR #3190) Thanks to @mujx!
|
||
* nuke-room-from-db.sh: fix deletion from search table (PR #3194) Thanks to @rubo77!
|
||
* add guard for None on purge_history api (PR #3160) Thanks to @krombel!
|
||
|
||
* Features:
|
||
* Add a Dockerfile for synapse (PR #2846) Thanks to @kaiyou!
|
||
|
||
* Changes:
|
||
* Update docker documentation (PR #3222)
|
||
|
||
* nuke-room-from-db.sh: added postgresql option and help (PR #2337) Thanks to @rubo77!
|
||
* Part user from rooms on account deactivate (PR #3201)
|
||
* Make 'unexpected logging context' into warnings (PR #3007)
|
||
* Set Server header in SynapseRequest (PR #3208)
|
||
* remove duplicates from groups tables (PR #3129)
|
||
* Improve exception handling for background processes (PR #3138)
|
||
* Add missing consumeErrors to improve exception handling (PR #3139)
|
||
* reraise exceptions more carefully (PR #3142)
|
||
* Remove redundant call to preserve_fn (PR #3143)
|
||
* Trap exceptions thrown within run_in_background (PR #3144)
|
||
|
||
* Refactor /context to reuse pagination storage functions (PR #3193)
|
||
* Refactor recent events func to use pagination func (PR #3195)
|
||
* Refactor pagination DB API to return concrete type (PR #3196)
|
||
* Refactor get_recent_events_for_room return type (PR #3198)
|
||
* Refactor sync APIs to reuse pagination API (PR #3199)
|
||
* Remove unused code path from member change DB func (PR #3200)
|
||
* Refactor request handling wrappers (PR #3203)
|
||
* transaction_id, destination defined twice (PR #3209) Thanks to @damir-manapov!
|
||
* Refactor event storage to prepare for changes in state calculations (PR #3141)
|
||
* Set Server header in SynapseRequest (PR #3208)
|
||
* Use deferred.addTimeout instead of time_bound_deferred (PR #3127, #3178)
|
||
* Use run_in_background in preference to preserve_fn (PR #3140)
|
||
|
||
* Construct HMAC as bytes on py3 (PR #3156) Thanks to @NotAFile!
|
||
* run config tests on py3 (PR #3159) Thanks to @NotAFile!
|
||
* Open certificate files as bytes (PR #3084) Thanks to @NotAFile!
|
||
* Open config file in non-bytes mode (PR #3085) Thanks to @NotAFile!
|
||
* Make event properties raise AttributeError instead (PR #3102) Thanks to @NotAFile!
|
||
* Use six.moves.urlparse (PR #3108) Thanks to @NotAFile!
|
||
* Add py3 tests to tox with folders that work (PR #3145) Thanks to @NotAFile!
|
||
* Don't yield in list comprehensions (PR #3150) Thanks to @NotAFile!
|
||
* Move more xrange to six (PR #3151) Thanks to @NotAFile!
|
||
* make imports local (PR #3152) Thanks to @NotAFile!
|
||
* move httplib import to six (PR #3153) Thanks to @NotAFile!
|
||
* Replace stringIO imports with six (PR #3154, #3168) Thanks to @NotAFile!
|
||
* more bytes strings (PR #3155) Thanks to @NotAFile!
|
||
|
||
-------------------------------------------------------------------
|
||
Mon May 14 20:32:40 UTC 2018 - okurz@suse.com
|
||
|
||
- Fixed systemd service file installation
|
||
- Fixed rpmlint warnings
|
||
- Changed to specific "synapse" user and group
|
||
|
||
-------------------------------------------------------------------
|
||
Fri May 4 11:18:46 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version v0.28.1:
|
||
* SECURITY UPDATE
|
||
Clamp the allowed values of event depth received over federation to be
|
||
[0, 2^63 - 1]. This mitigates an attack where malicious events
|
||
injected with depth = 2^63 - 1 render rooms unusable. Depth is used to
|
||
determine the cosmetic ordering of events within a room, and so the ordering
|
||
of events in such a room will default to using stream_ordering rather than depth
|
||
(topological_ordering).
|
||
|
||
This is a temporary solution to mitigate abuse in the wild, whilst a long term solution
|
||
is being implemented to improve how the depth parameter is used.
|
||
|
||
Full details at
|
||
https://docs.google.com/document/d/1I3fi2S-XnpO45qrpCsowZv8P8dHcNZ4fsBsbOW7KABI/edit#
|
||
|
||
Pin Twisted to <18.4 until we stop using the private _OpenSSLECCurve API.
|
||
|
||
* Bug Fixes:
|
||
* Return 401 for invalid access_token on logout (PR #2938) Thanks to @dklug!
|
||
* Return a 404 rather than a 500 on rejoining empty rooms (PR #3080)
|
||
* fix federation_domain_whitelist (PR #3099)
|
||
* Avoid creating events with huge numbers of prev_events (PR #3113)
|
||
* Reject events which have lots of prev_events (PR #3118)
|
||
* Fix quarantine media admin API and search reindex (PR #3130)
|
||
* Fix media admin APIs (PR #3134)
|
||
|
||
* Features:
|
||
* Add metrics for event processing lag (PR #3090)
|
||
* Add metrics for ResponseCache (PR #3092)
|
||
|
||
* Changes:
|
||
* Synapse on PyPy (PR #2760) Thanks to @Valodim!
|
||
* move handling of auto_join_rooms to RegisterHandler (PR #2996) Thanks to @krombel!
|
||
* Improve handling of SRV records for federation connections (PR #3016) Thanks to @silkeh!
|
||
* Document the behaviour of ResponseCache (PR #3059)
|
||
* Preparation for py3 (PR #3061, #3073, #3074, #3075, #3103, #3104, #3106, #3107, #3109, #3110) Thanks to @NotAFile!
|
||
* update prometheus dashboard to use new metric names (PR #3069) Thanks to @krombel!
|
||
* use python3-compatible prints (PR #3074) Thanks to @NotAFile!
|
||
* Send federation events concurrently (PR #3078)
|
||
* Limit concurrent event sends for a room (PR #3079)
|
||
* Improve R30 stat definition (PR #3086)
|
||
* Send events to ASes concurrently (PR #3088)
|
||
* Refactor ResponseCache usage (PR #3093)
|
||
* Clarify that SRV may not point to a CNAME (PR #3100) Thanks to @silkeh!
|
||
* Use str(e) instead of e.message (PR #3103) Thanks to @NotAFile!
|
||
* Use six.itervalues in some places (PR #3106) Thanks to @NotAFile!
|
||
* Refactor store.have_events (PR #3117)
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 27 06:19:26 UTC 2018 - okurz@suse.com
|
||
|
||
- Disable web-client for package self-test to get rid of unfulfilled dependency
|
||
|
||
-------------------------------------------------------------------
|
||
Fri Apr 20 18:32:40 UTC 2018 - okurz@suse.com
|
||
|
||
- Introduce package self-test based on _multibuild
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Apr 16 19:47:23 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version v0.27.4:
|
||
* Bug fixes:
|
||
* URL quote path segments over federation (#3082)
|
||
* Add room_id to the response of rooms/{roomId}/join (PR #2986) Thanks to @jplatte!
|
||
* Fix replication after switch to simplejson (PR #3015)
|
||
* Fix replication after switch to simplejson (PR #3015)
|
||
* 404 correctly on missing paths via NoResource (PR #3022)
|
||
* Fix error when claiming e2e keys from offline servers (PR #3034)
|
||
* fix tests/storage/test_user_directory.py (PR #3042)
|
||
* use PUT instead of POST for federating groups/m.join_policy (PR #3070) Thanks to @krombel!
|
||
* postgres port script: fix state_groups_pkey error (PR #3072)
|
||
|
||
* Features:
|
||
* Add joinability for groups (PR #3045)
|
||
* Implement group join API (PR #3046)
|
||
* Add counter metrics for calculating state delta (PR #3033)
|
||
* R30 stats (PR #3041)
|
||
* Measure time it takes to calculate state group ID (PR #3043)
|
||
* Add basic performance statistics to phone home (PR #3044)
|
||
* Add response size metrics (PR #3071)
|
||
* phone home cache size configurations (PR #3063)
|
||
|
||
* Changes:
|
||
* Update canonicaljson dependency (#3095)
|
||
* Add a blurb explaining the main synapse worker (PR #2886) Thanks to @turt2live!
|
||
* Replace old style error catching with 'as' keyword (PR #3000) Thanks to @NotAFile!
|
||
* Use .iter* to avoid copies in StateHandler (PR #3006)
|
||
* Linearize calls to _generate_user_id (PR #3029)
|
||
* Remove last usage of ujson (PR #3030)
|
||
* Use simplejson throughout (PR #3048)
|
||
* Use static JSONEncoders (PR #3049)
|
||
* Remove uses of events.content (PR #3060)
|
||
* Improve database cache performance (PR #3068)
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Mar 29 05:51:42 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version v0.27.2:
|
||
* Bug fixes:
|
||
* Fix bug which broke TCP replication between workers (PR #3015)
|
||
* Fix broken ldap_config config option (PR #2683) Thanks to @seckrv!
|
||
* Fix error message when user is not allowed to unban (PR #2761) Thanks to
|
||
@turt2live!
|
||
* Fix publicised groups GET API (singular) over federation (PR #2772)
|
||
* Fix user directory when using user_directory_search_all_users config
|
||
option (PR #2803, #2831)
|
||
* Fix error on /publicRooms when no rooms exist (PR #2827)
|
||
* Fix bug in quarantine_media (PR #2837)
|
||
* Fix url_previews when no Content-Type is returned from URL (PR #2845)
|
||
* Fix rare race in sync API when joining room (PR #2944)
|
||
* Fix slow event search, switch back from GIST to GIN indexes (PR #2769,
|
||
#2848)
|
||
|
||
* Fix bug where an invalid event caused server to stop functioning
|
||
correctly, due to parsing and serializing bugs in ujson library.
|
||
|
||
* Features:
|
||
* Add ability for ASes to override message send time (PR #2754)
|
||
* Add support for custom storage providers for media repository (PR #2867,
|
||
#2777, #2783, #2789, #2791, #2804, #2812, #2814, #2857, #2868, #2767)
|
||
* Add purge API features, see docs/admin_api/purge_history_api.rst for
|
||
full details (PR #2858, #2867, #2882, #2946, #2962, #2943)
|
||
* Add support for whitelisting 3PIDs that users can register. (PR #2813)
|
||
* Add /room/{id}/event/{id} API (PR #2766)
|
||
* Add an admin API to get all the media in a room (PR #2818) Thanks to
|
||
@turt2live!
|
||
* Add federation_domain_whitelist option (PR #2820, #2821)
|
||
|
||
* Changes:
|
||
* Continue to factor out processing from main process and into worker
|
||
processes. See updated docs/workers.rst (PR #2892 - #2904, #2913, #2920
|
||
- #2926, #2947, #2847, #2854, #2872, #2873, #2874, #2928, #2929, #2934,
|
||
#2856, #2976 - #2984, #2987 - #2989, #2991 - #2993, #2995, #2784)
|
||
* Ensure state cache is used when persisting events (PR #2864, #2871,
|
||
#2802, #2835, #2836, #2841, #2842, #2849)
|
||
* Change the default config to bind on both IPv4 and IPv6 on all platforms
|
||
(PR #2435) Thanks to @silkeh!
|
||
* No longer require a specific version of saml2 (PR #2695) Thanks to @okurz!
|
||
* Remove verbosity/log_file from generated config (PR #2755)
|
||
* Add and improve metrics and logging (PR #2770, #2778, #2785, #2786,
|
||
#2787, #2793, #2794, #2795, #2809, #2810, #2833, #2834, #2844, #2965,
|
||
#2927, #2975, #2790, #2796, #2838)
|
||
* When using synctl with workers, don't start the main synapse
|
||
automatically (PR #2774)
|
||
* Minor performance improvements (PR #2773, #2792)
|
||
* Use a connection pool for non-federation outbound connections (PR #2817)
|
||
* Make it possible to run unit tests against postgres (PR #2829)
|
||
* Update pynacl dependency to 1.2.1 or higher (PR #2888) Thanks to @bachp!
|
||
* Remove ability for AS users to call /events and /sync (PR #2948)
|
||
* Use bcrypt.checkpw (PR #2949) Thanks to @krombel!
|
||
|
||
- Change spec-file to use service downloaded and recompressed file directly
|
||
- Remove patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch
|
||
now included in upstream changes
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jan 7 10:02:56 UTC 2018 - okurz@suse.com
|
||
|
||
- Update to version v0.26.0:
|
||
* Bug fixes:
|
||
* Fix database port script (PR #2673)
|
||
* Fix internal server error on login with ldap_auth_provider (PR #2678) Thanks
|
||
to @jkolo!
|
||
* Fix error on sqlite 3.7 (PR #2697)
|
||
* Fix OPTIONS on preview_url (PR #2707)
|
||
* Fix error handling on dns lookup (PR #2711)
|
||
* Fix wrong avatars when inviting multiple users when creating room (PR #2717)
|
||
* Fix 500 when joining matrix-dev (PR #2719)
|
||
|
||
* Features:
|
||
* Add ability for ASes to publicise groups for their users (PR #2686)
|
||
* Add all local users to the user_directory and optionally search them (PR
|
||
* #2723)
|
||
* Add support for custom login types for validating users (PR #2729)
|
||
|
||
* Changes:
|
||
* Update example Prometheus config to new format (PR #2648) Thanks to
|
||
@krombel!
|
||
* Rename redact_content option to include_content in Push API (PR #2650)
|
||
* Declare support for r0.3.0 (PR #2677)
|
||
* Improve upserts (PR #2684, #2688, #2689, #2713)
|
||
* Improve documentation of workers (PR #2700)
|
||
* Improve tracebacks on exceptions (PR #2705)
|
||
* Allow guest access to group APIs for reading (PR #2715)
|
||
* Support for posting content in federation_client script (PR #2716)
|
||
* Delete devices and pushers on logouts etc (PR #2722)
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Mon Nov 20 14:37:18 UTC 2017 - okurz@suse.com
|
||
|
||
- Update to version v0.25.1:
|
||
* Bug fixes:
|
||
* Fix login with LDAP and other password provider modules (PR #2678). Thanks to @jkolo!
|
||
* Fix port script (PR #2673)
|
||
* Fix port script (PR #2577)
|
||
* Fix error when running synapse with no logfile (PR #2581)
|
||
* Fix UI auth when deleting devices (PR #2591)
|
||
* Fix typo when checking if user is invited to group (PR #2599)
|
||
* Fix the port script to drop NUL values in all tables (PR #2611)
|
||
* Fix appservices being backlogged and not receiving new events due to a bug in
|
||
notify_interested_services (PR #2631) Thanks to @xyzz!
|
||
* Fix updating rooms avatar/display name when modified by admin (PR #2636)
|
||
* Thanks to @farialima!
|
||
* Fix bug in state group storage (PR #2649)
|
||
* Fix 500 on invalid utf-8 in request (PR #2663)
|
||
|
||
* Features:
|
||
* Add is_public to groups table to allow for private groups (PR #2582)
|
||
* Add a route for determining who you are (PR #2668) Thanks to @turt2live!
|
||
* Add more features to the password providers (PR #2608, #2610, #2620,
|
||
#2622, #2623, #2624, #2626, #2628, #2629)
|
||
* Add a hook for custom rest endpoints (PR #2627)
|
||
* Add API to update group room visibility (PR #2651)
|
||
|
||
* Changes:
|
||
* Ignore tags when generating URL preview descriptions (PR #2576) Thanks to
|
||
@maximevaillancourt!
|
||
* Register some /unstable endpoints in /r0 as well (PR #2579) Thanks to @krombel!
|
||
* Support /keys/upload on /r0 as well as /unstable (PR #2585)
|
||
* Front-end proxy: pass through auth header (PR #2586)
|
||
* Allow ASes to deactivate their own users (PR #2589)
|
||
* Remove refresh tokens (PR #2613)
|
||
* Automatically set default displayname on register (PR #2617)
|
||
* Log login requests (PR #2618)
|
||
* Always return is_public in the /groups/:group_id/rooms API (PR #2630)
|
||
* Avoid no-op media deletes (PR #2637) Thanks to @spantaleev!
|
||
* Fix various embarrassing typos around user_directory and add some doc. (PR #2643)
|
||
* Return whether a user is an admin within a group (PR #2647)
|
||
* Namespace visibility options for groups (PR #2657)
|
||
* Downcase UserIDs on registration (PR #2662)
|
||
* Cache failures when fetching URL previews (PR #2669)
|
||
|
||
* Add patch synapse_python_dependencies_allow_higher_versions_of_pysaml2.patch
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 14 12:57:17 UTC 2017 - okurz@suse.com
|
||
|
||
- Update to version v0.24.1:
|
||
* Bug fixes:
|
||
* Fix updating group profiles over federation (PR #2567)
|
||
* Fix handling SERVFAILs when doing AAAA lookups for federation (PR #2477)
|
||
* Fix incompatibility with newer versions of ujson (PR #2483) Thanks to
|
||
@jeremycline!
|
||
* Fix notification keywords that start/end with non-word chars (PR #2500)
|
||
* Fix stack overflow and logcontexts from linearizer (PR #2532)
|
||
* Fix 500 error when fields missing from power_levels event (PR #2552)
|
||
* Fix 500 error when we get an error handling a PDU (PR #2553)
|
||
* Fix regression in performance of syncs (PR #2470)
|
||
* Fix caching error in the push evaluator (PR #2332)
|
||
* Fix bug where pusherpool didn't start and broke some rooms (PR #2342)
|
||
* Fix port script for user directory tables (PR #2375)
|
||
* Fix device lists notifications when user rejoins a room (PR #2443, #2449)
|
||
* Fix sync to always send down current state events in timeline (PR #2451)
|
||
* Fix bug where guest users were incorrectly kicked (PR #2453)
|
||
* Fix bug talking to IPv6 only servers using SRV records (PR #2462)
|
||
* Fix synapse_port_db failure. Thanks to Pneumaticat! (PR #1904)
|
||
* Fix caching to not cache error responses (PR #1913)
|
||
* Fix APIs to make kick & ban reasons work (PR #1917)
|
||
* Fix bugs in the /keys/changes api (PR #1921)
|
||
* Fix bug where users couldn't forget rooms they were banned from (PR #1922)
|
||
* Fix issue with long language values in pushers API (PR #1925)
|
||
* Fix a race in transaction queue (PR #1930)
|
||
* Fix dynamic thumbnailing to preserve aspect ratio. Thanks to jkolo! (PR
|
||
#1945)
|
||
* Fix device list update to not constantly resync (PR #1964)
|
||
* Fix potential for huge memory usage when getting device that have
|
||
changed (PR #1969)
|
||
* Fix bug where pusher pool didn't start and caused issues when
|
||
interacting with some rooms (PR #2342)
|
||
* Fix bug with storing registration sessions that caused frequent CPU churn
|
||
(PR #2319)
|
||
* Fix users not getting notifications when AS listened to that user_id (PR
|
||
#2216) Thanks to @slipeer!
|
||
* Fix users without push set up not getting notifications after joining rooms
|
||
(PR #2236)
|
||
* Fix preview url API to trim long descriptions (PR #2243)
|
||
* Fix bug where we used cached but unpersisted state group as prev group,
|
||
resulting in broken state of restart (PR #2263)
|
||
* Fix removing of pushers when using workers (PR #2267)
|
||
* Fix CORS headers to allow Authorization header (PR #2285) Thanks to @krombel!
|
||
* Fix bug in anonymous usage statistic reporting (PR #2281)
|
||
* Fix API to allow clients to upload one-time-keys with new sigs (PR #2206)
|
||
* Fix bug where users got pushed for rooms they had muted (PR #2200)
|
||
* Fix nuke-room script to work with current schema (PR #1927) Thanks
|
||
@zuckschwerdt!
|
||
* Fix db port script to not assume postgres tables are in the public schema
|
||
(PR #2024) Thanks @jerrykan!
|
||
* Fix getting latest device IP for user with no devices (PR #2118)
|
||
* Fix rejection of invites to unreachable servers (PR #2145)
|
||
* Fix code for reporting old verify keys in synapse (PR #2156)
|
||
* Fix invite state to always include all events (PR #2163)
|
||
* Fix bug where synapse would always fetch state for any missing event (PR #2170)
|
||
* Fix a leak with timed out HTTP connections (PR #2180)
|
||
* Fix bug where we didn't time out HTTP requests to ASes (PR #2192)
|
||
* Fix joining rooms over federation where not all servers in the room saw the
|
||
new server had joined (PR #2094)
|
||
* Fix bug where current_state_events renamed to current_state_ids (PR #1849)
|
||
* Fix routing loop when fetching remote media (PR #1992)
|
||
* Fix current_state_events table to not lie (PR #1996)
|
||
* Fix CAS login to handle PartialDownloadError (PR #1997)
|
||
* Fix assertion to stop transaction queue getting wedged (PR #2010)
|
||
* Fix presence to fallback to last_active_ts if it beats the last sync time.
|
||
Thanks @Half-Shot! (PR #2014)
|
||
* Fix bug when federation received a PDU while a room join is in progress (PR
|
||
#2016)
|
||
* Fix resetting state on rejected events (PR #2025)
|
||
* Fix installation issues in readme. Thanks @ricco386 (PR #2037)
|
||
* Fix caching of remote servers' signature keys (PR #2042)
|
||
* Fix some leaking log context (PR #2048, #2049, #2057, #2058)
|
||
* Fix rejection of invites not reaching sync (PR #2056)
|
||
* Fix bug in handling of incoming device list updates over federation.
|
||
|
||
* Features:
|
||
* Add Group Server (PR #2352, #2363, #2374, #2377, #2378, #2382, #2410, #2426,
|
||
#2430, #2454, #2471, #2472, #2544)
|
||
* Add support for channel notifications (PR #2501)
|
||
* Add basic implementation of backup media store (PR #2538)
|
||
* Add config option to auto-join new users to rooms (PR #2545)
|
||
* Add a frontend proxy worker (PR #2344)
|
||
* Add support for event_id_only push format (PR #2450)
|
||
* Add a PoC for filtering spammy events (PR #2456)
|
||
* Add a config option to block all room invites (PR #2457)
|
||
* Add a user directory API (PR #2252, and many more)
|
||
* Add shutdown room API to remove room from local server (PR #2291)
|
||
* Add API to quarantine media (PR #2292)
|
||
* Add new config option to not send event contents to push servers (PR #2301)
|
||
Thanks to @cjdelisle!
|
||
* Add per user rate-limiting overrides (PR #2208)
|
||
* Add config option to limit maximum number of events requested by ``/sync``
|
||
and ``/messages`` (PR #2221) Thanks to @psaavedra!
|
||
* Add username availability checker API (PR #2183)
|
||
* Add read marker API (PR #2120)
|
||
* Add delete_devices API (PR #1993)
|
||
* Add phone number registration/login support (PR #1994, #2055)
|
||
* Add some administration functionalities. Thanks to morteza-araby! (PR #1784)
|
||
|
||
* Changes:
|
||
* Make the spam checker a module (PR #2474)
|
||
* Delete expired url cache data (PR #2478)
|
||
* Ignore incoming events for rooms that we have left (PR #2490)
|
||
* Allow spam checker to reject invites too (PR #2492)
|
||
* Add room creation checks to spam checker (PR #2495)
|
||
* Spam checking: add the invitee to user_may_invite (PR #2502)
|
||
* Process events from federation for different rooms in parallel (PR #2520)
|
||
* Allow error strings from spam checker (PR #2531)
|
||
* Improve error handling for missing files in config (PR #2551)
|
||
* Make 'affinity' package optional, as it is not supported on some platforms
|
||
* Use bcrypt module instead of py-bcrypt (PR #2288) Thanks to @kyrias!
|
||
* Improve performance of generating push notifications (PR #2343, #2357, #2365,
|
||
#2366, #2371)
|
||
* Improve DB performance for device list handling in sync (PR #2362)
|
||
* Include a sample prometheus config (PR #2416)
|
||
* Document known to work postgres version (PR #2433) Thanks to @ptman!
|
||
* Improve performance of storing user IPs (PR #2307, #2308)
|
||
* Slightly improve performance of verifying access tokens (PR #2320)
|
||
* Slightly improve performance of event persistence (PR #2321)
|
||
* Increase default cache factor size from 0.1 to 0.5 (PR #2330)
|
||
* Various performance fixes (PR #2177, #2233, #2230, #2238, #2248, #2256,
|
||
#2274)
|
||
* Deduplicate sync filters (PR #2219) Thanks to @krombel!
|
||
* Correct a typo in UPGRADE.rst (PR #2231) Thanks to @aaronraimist!
|
||
* Add count of one time keys to sync stream (PR #2237)
|
||
* Only store event_auth for state events (PR #2247)
|
||
* Store URL cache preview downloads separately (PR #2299)
|
||
* Various small performance fixes (PR #2201, #2202, #2224, #2226, #2227, #2228,
|
||
#2229)
|
||
* Update username availability checker API (PR #2209, #2213)
|
||
* When purging, don't de-delta state groups we're about to delete (PR #2214)
|
||
* Documentation to check synapse version (PR #2215) Thanks to @hamber-dick!
|
||
* Add an index to event_search to speed up purge history API (PR #2218)
|
||
* Always mark remotes as up if we receive a signed request from them (PR #2190)
|
||
* Enable guest access for the 3pl/3pid APIs (PR #1986)
|
||
* Add setting to support TURN for guests (PR #2011)
|
||
* Various performance improvements (PR #2075, #2076, #2080, #2083, #2108,
|
||
#2158, #2176, #2185)
|
||
* Make synctl a bit more user friendly (PR #2078, #2127) Thanks @APwhitehat!
|
||
* Replace HTTP replication with TCP replication (PR #2082, #2097, #2098,
|
||
#2099, #2103, #2014, #2016, #2115, #2116, #2117)
|
||
* Support authenticated SMTP (PR #2102) Thanks @DanielDent!
|
||
* Add a counter metric for successfully-sent transactions (PR #2121)
|
||
* Propagate errors sensibly from proxied IS requests (PR #2147)
|
||
* Add more granular event send metrics (PR #2178)
|
||
* Use JSONSchema for validation of filters. Thanks @pik! (PR #1783)
|
||
* Reread log config on SIGHUP (PR #1982)
|
||
* Speed up public room list (PR #1989)
|
||
* Add helpful texts to logger config options (PR #1990)
|
||
* Minor ``/sync`` performance improvements. (PR #2002, #2013, #2022)
|
||
* Add some debug to help diagnose weird federation issue (PR #2035)
|
||
* Correctly limit retries for all federation requests (PR #2050, #2061)
|
||
* Don't lock table when persisting new one time keys (PR #2053)
|
||
* Reduce some CPU work on DB threads (PR #2054)
|
||
* Cache hosts in room (PR #2060)
|
||
* Batch sending of device list pokes (PR #2063)
|
||
* Speed up persist event path in certain edge cases (PR #2070)
|
||
* Reduce database table sizes (PR #1873, #1916, #1923, #1963)
|
||
* Update contrib/ to not use syutil. Thanks to andrewshadura! (PR #1907)
|
||
* Don't fetch current state when sending an event in common case (PR #1955)
|
||
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Nov 14 12:52:53 UTC 2017 - okurz@suse.com
|
||
|
||
- Update to version v0.24.1+4.632baf79:
|
||
* Disallow capital letters in userids
|
||
* Allow = in mxids and groupids
|
||
* Validate group ids when parsing
|
||
* Fix a logcontext leak in the media repo
|
||
* Correctly wire in update group profile over federation
|
||
* replace 'except:' with 'except Exception:'
|
||
* fix vars named `l`
|
||
* Bump version and changelog
|
||
* Add jitter to validity period of attestations
|
||
* Revert "Add jitter to validity period of attestations"
|
||
|
||
-------------------------------------------------------------------
|
||
Tue Jul 4 08:39:45 UTC 2017 - jengelh@inai.de
|
||
|
||
- Do not suppress errors from useradd procedure.
|
||
- Trim description to the essence of the package. It is not
|
||
supposed to be a manual or architectural document.
|
||
- Remove redundant %clean section. Replace %__-type macro
|
||
indirections.
|
||
|
||
-------------------------------------------------------------------
|
||
Thu Jun 29 20:53:00 UTC 2017 - okurz@suse.com
|
||
|
||
- Prevent conflicts between python2/3 version of packages
|
||
|
||
-------------------------------------------------------------------
|
||
Sun Jun 18 12:05:47 UTC 2017 - okurz@suse.com
|
||
|
||
- Initial version of matrix-synapse version 0.19.2
|