diff --git a/_service b/_service
index 71a326d..3c28102 100644
--- a/_service
+++ b/_service
@@ -4,11 +4,11 @@
@PARENT_TAG@
https://github.com/matrix-org/synapse.git
git
- v1.83.0
+ v1.85.0
v(.*)
\1
diff --git a/matrix-synapse-1.83.0.obscpio b/matrix-synapse-1.83.0.obscpio
deleted file mode 100644
index e0fe159..0000000
--- a/matrix-synapse-1.83.0.obscpio
+++ /dev/null
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a9fc44ead7fcad3c2b75f70e3fd0413a8b0f90c2deb8af55353ca46f4b9acedc
-size 34930189
diff --git a/matrix-synapse-1.85.0.obscpio b/matrix-synapse-1.85.0.obscpio
new file mode 100644
index 0000000..d5e40aa
--- /dev/null
+++ b/matrix-synapse-1.85.0.obscpio
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:5429de1080c5132f493bc0c6b047969a764b9f129cfe309ed619fdc2d0b47520
+size 35069965
diff --git a/matrix-synapse-test.spec b/matrix-synapse-test.spec
index cebdc24..110b8a1 100644
--- a/matrix-synapse-test.spec
+++ b/matrix-synapse-test.spec
@@ -27,7 +27,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
-Version: 1.83.0
+Version: 1.85.0
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0
diff --git a/matrix-synapse.changes b/matrix-synapse.changes
index 540aab9..7de47fd 100644
--- a/matrix-synapse.changes
+++ b/matrix-synapse.changes
@@ -1,3 +1,236 @@
+-------------------------------------------------------------------
+Tue Jun 6 11:34:10 UTC 2023 - Marcus Rueckert
+
+- make use that the pythons define and use_python do not diverge by
+ moving them closer to each other.
+
+-------------------------------------------------------------------
+Tue Jun 6 10:06:46 UTC 2023 - Marcus Rueckert
+
+- Update to 1.85.0
+ - Security
+
+ - GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity It may be
+ possible for a deactivated user to login when using uncommon
+ configurations. (boo#1212055)
+
+ - GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity A
+ discovered oEmbed or image URL can bypass the
+ url_preview_url_blacklist setting potentially allowing server
+ side request forgery or bypassing network policies. Impact is
+ limited to IP addresses allowed by the
+ url_preview_ip_range_blacklist setting (by default this only
+ allows public IPs). (boo#1212054)
+
+ - Features
+ - Improve performance of backfill requests by performing
+ backfill of previously failed requests in the background.
+ (#15585)
+ - Add a new admin API to create a new device for a user.
+ (#15611)
+ - Add Unix socket support for Redis connections. Contributed by
+ Jason Little. (#15644)
+ - Bugfixes
+ - Fix a performance issue introduced in Synapse v1.83.0 which
+ meant that purging rooms was very slow and
+ database-intensive. (#15693)
+ - Fix a long-standing bug where setting the read marker could
+ fail when using message retention. Contributed by Nick @
+ Beeper (@Fizzadar). (#15464)
+ - Fix a long-standing bug where the url_preview_url_blacklist
+ configuration setting was not applied to oEmbed or image URLs
+ found while previewing a URL. (#15601)
+ - Fix a long-standing bug where filters with multiple
+ backslashes were rejected. (#15607)
+ - Fix a bug introduced in Synapse 1.82.0 where the error
+ message displayed when validation of the
+ app_service_config_files config option fails would be
+ incorrectly formatted. (#15614)
+ - Fix a long-standing bug where deactivated users were still
+ able to login using the custom org.matrix.login.jwt login
+ type (if enabled). (#15624)
+ - Fix a long-standing bug where deactivated users were able to
+ login in uncommon situations. (#15634)
+ - Improved Documentation
+ - Warn users that at least 3.75GB of space is needed for the
+ nix Synapse development environment. (#15613)
+ - Remove outdated comment from the generated and sample
+ homeserver log configs. (#15648)
+ - Improve contributor docs to make it more clear that Rust is a
+ necessary prerequisite. Contributed by @grantm. (#15668)
+ - Deprecations and Removals
+ - Deprecate calling the /register endpoint with an unspecced
+ user property for application services. (#15703)
+ - Remove the old version of the R30 (30-day retained users)
+ phone-home metric. (#10428)
+ - Internal Changes
+ - Speed up background jobs populate_full_user_id_user_filters
+ and populate_full_user_id_profiles. (#15700)
+ - Create dependabot changelogs at release time. (#15481)
+ - Add not null constraint to column full_user_id of tables
+ profiles and user_filters. (#15537)
+ - Allow connecting to HTTP Replication Endpoints by using
+ worker_name when constructing the request. (#15578)
+ - Make the thread_id column on event_push_actions,
+ event_push_actions_staging, and event_push_summary non-null.
+ (#15597)
+ - Run mypy type checking with the minimum supported Python
+ version to catch new usage that isn't backwards-compatible.
+ (#15602)
+ - Fix subscriptable type usage in Python <3.9. (#15604)
+ - Update internal terminology. (#15606, #15620)
+ - Instrument state and state_group storage-related operations
+ to better picture what's happening when tracing. (#15610,
+ #15647)
+ - Trace how many new events from the backfill response we need
+ to process. (#15633)
+ - Re-type config paths in ConfigErrors to be StrSequences
+ instead of Iterable[str]s. (#15615)
+ - Update Mutual Rooms (MSC2666) implementation to match new
+ proposal text. (#15621)
+ - Remove the unstable identifiers from faster joins (MSC3706).
+ (#15625)
+ - Fix the olddeps CI. (#15626)
+ - Remove duplicate timestamp from test logs
+ (_trial_temp/test.log). (#15636)
+ - Fix two memory leaks in trial test runs. (#15630)
+ - Limit the size of the HomeServerConfig cache in trial test
+ runs. (#15646)
+ - Improve type hints. (#15658, #15659)
+ - Add requesting user id parameter to key claim methods in
+ TransportLayerClient. (#15663)
+ - Speed up rebuilding of the user directory for local users.
+ (#15665)
+ - Implement "option 2" for MSC3820: Room version 11. (#15666,
+ #15678)
+
+-------------------------------------------------------------------
+Fri May 26 19:16:23 UTC 2023 - Marcus Rueckert
+
+- Update to 1.84.1
+ This patch release fixes a major issue with homeservers that do
+ not have an instance_map defined but which do use workers. If you
+ have already upgraded to Synapse 1.84.0 and your homeserver is
+ working normally, then there is no need to update to this patch
+ release.
+
+ - Bugfixes
+ - Fix a bug introduced in Synapse v1.84.0 where workers do not
+ start up when no instance_map was provided. (#15672)
+ - Internal Changes
+ - Add dch and notify-send to the development Nix flake so that
+ the release script can be used. (#15673)
+
+-------------------------------------------------------------------
+Wed May 24 00:15:46 UTC 2023 - Marcus Rueckert
+
+- Update to 1.84.0
+ The worker_replication_* configuration settings have been
+ deprecated in favour of configuring the main process consistently
+ with other instances in the instance_map. The deprecated settings
+ will be removed in Synapse v1.88.0, but changing your
+ configuration in advance is recommended. See the upgrade notes
+ for more information.
+
+ https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840
+
+ - Features
+ - Add an option to prevent media downloads from configured
+ domains. (#15197)
+ - Add forget_rooms_on_leave config option to automatically
+ forget rooms when users leave them or are removed from them.
+ (#15224)
+ - Add redis TLS configuration options. (#15312)
+ - Add a config option to delay push notifications by a random
+ amount, to discourage time-based profiling. (#15516)
+ - Stabilize support for MSC2659: application service ping
+ endpoint. Contributed by Tulir @ Beeper. (#15528)
+ - Implement MSC4009 to expand the supported characters in
+ Matrix IDs. (#15536)
+ - Advertise support for Matrix 1.6 on /_matrix/client/versions.
+ (#15559)
+ - Print full error and stack-trace of any exception that occurs
+ during startup/initialization. (#15569)
+ - Bugfixes
+ - Fix a bug introduced in Synapse 1.84.0rc1 where errors during
+ startup were not reported correctly on Python < 3.10.
+ (#15599)
+ - Don't fail on federation over TOR where SRV queries are not
+ supported. Contributed by Zdzichu. (#15523)
+ - Experimental support for MSC4010 which rejects setting the
+ "m.push_rules" via account data. (#15554, #15555)
+ - Fix a long-standing bug where an invalid membership event
+ could cause an internal server error. (#15564)
+ - Require at least poetry-core v1.1.0. (#15566, #15571)
+ - Deprecations and Removals
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Updates to the Docker image
+ - Add pkg-config package to Stage 0 to be able to build
+ Dockerfile on ppc64le architecture. (#15567)
+ - Improved Documentation
+ - Clarify documentation of the "Create or modify account" Admin
+ API. (#15544)
+ - Fix path to the statistics/database/rooms admin API in
+ documentation. (#15560)
+ - Update and improve Mastodon Single Sign-On documentation.
+ (#15587)
+ - Internal Changes
+ - Use oEmbed to generate URL previews for YouTube Shorts.
+ (#15025)
+ - Create new Client for use with HTTP Replication between
+ workers. Contributed by Jason Little. (#15470)
+ - Remove need for worker_replication_* based settings in worker
+ configuration yaml by placing this data directly on the
+ instance_map instead. (#15491)
+ - Bump pyicu from 2.10.2 to 2.11. (#15509)
+ - Remove references to supporting per-user flag for MSC2654.
+ (#15522)
+ - Don't use a trusted key server when running the demo scripts.
+ (#15527)
+ - Speed up rebuilding of the user directory for local users.
+ (#15529)
+ - Speed up deleting of old rows in event_push_actions. (#15531)
+ - Install the xmlsec and mdbook packages and switch back to the
+ upstream cachix/devenv repo in the nix development
+ environment. (#15532, #15533, #15545)
+ - Implement MSC3987 by removing "dont_notify" from the list of
+ actions in default push rules. (#15534)
+ - Move various module API callback registration methods to a
+ dedicated class. (#15535)
+ - Proxy /user/devices federation queries to application
+ services for MSC3984. (#15539)
+ - Factor out an is_mine_server_name method. (#15542)
+ - Allow running Complement tests using podman by adding a
+ PODMAN environment variable to scripts-dev/complement.sh.
+ (#15543)
+ - Bump serde from 1.0.160 to 1.0.162. (#15548)
+ - Bump types-setuptools from 67.6.0.5 to 67.7.0.1. (#15549)
+ - Bump sentry-sdk from 1.19.1 to 1.22.1. (#15550)
+ - Bump ruff from 0.0.259 to 0.0.265. (#15551)
+ - Bump hiredis from 2.2.2 to 2.2.3. (#15552)
+ - Bump types-requests from 2.29.0.0 to 2.30.0.0. (#15553)
+ - Add org.matrix.msc3981 info to /_matrix/client/versions.
+ (#15558)
+ - Declare unstable support for MSC3391 under
+ /_matrix/client/versions if the experimental implementation
+ is enabled. (#15562)
+ - Implement MSC3821 to update the redaction rules. (#15563)
+ - Implement updated redaction rules from MSC3389. (#15565)
+ - Allow pip install to use setuptools_rust 1.6.0 when building
+ Synapse. (#15570)
+ - Deal with upcoming Github Actions deprecations. (#15576)
+ - Export run_as_background_process from the module API.
+ (#15577)
+ - Update build system requirements to allow building with
+ poetry-core==1.6.0. (#15588)
+ - Bump serde from 1.0.162 to 1.0.163. (#15589)
+ - Bump phonenumbers from 8.13.7 to 8.13.11. (#15590)
+ - Bump types-psycopg2 from 2.9.21.9 to 2.9.21.10. (#15591)
+ - Bump types-commonmark from 0.9.2.2 to 0.9.2.3. (#15592)
+ - Bump types-setuptools from 67.7.0.1 to 67.7.0.2. (#15594)
+
-------------------------------------------------------------------
Tue May 9 18:58:15 UTC 2023 - Marcus Rueckert
diff --git a/matrix-synapse.obsinfo b/matrix-synapse.obsinfo
index 8054610..a0bee6a 100644
--- a/matrix-synapse.obsinfo
+++ b/matrix-synapse.obsinfo
@@ -1,4 +1,4 @@
name: matrix-synapse
-version: 1.83.0
-mtime: 1683648828
-commit: 64a11fb61fac47f652858d7e2109d077874135e0
+version: 1.85.0
+mtime: 1686042381
+commit: ec71214243eac58a4a6d272c15441a6405f6ae9c
diff --git a/matrix-synapse.spec b/matrix-synapse.spec
index 56c5d4f..3c9f08f 100644
--- a/matrix-synapse.spec
+++ b/matrix-synapse.spec
@@ -37,8 +37,9 @@
%global matrix_common_max_version 2
%global msgpack_version 1.0.5
%global netaddr_version 0.8.0
+# TODO: 8.13.11
%global phonenumbers_version 8.13.5
-%global prometheus_client_version 0.16.0
+%global prometheus_client_version 0.17.0
%global psutil_version 2.0.0
%global pyOpenSSL_version 23.0.0
%global pyasn1_version 0.4.8
@@ -60,14 +61,16 @@
%global pysaml2_version 7.2.1
%global Authlib_version 1.2.0
%global lxml_version 4.9.2
-%global sentry_sdk_version 1.19.0
+%global sentry_sdk_version 1.22.1
%global PyJWT_version 2.4.0
%global jaeger_client_version 4.8.0
%global opentracing_version 2.4.0
+# TODO: 2.2.3
%global hiredis_version 2.2.2
%global txredisapi_version 1.4.9
%global Pympler_version 1.0.1
%global pydantic_version 1.9.1
+# TODO: 2.10.2
%global pyicu_version 2.10.2
%else
# some version locks based on poetry.lock
@@ -121,8 +124,10 @@
%endif
%define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
-# only switch this back to python3 when immutabledict supports the current default python version
-%define pythons python3
+
+%define use_python python3
+
+%define pythons %{use_python}
# These come from matrix-synapse's CONDITIONAL_REQUIREMENTS.
# missing deps
@@ -145,18 +150,11 @@
# https://github.com/matrix-org/synapse/releases or synapse/CHANGES.md
# * Commit+submit
-#if 0%{?suse_version} >= 1550
-#define use_python python38
-#define __python3 #{_bindir}/python3
-#else
-%define use_python python310
-#endif
-
%define modname synapse
%define pkgname matrix-synapse
%define eggname matrix_synapse
Name: %{pkgname}
-Version: 1.83.0
+Version: 1.85.0
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@@ -181,7 +179,6 @@ Patch1: bump-dependencies.patch
Source100: 10719-Fix-instert-of-duplicate-key-into-event_json.patch
BuildRequires: %{use_python}-base >= 3.8
BuildRequires: %{use_python}-pip
-BuildRequires: %{use_python}-poetry-core >= 1.0.0
BuildRequires: %{use_python}-setuptools
BuildRequires: %{use_python}-wheel
BuildRequires: cargo
@@ -191,10 +188,11 @@ BuildRequires: systemd-rpm-macros
BuildRequires: sysuser-shadow
BuildRequires: sysuser-tools
BuildRequires: unzip
+BuildRequires: (%{use_python}-poetry-core >= 1.0.0 with %{use_python}-poetry-core =< 1.6.1)
%{?systemd_ordering}
%{sysusers_requires}
%requires_peq %{use_python}-base
-BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust < 1.7.0)
+BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.6.0)
# NOTE: Keep this is in the same order as pyproject.toml.
# some version locks based on poetry.lock
BuildRequires: %{use_python}-Jinja2 >= %{Jinja2_version}
diff --git a/vendor.tar.zst b/vendor.tar.zst
index bb8dc27..9ebe1db 100644
--- a/vendor.tar.zst
+++ b/vendor.tar.zst
@@ -1,3 +1,3 @@
version https://git-lfs.github.com/spec/v1
-oid sha256:b1ce7e6b94bc9019311f5e8a5da798e973cab8b81b2a6a5031b44f84f625f849
-size 8818682
+oid sha256:a1a27815d8c0b6e477437aa0e80e78e5a0ae37645b0bf46061fb9e1cc6f485ac
+size 8787173