Accepting request 1245106 from network:messaging:matrix

Forwarded request #1245105 from darix

- Update to 1.124.0

OBS-URL: https://build.opensuse.org/request/show/1245106
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/matrix-synapse?expand=0&rev=121

_service

@@ -4,11 +4,11 @@
     <param name="versionformat">@PARENT_TAG@</param>
     <param name="url">https://github.com/element-hq/synapse.git</param>
     <param name="scm">git</param>
-    <param name="revision">v1.114.0</param>
+    <param name="revision">v1.124.0</param>
     <param name="versionrewrite-pattern">v(.*)</param>
     <param name="versionrewrite-replacement">\1</param>
     <!--
-    <param name="revision">v1.115.0rc1</param>
+    <param name="revision">v1.125.0rc1</param>
     <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
     <param name="versionrewrite-replacement">\1~\2</param>
     -->

bump-dependencies.patch

@@ -2,7 +2,7 @@ Index: synapse/pyproject.toml
 ===================================================================
 --- synapse.orig/pyproject.toml
 +++ synapse/pyproject.toml
-@@ -190,7 +190,7 @@ pymacaroons = ">=0.13.0"
+@@ -191,7 +191,7 @@ pymacaroons = ">=0.13.0"
  msgpack = ">=0.5.2"
  phonenumbers = ">=8.2.0"
  # we use GaugeHistogramMetric, which was added in prom-client 0.4.0.

matrix-synapse-1.114.0.obscpio

@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:8ca30e5576a8dfe93534758716ec01c3fd356a5a1a44f9365615f88728e52bb3
-size 37705229

matrix-synapse-1.124.0.obscpio

@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:ca8a0a7ab9b05ac6ba6aebbd21ee3a8558c5b38307258171304a3f05138085f3
+size 38803469

matrix-synapse-1.4.1-paths.patch

@@ -15,7 +15,7 @@ Index: synapse/synapse/config/key.py
 ===================================================================
 --- synapse.orig/synapse/config/key.py
 +++ synapse/synapse/config/key.py
-@@ -110,7 +110,7 @@ class KeyConfig(Config):
+@@ -117,7 +117,7 @@ class KeyConfig(Config):
              signing_key_path = config.get("signing_key_path")
              if signing_key_path is None:
                  signing_key_path = os.path.join(
@@ -24,7 +24,7 @@ Index: synapse/synapse/config/key.py
                  )
  
              self.signing_key = self.read_signing_keys(signing_key_path, "signing_key")
-@@ -183,7 +183,7 @@ class KeyConfig(Config):
+@@ -190,7 +190,7 @@ class KeyConfig(Config):
          generate_secrets: bool = False,
          **kwargs: Any,
      ) -> str:
@@ -37,20 +37,20 @@ Index: synapse/synapse/config/logger.py
 ===================================================================
 --- synapse.orig/synapse/config/logger.py
 +++ synapse/synapse/config/logger.py
-@@ -149,7 +149,7 @@ class LoggingConfig(Config):
+@@ -156,7 +156,7 @@ class LoggingConfig(Config):
      def generate_config_section(
          self, config_dir_path: str, server_name: str, **kwargs: Any
      ) -> str:
 -        log_config = os.path.join(config_dir_path, server_name + ".log.config")
 +        log_config = os.path.join('/etc/matrix-synapse/', server_name + ".log.config")
-         return (
+         return """\
-             """\
          log_config: "%(log_config)s"
+         """ % locals()
 Index: synapse/synapse/config/server.py
 ===================================================================
 --- synapse.orig/synapse/config/server.py
 +++ synapse/synapse/config/server.py
-@@ -793,7 +793,7 @@ class ServerConfig(Config):
+@@ -810,7 +810,7 @@ class ServerConfig(Config):
              bind_port = 8448
              unsecure_port = 8008
  

matrix-synapse-test.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package matrix-synapse-test
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -27,7 +27,7 @@
 
 %define         pkgname matrix-synapse
 Name:           %{pkgname}-test
-Version:        1.114.0
+Version:        1.124.0
 Release:        0
 Summary:        Test package for %{pkgname}
 License:        AGPL-3.0-or-later

matrix-synapse.changes

@@ -1,3 +1,708 @@
+-------------------------------------------------------------------
+Tue Feb 11 13:24:15 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.124.0
+  - Bugfixes
+    - Fix regression in performance of sending events due to
+      superfluous reads and locks. Introduced in v1.124.0rc1.
+      (#18141)
+    - Fix regression where persisting events in some rooms could
+      fail after a previous unclean shutdown. Introduced in
+      v1.124.0rc1. (#18137)
+    - Add rate limit rc_presence.per_user. This prevents load from
+      excessive presence updates sent by clients via sync api. Also
+      rate limit /_matrix/client/v3/presence as per the spec.
+      Contributed by @rda0. (#18000)
+    - Deactivated users will no longer automatically accept an
+      invite when auto_accept_invites is enabled. (#18073)
+    - Fix join being denied after being invited over federation.
+      Also fixes other out-of-band membership transitions. (#18075)
+    - Updates contributed docker-compose.yml file to PostgreSQL
+      v15, as v12 is no longer supported by Synapse. Contributed by
+      @maxkratz. (#18089)
+    - Fix rare edge case where state groups could be deleted while
+      we are persisting new events that reference them. (#18107,
+      #18130, #18131)
+    - Raise an error if someone is using an incorrect suffix in a
+      config duration string. (#18112)
+    - Fix a bug where the Delete Room Admin API would fail if the
+      block parameter was set to true and a worker other than the
+      main process was configured to handle background tasks.
+      (#18119)
+  - Internal Changes
+    - Increase the length of the generated nonce parameter when
+      perfoming OIDC logins to comply with the TI-Messenger spec.
+      (#18109)
+  - Updates to locked dependencies
+    - Bump dawidd6/action-download-artifact from 7 to 8. (#18108)
+    - Bump log from 0.4.22 to 0.4.25. (#18098)
+    - Bump python-multipart from 0.0.18 to 0.0.20. (#18096)
+    - Bump serde_json from 1.0.135 to 1.0.137. (#18099)
+    - Bump types-bleach from 6.1.0.20240331 to 6.2.0.20241123.
+      (#18082)
+
+-------------------------------------------------------------------
+Mon Feb 10 17:44:27 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- enable support for building against 3.11 on older distros
+
+-------------------------------------------------------------------
+Tue Jan 28 16:33:21 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.123.0
+  - Features
+    - Implement MSC4133 for custom profile fields. Contributed by
+      @clokep. (#17488)
+    - Add a query parameter type to the Room State Admin API that
+      filters the state event. (#18035)
+    - Support the new /auth_metadata endpoint defined in MSC2965.
+      (#18093)
+  - Bugfixes
+    - Fix membership caches not updating in state reset scenarios.
+      (#17732)
+    - Fix rare race where on upgrade to v1.122.0 a long running
+      database upgrade could lock out new events from being
+      received or sent. (#18091)
+  - Improved Documentation
+    - Document tls option for a worker instance in instance_map.
+      (#18064)
+  - Deprecations and Removals
+    - Remove the unstable MSC4151 implementation. The stable
+      support remains, per Matrix 1.13. (#18052)
+  - Internal Changes
+    - Increase invite rate limits (rc_invites.per_issuer) for
+      Complement. (#18072)
+  - Updates to locked dependencies
+    - Bump jinja2 from 3.1.4 to 3.1.5. (#18067)
+    - Bump mypy from 1.12.1 to 1.13.0. (#18083)
+    - Bump pillow from 11.0.0 to 11.1.0. (#18084)
+    - Bump pyo3 from 0.23.3 to 0.23.4. (#18079)
+    - Bump pyopenssl from 24.2.1 to 24.3.0. (#18062)
+    - Bump serde_json from 1.0.134 to 1.0.135. (#18081)
+    - Bump ulid from 1.1.3 to 1.1.4. (#18080)
+
+-------------------------------------------------------------------
+Tue Jan 14 17:11:47 UTC 2025 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.122.0
+  Please note that this version of Synapse drops support for
+  PostgreSQL 11 and 12. The minimum version of PostgreSQL supported
+  is now version 13.
+
+  - Deprecations and Removals
+    - Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034)
+  - Features
+    - Added the email.tlsname config option. This allows specifying
+      the domain name used to validate the SMTP server's TLS
+      certificate separately from the email.smtp_host to connect
+      to. (#17849)
+    - Module developers will have access to the user ID of the
+      requester when adding check_username_for_spam callbacks to
+      spam_checker_module_callbacks. Contributed by
+      Wilson@Pangea.chat. (#17916)
+    - Add endpoints to the Admin API to fetch the number of invites
+      the provided user has sent after a given timestamp, fetch the
+      number of rooms the provided user has joined after a given
+      timestamp, and get report IDs of event reports against a
+      provided user (i.e. where the user was the sender of the
+      reported event). (#17948)
+    - Support stable account suspension from MSC3823. (#17964)
+    - Add macaroon_secret_key_path config option. (#17983)
+  - Bugfixes
+    - Fix bug when rejecting withdrew invite with a
+      third_party_rules module, where the invite would be stuck for
+      the client. (#17930)
+    - Properly purge state groups tables when purging a room with
+      the Admin API. (#18024)
+    - Fix a bug preventing the admin redaction endpoint from
+      working on messages from remote users. (#18029, #18043)
+  - Improved Documentation
+    - Update synapse.app.generic_worker documentation to only
+      recommend GET requests for stream writer routes by default,
+      unless the worker is also configured as a stream writer.
+      Contributed by @evoL. (#17954)
+    - Add documentation for the previously-undocumented
+      last_seen_ts query parameter to the query user Admin API.
+      (#17976)
+    - Improve documentation for the TaskScheduler class. (#17992)
+    - Fix example in reverse proxy docs to include server port.
+      (#17994)
+    - Update Alpine Linux Synapse Package Maintainer within the
+      installation instructions. (#17846)
+  - Internal Changes
+    - Add RoomID & EventID rust types. (#17996)
+    - Fix various type errors across the codebase. (#17998)
+    - Disable DB statement timeout when doing a room purge since it
+      can be quite long. (#18017)
+    - Remove some remaining uses of
+      twisted.internet.defer.returnValue. Contributed by Colin
+      Watson. (#18020)
+    - Refactor get_profile to no longer include fields with a value
+      of None. (#18063)
+  - Updates to locked dependencies
+    - Bump anyhow from 1.0.93 to 1.0.95. (#18012, #18045)
+    - Bump authlib from 1.3.2 to 1.4.0. (#18048)
+    - Bump dawidd6/action-download-artifact from 6 to 7. (#17981)
+    - Bump http from 1.1.0 to 1.2.0. (#18013)
+    - Bump mypy from 1.11.2 to 1.12.1. (#17999)
+    - Bump mypy-zope from 1.0.8 to 1.0.9. (#18047)
+    - Bump pillow from 10.4.0 to 11.0.0. (#18015)
+    - Bump pydantic from 2.9.2 to 2.10.3. (#18014)
+    - Bump pyicu from 2.13.1 to 2.14. (#18060)
+    - Bump pyo3 from 0.23.2 to 0.23.3. (#18001)
+    - Bump python-multipart from 0.0.16 to 0.0.18. (#17985)
+    - Bump sentry-sdk from 2.17.0 to 2.19.2. (#18061)
+    - Bump serde from 1.0.215 to 1.0.217. (#18031, #18059)
+    - Bump serde_json from 1.0.133 to 1.0.134. (#18044)
+    - Bump twine from 5.1.1 to 6.0.1. (#18049)
+
+-------------------------------------------------------------------
+Wed Dec 11 16:11:34 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- switch to primary_python to directly follow the default python
+  without the python3 indirection
+
+-------------------------------------------------------------------
+Wed Dec 11 15:58:41 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.121.0
+  This release candidate contains the security fixes from v1.120.2.
+
+  - Features
+    - Support for MSC4190: device management for Application
+      Services. (#17705)
+    - Update MSC4186 Sliding Sync to include invite, ban, kick,
+      targets when $LAZY-loading room members. (#17947)
+    - Use stable M_USER_LOCKED error code for locked accounts, as
+      per Matrix 1.12. (#17965)
+    - MSC4076: Add disable_badge_count to pusher configuration.
+      (#17975)
+  - Bugfixes
+    - Fix long-standing bug where read receipts could get overly
+      delayed being sent over federation. (#17933)
+  - Improved Documentation
+    - Add OIDC example configuration for Forgejo (fork of Gitea).
+      (#17872)
+    - Link to element-docker-demo from contrib/docker*. (#17953)
+  - Internal Changes
+    - MSC4108: Add a Content-Type header on the PUT response to
+      work around a faulty behavior in some caching reverse
+      proxies. (#17253)
+    - Fix incorrect comment in new schema delta. (#17936)
+    - Raise setuptools_rust version cap to 1.10.2. (#17944)
+    - Enable encrypted appservice related experimental features in
+      the complement docker image. (#17945)
+    - Return whether the user is suspended when querying the user
+      account in the Admin API. (#17952)
+    - Fix new scheduled tasks jumping the queue. (#17962)
+    - Bump pyo3 and dependencies to v0.23.2. (#17966)
+    - Update setuptools-rust and fix building abi3 wheels in latest
+      version. (#17969)
+    - Consolidate SSO redirects through
+      /_matrix/client/v3/login/sso/redirect(/{idpId}). (#17972)
+    - Fix Docker and Complement config to be able to use
+      public_baseurl. (#17986)
+    - Fix building wheels for MacOS which was temporarily disabled
+      in Synapse 1.120.2. (#17993)
+    - Fix release process to not create duplicate releases.
+      (#17970, #17995)
+  - Updates to locked dependencies
+    - Bump bytes from 1.8.0 to 1.9.0. (#17982)
+    - Bump pysaml2 from 7.3.1 to 7.5.0. (#17978)
+    - Bump serde_json from 1.0.132 to 1.0.133. (#17939)
+    - Bump tomli from 2.0.2 to 2.1.0. (#17959)
+    - Bump tomli from 2.1.0 to 2.2.1. (#17979)
+    - Bump tornado from 6.4.1 to 6.4.2. (#17955)
+
+-------------------------------------------------------------------
+Mon Dec  9 23:07:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- BuildIgnore cargo and rust as they both obsolete the version we
+  currently need
+
+-------------------------------------------------------------------
+Tue Dec  3 17:13:57 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.120.2 (boo#1234110)
+  This patch release fixes multiple security vulnerabilities, some
+  affecting all prior versions of Synapse. Server administrators
+  are encouraged to update Synapse as soon as possible. We are not
+  aware of these vulnerabilities being exploited in the wild.
+
+  Administrators who are unable to update Synapse may use the
+  workarounds described in the linked GitHub Security Advisory
+  below.
+
+  - Security advisory
+    The following issues are fixed in 1.120.1.
+    - GHSA-rfq8-j7rh-8hf2 / CVE-2024-52805 (high): Unsupported
+      content types can lead to memory exhaustion
+      Synapse instances which have a high max_upload_size and which
+      don't have a reverse proxy in front of them that would
+      otherwise limit upload size are affected.
+      Fixed by 4b7154c58501b4bf5e1c2d6c11ebef96529f2fdf.
+    - GHSA-f3r3-h2mq-hx2h / CVE-2024-52815 (high): Malicious
+      invites via federation can break a user's sync
+      Fixed by d82e1ed357b7ee21dff83d06cba7a67840cfd464.
+    - GHSA-vp6v-whfm-rv3g / CVE-2024-53863 (high): Synapse can be
+      forced to thumbnail unexpected file formats, invoking
+      potentially untrustworthy decoders
+      Synapse instances can disable dynamic thumbnailing by setting
+      dynamic_thumbnails to false in the configuration file.
+      Fixed by b64a4e5fbbbf119b6c65aedf0d999b4237d55503.
+    - GHSA-56w4-5538-8v8h / CVE-2024-53867 (moderate): The Sliding
+      Sync feature on Synapse versions between 1.113.0rc1 and
+      1.120.0 can leak partial room state changes to users no
+      longer in a room
+      Non-state events, like messages, are unaffected.
+      Synapse instances can disable the Sliding Sync feature by
+      setting experimental_features.msc3575_enabled to false in the
+      configuration file.
+      Fixed by 4daa533e82f345ce87b9495d31781af570ba3ead.
+
+  Additionally, we disclose the following vulnerabilities, both
+  have been fixed in Synapse 1.106.0:
+
+  - GHSA-4mhg-xv73-xq2x / CVE-2024-37302 (high): Denial of service
+    through media disk space consumption
+  - GHSA-gjgr-7834-rhxr / CVE-2024-37303 (moderate):
+    Unauthenticated writes to the media repository allow planting
+    of problematic content
+
+  See the advisories for more details. If you have any questions,
+  email security at element.io.
+
+  - Bug fixes
+    - Fix release process to not create duplicate releases. (#17970)
+
+-------------------------------------------------------------------
+Tue Nov 26 14:22:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.120.0
+  This release enables the enforcement of authenticated media by
+  default, with exemptions for media that is already present in the
+  homeserver's media store.
+
+  Most homeservers operating in the public federation will not be
+  impacted by this change, given that the large homeserver
+  matrix.org enabled this in September 2024 and therefore most
+  clients and servers will already have updated as a result.
+
+  Some server administrators may still wish to disable this
+  enforcement for the time being, in the interest of compatibility
+  with older clients and older federated homeservers.
+
+  See the upgrade notes for more information.
+  https://element-hq.github.io/synapse/v1.120/upgrade.html#authenticated-media-is-now-enforced-by-default
+
+  - Bugfixes
+    - Fix a bug introduced in Synapse v1.120rc1 which would cause
+      the newly-introduced `delete_old_otks` job to fail in
+      worker-mode deployments. (#17960)
+  - Features
+    - Enforce authenticated media by default. Administrators can
+      revert this by configuring enable_authenticated_media to
+      false. In a future release of Synapse, this option will be
+      removed and become always-on. (#17889)
+    - Add a one-off task to delete old One-Time Keys, to guard
+      against us having old OTKs in the database that the client
+      has long forgotten about. (#17934)
+  - Improved Documentation
+    - Clarify the semantics of the enable_authenticated_media
+      configuration option. (#17913)
+    - Add documentation about backing up Synapse. (#17931)
+  - Deprecations and Removals
+    - Remove support for MSC3886: Simple client rendezvous
+      capability, which has been superseded by MSC4108 and
+      therefore closed. (#17638)
+  - Internal Changes
+    - Addressed some typos in docs and returned error message for
+      unknown MXC ID. (#17865)
+    - Unpin the upload release GHA action. (#17923)
+    - Bump macos version used to build wheels during release, as
+      current version used is end-of-life. (#17924)
+    - Move server event filtering logic to rust. (#17928)
+    - Support new package name of PyPI package python-multipart
+      0.0.13 so that distro packagers do not need to work around
+      name conflict with PyPI package multipart. (#17932)
+    - Speed up slow initial sliding syncs on large servers.
+      (#17946)
+  - Updates to locked dependencies
+    - Bump anyhow from 1.0.92 to 1.0.93. (#17920)
+    - Bump bleach from 6.1.0 to 6.2.0. (#17918)
+    - Bump immutabledict from 4.2.0 to 4.2.1. (#17941)
+    - Bump packaging from 24.1 to 24.2. (#17940)
+    - Bump phonenumbers from 8.13.49 to 8.13.50. (#17942)
+    - Bump pygithub from 2.4.0 to 2.5.0. (#17917)
+    - Bump ruff from 0.7.2 to 0.7.3. (#17919)
+    - Bump serde from 1.0.214 to 1.0.215. (#17938)
+
+-------------------------------------------------------------------
+Fri Nov 22 02:44:26 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- allow newer setuptools-rust
+
+-------------------------------------------------------------------
+Wed Nov 13 15:53:23 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- drop 17886.patch
+- refresh matrix-synapse-1.4.1-paths.patch to apply cleanly again
+- Update to 1.119.0
+  Python 3.8 is end-of-life and is no longer supported by Synapse.
+  The minimum supported Python version is now 3.9.
+
+  If you are running Synapse with Python 3.8, please upgrade to
+  Python 3.9 (or greater) before upgrading Synapse.
+
+  - Features
+    - Support MSC4151's stable report room API. (#17374)
+    - Add experimental support for MSC4222 (Adding state_after to
+      sync v2). (#17888)
+  - Bugfixes
+    - Fix bug with sliding sync where $LAZY-loading room members
+      would not return required_state membership in incremental
+      syncs. (#17809)
+    - Check if user has membership in a room before tagging it.
+      Contributed by Lama Alosaimi. (#17839)
+    - Fix a bug in the admin redact endpoint where the background
+      task would not run if a worker was specified in
+    - the config option run_background_tasks_on. (#17847)
+    - Fix bug where some presence and typing timeouts can expire
+      early. (#17850)
+    - Fix detection when the built Rust library was outdated when
+      using source installations. (#17861)
+    - Fix a long-standing bug in Synapse which could cause one-time
+      keys to be issued in the incorrect order, causing message
+      decryption failures. (#17903)
+    - Fix experimental support for MSC4222 (Adding state_after to
+      sync v2) where we would return the full state on incremental
+      syncs when using lazy loaded members and there were no new
+      events in the timeline. (#17915)
+  - Internal Changes
+    - Remove support for python 3.8. (#17908)
+    - Add a test for downloading and thumbnailing a CMYK JPEG.
+      (#17786)
+    - Refactor database calls to remove Generator usage. (#17813,
+      #17814, #17815, #17816, #17817, #17818, #17890)
+    - Include the destination in the error of 'Destination
+      mismatch' on federation requests. (#17830)
+    - The nix flake inside the repository no longer tracks
+      nixpkgs/master to not catch the latest bugs from a PR merged
+      5 minutes ago. (#17852)
+    - Minor speed-up of sliding sync by computing extensions
+      results in parallel. (#17884)
+    - Bump the default Python version in the Synapse Dockerfile
+      from 3.11 -> 3.12. (#17887)
+    - Remove usage of internal header encoding API. (#17894)
+    - Use unique name for each os.arch variant when uploading Wheel
+      artifacts. (#17905)
+    - Fix tests to run with latest Twisted. (#17906, #17907,
+      #17911)
+    - Update version constraint to allow the latest poetry-core
+      1.9.1. (#17902)
+    - Update the portdb CI to use Python 3.13 and Postgres 17 as
+      latest dependencies. (#17909)
+    - Add an index to current_state_delta_stream table. (#17912)
+    - Fix building and attaching release artifacts during the
+      release process. (#17921)
+  - Updates to locked dependencies
+    - Bump actions/download-artifact & actions/upload-artifact from
+      3 to 4 in /.github/workflows. (#17657)
+    - Bump anyhow from 1.0.89 to 1.0.92. (#17858, #17876, #17901)
+    - Bump bytes from 1.7.2 to 1.8.0. (#17877)
+    - Bump cryptography from 43.0.1 to 43.0.3. (#17853)
+    - Bump mypy-zope from 1.0.7 to 1.0.8. (#17898)
+    - Bump phonenumbers from 8.13.47 to 8.13.49. (#17880, #17899)
+    - Bump python-multipart from 0.0.12 to 0.0.16. (#17879)
+    - Bump regex from 1.11.0 to 1.11.1. (#17874)
+    - Bump ruff from 0.6.9 to 0.7.2. (#17868, #17897)
+    - Bump serde from 1.0.210 to 1.0.214. (#17875, #17900)
+    - Bump serde_json from 1.0.128 to 1.0.132. (#17857)
+    - Bump types-psycopg2 from 2.9.21.20240819 to 2.9.21.20241019.
+      (#17855)
+    - Bump types-setuptools from 75.1.0.20241014 to
+      75.2.0.20241019. (#17856)
+
+-------------------------------------------------------------------
+Wed Oct 30 19:12:19 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Allow Twisted 24.10.0 again with backport of proposed upstream
+  fix
+  https://patch-diff.githubusercontent.com/raw/element-hq/synapse/pull/17886.patch
+
+-------------------------------------------------------------------
+Wed Oct 30 18:19:09 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- downgrade Twisted to 24.7.0 until https://github.com/element-hq/synapse/pull/17886
+  is merged
+
+-------------------------------------------------------------------
+Tue Oct 29 19:07:58 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.118.0
+  Python 3.8 support will be dropped in the next release
+  Python 3.8 is now end-of-life. As per our Deprecation Policy for
+  Platform Dependencies, Synapse will be dropping support for
+  Python 3.8 in the next release; Synapse 1.119.0.
+
+  Synapse 1.118.x will be the final release to support Python 3.8.
+  If you are running Synapse with Python 3.8, please upgrade before
+  the 1.119.0 release, due in less than one month.
+
+	Python 3.13 and PostgreSQL 17 support
+  On the other end of the spectrum, Synapse 1.118.0 is the first
+  release to support Python 3.13! PostgreSQL 17 is also supported
+  as of this release.
+
+  - Features
+    - Added the display_name_claim option to the JWT configuration.
+      This option allows specifying the claim key that contains the
+      user's display name in the JWT payload. (#17708)
+    - Implement MSC4210: Remove legacy mentions. Contributed by
+      @tulir @ Beeper. (#17783)
+  - Bugfixes
+    - Fix saving of PNG thumbnails, when the original image is in
+      the CMYK color space. (#17736)
+    - Fix bug with sliding sync where the server would not return
+      state that was added to the required_state config. (#17785,
+      #17805)
+    - Fix a bug in MSC4186 Sliding Sync that would cause rooms to
+      stay forgotten and hidden even after rejoining. (#17835)
+  - Improved Documentation
+    - Clarify when the user_may_invite and
+      user_may_send_3pid_invite module callbacks are called.
+      (#17627)
+    - Correct documentation to refer to the --config-path argument
+      instead of --config-file. (#17802)
+    - Fix typo in target_cache_memory_usage docs. (#17825)
+  - Internal Changes
+    - Slight optimization when fetching state/events for Sliding
+      Sync. (#17718)
+    - Add Python 3.13 and Postgres 17 to the test matrix. (#17752)
+    - Test github token before running release script steps.
+      (#17803)
+    - Build debian packages for new Ubuntu versions, and stop
+      building for no longer supported versions. (#17824)
+    - Enable the .org.matrix.msc4028.encrypted_event push rule by
+      default in accordance with MSC4028. Note that the
+      corresponding experimental feature must still be switched on
+      for this push rule to have any effect. (#17826)
+    - Fix some typing issues uncovered by upgrading mypy to 1.11.x.
+      (#17842)
+  - Updates to locked dependencies
+    - Bump mypy from 1.10.1 to 1.11.2. (#17842)
+    - Bump mypy-zope from 1.0.5 to 1.0.7. (#17827)
+    - Bump phonenumbers from 8.13.46 to 8.13.47. (#17797)
+    - Bump psycopg2 from 2.9.9 to 2.9.10. (#17843)
+    - Bump ruff from 0.6.8 to 0.6.9. (#17794)
+    - Bump sentry-sdk from 2.14.0 to 2.15.0. (#17795)
+    - Bump sentry-sdk from 2.15.0 to 2.16.0. (#17829)
+    - Bump sentry-sdk from 2.16.0 to 2.17.0. (#17844)
+    - Bump sigstore/cosign-installer from 3.6.0 to 3.7.0. (#17798)
+    - Bump tomli from 2.0.1 to 2.0.2. (#17796)
+    - Bump types-requests from 2.32.0.20240914 to 2.32.0.20241016.
+      (#17841)
+    - Bump types-setuptools from 75.1.0.20240917 to
+      75.1.0.20241014. (#17828)
+
+-------------------------------------------------------------------
+Tue Oct 15 13:54:06 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.117.0
+  - Features
+    - Add config option redis.password_path. (#17717)
+  - Bugfixes
+    - Fix a rare bug introduced in v1.29.0 where invalidating a
+      user's access token from a worker could raise an error.
+      (#17779)
+    - In the response to GET /_matrix/client/versions, set the
+      unstable_features flag for MSC4140 to false when server
+      configuration disables support for delayed events. (#17780)
+    - Improve input validation and room membership checks in admin
+      redaction API. (#17792)
+  - Improved Documentation
+    - Clarify the docstring of test_forget_when_not_left. (#17628)
+    - Add documentation note about PYTHONMALLOC for accurate
+      jemalloc memory tracking. Contributed by @hensg. (#17709)
+    - Remove spurious "TODO UPDATE ALL THIS" note in the Debian
+      installation docs. (#17749)
+    - Explain how load balancing works for
+      federation_sender_instances. (#17776)
+  - Internal Changes
+    - Minor performance increase for large accounts using sliding
+      sync. (#17751)
+    - Increase performance of the notifier when there are many
+      syncing users. (#17765, #17766)
+    - Fix performance of streams that don't change often. (#17767)
+    - Improve performance of sliding sync connections that do not
+      ask for any rooms. (#17768)
+    - Reduce overhead of sliding sync E2EE loops. (#17771)
+    - Sliding sync minor performance speed up using new table.
+      (#17787)
+    - Sliding sync minor performance improvement by omitting
+      unchanged data from incremental responses. (#17788)
+    - Speed up sliding sync when there are many active
+      subscriptions. (#17789)
+    - Add missing license headers on new source files. (#17799)
+  - Updates to locked dependencies
+    - Bump phonenumbers from 8.13.45 to 8.13.46. (#17773)
+    - Bump python-multipart from 0.0.10 to 0.0.12. (#17772)
+    - Bump regex from 1.10.6 to 1.11.0. (#17770)
+    - Bump ruff from 0.6.7 to 0.6.8. (#17774)
+
+-------------------------------------------------------------------
+Tue Oct  1 17:19:50 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.116.0
+  - Features
+    - Add implementation of restricting who can overwrite a state
+      event as proposed by MSC3757. (#17513)
+    - Add initial implementation of delayed events as proposed by
+      MSC4140. (#17326)
+    - Add an asynchronous Admin API endpoint to redact all a user's
+      events,
+    - and an endpoint to check on the status of that redaction
+      task. (#17506)
+    - Add support for the tags and not_tags filters for MSC4186
+      Sliding Sync. (#17662)
+    - Guests can use the new media endpoints to download media, as
+      described by MSC4189. (#17675)
+    - Add config option turn_shared_secret_path. (#17690)
+    - Return room tags in MSC4186 Sliding Sync account data
+      extension. (#17707)
+  - Bugfixes
+    - Make sure we get up-to-date state information when using the
+      new MSC4186 Sliding Sync tables to derive room membership.
+      (#17692)
+    - Fix bug where room account data would not correctly be sent
+      down MSC4186 Sliding Sync for old rooms. (#17695)
+    - Fix a bug in MSC4186 Sliding Sync which could prevent /sync
+      from working for certain user accounts. (#17727, #17733)
+    - Ignore invites from ignored users in Sliding Sync. (#17729)
+    - Fix bug in MSC4186 Sliding Sync where the server would
+      incorrectly return a negative bump stamp, which caused
+      Element X apps to stop syncing. (#17748)
+  - Internal Changes
+    - Import pydantic objects from the _pydantic_compat module.
+      This allows check_pydantic_models.py to mock those pydantic
+      objects only in the synapse module, and not interfere with
+      pydantic objects in external dependencies. (#17667)
+    - Use MSC4186 Sliding Sync tables as a bulk shortcut for
+      getting the max event_stream_ordering of rooms. (#17693)
+    - Speed up MSC4186 sliding sync requests a bit where there are
+      many room changes. (#17696)
+    - Refactor MSC4186 sliding sync filter unit tests so the
+      sliding sync API has better test coverage. (#17703)
+    - Fetch bump_stamps more efficiently in MSC4186 Sliding Sync.
+      (#17723)
+    - Shortcut for checking if certain background updates have
+      completed (utilized in MSC4186 Sliding Sync). (#17724)
+    - More efficiently fetch rooms for MSC4186 Sliding Sync.
+      (#17725)
+    - Fix _bulk_get_max_event_pos being inefficient. (#17728)
+    - Add cache to get_tags_for_room(...). (#17730)
+    - Small performance improvement in speeding up MSC4186 Sliding
+      Sync. (#17731)
+    - Minor speed up of initial MSC4186 sliding sync requests.
+      (#17734)
+    - Remove usage of the deprecated cgi module, deprecated in
+      Python 3.11 and removed in Python 3.13. (#17741)
+    - Fix typing of a variable that is not Unknown anymore after
+      updating treq. (#17744)
+  - Updates to locked dependencies
+    - Bump anyhow from 1.0.86 to 1.0.89. (#17685, #17716)
+    - Bump bytes from 1.7.1 to 1.7.2. (#17743)
+    - Bump cryptography from 43.0.0 to 43.0.1. (#17689)
+    - Bump idna from 3.8 to 3.10. (#17758)
+    - Bump msgpack from 1.0.8 to 1.1.0. (#17759)
+    - Bump phonenumbers from 8.13.44 to 8.13.45. (#17762)
+    - Bump prometheus-client from 0.20.0 to 0.21.0. (#17746)
+    - Bump pyasn1 from 0.6.0 to 0.6.1. (#17714)
+    - Bump pyasn1-modules from 0.4.0 to 0.4.1. (#17747)
+    - Bump pydantic from 2.8.2 to 2.9.2. (#17756)
+    - Bump python-multipart from 0.0.9 to 0.0.10. (#17745)
+    - Bump ruff from 0.6.4 to 0.6.7. (#17715, #17760)
+    - Bump sentry-sdk from 2.13.0 to 2.14.0. (#17712)
+    - Bump serde from 1.0.209 to 1.0.210. (#17686)
+    - Bump serde_json from 1.0.127 to 1.0.128. (#17687)
+    - Bump treq from 23.11.0 to 24.9.1. (#17744)
+    - Bump types-pyyaml from 6.0.12.20240808 to 6.0.12.20240917.
+      (#17755)
+    - Bump types-requests from 2.32.0.20240712 to 2.32.0.20240914.
+      (#17713)
+    - Bump types-setuptools from 74.1.0.20240907 to
+      75.1.0.20240917. (#17757)
+
+-------------------------------------------------------------------
+Tue Sep 17 14:41:36 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
+
+- Update to 1.115.0
+  - Features
+    - Improve cross-signing upload when using MSC3861 to use a
+      custom UIA flow stage, with web fallback support. (#17509)
+  - Bugfixes
+    - Return 400 M_BAD_JSON upon attempting to complete various
+      room actions with a non-local user ID and unknown room ID,
+      rather than an internal server error. (#17607)
+    - Fix authenticated media responses using a wrong limit when
+      following redirects over federation. (#17626)
+    - Fix bug where we returned the wrong bump_stamp for invites in
+      sliding sync response, causing incorrect ordering of invites
+      in the room list. (#17674)
+  - Improved Documentation
+    - Clarify that the admin api resource is only loaded on the
+      main process and not workers. (#17590)
+    - Fixed typo in saml2_config config example. (#17594)
+  - Deprecations and Removals
+    - Stabilise MSC4156 by removing the msc4156_enabled config
+      setting and defaulting it to true. (#17650)
+  - Internal Changes
+    - Pre-populate room data used in experimental MSC3575 Sliding
+      Sync /sync endpoint for quick filtering/sorting. (#17652)
+    - Speed up sliding sync by reducing amount of data pulled out
+      of the database for large rooms. (#17683)
+    - Update MSC3861 implementation: load the issuer and account
+      management URLs from OIDC discovery. (#17407)
+    - Pre-populate room data used in experimental MSC3575 Sliding
+      Sync /sync endpoint for quick filtering/sorting. (#17512,
+      #17632, #17633, #17634, #17635, #17636, #17641, #17654,
+      #17673)
+    - Store sliding sync per-connection state in the database.
+      (#17599, #17631)
+    - Make the sliding sync PerConnectionState class immutable.
+      (#17600)
+    - Replace isort and black with ruff. (#17620, #17643)
+    - Sliding Sync: Split up
+      get_room_membership_for_user_at_to_token. (#17629)
+    - Use new database tables for sliding sync. (#17630, #17649)
+    - Prevent duplicate tags being added to Sliding Sync traces.
+      (#17655)
+    - Get bump_stamp from new sliding sync tables which should be
+      faster. (#17658)
+    - Speed up incremental Sliding Sync requests by avoiding extra
+      work. (#17665)
+    - Small performance improvement in speeding up sliding sync.
+      (#17666, #17670, #17672)
+    - Speed up sliding sync by reducing number of database calls.
+      (#17684)
+    - Speed up sync by pulling out fewer events from the database.
+      (#17688)
+  - Updates to locked dependencies
+    - Bump authlib from 1.3.1 to 1.3.2. (#17679)
+    - Bump idna from 3.7 to 3.8. (#17682)
+    - Bump ruff from 0.6.2 to 0.6.4. (#17680)
+    - Bump towncrier from 24.7.1 to 24.8.0. (#17645)
+    - Bump twisted from 24.7.0rc1 to 24.7.0. (#17647)
+    - Bump types-pillow from 10.2.0.20240520 to 10.2.0.20240822.
+      (#17644)
+    - Bump types-psycopg2 from 2.9.21.20240417 to 2.9.21.20240819.
+      (#17646)
+    - Bump types-setuptools from 71.1.0.20240818 to
+      74.1.0.20240907. (#17681)
+- refresh patches:
+  bump-dependencies.patch
+  matrix-synapse-1.4.1-paths.patch
+
 -------------------------------------------------------------------
 Mon Sep  2 19:24:17 UTC 2024 - Marcus Rueckert <mrueckert@suse.de>
 

matrix-synapse.obsinfo

@@ -1,4 +1,4 @@
 name: matrix-synapse
-version: 1.114.0
+version: 1.124.0
-mtime: 1725293314
+mtime: 1739271410
-commit: 5eec67b6ef4b76caa2324a80e01e361bfa84a929
+commit: c1b7c6b12e7b9b2cf586a3210145f70a5e30ed67

matrix-synapse.spec

@@ -1,7 +1,7 @@
 #
 # spec file for package matrix-synapse
 #
-# Copyright (c) 2024 SUSE LLC
+# Copyright (c) 2025 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -20,28 +20,27 @@
 
 # NOTE: Keep this is in the same order as pyproject.toml.
 %if %{with use_poetry_for_dependencies}
-%global Jinja2_version                3.1.4
+%global Twisted_version               24.7.0
-%global Pillow_version                10.4.0
+%global Jinja2_version                3.1.5
-# TODO: 6.0.2
+%global Pillow_version                11.1.0
-%global PyYAML_version                6.0.1
+%global PyYAML_version                6.0.2
 %global attrs_version                 23.2.0
 %global bcrypt_version                4.2.0
 %global bleach_version                6.1.0
 %global canonicaljson_version         2.0.0
-%global cryptography_version          43.0.0
+%global cryptography_version          43.0.3
-%global immutabledict_version         4.2.0
+%global immutabledict_version         4.2.1
-%global idna_version                  3.7
+%global idna_version                  3.8
 %global ijson_version                 3.3.0
 %global jsonschema_version            4.20.0
 %global matrix_common_version         1.3.0
 %global matrix_common_max_version     2
-%global msgpack_version               1.0.8
+%global msgpack_version               1.1.0
-# TODO 1.3.0
+%global netaddr_version               1.3.0
-%global netaddr_version               1.2.1
+%global phonenumbers_version          8.13.52
-# TODO 8.13.44
-%global phonenumbers_version          8.13.39
 %global prometheus_client_version     0.20.0
 %global psutil_version                2.0.0
+# TODO: 24.3.0
 %global pyOpenSSL_version             24.2.1
 %global pyasn1_version                0.6.0
 %global pyasn1_modules_version        0.3.0
@@ -57,11 +56,12 @@
 %global matrix_synapse_ldap3_version  0.3.0
 %global packaging_version             24.0
 %global psycopg2_version              2.9.9
-%global pysaml2_version               7.3.1
+%global pysaml2_version               7.5.0
-%global Authlib_version               1.3.1
+# TODO: 1.4.0
-# TODO 5.3.0
+%global Authlib_version               1.3.2
-%global lxml_version                  5.2.2
+%global lxml_version                  5.3.0
-%global sentry_sdk_version            2.13.0
+# TODO: 2.19.2
+%global sentry_sdk_version            2.19.0
 %global PyJWT_version                 2.6.0
 %global jaeger_client_version         4.8.0
 %global opentracing_version           2.4.0
@@ -76,7 +76,7 @@
 # some version locks based on poetry.lock
 %global Jinja2_version                3.0
 %global Pillow_version                10.0.1
-%global PyYAML_version                3.13
+%global PyYAML_version                5.3
 %global Twisted_version               18.9.0
 %global attrs_version                 21.1.1
 %global bcrypt_version                3.1.7
@@ -126,7 +126,11 @@
 
 %define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not")
 
-%define use_python python3
+%if 0%{?suse_version} >= 1600
+%define use_python %{primary_python}
+%else
+%define use_python python311
+%endif
 
 %define pythons %{use_python}
 
@@ -155,7 +159,7 @@
 %define         pkgname matrix-synapse
 %define         eggname matrix_synapse
 Name:           %{pkgname}
-Version:        1.114.0
+Version:        1.124.0
 Release:        0
 Summary:        Matrix protocol reference homeserver
 License:        AGPL-3.0-or-later
@@ -177,12 +181,21 @@ Patch1:         bump-dependencies.patch
 # https://github.com/matrix-org/synapse/pull/10719
 # disable by marking as source until we get a decision upstream
 Source100:      10719-Fix-instert-of-duplicate-key-into-event_json.patch
-BuildRequires:  %{use_python}-base >= 3.8
+BuildRequires:  %{use_python}-base >= 3.11
 BuildRequires:  %{use_python}-pip
 BuildRequires:  %{use_python}-poetry-core >= 1.1.0
 BuildRequires:  %{use_python}-setuptools
 BuildRequires:  %{use_python}-wheel
-BuildRequires:  cargo
+# workaround for:
+# zypper in cargo1.79 cargo cargo-packaging
+# Problem: 1: the to be installed cargo-1.81.0-150500.27.21.1.x86_64 obsoletes 'cargo1.79' provided by the to be installed cargo1.79-1.79.0-150500.11.3.1.x86_64
+#   Solution 1: do not install cargo1.79-1.79.0-150500.11.3.1.x86_64
+#   Solution 2: do not install cargo-1.81.0-150500.27.21.1.x86_64
+#
+#!BuildIgnore: cargo
+#!BuildIgnore: rust
+%global rust_version 1.82
+BuildRequires:  cargo%{rust_version}
 BuildRequires:  fdupes
 BuildRequires:  python-rpm-macros
 BuildRequires:  systemd-rpm-macros
@@ -192,7 +205,7 @@ BuildRequires:  unzip
 %{?systemd_ordering}
 %{sysusers_requires}
 %requires_peq   %{use_python}-base
-BuildRequires:  (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.9.0)
+BuildRequires:  (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.11)
 # NOTE: Keep this is in the same order as pyproject.toml.
 # some version locks based on poetry.lock
 BuildRequires:  %{use_python}-Jinja2 >= %{Jinja2_version}

vendor.tar.zst

@@ -1,3 +1,3 @@
 version https://git-lfs.github.com/spec/v1
-oid sha256:87d43a1ae29ef0be416730d4765189d904505ee047e99780202657f6d8284389
+oid sha256:b9c901122378e1d64dc5f5bca1852dc1c5bc7d7271cbcd2777674d644f3fcc05
-size 7122019
+size 4120195