Skip to content

Tags: koenr/synapse

Tags

v1.24.0

Toggle v1.24.0's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.24.0 (2020-12-09)

===========================

Due to the two security issues highlighted below, server administrators are
encouraged to update Synapse. We are not aware of these vulnerabilities being
exploited in the wild.

Security advisory
-----------------

The following issues are fixed in v1.23.1 and v1.24.0.

- There is a denial of service attack
  ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
  against the federation APIs in which future events will not be correctly sent
  to other servers over federation. This affects all servers that participate in
  open federation. (Fixed in [matrix-org#8776](matrix-org#8776)).

- Synapse may be affected by OpenSSL
  [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
  Synapse administrators should ensure that they have the latest versions of
  the cryptography Python package installed.

To upgrade Synapse along with the cryptography package:

* Administrators using the [`matrix.org` Docker
  image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
  packages from
  `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
  should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
  the updated packages.
* Administrators who have [installed Synapse from
  source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
  should upgrade the cryptography package within their virtualenv by running:
  ```sh
  <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
  ```
* Administrators who have installed Synapse from distribution packages should
  consult the information from their distributions.

Internal Changes
----------------

- Add a maximum version for pysaml2 on Python 3.5. ([\matrix-org#8898](matrix-org#8898))

v1.23.1

Toggle v1.23.1's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.23.1 (2020-12-09)

===========================

Due to the two security issues highlighted below, server administrators are
encouraged to update Synapse. We are not aware of these vulnerabilities being
exploited in the wild.

Security advisory
-----------------

The following issues are fixed in v1.23.1 and v1.24.0.

- There is a denial of service attack
  ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
  against the federation APIs in which future events will not be correctly sent
  to other servers over federation. This affects all servers that participate in
  open federation. (Fixed in [matrix-org#8776](matrix-org#8776)).

- Synapse may be affected by OpenSSL
  [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
  Synapse administrators should ensure that they have the latest versions of
  the cryptography Python package installed.

To upgrade Synapse along with the cryptography package:

* Administrators using the [`matrix.org` Docker
  image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
  packages from
  `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
  should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
  the updated packages.
* Administrators who have [installed Synapse from
  source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
  should upgrade the cryptography package within their virtualenv by running:
  ```sh
  <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
  ```
* Administrators who have installed Synapse from distribution packages should
  consult the information from their distributions.

Bugfixes
--------

- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\matrix-org#8776](matrix-org#8776))

Internal Changes
----------------

- Add a maximum version for pysaml2 on Python 3.5. ([\matrix-org#8898](matrix-org#8898))

v1.24.0rc2

Toggle v1.24.0rc2's commit message

Verified

This tag was signed with the committer’s verified signature. The key has expired.
clokep Patrick Cloke
Synapse 1.24.0rc2 (2020-12-04)

==============================

Bugfixes
--------

- Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\matrix-org#8878](matrix-org#8878))

Internal Changes
----------------

- Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\matrix-org#8875](matrix-org#8875))

v1.24.0rc1

Toggle v1.24.0rc1's commit message

Verified

This tag was signed with the committer’s verified signature. The key has expired.
clokep Patrick Cloke
Synapse 1.24.0rc1 (2020-12-02)

==============================

Features
--------

- Add admin API for logging in as a user. ([\matrix-org#8617](matrix-org#8617))
- Allow specification of the SAML IdP if the metadata returns multiple IdPs. ([\matrix-org#8630](matrix-org#8630))
- Add support for re-trying generation of a localpart for OpenID Connect mapping providers. ([\matrix-org#8801](matrix-org#8801), [\matrix-org#8855](matrix-org#8855))
- Allow the `Date` header through CORS. Contributed by Nicolas Chamo. ([\matrix-org#8804](matrix-org#8804))
- Add a config option, `push.group_by_unread_count`, which controls whether unread message counts in push notifications are defined as "the number of rooms with unread messages" or "total unread messages". ([\matrix-org#8820](matrix-org#8820))
- Add `force_purge` option to delete-room admin api. ([\matrix-org#8843](matrix-org#8843))

Bugfixes
--------

- Fix a bug where appservices may be sent an excessive amount of read receipts and presence. Broke in v1.22.0. ([\matrix-org#8744](matrix-org#8744))
- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\matrix-org#8776](matrix-org#8776))
- Fix a bug where synctl could spawn duplicate copies of a worker. Contributed by Waylon Cude. ([\matrix-org#8798](matrix-org#8798))
- Allow per-room profiles to be used for the server notice user. ([\matrix-org#8799](matrix-org#8799))
- Fix a bug where logging could break after a call to SIGHUP. ([\matrix-org#8817](matrix-org#8817))
- Fix `register_new_matrix_user` failing with "Bad Request" when trailing slash is included in server URL. Contributed by @angdraug. ([\matrix-org#8823](matrix-org#8823))
- Fix a minor long-standing bug in login, where we would offer the `password` login type if a custom auth provider supported it, even if password login was disabled. ([\matrix-org#8835](matrix-org#8835))
- Fix a long-standing bug which caused Synapse to require unspecified parameters during user-interactive authentication. ([\matrix-org#8848](matrix-org#8848))
- Fix a bug introduced in v1.20.0 where the user-agent and IP address reported during user registration for CAS, OpenID Connect, and SAML were of the wrong form. ([\matrix-org#8784](matrix-org#8784))

Improved Documentation
----------------------

- Clarify the usecase for a msisdn delegate. Contributed by Adrian Wannenmacher. ([\matrix-org#8734](matrix-org#8734))
- Remove extraneous comma from JSON example in User Admin API docs. ([\matrix-org#8771](matrix-org#8771))
- Update `turn-howto.md` with troubleshooting notes. ([\matrix-org#8779](matrix-org#8779))
- Fix the example on how to set the `Content-Type` header in nginx for the Client Well-Known URI. ([\matrix-org#8793](matrix-org#8793))
- Improve the documentation for the admin API to list all media in a room with respect to encrypted events. ([\matrix-org#8795](matrix-org#8795))
- Update the formatting of the `push` section of the homeserver config file to better align with the [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). ([\matrix-org#8818](matrix-org#8818))
- Improve documentation how to configure prometheus for workers. ([\matrix-org#8822](matrix-org#8822))
- Update example prometheus console. ([\matrix-org#8824](matrix-org#8824))

Deprecations and Removals
-------------------------

- Remove old `/_matrix/client/*/admin` endpoints which were deprecated since Synapse 1.20.0. ([\matrix-org#8785](matrix-org#8785))
- Disable pretty printing JSON responses for curl. Users who want pretty-printed output should use [jq](https://stedolan.github.io/jq/) in combination with curl. Contributed by @tulir. ([\matrix-org#8833](matrix-org#8833))

Internal Changes
----------------

- Simplify the way the `HomeServer` object caches its internal attributes. ([\matrix-org#8565](matrix-org#8565), [\matrix-org#8851](matrix-org#8851))
- Add an example and documentation for clock skew to the SAML2 sample configuration to allow for clock/time difference between the homserver and IdP. Contributed by @localguru. ([\matrix-org#8731](matrix-org#8731))
- Generalise `RoomMemberHandler._locally_reject_invite` to apply to more flows than just invite. ([\matrix-org#8751](matrix-org#8751))
- Generalise `RoomStore.maybe_store_room_on_invite` to handle other, non-invite membership events. ([\matrix-org#8754](matrix-org#8754))
- Refactor test utilities for injecting HTTP requests. ([\matrix-org#8757](matrix-org#8757), [\matrix-org#8758](matrix-org#8758), [\matrix-org#8759](matrix-org#8759), [\matrix-org#8760](matrix-org#8760), [\matrix-org#8761](matrix-org#8761), [\matrix-org#8777](matrix-org#8777))
- Consolidate logic between the OpenID Connect and SAML code. ([\matrix-org#8765](matrix-org#8765))
- Use `TYPE_CHECKING` instead of magic `MYPY` variable. ([\matrix-org#8770](matrix-org#8770))
- Add a commandline script to sign arbitrary json objects. ([\matrix-org#8772](matrix-org#8772))
- Minor log line improvements for the SSO mapping code used to generate Matrix IDs from SSO IDs. ([\matrix-org#8773](matrix-org#8773))
- Add additional error checking for OpenID Connect and SAML mapping providers. ([\matrix-org#8774](matrix-org#8774), [\matrix-org#8800](matrix-org#8800))
- Add type hints to HTTP abstractions. ([\matrix-org#8806](matrix-org#8806), [\matrix-org#8812](matrix-org#8812))
- Remove unnecessary function arguments and add typing to several membership replication classes. ([\matrix-org#8809](matrix-org#8809))
- Optimise the lookup for an invite from another homeserver when trying to reject it. ([\matrix-org#8815](matrix-org#8815))
- Add tests for `password_auth_provider`s. ([\matrix-org#8819](matrix-org#8819))
- Drop redundant database index on `event_json`. ([\matrix-org#8845](matrix-org#8845))
- Simplify `uk.half-shot.msc2778.login.application_service` login handler. ([\matrix-org#8847](matrix-org#8847))
- Refactor `password_auth_provider` support code. ([\matrix-org#8849](matrix-org#8849))
- Add missing `ordering` to background database updates. ([\matrix-org#8850](matrix-org#8850))
- Allow for specifying a room version when creating a room in unit tests via `RestHelper.create_room_as`. ([\matrix-org#8854](matrix-org#8854))

v1.23.0

Toggle v1.23.0's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.23.0 (2020-11-18)

===========================

This release changes the way structured logging is configured. See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.

**Note**: We are aware of a trivially exploitable denial of service vulnerability in versions of Synapse prior to 1.20.0. Complete details will be disclosed on Monday, November 23rd. If you have not upgraded recently, please do so.

Bugfixes
--------

- Fix a dependency versioning bug in the Dockerfile that prevented Synapse from starting. ([\matrix-org#8767](matrix-org#8767))

Synapse 1.23.0rc1 (2020-11-13)
==============================

Features
--------

- Add a push rule that highlights when a jitsi conference is created in a room. ([\matrix-org#8286](matrix-org#8286))
- Add an admin api to delete a single file or files that were not used for a defined time from server. Contributed by @dklimpel. ([\matrix-org#8519](matrix-org#8519))
- Split admin API for reported events (`GET /_synapse/admin/v1/event_reports`) into detail and list endpoints. This is a breaking change to matrix-org#8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts. Contributed by @dklimpel. ([\matrix-org#8539](matrix-org#8539))
- Support generating structured logs via the standard logging configuration. ([\matrix-org#8607](matrix-org#8607), [\matrix-org#8685](matrix-org#8685))
- Add an admin API to allow server admins to list users' pushers. Contributed by @dklimpel. ([\matrix-org#8610](matrix-org#8610), [\matrix-org#8689](matrix-org#8689))
- Add an admin API `GET /_synapse/admin/v1/users/<user_id>/media` to get information about uploaded media. Contributed by @dklimpel. ([\matrix-org#8647](matrix-org#8647))
- Add an admin API for local user media statistics. Contributed by @dklimpel. ([\matrix-org#8700](matrix-org#8700))
- Add `displayname` to Shared-Secret Registration for admins. ([\matrix-org#8722](matrix-org#8722))

Bugfixes
--------

- Fix fetching of E2E cross signing keys over federation when only one of the master key and device signing key is cached already. ([\matrix-org#8455](matrix-org#8455))
- Fix a bug where Synapse would blindly forward bad responses from federation to clients when retrieving profile information. ([\matrix-org#8580](matrix-org#8580))
- Fix a bug where the account validity endpoint would silently fail if the user ID did not have an expiration time. It now returns a 400 error. ([\matrix-org#8620](matrix-org#8620))
- Fix email notifications for invites without local state. ([\matrix-org#8627](matrix-org#8627))
- Fix handling of invalid group IDs to return a 400 rather than log an exception and return a 500. ([\matrix-org#8628](matrix-org#8628))
- Fix handling of User-Agent headers that are invalid UTF-8, which caused user agents of users to not get correctly recorded. ([\matrix-org#8632](matrix-org#8632))
- Fix a bug in the `joined_rooms` admin API if the user has never joined any rooms. The bug was introduced, along with the API, in v1.21.0. ([\matrix-org#8643](matrix-org#8643))
- Fix exception during handling multiple concurrent requests for remote media when using multiple media repositories. ([\matrix-org#8682](matrix-org#8682))
- Fix bug that prevented Synapse from recovering after losing connection to the database. ([\matrix-org#8726](matrix-org#8726))
- Fix bug where the `/_synapse/admin/v1/send_server_notice` API could send notices to non-notice rooms. ([\matrix-org#8728](matrix-org#8728))
- Fix PostgreSQL port script fails when DB has no backfilled events. Broke in v1.21.0. ([\matrix-org#8729](matrix-org#8729))
- Fix PostgreSQL port script to correctly handle foreign key constraints. Broke in v1.21.0. ([\matrix-org#8730](matrix-org#8730))
- Fix PostgreSQL port script so that it can be run again after a failure. Broke in v1.21.0. ([\matrix-org#8755](matrix-org#8755))

Improved Documentation
----------------------

- Instructions for Azure AD in the OpenID Connect documentation. Contributed by peterk. ([\matrix-org#8582](matrix-org#8582))
- Improve the sample configuration for single sign-on providers. ([\matrix-org#8635](matrix-org#8635))
- Fix the filepath of Dex's example config and the link to Dex's Getting Started guide in the OpenID Connect docs. ([\matrix-org#8657](matrix-org#8657))
- Note support for Python 3.9. ([\matrix-org#8665](matrix-org#8665))
- Minor updates to docs on running tests. ([\matrix-org#8666](matrix-org#8666))
- Interlink prometheus/grafana documentation. ([\matrix-org#8667](matrix-org#8667))
- Notes on SSO logins and media_repository worker. ([\matrix-org#8701](matrix-org#8701))
- Document experimental support for running multiple event persisters. ([\matrix-org#8706](matrix-org#8706))
- Add information regarding the various sources of, and expected contributions to, Synapse's documentation to `CONTRIBUTING.md`. ([\matrix-org#8714](matrix-org#8714))
- Migrate documentation `docs/admin_api/event_reports` to markdown. ([\matrix-org#8742](matrix-org#8742))
- Add some helpful hints to the README for new Synapse developers. Contributed by @chagai95. ([\matrix-org#8746](matrix-org#8746))

Internal Changes
----------------

- Optimise `/createRoom` with multiple invited users. ([\matrix-org#8559](matrix-org#8559))
- Implement and use an `@lru_cache` decorator. ([\matrix-org#8595](matrix-org#8595))
- Don't instansiate Requester directly. ([\matrix-org#8614](matrix-org#8614))
- Type hints for `RegistrationStore`. ([\matrix-org#8615](matrix-org#8615))
- Change schema to support access tokens belonging to one user but granting access to another. ([\matrix-org#8616](matrix-org#8616))
- Remove unused OPTIONS handlers. ([\matrix-org#8621](matrix-org#8621))
- Run `mypy` as part of the lint.sh script. ([\matrix-org#8633](matrix-org#8633))
- Correct Synapse's PyPI package name in the OpenID Connect installation instructions. ([\matrix-org#8634](matrix-org#8634))
- Catch exceptions during initialization of `password_providers`. Contributed by Nicolai Søborg. ([\matrix-org#8636](matrix-org#8636))
- Fix typos and spelling errors in the code. ([\matrix-org#8639](matrix-org#8639))
- Reduce number of OpenTracing spans started. ([\matrix-org#8640](matrix-org#8640), [\matrix-org#8668](matrix-org#8668), [\matrix-org#8670](matrix-org#8670))
- Add field `total` to device list in admin API. ([\matrix-org#8644](matrix-org#8644))
- Add more type hints to the application services code. ([\matrix-org#8655](matrix-org#8655), [\matrix-org#8693](matrix-org#8693))
- Tell Black to format code for Python 3.5. ([\matrix-org#8664](matrix-org#8664))
- Don't pull event from DB when handling replication traffic. ([\matrix-org#8669](matrix-org#8669))
- Abstract some invite-related code in preparation for landing knocking. ([\matrix-org#8671](matrix-org#8671), [\matrix-org#8688](matrix-org#8688))
- Clarify representation of events in logfiles. ([\matrix-org#8679](matrix-org#8679))
- Don't require `hiredis` package to be installed to run unit tests. ([\matrix-org#8680](matrix-org#8680))
- Fix typing info on cache call signature to accept `on_invalidate`. ([\matrix-org#8684](matrix-org#8684))
- Fail tests if they do not await coroutines. ([\matrix-org#8690](matrix-org#8690))
- Improve start time by adding an index to `e2e_cross_signing_keys.stream_id`. ([\matrix-org#8694](matrix-org#8694))
- Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. ([\matrix-org#8697](matrix-org#8697))
- Use Python 3.8 in Docker images by default. ([\matrix-org#8698](matrix-org#8698))
- Remove the "draft" status of the Room Details Admin API. ([\matrix-org#8702](matrix-org#8702))
- Improve the error returned when a non-string displayname or avatar_url is used when updating a user's profile. ([\matrix-org#8705](matrix-org#8705))
- Block attempts by clients to send server ACLs, or redactions of server ACLs, that would result in the local server being blocked from the room. ([\matrix-org#8708](matrix-org#8708))
- Add metrics the allow the local sysadmin to track 3PID `/requestToken` requests. ([\matrix-org#8712](matrix-org#8712))
- Consolidate duplicated lists of purged tables that are checked in tests. ([\matrix-org#8713](matrix-org#8713))
- Add some `mdui:UIInfo` element examples for `saml2_config` in the homeserver config. ([\matrix-org#8718](matrix-org#8718))
- Improve the error message returned when a remote server incorrectly sets the `Content-Type` header in response to a JSON request. ([\matrix-org#8719](matrix-org#8719))
- Speed up repeated state resolutions on the same room by caching event ID to auth event ID lookups. ([\matrix-org#8752](matrix-org#8752))

v1.23.0rc1

Toggle v1.23.0rc1's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.23.0rc1 (2020-11-13)

==============================

Features
--------

- Add a push rule that highlights when a jitsi conference is created in a room. ([\matrix-org#8286](matrix-org#8286))
- Add an admin api to delete a single file or files that were not used for a defined time from server. Contributed by @dklimpel. ([\matrix-org#8519](matrix-org#8519))
- Split admin API for reported events (`GET /_synapse/admin/v1/event_reports`) into detail and list endpoints. This is a breaking change to matrix-org#8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts. Contributed by @dklimpel. ([\matrix-org#8539](matrix-org#8539))
- Support generating structured logs via the standard logging configuration. ([\matrix-org#8607](matrix-org#8607), [\matrix-org#8685](matrix-org#8685))
- Add an admin API to allow server admins to list users' pushers. Contributed by @dklimpel. ([\matrix-org#8610](matrix-org#8610), [\matrix-org#8689](matrix-org#8689))
- Add an admin API `GET /_synapse/admin/v1/users/<user_id>/media` to get information about uploaded media. Contributed by @dklimpel. ([\matrix-org#8647](matrix-org#8647))
- Add an admin API for local user media statistics. Contributed by @dklimpel. ([\matrix-org#8700](matrix-org#8700))
- Add `displayname` to Shared-Secret Registration for admins. ([\matrix-org#8722](matrix-org#8722))

Bugfixes
--------

- Fix fetching of E2E cross signing keys over federation when only one of the master key and device signing key is cached already. ([\matrix-org#8455](matrix-org#8455))
- Fix a bug where Synapse would blindly forward bad responses from federation to clients when retrieving profile information. ([\matrix-org#8580](matrix-org#8580))
- Fix a bug where the account validity endpoint would silently fail if the user ID did not have an expiration time. It now returns a 400 error. ([\matrix-org#8620](matrix-org#8620))
- Fix email notifications for invites without local state. ([\matrix-org#8627](matrix-org#8627))
- Fix handling of invalid group IDs to return a 400 rather than log an exception and return a 500. ([\matrix-org#8628](matrix-org#8628))
- Fix handling of User-Agent headers that are invalid UTF-8, which caused user agents of users to not get correctly recorded. ([\matrix-org#8632](matrix-org#8632))
- Fix a bug in the `joined_rooms` admin API if the user has never joined any rooms. The bug was introduced, along with the API, in v1.21.0. ([\matrix-org#8643](matrix-org#8643))
- Fix exception during handling multiple concurrent requests for remote media when using multiple media repositories. ([\matrix-org#8682](matrix-org#8682))
- Fix bug that prevented Synapse from recovering after losing connection to the database. ([\matrix-org#8726](matrix-org#8726))
- Fix bug where the `/_synapse/admin/v1/send_server_notice` API could send notices to non-notice rooms. ([\matrix-org#8728](matrix-org#8728))
- Fix PostgreSQL port script fails when DB has no backfilled events. Broke in v1.21.0. ([\matrix-org#8729](matrix-org#8729))
- Fix PostgreSQL port script to correctly handle foreign key constraints. Broke in v1.21.0. ([\matrix-org#8730](matrix-org#8730))
- Fix PostgreSQL port script so that it can be run again after a failure. Broke in v1.21.0. ([\matrix-org#8755](matrix-org#8755))

Improved Documentation
----------------------

- Instructions for Azure AD in the OpenID Connect documentation. Contributed by peterk. ([\matrix-org#8582](matrix-org#8582))
- Improve the sample configuration for single sign-on providers. ([\matrix-org#8635](matrix-org#8635))
- Fix the filepath of Dex's example config and the link to Dex's Getting Started guide in the OpenID Connect docs. ([\matrix-org#8657](matrix-org#8657))
- Note support for Python 3.9. ([\matrix-org#8665](matrix-org#8665))
- Minor updates to docs on running tests. ([\matrix-org#8666](matrix-org#8666))
- Interlink prometheus/grafana documentation. ([\matrix-org#8667](matrix-org#8667))
- Notes on SSO logins and media_repository worker. ([\matrix-org#8701](matrix-org#8701))
- Document experimental support for running multiple event persisters. ([\matrix-org#8706](matrix-org#8706))
- Add information regarding the various sources of, and expected contributions to, Synapse's documentation to `CONTRIBUTING.md`. ([\matrix-org#8714](matrix-org#8714))
- Migrate documentation `docs/admin_api/event_reports` to markdown. ([\matrix-org#8742](matrix-org#8742))
- Add some helpful hints to the README for new Synapse developers. Contributed by @chagai95. ([\matrix-org#8746](matrix-org#8746))

Internal Changes
----------------

- Optimise `/createRoom` with multiple invited users. ([\matrix-org#8559](matrix-org#8559))
- Implement and use an @lru_cache decorator. ([\matrix-org#8595](matrix-org#8595))
- Don't instansiate Requester directly. ([\matrix-org#8614](matrix-org#8614))
- Type hints for `RegistrationStore`. ([\matrix-org#8615](matrix-org#8615))
- Change schema to support access tokens belonging to one user but granting access to another. ([\matrix-org#8616](matrix-org#8616))
- Remove unused OPTIONS handlers. ([\matrix-org#8621](matrix-org#8621))
- Run `mypy` as part of the lint.sh script. ([\matrix-org#8633](matrix-org#8633))
- Correct Synapse's PyPI package name in the OpenID Connect installation instructions. ([\matrix-org#8634](matrix-org#8634))
- Catch exceptions during initialization of `password_providers`. Contributed by Nicolai Søborg. ([\matrix-org#8636](matrix-org#8636))
- Fix typos and spelling errors in the code. ([\matrix-org#8639](matrix-org#8639))
- Reduce number of OpenTracing spans started. ([\matrix-org#8640](matrix-org#8640), [\matrix-org#8668](matrix-org#8668), [\matrix-org#8670](matrix-org#8670))
- Add field `total` to device list in admin API. ([\matrix-org#8644](matrix-org#8644))
- Add more type hints to the application services code. ([\matrix-org#8655](matrix-org#8655), [\matrix-org#8693](matrix-org#8693))
- Tell Black to format code for Python 3.5. ([\matrix-org#8664](matrix-org#8664))
- Don't pull event from DB when handling replication traffic. ([\matrix-org#8669](matrix-org#8669))
- Abstract some invite-related code in preparation for landing knocking. ([\matrix-org#8671](matrix-org#8671), [\matrix-org#8688](matrix-org#8688))
- Clarify representation of events in logfiles. ([\matrix-org#8679](matrix-org#8679))
- Don't require `hiredis` package to be installed to run unit tests. ([\matrix-org#8680](matrix-org#8680))
- Fix typing info on cache call signature to accept `on_invalidate`. ([\matrix-org#8684](matrix-org#8684))
- Fail tests if they do not await coroutines. ([\matrix-org#8690](matrix-org#8690))
- Improve start time by adding an index to `e2e_cross_signing_keys.stream_id`. ([\matrix-org#8694](matrix-org#8694))
- Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. ([\matrix-org#8697](matrix-org#8697))
- Use Python 3.8 in Docker images by default. ([\matrix-org#8698](matrix-org#8698))
- Remove the "draft" status of the Room Details Admin API. ([\matrix-org#8702](matrix-org#8702))
- Improve the error returned when a non-string displayname or avatar_url is used when updating a user's profile. ([\matrix-org#8705](matrix-org#8705))
- Block attempts by clients to send server ACLs, or redactions of server ACLs, that would result in the local server being blocked from the room. ([\matrix-org#8708](matrix-org#8708))
- Add metrics the allow the local sysadmin to track 3PID `/requestToken` requests. ([\matrix-org#8712](matrix-org#8712))
- Consolidate duplicated lists of purged tables that are checked in tests. ([\matrix-org#8713](matrix-org#8713))
- Add some `mdui:UIInfo` element examples for `saml2_config` in the homeserver config. ([\matrix-org#8718](matrix-org#8718))
- Improve the error message returned when a remote server incorrectly sets the `Content-Type` header in response to a JSON request. ([\matrix-org#8719](matrix-org#8719))
- Speed up repeated state resolutions on the same room by caching event ID to auth event ID lookups. ([\matrix-org#8752](matrix-org#8752))

v1.22.1

Toggle v1.22.1's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.22.1 (2020-10-30)

===========================

Bugfixes
--------

- Fix a bug where an appservice may not be forwarded events for a room it was recently invited to. Broke in v1.22.0. ([\matrix-org#8676](matrix-org#8676))
- Fix `Object of type frozendict is not JSON serializable` exceptions when using third-party event rules. Broke in v1.22.0. ([\matrix-org#8678](matrix-org#8678))

v1.22.0

Toggle v1.22.0's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.22.0 (2020-10-27)

===========================

No significant changes.

Synapse 1.22.0rc2 (2020-10-26)
==============================

Bugfixes
--------

- Fix bugs where ephemeral events were not sent to appservices. Broke in v1.22.0rc1. ([\matrix-org#8648](matrix-org#8648), [\matrix-org#8656](matrix-org#8656))
- Fix `user_daily_visits` table to not have duplicate rows per user/device due to multiple user agents. Broke in v1.22.0rc1. ([\matrix-org#8654](matrix-org#8654))

Synapse 1.22.0rc1 (2020-10-22)
==============================

Features
--------

- Add a configuration option for always using the "userinfo endpoint" for OpenID Connect. This fixes support for some identity providers, e.g. GitLab. Contributed by Benjamin Koch. ([\matrix-org#7658](matrix-org#7658))
- Add ability for `ThirdPartyEventRules` modules to query and manipulate whether a room is in the public rooms directory. ([\matrix-org#8292](matrix-org#8292), [\matrix-org#8467](matrix-org#8467))
- Add support for olm fallback keys ([MSC2732](matrix-org/matrix-spec-proposals#2732)). ([\matrix-org#8312](matrix-org#8312), [\matrix-org#8501](matrix-org#8501))
- Add support for running background tasks in a separate worker process. ([\matrix-org#8369](matrix-org#8369), [\matrix-org#8458](matrix-org#8458), [\matrix-org#8489](matrix-org#8489), [\matrix-org#8513](matrix-org#8513), [\matrix-org#8544](matrix-org#8544), [\matrix-org#8599](matrix-org#8599))
- Add support for device dehydration ([MSC2697](matrix-org/matrix-spec-proposals#2697)). ([\matrix-org#8380](matrix-org#8380))
- Add support for [MSC2409](matrix-org/matrix-spec-proposals#2409), which allows sending typing, read receipts, and presence events to appservices. ([\matrix-org#8437](matrix-org#8437), [\matrix-org#8590](matrix-org#8590))
- Change default room version to "6", per [MSC2788](matrix-org/matrix-spec-proposals#2788). ([\matrix-org#8461](matrix-org#8461))
- Add the ability to send non-membership events into a room via the `ModuleApi`. ([\matrix-org#8479](matrix-org#8479))
- Increase default upload size limit from 10M to 50M. Contributed by @Akkowicz. ([\matrix-org#8502](matrix-org#8502))
- Add support for modifying event content in `ThirdPartyRules` modules. ([\matrix-org#8535](matrix-org#8535), [\matrix-org#8564](matrix-org#8564))

Bugfixes
--------

- Fix a longstanding bug where invalid ignored users in account data could break clients. ([\matrix-org#8454](matrix-org#8454))
- Fix a bug where backfilling a room with an event that was missing the `redacts` field would break. ([\matrix-org#8457](matrix-org#8457))
- Don't attempt to respond to some requests if the client has already disconnected. ([\matrix-org#8465](matrix-org#8465))
- Fix message duplication if something goes wrong after persisting the event. ([\matrix-org#8476](matrix-org#8476))
- Fix incremental sync returning an incorrect `prev_batch` token in timeline section, which when used to paginate returned events that were included in the incremental sync. Broken since v0.16.0. ([\matrix-org#8486](matrix-org#8486))
- Expose the `uk.half-shot.msc2778.login.application_service` to clients from the login API. This feature was added in v1.21.0, but was not exposed as a potential login flow. ([\matrix-org#8504](matrix-org#8504))
- Fix error code for `/profile/{userId}/displayname` to be `M_BAD_JSON`. ([\matrix-org#8517](matrix-org#8517))
- Fix a bug introduced in v1.7.0 that could cause Synapse to insert values from non-state `m.room.retention` events into the `room_retention` database table. ([\matrix-org#8527](matrix-org#8527))
- Fix not sending events over federation when using sharded event writers. ([\matrix-org#8536](matrix-org#8536))
- Fix a long standing bug where email notifications for encrypted messages were blank. ([\matrix-org#8545](matrix-org#8545))
- Fix increase in the number of `There was no active span...` errors logged when using OpenTracing. ([\matrix-org#8567](matrix-org#8567))
- Fix a bug that prevented errors encountered during execution of the `synapse_port_db` from being correctly printed. ([\matrix-org#8585](matrix-org#8585))
- Fix appservice transactions to only include a maximum of 100 persistent and 100 ephemeral events. ([\matrix-org#8606](matrix-org#8606))

Updates to the Docker image
---------------------------

- Added multi-arch support (arm64,arm/v7) for the docker images. Contributed by @maquis196. ([\matrix-org#7921](matrix-org#7921))
- Add support for passing commandline args to the synapse process. Contributed by @samuel-p. ([\matrix-org#8390](matrix-org#8390))

Improved Documentation
----------------------

- Update the directions for using the manhole with coroutines. ([\matrix-org#8462](matrix-org#8462))
- Improve readme by adding new shield.io badges. ([\matrix-org#8493](matrix-org#8493))
- Added note about docker in manhole.md regarding which ip address to bind to. Contributed by @maquis196. ([\matrix-org#8526](matrix-org#8526))
- Document the new behaviour of the `allowed_lifetime_min` and `allowed_lifetime_max` settings in the room retention configuration. ([\matrix-org#8529](matrix-org#8529))

Deprecations and Removals
-------------------------

- Drop unused `device_max_stream_id` table. ([\matrix-org#8589](matrix-org#8589))

Internal Changes
----------------

- Check for unreachable code with mypy. ([\matrix-org#8432](matrix-org#8432))
- Add unit test for event persister sharding. ([\matrix-org#8433](matrix-org#8433))
- Allow events to be sent to clients sooner when using sharded event persisters. ([\matrix-org#8439](matrix-org#8439), [\matrix-org#8488](matrix-org#8488), [\matrix-org#8496](matrix-org#8496), [\matrix-org#8499](matrix-org#8499))
- Configure `public_baseurl` when using demo scripts. ([\matrix-org#8443](matrix-org#8443))
- Add SQL logging on queries that happen during startup. ([\matrix-org#8448](matrix-org#8448))
- Speed up unit tests when using PostgreSQL. ([\matrix-org#8450](matrix-org#8450))
- Remove redundant database loads of stream_ordering for events we already have. ([\matrix-org#8452](matrix-org#8452))
- Reduce inconsistencies between codepaths for membership and non-membership events. ([\matrix-org#8463](matrix-org#8463))
- Combine `SpamCheckerApi` with the more generic `ModuleApi`. ([\matrix-org#8464](matrix-org#8464))
- Additional testing for `ThirdPartyEventRules`. ([\matrix-org#8468](matrix-org#8468))
- Add `-d` option to `./scripts-dev/lint.sh` to lint files that have changed since the last git commit. ([\matrix-org#8472](matrix-org#8472))
- Unblacklist some sytests. ([\matrix-org#8474](matrix-org#8474))
- Include the log level in the phone home stats. ([\matrix-org#8477](matrix-org#8477))
- Remove outdated sphinx documentation, scripts and configuration. ([\matrix-org#8480](matrix-org#8480))
- Clarify error message when plugin config parsers raise an error. ([\matrix-org#8492](matrix-org#8492))
- Remove the deprecated `Handlers` object. ([\matrix-org#8494](matrix-org#8494))
- Fix a threadsafety bug in unit tests. ([\matrix-org#8497](matrix-org#8497))
- Add user agent to user_daily_visits table. ([\matrix-org#8503](matrix-org#8503))
- Add type hints to various parts of the code base. ([\matrix-org#8407](matrix-org#8407), [\matrix-org#8505](matrix-org#8505), [\matrix-org#8507](matrix-org#8507), [\matrix-org#8547](matrix-org#8547), [\matrix-org#8562](matrix-org#8562), [\matrix-org#8609](matrix-org#8609))
- Remove unused code from the test framework. ([\matrix-org#8514](matrix-org#8514))
- Apply some internal fixes to the `HomeServer` class to make its code more idiomatic and statically-verifiable. ([\matrix-org#8515](matrix-org#8515))
- Factor out common code between `RoomMemberHandler._locally_reject_invite` and `EventCreationHandler.create_event`. ([\matrix-org#8537](matrix-org#8537))
- Improve database performance by executing more queries without starting transactions. ([\matrix-org#8542](matrix-org#8542))
- Rename `Cache` to `DeferredCache`, to better reflect its purpose. ([\matrix-org#8548](matrix-org#8548))
- Move metric registration code down into `LruCache`. ([\matrix-org#8561](matrix-org#8561), [\matrix-org#8591](matrix-org#8591))
- Replace `DeferredCache` with the lighter-weight `LruCache` where possible. ([\matrix-org#8563](matrix-org#8563))
- Add virtualenv-generated folders to `.gitignore`. ([\matrix-org#8566](matrix-org#8566))
- Add `get_immediate` method to `DeferredCache`. ([\matrix-org#8568](matrix-org#8568))
- Fix mypy not properly checking across the codebase, additionally, fix a typing assertion error in `handlers/auth.py`. ([\matrix-org#8569](matrix-org#8569))
- Fix `synmark` benchmark runner. ([\matrix-org#8571](matrix-org#8571))
- Modify `DeferredCache.get()` to return `Deferred`s instead of `ObservableDeferred`s. ([\matrix-org#8572](matrix-org#8572))
- Adjust a protocol-type definition to fit `sqlite3` assertions. ([\matrix-org#8577](matrix-org#8577))
- Support macOS on the `synmark` benchmark runner. ([\matrix-org#8578](matrix-org#8578))
- Update `mypy` static type checker to 0.790. ([\matrix-org#8583](matrix-org#8583), [\matrix-org#8600](matrix-org#8600))
- Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. ([\matrix-org#8587](matrix-org#8587))
- Remove extraneous unittest logging decorators from unit tests. ([\matrix-org#8592](matrix-org#8592))
- Minor optimisations in caching code. ([\matrix-org#8593](matrix-org#8593), [\matrix-org#8594](matrix-org#8594))

v1.22.0rc2

Toggle v1.22.0rc2's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.22.0rc2 (2020-10-26)

==============================

Bugfixes
--------

- Fix bugs where ephemeral events were not sent to appservices. Broke in v1.22.0rc1. ([\matrix-org#8648](matrix-org#8648), [\matrix-org#8656](matrix-org#8656))
- Fix `user_daily_visits` table to not have duplicate rows per user/device due to multiple user agents. Broke in v1.22.0rc1. ([\matrix-org#8654](matrix-org#8654))

v1.22.0rc1

Toggle v1.22.0rc1's commit message

Verified

This tag was signed with the committer’s verified signature.
erikjohnston Erik Johnston
Synapse 1.22.0rc1 (2020-10-22)

==============================

Features
--------

- Add a configuration option for always using the "userinfo endpoint" for OpenID Connect. This fixes support for some identity providers, e.g. GitLab. Contributed by Benjamin Koch. ([\matrix-org#7658](matrix-org#7658))
- Add ability for `ThirdPartyEventRules` modules to query and manipulate whether a room is in the public rooms directory. ([\matrix-org#8292](matrix-org#8292), [\matrix-org#8467](matrix-org#8467))
- Add support for olm fallback keys ([MSC2732](matrix-org/matrix-spec-proposals#2732)). ([\matrix-org#8312](matrix-org#8312), [\matrix-org#8501](matrix-org#8501))
- Add support for running background tasks in a separate worker process. ([\matrix-org#8369](matrix-org#8369), [\matrix-org#8458](matrix-org#8458), [\matrix-org#8489](matrix-org#8489), [\matrix-org#8513](matrix-org#8513), [\matrix-org#8544](matrix-org#8544), [\matrix-org#8599](matrix-org#8599))
- Add support for device dehydration ([MSC2697](matrix-org/matrix-spec-proposals#2697)). ([\matrix-org#8380](matrix-org#8380))
- Add support for [MSC2409](matrix-org/matrix-spec-proposals#2409), which allows sending typing, read receipts, and presence events to appservices. ([\matrix-org#8437](matrix-org#8437), [\matrix-org#8590](matrix-org#8590))
- Change default room version to "6", per [MSC2788](matrix-org/matrix-spec-proposals#2788). ([\matrix-org#8461](matrix-org#8461))
- Add the ability to send non-membership events into a room via the `ModuleApi`. ([\matrix-org#8479](matrix-org#8479))
- Increase default upload size limit from 10M to 50M. Contributed by @Akkowicz. ([\matrix-org#8502](matrix-org#8502))
- Add support for modifying event content in `ThirdPartyRules` modules. ([\matrix-org#8535](matrix-org#8535), [\matrix-org#8564](matrix-org#8564))

Bugfixes
--------

- Fix a longstanding bug where invalid ignored users in account data could break clients. ([\matrix-org#8454](matrix-org#8454))
- Fix a bug where backfilling a room with an event that was missing the `redacts` field would break. ([\matrix-org#8457](matrix-org#8457))
- Don't attempt to respond to some requests if the client has already disconnected. ([\matrix-org#8465](matrix-org#8465))
- Fix message duplication if something goes wrong after persisting the event. ([\matrix-org#8476](matrix-org#8476))
- Fix incremental sync returning an incorrect `prev_batch` token in timeline section, which when used to paginate returned events that were included in the incremental sync. Broken since v0.16.0. ([\matrix-org#8486](matrix-org#8486))
- Expose the `uk.half-shot.msc2778.login.application_service` to clients from the login API. This feature was added in v1.21.0, but was not exposed as a potential login flow. ([\matrix-org#8504](matrix-org#8504))
- Fix error code for `/profile/{userId}/displayname` to be `M_BAD_JSON`. ([\matrix-org#8517](matrix-org#8517))
- Fix a bug introduced in v1.7.0 that could cause Synapse to insert values from non-state `m.room.retention` events into the `room_retention` database table. ([\matrix-org#8527](matrix-org#8527))
- Fix not sending events over federation when using sharded event writers. ([\matrix-org#8536](matrix-org#8536))
- Fix a long standing bug where email notifications for encrypted messages were blank. ([\matrix-org#8545](matrix-org#8545))
- Fix increase in the number of `There was no active span...` errors logged when using OpenTracing. ([\matrix-org#8567](matrix-org#8567))
- Fix a bug that prevented errors encountered during execution of the `synapse_port_db` from being correctly printed. ([\matrix-org#8585](matrix-org#8585))
- Fix appservice transactions to only include a maximum of 100 persistent and 100 ephemeral events. ([\matrix-org#8606](matrix-org#8606))

Updates to the Docker image
---------------------------

- Added multi-arch support (arm64,arm/v7) for the docker images. Contributed by @maquis196. ([\matrix-org#7921](matrix-org#7921))
- Add support for passing commandline args to the synapse process. Contributed by @samuel-p. ([\matrix-org#8390](matrix-org#8390))

Improved Documentation
----------------------

- Update the directions for using the manhole with coroutines. ([\matrix-org#8462](matrix-org#8462))
- Improve readme by adding new shield.io badges. ([\matrix-org#8493](matrix-org#8493))
- Added note about docker in manhole.md regarding which ip address to bind to. Contributed by @maquis196. ([\matrix-org#8526](matrix-org#8526))
- Document the new behaviour of the `allowed_lifetime_min` and `allowed_lifetime_max` settings in the room retention configuration. ([\matrix-org#8529](matrix-org#8529))

Deprecations and Removals
-------------------------

- Drop unused `device_max_stream_id` table. ([\matrix-org#8589](matrix-org#8589))

Internal Changes
----------------

- Check for unreachable code with mypy. ([\matrix-org#8432](matrix-org#8432))
- Add unit test for event persister sharding. ([\matrix-org#8433](matrix-org#8433))
- Allow events to be sent to clients sooner when using sharded event persisters. ([\matrix-org#8439](matrix-org#8439), [\matrix-org#8488](matrix-org#8488), [\matrix-org#8496](matrix-org#8496), [\matrix-org#8499](matrix-org#8499))
- Configure `public_baseurl` when using demo scripts. ([\matrix-org#8443](matrix-org#8443))
- Add SQL logging on queries that happen during startup. ([\matrix-org#8448](matrix-org#8448))
- Speed up unit tests when using PostgreSQL. ([\matrix-org#8450](matrix-org#8450))
- Remove redundant database loads of stream_ordering for events we already have. ([\matrix-org#8452](matrix-org#8452))
- Reduce inconsistencies between codepaths for membership and non-membership events. ([\matrix-org#8463](matrix-org#8463))
- Combine `SpamCheckerApi` with the more generic `ModuleApi`. ([\matrix-org#8464](matrix-org#8464))
- Additional testing for `ThirdPartyEventRules`. ([\matrix-org#8468](matrix-org#8468))
- Add `-d` option to `./scripts-dev/lint.sh` to lint files that have changed since the last git commit. ([\matrix-org#8472](matrix-org#8472))
- Unblacklist some sytests. ([\matrix-org#8474](matrix-org#8474))
- Include the log level in the phone home stats. ([\matrix-org#8477](matrix-org#8477))
- Remove outdated sphinx documentation, scripts and configuration. ([\matrix-org#8480](matrix-org#8480))
- Clarify error message when plugin config parsers raise an error. ([\matrix-org#8492](matrix-org#8492))
- Remove the deprecated `Handlers` object. ([\matrix-org#8494](matrix-org#8494))
- Fix a threadsafety bug in unit tests. ([\matrix-org#8497](matrix-org#8497))
- Add user agent to user_daily_visits table. ([\matrix-org#8503](matrix-org#8503))
- Add type hints to various parts of the code base. ([\matrix-org#8407](matrix-org#8407), [\matrix-org#8505](matrix-org#8505), [\matrix-org#8507](matrix-org#8507), [\matrix-org#8547](matrix-org#8547), [\matrix-org#8562](matrix-org#8562), [\matrix-org#8609](matrix-org#8609))
- Remove unused code from the test framework. ([\matrix-org#8514](matrix-org#8514))
- Apply some internal fixes to the `HomeServer` class to make its code more idiomatic and statically-verifiable. ([\matrix-org#8515](matrix-org#8515))
- Factor out common code between `RoomMemberHandler._locally_reject_invite` and `EventCreationHandler.create_event`. ([\matrix-org#8537](matrix-org#8537))
- Improve database performance by executing more queries without starting transactions. ([\matrix-org#8542](matrix-org#8542))
- Rename `Cache` to `DeferredCache`, to better reflect its purpose. ([\matrix-org#8548](matrix-org#8548))
- Move metric registration code down into `LruCache`. ([\matrix-org#8561](matrix-org#8561), [\matrix-org#8591](matrix-org#8591))
- Replace `DeferredCache` with the lighter-weight `LruCache` where possible. ([\matrix-org#8563](matrix-org#8563))
- Add virtualenv-generated folders to `.gitignore`. ([\matrix-org#8566](matrix-org#8566))
- Add `get_immediate` method to `DeferredCache`. ([\matrix-org#8568](matrix-org#8568))
- Fix mypy not properly checking across the codebase, additionally, fix a typing assertion error in `handlers/auth.py`. ([\matrix-org#8569](matrix-org#8569))
- Fix `synmark` benchmark runner. ([\matrix-org#8571](matrix-org#8571))
- Modify `DeferredCache.get()` to return `Deferred`s instead of `ObservableDeferred`s. ([\matrix-org#8572](matrix-org#8572))
- Adjust a protocol-type definition to fit `sqlite3` assertions. ([\matrix-org#8577](matrix-org#8577))
- Support macOS on the `synmark` benchmark runner. ([\matrix-org#8578](matrix-org#8578))
- Update `mypy` static type checker to 0.790. ([\matrix-org#8583](matrix-org#8583), [\matrix-org#8600](matrix-org#8600))
- Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. ([\matrix-org#8587](matrix-org#8587))
- Remove extraneous unittest logging decorators from unit tests. ([\matrix-org#8592](matrix-org#8592))
- Minor optimisations in caching code. ([\matrix-org#8593](matrix-org#8593), [\matrix-org#8594](matrix-org#8594))