Skip to content
Snippets Groups Projects
Select Git revision
  • tedomum default
  • deploy-exploding-state-groups
  • fix-exploding-state-groups
  • v1.127.1+tedomum.1
  • v1.125.0+tedomum.1
  • v1.123.0+tedomum.1
  • v1.122.0+tedomum.1
  • v1.121.1+tedomum.1
  • v1.119.0+tedomum.1
  • v1.118.0+tedomum.1
  • v1.114.0+tedomum.1
  • v1.109.0+tedomum.1
  • v1.105.1+tedomum.1
  • v1.98.0+tedomum.1
  • v1.97.0+tedomum.1
  • v1.96.1+tedomum.1
  • v1.95.1+tedomum.1
  • v1.88.0+tedomum.1
  • v1.73.0
  • v1.73.0rc2
  • v1.73.0rc1
  • v1.72.0
  • v1.72.0rc1
23 results
Blame Permalink
To find the state of this project's repository at the time of any of these versions, check out the tags.
CHANGES.md 448.53 KiB

Synapse 1.23.0rc1 (2020-11-13)

Features

  • Add a push rule that highlights when a jitsi conference is created in a room. (#8286)
  • Add an admin api to delete a single file or files that were not used for a defined time from server. Contributed by @dklimpel. (#8519)
  • Split admin API for reported events (GET /_synapse/admin/v1/event_reports) into detail and list endpoints. This is a breaking change to #8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts. Contributed by @dklimpel. (#8539)
  • Support generating structured logs via the standard logging configuration. (#8607, #8685)
  • Add an admin API to allow server admins to list users' pushers. Contributed by @dklimpel. (#8610, #8689)
  • Add an admin API GET /_synapse/admin/v1/users/<user_id>/media to get information about uploaded media. Contributed by @dklimpel. (#8647)
  • Add an admin API for local user media statistics. Contributed by @dklimpel. (#8700)
  • Add displayname to Shared-Secret Registration for admins. (#8722)

Bugfixes

  • Fix fetching of E2E cross signing keys over federation when only one of the master key and device signing key is cached already. (#8455)
  • Fix a bug where Synapse would blindly forward bad responses from federation to clients when retrieving profile information. (#8580)
  • Fix a bug where the account validity endpoint would silently fail if the user ID did not have an expiration time. It now returns a 400 error. (#8620)
  • Fix email notifications for invites without local state. (#8627)
  • Fix handling of invalid group IDs to return a 400 rather than log an exception and return a 500. (#8628)
  • Fix handling of User-Agent headers that are invalid UTF-8, which caused user agents of users to not get correctly recorded. (#8632)
  • Fix a bug in the joined_rooms admin API if the user has never joined any rooms. The bug was introduced, along with the API, in v1.21.0. (#8643)
  • Fix exception during handling multiple concurrent requests for remote media when using multiple media repositories. (#8682)
  • Fix bug where Synapse would not recover after losing connection to the database. (#8726)
  • Fix bug where the /_synapse/admin/v1/send_server_notice API could send notices to non-notice rooms. (#8728)
  • Fix port script fails when DB has no backfilled events. Broke in v1.21.0. (#8729)
  • Fix port script to correctly handle foreign key constraints. Broke in v1.21.0. (#8730)
  • Fix port script so that it can be run again after a failure. Broke in v1.21.0. (#8755)

Improved Documentation

  • Instructions for Azure AD in the OpenID Connect documentation. Contributed by peterk. (#8582)
  • Improve the sample configuration for single sign-on providers. (#8635)
  • Fix the filepath of Dex's example config and the link to Dex's Getting Started guide in the OpenID Connect docs. (#8657)
  • Note support for Python 3.9. (#8665)
  • Minor updates to docs on running tests. (#8666)
  • Interlink prometheus/grafana documentation. (#8667)
  • Notes on SSO logins and media_repository worker. (#8701)
  • Document experimental support for running multiple event persisters. (#8706)
  • Add information regarding the various sources of, and expected contributions to, Synapse's documentation to CONTRIBUTING.md. (#8714)
  • Migrate documentation docs/admin_api/event_reports to markdown. (#8742)
  • Add some helpful hints to the README for new Synapse developers. Contributed by @chagai95. (#8746)

Internal Changes

  • Optimise /createRoom with multiple invited users. (#8559)
  • Implement and use an @lru_cache decorator. (#8595)
  • Don't instansiate Requester directly. (#8614)
  • Type hints for RegistrationStore. (#8615)
  • Change schema to support access tokens belonging to one user but granting access to another. (#8616)
  • Remove unused OPTIONS handlers. (#8621)
  • Run mypy as part of the lint.sh script. (#8633)
  • Correct Synapse's PyPI package name in the OpenID Connect installation instructions. (#8634)
  • Catch exceptions during initialization of password_providers. Contributed by Nicolai Søborg. (#8636)
  • Fix typos and spelling errors in the code. (#8639)
  • Reduce number of OpenTracing spans started. (#8640, #8668, #8670)
  • Add field total to device list in admin API. (#8644)
  • Add more type hints to the application services code. (#8655, #8693)
  • Tell Black to format code for Python 3.5. (#8664)
  • Don't pull event from DB when handling replication traffic. (#8669)
  • Abstract some invite-related code in preparation for landing knocking. (#8671, #8688)
  • Clarify representation of events in logfiles. (#8679)
  • Don't require hiredis package to be installed to run unit tests. (#8680)
  • Fix typing info on cache call signature to accept on_invalidate. (#8684)
  • Fail tests if they do not await coroutines. (#8690)
  • Improve start time by adding an index to e2e_cross_signing_keys.stream_id. (#8694)
  • Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. (#8697)
  • Use Python 3.8 in Docker images by default. (#8698)
  • Remove the "draft" status of the Room Details Admin API. (#8702)
  • Improve the error returned when a non-string displayname or avatar_url is used when updating a user's profile. (#8705)
  • Block attempts by clients to send server ACLs, or redactions of server ACLs, that would result in the local server being blocked from the room. (#8708)
  • Add metrics the allow the local sysadmin to track 3PID /requestToken requests. (#8712)
  • Consolidate duplicated lists of purged tables that are checked in tests. (#8713)
  • Add some mdui:UIInfo element examples for saml2_config in the homeserver config. (#8718)
  • Improve the error message returned when a remote server incorrectly sets the Content-Type header in response to a JSON request. (#8719)
  • Speed up repeated state resolutions on the same room by caching event ID to auth event ID lookups. (#8752)

Synapse 1.22.1 (2020-10-30)

Bugfixes

  • Fix a bug where an appservice may not be forwarded events for a room it was recently invited to. Broke in v1.22.0. (#8676)
  • Fix Object of type frozendict is not JSON serializable exceptions when using third-party event rules. Broke in v1.22.0. (#8678)

Synapse 1.22.0 (2020-10-27)

No significant changes.

Synapse 1.22.0rc2 (2020-10-26)

Bugfixes

  • Fix bugs where ephemeral events were not sent to appservices. Broke in v1.22.0rc1. (#8648, #8656)
  • Fix user_daily_visits table to not have duplicate rows per user/device due to multiple user agents. Broke in v1.22.0rc1. (#8654)

Synapse 1.22.0rc1 (2020-10-22)

Features

  • Add a configuration option for always using the "userinfo endpoint" for OpenID Connect. This fixes support for some identity providers, e.g. GitLab. Contributed by Benjamin Koch. (#7658)
  • Add ability for ThirdPartyEventRules modules to query and manipulate whether a room is in the public rooms directory. (#8292, #8467)
  • Add support for olm fallback keys (MSC2732). (#8312, #8501)
  • Add support for running background tasks in a separate worker process. (#8369, #8458, #8489, #8513, #8544, #8599)
  • Add support for device dehydration (MSC2697). (#8380)
  • Add support for MSC2409, which allows sending typing, read receipts, and presence events to appservices. (#8437, #8590)
  • Change default room version to "6", per MSC2788. (#8461)
  • Add the ability to send non-membership events into a room via the ModuleApi. (#8479)
  • Increase default upload size limit from 10M to 50M. Contributed by @Akkowicz. (#8502)
  • Add support for modifying event content in ThirdPartyRules modules. (#8535, #8564)

Bugfixes

  • Fix a longstanding bug where invalid ignored users in account data could break clients. (#8454)
  • Fix a bug where backfilling a room with an event that was missing the redacts field would break. (#8457)
  • Don't attempt to respond to some requests if the client has already disconnected. (#8465)
  • Fix message duplication if something goes wrong after persisting the event. (#8476)
  • Fix incremental sync returning an incorrect prev_batch token in timeline section, which when used to paginate returned events that were included in the incremental sync. Broken since v0.16.0. (#8486)
  • Expose the uk.half-shot.msc2778.login.application_service to clients from the login API. This feature was added in v1.21.0, but was not exposed as a potential login flow. (#8504)
  • Fix error code for /profile/{userId}/displayname to be M_BAD_JSON. (#8517)
  • Fix a bug introduced in v1.7.0 that could cause Synapse to insert values from non-state m.room.retention events into the room_retention database table. (#8527)
  • Fix not sending events over federation when using sharded event writers. (#8536)
  • Fix a long standing bug where email notifications for encrypted messages were blank. (#8545)
  • Fix increase in the number of There was no active span... errors logged when using OpenTracing. (#8567)
  • Fix a bug that prevented errors encountered during execution of the synapse_port_db from being correctly printed. (#8585)
  • Fix appservice transactions to only include a maximum of 100 persistent and 100 ephemeral events. (#8606)

Updates to the Docker image

  • Added multi-arch support (arm64,arm/v7) for the docker images. Contributed by @maquis196. (#7921)
  • Add support for passing commandline args to the synapse process. Contributed by @samuel-p. (#8390)

Improved Documentation

  • Update the directions for using the manhole with coroutines. (#8462)
  • Improve readme by adding new shield.io badges. (#8493)
  • Added note about docker in manhole.md regarding which ip address to bind to. Contributed by @Maquis196. (#8526)
  • Document the new behaviour of the allowed_lifetime_min and allowed_lifetime_max settings in the room retention configuration. (#8529)

Deprecations and Removals

  • Drop unused device_max_stream_id table. (#8589)

Internal Changes

  • Check for unreachable code with mypy. (#8432)
  • Add unit test for event persister sharding. (#8433)
  • Allow events to be sent to clients sooner when using sharded event persisters. (#8439, #8488, #8496, #8499)
  • Configure public_baseurl when using demo scripts. (#8443)
  • Add SQL logging on queries that happen during startup. (#8448)
  • Speed up unit tests when using PostgreSQL. (#8450)
  • Remove redundant database loads of stream_ordering for events we already have. (#8452)
  • Reduce inconsistencies between codepaths for membership and non-membership events. (#8463)
  • Combine SpamCheckerApi with the more generic ModuleApi. (#8464)
  • Additional testing for ThirdPartyEventRules. (#8468)
  • Add -d option to ./scripts-dev/lint.sh to lint files that have changed since the last git commit. (#8472)
  • Unblacklist some sytests. (#8474)
  • Include the log level in the phone home stats. (#8477)
  • Remove outdated sphinx documentation, scripts and configuration. (#8480)
  • Clarify error message when plugin config parsers raise an error. (#8492)
  • Remove the deprecated Handlers object. (#8494)
  • Fix a threadsafety bug in unit tests. (#8497)
  • Add user agent to user_daily_visits table. (#8503)
  • Add type hints to various parts of the code base. (#8407, #8505, #8507, #8547, #8562, #8609)
  • Remove unused code from the test framework. (#8514)
  • Apply some internal fixes to the HomeServer class to make its code more idiomatic and statically-verifiable. (#8515)
  • Factor out common code between RoomMemberHandler._locally_reject_invite and EventCreationHandler.create_event. (#8537)
  • Improve database performance by executing more queries without starting transactions. (#8542)
  • Rename Cache to DeferredCache, to better reflect its purpose. (#8548)
  • Move metric registration code down into LruCache. (#8561, #8591)
  • Replace DeferredCache with the lighter-weight LruCache where possible. (#8563)
  • Add virtualenv-generated folders to .gitignore. (#8566)
  • Add get_immediate method to DeferredCache. (#8568)
  • Fix mypy not properly checking across the codebase, additionally, fix a typing assertion error in handlers/auth.py. (#8569)
  • Fix synmark benchmark runner. (#8571)
  • Modify DeferredCache.get() to return Deferreds instead of ObservableDeferreds. (#8572)
  • Adjust a protocol-type definition to fit sqlite3 assertions. (#8577)
  • Support macOS on the synmark benchmark runner. (#8578)
  • Update mypy static type checker to 0.790. (#8583, #8600)
  • Re-organize the structured logging code to separate the TCP transport handling from the JSON formatting. (#8587)
  • Remove extraneous unittest logging decorators from unit tests. (#8592)
  • Minor optimisations in caching code. (#8593, #8594)

Synapse 1.21.2 (2020-10-15)

Debian packages and Docker images have been rebuilt using the latest versions of dependency libraries, including authlib 0.15.1. Please see bugfixes below.

Security advisory

  • HTML pages served via Synapse were vulnerable to cross-site scripting (XSS) attacks. All server administrators are encouraged to upgrade. (#8444) (CVE-2020-26891)

    This fix was originally included in v1.21.0 but was missing a security advisory.

    This was reported by Denis Kasak.

Bugfixes

  • Fix rare bug where sending an event would fail due to a racey assertion. (#8530)
  • An updated version of the authlib dependency is included in the Docker and Debian images to fix an issue using OpenID Connect. See #8534 for details.

Synapse 1.21.1 (2020-10-13)

This release fixes a regression in v1.21.0 that prevented debian packages from being built. It is otherwise identical to v1.21.0.

Synapse 1.21.0 (2020-10-12)

No significant changes since v1.21.0rc3.

As noted in v1.20.0, a future release will drop support for accessing Synapse's Admin API under the /_matrix/client/* endpoint prefixes. At that point, the Admin API will only be accessible under /_synapse/admin.

Synapse 1.21.0rc3 (2020-10-08)

Bugfixes

  • Fix duplication of events on high traffic servers, caused by PostgreSQL could not serialize access due to concurrent update errors. (#8456)

Internal Changes

  • Add Groovy Gorilla to the list of distributions we build .debs for. (#8475)

Synapse 1.21.0rc2 (2020-10-02)

Features

  • Convert additional templates from inline HTML to Jinja2 templates. (#8444)

Bugfixes

  • Fix a regression in v1.21.0rc1 which broke thumbnails of remote media. (#8438)
  • Do not expose the experimental uk.half-shot.msc2778.login.application_service flow in the login API, which caused a compatibility problem with Element iOS. (#8440)
  • Fix malformed log line in new federation "catch up" logic. (#8442)
  • Fix DB query on startup for negative streams which caused long start up times. Introduced in #8374. (#8447)

Synapse 1.21.0rc1 (2020-10-01)

Features

  • Require the user to confirm that their password should be reset after clicking the email confirmation link. (#8004)
  • Add an admin API GET /_synapse/admin/v1/event_reports to read entries of table event_reports. Contributed by @dklimpel. (#8217)
  • Consolidate the SSO error template across all configuration. (#8248, #8405)
  • Add a configuration option to specify a whitelist of domains that a user can be redirected to after validating their email or phone number. (#8275, #8417)
  • Add experimental support for sharding event persister. (#8294, #8387, #8396, #8419)
  • Add the room topic and avatar to the room details admin API. (#8305)
  • Add an admin API for querying rooms where a user is a member. Contributed by @dklimpel. (#8306)
  • Add uk.half-shot.msc2778.login.application_service login type to allow appservices to login. (#8320)
  • Add a configuration option that allows existing users to log in with OpenID Connect. Contributed by @BBBSnowball and @OmmyZhang. (#8345)
  • Add prometheus metrics for replication requests. (#8406)
  • Support passing additional single sign-on parameters to the client. (#8413)
  • Add experimental reporting of metrics on expensive rooms for state-resolution. (#8420)
  • Add experimental prometheus metric to track numbers of "large" rooms for state resolutiom. (#8425)
  • Add prometheus metrics to track federation delays. (#8430)

Bugfixes

  • Fix a bug in the media repository where remote thumbnails with the same size but different crop methods would overwrite each other. Contributed by @deepbluev7. (#7124)
  • Fix inconsistent handling of non-existent push rules, and stop tracking the enabled state of removed push rules. (#7796)
  • Fix a longstanding bug when storing a media file with an empty upload_name. (#7905)
  • Fix messages not being sent over federation until an event is sent into the same room. (#8230, #8247, #8258, #8272, #8322)
  • Fix a longstanding bug where files that could not be thumbnailed would result in an Internal Server Error. (#8236, #8435)
  • Upgrade minimum version of canonicaljson to version 1.4.0, to fix an unicode encoding issue. (#8262)
  • Fix longstanding bug which could lead to incomplete database upgrades on SQLite. (#8265)
  • Fix stack overflow when stderr is redirected to the logging system, and the logging system encounters an error. (#8268)
  • Fix a bug which cause the logging system to report errors, if DEBUG was enabled and no context filter was applied. (#8278)
  • Fix edge case where push could get delayed for a user until a later event was pushed. (#8287)
  • Fix fetching malformed events from remote servers. (#8324)
  • Fix UnboundLocalError from occuring when appservices send a malformed register request. (#8329)
  • Don't send push notifications to expired user accounts. (#8353)
  • Fix a regression in v1.19.0 with reactivating users through the admin API. (#8362)
  • Fix a bug where during device registration the length of the device name wasn't limited. (#8364)
  • Include guest_access in the fields that are checked for null bytes when updating room_stats_state. Broke in v1.7.2. (#8373)
  • Fix theoretical race condition where events are not sent down /sync if the synchrotron worker is restarted without restarting other workers. (#8374)
  • Fix a bug which could cause errors in rooms with malformed membership events, on servers using sqlite. (#8385)
  • Fix "Re-starting finished log context" warning when receiving an event we already had over federation. (#8398)
  • Fix incorrect handling of timeouts on outgoing HTTP requests. (#8400)
  • Fix a regression in v1.20.0 in the synapse_port_db script regarding the ui_auth_sessions_ips table. (#8410)
  • Remove unnecessary 3PID registration check when resetting password via an email address. Bug introduced in v0.34.0rc2. (#8414)

Improved Documentation

  • Add /_synapse/client to the reverse proxy documentation. (#8227)
  • Add note to the reverse proxy settings documentation about disabling Apache's mod_security2. Contributed by Julian Fietkau (@jfietkau). (#8375)
  • Improve description of server_name config option in homserver.yaml. (#8415)

Deprecations and Removals

  • Drop support for prometheus_client older than 0.4.0. (#8426)

Internal Changes

  • Fix tests on distros which disable TLSv1.0. Contributed by @danc86. (#8208)
  • Simplify the distributor code to avoid unnecessary work. (#8216)
  • Remove the populate_stats_process_rooms_2 background job and restore functionality to populate_stats_process_rooms. (#8243)
  • Clean up type hints for PaginationConfig. (#8250, #8282)
  • Track the latest event for every destination and room for catch-up after federation outage. (#8256)
  • Fix non-user visible bug in implementation of MultiWriterIdGenerator.get_current_token_for_writer. (#8257)
  • Switch to the JSON implementation from the standard library. (#8259)
  • Add type hints to synapse.util.async_helpers. (#8260)
  • Simplify tests that mock asynchronous functions. (#8261)
  • Add type hints to StreamToken and RoomStreamToken classes. (#8279)
  • Change StreamToken.room_key to be a RoomStreamToken instance. (#8281)
  • Refactor notifier code to correctly use the max event stream position. (#8288)
  • Use slotted classes where possible. (#8296)
  • Support testing the local Synapse checkout against the Complement homeserver test suite. (#8317)
  • Update outdated usages of metaclass to python 3 syntax. (#8326)
  • Move lint-related dependencies to package-extra field, update CONTRIBUTING.md to utilise this. (#8330, #8377)
  • Use the admin_patterns helper in additional locations. (#8331)
  • Fix test logging to allow braces in log output. (#8335)
  • Remove __future__ imports related to Python 2 compatibility. (#8337)
  • Simplify super() calls to Python 3 syntax. (#8344)
  • Fix bad merge from release-v1.20.0 branch to develop. (#8354)
  • Factor out a _send_dummy_event_for_room method. (#8370)
  • Improve logging of state resolution. (#8371)
  • Add type annotations to SimpleHttpClient. (#8372)
  • Refactor ID generators to use async with syntax. (#8383)
  • Add EventStreamPosition type. (#8388)
  • Create a mechanism for marking tests "logcontext clean". (#8399)
  • A pair of tiny cleanups in the federation request code. (#8401)
  • Add checks on startup that PostgreSQL sequences are consistent with their associated tables. (#8402)
  • Do not include appservice users when calculating the total MAU for a server. (#8404)
  • Typing fixes for synapse.handlers.federation. (#8422)
  • Various refactors to simplify stream token handling. (#8423)
  • Make stream token serializing/deserializing async. (#8427)

Synapse 1.20.1 (2020-09-24)

Bugfixes

  • Fix a bug introduced in v1.20.0 which caused the synapse_port_db script to fail. (#8386)
  • Fix a bug introduced in v1.20.0 which caused variables to be incorrectly escaped in Jinja2 templates. (#8394)

Synapse 1.20.0 (2020-09-22)

No significant changes since v1.20.0rc5.

Removal warning

Historically, the Synapse Admin API has been accessible under the /_matrix/client/api/v1/admin, /_matrix/client/unstable/admin, /_matrix/client/r0/admin and /_synapse/admin prefixes. In a future release, we will be dropping support for accessing Synapse's Admin API using the /_matrix/client/* prefixes.

From that point, the Admin API will only be accessible under /_synapse/admin. This makes it easier for homeserver admins to lock down external access to the Admin API endpoints.

Synapse 1.20.0rc5 (2020-09-18)

In addition to the below, Synapse 1.20.0rc5 also includes the bug fix that was included in 1.19.3.

Features

  • Add flags to the /versions endpoint for whether new rooms default to using E2EE. (#8343)

Bugfixes

  • Fix rate limiting of federation /send requests. (#8342)
  • Fix a longstanding bug where back pagination over federation could get stuck if it failed to handle a received event. (#8349)

Internal Changes

  • Blacklist MSC2753 SyTests until it is implemented. (#8285)

Synapse 1.19.3 (2020-09-18)

Bugfixes