CHANGES.md

Synapse 1.12.0rc1 (2020-03-19)

Features

• Changes related to room alias management (MSC2432):
  • Publishing/removing a room from the room directory now requires the user to have a power level capable of modifying the canonical alias, instead of the room aliases. (#6965)
  • Validate the alt_aliases property of canonical alias events. (#6971)
  • Users with a power level sufficient to modify the canonical alias of a room can now delete room aliases. (#6986)
  • Implement updated authorization rules and redaction rules for aliases events, from MSC2261 and MSC2432. (#7037)
  • Stop sending m.room.aliases events during room creation and upgrade. (#6941)
  • Synapse no longer uses room alias events to calculate room names for push notifications. (#6966)
  • The room list endpoint no longer returns a list of aliases. (#6970)
  • Remove special handling of aliases events from MSC2260 added in v1.10.0rc1. (#7034)
• Expose the synctl, hash_password and generate_config commands in the snapcraft package. Contributed by @devec0. (#6315)
• Check that server_name is correctly set before running database updates. (#6982)
• Break down monthly active users by appservice_id and emit via Prometheus. (#7030)
• Render a configurable and comprehensible error page if something goes wrong during the SAML2 authentication process. (#7058, #7067)
• Add an optional parameter to control whether other sessions are logged out when a user's password is modified. (#7085)
• Add prometheus metrics for the number of active pushers. (#7103, #7106)
• Improve performance when making HTTPS requests to sygnal, sydent, etc, by sharing the SSL context object between connections. (#7094)

Bugfixes

• When a user's profile is updated via the admin API, also generate a displayname/avatar update for that user in each room. (#6572)
• Fix a couple of bugs in email configuration handling. (#6962)
• Fix an issue affecting worker-based deployments where replication would stop working, necessitating a full restart, after joining a large room. (#6967)
• Fix duplicate key error which was logged when rejoining a room over federation. (#6968)
• Prevent user from setting 'deactivated' to anything other than a bool on the v2 PUT /users Admin API. (#6990)
• Fix py35-old CI by using native tox package. (#7018)
• Fix a bug causing org.matrix.dummy_event to be included in responses from /sync. (#7035)
• Fix a bug that renders UTF-8 text files incorrectly when loaded from media. Contributed by @TheStranjer. (#7044)
• Fix a bug that would cause Synapse to respond with an error about event visibility if a client tried to request the state of a room at a given token. (#7066)
• Repair a data-corruption issue which was introduced in Synapse 1.10, and fixed in Synapse 1.11, and which could cause /sync to return with 404 errors about missing events and unknown rooms. (#7070)
• Fix a bug causing account validity renewal emails to be sent even if the feature is turned off in some cases. (#7074)

Improved Documentation

• Updated CentOS8 install instructions. Contributed by Richard Kellner. (#6925)
• Fix POSTGRES_INITDB_ARGS in the contrib/docker/docker-compose.yml example docker-compose configuration. (#6984)
• Document that the fallback auth endpoints must be routed to the same worker node as the register endpoints. (#7048)

Deprecations and Removals

• Remove the unused query_auth federation endpoint per MSC2451. (#7026)

Internal Changes

• Add type hints to logging/context.py. (#6309)
• Add some clarifications to README.md in the database schema directory. (#6615)
• Refactoring work in preparation for changing the event redaction algorithm. (#6874, #6875, #6983, #7003)
• Improve performance of v2 state resolution for large rooms. (#6952, #7095)
• Reduce time spent doing GC, by freezing objects on startup. (#6953)
• Minor perfermance fixes to get_auth_chain_ids. (#6954)
• Don't record remote cross-signing keys in the devices table. (#6956)
• Use flake8-comprehensions to enforce good hygiene of list/set/dict comprehensions. (#6957)
• Merge worker apps together. (#6964, #7002, #7055, #7104)
• Remove redundant store_room call from FederationHandler._process_received_pdu. (#6979)
• Update warning for incorrect database collation/ctype to include link to documentation. (#6985)
• Add some type annotations to the database storage classes. (#6987)
• Port synapse.handlers.presence to async/await. (#6991, #7019)
• Add some type annotations to the federation base & client classes. (#6995)
• Change date in INSTALL.md for last date of getting TLS certificates to November 2019. (#7015)
• Port synapse.rest.keys to async/await. (#7020)
• Add a type check to is_verified when processing room keys. (#7045)
• Add type annotations and comments to the auth handler. (#7063)

Synapse 1.11.1 (2020-03-03)

This release includes a security fix impacting installations using Single Sign-On (i.e. SAML2 or CAS) for authentication. Administrators of such installations are encouraged to upgrade as soon as possible.

The release also includes fixes for a couple of other bugs.

Bugfixes

• Add a confirmation step to the SSO login flow before redirecting users to the redirect URL. (b2bd54a2, 65c73cdf, a0178df1)
• Fixed set a user as an admin with the admin API PUT /_synapse/admin/v2/users/<user_id>. Contributed by @dklimpel. (#6910)
• Fix bug introduced in Synapse 1.11.0 which sometimes caused errors when joining rooms over federation, with 'coroutine' object has no attribute 'event_id'. (#6996)

Synapse 1.11.0 (2020-02-21)

Improved Documentation

• Small grammatical fixes to the ACME v1 deprecation notice. (#6944)

Synapse 1.11.0rc1 (2020-02-19)

Features

• Admin API to add or modify threepids of user accounts. (#6769)
• Limit the number of events that can be requested by the backfill federation API to 100. (#6864)
• Add ability to run some group APIs on workers. (#6866)
• Reject device display names over 100 characters in length to prevent abuse. (#6882)
• Add ability to route federation user device queries to workers. (#6873)
• The result of a user directory search can now be filtered via the spam checker. (#6888)
• Implement new GET /_matrix/client/unstable/org.matrix.msc2432/rooms/{roomId}/aliases endpoint as per MSC2432. (#6939, #6948, #6949)
• Stop sending m.room.alias events wheng adding / removing aliases. Check alt_aliases in the latest m.room.canonical_alias event when deleting an alias. (#6904)
• Change the default power levels of invites, tombstones and server ACLs for new rooms. (#6834)

Bugfixes

• Fixed third party event rules function on_create_room's return value being ignored. (#6781)
• Allow URL-encoded User IDs on /_synapse/admin/v2/users/<user_id>[/admin] endpoints. Thanks to @NHAS for reporting. (#6825)
• Fix Synapse refusing to start if federation_certificate_verification_whitelist option is blank. (#6849)
• Fix errors from logging in the purge jobs related to the message retention policies support. (#6945)
• Return a 404 instead of 200 for querying information of a non-existant user through the admin API. (#6901)

Updates to the Docker image

• The deprecated "generate-config-on-the-fly" mode is no longer supported. (#6918)

Improved Documentation

• Add details of PR merge strategy to contributing docs. (#6846)
• Spell out that the last event sent to a room won't be deleted by a purge. (#6891)
• Update Synapse's documentation to warn about the deprecation of ACME v1. (#6905, #6907, #6909)
• Add documentation for the spam checker. (#6906)
• Fix worker docs to point /publicised_groups API correctly. (#6938)
• Clean up and update docs on setting up federation. (#6940)
• Add a warning about indentation to generated configuration files. (#6920)
• Databases created using the compose file in contrib/docker will now always have correct encoding and locale settings. Contributed by Fridtjof Mund. (#6921)
• Update pip install directions in readme to avoid error when using zsh. (#6855)

Deprecations and Removals

• Remove m.lazy_load_members from unstable_features since lazy loading is in the stable Client-Server API version r0.5.0. (#6877)

Internal Changes

• Add type hints to SyncHandler. (#6821)
• Refactoring work in preparation for changing the event redaction algorithm. (#6823, #6827, #6854, #6856, #6857, #6858)
• Fix stacktraces when using ObservableDeferred and async/await. (#6836)
• Port much of synapse.handlers.federation to async/await. (#6837, #6840)
• Populate rooms.room_version database column at startup, rather than in a background update. (#6847)
• Reduce amount we log at INFO level. (#6833, #6862)
• Remove unused get_room_stats_state method. (#6869)
• Add typing to synapse.federation.sender and port to async/await. (#6871)
• Refactor _EventInternalMetadata object to improve type safety. (#6872)
• Add an additional entry to the SyTest blacklist for worker mode. (#6883)
• Fix the use of sed in the linting scripts when using BSD sed. (#6887)
• Add type hints to the spam checker module. (#6915)
• Convert the directory handler tests to use HomeserverTestCase. (#6919)
• Increase DB/CPU perf of _is_server_still_joined check. (#6936)
• Tiny optimisation for incoming HTTP request dispatch. (#6950)

Synapse 1.10.1 (2020-02-17)

Bugfixes

• Fix a bug introduced in Synapse 1.10.0 which would cause room state to be cleared in the database if Synapse was upgraded direct from 1.2.1 or earlier to 1.10.0. (#6924)

Synapse 1.10.0 (2020-02-12)

WARNING to client developers: As of this release Synapse validates client_secret parameters in the Client-Server API as per the spec. See #6766 for details.

Updates to the Docker image

• Update the docker images to Alpine Linux 3.11. (#6897)

Synapse 1.10.0rc5 (2020-02-11)

Bugfixes

• Fix the filtering introduced in 1.10.0rc3 to also apply to the state blocks returned by /sync. (#6884)

Synapse 1.10.0rc4 (2020-02-11)

This release candidate was built incorrectly and is superceded by 1.10.0rc5.

Synapse 1.10.0rc3 (2020-02-10)

Features

• Filter out m.room.aliases from the CS API to mitigate abuse while a better solution is specced. (#6878)

Internal Changes

• Fix continuous integration failures with old versions of pip, which were introduced by a release of the zipp library. (#6880)

Synapse 1.10.0rc2 (2020-02-06)

Bugfixes

• Fix an issue with cross-signing where device signatures were not sent to remote servers. (#6844)
• Fix to the unknown remote device detection which was introduced in 1.10.rc1. (#6848)

Internal Changes

• Detect unexpected sender keys on remote encrypted events and resync device lists. (#6850)

Synapse 1.10.0rc1 (2020-01-31)

Features

• Add experimental support for updated authorization rules for aliases events, from MSC2260. (#6787, #6790, #6794)

Bugfixes

• Warn if postgres database has a non-C locale, as that can cause issues when upgrading locales (e.g. due to upgrading OS). (#6734)
• Minor fixes to PUT /_synapse/admin/v2/users admin api. (#6761)
• Validate client_secret parameter using the regex provided by the Client-Server API, temporarily allowing : characters for older clients. The : character will be removed in a future release. (#6767)
• Fix persisting redaction events that have been redacted (or otherwise don't have a redacts key). (#6771)
• Fix outbound federation request metrics. (#6795)
• Fix bug where querying a remote user's device keys that weren't cached resulted in only returning a single device. (#6796)
• Fix race in federation sender worker that delayed sending of device updates. (#6799, #6800)
• Fix bug where Synapse didn't invalidate cache of remote users' devices when Synapse left a room. (#6801)
• Fix waking up other workers when remote server is detected to have come back online. (#6811)

Improved Documentation

• Clarify documentation related to user_dir and federation_reader workers. (#6775)

Internal Changes

• Record room versions in the rooms table. (#6729, #6788, #6810)
• Propagate cache invalidates from workers to other workers. (#6748)
• Remove some unnecessary admin handler abstraction methods. (#6751)
• Add some debugging for media storage providers. (#6757)
• Detect unknown remote devices and mark cache as stale. (#6776, #6819)
• Attempt to resync remote users' devices when detected as stale. (#6786)
• Delete current state from the database when server leaves a room. (#6792)
• When a client asks for a remote user's device keys check if the local cache for that user has been marked as potentially stale. (#6797)
• Add background update to clean out left rooms from current state. (#6802, #6816)
• Refactoring work in preparation for changing the event redaction algorithm. (#6803, #6805, #6806, #6807, #6820)

Synapse 1.9.1 (2020-01-28)

Bugfixes

• Fix bug where setting mau_limit_reserved_threepids config would cause Synapse to refuse to start. (#6793)

Synapse 1.9.0 (2020-01-23)

WARNING: As of this release, Synapse no longer supports versions of SQLite before 3.11, and will refuse to start when configured to use an older version. Administrators are recommended to migrate their database to Postgres (see instructions here).

If your Synapse deployment uses workers, note that the reverse-proxy configurations for the synapse.app.media_repository, synapse.app.federation_reader and synapse.app.event_creator workers have changed, with the addition of a few paths (see the updated configurations here). Existing configurations will continue to work.

Improved Documentation

• Fix endpoint documentation for the List Rooms admin API. (#6770)

Synapse 1.9.0rc1 (2020-01-22)

Features

• Allow admin to create or modify a user. Contributed by Awesome Technologies Innovationslabor GmbH. (#5742)
• Add new quarantine media admin APIs to quarantine by media ID or by user who uploaded the media. (#6681, #6756)
• Add org.matrix.e2e_cross_signing to unstable_features in /versions as per MSC1756. (#6712)
• Add a new admin API to list and filter rooms on the server. (#6720)

Bugfixes

• Correctly proxy HTTP errors due to API calls to remote group servers. (#6654)
• Fix media repo admin APIs when using a media worker. (#6664)
• Fix "CRITICAL" errors being logged when a request is received for a uri containing non-ascii characters. (#6682)
• Fix a bug where we would assign a numeric user ID if somebody tried registering with an empty username. (#6690)
• Fix purge_room admin API. (#6711)
• Fix a bug causing Synapse to not always purge quiet rooms with a low max_lifetime in their message retention policies when running the automated purge jobs. (#6714)
• Fix the synapse_port_db not correctly running background updates. Thanks @tadzik for reporting. (#6718)
• Fix changing password via user admin API. (#6730)
• Fix /events/:event_id deprecated API. (#6731)
• Fix monthly active user limiting support for worker mode, fixes #4639. (#6742)
• Fix bug when setting account_validity to an empty block in the config. Thanks to @Sorunome for reporting. (#6747)
• Fix AttributeError: 'NoneType' object has no attribute 'get' in hash_password when configuration has an empty password_config. Contributed by @ivilata. (#6753)
• Fix the docker-compose.yaml overriding the entire /etc folder of the container. Contributed by Fabian Meyer. (#6656)

Improved Documentation

• Fix a typo in the configuration example for purge jobs in the sample configuration file. (#6621)
• Add complete documentation of the message retention policies support. (#6624, #6665)
• Add some helpful tips about changelog entries to the GitHub pull request template. (#6663)
• Clarify the account_validity and email sections of the sample configuration. (#6685)
• Add more endpoints to the documentation for Synapse workers. (#6698)

Deprecations and Removals

• Synapse no longer supports versions of SQLite before 3.11, and will refuse to start when configured to use an older version. Administrators are recommended to migrate their database to Postgres (see instructions here). (#6675)

Internal Changes

• Add local_current_membership table for tracking local user membership state in rooms. (#6655, #6728)
• Port synapse.replication.tcp to async/await. (#6666)
• Fixup synapse.replication to pass mypy checks. (#6667)
• Allow additional_resources to implement IResource directly. (#6686)
• Allow REST endpoint implementations to raise a RedirectException, which will redirect the user's browser to a given location. (#6687)
• Updates and extensions to the module API. (#6688)
• Updates to the SAML mapping provider API. (#6689, #6723)
• Remove redundant RegistrationError class. (#6691)
• Don't block processing of incoming EDUs behind processing PDUs in the same transaction. (#6697)
• Remove duplicate check for the session query parameter on the /auth/xxx/fallback/web Client-Server endpoint. (#6702)
• Attempt to retry sending a transaction when we detect a remote server has come back online, rather than waiting for a transaction to be triggered by new data. (#6706)
• Add StateMap type alias to simplify types. (#6715)
• Add a DeltaState to track changes to be made to current state during event persistence. (#6716)
• Add more logging around message retention policies support. (#6717)
• When processing a SAML response, log the assertions for easier configuration. (#6724)
• Fixup synapse.rest to pass mypy. (#6732, #6764)
• Fixup synapse.api to pass mypy. (#6733)
• Allow streaming cache 'invalidate all' to workers. (#6749)
• Remove unused CI docker compose files. (#6754)

Synapse 1.8.0 (2020-01-09)

WARNING: As of this release Synapse will refuse to start if the log_file config option is specified. Support for the option was removed in v1.3.0.

Bugfixes

• Fix GET request on /_synapse/admin/v2/users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. (#6563)
• Fix incorrect signing of responses from the key server implementation. (#6657)

Synapse 1.8.0rc1 (2020-01-07)

Features

• Add v2 APIs for the send_join and send_leave federation endpoints (as described in MSC1802). (#6349)
• Add a develop script to generate full SQL schemas. (#6394)
• Add custom SAML username mapping functionality through an external provider plugin. (#6411)
• Automatically delete empty groups/communities. (#6453)
• Add option limit_profile_requests_to_users_who_share_rooms to prevent requirement of a local user sharing a room with another user to query their profile information. (#6523)
• Add an export_signing_key script to extract the public part of signing keys when rotating them. (#6546)
• Add experimental config option to specify multiple databases. (#6580)
• Raise an error if someone tries to use the log_file config option. (#6626)

Bugfixes

• Prevent redacted events from being returned during message search. (#6377, #6522)
• Prevent error on trying to search a upgraded room when the server is not in the predecessor room. (#6385)
• Improve performance of looking up cross-signing keys. (#6486)
• Fix race which occasionally caused deleted devices to reappear. (#6514)
• Fix missing row in device_max_stream_id that could cause unable to decrypt errors after server restart. (#6555)
• Fix a bug which meant that we did not send systemd notifications on startup if acme was enabled. (#6571)
• Fix exception when fetching the matrix.org:ed25519:auto key. (#6625)
• Fix bug where a moderator upgraded a room and became an admin in the new room. (#6633)
• Fix an error which was thrown by the PresenceHandler _on_shutdown handler. (#6640)
• Fix exceptions in the synchrotron worker log when events are rejected. (#6645)
• Ensure that upgraded rooms are removed from the directory. (#6648)
• Fix a bug causing Synapse not to fetch missing events when it believes it has every event in the room. (#6652)

Improved Documentation

• Document the Room Shutdown Admin API. (#6541)
• Reword sections of docs/federate.md that explained delegation at time of Synapse 1.0 transition. (#6601)
• Added the section 'Configuration' in docs/turn-howto.md. (#6614)

Deprecations and Removals

• Remove redundant code from event authorisation implementation. (#6502)
• Remove unused, undocumented /_matrix/content API. (#6628)

Internal Changes

• Add experimental support for multiple physical databases and split out state storage to separate data store. (#6245, #6510, #6511, #6513, #6564, #6565)
• Port sections of code base to async/await. (#6496, #6504, #6505, #6517, #6559, #6647, #6653)
• Remove SnapshotCache in favour of ResponseCache. (#6506)
• Silence mypy errors for files outside those specified. (#6512)
• Clean up some logging when handling incoming events over federation. (#6515)
• Test more folders against mypy. (#6534)
• Update mypy to new version. (#6537)
• Adjust the sytest blacklist for worker mode. (#6538)
• Remove unused get_pagination_rows methods from EventSource classes. (#6557)
• Clean up logs from the push notifier at startup. (#6558)
• Improve diagnostics on database upgrade failure. (#6570)
• Reduce the reconnect time when worker replication fails, to make it easier to catch up. (#6617)
• Simplify http handling by removing redundant SynapseRequestFactory. (#6619)
• Add a workaround for synapse raising exceptions when fetching the notary's own key from the notary. (#6620)
• Automate generation of the sample log config. (#6627)
• Simplify event creation code by removing redundant queries on the event_reference_hashes table. (#6629)
• Fix errors when frozen_dicts are enabled. (#6642)

Synapse 1.7.3 (2019-12-31)

This release fixes a long-standing bug in the state resolution algorithm.

Bugfixes

• Fix exceptions caused by state resolution choking on malformed events. (#6608)

Synapse 1.7.2 (2019-12-20)

This release fixes some regressions introduced in Synapse 1.7.0 and 1.7.1.

Bugfixes

• Fix a regression introduced in Synapse 1.7.1 which caused errors when attempting to backfill rooms over federation. (#6576)
• Fix a bug introduced in Synapse 1.7.0 which caused an error on startup when upgrading from versions before 1.3.0. (#6578)

Synapse 1.7.1 (2019-12-18)

This release includes several security fixes as well as a fix to a bug exposed by the security fixes. Administrators are encouraged to upgrade as soon as possible.

Security updates

• Fix a bug which could cause room events to be incorrectly authorized using events from a different room. (#6501, #6503, #6521, #6524, #6530, #6531)
• Fix a bug causing responses to the /context client endpoint to not use the pruned version of the event. (#6553)
• Fix a cause of state resets in room versions 2 onwards. (#6556, #6560)

Bugfixes

• Fix a bug which could cause the federation server to incorrectly return errors when handling certain obscure event graphs. (#6526, #6527)

Synapse 1.7.0 (2019-12-13)

This release changes the default settings so that only local authenticated users can query the server's room directory. See the upgrade notes for details.

Support for SQLite versions before 3.11 is now deprecated. A future release will refuse to start if used with an SQLite version before 3.11.

Administrators are reminded that SQLite should not be used for production instances. Instructions for migrating to Postgres are available here. A future release of synapse will, by default, disable federation for servers using SQLite.

No significant changes since 1.7.0rc2.

Synapse 1.7.0rc2 (2019-12-11)

Bugfixes

• Fix incorrect error message for invalid requests when setting user's avatar URL. (#6497)
• Fix support for SQLite 3.7. (#6499)
• Fix regression where sending email push would not work when using a pusher worker. (#6507, #6509)

Synapse 1.7.0rc1 (2019-12-09)

Features

• Implement per-room message retention policies. (#5815, #6436)
• Add etag and count fields to key backup endpoints to help clients guess if there are new keys. (#5858)
• Add /admin/v2/users endpoint with pagination. Contributed by Awesome Technologies Innovationslabor GmbH. (#5925)
• Require User-Interactive Authentication for /account/3pid/add, meaning the user's password will be required to add a third-party ID to their account. (#6119)
• Implement the /_matrix/federation/unstable/net.atleastfornow/state/<context> API as drafted in MSC2314. (#6176)
• Configure privacy-preserving settings by default for the room directory. (#6355)
• Add ephemeral messages support by partially implementing MSC2228. (#6409)
• Add support for MSC 2367, which allows specifying a reason on all membership events. (#6434)

Bugfixes

• Transfer non-standard power levels on room upgrade. (#6237)
• Fix error from the Pillow library when uploading RGBA images. (#6241)
• Correctly apply the event filter to the state, events_before and events_after fields in the response to /context requests. (#6329)
• Fix caching devices for remote users when using workers, so that we don't attempt to refetch (and potentially fail) each time a user requests devices. (#6332)
• Prevent account data syncs getting lost across TCP replication. (#6333)
• Fix bug: TypeError in register_user() while using LDAP auth module. (#6406)
• Fix an intermittent exception when handling read-receipts. (#6408)
• Fix broken guest registration when there are existing blocks of numeric user IDs. (#6420)
• Fix startup error when http proxy is defined. (#6421)
• Fix error when using synapse_port_db on a vanilla synapse db. (#6449)
• Fix uploading multiple cross signing signatures for the same user. (#6451)
• Fix bug which lead to exceptions being thrown in a loop when a cross-signed device is deleted. (#6462)
• Fix synapse_port_db not exiting with a 0 code if something went wrong during the port process. (#6470)
• Improve sanity-checking when receiving events over federation. (#6472)
• Fix inaccurate per-block Prometheus metrics. (#6491)
• Fix small performance regression for sending invites. (#6493)
• Back out cross-signing code added in Synapse 1.5.0, which caused a performance regression. (#6494)

Improved Documentation

• Update documentation and variables in user contributed systemd reference file. (#6369, #6490)
• Fix link in the user directory documentation. (#6388)
• Add build instructions to the docker readme. (#6390)
• Switch Ubuntu package install recommendation to use python3 packages in INSTALL.md. (#6443)
• Write some docs for the quarantine_media api. (#6458)
• Convert CONTRIBUTING.rst to markdown (among other small fixes). (#6461)

Deprecations and Removals

• Remove admin/v1/users_paginate endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. (#5925)
• Remove fallback for federation with old servers which lack the /federation/v1/state_ids API. (#6488)

Internal Changes

• Add benchmarks for structured logging and improve output performance. (#6266)
• Improve the performance of outputting structured logging. (#6322)
• Refactor some code in the event authentication path for clarity. (#6343, #6468, #6480)
• Clean up some unnecessary quotation marks around the codebase. (#6362)
• Complain on startup instead of 500'ing during runtime when public_baseurl isn't set when necessary. (#6379)
• Add a test scenario to make sure room history purges don't break /messages in the future. (#6392)
• Clarifications for the email configuration settings. (#6423)
• Add more tests to the blacklist when running in worker mode. (#6429)
• Refactor data store layer to support multiple databases in the future. (#6454, #6464, #6469, #6487)
• Port synapse.rest.client.v1 to async/await. (#6482)
• Port synapse.rest.client.v2_alpha to async/await. (#6483)
• Port SyncHandler to async/await. (#6484)

Synapse 1.6.1 (2019-11-28)

Security updates

This release includes a security fix (#6426, below). Administrators are encouraged to upgrade as soon as possible.

Bugfixes

• Clean up local threepids from user on account deactivation. (#6426)
• Fix startup error when http proxy is defined. (#6421)

Synapse 1.6.0 (2019-11-26)

Bugfixes

• Fix phone home stats reporting. (#6418)

Synapse 1.6.0rc2 (2019-11-25)

Bugfixes

• Fix a bug which could cause the background database update hander for event labels to get stuck in a loop raising exceptions. (#6407)

Synapse 1.6.0rc1 (2019-11-20)

Features

• Add federation support for cross-signing. (#5727)
• Increase default room version from 4 to 5, thereby enforcing server key validity period checks. (#6220)
• Add support for outbound http proxying via http_proxy/HTTPS_PROXY env vars. (#6238)
• Implement label-based filtering on /sync and /messages (MSC2326). (#6301, #6310, #6340)

Bugfixes

• Fix LruCache callback deduplication for Python 3.8. Contributed by @V02460. (#6213)
• Remove a room from a server's public rooms list on room upgrade. (#6232, #6235)
• Delete keys from key backup when deleting backup versions. (#6253)
• Make notification of cross-signing signatures work with workers. (#6254)
• Fix exception when remote servers attempt to join a room that they're not allowed to join. (#6278)
• Prevent errors from appearing on Synapse startup if git is not installed. (#6284)
• Appservice requests will no longer contain a double slash prefix when the appservice url provided ends in a slash. (#6306)
• Fix /purge_room admin API. (#6307)
• Fix the hidden field in the devices table for SQLite versions prior to 3.23.0. (#6313)
• Fix bug which casued rejected events to be persisted with the wrong room state. (#6320)
• Fix bug where rc_login ratelimiting would prematurely kick in. (#6335)
• Prevent the server taking a long time to start up when guest registration is enabled. (#6338)
• Fix bug where upgrading a guest account to a full user would fail when account validity is enabled. (#6359)
• Fix to_device stream ID getting reset every time Synapse restarts, which had the potential to cause unable to decrypt errors. (#6363)
• Fix permission denied error when trying to generate a config file with the docker image. (#6389)

Improved Documentation

• Contributor documentation now mentions script to run linters. (#6164)
• Modify CAPTCHA_SETUP.md to update the terms private key and public key to secret key and site key respectively. Contributed by Yash Jipkate. (#6257)
• Update INSTALL.md Email section to talk about account_threepid_delegates. (#6272)
• Fix a small typo in account_threepid_delegates configuration option. (#6273)

Internal Changes

• Add a CI job to test the synapse_port_db script. (#6140, #6276)
• Convert EventContext to an attrs. (#6218)
• Move persist_events out from main data store. (#6240, #6300)
• Reduce verbosity of user/room stats. (#6250)
• Reduce impact of debug logging. (#6251)
• Expose some homeserver functionality to spam checkers. (#6259)
• Change cache descriptors to always return deferreds. (#6263, #6291)
• Fix incorrect comment regarding the functionality of an if statement. (#6269)
• Update CI to run isort over the scripts and scripts-dev directories. (#6270)
• Replace every instance of logger.warn method with logger.warning as the former is deprecated. (#6271, #6314)
• Port replication http server endpoints to async/await. (#6274)
• Port room rest handlers to async/await. (#6275)
• Remove redundant CLI parameters on CI's flake8 step. (#6277)
• Port federation_server.py to async/await. (#6279)
• Port receipt and read markers to async/wait. (#6280)
• Split out state storage into separate data store. (#6294, #6295)
• Refactor EventContext for clarity. (#6298)
• Update the version of black used to 19.10b0. (#6304)
• Add some documentation about worker replication. (#6305)
• Move admin endpoints into separate files. Contributed by Awesome Technologies Innovationslabor GmbH. (#6308)
• Document the use of lint.sh for code style enforcement & extend it to run on specified paths only. (#6312)
• Add optional python dependencies and dependant binary libraries to snapcraft packaging. (#6317)
• Remove the dependency on psutil and replace functionality with the stdlib resource module. (#6318, #6336)
• Improve documentation for EventContext fields. (#6319)
• Add some checks that we aren't using state from rejected events. (#6330)
• Add continuous integration for python 3.8. (#6341)
• Correct spacing/case of various instances of the word "homeserver". (#6357)
• Temporarily blacklist the failing unit test PurgeRoomTestCase.test_purge_room. (#6361)

Synapse 1.5.1 (2019-11-06)

Features

• Limit the length of data returned by url previews, to prevent DoS attacks. (#6331, #6334)

Synapse 1.5.0 (2019-10-29)

Security updates

This release includes a security fix (#6262, below). Administrators are encouraged to upgrade as soon as possible.

Bugfixes

• Fix bug where room directory search was case sensitive. (#6268)

Synapse 1.5.0rc2 (2019-10-28)

Bugfixes

• Update list of boolean columns in synapse_port_db. (#6247)
• Fix /keys/query API on workers. (#6256)
• Improve signature checking on some federation APIs. (#6262)

Internal Changes

• Move schema delta files to the correct data store. (#6248)
• Small performance improvement by removing repeated config lookups in room stats calculation. (#6255)

Synapse 1.5.0rc1 (2019-10-24)

Features

• Improve quality of thumbnails for 1-bit/8-bit color palette images. (#2142)
• Add ability to upload cross-signing signatures. (#5726)
• Allow uploading of cross-signing keys. (#5769)
• CAS login now provides a default display name for users if a displayname_attribute is set in the configuration file. (#6114)
• Reject all pending invites for a user during deactivation. (#6125)
• Add config option to suppress client side resource limit alerting. (#6173)

Bugfixes

• Return an HTTP 404 instead of 400 when requesting a filter by ID that is unknown to the server. Thanks to @krombel for contributing this! (#2380)
• Fix a bug where users could be invited twice to the same group. (#3436)
• Fix /createRoom failing with badly-formatted MXIDs in the invitee list. Thanks to @wener291! (#4088)
• Make the synapse_port_db script create the right indexes on a new PostgreSQL database. (#6102, #6178, #6243)
• Fix bug when uploading a large file: Synapse responds with M_UNKNOWN while it should be M_TOO_LARGE according to spec. Contributed by Anshul Angaria. (#6109)
• Fix user push rules being deleted from a room when it is upgraded. (#6144)
• Don't 500 when trying to exchange a revoked 3PID invite. (#6147)
• Fix transferring notifications and tags when joining an upgraded room that is new to your server. (#6155)
• Fix bug where guest account registration can wedge after restart. (#6161)
• Fix monthly active user reaping when reserved users are specified. (#6168)
• Fix /federation/v1/state endpoint not supporting newer room versions. (#6170)
• Fix bug where we were updating censored events as bytes rather than text, occaisonally causing invalid JSON being inserted breaking APIs that attempted to fetch such events. (#6186)
• Fix occasional missed updates in the room and user directories. (#6187)
• Fix tracing of non-JSON APIs, /media, /key etc. (#6195)
• Fix bug where presence would not get timed out correctly if a synchrotron worker is used and restarted. (#6212)
• synapse_port_db: Add 2 additional BOOLEAN_COLUMNS to be able to convert from database schema v56. (#6216)
• Fix a bug where the Synapse demo script blacklisted ::1 (ipv6 localhost) from receiving federation traffic. (#6229)

Updates to the Docker image

• Fix logging getting lost for the docker image. (#6197)