Merge branch 'release-v1.0.0'

* release-v1.0.0: Update changelog to better expain password reset change (#5545)

Merge branch 'release-v1.0.0'
52a4a90d · Andrew Morgan · c8cb1862 · 78c00ad3 · 52a4a90d · 52a4a90d
Commit 52a4a90d authored 5 years ago by Andrew Morgan
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -52,7 +52,11 @@ Features
 - Add a script to generate new signing-key files. ([\#5361](https://github.com/matrix-org/synapse/issues/5361))
 - Update upgrade and installation guides ahead of 1.0. ([\#5371](https://github.com/matrix-org/synapse/issues/5371))
 - Replace the `perspectives` configuration section with `trusted_key_servers`, and make validating the signatures on responses optional (since TLS will do this job for us). ([\#5374](https://github.com/matrix-org/synapse/issues/5374))
- Add ability to perform password reset via email without trusting the identity server. ([\#5377](https://github.com/matrix-org/synapse/issues/5377))
+- Add ability to perform password reset via email without trusting the identity server. **As a result of this PR, password resets will now be disabled on the default configuration.**
+
+  Password reset emails are now sent from the homeserver by default, instead of the identity server. To enable this functionality, ensure `email` and `public_baseurl` config options are filled out.
+
+  If you would like to re-enable password resets being sent from the identity server (warning: this is dangerous! See [#5345](https://github.com/matrix-org/synapse/pull/5345)), set `email.trust_identity_server_for_password_resets` to true. ([\#5377](https://github.com/matrix-org/synapse/issues/5377))
 - Set default room version to v4. ([\#5379](https://github.com/matrix-org/synapse/issues/5379))



--- a/changelog.d/5545.misc
+++ b/changelog.d/5545.misc
+Update v1.0.0 release changelog to include more information about changes to password resets.