kaslo/synapse
1
0
Fork 0
Code Packages Releases 124 Wiki Activity

Merge branch 'master' of github.com:element-hq/synapse into develop

Browse Source
This commit is contained in:
Andrew Morgan
2025-08-12 15:45:26 +01:00
parent 1f155c9650 6d39e3a411
commit 14e93d8043
5 changed files with 59 additions and 31 deletions
Download Patch File Download Diff File Expand all files Collapse all files

35
CHANGES.md
View File

@@ -1,28 +1,10 @@
# Synapse 1.136.0rc2 (2025-08-11)
# Synapse 1.136.0 (2025-08-12)
This is the Synapse portion of the [Matrix coordinated security release](https://matrix.org/blog/2025/07/security-predisclosure/). This release includes support for [room version](https://spec.matrix.org/v1.15/rooms/) 12 which fixes a number of security vulnerabilities, including [CVE-2025-49090](https://www.cve.org/CVERecord?id=CVE-2025-49090).
The default room version is not changed. Not all clients will support room version 12 immediately, and not all users will be using the latest version of their clients. Large, public rooms are advised to wait a few weeks before upgrading to room version 12 to allow users throughout the Matrix ecosystem to update their clients.
Note: release 1.135.1 was skipped due to issues discovered during the release process.
Two patched Synapse releases are now available:
* `1.135.2`: stable release comprised of `1.135.0` + security patches
* Upgrade to this release **if you are currently running 1.135.0 or below**.
* `1.136.0rc2`: unstable release candidate comprised of `1.136.0rc1` + security patches.
* Upgrade to this release **only if you are on 1.136.0rc1**.
Note: This release includes the security fixes from `1.135.2` and `1.136.0rc2`, detailed below.
### Bugfixes
- Update MSC4293 redaction logic for room v12. ([\#80](https://github.com/element-hq/synapse/issues/80))
### Internal Changes
- Add a parameter to `upgrade_rooms(..)` to allow auto join local users. ([\#83](https://github.com/element-hq/synapse/issues/83))
- Fix bug introduced in 1.135.2 and 1.136.0rc2 where the [Make Room Admin API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#make-room-admin-api) would not treat a room v12's creator power level as the highest in room. ([\#18805](https://github.com/element-hq/synapse/issues/18805))
# Synapse 1.135.2 (2025-08-11)
@@ -50,7 +32,13 @@ Two patched Synapse releases are now available:
- Speed up upgrading a room with large numbers of banned users. ([\#18574](https://github.com/element-hq/synapse/issues/18574))
# Synapse 1.136.0rc2 (2025-08-11)
- Update MSC4293 redaction logic for room v12. ([\#80](https://github.com/element-hq/synapse/issues/80))
### Internal Changes
- Add a parameter to `upgrade_rooms(..)` to allow auto join local users. ([\#83](https://github.com/element-hq/synapse/issues/83))
# Synapse 1.136.0rc1 (2025-08-05)
@@ -116,11 +104,6 @@ Please check [the relevant section in the upgrade notes](https://github.com/elem
* Bump types-jsonschema from 4.24.0.20250708 to 4.25.0.20250720. ([\#18703](https://github.com/element-hq/synapse/issues/18703))
* Bump types-psycopg2 from 2.9.21.20250516 to 2.9.21.20250718. ([\#18706](https://github.com/element-hq/synapse/issues/18706))
# Synapse 1.135.0 (2025-08-01)
No significant changes since 1.135.0rc2.

18
debian/changelog vendored
View File

@@ -1,20 +1,32 @@
matrix-synapse-py3 (1.136.0) stable; urgency=medium
* New Synapse release 1.136.0.
-- Synapse Packaging team <packages@matrix.org> Tue, 12 Aug 2025 13:18:03 +0100
matrix-synapse-py3 (1.136.0~rc2) stable; urgency=medium
* New Synapse release 1.136.0rc2.
-- Synapse Packaging team <packages@matrix.org> Mon, 11 Aug 2025 12:18:52 -0600
matrix-synapse-py3 (1.136.0~rc1) stable; urgency=medium
* New Synapse release 1.136.0rc1.
-- Synapse Packaging team <packages@matrix.org> Tue, 05 Aug 2025 08:13:30 -0600
matrix-synapse-py3 (1.135.2) stable; urgency=medium
* New Synapse release 1.135.2.
-- Synapse Packaging team <packages@matrix.org> Mon, 11 Aug 2025 11:52:01 -0600
matrix-synapse-py3 (1.136.0~rc1) stable; urgency=medium
matrix-synapse-py3 (1.135.1) stable; urgency=medium
* New Synapse release 1.136.0rc1.
* New Synapse release 1.135.1.
-- Synapse Packaging team <packages@matrix.org> Tue, 05 Aug 2025 08:13:30 -0600
-- Synapse Packaging team <packages@matrix.org> Mon, 11 Aug 2025 11:13:15 -0600
matrix-synapse-py3 (1.135.0) stable; urgency=medium

2
pyproject.toml
View File

@@ -101,7 +101,7 @@ module-name = "synapse.synapse_rust"
[tool.poetry]
name = "matrix-synapse"
version = "1.136.0rc2"
version = "1.136.0"
description = "Homeserver for the Matrix decentralised comms protocol"
authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
license = "AGPL-3.0-or-later"

2
synapse/rest/admin/rooms.py
View File

@@ -634,7 +634,7 @@ class MakeRoomAdminRestServlet(ResolveRoomIdMixin, RestServlet):
for creator in creators:
if self.is_mine_id(creator):
# include the creator as they won't be in the PL users map.
admin_users.insert(0, creator)
admin_users.append(creator)
if not admin_users:
raise SynapseError(

33
tests/rest/admin/test_room.py
View File

@@ -2917,6 +2917,39 @@ class MakeRoomAdminTestCase(unittest.HomeserverTestCase):
)
self.assertEquals(pl["users"][self.admin_user], 100)
def test_v12_room_with_many_user_pls(self) -> None:
"""Test that you can be promoted to the admin user's PL in v12 rooms that contain a range of user PLs."""
room_id = self.helper.create_room_as(
self.creator,
tok=self.creator_tok,
room_version=RoomVersions.V12.identifier,
is_public=True,
extra_content={
"power_level_content_override": {
"users": {
self.second_user_id: 50,
},
},
},
)
self.helper.join(room_id, self.admin_user, tok=self.admin_user_tok)
self.helper.join(room_id, self.second_user_id, tok=self.second_tok)
channel = self.make_request(
"POST",
f"/_synapse/admin/v1/rooms/{room_id}/make_room_admin",
content={},
access_token=self.admin_user_tok,
)
self.assertEqual(200, channel.code, msg=channel.json_body)
pl = self.helper.get_state(
room_id, EventTypes.PowerLevels, tok=self.creator_tok
)
self.assertEquals(pl["users"][self.admin_user], 100)
class BlockRoomTestCase(unittest.HomeserverTestCase):
servlets = [