Add a new push rule knob

CHANGES.md

@@ -1,3 +1,40 @@
+# Synapse 1.137.0rc1 (2025-08-19)
+
+### Bugfixes
+
+- Fix a bug which could corrupt auth chains making it impossible to perform state resolution. ([\#18746](https://github.com/element-hq/synapse/issues/18746))
+- Fix error message in `register_new_matrix_user` utility script for empty `registration_shared_secret`. ([\#18780](https://github.com/element-hq/synapse/issues/18780))
+- Allow enabling [MSC4108](https://github.com/matrix-org/matrix-spec-proposals/pull/4108) when the stable Matrix Authentication Service integration is enabled. ([\#18832](https://github.com/element-hq/synapse/issues/18832))
+
+### Improved Documentation
+
+- Include IPv6 networks in `denied-peer-ips` of coturn setup. Contributed by @litetex. ([\#18781](https://github.com/element-hq/synapse/issues/18781))
+
+### Internal Changes
+
+- Update tests to ensure all database tables are emptied when purging a room. ([\#18794](https://github.com/element-hq/synapse/issues/18794))
+- Instrument the `encode_response` part of Sliding Sync requests for more complete traces in Jaeger. ([\#18815](https://github.com/element-hq/synapse/issues/18815))
+- Tag Sliding Sync traces when we `wait_for_events`. ([\#18816](https://github.com/element-hq/synapse/issues/18816))
+- Fix `portdb` CI by hardcoding the new `pg_dump` restrict key that was added due to [CVE-2025-8714](https://nvd.nist.gov/vuln/detail/cve-2025-8714). ([\#18824](https://github.com/element-hq/synapse/issues/18824))
+
+
+
+### Updates to locked dependencies
+
+* Bump actions/add-to-project from 5b1a254a3546aef88e0a7724a77a623fa2e47c36 to 0c37450c4be3b6a7582b2fb013c9ebfd9c8e9300. ([\#18557](https://github.com/element-hq/synapse/issues/18557))
+* Bump actions/cache from 4.2.3 to 4.2.4. ([\#18799](https://github.com/element-hq/synapse/issues/18799))
+* Bump actions/checkout from 4.2.2 to 4.3.0. ([\#18800](https://github.com/element-hq/synapse/issues/18800))
+* Bump actions/download-artifact from 4.3.0 to 5.0.0. ([\#18801](https://github.com/element-hq/synapse/issues/18801))
+* Bump docker/metadata-action from 5.7.0 to 5.8.0. ([\#18773](https://github.com/element-hq/synapse/issues/18773))
+* Bump mypy from 1.16.1 to 1.17.1. ([\#18775](https://github.com/element-hq/synapse/issues/18775))
+* Bump phonenumbers from 9.0.10 to 9.0.11. ([\#18797](https://github.com/element-hq/synapse/issues/18797))
+* Bump pygithub from 2.6.1 to 2.7.0. ([\#18779](https://github.com/element-hq/synapse/issues/18779))
+* Bump serde_json from 1.0.141 to 1.0.142. ([\#18776](https://github.com/element-hq/synapse/issues/18776))
+* Bump slab from 0.4.10 to 0.4.11. ([\#18809](https://github.com/element-hq/synapse/issues/18809))
+* Bump tokio from 1.47.0 to 1.47.1. ([\#18774](https://github.com/element-hq/synapse/issues/18774))
+* Bump types-pyyaml from 6.0.12.20250516 to 6.0.12.20250809. ([\#18798](https://github.com/element-hq/synapse/issues/18798))
+* Bump types-setuptools from 80.9.0.20250529 to 80.9.0.20250809. ([\#18796](https://github.com/element-hq/synapse/issues/18796))
+
 # Synapse 1.136.0 (2025-08-12)
 
 Note: This release includes the security fixes from `1.135.2` and `1.136.0rc2`, detailed below.

changelog.d/18746.bugfix

@@ -1 +0,0 @@
-Fix a bug which could corrupt auth chains making it impossible to perform state resolution.

changelog.d/18780.bugfix

@@ -1 +0,0 @@
-Fix error message in `register_new_matrix_user` utility script for empty `registration_shared_secret`.

changelog.d/18781.doc

@@ -1 +0,0 @@
-Include IPv6 networks in denied-peer-ips of coturn setup. Contributed by @litetex.

changelog.d/18794.misc

@@ -1 +0,0 @@
-Update tests to ensure all database tables are emptied when purging a room.

changelog.d/18815.misc

@@ -1 +0,0 @@
-Instrument the `encode_response` part of Sliding Sync requests for more complete traces in Jaeger.

changelog.d/18816.misc

@@ -1 +0,0 @@
-Tag Sliding Sync traces when we `wait_for_events`.

changelog.d/18824.misc

@@ -1 +0,0 @@
-Fix portdb CI by hardcoding the new pg_dump restrict key that was added due to CVE-2025-8714.

changelog.d/18832.bugfix

@@ -1 +0,0 @@
-Allow enabling MSC4108 when the stable Matrix Authentication Service integration is enabled.

debian/changelog

@@ -1,3 +1,9 @@
+matrix-synapse-py3 (1.137.0~rc1) stable; urgency=medium
+
+  * New Synapse release 1.137.0rc1.
+
+ -- Synapse Packaging team <packages@matrix.org>  Tue, 19 Aug 2025 10:55:22 +0100
+
 matrix-synapse-py3 (1.136.0) stable; urgency=medium
 
   * New Synapse release 1.136.0.

pyproject.toml

@@ -101,7 +101,7 @@ module-name = "synapse.synapse_rust"
 
 [tool.poetry]
 name = "matrix-synapse"
-version = "1.136.0"
+version = "1.137.0rc1"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "AGPL-3.0-or-later"

rust/benches/evaluator.rs

@@ -62,6 +62,7 @@ fn bench_match_exact(b: &mut Bencher) {
         false,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -109,6 +110,7 @@ fn bench_match_word(b: &mut Bencher) {
         false,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -156,6 +158,7 @@ fn bench_match_word_miss(b: &mut Bencher) {
         false,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -203,6 +206,7 @@ fn bench_eval_message(b: &mut Bencher) {
         false,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -215,6 +219,7 @@ fn bench_eval_message(b: &mut Bencher) {
         false,
         false,
         false,
+        false,
     );
 
     b.iter(|| eval.run(&rules, Some("bob"), Some("person"), None));

rust/src/push/evaluator.rs

@@ -111,6 +111,8 @@ pub struct PushRuleEvaluator {
 
     /// If MSC4306 (thread subscriptions) is enabled.
     msc4306_enabled: bool,
+
+    xxx_enabled: bool,
 }
 
 #[pymethods]
@@ -130,6 +132,7 @@ impl PushRuleEvaluator {
         msc3931_enabled,
         msc4210_enabled,
         msc4306_enabled,
+        xxx_enabled,
     ))]
     pub fn py_new(
         flattened_keys: BTreeMap<String, JsonValue>,
@@ -143,6 +146,7 @@ impl PushRuleEvaluator {
         msc3931_enabled: bool,
         msc4210_enabled: bool,
         msc4306_enabled: bool,
+        xxx_enabled: bool,
     ) -> Result<Self, Error> {
         let body = match flattened_keys.get("content.body") {
             Some(JsonValue::Value(SimpleJsonValue::Str(s))) => s.clone().into_owned(),
@@ -162,6 +166,7 @@ impl PushRuleEvaluator {
             msc3931_enabled,
             msc4210_enabled,
             msc4306_enabled,
+            xxx_enabled,
         })
     }
 
@@ -569,6 +574,7 @@ fn push_rule_evaluator() {
         true,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -600,6 +606,7 @@ fn test_requires_room_version_supports_condition() {
         true,
         false,
         false,
+        false,
     )
     .unwrap();
 
@@ -637,6 +644,7 @@ fn test_requires_room_version_supports_condition() {
             false,
             false,
             false,
+            false,
         ),
         None,
         None,

rust/src/push/mod.rs

@@ -552,6 +552,7 @@ pub struct FilteredPushRules {
     msc4028_push_encrypted_events: bool,
     msc4210_enabled: bool,
     msc4306_enabled: bool,
+    xxx_enabled: bool,
 }
 
 #[pymethods]
@@ -567,6 +568,7 @@ impl FilteredPushRules {
         msc4028_push_encrypted_events: bool,
         msc4210_enabled: bool,
         msc4306_enabled: bool,
+        xxx_enabled: bool,
     ) -> Self {
         Self {
             push_rules,
@@ -577,6 +579,7 @@ impl FilteredPushRules {
             msc4028_push_encrypted_events,
             msc4210_enabled,
             msc4306_enabled,
+            xxx_enabled,
         }
     }
 
@@ -631,6 +634,10 @@ impl FilteredPushRules {
                     return false;
                 }
 
+                if self.xxx_enabled {
+                    return true;
+                }
+
                 true
             })
             .map(|r| {

schema/synapse-config.schema.yaml

@@ -1,5 +1,5 @@
 $schema: https://element-hq.github.io/synapse/latest/schema/v1/meta.schema.json
-$id: https://element-hq.github.io/synapse/schema/synapse/v1.136/synapse-config.schema.json
+$id: https://element-hq.github.io/synapse/schema/synapse/v1.137/synapse-config.schema.json
 type: object
 properties:
   modules:

synapse/push/bulk_push_rule_evaluator.py

@@ -479,6 +479,7 @@ class BulkPushRuleEvaluator:
             self.hs.config.experimental.msc1767_enabled,  # MSC3931 flag
             self.hs.config.experimental.msc4210_enabled,
             self.hs.config.experimental.msc4306_enabled,
+            False,
         )
 
         msc4306_thread_subscribers: Optional[FrozenSet[str]] = None