Merge branch 'develop' into squah/leave_space_admin_api

Add tests for remote spaces
2021-12-08 10:47:09 +00:00 · 2021-11-30 12:18:02 +00:00 · 2021-11-19 16:31:43 +00:00 · 2021-11-19 15:25:43 +00:00 · 2021-11-18 20:01:36 +00:00 · 2021-11-18 16:06:38 +00:00
217 changed files with 3944 additions and 5037 deletions
@@ -76,7 +76,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        python-version: ["3.7", "3.8", "3.9", "3.10"]
+        python-version: ["3.6", "3.7", "3.8", "3.9", "3.10"]
        database: ["sqlite"]
        toxenv: ["py"]
        include:
@@ -85,9 +85,9 @@ jobs:
            toxenv: "py-noextras"

          # Oldest Python with PostgreSQL
-          - python-version: "3.7"
+          - python-version: "3.6"
            database: "postgres"
-            postgres-version: "10"
+            postgres-version: "9.6"
            toxenv: "py"

          # Newest Python with newest PostgreSQL
@@ -167,7 +167,7 @@ jobs:
    runs-on: ubuntu-latest
    strategy:
      matrix:
-        python-version: ["pypy-3.7"]
+        python-version: ["pypy-3.6"]

    steps:
      - uses: actions/checkout@v2
@@ -291,8 +291,8 @@ jobs:
    strategy:
      matrix:
        include:
-          - python-version: "3.7"
-            postgres-version: "10"
+          - python-version: "3.6"
+            postgres-version: "9.6"

          - python-version: "3.10"
            postgres-version: "14"
@@ -1,135 +1,6 @@
-Synapse 1.50.0rc1 (2022-01-05)
+Synapse 1.49.0rc1 (2021-12-07)
 ==============================

-Please note that we now only support Python 3.7+ and PostgreSQL 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have reached end-of-life.
-
-
-Features
--------
-
- Allow guests to send state events per [MSC3419](https://github.com/matrix-org/matrix-doc/pull/3419). ([\#11378](https://github.com/matrix-org/synapse/issues/11378))
- Add experimental support for part of [MSC3202](https://github.com/matrix-org/matrix-doc/pull/3202): allowing application services to masquerade as specific devices. ([\#11538](https://github.com/matrix-org/synapse/issues/11538))
- Add admin API to get users' account data. ([\#11664](https://github.com/matrix-org/synapse/issues/11664))
- Include the room topic in the stripped state included with invites and knocking. ([\#11666](https://github.com/matrix-org/synapse/issues/11666))
- Send and handle cross-signing messages using the stable prefix. ([\#10520](https://github.com/matrix-org/synapse/issues/10520))
- Support unprefixed versions of fallback key property names. ([\#11541](https://github.com/matrix-org/synapse/issues/11541))
-
-
-Bugfixes
--------
-
- Fix a long-standing bug where relations from other rooms could be included in the bundled aggregations of an event. ([\#11516](https://github.com/matrix-org/synapse/issues/11516))
- Fix a long-standing bug which could cause `AssertionError`s to be written to the log when Synapse was restarted after purging events from the database. ([\#11536](https://github.com/matrix-org/synapse/issues/11536), [\#11642](https://github.com/matrix-org/synapse/issues/11642))
- Fix a bug introduced in Synapse 1.17.0 where a pusher created for an email with capital letters would fail to be created. ([\#11547](https://github.com/matrix-org/synapse/issues/11547))
- Fix a long-standing bug where responses included bundled aggregations when they should not, per [MSC2675](https://github.com/matrix-org/matrix-doc/pull/2675). ([\#11592](https://github.com/matrix-org/synapse/issues/11592), [\#11623](https://github.com/matrix-org/synapse/issues/11623))
- Fix a long-standing bug that some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11602](https://github.com/matrix-org/synapse/issues/11602))
- Fix a bug introduced in Synapse 1.19.3 which could sometimes cause `AssertionError`s when backfilling rooms over federation. ([\#11632](https://github.com/matrix-org/synapse/issues/11632))
-
-
-Improved Documentation
----------------------
-
- Update Synapse install command for FreeBSD as the package is now prefixed with `py38`. Contributed by @itchychips. ([\#11267](https://github.com/matrix-org/synapse/issues/11267))
- Document the usage of refresh tokens. ([\#11427](https://github.com/matrix-org/synapse/issues/11427))
- Add details for how to configure a TURN server when behind a NAT. Contibuted by @AndrewFerr. ([\#11553](https://github.com/matrix-org/synapse/issues/11553))
- Add references for using Postgres to the Docker documentation. ([\#11640](https://github.com/matrix-org/synapse/issues/11640))
- Fix the documentation link in newly-generated configuration files. ([\#11678](https://github.com/matrix-org/synapse/issues/11678))
- Correct the documentation for `nginx` to use a case-sensitive url pattern. Fixes an error introduced in v1.21.0. ([\#11680](https://github.com/matrix-org/synapse/issues/11680))
- Clarify SSO mapping provider documentation by writing `def` or `async def` before the names of methods, as appropriate. ([\#11681](https://github.com/matrix-org/synapse/issues/11681))
-
-
-Deprecations and Removals
-------------------------
-
- Replace `mock` package by its standard library version. ([\#11588](https://github.com/matrix-org/synapse/issues/11588))
-
-
-Internal Changes
----------------
-
- Allow specific, experimental events to be created without `prev_events`. Used by [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716). ([\#11243](https://github.com/matrix-org/synapse/issues/11243))
- A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property. ([\#11331](https://github.com/matrix-org/synapse/issues/11331))
- Add type hints to `synapse.appservice`. ([\#11360](https://github.com/matrix-org/synapse/issues/11360))
- Add missing type hints to `synapse.config` module. ([\#11480](https://github.com/matrix-org/synapse/issues/11480))
- Add test to ensure we share the same `state_group` across the whole historical batch when using the [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) `/batch_send` endpoint. ([\#11487](https://github.com/matrix-org/synapse/issues/11487))
- Refactor `tests.util.setup_test_homeserver` and `tests.server.setup_test_homeserver`. ([\#11503](https://github.com/matrix-org/synapse/issues/11503))
- Move `glob_to_regex` and `re_word_boundary` to `matrix-python-common`. ([\#11505](https://github.com/matrix-org/synapse/issues/11505), [\#11687](https://github.com/matrix-org/synapse/issues/11687))
- Use `HTTPStatus` constants in place of literals in `tests.rest.client.test_auth`. ([\#11520](https://github.com/matrix-org/synapse/issues/11520))
- Add a receipt types constant for `m.read`. ([\#11531](https://github.com/matrix-org/synapse/issues/11531))
- Clean up `synapse.rest.admin`. ([\#11535](https://github.com/matrix-org/synapse/issues/11535))
- Add missing `errcode` to `parse_string` and `parse_boolean`. ([\#11542](https://github.com/matrix-org/synapse/issues/11542))
- Use `HTTPStatus` constants in place of literals in `synapse.http`. ([\#11543](https://github.com/matrix-org/synapse/issues/11543))
- Add missing type hints to storage classes. ([\#11546](https://github.com/matrix-org/synapse/issues/11546), [\#11549](https://github.com/matrix-org/synapse/issues/11549), [\#11551](https://github.com/matrix-org/synapse/issues/11551), [\#11555](https://github.com/matrix-org/synapse/issues/11555), [\#11575](https://github.com/matrix-org/synapse/issues/11575), [\#11589](https://github.com/matrix-org/synapse/issues/11589), [\#11594](https://github.com/matrix-org/synapse/issues/11594), [\#11652](https://github.com/matrix-org/synapse/issues/11652), [\#11653](https://github.com/matrix-org/synapse/issues/11653), [\#11654](https://github.com/matrix-org/synapse/issues/11654), [\#11657](https://github.com/matrix-org/synapse/issues/11657))
- Fix an inaccurate and misleading comment in the `/sync` code. ([\#11550](https://github.com/matrix-org/synapse/issues/11550))
- Add missing type hints to `synapse.logging.context`. ([\#11556](https://github.com/matrix-org/synapse/issues/11556))
- Stop populating unused database column `state_events.prev_state`. ([\#11558](https://github.com/matrix-org/synapse/issues/11558))
- Minor efficiency improvements in event persistence. ([\#11560](https://github.com/matrix-org/synapse/issues/11560))
- Add some safety checks that storage functions are used correctly. ([\#11564](https://github.com/matrix-org/synapse/issues/11564), [\#11580](https://github.com/matrix-org/synapse/issues/11580))
- Make `get_device` return `None` if the device doesn't exist rather than raising an exception. ([\#11565](https://github.com/matrix-org/synapse/issues/11565))
- Split the HTML parsing code from the URL preview resource code. ([\#11566](https://github.com/matrix-org/synapse/issues/11566))
- Remove redundant `COALESCE()`s around `COUNT()`s in database queries. ([\#11570](https://github.com/matrix-org/synapse/issues/11570))
- Add missing type hints to `synapse.http`. ([\#11571](https://github.com/matrix-org/synapse/issues/11571))
- Add [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) and [MSC3030](https://github.com/matrix-org/matrix-doc/pull/3030) to `/versions` -> `unstable_features` to detect server support. ([\#11582](https://github.com/matrix-org/synapse/issues/11582))
- Add type hints to `synapse/tests/rest/admin`. ([\#11590](https://github.com/matrix-org/synapse/issues/11590))
- Drop end-of-life Python 3.6 and Postgres 9.6 from CI. ([\#11595](https://github.com/matrix-org/synapse/issues/11595))
- Update black version and run it on all the files. ([\#11596](https://github.com/matrix-org/synapse/issues/11596))
- Add opentracing type stubs and fix associated mypy errors. ([\#11603](https://github.com/matrix-org/synapse/issues/11603), [\#11622](https://github.com/matrix-org/synapse/issues/11622))
- Improve OpenTracing support for requests which use a `ResponseCache`. ([\#11607](https://github.com/matrix-org/synapse/issues/11607))
- Improve OpenTracing support for incoming HTTP requests. ([\#11618](https://github.com/matrix-org/synapse/issues/11618))
- A number of improvements to opentracing support. ([\#11619](https://github.com/matrix-org/synapse/issues/11619))
- Drop support for Python 3.6 and Ubuntu 18.04. ([\#11633](https://github.com/matrix-org/synapse/issues/11633))
- Refactor the way that the `outlier` flag is set on events received over federation. ([\#11634](https://github.com/matrix-org/synapse/issues/11634))
- Improve the error messages from  `get_create_event_for_room`. ([\#11638](https://github.com/matrix-org/synapse/issues/11638))
- Remove redundant `get_current_events_token` method. ([\#11643](https://github.com/matrix-org/synapse/issues/11643))
- Convert `namedtuples` to `attrs`. ([\#11665](https://github.com/matrix-org/synapse/issues/11665), [\#11574](https://github.com/matrix-org/synapse/issues/11574))
- Update the `/capabilities` response to include whether support for [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440) is available. ([\#11690](https://github.com/matrix-org/synapse/issues/11690))
- Send the `Accept` header in HTTP requests made using `SimpleHttpClient.get_json`. ([\#11677](https://github.com/matrix-org/synapse/issues/11677))
-
-
-Synapse 1.49.2 (2021-12-21)
-===========================
-
-This release fixes a regression introduced in Synapse 1.49.0 which could cause `/sync` requests to take significantly longer. This would particularly affect "initial" syncs for users participating in a large number of rooms, and in extreme cases, could make it impossible for such users to log in on a new client.
-
-**Note:** in line with our [deprecation policy](https://matrix-org.github.io/synapse/latest/deprecation_policy.html) for platform dependencies, this will be the last release to support Python 3.6 and PostgreSQL 9.6, both of which have now reached upstream end-of-life. Synapse will require Python 3.7+ and PostgreSQL 10+.
-
-**Note:** We will also stop producing packages for Ubuntu 18.04 (Bionic Beaver) after this release, as it uses Python 3.6.
-
-Bugfixes
--------
-
- Fix a performance regression in `/sync` handling, introduced in 1.49.0. ([\#11583](https://github.com/matrix-org/synapse/issues/11583))
-
-Internal Changes
----------------
-
- Work around a build problem on Debian Buster. ([\#11625](https://github.com/matrix-org/synapse/issues/11625))
-
-
-Synapse 1.49.1 (2021-12-21)
-===========================
-
-Not released due to problems building the debian packages.
-
-
-Synapse 1.49.0 (2021-12-14)
-===========================
-
-No significant changes since version 1.49.0rc1.
-
-
-Support for Ubuntu 21.04 ends next month on the 20th of January
---------------------------------------------------------------
-
-For users of Ubuntu 21.04 (Hirsute Hippo), please be aware that [upstream support for this version of Ubuntu will end next month][Ubuntu2104EOL].
-We will stop producing packages for Ubuntu 21.04 after upstream support ends.
-
-[Ubuntu2104EOL]: https://lists.ubuntu.com/archives/ubuntu-announce/2021-December/000275.html
-
-
-The wiki has been migrated to the documentation website
-------------------------------------------------------
-
 We've decided to move the existing, somewhat stagnant pages from the GitHub wiki
 to the [documentation website](https://matrix-org.github.io/synapse/latest/).

@@ -145,9 +16,6 @@ requests](https://github.com/matrix-org/synapse/pulls). Please visit [#synapse-d
 if you need help with the process!


-Synapse 1.49.0rc1 (2021-12-07)
-==============================
-
 Features
 --------

@@ -0,0 +1 @@
+Send and handle cross-signing messages using the stable prefix.
@@ -0,0 +1 @@
+A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property.
@@ -0,0 +1 @@
+Add an admin API endpoint to force a local user to leave all non-public rooms in a space.
@@ -1 +0,0 @@
-Fix a performance regression in `/sync` handling, introduced in 1.49.0.
@@ -1 +0,0 @@
-Work around Mjolnir compatibility issue by adding an import for `glob_to_regex` in `synapse.util`, where it moved from.
@@ -14,7 +14,6 @@ services:
    # failure
    restart: unless-stopped
    # See the readme for a full documentation of the environment settings
-    # NOTE: You must edit homeserver.yaml to use postgres, it defaults to sqlite
    environment:
      - SYNAPSE_CONFIG_PATH=/data/homeserver.yaml
    volumes:
@@ -1,27 +1,3 @@
-matrix-synapse-py3 (1.50.0~rc1) stable; urgency=medium
-
-  * New synapse release 1.50.0~rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 05 Jan 2022 12:36:17 +0000
-
-matrix-synapse-py3 (1.49.2) stable; urgency=medium
-
-  * New synapse release 1.49.2.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 21 Dec 2021 17:31:03 +0000
-
-matrix-synapse-py3 (1.49.1) stable; urgency=medium
-
-  * New synapse release 1.49.1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 21 Dec 2021 11:07:30 +0000
-
-matrix-synapse-py3 (1.49.0) stable; urgency=medium
-
-  * New synapse release 1.49.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 14 Dec 2021 12:39:46 +0000
-
 matrix-synapse-py3 (1.49.0~rc1) stable; urgency=medium

  * New synapse release 1.49.0~rc1.
@@ -16,7 +16,7 @@ ARG distro=""
 ### Stage 0: build a dh-virtualenv
 ###

-# This is only really needed on focal, since other distributions we
+# This is only really needed on bionic and focal, since other distributions we
 # care about have a recent version of dh-virtualenv by default. Unfortunately,
 # it looks like focal is going to be with us for a while.
 #
@@ -36,8 +36,9 @@ RUN env DEBIAN_FRONTEND=noninteractive apt-get install \
        wget

 # fetch and unpack the package
+# TODO: Upgrade to 1.2.2 once bionic is dropped (1.2.2 requires debhelper 12; bionic has only 11)
 RUN mkdir /dh-virtualenv
-RUN wget -q -O /dh-virtualenv.tar.gz https://github.com/spotify/dh-virtualenv/archive/refs/tags/1.2.2.tar.gz
+RUN wget -q -O /dh-virtualenv.tar.gz https://github.com/spotify/dh-virtualenv/archive/ac6e1b1.tar.gz
 RUN tar -xv --strip-components=1 -C /dh-virtualenv -f /dh-virtualenv.tar.gz

 # install its build deps. We do another apt-cache-update here, because we might
@@ -85,12 +86,12 @@ RUN apt-get update -qq -o Acquire::Languages=none \
        libpq-dev \
        xmlsec1

-COPY --from=builder /dh-virtualenv_1.2.2-1_all.deb /
+COPY --from=builder /dh-virtualenv_1.2~dev-1_all.deb /

 # install dhvirtualenv. Update the apt cache again first, in case we got a
 # cached cache from docker the first time.
 RUN apt-get update -qq -o Acquire::Languages=none \
-    && apt-get install -yq /dh-virtualenv_1.2.2-1_all.deb
+    && apt-get install -yq /dh-virtualenv_1.2~dev-1_all.deb

 WORKDIR /synapse/source
 ENTRYPOINT ["bash","/synapse/source/docker/build_debian.sh"]
@@ -68,10 +68,6 @@ The following environment variables are supported in `generate` mode:
  directories. If unset, and no user is set via `docker run --user`, defaults
  to `991`, `991`.

-## Postgres
-
-By default the config will use SQLite. See the [docs on using Postgres](https://github.com/matrix-org/synapse/blob/develop/docs/postgres.md) for more info on how to use Postgres. Until this section is improved [this issue](https://github.com/matrix-org/synapse/issues/8304) may provide useful information.
-
 ## Running synapse

 Once you have a valid configuration file, you can start synapse as follows:
@@ -30,7 +30,6 @@
        - [SSO Mapping Providers](sso_mapping_providers.md)
      - [Password Auth Providers](password_auth_providers.md)
      - [JSON Web Tokens](jwt.md)
-      - [Refresh Tokens](usage/configuration/user_authentication/refresh_tokens.md)
    - [Registration Captcha](CAPTCHA_SETUP.md)
    - [Application Services](application_services.md)
    - [Server Notices](server_notices.md)
@@ -62,6 +61,7 @@
      - [Registration Tokens](usage/administration/admin_api/registration_tokens.md)
      - [Manipulate Room Membership](admin_api/room_membership.md)
      - [Rooms](admin_api/rooms.md)
+      - [Spaces](usage/administration/admin_api/spaces.md)
      - [Server Notices](admin_api/server_notices.md)
      - [Statistics](admin_api/statistics.md)
      - [Users](admin_api/user_admin_api.md)
@@ -480,81 +480,6 @@ The following fields are returned in the JSON response body:
 - `joined_rooms` - An array of `room_id`.
 - `total` - Number of rooms.

-## Account Data
-Gets information about account data for a specific `user_id`.
-
-The API is:
-
-```
-GET /_synapse/admin/v1/users/<user_id>/accountdata
-```
-
-A response body like the following is returned:
-
-```json
-{
-    "account_data": {
-        "global": {
-            "m.secret_storage.key.LmIGHTg5W": {
-                "algorithm": "m.secret_storage.v1.aes-hmac-sha2",
-                "iv": "fwjNZatxg==",
-                "mac": "eWh9kNnLWZUNOgnc="
-            },
-            "im.vector.hide_profile": {
-                "hide_profile": true
-            },
-            "org.matrix.preview_urls": {
-                "disable": false
-            },
-            "im.vector.riot.breadcrumb_rooms": {
-                "rooms": [
-                    "!LxcBDAsDUVAfJDEo:matrix.org",
-                    "!MAhRxqasbItjOqxu:matrix.org"
-                ]
-            },
-            "m.accepted_terms": {
-                "accepted": [
-                    "https://example.org/somewhere/privacy-1.2-en.html",
-                    "https://example.org/somewhere/terms-2.0-en.html"
-                ]
-            },
-            "im.vector.setting.breadcrumbs": {
-                "recent_rooms": [
-                    "!MAhRxqasbItqxuEt:matrix.org",
-                    "!ZtSaPCawyWtxiImy:matrix.org"
-                ]
-            }
-        },
-        "rooms": {
-            "!GUdfZSHUJibpiVqHYd:matrix.org": {
-                "m.fully_read": {
-                    "event_id": "$156334540fYIhZ:matrix.org"
-                }
-            },
-            "!tOZwOOiqwCYQkLhV:matrix.org": {
-                "m.fully_read": {
-                    "event_id": "$xjsIyp4_NaVl2yPvIZs_k1Jl8tsC_Sp23wjqXPno"
-                }
-            }
-        }
-    }
-}
-```
-
-**Parameters**
-
-The following parameters should be set in the URL:
-
- `user_id` - fully qualified: for example, `@user:server.com`.
-
-**Response**
-
-The following fields are returned in the JSON response body:
-
- `account_data` - A map containing the account data for the user
-  - `global` - A map containing the global account data for the user
-  - `rooms` - A map containing the account data per room for the user
-
 ## User media

 ### List media uploaded by a user
@@ -14,8 +14,8 @@ i.e. when a version reaches End of Life Synapse will withdraw support for that
 version in future releases.

 Details on the upstream support life cycles for Python and PostgreSQL are
-documented at [https://endoflife.date/python](https://endoflife.date/python) and
-[https://endoflife.date/postgresql](https://endoflife.date/postgresql).
+documented at https://endoflife.date/python and
+https://endoflife.date/postgresql.


 Context
@@ -63,7 +63,7 @@ server {

    server_name matrix.example.com;

-    location ~ ^(/_matrix|/_synapse/client) {
+    location ~* ^(\/_matrix|\/_synapse\/client) {
        # note: do not add a path (even a single /) after the port in `proxy_pass`,
        # otherwise nginx will canonicalise the URI and cause signature verification
        # errors.
@@ -37,7 +37,7 @@

 # Server admins can expand Synapse's functionality with external modules.
 #
-# See https://matrix-org.github.io/synapse/latest/modules/index.html for more
+# See https://matrix-org.github.io/synapse/latest/modules.html for more
 # documentation on how to configure or create custom modules for Synapse.
 #
 modules:
@@ -1488,7 +1488,6 @@ room_prejoin_state:
   # - m.room.encryption
   # - m.room.name
   # - m.room.create
-   # - m.room.topic
   #
   # Uncomment the following to disable these defaults (so that only the event
   # types listed in 'additional_event_types' are shared). Defaults to 'false'.
@@ -164,7 +164,7 @@ xbps-install -S synapse
 Synapse can be installed via FreeBSD Ports or Packages contributed by Brendan Molloy from:

 - Ports: `cd /usr/ports/net-im/py-matrix-synapse && make install clean`
- Packages: `pkg install py38-matrix-synapse`
+- Packages: `pkg install py37-matrix-synapse`

 #### OpenBSD

@@ -49,12 +49,12 @@ comment these options out and use those specified by the module instead.

 A custom mapping provider must specify the following methods:

-* `def __init__(self, parsed_config)`
+* `__init__(self, parsed_config)`
   - Arguments:
     - `parsed_config` - A configuration object that is the return value of the
       `parse_config` method. You should set any configuration options needed by
       the module here.
-* `def parse_config(config)`
+* `parse_config(config)`
    - This method should have the `@staticmethod` decoration.
    - Arguments:
        - `config` - A `dict` representing the parsed content of the
@@ -63,13 +63,13 @@ A custom mapping provider must specify the following methods:
           any option values they need here.
    - Whatever is returned will be passed back to the user mapping provider module's
      `__init__` method during construction.
-* `def get_remote_user_id(self, userinfo)`
+* `get_remote_user_id(self, userinfo)`
    - Arguments:
      - `userinfo` - A `authlib.oidc.core.claims.UserInfo` object to extract user
                     information from.
    - This method must return a string, which is the unique, immutable identifier
      for the user. Commonly the `sub` claim of the response.
-* `async def map_user_attributes(self, userinfo, token, failures)`
+* `map_user_attributes(self, userinfo, token, failures)`
    - This method must be async.
    - Arguments:
      - `userinfo` - A `authlib.oidc.core.claims.UserInfo` object to extract user
@@ -91,7 +91,7 @@ A custom mapping provider must specify the following methods:
        during a user's first login. Once a localpart has been associated with a
        remote user ID (see `get_remote_user_id`) it cannot be updated.
      - `displayname`: An optional string, the display name for the user.
-* `async def get_extra_attributes(self, userinfo, token)`
+* `get_extra_attributes(self, userinfo, token)`
    - This method must be async.
    - Arguments:
      - `userinfo` - A `authlib.oidc.core.claims.UserInfo` object to extract user
@@ -125,15 +125,15 @@ comment these options out and use those specified by the module instead.

 A custom mapping provider must specify the following methods:

-* `def __init__(self, parsed_config, module_api)`
+* `__init__(self, parsed_config, module_api)`
   - Arguments:
     - `parsed_config` - A configuration object that is the return value of the
       `parse_config` method. You should set any configuration options needed by
       the module here.
     - `module_api` - a `synapse.module_api.ModuleApi` object which provides the
       stable API available for extension modules.
-* `def parse_config(config)`
-    - **This method should have the `@staticmethod` decoration.**
+* `parse_config(config)`
+    - This method should have the `@staticmethod` decoration.
    - Arguments:
        - `config` - A `dict` representing the parsed content of the
          `saml_config.user_mapping_provider.config` homeserver config option.
@@ -141,15 +141,15 @@ A custom mapping provider must specify the following methods:
           any option values they need here.
    - Whatever is returned will be passed back to the user mapping provider module's
      `__init__` method during construction.
-* `def get_saml_attributes(config)`
-    - **This method should have the `@staticmethod` decoration.**
+* `get_saml_attributes(config)`
+    - This method should have the `@staticmethod` decoration.
    - Arguments:
        - `config` - A object resulting from a call to `parse_config`.
    - Returns a tuple of two sets. The first set equates to the SAML auth
      response attributes that are required for the module to function, whereas
      the second set consists of those attributes which can be used if available,
      but are not necessary.
-* `def get_remote_user_id(self, saml_response, client_redirect_url)`
+* `get_remote_user_id(self, saml_response, client_redirect_url)`
    - Arguments:
      - `saml_response` - A `saml2.response.AuthnResponse` object to extract user
                          information from.
@@ -157,7 +157,7 @@ A custom mapping provider must specify the following methods:
                                redirected to.
    - This method must return a string, which is the unique, immutable identifier
      for the user. Commonly the `uid` claim of the response.
-* `def saml_response_to_user_attributes(self, saml_response, failures, client_redirect_url)`
+* `saml_response_to_user_attributes(self, saml_response, failures, client_redirect_url)`
    - Arguments:
      - `saml_response` - A `saml2.response.AuthnResponse` object to extract user
                          information from.
@@ -15,8 +15,8 @@ The following sections describe how to install [coturn](<https://github.com/cotu

 For TURN relaying with `coturn` to work, it must be hosted on a server/endpoint with a public IP.

-Hosting TURN behind NAT requires port forwaring and for the NAT gateway to have a public IP.
-However, even with appropriate configuration, NAT is known to cause issues and to often not work.
+Hosting TURN behind a NAT (even with appropriate port forwarding) is known to cause issues
+and to often not work.

 ## `coturn` setup

@@ -103,23 +103,7 @@ This will install and start a systemd service called `coturn`.
    denied-peer-ip=192.168.0.0-192.168.255.255
    denied-peer-ip=172.16.0.0-172.31.255.255

-    # recommended additional local peers to block, to mitigate external access to internal services.
-    # https://www.rtcsec.com/article/slack-webrtc-turn-compromise-and-bug-bounty/#how-to-fix-an-open-turn-relay-to-address-this-vulnerability
-    no-multicast-peers
-    denied-peer-ip=0.0.0.0-0.255.255.255
-    denied-peer-ip=100.64.0.0-100.127.255.255
-    denied-peer-ip=127.0.0.0-127.255.255.255
-    denied-peer-ip=169.254.0.0-169.254.255.255
-    denied-peer-ip=192.0.0.0-192.0.0.255
-    denied-peer-ip=192.0.2.0-192.0.2.255
-    denied-peer-ip=192.88.99.0-192.88.99.255
-    denied-peer-ip=198.18.0.0-198.19.255.255
-    denied-peer-ip=198.51.100.0-198.51.100.255
-    denied-peer-ip=203.0.113.0-203.0.113.255
-    denied-peer-ip=240.0.0.0-255.255.255.255
-
    # special case the turn server itself so that client->TURN->TURN->client flows work
-    # this should be one of the turn server's listening IPs
    allowed-peer-ip=10.0.0.1

    # consider whether you want to limit the quota of relayed streams per user (or total) to avoid risk of DoS.
@@ -139,7 +123,7 @@ This will install and start a systemd service called `coturn`.
    pkey=/path/to/privkey.pem
    ```

-    In this case, replace the `turn:` schemes in the `turn_uris` settings below
+    In this case, replace the `turn:` schemes in the `turn_uri` settings below
    with `turns:`.

    We recommend that you only try to set up TLS/DTLS once you have set up a
@@ -150,33 +134,21 @@ This will install and start a systemd service called `coturn`.
    traffic (remember to allow both TCP and UDP traffic), and ports 49152-65535
    for the UDP relay.)

-1.  If your TURN server is behind NAT, the NAT gateway must have an external,
-    publicly-reachable IP address. You must configure coturn to advertise that
-    address to connecting clients:
+1.  We do not recommend running a TURN server behind NAT, and are not aware of
+    anyone doing so successfully.
+
+    If you want to try it anyway, you will at least need to tell coturn its
+    external IP address:

    ```
-    external-ip=EXTERNAL_NAT_IPv4_ADDRESS
+    external-ip=192.88.99.1
    ```

-    You may optionally limit the TURN server to listen only on the local
-    address that is mapped by NAT to the external address:
+    ... and your NAT gateway must forward all of the relayed ports directly
+    (eg, port 56789 on the external IP must be always be forwarded to port
+    56789 on the internal IP).

-    ```
-    listening-ip=INTERNAL_TURNSERVER_IPv4_ADDRESS
-    ```
-
-    If your NAT gateway is reachable over both IPv4 and IPv6, you may
-    configure coturn to advertise each available address:
-
-    ```
-    external-ip=EXTERNAL_NAT_IPv4_ADDRESS
-    external-ip=EXTERNAL_NAT_IPv6_ADDRESS
-    ```
-
-    When advertising an external IPv6 address, ensure that the firewall and
-    network settings of the system running your TURN server are configured to
-    accept IPv6 traffic, and that the TURN server is listening on the local
-    IPv6 address that is mapped by NAT to the external IPv6 address.
+    If you get this working, let us know!

 1.  (Re)start the turn server:

@@ -244,6 +216,9 @@ connecting". Unfortunately, troubleshooting this can be tricky.

 Here are a few things to try:

+ * Check that your TURN server is not behind NAT. As above, we're not aware of
+   anyone who has successfully set this up.
+
 * Check that you have opened your firewall to allow TCP and UDP traffic to the
   TURN ports (normally 3478 and 5349).

@@ -259,18 +234,6 @@ Here are a few things to try:
   Try removing any AAAA records for your TURN server, so that it is only
   reachable over IPv4.

- * If your TURN server is behind NAT:
-
-    * double-check that your NAT gateway is correctly forwarding all TURN
-      ports (normally 3478 & 5349 for TCP & UDP TURN traffic, and 49152-65535 for the UDP
-      relay) to the NAT-internal address of your TURN server. If advertising
-      both IPv4 and IPv6 external addresses via the `external-ip` option, ensure
-      that the NAT is forwarding both IPv4 and IPv6 traffic to the IPv4 and IPv6
-      internal addresses of your TURN server. When in doubt, remove AAAA records
-      for your TURN server and specify only an IPv4 address as your `external-ip`.
-
-    * ensure that your TURN server uses the NAT gateway as its default route.
-
 * Enable more verbose logging in coturn via the `verbose` setting:

   ```
@@ -85,17 +85,6 @@ process, for example:
    dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
    ```

-# Upgrading to v1.50.0
-
-## Dropping support for old Python and Postgres versions
-
-In line with our [deprecation policy](deprecation_policy.md),
-we've dropped support for Python 3.6 and PostgreSQL 9.6, as they are no
-longer supported upstream.
-
-This release of Synapse requires Python 3.7+ and PostgreSQL 10+.
-
-
 # Upgrading to v1.47.0

 ## Removal of old Room Admin API
@@ -0,0 +1,57 @@
+# Spaces API
+
+This API allows a server administrator to manage spaces.
+
+## Remove local user
+
+This API forces a local user to leave all non-public rooms in a space.
+
+The space itself is always left, regardless of whether it is public.
+
+May succeed partially if the user fails to leave some rooms.
+
+The API is:
+
+```
+DELETE /_synapse/admin/v1/rooms/<room_id>/hierarchy/members/<user_id>
+```
+
+with an optional body of:
+
+```json
+{
+  "include_remote_spaces": true,
+}
+```
+
+`include_remote_spaces` controls whether to process subspaces that the
+local homeserver is not participating in. The listings of such subspaces
+have to be retrieved over federation and their accuracy cannot be
+guaranteed.
+
+Returning:
+
+```json
+{
+    "left_rooms": ["!room1:example.net", "!room2:example.net", ...],
+    "inaccessible_rooms": ["!subspace1:example.net", ...],
+    "failed_rooms": {
+        "!room4:example.net": "Failed to leave room.",
+        ...
+    }
+}
+```
+
+`left_rooms`: A list of rooms that the user has been made to leave.
+
+`inaccessible_rooms`: A list of rooms and spaces that the local
+homeserver is not in, and may have not been fully processed. Rooms may
+appear here if:
+  * The room is a space that the local homeserver is not in, and so its
+    full list of child rooms could not be determined.
+  * The room is inaccessible to the local homeserver, and it is not
+    known whether the room is a subspace containing further rooms.
+
+`failed_rooms`: A dictionary of errors encountered when leaving rooms.
+The keys of the dictionary are room IDs and the values of the dictionary
+are error messages.
@@ -1,139 +0,0 @@
-# Refresh Tokens
-
-Synapse supports refresh tokens since version 1.49 (some earlier versions had support for an earlier, experimental draft of [MSC2918] which is not compatible).
-
-
-[MSC2918]: https://github.com/matrix-org/matrix-doc/blob/main/proposals/2918-refreshtokens.md#msc2918-refresh-tokens
-
-
-## Background and motivation
-
-Synapse users' sessions are identified by **access tokens**; access tokens are
-issued to users on login. Each session gets a unique access token which identifies
-it; the access token must be kept secret as it grants access to the user's account.
-
-Traditionally, these access tokens were eternally valid (at least until the user
-explicitly chose to log out).
-
-In some cases, it may be desirable for these access tokens to expire so that the
-potential damage caused by leaking an access token is reduced.
-On the other hand, forcing a user to re-authenticate (log in again) often might
-be too much of an inconvenience.
-
-**Refresh tokens** are a mechanism to avoid some of this inconvenience whilst
-still getting most of the benefits of short access token lifetimes.
-Refresh tokens are also a concept present in OAuth 2 — further reading is available
-[here](https://datatracker.ietf.org/doc/html/rfc6749#section-1.5).
-
-When refresh tokens are in use, both an access token and a refresh token will be
-issued to users on login. The access token will expire after a predetermined amount
-of time, but otherwise works in the same way as before. When the access token is
-close to expiring (or has expired), the user's client should present the homeserver
-(Synapse) with the refresh token.
-
-The homeserver will then generate a new access token and refresh token for the user
-and return them. The old refresh token is invalidated and can not be used again*.
-
-Finally, refresh tokens also make it possible for sessions to be logged out if they
-are inactive for too long, before the session naturally ends; see the configuration
-guide below.
-
-
-*To prevent issues if clients lose connection half-way through refreshing a token,
-the refresh token is only invalidated once the new access token has been used at
-least once. For all intents and purposes, the above simplification is sufficient.
-
-
-## Caveats
-
-There are some caveats:
-
-* If a third party gets both your access token and refresh token, they will be able to
-  continue to enjoy access to your session.
-  * This is still an improvement because you (the user) will notice when *your*
-    session expires and you're not able to use your refresh token.
-    That would be a giveaway that someone else has compromised your session.
-    You would be able to log in again and terminate that session.
-    Previously (with long-lived access tokens), a third party that has your access
-    token could go undetected for a very long time.
-* Clients need to implement support for refresh tokens in order for them to be a
-  useful mechanism.
-  * It is up to homeserver administrators if they want to issue long-lived access
-    tokens to clients not implementing refresh tokens.
-    * For compatibility, it is likely that they should, at least until client support
-      is widespread.
-      * Users with clients that support refresh tokens will still benefit from the
-        added security; it's not possible to downgrade a session to using long-lived
-        access tokens so this effectively gives users the choice.
-    * In a closed environment where all users use known clients, this may not be
-      an issue as the homeserver administrator can know if the clients have refresh
-      token support. In that case, the non-refreshable access token lifetime
-      may be set to a short duration so that a similar level of security is provided.
-
-
-## Configuration Guide
-
-The following configuration options, in the `registration` section, are related:
-
-* `session_lifetime`: maximum length of a session, even if it's refreshed.
-  In other words, the client must log in again after this time period.
-  In most cases, this can be unset (infinite) or set to a long time (years or months).
-* `refreshable_access_token_lifetime`: lifetime of access tokens that are created
-  by clients supporting refresh tokens.
-  This should be short; a good value might be 5 minutes (`5m`).
-* `nonrefreshable_access_token_lifetime`: lifetime of access tokens that are created
-  by clients which don't support refresh tokens.
-  Make this short if you want to effectively force use of refresh tokens.
-  Make this long if you don't want to inconvenience users of clients which don't
-  support refresh tokens (by forcing them to frequently re-authenticate using
-  login credentials).
-* `refresh_token_lifetime`: lifetime of refresh tokens.
-  In other words, the client must refresh within this time period to maintain its session.
-  Unless you want to log inactive sessions out, it is often fine to use a long
-  value here or even leave it unset (infinite).
-  Beware that making it too short will inconvenience clients that do not connect
-  very often, including mobile clients and clients of infrequent users (by making
-  it more difficult for them to refresh in time, which may force them to need to
-  re-authenticate using login credentials).
-
-**Note:** All four options above only apply when tokens are created (by logging in or refreshing).
-Changes to these settings do not apply retroactively.
-
-
-### Using refresh token expiry to log out inactive sessions
-
-If you'd like to force sessions to be logged out upon inactivity, you can enable
-refreshable access token expiry and refresh token expiry.
-
-This works because a client must refresh at least once within a period of
-`refresh_token_lifetime` in order to maintain valid credentials to access the
-account.
-
-(It's suggested that `refresh_token_lifetime` should be longer than
-`refreshable_access_token_lifetime` and this section assumes that to be the case
-for simplicity.)
-
-Note: this will only affect sessions using refresh tokens. You may wish to
-set a short `nonrefreshable_access_token_lifetime` to prevent this being bypassed
-by clients that do not support refresh tokens.
-
-
-#### Choosing values that guarantee permitting some inactivity
-
-It may be desirable to permit some short periods of inactivity, for example to
-accommodate brief outages in client connectivity.
-
-The following model aims to provide guidance for choosing `refresh_token_lifetime`
-and `refreshable_access_token_lifetime` to satisfy requirements of the form:
-
-1. inactivity longer than `L` **MUST** cause the session to be logged out; and
-2. inactivity shorter than `S` **MUST NOT** cause the session to be logged out.
-
-This model makes the weakest assumption that all active clients will refresh as
-needed to maintain an active access token, but no sooner.
-*In reality, clients may refresh more often than this model assumes, but the
-above requirements will still hold.*
-
-To satisfy the above model,
-* `refresh_token_lifetime` should be set to `L`; and
-* `refreshable_access_token_lifetime` should be set to `L - S`.
@@ -25,9 +25,14 @@ exclude = (?x)
  ^(
   |synapse/storage/databases/__init__.py
   |synapse/storage/databases/main/__init__.py
+   |synapse/storage/databases/main/account_data.py
   |synapse/storage/databases/main/cache.py
   |synapse/storage/databases/main/devices.py
+   |synapse/storage/databases/main/e2e_room_keys.py
+   |synapse/storage/databases/main/end_to_end_keys.py
   |synapse/storage/databases/main/event_federation.py
+   |synapse/storage/databases/main/event_push_actions.py
+   |synapse/storage/databases/main/events_bg_updates.py
   |synapse/storage/databases/main/group_server.py
   |synapse/storage/databases/main/metrics.py
   |synapse/storage/databases/main/monthly_active_users.py
@@ -35,9 +40,12 @@ exclude = (?x)
   |synapse/storage/databases/main/purge_events.py
   |synapse/storage/databases/main/push_rule.py
   |synapse/storage/databases/main/receipts.py
+   |synapse/storage/databases/main/room.py
   |synapse/storage/databases/main/roommember.py
   |synapse/storage/databases/main/search.py
   |synapse/storage/databases/main/state.py
+   |synapse/storage/databases/main/stats.py
+   |synapse/storage/databases/main/transactions.py
   |synapse/storage/databases/main/user_directory.py
   |synapse/storage/schema/

@@ -99,6 +107,7 @@ exclude = (?x)
   |tests/server.py
   |tests/server_notices/test_resource_limits_server_notices.py
   |tests/state/test_v2.py
+   |tests/storage/test_account_data.py
   |tests/storage/test_background_update.py
   |tests/storage/test_base.py
   |tests/storage/test_client_ips.py
@@ -136,9 +145,6 @@ disallow_untyped_defs = True
 [mypy-synapse.app.*]
 disallow_untyped_defs = True

-[mypy-synapse.appservice.*]
-disallow_untyped_defs = True
-
 [mypy-synapse.config._base]
 disallow_untyped_defs = True

@@ -157,12 +163,6 @@ disallow_untyped_defs = False
 [mypy-synapse.handlers.*]
 disallow_untyped_defs = True

-[mypy-synapse.http.server]
-disallow_untyped_defs = True
-
-[mypy-synapse.logging.context]
-disallow_untyped_defs = True
-
 [mypy-synapse.metrics.*]
 disallow_untyped_defs = True

@@ -181,48 +181,24 @@ disallow_untyped_defs = True
 [mypy-synapse.state.*]
 disallow_untyped_defs = True

-[mypy-synapse.storage.databases.main.account_data]
-disallow_untyped_defs = True
-
 [mypy-synapse.storage.databases.main.client_ips]
 disallow_untyped_defs = True

 [mypy-synapse.storage.databases.main.directory]
 disallow_untyped_defs = True

-[mypy-synapse.storage.databases.main.e2e_room_keys]
-disallow_untyped_defs = True
-
-[mypy-synapse.storage.databases.main.end_to_end_keys]
-disallow_untyped_defs = True
-
-[mypy-synapse.storage.databases.main.event_push_actions]
-disallow_untyped_defs = True
-
-[mypy-synapse.storage.databases.main.events_bg_updates]
-disallow_untyped_defs = True
-
 [mypy-synapse.storage.databases.main.events_worker]
 disallow_untyped_defs = True

-[mypy-synapse.storage.databases.main.room]
-disallow_untyped_defs = True
-
 [mypy-synapse.storage.databases.main.room_batch]
 disallow_untyped_defs = True

 [mypy-synapse.storage.databases.main.profile]
 disallow_untyped_defs = True

-[mypy-synapse.storage.databases.main.stats]
-disallow_untyped_defs = True
-
 [mypy-synapse.storage.databases.main.state_deltas]
 disallow_untyped_defs = True

-[mypy-synapse.storage.databases.main.transactions]
-disallow_untyped_defs = True
-
 [mypy-synapse.storage.databases.main.user_erasure_store]
 disallow_untyped_defs = True

@@ -247,9 +223,6 @@ disallow_untyped_defs = True
 [mypy-tests.storage.test_user_directory]
 disallow_untyped_defs = True

-[mypy-tests.rest.admin.*]
-disallow_untyped_defs = True
-
 [mypy-tests.rest.client.test_directory]
 disallow_untyped_defs = True

@@ -313,6 +286,9 @@ ignore_missing_imports = True
 [mypy-netaddr]
 ignore_missing_imports = True

+[mypy-opentracing]
+ignore_missing_imports = True
+
 [mypy-parameterized.*]
 ignore_missing_imports = True

@@ -35,7 +35,7 @@
        showcontent = true

 [tool.black]
-target-version = ['py37', 'py38', 'py39', 'py310']
+target-version = ['py36']
 exclude = '''

 (
@@ -24,6 +24,7 @@ DISTS = (
    "debian:bullseye",
    "debian:bookworm",
    "debian:sid",
+    "ubuntu:bionic",  # 18.04 LTS (our EOL forced by Py36 on 2021-12-23)
    "ubuntu:focal",  # 20.04 LTS (our EOL forced by Py38 on 2024-10-14)
    "ubuntu:hirsute",  # 21.04 (EOL 2022-01-05)
    "ubuntu:impish",  # 21.10  (EOL 2022-07)
@@ -42,8 +42,8 @@ echo "--------------------------"
 echo

 matched=0
-for f in $(git diff --diff-filter=d --name-only FETCH_HEAD... -- changelog.d); do
-    # check that any added newsfiles on this branch end with a full stop.
+for f in $(git diff --name-only FETCH_HEAD... -- changelog.d); do
+    # check that any modified newsfiles on this branch end with a full stop.
    lastchar=$(tr -d '\n' < "$f" | tail -c 1)
    if [ "$lastchar" != '.' ] && [ "$lastchar" != '!' ]; then
        echo -e "\e[31mERROR: newsfragment $f does not end with a '.' or '!'\e[39m" >&2
@@ -96,7 +96,7 @@ CONDITIONAL_REQUIREMENTS["all"] = list(ALL_OPTIONAL_REQUIREMENTS)
 # We pin black so that our tests don't start failing on new releases.
 CONDITIONAL_REQUIREMENTS["lint"] = [
    "isort==5.7.0",
-    "black==21.12b0",
+    "black==21.6b0",
    "flake8-comprehensions",
    "flake8-bugbear==21.3.2",
    "flake8",
@@ -107,7 +107,6 @@ CONDITIONAL_REQUIREMENTS["mypy"] = [
    "mypy-zope==0.3.2",
    "types-bleach>=4.1.0",
    "types-jsonschema>=3.2.0",
-    "types-opentracing>=2.4.2",
    "types-Pillow>=8.3.4",
    "types-pyOpenSSL>=20.0.7",
    "types-PyYAML>=5.4.10",
@@ -120,7 +119,9 @@ CONDITIONAL_REQUIREMENTS["mypy"] = [
 # Tests assume that all optional dependencies are installed.
 #
 # parameterized_class decorator was introduced in parameterized 0.7.0
-CONDITIONAL_REQUIREMENTS["test"] = ["parameterized>=0.7.0"]
+#
+# We use `mock` library as that backports `AsyncMock` to Python 3.6
+CONDITIONAL_REQUIREMENTS["test"] = ["parameterized>=0.7.0", "mock>=4.0.0"]

 CONDITIONAL_REQUIREMENTS["dev"] = (
    CONDITIONAL_REQUIREMENTS["lint"]
@@ -162,6 +163,7 @@ setup(
        "Topic :: Communications :: Chat",
        "License :: OSI Approved :: Apache Software License",
        "Programming Language :: Python :: 3 :: Only",
+        "Programming Language :: Python :: 3.6",
        "Programming Language :: Python :: 3.7",
        "Programming Language :: Python :: 3.8",
        "Programming Language :: Python :: 3.9",
@@ -17,12 +17,11 @@
 from typing import Any, List, Optional, Type, Union

 from twisted.internet import protocol
-from twisted.internet.defer import Deferred

 class RedisProtocol(protocol.Protocol):
    def publish(self, channel: str, message: bytes): ...
-    def ping(self) -> "Deferred[None]": ...
-    def set(
+    async def ping(self) -> None: ...
+    async def set(
        self,
        key: str,
        value: Any,
@@ -30,8 +29,8 @@ class RedisProtocol(protocol.Protocol):
        pexpire: Optional[int] = None,
        only_if_not_exists: bool = False,
        only_if_exists: bool = False,
-    ) -> "Deferred[None]": ...
-    def get(self, key: str) -> "Deferred[Any]": ...
+    ) -> None: ...
+    async def get(self, key: str) -> Any: ...

 class SubscriberProtocol(RedisProtocol):
    def __init__(self, *args, **kwargs): ...
@@ -47,7 +47,7 @@ try:
 except ImportError:
    pass

-__version__ = "1.50.0rc1"
+__version__ = "1.49.0rc1"

 if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
    # We import here so that we don't have to install a bunch of deps when
@@ -32,7 +32,7 @@ from synapse.appservice import ApplicationService
 from synapse.events import EventBase
 from synapse.http import get_request_user_agent
 from synapse.http.site import SynapseRequest
-from synapse.logging.opentracing import active_span, force_tracing, start_active_span
+from synapse.logging import opentracing as opentracing
 from synapse.storage.databases.main.registration import TokenLookupResult
 from synapse.types import Requester, StateMap, UserID, create_requester
 from synapse.util.caches.lrucache import LruCache
@@ -149,53 +149,13 @@ class Auth:
                is invalid.
            AuthError if access is denied for the user in the access token
        """
-        parent_span = active_span()
-        with start_active_span("get_user_by_req"):
-            requester = await self._wrapped_get_user_by_req(
-                request, allow_guest, rights, allow_expired
-            )
-
-            if parent_span:
-                if requester.authenticated_entity in self._force_tracing_for_users:
-                    # request tracing is enabled for this user, so we need to force it
-                    # tracing on for the parent span (which will be the servlet span).
-                    #
-                    # It's too late for the get_user_by_req span to inherit the setting,
-                    # so we also force it on for that.
-                    force_tracing()
-                    force_tracing(parent_span)
-                parent_span.set_tag(
-                    "authenticated_entity", requester.authenticated_entity
-                )
-                parent_span.set_tag("user_id", requester.user.to_string())
-                if requester.device_id is not None:
-                    parent_span.set_tag("device_id", requester.device_id)
-                if requester.app_service is not None:
-                    parent_span.set_tag("appservice_id", requester.app_service.id)
-            return requester
-
-    async def _wrapped_get_user_by_req(
-        self,
-        request: SynapseRequest,
-        allow_guest: bool,
-        rights: str,
-        allow_expired: bool,
-    ) -> Requester:
-        """Helper for get_user_by_req
-
-        Once get_user_by_req has set up the opentracing span, this does the actual work.
-        """
        try:
            ip_addr = request.getClientIP()
            user_agent = get_request_user_agent(request)

            access_token = self.get_access_token_from_request(request)

-            (
-                user_id,
-                device_id,
-                app_service,
-            ) = await self._get_appservice_user_id_and_device_id(request)
+            user_id, app_service = await self._get_appservice_user_id(request)
            if user_id and app_service:
                if ip_addr and self._track_appservice_user_ips:
                    await self.store.insert_client_ip(
@@ -203,16 +163,18 @@ class Auth:
                        access_token=access_token,
                        ip=ip_addr,
                        user_agent=user_agent,
-                        device_id="dummy-device"
-                        if device_id is None
-                        else device_id,  # stubbed
+                        device_id="dummy-device",  # stubbed
                    )

-                requester = create_requester(
-                    user_id, app_service=app_service, device_id=device_id
-                )
+                requester = create_requester(user_id, app_service=app_service)

                request.requester = user_id
+                if user_id in self._force_tracing_for_users:
+                    opentracing.force_tracing()
+                opentracing.set_tag("authenticated_entity", user_id)
+                opentracing.set_tag("user_id", user_id)
+                opentracing.set_tag("appservice_id", app_service.id)
+
                return requester

            user_info = await self.get_user_by_access_token(
@@ -270,6 +232,13 @@ class Auth:
            )

            request.requester = requester
+            if user_info.token_owner in self._force_tracing_for_users:
+                opentracing.force_tracing()
+            opentracing.set_tag("authenticated_entity", user_info.token_owner)
+            opentracing.set_tag("user_id", user_info.user_id)
+            if device_id:
+                opentracing.set_tag("device_id", device_id)
+
            return requester
        except KeyError:
            raise MissingClientTokenError()
@@ -305,81 +274,33 @@ class Auth:
                403, "Application service has not registered this user (%s)" % user_id
            )

-    async def _get_appservice_user_id_and_device_id(
+    async def _get_appservice_user_id(
        self, request: Request
-    ) -> Tuple[Optional[str], Optional[str], Optional[ApplicationService]]:
-        """
-        Given a request, reads the request parameters to determine:
-        - whether it's an application service that's making this request
-        - what user the application service should be treated as controlling
-          (the user_id URI parameter allows an application service to masquerade
-          any applicable user in its namespace)
-        - what device the application service should be treated as controlling
-          (the device_id[^1] URI parameter allows an application service to masquerade
-          as any device that exists for the relevant user)
-
-        [^1] Unstable and provided by MSC3202.
-             Must use `org.matrix.msc3202.device_id` in place of `device_id` for now.
-
-        Returns:
-            3-tuple of
-            (user ID?, device ID?, application service?)
-
-        Postconditions:
-        - If an application service is returned, so is a user ID
-        - A user ID is never returned without an application service
-        - A device ID is never returned without a user ID or an application service
-        - The returned application service, if present, is permitted to control the
-          returned user ID.
-        - The returned device ID, if present, has been checked to be a valid device ID
-          for the returned user ID.
-        """
-        DEVICE_ID_ARG_NAME = b"org.matrix.msc3202.device_id"
-
+    ) -> Tuple[Optional[str], Optional[ApplicationService]]:
        app_service = self.store.get_app_service_by_token(
            self.get_access_token_from_request(request)
        )
        if app_service is None:
-            return None, None, None
+            return None, None

        if app_service.ip_range_whitelist:
            ip_address = IPAddress(request.getClientIP())
            if ip_address not in app_service.ip_range_whitelist:
-                return None, None, None
+                return None, None

        # This will always be set by the time Twisted calls us.
        assert request.args is not None

-        if b"user_id" in request.args:
-            effective_user_id = request.args[b"user_id"][0].decode("utf8")
-            await self.validate_appservice_can_control_user_id(
-                app_service, effective_user_id
-            )
-        else:
-            effective_user_id = app_service.sender
+        if b"user_id" not in request.args:
+            return app_service.sender, app_service

-        effective_device_id: Optional[str] = None
+        user_id = request.args[b"user_id"][0].decode("utf8")
+        await self.validate_appservice_can_control_user_id(app_service, user_id)

-        if (
-            self.hs.config.experimental.msc3202_device_masquerading_enabled
-            and DEVICE_ID_ARG_NAME in request.args
-        ):
-            effective_device_id = request.args[DEVICE_ID_ARG_NAME][0].decode("utf8")
-            # We only just set this so it can't be None!
-            assert effective_device_id is not None
-            device_opt = await self.store.get_device(
-                effective_user_id, effective_device_id
-            )
-            if device_opt is None:
-                # For now, use 400 M_EXCLUSIVE if the device doesn't exist.
-                # This is an open thread of discussion on MSC3202 as of 2021-12-09.
-                raise AuthError(
-                    400,
-                    f"Application service trying to use a device that doesn't exist ('{effective_device_id}' for {effective_user_id})",
-                    Codes.EXCLUSIVE,
-                )
+        if app_service.sender == user_id:
+            return app_service.sender, app_service

-        return effective_user_id, effective_device_id, app_service
+        return user_id, app_service

    async def get_user_by_access_token(
        self,
@@ -253,9 +253,5 @@ class GuestAccess:
    FORBIDDEN: Final = "forbidden"


-class ReceiptTypes:
-    READ: Final = "m.read"
-
-
 class ReadReceiptEventFields:
    MSC2285_HIDDEN: Final = "org.matrix.msc2285.hidden"
@@ -351,7 +351,8 @@ class Filter:
            True if the event matches the filter.
        """
        # We usually get the full "events" as dictionaries coming through,
-        # except for presence which actually gets passed around as its own type.
+        # except for presence which actually gets passed around as its own
+        # namedtuple type.
        if isinstance(event, UserPresenceState):
            user_id = event.user_id
            field_matchers = {
@@ -27,7 +27,6 @@ import synapse
 import synapse.config.logger
 from synapse import events
 from synapse.api.urls import (
-    CLIENT_API_PREFIX,
    FEDERATION_PREFIX,
    LEGACY_MEDIA_PREFIX,
    MEDIA_R0_PREFIX,
@@ -193,7 +192,13 @@ class SynapseHomeServer(HomeServer):

            resources.update(
                {
-                    CLIENT_API_PREFIX: client_resource,
+                    "/_matrix/client/api/v1": client_resource,
+                    "/_matrix/client/r0": client_resource,
+                    "/_matrix/client/v1": client_resource,
+                    "/_matrix/client/v3": client_resource,
+                    "/_matrix/client/unstable": client_resource,
+                    "/_matrix/client/v2_alpha": client_resource,
+                    "/_matrix/client/versions": client_resource,
                    "/.well-known": well_known_resource(self),
                    "/_synapse/admin": AdminRestResource(self),
                    **build_synapse_client_resource_tree(self),
@@ -11,14 +11,10 @@
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
-
 import logging
 import re
 from enum import Enum
-from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, Pattern
-
-import attr
-from netaddr import IPSet
+from typing import TYPE_CHECKING, Iterable, List, Match, Optional

 from synapse.api.constants import EventTypes
 from synapse.events import EventBase
@@ -37,13 +33,6 @@ class ApplicationServiceState(Enum):
    UP = "up"


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class Namespace:
-    exclusive: bool
-    group_id: Optional[str]
-    regex: Pattern[str]
-
-
 class ApplicationService:
    """Defines an application service. This definition is mostly what is
    provided to the /register AS API.
@@ -61,17 +50,17 @@ class ApplicationService:

    def __init__(
        self,
-        token: str,
-        hostname: str,
-        id: str,
-        sender: str,
-        url: Optional[str] = None,
-        namespaces: Optional[JsonDict] = None,
-        hs_token: Optional[str] = None,
-        protocols: Optional[Iterable[str]] = None,
-        rate_limited: bool = True,
-        ip_range_whitelist: Optional[IPSet] = None,
-        supports_ephemeral: bool = False,
+        token,
+        hostname,
+        id,
+        sender,
+        url=None,
+        namespaces=None,
+        hs_token=None,
+        protocols=None,
+        rate_limited=True,
+        ip_range_whitelist=None,
+        supports_ephemeral=False,
    ):
        self.token = token
        self.url = (
@@ -96,33 +85,27 @@ class ApplicationService:

        self.rate_limited = rate_limited

-    def _check_namespaces(
-        self, namespaces: Optional[JsonDict]
-    ) -> Dict[str, List[Namespace]]:
+    def _check_namespaces(self, namespaces):
        # Sanity check that it is of the form:
        # {
        #   users: [ {regex: "[A-z]+.*", exclusive: true}, ...],
        #   aliases: [ {regex: "[A-z]+.*", exclusive: true}, ...],
        #   rooms: [ {regex: "[A-z]+.*", exclusive: true}, ...],
        # }
-        if namespaces is None:
+        if not namespaces:
            namespaces = {}

-        result: Dict[str, List[Namespace]] = {}
-
        for ns in ApplicationService.NS_LIST:
-            result[ns] = []
-
            if ns not in namespaces:
+                namespaces[ns] = []
                continue

-            if not isinstance(namespaces[ns], list):
+            if type(namespaces[ns]) != list:
                raise ValueError("Bad namespace value for '%s'" % ns)
            for regex_obj in namespaces[ns]:
                if not isinstance(regex_obj, dict):
                    raise ValueError("Expected dict regex for ns '%s'" % ns)
-                exclusive = regex_obj.get("exclusive")
-                if not isinstance(exclusive, bool):
+                if not isinstance(regex_obj.get("exclusive"), bool):
                    raise ValueError("Expected bool for 'exclusive' in ns '%s'" % ns)
                group_id = regex_obj.get("group_id")
                if group_id:
@@ -143,26 +126,22 @@ class ApplicationService:
                        )

                regex = regex_obj.get("regex")
-                if not isinstance(regex, str):
+                if isinstance(regex, str):
+                    regex_obj["regex"] = re.compile(regex)  # Pre-compile regex
+                else:
                    raise ValueError("Expected string for 'regex' in ns '%s'" % ns)
+        return namespaces

-                # Pre-compile regex.
-                result[ns].append(Namespace(exclusive, group_id, re.compile(regex)))
-
-        return result
-
-    def _matches_regex(
-        self, namespace_key: str, test_string: str
-    ) -> Optional[Namespace]:
-        for namespace in self.namespaces[namespace_key]:
-            if namespace.regex.match(test_string):
-                return namespace
+    def _matches_regex(self, test_string: str, namespace_key: str) -> Optional[Match]:
+        for regex_obj in self.namespaces[namespace_key]:
+            if regex_obj["regex"].match(test_string):
+                return regex_obj
        return None

-    def _is_exclusive(self, namespace_key: str, test_string: str) -> bool:
-        namespace = self._matches_regex(namespace_key, test_string)
-        if namespace:
-            return namespace.exclusive
+    def _is_exclusive(self, ns_key: str, test_string: str) -> bool:
+        regex_obj = self._matches_regex(test_string, ns_key)
+        if regex_obj:
+            return regex_obj["exclusive"]
        return False

    async def _matches_user(
@@ -281,15 +260,15 @@ class ApplicationService:

    def is_interested_in_user(self, user_id: str) -> bool:
        return (
-            bool(self._matches_regex(ApplicationService.NS_USERS, user_id))
+            bool(self._matches_regex(user_id, ApplicationService.NS_USERS))
            or user_id == self.sender
        )

    def is_interested_in_alias(self, alias: str) -> bool:
-        return bool(self._matches_regex(ApplicationService.NS_ALIASES, alias))
+        return bool(self._matches_regex(alias, ApplicationService.NS_ALIASES))

    def is_interested_in_room(self, room_id: str) -> bool:
-        return bool(self._matches_regex(ApplicationService.NS_ROOMS, room_id))
+        return bool(self._matches_regex(room_id, ApplicationService.NS_ROOMS))

    def is_exclusive_user(self, user_id: str) -> bool:
        return (
@@ -306,14 +285,14 @@ class ApplicationService:
    def is_exclusive_room(self, room_id: str) -> bool:
        return self._is_exclusive(ApplicationService.NS_ROOMS, room_id)

-    def get_exclusive_user_regexes(self) -> List[Pattern[str]]:
+    def get_exclusive_user_regexes(self):
        """Get the list of regexes used to determine if a user is exclusively
        registered by the AS
        """
        return [
-            namespace.regex
-            for namespace in self.namespaces[ApplicationService.NS_USERS]
-            if namespace.exclusive
+            regex_obj["regex"]
+            for regex_obj in self.namespaces[ApplicationService.NS_USERS]
+            if regex_obj["exclusive"]
        ]

    def get_groups_for_user(self, user_id: str) -> Iterable[str]:
@@ -326,15 +305,15 @@ class ApplicationService:
            An iterable that yields group_id strings.
        """
        return (
-            namespace.group_id
-            for namespace in self.namespaces[ApplicationService.NS_USERS]
-            if namespace.group_id and namespace.regex.match(user_id)
+            regex_obj["group_id"]
+            for regex_obj in self.namespaces[ApplicationService.NS_USERS]
+            if "group_id" in regex_obj and regex_obj["regex"].match(user_id)
        )

    def is_rate_limited(self) -> bool:
        return self.rate_limited

-    def __str__(self) -> str:
+    def __str__(self):
        # copy dictionary and redact token fields so they don't get logged
        dict_copy = self.__dict__.copy()
        dict_copy["token"] = "<redacted>"
@@ -12,8 +12,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 import logging
-import urllib.parse
-from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, Tuple
+import urllib
+from typing import TYPE_CHECKING, List, Optional, Tuple

 from prometheus_client import Counter

@@ -53,7 +53,7 @@ HOUR_IN_MS = 60 * 60 * 1000
 APP_SERVICE_PREFIX = "/_matrix/app/unstable"


-def _is_valid_3pe_metadata(info: JsonDict) -> bool:
+def _is_valid_3pe_metadata(info):
    if "instances" not in info:
        return False
    if not isinstance(info["instances"], list):
@@ -61,7 +61,7 @@ def _is_valid_3pe_metadata(info: JsonDict) -> bool:
    return True


-def _is_valid_3pe_result(r: JsonDict, field: str) -> bool:
+def _is_valid_3pe_result(r, field):
    if not isinstance(r, dict):
        return False

@@ -93,13 +93,9 @@ class ApplicationServiceApi(SimpleHttpClient):
            hs.get_clock(), "as_protocol_meta", timeout_ms=HOUR_IN_MS
        )

-    async def query_user(self, service: "ApplicationService", user_id: str) -> bool:
+    async def query_user(self, service, user_id):
        if service.url is None:
            return False
-
-        # This is required by the configuration.
-        assert service.hs_token is not None
-
        uri = service.url + ("/users/%s" % urllib.parse.quote(user_id))
        try:
            response = await self.get_json(uri, {"access_token": service.hs_token})
@@ -113,13 +109,9 @@ class ApplicationServiceApi(SimpleHttpClient):
            logger.warning("query_user to %s threw exception %s", uri, ex)
        return False

-    async def query_alias(self, service: "ApplicationService", alias: str) -> bool:
+    async def query_alias(self, service, alias):
        if service.url is None:
            return False
-
-        # This is required by the configuration.
-        assert service.hs_token is not None
-
        uri = service.url + ("/rooms/%s" % urllib.parse.quote(alias))
        try:
            response = await self.get_json(uri, {"access_token": service.hs_token})
@@ -133,13 +125,7 @@ class ApplicationServiceApi(SimpleHttpClient):
            logger.warning("query_alias to %s threw exception %s", uri, ex)
        return False

-    async def query_3pe(
-        self,
-        service: "ApplicationService",
-        kind: str,
-        protocol: str,
-        fields: Dict[bytes, List[bytes]],
-    ) -> List[JsonDict]:
+    async def query_3pe(self, service, kind, protocol, fields):
        if kind == ThirdPartyEntityKind.USER:
            required_field = "userid"
        elif kind == ThirdPartyEntityKind.LOCATION:
@@ -219,14 +205,11 @@ class ApplicationServiceApi(SimpleHttpClient):
        events: List[EventBase],
        ephemeral: List[JsonDict],
        txn_id: Optional[int] = None,
-    ) -> bool:
+    ):
        if service.url is None:
            return True

-        # This is required by the configuration.
-        assert service.hs_token is not None
-
-        serialized_events = self._serialize(service, events)
+        events = self._serialize(service, events)

        if txn_id is None:
            logger.warning(
@@ -238,12 +221,9 @@ class ApplicationServiceApi(SimpleHttpClient):

        # Never send ephemeral events to appservices that do not support it
        if service.supports_ephemeral:
-            body = {
-                "events": serialized_events,
-                "de.sorunome.msc2409.ephemeral": ephemeral,
-            }
+            body = {"events": events, "de.sorunome.msc2409.ephemeral": ephemeral}
        else:
-            body = {"events": serialized_events}
+            body = {"events": events}

        try:
            await self.put_json(
@@ -258,7 +238,7 @@ class ApplicationServiceApi(SimpleHttpClient):
                    [event.get("event_id") for event in events],
                )
            sent_transactions_counter.labels(service.id).inc()
-            sent_events_counter.labels(service.id).inc(len(serialized_events))
+            sent_events_counter.labels(service.id).inc(len(events))
            return True
        except CodeMessageException as e:
            logger.warning(
@@ -280,9 +260,7 @@ class ApplicationServiceApi(SimpleHttpClient):
        failed_transactions_counter.labels(service.id).inc()
        return False

-    def _serialize(
-        self, service: "ApplicationService", events: Iterable[EventBase]
-    ) -> List[JsonDict]:
+    def _serialize(self, service, events):
        time_now = self.clock.time_msec()
        return [
            serialize_event(
@@ -48,19 +48,13 @@ This is all tied together by the AppServiceScheduler which DIs the required
 components.
 """
 import logging
-from typing import TYPE_CHECKING, Awaitable, Callable, Dict, List, Optional, Set
+from typing import List, Optional

 from synapse.appservice import ApplicationService, ApplicationServiceState
-from synapse.appservice.api import ApplicationServiceApi
 from synapse.events import EventBase
 from synapse.logging.context import run_in_background
 from synapse.metrics.background_process_metrics import run_as_background_process
-from synapse.storage.databases.main import DataStore
 from synapse.types import JsonDict
-from synapse.util import Clock
-
-if TYPE_CHECKING:
-    from synapse.server import HomeServer

 logger = logging.getLogger(__name__)

@@ -78,7 +72,7 @@ class ApplicationServiceScheduler:
    case is a simple array.
    """

-    def __init__(self, hs: "HomeServer"):
+    def __init__(self, hs):
        self.clock = hs.get_clock()
        self.store = hs.get_datastore()
        self.as_api = hs.get_application_service_api()
@@ -86,7 +80,7 @@ class ApplicationServiceScheduler:
        self.txn_ctrl = _TransactionController(self.clock, self.store, self.as_api)
        self.queuer = _ServiceQueuer(self.txn_ctrl, self.clock)

-    async def start(self) -> None:
+    async def start(self):
        logger.info("Starting appservice scheduler")

        # check for any DOWN ASes and start recoverers for them.
@@ -97,14 +91,12 @@ class ApplicationServiceScheduler:
        for service in services:
            self.txn_ctrl.start_recoverer(service)

-    def submit_event_for_as(
-        self, service: ApplicationService, event: EventBase
-    ) -> None:
+    def submit_event_for_as(self, service: ApplicationService, event: EventBase):
        self.queuer.enqueue_event(service, event)

    def submit_ephemeral_events_for_as(
        self, service: ApplicationService, events: List[JsonDict]
-    ) -> None:
+    ):
        self.queuer.enqueue_ephemeral(service, events)


@@ -116,18 +108,16 @@ class _ServiceQueuer:
    appservice at a given time.
    """

-    def __init__(self, txn_ctrl: "_TransactionController", clock: Clock):
-        # dict of {service_id: [events]}
-        self.queued_events: Dict[str, List[EventBase]] = {}
-        # dict of {service_id: [events]}
-        self.queued_ephemeral: Dict[str, List[JsonDict]] = {}
+    def __init__(self, txn_ctrl, clock):
+        self.queued_events = {}  # dict of {service_id: [events]}
+        self.queued_ephemeral = {}  # dict of {service_id: [events]}

        # the appservices which currently have a transaction in flight
-        self.requests_in_flight: Set[str] = set()
+        self.requests_in_flight = set()
        self.txn_ctrl = txn_ctrl
        self.clock = clock

-    def _start_background_request(self, service: ApplicationService) -> None:
+    def _start_background_request(self, service):
        # start a sender for this appservice if we don't already have one
        if service.id in self.requests_in_flight:
            return
@@ -136,17 +126,15 @@ class _ServiceQueuer:
            "as-sender-%s" % (service.id,), self._send_request, service
        )

-    def enqueue_event(self, service: ApplicationService, event: EventBase) -> None:
+    def enqueue_event(self, service: ApplicationService, event: EventBase):
        self.queued_events.setdefault(service.id, []).append(event)
        self._start_background_request(service)

-    def enqueue_ephemeral(
-        self, service: ApplicationService, events: List[JsonDict]
-    ) -> None:
+    def enqueue_ephemeral(self, service: ApplicationService, events: List[JsonDict]):
        self.queued_ephemeral.setdefault(service.id, []).extend(events)
        self._start_background_request(service)

-    async def _send_request(self, service: ApplicationService) -> None:
+    async def _send_request(self, service: ApplicationService):
        # sanity-check: we shouldn't get here if this service already has a sender
        # running.
        assert service.id not in self.requests_in_flight
@@ -180,15 +168,20 @@ class _TransactionController:
    if a transaction fails.

    (Note we have only have one of these in the homeserver.)
+
+    Args:
+        clock (synapse.util.Clock):
+        store (synapse.storage.DataStore):
+        as_api (synapse.appservice.api.ApplicationServiceApi):
    """

-    def __init__(self, clock: Clock, store: DataStore, as_api: ApplicationServiceApi):
+    def __init__(self, clock, store, as_api):
        self.clock = clock
        self.store = store
        self.as_api = as_api

        # map from service id to recoverer instance
-        self.recoverers: Dict[str, "_Recoverer"] = {}
+        self.recoverers = {}

        # for UTs
        self.RECOVERER_CLASS = _Recoverer
@@ -198,7 +191,7 @@ class _TransactionController:
        service: ApplicationService,
        events: List[EventBase],
        ephemeral: Optional[List[JsonDict]] = None,
-    ) -> None:
+    ):
        try:
            txn = await self.store.create_appservice_txn(
                service=service, events=events, ephemeral=ephemeral or []
@@ -214,7 +207,7 @@ class _TransactionController:
            logger.exception("Error creating appservice transaction")
            run_in_background(self._on_txn_fail, service)

-    async def on_recovered(self, recoverer: "_Recoverer") -> None:
+    async def on_recovered(self, recoverer):
        logger.info(
            "Successfully recovered application service AS ID %s", recoverer.service.id
        )
@@ -224,18 +217,18 @@ class _TransactionController:
            recoverer.service, ApplicationServiceState.UP
        )

-    async def _on_txn_fail(self, service: ApplicationService) -> None:
+    async def _on_txn_fail(self, service):
        try:
            await self.store.set_appservice_state(service, ApplicationServiceState.DOWN)
            self.start_recoverer(service)
        except Exception:
            logger.exception("Error starting AS recoverer")

-    def start_recoverer(self, service: ApplicationService) -> None:
+    def start_recoverer(self, service):
        """Start a Recoverer for the given service

        Args:
-            service:
+            service (synapse.appservice.ApplicationService):
        """
        logger.info("Starting recoverer for AS ID %s", service.id)
        assert service.id not in self.recoverers
@@ -264,14 +257,7 @@ class _Recoverer:
        callback (callable[_Recoverer]): called once the service recovers.
    """

-    def __init__(
-        self,
-        clock: Clock,
-        store: DataStore,
-        as_api: ApplicationServiceApi,
-        service: ApplicationService,
-        callback: Callable[["_Recoverer"], Awaitable[None]],
-    ):
+    def __init__(self, clock, store, as_api, service, callback):
        self.clock = clock
        self.store = store
        self.as_api = as_api
@@ -279,8 +265,8 @@ class _Recoverer:
        self.callback = callback
        self.backoff_counter = 1

-    def recover(self) -> None:
-        def _retry() -> None:
+    def recover(self):
+        def _retry():
            run_as_background_process(
                "as-recoverer-%s" % (self.service.id,), self.retry
            )
@@ -289,13 +275,13 @@ class _Recoverer:
        logger.info("Scheduling retries on %s in %fs", self.service.id, delay)
        self.clock.call_later(delay, _retry)

-    def _backoff(self) -> None:
+    def _backoff(self):
        # cap the backoff to be around 8.5min => (2^9) = 512 secs
        if self.backoff_counter < 9:
            self.backoff_counter += 1
        self.recover()

-    async def retry(self) -> None:
+    async def retry(self):
        logger.info("Starting retries on %s", self.service.id)
        try:
            while True:
@@ -107,8 +107,6 @@ _DEFAULT_PREJOIN_STATE_TYPES = [
    EventTypes.Name,
    # Per MSC1772.
    EventTypes.Create,
-    # Per MSC3173.
-    EventTypes.Topic,
 ]


@@ -147,7 +147,8 @@ def _load_appservice(
    # protocols check
    protocols = as_info.get("protocols")
    if protocols:
-        if not isinstance(protocols, list):
+        # Because strings are lists in python
+        if isinstance(protocols, str) or not isinstance(protocols, list):
            raise KeyError("Optional 'protocols' must be a list if present.")
        for p in protocols:
            if not isinstance(p, str):
@@ -32,7 +32,7 @@ class ExperimentalConfig(Config):
        # MSC3026 (busy presence state)
        self.msc3026_enabled: bool = experimental.get("msc3026_enabled", False)

-        # MSC2716 (importing historical messages)
+        # MSC2716 (backfill existing history)
        self.msc2716_enabled: bool = experimental.get("msc2716_enabled", False)

        # MSC2285 (hidden read receipts)
@@ -49,8 +49,3 @@ class ExperimentalConfig(Config):

        # MSC3030 (Jump to date API endpoint)
        self.msc3030_enabled: bool = experimental.get("msc3030_enabled", False)
-
-        # The portion of MSC3202 which is related to device masquerading.
-        self.msc3202_device_masquerading_enabled: bool = experimental.get(
-            "msc3202_device_masquerading", False
-        )
@@ -16,14 +16,12 @@
 import hashlib
 import logging
 import os
-from typing import Any, Dict, Iterator, List, Optional
+from typing import Any, Dict

 import attr
 import jsonschema
 from signedjson.key import (
    NACL_ED25519,
-    SigningKey,
-    VerifyKey,
    decode_signing_key_base64,
    decode_verify_key_bytes,
    generate_signing_key,
@@ -33,7 +31,6 @@ from signedjson.key import (
 )
 from unpaddedbase64 import decode_base64

-from synapse.types import JsonDict
 from synapse.util.stringutils import random_string, random_string_with_symbols

 from ._base import Config, ConfigError
@@ -84,13 +81,14 @@ To suppress this warning and continue using 'matrix.org', admins should set
 logger = logging.getLogger(__name__)


-@attr.s(slots=True, auto_attribs=True)
+@attr.s
 class TrustedKeyServer:
-    # name of the server.
-    server_name: str
+    # string: name of the server.
+    server_name = attr.ib()

-    # map from key id to key object, or None to disable signature verification.
-    verify_keys: Optional[Dict[str, VerifyKey]] = None
+    # dict[str,VerifyKey]|None: map from key id to key object, or None to disable
+    # signature verification.
+    verify_keys = attr.ib(default=None)


 class KeyConfig(Config):
@@ -281,15 +279,15 @@ class KeyConfig(Config):
            % locals()
        )

-    def read_signing_keys(self, signing_key_path: str, name: str) -> List[SigningKey]:
+    def read_signing_keys(self, signing_key_path, name):
        """Read the signing keys in the given path.

        Args:
-            signing_key_path
-            name: Associated config key name
+            signing_key_path (str)
+            name (str): Associated config key name

        Returns:
-            The signing keys read from the given path.
+            list[SigningKey]
        """

        signing_keys = self.read_file(signing_key_path, name)
@@ -298,9 +296,7 @@ class KeyConfig(Config):
        except Exception as e:
            raise ConfigError("Error reading %s: %s" % (name, str(e)))

-    def read_old_signing_keys(
-        self, old_signing_keys: Optional[JsonDict]
-    ) -> Dict[str, VerifyKey]:
+    def read_old_signing_keys(self, old_signing_keys):
        if old_signing_keys is None:
            return {}
        keys = {}
@@ -344,7 +340,7 @@ class KeyConfig(Config):
                    write_signing_keys(signing_key_file, (key,))


-def _perspectives_to_key_servers(config: JsonDict) -> Iterator[JsonDict]:
+def _perspectives_to_key_servers(config):
    """Convert old-style 'perspectives' configs into new-style 'trusted_key_servers'

    Returns an iterable of entries to add to trusted_key_servers.
@@ -406,9 +402,7 @@ TRUSTED_KEY_SERVERS_SCHEMA = {
 }


-def _parse_key_servers(
-    key_servers: List[Any], federation_verify_certificates: bool
-) -> Iterator[TrustedKeyServer]:
+def _parse_key_servers(key_servers, federation_verify_certificates):
    try:
        jsonschema.validate(key_servers, TRUSTED_KEY_SERVERS_SCHEMA)
    except jsonschema.ValidationError as e:
@@ -450,7 +444,7 @@ def _parse_key_servers(
        yield result


-def _assert_keyserver_has_verify_keys(trusted_key_server: TrustedKeyServer) -> None:
+def _assert_keyserver_has_verify_keys(trusted_key_server):
    if not trusted_key_server.verify_keys:
        raise ConfigError(INSECURE_NOTARY_ERROR)

@@ -22,12 +22,10 @@ from ._base import Config, ConfigError

@attr.s
 class MetricsFlags:
-    known_servers: bool = attr.ib(
-        default=False, validator=attr.validators.instance_of(bool)
-    )
+    known_servers = attr.ib(default=False, validator=attr.validators.instance_of(bool))

    @classmethod
-    def all_off(cls) -> "MetricsFlags":
+    def all_off(cls):
        """
        Instantiate the flags with all options set to off.
        """
@@ -37,7 +37,7 @@ class ModulesConfig(Config):

            # Server admins can expand Synapse's functionality with external modules.
            #
-            # See https://matrix-org.github.io/synapse/latest/modules/index.html for more
+            # See https://matrix-org.github.io/synapse/latest/modules.html for more
            # documentation on how to configure or create custom modules for Synapse.
            #
            modules:
@@ -14,11 +14,10 @@

 import logging
 import os
+from collections import namedtuple
 from typing import Dict, List, Tuple
 from urllib.request import getproxies_environment  # type: ignore

-import attr
-
 from synapse.config.server import DEFAULT_IP_RANGE_BLACKLIST, generate_ip_set
 from synapse.python_dependencies import DependencyException, check_requirements
 from synapse.types import JsonDict
@@ -45,20 +44,18 @@ THUMBNAIL_SIZE_YAML = """\
 HTTP_PROXY_SET_WARNING = """\
 The Synapse config url_preview_ip_range_blacklist will be ignored as an HTTP(s) proxy is configured."""

+ThumbnailRequirement = namedtuple(
+    "ThumbnailRequirement", ["width", "height", "method", "media_type"]
+)

-@attr.s(frozen=True, slots=True, auto_attribs=True)
-class ThumbnailRequirement:
-    width: int
-    height: int
-    method: str
-    media_type: str
-
-
-@attr.s(frozen=True, slots=True, auto_attribs=True)
-class MediaStorageProviderConfig:
-    store_local: bool  # Whether to store newly uploaded local files
-    store_remote: bool  # Whether to store newly downloaded remote files
-    store_synchronous: bool  # Whether to wait for successful storage for local uploads
+MediaStorageProviderConfig = namedtuple(
+    "MediaStorageProviderConfig",
+    (
+        "store_local",  # Whether to store newly uploaded local files
+        "store_remote",  # Whether to store newly downloaded remote files
+        "store_synchronous",  # Whether to wait for successful storage for local uploads
+    ),
+)


 def parse_thumbnail_requirements(
@@ -69,10 +66,11 @@ def parse_thumbnail_requirements(
    method, and thumbnail media type to precalculate

    Args:
-        thumbnail_sizes: List of dicts with "width", "height", and "method" keys
-
+        thumbnail_sizes(list): List of dicts with "width", "height", and
+            "method" keys
    Returns:
-        Dictionary mapping from media type string to list of ThumbnailRequirement.
+        Dictionary mapping from media type string to list of
+        ThumbnailRequirement tuples.
    """
    requirements: Dict[str, List[ThumbnailRequirement]] = {}
    for size in thumbnail_sizes:
@@ -15,9 +15,8 @@

 from typing import List

-from matrix_common.regex import glob_to_regex
-
 from synapse.types import JsonDict
+from synapse.util import glob_to_regex

 from ._base import Config, ConfigError

@@ -1257,7 +1257,7 @@ class ServerConfig(Config):
            help="Turn on the twisted telnet manhole service on the given port.",
        )

-    def read_gc_intervals(self, durations: Any) -> Optional[Tuple[float, float, float]]:
+    def read_gc_intervals(self, durations) -> Optional[Tuple[float, float, float]]:
        """Reads the three durations for the GC min interval option, returning seconds."""
        if durations is None:
            return None
@@ -16,12 +16,11 @@ import logging
 import os
 from typing import List, Optional, Pattern

-from matrix_common.regex import glob_to_regex
-
 from OpenSSL import SSL, crypto
 from twisted.internet._sslverify import Certificate, trustRootFromCertificates

 from synapse.config._base import Config, ConfigError
+from synapse.util import glob_to_regex

 logger = logging.getLogger(__name__)

@@ -133,7 +132,7 @@ class TlsConfig(Config):
        self.tls_certificate: Optional[crypto.X509] = None
        self.tls_private_key: Optional[crypto.PKey] = None

-    def read_certificate_from_disk(self) -> None:
+    def read_certificate_from_disk(self):
        """
        Read the certificates and private key from disk.
        """
@@ -395,7 +395,7 @@ class EventClientSerializer:
        event: Union[JsonDict, EventBase],
        time_now: int,
        *,
-        bundle_aggregations: bool = False,
+        bundle_aggregations: bool = True,
        **kwargs: Any,
    ) -> JsonDict:
        """Serializes a single event.
@@ -454,26 +454,23 @@ class EventClientSerializer:
                return

        event_id = event.event_id
-        room_id = event.room_id

        # The bundled aggregations to include.
        aggregations = {}

-        annotations = await self.store.get_aggregation_groups_for_event(
-            event_id, room_id
-        )
+        annotations = await self.store.get_aggregation_groups_for_event(event_id)
        if annotations.chunk:
            aggregations[RelationTypes.ANNOTATION] = annotations.to_dict()

        references = await self.store.get_relations_for_event(
-            event_id, room_id, RelationTypes.REFERENCE, direction="f"
+            event_id, RelationTypes.REFERENCE, direction="f"
        )
        if references.chunk:
            aggregations[RelationTypes.REFERENCE] = references.to_dict()

        edit = None
        if event.type == EventTypes.Message:
-            edit = await self.store.get_applicable_edit(event_id, room_id)
+            edit = await self.store.get_applicable_edit(event_id)

        if edit:
            # If there is an edit replace the content, preserving existing
@@ -506,7 +503,7 @@ class EventClientSerializer:
            (
                thread_count,
                latest_thread_event,
-            ) = await self.store.get_thread_summary(event_id, room_id)
+            ) = await self.store.get_thread_summary(event_id)
            if latest_thread_event:
                aggregations[RelationTypes.THREAD] = {
                    # Don't bundle aggregations as this could recurse forever.
@@ -13,6 +13,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 import logging
+from collections import namedtuple
 from typing import TYPE_CHECKING

 from synapse.api.constants import MAX_DEPTH, EventContentFields, EventTypes, Membership
@@ -103,6 +104,10 @@ class FederationBase:
        return pdu


+class PduToCheckSig(namedtuple("PduToCheckSig", ["pdu", "sender_domain", "deferreds"])):
+    pass
+
+
 async def _check_sigs_on_pdu(
    keyring: Keyring, room_version: RoomVersion, pdu: EventBase
 ) -> None:
@@ -215,12 +220,15 @@ def _is_invite_via_3pid(event: EventBase) -> bool:
    )


-def event_from_pdu_json(pdu_json: JsonDict, room_version: RoomVersion) -> EventBase:
+def event_from_pdu_json(
+    pdu_json: JsonDict, room_version: RoomVersion, outlier: bool = False
+) -> EventBase:
    """Construct an EventBase from an event json received over federation

    Args:
        pdu_json: pdu as received over federation
        room_version: The version of the room this event belongs to
+        outlier: True to mark this event as an outlier

    Raises:
        SynapseError: if the pdu is missing required fields or is otherwise
@@ -244,4 +252,6 @@ def event_from_pdu_json(pdu_json: JsonDict, room_version: RoomVersion) -> EventB
        validate_canonicaljson(pdu_json)

    event = make_event_from_dict(pdu_json, room_version)
+    event.internal_metadata.outlier = outlier
+
    return event
@@ -265,11 +265,14 @@ class FederationClient(FederationBase):

        room_version = await self.store.get_room_version(room_id)

-        pdus = [event_from_pdu_json(p, room_version) for p in transaction_data_pdus]
+        pdus = [
+            event_from_pdu_json(p, room_version, outlier=False)
+            for p in transaction_data_pdus
+        ]

        # Check signatures and hash of pdus, removing any from the list that fail checks
        pdus[:] = await self._check_sigs_and_hash_and_fetch(
-            dest, pdus, room_version=room_version
+            dest, pdus, outlier=True, room_version=room_version
        )

        return pdus
@@ -279,6 +282,7 @@ class FederationClient(FederationBase):
        destination: str,
        event_id: str,
        room_version: RoomVersion,
+        outlier: bool = False,
        timeout: Optional[int] = None,
    ) -> Optional[EventBase]:
        """Requests the PDU with given origin and ID from the remote home
@@ -288,6 +292,9 @@ class FederationClient(FederationBase):
            destination: Which homeserver to query
            event_id: event to fetch
            room_version: version of the room
+            outlier: Indicates whether the PDU is an `outlier`, i.e. if
+                it's from an arbitrary point in the context as opposed to part
+                of the current block of PDUs. Defaults to `False`
            timeout: How long to try (in ms) each destination for before
                moving to the next destination. None indicates no timeout.

@@ -309,7 +316,8 @@ class FederationClient(FederationBase):
        )

        pdu_list: List[EventBase] = [
-            event_from_pdu_json(p, room_version) for p in transaction_data["pdus"]
+            event_from_pdu_json(p, room_version, outlier=outlier)
+            for p in transaction_data["pdus"]
        ]

        if pdu_list and pdu_list[0]:
@@ -326,6 +334,7 @@ class FederationClient(FederationBase):
        destinations: Iterable[str],
        event_id: str,
        room_version: RoomVersion,
+        outlier: bool = False,
        timeout: Optional[int] = None,
    ) -> Optional[EventBase]:
        """Requests the PDU with given origin and ID from the remote home
@@ -338,6 +347,9 @@ class FederationClient(FederationBase):
            destinations: Which homeservers to query
            event_id: event to fetch
            room_version: version of the room
+            outlier: Indicates whether the PDU is an `outlier`, i.e. if
+                it's from an arbitrary point in the context as opposed to part
+                of the current block of PDUs. Defaults to `False`
            timeout: How long to try (in ms) each destination for before
                moving to the next destination. None indicates no timeout.

@@ -365,6 +377,7 @@ class FederationClient(FederationBase):
                    destination=destination,
                    event_id=event_id,
                    room_version=room_version,
+                    outlier=outlier,
                    timeout=timeout,
                )

@@ -422,6 +435,7 @@ class FederationClient(FederationBase):
        origin: str,
        pdus: Collection[EventBase],
        room_version: RoomVersion,
+        outlier: bool = False,
    ) -> List[EventBase]:
        """Takes a list of PDUs and checks the signatures and hashes of each
        one. If a PDU fails its signature check then we check if we have it in
@@ -437,6 +451,7 @@ class FederationClient(FederationBase):
            origin
            pdu
            room_version
+            outlier: Whether the events are outliers or not

        Returns:
            A list of PDUs that have valid signatures and hashes.
@@ -451,6 +466,7 @@ class FederationClient(FederationBase):
            valid_pdu = await self._check_sigs_and_hash_and_fetch_one(
                pdu=pdu,
                origin=origin,
+                outlier=outlier,
                room_version=room_version,
            )

@@ -466,6 +482,7 @@ class FederationClient(FederationBase):
        pdu: EventBase,
        origin: str,
        room_version: RoomVersion,
+        outlier: bool = False,
    ) -> Optional[EventBase]:
        """Takes a PDU and checks its signatures and hashes. If the PDU fails
        its signature check then we check if we have it in the database and if
@@ -477,6 +494,9 @@ class FederationClient(FederationBase):
            origin
            pdu
            room_version
+            outlier: Whether the events are outliers or not
+            include_none: Whether to include None in the returned list
+                for events that have failed their checks

        Returns:
            The PDU (possibly redacted) if it has valid signatures and hashes.
@@ -501,6 +521,7 @@ class FederationClient(FederationBase):
                    destinations=[pdu_origin],
                    event_id=pdu.event_id,
                    room_version=room_version,
+                    outlier=outlier,
                    timeout=10000,
                )
            except SynapseError:
@@ -520,10 +541,13 @@ class FederationClient(FederationBase):

        room_version = await self.store.get_room_version(room_id)

-        auth_chain = [event_from_pdu_json(p, room_version) for p in res["auth_chain"]]
+        auth_chain = [
+            event_from_pdu_json(p, room_version, outlier=True)
+            for p in res["auth_chain"]
+        ]

        signed_auth = await self._check_sigs_and_hash_and_fetch(
-            destination, auth_chain, room_version=room_version
+            destination, auth_chain, outlier=True, room_version=room_version
        )

        return signed_auth
@@ -792,6 +816,7 @@ class FederationClient(FederationBase):
                valid_pdu = await self._check_sigs_and_hash_and_fetch_one(
                    pdu=event,
                    origin=destination,
+                    outlier=True,
                    room_version=room_version,
                )

@@ -839,6 +864,7 @@ class FederationClient(FederationBase):
                valid_pdu = await self._check_sigs_and_hash_and_fetch_one(
                    pdu=pdu,
                    origin=destination,
+                    outlier=True,
                    room_version=room_version,
                )

@@ -1209,7 +1235,7 @@ class FederationClient(FederationBase):
            ]

            signed_events = await self._check_sigs_and_hash_and_fetch(
-                destination, events, room_version=room_version
+                destination, events, outlier=False, room_version=room_version
            )
        except HttpResponseException as e:
            if not e.code == 400:
@@ -28,9 +28,9 @@ from typing import (
    Union,
 )

-from matrix_common.regex import glob_to_regex
 from prometheus_client import Counter, Gauge, Histogram

+from twisted.internet import defer
 from twisted.internet.abstract import isIPAddress
 from twisted.python import failure

@@ -66,8 +66,8 @@ from synapse.replication.http.federation import (
 )
 from synapse.storage.databases.main.lock import Lock
 from synapse.types import JsonDict, get_domain_from_id
-from synapse.util import json_decoder, unwrapFirstError
-from synapse.util.async_helpers import Linearizer, concurrently_execute, gather_results
+from synapse.util import glob_to_regex, json_decoder, unwrapFirstError
+from synapse.util.async_helpers import Linearizer, concurrently_execute
 from synapse.util.caches.response_cache import ResponseCache
 from synapse.util.stringutils import parse_server_name

@@ -360,13 +360,13 @@ class FederationServer(FederationBase):
        # want to block things like to device messages from reaching clients
        # behind the potentially expensive handling of PDUs.
        pdu_results, _ = await make_deferred_yieldable(
-            gather_results(
-                (
+            defer.gatherResults(
+                [
                    run_in_background(
                        self._handle_pdus_in_txn, origin, transaction, request_time
                    ),
                    run_in_background(self._handle_edus_in_txn, origin, transaction),
-                ),
+                ],
                consumeErrors=True,
            ).addErrback(unwrapFirstError)
        )
@@ -30,6 +30,7 @@ Events are replicated via a separate events stream.
 """

 import logging
+from collections import namedtuple
 from typing import (
    TYPE_CHECKING,
    Dict,
@@ -42,7 +43,6 @@ from typing import (
    Type,
 )

-import attr
 from sortedcontainers import SortedDict

 from synapse.api.presence import UserPresenceState
@@ -382,11 +382,13 @@ class BaseFederationRow:
        raise NotImplementedError()


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class PresenceDestinationsRow(BaseFederationRow):
-    state: UserPresenceState
-    destinations: List[str]
-
+class PresenceDestinationsRow(
+    BaseFederationRow,
+    namedtuple(
+        "PresenceDestinationsRow",
+        ("state", "destinations"),  # UserPresenceState  # list[str]
+    ),
+):
    TypeId = "pd"

    @staticmethod
@@ -402,15 +404,17 @@ class PresenceDestinationsRow(BaseFederationRow):
        buff.presence_destinations.append((self.state, self.destinations))


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class KeyedEduRow(BaseFederationRow):
+class KeyedEduRow(
+    BaseFederationRow,
+    namedtuple(
+        "KeyedEduRow",
+        ("key", "edu"),  # tuple(str) - the edu key passed to send_edu  # Edu
+    ),
+):
    """Streams EDUs that have an associated key that is ued to clobber. For example,
    typing EDUs clobber based on room_id.
    """

-    key: Tuple[str, ...]  # the edu key passed to send_edu
-    edu: Edu
-
    TypeId = "k"

    @staticmethod
@@ -424,12 +428,9 @@ class KeyedEduRow(BaseFederationRow):
        buff.keyed_edus.setdefault(self.edu.destination, {})[self.key] = self.edu


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class EduRow(BaseFederationRow):
+class EduRow(BaseFederationRow, namedtuple("EduRow", ("edu",))):  # Edu
    """Streams EDUs that don't have keys. See KeyedEduRow"""

-    edu: Edu
-
    TypeId = "e"

    @staticmethod
@@ -452,14 +453,14 @@ _rowtypes: Tuple[Type[BaseFederationRow], ...] = (
 TypeToRow = {Row.TypeId: Row for Row in _rowtypes}


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class ParsedFederationStreamData:
-    # list of tuples of UserPresenceState and destinations
-    presence_destinations: List[Tuple[UserPresenceState, List[str]]]
-    # dict of destination -> { key -> Edu }
-    keyed_edus: Dict[str, Dict[Tuple[str, ...], Edu]]
-    # dict of destination -> [Edu]
-    edus: Dict[str, List[Edu]]
+ParsedFederationStreamData = namedtuple(
+    "ParsedFederationStreamData",
+    (
+        "presence_destinations",  # list of tuples of UserPresenceState and destinations
+        "keyed_edus",  # dict of destination -> { key -> Edu }
+        "edus",  # dict of destination -> [Edu]
+    ),
+)


 def process_rows_for_federation(
@@ -22,11 +22,13 @@ from synapse.api.urls import FEDERATION_V1_PREFIX
 from synapse.http.server import HttpServer, ServletCallback
 from synapse.http.servlet import parse_json_object_from_request
 from synapse.http.site import SynapseRequest
+from synapse.logging import opentracing
 from synapse.logging.context import run_in_background
 from synapse.logging.opentracing import (
-    set_tag,
-    span_context_from_request,
-    start_active_span_follows_from,
+    SynapseTags,
+    start_active_span,
+    start_active_span_from_request,
+    tags,
    whitelisted_homeserver,
 )
 from synapse.server import HomeServer
@@ -277,19 +279,30 @@ class BaseFederationServlet:
                logger.warning("authenticate_request failed: %s", e)
                raise

-            # update the active opentracing span with the authenticated entity
-            set_tag("authenticated_entity", origin)
+            request_tags = {
+                SynapseTags.REQUEST_ID: request.get_request_id(),
+                tags.SPAN_KIND: tags.SPAN_KIND_RPC_SERVER,
+                tags.HTTP_METHOD: request.get_method(),
+                tags.HTTP_URL: request.get_redacted_uri(),
+                tags.PEER_HOST_IPV6: request.getClientIP(),
+                "authenticated_entity": origin,
+                "servlet_name": request.request_metrics.name,
+            }

-            # if the origin is authenticated and whitelisted, link to its span context
-            context = None
+            # Only accept the span context if the origin is authenticated
+            # and whitelisted
            if origin and whitelisted_homeserver(origin):
-                context = span_context_from_request(request)
-
-            scope = start_active_span_follows_from(
-                "incoming-federation-request", contexts=(context,) if context else ()
-            )
+                scope = start_active_span_from_request(
+                    request, "incoming-federation-request", tags=request_tags
+                )
+            else:
+                scope = start_active_span(
+                    "incoming-federation-request", tags=request_tags
+                )

            with scope:
+                opentracing.inject_response_headers(request.responseHeaders)
+
                if origin and self.RATELIMIT:
                    with ratelimiter.ratelimit(origin) as d:
                        await d
@@ -462,9 +462,9 @@ class ApplicationServicesHandler:

        Args:
            room_alias: The room alias to query.
-
        Returns:
-            RoomAliasMapping or None if no association can be found.
+            namedtuple: with keys "room_id" and "servers" or None if no
+            association can be found.
        """
        room_alias_str = room_alias.to_string()
        services = self.store.get_app_services()
@@ -997,7 +997,9 @@ class AuthHandler:
        # really don't want is active access_tokens without a record of the
        # device, so we double-check it here.
        if device_id is not None:
-            if await self.store.get_device(user_id, device_id) is None:
+            try:
+                await self.store.get_device(user_id, device_id)
+            except StoreError:
                await self.store.delete_access_token(access_token)
                raise StoreError(400, "Login raced against device deletion")

@@ -106,10 +106,10 @@ class DeviceWorkerHandler:
        Raises:
            errors.NotFoundError: if the device was not found
        """
-        device = await self.store.get_device(user_id, device_id)
-        if device is None:
-            raise errors.NotFoundError()
-
+        try:
+            device = await self.store.get_device(user_id, device_id)
+        except errors.StoreError:
+            raise errors.NotFoundError
        ips = await self.store.get_last_client_ip_by_device(user_id, device_id)
        _update_device_from_client_ips(device, ips)

@@ -602,8 +602,6 @@ class DeviceHandler(DeviceWorkerHandler):
            access_token, device_id
        )
        old_device = await self.store.get_device(user_id, old_device_id)
-        if old_device is None:
-            raise errors.NotFoundError()
        await self.store.update_device(user_id, device_id, old_device["display_name"])
        # can't call self.delete_device because that will clobber the
        # access token so call the storage layer directly
@@ -278,15 +278,13 @@ class DirectoryHandler:

        users = await self.store.get_users_in_room(room_id)
        extra_servers = {get_domain_from_id(u) for u in users}
-        servers_set = set(extra_servers) | set(servers)
+        servers = set(extra_servers) | set(servers)

        # If this server is in the list of servers, return it first.
-        if self.server_name in servers_set:
-            servers = [self.server_name] + [
-                s for s in servers_set if s != self.server_name
-            ]
+        if self.server_name in servers:
+            servers = [self.server_name] + [s for s in servers if s != self.server_name]
        else:
-            servers = list(servers_set)
+            servers = list(servers)

        return {"room_id": room_id, "servers": servers}

@@ -580,9 +580,7 @@ class E2eKeysHandler:
            log_kv(
                {"message": "Did not update one_time_keys", "reason": "no keys given"}
            )
-        fallback_keys = keys.get("fallback_keys") or keys.get(
-            "org.matrix.msc2732.fallback_keys"
-        )
+        fallback_keys = keys.get("org.matrix.msc2732.fallback_keys", None)
        if fallback_keys and isinstance(fallback_keys, dict):
            log_kv(
                {
@@ -14,9 +14,7 @@
 # limitations under the License.

 import logging
-from typing import TYPE_CHECKING, Dict, Optional
-
-from typing_extensions import Literal
+from typing import TYPE_CHECKING, List, Optional

 from synapse.api.errors import (
    Codes,
@@ -26,7 +24,6 @@ from synapse.api.errors import (
    SynapseError,
 )
 from synapse.logging.opentracing import log_kv, trace
-from synapse.storage.databases.main.e2e_room_keys import RoomKey
 from synapse.types import JsonDict
 from synapse.util.async_helpers import Linearizer

@@ -61,9 +58,7 @@ class E2eRoomKeysHandler:
        version: str,
        room_id: Optional[str] = None,
        session_id: Optional[str] = None,
-    ) -> Dict[
-        Literal["rooms"], Dict[str, Dict[Literal["sessions"], Dict[str, RoomKey]]]
-    ]:
+    ) -> List[JsonDict]:
        """Bulk get the E2E room keys for a given backup, optionally filtered to a given
        room, or a given session.
        See EndToEndRoomKeyStore.get_e2e_room_keys for full details.
@@ -77,8 +72,8 @@ class E2eRoomKeysHandler:
        Raises:
            NotFoundError: if the backup version does not exist
        Returns:
-            A dict giving the session_data and message metadata for these room keys.
-            `{"rooms": {room_id: {"sessions": {session_id: room_key}}}}`
+            A list of dicts giving the session_data and message metadata for
+            these room keys.
        """

        # we deliberately take the lock to get keys so that changing the version
@@ -278,7 +273,7 @@ class E2eRoomKeysHandler:

    @staticmethod
    def _should_replace_room_key(
-        current_room_key: Optional[RoomKey], room_key: RoomKey
+        current_room_key: Optional[JsonDict], room_key: JsonDict
    ) -> bool:
        """
        Determine whether to replace a given current_room_key (if any)
@@ -79,14 +79,13 @@ class EventStreamHandler:
                # thundering herds on restart.
                timeout = random.randint(int(timeout * 0.9), int(timeout * 1.1))

-            stream_result = await self.notifier.get_events_for(
+            events, tokens = await self.notifier.get_events_for(
                auth_user,
                pagin_config,
                timeout,
                is_guest=is_guest,
                explicit_room_id=room_id,
            )
-            events = stream_result.events

            time_now = self.clock.time_msec()

@@ -123,12 +122,14 @@ class EventStreamHandler:
                events,
                time_now,
                as_client_event=as_client_event,
+                # Don't bundle aggregations as this is a deprecated API.
+                bundle_aggregations=False,
            )

            chunk = {
                "chunk": chunks,
-                "start": await stream_result.start_token.to_string(self.store),
-                "end": await stream_result.end_token.to_string(self.store),
+                "start": await tokens[0].to_string(self.store),
+                "end": await tokens[1].to_string(self.store),
            }

            return chunk
@@ -360,34 +360,31 @@ class FederationHandler:

        logger.debug("calling resolve_state_groups in _maybe_backfill")
        resolve = preserve_fn(self.state_handler.resolve_state_groups_for_events)
-        states_list = await make_deferred_yieldable(
+        states = await make_deferred_yieldable(
            defer.gatherResults(
                [resolve(room_id, [e]) for e in event_ids], consumeErrors=True
            )
        )

-        # A map from event_id to state map of event_ids.
-        state_ids: Dict[str, StateMap[str]] = dict(
-            zip(event_ids, [s.state for s in states_list])
-        )
+        # dict[str, dict[tuple, str]], a map from event_id to state map of
+        # event_ids.
+        states = dict(zip(event_ids, [s.state for s in states]))

        state_map = await self.store.get_events(
-            [e_id for ids in state_ids.values() for e_id in ids.values()],
+            [e_id for ids in states.values() for e_id in ids.values()],
            get_prev_content=False,
        )
-
-        # A map from event_id to state map of events.
-        state_events: Dict[str, StateMap[EventBase]] = {
+        states = {
            key: {
                k: state_map[e_id]
                for k, e_id in state_dict.items()
                if e_id in state_map
            }
-            for key, state_dict in state_ids.items()
+            for key, state_dict in states.items()
        }

        for e_id in event_ids:
-            likely_extremeties_domains = get_domains_from_state(state_events[e_id])
+            likely_extremeties_domains = get_domains_from_state(states[e_id])

            success = await try_backfill(
                [
@@ -421,6 +421,9 @@ class FederationEventHandler:
        Raises:
            SynapseError if the response is in some way invalid.
        """
+        for e in itertools.chain(auth_events, state):
+            e.internal_metadata.outlier = True
+
        event_map = {e.event_id: e for e in itertools.chain(auth_events, state)}

        create_event = None
@@ -663,9 +666,7 @@ class FederationEventHandler:
        logger.info("Processing pulled event %s", event)

        # these should not be outliers.
-        assert (
-            not event.internal_metadata.is_outlier()
-        ), "pulled event unexpectedly flagged as outlier"
+        assert not event.internal_metadata.is_outlier()

        event_id = event.event_id

@@ -1191,6 +1192,7 @@ class FederationEventHandler:
                        [destination],
                        event_id,
                        room_version,
+                        outlier=True,
                    )
                    if event is None:
                        logger.warning(
@@ -1219,10 +1221,9 @@ class FederationEventHandler:
        """Persist a batch of outlier events fetched from remote servers.

        We first sort the events to make sure that we process each event's auth_events
-        before the event itself.
+        before the event itself, and then auth and persist them.

-        We then mark the events as outliers, persist them to the database, and, where
-        appropriate (eg, an invite), awake the notifier.
+        Notifies about the events where appropriate.

        Params:
            room_id: the room that the events are meant to be in (though this has
@@ -1273,8 +1274,7 @@ class FederationEventHandler:
        Persists a batch of events where we have (theoretically) already persisted all
        of their auth events.

-        Marks the events as outliers, auths them, persists them to the database, and,
-        where appropriate (eg, an invite), awakes the notifier.
+        Notifies about the events where appropriate.

        Params:
            origin: where the events came from
@@ -1312,9 +1312,6 @@ class FederationEventHandler:
                        return None
                    auth.append(ae)

-                # we're not bothering about room state, so flag the event as an outlier.
-                event.internal_metadata.outlier = True
-
                context = EventContext.for_outlier()
                try:
                    validate_event_for_room_version(room_version_obj, event)
@@ -1841,7 +1838,7 @@ class FederationEventHandler:
            The stream ID after which all events have been persisted.
        """
        if not event_and_contexts:
-            return self._store.get_room_max_stream_ordering()
+            return self._store.get_current_events_token()

        instance = self._config.worker.events_shard_config.get_instance(room_id)
        if instance != self._instance_name:
@@ -13,27 +13,21 @@
 # limitations under the License.

 import logging
-from typing import TYPE_CHECKING, List, Optional, Tuple, cast
+from typing import TYPE_CHECKING, List, Optional, Tuple
+
+from twisted.internet import defer

 from synapse.api.constants import EduTypes, EventTypes, Membership
 from synapse.api.errors import SynapseError
-from synapse.events import EventBase
 from synapse.events.validator import EventValidator
 from synapse.handlers.presence import format_user_presence_state
 from synapse.handlers.receipts import ReceiptEventSource
 from synapse.logging.context import make_deferred_yieldable, run_in_background
 from synapse.storage.roommember import RoomsForUser
 from synapse.streams.config import PaginationConfig
-from synapse.types import (
-    JsonDict,
-    Requester,
-    RoomStreamToken,
-    StateMap,
-    StreamToken,
-    UserID,
-)
+from synapse.types import JsonDict, Requester, RoomStreamToken, StreamToken, UserID
 from synapse.util import unwrapFirstError
-from synapse.util.async_helpers import concurrently_execute, gather_results
+from synapse.util.async_helpers import concurrently_execute
 from synapse.util.caches.response_cache import ResponseCache
 from synapse.visibility import filter_events_for_client

@@ -173,6 +167,8 @@ class InitialSyncHandler:
                d["invite"] = await self._event_serializer.serialize_event(
                    invite_event,
                    time_now,
+                    # Don't bundle aggregations as this is a deprecated API.
+                    bundle_aggregations=False,
                    as_client_event=as_client_event,
                )

@@ -194,13 +190,14 @@ class InitialSyncHandler:
                    )
                    deferred_room_state = run_in_background(
                        self.state_store.get_state_for_events, [event.event_id]
-                    ).addCallback(
-                        lambda states: cast(StateMap[EventBase], states[event.event_id])
+                    )
+                    deferred_room_state.addCallback(
+                        lambda states: states[event.event_id]
                    )

                (messages, token), current_state = await make_deferred_yieldable(
-                    gather_results(
-                        (
+                    defer.gatherResults(
+                        [
                            run_in_background(
                                self.store.get_recent_events_for_room,
                                event.room_id,
@@ -208,7 +205,7 @@ class InitialSyncHandler:
                                end_token=room_end_token,
                            ),
                            deferred_room_state,
-                        )
+                        ]
                    )
                ).addErrback(unwrapFirstError)

@@ -225,6 +222,8 @@ class InitialSyncHandler:
                        await self._event_serializer.serialize_events(
                            messages,
                            time_now=time_now,
+                            # Don't bundle aggregations as this is a deprecated API.
+                            bundle_aggregations=False,
                            as_client_event=as_client_event,
                        )
                    ),
@@ -235,6 +234,8 @@ class InitialSyncHandler:
                d["state"] = await self._event_serializer.serialize_events(
                    current_state.values(),
                    time_now=time_now,
+                    # Don't bundle aggregations as this is a deprecated API.
+                    bundle_aggregations=False,
                    as_client_event=as_client_event,
                )

@@ -376,7 +377,9 @@ class InitialSyncHandler:
            "messages": {
                "chunk": (
                    # Don't bundle aggregations as this is a deprecated API.
-                    await self._event_serializer.serialize_events(messages, time_now)
+                    await self._event_serializer.serialize_events(
+                        messages, time_now, bundle_aggregations=False
+                    )
                ),
                "start": await start_token.to_string(self.store),
                "end": await end_token.to_string(self.store),
@@ -384,7 +387,7 @@ class InitialSyncHandler:
            "state": (
                # Don't bundle aggregations as this is a deprecated API.
                await self._event_serializer.serialize_events(
-                    room_state.values(), time_now
+                    room_state.values(), time_now, bundle_aggregations=False
                )
            ),
            "presence": [],
@@ -405,7 +408,7 @@ class InitialSyncHandler:
        time_now = self.clock.time_msec()
        # Don't bundle aggregations as this is a deprecated API.
        state = await self._event_serializer.serialize_events(
-            current_state.values(), time_now
+            current_state.values(), time_now, bundle_aggregations=False
        )

        now_token = self.hs.get_event_sources().get_current_token()
@@ -451,8 +454,8 @@ class InitialSyncHandler:
            return receipts

        presence, receipts, (messages, token) = await make_deferred_yieldable(
-            gather_results(
-                (
+            defer.gatherResults(
+                [
                    run_in_background(get_presence),
                    run_in_background(get_receipts),
                    run_in_background(
@@ -461,7 +464,7 @@ class InitialSyncHandler:
                        limit=limit,
                        end_token=now_token.room_key,
                    ),
-                ),
+                ],
                consumeErrors=True,
            ).addErrback(unwrapFirstError)
        )
@@ -480,7 +483,9 @@ class InitialSyncHandler:
            "messages": {
                "chunk": (
                    # Don't bundle aggregations as this is a deprecated API.
-                    await self._event_serializer.serialize_events(messages, time_now)
+                    await self._event_serializer.serialize_events(
+                        messages, time_now, bundle_aggregations=False
+                    )
                ),
                "start": await start_token.to_string(self.store),
                "end": await end_token.to_string(self.store),
@@ -21,6 +21,7 @@ from typing import TYPE_CHECKING, Any, Dict, List, Mapping, Optional, Tuple

 from canonicaljson import encode_canonical_json

+from twisted.internet import defer
 from twisted.internet.interfaces import IDelayedCall

 from synapse import event_auth
@@ -56,7 +57,7 @@ from synapse.storage.databases.main.events_worker import EventRedactBehaviour
 from synapse.storage.state import StateFilter
 from synapse.types import Requester, RoomAlias, StreamToken, UserID, create_requester
 from synapse.util import json_decoder, json_encoder, log_failure
-from synapse.util.async_helpers import Linearizer, gather_results, unwrapFirstError
+from synapse.util.async_helpers import Linearizer, unwrapFirstError
 from synapse.util.caches.expiringcache import ExpiringCache
 from synapse.util.metrics import measure_func
 from synapse.visibility import filter_events_for_client
@@ -277,7 +278,7 @@ class MessageHandler:
        # If this is an AS, double check that they are allowed to see the members.
        # This can either be because the AS user is in the room or because there
        # is a user in the room that the AS is "interested in"
-        if False and requester.app_service and user_id not in users_with_profile:
+        if requester.app_service and user_id not in users_with_profile:
            for uid in users_with_profile:
                if requester.app_service.is_interested_in_user(uid):
                    break
@@ -495,7 +496,6 @@ class EventCreationHandler:
        require_consent: bool = True,
        outlier: bool = False,
        historical: bool = False,
-        allow_no_prev_events: bool = False,
        depth: Optional[int] = None,
    ) -> Tuple[EventBase, EventContext]:
        """
@@ -607,7 +607,6 @@ class EventCreationHandler:
            prev_event_ids=prev_event_ids,
            auth_event_ids=auth_event_ids,
            depth=depth,
-            allow_no_prev_events=allow_no_prev_events,
        )

        # In an ideal world we wouldn't need the second part of this condition. However,
@@ -883,7 +882,6 @@ class EventCreationHandler:
        prev_event_ids: Optional[List[str]] = None,
        auth_event_ids: Optional[List[str]] = None,
        depth: Optional[int] = None,
-        allow_no_prev_events: bool = False,
    ) -> Tuple[EventBase, EventContext]:
        """Create a new event for a local client

@@ -914,7 +912,6 @@ class EventCreationHandler:
        full_state_ids_at_event = None
        if auth_event_ids is not None:
            # If auth events are provided, prev events must be also.
-            # prev_event_ids could be an empty array though.
            assert prev_event_ids is not None

            # Copy the full auth state before it stripped down
@@ -946,22 +943,14 @@ class EventCreationHandler:
        else:
            prev_event_ids = await self.store.get_prev_events_for_room(builder.room_id)

-        # Do a quick sanity check here, rather than waiting until we've created the
+        # we now ought to have some prev_events (unless it's a create event).
+        #
+        # do a quick sanity check here, rather than waiting until we've created the
        # event and then try to auth it (which fails with a somewhat confusing "No
        # create event in auth events")
-        if allow_no_prev_events:
-            # We allow events with no `prev_events` but it better have some `auth_events`
-            assert (
-                builder.type == EventTypes.Create
-                # Allow an event to have empty list of prev_event_ids
-                # only if it has auth_event_ids.
-                or auth_event_ids
-            ), "Attempting to create a non-m.room.create event with no prev_events or auth_event_ids"
-        else:
-            # we now ought to have some prev_events (unless it's a create event).
-            assert (
-                builder.type == EventTypes.Create or prev_event_ids
-            ), "Attempting to create a non-m.room.create event with no prev_events"
+        assert (
+            builder.type == EventTypes.Create or len(prev_event_ids) > 0
+        ), "Attempting to create an event with no prev_events"

        event = await builder.build(
            prev_event_ids=prev_event_ids,
@@ -1167,9 +1156,9 @@ class EventCreationHandler:

        # We now persist the event (and update the cache in parallel, since we
        # don't want to block on it).
-        result, _ = await make_deferred_yieldable(
-            gather_results(
-                (
+        result = await make_deferred_yieldable(
+            defer.gatherResults(
+                [
                    run_in_background(
                        self._persist_event,
                        requester=requester,
@@ -1181,12 +1170,12 @@ class EventCreationHandler:
                    run_in_background(
                        self.cache_joined_hosts_for_event, event, context
                    ).addErrback(log_failure, "cache_joined_hosts_for_event failed"),
-                ),
+                ],
                consumeErrors=True,
            )
        ).addErrback(unwrapFirstError)

-        return result
+        return result[0]

    async def _persist_event(
        self,
@@ -542,10 +542,7 @@ class PaginationHandler:
        chunk = {
            "chunk": (
                await self._event_serializer.serialize_events(
-                    events,
-                    time_now,
-                    bundle_aggregations=True,
-                    as_client_event=as_client_event,
+                    events, time_now, as_client_event=as_client_event
                )
            ),
            "start": await from_token.to_string(self.store),
@@ -729,7 +729,7 @@ class PresenceHandler(BasePresenceHandler):

        # Presence is best effort and quickly heals itself, so lets just always
        # stream from the current state when we restart.
-        self._event_pos = self.store.get_room_max_stream_ordering()
+        self._event_pos = self.store.get_current_events_token()
        self._event_processing = False

    async def _on_shutdown(self) -> None:
@@ -14,7 +14,7 @@
 import logging
 from typing import TYPE_CHECKING, Iterable, List, Optional, Tuple

-from synapse.api.constants import ReadReceiptEventFields, ReceiptTypes
+from synapse.api.constants import ReadReceiptEventFields
 from synapse.appservice import ApplicationService
 from synapse.streams import EventSource
 from synapse.types import JsonDict, ReadReceipt, UserID, get_domain_from_id
@@ -178,7 +178,7 @@ class ReceiptEventSource(EventSource[int, JsonDict]):

            for event_id in content.keys():
                event_content = content.get(event_id, {})
-                m_read = event_content.get(ReceiptTypes.READ, {})
+                m_read = event_content.get("m.read", {})

                # If m_read is missing copy over the original event_content as there is nothing to process here
                if not m_read:
@@ -206,7 +206,7 @@ class ReceiptEventSource(EventSource[int, JsonDict]):

                # Set new users unless empty
                if len(new_users.keys()) > 0:
-                    new_event["content"][event_id] = {ReceiptTypes.READ: new_users}
+                    new_event["content"][event_id] = {"m.read": new_users}

            # Append new_event to visible_events unless empty
            if len(new_event["content"].keys()) > 0:
@@ -172,7 +172,7 @@ class RoomCreationHandler:
        user_id = requester.user.to_string()

        # Check if this room is already being upgraded by another person
-        for key in self._upgrade_response_cache.keys():
+        for key in self._upgrade_response_cache.pending_result_cache:
            if key[0] == old_room_id and key[1] != user_id:
                # Two different people are trying to upgrade the same room.
                # Send the second an error.
@@ -13,9 +13,9 @@
 # limitations under the License.

 import logging
+from collections import namedtuple
 from typing import TYPE_CHECKING, Any, Optional, Tuple

-import attr
 import msgpack
 from unpaddedbase64 import decode_base64, encode_base64

@@ -474,12 +474,16 @@ class RoomListHandler:
        )


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class RoomListNextBatch:
-    last_joined_members: int  # The count to get rooms after/before
-    last_room_id: str  # The room_id to get rooms after/before
-    direction_is_forward: bool  # True if this is a next_batch, false if prev_batch
-
+class RoomListNextBatch(
+    namedtuple(
+        "RoomListNextBatch",
+        (
+            "last_joined_members",  # The count to get rooms after/before
+            "last_room_id",  # The room_id to get rooms after/before
+            "direction_is_forward",  # Bool if this is a next_batch, false if prev_batch
+        ),
+    )
+):
    KEY_DICT = {
        "last_joined_members": "m",
        "last_room_id": "r",
@@ -498,12 +502,12 @@ class RoomListNextBatch:
    def to_token(self) -> str:
        return encode_base64(
            msgpack.dumps(
-                {self.KEY_DICT[key]: val for key, val in attr.asdict(self).items()}
+                {self.KEY_DICT[key]: val for key, val in self._asdict().items()}
            )
        )

    def copy_and_replace(self, **kwds: Any) -> "RoomListNextBatch":
-        return attr.evolve(self, **kwds)
+        return self._replace(**kwds)


 def _matches_room_entry(room_entry: JsonDict, search_filter: dict) -> bool:
@@ -82,7 +82,6 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
        self.event_auth_handler = hs.get_event_auth_handler()

        self.member_linearizer: Linearizer = Linearizer(name="member")
-        self.member_limiter = Linearizer(max_count=10, name="member_as_limiter")

        self.clock = hs.get_clock()
        self.spam_checker = hs.get_spam_checker()
@@ -483,43 +482,24 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):

        key = (room_id,)

-        as_id = object()
-        if requester.app_service:
-            as_id = requester.app_service.id
-
-        then = self.clock.time_msec()
-
-        with (await self.member_limiter.queue(as_id)):
-            diff = self.clock.time_msec() - then
-
-            if diff > 80 * 1000:
-                # haproxy would have timed the request out anyway...
-                raise SynapseError(504, "took to long to process")
-
-            with (await self.member_linearizer.queue(key)):
-                diff = self.clock.time_msec() - then
-
-                if diff > 80 * 1000:
-                    # haproxy would have timed the request out anyway...
-                    raise SynapseError(504, "took to long to process")
-
-                result = await self.update_membership_locked(
-                    requester,
-                    target,
-                    room_id,
-                    action,
-                    txn_id=txn_id,
-                    remote_room_hosts=remote_room_hosts,
-                    third_party_signed=third_party_signed,
-                    ratelimit=ratelimit,
-                    content=content,
-                    new_room=new_room,
-                    require_consent=require_consent,
-                    outlier=outlier,
-                    historical=historical,
-                    prev_event_ids=prev_event_ids,
-                    auth_event_ids=auth_event_ids,
-                )
+        with (await self.member_linearizer.queue(key)):
+            result = await self.update_membership_locked(
+                requester,
+                target,
+                room_id,
+                action,
+                txn_id=txn_id,
+                remote_room_hosts=remote_room_hosts,
+                third_party_signed=third_party_signed,
+                ratelimit=ratelimit,
+                content=content,
+                new_room=new_room,
+                require_consent=require_consent,
+                outlier=outlier,
+                historical=historical,
+                prev_event_ids=prev_event_ids,
+                auth_event_ids=auth_event_ids,
+            )

        return result

@@ -678,8 +658,7 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
            if block_invite:
                raise SynapseError(403, "Invites have been disabled on this server")

-        # An empty prev_events list is allowed as long as the auth_event_ids are present
-        if prev_event_ids is not None:
+        if prev_event_ids:
            return await self._local_membership_update(
                requester=requester,
                target=target,
@@ -1040,7 +1019,7 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
        # Add new room to the room directory if the old room was there
        # Remove old room from the room directory
        old_room = await self.store.get_room(old_room_id)
-        if old_room is not None and old_room["is_public"]:
+        if old_room and old_room["is_public"]:
            await self.store.set_room_is_public(old_room_id, False)
            await self.store.set_room_is_public(room_id, True)

@@ -1051,9 +1030,7 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
        local_group_ids = await self.store.get_local_groups_for_room(old_room_id)
        for group_id in local_group_ids:
            # Add new the new room to those groups
-            await self.store.add_room_to_group(
-                group_id, room_id, old_room is not None and old_room["is_public"]
-            )
+            await self.store.add_room_to_group(group_id, room_id, old_room["is_public"])

            # Remove the old room from those groups
            await self.store.remove_room_from_group(group_id, old_room_id)
@@ -1045,7 +1045,7 @@ class RoomSummaryHandler:

        # filter out any events without a "via" (which implies it has been redacted),
        # and order to ensure we return stable results.
-        return sorted(filter(_has_valid_via, events), key=_child_events_comparison_key)
+        return sorted(filter(has_valid_via, events), key=child_events_comparison_key)

    async def get_room_summary(
        self,
@@ -1139,7 +1139,7 @@ class _RoomEntry:
        return result


-def _has_valid_via(e: EventBase) -> bool:
+def has_valid_via(e: EventBase) -> bool:
    via = e.content.get("via")
    if not via or not isinstance(via, Sequence):
        return False
@@ -1162,7 +1162,7 @@ def _is_suggested_child_event(edge_event: EventBase) -> bool:
 _INVALID_ORDER_CHARS_RE = re.compile(r"[^\x20-\x7E]")


-def _child_events_comparison_key(
+def child_events_comparison_key(
    child: EventBase,
 ) -> Tuple[bool, Optional[str], int, str]:
    """
@@ -0,0 +1,294 @@
+# Copyright 2021 The Matrix.org Foundation C.I.C.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import logging
+from typing import (
+    TYPE_CHECKING,
+    Dict,
+    Iterable,
+    List,
+    Mapping,
+    Optional,
+    Sequence,
+    Tuple,
+)
+
+from synapse.api.constants import EventContentFields, EventTypes, RoomTypes
+from synapse.api.errors import SynapseError
+from synapse.handlers.room_summary import child_events_comparison_key, has_valid_via
+from synapse.storage.state import StateFilter
+from synapse.types import JsonDict
+
+if TYPE_CHECKING:
+    from synapse.server import HomeServer
+
+
+logger = logging.getLogger(__name__)
+
+
+class SpaceHierarchyHandler:
+    """Provides methods for walking over space hierarchies.
+
+    Also see `RoomSummaryHandler`, which has similar functionality.
+    """
+
+    def __init__(self, hs: "HomeServer"):
+        self._store = hs.get_datastore()
+        self._federation_client = hs.get_federation_client()
+
+        self._server_name = hs.hostname
+
+    async def get_space_descendants(
+        self,
+        space_id: str,
+        via: Optional[Iterable[str]] = None,
+        enable_federation: Optional[bool] = True,
+    ) -> Tuple[Sequence[Tuple[str, Iterable[str]]], Sequence[str]]:
+        """Gets the children of a space, recursively.
+
+        Args:
+            space_id: The room ID of the space.
+            via: A list of servers which may know about the space.
+            enable_federation: A boolean controlling whether children of unknown rooms
+                should be fetched over federation. Defaults to `True`.
+
+        Returns:
+            A tuple containing:
+             * A list of (room ID, via) tuples, representing the descendants of the
+               space. `space_id` is included in the list.
+             * A list of room IDs whose children could not be fully listed.
+               Rooms in this list are either spaces not known locally, and thus require
+               listing over federation, or are unknown rooms or subspaces completely
+               inaccessible to the local homeserver which may contain further rooms.
+               Subspaces requiring listing over federation are always included here,
+               regardless of the value of the `enable_federation` flag.
+
+               This list is a subset of the previous list, except it may include
+               `space_id`.
+        """
+        via = via or []
+
+        # (room ID, via, federation room chunks)
+        todo: List[Tuple[str, Iterable[str], Mapping[str, Optional[JsonDict]]]] = [
+            (space_id, via, {})
+        ]
+        # [(room ID, via)]
+        descendants: List[Tuple[str, Iterable[str]]] = []
+
+        seen = {space_id}
+
+        inaccessible_room_ids: List[str] = []
+
+        while todo:
+            space_id, via, federation_room_chunks = todo.pop()
+            descendants.append((space_id, via))
+            try:
+                (
+                    is_in_room,
+                    children,
+                    federation_room_chunks,
+                ) = await self._get_space_children(
+                    space_id,
+                    via,
+                    federation_room_chunks,
+                    enable_federation=enable_federation,
+                )
+            except SynapseError:
+                # Could not list children over federation
+                inaccessible_room_ids.append(space_id)
+                continue
+
+            # Children were retrieved over federation, which is not guaranteed to be
+            # the full list.
+            if not is_in_room:
+                inaccessible_room_ids.append(space_id)
+
+            for child_room_id, child_via in reversed(children):
+                if child_room_id in seen:
+                    continue
+
+                seen.add(child_room_id)
+
+                # Queue up the child for processing.
+                # The child may not actually be a space, but that's checked by
+                # `_get_space_children`.
+                todo.append((child_room_id, child_via, federation_room_chunks))
+
+        return descendants, inaccessible_room_ids
+
+    async def _get_space_children(
+        self,
+        space_id: str,
+        via: Optional[Iterable[str]] = None,
+        federation_room_chunks: Optional[Mapping[str, Optional[JsonDict]]] = None,
+        enable_federation: Optional[bool] = True,
+    ) -> Tuple[
+        bool, Sequence[Tuple[str, Iterable[str]]], Mapping[str, Optional[JsonDict]]
+    ]:
+        """Gets the direct children of a space.
+
+        Args:
+            space_id: The room ID of the space.
+            via: A list of servers which may know about the space.
+            federation_room_chunks: A cache of room chunks previously returned by
+               `_get_space_children` that may be used to skip federation requests for
+               inaccessible or non-space rooms.
+
+        Returns:
+            A tuple containing:
+             * A boolean indicating whether `space_id` is known to the local homeserver.
+             * A list of (room ID, via) tuples, representing the children of the space,
+               if `space_id` refers to a space; an empty list otherwise.
+             * A dictionary of child room ID: `PublicRoomsChunk`s returned over
+               federation:
+               https://spec.matrix.org/latest/client-server-api/#get_matrixclientv3publicrooms
+               These are supposed to include extra `room_type` and `allowed_room_ids`
+               fields, as described in MSC2946.
+
+               Contains `None` for rooms to which the remote homeserver thinks we do not
+               have access.
+
+               Local information about rooms should be trusted over data in this
+               dictionary.
+
+        Raises:
+            SynapseError: if `space_id` is not known locally and its children could not
+                be retrieved over federation or `enable_federation` is `False`.
+        """
+        via = via or []
+        federation_room_chunks = federation_room_chunks or {}
+
+        is_in_room = await self._store.is_host_joined(space_id, self._server_name)
+        if is_in_room:
+            children = await self._get_space_children_local(space_id)
+            return True, children, {}
+        else:
+            # Check the room chunks previously returned over federation to see if we
+            # should really make a request.
+            # `federation_room_chunks` is intentionally not used earlier since we want
+            # to trust local data over data from federation.
+            if space_id in federation_room_chunks:
+                room_chunk = federation_room_chunks[space_id]
+                if room_chunk is None:
+                    # `space_id` is inaccessible to the local homeserver according to
+                    # federation.
+                    raise SynapseError(
+                        502, f"{space_id} is not accessible to the local homeserver"
+                    )
+                elif room_chunk.get("room_type") != RoomTypes.SPACE:
+                    # `space_id` is not a space according to federation.
+                    return False, [], {}
+
+            if not enable_federation:
+                raise SynapseError(
+                    502, f"{space_id} is not accessible to the local homeserver"
+                )
+
+            children, room_chunks = await self._get_space_children_remote(space_id, via)
+            return False, children, room_chunks
+
+    async def _get_space_children_local(
+        self, space_id: str
+    ) -> Sequence[Tuple[str, Iterable[str]]]:
+        """Gets the direct children of a space that the local homeserver is in.
+
+        Args:
+            space_id: The room ID of the space.
+
+        Returns:
+            A list of (room ID, via) tuples, representing the children of the space,
+            if `space_id` refers to a space; an empty list otherwise.
+
+        Raises:
+            ValueError: if `space_id` is not known locally.
+        """
+        # Fetch the `m.room.create` and `m.space.child` events for `space_id`
+        state_filter = StateFilter.from_types(
+            [(EventTypes.Create, ""), (EventTypes.SpaceChild, None)]
+        )
+        current_state_ids = await self._store.get_filtered_current_state_ids(
+            space_id, state_filter
+        )
+        state_events = await self._store.get_events_as_list(current_state_ids.values())
+        assert len(state_events) == len(current_state_ids)
+
+        create_event_id = current_state_ids.get((EventTypes.Create, ""))
+        if create_event_id is None:
+            # The local homeserver is not in this room
+            raise ValueError(f"{space_id} is not a room known locally.")
+
+        create_event = next(
+            event for event in state_events if event.event_id == create_event_id
+        )
+        if create_event.content.get(EventContentFields.ROOM_TYPE) != RoomTypes.SPACE:
+            # `space_id` is a regular room and not a space.
+            # Ignore any `m.space.child` events.
+            return []
+
+        child_events = [
+            event
+            for event in state_events
+            # Ignore events with a missing or non-array `via`, as per MSC1772
+            if event.event_id != create_event_id and has_valid_via(event)
+        ]
+        child_events.sort(key=child_events_comparison_key)
+        return [(event.state_key, event.content["via"]) for event in child_events]
+
+    async def _get_space_children_remote(
+        self, space_id: str, via: Iterable[str]
+    ) -> Tuple[Sequence[Tuple[str, Iterable[str]]], Mapping[str, Optional[JsonDict]]]:
+        """Gets the direct children of a space over federation.
+
+        Args:
+            space_id: The room ID of the space.
+            via: A list of servers which may know about the space.
+
+        Returns:
+            A tuple containing:
+             * A list of (room ID, via) tuples, representing the children of the space,
+               if `space_id` refers to a space; an empty list otherwise.
+             * A dictionary of child room ID: `PublicRoomsChunk`s returned over
+               federation:
+               https://spec.matrix.org/latest/client-server-api/#get_matrixclientv3publicrooms
+               These are supposed to include extra `room_type` and `allowed_room_ids`
+               fields, as described in MSC2946.
+
+               Contains `None` for rooms to which the remote homeserver thinks we do not
+               have access.
+
+        Raises:
+            SynapseError: if none of the remote servers provided us with the space's
+                children.
+        """
+        (
+            room,
+            children_chunks,
+            inaccessible_children,
+        ) = await self._federation_client.get_room_hierarchy(
+            via, space_id, suggested_only=False
+        )
+
+        child_events: List[JsonDict] = room["children_state"]
+        children = [
+            (child_event["room_id"], child_event["content"]["via"])
+            for child_event in child_events
+        ]
+
+        room_chunks: Dict[str, Optional[JsonDict]] = {}
+        room_chunks.update((room_id, None) for room_id in inaccessible_children)
+        room_chunks.update(
+            (room_chunk["room_id"], room_chunk) for room_chunk in children_chunks
+        )
+
+        return children, room_chunks
@@ -80,17 +80,6 @@ class StatsHandler:
        # If self.pos is None then means we haven't fetched it from DB
        if self.pos is None:
            self.pos = await self.store.get_stats_positions()
-            room_max_stream_ordering = self.store.get_room_max_stream_ordering()
-            if self.pos > room_max_stream_ordering:
-                # apparently, we've processed more events than exist in the database!
-                # this can happen if events are removed with history purge or similar.
-                logger.warning(
-                    "Event stream ordering appears to have gone backwards (%i -> %i): "
-                    "rewinding stats processor",
-                    self.pos,
-                    room_max_stream_ordering,
-                )
-                self.pos = room_max_stream_ordering

        # Loop round handling deltas until we're up to date

@@ -28,7 +28,7 @@ from typing import (
 import attr
 from prometheus_client import Counter

-from synapse.api.constants import AccountDataTypes, EventTypes, Membership, ReceiptTypes
+from synapse.api.constants import AccountDataTypes, EventTypes, Membership
 from synapse.api.filtering import FilterCollection
 from synapse.api.presence import UserPresenceState
 from synapse.api.room_versions import KNOWN_ROOM_VERSIONS
@@ -36,7 +36,6 @@ from synapse.events import EventBase
 from synapse.logging.context import current_context
 from synapse.logging.opentracing import SynapseTags, log_kv, set_tag, start_active_span
 from synapse.push.clientformat import format_push_rules_for_user
-from synapse.storage.databases.main.event_push_actions import NotifCounts
 from synapse.storage.roommember import MemberSummary
 from synapse.storage.state import StateFilter
 from synapse.types import (
@@ -422,7 +421,7 @@ class SyncHandler:
        span to track the sync. See `generate_sync_result` for the next part of your
        indoctrination.
        """
-        with start_active_span("sync.current_sync_for_user"):
+        with start_active_span("current_sync_for_user"):
            log_kv({"since_token": since_token})
            sync_result = await self.generate_sync_result(
                sync_config, since_token, full_state
@@ -1042,17 +1041,18 @@ class SyncHandler:

    async def unread_notifs_for_room_id(
        self, room_id: str, sync_config: SyncConfig
-    ) -> NotifCounts:
+    ) -> Dict[str, int]:
        with Measure(self.clock, "unread_notifs_for_room_id"):
            last_unread_event_id = await self.store.get_last_receipt_event_id_for_user(
                user_id=sync_config.user.to_string(),
                room_id=room_id,
-                receipt_type=ReceiptTypes.READ,
+                receipt_type="m.read",
            )

-            return await self.store.get_unread_event_push_actions_by_room_for_user(
+            notifs = await self.store.get_unread_event_push_actions_by_room_for_user(
                room_id, sync_config.user.to_string(), last_unread_event_id
            )
+            return notifs

    async def generate_sync_result(
        self,
@@ -1585,8 +1585,7 @@ class SyncHandler:
            )
            logger.debug("Generated room entry for %s", room_entry.room_id)

-        with start_active_span("sync.generate_room_entries"):
-            await concurrently_execute(handle_room_entries, room_entries, 10)
+        await concurrently_execute(handle_room_entries, room_entries, 10)

        sync_result_builder.invited.extend(invited)
        sync_result_builder.knocked.extend(knocked)
@@ -1663,20 +1662,20 @@ class SyncHandler:
    ) -> _RoomChanges:
        """Determine the changes in rooms to report to the user.

-        This function is a first pass at generating the rooms part of the sync response.
-        It determines which rooms have changed during the sync period, and categorises
-        them into four buckets: "knock", "invite", "join" and "leave".
+        Ideally, we want to report all events whose stream ordering `s` lies in the
+        range `since_token < s <= now_token`, where the two tokens are read from the
+        sync_result_builder.

-        1. Finds all membership changes for the user in the sync period (from
-           `since_token` up to `now_token`).
-        2. Uses those to place the room in one of the four categories above.
-        3. Builds a `_RoomChanges` struct to record this, and return that struct.
+        If there are too many events in that range to report, things get complicated.
+        In this situation we return a truncated list of the most recent events, and
+        indicate in the response that there is a "gap" of omitted events. Additionally:

-        For rooms classified as "knock", "invite" or "leave", we just need to report
-        a single membership event in the eventual /sync response. For "join" we need
-        to fetch additional non-membership events, e.g. messages in the room. That is
-        more complicated, so instead we report an intermediary `RoomSyncResultBuilder`
-        struct, and leave the additional work to `_generate_room_entry`.
+        - we include a "state_delta", to describe the changes in state over the gap,
+        - we include all membership events applying to the user making the request,
+          even those in the gap.
+
+        See the spec for the rationale:
+            https://spec.matrix.org/v1.1/client-server-api/#syncing

        The sync_result_builder is not modified by this function.
        """
@@ -1687,6 +1686,16 @@ class SyncHandler:

        assert since_token

+        # The spec
+        #     https://spec.matrix.org/v1.1/client-server-api/#get_matrixclientv3sync
+        # notes that membership events need special consideration:
+        #
+        # > When a sync is limited, the server MUST return membership events for events
+        # > in the gap (between since and the start of the returned timeline), regardless
+        # > as to whether or not they are redundant.
+        #
+        # We fetch such events here, but we only seem to use them for categorising rooms
+        # as newly joined, newly left, invited or knocked.
        # TODO: we've already called this function and ran this query in
        #       _have_rooms_changed. We could keep the results in memory to avoid a
        #       second query, at the cost of more complicated source code.
@@ -2000,23 +2009,6 @@ class SyncHandler:
        """Populates the `joined` and `archived` section of `sync_result_builder`
        based on the `room_builder`.

-        Ideally, we want to report all events whose stream ordering `s` lies in the
-        range `since_token < s <= now_token`, where the two tokens are read from the
-        sync_result_builder.
-
-        If there are too many events in that range to report, things get complicated.
-        In this situation we return a truncated list of the most recent events, and
-        indicate in the response that there is a "gap" of omitted events. Lots of this
-        is handled in `_load_filtered_recents`, but some of is handled in this method.
-
-        Additionally:
-        - we include a "state_delta", to describe the changes in state over the gap,
-        - we include all membership events applying to the user making the request,
-          even those in the gap.
-
-        See the spec for the rationale:
-            https://spec.matrix.org/v1.1/client-server-api/#syncing
-
        Args:
            sync_result_builder
            ignored_users: Set of users ignored by user.
@@ -2046,7 +2038,7 @@ class SyncHandler:
        since_token = room_builder.since_token
        upto_token = room_builder.upto_token

-        with start_active_span("sync.generate_room_entry"):
+        with start_active_span("generate_room_entry"):
            set_tag("room_id", room_id)
            log_kv({"events": len(events or ())})

@@ -2174,10 +2166,10 @@ class SyncHandler:
                if room_sync or always_include:
                    notifs = await self.unread_notifs_for_room_id(room_id, sync_config)

-                    unread_notifications["notification_count"] = notifs.notify_count
-                    unread_notifications["highlight_count"] = notifs.highlight_count
+                    unread_notifications["notification_count"] = notifs["notify_count"]
+                    unread_notifications["highlight_count"] = notifs["highlight_count"]

-                    room_sync.unread_count = notifs.unread_count
+                    room_sync.unread_count = notifs["unread_count"]

                    sync_result_builder.joined.append(room_sync)

@@ -13,10 +13,9 @@
 # limitations under the License.
 import logging
 import random
+from collections import namedtuple
 from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, Set, Tuple

-import attr
-
 from synapse.api.errors import AuthError, ShadowBanError, SynapseError
 from synapse.appservice import ApplicationService
 from synapse.metrics.background_process_metrics import (
@@ -38,10 +37,7 @@ logger = logging.getLogger(__name__)

 # A tiny object useful for storing a user's membership in a room, as a mapping
 # key
-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class RoomMember:
-    room_id: str
-    user_id: str
+RoomMember = namedtuple("RoomMember", ("room_id", "user_id"))


 # How often we expect remote servers to resend us presence.
@@ -123,7 +119,7 @@ class FollowerTypingHandler:
        self.wheel_timer.insert(now=now, obj=member, then=now + 60 * 1000)

    def is_typing(self, member: RoomMember) -> bool:
-        return member.user_id in self._room_typing.get(member.room_id, set())
+        return member.user_id in self._room_typing.get(member.room_id, [])

    async def _push_remote(self, member: RoomMember, typing: bool) -> None:
        if not self.federation:
@@ -170,9 +166,9 @@ class FollowerTypingHandler:
        for row in rows:
            self._room_serials[row.room_id] = token

-            prev_typing = self._room_typing.get(row.room_id, set())
+            prev_typing = set(self._room_typing.get(row.room_id, []))
            now_typing = set(row.user_ids)
-            self._room_typing[row.room_id] = now_typing
+            self._room_typing[row.room_id] = row.user_ids

            if self.federation:
                run_as_background_process(
@@ -148,21 +148,9 @@ class UserDirectoryHandler(StateDeltasHandler):
        if self.pos is None:
            self.pos = await self.store.get_user_directory_stream_pos()

-            # If still None then the initial background update hasn't happened yet.
-            if self.pos is None:
-                return None
-
-            room_max_stream_ordering = self.store.get_room_max_stream_ordering()
-            if self.pos > room_max_stream_ordering:
-                # apparently, we've processed more events than exist in the database!
-                # this can happen if events are removed with history purge or similar.
-                logger.warning(
-                    "Event stream ordering appears to have gone backwards (%i -> %i): "
-                    "rewinding user directory processor",
-                    self.pos,
-                    room_max_stream_ordering,
-                )
-                self.pos = room_max_stream_ordering
+        # If still None then the initial background update hasn't happened yet.
+        if self.pos is None:
+            return None

        # Loop round handling deltas until we're up to date
        while True:
@@ -25,7 +25,7 @@ from synapse.api.errors import SynapseError
 class RequestTimedOutError(SynapseError):
    """Exception representing timeout of an outbound request"""

-    def __init__(self, msg: str):
+    def __init__(self, msg):
        super().__init__(504, msg)


@@ -33,7 +33,7 @@ ACCESS_TOKEN_RE = re.compile(r"(\?.*access(_|%5[Ff])token=)[^&]*(.*)$")
 CLIENT_SECRET_RE = re.compile(r"(\?.*client(_|%5[Ff])secret=)[^&]*(.*)$")


-def redact_uri(uri: str) -> str:
+def redact_uri(uri):
    """Strips sensitive information from the uri replaces with <redacted>"""
    uri = ACCESS_TOKEN_RE.sub(r"\1<redacted>\3", uri)
    return CLIENT_SECRET_RE.sub(r"\1<redacted>\3", uri)
@@ -46,7 +46,7 @@ class QuieterFileBodyProducer(FileBodyProducer):
    https://twistedmatrix.com/trac/ticket/6528
    """

-    def stopProducing(self) -> None:
+    def stopProducing(self):
        try:
            FileBodyProducer.stopProducing(self)
        except task.TaskStopped:
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-from typing import TYPE_CHECKING, Any, Awaitable, Callable, Optional, Tuple
+from typing import TYPE_CHECKING

 from twisted.web.server import Request

@@ -32,11 +32,7 @@ class AdditionalResource(DirectServeJsonResource):
    and exception handling.
    """

-    def __init__(
-        self,
-        hs: "HomeServer",
-        handler: Callable[[Request], Awaitable[Optional[Tuple[int, Any]]]],
-    ):
+    def __init__(self, hs: "HomeServer", handler):
        """Initialise AdditionalResource

        The ``handler`` should return a deferred which completes when it has
@@ -51,7 +47,7 @@ class AdditionalResource(DirectServeJsonResource):
        super().__init__()
        self._handler = handler

-    async def _async_render(self, request: Request) -> Optional[Tuple[int, Any]]:
+    def _async_render(self, request: Request):
        # Cheekily pass the result straight through, so we don't need to worry
        # if its an awaitable or not.
-        return await self._handler(request)
+        return self._handler(request)
@@ -14,7 +14,6 @@
 # limitations under the License.
 import logging
 import urllib.parse
-from http import HTTPStatus
 from io import BytesIO
 from typing import (
    TYPE_CHECKING,
@@ -281,9 +280,7 @@ class BlacklistingAgentWrapper(Agent):
                ip_address, self._ip_whitelist, self._ip_blacklist
            ):
                logger.info("Blocking access to %s due to blacklist" % (ip_address,))
-                e = SynapseError(
-                    HTTPStatus.FORBIDDEN, "IP address blocked by IP blacklist entry"
-                )
+                e = SynapseError(403, "IP address blocked by IP blacklist entry")
                return defer.fail(Failure(e))

        return self._agent.request(
@@ -588,7 +585,7 @@ class SimpleHttpClient:
        if headers:
            actual_headers.update(headers)  # type: ignore

-        body = await self.get_raw(uri, args, headers=actual_headers)
+        body = await self.get_raw(uri, args, headers=headers)
        return json_decoder.decode(body.decode("utf-8"))

    async def put_json(
@@ -722,9 +719,7 @@ class SimpleHttpClient:

        if response.code > 299:
            logger.warning("Got %d when downloading %s" % (response.code, url))
-            raise SynapseError(
-                HTTPStatus.BAD_GATEWAY, "Got error %d" % (response.code,), Codes.UNKNOWN
-            )
+            raise SynapseError(502, "Got error %d" % (response.code,), Codes.UNKNOWN)

        # TODO: if our Content-Type is HTML or something, just read the first
        # N bytes into RAM rather than saving it all to disk only to read it
@@ -736,14 +731,12 @@ class SimpleHttpClient:
            )
        except BodyExceededMaxSize:
            raise SynapseError(
-                HTTPStatus.BAD_GATEWAY,
+                502,
                "Requested file is too large > %r bytes" % (max_size,),
                Codes.TOO_LARGE,
            )
        except Exception as e:
-            raise SynapseError(
-                HTTPStatus.BAD_GATEWAY, ("Failed to download remote body: %s" % e)
-            ) from e
+            raise SynapseError(502, ("Failed to download remote body: %s" % e)) from e

        return (
            length,
@@ -25,7 +25,6 @@ from zope.interface import implementer
 from twisted.internet import defer
 from twisted.internet.endpoints import HostnameEndpoint, wrapClientTLS
 from twisted.internet.interfaces import (
-    IProtocol,
    IProtocolFactory,
    IReactorCore,
    IStreamClientEndpoint,
@@ -310,14 +309,12 @@ class MatrixHostnameEndpoint:

        self._srv_resolver = srv_resolver

-    def connect(
-        self, protocol_factory: IProtocolFactory
-    ) -> "defer.Deferred[IProtocol]":
+    def connect(self, protocol_factory: IProtocolFactory) -> defer.Deferred:
        """Implements IStreamClientEndpoint interface"""

        return run_in_background(self._do_connect, protocol_factory)

-    async def _do_connect(self, protocol_factory: IProtocolFactory) -> IProtocol:
+    async def _do_connect(self, protocol_factory: IProtocolFactory) -> None:
        first_exception = None

        server_list = await self._resolve_server()
@@ -19,7 +19,6 @@ import random
 import sys
 import typing
 import urllib.parse
-from http import HTTPStatus
 from io import BytesIO, StringIO
 from typing import (
    TYPE_CHECKING,
@@ -1155,7 +1154,7 @@ class MatrixFederationHttpClient:
                request.destination,
                msg,
            )
-            raise SynapseError(HTTPStatus.BAD_GATEWAY, msg, Codes.TOO_LARGE)
+            raise SynapseError(502, msg, Codes.TOO_LARGE)
        except defer.TimeoutError as e:
            logger.warning(
                "{%s} [%s] Timed out reading response - %s %s",
@@ -14,6 +14,7 @@
 # limitations under the License.

 import abc
+import collections
 import html
 import logging
 import types
@@ -29,14 +30,12 @@ from typing import (
    Iterable,
    Iterator,
    List,
-    NoReturn,
    Optional,
    Pattern,
    Tuple,
    Union,
 )

-import attr
 import jinja2
 from canonicaljson import encode_canonical_json
 from typing_extensions import Protocol
@@ -58,14 +57,12 @@ from synapse.api.errors import (
 )
 from synapse.http.site import SynapseRequest
 from synapse.logging.context import defer_to_thread, preserve_fn, run_in_background
-from synapse.logging.opentracing import active_span, start_active_span, trace_servlet
+from synapse.logging.opentracing import trace_servlet
 from synapse.util import json_encoder
 from synapse.util.caches import intern_dict
 from synapse.util.iterutils import chunk_seq

 if TYPE_CHECKING:
-    import opentracing
-
    from synapse.server import HomeServer

 logger = logging.getLogger(__name__)
@@ -173,9 +170,7 @@ def return_html_error(
    respond_with_html(request, code, body)


-def wrap_async_request_handler(
-    h: Callable[["_AsyncResource", SynapseRequest], Awaitable[None]]
-) -> Callable[["_AsyncResource", SynapseRequest], "defer.Deferred[None]"]:
+def wrap_async_request_handler(h):
    """Wraps an async request handler so that it calls request.processing.

    This helps ensure that work done by the request handler after the request is completed
@@ -188,9 +183,7 @@ def wrap_async_request_handler(
    logged until the deferred completes.
    """

-    async def wrapped_async_request_handler(
-        self: "_AsyncResource", request: SynapseRequest
-    ) -> None:
+    async def wrapped_async_request_handler(self, request):
        with request.processing():
            await h(self, request)

@@ -247,18 +240,18 @@ class _AsyncResource(resource.Resource, metaclass=abc.ABCMeta):
            context from the request the servlet is handling.
    """

-    def __init__(self, extract_context: bool = False):
+    def __init__(self, extract_context=False):
        super().__init__()

        self._extract_context = extract_context

-    def render(self, request: SynapseRequest) -> int:
+    def render(self, request):
        """This gets called by twisted every time someone sends us a request."""
        defer.ensureDeferred(self._async_render_wrapper(request))
        return NOT_DONE_YET

    @wrap_async_request_handler
-    async def _async_render_wrapper(self, request: SynapseRequest) -> None:
+    async def _async_render_wrapper(self, request: SynapseRequest):
        """This is a wrapper that delegates to `_async_render` and handles
        exceptions, return values, metrics, etc.
        """
@@ -278,7 +271,7 @@ class _AsyncResource(resource.Resource, metaclass=abc.ABCMeta):
            f = failure.Failure()
            self._send_error_response(f, request)

-    async def _async_render(self, request: SynapseRequest) -> Optional[Tuple[int, Any]]:
+    async def _async_render(self, request: Request):
        """Delegates to `_async_render_<METHOD>` methods, or returns a 400 if
        no appropriate method exists. Can be overridden in sub classes for
        different routing.
@@ -325,7 +318,7 @@ class DirectServeJsonResource(_AsyncResource):
    formatting responses and errors as JSON.
    """

-    def __init__(self, canonical_json: bool = False, extract_context: bool = False):
+    def __init__(self, canonical_json=False, extract_context=False):
        super().__init__(extract_context)
        self.canonical_json = canonical_json

@@ -334,7 +327,7 @@ class DirectServeJsonResource(_AsyncResource):
        request: SynapseRequest,
        code: int,
        response_object: Any,
-    ) -> None:
+    ):
        """Implements _AsyncResource._send_response"""
        # TODO: Only enable CORS for the requests that need it.
        respond_with_json(
@@ -354,11 +347,9 @@ class DirectServeJsonResource(_AsyncResource):
        return_json_error(f, request)


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class _PathEntry:
-    pattern: Pattern
-    callback: ServletCallback
-    servlet_classname: str
+_PathEntry = collections.namedtuple(
+    "_PathEntry", ["pattern", "callback", "servlet_classname"]
+)


 class JsonResource(DirectServeJsonResource):
@@ -377,45 +368,34 @@ class JsonResource(DirectServeJsonResource):

    isLeaf = True

-    def __init__(
-        self,
-        hs: "HomeServer",
-        canonical_json: bool = True,
-        extract_context: bool = False,
-    ):
+    def __init__(self, hs: "HomeServer", canonical_json=True, extract_context=False):
        super().__init__(canonical_json, extract_context)
        self.clock = hs.get_clock()
        self.path_regexs: Dict[bytes, List[_PathEntry]] = {}
        self.hs = hs

-    def register_paths(
-        self,
-        method: str,
-        path_patterns: Iterable[Pattern],
-        callback: ServletCallback,
-        servlet_classname: str,
-    ) -> None:
+    def register_paths(self, method, path_patterns, callback, servlet_classname):
        """
        Registers a request handler against a regular expression. Later request URLs are
        checked against these regular expressions in order to identify an appropriate
        handler for that request.

        Args:
-            method: GET, POST etc
+            method (str): GET, POST etc

-            path_patterns: A list of regular expressions to which the request
-                URLs are compared.
+            path_patterns (Iterable[str]): A list of regular expressions to which
+                the request URLs are compared.

-            callback: The handler for the request. Usually a Servlet
+            callback (function): The handler for the request. Usually a Servlet

-            servlet_classname: The name of the handler to be used in prometheus
+            servlet_classname (str): The name of the handler to be used in prometheus
                and opentracing logs.
        """
-        method_bytes = method.encode("utf-8")
+        method = method.encode("utf-8")  # method is bytes on py3

        for path_pattern in path_patterns:
            logger.debug("Registering for %s %s", method, path_pattern.pattern)
-            self.path_regexs.setdefault(method_bytes, []).append(
+            self.path_regexs.setdefault(method, []).append(
                _PathEntry(path_pattern, callback, servlet_classname)
            )

@@ -447,7 +427,7 @@ class JsonResource(DirectServeJsonResource):
        # Huh. No one wanted to handle that? Fiiiiiine. Send 400.
        return _unrecognised_request_handler, "unrecognised_request_handler", {}

-    async def _async_render(self, request: SynapseRequest) -> Tuple[int, Any]:
+    async def _async_render(self, request):
        callback, servlet_classname, group_dict = self._get_handler_for_request(request)

        # Make sure we have an appropriate name for this handler in prometheus
@@ -488,7 +468,7 @@ class DirectServeHtmlResource(_AsyncResource):
        request: SynapseRequest,
        code: int,
        response_object: Any,
-    ) -> None:
+    ):
        """Implements _AsyncResource._send_response"""
        # We expect to get bytes for us to write
        assert isinstance(response_object, bytes)
@@ -512,12 +492,12 @@ class StaticResource(File):
    Differs from the File resource by adding clickjacking protection.
    """

-    def render_GET(self, request: Request) -> bytes:
+    def render_GET(self, request: Request):
        set_clickjacking_protection_headers(request)
        return super().render_GET(request)


-def _unrecognised_request_handler(request: Request) -> NoReturn:
+def _unrecognised_request_handler(request):
    """Request handler for unrecognised requests

    This is a request handler suitable for return from
@@ -525,7 +505,7 @@ def _unrecognised_request_handler(request: Request) -> NoReturn:
    UnrecognizedRequestError.

    Args:
-        request: Unused, but passed in to match the signature of ServletCallback.
+        request (twisted.web.http.Request):
    """
    raise UnrecognizedRequestError()

@@ -533,23 +513,23 @@ def _unrecognised_request_handler(request: Request) -> NoReturn:
 class RootRedirect(resource.Resource):
    """Redirects the root '/' path to another path."""

-    def __init__(self, path: str):
-        super().__init__()
+    def __init__(self, path):
+        resource.Resource.__init__(self)
        self.url = path

-    def render_GET(self, request: Request) -> bytes:
+    def render_GET(self, request):
        return redirectTo(self.url.encode("ascii"), request)

-    def getChild(self, name: str, request: Request) -> resource.Resource:
+    def getChild(self, name, request):
        if len(name) == 0:
            return self  # select ourselves as the child to render
-        return super().getChild(name, request)
+        return resource.Resource.getChild(self, name, request)


 class OptionsResource(resource.Resource):
    """Responds to OPTION requests for itself and all children."""

-    def render_OPTIONS(self, request: Request) -> bytes:
+    def render_OPTIONS(self, request):
        request.setResponseCode(204)
        request.setHeader(b"Content-Length", b"0")

@@ -557,10 +537,10 @@ class OptionsResource(resource.Resource):

        return b""

-    def getChildWithDefault(self, path: str, request: Request) -> resource.Resource:
+    def getChildWithDefault(self, path, request):
        if request.method == b"OPTIONS":
            return self  # select ourselves as the child to render
-        return super().getChildWithDefault(path, request)
+        return resource.Resource.getChildWithDefault(self, path, request)


 class RootOptionsRedirectResource(OptionsResource, RootRedirect):
@@ -669,7 +649,7 @@ def respond_with_json(
    json_object: Any,
    send_cors: bool = False,
    canonical_json: bool = True,
-) -> Optional[int]:
+):
    """Sends encoded JSON in response to the given request.

    Args:
@@ -716,7 +696,7 @@ def respond_with_json_bytes(
    code: int,
    json_bytes: bytes,
    send_cors: bool = False,
-) -> Optional[int]:
+):
    """Sends encoded JSON in response to the given request.

    Args:
@@ -733,7 +713,7 @@ def respond_with_json_bytes(
        logger.warning(
            "Not sending response to request %s, already disconnected.", request
        )
-        return None
+        return

    request.setResponseCode(code)
    request.setHeader(b"Content-Type", b"application/json")
@@ -751,7 +731,7 @@ async def _async_write_json_to_request_in_thread(
    request: SynapseRequest,
    json_encoder: Callable[[Any], bytes],
    json_object: Any,
-) -> None:
+):
    """Encodes the given JSON object on a thread and then writes it to the
    request.

@@ -763,20 +743,7 @@ async def _async_write_json_to_request_in_thread(
    expensive.
    """

-    def encode(opentracing_span: "Optional[opentracing.Span]") -> bytes:
-        # it might take a while for the threadpool to schedule us, so we write
-        # opentracing logs once we actually get scheduled, so that we can see how
-        # much that contributed.
-        if opentracing_span:
-            opentracing_span.log_kv({"event": "scheduled"})
-        res = json_encoder(json_object)
-        if opentracing_span:
-            opentracing_span.log_kv({"event": "encoded"})
-        return res
-
-    with start_active_span("encode_json_response"):
-        span = active_span()
-        json_str = await defer_to_thread(request.reactor, encode, span)
+    json_str = await defer_to_thread(request.reactor, json_encoder, json_object)

    _write_bytes_to_request(request, json_str)

@@ -806,7 +773,7 @@ def _write_bytes_to_request(request: Request, bytes_to_write: bytes) -> None:
    _ByteProducer(request, bytes_generator)


-def set_cors_headers(request: Request) -> None:
+def set_cors_headers(request: Request):
    """Set the CORS headers so that javascript running in a web browsers can
    use this API

@@ -823,14 +790,14 @@ def set_cors_headers(request: Request) -> None:
    )


-def respond_with_html(request: Request, code: int, html: str) -> None:
+def respond_with_html(request: Request, code: int, html: str):
    """
    Wraps `respond_with_html_bytes` by first encoding HTML from a str to UTF-8 bytes.
    """
    respond_with_html_bytes(request, code, html.encode("utf-8"))


-def respond_with_html_bytes(request: Request, code: int, html_bytes: bytes) -> None:
+def respond_with_html_bytes(request: Request, code: int, html_bytes: bytes):
    """
    Sends HTML (encoded as UTF-8 bytes) as the response to the given request.

@@ -848,7 +815,7 @@ def respond_with_html_bytes(request: Request, code: int, html_bytes: bytes) -> N
        logger.warning(
            "Not sending response to request %s, already disconnected.", request
        )
-        return None
+        return

    request.setResponseCode(code)
    request.setHeader(b"Content-Type", b"text/html; charset=utf-8")
@@ -861,7 +828,7 @@ def respond_with_html_bytes(request: Request, code: int, html_bytes: bytes) -> N
    finish_request(request)


-def set_clickjacking_protection_headers(request: Request) -> None:
+def set_clickjacking_protection_headers(request: Request):
    """
    Set headers to guard against clickjacking of embedded content.

@@ -883,7 +850,7 @@ def respond_with_redirect(request: Request, url: bytes) -> None:
    finish_request(request)


-def finish_request(request: Request) -> None:
+def finish_request(request: Request):
    """Finish writing the response to the request.

    Twisted throws a RuntimeException if the connection closed before the
@@ -14,7 +14,6 @@

 """ This module contains base REST classes for constructing REST servlets. """
 import logging
-from http import HTTPStatus
 from typing import (
    TYPE_CHECKING,
    Iterable,
@@ -31,7 +30,6 @@ from typing_extensions import Literal
 from twisted.web.server import Request

 from synapse.api.errors import Codes, SynapseError
-from synapse.http.server import HttpServer
 from synapse.types import JsonDict, RoomAlias, RoomID
 from synapse.util import json_decoder

@@ -139,15 +137,11 @@ def parse_integer_from_args(
            return int(args[name_bytes][0])
        except Exception:
            message = "Query parameter %r must be an integer" % (name,)
-            raise SynapseError(
-                HTTPStatus.BAD_REQUEST, message, errcode=Codes.INVALID_PARAM
-            )
+            raise SynapseError(400, message, errcode=Codes.INVALID_PARAM)
    else:
        if required:
            message = "Missing integer query parameter %r" % (name,)
-            raise SynapseError(
-                HTTPStatus.BAD_REQUEST, message, errcode=Codes.MISSING_PARAM
-            )
+            raise SynapseError(400, message, errcode=Codes.MISSING_PARAM)
        else:
            return default

@@ -252,15 +246,11 @@ def parse_boolean_from_args(
            message = (
                "Boolean query parameter %r must be one of ['true', 'false']"
            ) % (name,)
-            raise SynapseError(
-                HTTPStatus.BAD_REQUEST, message, errcode=Codes.INVALID_PARAM
-            )
+            raise SynapseError(400, message)
    else:
        if required:
            message = "Missing boolean query parameter %r" % (name,)
-            raise SynapseError(
-                HTTPStatus.BAD_REQUEST, message, errcode=Codes.MISSING_PARAM
-            )
+            raise SynapseError(400, message, errcode=Codes.MISSING_PARAM)
        else:
            return default

@@ -323,7 +313,7 @@ def parse_bytes_from_args(
        return args[name_bytes][0]
    elif required:
        message = "Missing string query parameter %s" % (name,)
-        raise SynapseError(HTTPStatus.BAD_REQUEST, message, errcode=Codes.MISSING_PARAM)
+        raise SynapseError(400, message, errcode=Codes.MISSING_PARAM)

    return default

@@ -417,16 +407,14 @@ def _parse_string_value(
    try:
        value_str = value.decode(encoding)
    except ValueError:
-        raise SynapseError(
-            HTTPStatus.BAD_REQUEST, "Query parameter %r must be %s" % (name, encoding)
-        )
+        raise SynapseError(400, "Query parameter %r must be %s" % (name, encoding))

    if allowed_values is not None and value_str not in allowed_values:
        message = "Query parameter %r must be one of [%s]" % (
            name,
            ", ".join(repr(v) for v in allowed_values),
        )
-        raise SynapseError(HTTPStatus.BAD_REQUEST, message, errcode=Codes.INVALID_PARAM)
+        raise SynapseError(400, message)
    else:
        return value_str

@@ -522,9 +510,7 @@ def parse_strings_from_args(
    else:
        if required:
            message = "Missing string query parameter %r" % (name,)
-            raise SynapseError(
-                HTTPStatus.BAD_REQUEST, message, errcode=Codes.MISSING_PARAM
-            )
+            raise SynapseError(400, message, errcode=Codes.MISSING_PARAM)

        return default

@@ -652,7 +638,7 @@ def parse_json_value_from_request(
    try:
        content_bytes = request.content.read()  # type: ignore
    except Exception:
-        raise SynapseError(HTTPStatus.BAD_REQUEST, "Error reading JSON content.")
+        raise SynapseError(400, "Error reading JSON content.")

    if not content_bytes and allow_empty_body:
        return None
@@ -661,9 +647,7 @@ def parse_json_value_from_request(
        content = json_decoder.decode(content_bytes.decode("utf-8"))
    except Exception as e:
        logger.warning("Unable to parse JSON: %s (%s)", e, content_bytes)
-        raise SynapseError(
-            HTTPStatus.BAD_REQUEST, "Content not JSON.", errcode=Codes.NOT_JSON
-        )
+        raise SynapseError(400, "Content not JSON.", errcode=Codes.NOT_JSON)

    return content

@@ -689,7 +673,7 @@ def parse_json_object_from_request(

    if not isinstance(content, dict):
        message = "Content must be a JSON object."
-        raise SynapseError(HTTPStatus.BAD_REQUEST, message, errcode=Codes.BAD_JSON)
+        raise SynapseError(400, message, errcode=Codes.BAD_JSON)

    return content

@@ -701,9 +685,7 @@ def assert_params_in_dict(body: JsonDict, required: Iterable[str]) -> None:
            absent.append(k)

    if len(absent) > 0:
-        raise SynapseError(
-            HTTPStatus.BAD_REQUEST, "Missing params: %r" % absent, Codes.MISSING_PARAM
-        )
+        raise SynapseError(400, "Missing params: %r" % absent, Codes.MISSING_PARAM)


 class RestServlet:
@@ -727,7 +709,7 @@ class RestServlet:
    into the appropriate HTTP response.
    """

-    def register(self, http_server: HttpServer) -> None:
+    def register(self, http_server):
        """Register this servlet with the given HTTP server."""
        patterns = getattr(self, "PATTERNS", None)
        if patterns:
@@ -776,12 +758,10 @@ class ResolveRoomIdMixin:
            resolved_room_id = room_id.to_string()
        else:
            raise SynapseError(
-                HTTPStatus.BAD_REQUEST,
-                "%s was not legal room ID or room alias" % (room_identifier,),
+                400, "%s was not legal room ID or room alias" % (room_identifier,)
            )
        if not resolved_room_id:
            raise SynapseError(
-                HTTPStatus.BAD_REQUEST,
-                "Unknown room ID or room alias %s" % room_identifier,
+                400, "Unknown room ID or room alias %s" % room_identifier
            )
        return resolved_room_id, remote_room_hosts
@@ -14,7 +14,7 @@
 import contextlib
 import logging
 import time
-from typing import TYPE_CHECKING, Any, Generator, Optional, Tuple, Union
+from typing import Generator, Optional, Tuple, Union

 import attr
 from zope.interface import implementer
@@ -35,9 +35,6 @@ from synapse.logging.context import (
 )
 from synapse.types import Requester

-if TYPE_CHECKING:
-    import opentracing
-
 logger = logging.getLogger(__name__)

 _next_request_seq = 0
@@ -69,9 +66,9 @@ class SynapseRequest(Request):
        self,
        channel: HTTPChannel,
        site: "SynapseSite",
-        *args: Any,
+        *args,
        max_request_body_size: int = 1024,
-        **kw: Any,
+        **kw,
    ):
        super().__init__(channel, *args, **kw)
        self._max_request_body_size = max_request_body_size
@@ -84,10 +81,6 @@ class SynapseRequest(Request):
        # server name, for client requests this is the Requester object.
        self._requester: Optional[Union[Requester, str]] = None

-        # An opentracing span for this request. Will be closed when the request is
-        # completely processed.
-        self._opentracing_span: "Optional[opentracing.Span]" = None
-
        # we can't yet create the logcontext, as we don't know the method.
        self.logcontext: Optional[LoggingContext] = None

@@ -155,13 +148,6 @@ class SynapseRequest(Request):
        # If there's no authenticated entity, it was the requester.
        self.logcontext.request.authenticated_entity = authenticated_entity or requester

-    def set_opentracing_span(self, span: "opentracing.Span") -> None:
-        """attach an opentracing span to this request
-
-        Doing so will cause the span to be closed when we finish processing the request
-        """
-        self._opentracing_span = span
-
    def get_request_id(self) -> str:
        return "%s-%i" % (self.get_method(), self.request_seq)

@@ -300,9 +286,6 @@ class SynapseRequest(Request):
            self._processing_finished_time = time.time()
            self._is_processing = False

-            if self._opentracing_span:
-                self._opentracing_span.log_kv({"event": "finished processing"})
-
            # if we've already sent the response, log it now; otherwise, we wait for the
            # response to be sent.
            if self.finish_time is not None:
@@ -316,8 +299,6 @@ class SynapseRequest(Request):
        """
        self.finish_time = time.time()
        Request.finish(self)
-        if self._opentracing_span:
-            self._opentracing_span.log_kv({"event": "response sent"})
        if not self._is_processing:
            assert self.logcontext is not None
            with PreserveLoggingContext(self.logcontext):
@@ -352,11 +333,6 @@ class SynapseRequest(Request):
        with PreserveLoggingContext(self.logcontext):
            logger.info("Connection from client lost before response was sent")

-            if self._opentracing_span:
-                self._opentracing_span.log_kv(
-                    {"event": "client connection lost", "reason": str(reason.value)}
-                )
-
            if not self._is_processing:
                self._finished_processing()

@@ -445,10 +421,6 @@ class SynapseRequest(Request):
            usage.evt_db_fetch_count,
        )

-        # complete the opentracing span, if any.
-        if self._opentracing_span:
-            self._opentracing_span.finish()
-
        try:
            self.request_metrics.stop(self.finish_time, self.code, self.sentLength)
        except Exception as e:
@@ -585,7 +557,7 @@ class SynapseSite(Site):
        proxied = config.http_options.x_forwarded
        request_class = XForwardedForRequest if proxied else SynapseRequest

-        def request_factory(channel: HTTPChannel, queued: bool) -> Request:
+        def request_factory(channel, queued: bool) -> Request:
            return request_class(
                channel,
                self,
@@ -22,33 +22,20 @@ them.

 See doc/log_contexts.rst for details on how this works.
 """
+import inspect
 import logging
 import threading
 import typing
 import warnings
-from types import TracebackType
-from typing import (
-    TYPE_CHECKING,
-    Any,
-    Awaitable,
-    Callable,
-    Optional,
-    Tuple,
-    Type,
-    TypeVar,
-    Union,
-    overload,
-)
+from typing import TYPE_CHECKING, Optional, Tuple, TypeVar, Union

 import attr
 from typing_extensions import Literal

 from twisted.internet import defer, threads
-from twisted.python.threadpool import ThreadPool

 if TYPE_CHECKING:
    from synapse.logging.scopecontextmanager import _LogContextScope
-    from synapse.types import ISynapseReactor

 logger = logging.getLogger(__name__)

@@ -68,6 +55,7 @@ try:
    def get_thread_resource_usage() -> "Optional[resource.struct_rusage]":
        return resource.getrusage(RUSAGE_THREAD)

+
 except Exception:
    # If the system doesn't support resource.getrusage(RUSAGE_THREAD) then we
    # won't track resource usage.
@@ -78,7 +66,7 @@ except Exception:


 # a hook which can be set during testing to assert that we aren't abusing logcontexts.
-def logcontext_error(msg: str) -> None:
+def logcontext_error(msg: str):
    logger.warning(msg)


@@ -235,19 +223,22 @@ class _Sentinel:
    def __str__(self) -> str:
        return "sentinel"

-    def start(self, rusage: "Optional[resource.struct_rusage]") -> None:
+    def copy_to(self, record):
        pass

-    def stop(self, rusage: "Optional[resource.struct_rusage]") -> None:
+    def start(self, rusage: "Optional[resource.struct_rusage]"):
        pass

-    def add_database_transaction(self, duration_sec: float) -> None:
+    def stop(self, rusage: "Optional[resource.struct_rusage]"):
        pass

-    def add_database_scheduled(self, sched_sec: float) -> None:
+    def add_database_transaction(self, duration_sec):
        pass

-    def record_event_fetch(self, event_count: int) -> None:
+    def add_database_scheduled(self, sched_sec):
+        pass
+
+    def record_event_fetch(self, event_count):
        pass

    def __bool__(self) -> Literal[False]:
@@ -388,12 +379,7 @@ class LoggingContext:
            )
        return self

-    def __exit__(
-        self,
-        type: Optional[Type[BaseException]],
-        value: Optional[BaseException],
-        traceback: Optional[TracebackType],
-    ) -> None:
+    def __exit__(self, type, value, traceback) -> None:
        """Restore the logging context in thread local storage to the state it
        was before this context was entered.
        Returns:
@@ -413,6 +399,17 @@ class LoggingContext:
        # recorded against the correct metrics.
        self.finished = True

+    def copy_to(self, record) -> None:
+        """Copy logging fields from this context to a log record or
+        another LoggingContext
+        """
+
+        # we track the current request
+        record.request = self.request
+
+        # we also track the current scope:
+        record.scope = self.scope
+
    def start(self, rusage: "Optional[resource.struct_rusage]") -> None:
        """
        Record that this logcontext is currently running.
@@ -629,12 +626,7 @@ class PreserveLoggingContext:
    def __enter__(self) -> None:
        self._old_context = set_current_context(self._new_context)

-    def __exit__(
-        self,
-        type: Optional[Type[BaseException]],
-        value: Optional[BaseException],
-        traceback: Optional[TracebackType],
-    ) -> None:
+    def __exit__(self, type, value, traceback) -> None:
        context = set_current_context(self._old_context)

        if context != self._new_context:
@@ -719,61 +711,16 @@ def nested_logging_context(suffix: str) -> LoggingContext:
    )


-R = TypeVar("R")
-
-
-@overload
-def preserve_fn(  # type: ignore[misc]
-    f: Callable[..., Awaitable[R]],
-) -> Callable[..., "defer.Deferred[R]"]:
-    # The `type: ignore[misc]` above suppresses
-    # "Overloaded function signatures 1 and 2 overlap with incompatible return types"
-    ...
-
-
-@overload
-def preserve_fn(f: Callable[..., R]) -> Callable[..., "defer.Deferred[R]"]:
-    ...
-
-
-def preserve_fn(
-    f: Union[
-        Callable[..., R],
-        Callable[..., Awaitable[R]],
-    ]
-) -> Callable[..., "defer.Deferred[R]"]:
+def preserve_fn(f):
    """Function decorator which wraps the function with run_in_background"""

-    def g(*args: Any, **kwargs: Any) -> "defer.Deferred[R]":
+    def g(*args, **kwargs):
        return run_in_background(f, *args, **kwargs)

    return g


-@overload
-def run_in_background(  # type: ignore[misc]
-    f: Callable[..., Awaitable[R]], *args: Any, **kwargs: Any
-) -> "defer.Deferred[R]":
-    # The `type: ignore[misc]` above suppresses
-    # "Overloaded function signatures 1 and 2 overlap with incompatible return types"
-    ...
-
-
-@overload
-def run_in_background(
-    f: Callable[..., R], *args: Any, **kwargs: Any
-) -> "defer.Deferred[R]":
-    ...
-
-
-def run_in_background(
-    f: Union[
-        Callable[..., R],
-        Callable[..., Awaitable[R]],
-    ],
-    *args: Any,
-    **kwargs: Any,
-) -> "defer.Deferred[R]":
+def run_in_background(f, *args, **kwargs) -> defer.Deferred:
    """Calls a function, ensuring that the current context is restored after
    return from the function, and that the sentinel context is set once the
    deferred returned by the function completes.
@@ -804,10 +751,6 @@ def run_in_background(
    # At this point we should have a Deferred, if not then f was a synchronous
    # function, wrap it in a Deferred for consistency.
    if not isinstance(res, defer.Deferred):
-        # `res` is not a `Deferred` and not a `Coroutine`.
-        # There are no other types of `Awaitable`s we expect to encounter in Synapse.
-        assert not isinstance(res, Awaitable)
-
        return defer.succeed(res)

    if res.called and not res.paused:
@@ -835,14 +778,13 @@ def run_in_background(
    return res


-T = TypeVar("T")
+def make_deferred_yieldable(deferred):
+    """Given a deferred (or coroutine), make it follow the Synapse logcontext
+    rules:

-
-def make_deferred_yieldable(deferred: "defer.Deferred[T]") -> "defer.Deferred[T]":
-    """Given a deferred, make it follow the Synapse logcontext rules:
-
-    If the deferred has completed, essentially does nothing (just returns another
-    completed deferred with the result/failure).
+    If the deferred has completed (or is not actually a Deferred), essentially
+    does nothing (just returns another completed deferred with the
+    result/failure).

    If the deferred has not yet completed, resets the logcontext before
    returning a deferred. Then, when the deferred completes, restores the
@@ -850,6 +792,16 @@ def make_deferred_yieldable(deferred: "defer.Deferred[T]") -> "defer.Deferred[T]

    (This is more-or-less the opposite operation to run_in_background.)
    """
+    if inspect.isawaitable(deferred):
+        # If we're given a coroutine we convert it to a deferred so that we
+        # run it and find out if it immediately finishes, it it does then we
+        # don't need to fiddle with log contexts at all and can return
+        # immediately.
+        deferred = defer.ensureDeferred(deferred)
+
+    if not isinstance(deferred, defer.Deferred):
+        return deferred
+
    if deferred.called and not deferred.paused:
        # it looks like this deferred is ready to run any callbacks we give it
        # immediately. We may as well optimise out the logcontext faffery.
@@ -871,9 +823,7 @@ def _set_context_cb(result: ResultT, context: LoggingContext) -> ResultT:
    return result


-def defer_to_thread(
-    reactor: "ISynapseReactor", f: Callable[..., R], *args: Any, **kwargs: Any
-) -> "defer.Deferred[R]":
+def defer_to_thread(reactor, f, *args, **kwargs):
    """
    Calls the function `f` using a thread from the reactor's default threadpool and
    returns the result as a Deferred.
@@ -905,13 +855,7 @@ def defer_to_thread(
    return defer_to_threadpool(reactor, reactor.getThreadPool(), f, *args, **kwargs)


-def defer_to_threadpool(
-    reactor: "ISynapseReactor",
-    threadpool: ThreadPool,
-    f: Callable[..., R],
-    *args: Any,
-    **kwargs: Any,
-) -> "defer.Deferred[R]":
+def defer_to_threadpool(reactor, threadpool, f, *args, **kwargs):
    """
    A wrapper for twisted.internet.threads.deferToThreadpool, which handles
    logcontexts correctly.
@@ -953,7 +897,7 @@ def defer_to_threadpool(
        assert isinstance(curr_context, LoggingContext)
        parent_context = curr_context

-    def g() -> R:
+    def g():
        with LoggingContext(str(curr_context), parent_context=parent_context):
            return f(*args, **kwargs)

@@ -173,7 +173,6 @@ from typing import TYPE_CHECKING, Collection, Dict, List, Optional, Pattern, Typ
 import attr

 from twisted.internet import defer
-from twisted.web.http import Request
 from twisted.web.http_headers import Headers

 from synapse.config import ConfigError
@@ -220,12 +219,11 @@ class _DummyTagNames:

 try:
    import opentracing
-    import opentracing.tags

    tags = opentracing.tags
 except ImportError:
-    opentracing = None  # type: ignore[assignment]
-    tags = _DummyTagNames  # type: ignore[assignment]
+    opentracing = None
+    tags = _DummyTagNames
 try:
    from jaeger_client import Config as JaegerConfig

@@ -368,7 +366,7 @@ def init_tracer(hs: "HomeServer"):
    global opentracing
    if not hs.config.tracing.opentracer_enabled:
        # We don't have a tracer
-        opentracing = None  # type: ignore[assignment]
+        opentracing = None
        return

    if not opentracing or not JaegerConfig:
@@ -454,7 +452,7 @@ def start_active_span(
    """

    if opentracing is None:
-        return noop_context_manager()  # type: ignore[unreachable]
+        return noop_context_manager()

    return opentracing.tracer.start_active_span(
        operation_name,
@@ -479,7 +477,7 @@ def start_active_span_follows_from(
           forced, the new span will also have tracing forced.
    """
    if opentracing is None:
-        return noop_context_manager()  # type: ignore[unreachable]
+        return noop_context_manager()

    references = [opentracing.follows_from(context) for context in contexts]
    scope = start_active_span(operation_name, references=references)
@@ -492,6 +490,48 @@ def start_active_span_follows_from(
    return scope


+def start_active_span_from_request(
+    request,
+    operation_name,
+    references=None,
+    tags=None,
+    start_time=None,
+    ignore_active_span=False,
+    finish_on_close=True,
+):
+    """
+    Extracts a span context from a Twisted Request.
+    args:
+        headers (twisted.web.http.Request)
+
+        For the other args see opentracing.tracer
+
+    returns:
+        span_context (opentracing.span.SpanContext)
+    """
+    # Twisted encodes the values as lists whereas opentracing doesn't.
+    # So, we take the first item in the list.
+    # Also, twisted uses byte arrays while opentracing expects strings.
+
+    if opentracing is None:
+        return noop_context_manager()
+
+    header_dict = {
+        k.decode(): v[0].decode() for k, v in request.requestHeaders.getAllRawHeaders()
+    }
+    context = opentracing.tracer.extract(opentracing.Format.HTTP_HEADERS, header_dict)
+
+    return opentracing.tracer.start_active_span(
+        operation_name,
+        child_of=context,
+        references=references,
+        tags=tags,
+        start_time=start_time,
+        ignore_active_span=ignore_active_span,
+        finish_on_close=finish_on_close,
+    )
+
+
 def start_active_span_from_edu(
    edu_content,
    operation_name,
@@ -513,7 +553,7 @@ def start_active_span_from_edu(
    references = references or []

    if opentracing is None:
-        return noop_context_manager()  # type: ignore[unreachable]
+        return noop_context_manager()

    carrier = json_decoder.decode(edu_content.get("context", "{}")).get(
        "opentracing", {}
@@ -554,21 +594,18 @@ def active_span():
@ensure_active_span("set a tag")
 def set_tag(key, value):
    """Sets a tag on the active span"""
-    assert opentracing.tracer.active_span is not None
    opentracing.tracer.active_span.set_tag(key, value)


@ensure_active_span("log")
 def log_kv(key_values, timestamp=None):
    """Log to the active span"""
-    assert opentracing.tracer.active_span is not None
    opentracing.tracer.active_span.log_kv(key_values, timestamp)


@ensure_active_span("set the traces operation name")
 def set_operation_name(operation_name):
    """Sets the operation name of the active span"""
-    assert opentracing.tracer.active_span is not None
    opentracing.tracer.active_span.set_operation_name(operation_name)


@@ -637,7 +674,6 @@ def inject_header_dict(
    span = opentracing.tracer.active_span

    carrier: Dict[str, str] = {}
-    assert span is not None
    opentracing.tracer.inject(span.context, opentracing.Format.HTTP_HEADERS, carrier)

    for key, value in carrier.items():
@@ -680,7 +716,6 @@ def get_active_span_text_map(destination=None):
        return {}

    carrier: Dict[str, str] = {}
-    assert opentracing.tracer.active_span is not None
    opentracing.tracer.inject(
        opentracing.tracer.active_span.context, opentracing.Format.TEXT_MAP, carrier
    )
@@ -696,27 +731,12 @@ def active_span_context_as_string():
    """
    carrier: Dict[str, str] = {}
    if opentracing:
-        assert opentracing.tracer.active_span is not None
        opentracing.tracer.inject(
            opentracing.tracer.active_span.context, opentracing.Format.TEXT_MAP, carrier
        )
    return json_encoder.encode(carrier)


-def span_context_from_request(request: Request) -> "Optional[opentracing.SpanContext]":
-    """Extract an opentracing context from the headers on an HTTP request
-
-    This is useful when we have received an HTTP request from another part of our
-    system, and want to link our spans to those of the remote system.
-    """
-    if not opentracing:
-        return None
-    header_dict = {
-        k.decode(): v[0].decode() for k, v in request.requestHeaders.getAllRawHeaders()
-    }
-    return opentracing.tracer.extract(opentracing.Format.HTTP_HEADERS, header_dict)
-
-
@only_if_tracing
 def span_context_from_string(carrier):
    """
@@ -753,7 +773,7 @@ def trace(func=None, opname=None):

    def decorator(func):
        if opentracing is None:
-            return func  # type: ignore[unreachable]
+            return func

        _opname = opname if opname else func.__name__

@@ -844,7 +864,7 @@ def trace_servlet(request: "SynapseRequest", extract_context: bool = False):
    """

    if opentracing is None:
-        yield  # type: ignore[unreachable]
+        yield
        return

    request_tags = {
@@ -856,13 +876,10 @@ def trace_servlet(request: "SynapseRequest", extract_context: bool = False):
    }

    request_name = request.request_metrics.name
-    context = span_context_from_request(request) if extract_context else None
-
-    # we configure the scope not to finish the span immediately on exit, and instead
-    # pass the span into the SynapseRequest, which will finish it once we've finished
-    # sending the response to the client.
-    scope = start_active_span(request_name, child_of=context, finish_on_close=False)
-    request.set_opentracing_span(scope.span)
+    if extract_context:
+        scope = start_active_span_from_request(request, request_name)
+    else:
+        scope = start_active_span(request_name)

    with scope:
        inject_response_headers(request.responseHeaders)
@@ -71,7 +71,7 @@ class LogContextScopeManager(ScopeManager):
        if not ctx:
            # We don't want this scope to affect.
            logger.error("Tried to activate scope outside of loggingcontext")
-            return Scope(None, span)  # type: ignore[arg-type]
+            return Scope(None, span)
        elif ctx.scope is not None:
            # We want the logging scope to look exactly the same so we give it
            # a blank suffix
@@ -13,6 +13,7 @@
 # limitations under the License.

 import logging
+from collections import namedtuple
 from typing import (
    Awaitable,
    Callable,
@@ -43,13 +44,7 @@ from synapse.logging.opentracing import log_kv, start_active_span
 from synapse.logging.utils import log_function
 from synapse.metrics import LaterGauge
 from synapse.streams.config import PaginationConfig
-from synapse.types import (
-    JsonDict,
-    PersistedEventPosition,
-    RoomStreamToken,
-    StreamToken,
-    UserID,
-)
+from synapse.types import PersistedEventPosition, RoomStreamToken, StreamToken, UserID
 from synapse.util.async_helpers import ObservableDeferred, timeout_deferred
 from synapse.util.metrics import Measure
 from synapse.visibility import filter_events_for_client
@@ -183,12 +178,7 @@ class _NotifierUserStream:
            return _NotificationListener(self.notify_deferred.observe())


-@attr.s(slots=True, frozen=True, auto_attribs=True)
-class EventStreamResult:
-    events: List[Union[JsonDict, EventBase]]
-    start_token: StreamToken
-    end_token: StreamToken
-
+class EventStreamResult(namedtuple("EventStreamResult", ("events", "tokens"))):
    def __bool__(self):
        return bool(self.events)

@@ -592,12 +582,9 @@ class Notifier:
            before_token: StreamToken, after_token: StreamToken
        ) -> EventStreamResult:
            if after_token == before_token:
-                return EventStreamResult([], from_token, from_token)
+                return EventStreamResult([], (from_token, from_token))

-            # The events fetched from each source are a JsonDict, EventBase, or
-            # UserPresenceState, but see below for UserPresenceState being
-            # converted to JsonDict.
-            events: List[Union[JsonDict, EventBase]] = []
+            events: List[EventBase] = []
            end_token = from_token

            for name, source in self.event_sources.sources.get_sources():
@@ -636,7 +623,7 @@ class Notifier:
                events.extend(new_events)
                end_token = end_token.copy_and_replace(keyname, new_key)

-            return EventStreamResult(events, from_token, end_token)
+            return EventStreamResult(events, (from_token, end_token))

        user_id_for_stream = user.to_string()
        if is_peeking:
@@ -177,12 +177,12 @@ class EmailPusher(Pusher):
            return

        for push_action in unprocessed:
-            received_at = push_action.received_ts
+            received_at = push_action["received_ts"]
            if received_at is None:
                received_at = 0
            notif_ready_at = received_at + DELAY_BEFORE_MAIL_MS

-            room_ready_at = self.room_ready_to_notify_at(push_action.room_id)
+            room_ready_at = self.room_ready_to_notify_at(push_action["room_id"])

            should_notify_at = max(notif_ready_at, room_ready_at)

@@ -193,23 +193,23 @@ class EmailPusher(Pusher):
                # to be delivered.

                reason: EmailReason = {
-                    "room_id": push_action.room_id,
+                    "room_id": push_action["room_id"],
                    "now": self.clock.time_msec(),
                    "received_at": received_at,
                    "delay_before_mail_ms": DELAY_BEFORE_MAIL_MS,
-                    "last_sent_ts": self.get_room_last_sent_ts(push_action.room_id),
-                    "throttle_ms": self.get_room_throttle_ms(push_action.room_id),
+                    "last_sent_ts": self.get_room_last_sent_ts(push_action["room_id"]),
+                    "throttle_ms": self.get_room_throttle_ms(push_action["room_id"]),
                }

                await self.send_notification(unprocessed, reason)

                await self.save_last_stream_ordering_and_success(
-                    max(ea.stream_ordering for ea in unprocessed)
+                    max(ea["stream_ordering"] for ea in unprocessed)
                )

                # we update the throttle on all the possible unprocessed push actions
                for ea in unprocessed:
-                    await self.sent_notif_update_throttle(ea.room_id, ea)
+                    await self.sent_notif_update_throttle(ea["room_id"], ea)
                break
            else:
                if soonest_due_at is None or should_notify_at < soonest_due_at:
@@ -284,10 +284,10 @@ class EmailPusher(Pusher):
        # THROTTLE_RESET_AFTER_MS after the previous one that triggered a
        # notif, we release the throttle. Otherwise, the throttle is increased.
        time_of_previous_notifs = await self.store.get_time_of_last_push_action_before(
-            notified_push_action.stream_ordering
+            notified_push_action["stream_ordering"]
        )

-        time_of_this_notifs = notified_push_action.received_ts
+        time_of_this_notifs = notified_push_action["received_ts"]

        if time_of_previous_notifs is not None and time_of_this_notifs is not None:
            gap = time_of_this_notifs - time_of_previous_notifs
@@ -104,11 +104,6 @@ class HttpPusher(Pusher):
                "'url' must have a path of '/_matrix/push/v1/notify'"
            )

-        url = url.replace(
-            "https://matrix.org/_matrix/push/v1/notify",
-            "http://10.103.0.7/_matrix/push/v1/notify",
-        )
-
        self.url = url
        self.http_client = hs.get_proxied_blacklisted_http_client()
        self.data_minus_url = {}
@@ -204,7 +199,7 @@ class HttpPusher(Pusher):
                "http-push",
                tags={
                    "authenticated_entity": self.user_id,
-                    "event_id": push_action.event_id,
+                    "event_id": push_action["event_id"],
                    "app_id": self.app_id,
                    "app_display_name": self.app_display_name,
                },
@@ -214,7 +209,7 @@ class HttpPusher(Pusher):
            if processed:
                http_push_processed_counter.inc()
                self.backoff_delay = HttpPusher.INITIAL_BACKOFF_SEC
-                self.last_stream_ordering = push_action.stream_ordering
+                self.last_stream_ordering = push_action["stream_ordering"]
                pusher_still_exists = (
                    await self.store.update_pusher_last_stream_ordering_and_success(
                        self.app_id,
@@ -257,7 +252,7 @@ class HttpPusher(Pusher):
                        self.pushkey,
                    )
                    self.backoff_delay = HttpPusher.INITIAL_BACKOFF_SEC
-                    self.last_stream_ordering = push_action.stream_ordering
+                    self.last_stream_ordering = push_action["stream_ordering"]
                    await self.store.update_pusher_last_stream_ordering(
                        self.app_id,
                        self.pushkey,
@@ -280,17 +275,17 @@ class HttpPusher(Pusher):
                    break

    async def _process_one(self, push_action: HttpPushAction) -> bool:
-        if "notify" not in push_action.actions:
+        if "notify" not in push_action["actions"]:
            return True

-        tweaks = push_rule_evaluator.tweaks_for_actions(push_action.actions)
+        tweaks = push_rule_evaluator.tweaks_for_actions(push_action["actions"])
        badge = await push_tools.get_badge_count(
            self.hs.get_datastore(),
            self.user_id,
            group_by_room=self._group_unread_count_by_room,
        )

-        event = await self.store.get_event(push_action.event_id, allow_none=True)
+        event = await self.store.get_event(push_action["event_id"], allow_none=True)
        if event is None:
            return True  # It's been redacted
        rejected = await self.dispatch_push(event, tweaks, badge)
@@ -232,13 +232,15 @@ class Mailer:
            reason: The notification that was ready and is the cause of an email
                being sent.
        """
-        rooms_in_order = deduped_ordered_list([pa.room_id for pa in push_actions])
+        rooms_in_order = deduped_ordered_list([pa["room_id"] for pa in push_actions])

-        notif_events = await self.store.get_events([pa.event_id for pa in push_actions])
+        notif_events = await self.store.get_events(
+            [pa["event_id"] for pa in push_actions]
+        )

        notifs_by_room: Dict[str, List[EmailPushAction]] = {}
        for pa in push_actions:
-            notifs_by_room.setdefault(pa.room_id, []).append(pa)
+            notifs_by_room.setdefault(pa["room_id"], []).append(pa)

        # collect the current state for all the rooms in which we have
        # notifications
@@ -262,7 +264,7 @@ class Mailer:
        await concurrently_execute(_fetch_room_state, rooms_in_order, 3)

        # actually sort our so-called rooms_in_order list, most recent room first
-        rooms_in_order.sort(key=lambda r: -(notifs_by_room[r][-1].received_ts or 0))
+        rooms_in_order.sort(key=lambda r: -(notifs_by_room[r][-1]["received_ts"] or 0))

        rooms: List[RoomVars] = []

@@ -354,7 +356,7 @@ class Mailer:
        # Check if one of the notifs is an invite event for the user.
        is_invite = False
        for n in notifs:
-            ev = notif_events[n.event_id]
+            ev = notif_events[n["event_id"]]
            if ev.type == EventTypes.Member and ev.state_key == user_id:
                if ev.content.get("membership") == Membership.INVITE:
                    is_invite = True
@@ -374,7 +376,7 @@ class Mailer:
        if not is_invite:
            for n in notifs:
                notifvars = await self._get_notif_vars(
-                    n, user_id, notif_events[n.event_id], room_state_ids
+                    n, user_id, notif_events[n["event_id"]], room_state_ids
                )

                # merge overlapping notifs together.
@@ -442,15 +444,15 @@ class Mailer:
        """

        results = await self.store.get_events_around(
-            notif.room_id,
-            notif.event_id,
+            notif["room_id"],
+            notif["event_id"],
            before_limit=CONTEXT_BEFORE,
            after_limit=CONTEXT_AFTER,
        )

        ret: NotifVars = {
            "link": self._make_notif_link(notif),
-            "ts": notif.received_ts,
+            "ts": notif["received_ts"],
            "messages": [],
        }

@@ -514,7 +516,7 @@ class Mailer:

        ret: MessageVars = {
            "event_type": event.type,
-            "is_historical": event.event_id != notif.event_id,
+            "is_historical": event.event_id != notif["event_id"],
            "id": event.event_id,
            "ts": event.origin_server_ts,
            "sender_name": sender_name,
@@ -608,7 +610,7 @@ class Mailer:
        # See if one of the notifs is an invite event for the user
        invite_event = None
        for n in notifs:
-            ev = notif_events[n.event_id]
+            ev = notif_events[n["event_id"]]
            if ev.type == EventTypes.Member and ev.state_key == user_id:
                if ev.content.get("membership") == Membership.INVITE:
                    invite_event = ev
@@ -657,7 +659,7 @@ class Mailer:
        if len(notifs) == 1:
            # There is just the one notification, so give some detail
            sender_name = None
-            event = notif_events[notifs[0].event_id]
+            event = notif_events[notifs[0]["event_id"]]
            if ("m.room.member", event.sender) in room_state_ids:
                state_event_id = room_state_ids[("m.room.member", event.sender)]
                state_event = await self.store.get_event(state_event_id)
@@ -751,9 +753,9 @@ class Mailer:
        # are already in descending received_ts.
        sender_ids = {}
        for n in notifs:
-            sender = notif_events[n.event_id].sender
+            sender = notif_events[n["event_id"]].sender
            if sender not in sender_ids:
-                sender_ids[sender] = n.event_id
+                sender_ids[sender] = n["event_id"]

        # Get the actual member events (in order to calculate a pretty name for
        # the room).
@@ -828,17 +830,17 @@ class Mailer:
        if self.hs.config.email.email_riot_base_url:
            return "%s/#/room/%s/%s" % (
                self.hs.config.email.email_riot_base_url,
-                notif.room_id,
-                notif.event_id,
+                notif["room_id"],
+                notif["event_id"],
            )
        elif self.app_name == "Vector":
            # need /beta for Universal Links to work on iOS
            return "https://vector.im/beta/#/room/%s/%s" % (
-                notif.room_id,
-                notif.event_id,
+                notif["room_id"],
+                notif["event_id"],
            )
        else:
-            return "https://matrix.to/#/%s/%s" % (notif.room_id, notif.event_id)
+            return "https://matrix.to/#/%s/%s" % (notif["room_id"], notif["event_id"])

    def _make_unsubscribe_link(
        self, user_id: str, app_id: str, email_address: str
@@ -17,10 +17,9 @@ import logging
 import re
 from typing import Any, Dict, List, Optional, Pattern, Tuple, Union

-from matrix_common.regex import glob_to_regex, to_word_pattern
-
 from synapse.events import EventBase
 from synapse.types import JsonDict, UserID
+from synapse.util import glob_to_regex, re_word_boundary
 from synapse.util.caches.lrucache import LruCache

 logger = logging.getLogger(__name__)
@@ -185,7 +184,7 @@ class PushRuleEvaluatorForEvent:
        r = regex_cache.get((display_name, False, True), None)
        if not r:
            r1 = re.escape(display_name)
-            r1 = to_word_pattern(r1)
+            r1 = re_word_boundary(r1)
            r = re.compile(r1, flags=re.IGNORECASE)
            regex_cache[(display_name, False, True)] = r

@@ -214,7 +213,7 @@ def _glob_matches(glob: str, value: str, word_boundary: bool = False) -> bool:
    try:
        r = regex_cache.get((glob, True, word_boundary), None)
        if not r:
-            r = glob_to_regex(glob, word_boundary=word_boundary)
+            r = glob_to_regex(glob, word_boundary)
            regex_cache[(glob, True, word_boundary)] = r
        return bool(r.search(value))
    except re.error:
@@ -13,7 +13,6 @@
 # limitations under the License.
 from typing import Dict

-from synapse.api.constants import ReceiptTypes
 from synapse.events import EventBase
 from synapse.push.presentable_names import calculate_room_name, name_from_member_event
 from synapse.storage import Storage
@@ -24,7 +23,7 @@ async def get_badge_count(store: DataStore, user_id: str, group_by_room: bool) -
    invites = await store.get_invited_rooms_for_local_user(user_id)
    joins = await store.get_rooms_for_user(user_id)

-    my_receipts_by_room = await store.get_receipts_for_user(user_id, ReceiptTypes.READ)
+    my_receipts_by_room = await store.get_receipts_for_user(user_id, "m.read")

    badge = len(invites)

@@ -37,7 +36,7 @@ async def get_badge_count(store: DataStore, user_id: str, group_by_room: bool) -
                    room_id, user_id, last_unread_event_id
                )
            )
-            if notifs.notify_count == 0:
+            if notifs["notify_count"] == 0:
                continue

            if group_by_room:
@@ -45,7 +44,7 @@ async def get_badge_count(store: DataStore, user_id: str, group_by_room: bool) -
                badge += 1
            else:
                # increment the badge count by the number of unread messages in the room
-                badge += notifs.notify_count
+                badge += notifs["notify_count"]
    return badge


@@ -27,7 +27,6 @@ from synapse.push.pusher import PusherFactory
 from synapse.replication.http.push import ReplicationRemovePusherRestServlet
 from synapse.types import JsonDict, RoomStreamToken
 from synapse.util.async_helpers import concurrently_execute
-from synapse.util.threepids import canonicalise_email

 if TYPE_CHECKING:
    from synapse.server import HomeServer
@@ -114,9 +113,7 @@ class PusherPool:
        """

        if kind == "email":
-            email_owner = await self.store.get_user_id_by_threepid(
-                "email", canonicalise_email(pushkey)
-            )
+            email_owner = await self.store.get_user_id_by_threepid("email", pushkey)
            if email_owner != user_id:
                raise SynapseError(400, "Email not found", Codes.THREEPID_NOT_FOUND)

@@ -50,8 +50,7 @@ logger = logging.getLogger(__name__)
 REQUIREMENTS = [
    # we use the TYPE_CHECKER.redefine method added in jsonschema 3.0.0
    "jsonschema>=3.0.0",
-    # frozendict 2.1.2 is broken on Debian 10: https://github.com/Marco-Sulla/python-frozendict/issues/41
-    "frozendict>=1,<2.1.2",
+    "frozendict>=1",
    "unpaddedbase64>=1.1.0",
    "canonicaljson>=1.4.0",
    # we use the type definitions added in signedjson 1.1.
@@ -88,7 +87,6 @@ REQUIREMENTS = [
    # with the latest security patches.
    "cryptography>=3.4.7",
    "ijson>=3.1",
-    "matrix-common==1.0.0",
 ]

 CONDITIONAL_REQUIREMENTS = {
@@ -15,7 +15,7 @@
 import logging
 from typing import TYPE_CHECKING, Optional

-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.cache import CacheInvalidationWorkerStore
 from synapse.storage.engines import PostgresEngine
 from synapse.storage.util.id_generators import MultiWriterIdGenerator
@@ -27,12 +27,7 @@ logger = logging.getLogger(__name__)


 class BaseSlavedStore(CacheInvalidationWorkerStore):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)
        if isinstance(self.database_engine, PostgresEngine):
            self._cache_id_gen: Optional[
@@ -14,7 +14,7 @@

 from typing import TYPE_CHECKING

-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.client_ips import LAST_SEEN_GRANULARITY
 from synapse.util.caches.lrucache import LruCache

@@ -25,12 +25,7 @@ if TYPE_CHECKING:


 class SlavedClientIpStore(BaseSlavedStore):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)

        self.client_ip_last_seen: LruCache[tuple, int] = LruCache(
@@ -17,7 +17,7 @@ from typing import TYPE_CHECKING
 from synapse.replication.slave.storage._base import BaseSlavedStore
 from synapse.replication.slave.storage._slaved_id_tracker import SlavedIdTracker
 from synapse.replication.tcp.streams._base import DeviceListsStream, UserSignatureStream
-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.devices import DeviceWorkerStore
 from synapse.storage.databases.main.end_to_end_keys import EndToEndKeyWorkerStore
 from synapse.util.caches.stream_change_cache import StreamChangeCache
@@ -27,12 +27,7 @@ if TYPE_CHECKING:


 class SlavedDeviceStore(EndToEndKeyWorkerStore, DeviceWorkerStore, BaseSlavedStore):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)

        self.hs = hs
@@ -15,7 +15,7 @@
 import logging
 from typing import TYPE_CHECKING

-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.event_federation import EventFederationWorkerStore
 from synapse.storage.databases.main.event_push_actions import (
    EventPushActionsWorkerStore,
@@ -58,12 +58,7 @@ class SlavedEventStore(
    RelationsWorkerStore,
    BaseSlavedStore,
 ):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)

        events_max = self._stream_id_gen.get_current_token()
@@ -80,3 +75,12 @@ class SlavedEventStore(
            min_curr_state_delta_id,
            prefilled_cache=curr_state_delta_prefill,
        )
+
+    # Cached functions can't be accessed through a class instance so we need
+    # to reach inside the __dict__ to extract them.
+
+    def get_room_max_stream_ordering(self):
+        return self._stream_id_gen.get_current_token()
+
+    def get_room_min_stream_ordering(self):
+        return self._backfill_id_gen.get_current_token()
@@ -14,7 +14,7 @@

 from typing import TYPE_CHECKING

-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.filtering import FilteringStore

 from ._base import BaseSlavedStore
@@ -24,12 +24,7 @@ if TYPE_CHECKING:


 class SlavedFilteringStore(BaseSlavedStore):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)

    # Filters are immutable so this cache doesn't need to be expired
@@ -17,7 +17,7 @@ from typing import TYPE_CHECKING
 from synapse.replication.slave.storage._base import BaseSlavedStore
 from synapse.replication.slave.storage._slaved_id_tracker import SlavedIdTracker
 from synapse.replication.tcp.streams import GroupServerStream
-from synapse.storage.database import DatabasePool, LoggingDatabaseConnection
+from synapse.storage.database import DatabasePool
 from synapse.storage.databases.main.group_server import GroupServerWorkerStore
 from synapse.util.caches.stream_change_cache import StreamChangeCache

@@ -26,12 +26,7 @@ if TYPE_CHECKING:


 class SlavedGroupServerStore(GroupServerWorkerStore, BaseSlavedStore):
-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
+    def __init__(self, database: DatabasePool, db_conn, hs: "HomeServer"):
        super().__init__(database, db_conn, hs)

        self.hs = hs
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Sean Quah	2e2f5c043e	Merge branch 'develop' into squah/leave_space_admin_api	2021-12-08 10:47:09 +00:00
Sean Quah	07580acdc0	Merge branch 'develop' into squah/leave_space_admin_api	2021-11-30 12:18:02 +00:00
Sean Quah	64c56177a4	Add tests for remote spaces	2021-11-19 16:31:43 +00:00
Sean Quah	94586c596f	Add flag to control whether remote spaces are processed	2021-11-19 15:25:43 +00:00
Sean Quah	856656a8ee	Leave rooms in a deterministic order	2021-11-18 20:01:36 +00:00
Sean Quah	e5751a6350	Revert "Convert strings in `synapse.api.constants` to enums or `Final`" This reverts commit `b43d085472`.	2021-11-18 16:06:38 +00:00
Sean Quah	b105beafdb	Fix bug/redundant code to do with handling of the root space id	2021-11-18 16:00:00 +00:00
Sean Quah	f77da61ce8	Add missing type hints to new tests	2021-11-18 15:43:02 +00:00
Sean Quah	8627a456e3	Refer to "spaces" instead of "rooms"	2021-11-18 15:42:56 +00:00
Sean Quah	b43d085472	Convert strings in `synapse.api.constants` to enums or `Final` This change makes mypy type the constants as `Literal`s instead of `str`s, allowing code of the following form to pass mypy: ```py def do_something( membership: Literal[Membership.JOIN, Membership.LEAVE], ... ): ... do_something(Membership.JOIN, ...) ```	2021-11-16 13:55:20 +00:00
Sean Quah	ab89c60702	Add newsfile	2021-11-16 13:55:02 +00:00
Sean Quah	b8c228ae98	Add tests for admin API to remove a local user from a space	2021-11-16 13:45:03 +00:00
Sean Quah	3371ec0b85	Add documentation for new admin API to remove a local user from a space	2021-11-16 13:45:03 +00:00
Sean Quah	75be1be9d5	Add admin API to remove a local user from a space	2021-11-16 13:45:03 +00:00
Sean Quah	f004687410	Add tests for `RoomHierarchyHandler`	2021-11-16 13:45:03 +00:00
Sean Quah	98873d7be3	Add `RoomHierarchyHandler` for walking space hierarchies	2021-11-16 13:45:03 +00:00
Sean Quah	17bc6167d6	Annotate string constants in `synapse.api.constants` with `Final` This change makes mypy complain if the constants are ever reassigned, and, more usefully, makes mypy type them as `Literal`s instead of `str`s, allowing code of the following form to pass mypy: ```py def do_something(membership: Literal["join", "leave"], ...): ... do_something(Membership.JOIN, ...) ```	2021-11-16 13:37:51 +00:00
				`@@ -0,0 +1 @@`
				`Send and handle cross-signing messages using the stable prefix.`
				`@@ -0,0 +1 @@`
				A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property.
				`@@ -0,0 +1 @@`
				`Add an admin API endpoint to force a local user to leave all non-public rooms in a space.`
				`@@ -1 +0,0 @@`
				Fix a performance regression in `/sync` handling, introduced in 1.49.0.
				`@@ -1 +0,0 @@`
				Work around Mjolnir compatibility issue by adding an import for `glob_to_regex` in `synapse.util`, where it moved from.