poetry lock

.ci/scripts/calculate_jobs.py

@@ -47,7 +47,7 @@ if not IS_PR:
             "database": "sqlite",
             "extras": "all",
         }
-        for version in ("3.9", "3.10", "3.11", "3.12")
+        for version in ("3.9", "3.10", "3.11", "3.12.0-rc.2")
     )
 
 trial_postgres_tests = [
@@ -62,9 +62,9 @@ trial_postgres_tests = [
 if not IS_PR:
     trial_postgres_tests.append(
         {
-            "python-version": "3.12",
+            "python-version": "3.11",
             "database": "postgres",
-            "postgres-version": "16",
+            "postgres-version": "15",
             "extras": "all",
         }
     )

.git-blame-ignore-revs

@@ -8,21 +8,21 @@
 # If ignoring a pull request that was not squash merged, only the merge
 # commit needs to be put here. Child commits will be resolved from it.
 
-# Run black (https://github.com/matrix-org/synapse/pull/3679).
+# Run black (#3679).
 8b3d9b6b199abb87246f982d5db356f1966db925
 
-# Black reformatting (https://github.com/matrix-org/synapse/pull/5482).
+# Black reformatting (#5482).
 32e7c9e7f20b57dd081023ac42d6931a8da9b3a3
 
-# Target Python 3.5 with black (https://github.com/matrix-org/synapse/pull/8664).
+# Target Python 3.5 with black (#8664).
 aff1eb7c671b0a3813407321d2702ec46c71fa56
 
-# Update black to 20.8b1 (https://github.com/matrix-org/synapse/pull/9381).
+# Update black to 20.8b1 (#9381).
 0a00b7ff14890987f09112a2ae696c61001e6cf1
 
-# Convert tests/rest/admin/test_room.py to unix file endings (https://github.com/matrix-org/synapse/pull/7953).
+# Convert tests/rest/admin/test_room.py to unix file endings (#7953).
 c4268e3da64f1abb5b31deaeb5769adb6510c0a7
 
-# Update black to 23.1.0 (https://github.com/matrix-org/synapse/pull/15103)
+# Update black to 23.1.0 (#15103)
 9bb2eac71962970d02842bca441f4bcdbbf93a11
 

.github/workflows/docker.yml

@@ -18,19 +18,19 @@ jobs:
     steps:
       - name: Set up QEMU
         id: qemu
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v2
         with:
           platforms: arm64
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v2
 
       - name: Inspect builder
         run: docker buildx inspect
 
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Extract version from pyproject.toml
         # Note: explicitly requesting bash will mean bash is invoked with `-eo pipefail`, see
@@ -40,13 +40,13 @@ jobs:
           echo "SYNAPSE_VERSION=$(grep "^version" pyproject.toml | sed -E 's/version\s*=\s*["]([^"]*)["]/\1/')" >> $GITHUB_ENV
 
       - name: Log in to DockerHub
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
         with:
           username: ${{ secrets.DOCKERHUB_USERNAME }}
           password: ${{ secrets.DOCKERHUB_TOKEN }}
 
       - name: Log in to GHCR
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.repository_owner }}
@@ -68,7 +68,7 @@ jobs:
             type=pep440,pattern={{raw}}
 
       - name: Build and push all platforms
-        uses: docker/build-push-action@v5
+        uses: docker/build-push-action@v4
         with:
           push: true
           labels: |

.github/workflows/docs-pr-netlify.yaml

@@ -14,7 +14,7 @@ jobs:
       # There's a 'download artifact' action, but it hasn't been updated for the workflow_run action
       # (https://github.com/actions/download-artifact/issues/60) so instead we get this mess:
       - name: 📥 Download artifact
-        uses: dawidd6/action-download-artifact@268677152d06ba59fcec7a7f0b5d961b6ccd7e1e # v2.28.0
+        uses: dawidd6/action-download-artifact@246dbf436b23d7c49e21a7ab8204ca9ecd1fe615 # v2.27.0
         with:
           workflow: docs-pr.yaml
           run_id: ${{ github.event.workflow_run.id }}

.github/workflows/docs-pr.yaml

@@ -12,7 +12,7 @@ jobs:
     name: GitHub Pages
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Setup mdbook
         uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0
@@ -39,7 +39,7 @@ jobs:
     name: Check links in documentation
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Setup mdbook
         uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0

.github/workflows/docs.yaml

@@ -50,7 +50,7 @@ jobs:
     needs:
       - pre
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Setup mdbook
         uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0
@@ -80,7 +80,7 @@ jobs:
     needs:
       - pre
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: "Set up Sphinx"
         uses: matrix-org/setup-python-poetry@v1

.github/workflows/latest_deps.yml

@@ -39,7 +39,7 @@ jobs:
     if: needs.check_repo.outputs.should_run_workflow == 'true'
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
       - uses: Swatinem/rust-cache@v2
@@ -72,7 +72,7 @@ jobs:
             postgres-version: "14"
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -145,7 +145,7 @@ jobs:
       BLACKLIST: ${{ matrix.workers && 'synapse-blacklist-with-workers' }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -192,19 +192,16 @@ jobs:
             database: Postgres
 
     steps:
-      - name: Run actions/checkout@v4 for synapse
-        uses: actions/checkout@v4
+      - name: Run actions/checkout@v3 for synapse
+        uses: actions/checkout@v3
         with:
           path: synapse
 
+      - uses: actions/setup-go@v4
+
       - name: Prepare Complement's Prerequisites
         run: synapse/.ci/scripts/setup_complement_prerequisites.sh
 
-      - uses: actions/setup-go@v4
-        with:
-          cache-dependency-path: complement/go.sum
-          go-version-file: complement/go.mod
-
       - run: |
           set -o pipefail
           TEST_ONLY_IGNORE_POETRY_LOCKFILE=1 POSTGRES=${{ (matrix.database == 'Postgres') && 1 || '' }} WORKERS=${{ (matrix.arrangement == 'workers') && 1 || '' }} COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -json 2>&1 | synapse/.ci/scripts/gotestfmt
@@ -225,7 +222,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd # v2.9.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

.github/workflows/poetry_lockfile.yaml

@@ -16,7 +16,7 @@ jobs:
     name: "Check locked dependencies have sdists"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: '3.x'

.github/workflows/push_complement_image.yml

@@ -33,29 +33,29 @@ jobs:
       packages: write
     steps:
       - name: Checkout specific branch (debug build)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         if: github.event_name == 'workflow_dispatch'
         with:
           ref: ${{ inputs.branch }}
       - name: Checkout clean copy of develop (scheduled build)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         if: github.event_name == 'schedule'
         with:
           ref: develop
       - name: Checkout clean copy of master (on-push)
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         if: github.event_name == 'push'
         with:
           ref: master
       - name: Login to registry
-        uses: docker/login-action@v3
+        uses: docker/login-action@v2
         with:
           registry: ghcr.io
           username: ${{ github.actor }}
           password: ${{ secrets.GITHUB_TOKEN }}
       - name: Work out labels for complement image
         id: meta
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v4
         with:
           images: ghcr.io/${{ github.repository }}/complement-synapse
           tags: |

.github/workflows/release-artifacts.yml

@@ -27,7 +27,7 @@ jobs:
     name: "Calculate list of debian distros"
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: '3.x'
@@ -55,13 +55,13 @@ jobs:
 
     steps:
       - name: Checkout
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
         with:
           path: src
 
       - name: Set up Docker Buildx
         id: buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v2
         with:
           install: true
 
@@ -121,7 +121,7 @@ jobs:
             arch: aarch64
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - uses: actions/setup-python@v4
         with:
@@ -130,11 +130,11 @@ jobs:
           python-version: "3.x"
 
       - name: Install cibuildwheel
-        run: python -m pip install cibuildwheel==2.16.2
+        run: python -m pip install cibuildwheel==2.9.0
 
       - name: Set up QEMU to emulate aarch64
         if: matrix.arch == 'aarch64'
-        uses: docker/setup-qemu-action@v3
+        uses: docker/setup-qemu-action@v2
         with:
           platforms: arm64
 
@@ -167,7 +167,7 @@ jobs:
     if: ${{ !startsWith(github.ref, 'refs/pull/') }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: '3.10'

.github/workflows/tests.yml

@@ -12,19 +12,12 @@ concurrency:
   cancel-in-progress: true
 
 jobs:
-  check-signoff:
-    if: "github.event_name == 'pull_request'"
-    uses: "matrix-org/backend-meta/.github/workflows/sign-off.yml@v2"
-
   # Job to detect what has changed so we don't run e.g. Rust checks on PRs that
   # don't modify Rust code.
   changes:
     runs-on: ubuntu-latest
     outputs:
       rust: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.rust }}
-      trial: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.trial }}
-      integration: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.integration }}
-      linting: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.linting }}
     steps:
     - uses: dorny/paths-filter@v2
       id: filter
@@ -36,54 +29,11 @@ jobs:
             - 'rust/**'
             - 'Cargo.toml'
             - 'Cargo.lock'
-            - '.rustfmt.toml'
-            - '.github/workflows/tests.yml'
-
-          trial:
-            - 'synapse/**'
-            - 'tests/**'
-            - 'rust/**'
-            - '.ci/scripts/calculate_jobs.py'
-            - 'Cargo.toml'
-            - 'Cargo.lock'
-            - 'pyproject.toml'
-            - 'poetry.lock'
-            - '.github/workflows/tests.yml'
-
-          integration:
-            - 'synapse/**'
-            - 'rust/**'
-            - 'docker/**'
-            - 'Cargo.toml'
-            - 'Cargo.lock'
-            - 'pyproject.toml'
-            - 'poetry.lock'
-            - 'docker/**'
-            - '.ci/**'
-            - 'scripts-dev/complement.sh'
-            - '.github/workflows/tests.yml'
-
-          linting:
-            - 'synapse/**'
-            - 'docker/**'
-            - 'tests/**'
-            - 'scripts-dev/**'
-            - 'contrib/**'
-            - 'synmark/**'
-            - 'stubs/**'
-            - '.ci/**'
-            - 'mypy.ini'
-            - 'pyproject.toml'
-            - 'poetry.lock'
-            - '.github/workflows/tests.yml'
 
   check-sampleconfig:
     runs-on: ubuntu-latest
-    needs: changes
-    if: ${{ needs.changes.outputs.linting == 'true' }}
-
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - name: Install Rust
         uses: dtolnay/rust-toolchain@1.61.0
       - uses: Swatinem/rust-cache@v2
@@ -97,11 +47,8 @@ jobs:
 
   check-schema-delta:
     runs-on: ubuntu-latest
-    needs: changes
-    if: ${{ needs.changes.outputs.linting == 'true' }}
-
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: "3.x"
@@ -111,7 +58,7 @@ jobs:
   check-lockfile:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: "3.x"
@@ -119,12 +66,9 @@ jobs:
 
   lint:
     runs-on: ubuntu-latest
-    needs: changes
-    if: ${{ needs.changes.outputs.linting == 'true' }}
-
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Setup Poetry
         uses: matrix-org/setup-python-poetry@v1
@@ -144,12 +88,9 @@ jobs:
   lint-mypy:
     runs-on: ubuntu-latest
     name: Typechecking
-    needs: changes
-    if: ${{ needs.changes.outputs.linting == 'true' }}
-
     steps:
       - name: Checkout repository
-        uses: actions/checkout@v4
+        uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@1.61.0
@@ -182,7 +123,7 @@ jobs:
   lint-crlf:
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - name: Check line endings
         run: scripts-dev/check_line_terminators.sh
 
@@ -190,7 +131,7 @@ jobs:
     if: ${{ (github.base_ref == 'develop'  || contains(github.base_ref, 'release-')) && github.actor != 'dependabot[bot]' }}
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
           fetch-depth: 0
@@ -204,11 +145,8 @@ jobs:
 
   lint-pydantic:
     runs-on: ubuntu-latest
-    needs: changes
-    if: ${{ needs.changes.outputs.linting == 'true' }}
-
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Install Rust
@@ -226,7 +164,7 @@ jobs:
     if: ${{ needs.changes.outputs.rust == 'true' }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@1.61.0
@@ -244,7 +182,7 @@ jobs:
     if: ${{ needs.changes.outputs.rust == 'true' }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@master
@@ -261,7 +199,7 @@ jobs:
     if: ${{ needs.changes.outputs.rust == 'true' }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@master
@@ -296,7 +234,7 @@ jobs:
     needs: linting-done
     runs-on: ubuntu-latest
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: actions/setup-python@v4
         with:
           python-version: "3.x"
@@ -307,17 +245,15 @@ jobs:
       sytest_test_matrix: ${{ steps.get-matrix.outputs.sytest_test_matrix }}
 
   trial:
-    if: ${{ !cancelled() && !failure() && needs.changes.outputs.trial == 'true' }} # Allow previous steps to be skipped, but not fail
-    needs:
-      - calculate-test-jobs
-      - changes
+    if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail
+    needs: calculate-test-jobs
     runs-on: ubuntu-latest
     strategy:
       matrix:
         job:  ${{ fromJson(needs.calculate-test-jobs.outputs.trial_test_matrix) }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - run: sudo apt-get -qq install xmlsec1
       - name: Set up PostgreSQL ${{ matrix.job.postgres-version }}
         if: ${{ matrix.job.postgres-version }}
@@ -365,13 +301,11 @@ jobs:
 
   trial-olddeps:
     # Note: sqlite only; no postgres
-    if: ${{ !cancelled() && !failure() && needs.changes.outputs.trial == 'true' }} # Allow previous steps to be skipped, but not fail
-    needs:
-      - linting-done
-      - changes
+    if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail
+    needs: linting-done
     runs-on: ubuntu-20.04
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@1.61.0
@@ -423,10 +357,8 @@ jobs:
   trial-pypy:
     # Very slow; only run if the branch name includes 'pypy'
     # Note: sqlite only; no postgres. Completely untested since poetry move.
-    if: ${{ contains(github.ref, 'pypy') && !failure() && !cancelled() && needs.changes.outputs.trial == 'true' }}
-    needs:
-      - linting-done
-      - changes
+    if: ${{ contains(github.ref, 'pypy') && !failure() && !cancelled() }}
+    needs: linting-done
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -434,7 +366,7 @@ jobs:
         extras: ["all"]
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       # Install libs necessary for PyPy to build binary wheels for dependencies
       - run: sudo apt-get -qq install xmlsec1 libxml2-dev libxslt-dev
       - uses: matrix-org/setup-python-poetry@v1
@@ -457,10 +389,8 @@ jobs:
           || true
 
   sytest:
-    if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true' }}
-    needs:
-      - calculate-test-jobs
-      - changes
+    if: ${{ !failure() && !cancelled() }}
+    needs: calculate-test-jobs
     runs-on: ubuntu-latest
     container:
       image: matrixdotorg/sytest-synapse:${{ matrix.job.sytest-tag }}
@@ -481,7 +411,7 @@ jobs:
         job: ${{ fromJson(needs.calculate-test-jobs.outputs.sytest_test_matrix) }}
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - name: Prepare test blacklist
         run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers
 
@@ -505,8 +435,8 @@ jobs:
             /logs/**/*.log*
 
   export-data:
-    if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true'}} # Allow previous steps to be skipped, but not fail
-    needs: [linting-done, portdb, changes]
+    if: ${{ !failure() && !cancelled() }} # Allow previous steps to be skipped, but not fail
+    needs: [linting-done, portdb]
     runs-on: ubuntu-latest
     env:
       TOP: ${{ github.workspace }}
@@ -526,7 +456,7 @@ jobs:
           --health-retries 5
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - run: sudo apt-get -qq install xmlsec1 postgresql-client
       - uses: matrix-org/setup-python-poetry@v1
         with:
@@ -541,10 +471,8 @@ jobs:
 
 
   portdb:
-    if: ${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true'}} # Allow previous steps to be skipped, but not fail
-    needs:
-      - linting-done
-      - changes
+    if: ${{ !failure() && !cancelled() }} # Allow previous steps to be skipped, but not fail
+    needs: linting-done
     runs-on: ubuntu-latest
     strategy:
       matrix:
@@ -570,7 +498,7 @@ jobs:
           --health-retries 5
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - name: Add PostgreSQL apt repository
         # We need a version of pg_dump that can handle the version of
         # PostgreSQL being tested against. The Ubuntu package repository lags
@@ -604,10 +532,8 @@ jobs:
             schema_diff
 
   complement:
-    if: "${{ !failure() && !cancelled() && needs.changes.outputs.integration == 'true' }}"
-    needs:
-      - linting-done
-      - changes
+    if: "${{ !failure() && !cancelled() }}"
+    needs: linting-done
     runs-on: ubuntu-latest
 
     strategy:
@@ -624,8 +550,8 @@ jobs:
             database: Postgres
 
     steps:
-      - name: Run actions/checkout@v4 for synapse
-        uses: actions/checkout@v4
+      - name: Run actions/checkout@v3 for synapse
+        uses: actions/checkout@v3
         with:
           path: synapse
 
@@ -633,18 +559,14 @@ jobs:
         uses: dtolnay/rust-toolchain@1.61.0
       - uses: Swatinem/rust-cache@v2
 
+      - uses: actions/setup-go@v4
+
       - name: Prepare Complement's Prerequisites
         run: synapse/.ci/scripts/setup_complement_prerequisites.sh
 
-      - uses: actions/setup-go@v4
-        with:
-          cache-dependency-path: complement/go.sum
-          go-version-file: complement/go.mod
-
-        # use p=1 concurrency as GHA boxes are underpowered and don't like running tons of synapses at once.
       - run: |
           set -o pipefail
-          COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -p 1 -json 2>&1 | synapse/.ci/scripts/gotestfmt
+          COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -json 2>&1 | synapse/.ci/scripts/gotestfmt
         shell: bash
         env:
           POSTGRES: ${{ (matrix.database == 'Postgres') && 1 || '' }}
@@ -659,7 +581,7 @@ jobs:
       - changes
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@1.61.0
@@ -677,7 +599,7 @@ jobs:
       - changes
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@master
@@ -705,16 +627,9 @@ jobs:
         with:
           needs: ${{ toJSON(needs) }}
 
-          # Various bits are skipped if there was no applicable changes.
-          # The newsfile and signoff lint may be skipped on non PR builds.
+          # The newsfile lint may be skipped on non PR builds
+          # Cargo test is skipped if there is no changes on Rust code
           skippable: |
-            trial
-            trial-olddeps
-            sytest
-            portdb
-            export-data
-            complement
-            check-signoff
             lint-newsfile
             cargo-test
             cargo-bench

.github/workflows/twisted_trunk.yml

@@ -40,7 +40,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -64,7 +64,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - run: sudo apt-get -qq install xmlsec1
 
       - name: Install Rust
@@ -108,7 +108,7 @@ jobs:
         - ${{ github.workspace }}:/src
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
 
       - name: Install Rust
         uses: dtolnay/rust-toolchain@stable
@@ -163,19 +163,16 @@ jobs:
             database: Postgres
 
     steps:
-      - name: Run actions/checkout@v4 for synapse
-        uses: actions/checkout@v4
+      - name: Run actions/checkout@v3 for synapse
+        uses: actions/checkout@v3
         with:
           path: synapse
 
+      - uses: actions/setup-go@v4
+
       - name: Prepare Complement's Prerequisites
         run: synapse/.ci/scripts/setup_complement_prerequisites.sh
 
-      - uses: actions/setup-go@v4
-        with:
-          cache-dependency-path: complement/go.sum
-          go-version-file: complement/go.mod
-
       # This step is specific to the 'Twisted trunk' test run:
       - name: Patch dependencies
         run: |
@@ -206,7 +203,7 @@ jobs:
     runs-on: ubuntu-latest
 
     steps:
-      - uses: actions/checkout@v4
+      - uses: actions/checkout@v3
       - uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd # v2.9.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}

CHANGES.md

@@ -1,421 +1,3 @@
-# Synapse 1.97.0 (2023-11-28)
-
-Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for
-proprietary dual licensing). You can read more about this here:
-
- - https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
- - https://element.io/blog/element-to-adopt-agplv3/
-
-The Matrix.org Foundation copy of the project will be archived. Any changes needed
-by server administrators will be communicated via our usual announcements channels, 
-but we are striving to make this as seamless as possible.
-
-
-No significant changes since 1.97.0rc1.
-
-
-# Synapse 1.97.0rc1 (2023-11-21)
-
-### Features
-
-- Add support for asynchronous uploads as defined by [MSC2246](https://github.com/matrix-org/matrix-spec-proposals/pull/2246). Contributed by @sumnerevans at @beeper. ([\#15503](https://github.com/matrix-org/synapse/issues/15503))
-- Improve the performance of some operations in multi-worker deployments. ([\#16613](https://github.com/matrix-org/synapse/issues/16613), [\#16616](https://github.com/matrix-org/synapse/issues/16616))
-
-### Bugfixes
-
-- Fix a long-standing bug where some queries updated the same row twice. Introduced in Synapse 1.57.0. ([\#16609](https://github.com/matrix-org/synapse/issues/16609))
-- Fix a long-standing bug where Synapse would not unbind third-party identifiers for Application Service users when deactivated and would not emit a compliant response. ([\#16617](https://github.com/matrix-org/synapse/issues/16617))
-- Fix sending out of order `POSITION` over replication, causing additional database load. ([\#16639](https://github.com/matrix-org/synapse/issues/16639))
-
-### Improved Documentation
-
-- Note that the option [`outbound_federation_restricted_to`](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#outbound_federation_restricted_to) was added in Synapse 1.89.0, and fix a nearby formatting error. ([\#16628](https://github.com/matrix-org/synapse/issues/16628))
-- Update parameter information for the `/timestamp_to_event` admin API. ([\#16631](https://github.com/matrix-org/synapse/issues/16631))
-- Provide an example for a common encrypted media response from the admin user media API and mention possible null values. ([\#16654](https://github.com/matrix-org/synapse/issues/16654))
-
-### Internal Changes
-
-- Remove whole table locks on push rule modifications. Contributed by Nick @ Beeper (@fizzadar). ([\#16051](https://github.com/matrix-org/synapse/issues/16051))
-- Support reactor tick timings on more types of event loops. ([\#16532](https://github.com/matrix-org/synapse/issues/16532))
-- Improve type hints. ([\#16564](https://github.com/matrix-org/synapse/issues/16564), [\#16611](https://github.com/matrix-org/synapse/issues/16611), [\#16612](https://github.com/matrix-org/synapse/issues/16612))
-- Avoid executing no-op queries. ([\#16583](https://github.com/matrix-org/synapse/issues/16583))
-- Simplify persistence code to be per-room. ([\#16584](https://github.com/matrix-org/synapse/issues/16584))
-- Use standard SQL helpers in persistence code. ([\#16585](https://github.com/matrix-org/synapse/issues/16585))
-- Avoid updating the stream cache unnecessarily. ([\#16586](https://github.com/matrix-org/synapse/issues/16586))
-- Improve performance when using opentracing. ([\#16589](https://github.com/matrix-org/synapse/issues/16589))
-- Run push rule evaluator setup in parallel. ([\#16590](https://github.com/matrix-org/synapse/issues/16590))
-- Improve tests of the SQL generator. ([\#16596](https://github.com/matrix-org/synapse/issues/16596))
-- Use more generic database methods. ([\#16615](https://github.com/matrix-org/synapse/issues/16615))
-- Use `dbname` instead of the deprecated `database` connection parameter for psycopg2. ([\#16618](https://github.com/matrix-org/synapse/issues/16618))
-- Add an internal [Admin API endpoint](https://matrix-org.github.io/synapse/v1.97/usage/configuration/config_documentation.html#allow-replacing-master-cross-signing-key-without-user-interactive-auth) to temporarily grant the ability to update an existing cross-signing key without UIA. ([\#16634](https://github.com/matrix-org/synapse/issues/16634))
-- Improve references to GitHub issues. ([\#16637](https://github.com/matrix-org/synapse/issues/16637), [\#16638](https://github.com/matrix-org/synapse/issues/16638))
-- More efficiently handle no-op `POSITION` over replication. ([\#16640](https://github.com/matrix-org/synapse/issues/16640), [\#16655](https://github.com/matrix-org/synapse/issues/16655))
-- Speed up deleting of device messages when deleting a device. ([\#16643](https://github.com/matrix-org/synapse/issues/16643))
-- Speed up persisting large number of outliers. ([\#16649](https://github.com/matrix-org/synapse/issues/16649))
-- Reduce max concurrency of background tasks, reducing potential max DB load. ([\#16656](https://github.com/matrix-org/synapse/issues/16656), [\#16660](https://github.com/matrix-org/synapse/issues/16660))
-- Speed up purge room by adding an index to `event_push_summary`. ([\#16657](https://github.com/matrix-org/synapse/issues/16657))
-
-
-
-### Updates to locked dependencies
-
-* Bump prometheus-client from 0.17.1 to 0.18.0. ([\#16626](https://github.com/matrix-org/synapse/issues/16626))
-* Bump pyicu from 2.11 to 2.12. ([\#16603](https://github.com/matrix-org/synapse/issues/16603))
-* Bump requests-toolbelt from 0.10.1 to 1.0.0. ([\#16659](https://github.com/matrix-org/synapse/issues/16659))
-* Bump ruff from 0.0.292 to 0.1.4. ([\#16600](https://github.com/matrix-org/synapse/issues/16600))
-* Bump serde from 1.0.190 to 1.0.192. ([\#16627](https://github.com/matrix-org/synapse/issues/16627))
-* Bump serde_json from 1.0.107 to 1.0.108. ([\#16604](https://github.com/matrix-org/synapse/issues/16604))
-* Bump setuptools-rust from 1.8.0 to 1.8.1. ([\#16601](https://github.com/matrix-org/synapse/issues/16601))
-* Bump towncrier from 23.6.0 to 23.11.0. ([\#16622](https://github.com/matrix-org/synapse/issues/16622))
-* Bump treq from 22.2.0 to 23.11.0. ([\#16623](https://github.com/matrix-org/synapse/issues/16623))
-* Bump twisted from 23.8.0 to 23.10.0. ([\#16588](https://github.com/matrix-org/synapse/issues/16588))
-* Bump types-bleach from 6.1.0.0 to 6.1.0.1. ([\#16624](https://github.com/matrix-org/synapse/issues/16624))
-* Bump types-jsonschema from 4.19.0.3 to 4.19.0.4. ([\#16599](https://github.com/matrix-org/synapse/issues/16599))
-* Bump types-pyopenssl from 23.2.0.2 to 23.3.0.0. ([\#16625](https://github.com/matrix-org/synapse/issues/16625))
-* Bump types-pyyaml from 6.0.12.11 to 6.0.12.12. ([\#16602](https://github.com/matrix-org/synapse/issues/16602))
-
-# Synapse 1.96.1 (2023-11-17)
-
-Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for
-proprietary dual licensing). You can read more about this here:
-
-* https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/
-* https://element.io/blog/element-to-adopt-agplv3/
-
-The Matrix.org Foundation copy of the project will be archived. Any changes needed
-by server administrators will be communicated via our usual
-[announcements channels](https://matrix.to/#/#homeowners:matrix.org), but we are
-striving to make this as seamless as possible.
-
-This minor release was needed only because of CI-related trouble on [v1.96.0](https://github.com/matrix-org/synapse/releases/tag/v1.96.0), which was never released.
-
-### Internal Changes
-
-- Fix building of wheels in CI. ([\#16653](https://github.com/matrix-org/synapse/issues/16653))
-
-# Synapse 1.96.0 (2023-11-16)
-
-### Bugfixes
-
-- Fix "'int' object is not iterable" error in `set_device_id_for_pushers` background update introduced in Synapse 1.95.0. ([\#16594](https://github.com/matrix-org/synapse/issues/16594))
-
-# Synapse 1.96.0rc1 (2023-10-31)
-
-### Features
-
-- Add experimental support to allow multiple workers to write to receipts stream. ([\#16432](https://github.com/matrix-org/synapse/issues/16432))
-- Add a new module API for controller presence. ([\#16544](https://github.com/matrix-org/synapse/issues/16544))
-- Add a new module API callback that allows adding extra fields to events' unsigned section when sent down to clients. ([\#16549](https://github.com/matrix-org/synapse/issues/16549))
-- Improve the performance of claiming encryption keys. ([\#16565](https://github.com/matrix-org/synapse/issues/16565), [\#16570](https://github.com/matrix-org/synapse/issues/16570))
-
-### Bugfixes
-
-- Fixed a bug in the example Grafana dashboard that prevents it from finding the correct datasource. Contributed by @MichaelSasser. ([\#16471](https://github.com/matrix-org/synapse/issues/16471))
-- Fix a long-standing, exceedingly rare edge case where the first event persisted by a new event persister worker might not be sent down `/sync`. ([\#16473](https://github.com/matrix-org/synapse/issues/16473), [\#16557](https://github.com/matrix-org/synapse/issues/16557), [\#16561](https://github.com/matrix-org/synapse/issues/16561), [\#16578](https://github.com/matrix-org/synapse/issues/16578), [\#16580](https://github.com/matrix-org/synapse/issues/16580))
-- Fix long-standing bug where `/sync` incorrectly did not mark a room as `limited` in a sync requests when there were missing remote events. ([\#16485](https://github.com/matrix-org/synapse/issues/16485))
-- Fix a bug introduced in Synapse 1.41 where HTTP(S) forward proxy authorization would fail when using basic HTTP authentication with a long `username:password` string. ([\#16504](https://github.com/matrix-org/synapse/issues/16504))
-- Force TLS certificate verification in user registration script. ([\#16530](https://github.com/matrix-org/synapse/issues/16530))
-- Fix long-standing bug where `/sync` could tightloop after restart when using SQLite. ([\#16540](https://github.com/matrix-org/synapse/issues/16540))
-- Fix ratelimiting of message sending when using workers, where the ratelimit would only be applied after most of the work has been done. ([\#16558](https://github.com/matrix-org/synapse/issues/16558))
-- Fix a long-standing bug where invited/knocking users would not leave during a room purge. ([\#16559](https://github.com/matrix-org/synapse/issues/16559))
-
-### Improved Documentation
-
-- Improve documentation of presence router. ([\#16529](https://github.com/matrix-org/synapse/issues/16529))
-- Add a sentence to the [opentracing docs](https://matrix-org.github.io/synapse/latest/opentracing.html) on how you can have jaeger in a different place than synapse. ([\#16531](https://github.com/matrix-org/synapse/issues/16531))
-- Correctly describe the meaning of unspecified rule lists in the [`alias_creation_rules`](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#alias_creation_rules) and [`room_list_publication_rules`](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#room_list_publication_rules) config options and improve their descriptions more generally. ([\#16541](https://github.com/matrix-org/synapse/issues/16541))
-- Pin the recommended poetry version in [contributors' guide](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html). ([\#16550](https://github.com/matrix-org/synapse/issues/16550))
-- Fix a broken link to the [client breakdown](https://matrix.org/ecosystem/clients/) in the README. ([\#16569](https://github.com/matrix-org/synapse/issues/16569))
-
-### Internal Changes
-
-- Improve performance of delete device messages query, cf issue [16479](https://github.com/matrix-org/synapse/issues/16479). ([\#16492](https://github.com/matrix-org/synapse/issues/16492))
-- Reduce memory allocations. ([\#16505](https://github.com/matrix-org/synapse/issues/16505))
-- Improve replication performance when purging rooms. ([\#16510](https://github.com/matrix-org/synapse/issues/16510))
-- Run tests against Python 3.12. ([\#16511](https://github.com/matrix-org/synapse/issues/16511))
-- Run trial & integration tests in continuous integration when `.ci` directory is modified. ([\#16512](https://github.com/matrix-org/synapse/issues/16512))
-- Remove duplicate call to mark remote server 'awake' when using a federation sending worker. ([\#16515](https://github.com/matrix-org/synapse/issues/16515))
-- Enable dirty runs on Complement CI, which is significantly faster. ([\#16520](https://github.com/matrix-org/synapse/issues/16520))
-- Stop deleting from an unused table. ([\#16521](https://github.com/matrix-org/synapse/issues/16521))
-- Improve type hints. ([\#16526](https://github.com/matrix-org/synapse/issues/16526), [\#16551](https://github.com/matrix-org/synapse/issues/16551))
-- Fix running unit tests on Twisted trunk. ([\#16528](https://github.com/matrix-org/synapse/issues/16528))
-- Reduce some spurious logging in worker mode. ([\#16555](https://github.com/matrix-org/synapse/issues/16555))
-- Stop porting a table in port db that we're going to nuke and rebuild anyway. ([\#16563](https://github.com/matrix-org/synapse/issues/16563))
-- Deal with warnings from running complement in CI. ([\#16567](https://github.com/matrix-org/synapse/issues/16567))
-- Allow building with `setuptools_rust` 1.8.0. ([\#16574](https://github.com/matrix-org/synapse/issues/16574))
-
-### Updates to locked dependencies
-
-* Bump black from 23.10.0 to 23.10.1. ([\#16575](https://github.com/matrix-org/synapse/issues/16575))
-* Bump black from 23.9.1 to 23.10.0. ([\#16538](https://github.com/matrix-org/synapse/issues/16538))
-* Bump cryptography from 41.0.4 to 41.0.5. ([\#16572](https://github.com/matrix-org/synapse/issues/16572))
-* Bump gitpython from 3.1.37 to 3.1.40. ([\#16534](https://github.com/matrix-org/synapse/issues/16534))
-* Bump phonenumbers from 8.13.22 to 8.13.23. ([\#16576](https://github.com/matrix-org/synapse/issues/16576))
-* Bump pygithub from 1.59.1 to 2.1.1. ([\#16535](https://github.com/matrix-org/synapse/issues/16535))
-- Bump matrix-synapse-ldap3 from 0.2.2 to 0.3.0. ([\#16539](https://github.com/matrix-org/synapse/issues/16539))
-* Bump serde from 1.0.189 to 1.0.190. ([\#16577](https://github.com/matrix-org/synapse/issues/16577))
-* Bump setuptools-rust from 1.7.0 to 1.8.0. ([\#16574](https://github.com/matrix-org/synapse/issues/16574))
-* Bump types-pillow from 10.0.0.3 to 10.1.0.0. ([\#16536](https://github.com/matrix-org/synapse/issues/16536))
-* Bump types-psycopg2 from 2.9.21.14 to 2.9.21.15. ([\#16573](https://github.com/matrix-org/synapse/issues/16573))
-* Bump types-requests from 2.31.0.2 to 2.31.0.10. ([\#16537](https://github.com/matrix-org/synapse/issues/16537))
-* Bump urllib3 from 1.26.17 to 1.26.18. ([\#16516](https://github.com/matrix-org/synapse/issues/16516))
-
-# Synapse 1.95.1 (2023-10-31)
-
-## Security advisory
-
-The following issue is fixed in 1.95.1.
-
-- [GHSA-mp92-3jfm-3575](https://github.com/matrix-org/synapse/security/advisories/GHSA-mp92-3jfm-3575) / [CVE-2023-43796](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43796) — Moderate Severity
-
-  Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver.
-
-See the advisory for more details. If you have any questions, email security@matrix.org.
-
-
-
-# Synapse 1.95.0 (2023-10-24)
-
-### Internal Changes
-
-- Build Debian packages for [Ubuntu 23.10 Mantic Minotaur](https://canonical.com/blog/canonical-releases-ubuntu-23-10-mantic-minotaur). ([\#16524](https://github.com/matrix-org/synapse/issues/16524))
-
-
-# Synapse 1.95.0rc1 (2023-10-17)
-
-### Bugfixes
-
-- Remove legacy unspecced `knock_state_events` field returned in some responses. ([\#16403](https://github.com/matrix-org/synapse/issues/16403))
-- Fix a bug introduced in Synapse 1.81.0 where an `AttributeError` would be raised when `_matrix/client/v3/account/whoami` is called over a unix socket. Contributed by @Sir-Photch. ([\#16404](https://github.com/matrix-org/synapse/issues/16404))
-- Properly return inline media when content types have parameters. ([\#16440](https://github.com/matrix-org/synapse/issues/16440))
-- Prevent the purging of large rooms from timing out when Postgres is in use. The timeout which causes this issue was introduced in Synapse 1.88.0. ([\#16455](https://github.com/matrix-org/synapse/issues/16455))
-- Improve the performance of purging rooms, particularly encrypted rooms. ([\#16457](https://github.com/matrix-org/synapse/issues/16457))
-- Fix a bug introduced in Synapse 1.59.0 where servers could be incorrectly marked as available after an error response was received. ([\#16506](https://github.com/matrix-org/synapse/issues/16506))
-
-### Improved Documentation
-
-- Document internal background update mechanism. ([\#16420](https://github.com/matrix-org/synapse/issues/16420))
-- Fix a typo in the sql for [useful SQL for admins document](https://matrix-org.github.io/synapse/latest/usage/administration/useful_sql_for_admins.html). ([\#16477](https://github.com/matrix-org/synapse/issues/16477))
-
-### Internal Changes
-
-- Bump pyo3 from 0.17.1 to 0.19.2. ([\#16162](https://github.com/matrix-org/synapse/issues/16162))
-- Update registration of media repository URLs. ([\#16419](https://github.com/matrix-org/synapse/issues/16419))
-- Improve type hints. ([\#16421](https://github.com/matrix-org/synapse/issues/16421), [\#16468](https://github.com/matrix-org/synapse/issues/16468), [\#16469](https://github.com/matrix-org/synapse/issues/16469), [\#16507](https://github.com/matrix-org/synapse/issues/16507))
-- Refactor some code to simplify and better type receipts stream adjacent code. ([\#16426](https://github.com/matrix-org/synapse/issues/16426))
-- Factor out `MultiWriter` token from `RoomStreamToken`. ([\#16427](https://github.com/matrix-org/synapse/issues/16427))
-- Improve code comments. ([\#16428](https://github.com/matrix-org/synapse/issues/16428))
-- Reduce memory allocations. ([\#16429](https://github.com/matrix-org/synapse/issues/16429), [\#16431](https://github.com/matrix-org/synapse/issues/16431), [\#16433](https://github.com/matrix-org/synapse/issues/16433), [\#16434](https://github.com/matrix-org/synapse/issues/16434), [\#16438](https://github.com/matrix-org/synapse/issues/16438), [\#16444](https://github.com/matrix-org/synapse/issues/16444))
-- Remove unused method. ([\#16435](https://github.com/matrix-org/synapse/issues/16435))
-- Improve rate limiting logic. ([\#16441](https://github.com/matrix-org/synapse/issues/16441))
-- Do not block running of CI behind the check for sign-off on PRs. ([\#16454](https://github.com/matrix-org/synapse/issues/16454))
-- Update the release script to remind releaser to check for special release notes. ([\#16461](https://github.com/matrix-org/synapse/issues/16461))
-- Update complement.sh to match new public API shape. ([\#16466](https://github.com/matrix-org/synapse/issues/16466))
-- Clean up logging on event persister endpoints. ([\#16488](https://github.com/matrix-org/synapse/issues/16488))
-- Remove useless async job to delete device messages on sync, since we only deliver (and hence delete) up to 100 device messages at a time. ([\#16491](https://github.com/matrix-org/synapse/issues/16491))
-
-### Updates to locked dependencies
-
-* Bump bleach from 6.0.0 to 6.1.0. ([\#16451](https://github.com/matrix-org/synapse/issues/16451))
-* Bump jsonschema from 4.19.0 to 4.19.1. ([\#16500](https://github.com/matrix-org/synapse/issues/16500))
-* Bump netaddr from 0.8.0 to 0.9.0. ([\#16453](https://github.com/matrix-org/synapse/issues/16453))
-* Bump packaging from 23.1 to 23.2. ([\#16497](https://github.com/matrix-org/synapse/issues/16497))
-* Bump pillow from 10.0.1 to 10.1.0. ([\#16498](https://github.com/matrix-org/synapse/issues/16498))
-* Bump psycopg2 from 2.9.8 to 2.9.9. ([\#16452](https://github.com/matrix-org/synapse/issues/16452))
-* Bump pyo3-log from 0.8.3 to 0.8.4. ([\#16495](https://github.com/matrix-org/synapse/issues/16495))
-* Bump ruff from 0.0.290 to 0.0.292. ([\#16449](https://github.com/matrix-org/synapse/issues/16449))
-* Bump sentry-sdk from 1.31.0 to 1.32.0. ([\#16496](https://github.com/matrix-org/synapse/issues/16496))
-* Bump serde from 1.0.188 to 1.0.189. ([\#16494](https://github.com/matrix-org/synapse/issues/16494))
-* Bump types-bleach from 6.0.0.4 to 6.1.0.0. ([\#16450](https://github.com/matrix-org/synapse/issues/16450))
-* Bump types-jsonschema from 4.17.0.10 to 4.19.0.3. ([\#16499](https://github.com/matrix-org/synapse/issues/16499))
-
-# Synapse 1.94.0 (2023-10-10)
-
-No significant changes since 1.94.0rc1.
-However, please take note of the security advisory that follows.
-
-## Security advisory
-
-The following issue is fixed in 1.94.0 (and RC).
-
-- [GHSA-5chr-wjw5-3gq4](https://github.com/matrix-org/synapse/security/advisories/GHSA-5chr-wjw5-3gq4) / [CVE-2023-45129](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-45129) — Moderate Severity
-
-  A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.
-
-  Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.
-
-See the advisory for more details. If you have any questions, email security@matrix.org.
-
-
-# Synapse 1.94.0rc1 (2023-10-03)
-
-### Features
-
-- Render plain, CSS, CSV, JSON and common image formats in the browser (inline) when requested through the /download endpoint. ([\#15988](https://github.com/matrix-org/synapse/issues/15988))
-- Add experimental support for [MSC4028](https://github.com/matrix-org/matrix-spec-proposals/pull/4028) to push all encrypted events to clients. ([\#16361](https://github.com/matrix-org/synapse/issues/16361))
-- Minor performance improvement when sending presence to federated servers. ([\#16385](https://github.com/matrix-org/synapse/issues/16385))
-- Minor performance improvement by caching server ACL checking. ([\#16360](https://github.com/matrix-org/synapse/issues/16360))
-
-### Improved Documentation
-
-- Add developer documentation concerning gradual schema migrations with column alterations. ([\#15691](https://github.com/matrix-org/synapse/issues/15691))
-- Improve documentation of the user directory search algorithm. ([\#16320](https://github.com/matrix-org/synapse/issues/16320))
-- Fix rendering of user admin API documentation around deactivation. This was broken in Synapse 1.91.0. ([\#16355](https://github.com/matrix-org/synapse/issues/16355))
-- Update documentation around message retention policies. ([\#16382](https://github.com/matrix-org/synapse/issues/16382))
-- Add note to `federation_domain_whitelist` config option to clarify its usage. ([\#16416](https://github.com/matrix-org/synapse/issues/16416))
-- Improve legacy release notes. ([\#16418](https://github.com/matrix-org/synapse/issues/16418))
-
-### Deprecations and Removals
-
-- Remove Python version from `/_synapse/admin/v1/server_version`. ([\#16380](https://github.com/matrix-org/synapse/issues/16380))
-
-### Internal Changes
-
-- Avoid running CI steps when the files they check have not been changed. ([\#14745](https://github.com/matrix-org/synapse/issues/14745), [\#16387](https://github.com/matrix-org/synapse/issues/16387))
-- Improve type hints. ([\#14911](https://github.com/matrix-org/synapse/issues/14911), [\#16350](https://github.com/matrix-org/synapse/issues/16350), [\#16356](https://github.com/matrix-org/synapse/issues/16356), [\#16395](https://github.com/matrix-org/synapse/issues/16395))
-- Added support for pydantic v2 in addition to pydantic v1. Contributed by Maxwell G (@gotmax23). ([\#16332](https://github.com/matrix-org/synapse/issues/16332))
-- Get CI to check PRs have been signed-off. ([\#16348](https://github.com/matrix-org/synapse/issues/16348))
-- Add missing licence header. ([\#16359](https://github.com/matrix-org/synapse/issues/16359))
-- Improve type hints, and bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. ([\#16381](https://github.com/matrix-org/synapse/issues/16381))
-- Improve comments in `StateGroupBackgroundUpdateStore`. ([\#16383](https://github.com/matrix-org/synapse/issues/16383))
-- Update maturin configuration. ([\#16394](https://github.com/matrix-org/synapse/issues/16394))
-- Downgrade replication stream time out error log lines to warning. ([\#16401](https://github.com/matrix-org/synapse/issues/16401))
-
-### Updates to locked dependencies
-
-* Bump actions/checkout from 3 to 4. ([\#16250](https://github.com/matrix-org/synapse/issues/16250))
-* Bump cryptography from 41.0.3 to 41.0.4. ([\#16362](https://github.com/matrix-org/synapse/issues/16362))
-* Bump dawidd6/action-download-artifact from 2.27.0 to 2.28.0. ([\#16374](https://github.com/matrix-org/synapse/issues/16374))
-* Bump docker/setup-buildx-action from 2 to 3. ([\#16375](https://github.com/matrix-org/synapse/issues/16375))
-* Bump gitpython from 3.1.35 to 3.1.37. ([\#16376](https://github.com/matrix-org/synapse/issues/16376))
-* Bump msgpack from 1.0.5 to 1.0.6. ([\#16377](https://github.com/matrix-org/synapse/issues/16377))
-* Bump msgpack from 1.0.6 to 1.0.7. ([\#16412](https://github.com/matrix-org/synapse/issues/16412))
-* Bump phonenumbers from 8.13.19 to 8.13.22. ([\#16413](https://github.com/matrix-org/synapse/issues/16413))
-* Bump psycopg2 from 2.9.7 to 2.9.8. ([\#16409](https://github.com/matrix-org/synapse/issues/16409))
-* Bump pydantic from 2.3.0 to 2.4.2. ([\#16410](https://github.com/matrix-org/synapse/issues/16410))
-* Bump regex from 1.9.5 to 1.9.6. ([\#16408](https://github.com/matrix-org/synapse/issues/16408))
-* Bump sentry-sdk from 1.30.0 to 1.31.0. ([\#16378](https://github.com/matrix-org/synapse/issues/16378))
-* Bump types-netaddr from 0.8.0.9 to 0.9.0.1. ([\#16411](https://github.com/matrix-org/synapse/issues/16411))
-* Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. ([\#16381](https://github.com/matrix-org/synapse/issues/16381))
-* Bump urllib3 from 1.26.15 to 1.26.17. ([\#16422](https://github.com/matrix-org/synapse/issues/16422))
-
-# Synapse 1.93.0 (2023-09-26)
-
-No significant changes since 1.93.0rc1.
-
-
-## Security advisory
-
-The following issues are fixed in 1.93.0 (and RCs).
-
-- [GHSA-4f74-84v3-j9q5](https://github.com/matrix-org/synapse/security/advisories/GHSA-4f74-84v3-j9q5) / [CVE-2023-41335](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-41335) — Low Severity
-
-  Temporary storage of plaintext passwords during password changes.
-
-- [GHSA-7565-cq32-vx2x](https://github.com/matrix-org/synapse/security/advisories/GHSA-7565-cq32-vx2x) / [CVE-2023-42453](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-42453) — Low Severity
-
-  Improper validation of receipts allows forged read receipts.
-
-See the advisories for more details. If you have any questions, email security@matrix.org.
-
-
-# Synapse 1.93.0rc1 (2023-09-19)
-
-### Features
-
-- Add automatic purge after all users have forgotten a room. ([\#15488](https://github.com/matrix-org/synapse/issues/15488))
-- Restore room purge/shutdown after a Synapse restart. ([\#15488](https://github.com/matrix-org/synapse/issues/15488))
-- Support resolving homeservers using `matrix-fed` DNS SRV records from [MSC4040](https://github.com/matrix-org/matrix-spec-proposals/pull/4040). ([\#16137](https://github.com/matrix-org/synapse/issues/16137))
-- Add the ability to use `G` (GiB) and `T` (TiB) suffixes in configuration options that refer to numbers of bytes. ([\#16219](https://github.com/matrix-org/synapse/issues/16219))
-- Add span information to requests sent to appservices. Contributed by MTRNord. ([\#16227](https://github.com/matrix-org/synapse/issues/16227))
-- Add the ability to enable/disable registrations when using CAS. Contributed by Aurélien Grimpard. ([\#16262](https://github.com/matrix-org/synapse/issues/16262))
-- Allow the `/notifications` endpoint to be routed to workers. ([\#16265](https://github.com/matrix-org/synapse/issues/16265))
-- Enable users to easily unsubscribe to notifications emails via the `List-Unsubscribe` header. ([\#16274](https://github.com/matrix-org/synapse/issues/16274))
-- Report whether a user is `locked` in the [List Accounts admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#list-accounts), and exclude locked users by default. ([\#16328](https://github.com/matrix-org/synapse/issues/16328))
-
-### Bugfixes
-
-- Fix a long-standing bug where multi-device accounts could cause high load due to presence. ([\#16066](https://github.com/matrix-org/synapse/issues/16066), [\#16170](https://github.com/matrix-org/synapse/issues/16170), [\#16171](https://github.com/matrix-org/synapse/issues/16171), [\#16172](https://github.com/matrix-org/synapse/issues/16172), [\#16174](https://github.com/matrix-org/synapse/issues/16174))
-- Fix a long-standing bug where appservices using [MSC2409](https://github.com/matrix-org/matrix-spec-proposals/pull/2409) to receive `to_device` messages would only get messages for one user. ([\#16251](https://github.com/matrix-org/synapse/issues/16251))
-- Fix bug when using workers where Synapse could end up re-requesting the same remote device repeatedly. ([\#16252](https://github.com/matrix-org/synapse/issues/16252))
-- Fix long-standing bug where we kept re-requesting a remote server's key repeatedly, potentially causing delays in receiving events over federation. ([\#16257](https://github.com/matrix-org/synapse/issues/16257))
-- Avoid temporary storage of sensitive information. ([\#16272](https://github.com/matrix-org/synapse/issues/16272))
-- Fix bug introduced in Synapse 1.49.0 when using dehydrated devices ([MSC2697](https://github.com/matrix-org/matrix-spec-proposals/pull/2697)) and refresh tokens. Contributed by Hanadi. ([\#16288](https://github.com/matrix-org/synapse/issues/16288))
-- Fix a long-standing bug where invalid receipts would be accepted. ([\#16327](https://github.com/matrix-org/synapse/issues/16327))
-- Use standard name for UTF-8 charset in emails. ([\#16329](https://github.com/matrix-org/synapse/issues/16329))
-- Don't try refetching device lists for users on remote hosts that are marked as "down". ([\#16298](https://github.com/matrix-org/synapse/issues/16298))
-
-### Improved Documentation
-
-- Fix typos in the documentation. ([\#16282](https://github.com/matrix-org/synapse/issues/16282))
-- Link to the Alpine Linux community package for Synapse. ([\#16304](https://github.com/matrix-org/synapse/issues/16304))
-- Use string for `federation_client_minimum_tls_version` documentation examples. Contributed by @jcgruenhage. ([\#16353](https://github.com/matrix-org/synapse/issues/16353))
-
-### Internal Changes
-
-- Allow modules to delete rooms. ([\#15997](https://github.com/matrix-org/synapse/issues/15997))
-- Add GCC and GNU Make to the Nix flake development environment so that `ruff` can be compiled. ([\#16090](https://github.com/matrix-org/synapse/issues/16090), [\#16263](https://github.com/matrix-org/synapse/issues/16263))
-- Fix type checking when using the new version of Twisted. ([\#16235](https://github.com/matrix-org/synapse/issues/16235))
-- Delete device messages asynchronously and in staged batches using the task scheduler. ([\#16240](https://github.com/matrix-org/synapse/issues/16240), [\#16311](https://github.com/matrix-org/synapse/issues/16311), [\#16312](https://github.com/matrix-org/synapse/issues/16312), [\#16313](https://github.com/matrix-org/synapse/issues/16313))
-- Bump minimum supported Rust version to 1.61.0. ([\#16248](https://github.com/matrix-org/synapse/issues/16248))
-- Update rust to version 1.71.1 in the nix development environment. ([\#16260](https://github.com/matrix-org/synapse/issues/16260))
-- Simplify server key storage. ([\#16261](https://github.com/matrix-org/synapse/issues/16261))
-- Reduce CPU overhead of change password endpoint. ([\#16264](https://github.com/matrix-org/synapse/issues/16264))
-- Stop purging from tables slated for removal. ([\#16273](https://github.com/matrix-org/synapse/issues/16273))
-- Improve type hints. ([\#16276](https://github.com/matrix-org/synapse/issues/16276), [\#16301](https://github.com/matrix-org/synapse/issues/16301), [\#16325](https://github.com/matrix-org/synapse/issues/16325), [\#16326](https://github.com/matrix-org/synapse/issues/16326))
-- Raise `setuptools_rust` version cap to 1.7.0. ([\#16277](https://github.com/matrix-org/synapse/issues/16277))
-- Fix using the new task scheduler causing lots of CPU to be used. ([\#16278](https://github.com/matrix-org/synapse/issues/16278))
-- Upgrade CI run of Python 3.12 from rc1 to rc2. ([\#16280](https://github.com/matrix-org/synapse/issues/16280))
-- Include values in SQL debug when using `execute_values` with Postgres. ([\#16281](https://github.com/matrix-org/synapse/issues/16281))
-- Enable additional linting checks. ([\#16283](https://github.com/matrix-org/synapse/issues/16283))
-- Refactor `receipts_graph` Postgres transactions to stop error messages. ([\#16299](https://github.com/matrix-org/synapse/issues/16299))
-- Small improvements to logging in replication code. ([\#16309](https://github.com/matrix-org/synapse/issues/16309))
-- Remove a reference cycle in background processes. ([\#16314](https://github.com/matrix-org/synapse/issues/16314))
-- Only use literal strings for background process names. ([\#16315](https://github.com/matrix-org/synapse/issues/16315))
-- Refactor `get_user_by_id`. ([\#16316](https://github.com/matrix-org/synapse/issues/16316))
-- Speed up task to delete to-device messages. ([\#16318](https://github.com/matrix-org/synapse/issues/16318))
-- Avoid patching code in tests. ([\#16349](https://github.com/matrix-org/synapse/issues/16349))
-- Test against PostgreSQL 16. ([\#16351](https://github.com/matrix-org/synapse/issues/16351))
-
-### Updates to locked dependencies
-
-* Bump mypy from 1.4.1 to 1.5.1. ([\#16300](https://github.com/matrix-org/synapse/issues/16300))
-* Bump black from 23.7.0 to 23.9.1. ([\#16295](https://github.com/matrix-org/synapse/issues/16295))
-* Bump docker/build-push-action from 4 to 5. ([\#16336](https://github.com/matrix-org/synapse/issues/16336))
-* Bump docker/login-action from 2 to 3. ([\#16339](https://github.com/matrix-org/synapse/issues/16339))
-* Bump docker/metadata-action from 4 to 5. ([\#16337](https://github.com/matrix-org/synapse/issues/16337))
-* Bump docker/setup-qemu-action from 2 to 3. ([\#16338](https://github.com/matrix-org/synapse/issues/16338))
-* Bump furo from 2023.8.19 to 2023.9.10. ([\#16340](https://github.com/matrix-org/synapse/issues/16340))
-* Bump gitpython from 3.1.32 to 3.1.35. ([\#16267](https://github.com/matrix-org/synapse/issues/16267), [\#16279](https://github.com/matrix-org/synapse/issues/16279))
-* Bump mypy-zope from 1.0.0 to 1.0.1. ([\#16291](https://github.com/matrix-org/synapse/issues/16291))
-* Bump pillow from 10.0.0 to 10.0.1. ([\#16344](https://github.com/matrix-org/synapse/issues/16344))
-* Bump regex from 1.9.4 to 1.9.5. ([\#16233](https://github.com/matrix-org/synapse/issues/16233))
-* Bump ruff from 0.0.286 to 0.0.290. ([\#16342](https://github.com/matrix-org/synapse/issues/16342))
-* Bump serde_json from 1.0.105 to 1.0.107. ([\#16296](https://github.com/matrix-org/synapse/issues/16296), [\#16345](https://github.com/matrix-org/synapse/issues/16345))
-* Bump twisted from 22.10.0 to 23.8.0. ([\#16235](https://github.com/matrix-org/synapse/issues/16235))
-* Bump types-pillow from 10.0.0.2 to 10.0.0.3. ([\#16293](https://github.com/matrix-org/synapse/issues/16293))
-* Bump types-setuptools from 68.0.0.3 to 68.2.0.0. ([\#16292](https://github.com/matrix-org/synapse/issues/16292))
-* Bump typing-extensions from 4.7.1 to 4.8.0. ([\#16341](https://github.com/matrix-org/synapse/issues/16341))
-
-# Synapse 1.92.3 (2023-09-18)
-
-This is again a security update targeted at mitigating [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863).
-It turns out that libwebp is bundled statically in Pillow wheels so we need to update this dependency instead of
-libwebp package at the OS level.
-
-Unlike what was advertised in 1.92.2 changelog this release also impacts PyPI wheels and Debian packages from matrix.org.
-
-We encourage admins to upgrade as soon as possible.
-
-
-### Internal Changes
-
-- Pillow 10.0.1 is now mandatory because of libwebp CVE-2023-4863, since Pillow provides libwebp in the wheels. ([\#16347](https://github.com/matrix-org/synapse/issues/16347))
-
-### Updates to locked dependencies
-
-* Bump pillow from 10.0.0 to 10.0.1. ([\#16344](https://github.com/matrix-org/synapse/issues/16344))
-
 # Synapse 1.92.2 (2023-09-15)
 
 This is a Docker-only update to mitigate [CVE-2023-4863](https://cve.org/CVERecord?id=CVE-2023-4863), a critical vulnerability in `libwebp`. Server admins not using Docker should ensure that their `libwebp` is up to date (if installed). We encourage admins to upgrade as soon as possible.

Cargo.lock

@@ -144,9 +144,9 @@ checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c"
 
 [[package]]
 name = "memoffset"
-version = "0.9.0"
+version = "0.6.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c"
+checksum = "5aa361d4faea93603064a027415f07bd8e1d5c88c9fbf68bf56a285428fd79ce"
 dependencies = [
  "autocfg",
 ]
@@ -191,9 +191,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3"
-version = "0.19.2"
+version = "0.17.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e681a6cfdc4adcc93b4d3cf993749a4552018ee0a9b65fc0ccfad74352c72a38"
+checksum = "268be0c73583c183f2b14052337465768c07726936a260f480f0857cb95ba543"
 dependencies = [
  "anyhow",
  "cfg-if",
@@ -209,9 +209,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-build-config"
-version = "0.19.2"
+version = "0.17.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "076c73d0bc438f7a4ef6fdd0c3bb4732149136abd952b110ac93e4edb13a6ba5"
+checksum = "28fcd1e73f06ec85bf3280c48c67e731d8290ad3d730f8be9dc07946923005c8"
 dependencies = [
  "once_cell",
  "target-lexicon",
@@ -219,9 +219,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-ffi"
-version = "0.19.2"
+version = "0.17.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e53cee42e77ebe256066ba8aa77eff722b3bb91f3419177cf4cd0f304d3284d9"
+checksum = "0f6cb136e222e49115b3c51c32792886defbfb0adead26a688142b346a0b9ffc"
 dependencies = [
  "libc",
  "pyo3-build-config",
@@ -229,9 +229,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-log"
-version = "0.8.4"
+version = "0.8.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c09c2b349b6538d8a73d436ca606dab6ce0aaab4dad9e6b7bdd57a4f556c3bc3"
+checksum = "f47b0777feb17f61eea78667d61103758b243a871edc09a7786500a50467b605"
 dependencies = [
  "arc-swap",
  "log",
@@ -240,9 +240,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros"
-version = "0.19.2"
+version = "0.17.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dfeb4c99597e136528c6dd7d5e3de5434d1ceaf487436a3f03b2d56b6fc9efd1"
+checksum = "94144a1266e236b1c932682136dc35a9dee8d3589728f68130c7c3861ef96b28"
 dependencies = [
  "proc-macro2",
  "pyo3-macros-backend",
@@ -252,9 +252,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros-backend"
-version = "0.19.2"
+version = "0.17.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "947dc12175c254889edc0c02e399476c2f652b4b9ebd123aa655c224de259536"
+checksum = "c8df9be978a2d2f0cdebabb03206ed73b11314701a5bfe71b0d753b81997777f"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -263,9 +263,9 @@ dependencies = [
 
 [[package]]
 name = "pythonize"
-version = "0.19.0"
+version = "0.17.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8e35b716d430ace57e2d1b4afb51c9e5b7c46d2bce72926e07f9be6a98ced03e"
+checksum = "0f7f0c136f5fbc01868185eef462800e49659eb23acca83b9e884367a006acb6"
 dependencies = [
  "pyo3",
  "serde",
@@ -291,9 +291,9 @@ dependencies = [
 
 [[package]]
 name = "regex"
-version = "1.9.6"
+version = "1.9.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ebee201405406dbf528b8b672104ae6d6d63e6d118cb10e4d51abbc7b58044ff"
+checksum = "697061221ea1b4a94a624f67d0ae2bfe4e22b8a17b6a192afb11046542cc8c47"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -303,9 +303,9 @@ dependencies = [
 
 [[package]]
 name = "regex-automata"
-version = "0.3.9"
+version = "0.3.8"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "59b23e92ee4318893fa3fe3e6fb365258efbfe6ac6ab30f090cdcbb7aa37efa9"
+checksum = "c2f401f4955220693b56f8ec66ee9c78abffd8d1c4f23dc41a23839eb88f0795"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -332,18 +332,18 @@ checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
 
 [[package]]
 name = "serde"
-version = "1.0.192"
+version = "1.0.188"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bca2a08484b285dcb282d0f67b26cadc0df8b19f8c12502c13d966bf9482f001"
+checksum = "cf9e0fcba69a370eed61bcf2b728575f726b50b55cba78064753d708ddc7549e"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.192"
+version = "1.0.188"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d6c7207fbec9faa48073f3e3074cbe553af6ea512d7c21ba46e434e70ea9fbc1"
+checksum = "4eca7ac642d82aa35b60049a6eccb4be6be75e599bd2e9adb5f875a737654af2"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -352,9 +352,9 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.108"
+version = "1.0.106"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3d1c7e3eac408d115102c4c24ad393e0821bb3a5df4d506a80f85f7a742a526b"
+checksum = "2cc66a619ed80bf7a0f6b17dd063a84b88f6dea1813737cf469aef1d081142c2"
 dependencies = [
  "itoa",
  "ryu",

README.rst

@@ -122,7 +122,7 @@ You will need to change the server you are logging into from ``matrix.org``
 and instead specify a Homeserver URL of ``https://<server_name>:8448``
 (or just ``https://<server_name>`` if you are using a reverse proxy).
 If you prefer to use another client, refer to our
-`client breakdown <https://matrix.org/ecosystem/clients/>`_.
+`client breakdown <https://matrix.org/docs/projects/clients-matrix>`_.
 
 If all goes well you should at least be able to log in, create a room, and
 start sending messages.

book.toml

@@ -34,14 +34,6 @@ additional-css = [
     "docs/website_files/table-of-contents.css",
     "docs/website_files/remove-nav-buttons.css",
     "docs/website_files/indent-section-headers.css",
-    "docs/website_files/version-picker.css",
 ]
-additional-js = [
-    "docs/website_files/table-of-contents.js",
-    "docs/website_files/version-picker.js",
-    "docs/website_files/version.js",
-]
-theme = "docs/website_files/theme"
-
-[preprocessor.schema_versions]
-command = "./scripts-dev/schema_versions.py"
+additional-js = ["docs/website_files/table-of-contents.js"]
+theme = "docs/website_files/theme"

changelog.d/15488.feature

@@ -0,0 +1 @@
+Add automatic purge after all users forgotten a room. Also add restore of purge/shutdown rooms after a synapse restart.

changelog.d/15997.misc

@@ -0,0 +1 @@
+Allow modules to delete rooms.

changelog.d/16066.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where multi-device accounts could cause high load due to presence.

changelog.d/16090.misc

@@ -0,0 +1 @@
+Add GCC and GNU Make to the Nix flake development environment so that `ruff` can be compiled.

changelog.d/16137.feature

@@ -0,0 +1 @@
+Support resolving homeservers using `matrix-fed` DNS SRV records from [MSC4040](https://github.com/matrix-org/matrix-spec-proposals/pull/4040).

changelog.d/16170.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where multi-device accounts could cause high load due to presence.

changelog.d/16171.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where multi-device accounts could cause high load due to presence.

changelog.d/16172.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where multi-device accounts could cause high load due to presence.

changelog.d/16174.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where multi-device accounts could cause high load due to presence.

changelog.d/16219.feature

@@ -0,0 +1 @@
+Add the ability to use `G` (GiB) and `T` (TiB) suffixes in configuration options that refer to numbers of bytes.

changelog.d/16227.feature

@@ -0,0 +1 @@
+Add span information to requests sent to appservices. Contributed by MTRNord.

changelog.d/16235.misc

@@ -0,0 +1 @@
+Fix type checking when using the new version of Twisted.

changelog.d/16240.misc

@@ -0,0 +1 @@
+Delete device messages asynchronously and in staged batches using the task scheduler.

changelog.d/16248.misc

@@ -0,0 +1 @@
+Bump minimum supported Rust version to 1.61.0.

changelog.d/16251.bugfix

@@ -0,0 +1 @@
+Fix a long-standing bug where appservices using MSC2409 to receive to_device messages, would only get messages for one user.

changelog.d/16252.bugfix

@@ -0,0 +1 @@
+Fix bug when using workers where Synapse could end up re-requesting the same remote device repeatedly.

changelog.d/16257.bugfix

@@ -0,0 +1 @@
+Fix long-standing bug where we kept re-requesting a remote server's key repeatedly, potentially causing delays in receiving events over federation.

changelog.d/16260.misc

@@ -0,0 +1 @@
+Update rust to version 1.71.1 in the nix development environment.

changelog.d/16261.misc

@@ -0,0 +1 @@
+Simplify server key storage.

changelog.d/16262.feature

@@ -0,0 +1 @@
+Add the ability to enable/disable registrations when in the CAS flow. Contributed by Aurélien Grimpard.

changelog.d/16263.misc

@@ -0,0 +1 @@
+Add GCC and GNU Make to the Nix flake development environment so that `ruff` can be compiled.

changelog.d/16264.misc

@@ -0,0 +1 @@
+Reduce CPU overhead of change password endpoint.

changelog.d/16265.feature

@@ -0,0 +1 @@
+Allow `/notifications` endpoint to be routed to workers.

changelog.d/16272.bugfix

@@ -0,0 +1 @@
+Avoid temporary storage of sensitive information.

changelog.d/16273.misc

@@ -0,0 +1 @@
+Stop purging from tables slated for removal.

changelog.d/16274.feature

@@ -0,0 +1 @@
+Enable users to easily unsubscribe to notifications emails via the `List-Unsubscribe` header.

changelog.d/16276.misc

@@ -0,0 +1 @@
+Improve type hints.

changelog.d/16277.misc

@@ -0,0 +1 @@
+Raise setuptools_rust version cap to 1.7.0.

changelog.d/16278.misc

@@ -0,0 +1 @@
+Fix using the new task scheduler causing lots of CPU to be used.

changelog.d/16280.misc

@@ -0,0 +1 @@
+Upgrade CI run of Python 3.12 from rc1 to rc2.

changelog.d/16281.misc

@@ -0,0 +1 @@
+Include values in SQL debug when using `execute_values` with Postgres.

changelog.d/16282.doc

@@ -0,0 +1 @@
+Fix typos in the documentation.

changelog.d/16283.misc

@@ -0,0 +1 @@
+Enable additional linting checks.

changelog.d/16288.bugfix

@@ -0,0 +1 @@
+Fix bug introduced in Synapse 1.49.0 when using dehydrated devices ([MSC2697](https://github.com/matrix-org/matrix-spec-proposals/pull/2697)) and refresh tokens. Contributed by Hanadi.

changelog.d/16298.misc

@@ -0,0 +1 @@
+Don't try refetching device lists for users on remote hosts that are marked as "down".

changelog.d/16299.misc

@@ -0,0 +1 @@
+Refactor `receipts_graph` Postgres transactions to stop error messages.

changelog.d/16300.misc

@@ -0,0 +1 @@
+Bump mypy from 1.4.1 to 1.5.1.

changelog.d/16301.misc

@@ -0,0 +1 @@
+Improve type hints.

changelog.d/16304.doc

@@ -0,0 +1 @@
+Link to the Alpine Linux community package for Synapse.

changelog.d/16309.misc

@@ -0,0 +1 @@
+Small improvements to logging in replication code.

changelog.d/16311.misc

@@ -0,0 +1 @@
+Delete device messages asynchronously and in staged batches using the task scheduler.

changelog.d/16312.misc

@@ -0,0 +1 @@
+Delete device messages asynchronously and in staged batches using the task scheduler.

changelog.d/16313.misc

@@ -0,0 +1 @@
+Delete device messages asynchronously and in staged batches using the task scheduler.

changelog.d/16314.misc

@@ -0,0 +1 @@
+Remove a reference cycle for in background processes.

changelog.d/16315.misc

@@ -0,0 +1 @@
+Only use literal strings for background process names.

changelog.d/16316.misc

@@ -0,0 +1 @@
+Refactor `get_user_by_id`.

changelog.d/16318.misc

@@ -0,0 +1 @@
+Speed up task to delete to-device messages.

debian/changelog

@@ -1,81 +1,3 @@
-matrix-synapse-py3 (1.97.0) stable; urgency=medium
-
-  * New Synapse release 1.97.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 28 Nov 2023 14:08:58 +0000
-
-matrix-synapse-py3 (1.97.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.97.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 21 Nov 2023 12:32:03 +0000
-
-matrix-synapse-py3 (1.96.1) stable; urgency=medium
-
-  * New synapse release 1.96.1.
-
- -- Synapse Packaging team <packages@matrix.org>  Fri, 17 Nov 2023 12:48:45 +0000
-
-matrix-synapse-py3 (1.96.0) stable; urgency=medium
-
-  * New synapse release 1.96.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Thu, 16 Nov 2023 17:54:26 +0000
-
-matrix-synapse-py3 (1.96.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.96.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 31 Oct 2023 14:09:09 +0000
-
-matrix-synapse-py3 (1.95.1) stable; urgency=medium
-
-  * New Synapse release 1.95.1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 31 Oct 2023 14:00:00 +0000
-
-matrix-synapse-py3 (1.95.0) stable; urgency=medium
-
-  * New Synapse release 1.95.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 24 Oct 2023 13:00:46 +0100
-
-matrix-synapse-py3 (1.95.0~rc1) stable; urgency=medium
-
-  * New synapse release 1.95.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 17 Oct 2023 15:50:17 +0000
-
-matrix-synapse-py3 (1.94.0) stable; urgency=medium
-
-  * New Synapse release 1.94.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 10 Oct 2023 10:57:41 +0100
-
-matrix-synapse-py3 (1.94.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.94.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 03 Oct 2023 11:48:18 +0100
-
-matrix-synapse-py3 (1.93.0) stable; urgency=medium
-
-  * New Synapse release 1.93.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 26 Sep 2023 15:54:40 +0100
-
-matrix-synapse-py3 (1.93.0~rc1) stable; urgency=medium
-
-  * New synapse release 1.93.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 19 Sep 2023 11:55:00 +0000
-
-matrix-synapse-py3 (1.92.3) stable; urgency=medium
-
-  * New Synapse release 1.92.3.
-
- -- Synapse Packaging team <packages@matrix.org>  Mon, 18 Sep 2023 15:05:04 +0200
-
 matrix-synapse-py3 (1.92.2) stable; urgency=medium
 
   * New Synapse release 1.92.2.
@@ -1661,7 +1583,7 @@ matrix-synapse-py3 (0.99.3.1) stable; urgency=medium
 matrix-synapse-py3 (0.99.3) stable; urgency=medium
 
   [ Richard van der Hoff ]
-  * Fix warning during preconfiguration. (Fixes: https://github.com/matrix-org/synapse/issues/4819)
+  * Fix warning during preconfiguration. (Fixes: #4819)
 
   [ Synapse Packaging team ]
   * New synapse release 0.99.3.

docker/complement/conf/start_for_complement.sh

@@ -68,11 +68,6 @@ if [[ -n "$SYNAPSE_COMPLEMENT_USE_WORKERS" ]]; then
 
   fi
   log "Workers requested: $SYNAPSE_WORKER_TYPES"
-  # adjust connection pool limits on worker mode as otherwise running lots of worker synapses
-  # can make docker unhappy (in GHA)
-  export POSTGRES_CP_MIN=1
-  export POSTGRES_CP_MAX=3
-  echo "using reduced connection pool limits for worker mode"
   # Improve startup times by using a launcher based on fork()
   export SYNAPSE_USE_EXPERIMENTAL_FORKING_LAUNCHER=1
 else

docker/conf/homeserver.yaml

@@ -67,8 +67,8 @@ database:
     host: "{{ POSTGRES_HOST or "db" }}"
     port: "{{ POSTGRES_PORT or "5432" }}"
 {% endif %}
-    cp_min: {{ POSTGRES_CP_MIN or 5 }}
-    cp_max: {{ POSTGRES_CP_MAX or 10 }}
+    cp_min: 5
+    cp_max: 10
 {% else %}
 database:
   name: "sqlite3"

docs/SUMMARY.md

@@ -19,7 +19,7 @@
 # Usage
   - [Federation](federate.md)
   - [Configuration](usage/configuration/README.md)
-    - [Configuration Manual](usage/configuration/config_documentation.md)
+    - [Configuration Manual](usage/configuration/config_documentation.md) 
     - [Homeserver Sample Config File](usage/configuration/homeserver_sample_config.md)
     - [Logging Sample Config File](usage/configuration/logging_sample_config.md)
     - [Structured Logging](structured_logging.md)
@@ -48,7 +48,6 @@
         - [Password auth provider callbacks](modules/password_auth_provider_callbacks.md)
         - [Background update controller callbacks](modules/background_update_controller_callbacks.md)
         - [Account data callbacks](modules/account_data_callbacks.md)
-        - [Add extra fields to client events unsigned section callbacks](modules/add_extra_fields_to_client_events_unsigned.md)
         - [Porting a legacy module to the new interface](modules/porting_legacy_module.md)
     - [Workers](workers.md)
       - [Using `synctl` with Workers](synctl_workers.md)

docs/admin_api/rooms.md

@@ -536,8 +536,7 @@ The following query parameters are available:
 
 **Response**
 
-* `event_id` - The event ID closest to the given timestamp.
-* `origin_server_ts` - The timestamp of the event in milliseconds since the Unix epoch.
+* `event_id` - converted from timestamp
 
 # Block Room API
 The Block Room admin API allows server admins to block and unblock rooms,

docs/admin_api/user_admin_api.md

@@ -54,8 +54,7 @@ It returns a JSON body like the following:
             "external_id": "<user_id_provider_2>"
         }
     ],
-    "user_type": null,
-    "locked": false
+    "user_type": null
 }
 ```
 
@@ -104,8 +103,7 @@ with a body of:
     ],
     "admin": false,
     "deactivated": false,
-    "user_type": null,
-    "locked": false
+    "user_type": null
 }
 ```
 
@@ -148,6 +146,7 @@ Body parameters:
 - `admin` - **bool**, optional, defaults to `false`. Whether the user is a homeserver administrator,
   granting them access to the Admin API, among other things.
 - `deactivated` - **bool**, optional. If unspecified, deactivation state will be left unchanged.
+- `locked` - **bool**, optional. If unspecified, locked state will be left unchanged.
 
   Note: the `password` field must also be set if both of the following are true:
   - `deactivated` is set to `false` and the user was previously deactivated (you are reactivating this user)
@@ -157,7 +156,6 @@ Body parameters:
 
   Note: a user cannot be erased with this API. For more details on
   deactivating and erasing users see [Deactivate Account](#deactivate-account).
-- `locked` - **bool**, optional. If unspecified, locked state will be left unchanged.
 - `user_type` - **string** or null, optional. If not provided, the user type will be
   not be changed. If `null` is given, the user type will be cleared.
   Other allowed options are: `bot` and `support`.
@@ -186,8 +184,7 @@ A response body like the following is returned:
             "shadow_banned": 0,
             "displayname": "<User One>",
             "avatar_url": null,
-            "creation_ts": 1560432668000,
-            "locked": false
+            "creation_ts": 1560432668000
         }, {
             "name": "<user_id2>",
             "is_guest": 0,
@@ -198,8 +195,7 @@ A response body like the following is returned:
             "shadow_banned": 0,
             "displayname": "<User Two>",
             "avatar_url": "<avatar_url>",
-            "creation_ts": 1561550621000,
-            "locked": false
+            "creation_ts": 1561550621000
         }
     ],
     "next_token": "100",
@@ -253,8 +249,6 @@ The following parameters should be set in the URL:
 - `not_user_type` - Exclude certain user types, such as bot users, from the request.
    Can be provided multiple times. Possible values are `bot`, `support` or "empty string".
    "empty string" here means to exclude users without a type.
-- `locked` - string representing a bool - Is optional and if `true` will **include** locked users.
-  Defaults to `false` to exclude locked users. Note: Introduced in v1.93.
 
 Caution. The database only has indexes on the columns `name` and `creation_ts`.
 This means that if a different sort order is used (`is_guest`, `admin`,
@@ -280,11 +274,10 @@ The following fields are returned in the JSON response body:
   - `avatar_url` - string -  The user's avatar URL if they have set one.
   - `creation_ts` - integer - The user's creation timestamp in ms.
   - `last_seen_ts` - integer - The user's last activity timestamp in ms.
-  - `locked` - bool - Status if that user has been marked as locked. Note: Introduced in v1.93.
+
 - `next_token`: string representing a positive integer - Indication for pagination. See above.
 - `total` - integer - Total number of media.
 
-*Added in Synapse 1.93:* the `locked` query parameter and response field.
 
 ## Query current sessions for a user
 
@@ -618,16 +611,6 @@ A response body like the following is returned:
       "quarantined_by": null,
       "safe_from_quarantine": false,
       "upload_name": "test2.png"
-    },
-    {
-      "created_ts": 300400,
-      "last_access_ts": 300700,
-      "media_id": "BzYNLRUgGHphBkdKGbzXwbjX",
-      "media_length": 1337,
-      "media_type": "application/octet-stream",
-      "quarantined_by": null,
-      "safe_from_quarantine": false,
-      "upload_name": null
     }
   ],
   "next_token": 3,
@@ -689,17 +672,16 @@ The following fields are returned in the JSON response body:
 - `media` - An array of objects, each containing information about a media.
   Media objects contain the following fields:
   - `created_ts` - integer - Timestamp when the content was uploaded in ms.
-  - `last_access_ts` - integer or null - Timestamp when the content was last accessed in ms.
-     Null if there was no access, yet.
+  - `last_access_ts` - integer - Timestamp when the content was last accessed in ms.
   - `media_id` - string - The id used to refer to the media. Details about the format
     are documented under
     [media repository](../media_repository.md).
   - `media_length` - integer - Length of the media in bytes.
   - `media_type` - string - The MIME-type of the media.
-  - `quarantined_by` - string or null - The user ID that initiated the quarantine request
-    for this media. Null if not quarantined.
+  - `quarantined_by` - string - The user ID that initiated the quarantine request
+    for this media.
   - `safe_from_quarantine` - bool - Status if this media is safe from quarantining.
-  - `upload_name` - string or null - The name the media was uploaded with. Null if not provided during upload.
+  - `upload_name` - string - The name the media was uploaded with.
 - `next_token`: integer - Indication for pagination. See above.
 - `total` - integer - Total number of media.
 
@@ -784,43 +766,6 @@ Note: The token will expire if the *admin* user calls `/logout/all` from any
 of their devices, but the token will *not* expire if the target user does the
 same.
 
-## Allow replacing master cross-signing key without User-Interactive Auth
-
-This endpoint is not intended for server administrator usage;
-we describe it here for completeness.
-
-This API temporarily permits a user to replace their master cross-signing key
-without going through
-[user-interactive authentication](https://spec.matrix.org/v1.8/client-server-api/#user-interactive-authentication-api) (UIA).
-This is useful when Synapse has delegated its authentication to the
-[Matrix Authentication Service](https://github.com/matrix-org/matrix-authentication-service/);
-as Synapse cannot perform UIA is not possible in these circumstances.
-
-The API is
-
-```http request
-POST /_synapse/admin/v1/users/<user_id>/_allow_cross_signing_replacement_without_uia
-{}
-```
-
-If the user does not exist, or does exist but has no master cross-signing key,
-this will return with status code `404 Not Found`.
-
-Otherwise, a response body like the following is returned, with status `200 OK`:
-
-```json
-{
-    "updatable_without_uia_before_ms": 1234567890
-}
-```
-
-The response body is a JSON object with a single field:
-
-- `updatable_without_uia_before_ms`: integer. The timestamp in milliseconds
-  before which the user is permitted to replace their cross-signing key without
-  going through UIA.
-
-_Added in Synapse 1.97.0._
 
 ## User devices
 

docs/admin_api/version_api.md

@@ -1,7 +1,7 @@
 # Version API
 
-This API returns the running Synapse version.
-This is useful when a Synapse instance
+This API returns the running Synapse version and the Python version
+on which Synapse is being run. This is useful when a Synapse instance
 is behind a proxy that does not forward the 'Server' header (which also
 contains Synapse version information).
 
@@ -15,9 +15,7 @@ It returns a JSON body like the following:
 
 ```json
 {
-    "server_version": "0.99.2rc1 (b=develop, abcdef123)"
+    "server_version": "0.99.2rc1 (b=develop, abcdef123)",
+    "python_version": "3.7.8"
 }
 ```
-
-*Changed in Synapse 1.94.0:* The `python_version` key was removed from the
-response body.

docs/development/contributing_guide.md

@@ -66,7 +66,7 @@ Of their installation methods, we recommend
 
 ```shell
 pip install --user pipx
-pipx install poetry==1.5.2  # Problems with Poetry 1.6, see https://github.com/matrix-org/synapse/issues/16147
+pipx install poetry
 ```
 
 but see poetry's [installation instructions](https://python-poetry.org/docs/#installation)

docs/development/database_schema.md

@@ -150,67 +150,6 @@ def run_upgrade(
     ...
 ```
 
-## Background updates
-
-It is sometimes appropriate to perform database migrations as part of a background
-process (instead of blocking Synapse until the migration is done). In particular,
-this is useful for migrating data when adding new columns or tables.
-
-Pending background updates stored in the `background_updates` table and are denoted
-by a unique name, the current status (stored in JSON), and some dependency information:
-
-* Whether the update requires a previous update to be complete.
-* A rough ordering for which to complete updates.
-
-A new background updates needs to be added to the `background_updates` table:
-
-```sql
-INSERT INTO background_updates (ordering, update_name, depends_on, progress_json) VALUES
-  (7706, 'my_background_update', 'a_previous_background_update' '{}');
-```
-
-And then needs an associated handler in the appropriate datastore:
-
-```python
-self.db_pool.updates.register_background_update_handler(
-    "my_background_update",
-    update_handler=self._my_background_update,
-)
-```
-
-There are a few types of updates that can be performed, see the `BackgroundUpdater`:
-
-* `register_background_update_handler`: A generic handler for custom SQL
-* `register_background_index_update`: Create an index in the background
-* `register_background_validate_constraint`: Validate a constraint in the background
-  (PostgreSQL-only)
-* `register_background_validate_constraint_and_delete_rows`: Similar to
-  `register_background_validate_constraint`, but deletes rows which don't fit
-  the constraint.
-
-For `register_background_update_handler`, the generic handler must track progress
-and then finalize the background update:
-
-```python
-async def _my_background_update(self, progress: JsonDict, batch_size: int) -> int:
-    def _do_something(txn: LoggingTransaction) -> int:
-        ...
-        self.db_pool.updates._background_update_progress_txn(
-            txn, "my_background_update", {"last_processed": last_processed}
-        )
-        return last_processed - prev_last_processed
-
-    num_processed = await self.db_pool.runInteraction("_do_something", _do_something)
-    await self.db_pool.updates._end_background_update("my_background_update")
-
-    return num_processed
-```
-
-Synapse will attempt to rate-limit how often background updates are run via the
-given batch-size and the returned number of processed entries (and how long the
-function took to run). See
-[background update controller callbacks](../modules/background_update_controller_callbacks.md).
-
 ## Boolean columns
 
 Boolean columns require special treatment, since SQLite treats booleans the
@@ -245,160 +184,3 @@ version `3`, that can only happen with a hash collision, which we basically hope
 will never happen (SHA256 has a massive big key space).
 
 
-## Worked examples of gradual migrations
-
-Some migrations need to be performed gradually. A prime example of this is anything
-which would need to do a large table scan — including adding columns, indices or
-`NOT NULL` constraints to non-empty tables — such a migration should be done as a
-background update where possible, at least on Postgres.
-We can afford to be more relaxed about SQLite databases since they are usually
-used on smaller deployments and SQLite does not support the same concurrent
-DDL operations as Postgres.
-
-We also typically insist on having at least one Synapse version's worth of
-backwards compatibility, so that administrators can roll back Synapse if an upgrade
-did not go smoothly.
-
-This sometimes results in having to plan a migration across multiple versions
-of Synapse.
-
-This section includes an example and may include more in the future.
-
-
-
-### Transforming a column into another one, with `NOT NULL` constraints
-
-This example illustrates how you would introduce a new column, write data into it
-based on data from an old column and then drop the old column.
-
-We are aiming for semantic equivalence to:
-
-```sql
-ALTER TABLE mytable ADD COLUMN new_column INTEGER;
-UPDATE mytable SET new_column = old_column * 100;
-ALTER TABLE mytable ALTER COLUMN new_column ADD CONSTRAINT NOT NULL;
-ALTER TABLE mytable DROP COLUMN old_column;
-```
-
-#### Synapse version `N`
-
-```python
-SCHEMA_VERSION = S
-SCHEMA_COMPAT_VERSION = ... # unimportant at this stage
-```
-
-**Invariants:**
-1. `old_column` is read by Synapse and written to by Synapse.
-
-
-#### Synapse version `N + 1`
-
-```python
-SCHEMA_VERSION = S + 1
-SCHEMA_COMPAT_VERSION = ... # unimportant at this stage
-```
-
-**Changes:**
-1.
-   ```sql
-   ALTER TABLE mytable ADD COLUMN new_column INTEGER;
-   ```
-
-**Invariants:**
-1. `old_column` is read by Synapse and written to by Synapse.
-2. `new_column` is written to by Synapse.
-
-**Notes:**
-1. `new_column` can't have a `NOT NULL NOT VALID` constraint yet, because the previous Synapse version did not write to the new column (since we haven't bumped the `SCHEMA_COMPAT_VERSION` yet, we still need to be compatible with the previous version).
-
-
-#### Synapse version `N + 2`
-
-```python
-SCHEMA_VERSION = S + 2
-SCHEMA_COMPAT_VERSION = S + 1 # this signals that we can't roll back to a time before new_column existed
-```
-
-**Changes:**
-1. On Postgres, add a `NOT VALID` constraint to ensure new rows are compliant. *SQLite does not have such a construct, but it would be unnecessary anyway since there is no way to concurrently perform this migration on SQLite.*
-   ```sql
-   ALTER TABLE mytable ADD CONSTRAINT CHECK new_column_not_null (new_column IS NOT NULL) NOT VALID;
-   ```
-2. Start a background update to perform migration: it should gradually run e.g.
-   ```sql
-   UPDATE mytable SET new_column = old_column * 100 WHERE 0 < mytable_id AND mytable_id <= 5;
-   ```
-   This background update is technically pointless on SQLite, but you must schedule it anyway so that the `portdb` script to migrate to Postgres still works.
-3. Upon completion of the background update, you should run `VALIDATE CONSTRAINT` on Postgres to turn the `NOT VALID` constraint into a valid one.
-   ```sql
-   ALTER TABLE mytable VALIDATE CONSTRAINT new_column_not_null;
-   ```
-   This will take some time but does **NOT** hold an exclusive lock over the table.
-
-**Invariants:**
-1. `old_column` is read by Synapse and written to by Synapse.
-2. `new_column` is written to by Synapse and new rows always have a non-`NULL` value in this field.
-
-
-**Notes:**
-1. If you wish, you can convert the `CHECK (new_column IS NOT NULL)` to a `NOT NULL` constraint free of charge in Postgres by adding the `NOT NULL` constraint and then dropping the `CHECK` constraint, because Postgres can statically verify that the `NOT NULL` constraint is implied by the `CHECK` constraint without performing a table scan.
-2. It might be tempting to make version `N + 2` redundant by moving the background update to `N + 1` and delaying adding the `NOT NULL` constraint to `N + 3`, but that would mean the constraint would always be validated in the foreground in `N + 3`. Whereas if the `N + 2` step is kept, the migration in `N + 3` would be fast in the happy case.
-
-#### Synapse version `N + 3`
-
-```python
-SCHEMA_VERSION = S + 3
-SCHEMA_COMPAT_VERSION = S + 1 # we can't roll back to a time before new_column existed
-```
-
-**Changes:**
-1. (Postgres) Update the table to populate values of `new_column` in case the background update had not completed. Additionally, `VALIDATE CONSTRAINT` to make the check fully valid.
-   ```sql
-   -- you ideally want an index on `new_column` or e.g. `(new_column) WHERE new_column IS NULL` first, or perhaps you can find a way to skip this if the `NOT NULL` constraint has already been validated.
-   UPDATE mytable SET new_column = old_column * 100 WHERE new_column IS NULL;
-
-   -- this is a no-op if it already ran as part of the background update
-   ALTER TABLE mytable VALIDATE CONSTRAINT new_column_not_null;
-   ```
-2. (SQLite) Recreate the table by precisely following [the 12-step procedure for SQLite table schema changes](https://www.sqlite.org/lang_altertable.html#otheralter).
-   During this table rewrite, you should recreate `new_column` as `NOT NULL` and populate any outstanding `NULL` values at the same time.
-   Unfortunately, you can't drop `old_column` yet because it must be present for compatibility with the Postgres schema, as needed by `portdb`.
-   (Otherwise you could do this all in one go with SQLite!)
-
-**Invariants:**
-1. `old_column` is written to by Synapse (but no longer read by Synapse!).
-2. `new_column` is read by Synapse and written to by Synapse. Moreover, all rows have a non-`NULL` value in this field, as guaranteed by a schema constraint.
-
-**Notes:**
-1. We can't drop `old_column` yet, or even stop writing to it, because that would break a rollback to the previous version of Synapse.
-2. Application code can now rely on `new_column` being populated. The remaining steps are only motivated by the wish to clean-up old columns.
-
-
-#### Synapse version `N + 4`
-
-```python
-SCHEMA_VERSION = S + 4
-SCHEMA_COMPAT_VERSION = S + 3 # we can't roll back to a time before new_column was entirely non-NULL
-```
-
-**Invariants:**
-1. `old_column` exists but is not written to or read from by Synapse.
-2. `new_column` is read by Synapse and written to by Synapse. Moreover, all rows have a non-`NULL` value in this field, as guaranteed by a schema constraint.
-
-**Notes:**
-1. We can't drop `old_column` yet because that would break a rollback to the previous version of Synapse. \
-   **TODO:** It may be possible to relax this and drop the column straight away as long as the previous version of Synapse detected a rollback occurred and stopped attempting to write to the column. This could possibly be done by checking whether the database's schema compatibility version was `S + 3`.
-
-
-#### Synapse version `N + 5`
-
-```python
-SCHEMA_VERSION = S + 5
-SCHEMA_COMPAT_VERSION = S + 4 # we can't roll back to a time before old_column was no longer being touched
-```
-
-**Changes:**
-1.
-   ```sql
-   ALTER TABLE mytable DROP COLUMN old_column;
-   ```

docs/development/synapse_architecture/streams.md

@@ -51,24 +51,17 @@ will be inserted with that ID.
 
 For any given stream reader (including writers themselves), we may define a per-writer current stream ID:
 
-> A current stream ID _for a writer W_ is the largest stream ID such that
+> The current stream ID _for a writer W_ is the largest stream ID such that
 > all transactions added by W with equal or smaller ID have completed.
 
 Similarly, there is a "linear" notion of current stream ID:
 
-> A "linear" current stream ID is the largest stream ID such that
+> The "linear" current stream ID is the largest stream ID such that
 > all facts (added by any writer) with equal or smaller ID have completed.
 
 Because different stream readers A and B learn about new facts at different times, A and B may disagree about current stream IDs.
 Put differently: we should think of stream readers as being independent of each other, proceeding through a stream of facts at different rates.
 
-The above definition does not give a unique current stream ID, in fact there can
-be a range of current stream IDs. Synapse uses both the minimum and maximum IDs
-for different purposes. Most often the maximum is used, as its generally
-beneficial for workers to advance their IDs as soon as possible. However, the
-minimum is used in situations where e.g. another worker is going to wait until
-the stream advances past a position.
-
 **NB.** For both senses of "current", that if a writer opens a transaction that never completes, the current stream ID will never advance beyond that writer's last written stream ID.
 
 For single-writer streams, the per-writer current ID and the linear current ID are the same.
@@ -121,7 +114,7 @@ Writers need to track:
  - track their current position (i.e. its own per-writer stream ID).
  - their facts currently awaiting completion.
 
-At startup,
+At startup, 
  - the current position of that writer can be found by querying the database (which suggests that facts need to be written to the database atomically, in a transaction); and
  - there are no facts awaiting completion.
 

docs/message_retention_policies.md

@@ -8,7 +8,8 @@ and allow server and room admins to configure how long messages should
 be kept in a homeserver's database before being purged from it.
 **Please note that, as this feature isn't part of the Matrix
 specification yet, this implementation is to be considered as
-experimental.**
+experimental. There are known bugs which may cause database corruption.
+Proceed with caution.** 
 
 A message retention policy is mainly defined by its `max_lifetime`
 parameter, which defines how long a message can be kept around after

docs/modules/add_extra_fields_to_client_events_unsigned.md

@@ -1,32 +0,0 @@
-# Add extra fields to client events unsigned section callbacks
-
-_First introduced in Synapse v1.96.0_
-
-This callback allows modules to add extra fields to the unsigned section of
-events when they get sent down to clients.
-
-These get called *every* time an event is to be sent to clients, so care should
-be taken to ensure with respect to performance.
-
-### API
-
-To register the callback, use
-`register_add_extra_fields_to_unsigned_client_event_callbacks` on the
-`ModuleApi`.
-
-The callback should be of the form
-
-```python
-async def add_field_to_unsigned(
-    event: EventBase,
-) -> JsonDict:
-```
-
-where the extra fields to add to the event's unsigned section is returned.
-(Modules must not attempt to modify the `event` directly).
-
-This cannot be used to alter the "core" fields in the unsigned section emitted
-by Synapse itself.
-
-If multiple such callbacks try to add the same field to an event's unsigned
-section, the last-registered callback wins.

docs/modules/presence_router_callbacks.md

@@ -1,16 +1,8 @@
 # Presence router callbacks
 
-Presence router callbacks allow module developers to define additional users
-which receive presence updates from local users. The additional users
-can be local or remote.
-
-For example, it could be used to direct all of `@alice:example.com` (a local user)'s
-presence updates to `@bob:matrix.org` (a remote user), even though they don't share a
-room. (Note that those presence updates might not make it to `@bob:matrix.org`'s client
-unless a similar presence router is running on that homeserver.)
-
-Presence router callbacks can be registered using the module API's
-`register_presence_router_callbacks` method.
+Presence router callbacks allow module developers to specify additional users (local or remote)
+to receive certain presence updates from local users. Presence router callbacks can be 
+registered using the module API's `register_presence_router_callbacks` method.
 
 ## Callbacks
 

docs/opentracing.md

@@ -51,11 +51,6 @@ docker run -d --name jaeger \
   jaegertracing/all-in-one:1
 ```
 
-By default, Synapse will publish traces to Jaeger on localhost.
-If Jaeger is hosted elsewhere, point Synapse to the correct host by setting
-`opentracing.jaeger_config.local_agent.reporting_host` [in the Synapse configuration](usage/configuration/config_documentation.md#opentracing-1)
-or by setting the `JAEGER_AGENT_HOST` environment variable to the desired address.
-
 Latest documentation is probably at
 https://www.jaegertracing.io/docs/latest/getting-started.
 

docs/postgres.md

@@ -66,7 +66,7 @@ database:
   args:
     user: <user>
     password: <pass>
-    dbname: <db>
+    database: <db>
     host: <host>
     cp_min: 5
     cp_max: 10

docs/usage/administration/useful_sql_for_admins.md

@@ -193,7 +193,7 @@ SELECT rss.room_id, rss.name, rss.canonical_alias, rss.topic, rss.encryption,
     rsc.joined_members, rsc.local_users_in_room, rss.join_rules
   FROM room_stats_state rss
   LEFT JOIN room_stats_current rsc USING (room_id)
-  WHERE room_id IN (
+  WHERE room_id IN ( WHERE room_id IN (
     '!OGEhHVWSdvArJzumhm:matrix.org',
     '!YTvKGNlinIzlkMTVRl:matrix.org' 
   );

docs/usage/configuration/config_documentation.md

@@ -230,13 +230,6 @@ Example configuration:
 presence:
   enabled: false
 ```
-
-`enabled` can also be set to a special value of "untracked" which ignores updates
-received via clients and federation, while still accepting updates from the
-[module API](../../modules/index.md).
-
-*The "untracked" option was added in Synapse 1.96.0.*
-
 ---
 ### `require_auth_for_profile_requests`
 
@@ -1033,8 +1026,11 @@ which are older than the room's maximum retention period. Synapse will also
 filter events received over federation so that events that should have been
 purged are ignored and not stored again.
 
-The message retention policies feature is disabled by default. You can read more
-about this feature [here](../../message_retention_policies.md).
+The message retention policies feature is disabled by default. Please be advised
+that enabling this feature carries some risk. There are known bugs with the implementation
+which can cause database corruption. Setting retention to delete older history
+is less risky than deleting newer history but in general caution is advised when enabling this
+experimental feature. You can read more about this feature [here](../../message_retention_policies.md).
 
 This setting has the following sub-options:
 * `default_policy`: Default retention policy. If set, Synapse will apply it to rooms that lack the
@@ -1137,14 +1133,14 @@ federation_verify_certificates: false
 
 The minimum TLS version that will be used for outbound federation requests.
 
-Defaults to `"1"`. Configurable to `"1"`, `"1.1"`, `"1.2"`, or `"1.3"`. Note
-that setting this value higher than `"1.2"` will prevent federation to most
-of the public Matrix network: only configure it to `"1.3"` if you have an
+Defaults to `1`. Configurable to `1`, `1.1`, `1.2`, or `1.3`. Note
+that setting this value higher than `1.2` will prevent federation to most
+of the public Matrix network: only configure it to `1.3` if you have an
 entirely private federation setup and you can ensure TLS 1.3 support.
 
 Example configuration:
 ```yaml
-federation_client_minimum_tls_version: "1.2"
+federation_client_minimum_tls_version: 1.2
 ```
 ---
 ### `federation_certificate_verification_whitelist`
@@ -1197,11 +1193,6 @@ inbound federation traffic as early as possible, rather than relying
 purely on this application-layer restriction.  If not specified, the
 default is to whitelist everything.
 
-Note: this does not stop a server from joining rooms that servers not on the
-whitelist are in. As such, this option is really only useful to establish a
-"private federation", where a group of servers all whitelist each other and have
-the same whitelist.
-
 Example configuration:
 ```yaml
 federation_domain_whitelist:
@@ -1447,7 +1438,7 @@ database:
   args:
     user: synapse_user
     password: secretpassword
-    dbname: synapse
+    database: synapse
     host: localhost
     port: 5432
     cp_min: 5
@@ -1526,7 +1517,7 @@ databases:
     args:
       user: synapse_user
       password: secretpassword
-      dbname: synapse_main
+      database: synapse_main
       host: localhost
       port: 5432
       cp_min: 5
@@ -1539,7 +1530,7 @@ databases:
     args:
       user: synapse_user
       password: secretpassword
-      dbname: synapse_state
+      database: synapse_state
       host: localhost
       port: 5432
       cp_min: 5
@@ -1753,19 +1744,6 @@ rc_third_party_invite:
   burst_count: 10
 ```
 ---
-### `rc_media_create`
-
-This option ratelimits creation of MXC URIs via the `/_matrix/media/v1/create`
-endpoint based on the account that's creating the media. Defaults to
-`per_second: 10`, `burst_count: 50`.
-
-Example configuration:
-```yaml
-rc_media_create:
-  per_second: 10
-  burst_count: 50
-```
----
 ### `rc_federation`
 
 Defines limits on federation requests.
@@ -1827,27 +1805,6 @@ Example configuration:
 media_store_path: "DATADIR/media_store"
 ```
 ---
-### `max_pending_media_uploads`
-
-How many *pending media uploads* can a given user have? A pending media upload
-is a created MXC URI that (a) is not expired (the `unused_expires_at` timestamp
-has not passed) and (b) the media has not yet been uploaded for. Defaults to 5.
-
-Example configuration:
-```yaml
-max_pending_media_uploads: 5
-```
----
-### `unused_expiration_time`
-
-How long to wait in milliseconds before expiring created media IDs. Defaults to
-"24h"
-
-Example configuration:
-```yaml
-unused_expiration_time: "1h"
-```
----
 ### `media_storage_providers`
 
 Media storage providers allow media to be stored in different
@@ -3838,160 +3795,62 @@ enable_room_list_search: false
 ---
 ### `alias_creation_rules`
 
-The `alias_creation_rules` option allows server admins to prevent unwanted
-alias creation on this server.
+The `alias_creation_rules` option controls who is allowed to create aliases
+on this server.
 
-This setting is an optional list of 0 or more rules. By default, no list is
-provided, meaning that all alias creations are permitted.
+The format of this option is a list of rules that contain globs that
+match against user_id, room_id and the new alias (fully qualified with
+server name). The action in the first rule that matches is taken,
+which can currently either be "allow" or "deny".
 
-Otherwise, requests to create aliases are matched against each rule in order.
-The first rule that matches decides if the request is allowed or denied. If no 
-rule matches, the request is denied. In particular, this means that configuring
-an empty list of rules will deny every alias creation request.
+Missing user_id/room_id/alias fields default to "*".
 
-Each rule is a YAML object containing four fields, each of which is an optional string:
+If no rules match the request is denied. An empty list means no one
+can create aliases.
 
-* `user_id`: a glob pattern that matches against the creator of the alias.
-* `alias`: a glob pattern that matches against the alias being created.
-* `room_id`: a glob pattern that matches against the room ID the alias is being pointed at.
-* `action`: either `allow` or `deny`. What to do with the request if the rule matches. Defaults to `allow`.
-
-Each of the glob patterns is optional, defaulting to `*` ("match anything").
-Note that the patterns match against fully qualified IDs, e.g. against 
-`@alice:example.com`, `#room:example.com` and `!abcdefghijk:example.com` instead
-of `alice`, `room` and `abcedgghijk`.
+Options for the rules include:
+* `user_id`: Matches against the creator of the alias. Defaults to "*".
+* `alias`: Matches against the alias being created. Defaults to "*".
+* `room_id`: Matches against the room ID the alias is being pointed at. Defaults to "*"
+* `action`: Whether to "allow" or "deny" the request if the rule matches. Defaults to allow.
 
 Example configuration:
-
 ```yaml
-# No rule list specified. All alias creations are allowed.
-# This is the default behaviour.
 alias_creation_rules:
-```
-
-```yaml
-# A list of one rule which allows everything.
-# This has the same effect as the previous example.
-alias_creation_rules:
-  - "action": "allow"
-```
-
-```yaml
-# An empty list of rules. All alias creations are denied.
-alias_creation_rules: []
-```
-
-```yaml
-# A list of one rule which denies everything.
-# This has the same effect as the previous example.
-alias_creation_rules:
-  - "action": "deny"
-```
-
-```yaml
-# Prevent a specific user from creating aliases.
-# Allow other users to create any alias
-alias_creation_rules:
-  - user_id: "@bad_user:example.com"
+  - user_id: "bad_user"
+    alias: "spammy_alias"
+    room_id: "*"
     action: deny
-    
-  - action: allow
 ```
-
-```yaml
-# Prevent aliases being created which point to a specific room.
-alias_creation_rules:
-  - room_id: "!forbiddenRoom:example.com"
-    action: deny
-
-  - action: allow
-```
-
 ---
 ### `room_list_publication_rules`
 
-The `room_list_publication_rules` option allows server admins to prevent
-unwanted entries from being published in the public room list.
+The `room_list_publication_rules` option controls who can publish and
+which rooms can be published in the public room list.
 
 The format of this option is the same as that for
-[`alias_creation_rules`](#alias_creation_rules): an optional list of 0 or more
-rules. By default, no list is provided, meaning that all rooms may be
-published to the room list.
+`alias_creation_rules`.
 
-Otherwise, requests to publish a room are matched against each rule in order.
-The first rule that matches decides if the request is allowed or denied. If no
-rule matches, the request is denied. In particular, this means that configuring
-an empty list of rules will deny every alias creation request.
+If the room has one or more aliases associated with it, only one of
+the aliases needs to match the alias rule. If there are no aliases
+then only rules with `alias: *` match.
 
-Each rule is a YAML object containing four fields, each of which is an optional string:
-
-* `user_id`: a glob pattern that matches against the user publishing the room.
-* `alias`: a glob pattern that matches against one of published room's aliases.
-  - If the room has no aliases, the alias match fails unless `alias` is unspecified or `*`.
-  - If the room has exactly one alias, the alias match succeeds if the `alias` pattern matches that alias.
-  - If the room has two or more aliases, the alias match succeeds if the pattern matches at least one of the aliases.
-* `room_id`: a glob pattern that matches against the room ID of the room being published.
-* `action`: either `allow` or `deny`. What to do with the request if the rule matches. Defaults to `allow`.
-
-Each of the glob patterns is optional, defaulting to `*` ("match anything").
-Note that the patterns match against fully qualified IDs, e.g. against
-`@alice:example.com`, `#room:example.com` and `!abcdefghijk:example.com` instead
-of `alice`, `room` and `abcedgghijk`.
+If no rules match the request is denied. An empty list means no one
+can publish rooms.
 
+Options for the rules include:
+* `user_id`: Matches against the creator of the alias. Defaults to "*".
+* `alias`: Matches against any current local or canonical aliases associated with the room. Defaults to "*".
+* `room_id`: Matches against the room ID being published. Defaults to "*".
+* `action`: Whether to "allow" or "deny" the request if the rule matches. Defaults to allow.
 
 Example configuration:
-
 ```yaml
-# No rule list specified. Anyone may publish any room to the public list.
-# This is the default behaviour.
 room_list_publication_rules:
-```
-
-```yaml
-# A list of one rule which allows everything.
-# This has the same effect as the previous example.
-room_list_publication_rules:
-  - "action": "allow"
-```
-
-```yaml
-# An empty list of rules. No-one may publish to the room list.
-room_list_publication_rules: []
-```
-
-```yaml
-# A list of one rule which denies everything.
-# This has the same effect as the previous example.
-room_list_publication_rules:
-  - "action": "deny"
-```
-
-```yaml
-# Prevent a specific user from publishing rooms.
-# Allow other users to publish anything.
-room_list_publication_rules:
-  - user_id: "@bad_user:example.com"
-    action: deny
-    
-  - action: allow
-```
-
-```yaml
-# Prevent publication of a specific room.
-room_list_publication_rules:
-  - room_id: "!forbiddenRoom:example.com"
-    action: deny
-
-  - action: allow
-```
-
-```yaml
-# Prevent publication of rooms with at least one alias containing the word "potato".
-room_list_publication_rules:
-  - alias: "#*potato*:example.com"
-    action: deny
-
-  - action: allow
+  - user_id: "*"
+    alias: "*"
+    room_id: "*"
+    action: allow
 ```
 
 ---
@@ -4253,9 +4112,6 @@ outbound_federation_restricted_to:
 Also see the [worker
 documentation](../../workers.md#restrict-outbound-federation-traffic-to-a-specific-set-of-workers)
 for more info.
-
-_Added in Synapse 1.89.0._
-
 ---
 ### `run_background_tasks_on`
 

docs/user_directory.md

@@ -1,133 +1,49 @@
-# User Directory API Implementation
+User Directory API Implementation
+=================================
 
-The user directory is maintained based on users that are 'visible' to the homeserver -
-i.e. ones which are local to the server and ones which any local user shares a
-room with.
+The user directory is currently maintained based on the 'visible' users
+on this particular server - i.e. ones which your account shares a room with, or
+who are present in a publicly viewable room present on the server.
 
-The directory info is stored in various tables, which can sometimes get out of
-sync (although this is considered a bug). If this happens, for now the
+The directory info is stored in various tables, which can (typically after
+DB corruption) get stale or out of sync. If this happens, for now the
 solution to fix it is to use the [admin API](usage/administration/admin_api/background_updates.md#run)
 and execute the job `regenerate_directory`. This should then start a background task to
-flush the current tables and regenerate the directory. Depending on the size
-of your homeserver (number of users and rooms) this can take a while.
+flush the current tables and regenerate the directory.
 
-## Data model
+Data model
+----------
 
 There are five relevant tables that collectively form the "user directory".
-Three of them track a list of all known users. The last two (collectively called
-the "search tables") track which users are visible to each other.
+Three of them track a master list of all the users we could search for.
+The last two (collectively called the "search tables") track who can
+see who.
 
 From all of these tables we exclude three types of local user:
+  - support users
+  - appservice users
+  - deactivated users
 
-- support users
-- appservice users
-- deactivated users
-
-A description of each table follows:
-
-* `user_directory`. This contains the user ID, display name and avatar of each user.
-  - Because there is only one directory entry per user, it is important that it
-    only contain publicly visible information. Otherwise, this will leak the
+* `user_directory`. This contains the user_id, display name and avatar we'll
+  return when you search the directory.
+  - Because there's only one directory entry per user, it's important that we only
+    ever put publicly visible names here. Otherwise we might leak a private
     nickname or avatar used in a private room.
   - Indexed on rooms. Indexed on users.
 
 * `user_directory_search`. To be joined to `user_directory`. It contains an extra
-  column that enables full text search based on user IDs and display names.
-  Different schemas for SQLite and Postgres are used.
+  column that enables full text search based on user ids and display names.
+  Different schemas for SQLite and Postgres with different code paths to match.
   - Indexed on the full text search data. Indexed on users.
 
 * `user_directory_stream_pos`. When the initial background update to populate
   the directory is complete, we record a stream position here. This indicates
   that synapse should now listen for room changes and incrementally update
-  the directory where necessary. (See [stream positions](development/synapse_architecture/streams.html).)
+  the directory where necessary.
 
-* `users_in_public_rooms`. Contains associations between users and the public
-  rooms they're in.  Used to determine which users are in public rooms and should
-  be publicly visible in the directory. Both local and remote users are tracked.
+* `users_in_public_rooms`. Contains associations between users and the public rooms they're in.
+  Used to determine which users are in public rooms and should be publicly visible in the directory.
 
 * `users_who_share_private_rooms`. Rows are triples `(L, M, room id)` where `L`
    is a local user and `M` is a local or remote user. `L` and `M` should be
    different, but this isn't enforced by a constraint.
-
-   Note that if two local users share a room then there will be two entries:
-   `(user1, user2, !room_id)` and `(user2, user1, !room_id)`.
-
-## Configuration options
-
-The exact way user search works can be tweaked via some server-level
-[configuration options](usage/configuration/config_documentation.md#user_directory).
-
-The information is not repeated here, but the options are mentioned below.
-
-## Search algorithm
-
-If `search_all_users` is `false`, then results are limited to users who:
-
-1. Are found in the `users_in_public_rooms` table, or
-2. Are found in the `users_who_share_private_rooms` where `L` is the requesting
-   user and `M` is the search result.
-
-Otherwise, if `search_all_users` is `true`, no such limits are placed and all
-users known to the server (matching the search query) will be returned.
-
-By default, locked users are not returned. If `show_locked_users` is `true` then
-no filtering on the locked status of a user is done.
-
-The user provided search term is lowercased and normalized using [NFKC](https://en.wikipedia.org/wiki/Unicode_equivalence#Normalization),
-this treats the string as case-insensitive, canonicalizes different forms of the
-same text, and maps some "roughly equivalent" characters together.
-
-The search term is then split into words:
-
-* If [ICU](https://en.wikipedia.org/wiki/International_Components_for_Unicode) is
-  available, then the system's [default locale](https://unicode-org.github.io/icu/userguide/locale/#default-locales)
-  will be used to break the search term into words. (See the
-  [installation instructions](setup/installation.md) for how to install ICU.)
-* If unavailable, then runs of ASCII characters, numbers, underscores, and hyphens
-  are considered words.
-
-The queries for PostgreSQL and SQLite are detailed below, by their overall goal
-is to find matching users, preferring users who are "real" (e.g. not bots,
-not deactivated). It is assumed that real users will have an display name and
-avatar set.
-
-### PostgreSQL
-
-The above words are then transformed into two queries:
-
-1. "exact" which matches the parsed words exactly (using [`to_tsquery`](https://www.postgresql.org/docs/current/textsearch-controls.html#TEXTSEARCH-PARSING-QUERIES));
-2. "prefix" which matches the parsed words as prefixes (using `to_tsquery`).
-
-Results are composed of all rows in the `user_directory_search` table whose information
-matches one (or both) of these queries. Results are ordered by calculating a weighted
-score for each result, higher scores are returned first:
-
-* 4x if a user ID exists.
-* 1.2x if the user has a display name set.
-* 1.2x if the user has an avatar set.
-* 0x-3x by the full text search results using the [`ts_rank_cd` function](https://www.postgresql.org/docs/current/textsearch-controls.html#TEXTSEARCH-RANKING)
-  against the "exact" search query; this has four variables with the following weightings:
-  * `D`: 0.1 for the user ID's domain
-  * `C`: 0.1 for unused
-  * `B`: 0.9 for the user's display name (or an empty string if it is not set)
-  * `A`: 0.1 for the user ID's localpart
-* 0x-1x by the full text search results using the `ts_rank_cd` function against the
-  "prefix" search query. (Using the same weightings as above.)
-* If `prefer_local_users` is `true`, then 2x if the user is local to the homeserver.
-
-Note that `ts_rank_cd` returns a weight between 0 and 1. The initial weighting of
-all results is 1.
-
-### SQLite
-
-Results are composed of all rows in the `user_directory_search` whose information
-matches the query. Results are ordered by the following information, with each
-subsequent column used as a tiebreaker, for each result:
-
-1. By the [`rank`](https://www.sqlite.org/windowfunctions.html#built_in_window_functions)
-   of the full text search results using the [`matchinfo` function](https://www.sqlite.org/fts3.html#matchinfo). Higher
-   ranks are returned first.
-2. If `prefer_local_users` is `true`, then users local to the homeserver are
-   returned first.
-3. Users with a display name set are returned first.
-4. Users with an avatar set are returned first.

docs/website_files/README.md

@@ -24,11 +24,6 @@ Finally, we also stylise the chapter titles in the left sidebar by indenting the
 slightly so that they are more visually distinguishable from the section headers
 (the bold titles). This is done through the `indent-section-headers.css` file.
 
-In addition to these modifications, we have added a version picker to the documentation.
-Users can switch between documentations for different versions of Synapse.
-This functionality was implemented through the `version-picker.js` and
-`version-picker.css` files.
-
 More information can be found in mdbook's official documentation for
 [injecting page JS/CSS](https://rust-lang.github.io/mdBook/format/config.html)
 and

docs/website_files/theme/index.hbs

@@ -131,18 +131,6 @@
                             <i class="fa fa-search"></i>
                         </button>
                         {{/if}}
-                        <div class="version-picker">
-                            <div class="dropdown">
-                                <div class="select">
-                                    <span></span>
-                                    <i class="fa fa-chevron-down"></i>
-                                </div>
-                                <input type="hidden" name="version">
-                                <ul class="dropdown-menu">
-                                    <!-- Versions will be added dynamically in version-picker.js -->
-                                </ul>
-                            </div>
-                        </div>      
                     </div>
 
                     <h1 class="menu-title">{{ book_title }}</h1>
@@ -321,4 +309,4 @@
         {{/if}}
 
     </body>
-</html>
+</html>

docs/website_files/version-picker.css

@@ -1,78 +0,0 @@
-.version-picker {
-    display: flex;
-    align-items: center;
-}
-
-.version-picker .dropdown {
-    width: 130px;
-    max-height: 29px;
-    margin-left: 10px;
-    display: inline-block;
-    border-radius: 4px;
-    border: 1px solid var(--theme-popup-border);
-    position: relative;
-    font-size: 13px;
-    color: var(--fg);
-    height: 100%;
-    text-align: left;
-}
-.version-picker .dropdown .select {
-    cursor: pointer;
-    display: block;
-    padding: 5px 2px 5px 15px;
-}
-.version-picker .dropdown .select > i {
-    font-size: 10px;
-    color: var(--fg);
-    cursor: pointer;
-    float: right;
-    line-height: 20px !important;
-}
-.version-picker .dropdown:hover {
-    border: 1px solid var(--theme-popup-border);
-}
-.version-picker .dropdown:active {
-    background-color: var(--theme-popup-bg);
-}
-.version-picker .dropdown.active:hover,
-.version-picker .dropdown.active {
-    border: 1px solid var(--theme-popup-border);
-    border-radius: 2px 2px 0 0;
-    background-color: var(--theme-popup-bg);
-}
-.version-picker .dropdown.active .select > i {
-    transform: rotate(-180deg);
-}
-.version-picker .dropdown .dropdown-menu {
-    position: absolute;
-    background-color: var(--theme-popup-bg);
-    width: 100%;
-    left: -1px;
-    right: 1px;
-    margin-top: 1px;
-    border: 1px solid var(--theme-popup-border);
-    border-radius: 0 0 4px 4px;
-    overflow: hidden;
-    display: none;
-    max-height: 300px;
-    overflow-y: auto;
-    z-index: 9;
-}
-.version-picker .dropdown .dropdown-menu li {
-    font-size: 12px;
-    padding: 6px 20px;
-    cursor: pointer;
-} 
-.version-picker .dropdown .dropdown-menu {
-    padding: 0;
-    list-style: none;
-}
-.version-picker .dropdown .dropdown-menu li:hover {
-    background-color: var(--theme-hover);
-}
-.version-picker .dropdown .dropdown-menu li.active::before {
-    display: inline-block;
-    content: "✓";
-    margin-inline-start: -14px;
-    width: 14px;
-}

docs/website_files/version-picker.js

@@ -1,127 +0,0 @@
-
-const dropdown = document.querySelector('.version-picker .dropdown');
-const dropdownMenu = dropdown.querySelector('.dropdown-menu');
-
-fetchVersions(dropdown, dropdownMenu).then(() => {
-    initializeVersionDropdown(dropdown, dropdownMenu);
-});
-
-/**
- * Initialize the dropdown functionality for version selection.
- * 
- * @param {Element} dropdown - The dropdown element.
- * @param {Element} dropdownMenu - The dropdown menu element.
- */
-function initializeVersionDropdown(dropdown, dropdownMenu) {
-    // Toggle the dropdown menu on click
-    dropdown.addEventListener('click', function () {
-        this.setAttribute('tabindex', 1);
-        this.classList.toggle('active');
-        dropdownMenu.style.display = (dropdownMenu.style.display === 'block') ? 'none' : 'block';
-    });
-  
-    // Remove the 'active' class and hide the dropdown menu on focusout
-    dropdown.addEventListener('focusout', function () {
-        this.classList.remove('active');
-        dropdownMenu.style.display = 'none';
-    });
-  
-    // Handle item selection within the dropdown menu
-    const dropdownMenuItems = dropdownMenu.querySelectorAll('li');    
-    dropdownMenuItems.forEach(function (item) {
-        item.addEventListener('click', function () {
-            dropdownMenuItems.forEach(function (item) {
-                item.classList.remove('active');
-            });
-            this.classList.add('active');
-            dropdown.querySelector('span').textContent = this.textContent;
-            dropdown.querySelector('input').value = this.getAttribute('id');
-
-            window.location.href = changeVersion(window.location.href, this.textContent);
-        });
-    });
-};
-
-/**
- * This function fetches the available versions from a GitHub repository
- * and inserts them into the version picker.
- * 
- * @param {Element} dropdown - The dropdown element.
- * @param {Element} dropdownMenu - The dropdown menu element.
- * @returns {Promise<Array<string>>} A promise that resolves with an array of available versions.
- */
-function fetchVersions(dropdown, dropdownMenu) {
-    return new Promise((resolve, reject) => {
-        window.addEventListener("load", () => {
-
-            fetch("https://api.github.com/repos/matrix-org/synapse/git/trees/gh-pages", {
-                cache: "force-cache",
-            }).then(res => 
-                res.json()
-            ).then(resObject => {
-                const excluded = ['dev-docs', 'v1.91.0', 'v1.80.0', 'v1.69.0'];
-                const tree = resObject.tree.filter(item => item.type === "tree" && !excluded.includes(item.path));
-                const versions = tree.map(item => item.path).sort(sortVersions);
-
-                // Create a list of <li> items for versions
-                versions.forEach((version) => {
-                    const li = document.createElement("li");
-                    li.textContent = version;
-                    li.id = version;
-    
-                    if (window.SYNAPSE_VERSION === version) {
-                        li.classList.add('active');
-                        dropdown.querySelector('span').textContent = version;
-                        dropdown.querySelector('input').value = version;
-                    }
-    
-                    dropdownMenu.appendChild(li);
-                });
-
-                resolve(versions);
-
-            }).catch(ex => {
-                console.error("Failed to fetch version data", ex);
-                reject(ex);
-            })
-        });
-    });
-}
-
-/**
- * Custom sorting function to sort an array of version strings.
- *
- * @param {string} a - The first version string to compare.
- * @param {string} b - The second version string to compare.
- * @returns {number} - A negative number if a should come before b, a positive number if b should come before a, or 0 if they are equal.
- */
-function sortVersions(a, b) {
-    // Put 'develop' and 'latest' at the top
-    if (a === 'develop' || a === 'latest') return -1;
-    if (b === 'develop' || b === 'latest') return 1;
-
-    const versionA = (a.match(/v\d+(\.\d+)+/) || [])[0];
-    const versionB = (b.match(/v\d+(\.\d+)+/) || [])[0];
-
-    return versionB.localeCompare(versionA);
-}
-
-/**
- * Change the version in a URL path.
- *
- * @param {string} url - The original URL to be modified.
- * @param {string} newVersion - The new version to replace the existing version in the URL.
- * @returns {string} The updated URL with the new version.
- */
-function changeVersion(url, newVersion) {
-    const parsedURL = new URL(url);
-    const pathSegments = parsedURL.pathname.split('/');
-  
-    // Modify the version
-    pathSegments[2] = newVersion;
-
-    // Reconstruct the URL
-    parsedURL.pathname = pathSegments.join('/');
-  
-    return parsedURL.href;
-}

docs/website_files/version.js

@@ -1 +0,0 @@
-window.SYNAPSE_VERSION = 'v1.97';

mypy.ini

@@ -32,13 +32,12 @@ files =
   docker/,
   scripts-dev/,
   synapse/,
-  synmark/,
   tests/,
   build_rust.py
 
 [mypy-synapse.metrics._reactor_metrics]
-# This module  pokes at the internals of OS-specific classes, to appease mypy
-# on different systems we add additional ignores.
+# This module imports select.epoll. That exists on Linux, but doesn't on macOS.
+# See https://github.com/matrix-org/synapse/pull/11771.
 warn_unused_ignores = False
 
 [mypy-synapse.util.caches.treecache]
@@ -81,9 +80,6 @@ ignore_missing_imports = True
 [mypy-pympler.*]
 ignore_missing_imports = True
 
-[mypy-pyperf.*]
-ignore_missing_imports = True
-
 [mypy-rust_python_jaeger_reporter.*]
 ignore_missing_imports = True
 

pyproject.toml

@@ -92,11 +92,10 @@ skip_gitignore = true
 
 [tool.maturin]
 manifest-path = "rust/Cargo.toml"
-module-name = "synapse.synapse_rust"
 
 [tool.poetry]
 name = "matrix-synapse"
-version = "1.97.0"
+version = "1.92.2"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "Apache-2.0"
@@ -181,9 +180,7 @@ PyYAML = ">=3.13"
 pyasn1 = ">=0.1.9"
 pyasn1-modules = ">=0.0.7"
 bcrypt = ">=3.1.7"
-# 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863.
-# Packagers that already took care of libwebp can lower that down to 5.4.0.
-Pillow = ">=10.0.1"
+Pillow = ">=5.4.0"
 # We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2.
 sortedcontainers = ">=1.5.2"
 pymacaroons = ">=0.13.0"
@@ -192,7 +189,7 @@ phonenumbers = ">=8.2.0"
 # we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
 prometheus-client = ">=0.4.0"
 # we use `order`, which arrived in attrs 19.2.0.
-# Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936
+# Note: 21.1.0 broke `/sync`, see #9936
 attrs = ">=19.2.0,!=21.1.0"
 netaddr = ">=0.7.18"
 # Jinja 2.x is incompatible with MarkupSafe>=2.1. To ensure that admins do not
@@ -210,11 +207,11 @@ cryptography = ">=3.4.7"
 # ijson 3.1.4 fixes a bug with "." in property names
 ijson = ">=3.1.4"
 matrix-common = "^1.3.0"
-# We need packaging.verison.Version(...).major added in 20.0.
-packaging = ">=20.0"
-# We support pydantic v1 and pydantic v2 via the pydantic.v1 compat module.
-# See https://github.com/matrix-org/synapse/issues/15858
-pydantic = ">=1.7.4, <3"
+# We need packaging.requirements.Requirement, added in 16.1.
+packaging = ">=16.1"
+# This is the most recent version of Pydantic with available on common distros.
+# We are currently incompatible with >=2.0.0: (https://github.com/matrix-org/synapse/issues/15858)
+pydantic = "^1.7.4"
 
 # This is for building the rust components during "poetry install", which
 # currently ignores the `build-system.requires` directive (c.f.
@@ -321,9 +318,7 @@ all = [
 # This helps prevents merge conflicts when running a batch of dependabot updates.
 isort = ">=5.10.1"
 black = ">=22.7.0"
-ruff = "0.1.4"
-# Type checking only works with the pydantic.v1 compat module from pydantic v2
-pydantic = "^2"
+ruff = "0.0.286"
 
 # Typechecking
 lxml-stubs = ">=0.4.0"
@@ -357,7 +352,7 @@ commonmark = ">=0.9.1"
 pygithub = ">=1.55"
 # The following are executed as commands by the release script.
 twine = "*"
-# Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear.
+# Towncrier min version comes from #3425. Rationale unclear.
 towncrier = ">=18.6.0rc1"
 
 # Used for checking the Poetry lockfile
@@ -375,14 +370,25 @@ myst-parser = {version = "^1.0.0", python = "^3.8"}
 furo = ">=2022.12.7,<2024.0.0"
 
 
+# LSP dependencies
+[tool.poetry.group.dev-lsp]
+optional = true
+
+[tool.poetry.group.dev-lsp.dependencies]
+python-lsp-server = {version = "^1.8.0"}
+python-lsp-ruff = {version = "^1.5.1"}
+pylsp-rope = {version = "^0.1.11"}
+pylsp-mypy = {version = "^0.6.7"}
+
+
+
 [build-system]
 # The upper bounds here are defensive, intended to prevent situations like
-# https://github.com/matrix-org/synapse/issues/13849 and
-# https://github.com/matrix-org/synapse/issues/14079 where we see buildtime or
-# runtime errors caused by build system changes.
+# #13849 and #14079 where we see buildtime or runtime errors caused by build
+# system changes.
 # We are happy to raise these upper bounds upon request,
 # provided we check that it's safe to do so (i.e. that CI passes).
-requires = ["poetry-core>=1.1.0,<=1.7.0", "setuptools_rust>=1.3,<=1.8.1"]
+requires = ["poetry-core>=1.1.0,<=1.7.0", "setuptools_rust>=1.3,<=1.7.0"]
 build-backend = "poetry.core.masonry.api"
 
 

rust/Cargo.toml

@@ -15,8 +15,6 @@ name = "synapse"
 # tests/benchmarks.
 crate-type = ["lib", "cdylib"]
 
-# This is deprecated, see tool.maturin in pyproject.toml.
-# It is left here for compatibilty with maturin < 0.15.
 [package.metadata.maturin]
 # This is where we tell maturin where to place the built library.
 name = "synapse.synapse_rust"
@@ -25,14 +23,14 @@ name = "synapse.synapse_rust"
 anyhow = "1.0.63"
 lazy_static = "1.4.0"
 log = "0.4.17"
-pyo3 = { version = "0.19.2", features = [
+pyo3 = { version = "0.17.1", features = [
     "macros",
     "anyhow",
     "abi3",
-    "abi3-py38",
+    "abi3-py37",
 ] }
 pyo3-log = "0.8.1"
-pythonize = "0.19.0"
+pythonize = "0.17.0"
 regex = "1.6.0"
 serde = { version = "1.0.144", features = ["derive"] }
 serde_json = "1.0.85"

rust/benches/evaluator.rs

@@ -197,7 +197,6 @@ fn bench_eval_message(b: &mut Bencher) {
         false,
         false,
         false,
-        false,
     );
 
     b.iter(|| eval.run(&rules, Some("bob"), Some("person")));

rust/src/acl/mod.rs

@@ -1,102 +0,0 @@
-// Copyright 2023 The Matrix.org Foundation C.I.C.
-//
-// Licensed under the Apache License, Version 2.0 (the "License");
-// you may not use this file except in compliance with the License.
-// You may obtain a copy of the License at
-//
-//     http://www.apache.org/licenses/LICENSE-2.0
-//
-// Unless required by applicable law or agreed to in writing, software
-// distributed under the License is distributed on an "AS IS" BASIS,
-// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-// See the License for the specific language governing permissions and
-// limitations under the License.
-
-//! An implementation of Matrix server ACL rules.
-
-use std::net::Ipv4Addr;
-use std::str::FromStr;
-
-use anyhow::Error;
-use pyo3::prelude::*;
-use regex::Regex;
-
-use crate::push::utils::{glob_to_regex, GlobMatchType};
-
-/// Called when registering modules with python.
-pub fn register_module(py: Python<'_>, m: &PyModule) -> PyResult<()> {
-    let child_module = PyModule::new(py, "acl")?;
-    child_module.add_class::<ServerAclEvaluator>()?;
-
-    m.add_submodule(child_module)?;
-
-    // We need to manually add the module to sys.modules to make `from
-    // synapse.synapse_rust import acl` work.
-    py.import("sys")?
-        .getattr("modules")?
-        .set_item("synapse.synapse_rust.acl", child_module)?;
-
-    Ok(())
-}
-
-#[derive(Debug, Clone)]
-#[pyclass(frozen)]
-pub struct ServerAclEvaluator {
-    allow_ip_literals: bool,
-    allow: Vec<Regex>,
-    deny: Vec<Regex>,
-}
-
-#[pymethods]
-impl ServerAclEvaluator {
-    #[new]
-    pub fn py_new(
-        allow_ip_literals: bool,
-        allow: Vec<&str>,
-        deny: Vec<&str>,
-    ) -> Result<Self, Error> {
-        let allow = allow
-            .iter()
-            .map(|s| glob_to_regex(s, GlobMatchType::Whole))
-            .collect::<Result<_, _>>()?;
-        let deny = deny
-            .iter()
-            .map(|s| glob_to_regex(s, GlobMatchType::Whole))
-            .collect::<Result<_, _>>()?;
-
-        Ok(ServerAclEvaluator {
-            allow_ip_literals,
-            allow,
-            deny,
-        })
-    }
-
-    pub fn server_matches_acl_event(&self, server_name: &str) -> bool {
-        // first of all, check if literal IPs are blocked, and if so, whether the
-        // server name is a literal IP
-        if !self.allow_ip_literals {
-            // check for ipv6 literals. These start with '['.
-            if server_name.starts_with('[') {
-                return false;
-            }
-
-            // check for ipv4 literals. We can just lift the routine from std::net.
-            if Ipv4Addr::from_str(server_name).is_ok() {
-                return false;
-            }
-        }
-
-        // next, check the deny list
-        if self.deny.iter().any(|e| e.is_match(server_name)) {
-            return false;
-        }
-
-        // then the allow list.
-        if self.allow.iter().any(|e| e.is_match(server_name)) {
-            return true;
-        }
-
-        // everything else should be rejected.
-        false
-    }
-}

rust/src/lib.rs

@@ -2,7 +2,6 @@ use lazy_static::lazy_static;
 use pyo3::prelude::*;
 use pyo3_log::ResetHandle;
 
-pub mod acl;
 pub mod push;
 
 lazy_static! {
@@ -39,7 +38,6 @@ fn synapse_rust(py: Python<'_>, m: &PyModule) -> PyResult<()> {
     m.add_function(wrap_pyfunction!(get_rust_file_digest, m)?)?;
     m.add_function(wrap_pyfunction!(reset_logging_config, m)?)?;
 
-    acl::register_module(py, m)?;
     push::register_module(py, m)?;
 
     Ok(())

rust/src/push/base_rules.rs

@@ -63,19 +63,6 @@ pub const BASE_PREPEND_OVERRIDE_RULES: &[PushRule] = &[PushRule {
 }];
 
 pub const BASE_APPEND_OVERRIDE_RULES: &[PushRule] = &[
-    PushRule {
-        rule_id: Cow::Borrowed("global/override/.org.matrix.msc4028.encrypted_event"),
-        priority_class: 5,
-        conditions: Cow::Borrowed(&[Condition::Known(KnownCondition::EventMatch(
-            EventMatchCondition {
-                key: Cow::Borrowed("type"),
-                pattern: Cow::Borrowed("m.room.encrypted"),
-            },
-        ))]),
-        actions: Cow::Borrowed(&[Action::Notify]),
-        default: true,
-        default_enabled: false,
-    },
     PushRule {
         rule_id: Cow::Borrowed("global/override/.m.rule.suppress_notices"),
         priority_class: 5,

rust/src/push/evaluator.rs

@@ -105,17 +105,6 @@ impl PushRuleEvaluator {
     /// Create a new `PushRuleEvaluator`. See struct docstring for details.
     #[allow(clippy::too_many_arguments)]
     #[new]
-    #[pyo3(signature = (
-        flattened_keys,
-        has_mentions,
-        room_member_count,
-        sender_power_level,
-        notification_power_levels,
-        related_events_flattened,
-        related_event_match_enabled,
-        room_version_feature_flags,
-        msc3931_enabled,
-    ))]
     pub fn py_new(
         flattened_keys: BTreeMap<String, JsonValue>,
         has_mentions: bool,
@@ -575,7 +564,7 @@ fn test_requires_room_version_supports_condition() {
     };
     let rules = PushRules::new(vec![custom_rule]);
     result = evaluator.run(
-        &FilteredPushRules::py_new(rules, BTreeMap::new(), true, false, true, false),
+        &FilteredPushRules::py_new(rules, BTreeMap::new(), true, false, true),
         None,
         None,
     );

rust/src/push/mod.rs

@@ -527,7 +527,6 @@ pub struct FilteredPushRules {
     msc1767_enabled: bool,
     msc3381_polls_enabled: bool,
     msc3664_enabled: bool,
-    msc4028_push_encrypted_events: bool,
 }
 
 #[pymethods]
@@ -539,7 +538,6 @@ impl FilteredPushRules {
         msc1767_enabled: bool,
         msc3381_polls_enabled: bool,
         msc3664_enabled: bool,
-        msc4028_push_encrypted_events: bool,
     ) -> Self {
         Self {
             push_rules,
@@ -547,7 +545,6 @@ impl FilteredPushRules {
             msc1767_enabled,
             msc3381_polls_enabled,
             msc3664_enabled,
-            msc4028_push_encrypted_events,
         }
     }
 
@@ -584,12 +581,6 @@ impl FilteredPushRules {
                     return false;
                 }
 
-                if !self.msc4028_push_encrypted_events
-                    && rule.rule_id == "global/override/.org.matrix.msc4028.encrypted_event"
-                {
-                    return false;
-                }
-
                 true
             })
             .map(|r| {

scripts-dev/build_debian_packages.py

@@ -33,7 +33,6 @@ DISTS = (
     "ubuntu:focal",  # 20.04 LTS (EOL 2025-04) (our EOL forced by Python 3.8 is 2024-10-14)
     "ubuntu:jammy",  # 22.04 LTS (EOL 2027-04) (our EOL forced by Python 3.10 is 2026-10-04)
     "ubuntu:lunar",  # 23.04 (EOL 2024-01) (our EOL forced by Python 3.11 is 2027-10-24)
-    "ubuntu:mantic",  # 23.10 (EOL 2024-07) (our EOL forced by Python 3.11 is 2027-10-24)
     "debian:trixie",  # (EOL not specified yet)
 )
 

scripts-dev/check_pydantic_models.py

@@ -36,41 +36,11 @@ import textwrap
 import traceback
 import unittest.mock
 from contextlib import contextmanager
-from typing import (
-    TYPE_CHECKING,
-    Any,
-    Callable,
-    Dict,
-    Generator,
-    List,
-    Set,
-    Type,
-    TypeVar,
-)
+from typing import Any, Callable, Dict, Generator, List, Set, Type, TypeVar
 
 from parameterized import parameterized
-
-from synapse._pydantic_compat import HAS_PYDANTIC_V2
-
-if TYPE_CHECKING or HAS_PYDANTIC_V2:
-    from pydantic.v1 import (
-        BaseModel as PydanticBaseModel,
-        conbytes,
-        confloat,
-        conint,
-        constr,
-    )
-    from pydantic.v1.typing import get_args
-else:
-    from pydantic import (
-        BaseModel as PydanticBaseModel,
-        conbytes,
-        confloat,
-        conint,
-        constr,
-    )
-    from pydantic.typing import get_args
-
+from pydantic import BaseModel as PydanticBaseModel, conbytes, confloat, conint, constr
+from pydantic.typing import get_args
 from typing_extensions import ParamSpec
 
 logger = logging.getLogger(__name__)
@@ -281,10 +251,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import constr
-                except ImportError:
-                    from pydantic import constr
+                from pydantic import constr
                 constr()
                 """
             )
@@ -302,10 +269,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import *
-                except ImportError:
-                    from pydantic import *
+                from pydantic import *
                 constr()
                 """
             )
@@ -314,10 +278,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1.types import constr
-                except ImportError:
-                    from pydantic.types import constr
+                from pydantic.types import constr
                 constr()
                 """
             )
@@ -326,11 +287,8 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import types as pydantic_types
-                except ImportError:
-                    from pydantic import types as pydantic_types
-                pydantic_types.constr()
+                import pydantic.types
+                pydantic.types.constr()
                 """
             )
 
@@ -338,10 +296,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import constr
-                except ImportError:
-                    from pydantic import constr
+                from pydantic import constr
                 constr(min_length=10)
                 """
             )
@@ -350,10 +305,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import constr
-                except ImportError:
-                    from pydantic import constr
+                from pydantic import constr
                 constr(strict=False)
                 """
             )
@@ -362,10 +314,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic():
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import constr
-                except ImportError:
-                    from pydantic import constr
+                from pydantic import constr
                 constr(strict=True)
                 """
             )
@@ -374,10 +323,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import constr
-                except ImportError:
-                    from pydantic import constr
+                from pydantic import constr
                 x: constr()
                 """
             )
@@ -386,10 +332,7 @@ class TestConstrainedTypesPatch(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1 import BaseModel, conint
-                except ImportError:
-                    from pydantic import BaseModel, conint
+                from pydantic import BaseModel, conint
                 class C:
                     x: conint()
                 """
@@ -418,10 +361,7 @@ class TestFieldTypeInspection(unittest.TestCase):
             run_test_snippet(
                 f"""
                 from typing import *
-                try:
-                    from pydantic.v1 import *
-                except ImportError:
-                    from pydantic import *
+                from pydantic import *
                 class C(BaseModel):
                     f: {annotation}
                 """
@@ -448,10 +388,7 @@ class TestFieldTypeInspection(unittest.TestCase):
             run_test_snippet(
                 f"""
                 from typing import *
-                try:
-                    from pydantic.v1 import *
-                except ImportError:
-                    from pydantic import *
+                from pydantic import *
                 class C(BaseModel):
                     f: {annotation}
                 """
@@ -461,10 +398,7 @@ class TestFieldTypeInspection(unittest.TestCase):
         with monkeypatch_pydantic(), self.assertRaises(ModelCheckerException):
             run_test_snippet(
                 """
-                try:
-                    from pydantic.v1.main import BaseModel
-                except ImportError:
-                    from pydantic.main import BaseModel
+                from pydantic.main import BaseModel
                 class C(BaseModel):
                     f: str
                 """