complement: move PG data outside of the container storage

Signed-off-by: Mathieu Velten <mathieuv@matrix.org>
2022-09-14 17:18:35 +02:00
108 changed files with 387 additions and 2126 deletions
--- a/.ci/scripts/postgres_exec.py
+++ b/.ci/scripts/postgres_exec.py
@@ -0,0 +1,31 @@
+#!/usr/bin/env python
+# Copyright 2019 The Matrix.org Foundation C.I.C.
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#     http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+import sys
+
+import psycopg2
+
+# a very simple replacment for `psql`, to make up for the lack of the postgres client
+# libraries in the synapse docker image.
+
+# We use "postgres" as a database because it's bound to exist and the "synapse" one
+# doesn't exist yet.
+db_conn = psycopg2.connect(
+    user="postgres", host="localhost", password="postgres", dbname="postgres"
+)
+db_conn.autocommit = True
+cur = db_conn.cursor()
+for c in sys.argv[1:]:
+    cur.execute(c)
--- a/.ci/scripts/test_export_data_command.sh
+++ b/.ci/scripts/test_export_data_command.sh
@@ -32,7 +32,7 @@ else
 fi

 # Create the PostgreSQL database.
-psql -c "CREATE DATABASE synapse"
+poetry run .ci/scripts/postgres_exec.py "CREATE DATABASE synapse"

 # Port the SQLite databse to postgres so we can check command works against postgres
 echo "+++ Port SQLite3 databse to postgres"
--- a/.ci/scripts/test_synapse_port_db.sh
+++ b/.ci/scripts/test_synapse_port_db.sh
@@ -2,27 +2,27 @@
 #
 # Test script for 'synapse_port_db'.
 #   - configures synapse and a postgres server.
-#   - runs the port script on a prepopulated test sqlite db. Checks that the
-#     return code is zero.
-#   - reruns the port script on the same sqlite db, targetting the same postgres db.
-#     Checks that the return code is zero.
-#   - runs the port script against a new sqlite db. Checks the return code is zero.
+#   - runs the port script on a prepopulated test sqlite db
+#   - also runs it against an new sqlite db
 #
 # Expects Synapse to have been already installed with `poetry install --extras postgres`.
 # Expects `poetry` to be available on the `PATH`.

-set -xe -o pipefail
+set -xe
 cd "$(dirname "$0")/../.."

 echo "--- Generate the signing key"
+
+# Generate the server's signing key.
 poetry run synapse_homeserver --generate-keys -c .ci/sqlite-config.yaml

 echo "--- Prepare test database"
-# Make sure the SQLite3 database is using the latest schema and has no pending background updates.
+
+# Make sure the SQLite3 database is using the latest schema and has no pending background update.
 poetry run update_synapse_database --database-config .ci/sqlite-config.yaml --run-background-updates

 # Create the PostgreSQL database.
-psql -c "CREATE DATABASE synapse"
+poetry run .ci/scripts/postgres_exec.py "CREATE DATABASE synapse"

 echo "+++ Run synapse_port_db against test database"
 # TODO: this invocation of synapse_port_db (and others below) used to be prepended with `coverage run`,
@@ -45,23 +45,9 @@ rm .ci/test_db.db
 poetry run update_synapse_database --database-config .ci/sqlite-config.yaml --run-background-updates

 # re-create the PostgreSQL database.
-psql \
-  -c "DROP DATABASE synapse" \
-  -c "CREATE DATABASE synapse"
+poetry run .ci/scripts/postgres_exec.py \
+  "DROP DATABASE synapse" \
+  "CREATE DATABASE synapse"

 echo "+++ Run synapse_port_db against empty database"
 poetry run synapse_port_db --sqlite-database .ci/test_db.db --postgres-config .ci/postgres-config.yaml
-
-echo "--- Create a brand new postgres database from schema"
-cp .ci/postgres-config.yaml .ci/postgres-config-unported.yaml
-sed -i -e 's/database: synapse/database: synapse_unported/' .ci/postgres-config-unported.yaml
-psql -c "CREATE DATABASE synapse_unported"
-poetry run update_synapse_database --database-config .ci/postgres-config-unported.yaml --run-background-updates
-
-echo "+++ Comparing ported schema with unported schema"
-# Ignore the tables that portdb creates. (Should it tidy them up when the porting is completed?)
-psql synapse -c "DROP TABLE port_from_sqlite3;"
-pg_dump --format=plain --schema-only --no-tablespaces --no-acl --no-owner synapse_unported > unported.sql
-pg_dump --format=plain --schema-only --no-tablespaces --no-acl --no-owner synapse          >   ported.sql
-# By default, `diff` returns zero if there are no changes and nonzero otherwise
-diff -u unported.sql ported.sql | tee schema_diff
--- a/.dockerignore
+++ b/.dockerignore
@@ -8,10 +8,8 @@
 !README.rst
 !pyproject.toml
 !poetry.lock
-!Cargo.lock
 !build_rust.py

 rust/target
-synapse/*.so

 **/__pycache__
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -32,11 +32,9 @@ jobs:
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-python@v2
-      - uses: matrix-org/setup-python-poetry@v1
-        with:
-          extras: "all"
-      - run: poetry run scripts-dev/generate_sample_config.sh --check
-      - run: poetry run scripts-dev/config-lint.sh
+      - run: pip install .
+      - run: scripts-dev/generate_sample_config.sh --check
+      - run: scripts-dev/config-lint.sh

  check-schema-delta:
    runs-on: ubuntu-latest
@@ -78,6 +76,7 @@ jobs:
      - uses: actions/checkout@v2
        with:
          ref: ${{ github.event.pull_request.head.sha }}
+          fetch-depth: 0
      - uses: matrix-org/setup-python-poetry@v1
        with:
          extras: "all"
@@ -94,7 +93,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
            components: clippy
      - uses: Swatinem/rust-cache@v2
@@ -112,7 +111,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
            components: rustfmt
      - uses: Swatinem/rust-cache@v2
@@ -204,7 +203,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
      - uses: Swatinem/rust-cache@v2

@@ -320,7 +319,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
      - uses: Swatinem/rust-cache@v2

@@ -362,22 +361,18 @@ jobs:

    steps:
      - uses: actions/checkout@v2
-      - run: sudo apt-get -qq install xmlsec1 postgresql-client
+      - run: sudo apt-get -qq install xmlsec1
      - uses: matrix-org/setup-python-poetry@v1
        with:
          extras: "postgres"
      - run: .ci/scripts/test_export_data_command.sh
-        env:
-          PGHOST: localhost
-          PGUSER: postgres
-          PGPASSWORD: postgres
-          PGDATABASE: postgres
-

  portdb:
    if: ${{ !failure() && !cancelled() }} # Allow previous steps to be skipped, but not fail
    needs: linting-done
    runs-on: ubuntu-latest
+    env:
+      TOP: ${{ github.workspace }}
    strategy:
      matrix:
        include:
@@ -403,27 +398,12 @@ jobs:

    steps:
      - uses: actions/checkout@v2
-      - run: sudo apt-get -qq install xmlsec1 postgresql-client
+      - run: sudo apt-get -qq install xmlsec1
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: ${{ matrix.python-version }}
          extras: "postgres"
      - run: .ci/scripts/test_synapse_port_db.sh
-        id: run_tester_script
-        env:
-          PGHOST: localhost
-          PGUSER: postgres
-          PGPASSWORD: postgres
-          PGDATABASE: postgres
-      - name: "Upload schema differences"
-        uses: actions/upload-artifact@v3
-        if: ${{ failure() && !cancelled() && steps.run_tester_script.outcome == 'failure' }}
-        with:
-          name: Schema dumps
-          path: |
-            unported.sql
-            ported.sql
-            schema_diff

  complement:
    if: "${{ !failure() && !cancelled() }}"
@@ -452,7 +432,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
      - uses: Swatinem/rust-cache@v2

@@ -478,7 +458,7 @@ jobs:
      - name: Install Rust
        uses: actions-rs/toolchain@v1
        with:
-            toolchain: 1.58.1
+            toolchain: 1.61.0
            override: true
      - uses: Swatinem/rust-cache@v2

--- a/.gitignore
+++ b/.gitignore
@@ -15,9 +15,8 @@ _trial_temp*/
 .DS_Store
 __pycache__/

-# We do want the poetry and cargo lockfile.
+# We do want the poetry lockfile.
 !poetry.lock
-!Cargo.lock

 # stuff that is likely to exist when you run a server locally
 /*.db
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,109 +1,3 @@
-Synapse 1.68.0rc2 (2022-09-23)
-==============================
-
-Please note that Synapse will now refuse to start if configured to use a version of SQLite earlier than 3.27.
-
-In addition, please note that installing Synapse from a source checkout now requires a recent Rust compiler.
-Those using packages will not be affected. On most platforms, installing with `pip install matrix-synapse` will not be affected.
-See the [upgrade notes](https://matrix-org.github.io/synapse/v1.68/upgrade.html#upgrading-to-v1670).
-
-
-Bugfixes
--------
-
- Fix building from packaged sdist. Broke in v1.68.0rc1. ([\#13866](https://github.com/matrix-org/synapse/issues/13866))
-
-
-Internal Changes
----------------
-
- Fix the release script not publishing binary wheels. ([\#13850](https://github.com/matrix-org/synapse/issues/13850))
- Lower minimum supported rustc version to 1.58.1. ([\#13857](https://github.com/matrix-org/synapse/issues/13857))
- Lock Rust dependencies versions. ([\#13858](https://github.com/matrix-org/synapse/issues/13858))
-
-
-Synapse 1.68.0rc1 (2022-09-20)
-==============================
-
-Features
--------
-
- Keep track of when we fail to process a pulled event over federation so we can intelligently back off in the future. ([\#13589](https://github.com/matrix-org/synapse/issues/13589), [\#13814](https://github.com/matrix-org/synapse/issues/13814))
- Add an [admin API endpoint to fetch messages within a particular window of time](https://matrix-org.github.io/synapse/v1.68/admin_api/rooms.html#room-messages-api). ([\#13672](https://github.com/matrix-org/synapse/issues/13672))
- Add an [admin API endpoint to find a user based on their external ID in an auth provider](https://matrix-org.github.io/synapse/v1.68/admin_api/user_admin_api.html#find-a-user-based-on-their-id-in-an-auth-provider). ([\#13810](https://github.com/matrix-org/synapse/issues/13810))
- Cancel the processing of key query requests when they time out. ([\#13680](https://github.com/matrix-org/synapse/issues/13680))
- Improve validation of request bodies for the following client-server API endpoints: [`/account/3pid/msisdn/requestToken`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidmsisdnrequesttoken), [`/org.matrix.msc3720/account_status`](https://github.com/matrix-org/matrix-spec-proposals/blob/babolivier/user_status/proposals/3720-account-status.md#post-_matrixclientv1account_status), [`/account/3pid/add`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidadd), [`/account/3pid/bind`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidbind), [`/account/3pid/delete`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3piddelete) and [`/account/3pid/unbind`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidunbind). ([\#13687](https://github.com/matrix-org/synapse/issues/13687), [\#13736](https://github.com/matrix-org/synapse/issues/13736))
- Document the timestamp when a user accepts the consent, if [consent tracking](https://matrix-org.github.io/synapse/latest/consent_tracking.html) is used. ([\#13741](https://github.com/matrix-org/synapse/issues/13741))
- Add a `listeners[x].request_id_header` configuration option to specify which request header to extract and use as the request ID in order to correlate requests from a reverse proxy. ([\#13801](https://github.com/matrix-org/synapse/issues/13801))
-
-
-Bugfixes
--------
-
- Fix a bug introduced in Synapse v1.41.0 where the `/hierarchy` API returned non-standard information (a `room_id` field under each entry in `children_state`). ([\#13506](https://github.com/matrix-org/synapse/issues/13506))
- Fix a long-standing bug where previously rejected events could end up in room state because they pass auth checks given the current state of the room. ([\#13723](https://github.com/matrix-org/synapse/issues/13723))
- Fix a long-standing bug where Synapse fails to start if a signing key file contains an empty line. ([\#13738](https://github.com/matrix-org/synapse/issues/13738))
- Fix a long-standing bug where Synapse would fail to handle malformed user IDs or room aliases gracefully in certain cases. ([\#13746](https://github.com/matrix-org/synapse/issues/13746))
- Fix a long-standing bug where device lists would remain cached when remote users left and rejoined the last room shared with the local homeserver. ([\#13749](https://github.com/matrix-org/synapse/issues/13749), [\#13826](https://github.com/matrix-org/synapse/issues/13826))
- Fix a long-standing bug that could cause stale caches in some rare cases on the first startup of Synapse with replication. ([\#13766](https://github.com/matrix-org/synapse/issues/13766))
- Fix a long-standing spec compliance bug where Synapse would accept a trailing slash on the end of `/get_missing_events` federation requests. ([\#13789](https://github.com/matrix-org/synapse/issues/13789))
- Delete associated data from `event_failed_pull_attempts`, `insertion_events`, `insertion_event_extremities`, `insertion_event_extremities`, `insertion_event_extremities` when purging the room. ([\#13825](https://github.com/matrix-org/synapse/issues/13825))
-
-
-Improved Documentation
----------------------
-
- Note that `libpq` is required on ARM-based Macs. ([\#13480](https://github.com/matrix-org/synapse/issues/13480))
- Fix a mistake in the config manual: the `event_cache_size` _is_ scaled by `caches.global_factor`. The documentation was incorrect since Synapse v1.22.0. ([\#13726](https://github.com/matrix-org/synapse/issues/13726))
- Fix a typo in the documentation for the login ratelimiting configuration. ([\#13727](https://github.com/matrix-org/synapse/issues/13727))
- Define Synapse's compatability policy for SQLite versions. ([\#13728](https://github.com/matrix-org/synapse/issues/13728))
- Add docs for common fix of deleting the `matrix_synapse.egg-info/` directory for fixing Python dependency problems. ([\#13785](https://github.com/matrix-org/synapse/issues/13785))
- Update request log format documentation to mention the format used when the authenticated user is controlling another user. ([\#13794](https://github.com/matrix-org/synapse/issues/13794))
-
-
-Deprecations and Removals
-------------------------
-
- Synapse will now refuse to start if configured to use SQLite < 3.27. ([\#13760](https://github.com/matrix-org/synapse/issues/13760))
- Don't include redundant `prev_state` in new events. Contributed by Denis Kariakin (@dakariakin). ([\#13791](https://github.com/matrix-org/synapse/issues/13791))
-
-
-Internal Changes
----------------
-
- Add a stub Rust crate. ([\#12595](https://github.com/matrix-org/synapse/issues/12595), [\#13734](https://github.com/matrix-org/synapse/issues/13734), [\#13735](https://github.com/matrix-org/synapse/issues/13735), [\#13743](https://github.com/matrix-org/synapse/issues/13743), [\#13763](https://github.com/matrix-org/synapse/issues/13763), [\#13769](https://github.com/matrix-org/synapse/issues/13769), [\#13778](https://github.com/matrix-org/synapse/issues/13778))
- Bump the minimum dependency of `matrix_common` to 1.3.0 to make use of the `MXCUri` class. Use `MXCUri` to simplify media retention test code. ([\#13162](https://github.com/matrix-org/synapse/issues/13162))
- Add and populate the `event_stream_ordering` column on the `receipts` table for future optimisation of push action processing. Contributed by Nick @ Beeper (@fizzadar). ([\#13703](https://github.com/matrix-org/synapse/issues/13703))
- Rename the `EventFormatVersions` enum values so that they line up with room version numbers. ([\#13706](https://github.com/matrix-org/synapse/issues/13706))
- Update trial old deps CI to use Poetry 1.2.0. ([\#13707](https://github.com/matrix-org/synapse/issues/13707), [\#13725](https://github.com/matrix-org/synapse/issues/13725))
- Add experimental configuration option to allow disabling legacy Prometheus metric names. ([\#13714](https://github.com/matrix-org/synapse/issues/13714), [\#13717](https://github.com/matrix-org/synapse/issues/13717), [\#13718](https://github.com/matrix-org/synapse/issues/13718))
- Fix typechecking with latest types-jsonschema. ([\#13724](https://github.com/matrix-org/synapse/issues/13724))
- Strip number suffix from instance name to consolidate services that traces are spread over. ([\#13729](https://github.com/matrix-org/synapse/issues/13729))
- Instrument `get_metadata_for_events` for understandable traces in Jaeger. ([\#13730](https://github.com/matrix-org/synapse/issues/13730))
- Remove old queries to join room memberships to current state events. Contributed by Nick @ Beeper (@fizzadar). ([\#13745](https://github.com/matrix-org/synapse/issues/13745))
- Avoid raising an error due to malformed user IDs in `get_current_hosts_in_room`. Malformed user IDs cannot currently join a room, so this error would not be hit. ([\#13748](https://github.com/matrix-org/synapse/issues/13748))
- Update the docstrings for `get_users_in_room` and `get_current_hosts_in_room` to explain the impact of partial state. ([\#13750](https://github.com/matrix-org/synapse/issues/13750))
- Use an additional database query when persisting receipts. ([\#13752](https://github.com/matrix-org/synapse/issues/13752))
- Preparatory work for storing thread IDs for notifications and receipts. ([\#13753](https://github.com/matrix-org/synapse/issues/13753))
- Re-type hint some collections as read-only. ([\#13754](https://github.com/matrix-org/synapse/issues/13754))
- Remove unused Prometheus recording rules from `synapse-v2.rules` and add comments describing where the rest are used. ([\#13756](https://github.com/matrix-org/synapse/issues/13756))
- Add a check for editable installs if the Rust library needs rebuilding. ([\#13759](https://github.com/matrix-org/synapse/issues/13759))
- Tag traces with the instance name to be able to easily jump into the right logs and filter traces by instance. ([\#13761](https://github.com/matrix-org/synapse/issues/13761))
- Concurrently fetch room push actions when calculating badge counts. Contributed by Nick @ Beeper (@fizzadar). ([\#13765](https://github.com/matrix-org/synapse/issues/13765))
- Update the script which makes full schema dumps. ([\#13770](https://github.com/matrix-org/synapse/issues/13770))
- Deduplicate `is_server_notices_room`. ([\#13780](https://github.com/matrix-org/synapse/issues/13780))
- Simplify the dependency DAG in the tests workflow. ([\#13784](https://github.com/matrix-org/synapse/issues/13784))
- Remove an old, incorrect migration file. ([\#13788](https://github.com/matrix-org/synapse/issues/13788))
- Remove unused method in `synapse.api.auth.Auth`. ([\#13795](https://github.com/matrix-org/synapse/issues/13795))
- Fix a memory leak when running the unit tests. ([\#13798](https://github.com/matrix-org/synapse/issues/13798))
- Use partial indices on SQLite. ([\#13802](https://github.com/matrix-org/synapse/issues/13802))
- Check that portdb generates the same postgres schema as that in the source tree. ([\#13808](https://github.com/matrix-org/synapse/issues/13808))
- Fix Docker build when Rust .so has been build locally first. ([\#13811](https://github.com/matrix-org/synapse/issues/13811))
- Complement: Initialise the Postgres database directly inside the target image instead of the base Postgres image to fix building using Buildah. ([\#13819](https://github.com/matrix-org/synapse/issues/13819))
- Support providing an index predicate clause when doing upserts. ([\#13822](https://github.com/matrix-org/synapse/issues/13822))
- Minor speedups to linting in CI. ([\#13827](https://github.com/matrix-org/synapse/issues/13827))
-
-
 Synapse 1.67.0 (2022-09-13)
 ===========================

--- a/Cargo.lock
+++ b/Cargo.lock
@@ -1,324 +0,0 @@
-# This file is automatically @generated by Cargo.
-# It is not intended for manual editing.
-version = 3
-
-[[package]]
-name = "autocfg"
-version = "1.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
-
-[[package]]
-name = "bitflags"
-version = "1.3.2"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
-
-[[package]]
-name = "blake2"
-version = "0.10.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b9cf849ee05b2ee5fba5e36f97ff8ec2533916700fc0758d40d92136a42f3388"
-dependencies = [
- "digest",
-]
-
-[[package]]
-name = "block-buffer"
-version = "0.10.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e"
-dependencies = [
- "generic-array",
-]
-
-[[package]]
-name = "cfg-if"
-version = "1.0.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
-
-[[package]]
-name = "crypto-common"
-version = "0.1.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1bfb12502f3fc46cca1bb51ac28df9d618d813cdc3d2f25b9fe775a34af26bb3"
-dependencies = [
- "generic-array",
- "typenum",
-]
-
-[[package]]
-name = "digest"
-version = "0.10.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c"
-dependencies = [
- "block-buffer",
- "crypto-common",
- "subtle",
-]
-
-[[package]]
-name = "generic-array"
-version = "0.14.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9"
-dependencies = [
- "typenum",
- "version_check",
-]
-
-[[package]]
-name = "hex"
-version = "0.4.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
-
-[[package]]
-name = "indoc"
-version = "1.0.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adab1eaa3408fb7f0c777a73e7465fd5656136fc93b670eb6df3c88c2c1344e3"
-
-[[package]]
-name = "libc"
-version = "0.2.132"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8371e4e5341c3a96db127eb2465ac681ced4c433e01dd0e938adbef26ba93ba5"
-
-[[package]]
-name = "lock_api"
-version = "0.4.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "327fa5b6a6940e4699ec49a9beae1ea4845c6bab9314e4f84ac68742139d8c53"
-dependencies = [
- "autocfg",
- "scopeguard",
-]
-
-[[package]]
-name = "once_cell"
-version = "1.13.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "074864da206b4973b84eb91683020dbefd6a8c3f0f38e054d93954e891935e4e"
-
-[[package]]
-name = "parking_lot"
-version = "0.12.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
-dependencies = [
- "lock_api",
- "parking_lot_core",
-]
-
-[[package]]
-name = "parking_lot_core"
-version = "0.9.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929"
-dependencies = [
- "cfg-if",
- "libc",
- "redox_syscall",
- "smallvec",
- "windows-sys",
-]
-
-[[package]]
-name = "proc-macro2"
-version = "1.0.43"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0a2ca2c61bc9f3d74d2886294ab7b9853abd9c1ad903a3ac7815c58989bb7bab"
-dependencies = [
- "unicode-ident",
-]
-
-[[package]]
-name = "pyo3"
-version = "0.16.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0220c44442c9b239dd4357aa856ac468a4f5e1f0df19ddb89b2522952eb4c6ca"
-dependencies = [
- "cfg-if",
- "indoc",
- "libc",
- "parking_lot",
- "pyo3-build-config",
- "pyo3-ffi",
- "pyo3-macros",
- "unindent",
-]
-
-[[package]]
-name = "pyo3-build-config"
-version = "0.16.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c819d397859445928609d0ec5afc2da5204e0d0f73d6bf9e153b04e83c9cdc2"
-dependencies = [
- "once_cell",
- "target-lexicon",
-]
-
-[[package]]
-name = "pyo3-ffi"
-version = "0.16.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ca882703ab55f54702d7bfe1189b41b0af10272389f04cae38fe4cd56c65f75f"
-dependencies = [
- "libc",
- "pyo3-build-config",
-]
-
-[[package]]
-name = "pyo3-macros"
-version = "0.16.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "568749402955ad7be7bad9a09b8593851cd36e549ac90bfd44079cea500f3f21"
-dependencies = [
- "proc-macro2",
- "pyo3-macros-backend",
- "quote",
- "syn",
-]
-
-[[package]]
-name = "pyo3-macros-backend"
-version = "0.16.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "611f64e82d98f447787e82b8e7b0ebc681e1eb78fc1252668b2c605ffb4e1eb8"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
-]
-
-[[package]]
-name = "quote"
-version = "1.0.21"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbe448f377a7d6961e30f5955f9b8d106c3f5e449d493ee1b125c1d43c2b5179"
-dependencies = [
- "proc-macro2",
-]
-
-[[package]]
-name = "redox_syscall"
-version = "0.2.16"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a"
-dependencies = [
- "bitflags",
-]
-
-[[package]]
-name = "scopeguard"
-version = "1.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
-
-[[package]]
-name = "smallvec"
-version = "1.9.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2fd0db749597d91ff862fd1d55ea87f7855a744a8425a64695b6fca237d1dad1"
-
-[[package]]
-name = "subtle"
-version = "2.4.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
-
-[[package]]
-name = "syn"
-version = "1.0.99"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58dbef6ec655055e20b86b15a8cc6d439cca19b667537ac6a1369572d151ab13"
-dependencies = [
- "proc-macro2",
- "quote",
- "unicode-ident",
-]
-
-[[package]]
-name = "synapse"
-version = "0.1.0"
-dependencies = [
- "blake2",
- "hex",
- "pyo3",
-]
-
-[[package]]
-name = "target-lexicon"
-version = "0.12.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c02424087780c9b71cc96799eaeddff35af2bc513278cda5c99fc1f5d026d3c1"
-
-[[package]]
-name = "typenum"
-version = "1.15.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987"
-
-[[package]]
-name = "unicode-ident"
-version = "1.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c4f5b37a154999a8f3f98cc23a628d850e154479cd94decf3414696e12e31aaf"
-
-[[package]]
-name = "unindent"
-version = "0.1.10"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "58ee9362deb4a96cef4d437d1ad49cffc9b9e92d202b6995674e928ce684f112"
-
-[[package]]
-name = "version_check"
-version = "0.9.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
-
-[[package]]
-name = "windows-sys"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2"
-dependencies = [
- "windows_aarch64_msvc",
- "windows_i686_gnu",
- "windows_i686_msvc",
- "windows_x86_64_gnu",
- "windows_x86_64_msvc",
-]
-
-[[package]]
-name = "windows_aarch64_msvc"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47"
-
-[[package]]
-name = "windows_i686_gnu"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6"
-
-[[package]]
-name = "windows_i686_msvc"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024"
-
-[[package]]
-name = "windows_x86_64_gnu"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1"
-
-[[package]]
-name = "windows_x86_64_msvc"
-version = "0.36.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680"
--- a/changelog.d/12595.misc
+++ b/changelog.d/12595.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13480.doc
+++ b/changelog.d/13480.doc
@@ -0,0 +1 @@
+Note that `libpq` is required on ARM-based Macs.
--- a/changelog.d/13506.bugfix
+++ b/changelog.d/13506.bugfix
@@ -0,0 +1 @@
+Fix a bug introduced in Synapse v1.41.0 where the `/hierarchy` API returned non-standard information (a `room_id` field under each entry in `children_state`).
--- a/changelog.d/13672.feature
+++ b/changelog.d/13672.feature
@@ -0,0 +1 @@
+Add admin APIs to fetch messages within a particular window of time.
--- a/changelog.d/13680.feature
+++ b/changelog.d/13680.feature
@@ -0,0 +1 @@
+Cancel the processing of key query requests when they time out.
--- a/changelog.d/13687.feature
+++ b/changelog.d/13687.feature
@@ -0,0 +1 @@
+Improve validation of request bodies for the following client-server API endpoints: [`/account/3pid/msisdn/requestToken`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidmsisdnrequesttoken) and [`/org.matrix.msc3720/account_status`](https://github.com/matrix-org/matrix-spec-proposals/blob/babolivier/user_status/proposals/3720-account-status.md#post-_matrixclientv1account_status).
--- a/changelog.d/13703.misc
+++ b/changelog.d/13703.misc
@@ -0,0 +1 @@
+Add & populate `event_stream_ordering` column on receipts table for future optimisation of push action processing. Contributed by Nick @ Beeper (@fizzadar).
--- a/changelog.d/13706.misc
+++ b/changelog.d/13706.misc
@@ -0,0 +1 @@
+Rename the `EventFormatVersions` enum values so that they line up with room version numbers.
--- a/changelog.d/13707.misc
+++ b/changelog.d/13707.misc
@@ -0,0 +1 @@
+Update trial old deps CI to use poetry 1.2.0.
--- a/changelog.d/13714.misc
+++ b/changelog.d/13714.misc
@@ -0,0 +1 @@
+Add experimental configuration option to allow disabling legacy Prometheus metric names.
--- a/changelog.d/13717.misc
+++ b/changelog.d/13717.misc
@@ -0,0 +1 @@
+Add experimental configuration option to allow disabling legacy Prometheus metric names.
--- a/changelog.d/13718.misc
+++ b/changelog.d/13718.misc
@@ -0,0 +1 @@
+Add experimental configuration option to allow disabling legacy Prometheus metric names.
--- a/changelog.d/13724.misc
+++ b/changelog.d/13724.misc
@@ -0,0 +1 @@
+Fix typechecking with latest types-jsonschema.
--- a/changelog.d/13725.misc
+++ b/changelog.d/13725.misc
@@ -0,0 +1 @@
+Update trial old deps CI to use poetry 1.2.0.
--- a/changelog.d/13726.doc
+++ b/changelog.d/13726.doc
@@ -0,0 +1 @@
+Fix a mistake in the config manual: the `event_cache_size` _is_ scaled by `caches.global_factor`. The documentation was incorrect since Synapse 1.22.
--- a/changelog.d/13727.doc
+++ b/changelog.d/13727.doc
@@ -0,0 +1 @@
+Fix a typo in the documentation for the login ratelimiting configuration.
--- a/changelog.d/13728.doc
+++ b/changelog.d/13728.doc
@@ -0,0 +1 @@
+Define Synapse's compatability policy for SQLite versions.
--- a/changelog.d/13729.misc
+++ b/changelog.d/13729.misc
@@ -0,0 +1 @@
+Strip number suffix from instance name to consolidate services that traces are spread over.
--- a/changelog.d/13730.misc
+++ b/changelog.d/13730.misc
@@ -0,0 +1 @@
+Instrument `get_metadata_for_events` for understandable traces in Jaeger.
--- a/changelog.d/13734.misc
+++ b/changelog.d/13734.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13735.misc
+++ b/changelog.d/13735.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13738.bugfix
+++ b/changelog.d/13738.bugfix
@@ -0,0 +1 @@
+Fix a bug where Synapse fails to start if a signing key file contains an empty line.
--- a/changelog.d/13741.feature
+++ b/changelog.d/13741.feature
@@ -0,0 +1 @@
+Document the timestamp when a user accepts the consent, if [consent tracking](https://matrix-org.github.io/synapse/latest/consent_tracking.html) is used.
--- a/changelog.d/13743.misc
+++ b/changelog.d/13743.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13745.misc
+++ b/changelog.d/13745.misc
@@ -0,0 +1 @@
+Remove old queries to join room memberships to current state events. Contributed by Nick @ Beeper (@fizzadar).
--- a/changelog.d/13746.bugfix
+++ b/changelog.d/13746.bugfix
@@ -0,0 +1 @@
+Fix a long standing bug where Synapse would fail to handle malformed user IDs or room aliases gracefully in certain cases.
--- a/changelog.d/13748.misc
+++ b/changelog.d/13748.misc
@@ -0,0 +1 @@
+Avoid raising an error due to malformed user IDs in `get_current_hosts_in_room`. Malformed user IDs cannot currently join a room, so this error would not be hit.
--- a/changelog.d/13749.bugfix
+++ b/changelog.d/13749.bugfix
@@ -0,0 +1 @@
+Fix a long standing bug where device lists would remain cached when remote users left and rejoined the last room shared with the local homeserver.
--- a/changelog.d/13750.misc
+++ b/changelog.d/13750.misc
@@ -0,0 +1 @@
+Update the docstrings for `get_users_in_room` and `get_current_hosts_in_room` to explain the impact of partial state.
--- a/changelog.d/13752.misc
+++ b/changelog.d/13752.misc
@@ -0,0 +1 @@
+User an additional database query when persisting receipts.
--- a/changelog.d/13754.misc
+++ b/changelog.d/13754.misc
@@ -0,0 +1 @@
+Re-type hint some collections as read-only.
--- a/changelog.d/13756.misc
+++ b/changelog.d/13756.misc
@@ -0,0 +1 @@
+Remove unused Prometheus recording rules from `synapse-v2.rules` and add comments describing where the rest are used.
--- a/changelog.d/13759.misc
+++ b/changelog.d/13759.misc
@@ -0,0 +1 @@
+Add a check for editable installs if the Rust library needs rebuilding.
--- a/changelog.d/13760.removal
+++ b/changelog.d/13760.removal
@@ -0,0 +1 @@
+Synapse will now refuse to start if configured to use SQLite < 3.27.
--- a/changelog.d/13761.misc
+++ b/changelog.d/13761.misc
@@ -0,0 +1 @@
+Tag traces with the instance name to be able to easily jump into the right logs and filter traces by instance.
--- a/changelog.d/13763.misc
+++ b/changelog.d/13763.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13765.misc
+++ b/changelog.d/13765.misc
@@ -0,0 +1 @@
+Concurrently fetch room push actions when calculating badge counts. Contributed by Nick @ Beeper (@fizzadar).
--- a/changelog.d/13766.bugfix
+++ b/changelog.d/13766.bugfix
@@ -0,0 +1 @@
+Fix a long-standing bug where the `cache_invalidation_stream_seq` sequence would begin at 1 instead of 2.
--- a/changelog.d/13769.misc
+++ b/changelog.d/13769.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13770.misc
+++ b/changelog.d/13770.misc
@@ -0,0 +1 @@
+Update the script which makes full schema dumps.
--- a/changelog.d/13778.misc
+++ b/changelog.d/13778.misc
@@ -0,0 +1 @@
+Add a stub Rust crate.
--- a/changelog.d/13784.misc
+++ b/changelog.d/13784.misc
@@ -0,0 +1 @@
+Simplify the dependency DAG in the tests workflow.
--- a/changelog.d/13789.bugfix
+++ b/changelog.d/13789.bugfix
@@ -0,0 +1 @@
+Fix a long-standing spec compliance bug where Synapse would accept a trailing slash on the end of `/get_missing_events` federation requests.
--- a/changelog.d/13806.misc
+++ b/changelog.d/13806.misc
@@ -0,0 +1 @@
+complement tests: put postgres data folder on an host path on /tmp that we bindmount, outside of the container storage that can be quite slow.
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,15 +1,3 @@
-matrix-synapse-py3 (1.68.0~rc2) stable; urgency=medium
-
-  * New Synapse release 1.68.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Fri, 23 Sep 2022 09:40:10 +0100
-
-matrix-synapse-py3 (1.68.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.68.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 20 Sep 2022 11:18:20 +0100
-
 matrix-synapse-py3 (1.67.0) stable; urgency=medium

  * New Synapse release 1.67.0.
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -31,9 +31,7 @@ ARG PYTHON_VERSION=3.9
 ###
 ### Stage 0: generate requirements.txt
 ###
-# We hardcode the use of Debian bullseye here because this could change upstream
-# and other Dockerfiles used for testing are expecting bullseye.
-FROM docker.io/python:${PYTHON_VERSION}-slim-bullseye as requirements
+FROM docker.io/python:${PYTHON_VERSION}-slim as requirements

 # RUN --mount is specific to buildkit and is documented at
 # https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount.
@@ -78,7 +76,7 @@ RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
 ###
 ### Stage 1: builder
 ###
-FROM docker.io/python:${PYTHON_VERSION}-slim-bullseye as builder
+FROM docker.io/python:${PYTHON_VERSION}-slim as builder

 # install the OS build deps
 RUN \
@@ -139,7 +137,7 @@ RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
 ### Stage 2: runtime
 ###

-FROM docker.io/python:${PYTHON_VERSION}-slim-bullseye
+FROM docker.io/python:${PYTHON_VERSION}-slim

 LABEL org.opencontainers.image.url='https://matrix.org/docs/projects/server/synapse'
 LABEL org.opencontainers.image.documentation='https://github.com/matrix-org/synapse/blob/master/docker/README.md'
--- a/docker/complement/Dockerfile
+++ b/docker/complement/Dockerfile
@@ -26,14 +26,7 @@ FROM matrixdotorg/synapse-workers:$SYNAPSE_VERSION
    COPY --from=postgres:13-bullseye /usr/share/postgresql /usr/share/postgresql
    RUN mkdir /var/run/postgresql && chown postgres /var/run/postgresql
    ENV PATH="${PATH}:/usr/lib/postgresql/13/bin"
-    ENV PGDATA=/var/lib/postgresql/data
-
-    # initialise the database cluster in /var/lib/postgresql
-    RUN gosu postgres initdb --locale=C --encoding=UTF-8 --auth-host password
-
-    # Configure a password and create a database for Synapse
-    RUN echo "ALTER USER postgres PASSWORD 'somesecret'" | gosu postgres postgres --single
-    RUN echo "CREATE DATABASE synapse" | gosu postgres postgres --single
+    ENV PGDATA=/var/lib/postgresql/data/main

    # Extend the shared homeserver config to disable rate-limiting,
    # set Complement's static shared secret, enable registration, amongst other
--- a/docker/complement/conf/start_for_complement.sh
+++ b/docker/complement/conf/start_for_complement.sh
@@ -25,8 +25,16 @@ case "$SYNAPSE_COMPLEMENT_DATABASE" in
    # Set postgres authentication details which will be placed in the homeserver config file
    export POSTGRES_PASSWORD=somesecret
    export POSTGRES_USER=postgres
+
    export POSTGRES_HOST=localhost

+    if [ ! -f "$PGDATA/PG_VERSION" ]; then
+      gosu postgres initdb --locale=C --encoding=UTF-8 --auth-host password
+
+      echo "ALTER USER postgres PASSWORD 'somesecret'" | gosu postgres postgres --single
+      echo "CREATE DATABASE synapse" | gosu postgres postgres --single
+    fi
+
    # configure supervisord to start postgres
    export START_POSTGRES=true
    ;;
--- a/docs/admin_api/user_admin_api.md
+++ b/docs/admin_api/user_admin_api.md
@@ -1155,41 +1155,3 @@ GET /_synapse/admin/v1/username_available?username=$localpart

 The request and response format is the same as the
 [/_matrix/client/r0/register/available](https://matrix.org/docs/spec/client_server/r0.6.0#get-matrix-client-r0-register-available) API.
-
-### Find a user based on their ID in an auth provider
-
-The API is:
-
-```
-GET /_synapse/admin/v1/auth_providers/$provider/users/$external_id
-```
-
-When a user matched the given ID for the given provider, an HTTP code `200` with a response body like the following is returned:
-
-```json
-{
-    "user_id": "@hello:example.org"
-}
-```
-
-**Parameters**
-
-The following parameters should be set in the URL:
-
- `provider` - The ID of the authentication provider, as advertised by the [`GET /_matrix/client/v3/login`](https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3login) API in the `m.login.sso` authentication method.
- `external_id` - The user ID from the authentication provider. Usually corresponds to the `sub` claim for OIDC providers, or to the `uid` attestation for SAML2 providers.
-
-The `external_id` may have characters that are not URL-safe (typically `/`, `:` or `@`), so it is advised to URL-encode those parameters.
-
-**Errors**
-
-Returns a `404` HTTP status code if no user was found, with a response body like this:
-
-```json
-{
-    "errcode":"M_NOT_FOUND",
-    "error":"User not found"
-}
-```
-
-_Added in Synapse 1.68.0._
--- a/docs/development/dependencies.md
+++ b/docs/development/dependencies.md
@@ -126,23 +126,6 @@ context of poetry's venv, without having to run `poetry shell` beforehand.
 poetry install --extras all --remove-untracked
 ```

-## ...delete everything and start over from scratch?
-
-```shell
-# Stop the current virtualenv if active
-$ deactivate
-
-# Remove all of the files from the current environment.
-# Don't worry, even though it says "all", this will only
-# remove the Poetry virtualenvs for the current project.
-$ poetry env remove --all
-
-# Reactivate Poetry shell to create the virtualenv again
-$ poetry shell
-# Install everything again
-$ poetry install --extras all
-```
-
 ## ...run a command in the `poetry` virtualenv?

 Use `poetry run cmd args` when you need the python virtualenv context.
@@ -273,16 +256,6 @@ from PyPI. (This is what makes poetry seem slow when doing the first
 `poetry install`.) Try `poetry cache list` and `poetry cache clear --all
 <name of cache>` to see if that fixes things.

-## Remove outdated egg-info
-
-Delete the `matrix_synapse.egg-info/` directory from the root of your Synapse
-install.
-
-This stores some cached information about dependencies and often conflicts with
-letting Poetry do the right thing.
-
-
-
 ## Try `--verbose` or `--dry-run` arguments.

 Sometimes useful to see what poetry's internal logic is.
--- a/docs/reverse_proxy.md
+++ b/docs/reverse_proxy.md
@@ -45,10 +45,6 @@ listens to traffic on localhost. (Do not change `bind_addresses` to `127.0.0.1`
 when using a containerized Synapse, as that will prevent it from responding
 to proxied traffic.)

-Optionally, you can also set
-[`request_id_header`](../usage/configuration/config_documentation.md#listeners)
-so that the server extracts and re-uses the same request ID format that the
-reverse proxy is using.

 ## Reverse-proxy configuration examples

--- a/docs/upgrade.md
+++ b/docs/upgrade.md
@@ -89,13 +89,6 @@ process, for example:
    dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
    ```

-# Upgrading to v1.68.0
-
-As announced in the upgrade notes for v1.67.0, Synapse now requires a SQLite
-version of 3.27.0 or higher if SQLite is in use and source checkouts of Synapse
-now require a recent Rust compiler.
-
-
 # Upgrading to v1.67.0

 ## Direct TCP replication is no longer supported: migrate to Redis
@@ -132,7 +125,7 @@ From the next major release (v1.68.0) Synapse will require SQLite 3.27.0 or
 higher. Synapse v1.67.0 will be the last major release supporting SQLite
 versions 3.22 to 3.26.

-Those using Docker images or Debian packages from Matrix.org will not be
+Those using docker images or Debian packages from Matrix.org will not be
 affected. If you have installed from source, you should check the version of 
 SQLite used by Python with:

@@ -142,7 +135,6 @@ python -c "import sqlite3; print(sqlite3.sqlite_version)"

 If this is too old, refer to your distribution for advice on upgrading.

-
 # Upgrading to v1.66.0

 ## Delegation of email validation no longer supported
--- a/docs/usage/administration/request_log.md
+++ b/docs/usage/administration/request_log.md
@@ -12,14 +12,14 @@ See the following for how to decode the dense data available from the default lo

 | Part  | Explanation | 
 | ----- | ------------ |
-| AAAA  | Timestamp request was logged (not received) |
+| AAAA  | Timestamp request was logged (not recieved) |
 | BBBB  | Logger name (`synapse.access.(http\|https).<tag>`, where 'tag' is defined in the `listeners` config section, normally the port) |
 | CCCC  | Line number in code |
 | DDDD  | Log Level |
 | EEEE  | Request Identifier (This identifier is shared by related log lines)|
 | FFFF  | Source IP (Or X-Forwarded-For if enabled) |
 | GGGG  | Server Port |
-| HHHH  | Federated Server or Local User making request (blank if unauthenticated or not supplied).<br/>If this is of the form `@aaa:example.com|@bbb:example.com`, then that means that `@aaa:example.com` is authenticated but they are controlling `@bbb:example.com`, e.g. if `aaa` is controlling `bbb` [via the admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html#login-as-a-user). |
+| HHHH  | Federated Server or Local User making request (blank if unauthenticated or not supplied) |
 | IIII  | Total Time to process the request |
 | JJJJ  | Time to send response over network once generated (this may be negative if the socket is closed before the response is generated)|
 | KKKK  | Userland CPU time |
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@@ -434,16 +434,7 @@ Sub-options for each listener include:
 * `tls`: set to true to enable TLS for this listener. Will use the TLS key/cert specified in tls_private_key_path / tls_certificate_path.

 * `x_forwarded`: Only valid for an 'http' listener. Set to true to use the X-Forwarded-For header as the client IP. Useful when Synapse is
-   behind a [reverse-proxy](../../reverse_proxy.md).
-
-* `request_id_header`: The header extracted from each incoming request that is
-   used as the basis for the request ID. The request ID is used in
-   [logs](../administration/request_log.md#request-log-format) and tracing to
-   correlate and match up requests. When unset, Synapse will automatically
-   generate sequential request IDs. This option is useful when Synapse is behind
-   a [reverse-proxy](../../reverse_proxy.md).
-
-   _Added in Synapse 1.68.0._
+   behind a reverse-proxy.

 * `resources`: Only valid for an 'http' listener. A list of resources to host
   on this port. Sub-options for each resource are:
--- a/poetry.lock
+++ b/poetry.lock
@@ -524,11 +524,11 @@ python-versions = ">=3.7"

 [[package]]
 name = "matrix-common"
-version = "1.3.0"
+version = "1.2.1"
 description = "Common utilities for Synapse, Sydent and Sygnal"
 category = "main"
 optional = false
-python-versions = ">=3.7"
+python-versions = ">=3.6"

 [package.dependencies]
 attrs = "*"
@@ -1625,7 +1625,7 @@ url_preview = ["lxml"]
 [metadata]
 lock-version = "1.1"
 python-versions = "^3.7.1"
-content-hash = "1b14fc274d9e2a495a7f864150f3ffcf4d9f585e09a67e53301ae4ef3c2f3e48"
+content-hash = "79cfa09d59f9f8b5ef24318fb860df1915f54328692aa56d04331ecbdd92a8cb"

 [metadata.files]
 attrs = [
@@ -2113,8 +2113,8 @@ markupsafe = [
    {file = "MarkupSafe-2.1.0.tar.gz", hash = "sha256:80beaf63ddfbc64a0452b841d8036ca0611e049650e20afcb882f5d3c266d65f"},
 ]
 matrix-common = [
-    {file = "matrix_common-1.3.0-py3-none-any.whl", hash = "sha256:524e2785b9b03be4d15f3a8a6b857c5b6af68791ffb1b9918f0ad299abc4db20"},
-    {file = "matrix_common-1.3.0.tar.gz", hash = "sha256:62e121cccd9f243417b57ec37a76dc44aeb198a7a5c67afd6b8275992ff2abd1"},
+    {file = "matrix_common-1.2.1-py3-none-any.whl", hash = "sha256:946709c405944a0d4b1d73207b77eb064b6dbfc5d70a69471320b06d8ce98b20"},
+    {file = "matrix_common-1.2.1.tar.gz", hash = "sha256:a99dcf02a6bd95b24a5a61b354888a2ac92bf2b4b839c727b8dd9da2cdfa3853"},
 ]
 matrix-synapse-ldap3 = [
    {file = "matrix-synapse-ldap3-0.2.2.tar.gz", hash = "sha256:b388d95693486eef69adaefd0fd9e84463d52fe17b0214a00efcaa669b73cb74"},
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -57,7 +57,7 @@ manifest-path = "rust/Cargo.toml"

 [tool.poetry]
 name = "matrix-synapse"
-version = "1.68.0rc2"
+version = "1.67.0"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "Apache-2.0"
@@ -88,7 +88,6 @@ include = [
    { path = "Cargo.toml", format = "sdist" },
    { path = "rust/Cargo.toml", format = "sdist" },
    { path = "rust/Cargo.lock", format = "sdist" },
-    { path = "rust/build.rs", format = "sdist" },
    { path = "rust/src/**", format = "sdist" },
 ]
 exclude = [
@@ -165,7 +164,7 @@ typing-extensions = ">=3.10.0.1"
 cryptography = ">=3.4.7"
 # ijson 3.1.4 fixes a bug with "." in property names
 ijson = ">=3.1.4"
-matrix-common = "^1.3.0"
+matrix-common = "^1.2.1"
 # We need packaging.requirements.Requirement, added in 16.1.
 packaging = ">=16.1"
 # At the time of writing, we only use functions from the version `importlib.metadata`
--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -7,7 +7,7 @@ name = "synapse"
 version = "0.1.0"

 edition = "2021"
-rust-version = "1.58.1"
+rust-version = "1.61.0"

 [lib]
 name = "synapse"
--- a/scripts-dev/complement.sh
+++ b/scripts-dev/complement.sh
@@ -122,7 +122,14 @@ if [ -n "$skip_complement_run" ]; then
    exit
 fi

+PG_DATA_FOLDER=/tmp/postgres-data
+
+rm -rf $PG_DATA_FOLDER
+mkdir -p $PG_DATA_FOLDER
+chmod 777 $PG_DATA_FOLDER
+
 export COMPLEMENT_BASE_IMAGE=complement-synapse
+export COMPLEMENT_HOST_MOUNTS=$PG_DATA_FOLDER:/var/lib/postgresql/data

 extra_test_args=()

@@ -178,3 +185,5 @@ echo "Images built; running complement"
 cd "$COMPLEMENT_DIR"

 go test -v -tags $test_tags -count=1 "${extra_test_args[@]}" "$@" ./tests/...
+
+rm -rf $PG_DATA_FOLDER
--- a/scripts-dev/release.py
+++ b/scripts-dev/release.py
@@ -427,12 +427,11 @@ def _publish(gh_token: str) -> None:


@cli.command()
-@click.option("--gh-token", envvar=["GH_TOKEN", "GITHUB_TOKEN"], required=False)
-def upload(gh_token: Optional[str]) -> None:
-    _upload(gh_token)
+def upload() -> None:
+    _upload()


-def _upload(gh_token: Optional[str]) -> None:
+def _upload() -> None:
    """Upload release to pypi."""

    current_version = get_package_version()
@@ -445,40 +444,18 @@ def _upload(gh_token: Optional[str]) -> None:
        click.echo("Tag {tag_name} (tag.commit) is not currently checked out!")
        click.get_current_context().abort()

-    # Query all the assets corresponding to this release.
-    gh = Github(gh_token)
-    gh_repo = gh.get_repo("matrix-org/synapse")
-    gh_release = gh_repo.get_release(tag_name)
-
-    all_assets = set(gh_release.get_assets())
-
-    # Only accept the wheels and sdist.
-    # Notably: we don't care about debs.tar.xz.
-    asset_names_and_urls = sorted(
-        (asset.name, asset.browser_download_url)
-        for asset in all_assets
-        if asset.name.endswith((".whl", ".tar.gz"))
-    )
-
-    # Print out what we've determined.
-    print("Found relevant assets:")
-    for asset_name, _ in asset_names_and_urls:
-        print(f" - {asset_name}")
-
-    ignored_asset_names = sorted(
-        {asset.name for asset in all_assets}
-        - {asset_name for asset_name, _ in asset_names_and_urls}
-    )
-    print("\nIgnoring irrelevant assets:")
-    for asset_name in ignored_asset_names:
-        print(f" - {asset_name}")
+    pypi_asset_names = [
+        f"matrix_synapse-{current_version}-py3-none-any.whl",
+        f"matrix-synapse-{current_version}.tar.gz",
+    ]

    with TemporaryDirectory(prefix=f"synapse_upload_{tag_name}_") as tmpdir:
-        for name, asset_download_url in asset_names_and_urls:
+        for name in pypi_asset_names:
            filename = path.join(tmpdir, name)
+            url = f"https://github.com/matrix-org/synapse/releases/download/{tag_name}/{name}"

            click.echo(f"Downloading {name} into {filename}")
-            urllib.request.urlretrieve(asset_download_url, filename=filename)
+            urllib.request.urlretrieve(url, filename=filename)

        if click.confirm("Upload to PyPI?", default=True):
            subprocess.run("twine upload *", shell=True, cwd=tmpdir)
@@ -695,7 +672,7 @@ def full(gh_token: str) -> None:
    _publish(gh_token)

    click.echo("\n*** upload ***")
-    _upload(gh_token)
+    _upload()

    click.echo("\n*** merge back ***")
    _merge_back()
--- a/synapse/api/auth.py
+++ b/synapse/api/auth.py
@@ -459,6 +459,15 @@ class Auth:
            )
            raise InvalidClientTokenError("Invalid access token passed.")

+    def get_appservice_by_req(self, request: SynapseRequest) -> ApplicationService:
+        token = self.get_access_token_from_request(request)
+        service = self.store.get_app_service_by_token(token)
+        if not service:
+            logger.warning("Unrecognised appservice access token.")
+            raise InvalidClientTokenError()
+        request.requester = create_requester(service.sender, app_service=service)
+        return service
+
    async def is_server_admin(self, requester: Requester) -> bool:
        """Check if the given user is a local server admin.

--- a/synapse/config/server.py
+++ b/synapse/config/server.py
@@ -206,7 +206,6 @@ class HttpListenerConfig:
    resources: List[HttpResourceConfig] = attr.Factory(list)
    additional_resources: Dict[str, dict] = attr.Factory(dict)
    tag: Optional[str] = None
-    request_id_header: Optional[str] = None


@attr.s(slots=True, frozen=True, auto_attribs=True)
@@ -521,11 +520,9 @@ class ServerConfig(Config):
        ):
            raise ConfigError("allowed_avatar_mimetypes must be a list")

-        listeners = config.get("listeners", [])
-        if not isinstance(listeners, list):
-            raise ConfigError("Expected a list", ("listeners",))
-
-        self.listeners = [parse_listener_def(i, x) for i, x in enumerate(listeners)]
+        self.listeners = [
+            parse_listener_def(i, x) for i, x in enumerate(config.get("listeners", []))
+        ]

        # no_tls is not really supported any more, but let's grandfather it in
        # here.
@@ -892,9 +889,6 @@ def read_gc_thresholds(

 def parse_listener_def(num: int, listener: Any) -> ListenerConfig:
    """parse a listener config from the config file"""
-    if not isinstance(listener, dict):
-        raise ConfigError("Expected a dictionary", ("listeners", str(num)))
-
    listener_type = listener["type"]
    # Raise a helpful error if direct TCP replication is still configured.
    if listener_type == "replication":
@@ -934,7 +928,6 @@ def parse_listener_def(num: int, listener: Any) -> ListenerConfig:
            resources=resources,
            additional_resources=listener.get("additional_resources", {}),
            tag=listener.get("tag"),
-            request_id_header=listener.get("request_id_header"),
        )

    return ListenerConfig(port, bind_addresses, listener_type, tls, http_config)
--- a/synapse/events/builder.py
+++ b/synapse/events/builder.py
@@ -167,6 +167,7 @@ class EventBuilder:
            "content": self.content,
            "unsigned": self.unsigned,
            "depth": depth,
+            "prev_state": [],
        }

        if self.is_state():
--- a/synapse/federation/federation_client.py
+++ b/synapse/federation/federation_client.py
@@ -906,6 +906,9 @@ class FederationClient(FederationBase):
            # The protoevent received over the JSON wire may not have all
            # the required fields. Lets just gloss over that because
            # there's some we never care about
+            if "prev_state" not in pdu_dict:
+                pdu_dict["prev_state"] = []
+
            ev = builder.create_local_event_from_event_dict(
                self._clock,
                self.hostname,
--- a/synapse/handlers/e2e_keys.py
+++ b/synapse/handlers/e2e_keys.py
@@ -188,21 +188,18 @@ class E2eKeysHandler:
                )
                invalid_cached_users = cached_users - valid_cached_users
                if invalid_cached_users:
-                    # Fix up results. If we get here, it means there was either a bug in
-                    # device list tracking, or we hit the race mentioned above.
-                    # TODO: In practice, this path is hit fairly often in existing
-                    #       deployments when clients query the keys of departed remote
-                    #       users. A background update to mark the appropriate device
-                    #       lists as unsubscribed is needed.
-                    #       https://github.com/matrix-org/synapse/issues/13651
-                    # Note that this currently introduces a failure mode when clients
-                    # are trying to decrypt old messages from a remote user whose
-                    # homeserver is no longer available. We may want to consider falling
-                    # back to the cached data when we fail to retrieve a device list
-                    # over federation for such remote users.
+                    # Fix up results. If we get here, there is either a bug in device
+                    # list tracking, or we hit the race mentioned above.
                    user_ids_not_in_cache.update(invalid_cached_users)
                    for invalid_user_id in invalid_cached_users:
                        remote_results.pop(invalid_user_id)
+                    # This log message may be removed if it turns out it's almost
+                    # entirely triggered by races.
+                    logger.error(
+                        "Devices for %s were cached, but the server no longer shares "
+                        "any rooms with them. The cached device lists are stale.",
+                        invalid_cached_users,
+                    )

                for user_id, devices in remote_results.items():
                    user_devices = results.setdefault(user_id, {})
--- a/synapse/handlers/federation_event.py
+++ b/synapse/handlers/federation_event.py
@@ -862,15 +862,7 @@ class FederationEventHandler:
            self._sanity_check_event(event)
        except SynapseError as err:
            logger.warning("Event %s failed sanity check: %s", event_id, err)
-            await self._store.record_event_failed_pull_attempt(
-                event.room_id, event_id, str(err)
-            )
            return
-        except Exception as exc:
-            await self._store.record_event_failed_pull_attempt(
-                event.room_id, event_id, str(exc)
-            )
-            raise exc

        try:
            try:
@@ -905,19 +897,10 @@ class FederationEventHandler:
                    backfilled=backfilled,
                )
        except FederationError as e:
-            await self._store.record_event_failed_pull_attempt(
-                event.room_id, event_id, str(e)
-            )
-
            if e.code == 403:
                logger.warning("Pulled event %s failed history check.", event_id)
            else:
                raise
-        except Exception as exc:
-            await self._store.record_event_failed_pull_attempt(
-                event.room_id, event_id, str(exc)
-            )
-            raise exc

    @trace
    async def _compute_event_context_with_maybe_missing_prevs(
--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -752,12 +752,20 @@ class EventCreationHandler:
        if builder.type == EventTypes.Member:
            membership = builder.content.get("membership", None)
            if membership == Membership.JOIN:
-                return await self.store.is_server_notice_room(builder.room_id)
+                return await self._is_server_notices_room(builder.room_id)
            elif membership == Membership.LEAVE:
                # the user is always allowed to leave (but not kick people)
                return builder.state_key == requester.user.to_string()
        return False

+    async def _is_server_notices_room(self, room_id: str) -> bool:
+        if self.config.servernotices.server_notices_mxid is None:
+            return False
+        is_server_notices_room = await self.store.check_local_user_in_room(
+            user_id=self.config.servernotices.server_notices_mxid, room_id=room_id
+        )
+        return is_server_notices_room
+
    async def assert_accepted_privacy_policy(self, requester: Requester) -> None:
        """Check if a user has accepted the privacy policy

--- a/synapse/handlers/room_member.py
+++ b/synapse/handlers/room_member.py
@@ -837,7 +837,7 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):
                old_membership == Membership.INVITE
                and effective_membership_state == Membership.LEAVE
            ):
-                is_blocked = await self.store.is_server_notice_room(room_id)
+                is_blocked = await self._is_server_notice_room(room_id)
                if is_blocked:
                    raise SynapseError(
                        HTTPStatus.FORBIDDEN,
@@ -1617,6 +1617,14 @@ class RoomMemberHandler(metaclass=abc.ABCMeta):

        return False

+    async def _is_server_notice_room(self, room_id: str) -> bool:
+        if self._server_notices_mxid is None:
+            return False
+        is_server_notices_room = await self.store.check_local_user_in_room(
+            user_id=self._server_notices_mxid, room_id=room_id
+        )
+        return is_server_notices_room
+

 class RoomMemberMasterHandler(RoomMemberHandler):
    def __init__(self, hs: "HomeServer"):
--- a/synapse/http/site.py
+++ b/synapse/http/site.py
@@ -72,12 +72,10 @@ class SynapseRequest(Request):
        site: "SynapseSite",
        *args: Any,
        max_request_body_size: int = 1024,
-        request_id_header: Optional[str] = None,
        **kw: Any,
    ):
        super().__init__(channel, *args, **kw)
        self._max_request_body_size = max_request_body_size
-        self.request_id_header = request_id_header
        self.synapse_site = site
        self.reactor = site.reactor
        self._channel = channel  # this is used by the tests
@@ -174,14 +172,7 @@ class SynapseRequest(Request):
        self._opentracing_span = span

    def get_request_id(self) -> str:
-        request_id_value = None
-        if self.request_id_header:
-            request_id_value = self.getHeader(self.request_id_header)
-
-        if request_id_value is None:
-            request_id_value = str(self.request_seq)
-
-        return "%s-%s" % (self.get_method(), request_id_value)
+        return "%s-%i" % (self.get_method(), self.request_seq)

    def get_redacted_uri(self) -> str:
        """Gets the redacted URI associated with the request (or placeholder if the URI
@@ -620,15 +611,12 @@ class SynapseSite(Site):
        proxied = config.http_options.x_forwarded
        request_class = XForwardedForRequest if proxied else SynapseRequest

-        request_id_header = config.http_options.request_id_header
-
        def request_factory(channel: HTTPChannel, queued: bool) -> Request:
            return request_class(
                channel,
                self,
                max_request_body_size=max_request_body_size,
                queued=queued,
-                request_id_header=request_id_header,
            )

        self.requestFactory = request_factory  # type: ignore
--- a/synapse/push/bulk_push_rule_evaluator.py
+++ b/synapse/push/bulk_push_rule_evaluator.py
@@ -198,7 +198,7 @@ class BulkPushRuleEvaluator:
        return pl_event.content if pl_event else {}, sender_level

    async def _get_mutual_relations(
-        self, parent_id: str, rules: Iterable[Tuple[PushRule, bool]]
+        self, event: EventBase, rules: Iterable[Tuple[PushRule, bool]]
    ) -> Dict[str, Set[Tuple[str, str]]]:
        """
        Fetch event metadata for events which related to the same event as the given event.
@@ -206,7 +206,7 @@ class BulkPushRuleEvaluator:
        If the given event has no relation information, returns an empty dictionary.

        Args:
-            parent_id: The event ID which is targeted by relations.
+            event_id: The event ID which is targeted by relations.
            rules: The push rules which will be processed for this event.

        Returns:
@@ -220,6 +220,12 @@ class BulkPushRuleEvaluator:
        if not self._relations_match_enabled:
            return {}

+        # If the event does not have a relation, then cannot have any mutual
+        # relations.
+        relation = relation_from_event(event)
+        if not relation:
+            return {}
+
        # Pre-filter to figure out which relation types are interesting.
        rel_types = set()
        for rule, enabled in rules:
@@ -240,7 +246,9 @@ class BulkPushRuleEvaluator:
            return {}

        # If any valid rules were found, fetch the mutual relations.
-        return await self.store.get_mutual_event_relations(parent_id, rel_types)
+        return await self.store.get_mutual_event_relations(
+            relation.parent_id, rel_types
+        )

    @measure_func("action_for_event_by_user")
    async def action_for_event_by_user(
@@ -273,17 +281,9 @@ class BulkPushRuleEvaluator:
            sender_power_level,
        ) = await self._get_power_levels_and_sender_level(event, context)

-        relation = relation_from_event(event)
-        # If the event does not have a relation, then cannot have any mutual
-        # relations or thread ID.
-        relations = {}
-        thread_id = "main"
-        if relation:
-            relations = await self._get_mutual_relations(
-                relation.parent_id, itertools.chain(*rules_by_user.values())
-            )
-            if relation.rel_type == RelationTypes.THREAD:
-                thread_id = relation.parent_id
+        relations = await self._get_mutual_relations(
+            event, itertools.chain(*rules_by_user.values())
+        )

        evaluator = PushRuleEvaluatorForEvent(
            event,
@@ -352,7 +352,6 @@ class BulkPushRuleEvaluator:
            event.event_id,
            actions_by_user,
            count_as_unread,
-            thread_id,
        )


--- a/synapse/rest/admin/init.py
+++ b/synapse/rest/admin/init.py
@@ -80,7 +80,6 @@ from synapse.rest.admin.users import (
    SearchUsersRestServlet,
    ShadowBanRestServlet,
    UserAdminServlet,
-    UserByExternalId,
    UserMembershipRestServlet,
    UserRegisterServlet,
    UserRestServletV2,
@@ -276,7 +275,6 @@ def register_servlets(hs: "HomeServer", http_server: HttpServer) -> None:
    ListDestinationsRestServlet(hs).register(http_server)
    RoomMessagesRestServlet(hs).register(http_server)
    RoomTimestampToEventRestServlet(hs).register(http_server)
-    UserByExternalId(hs).register(http_server)

    # Some servlets only get registered for the main process.
    if hs.config.worker.worker_app is None:
--- a/synapse/rest/admin/users.py
+++ b/synapse/rest/admin/users.py
@@ -1156,30 +1156,3 @@ class AccountDataRestServlet(RestServlet):
                "rooms": by_room_data,
            },
        }
-
-
-class UserByExternalId(RestServlet):
-    """Find a user based on an external ID from an auth provider"""
-
-    PATTERNS = admin_patterns(
-        "/auth_providers/(?P<provider>[^/]*)/users/(?P<external_id>[^/]*)"
-    )
-
-    def __init__(self, hs: "HomeServer"):
-        self._auth = hs.get_auth()
-        self._store = hs.get_datastores().main
-
-    async def on_GET(
-        self,
-        request: SynapseRequest,
-        provider: str,
-        external_id: str,
-    ) -> Tuple[int, JsonDict]:
-        await assert_requester_is_admin(self._auth, request)
-
-        user_id = await self._store.get_user_by_external_id(provider, external_id)
-
-        if user_id is None:
-            raise NotFoundError("User not found")
-
-        return HTTPStatus.OK, {"user_id": user_id}
--- a/synapse/rest/client/account.py
+++ b/synapse/rest/client/account.py
@@ -19,7 +19,6 @@ from typing import TYPE_CHECKING, List, Optional, Tuple
 from urllib.parse import urlparse

 from pydantic import StrictBool, StrictStr, constr
-from typing_extensions import Literal

 from twisted.web.server import Request

@@ -44,7 +43,6 @@ from synapse.metrics import threepid_send_requests
 from synapse.push.mailer import Mailer
 from synapse.rest.client.models import (
    AuthenticationData,
-    ClientSecretStr,
    EmailRequestTokenBody,
    MsisdnRequestTokenBody,
 )
@@ -629,11 +627,6 @@ class ThreepidAddRestServlet(RestServlet):
        self.auth = hs.get_auth()
        self.auth_handler = hs.get_auth_handler()

-    class PostBody(RequestBodyModel):
-        auth: Optional[AuthenticationData] = None
-        client_secret: ClientSecretStr
-        sid: StrictStr
-
    @interactive_auth_handler
    async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
        if not self.hs.config.registration.enable_3pid_changes:
@@ -643,17 +636,22 @@ class ThreepidAddRestServlet(RestServlet):

        requester = await self.auth.get_user_by_req(request)
        user_id = requester.user.to_string()
-        body = parse_and_validate_json_object_from_request(request, self.PostBody)
+        body = parse_json_object_from_request(request)
+
+        assert_params_in_dict(body, ["client_secret", "sid"])
+        sid = body["sid"]
+        client_secret = body["client_secret"]
+        assert_valid_client_secret(client_secret)

        await self.auth_handler.validate_user_via_ui_auth(
            requester,
            request,
-            body.dict(exclude_unset=True),
+            body,
            "add a third-party identifier to your account",
        )

        validation_session = await self.identity_handler.validate_threepid_session(
-            body.client_secret, body.sid
+            client_secret, sid
        )
        if validation_session:
            await self.auth_handler.add_threepid(
@@ -678,20 +676,23 @@ class ThreepidBindRestServlet(RestServlet):
        self.identity_handler = hs.get_identity_handler()
        self.auth = hs.get_auth()

-    class PostBody(RequestBodyModel):
-        client_secret: ClientSecretStr
-        id_access_token: StrictStr
-        id_server: StrictStr
-        sid: StrictStr
-
    async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
-        body = parse_and_validate_json_object_from_request(request, self.PostBody)
+        body = parse_json_object_from_request(request)
+
+        assert_params_in_dict(
+            body, ["id_server", "sid", "id_access_token", "client_secret"]
+        )
+        id_server = body["id_server"]
+        sid = body["sid"]
+        id_access_token = body["id_access_token"]
+        client_secret = body["client_secret"]
+        assert_valid_client_secret(client_secret)

        requester = await self.auth.get_user_by_req(request)
        user_id = requester.user.to_string()

        await self.identity_handler.bind_threepid(
-            body.client_secret, body.sid, user_id, body.id_server, body.id_access_token
+            client_secret, sid, user_id, id_server, id_access_token
        )

        return 200, {}
@@ -707,27 +708,23 @@ class ThreepidUnbindRestServlet(RestServlet):
        self.auth = hs.get_auth()
        self.datastore = self.hs.get_datastores().main

-    class PostBody(RequestBodyModel):
-        address: StrictStr
-        id_server: Optional[StrictStr] = None
-        medium: Literal["email", "msisdn"]
-
    async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
        """Unbind the given 3pid from a specific identity server, or identity servers that are
        known to have this 3pid bound
        """
        requester = await self.auth.get_user_by_req(request)
-        body = parse_and_validate_json_object_from_request(request, self.PostBody)
+        body = parse_json_object_from_request(request)
+        assert_params_in_dict(body, ["medium", "address"])
+
+        medium = body.get("medium")
+        address = body.get("address")
+        id_server = body.get("id_server")

        # Attempt to unbind the threepid from an identity server. If id_server is None, try to
        # unbind from all identity servers this threepid has been added to in the past
        result = await self.identity_handler.try_unbind_threepid(
            requester.user.to_string(),
-            {
-                "address": body.address,
-                "medium": body.medium,
-                "id_server": body.id_server,
-            },
+            {"address": address, "medium": medium, "id_server": id_server},
        )
        return 200, {"id_server_unbind_result": "success" if result else "no-support"}

@@ -741,25 +738,21 @@ class ThreepidDeleteRestServlet(RestServlet):
        self.auth = hs.get_auth()
        self.auth_handler = hs.get_auth_handler()

-    class PostBody(RequestBodyModel):
-        address: StrictStr
-        id_server: Optional[StrictStr] = None
-        medium: Literal["email", "msisdn"]
-
    async def on_POST(self, request: SynapseRequest) -> Tuple[int, JsonDict]:
        if not self.hs.config.registration.enable_3pid_changes:
            raise SynapseError(
                400, "3PID changes are disabled on this server", Codes.FORBIDDEN
            )

-        body = parse_and_validate_json_object_from_request(request, self.PostBody)
+        body = parse_json_object_from_request(request)
+        assert_params_in_dict(body, ["medium", "address"])

        requester = await self.auth.get_user_by_req(request)
        user_id = requester.user.to_string()

        try:
            ret = await self.auth_handler.delete_threepid(
-                user_id, body.medium, body.address, body.id_server
+                user_id, body["medium"], body["address"], body.get("id_server")
            )
        except Exception:
            # NB. This endpoint should succeed if there is nothing to
--- a/synapse/rest/client/models.py
+++ b/synapse/rest/client/models.py
@@ -36,20 +36,18 @@ class AuthenticationData(RequestBodyModel):
    type: Optional[StrictStr] = None


-if TYPE_CHECKING:
-    ClientSecretStr = StrictStr
-else:
-    # See also assert_valid_client_secret()
-    ClientSecretStr = constr(
-        regex="[0-9a-zA-Z.=_-]",  # noqa: F722
-        min_length=1,
-        max_length=255,
-        strict=True,
-    )
+class ThreePidRequestTokenBody(RequestBodyModel):
+    if TYPE_CHECKING:
+        client_secret: StrictStr
+    else:
+        # See also assert_valid_client_secret()
+        client_secret: constr(
+            regex="[0-9a-zA-Z.=_-]",  # noqa: F722
+            min_length=0,
+            max_length=255,
+            strict=True,
+        )

-
-class ThreepidRequestTokenBody(RequestBodyModel):
-    client_secret: ClientSecretStr
    id_server: Optional[StrictStr]
    id_access_token: Optional[StrictStr]
    next_link: Optional[StrictStr]
@@ -64,7 +62,7 @@ class ThreepidRequestTokenBody(RequestBodyModel):
        return token


-class EmailRequestTokenBody(ThreepidRequestTokenBody):
+class EmailRequestTokenBody(ThreePidRequestTokenBody):
    email: StrictStr

    # Canonicalise the email address. The addresses are all stored canonicalised
@@ -82,6 +80,6 @@ else:
    ISO3116_1_Alpha_2 = constr(regex="[A-Z]{2}", strict=True)


-class MsisdnRequestTokenBody(ThreepidRequestTokenBody):
+class MsisdnRequestTokenBody(ThreePidRequestTokenBody):
    country: ISO3116_1_Alpha_2
    phone_number: StrictStr
--- a/synapse/rest/media/v1/media_repository.py
+++ b/synapse/rest/media/v1/media_repository.py
@@ -19,8 +19,6 @@ import shutil
 from io import BytesIO
 from typing import IO, TYPE_CHECKING, Dict, List, Optional, Set, Tuple

-from matrix_common.types.mxc_uri import MXCUri
-
 import twisted.internet.error
 import twisted.web.http
 from twisted.internet.defer import Deferred
@@ -188,7 +186,7 @@ class MediaRepository:
        content: IO,
        content_length: int,
        auth_user: UserID,
-    ) -> MXCUri:
+    ) -> str:
        """Store uploaded content for a local user and return the mxc URL

        Args:
@@ -221,7 +219,7 @@ class MediaRepository:

        await self._generate_thumbnails(None, media_id, media_id, media_type)

-        return MXCUri(self.server_name, media_id)
+        return "mxc://%s/%s" % (self.server_name, media_id)

    async def get_local_media(
        self, request: SynapseRequest, media_id: str, name: Optional[str]
--- a/synapse/rest/media/v1/upload_resource.py
+++ b/synapse/rest/media/v1/upload_resource.py
@@ -101,8 +101,6 @@ class UploadResource(DirectServeJsonResource):
            # the default 404, as that would just be confusing.
            raise SynapseError(400, "Bad content")

-        logger.info("Uploaded content with URI '%s'", content_uri)
+        logger.info("Uploaded content with URI %r", content_uri)

-        respond_with_json(
-            request, 200, {"content_uri": str(content_uri)}, send_cors=True
-        )
+        respond_with_json(request, 200, {"content_uri": content_uri}, send_cors=True)
--- a/synapse/state/v2.py
+++ b/synapse/state/v2.py
@@ -577,21 +577,6 @@ async def _iterative_auth_checks(
                if ev.rejected_reason is None:
                    auth_events[key] = event_map[ev_id]

-        if event.rejected_reason is not None:
-            # Do not admit previously rejected events into state.
-            # TODO: This isn't spec compliant. Events that were previously rejected due
-            #       to failing auth checks at their state, but pass auth checks during
-            #       state resolution should be accepted. Synapse does not handle the
-            #       change of rejection status well, so we preserve the previous
-            #       rejection status for now.
-            #
-            #       Note that events rejected for non-state reasons, such as having the
-            #       wrong auth events, should remain rejected.
-            #
-            #       https://spec.matrix.org/v1.2/rooms/v9/#rejected-events
-            #       https://github.com/matrix-org/synapse/issues/13797
-            continue
-
        try:
            event_auth.check_state_dependent_auth_rules(
                event,
--- a/synapse/storage/background_updates.py
+++ b/synapse/storage/background_updates.py
@@ -533,7 +533,6 @@ class BackgroundUpdater:
            index_name: name of index to add
            table: table to add index to
            columns: columns/expressions to include in index
-            where_clause: A WHERE clause to specify a partial unique index.
            unique: true to make a UNIQUE index
            psql_only: true to only create this index on psql databases (useful
                for virtual sqlite tables)
@@ -582,6 +581,9 @@ class BackgroundUpdater:
        def create_index_sqlite(conn: Connection) -> None:
            # Sqlite doesn't support concurrent creation of indexes.
            #
+            # We don't use partial indices on SQLite as it wasn't introduced
+            # until 3.8, and wheezy and CentOS 7 have 3.7
+            #
            # We assume that sqlite doesn't give us invalid indices; however
            # we may still end up with the index existing but the
            # background_updates not having been recorded if synapse got shut
@@ -589,13 +591,12 @@ class BackgroundUpdater:
            # has supported CREATE TABLE|INDEX IF NOT EXISTS since 3.3.0.)
            sql = (
                "CREATE %(unique)s INDEX IF NOT EXISTS %(name)s ON %(table)s"
-                " (%(columns)s) %(where_clause)s"
+                " (%(columns)s)"
            ) % {
                "unique": "UNIQUE" if unique else "",
                "name": index_name,
                "table": table,
                "columns": ", ".join(columns),
-                "where_clause": "WHERE " + where_clause if where_clause else "",
            }

            c = conn.cursor()
--- a/synapse/storage/database.py
+++ b/synapse/storage/database.py
@@ -1191,7 +1191,6 @@ class DatabasePool:
        keyvalues: Dict[str, Any],
        values: Dict[str, Any],
        insertion_values: Optional[Dict[str, Any]] = None,
-        where_clause: Optional[str] = None,
        lock: bool = True,
    ) -> bool:
        """
@@ -1204,7 +1203,6 @@ class DatabasePool:
            keyvalues: The unique key tables and their new values
            values: The nonunique columns and their new values
            insertion_values: additional key/values to use only when inserting
-            where_clause: An index predicate to apply to the upsert.
            lock: True to lock the table when doing the upsert. Unused when performing
                a native upsert.
        Returns:
@@ -1215,12 +1213,7 @@ class DatabasePool:

        if table not in self._unsafe_to_upsert_tables:
            return self.simple_upsert_txn_native_upsert(
-                txn,
-                table,
-                keyvalues,
-                values,
-                insertion_values=insertion_values,
-                where_clause=where_clause,
+                txn, table, keyvalues, values, insertion_values=insertion_values
            )
        else:
            return self.simple_upsert_txn_emulated(
@@ -1229,7 +1222,6 @@ class DatabasePool:
                keyvalues,
                values,
                insertion_values=insertion_values,
-                where_clause=where_clause,
                lock=lock,
            )

@@ -1240,7 +1232,6 @@ class DatabasePool:
        keyvalues: Dict[str, Any],
        values: Dict[str, Any],
        insertion_values: Optional[Dict[str, Any]] = None,
-        where_clause: Optional[str] = None,
        lock: bool = True,
    ) -> bool:
        """
@@ -1249,7 +1240,6 @@ class DatabasePool:
            keyvalues: The unique key tables and their new values
            values: The nonunique columns and their new values
            insertion_values: additional key/values to use only when inserting
-            where_clause: An index predicate to apply to the upsert.
            lock: True to lock the table when doing the upsert.
        Returns:
            Returns True if a row was inserted or updated (i.e. if `values` is
@@ -1269,17 +1259,14 @@ class DatabasePool:
            else:
                return "%s = ?" % (key,)

-        # Generate a where clause of each keyvalue and optionally the provided
-        # index predicate.
-        where = [_getwhere(k) for k in keyvalues]
-        if where_clause:
-            where.append(where_clause)
-
        if not values:
            # If `values` is empty, then all of the values we care about are in
            # the unique key, so there is nothing to UPDATE. We can just do a
            # SELECT instead to see if it exists.
-            sql = "SELECT 1 FROM %s WHERE %s" % (table, " AND ".join(where))
+            sql = "SELECT 1 FROM %s WHERE %s" % (
+                table,
+                " AND ".join(_getwhere(k) for k in keyvalues),
+            )
            sqlargs = list(keyvalues.values())
            txn.execute(sql, sqlargs)
            if txn.fetchall():
@@ -1290,7 +1277,7 @@ class DatabasePool:
            sql = "UPDATE %s SET %s WHERE %s" % (
                table,
                ", ".join("%s = ?" % (k,) for k in values),
-                " AND ".join(where),
+                " AND ".join(_getwhere(k) for k in keyvalues),
            )
            sqlargs = list(values.values()) + list(keyvalues.values())

@@ -1320,7 +1307,6 @@ class DatabasePool:
        keyvalues: Dict[str, Any],
        values: Dict[str, Any],
        insertion_values: Optional[Dict[str, Any]] = None,
-        where_clause: Optional[str] = None,
    ) -> bool:
        """
        Use the native UPSERT functionality in PostgreSQL.
@@ -1330,7 +1316,6 @@ class DatabasePool:
            keyvalues: The unique key tables and their new values
            values: The nonunique columns and their new values
            insertion_values: additional key/values to use only when inserting
-            where_clause: An index predicate to apply to the upsert.

        Returns:
            Returns True if a row was inserted or updated (i.e. if `values` is
@@ -1346,12 +1331,11 @@ class DatabasePool:
            allvalues.update(values)
            latter = "UPDATE SET " + ", ".join(k + "=EXCLUDED." + k for k in values)

-        sql = "INSERT INTO %s (%s) VALUES (%s) ON CONFLICT (%s) %s DO %s" % (
+        sql = ("INSERT INTO %s (%s) VALUES (%s) ON CONFLICT (%s) DO %s") % (
            table,
            ", ".join(k for k in allvalues),
            ", ".join("?" for _ in allvalues),
            ", ".join(k for k in keyvalues),
-            f"WHERE {where_clause}" if where_clause else "",
            latter,
        )
        txn.execute(sql, list(allvalues.values()))
--- a/synapse/storage/databases/main/event_federation.py
+++ b/synapse/storage/databases/main/event_federation.py
@@ -1294,51 +1294,6 @@ class EventFederationWorkerStore(SignatureWorkerStore, EventsWorkerStore, SQLBas

        return event_id_results

-    @trace
-    async def record_event_failed_pull_attempt(
-        self, room_id: str, event_id: str, cause: str
-    ) -> None:
-        """
-        Record when we fail to pull an event over federation.
-
-        This information allows us to be more intelligent when we decide to
-        retry (we don't need to fail over and over) and we can process that
-        event in the background so we don't block on it each time.
-
-        Args:
-            room_id: The room where the event failed to pull from
-            event_id: The event that failed to be fetched or processed
-            cause: The error message or reason that we failed to pull the event
-        """
-        await self.db_pool.runInteraction(
-            "record_event_failed_pull_attempt",
-            self._record_event_failed_pull_attempt_upsert_txn,
-            room_id,
-            event_id,
-            cause,
-            db_autocommit=True,  # Safe as it's a single upsert
-        )
-
-    def _record_event_failed_pull_attempt_upsert_txn(
-        self,
-        txn: LoggingTransaction,
-        room_id: str,
-        event_id: str,
-        cause: str,
-    ) -> None:
-        sql = """
-            INSERT INTO event_failed_pull_attempts (
-                room_id, event_id, num_attempts, last_attempt_ts, last_cause
-            )
-                VALUES (?, ?, ?, ?, ?)
-            ON CONFLICT (room_id, event_id) DO UPDATE SET
-                num_attempts=event_failed_pull_attempts.num_attempts + 1,
-                last_attempt_ts=EXCLUDED.last_attempt_ts,
-                last_cause=EXCLUDED.last_cause;
-        """
-
-        txn.execute(sql, (room_id, event_id, 1, self._clock.time_msec(), cause))
-
    async def get_missing_events(
        self,
        room_id: str,
--- a/synapse/storage/databases/main/event_push_actions.py
+++ b/synapse/storage/databases/main/event_push_actions.py
@@ -98,7 +98,6 @@ from synapse.storage.database import (
 )
 from synapse.storage.databases.main.receipts import ReceiptsWorkerStore
 from synapse.storage.databases.main.stream import StreamWorkerStore
-from synapse.types import JsonDict
 from synapse.util import json_encoder
 from synapse.util.caches.descriptors import cached

@@ -233,104 +232,6 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
            replaces_index="event_push_summary_user_rm",
        )

-        self.db_pool.updates.register_background_index_update(
-            "event_push_summary_unique_index2",
-            index_name="event_push_summary_unique_index2",
-            table="event_push_summary",
-            columns=["user_id", "room_id", "thread_id"],
-            unique=True,
-        )
-
-        self.db_pool.updates.register_background_update_handler(
-            "event_push_backfill_thread_id",
-            self._background_backfill_thread_id,
-        )
-
-    async def _background_backfill_thread_id(
-        self, progress: JsonDict, batch_size: int
-    ) -> int:
-        """
-        Fill in the thread_id field for event_push_actions and event_push_summary.
-
-        This is preparatory so that it can be made non-nullable in the future.
-
-        Because all current (null) data is done in an unthreaded manner this
-        simply assumes it is on the "main" timeline. Since event_push_actions
-        are periodically cleared it is not possible to correctly re-calculate
-        the thread_id.
-        """
-        event_push_actions_done = progress.get("event_push_actions_done", False)
-
-        def add_thread_id_txn(
-            txn: LoggingTransaction, table_name: str, start_stream_ordering: int
-        ) -> int:
-            sql = f"""
-            SELECT stream_ordering
-            FROM {table_name}
-            WHERE
-                thread_id IS NULL
-                AND stream_ordering > ?
-            ORDER BY stream_ordering
-            LIMIT ?
-            """
-            txn.execute(sql, (start_stream_ordering, batch_size))
-
-            # No more rows to process.
-            rows = txn.fetchall()
-            if not rows:
-                progress[f"{table_name}_done"] = True
-                self.db_pool.updates._background_update_progress_txn(
-                    txn, "event_push_backfill_thread_id", progress
-                )
-                return 0
-
-            # Update the thread ID for any of those rows.
-            max_stream_ordering = rows[-1][0]
-
-            sql = f"""
-            UPDATE {table_name}
-            SET thread_id = 'main'
-            WHERE stream_ordering <= ? AND thread_id IS NULL
-            """
-            txn.execute(sql, (max_stream_ordering,))
-
-            # Update progress.
-            processed_rows = txn.rowcount
-            progress[f"max_{table_name}_stream_ordering"] = max_stream_ordering
-            self.db_pool.updates._background_update_progress_txn(
-                txn, "event_push_backfill_thread_id", progress
-            )
-
-            return processed_rows
-
-        # First update the event_push_actions table, then the event_push_summary table.
-        #
-        # Note that the event_push_actions_staging table is ignored since it is
-        # assumed that items in that table will only exist for a short period of
-        # time.
-        if not event_push_actions_done:
-            result = await self.db_pool.runInteraction(
-                "event_push_backfill_thread_id",
-                add_thread_id_txn,
-                "event_push_actions",
-                progress.get("max_event_push_actions_stream_ordering", 0),
-            )
-        else:
-            result = await self.db_pool.runInteraction(
-                "event_push_backfill_thread_id",
-                add_thread_id_txn,
-                "event_push_summary",
-                progress.get("max_event_push_summary_stream_ordering", 0),
-            )
-
-            # Only done after the event_push_summary table is done.
-            if not result:
-                await self.db_pool.updates._end_background_update(
-                    "event_push_backfill_thread_id"
-                )
-
-        return result
-
    @cached(tree=True, max_entries=5000)
    async def get_unread_event_push_actions_by_room_for_user(
        self,
@@ -769,7 +670,6 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
        event_id: str,
        user_id_actions: Dict[str, Collection[Union[Mapping, str]]],
        count_as_unread: bool,
-        thread_id: str,
    ) -> None:
        """Add the push actions for the event to the push action staging area.

@@ -778,7 +678,6 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
            user_id_actions: A mapping of user_id to list of push actions, where
                an action can either be a string or dict.
            count_as_unread: Whether this event should increment unread counts.
-            thread_id: The thread this event is parent of, if applicable.
        """
        if not user_id_actions:
            return
@@ -787,7 +686,7 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
        # can be used to insert into the `event_push_actions_staging` table.
        def _gen_entry(
            user_id: str, actions: Collection[Union[Mapping, str]]
-        ) -> Tuple[str, str, str, int, int, int, str]:
+        ) -> Tuple[str, str, str, int, int, int]:
            is_highlight = 1 if _action_has_highlight(actions) else 0
            notif = 1 if "notify" in actions else 0
            return (
@@ -797,20 +696,11 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
                notif,  # notif column
                is_highlight,  # highlight column
                int(count_as_unread),  # unread column
-                thread_id,  # thread_id column
            )

        await self.db_pool.simple_insert_many(
            "event_push_actions_staging",
-            keys=(
-                "event_id",
-                "user_id",
-                "actions",
-                "notif",
-                "highlight",
-                "unread",
-                "thread_id",
-            ),
+            keys=("event_id", "user_id", "actions", "notif", "highlight", "unread"),
            values=[
                _gen_entry(user_id, actions)
                for user_id, actions in user_id_actions.items()
@@ -1091,8 +981,6 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
            )

            # Replace the previous summary with the new counts.
-            #
-            # TODO(threads): Upsert per-thread instead of setting them all to main.
            self.db_pool.simple_upsert_txn(
                txn,
                table="event_push_summary",
@@ -1102,7 +990,6 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas
                    "unread_count": unread_count,
                    "stream_ordering": old_rotate_stream_ordering,
                    "last_receipt_stream_ordering": stream_ordering,
-                    "thread_id": "main",
                },
            )

@@ -1251,19 +1138,17 @@ class EventPushActionsWorkerStore(ReceiptsWorkerStore, StreamWorkerStore, SQLBas

        logger.info("Rotating notifications, handling %d rows", len(summaries))

-        # TODO(threads): Update on a per-thread basis.
        self.db_pool.simple_upsert_many_txn(
            txn,
            table="event_push_summary",
            key_names=("user_id", "room_id"),
            key_values=[(user_id, room_id) for user_id, room_id in summaries],
-            value_names=("notif_count", "unread_count", "stream_ordering", "thread_id"),
+            value_names=("notif_count", "unread_count", "stream_ordering"),
            value_values=[
                (
                    summary.notif_count,
                    summary.unread_count,
                    summary.stream_ordering,
-                    "main",
                )
                for summary in summaries.values()
            ],
@@ -1370,6 +1255,7 @@ class EventPushActionsStore(EventPushActionsWorkerStore):
            table="event_push_actions",
            columns=["highlight", "stream_ordering"],
            where_clause="highlight=0",
+            psql_only=True,
        )

    async def get_push_actions_for_user(
--- a/synapse/storage/databases/main/events.py
+++ b/synapse/storage/databases/main/events.py
@@ -2192,9 +2192,9 @@ class PersistEventsStore:
        sql = """
            INSERT INTO event_push_actions (
                room_id, event_id, user_id, actions, stream_ordering,
-                topological_ordering, notif, highlight, unread, thread_id
+                topological_ordering, notif, highlight, unread
            )
-            SELECT ?, event_id, user_id, actions, ?, ?, notif, highlight, unread, thread_id
+            SELECT ?, event_id, user_id, actions, ?, ?, notif, highlight, unread
            FROM event_push_actions_staging
            WHERE event_id = ?
        """
@@ -2435,31 +2435,17 @@ class PersistEventsStore:
            "DELETE FROM event_backward_extremities"
            " WHERE event_id = ? AND room_id = ?"
        )
-        backward_extremity_tuples_to_remove = [
-            (ev.event_id, ev.room_id)
-            for ev in events
-            if not ev.internal_metadata.is_outlier()
-            # If we encountered an event with no prev_events, then we might
-            # as well remove it now because it won't ever have anything else
-            # to backfill from.
-            or len(ev.prev_event_ids()) == 0
-        ]
        txn.execute_batch(
            query,
-            backward_extremity_tuples_to_remove,
-        )
-
-        # Clear out the failed backfill attempts after we successfully pulled
-        # the event. Since we no longer need these events as backward
-        # extremities, it also means that they won't be backfilled from again so
-        # we no longer need to store the backfill attempts around it.
-        query = """
-            DELETE FROM event_failed_pull_attempts
-            WHERE event_id = ? and room_id = ?
-        """
-        txn.execute_batch(
-            query,
-            backward_extremity_tuples_to_remove,
+            [
+                (ev.event_id, ev.room_id)
+                for ev in events
+                if not ev.internal_metadata.is_outlier()
+                # If we encountered an event with no prev_events, then we might
+                # as well remove it now because it won't ever have anything else
+                # to backfill from.
+                or len(ev.prev_event_ids()) == 0
+            ],
        )


--- a/synapse/storage/databases/main/purge_events.py
+++ b/synapse/storage/databases/main/purge_events.py
@@ -419,7 +419,6 @@ class PurgeEventsStore(StateGroupWorkerStore, CacheInvalidationWorkerStore):
            "event_forward_extremities",
            "event_push_actions",
            "event_search",
-            "event_failed_pull_attempts",
            "partial_state_events",
            "events",
            "federation_inbound_events_staging",
@@ -442,10 +441,6 @@ class PurgeEventsStore(StateGroupWorkerStore, CacheInvalidationWorkerStore):
            "e2e_room_keys",
            "event_push_summary",
            "pusher_throttle",
-            "insertion_events",
-            "insertion_event_extremities",
-            "insertion_event_edges",
-            "batch_events",
            "room_account_data",
            "room_tags",
            # "rooms" happens last, to keep the foreign keys in the other tables
--- a/synapse/storage/databases/main/receipts.py
+++ b/synapse/storage/databases/main/receipts.py
@@ -113,24 +113,6 @@ class ReceiptsWorkerStore(SQLBaseStore):
            prefilled_cache=receipts_stream_prefill,
        )

-        self.db_pool.updates.register_background_index_update(
-            "receipts_linearized_unique_index",
-            index_name="receipts_linearized_unique_index",
-            table="receipts_linearized",
-            columns=["room_id", "receipt_type", "user_id"],
-            where_clause="thread_id IS NULL",
-            unique=True,
-        )
-
-        self.db_pool.updates.register_background_index_update(
-            "receipts_graph_unique_index",
-            index_name="receipts_graph_unique_index",
-            table="receipts_graph",
-            columns=["room_id", "receipt_type", "user_id"],
-            where_clause="thread_id IS NULL",
-            unique=True,
-        )
-
    def get_max_receipt_stream_id(self) -> int:
        """Get the current max stream ID for receipts stream"""
        return self._receipts_id_gen.get_current_token()
@@ -695,7 +677,6 @@ class ReceiptsWorkerStore(SQLBaseStore):
                "event_id": event_id,
                "event_stream_ordering": stream_ordering,
                "data": json_encoder.encode(data),
-                "thread_id": None,
            },
            # receipts_linearized has a unique constraint on
            # (user_id, room_id, receipt_type), so no need to lock
@@ -843,7 +824,6 @@ class ReceiptsWorkerStore(SQLBaseStore):
            values={
                "event_ids": json_encoder.encode(event_ids),
                "data": json_encoder.encode(data),
-                "thread_id": None,
            },
            # receipts_graph has a unique constraint on
            # (user_id, room_id, receipt_type), so no need to lock
--- a/synapse/storage/databases/main/roommember.py
+++ b/synapse/storage/databases/main/roommember.py
@@ -88,8 +88,6 @@ class RoomMemberWorkerStore(EventsWorkerStore):
        # at a time. Keyed by room_id.
        self._joined_host_linearizer = Linearizer("_JoinedHostsCache")

-        self._server_notices_mxid = hs.config.servernotices.server_notices_mxid
-
        if (
            self.hs.config.worker.run_background_tasks
            and self.hs.config.metrics.metrics_flags.known_servers
@@ -506,21 +504,6 @@ class RoomMemberWorkerStore(EventsWorkerStore):

        return membership == Membership.JOIN

-    async def is_server_notice_room(self, room_id: str) -> bool:
-        """
-        Determines whether the given room is a 'Server Notices' room, used for
-        sending server notices to a user.
-
-        This is determined by seeing whether the server notices user is present
-        in the room.
-        """
-        if self._server_notices_mxid is None:
-            return False
-        is_server_notices_room = await self.check_local_user_in_room(
-            user_id=self._server_notices_mxid, room_id=room_id
-        )
-        return is_server_notices_room
-
    async def get_local_current_membership_for_user_in_room(
        self, user_id: str, room_id: str
    ) -> Tuple[Optional[str], Optional[str]]:
--- a/synapse/storage/schema/init.py
+++ b/synapse/storage/schema/init.py
@@ -12,7 +12,7 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.

-SCHEMA_VERSION = 73  # remember to update the list below when updating
+SCHEMA_VERSION = 72  # remember to update the list below when updating
 """Represents the expectations made by the codebase about the database schema

 This should be incremented whenever the codebase changes its requirements on the
@@ -77,14 +77,6 @@ Changes in SCHEMA_VERSION = 72:
    - Tables related to groups are dropped.
    - Unused column application_services_state.last_txn is dropped
    - Cache invalidation stream id sequence now begins at 2 to match code expectation.
-
-Changes in SCHEMA_VERSION = 73;
-    - thread_id column is added to event_push_actions, event_push_actions_staging
-      event_push_summary, receipts_linearized, and receipts_graph.
-    - Add table `event_failed_pull_attempts` to keep track when we fail to pull
-      events over federation.
-    - Add indexes to various tables (`event_failed_pull_attempts`, `insertion_events`,
-      `batch_events`) to make it easy to delete all associated rows when purging a room.
 """


--- a/synapse/storage/schema/main/delta/72/06thread_notifications.sql
+++ b/synapse/storage/schema/main/delta/72/06thread_notifications.sql
@@ -1,30 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-- Add a nullable column for thread ID to the event push actions tables; this
-- will be filled in with a default value for any previously existing rows.
--
-- After migration this can be made non-nullable.
-
-ALTER TABLE event_push_actions_staging ADD COLUMN thread_id TEXT;
-ALTER TABLE event_push_actions ADD COLUMN thread_id TEXT;
-ALTER TABLE event_push_summary ADD COLUMN thread_id TEXT;
-
-- Update the unique index for `event_push_summary`.
-INSERT INTO background_updates (ordering, update_name, progress_json) VALUES
-  (7006, 'event_push_summary_unique_index2', '{}');
-
-INSERT INTO background_updates (ordering, update_name, progress_json, depends_on) VALUES
-  (7006, 'event_push_backfill_thread_id', '{}', 'event_push_summary_unique_index2');
--- a/synapse/storage/schema/main/delta/72/07thread_receipts.sql.postgres
+++ b/synapse/storage/schema/main/delta/72/07thread_receipts.sql.postgres
@@ -1,30 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-- Add a nullable column for thread ID to the receipts table; this allows a
-- receipt per user, per room, as well as an unthreaded receipt (corresponding
-- to a null thread ID).
-
-ALTER TABLE receipts_linearized ADD COLUMN thread_id TEXT;
-ALTER TABLE receipts_graph ADD COLUMN thread_id TEXT;
-
-- Rebuild the unique constraint with the thread_id.
-ALTER TABLE receipts_linearized
-    ADD CONSTRAINT receipts_linearized_uniqueness_thread
-        UNIQUE (room_id, receipt_type, user_id, thread_id);
-
-ALTER TABLE receipts_graph
-    ADD CONSTRAINT receipts_graph_uniqueness_thread
-        UNIQUE (room_id, receipt_type, user_id, thread_id);
--- a/synapse/storage/schema/main/delta/72/07thread_receipts.sql.sqlite
+++ b/synapse/storage/schema/main/delta/72/07thread_receipts.sql.sqlite
@@ -1,70 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-- Allow multiple receipts per user per room via a nullable thread_id column.
--
-- SQLite doesn't support modifying constraints to an existing table, so it must
-- be recreated.
-
-- Create the new tables.
-CREATE TABLE receipts_linearized_new (
-    stream_id BIGINT NOT NULL,
-    room_id TEXT NOT NULL,
-    receipt_type TEXT NOT NULL,
-    user_id TEXT NOT NULL,
-    event_id TEXT NOT NULL,
-    thread_id TEXT,
-    event_stream_ordering BIGINT,
-    data TEXT NOT NULL,
-    CONSTRAINT receipts_linearized_uniqueness UNIQUE (room_id, receipt_type, user_id),
-    CONSTRAINT receipts_linearized_uniqueness_thread UNIQUE (room_id, receipt_type, user_id, thread_id)
-);
-
-CREATE TABLE receipts_graph_new (
-    room_id TEXT NOT NULL,
-    receipt_type TEXT NOT NULL,
-    user_id TEXT NOT NULL,
-    event_ids TEXT NOT NULL,
-    thread_id TEXT,
-    data TEXT NOT NULL,
-    CONSTRAINT receipts_graph_uniqueness UNIQUE (room_id, receipt_type, user_id),
-    CONSTRAINT receipts_graph_uniqueness_thread UNIQUE (room_id, receipt_type, user_id, thread_id)
-);
-
-- Drop the old indexes.
-DROP INDEX IF EXISTS receipts_linearized_id;
-DROP INDEX IF EXISTS receipts_linearized_room_stream;
-DROP INDEX IF EXISTS receipts_linearized_user;
-
-- Copy the data.
-INSERT INTO receipts_linearized_new (stream_id, room_id, receipt_type, user_id, event_id, event_stream_ordering, data)
-    SELECT stream_id, room_id, receipt_type, user_id, event_id, event_stream_ordering, data
-    FROM receipts_linearized;
-INSERT INTO receipts_graph_new (room_id, receipt_type, user_id, event_ids, data)
-    SELECT room_id, receipt_type, user_id, event_ids, data
-    FROM receipts_graph;
-
-- Drop the old tables.
-DROP TABLE receipts_linearized;
-DROP TABLE receipts_graph;
-
-- Rename the tables.
-ALTER TABLE receipts_linearized_new RENAME TO receipts_linearized;
-ALTER TABLE receipts_graph_new RENAME TO receipts_graph;
-
-- Create the indices.
-CREATE INDEX receipts_linearized_id ON receipts_linearized( stream_id );
-CREATE INDEX receipts_linearized_room_stream ON receipts_linearized( room_id, stream_id );
-CREATE INDEX receipts_linearized_user ON receipts_linearized( user_id );
--- a/synapse/storage/schema/main/delta/72/08thread_receipts.sql
+++ b/synapse/storage/schema/main/delta/72/08thread_receipts.sql
@@ -1,20 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-INSERT INTO background_updates (ordering, update_name, progress_json) VALUES
-  (7007, 'receipts_linearized_unique_index', '{}');
-
-INSERT INTO background_updates (ordering, update_name, progress_json) VALUES
-  (7007, 'receipts_graph_unique_index', '{}');
--- a/synapse/storage/schema/main/delta/72/09partial_indices.sql.sqlite
+++ b/synapse/storage/schema/main/delta/72/09partial_indices.sql.sqlite
@@ -1,56 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
- 
-- SQLite needs to rebuild indices which use partial indices on Postgres, but
-- previously did not use them on SQLite.
-
-- Drop each index that was added with register_background_index_update AND specified
-- a where_clause (that existed before this delta).
-
-- From events_bg_updates.py
-DROP INDEX IF EXISTS event_contains_url_index;
-- There is also a redactions_censored_redacts index, but that gets dropped.
-DROP INDEX IF EXISTS redactions_have_censored_ts;
-- There is also a PostgreSQL only index (event_contains_url_index2)
-- which gets renamed to event_contains_url_index.
-
-- From roommember.py
-DROP INDEX IF EXISTS room_memberships_user_room_forgotten;
-
-- From presence.py
-DROP INDEX IF EXISTS presence_stream_state_not_offline_idx;
-
-- From media_repository.py
-DROP INDEX IF EXISTS local_media_repository_url_idx;
-
-- From event_push_actions.py
-DROP INDEX IF EXISTS event_push_actions_highlights_index;
-- There's also a event_push_actions_stream_highlight_index which was previously
-- PostgreSQL-only.
-
-- From state.py
-DROP INDEX IF EXISTS current_state_events_member_index;
-
-- Re-insert the background jobs to re-create the indices.
-INSERT INTO background_updates (ordering, update_name, progress_json, depends_on) VALUES
-  (7209, 'event_contains_url_index', '{}', NULL),
-  (7209, 'redactions_have_censored_ts_idx', '{}', NULL),
-  (7209, 'room_membership_forgotten_idx', '{}', NULL),
-  (7209, 'presence_stream_not_offline_index', '{}', NULL),
-  (7209, 'local_media_repository_url_idx', '{}', NULL),
-  (7209, 'event_push_actions_highlights_index', '{}', NULL),
-  (7209, 'event_push_actions_stream_highlight_index', '{}', NULL),
-  (7209, 'current_state_members_idx', '{}', NULL)
-ON CONFLICT (update_name) DO NOTHING;
--- a/synapse/storage/schema/main/delta/73/01event_failed_pull_attempts.sql
+++ b/synapse/storage/schema/main/delta/73/01event_failed_pull_attempts.sql
@@ -1,29 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-
-- Add a table that keeps track of when we failed to pull an event over
-- federation (via /backfill, `/event`, `/get_missing_events`, etc). This allows
-- us to be more intelligent when we decide to retry (we don't need to fail over
-- and over) and we can process that event in the background so we don't block
-- on it each time.
-CREATE TABLE IF NOT EXISTS event_failed_pull_attempts(
-    room_id TEXT NOT NULL REFERENCES rooms (room_id),
-    event_id TEXT NOT NULL,
-    num_attempts INT NOT NULL,
-    last_attempt_ts BIGINT NOT NULL,
-    last_cause TEXT NOT NULL,
-    PRIMARY KEY (room_id, event_id)
-);
--- a/synapse/storage/schema/main/delta/73/02room_id_indexes_for_purging.sql
+++ b/synapse/storage/schema/main/delta/73/02room_id_indexes_for_purging.sql
@@ -1,22 +0,0 @@
-/* Copyright 2022 The Matrix.org Foundation C.I.C
- *
- * Licensed under the Apache License, Version 2.0 (the "License");
- * you may not use this file except in compliance with the License.
- * You may obtain a copy of the License at
- *
- *    http://www.apache.org/licenses/LICENSE-2.0
- *
- * Unless required by applicable law or agreed to in writing, software
- * distributed under the License is distributed on an "AS IS" BASIS,
- * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- * See the License for the specific language governing permissions and
- * limitations under the License.
- */
-
-- Add index so we can easily purge all rows from a given `room_id`
-CREATE INDEX IF NOT EXISTS event_failed_pull_attempts_room_id ON event_failed_pull_attempts(room_id);
-
-- MSC2716 related tables:
-- Add indexes so we can easily purge all rows from a given `room_id`
-CREATE INDEX IF NOT EXISTS insertion_events_room_id ON insertion_events(room_id);
-CREATE INDEX IF NOT EXISTS batch_events_room_id ON batch_events(room_id);
--- a/Show More
+++ b/Show More
				`@@ -0,0 +1 @@`
				Note that `libpq` is required on ARM-based Macs.
				`@@ -0,0 +1 @@`
				Fix a bug introduced in Synapse v1.41.0 where the `/hierarchy` API returned non-standard information (a `room_id` field under each entry in `children_state`).
				`@@ -0,0 +1 @@`
				`Add admin APIs to fetch messages within a particular window of time.`
				`@@ -0,0 +1 @@`
				`Cancel the processing of key query requests when they time out.`
				`@@ -0,0 +1 @@`
				Improve validation of request bodies for the following client-server API endpoints: [`/account/3pid/msisdn/requestToken`](https://spec.matrix.org/v1.3/client-server-api/#post_matrixclientv3account3pidmsisdnrequesttoken) and [`/org.matrix.msc3720/account_status`](https://github.com/matrix-org/matrix-spec-proposals/blob/babolivier/user_status/proposals/3720-account-status.md#post-_matrixclientv1account_status).
				`@@ -0,0 +1 @@`
				Add & populate `event_stream_ordering` column on receipts table for future optimisation of push action processing. Contributed by Nick @ Beeper (@fizzadar).
				`@@ -0,0 +1 @@`
				Rename the `EventFormatVersions` enum values so that they line up with room version numbers.
				`@@ -0,0 +1 @@`
				`Update trial old deps CI to use poetry 1.2.0.`
				`@@ -0,0 +1 @@`
				`Add experimental configuration option to allow disabling legacy Prometheus metric names.`
				`@@ -0,0 +1 @@`
				`Fix typechecking with latest types-jsonschema.`