[project] name = "matrix-synapse" version = "1.144.0" description = "Homeserver for the Matrix decentralised comms protocol" readme = "README.rst" authors = [ { name = "Matrix.org Team and Contributors", email = "packages@matrix.org" } ] requires-python = ">=3.10.0,<4.0.0" license = "AGPL-3.0-or-later OR LicenseRef-Element-Commercial" classifiers = [ "Development Status :: 5 - Production/Stable", "Topic :: Communications :: Chat", ] # Mandatory Dependencies dependencies = [ # we use the TYPE_CHECKER.redefine method added in jsonschema 3.0.0 "jsonschema>=3.0.0", # 0.25.0 is the first version to support Python 3.14. # We can remove this once https://github.com/python-jsonschema/jsonschema/issues/1426 is fixed # and included in a release. "rpds-py>=0.25.0", # We choose 2.0 as a lower bound: the most recent backwards incompatible release. # It seems generally available, judging by https://pkgs.org/search/?q=immutabledict "immutabledict>=2.0", # We require 2.1.0 or higher for type hints. Previous guard was >= 1.1.0 "unpaddedbase64>=2.1.0", # We require 2.0.0 for immutabledict support. "canonicaljson>=2.0.0,<3.0.0", # we use the type definitions added in signedjson 1.1. "signedjson>=1.1.0,<2.0.0", # validating SSL certs for IP addresses requires service_identity 18.1. "service-identity>=18.1.0", # Twisted 18.9 introduces some logger improvements that the structured # logger utilises # Twisted 19.7.0 moves test helpers to a new module and deprecates the old location. # Twisted 21.2.0 introduces contextvar support. # We could likely bump this to 22.1 without making distro packagers' # lives hard (as of 2025-07, distro support is Ubuntu LTS: 22.1, Debian stable: 22.4, # RHEL 9: 22.10) "Twisted[tls]>=21.2.0", "treq>=21.5.0", # Twisted has required pyopenssl 16.0 since about Twisted 16.6. "pyOpenSSL>=16.0.0", "PyYAML>=5.3", "pyasn1>=0.1.9", "pyasn1-modules>=0.0.7", "bcrypt>=3.1.7", # 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863. # Packagers that already took care of libwebp can lower that down to 5.4.0. "Pillow>=10.0.1", # We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2. # 2.0.5 updates collections.abc imports to avoid Python 3.10 incompatibility. "sortedcontainers>=2.0.5", "pymacaroons>=0.13.0", "msgpack>=0.5.2", "phonenumbers>=8.2.0", # we use GaugeHistogramMetric, which was added in prom-client 0.4.0. # `prometheus_client.metrics` was added in 0.5.0, so we require that too. # We chose 0.6.0 as that is the current version in Debian Buster (oldstable). "prometheus-client>=0.6.0", # we use `order`, which arrived in attrs 19.2.0. # Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936 "attrs>=19.2.0,!=21.1.0", "netaddr>=0.7.18", # Jinja 2.x is incompatible with MarkupSafe>=2.1. To ensure that admins do not # end up with a broken installation, with recent MarkupSafe but old Jinja, we # add a lower bound to the Jinja2 dependency. "Jinja2>=3.0", # 3.2.0 updates collections.abc imports to avoid Python 3.10 incompatibility. "bleach>=3.2.0", # pydantic 2.12 depends on typing-extensions>=4.14.1 "typing-extensions>=4.14.1", # We enforce that we have a `cryptography` version that bundles an `openssl` # with the latest security patches. "cryptography>=3.4.7", # ijson 3.1.4 fixes a bug with "." in property names "ijson>=3.1.4", "matrix-common>=1.3.0,<2.0.0", # We need packaging.verison.Version(...).major added in 20.0. "packaging>=20.0", "pydantic>=2.8;python_version < '3.14'", "pydantic>=2.12;python_version >= '3.14'", # This is for building the rust components during "poetry install", which # currently ignores the `build-system.requires` directive (c.f. # https://github.com/python-poetry/poetry/issues/6154). Both `pip install` and # `poetry build` do the right thing without this explicit dependency. # # This isn't really a dev-dependency, as `poetry install --without dev` will fail, # but the alternative is to add it to the main list of deps where it isn't # needed. "setuptools_rust>=1.3", # This is used for parsing multipart responses "python-multipart>=0.0.9", ] [project.optional-dependencies] matrix-synapse-ldap3 = ["matrix-synapse-ldap3>=0.1"] postgres = [ "psycopg2>=2.8;platform_python_implementation != 'PyPy'", "psycopg2cffi>=2.8;platform_python_implementation == 'PyPy'", "psycopg2cffi-compat==1.1;platform_python_implementation == 'PyPy'", ] saml2 = ["pysaml2>=4.5.0"] oidc = ["authlib>=0.15.1"] # systemd-python is necessary for logging to the systemd journal via # `systemd.journal.JournalHandler`, as is documented in # `contrib/systemd/log_config.yaml`. systemd = ["systemd-python>=231"] url-preview = ["lxml>=4.6.3"] sentry = ["sentry-sdk>=0.7.2"] opentracing = ["jaeger-client>=4.2.0", "opentracing>=2.2.0"] jwt = ["authlib"] # hiredis is not a *strict* dependency, but it makes things much faster. # (if it is not installed, we fall back to slow code.) redis = ["txredisapi>=1.4.7", "hiredis"] # Required to use experimental `caches.track_memory_usage` config option. cache-memory = ["pympler"] # If this is updated, don't forget to update the equivalent lines in # tool.poetry.group.dev.dependencies. test = ["parameterized>=0.9.0", "idna>=3.3"] # The duplication here is awful. # # TODO: This can be resolved via PEP 735 dependency groups, which poetry supports # since 2.2.0. However, switching to that would require updating the command # developers use to install the `all` group. This would require some coordination. # # NB: the strings in this list must be *package* names, not extra names. # Some of our extra names _are_ package names, which can lead to great confusion. all = [ # matrix-synapse-ldap3 "matrix-synapse-ldap3>=0.1", # postgres "psycopg2>=2.8;platform_python_implementation != 'PyPy'", "psycopg2cffi>=2.8;platform_python_implementation == 'PyPy'", "psycopg2cffi-compat==1.1;platform_python_implementation == 'PyPy'", # saml2 "pysaml2>=4.5.0", # oidc and jwt "authlib>=0.15.1", # url-preview "lxml>=4.6.3", # sentry "sentry-sdk>=0.7.2", # opentracing "jaeger-client>=4.2.0", "opentracing>=2.2.0", # redis "txredisapi>=1.4.7", "hiredis", # cache-memory "pympler", # omitted: # - test: it's useful to have this separate from dev deps in the olddeps job # - systemd: this is a system-based requirement ] [project.urls] repository = "https://github.com/element-hq/synapse" documentation = "https://element-hq.github.io/synapse/latest" "Issue Tracker" = "https://github.com/element-hq/synapse/issues" [project.scripts] synapse_homeserver = "synapse.app.homeserver:main" synapse_worker = "synapse.app.generic_worker:main" synctl = "synapse._scripts.synctl:main" export_signing_key = "synapse._scripts.export_signing_key:main" generate_config = "synapse._scripts.generate_config:main" generate_log_config = "synapse._scripts.generate_log_config:main" generate_signing_key = "synapse._scripts.generate_signing_key:main" hash_password = "synapse._scripts.hash_password:main" register_new_matrix_user = "synapse._scripts.register_new_matrix_user:main" synapse_port_db = "synapse._scripts.synapse_port_db:main" synapse_review_recent_signups = "synapse._scripts.review_recent_signups:main" update_synapse_database = "synapse._scripts.update_synapse_database:main" [tool.towncrier] package = "synapse" filename = "CHANGES.md" directory = "changelog.d" issue_format = "[\\#{issue}](https://github.com/element-hq/synapse/issues/{issue})" [[tool.towncrier.type]] directory = "feature" name = "Features" showcontent = true [[tool.towncrier.type]] directory = "bugfix" name = "Bugfixes" showcontent = true [[tool.towncrier.type]] directory = "docker" name = "Updates to the Docker image" showcontent = true [[tool.towncrier.type]] directory = "doc" name = "Improved Documentation" showcontent = true [[tool.towncrier.type]] directory = "removal" name = "Deprecations and Removals" showcontent = true [[tool.towncrier.type]] directory = "misc" name = "Internal Changes" showcontent = true [tool.ruff] line-length = 88 target-version = "py310" [tool.ruff.lint] # See https://beta.ruff.rs/docs/rules/#error-e # for error codes. The ones we ignore are: # E501: Line too long (black enforces this for us) # E731: do not assign a lambda expression, use a def # # flake8-bugbear compatible checks. Its error codes are described at # https://beta.ruff.rs/docs/rules/#flake8-bugbear-b # B023: Functions defined inside a loop must not use variables redefined in the loop ignore = [ "B023", "E501", "E731", ] select = [ # pycodestyle "E", "W", # pyflakes "F", # isort "I001", # flake8-bugbear "B0", # flake8-comprehensions "C4", # flake8-2020 "YTT", # flake8-slots "SLOT", # flake8-debugger "T10", # flake8-pie "PIE", # flake8-executable "EXE", # flake8-logging "LOG", # flake8-logging-format "G", # pyupgrade "UP006", "UP007", "UP045", ] extend-safe-fixes = [ # pyupgrade rules compatible with Python >= 3.9 "UP006", "UP007", # pyupgrade rules compatible with Python >= 3.10 "UP045", # Allow ruff to automatically fix trailing spaces within a multi-line string/comment. "W293" ] [tool.ruff.lint.isort] combine-as-imports = true section-order = ["future", "standard-library", "third-party", "twisted", "first-party", "testing", "local-folder"] known-first-party = ["synapse"] [tool.ruff.lint.isort.sections] twisted = ["twisted", "OpenSSL"] testing = ["tests"] [tool.ruff.format] quote-style = "double" indent-style = "space" skip-magic-trailing-comma = false line-ending = "auto" [tool.maturin] manifest-path = "rust/Cargo.toml" module-name = "synapse.synapse_rust" [tool.poetry] packages = [ { include = "synapse" }, ] include = [ { path = "AUTHORS.rst", format = "sdist" }, { path = "book.toml", format = "sdist" }, { path = "changelog.d", format = "sdist" }, { path = "CHANGES.md", format = "sdist" }, { path = "CONTRIBUTING.md", format = "sdist" }, { path = "demo", format = "sdist" }, { path = "docs", format = "sdist" }, { path = "INSTALL.md", format = "sdist" }, { path = "mypy.ini", format = "sdist" }, { path = "scripts-dev", format = "sdist" }, { path = "synmark", format="sdist" }, { path = "sytest-blacklist", format = "sdist" }, { path = "tests", format = "sdist" }, { path = "UPGRADE.rst", format = "sdist" }, { path = "Cargo.toml", format = "sdist" }, { path = "Cargo.lock", format = "sdist" }, { path = "rust/Cargo.toml", format = "sdist" }, { path = "rust/build.rs", format = "sdist" }, { path = "rust/src/**", format = "sdist" }, ] exclude = [ { path = "synapse/*.so", format = "sdist"} ] [tool.poetry.build] script = "build_rust.py" generate-setup-file = true [tool.poetry.group.dev.dependencies] # We pin development dependencies in poetry.lock so that our tests don't start # failing on new releases. Keeping lower bounds loose here means that dependabot # can bump versions without having to update the content-hash in the lockfile. # This helps prevents merge conflicts when running a batch of dependabot updates. ruff = "0.14.5" # Typechecking lxml-stubs = ">=0.4.0" mypy = "*" mypy-zope = "*" types-bleach = ">=4.1.0" types-jsonschema = ">=3.2.0" types-netaddr = ">=0.8.0.6" types-opentracing = ">=2.4.2" types-Pillow = ">=8.3.4" types-psycopg2 = ">=2.9.9" types-pyOpenSSL = ">=20.0.7" types-PyYAML = ">=5.4.10" types-requests = ">=2.26.0" types-setuptools = ">=57.4.0" # Dependencies which are exclusively required by unit test code. This is # NOT a list of all modules that are necessary to run the unit tests. # Tests assume that all optional dependencies are installed. # # If this is updated, don't forget to update the equivalent lines in # project.optional-dependencies.test. parameterized = ">=0.9.0" idna = ">=3.3" # The following are used by the release script click = ">=8.1.3" # GitPython was == 3.1.14; bumped to 3.1.20, the first release with type hints. GitPython = ">=3.1.20" markdown-it-py = ">=3.0.0" pygithub = ">=1.59" # The following are executed as commands by the release script. twine = "*" # Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear. towncrier = ">=18.6.0rc1" # Used for checking the Poetry lockfile tomli = ">=1.2.3" # Used for checking the schema delta files sqlglot = ">=28.0.0" [build-system] # The upper bounds here are defensive, intended to prevent situations like # https://github.com/matrix-org/synapse/issues/13849 and # https://github.com/matrix-org/synapse/issues/14079 where we see buildtime or # runtime errors caused by build system changes. # We are happy to raise these upper bounds upon request, # provided we check that it's safe to do so (i.e. that CI passes). requires = ["poetry-core>=2.0.0,<=2.1.3", "setuptools_rust>=1.3,<=1.11.1"] build-backend = "poetry.core.masonry.api" [tool.cibuildwheel] # Skip unsupported platforms (by us or by Rust). # # See https://cibuildwheel.readthedocs.io/en/stable/options/#build-skip for the # list of supported build targets. # # Also see `.github/workflows/release-artifacts.yml` for the list of # architectures we build for (based on the runner OS types we use), as well as # the platforms we exclude from testing in CI. # # We skip: # - free-threaded cpython builds: these are not currently supported. # - i686: We don't support 32-bit platforms. # - *macosx*: we don't support building wheels for MacOS. skip = "cp3??t-* *i686* *macosx*" # Enable non-default builds. See the list of available options: # https://cibuildwheel.pypa.io/en/stable/options#enable # # "pypy" used to be included by default up until cibuildwheel 3. enable = "pypy" # We need a rust compiler. # # We temporarily pin Rust to 1.82.0 to work around # https://github.com/element-hq/synapse/issues/17988 before-all = "sh .ci/before_build_wheel.sh" environment= { PATH = "$PATH:$HOME/.cargo/bin" } # For some reason if we don't manually clean the build directory we # can end up polluting the next build with a .so that is for the wrong # Python version. before-build = "rm -rf {project}/build" build-frontend = "build" test-command = "python -c 'from synapse.synapse_rust import sum_as_string; print(sum_as_string(1, 2))'" [tool.cibuildwheel.linux] # Wrap the repair command to correctly rename the built cpython wheels as ABI3. repair-wheel-command = "./.ci/scripts/auditwheel_wrapper.py -w {dest_dir} {wheel}"