-
v1.109.0rc1 Pre-Release
released this
2024-06-04 10:53:35 +00:00 | 1628 commits to develop since this releaseSynapse 1.109.0rc1 (2024-06-04)
Features
- Add the ability to auto-accept invites on the behalf of users. See the
auto_accept_invitesconfig option for details. (#17147) - Add experimental MSC3575 Sliding Sync
/sync/e2eeendpoint for to-device messages and device encryption info. (#17167) - Support MSC3916 by adding unstable media endpoints to
/_matrix/client. (#17213) - Add logging to tasks managed by the task scheduler, showing CPU and database usage. (#17219)
Bugfixes
- Fix deduplicating of membership events to not create unused state groups. (#17164)
- Fix bug where duplicate events could be sent down sync when using workers that are overloaded. (#17215)
- Ignore attempts to send to-device messages to bad users, to avoid log spam when we try to connect to the bad server. (#17240)
- Fix handling of duplicate concurrent uploading of device one-time-keys. (#17241)
- Fix reporting of default tags to Sentry, such as worker name. Broke in v1.108.0. (#17251)
- Fix bug where typing updates would not be sent when using workers after a restart. (#17252)
Improved Documentation
- Update the LemonLDAP documentation to say that claims should be explicitly included in the returned
id_token, as Synapse won't request them. (#17204)
Internal Changes
- Improve DB usage when fetching related events. (#17083)
- Log exceptions when failing to auto-join new user according to the
auto_join_roomsoption. (#17176) - Reduce work of calculating outbound device lists updates. (#17211)
- Improve performance of calculating device lists changes in
/sync. (#17216) - Move towards using
MultiWriterIdGeneratoreverywhere. (#17226) - Replaces all usages of
StreamIdGeneratorwithMultiWriterIdGenerator. (#17229) - Change the
allow_unsafe_localeconfig option to also apply when setting up new databases. (#17238) - Fix errors in logs about closing incorrect logging contexts when media gets rejected by a module. (#17239, #17246)
- Clean out invalid destinations from
device_federation_outboxtable. (#17242) - Stop logging errors when receiving invalid User IDs in key querys requests. (#17250)
Updates to locked dependencies
- Bump anyhow from 1.0.83 to 1.0.86. (#17220)
- Bump bcrypt from 4.1.2 to 4.1.3. (#17224)
- Bump lxml from 5.2.1 to 5.2.2. (#17261)
- Bump mypy-zope from 1.0.3 to 1.0.4. (#17262)
- Bump phonenumbers from 8.13.35 to 8.13.37. (#17235)
- Bump prometheus-client from 0.19.0 to 0.20.0. (#17233)
- Bump pyasn1 from 0.5.1 to 0.6.0. (#17223)
- Bump pyicu from 2.13 to 2.13.1. (#17236)
- Bump pyopenssl from 24.0.0 to 24.1.0. (#17234)
- Bump serde from 1.0.201 to 1.0.202. (#17221)
- Bump serde from 1.0.202 to 1.0.203. (#17232)
- Bump twine from 5.0.0 to 5.1.0. (#17225)
- Bump types-psycopg2 from 2.9.21.20240311 to 2.9.21.20240417. (#17222)
- Bump types-pyopenssl from 24.0.0.20240311 to 24.1.0.20240425. (#17260)
Downloads
- Add the ability to auto-accept invites on the behalf of users. See the
-
v1.108.0 Stable
released this
2024-05-28 10:54:46 +00:00 | 1668 commits to develop since this releaseSynapse 1.108.0 (2024-05-28)
No significant changes since 1.108.0rc1.
Synapse 1.108.0rc1 (2024-05-21)
Features
- Add a feature that allows clients to query the configured federation whitelist. Disabled by default. (#16848, #17199)
- Add the ability to allow numeric user IDs with a specific prefix when in the CAS flow. Contributed by Aurélien Grimpard. (#17098)
Bugfixes
- Fix bug where push rules would be empty in
/syncfor some accounts. Introduced in v1.93.0. (#17142) - Add support for optional whitespace around the Federation API's
Authorizationheader's parameter commas. (#17145) - Fix bug where disabling room publication prevented public rooms being created on workers. (#17177, #17184)
Improved Documentation
- Document
/v1/make_knockand/v1/send_knock/federation endpoints as worker-compatible. (#17058) - Update User Admin API with note about prefixing OIDC external_id providers. (#17139)
- Clarify the state of the created room when using the
autocreate_auto_join_room_presetconfig option. (#17150) - Update the Admin FAQ with the current libjemalloc version for latest Debian stable. Additionally update the name of the "push_rules" stream in the Workers documentation. (#17171)
Internal Changes
- Add note to reflect that MSC3886 is closed but will remain supported for some time. (#17151)
- Update dependency PyO3 to 0.21. (#17162)
- Fixes linter errors found in PR #17147. (#17166)
- Bump black from 24.2.0 to 24.4.2. (#17170)
- Cache literal sync filter validation for performance. (#17186)
- Improve performance by fixing a reactor pause. (#17192)
- Route
/make_knockand/send_knockfederation APIs to the federation reader worker in Complement test runs. (#17195) - Prepare sync handler to be able to return different sync responses (
SyncVersion). (#17200) - Organize the sync cache key parameter outside of the sync config (separate concerns). (#17201)
- Refactor
SyncResultBuilderassembly to its own function. (#17202) - Rename to be obvious:
joined_rooms->joined_room_ids. (#17203, #17208) - Add a short pause when rate-limiting a request. (#17210)
Updates to locked dependencies
Downloads
-
v1.108.0rc1 Pre-Release
released this
2024-05-21 10:01:27 +00:00 | 1669 commits to develop since this releaseSynapse 1.108.0rc1 (2024-05-21)
Features
- Add a feature that allows clients to query the configured federation whitelist. Disabled by default. (#16848, #17199)
- Add the ability to allow numeric user IDs with a specific prefix when in the CAS flow. Contributed by Aurélien Grimpard. (#17098)
Bugfixes
- Fix bug where push rules would be empty in
/syncfor some accounts. Introduced in v1.93.0. (#17142) - Add support for optional whitespace around the Federation API's
Authorizationheader's parameter commas. (#17145) - Fix bug where disabling room publication prevented public rooms being created on workers. (#17177, #17184)
Improved Documentation
- Document
/v1/make_knockand/v1/send_knock/federation endpoints as worker-compatible. (#17058) - Update User Admin API with note about prefixing OIDC external_id providers. (#17139)
- Clarify the state of the created room when using the
autocreate_auto_join_room_presetconfig option. (#17150) - Update the Admin FAQ with the current libjemalloc version for latest Debian stable. Additionally update the name of the "push_rules" stream in the Workers documentation. (#17171)
Internal Changes
- Add note to reflect that MSC3886 is closed but will remain supported for some time. (#17151)
- Update dependency PyO3 to 0.21. (#17162)
- Fixes linter errors found in PR #17147. (#17166)
- Bump black from 24.2.0 to 24.4.2. (#17170)
- Cache literal sync filter validation for performance. (#17186)
- Improve performance by fixing a reactor pause. (#17192)
- Route
/make_knockand/send_knockfederation APIs to the federation reader worker in Complement test runs. (#17195) - Prepare sync handler to be able to return different sync responses (
SyncVersion). (#17200) - Organize the sync cache key parameter outside of the sync config (separate concerns). (#17201)
- Refactor
SyncResultBuilderassembly to its own function. (#17202) - Rename to be obvious:
joined_rooms->joined_room_ids. (#17203, #17208) - Add a short pause when rate-limiting a request. (#17210)
Updates to locked dependencies
Downloads
-
v1.107.0 Stable
released this
2024-05-14 13:39:34 +00:00 | 1706 commits to develop since this releaseSynapse 1.107.0 (2024-05-14)
No significant changes since 1.107.0rc1.
Synapse 1.107.0rc1 (2024-05-07)
Features
- Add preliminary support for MSC3823: Account Suspension. (#17051)
- Declare support for Matrix v1.10. Contributed by @clokep. (#17082)
- Add support for MSC4115: membership metadata on events. (#17104, #17137)
Bugfixes
- Fixed search feature of Element Android on homesevers using SQLite by returning search terms as search highlights. (#17000)
- Fixes a bug introduced in v1.52.0 where the
destinationquery parameter for the Destination Rooms Admin API failed to actually filter returned rooms. (#17077) - For MSC3266 room summaries, support queries at the recommended endpoint of
/_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}. The existing endpoint of/_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summaryis deprecated. (#17078) - Apply user email & picture during OIDC registration if present & selected. (#17120)
- Improve error message for cross signing reset with MSC3861 enabled. (#17121)
- Fix a bug which meant that to-device messages received over federation could be dropped when the server was under load or networking problems caused problems between Synapse processes or the database. (#17127)
- Fix bug where
StreamChangeCachewould not respect configured cache factors. (#17152)
Updates to the Docker image
- Correct licensing metadata on Docker image. (#17141)
Improved Documentation
- Update the
event_cache_sizeandglobal_factorconfiguration options' documentation. (#17071) - Remove broken sphinx docs. (#17073, #17148)
- Add RuntimeDirectory to example matrix-synapse.service systemd unit. (#17084)
- Fix various small typos throughout the docs. (#17114)
- Update enable_notifs configuration documentation. (#17116)
- Update the Upgrade Notes with the latest minimum supported Rust version of 1.66.0. Contributed by @jahway603. (#17140)
Internal Changes
- Enable MSC3266 by default in the Synapse Complement image. (#17105)
- Add optimisation to
StreamChangeCache.get_entities_changed(..). (#17130)
Updates to locked dependencies
- Bump furo from 2024.1.29 to 2024.4.27. (#17133)
- Bump idna from 3.6 to 3.7. (#17136)
- Bump jsonschema from 4.21.1 to 4.22.0. (#17157)
- Bump lxml from 5.1.0 to 5.2.1. (#17158)
- Bump phonenumbers from 8.13.29 to 8.13.35. (#17106)
- Bump pillow from 10.2.0 to 10.3.0. (#17146)
- Bump pydantic from 2.6.4 to 2.7.0. (#17107)
- Bump pydantic from 2.7.0 to 2.7.1. (#17160)
- Bump pyicu from 2.12 to 2.13. (#17109)
- Bump serde from 1.0.197 to 1.0.198. (#17111)
- Bump serde from 1.0.198 to 1.0.199. (#17132)
- Bump serde from 1.0.199 to 1.0.200. (#17161)
- Bump serde_json from 1.0.115 to 1.0.116. (#17112)
- Update
tornadoPython dependency from 6.2 to 6.4. (#17131)
Downloads
-
v1.107.0rc1 Pre-Release
released this
2024-05-07 17:08:15 +00:00 | 1707 commits to develop since this releaseSynapse 1.107.0rc1 (2024-05-07)
Features
- Add preliminary support for MSC3823: Account Suspension. (#17051)
- Declare support for Matrix v1.10. Contributed by @clokep. (#17082)
- Add support for MSC4115: membership metadata on events. (#17104, #17137)
Bugfixes
- Fixed search feature of Element Android on homesevers using SQLite by returning search terms as search highlights. (#17000)
- Fixes a bug introduced in v1.52.0 where the
destinationquery parameter for the Destination Rooms Admin API failed to actually filter returned rooms. (#17077) - For MSC3266 room summaries, support queries at the recommended endpoint of
/_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}. The existing endpoint of/_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summaryis deprecated. (#17078) - Apply user email & picture during OIDC registration if present & selected. (#17120)
- Improve error message for cross signing reset with MSC3861 enabled. (#17121)
- Fix a bug which meant that to-device messages received over federation could be dropped when the server was under load or networking problems caused problems between Synapse processes or the database. (#17127)
- Fix bug where
StreamChangeCachewould not respect configured cache factors. (#17152)
Updates to the Docker image
- Correct licensing metadata on Docker image. (#17141)
Improved Documentation
- Update the
event_cache_sizeandglobal_factorconfiguration options' documentation. (#17071) - Remove broken sphinx docs. (#17073, #17148)
- Add RuntimeDirectory to example matrix-synapse.service systemd unit. (#17084)
- Fix various small typos throughout the docs. (#17114)
- Update enable_notifs configuration documentation. (#17116)
- Update the Upgrade Notes with the latest minimum supported Rust version of 1.66.0. Contributed by @jahway603. (#17140)
Internal Changes
- Enable MSC3266 by default in the Synapse Complement image. (#17105)
- Add optimisation to
StreamChangeCache.get_entities_changed(..). (#17130)
Updates to locked dependencies
- Bump furo from 2024.1.29 to 2024.4.27. (#17133)
- Bump idna from 3.6 to 3.7. (#17136)
- Bump jsonschema from 4.21.1 to 4.22.0. (#17157)
- Bump lxml from 5.1.0 to 5.2.1. (#17158)
- Bump phonenumbers from 8.13.29 to 8.13.35. (#17106)
- Bump pillow from 10.2.0 to 10.3.0. (#17146)
- Bump pydantic from 2.6.4 to 2.7.0. (#17107)
- Bump pydantic from 2.7.0 to 2.7.1. (#17160)
- Bump pyicu from 2.12 to 2.13. (#17109)
- Bump serde from 1.0.197 to 1.0.198. (#17111)
- Bump serde from 1.0.198 to 1.0.199. (#17132)
- Bump serde from 1.0.199 to 1.0.200. (#17161)
- Bump serde_json from 1.0.115 to 1.0.116. (#17112)
- Update
tornadoPython dependency from 6.2 to 6.4. (#17131)
Downloads
-
v1.106.0 Stable
released this
2024-04-30 13:05:15 +00:00 | 1749 commits to develop since this releaseSynapse 1.106.0 (2024-04-30)
No significant changes since 1.106.0rc1.
Synapse 1.106.0rc1 (2024-04-25)
Features
- Send an email if the address is already bound to an user account. (#16819)
- Implement the rendezvous mechanism described by MSC4108. (#17056)
- Support delegating the rendezvous mechanism described MSC4108 to an external implementation. (#17086)
Bugfixes
- Add validation to ensure that the
limitparameter on/publicRoomsis non-negative. (#16920) - Return
400 M_NOT_JSONupon receiving invalid JSON in query parameters across various client and admin endpoints, rather than an internal server error. (#16923) - Make the CSAPI endpoint
/keys/device_signing/uploadidempotent. (#16943) - Redact membership events if the user requested erasure upon deactivating. (#17076)
Improved Documentation
- Add a prompt in the contributing guide to manually configure icu4c. (#17069)
- Clarify what part of message retention is still experimental. (#17099)
Internal Changes
- Use new receipts column to optimise receipt and push action SQL queries. Contributed by Nick @ Beeper (@fizzadar). (#17032, #17096)
- Fix mypy with latest Twisted release. (#17036)
- Bump minimum supported Rust version to 1.66.0. (#17079)
- Add helpers to transform Twisted requests to Rust http Requests/Responses. (#17081)
- Fix type annotation for
visited_chainsaftermypyupgrade. (#17125)
Updates to locked dependencies
- Bump anyhow from 1.0.81 to 1.0.82. (#17095)
- Bump peaceiris/actions-gh-pages from 3.9.3 to 4.0.0. (#17087)
- Bump peaceiris/actions-mdbook from 1.2.0 to 2.0.0. (#17089)
- Bump pyasn1-modules from 0.3.0 to 0.4.0. (#17093)
- Bump pygithub from 2.2.0 to 2.3.0. (#17092)
- Bump ruff from 0.3.5 to 0.3.7. (#17094)
- Bump sigstore/cosign-installer from 3.4.0 to 3.5.0. (#17088)
- Bump twine from 4.0.2 to 5.0.0. (#17091)
- Bump types-pillow from 10.2.0.20240406 to 10.2.0.20240415. (#17090)
Downloads
-
v1.106.0rc1 Pre-Release
released this
2024-04-25 16:56:51 +00:00 | 1750 commits to develop since this releaseSynapse 1.106.0rc1 (2024-04-25)
Features
- Send an email if the address is already bound to an user account. (#16819)
- Implement the rendezvous mechanism described by MSC4108. (#17056)
- Support delegating the rendezvous mechanism described MSC4108 to an external implementation. (#17086)
Bugfixes
- Add validation to ensure that the
limitparameter on/publicRoomsis non-negative. (#16920) - Return
400 M_NOT_JSONupon receiving invalid JSON in query parameters across various client and admin endpoints, rather than an internal server error. (#16923) - Make the CSAPI endpoint
/keys/device_signing/uploadidempotent. (#16943) - Redact membership events if the user requested erasure upon deactivating. (#17076)
Improved Documentation
- Add a prompt in the contributing guide to manually configure icu4c. (#17069)
- Clarify what part of message retention is still experimental. (#17099)
Internal Changes
- Use new receipts column to optimise receipt and push action SQL queries. Contributed by Nick @ Beeper (@fizzadar). (#17032, #17096)
- Fix mypy with latest Twisted release. (#17036)
- Bump minimum supported Rust version to 1.66.0. (#17079)
- Add helpers to transform Twisted requests to Rust http Requests/Responses. (#17081)
- Fix type annotation for
visited_chainsaftermypyupgrade. (#17125)
Updates to locked dependencies
- Bump anyhow from 1.0.81 to 1.0.82. (#17095)
- Bump peaceiris/actions-gh-pages from 3.9.3 to 4.0.0. (#17087)
- Bump peaceiris/actions-mdbook from 1.2.0 to 2.0.0. (#17089)
- Bump pyasn1-modules from 0.3.0 to 0.4.0. (#17093)
- Bump pygithub from 2.2.0 to 2.3.0. (#17092)
- Bump ruff from 0.3.5 to 0.3.7. (#17094)
- Bump sigstore/cosign-installer from 3.4.0 to 3.5.0. (#17088)
- Bump twine from 4.0.2 to 5.0.0. (#17091)
- Bump types-pillow from 10.2.0.20240406 to 10.2.0.20240415. (#17090)
Downloads
-
v1.105.1 Stable
released this
2024-04-23 14:59:50 +00:00 | 1778 commits to develop since this releaseSynapse 1.105.1 (2024-04-23)
Security advisory
The following issues are fixed in 1.105.1.
-
GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity
Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage.
See the advisories for more details. If you have any questions, email security@element.io.
Downloads
-
-
v1.105.0 Stable
released this
2024-04-16 14:53:51 +00:00 | 1780 commits to develop since this releaseSynapse 1.105.0 (2024-04-16)
No significant changes since 1.105.0rc1.
Synapse 1.105.0rc1 (2024-04-11)
Features
- Stabilize support for MSC4010 which clarifies the interaction of push rules and account data. Contributed by @clokep. (#17022)
- Stabilize support for MSC3981:
/relationsrecursion. Contributed by @clokep. (#17023) - Add support for moving
/pushrulesoff of main process. (#17037, #17038)
Bugfixes
- Fix various long-standing bugs which could cause incorrect state to be returned from
/syncin certain situations. (#16930, #16932, #16942, #17064, #17065, #17066) - Fix server notice rooms not always being created as unencrypted rooms, even when
encryption_enabled_by_default_for_room_typeis in use (server notices are always unencrypted). (#17033) - Fix the
.m.rule.encrypted_room_one_to_oneand.m.rule.room_one_to_onedefault underride push rules being in the wrong order. Contributed by @Sumpy1. (#17043)
Internal Changes
- Refactor auth chain fetching to reduce duplication. (#17044)
- Improve database performance by adding a missing index to
access_tokens.refresh_token_id. (#17045, #17054) - Improve database performance by reducing number of receipts fetched when sending push notifications. (#17049)
Updates to locked dependencies
- Bump packaging from 23.2 to 24.0. (#17027)
- Bump regex from 1.10.3 to 1.10.4. (#17028)
- Bump ruff from 0.3.2 to 0.3.5. (#17060)
- Bump serde_json from 1.0.114 to 1.0.115. (#17041)
- Bump types-pillow from 10.2.0.20240125 to 10.2.0.20240406. (#17061)
- Bump types-requests from 2.31.0.20240125 to 2.31.0.20240406. (#17063)
- Bump typing-extensions from 4.9.0 to 4.11.0. (#17062)
Downloads
-
v1.105.0rc1 Pre-Release
released this
2024-04-11 11:53:46 +00:00 | 1781 commits to develop since this releaseSynapse 1.105.0rc1 (2024-04-11)
Features
- Stabilize support for MSC4010 which clarifies the interaction of push rules and account data. Contributed by @clokep. (#17022)
- Stabilize support for MSC3981:
/relationsrecursion. Contributed by @clokep. (#17023) - Add support for moving
/pushrulesoff of main process. (#17037, #17038)
Bugfixes
- Fix various long-standing bugs which could cause incorrect state to be returned from
/syncin certain situations. (#16930, #16932, #16942, #17064, #17065, #17066) - Fix server notice rooms not always being created as unencrypted rooms, even when
encryption_enabled_by_default_for_room_typeis in use (server notices are always unencrypted). (#17033) - Fix the
.m.rule.encrypted_room_one_to_oneand.m.rule.room_one_to_onedefault underride push rules being in the wrong order. Contributed by @Sumpy1. (#17043)
Internal Changes
- Refactor auth chain fetching to reduce duplication. (#17044)
- Improve database performance by adding a missing index to
access_tokens.refresh_token_id. (#17045, #17054) - Improve database performance by reducing number of receipts fetched when sending push notifications. (#17049)
Updates to locked dependencies
- Bump packaging from 23.2 to 24.0. (#17027)
- Bump regex from 1.10.3 to 1.10.4. (#17028)
- Bump ruff from 0.3.2 to 0.3.5. (#17060)
- Bump serde_json from 1.0.114 to 1.0.115. (#17041)
- Bump types-pillow from 10.2.0.20240125 to 10.2.0.20240406. (#17061)
- Bump types-requests from 2.31.0.20240125 to 2.31.0.20240406. (#17063)
- Bump typing-extensions from 4.9.0 to 4.11.0. (#17062)
Downloads