Update matrixdotorg/synapse Docker tag to v1.85.2 #10
Loading…
Reference in New Issue
Block a user
No description provided.
Delete Branch "renovate/matrixdotorg-synapse-1.x"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
This PR contains the following updates:
v1.71.0->v1.85.2Release Notes
matrix-org/synapse
v1.85.2Compare Source
Synapse 1.85.2 (2023-06-08)
Bugfixes
v1.85.1Compare Source
Synapse 1.85.1 (2023-06-07)
Note: this release only fixes a bug that stopped some deployments from upgrading to v1.85.0. There is no need to upgrade to v1.85.1 if successfully running v1.85.0.
Bugfixes
v1.85.0Compare Source
Synapse 1.85.0 (2023-06-06)
No significant changes since 1.85.0rc2.
Security advisory
The following issues are fixed in 1.85.0 (and RCs).
GHSA-26c5-ppr8-f33p / CVE-2023-32682 — Low Severity
It may be possible for a deactivated user to login when using uncommon configurations.
GHSA-98px-6486-j7qc / CVE-2023-32683 — Low Severity
A discovered oEmbed or image URL can bypass the
url_preview_url_blacklistsetting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by theurl_preview_ip_range_blacklistsetting (by default this only allows public IPs).See the advisories for more details. If you have any questions, email security@matrix.org.
Synapse 1.85.0rc2 (2023-06-01)
Bugfixes
Deprecations and Removals
/registerendpoint with an unspecceduserproperty for application services. (#15703)Internal Changes
populate_full_user_id_user_filtersandpopulate_full_user_id_profiles. (#15700)Synapse 1.85.0rc1 (2023-05-30)
Features
Bugfixes
url_preview_url_blacklistconfiguration setting was not applied to oEmbed or image URLs found while previewing a URL. (#15601)app_service_config_filesconfig option fails would be incorrectly formatted. (#15614)org.matrix.login.jwtlogin type (if enabled). (#15624)Improved Documentation
Deprecations and Removals
Internal Changes
full_user_idof tablesprofilesanduser_filters. (#15537)worker_namewhen constructing the request. (#15578)thread_idcolumn onevent_push_actions,event_push_actions_staging, andevent_push_summarynon-null. (#15597)stateandstate_groupstorage-related operations to better picture what's happening when tracing. (#15610, #15647)ConfigErrors to beStrSequences instead ofIterable[str]s. (#15615)_trial_temp/test.log). (#15636)trialtest runs. (#15630)HomeServerConfigcache in trial test runs. (#15646)TransportLayerClient. (#15663)Updates to locked dependencies
v1.84.1Compare Source
Synapse 1.84.1 (2023-05-26)
This patch release fixes a major issue with homeservers that do not have an
instance_mapdefined but which do use workers.If you have already upgraded to Synapse 1.84.0 and your homeserver is working normally, then there is no need to update to this patch release.
Bugfixes
instance_mapwas provided. (#15672)Internal Changes
dchandnotify-sendto the development Nix flake so that the release script can be used. (#15673)v1.84.0Compare Source
Synapse 1.84.0 (2023-05-23)
The
worker_replication_*configuration settings have been deprecated in favour of configuring the main process consistently with other instances in theinstance_map. The deprecated settings will be removed in Synapse v1.88.0, but changing your configuration in advance is recommended. See the upgrade notes for more information.Bugfixes
Synapse 1.84.0rc1 (2023-05-16)
Features
forget_rooms_on_leaveconfig option to automatically forget rooms when users leave them or are removed from them. (#15224)/_matrix/client/versions. (#15559)Bugfixes
"m.push_rules"via account data. (#15554, #15555)Deprecations and Removals
worker_replication_*based settings in worker configuration yaml by placing this data directly on theinstance_mapinstead. (#15491)Updates to the Docker image
Improved Documentation
statistics/database/roomsadmin API in documentation. (#15560)Internal Changes
Clientfor use with HTTP Replication between workers. Contributed by Jason Little. (#15470)event_push_actions. (#15531)xmlsecandmdbookpackages and switch back to the upstream cachix/devenv repo in the nix development environment. (#15532, #15533, #15545)"dont_notify"from the list of actions in default push rules. (#15534)/user/devicesfederation queries to application services for MSC3984. (#15539)is_mine_server_namemethod. (#15542)PODMANenvironment variable toscripts-dev/complement.sh. (#15543)org.matrix.msc3981info to/_matrix/client/versions. (#15558)/_matrix/client/versionsif the experimental implementation is enabled. (#15562)pip installto use setuptools_rust 1.6.0 when building Synapse. (#15570)run_as_background_processfrom the module API. (#15577)v1.83.0Compare Source
Synapse 1.83.0 (2023-05-09)
No significant changes since 1.83.0rc1.
Synapse 1.83.0rc1 (2023-05-02)
Features
Bugfixes
Improved Documentation
Internal Changes
full_user_idto tablesprofilesanduser_filters. (#15458)/keys/claimrequest. (#15462)v1.82.0Compare Source
Synapse 1.82.0 (2023-04-25)
No significant changes since 1.82.0rc1.
Synapse 1.82.0rc1 (2023-04-18)
Features
/directory/room/{roomAlias}endpoint on workers. (#15333)instance_mapconfiguration loading. (#15431)/capabilitiesendpoint on workers. (#15436)Bugfixes
on_logged_outmodule hooks will be called before the deletion of pushers. (#15410)app_service_config_filesis not a list. (#15425)RefreshTokenServlet(/_matrix/client/(r0|v3|unstable)/refresh) on workers. (#15428)Improved Documentation
delete_stale_devices_afterbackground job always runs on the main process. (#15452)Deprecations and Removals
Internal Changes
stream_ordering_to_exterm. (#15382, #15429)creatorto create events. (#15394)redactskey to acontentproperty. (#15395)SimpleHttpClientto pull out a base class. (#15427)TestSSOHandler. (#15433)/_matrix/static/. (#15438)v1.81.0Compare Source
Synapse 1.81.0 (2023-04-11)
Synapse now attempts the versioned appservice paths before falling back to the legacy paths. Usage of the legacy routes should be considered deprecated.
Additionally, Synapse has supported sending the application service access token via the
Authorizationheader since v1.70.0. For backwards compatibility it is also sent as theaccess_tokenquery parameter. This is insecure and should be considered deprecated.A future version of Synapse (v1.88.0 or later) will remove support for legacy application service routes and query parameter authorization.
No significant changes since 1.81.0rc2.
Synapse 1.81.0rc2 (2023-04-06)
Bugfixes
set_device_id_for_pushers_txnbackground update crash. (#15391)Internal Changes
Synapse 1.81.0rc1 (2023-04-04)
Features
/password_policyendpoint on workers. (#15331)Bugfixes
m.room.messageevents would not be correctly bundled. (#15295)to ensure that the sqlite database passed to the script exists before trying to port from it. (#15306)
_INT_STREAM_POSkey. (#15309)Improved Documentation
Internal Changes
immutabledictinstead offrozendict. (#15113)device_idinstead of theaccess_token_idfor various operations. (#15280)e12eda5tofc32530. (#15304)TRUNCATEon Postgres when clearing the user directory tables. (#15316).gitignorerule for the Complement source tarball downloaded automatically bycomplement.sh. (#15319)v1.80.0Compare Source
Synapse 1.80.0 (2023-03-28)
No significant changes since 1.80.0rc2.
Synapse 1.80.0rc2 (2023-03-22)
Bugfixes
POST /_matrix/client/v3/rooms/{roomId}/report/{eventId}endpoint would return the wrong error if the user did not have permission to view the event. This aligns Synapse's implementation with MSC2249. (#15298, #15300)would fail to open the SQLite database. (#15301)
Synapse 1.80.0rc1 (2023-03-21)
Features
event_property_containspush condition. (#15187)/register/availableendpoint on workers. (#15268)Bugfixes
Updates to the Docker image
cryptographywheel. (#15239)ghcr.io/matrix-org/synapse). (#15281, #15282)Improved Documentation
Internal Changes
Synapse-Trace-Idtoaccess-control-expose-headersheader. (#14974)HttpTransactionCacheuse theRequesterin addition of the just theRequestto build the transaction key. (#15200)destinationsanddestination_roomstables. (#15247)_set_destination_retry_timings_emulated. (#15266)configure_workers_and_startscript used in Complement tests compatible with older versions of Python. (#15275)/versionsflag for MSC3952. (#15293)v1.79.0Compare Source
Synapse 1.79.0 (2023-03-14)
No significant changes since 1.79.0rc2.
Synapse 1.79.0rc2 (2023-03-13)
Bugfixes
on_remove_user_third_party_identifiermodule API callback would be a no-op. (#15227)Internal Changes
filter_events_for_server. (#15240)Synapse 1.79.0rc1 (2023-03-07)
Features
on_add_user_third_party_identifierandon_remove_user_third_party_identifier. (#15044)/filterClient-Server APIs on workers. (#15134)event_property_ispush condition. (#15185)Bugfixes
transaction_idin the events included in many endpoints' responses. (#15174)405error. (#15180)Updates to the Docker image
Improved Documentation
on_new_eventmodule API callback runs on. (#15071)federation_verify_certificatesin configuration documentation. (#15139)MatrixFederationHttpClientmethods. (#15148)registration_shared_secret_pathon startup. (#15168)Deprecations and Removals
on_threepid_bindmodule callback, to be replaced byon_add_user_third_party_identifier. See upgrade notes. (#15044)room_aliasfield from the/createRoomresponse. (#15093)PUTon the/knock/{roomIdOrAlias}endpoint. (#15189)typeparameter to the/thumbnailendpoint. (#15137)PUTmethod on the unstable/rooms/<room_id>/batch_sendendpoint. (#15199)Internal Changes
FileExfiltrationWriter. (#15095)get_event_reportandget_event_reports_paginatefromRoomStoretoRoomWorkerStore. (#15165)get_next_txnmethod toStreamIdGeneratorto matchMultiWriterIdGenerator. (#15191)AbstractStreamIdTrackerandAbstractStreamIdGenerator. (#15192)ruff. (#15194)test_icu_word_boundary_punctuationso that it passes with the ICU versions available in Alpine and macOS. (#15177)Locked dependency updates
v1.78.0Compare Source
Synapse 1.78.0 (2023-02-28)
Bugfixes
Synapse 1.78.0rc1 (2023-02-21)
Features
exact_event_matchpush rule condition from MSC3758. (#14964)exact_event_property_containspush rule condition from MSC3966. (#15045)dont_notifyaction from the defaults for the.m.rule.reactionpushrule. (#15073)Bugfixes
healthlistener was configured. (#15096)Improved Documentation
Internal Changes
UnpersistedEventContextto allow for the batching up of storing state groups. (#14675)_is_local_room_accessibleas part of room visibility in/hierarchyto clarify the condition for a room being visible. (#14834)WARNING: there is already a transaction in progresslines appearing in PostgreSQL's logs on some occasions. (#14840)StrCollectionto avoid potential bugs withCollection[str]. (#14929)/syncin a few situations. (#14973)contrib, to make it easier for IDEs to interrogate Synapse's database schema. (#14982)get_user_devices_from_cache. (#15040)_generate_sync_entry_for_account_data. (#15047)try_unbind_threepidand_try_unbind_threepid_with_id_serverto not use dictionaries. (#15053)Locked dependency updates
9cd00a8to25dc93b. (#15060)25dc93btoe12eda5. (#15101)v1.77.0Compare Source
Synapse 1.77.0 (2023-02-14)
No significant changes since 1.77.0rc2.
Synapse 1.77.0rc2 (2023-02-10)
Bugfixes
Internal Changes
Synapse 1.77.0rc1 (2023-02-07)
Features
Bugfixes
next_batchtokens from/synccould not be used with the/relationsendpoint. (#14866)send_local_online_presence_towould fail to send presence updates over federation. (#14880)@roomnotification levels set tonullin their (malformed) power levels. (#14942)Internal Changes
StrCollectionto avoid potential bugs withCollection[str]. (#14922)/syncin a few situations. (#14908, #14970)/contrib/lnav. (#14953)v2/send_join/requests to indicate if they served a partial join response. (#14950)cargowithout theextension-moduleoption. (#14965)_flatten_dict. (#14981, #15002)Dependabot updates
e645b0cto9cd00a8. (#14968)v1.76.0Compare Source
Synapse 1.76.0 (2023-01-31)
The 1.76 release is the first to enable faster joins (MSC3706 and MSC3902) by default. Admins can opt-out: see the upgrade notes for more details.
The upgrade from 1.75 to 1.76 changes the account data replication streams in a backwards-incompatible manner. Server operators running a multi-worker deployment should consult the upgrade notes.
Those who are
poetry installing from source using our lockfile should ensure their poetry version is 1.3.2 or higher; see upgrade notes.Notes on faster joins
The faster joins project sees the most benefit when joining a room with a large number of members (joined or historical). We expect it to be particularly useful for joining large public rooms like the Matrix HQ or Synapse Admins rooms.
After a faster join, Synapse considers that room "partially joined". In this state, you should be able to
Synapse has to spend more effort to complete the join in the background. Once this finishes, you will be able to
Improved Documentation
Synapse 1.76.0rc2 (2023-01-27)
Bugfixes
Internal Changes
Synapse 1.76.0rc1 (2023-01-25)
Features
set_displayname()method to the module API for setting a user's display name. (#14629)healthendpoint. (#14747)Bugfixes
/timestamp_to_eventendpoint used for jumping to a specific date in the timeline of a room. (#14799)populate_room_statsbackground job could fail on broken rooms. (#14873)Updates to the Docker image
Improved Documentation
x_forwardedentry in the HTTP listener example configs and remove the remainingworker_main_http_urientries. (#14667)tagtolistenerssection. (#14803)user_directory.search_all_users. (#14818)worker_manholeto configuration manual. (#14824)idfield in application service documentation. (#14845)Deprecations and Removals
poetry installing from source. (#14860)Internal Changes
Keyringclass for readability. (#14804)poetry.toml) to.gitignore. (#14807)cargo fmtandcargo clippyto the lint script. (#14822)presence. (#14825)wait_for_stream_positionto correctly wait for the right instance to advance its token. (#14856, #14872)/stateids. (#14912)v1.75.0Compare Source
Synapse 1.75.0 (2023-01-17)
No significant changes since 1.75.0rc2.
Synapse 1.75.0rc2 (2023-01-12)
Bugfixes
/membersor/statewith anatparameter could fail for newly created rooms, when using multiple workers. (#14817)Synapse 1.75.0rc1 (2023-01-10)
Features
cachedfunction tosynapse.module_apithat returns a decorator to cache return values of functions. (#14663)/syncwhen filtering all rooms, message types, or senders. (#14786)/hierarchyendpoint. (#14263)Bugfixes
jobname for the workers of a Synapse deployment. (#14644)UNIQUE constraint failederrors in therotate_notifsbackground job. (#14669)devicefield from/pushrulesresponses. (#14727)picture_claimconfigured underoidc_providerswas unused (the default value of"picture"was used instead). (#14751)Improved Documentation
target_memory_usagebeing used in the description for the actualcache_autotunesub-optiontarget_cache_memory_usage. (#14674)emailto Server section in config file documentation. (#14730)htmltestto check links in the Synapse documentation. (#14743)Internal Changes
handle_new_client_eventsignature so that a 429 does not reach clients onPartialStateConflictError, and internally retry when needed instead. (#14665)compute_state_after_eventsconsistent with other state-fetching functions that take aStateFilter. (#14676)CachedFunction. (#14685).direnv/directory to .gitignore to prevent local state generated by the direnv development tool from being committed. (#14707)msgids of any to-device messages that are returned over/sync. (#14724)dh-virtualenvto work around an upstream Python 3.11 incompatibility. (#14774)Dependabot updates
v1.74.0Compare Source
Synapse 1.74.0 (2022-12-20)
Improved Documentation
Synapse 1.74.0rc1 (2022-12-13)
Features
keyIdsparameter when calling/_matrix/key/v2/server. (#14490, #14525)push.enabledconfig option to allow opting out of push notification calculation. (#14551, #14619)/_matrix/client/versions. (#14576)Bugfixes
POST /rooms/<room_id>/<membership>/,POST /join/<room_id_or_alias, or the unspeccedPUT /join/<room_id_or_alias>/<txn_id>receive an empty HTTP request body. (#14600)register_new_matrix_userscript failing. (#14637)Improved Documentation
pusherandfederation_senderfunctionality. (#14493)turn_allow_guestsexample value to lowercasetrue. (#14634)Internal Changes
ClientRestResourcefor both workers and the main process. (#14528)--editableflag tocomplement.shwhich uses an editable install of Synapse for faster turn-around times whilst developing iteratively. (#14548)gotestfmttemplate in CI. (#14611)StateFiltertosynapse.types. (#14668)v1.73.0Compare Source
Synapse 1.73.0 (2022-12-06)
Please note that legacy Prometheus metric names have been removed in this release; see the upgrade notes for more details.
No significant changes since 1.73.0rc2.
Synapse 1.73.0rc2 (2022-12-01)
Bugfixes
Synapse 1.73.0rc1 (2022-11-29)
Features
/messageswithfilter_events_for_clientoptimizations. (#14527)device_lists_changes_in_room. (#14534)/timestamp_to_eventendpoints to stablev1location (/_matrix/client/v1/rooms/<roomID>/timestamp_to_event?ts=<timestamp>&dir=<direction>,/_matrix/federation/v1/timestamp_to_event/<roomID>?ts=<timestamp>&dir=<direction>). (#14471)org.matrix.msc1767.10) via MSC1767, MSC3931, MSC3932, and MSC3933. (#14520, #14521, #14524)Bugfixes
org.matrix.msc3026.busywould mistakenly be set toonlinewhen calling/syncor/eventson a worker process. (#14393)org.matrix.msc3202.device_one_time_key_countskey, include a duplicate key oforg.matrix.msc3202.device_one_time_keys_countto match the name proposed by MSC3202. (#14565)Improved Documentation
Deprecations and Removals
Internal Changes
worker_main_http_uriconfiguration setting. This is now handled via internal replication. (#14400, #14476)federation_senderandpusherconfiguration loading. (#14496)(#14509, #14573)
send_join(potentially updated with received membership events) inassert_host_in_room. (#14515)scripts-dev/federation_client: Fix routing on servers with.well-knownfiles. (#14479)(stream ID, room ID)position instead of updating theconverted_to_destinationsflag on every row. (#14516).pyifiles. (#14526)Cargo.lockchanges. This is particularly useful for dependabot updates. (#14571)create_new_client_event. (#14575)poetry.lockfile and in CI scripts. (#14557, #14559, #14560, #14500, #14501, #14502, #14503, #14504, #14505).v1.72.0Compare Source
Synapse 1.72.0 (2022-11-22)
Please note that Synapse now only supports PostgreSQL 11+, because PostgreSQL 10 has reached end-of-life, c.f. our Deprecation Policy.
Bugfixes
Synapse 1.72.0rc1 (2022-11-16)
Features
Bugfixes
/syncfilter, instead of ignoring it for forward compatibility. (#14369)event_searchtable, taking a long time and a large amount of IO. (#14409)Updates to the Docker image
configure_workers_and_start.py. (#14197)Improved Documentation
Deprecations and Removals
Internal Changes
complement.shcommand line script to request certain types of workers. (#14324)/messagesby relation type) in complement. (#14339)prev_events. (#14346)get_partial_state_events_batchdoes not just give you completely arbitrary partial-state events. (#14417)attrsandgitpython. (#14433)PushRuleEvaluator.run. (#14451)/contextin large rooms. (#14461)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR has been generated by Renovate Bot.