summary refs log tree commit diff
path: root/docs (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Merge tag 'v1.38.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-09-0112-73/+2068
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.38.0 (2021-07-13) =========================== This release includes a database schema update which could result in elevated disk usage. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1380) for more information. No significant changes since 1.38.0rc3. Synapse 1.38.0rc3 (2021-07-13) ============================== Internal Changes ---------------- - Build the Debian packages in CI. ([\#10247](https://github.com/matrix-org/synapse/issues/10247), [\#10379](https://github.com/matrix-org/synapse/issues/10379)) Synapse 1.38.0rc2 (2021-07-09) ============================== Bugfixes -------- - Fix bug where inbound federation in a room could be delayed due to not correctly dropping a lock. Introduced in v1.37.1. ([\#10336](https://github.com/matrix-org/synapse/issues/10336)) Improved Documentation ---------------------- - Update links to documentation in the sample config. Contributed by @dklimpel. ([\#10287](https://github.com/matrix-org/synapse/issues/10287)) - Fix broken links in [INSTALL.md](INSTALL.md). Contributed by @dklimpel. ([\#10331](https://github.com/matrix-org/synapse/issues/10331)) Synapse 1.38.0rc1 (2021-07-06) ============================== Features -------- - Implement refresh tokens as specified by [MSC2918](https://github.com/matrix-org/matrix-doc/pull/2918). ([\#9450](https://github.com/matrix-org/synapse/issues/9450)) - Add support for evicting cache entries based on last access time. ([\#10205](https://github.com/matrix-org/synapse/issues/10205)) - Omit empty fields from the `/sync` response. Contributed by @deepbluev7. ([\#10214](https://github.com/matrix-org/synapse/issues/10214)) - Improve validation on federation `send_{join,leave,knock}` endpoints. ([\#10225](https://github.com/matrix-org/synapse/issues/10225), [\#10243](https://github.com/matrix-org/synapse/issues/10243)) - Add SSO `external_ids` to the Query User Account admin API. ([\#10261](https://github.com/matrix-org/synapse/issues/10261)) - Mark events received over federation which fail a spam check as "soft-failed". ([\#10263](https://github.com/matrix-org/synapse/issues/10263)) - Add metrics for new inbound federation staging area. ([\#10284](https://github.com/matrix-org/synapse/issues/10284)) - Add script to print information about recently registered users. ([\#10290](https://github.com/matrix-org/synapse/issues/10290)) Bugfixes -------- - Fix a long-standing bug which meant that invite rejections and knocks were not sent out over federation in a timely manner. ([\#10223](https://github.com/matrix-org/synapse/issues/10223)) - Fix a bug introduced in v1.26.0 where only users who have set profile information could be deactivated with erasure enabled. ([\#10252](https://github.com/matrix-org/synapse/issues/10252)) - Fix a long-standing bug where Synapse would return errors after 2<sup>31</sup> events were handled by the server. ([\#10264](https://github.com/matrix-org/synapse/issues/10264), [\#10267](https://github.com/matrix-org/synapse/issues/10267), [\#10282](https://github.com/matrix-org/synapse/issues/10282), [\#10286](https://github.com/matrix-org/synapse/issues/10286), [\#10291](https://github.com/matrix-org/synapse/issues/10291), [\#10314](https://github.com/matrix-org/synapse/issues/10314), [\#10326](https://github.com/matrix-org/synapse/issues/10326)) - Fix the prometheus `synapse_federation_server_pdu_process_time` metric. Broke in v1.37.1. ([\#10279](https://github.com/matrix-org/synapse/issues/10279)) - Ensure that inbound events from federation that were being processed when Synapse was restarted get promptly processed on start up. ([\#10303](https://github.com/matrix-org/synapse/issues/10303)) Improved Documentation ---------------------- - Move the upgrade notes to [docs/upgrade.md](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md) and convert them to markdown. ([\#10166](https://github.com/matrix-org/synapse/issues/10166)) - Choose Welcome & Overview as the default page for synapse documentation website. ([\#10242](https://github.com/matrix-org/synapse/issues/10242)) - Adjust the URL in the README.rst file to point to irc.libera.chat. ([\#10258](https://github.com/matrix-org/synapse/issues/10258)) - Fix homeserver config option name in presence router documentation. ([\#10288](https://github.com/matrix-org/synapse/issues/10288)) - Fix link pointing at the wrong section in the modules documentation page. ([\#10302](https://github.com/matrix-org/synapse/issues/10302)) Internal Changes ---------------- - Drop `Origin` and `Accept` from the value of the `Access-Control-Allow-Headers` response header. ([\#10114](https://github.com/matrix-org/synapse/issues/10114)) - Add type hints to the federation servlets. ([\#10213](https://github.com/matrix-org/synapse/issues/10213)) - Improve the reliability of auto-joining remote rooms. ([\#10237](https://github.com/matrix-org/synapse/issues/10237)) - Update the release script to use the semver terminology and determine the release branch based on the next version. ([\#10239](https://github.com/matrix-org/synapse/issues/10239)) - Fix type hints for computing auth events. ([\#10253](https://github.com/matrix-org/synapse/issues/10253)) - Improve the performance of the spaces summary endpoint by only recursing into spaces (and not rooms in general). ([\#10256](https://github.com/matrix-org/synapse/issues/10256)) - Move event authentication methods from `Auth` to `EventAuthHandler`. ([\#10268](https://github.com/matrix-org/synapse/issues/10268)) - Re-enable a SyTest after it has been fixed. ([\#10292](https://github.com/matrix-org/synapse/issues/10292))
| * Fix broken links in INSTALL.md (#10331)Dirk Klimpel2021-07-086-13/+604
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
| * Update links to documentation in sample config (#10287)Dirk Klimpel2021-07-072-22/+24
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
| * Add upgrade notes about disk space for events migration (#10314)Richard van der Hoff2021-07-061-1/+39
| |
| * Add support for evicting cache entries based on last access time. (#10205)Erik Johnston2021-07-051-28/+34
| |
| * Fix bad link in modules documentation (#10302)Brendan Abolivier2021-07-021-1/+1
| | | | | | Fix link in modules doc to point at instructions on registering a callback instead of ones on registering a web resource.
| * Add SSO `external_ids` to Query User Account admin API (#10261)Dirk Klimpel2021-07-011-1/+11
| | | | | | Related to #10251
| * Fix the homeserver config example in presence router docs (#10288)Andrew Morgan2021-06-301-1/+3
| | | | | | | | | | The presence router docs include some sample homeserver config. At some point we changed the name of the [config option](https://github.com/matrix-org/synapse/blob/859dc05b3692a3672c1a0db8deaaa9274b6aa6f5/docs/sample_config.yaml#L104-L113), but forgot to update the docs. I've also added `presence.enabled: true` to the example, as that's the new way to enable presence (the `presence_enabled` option has been deprecated).
| * Convert UPGRADE.rst to markdown (#10166)Andrew Morgan2021-06-233-8/+1354
| | | | | | | | | | | | | | | | | | This PR: * Converts UPGRADE.rst to markdown and moves the contents into the `docs/` directory. * Updates the contents of UPGRADE.rst to point to the website instead. * Updates links around the codebase that point to UPGRADE.rst. `pandoc` + some manual editing was used to convert from RST to md.
* | Merge tag 'v1.37.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-09-0126-330/+543
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.37.0 (2021-06-29) =========================== This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new generic module interface. This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. Synapse 1.37.0rc1 (2021-06-24) ============================== Features -------- - Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739), [\#9359](https://github.com/matrix-org/synapse/issues/9359), [\#10167](https://github.com/matrix-org/synapse/issues/10167), [\#10212](https://github.com/matrix-org/synapse/issues/10212), [\#10227](https://github.com/matrix-org/synapse/issues/10227)) - Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716)). ([\#9247](https://github.com/matrix-org/synapse/issues/9247)) - Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10206](https://github.com/matrix-org/synapse/issues/10206)) - Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108)) - Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191)) Bugfixes -------- - Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115)) - Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154)) - Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157), [\#10158](https://github.com/matrix-org/synapse/issues/10158)) - Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175)) - Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184)) - Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195)) - Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208)) - Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221)) Improved Documentation ---------------------- - Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436)) - Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122)) - Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180)) - Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198)) Deprecations and Removals ------------------------- - The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10210](https://github.com/matrix-org/synapse/issues/10210), [\#10238](https://github.com/matrix-org/synapse/issues/10238)) - Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161)) - Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194)) Internal Changes ---------------- - Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933)) - Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080)) - Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134), [\#10193](https://github.com/matrix-org/synapse/issues/10193)) - Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143)) - Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144)) - Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145)) - Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148)) - Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155)) - Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156)) - Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160)) - Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164)) - Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168)) - Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183)) - Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188)) - Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189)) - Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190)) - Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197)) - Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199))
| * Implement config option `sso.update_profile_information` (#10108)jkanefendt2021-06-211-0/+11
| | | | | | | | | | | | Implemented config option sso.update_profile_information to keep user's display name in sync with the SSO displayname. Signed-off-by: Johannes Kanefendt <johannes.kanefendt@krzn.de>
| * Describe callbacks signatures as async in new modules doc (#10206)Brendan Abolivier2021-06-181-8/+8
| |
| * Standardise the module interface (#10062)Brendan Abolivier2021-06-184-14/+279
| | | | | | This PR adds a common configuration section for all modules (see docs). These modules are then loaded at startup by the homeserver. Modules register their hooks and web resources using the new `register_[...]_callbacks` and `register_web_resource` methods of the module API.
| * Remove support for ACME v1 (#10194)Brendan Abolivier2021-06-173-264/+9
| | | | | | | | | | Fixes #9778 ACME v1 has been fully decommissioned for existing installs on June 1st 2021(see https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27), so we can now safely remove it from Synapse.
| * Always require users to re-authenticate for dangerous operations. (#10184)Patrick Cloke2021-06-161-0/+4
| | | | | | | | | | | | | | Dangerous actions means deactivating an account, modifying an account password, or adding a 3PID. Other actions (deleting devices, uploading keys) can re-use the same UI auth session if ui_auth.session_timeout is configured.
| * A guide to the request log lines format. (#8436)Michael Kaye2021-06-162-0/+45
| | | | | | | | | | | | | | This doc is short but a useful guide to what the request log lines mean. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org> Co-authored-by: Daniele Sluijters <daenney@users.noreply.github.com>
| * Fix broken links in documentation (#10180)Dirk Klimpel2021-06-1618-51/+52
| | | | | | | | | | * Fix broken links in documentation * newsfile
| * Notes on boolean columns in database schemas (#10164)Richard van der Hoff2021-06-111-0/+42
| |
| * Support for database schema version ranges (#9933)Richard van der Hoff2021-06-112-1/+97
| | | | | | This is essentially an implementation of the proposal made at https://hackmd.io/@richvdh/BJYXQMQHO, though the details have ended up looking slightly different.
| * Mention that you need to configure max upload size in reverse proxy as well ↵Aaron Raimist2021-06-101-0/+4
| | | | | | | | | | (#10122) Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Merge tag 'v1.36.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-08-3141-1209/+2122
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.36.0 (2021-06-15) =========================== No significant changes. Synapse 1.36.0rc2 (2021-06-11) ============================== Bugfixes -------- - Fix a bug which caused presence updates to stop working some time after a restart, when using a presence writer worker. Broke in v1.33.0. ([\#10149](https://github.com/matrix-org/synapse/issues/10149)) - Fix a bug when using federation sender worker where it would send out more presence updates than necessary, leading to high resource usage. Broke in v1.33.0. ([\#10163](https://github.com/matrix-org/synapse/issues/10163)) - Fix a bug where Synapse could send the same presence update to a remote twice. ([\#10165](https://github.com/matrix-org/synapse/issues/10165)) Synapse 1.36.0rc1 (2021-06-08) ============================== Features -------- - Add new endpoint `/_matrix/client/r0/rooms/{roomId}/aliases` from Client-Server API r0.6.1 (previously [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432)). ([\#9224](https://github.com/matrix-org/synapse/issues/9224)) - Improve performance of incoming federation transactions in large rooms. ([\#9953](https://github.com/matrix-org/synapse/issues/9953), [\#9973](https://github.com/matrix-org/synapse/issues/9973)) - Rewrite logic around verifying JSON object and fetching server keys to be more performant and use less memory. ([\#10035](https://github.com/matrix-org/synapse/issues/10035)) - Add new admin APIs for unprotecting local media from quarantine. Contributed by @dklimpel. ([\#10040](https://github.com/matrix-org/synapse/issues/10040)) - Add new admin APIs to remove media by media ID from quarantine. Contributed by @dklimpel. ([\#10044](https://github.com/matrix-org/synapse/issues/10044)) - Make reason and score parameters optional for reporting content. Implements [MSC2414](https://github.com/matrix-org/matrix-doc/pull/2414). Contributed by Callum Brown. ([\#10077](https://github.com/matrix-org/synapse/issues/10077)) - Add support for routing more requests to workers. ([\#10084](https://github.com/matrix-org/synapse/issues/10084)) - Report OpenTracing spans for database activity. ([\#10113](https://github.com/matrix-org/synapse/issues/10113), [\#10136](https://github.com/matrix-org/synapse/issues/10136), [\#10141](https://github.com/matrix-org/synapse/issues/10141)) - Significantly reduce memory usage of joining large remote rooms. ([\#10117](https://github.com/matrix-org/synapse/issues/10117)) Bugfixes -------- - Fixed a bug causing replication requests to fail when receiving a lot of events via federation. ([\#10082](https://github.com/matrix-org/synapse/issues/10082)) - Fix a bug in the `force_tracing_for_users` option introduced in Synapse v1.35 which meant that the OpenTracing spans produced were missing most tags. ([\#10092](https://github.com/matrix-org/synapse/issues/10092)) - Fixed a bug that could cause Synapse to stop notifying application services. Contributed by Willem Mulder. ([\#10107](https://github.com/matrix-org/synapse/issues/10107)) - Fix bug where the server would attempt to fetch the same history in the room from a remote server multiple times in parallel. ([\#10116](https://github.com/matrix-org/synapse/issues/10116)) - Fix a bug introduced in Synapse 1.33.0 which caused replication requests to fail when receiving a lot of very large events via federation. ([\#10118](https://github.com/matrix-org/synapse/issues/10118)) - Fix bug when using workers where pagination requests failed if a remote server returned zero events from `/backfill`. Introduced in 1.35.0. ([\#10133](https://github.com/matrix-org/synapse/issues/10133)) Improved Documentation ---------------------- - Clarify security note regarding hosting Synapse on the same domain as other web applications. ([\#9221](https://github.com/matrix-org/synapse/issues/9221)) - Update CAPTCHA documentation to mention turning off the verify origin feature. Contributed by @aaronraimist. ([\#10046](https://github.com/matrix-org/synapse/issues/10046)) - Tweak wording of database recommendation in `INSTALL.md`. Contributed by @aaronraimist. ([\#10057](https://github.com/matrix-org/synapse/issues/10057)) - Add initial infrastructure for rendering Synapse documentation with mdbook. ([\#10086](https://github.com/matrix-org/synapse/issues/10086)) - Convert the remaining Admin API documentation files to markdown. ([\#10089](https://github.com/matrix-org/synapse/issues/10089)) - Make a link in docs use HTTPS. Contributed by @RhnSharma. ([\#10130](https://github.com/matrix-org/synapse/issues/10130)) - Fix broken link in Docker docs. ([\#10132](https://github.com/matrix-org/synapse/issues/10132)) Deprecations and Removals ------------------------- - Remove the experimental `spaces_enabled` flag. The spaces features are always available now. ([\#10063](https://github.com/matrix-org/synapse/issues/10063)) Internal Changes ---------------- - Tell CircleCI to build Docker images from `main` branch. ([\#9906](https://github.com/matrix-org/synapse/issues/9906)) - Simplify naming convention for release branches to only include the major and minor version numbers. ([\#10013](https://github.com/matrix-org/synapse/issues/10013)) - Add `parse_strings_from_args` for parsing an array from query parameters. ([\#10048](https://github.com/matrix-org/synapse/issues/10048), [\#10137](https://github.com/matrix-org/synapse/issues/10137)) - Remove some dead code regarding TLS certificate handling. ([\#10054](https://github.com/matrix-org/synapse/issues/10054)) - Remove redundant, unmaintained `convert_server_keys` script. ([\#10055](https://github.com/matrix-org/synapse/issues/10055)) - Improve the error message printed by synctl when synapse fails to start. ([\#10059](https://github.com/matrix-org/synapse/issues/10059)) - Fix GitHub Actions lint for newsfragments. ([\#10069](https://github.com/matrix-org/synapse/issues/10069)) - Update opentracing to inject the right context into the carrier. ([\#10074](https://github.com/matrix-org/synapse/issues/10074)) - Fix up `BatchingQueue` implementation. ([\#10078](https://github.com/matrix-org/synapse/issues/10078)) - Log method and path when dropping request due to size limit. ([\#10091](https://github.com/matrix-org/synapse/issues/10091)) - In Github Actions workflows, summarize the Sytest results in an easy-to-read format. ([\#10094](https://github.com/matrix-org/synapse/issues/10094)) - Make `/sync` do fewer state resolutions. ([\#10102](https://github.com/matrix-org/synapse/issues/10102)) - Add missing type hints to the admin API servlets. ([\#10105](https://github.com/matrix-org/synapse/issues/10105)) - Improve opentracing annotations for `Notifier`. ([\#10111](https://github.com/matrix-org/synapse/issues/10111)) - Enable Prometheus metrics for the jaeger client library. ([\#10112](https://github.com/matrix-org/synapse/issues/10112)) - Work to improve the responsiveness of `/sync` requests. ([\#10124](https://github.com/matrix-org/synapse/issues/10124)) - OpenTracing: use a consistent name for background processes. ([\#10135](https://github.com/matrix-org/synapse/issues/10135))
| * Name release branches just after major.minor (#10013)Dan Callahan2021-06-081-4/+4
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | With the prior format, 1.33.0 / 1.33.1 / 1.33.2 got separate branches: release-v1.33.0 release-v1.33.1 release-v1.33.2 Under the new model, all three would share a common branch: release-v1.33 As before, RCs and actual releases exist as tags on these branches. This better reflects our support model, e.g., that the "1.33" series had a formal release followed by two patches / updates. Signed-off-by: Dan Callahan <danc@element.io>
| * Make link in docs use HTTPS (#10130)Rohan Sharma2021-06-071-1/+1
| | | | | | | | | | Fixes #10121 Signed-off-by: Rohan Sharma <rhnsharma5113@gmail.com>
| * Compile and render Synapse's docs into a browsable, mobile-friendly and ↵Andrew Morgan2021-06-0330-54/+903
| | | | | | | | searchable website (#10086)
| * Convert admin api docs to markdown (#10089)Andrew Morgan2021-06-038-1132/+1159
| | | | | | So that they render nicely in mdbook (see #10086), and so that we no longer have a mix of structured text languages in our documentation (excluding files outside of `docs/`).
| * Add new admin APIs to remove media by media ID from quarantine. (#10044)Dirk Klimpel2021-06-021-0/+22
| | | | | | | | | | Related to: #6681, #5956, #10040 Signed-off-by: Dirk Klimpel dirk@klimpel.org
| * Move some more endpoints off master (#10084)Erik Johnston2021-05-271-0/+3
| |
| * Make reason and score optional for report_event (#10077)Callum Brown2021-05-271-2/+2
| | | | | | | | | | | | Implements MSC2414: https://github.com/matrix-org/matrix-doc/pull/2414 See #8551 Signed-off-by: Callum Brown <callum@calcuode.com>
| * Remove the experimental spaces enabled flag. (#10063)Patrick Cloke2021-05-261-15/+0
| | | | | | | | In lieu of just always enabling the unstable spaces endpoint and unstable room version.
| * Add an admin API for unprotecting local media from quarantine (#10040)Dirk Klimpel2021-05-261-0/+21
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
| * Update CAPTCHA documentation to mention turning off verify origin feature ↵Aaron Raimist2021-05-261-22/+28
| | | | | | | | | | | | | | | | (#10046) * Update CAPTCHA documentation to mention turning off verify origin Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Merge tag 'v1.35.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-08-318-150/+179
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.35.0 (2021-06-01) =========================== Note that [the tag](https://github.com/matrix-org/synapse/releases/tag/v1.35.0rc3) and [docker images](https://hub.docker.com/layers/matrixdotorg/synapse/v1.35.0rc3/images/sha256-34ccc87bd99a17e2cbc0902e678b5937d16bdc1991ead097eee6096481ecf2c4?context=explore) for `v1.35.0rc3` were incorrectly built. If you are experiencing issues with either, it is recommended to upgrade to the equivalent tag or docker image for the `v1.35.0` release. Deprecations and Removals ------------------------- - The core Synapse development team plan to drop support for the [unstable API of MSC2858](https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md#unstable-prefix), including the undocumented `experimental.msc2858_enabled` config option, in August 2021. Client authors should ensure that their clients are updated to use the stable API (which has been supported since Synapse 1.30) well before that time, to give their users time to upgrade. ([\#10101](https://github.com/matrix-org/synapse/issues/10101)) Bugfixes -------- - Fixed a bug causing replication requests to fail when receiving a lot of events via federation. Introduced in v1.33.0. ([\#10082](https://github.com/matrix-org/synapse/issues/10082)) - Fix HTTP response size limit to allow joining very large rooms over federation. Introduced in v1.33.0. ([\#10093](https://github.com/matrix-org/synapse/issues/10093)) Internal Changes ---------------- - Log method and path when dropping request due to size limit. ([\#10091](https://github.com/matrix-org/synapse/issues/10091)) Synapse 1.35.0rc2 (2021-05-27) ============================== Bugfixes -------- - Fix a bug introduced in v1.35.0rc1 when calling the spaces summary API via a GET request. ([\#10079](https://github.com/matrix-org/synapse/issues/10079)) Synapse 1.35.0rc1 (2021-05-25) ============================== Features -------- - Add experimental support to allow a user who could join a restricted room to view it in the spaces summary. ([\#9922](https://github.com/matrix-org/synapse/issues/9922), [\#10007](https://github.com/matrix-org/synapse/issues/10007), [\#10038](https://github.com/matrix-org/synapse/issues/10038)) - Reduce memory usage when joining very large rooms over federation. ([\#9958](https://github.com/matrix-org/synapse/issues/9958)) - Add a configuration option which allows enabling opentracing by user id. ([\#9978](https://github.com/matrix-org/synapse/issues/9978)) - Enable experimental support for [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946) (spaces summary API) and [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) (restricted join rules) by default. ([\#10011](https://github.com/matrix-org/synapse/issues/10011)) Bugfixes -------- - Fix a bug introduced in v1.26.0 which meant that `synapse_port_db` would not correctly initialise some postgres sequences, requiring manual updates afterwards. ([\#9991](https://github.com/matrix-org/synapse/issues/9991)) - Fix `synctl`'s `--no-daemonize` parameter to work correctly with worker processes. ([\#9995](https://github.com/matrix-org/synapse/issues/9995)) - Fix a validation bug introduced in v1.34.0 in the ordering of spaces in the space summary API. ([\#10002](https://github.com/matrix-org/synapse/issues/10002)) - Fixed deletion of new presence stream states from database. ([\#10014](https://github.com/matrix-org/synapse/issues/10014), [\#10033](https://github.com/matrix-org/synapse/issues/10033)) - Fixed a bug with very high resolution image uploads throwing internal server errors. ([\#10029](https://github.com/matrix-org/synapse/issues/10029)) Updates to the Docker image --------------------------- - Fix bug introduced in Synapse 1.33.0 which caused a `Permission denied: '/homeserver.log'` error when starting Synapse with the generated log configuration. Contributed by Sergio Miguéns Iglesias. ([\#10045](https://github.com/matrix-org/synapse/issues/10045)) Improved Documentation ---------------------- - Add hardened systemd files as proposed in [#9760](https://github.com/matrix-org/synapse/issues/9760) and added them to `contrib/`. Change the docs to reflect the presence of these files. ([\#9803](https://github.com/matrix-org/synapse/issues/9803)) - Clarify documentation around SSO mapping providers generating unique IDs and localparts. ([\#9980](https://github.com/matrix-org/synapse/issues/9980)) - Updates to the PostgreSQL documentation (`postgres.md`). ([\#9988](https://github.com/matrix-org/synapse/issues/9988), [\#9989](https://github.com/matrix-org/synapse/issues/9989)) - Fix broken link in user directory documentation. Contributed by @junquera. ([\#10016](https://github.com/matrix-org/synapse/issues/10016)) - Add missing room state entry to the table of contents of room admin API. ([\#10043](https://github.com/matrix-org/synapse/issues/10043)) Deprecations and Removals ------------------------- - Removed support for the deprecated `tls_fingerprints` configuration setting. Contributed by Jerin J Titus. ([\#9280](https://github.com/matrix-org/synapse/issues/9280)) Internal Changes ---------------- - Allow sending full presence to users via workers other than the one that called `ModuleApi.send_local_online_presence_to`. ([\#9823](https://github.com/matrix-org/synapse/issues/9823)) - Update comments in the space summary handler. ([\#9974](https://github.com/matrix-org/synapse/issues/9974)) - Minor enhancements to the `@cachedList` descriptor. ([\#9975](https://github.com/matrix-org/synapse/issues/9975)) - Split multipart email sending into a dedicated handler. ([\#9977](https://github.com/matrix-org/synapse/issues/9977)) - Run `black` on files in the `scripts` directory. ([\#9981](https://github.com/matrix-org/synapse/issues/9981)) - Add missing type hints to `synapse.util` module. ([\#9982](https://github.com/matrix-org/synapse/issues/9982)) - Simplify a few helper functions. ([\#9984](https://github.com/matrix-org/synapse/issues/9984), [\#9985](https://github.com/matrix-org/synapse/issues/9985), [\#9986](https://github.com/matrix-org/synapse/issues/9986)) - Remove unnecessary property from SQLBaseStore. ([\#9987](https://github.com/matrix-org/synapse/issues/9987)) - Remove `keylen` param on `LruCache`. ([\#9993](https://github.com/matrix-org/synapse/issues/9993)) - Update the Grafana dashboard in `contrib/`. ([\#10001](https://github.com/matrix-org/synapse/issues/10001)) - Add a batching queue implementation. ([\#10017](https://github.com/matrix-org/synapse/issues/10017)) - Reduce memory usage when verifying signatures on large numbers of events at once. ([\#10018](https://github.com/matrix-org/synapse/issues/10018)) - Properly invalidate caches for destination retry timings every (instead of expiring entries every 5 minutes). ([\#10036](https://github.com/matrix-org/synapse/issues/10036)) - Fix running complement tests with Synapse workers. ([\#10039](https://github.com/matrix-org/synapse/issues/10039)) - Fix typo in `get_state_ids_for_event` docstring where the return type was incorrect. ([\#10050](https://github.com/matrix-org/synapse/issues/10050))
| * Remove tls_fingerprints option (#9280)Jerin J Titus2021-05-241-27/+0
| | | | | | | | Signed-off-by: Jerin J Titus <72017981+jerinjtitus@users.noreply.github.com>
| * Enable experimental spaces by default. (#10011)Patrick Cloke2021-05-241-0/+15
| | | | | | | | The previous spaces_enabled flag now defaults to true and is exposed in the sample config.
| * Add missing entry to the table of contents of room admin API (#10043)Dirk Klimpel2021-05-241-0/+1
| |
| * Merge branch 'master' of github.com:matrix-org/synapse into developAndrew Morgan2021-05-201-1/+1
| |\
| | * Update user_directory.md (#10016)Javier Junquera Sánchez2021-05-201-1/+1
| | | | | | | | | Signed-off-by: Javier Junquera Sánchez <javier@junquera.io>
| * | Hardened systemd unit files (#9803)Savyasachee Jha2021-05-191-0/+30
| | | | | | | | | Signed-off-by: Savyasachee Jha savya.jha@hawkradius.com
| * | Use a database table to hold the users that should have full presence sent ↵Andrew Morgan2021-05-181-1/+5
| | | | | | | | | | | | to them, instead of something in-memory (#9823)
| * | Update postgres docs (#9989)Richard van der Hoff2021-05-141-102/+96
| | |
| * | Support enabling opentracing by user (#9978)Richard van der Hoff2021-05-142-11/+19
| | | | | | | | | | | | | | | Add a config option which allows enabling opentracing by user id, eg for debugging requests made by a test user.
| * | Update minimum supported version in postgres.md (#9988)Andrew Morgan2021-05-141-1/+1
| | |
| * | Update SSO mapping providers documentation about unique IDs. (#9980)Patrick Cloke2021-05-131-7/+11
| |/
* | Merge tag 'v1.34.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-08-312-1/+28
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.34.0 (2021-05-17) =========================== This release deprecates the `room_invite_state_types` configuration setting. See the [upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.34.0/UPGRADE.rst#upgrading-to-v1340) for instructions on updating your configuration file to use the new `room_prejoin_state` setting. This release also deprecates the `POST /_synapse/admin/v1/rooms/<room_id>/delete` admin API route. Server administrators are encouraged to update their scripts to use the new `DELETE /_synapse/admin/v1/rooms/<room_id>` route instead. No significant changes since v1.34.0rc1. Synapse 1.34.0rc1 (2021-05-12) ============================== Features -------- - Add experimental option to track memory usage of the caches. ([\#9881](https://github.com/matrix-org/synapse/issues/9881)) - Add support for `DELETE /_synapse/admin/v1/rooms/<room_id>`. ([\#9889](https://github.com/matrix-org/synapse/issues/9889)) - Add limits to how often Synapse will GC, ensuring that large servers do not end up GC thrashing if `gc_thresholds` has not been correctly set. ([\#9902](https://github.com/matrix-org/synapse/issues/9902)) - Improve performance of sending events for worker-based deployments using Redis. ([\#9905](https://github.com/matrix-org/synapse/issues/9905), [\#9950](https://github.com/matrix-org/synapse/issues/9950), [\#9951](https://github.com/matrix-org/synapse/issues/9951)) - Improve performance after joining a large room when presence is enabled. ([\#9910](https://github.com/matrix-org/synapse/issues/9910), [\#9916](https://github.com/matrix-org/synapse/issues/9916)) - Support stable identifiers for [MSC1772](https://github.com/matrix-org/matrix-doc/pull/1772) Spaces. `m.space.child` events will now be taken into account when populating the experimental spaces summary response. Please see [the upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.34.0/UPGRADE.rst#upgrading-to-v1340) if you have customised `room_invite_state_types` in your configuration. ([\#9915](https://github.com/matrix-org/synapse/issues/9915), [\#9966](https://github.com/matrix-org/synapse/issues/9966)) - Improve performance of backfilling in large rooms. ([\#9935](https://github.com/matrix-org/synapse/issues/9935)) - Add a config option to allow you to prevent device display names from being shared over federation. Contributed by @aaronraimist. ([\#9945](https://github.com/matrix-org/synapse/issues/9945)) - Update support for [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946): Spaces Summary. ([\#9947](https://github.com/matrix-org/synapse/issues/9947), [\#9954](https://github.com/matrix-org/synapse/issues/9954)) Bugfixes -------- - Fix a bug introduced in v1.32.0 where the associated connection was improperly logged for SQL logging statements. ([\#9895](https://github.com/matrix-org/synapse/issues/9895)) - Correct the type hint for the `user_may_create_room_alias` method of spam checkers. It is provided a `RoomAlias`, not a `str`. ([\#9896](https://github.com/matrix-org/synapse/issues/9896)) - Fix bug where user directory could get out of sync if room visibility and membership changed in quick succession. ([\#9910](https://github.com/matrix-org/synapse/issues/9910)) - Include the `origin_server_ts` property in the experimental [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946) support to allow clients to properly sort rooms. ([\#9928](https://github.com/matrix-org/synapse/issues/9928)) - Fix bugs introduced in v1.23.0 which made the PostgreSQL port script fail when run with a newly-created SQLite database. ([\#9930](https://github.com/matrix-org/synapse/issues/9930)) - Fix a bug introduced in Synapse 1.29.0 which caused `m.room_key_request` to-device messages sent from one user to another to be dropped. ([\#9961](https://github.com/matrix-org/synapse/issues/9961), [\#9965](https://github.com/matrix-org/synapse/issues/9965)) - Fix a bug introduced in v1.27.0 preventing users and appservices exempt from ratelimiting from creating rooms with many invitees. ([\#9968](https://github.com/matrix-org/synapse/issues/9968)) Updates to the Docker image --------------------------- - Add `startup_delay` to docker healthcheck to reduce waiting time for coming online and update the documentation with extra options. Contributed by @Maquis196. ([\#9913](https://github.com/matrix-org/synapse/issues/9913)) Improved Documentation ---------------------- - Add `port` argument to the Postgres database sample config section. ([\#9911](https://github.com/matrix-org/synapse/issues/9911)) Deprecations and Removals ------------------------- - Mark as deprecated `POST /_synapse/admin/v1/rooms/<room_id>/delete`. ([\#9889](https://github.com/matrix-org/synapse/issues/9889)) Internal Changes ---------------- - Reduce the length of Synapse's access tokens. ([\#5588](https://github.com/matrix-org/synapse/issues/5588)) - Export jemalloc stats to Prometheus if it is being used. ([\#9882](https://github.com/matrix-org/synapse/issues/9882)) - Add type hints to presence handler. ([\#9885](https://github.com/matrix-org/synapse/issues/9885)) - Reduce memory usage of the LRU caches. ([\#9886](https://github.com/matrix-org/synapse/issues/9886)) - Add type hints to the `synapse.handlers` module. ([\#9896](https://github.com/matrix-org/synapse/issues/9896)) - Time response time for external cache requests. ([\#9904](https://github.com/matrix-org/synapse/issues/9904)) - Minor fixes to the `make_full_schema.sh` script. ([\#9931](https://github.com/matrix-org/synapse/issues/9931)) - Move database schema files into a common directory. ([\#9932](https://github.com/matrix-org/synapse/issues/9932)) - Add debug logging for lost/delayed to-device messages. ([\#9959](https://github.com/matrix-org/synapse/issues/9959))
| * Send the `m.room.create` stripped event with invites (support MSC1772). (#9966)Patrick Cloke2021-05-111-0/+1
| | | | | | | | | | MSC1772 specifies the m.room.create event should be sent as part of the invite_state. This was done optionally behind an experimental flag, but is now done by default due to MSC1772 being approved.
| * Add config option to hide device names over federation (#9945)Aaron Raimist2021-05-111-0/+6
| | | | | | | | | | Now that cross signing exists there is much less of a need for other people to look at devices and verify them individually. This PR adds a config option to allow you to prevent device display names from being shared with other servers. Signed-off-by: Aaron Raimist <aaron@raim.ist>
| * Limit how often GC happens by time. (#9902)Erik Johnston2021-05-051-0/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse can be quite memory intensive, and unless care is taken to tune the GC thresholds it can end up thrashing, causing noticable performance problems for large servers. We fix this by limiting how often we GC a given generation, regardless of current counts/thresholds. This does not help with the reverse problem where the thresholds are set too high, but that should only happen in situations where they've been manually configured. Adds a `gc_min_seconds_between` config option to override the defaults. Fixes #9890.
| * Add port parameter to the sample config for psycopg2 args (#9911)Andrew Morgan2021-05-041-0/+1
| | | | | | Adds the `port` option with the default value to the sample config file.
| * Delete room endpoint (#9889)ThibF2021-04-291-1/+10
| | | | | | | | | | | | Support the delete of a room through DELETE request and mark previous request as deprecated through documentation. Signed-off-by: Thibault Ferrante <thibault.ferrante@pm.me>
* | Merge tag 'v1.33.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-08-312-3/+88
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.33.0 (2021-05-05) =========================== Features -------- - Build Debian packages for Ubuntu 21.04 (Hirsute Hippo). ([\#9909](https://github.com/matrix-org/synapse/issues/9909)) Synapse 1.33.0rc2 (2021-04-29) ============================== Bugfixes -------- - Fix tight loop when handling presence replication when using workers. Introduced in v1.33.0rc1. ([\#9900](https://github.com/matrix-org/synapse/issues/9900)) Synapse 1.33.0rc1 (2021-04-28) ============================== Features -------- - Update experimental support for [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083): restricting room access via group membership. ([\#9800](https://github.com/matrix-org/synapse/issues/9800), [\#9814](https://github.com/matrix-org/synapse/issues/9814)) - Add experimental support for handling presence on a worker. ([\#9819](https://github.com/matrix-org/synapse/issues/9819), [\#9820](https://github.com/matrix-org/synapse/issues/9820), [\#9828](https://github.com/matrix-org/synapse/issues/9828), [\#9850](https://github.com/matrix-org/synapse/issues/9850)) - Return a new template when an user attempts to renew their account multiple times with the same token, stating that their account is set to expire. This replaces the invalid token template that would previously be shown in this case. This change concerns the optional account validity feature. ([\#9832](https://github.com/matrix-org/synapse/issues/9832)) Bugfixes -------- - Fixes the OIDC SSO flow when using a `public_baseurl` value including a non-root URL path. ([\#9726](https://github.com/matrix-org/synapse/issues/9726)) - Fix thumbnail generation for some sites with non-standard content types. Contributed by @rkfg. ([\#9788](https://github.com/matrix-org/synapse/issues/9788)) - Add some sanity checks to identity server passed to 3PID bind/unbind endpoints. ([\#9802](https://github.com/matrix-org/synapse/issues/9802)) - Limit the size of HTTP responses read over federation. ([\#9833](https://github.com/matrix-org/synapse/issues/9833)) - Fix a bug which could cause Synapse to get stuck in a loop of resyncing device lists. ([\#9867](https://github.com/matrix-org/synapse/issues/9867)) - Fix a long-standing bug where errors from federation did not propagate to the client. ([\#9868](https://github.com/matrix-org/synapse/issues/9868)) Improved Documentation ---------------------- - Add a note to the docker docs mentioning that we mirror upstream's supported Docker platforms. ([\#9801](https://github.com/matrix-org/synapse/issues/9801)) Internal Changes ---------------- - Add a dockerfile for running Synapse in worker-mode under Complement. ([\#9162](https://github.com/matrix-org/synapse/issues/9162)) - Apply `pyupgrade` across the codebase. ([\#9786](https://github.com/matrix-org/synapse/issues/9786)) - Move some replication processing out of `generic_worker`. ([\#9796](https://github.com/matrix-org/synapse/issues/9796)) - Replace `HomeServer.get_config()` with inline references. ([\#9815](https://github.com/matrix-org/synapse/issues/9815)) - Rename some handlers and config modules to not duplicate the top-level module. ([\#9816](https://github.com/matrix-org/synapse/issues/9816)) - Fix a long-standing bug which caused `max_upload_size` to not be correctly enforced. ([\#9817](https://github.com/matrix-org/synapse/issues/9817)) - Reduce CPU usage of the user directory by reusing existing calculated room membership. ([\#9821](https://github.com/matrix-org/synapse/issues/9821)) - Small speed up for joining large remote rooms. ([\#9825](https://github.com/matrix-org/synapse/issues/9825)) - Introduce flake8-bugbear to the test suite and fix some of its lint violations. ([\#9838](https://github.com/matrix-org/synapse/issues/9838)) - Only store the raw data in the in-memory caches, rather than objects that include references to e.g. the data stores. ([\#9845](https://github.com/matrix-org/synapse/issues/9845)) - Limit length of accepted email addresses. ([\#9855](https://github.com/matrix-org/synapse/issues/9855)) - Remove redundant `synapse.types.Collection` type definition. ([\#9856](https://github.com/matrix-org/synapse/issues/9856)) - Handle recently added rate limits correctly when using `--no-rate-limit` with the demo scripts. ([\#9858](https://github.com/matrix-org/synapse/issues/9858)) - Disable invite rate-limiting by default when running the unit tests. ([\#9871](https://github.com/matrix-org/synapse/issues/9871)) - Pass a reactor into `SynapseSite` to make testing easier. ([\#9874](https://github.com/matrix-org/synapse/issues/9874)) - Make `DomainSpecificString` an `attrs` class. ([\#9875](https://github.com/matrix-org/synapse/issues/9875)) - Add type hints to `synapse.api.auth` and `synapse.api.auth_blocking` modules. ([\#9876](https://github.com/matrix-org/synapse/issues/9876)) - Remove redundant `_PushHTTPChannel` test class. ([\#9878](https://github.com/matrix-org/synapse/issues/9878)) - Remove backwards-compatibility code for Python versions < 3.6. ([\#9879](https://github.com/matrix-org/synapse/issues/9879)) - Small performance improvement around handling new local presence updates. ([\#9887](https://github.com/matrix-org/synapse/issues/9887))
| * Rename handler and config modules which end in handler/config. (#9816)Patrick Cloke2021-04-202-3/+3
| |
| * Port "Allow users to click account renewal links multiple times without ↵Andrew Morgan2021-04-191-63/+85
| | | | | | | | | | hitting an 'Invalid Token' page #74" from synapse-dinsic (#9832) This attempts to be a direct port of https://github.com/matrix-org/synapse-dinsic/pull/74 to mainline. There was some fiddling required to deal with the changes that have been made to mainline since (mainly dealing with the split of `RegistrationWorkerStore` from `RegistrationStore`, and the changes made to `self.make_request` in test code).
* | Merge tag 'v1.32.0' into babolivier/dinsic_1.41.0Brendan Abolivier2021-08-314-35/+463
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.32.0 (2021-04-20) =========================== **Note:** This release requires Python 3.6+ and Postgres 9.6+ or SQLite 3.22+. This release removes the deprecated `GET /_synapse/admin/v1/users/<user_id>` admin API. Please use the [v2 API](https://github.com/matrix-org/synapse/blob/develop/docs/admin_api/user_admin_api.rst#query-user-account) instead, which has improved capabilities. This release requires Application Services to use type `m.login.application_service` when registering users via the `/_matrix/client/r0/register` endpoint to comply with the spec. Please ensure your Application Services are up to date. Bugfixes -------- - Fix the log lines of nested logging contexts. Broke in 1.32.0rc1. ([\#9829](https://github.com/matrix-org/synapse/issues/9829)) Synapse 1.32.0rc1 (2021-04-13) ============================== Features -------- - Add a Synapse module for routing presence updates between users. ([\#9491](https://github.com/matrix-org/synapse/issues/9491)) - Add an admin API to manage ratelimit for a specific user. ([\#9648](https://github.com/matrix-org/synapse/issues/9648)) - Include request information in structured logging output. ([\#9654](https://github.com/matrix-org/synapse/issues/9654)) - Add `order_by` to the admin API `GET /_synapse/admin/v2/users`. Contributed by @dklimpel. ([\#9691](https://github.com/matrix-org/synapse/issues/9691)) - Replace the `room_invite_state_types` configuration setting with `room_prejoin_state`. ([\#9700](https://github.com/matrix-org/synapse/issues/9700)) - Add experimental support for [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083): restricting room access via group membership. ([\#9717](https://github.com/matrix-org/synapse/issues/9717), [\#9735](https://github.com/matrix-org/synapse/issues/9735)) - Update experimental support for Spaces: include `m.room.create` in the room state sent with room-invites. ([\#9710](https://github.com/matrix-org/synapse/issues/9710)) - Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. ([\#9766](https://github.com/matrix-org/synapse/issues/9766)) Bugfixes -------- - Prevent `synapse_forward_extremities` and `synapse_excess_extremity_events` Prometheus metrics from initially reporting zero-values after startup. ([\#8926](https://github.com/matrix-org/synapse/issues/8926)) - Fix recently added ratelimits to correctly honour the application service `rate_limited` flag. ([\#9711](https://github.com/matrix-org/synapse/issues/9711)) - Fix longstanding bug which caused `duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key"` errors. ([\#9725](https://github.com/matrix-org/synapse/issues/9725)) - Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. ([\#9770](https://github.com/matrix-org/synapse/issues/9770)) - Fix duplicate logging of exceptions thrown during federation transaction processing. ([\#9780](https://github.com/matrix-org/synapse/issues/9780)) Updates to the Docker image --------------------------- - Move opencontainers labels to the final Docker image such that users can inspect them. ([\#9765](https://github.com/matrix-org/synapse/issues/9765)) Improved Documentation ---------------------- - Make the `allowed_local_3pids` regex example in the sample config stricter. ([\#9719](https://github.com/matrix-org/synapse/issues/9719)) Deprecations and Removals ------------------------- - Remove old admin API `GET /_synapse/admin/v1/users/<user_id>`. ([\#9401](https://github.com/matrix-org/synapse/issues/9401)) - Make `/_matrix/client/r0/register` expect a type of `m.login.application_service` when an Application Service registers a user, to align with [the relevant spec](https://spec.matrix.org/unstable/application-service-api/#server-admin-style-permissions). ([\#9548](https://github.com/matrix-org/synapse/issues/9548)) Internal Changes ---------------- - Replace deprecated `imp` module with successor `importlib`. Contributed by Cristina Muñoz. ([\#9718](https://github.com/matrix-org/synapse/issues/9718)) - Experiment with GitHub Actions for CI. ([\#9661](https://github.com/matrix-org/synapse/issues/9661)) - Introduce flake8-bugbear to the test suite and fix some of its lint violations. ([\#9682](https://github.com/matrix-org/synapse/issues/9682)) - Update `scripts-dev/complement.sh` to use a local checkout of Complement, allow running a subset of tests and have it use Synapse's Complement test blacklist. ([\#9685](https://github.com/matrix-org/synapse/issues/9685)) - Improve Jaeger tracing for `to_device` messages. ([\#9686](https://github.com/matrix-org/synapse/issues/9686)) - Add release helper script for automating part of the Synapse release process. ([\#9713](https://github.com/matrix-org/synapse/issues/9713)) - Add type hints to expiring cache. ([\#9730](https://github.com/matrix-org/synapse/issues/9730)) - Convert various testcases to `HomeserverTestCase`. ([\#9736](https://github.com/matrix-org/synapse/issues/9736)) - Start linting mypy with `no_implicit_optional`. ([\#9742](https://github.com/matrix-org/synapse/issues/9742)) - Add missing type hints to federation handler and server. ([\#9743](https://github.com/matrix-org/synapse/issues/9743)) - Check that a `ConfigError` is raised, rather than simply `Exception`, when appropriate in homeserver config file generation tests. ([\#9753](https://github.com/matrix-org/synapse/issues/9753)) - Fix incompatibility with `tox` 2.5. ([\#9769](https://github.com/matrix-org/synapse/issues/9769)) - Enable Complement tests for [MSC2946](https://github.com/matrix-org/matrix-doc/pull/2946): Spaces Summary API. ([\#9771](https://github.com/matrix-org/synapse/issues/9771)) - Use mock from the standard library instead of a separate package. ([\#9772](https://github.com/matrix-org/synapse/issues/9772)) - Update Black configuration to target Python 3.6. ([\#9781](https://github.com/matrix-org/synapse/issues/9781)) - Add option to skip unit tests when building Debian packages. ([\#9793](https://github.com/matrix-org/synapse/issues/9793))
| * Add an admin API to manage ratelimit for a specific user (#9648)Dirk Klimpel2021-04-131-1/+116
| |
| * Add a Synapse Module for configuring presence update routing (#9491)Andrew Morgan2021-04-062-2/+256
| | | | | | | | | | | | | | | | | | | | | | | | At the moment, if you'd like to share presence between local or remote users, those users must be sharing a room together. This isn't always the most convenient or useful situation though. This PR adds a module to Synapse that will allow deployments to set up extra logic on where presence updates should be routed. The module must implement two methods, `get_users_for_states` and `get_interested_users`. These methods are given presence updates or user IDs and must return information that Synapse will use to grant passing presence updates around. A method is additionally added to `ModuleApi` which allows triggering a set of users to receive the current, online presence information for all users they are considered interested in. This is the equivalent of that user receiving presence information during an initial sync. The goal of this module is to be fairly generic and useful for a variety of applications, with hard requirements being: * Sending state for a specific set or all known users to a defined set of local and remote users. * The ability to trigger an initial sync for specific users, so they receive all current state.
| * Merge branch 'master' into developErik Johnston2021-04-061-0/+33
| |\
| * | Add `order_by` to list user admin API (#9691)Dirk Klimpel2021-04-011-22/+63
| | |
| * | Make sample config allowed_local_3pids regex stricter. (#9719)Denis Kasak2021-03-311-2/+2
| | | | | | | | | | | | | | | | | | | | | The regex should be terminated so that subdomain matches of another domain are not accepted. Just ensuring that someone doesn't shoot themselves in the foot by copying our example. Signed-off-by: Denis Kasak <dkasak@termina.org.uk>
| * | Replace `room_invite_state_types` with `room_prejoin_state` (#9700)Richard van der Hoff2021-03-302-8/+28
| | | | | | | | | | | | | | | | | | | | | `room_invite_state_types` was inconvenient as a configuration setting, because anyone that ever set it would not receive any new types that were added to the defaults. Here, we deprecate the old setting, and replace it with a couple of new settings under `room_prejoin_state`.
* | | Merge commit '1d8863c67' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-0/+33
|\ \ \ | | |/ | |/|
| * | Add deprecation policy doc (#9723)Erik Johnston2021-04-061-0/+33
| |/ | | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* | Merge commit '78e48f61b' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-232-33/+8
|\|
| * Update the OIDC sample config (#9695)Richard van der Hoff2021-03-291-31/+3
| | | | | | | | | | | | | | I've reiterated the advice about using `oidc` to migrate, since I've seen a few people caught by this. I've also removed a couple of the examples as they are duplicating the OIDC documentation, and I think they might be leading people astray.
| * Preserve host in example apache config (#9696)Paul Tötterman2021-03-261-2/+5
| | | | | | | | | | Fixes redirect loop Signed-off-by: Paul Tötterman <paul.totterman@iki.fi>
* | Merge commit 'c73cc2c2a' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-232-4/+3
|\|
| * docs: fallback/web endpoint does not appear to be mounted on workers (#9679)Ben Banfield-Zanin2021-03-241-2/+1
| |
| * Increase default join burst ratelimiting (#9674)Erik Johnston2021-03-231-2/+2
| | | | | | It's legitimate behaviour to try and join a bunch of rooms at once.
* | Merge commit 'ad721fc55' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-0/+24
|\|
| * Add SSO attribute requirements for OIDC providers (#9609)Hubbe2021-03-161-0/+24
| | | | | | | | Allows limiting who can login using OIDC via the claims made from the IdP.
* | Merge commit 'd315e9644' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-233-18/+25
|\|
| * Pass SSO IdP information to spam checker's registration function (#9626)Andrew Morgan2021-03-161-1/+7
| | | | | | | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/9572 When a SSO user logs in for the first time, we create a local Matrix user for them. This goes through the register_user flow, which ends up triggering the spam checker. Spam checker modules don't currently have any way to differentiate between a user trying to sign up initially, versus an SSO user (whom has presumably already been approved elsewhere) trying to log in for the first time. This PR passes `auth_provider_id` as an argument to the `check_registration_for_spam` function. This argument will contain an ID of an SSO provider (`"saml"`, `"cas"`, etc.) if one was used, else `None`.
| * Add support for stable MSC2858 API (#9617)Richard van der Hoff2021-03-162-5/+5
| | | | | | | | | | The stable format uses different brand identifiers, so we need to support two identifiers for each IdP.
| * Clean up config settings for stats (#9604)Richard van der Hoff2021-03-161-12/+13
| | | | | | ... and complain if people try to turn it off.
* | Merge commit 'a7a379006' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-0/+10
|\|
| * Fix spam checker modules documentation example (#9580)Jason Robinson2021-03-101-0/+10
| | | | | | | | Mention that parse_config must exist and note the check_media_file_for_spam method.
* | Merge commit '918f6ed82' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-233-6/+73
|\|
| * Link to the List user's media admin API from media Admin API docs (#9571)Andrew Morgan2021-03-091-2/+14
| | | | | | | | | | Earlier [I was convinced](https://github.com/matrix-org/synapse/issues/9565) that we didn't have an Admin API for listing media uploaded by a user. Foolishly I was looking under the Media Admin API documentation, instead of the User Admin API documentation. I thought it'd be helpful to link to the latter so others don't hit the same dead end :)
| * JWT OIDC secrets for Sign in with Apple (#9549)Richard van der Hoff2021-03-092-4/+59
| | | | | | | | | | Apple had to be special. They want a client secret which is generated from an EC key. Fixes #9220. Also fixes #9212 while I'm here.
* | Merge commit '7fdc6cefb' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-2/+1
|\|
| * Fixup sample configErik Johnston2021-03-091-2/+1
| | | | | | | | After 0764d0c6e575793ca506cf021aff3c4b9e0a5972
* | Merge commit '22db45bd4' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-2/+49
|\|
| * Update reverse proxy to add OpenBSD relayd example configuration. (#9508)Leo Bärring2021-03-061-2/+49
| | | | | | | | | | Update reverse proxy to add OpenBSD relayd example configuration. Signed-off-by: Leo Bärring <leo.barring@protonmail.com>
* | Merge commit 'a5daae2a5' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-0/+2
|\|
| * Update nginx reverse-proxy docs (#9512)Richard van der Hoff2021-03-031-0/+2
| | | | | | Turns out nginx overwrites the Host header by default.
* | Merge commit 'e12077a78' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-232-14/+24
|\|
| * Add support for X-Forwarded-Proto (#9472)Richard van der Hoff2021-02-241-13/+23
| | | | | | | | | | rewrite XForwardedForRequest to set `isSecure()` based on `X-Forwarded-Proto`. Also implement `getClientAddress()` while we're here.
| * Fix typo in spam checker documentationAndrew Morgan2021-02-241-1/+1
| |
* | Merge commit '292792194' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-4/+0
|\|
| * Fix deleting pushers when using sharded pushers. (#9465)Erik Johnston2021-02-221-4/+0
| |
* | Merge commit '1b2d6d55c' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-233-4/+36
|\|
| * Add an `order_by` field to list users' media admin API. (#8978)Dirk Klimpel2021-02-221-4/+34
| |
| * example systemd config: propagate reloads to units (#9463)Richard van der Hoff2021-02-222-0/+2
| | | | | | | | | | It should be possible to reload `synapse.target` to have the reload propagate to all the synapse units.
* | Merge commit 'e22b71810' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-23/+35
|\|
| * Clean up the user directory sample config section (#9385)Andrew Morgan2021-02-221-18/+29
| | | | | | | | | | The user directory sample config section was a little messy, and didn't adhere to our [recommended config format guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format). This PR cleans that up a bit.
* | Merge commit 'd9f1dccba' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-0/+14
|\|
| * Add a config option to prioritise local users in user directory search ↵Andrew Morgan2021-02-191-0/+5
| | | | | | | | | | | | | | | | | | results (#9383) This PR adds a homeserver config option, `user_directory.prefer_local_users`, that when enabled will show local users higher in user directory search results than remote users. This option is off by default. Note that turning this on doesn't necessarily mean that remote users will always be put below local users, but they should be assuming all other ranking factors (search query match, profile information present etc) are identical. This is useful for, say, University networks that are openly federating, but want to prioritise local students and staff in the user directory over other random users.
| * Add configs to make profile data more private (#9203)AndrewFerr2021-02-191-0/+14
| | | | | | | | | | | | | | Add off-by-default configuration settings to: - disable putting an invitee's profile info in invite events - disable profile lookup via federation Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>
* | Merge commit '1381cd05b' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-231-3/+3
|\|
| * Parse ui_auth.session_timeout as a duration (instead of treating it as ms) ↵Rishabh Arya2021-02-181-3/+3
| | | | | | | | (#9426)
* | Merge commit '8ec221710' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-233-8/+12
|\|
| * Add http2 to the nginx example config (#9390)David Vo2021-02-181-4/+4
| |
| * Revert "Update workers.md"Richard van der Hoff2021-02-181-1/+1
| | | | | | | | This reverts commit a8878960c0139f80bbb6f84bd0f0cb7352429c5b.
| * Add the shadow-banning status to the display user admin API. (#9400)Dirk Klimpel2021-02-171-3/+6
| |
| * Update workers.mdRichard van der Hoff2021-02-171-1/+2
| |
| * Update workers.mdRichard van der Hoff2021-02-171-1/+1
| | | | | | tiny typo in sso paths
* | Merge commit 'd2f0ec12d' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-234-15/+15
|\|
| * Update black, and run auto formatting over the codebase (#9381)Eric Eastwood2021-02-161-12/+4
| | | | | | | | | | | | | | - Update black version to the latest - Run black auto formatting over the codebase - Run autoformatting according to [`docs/code_style.md `](https://github.com/matrix-org/synapse/blob/80d6dc9783aa80886a133756028984dbf8920168/docs/code_style.md) - Update `code_style.md` docs around installing black to use the correct version
| * Fix OIDC gitiea redirect URL. (#9404)Marcus2021-02-161-1/+1
| | | | | | | | Fixes a "conflict" from 846b9d3df033be1043710e49e89bcba68722071e and d1f13c7485768b45bfc1a2a674830c681c52e2a1.
| * Document that pusher instances are shardable (#9407)Erik Johnston2021-02-161-1/+9
| |
| * Fix sample configAndrew Morgan2021-02-121-1/+1
| | | | | | | | Just a small change missed in 7950aa8a27c3f45184c96fda210c62d068dd2591.
| * Merge tag 'v1.27.0rc2' into developPatrick Cloke2021-02-111-11/+9
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.27.0rc2 (2021-02-11) ============================== Features -------- - Further improvements to the user experience of registration via single sign-on. ([\#9297](https://github.com/matrix-org/synapse/issues/9297)) Bugfixes -------- - Fix ratelimiting introduced in v1.27.0rc1 for invites to respect the `ratelimit` flag on application services. ([\#9302](https://github.com/matrix-org/synapse/issues/9302)) - Do not automatically calculate `public_baseurl` since it can be wrong in some situations. Reverts behaviour introduced in v1.26.0. ([\#9313](https://github.com/matrix-org/synapse/issues/9313)) Improved Documentation ---------------------- - Clarify the sample configuration for changes made to the template loading code. ([\#9310](https://github.com/matrix-org/synapse/issues/9310))
* | \ Merge commit 'e40d88cff' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-8/+7
|\ \ \ | | |/ | |/|
| * | Backout changes for automatically calculating the public baseurl. (#9313)Patrick Cloke2021-02-111-11/+9
| | | | | | | | | | | | This breaks some people's configurations (if their Client-Server API is not accessed via port 443).
* | | Merge commit 'fb0e14ee9' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+22
|\ \ \ | | |/ | |/|
| * | Add XWiki OIDC provider example. (#9324)Thomas Mortagne2021-02-091-0/+22
| | |
* | | Merge commit '3f58fc848' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+119
|\| |
| * | Merge pull request #9150 from Yoric/develop-contextDavid Teller2021-02-081-0/+119
| |\ \ | | | | | | | | New API /_synapse/admin/rooms/{roomId}/context/{eventId}
| | * | FIXUP: Documenting /_synapse/admin/v1/rooms/<room_id>/context/<event_id>David Teller2021-01-281-0/+119
| | | |
* | | | Merge commit '5a9cdaa6e' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-1/+1
|\| | |
| * | | Merge branch 'erikj/media_spam_checker' into developErik Johnston2021-02-041-0/+3
| |\ \ \
| * | | | Correct `matrix-synapse.service` reference in TURN howto docs. (#9308)dykstranet2021-02-041-1/+1
| | | | |
* | | | | Merge commit '7e8083eb4' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+3
|\ \ \ \ \ | | |/ / / | |/| | |
| * | | | Add check_media_file_for_spam spam checker hookErik Johnston2021-02-041-0/+3
| | |_|/ | |/| |
* | | | Merge commit '2ab6e67ab' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-15/+19
|\ \ \ \ | | |/ / | |/| |
| * | | Fix escaping of braces in OIDC sample config. (#9317)Patrick Cloke2021-02-041-5/+5
| | | | | | | | | | | | This fixes the Jinja2 templates for the mapping provider.
| * | | Merge branch 'social_login_hotfixes' into developRichard van der Hoff2021-02-031-10/+4
| |\| |
| | * | Clarify documentation about escaping URLs in templates. (#9310)Patrick Cloke2021-02-031-10/+4
| | | |
| * | | config: Add detail to auto_join_rooms comment (#9291)dykstranet2021-02-031-0/+2
| | | | | | | | | | | | | | | | | | | | config: Add detail to auto_join_rooms comment Signed-off-by: Gary Dykstra <gary@dykstranet.com>
| * | | Convert blacklisted IPv4 addresses to compatible IPv6 addresses. (#9240)Patrick Cloke2021-02-031-0/+8
| |/ / | | | | | | Also add a few more IP ranges to the default blacklist.
* | | Merge commit '261093072' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-224-13/+78
|\| |
| * | Add an admin API to get the current room state (#9168)Travis Ralston2021-02-021-0/+30
| | | | | | | | | | | | | | | This could arguably replace the existing admin API for `/members`, however that is out of scope of this change. This sort of endpoint is ideal for moderation use cases as well as other applications, such as needing to retrieve various bits of information about a room to perform a task (like syncing power levels between two places). This endpoint exposes nothing more than an admin would be able to access with a `select *` query on their database.
| * | Put SAML callback URI under /_synapse/client. (#9289)Richard van der Hoff2021-02-022-3/+3
| | |
| * | Put OIDC callback URI under /_synapse/client. (#9288)Richard van der Hoff2021-02-012-10/+11
| | |
| * | Add an OpenID example config for Gitea. (#9134)Oliver Hanikel2021-02-011-0/+34
| | |
| * | Merge branch 'social_login' into developRichard van der Hoff2021-02-012-0/+38
| |\ \
* | \ \ Merge commit '351845452' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-222-0/+38
|\ \ \ \ | | |/ / | |/| |
| * | | Collect terms consent from the user during SSO registration (#9276)Richard van der Hoff2021-02-012-0/+23
| | | |
| * | | Improve styling and wording of SSO UIA templates (#9286)Richard van der Hoff2021-02-011-0/+15
| | | | | | | | | | | | fixes #9171
* | | | Merge commit '18ab35284' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-2/+54
|\ \ \ \ | | |/ / | |/| |
| * | | Merge branch 'social_login' into developRichard van der Hoff2021-02-012-10/+54
| |\| |
| | * | Replace username picker with a template (#9275)Richard van der Hoff2021-02-011-1/+31
| | | | | | | | | | | | | | | | | | | | There's some prelimiary work here to pull out the construction of a jinja environment to a separate function. I wanted to load the template at display time rather than load time, so that it's easy to update on the fly. Honestly, I think we should do this with all our templates: the risk of ending up with malformed templates is far outweighed by the improved turnaround time for an admin trying to update them.
| | * | Improve styling and wording of SSO redirect confirm template (#9272)Richard van der Hoff2021-02-011-1/+13
| | | |
| * | | Ratelimit invites by room and target user (#9258)Erik Johnston2021-01-291-0/+10
| | | |
* | | | Merge commit '9c715a5f1' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-8/+10
|\ \ \ \ | | |/ / | |/| |
| * | | Fix SSO on workers (#9271)Richard van der Hoff2021-02-011-8/+10
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Fixes #8966. * Factor out build_synapse_client_resource_tree Start a function which will mount resources common to all workers. * Move sso init into build_synapse_client_resource_tree ... so that we don't have to do it for each worker * Fix SSO-login-via-a-worker Expose the SSO login endpoints on workers, like the documentation says. * Update workers config for new endpoints Add documentation for endpoints recently added (#8942, #9017, #9262) * remove submit_token from workers endpoints list this *doesn't* work on workers (yet). * changelog * Add a comment about the odd path for SAML2Resource
* | | | Merge commit 'e19396d62' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-222-8/+29
|\ \ \ \ | | |/ / | |/| |
| * | | Merge branch 'social_login' into developRichard van der Hoff2021-01-282-7/+24
| |\| |
| | * | Add 'brand' field to MSC2858 response (#9242)Richard van der Hoff2021-01-272-4/+12
| | | | | | | | | | | | | | | | | | | | | | | | We've decided to add a 'brand' field to help clients decide how to style the buttons. Also, fix up the allowed characters for idp_id, while I'm in the area.
| | * | Support for scraping email addresses from OIDC providers (#9245)Richard van der Hoff2021-01-271-3/+12
| | | |
| * | | Ratelimit 3PID /requestToken API (#9238)Erik Johnston2021-01-281-1/+5
| | |/ | |/|
* | | Merge commit 'a78016dad' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-5/+48
|\| |
| * | Add notes on integrating with Facebook for SSO login. (#9244)Richard van der Hoff2021-01-271-5/+48
| | |
* | | Merge commit '2e537a028' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-1/+4
|\| |
| * | Add a note to changelog about redis usage (#9227)Erik Johnston2021-01-271-1/+4
| | |
* | | Merge commit '1baab2035' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-4/+0
|\| |
| * | Do not require the CAS service URL setting (use public_baseurl instead). (#9199)Patrick Cloke2021-01-261-4/+0
| | | | | | | | | | | | The current configuration is handled for backwards compatibility, but is considered deprecated.
* | | Merge commit 'cee4010f9' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+30
|\| |
| * | Merge branch 'develop' into jaywink/admin-forward-extremitiesJason Robinson2021-01-261-0/+30
| |\ \ | | | | | | | | | | | | | | | | # Conflicts: # synapse/rest/admin/__init__.py
| | * | Add an admin API for shadow-banning users. (#9209)Patrick Cloke2021-01-251-0/+30
| | |/ | | | | | | | | | | | | | | | | | | | | | | | | | | | This expands the current shadow-banning feature to be usable via the admin API and adds documentation for it. A shadow-banned users receives successful responses to their client-server API requests, but the events are not propagated into rooms. Shadow-banning a user should be used as a tool of last resort and may lead to confusing or broken behaviour for the client.
* | | Merge commit 'fdf834694' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+53
|\| |
| * | Merge branch 'develop' into jaywink/admin-forward-extremitiesJason Robinson2021-01-2310-246/+480
| |\|
| * | Add depth and received_ts to forward_extremities admin API responseJason Robinson2021-01-231-1/+7
| | | | | | | | | | | | | | | | | | Also add a warning on the admin API documentation. Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | Address pr feedbackJason Robinson2021-01-111-9/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * docs updates * prettify SQL * add missing copyright * cursor_to_dict * update touched files copyright years Signed-off-by: Jason Robinson <jasonr@matrix.org>
| * | Clarify rooms.mdJason Robinson2021-01-111-1/+1
| | | | | | | | | Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
| * | Add changelog and admin API docsJason Robinson2021-01-091-0/+53
| | | | | | | | | | | | Signed-off-by: Jason Robinson <jasonr@matrix.org>
* | | Merge commit '42a8e8137' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-222-4/+15
|\ \ \ | | |/ | |/|
| * | Merge remote-tracking branch 'origin/release-v1.26.0' into developRichard van der Hoff2021-01-211-4/+9
| |\ \
| | * | Prefix idp_id with "oidc-" (#9189)Richard van der Hoff2021-01-211-4/+9
| | | | | | | | | | | | ... to avoid clashes with other SSO mechanisms
| * | | Merge tag 'v1.26.0rc1' into developPatrick Cloke2021-01-201-0/+4
| |\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.26.0rc1 (2021-01-20) ============================== This release brings a new schema version for Synapse and rolling back to a previous verious is not trivial. Please review [UPGRADE.rst](UPGRADE.rst) for more details on these changes and for general upgrade guidance. Features -------- - Add support for multiple SSO Identity Providers. ([\#9015](https://github.com/matrix-org/synapse/issues/9015), [\#9017](https://github.com/matrix-org/synapse/issues/9017), [\#9036](https://github.com/matrix-org/synapse/issues/9036), [\#9067](https://github.com/matrix-org/synapse/issues/9067), [\#9081](https://github.com/matrix-org/synapse/issues/9081), [\#9082](https://github.com/matrix-org/synapse/issues/9082), [\#9105](https://github.com/matrix-org/synapse/issues/9105), [\#9107](https://github.com/matrix-org/synapse/issues/9107), [\#9109](https://github.com/matrix-org/synapse/issues/9109), [\#9110](https://github.com/matrix-org/synapse/issues/9110), [\#9127](https://github.com/matrix-org/synapse/issues/9127), [\#9153](https://github.com/matrix-org/synapse/issues/9153), [\#9154](https://github.com/matrix-org/synapse/issues/9154), [\#9177](https://github.com/matrix-org/synapse/issues/9177)) - During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. ([\#9091](https://github.com/matrix-org/synapse/issues/9091)) - Give the `public_baseurl` a default value, if it is not explicitly set in the configuration file. ([\#9159](https://github.com/matrix-org/synapse/issues/9159)) - Improve performance when calculating ignored users in large rooms. ([\#9024](https://github.com/matrix-org/synapse/issues/9024)) - Implement [MSC2176](https://github.com/matrix-org/matrix-doc/pull/2176) in an experimental room version. ([\#8984](https://github.com/matrix-org/synapse/issues/8984)) - Add an admin API for protecting local media from quarantine. ([\#9086](https://github.com/matrix-org/synapse/issues/9086)) - Remove a user's avatar URL and display name when deactivated with the Admin API. ([\#8932](https://github.com/matrix-org/synapse/issues/8932)) - Update `/_synapse/admin/v1/users/<user_id>/joined_rooms` to work for both local and remote users. ([\#8948](https://github.com/matrix-org/synapse/issues/8948)) - Add experimental support for handling to-device messages on worker processes. ([\#9042](https://github.com/matrix-org/synapse/issues/9042), [\#9043](https://github.com/matrix-org/synapse/issues/9043), [\#9044](https://github.com/matrix-org/synapse/issues/9044), [\#9130](https://github.com/matrix-org/synapse/issues/9130)) - Add experimental support for handling `/keys/claim` and `/room_keys` APIs on worker processes. ([\#9068](https://github.com/matrix-org/synapse/issues/9068)) - Add experimental support for handling `/devices` API on worker processes. ([\#9092](https://github.com/matrix-org/synapse/issues/9092)) - Add experimental support for moving off receipts and account data persistence off master. ([\#9104](https://github.com/matrix-org/synapse/issues/9104), [\#9166](https://github.com/matrix-org/synapse/issues/9166)) Bugfixes -------- - Fix a long-standing issue where an internal server error would occur when requesting a profile over federation that did not include a display name / avatar URL. ([\#9023](https://github.com/matrix-org/synapse/issues/9023)) - Fix a long-standing bug where some caches could grow larger than configured. ([\#9028](https://github.com/matrix-org/synapse/issues/9028)) - Fix error handling during insertion of client IPs into the database. ([\#9051](https://github.com/matrix-org/synapse/issues/9051)) - Fix bug where we didn't correctly record CPU time spent in `on_new_event` block. ([\#9053](https://github.com/matrix-org/synapse/issues/9053)) - Fix a minor bug which could cause confusing error messages from invalid configurations. ([\#9054](https://github.com/matrix-org/synapse/issues/9054)) - Fix incorrect exit code when there is an error at startup. ([\#9059](https://github.com/matrix-org/synapse/issues/9059)) - Fix `JSONDecodeError` spamming the logs when sending transactions to remote servers. ([\#9070](https://github.com/matrix-org/synapse/issues/9070)) - Fix "Failed to send request" errors when a client provides an invalid room alias. ([\#9071](https://github.com/matrix-org/synapse/issues/9071)) - Fix bugs in federation catchup logic that caused outbound federation to be delayed for large servers after start up. Introduced in v1.8.0 and v1.21.0. ([\#9114](https://github.com/matrix-org/synapse/issues/9114), [\#9116](https://github.com/matrix-org/synapse/issues/9116)) - Fix corruption of `pushers` data when a postgres bouncer is used. ([\#9117](https://github.com/matrix-org/synapse/issues/9117)) - Fix minor bugs in handling the `clientRedirectUrl` parameter for SSO login. ([\#9128](https://github.com/matrix-org/synapse/issues/9128)) - Fix "Unhandled error in Deferred: BodyExceededMaxSize" errors when .well-known files that are too large. ([\#9108](https://github.com/matrix-org/synapse/issues/9108)) - Fix "UnboundLocalError: local variable 'length' referenced before assignment" errors when the response body exceeds the expected size. This bug was introduced in v1.25.0. ([\#9145](https://github.com/matrix-org/synapse/issues/9145)) - Fix a long-standing bug "ValueError: invalid literal for int() with base 10" when `/publicRooms` is requested with an invalid `server` parameter. ([\#9161](https://github.com/matrix-org/synapse/issues/9161)) Improved Documentation ---------------------- - Add some extra docs for getting Synapse running on macOS. ([\#8997](https://github.com/matrix-org/synapse/issues/8997)) - Correct a typo in the `systemd-with-workers` documentation. ([\#9035](https://github.com/matrix-org/synapse/issues/9035)) - Correct a typo in `INSTALL.md`. ([\#9040](https://github.com/matrix-org/synapse/issues/9040)) - Add missing `user_mapping_provider` configuration to the Keycloak OIDC example. Contributed by @chris-ruecker. ([\#9057](https://github.com/matrix-org/synapse/issues/9057)) - Quote `pip install` packages when extras are used to avoid shells interpreting bracket characters. ([\#9151](https://github.com/matrix-org/synapse/issues/9151)) Deprecations and Removals ------------------------- - Remove broken and unmaintained `demo/webserver.py` script. ([\#9039](https://github.com/matrix-org/synapse/issues/9039)) Internal Changes ---------------- - Improve efficiency of large state resolutions. ([\#8868](https://github.com/matrix-org/synapse/issues/8868), [\#9029](https://github.com/matrix-org/synapse/issues/9029), [\#9115](https://github.com/matrix-org/synapse/issues/9115), [\#9118](https://github.com/matrix-org/synapse/issues/9118), [\#9124](https://github.com/matrix-org/synapse/issues/9124)) - Various clean-ups to the structured logging and logging context code. ([\#8939](https://github.com/matrix-org/synapse/issues/8939)) - Ensure rejected events get added to some metadata tables. ([\#9016](https://github.com/matrix-org/synapse/issues/9016)) - Ignore date-rotated homeserver logs saved to disk. ([\#9018](https://github.com/matrix-org/synapse/issues/9018)) - Remove an unused column from `access_tokens` table. ([\#9025](https://github.com/matrix-org/synapse/issues/9025)) - Add a `-noextras` factor to `tox.ini`, to support running the tests with no optional dependencies. ([\#9030](https://github.com/matrix-org/synapse/issues/9030)) - Fix running unit tests when optional dependencies are not installed. ([\#9031](https://github.com/matrix-org/synapse/issues/9031)) - Allow bumping schema version when using split out state database. ([\#9033](https://github.com/matrix-org/synapse/issues/9033)) - Configure the linters to run on a consistent set of files. ([\#9038](https://github.com/matrix-org/synapse/issues/9038)) - Various cleanups to device inbox store. ([\#9041](https://github.com/matrix-org/synapse/issues/9041)) - Drop unused database tables. ([\#9055](https://github.com/matrix-org/synapse/issues/9055)) - Remove unused `SynapseService` class. ([\#9058](https://github.com/matrix-org/synapse/issues/9058)) - Remove unnecessary declarations in the tests for the admin API. ([\#9063](https://github.com/matrix-org/synapse/issues/9063)) - Remove `SynapseRequest.get_user_agent`. ([\#9069](https://github.com/matrix-org/synapse/issues/9069)) - Remove redundant `Homeserver.get_ip_from_request` method. ([\#9080](https://github.com/matrix-org/synapse/issues/9080)) - Add type hints to media repository. ([\#9093](https://github.com/matrix-org/synapse/issues/9093)) - Fix the wrong arguments being passed to `BlacklistingAgentWrapper` from `MatrixFederationAgent`. Contributed by Timothy Leung. ([\#9098](https://github.com/matrix-org/synapse/issues/9098)) - Reduce the scope of caught exceptions in `BlacklistingAgentWrapper`. ([\#9106](https://github.com/matrix-org/synapse/issues/9106)) - Improve `UsernamePickerTestCase`. ([\#9112](https://github.com/matrix-org/synapse/issues/9112)) - Remove dependency on `distutils`. ([\#9125](https://github.com/matrix-org/synapse/issues/9125)) - Enforce that replication HTTP clients are called with keyword arguments only. ([\#9144](https://github.com/matrix-org/synapse/issues/9144)) - Fix the Python 3.5 / old dependencies build in CI. ([\#9146](https://github.com/matrix-org/synapse/issues/9146)) - Replace the old `perspectives` option in the Synapse docker config file template with `trusted_key_servers`. ([\#9157](https://github.com/matrix-org/synapse/issues/9157))
| * | | docs: Add link to Matrix VoIP tester for turn-howto (#9135)rht2021-01-201-0/+6
| | | | | | | | | | | | Signed-off-by: rht <rhtbot@protonmail.com>
* | | | Merge commit '0cd2938bc' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+4
|\ \ \ \ | | |/ / | |/| |
| * | | Support icons for Identity Providers (#9154)Richard van der Hoff2021-01-201-0/+4
| |/ /
* | | Merge commit 'fa50e4bf4' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-12/+14
|\| |
| * | Give `public_baseurl` a default value (#9159)Richard van der Hoff2021-01-201-14/+17
| | |
* | | Merge commit '73b03722f' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-222-2/+2
|\| |
| * | Quote pip install with brackets to avoid shell interpretation. (#9151)Patrick Cloke2021-01-182-2/+2
| | |
* | | Merge commit '2b467d0b6' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+3
|\| |
| * | link to the scalability blog post from workers.mdMatthew Hodgson2021-01-181-0/+3
| | |
* | | Merge commit '9de6b9411' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-222-230/+245
|\| |
| * | Land support for multiple OIDC providers (#9110)Richard van der Hoff2021-01-152-230/+245
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This is the final step for supporting multiple OIDC providers concurrently. First of all, we reorganise the config so that you can specify a list of OIDC providers, instead of a single one. Before: oidc_config: enabled: true issuer: "https://oidc_provider" # etc After: oidc_providers: - idp_id: prov1 issuer: "https://oidc_provider" - idp_id: prov2 issuer: "https://another_oidc_provider" The old format is still grandfathered in. With that done, it's then simply a matter of having OidcHandler instantiate a new OidcProvider for each configured provider.
* | | Merge commit '3e4cdfe5d' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+24
|\| |
| * | Add an admin API endpoint to protect media. (#9086)Patrick Cloke2021-01-151-0/+24
| | | | | | | | | | | | | | | | | | Protecting media stops it from being quarantined when e.g. all media in a room is quarantined. This is useful for sticker packs and other media that is uploaded by server administrators, but used by many people.
* | | Merge commit '420031906' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+8
|\| |
| * | Give the user a better error when they present bad SSO credsRichard van der Hoff2021-01-131-0/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | If a user tries to do UI Auth via SSO, but uses the wrong account on the SSO IdP, try to give them a better error. Previously, the UIA would claim to be successful, but then the operation in question would simply fail with "auth fail". Instead, serve up an error page which explains the failure.
* | | Merge commit '233c8b9fc' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-221-0/+1
|\| |
| * | Register the /devices endpoint on workers. (#9092)Patrick Cloke2021-01-131-0/+1
| | |
* | | Merge commit '98a64b7f7' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-224-0/+165
|\| |
| * | Remove user's avatar URL and displayname when deactivated. (#8932)Dirk Klimpel2021-01-121-0/+21
| | | | | | | | | This only applies if the user's data is to be erased.
| * | Also support remote users on the joined_rooms admin API. (#8948)David Teller2021-01-111-0/+4
| | | | | | | | | | | | For remote users, only the rooms which the server knows about are returned. Local users have all of their joined rooms returned.
| * | Use a chain cover index to efficiently calculate auth chain difference (#8868)Erik Johnston2021-01-113-0/+140
| |/
* | Merge commit '2fb1c2b6e' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-211-0/+4
|\|
| * Keycloak mapping_provider example (#9037) (#9057)Christopher Rücker2021-01-081-0/+4
| | | | | | | | | | This PR adds the missing user_mapping_provider section in oidc.md Signed-off-by: Christopher Rücker chris-ruecker@protonmail.com
* | Merge commit '63593134a' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-211-1/+1
|\|
| * Fix typo in docs/systemd-with-workers/README.md (#9035)Emelie2021-01-071-1/+1
| | | | | | Signed-off-by: Emelie em@nao.sh
* | Merge commit '0312266ee' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-211-0/+25
|\|
| * Add initial support for a "pick your IdP" page (#9017)Richard van der Hoff2021-01-051-0/+25
| | | | | | | | | | During login, if there are multiple IdPs enabled, offer the user a choice of IdPs.
* | Merge commit '9999eb2d0' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-212-1/+2
|\|
| * Update the value of group_creation_prefix in sample config. (#8992)Jerin J Titus2020-12-291-1/+1
| | | | | | Removes the trailing slash with causes issues with matrix.to/Element.
| * Allow redacting events on workers (#8994)Patrick Cloke2020-12-291-0/+1
| | | | | | Adds the redacts endpoint to workers that have the client listener.
* | Merge commit '4218473f9' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-213-4/+28
|\|
| * Refactor the CAS handler in prep for using the abstracted SSO code. (#8958)Patrick Cloke2020-12-181-3/+3
| | | | | | | | | | | | This makes the CAS handler look more like the SAML/OIDC handlers: * Render errors to users instead of throwing JSON errors. * Internal reorganization.
| * Send the location of the web client to the IS when inviting via 3PIDs. (#8930)Patrick Cloke2020-12-181-0/+6
| | | | | | | | Adds a new setting `email.invite_client_location` which, if defined, is passed to the identity server during invites.
| * Allow server admin to get admin bit in rooms where local user is an admin ↵Erik Johnston2020-12-181-1/+19
| | | | | | | | | | | | | | (#8756) This adds an admin API that allows a server admin to get power in a room if a local user has power in a room. Will also invite the user if they're not in the room and its a private room. Can specify another user (rather than the admin user) to be granted power. Co-authored-by: Matthew Hodgson <matthew@matrix.org>
* | Merge commit '28877fade' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-212-12/+36
|\|
| * Implement a username picker for synapse (#8942)Richard van der Hoff2020-12-182-12/+21
| | | | | | | | | | | | | | | | | | | | | | | | | | | | The final part (for now) of my work to implement a username picker in synapse itself. The idea is that we allow `UsernameMappingProvider`s to return `localpart=None`, in which case, rather than redirecting the browser back to the client, we redirect to a username-picker resource, which allows the user to enter a username. We *then* complete the SSO flow (including doing the client permission checks). The static resources for the username picker itself (in https://github.com/matrix-org/synapse/tree/rav/username_picker/synapse/res/username_picker) are essentially lifted wholesale from https://github.com/matrix-org/matrix-synapse-saml-mozilla/tree/master/matrix_synapse_saml_mozilla/res. As the comment says, we might want to think about making them customisable, but that can be a follow-up. Fixes #8876.
| * Allow re-using a UI auth validation for a period of time (#8970)Patrick Cloke2020-12-181-0/+15
| |
* | Merge commit 'c9c1c9d82' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-201-3/+6
|\|
| * Make search statement in List Room and User Admin API case-insensitive (#8931)Dirk Klimpel2020-12-171-3/+6
| |
* | Merge commit 'ff5c4da12' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-201-12/+12
|\|
| * Fix the sample config location for the ip_range_whitelist setting. (#8954)Patrick Cloke2020-12-161-12/+12
| | | | | | | | Move it from the federation section to the server section to match ip_range_blacklist.
* | Merge commit 'f14428b25' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-162-17/+26
|\|
| * Allow spam-checker modules to be provide async methods. (#8890)David Teller2020-12-111-6/+13
| | | | | | | | Spam checker modules can now provide async methods. This is implemented in a backwards-compatible manner.
| * Add number of local devices to Room Details Admin API (#8886)Dirk Klimpel2020-12-111-11/+13
| |
* | Merge commit 'c64002e1c' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-164-30/+92
|\|
| * Deprecate Shutdown Room and Purge Room Admin API (#8829)Dirk Klimpel2020-12-103-9/+47
| | | | | | | | | | Deprecate both APIs in favour of the Delete Room API. Related: #8663 and #8810
| * Default to blacklisting reserved IP ranges and add a whitelist. (#8870)Patrick Cloke2020-12-091-21/+45
| | | | | | | | This defaults `ip_range_blacklist` to reserved IP ranges and also adds an `ip_range_whitelist` setting to override it.
* | Merge commit '6ff34e00d' into anoa/dinsic_release_1_31_0Andrew Morgan2021-04-162-50/+86
|\|
| * Combine related media admin API docs (#8839)Dirk Klimpel2020-12-092-50/+86
| | | | | | | | | | | | Related: #8810 Also a few small improvements. Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Merge commit 'cf7d3c90d' into dinsicAndrew Morgan2021-04-163-10/+19
|\|
| * Clarify config template comments (#8891)Richard van der Hoff2020-12-081-8/+4
| |
| * Add authentication to replication endpoints. (#8853)Patrick Cloke2020-12-042-1/+12
| | | | | | | | Authentication is done by checking a shared secret provided in the Synapse configuration file.
| * Merge tag 'v1.24.0rc2' into developPatrick Cloke2020-12-041-0/+7
| |\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.24.0rc2 (2020-12-04) ============================== Bugfixes -------- - Fix a regression in v1.24.0rc1 which failed to allow SAML mapping providers which were unable to redirect users to an additional page. ([\#8878](https://github.com/matrix-org/synapse/issues/8878)) Internal Changes ---------------- - Add support for the `prometheus_client` newer than 0.9.0. Contributed by Jordan Bancino. ([\#8875](https://github.com/matrix-org/synapse/issues/8875))
| * | Fix a buglet in the SAML username mapping provider doc (#8873)Richard van der Hoff2020-12-041-1/+3
| | | | | | | | | the constructor is called with a `module_api`.
| * | Apply an IP range blacklist to push and key revocation requests. (#8821)Patrick Cloke2020-12-021-6/+8
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Replaces the `federation_ip_range_blacklist` configuration setting with an `ip_range_blacklist` setting with wider scope. It now applies to: * Federation * Identity servers * Push notifications * Checking key validitity for third-party invite events The old `federation_ip_range_blacklist` setting is still honored if present, but with reduced scope (it only applies to federation and identity servers).
* | | Port "Add support for no_proxy and case insensitive env variables" from ↵Andrew Morgan2021-03-221-6/+8
| | | | | | | | | | | | | | | | | | | | | mainline to dinsic (#93) This PR is simply porting https://github.com/matrix-org/synapse/pull/9372 to dinsic. I also had to bring in https://github.com/matrix-org/synapse/pull/8821 and https://github.com/matrix-org/synapse/pull/9084 for this code to work properly - a sign that we should merge mainline into dinsic again soon.
* | | Add a config option to prioritise local users in user directory search ↵Andrew Morgan2021-02-191-0/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | results (#84) * Add a config option to prioritise local users in user directory search results (#9383) This PR adds a homeserver config option, `user_directory.prefer_local_users`, that when enabled will show local users higher in user directory search results than remote users. This option is off by default. Note that turning this on doesn't necessarily mean that remote users will always be put below local users, but they should be assuming all other ranking factors (search query match, profile information present etc) are identical. This is useful for, say, University networks that are openly federating, but want to prioritise local students and staff in the user directory over other random users. * Don't mix simple and english psql query types
* | | Add knocking support (#81)Andrew Morgan2021-02-091-1/+3
| | | | | | | | | | | | | | | | | | | | | | | | | | | Implement knocking as defined by https://github.com/matrix-org/matrix-doc/pull/2403 This is the base knocking stuff, taken from https://github.com/matrix-org/synapse/pull/6739 and does not include any public room directory changes. While knocking hasn't merged yet on mainline due to waiting on getting Complement into Synapse's CI, the code has been well-tested.
* | | Merge commit '693dab487' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-311-0/+7
|\ \ \ | | |/ | |/|
| * | Fix a regression that mapping providers should be able to redirect users. ↵Patrick Cloke2020-12-041-0/+7
| |/ | | | | | | | | (#8878) This was broken in #8801.
* | Merge commit '09ac0569f' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-312-0/+11
|\|
| * Fix typo in password_auth_providers docAndrew Morgan2020-12-011-0/+1
| | | | | | | | A word got removed accidentally in 83434df3812650f53c60e91fb23c2079db0fb5b8.
| * Add a config option to change whether unread push notification counts are ↵Andrew Morgan2020-11-301-0/+10
| | | | | | | | | | | | | | | | per-message or per-room (#8820) This PR adds a new config option to the `push` section of the homeserver config, `group_unread_count_by_room`. By default Synapse will group push notifications by room (so if you have 1000 unread messages, if they lie in 55 rooms, you'll see an unread count on your phone of 55). However, it is also useful to be able to send out the true count of unread messages if desired. If `group_unread_count_by_room` is set to `false`, then with the above example, one would see an unread count of 1000 (email anyone?).
* | Merge commit 'a090b8620' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-311-1/+5
|\|
| * Add `force_purge` option to delete-room admin api. (#8843)Richard van der Hoff2020-11-301-1/+5
| |
* | Merge commit '7c4344747' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-316-40/+217
|\|
| * Improve documentation how to configure prometheus for workers (#8822)Dirk Klimpel2020-11-261-17/+57
| |
| * Remove deprecated `/_matrix/client/*/admin` endpoints (#8785)Dirk Klimpel2020-11-251-0/+7
| | | | | | These are now only available via `/_synapse/admin/v1`.
| * Fix the formatting of push config section (#8818)Andrew Morgan2020-11-251-14/+19
| | | | | | This PR updates the push config's formatting to better align with our [code style guidelines](https://github.com/matrix-org/synapse/blob/develop/docs/code_style.md#configuration-file-format).
| * Support trying multiple localparts for OpenID Connect. (#8801)Patrick Cloke2020-11-251-1/+10
| | | | | | | | Abstracts the SAML and OpenID Connect code which attempts to regenerate the localpart of a matrix ID if it is already in use.
| * Clarify documentation of the admin list media API (#8795)Dirk Klimpel2020-11-241-0/+1
| | | | | | Clarify that the list media API only shows media from unencrypted events.
| * Update turn-howto (#8779)Richard van der Hoff2020-11-241-8/+123
| | | | | | Some hopefully-useful notes on setting up a turnserver.
* | Merge commit '8ca120df7' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-312-1/+16
|\|
| * Improve error checking for OIDC/SAML mapping providers (#8774)Patrick Cloke2020-11-191-1/+8
| | | | | | | | | | | | Checks that the localpart returned by mapping providers for SAML and OIDC are valid before registering new users. Extends the OIDC tests for existing users and invalid data.
| * SAML: Allow specifying the IdP entityid to use. (#8630)Ben Banfield-Zanin2020-11-191-0/+8
| | | | | | | | If the SAML metadata includes multiple IdPs it is necessary to specify which IdP to redirect users to for authentication.
* | Merge commit '03e392f78' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-311-0/+6
|\|
| * SAML: Document allowing a clock/time difference from IdP (#8731)Marcus Schopen2020-11-181-0/+6
| | | | | | | | Updates the sample configuration with the pysaml2 configuration for accepting clock skew/drift between the homeserver and IdP.
| * a comma too much (#8771)chagai952020-11-171-1/+1
| | | | | | Signed-off-by: Chagai Friedlander chagai95@gmail.com
| * Add admin API for logging in as a user (#8617)Erik Johnston2020-11-171-0/+35
| |
* | Merged commit 'deff8f628' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-311-1/+36
| |
* | Merge commit 'f12589547' into anoa/dinsic_release_1_23_1Andrew Morgan2020-12-311-2/+3
|\|