summary refs log tree commit diff
diff options
context:
space:
mode:
authorErik Johnston <erik@matrix.org>2020-11-18 12:13:38 +0000
committerErik Johnston <erik@matrix.org>2020-11-18 12:13:38 +0000
commitb690542a34cc51b1f6ed186f9cb89668ef21a1f3 (patch)
tree04f74d785902960b4df660b76e2fef69dab3db4e
parentMerge pull request #8761 from matrix-org/rav/test_request_rendering (diff)
parentUpdate changelog (diff)
downloadsynapse-b690542a34cc51b1f6ed186f9cb89668ef21a1f3.tar.xz
Merge branch 'master' into develop
-rw-r--r--CHANGES.md15
-rw-r--r--UPGRADE.rst2
-rw-r--r--debian/changelog6
-rw-r--r--docker/Dockerfile3
-rw-r--r--synapse/__init__.py2
-rw-r--r--synapse/python_dependencies.py4
6 files changed, 28 insertions, 4 deletions
diff --git a/CHANGES.md b/CHANGES.md
index 75871979c2..52b2fd6f8f 100644
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,3 +1,16 @@
+Synapse 1.23.0 (2020-11-18)
+===========================
+
+This release changes the way structured logging is configured. See the [upgrade notes](UPGRADE.rst#upgrading-to-v1230) for details.
+
+**Note**: We are aware of a trivially exploitable denial of service vulnerability in versions of Synapse prior to 1.20.0. Complete details will be disclosed on Monday, November 23rd. If you have not upgraded recently, please do so.
+
+Bugfixes
+--------
+
+- Fix a dependency versioning bug in the Dockerfile that prevented Synapse from starting. ([\#8767](https://github.com/matrix-org/synapse/issues/8767))
+
+
 Synapse 1.23.0rc1 (2020-11-13)
 ==============================
 
@@ -52,7 +65,7 @@ Internal Changes
 ----------------
 
 - Optimise `/createRoom` with multiple invited users. ([\#8559](https://github.com/matrix-org/synapse/issues/8559))
-- Implement and use an @lru_cache decorator. ([\#8595](https://github.com/matrix-org/synapse/issues/8595))
+- Implement and use an `@lru_cache` decorator. ([\#8595](https://github.com/matrix-org/synapse/issues/8595))
 - Don't instansiate Requester directly. ([\#8614](https://github.com/matrix-org/synapse/issues/8614))
 - Type hints for `RegistrationStore`. ([\#8615](https://github.com/matrix-org/synapse/issues/8615))
 - Change schema to support access tokens belonging to one user but granting access to another. ([\#8616](https://github.com/matrix-org/synapse/issues/8616))
diff --git a/UPGRADE.rst b/UPGRADE.rst
index 960c2aeb2b..7c19cf2a70 100644
--- a/UPGRADE.rst
+++ b/UPGRADE.rst
@@ -87,7 +87,7 @@ then it should be modified based on the `structured logging documentation
 <https://github.com/matrix-org/synapse/blob/master/docs/structured_logging.md>`_.
 
 The ``structured`` and ``drains`` logging options are now deprecated and should
-be replaced by standard logging configuration of ``handlers`` and ``formatters`.
+be replaced by standard logging configuration of ``handlers`` and ``formatters``.
 
 A future will release of Synapse will make using ``structured: true`` an error.
 
diff --git a/debian/changelog b/debian/changelog
index ae8948650f..4ea4feddd5 100644
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,3 +1,9 @@
+matrix-synapse-py3 (1.23.0) stable; urgency=medium
+
+  * New synapse release 1.23.0.
+
+ -- Synapse Packaging team <packages@matrix.org>  Wed, 18 Nov 2020 11:41:28 +0000
+
 matrix-synapse-py3 (1.22.1) stable; urgency=medium
 
   * New synapse release 1.22.1.
diff --git a/docker/Dockerfile b/docker/Dockerfile
index 9791d3ddf0..791cd6936b 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -36,7 +36,8 @@ RUN pip install --prefix="/install" --no-warn-script-location \
         frozendict \
         jaeger-client \
         opentracing \
-        prometheus-client \
+        # Match the version constraints of Synapse
+        "prometheus_client>=0.4.0,<0.9.0" \
         psycopg2 \
         pycparser \
         pyrsistent \
diff --git a/synapse/__init__.py b/synapse/__init__.py
index 537f2239e5..65c1f5aa3f 100644
--- a/synapse/__init__.py
+++ b/synapse/__init__.py
@@ -48,7 +48,7 @@ try:
 except ImportError:
     pass
 
-__version__ = "1.23.0rc1"
+__version__ = "1.23.0"
 
 if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
     # We import here so that we don't have to install a bunch of deps when
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 0ddead8a0f..aab77fc453 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -72,6 +72,10 @@ REQUIREMENTS = [
     # prom-client has a history of breaking backwards compatibility between
     # minor versions (https://github.com/prometheus/client_python/issues/317),
     # so we also pin the minor version.
+    #
+    # Note that we replicate these constraints in the Synapse Dockerfile while
+    # pre-installing dependencies. If these constraints are updated here, the
+    # same change should be made in the Dockerfile.
     "prometheus_client>=0.4.0,<0.9.0",
     # we use attr.validators.deep_iterable, which arrived in 19.1.0 (Note:
     # Fedora 31 only has 19.1, so if we want to upgrade we should wait until 33