diff options
| author | Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> | 2022-03-29 14:12:41 +0100 |
|---|---|---|
| committer | GitHub <noreply@github.com> | 2022-03-29 14:12:41 +0100 |
| commit | 013f3f5e44278c7894e48ccd179ad4bca63bd857 (patch) | |
| tree | 45563061f673dbf763ebbf86f56769685ee617f2 /CHANGES.md | |
| parent | Missing period (diff) | |
| download | synapse-013f3f5e44278c7894e48ccd179ad4bca63bd857.tar.xz | |
Move warning of open registration to v1.56 upgrade notes (#12322)
Diffstat (limited to 'CHANGES.md')
| -rw-r--r-- | CHANGES.md | 13 |
1 files changed, 12 insertions, 1 deletions
diff --git a/CHANGES.md b/CHANGES.md index ee1eb9a582..a9ac4a5d3d 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,6 +1,17 @@ Synapse 1.56.0rc1 (2022-03-29) ============================== +Synapse will now refuse to start up if open registration is enabled, in order to help mitigate +abuse across the federation. If you would like +to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), +[recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) +or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification +in order to prevent automated registration from bad actors. + +This check can be disabled by setting the `enable_registration_without_verification` option in your +homeserver configuration file to `true`. More details are available in the +[upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). + Features -------- @@ -33,7 +44,7 @@ Internal Changes - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)), as per proposal changes. ([\#12036](https://github.com/matrix-org/synapse/issues/12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)), and update/expand documentation. ([\#12038](https://github.com/matrix-org/synapse/issues/12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) instead of abusing `auth_event_ids`. ([\#12083](https://github.com/matrix-org/synapse/issues/12083), [\#12304](https://github.com/matrix-org/synapse/issues/12304)) -- Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set. ([\#12091](https://github.com/matrix-org/synapse/issues/12091)) +- Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\#12091](https://github.com/matrix-org/synapse/issues/12091)) - Add tests for database transaction callbacks. ([\#12198](https://github.com/matrix-org/synapse/issues/12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\#12199](https://github.com/matrix-org/synapse/issues/12199)) - Add missing type hints for cache storage. ([\#12216](https://github.com/matrix-org/synapse/issues/12216)) |