summary refs log tree commit diff
path: root/changelog.d (follow)
Commit message (Collapse)AuthorAgeFilesLines
* Add a module type for account validity (#9884)Brendan Abolivier2021-07-161-0/+1
| | | | | This adds an API for third-party plugin modules to implement account validity, so they can provide this feature instead of Synapse. The module implementing the current behaviour for this feature can be found at https://github.com/matrix-org/synapse-email-account-validity. To allow for a smooth transition between the current feature and the new module, hooks have been added to the existing account validity endpoints to allow their behaviours to be overridden by a module.
* Do not include signatures/hashes in make_{join,leave,knock} responses. (#10404)Patrick Cloke2021-07-161-0/+1
| | | | These signatures would end up invalid since the joining/leaving/knocking server would modify the response before calling send_{join,leave,knock}.
* Use inline type hints in `http/federation/`, `storage/` and `util/` (#10381)Jonathan de Jong2021-07-151-0/+1
|
* Reduce likelihood of Postgres table scanning `state_groups_state`. (#10359)Erik Johnston2021-07-151-0/+1
| | | | | | | | The postgres statistics collector sometimes massively underestimates the number of distinct state groups are in the `state_groups_state`, which can cause postgres to use table scans for queries for multiple state groups. We fix this by manually setting `n_distinct` on the column.
* Merge branch 'master' into developBrendan Abolivier2021-07-151-0/+1
|\
| * Make deprecation notice of the spam checker doc more obvious (#10395)Brendan Abolivier2021-07-151-0/+1
| |
| * 1.38.0rc3 v1.38.0rc3Richard van der Hoff2021-07-132-2/+0
| |
| * Github Actions workflow to attach release artifacts to release (#10379)Richard van der Hoff2021-07-131-0/+1
| |
| * build debs in GHA (#10247)Richard van der Hoff2021-07-121-0/+1
| | | | | | GHA workflow to build the debs
* | Add tests to characterise the current behaviour of R30 phone-home metrics ↵reivilibre2021-07-151-0/+1
| | | | | | | | | | | | (#10315) Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | Updating install prerequisites for newer macOS & ARM Macs. (#9971)Luke Walsh2021-07-151-0/+1
| |
* | Docs: Use something other than the document name to describe a page (#10399)Andrew Morgan2021-07-151-0/+1
| | | | | | | | | | Our documentation has a history of using a document's name as a way to link to it, such as "See [workers.md]() for details". This makes sense when you're traversing a directory of files, but less sense when the files are abstracted away - as they are on the documentation website. This PR changes the links to various documentation pages to something that fits better into the surrounding sentence, as you would when making any hyperlink on the web.
* | Stagger send presence to remotes (#10398)Erik Johnston2021-07-151-0/+1
| | | | | | | | | | | | This is to help with performance, where trying to connect to thousands of hosts at once can consume a lot of CPU (due to TLS etc). Co-authored-by: Brendan Abolivier <babolivier@matrix.org>
* | Update the logcontext doc (#10353)Brendan Abolivier2021-07-151-0/+1
| | | | | | By referring to awaitables instead of deferreds.
* | Use inline type hints in various other places (in `synapse/`) (#10380)Jonathan de Jong2021-07-151-0/+1
| |
* | Allow providing credentials to `http_proxy` (#10360)Dirk Klimpel2021-07-151-0/+1
| |
* | Fix a number of logged errors caused by remote servers being down. (#10400)Erik Johnston2021-07-151-0/+1
| |
* | doc: Add delegation example to the caddy reverse proxy section (#10368)Moritz Dietz2021-07-141-0/+1
| |
* | Instructions on installing RC debs (#10396)Richard van der Hoff2021-07-141-0/+1
| |
* | Set section for prerelease debs (#10391)Richard van der Hoff2021-07-141-0/+1
| | | | | | This is part of fixing #6116: we want to put RC debs into a different place than release debs, so reprepro has to be able to tell them apart.
* | Make GHA config more efficient (#10383)Richard van der Hoff2021-07-141-0/+1
| | | | | | | | | | | | | | | | A few things here: * Build the debs for single distro for each PR, so that we can see if it breaks. Do the same for develop. Building all the debs ties up the GHA workers for ages. * Stop building the debs for release branches. Again, it takes ages, and I don't think anyone is actually going to stop and look at them. We'll know they are working when we make an RC. * Change the configs so that if we manually cancel a workflow, it actually does something.
* | Add type hints and comments to event auth code. (#10393)Patrick Cloke2021-07-141-0/+1
| |
* | Fix messages from multiple senders in historical chunk (MSC2716) (#10276)Eric Eastwood2021-07-131-0/+1
| | | | | | | | | | | | | | Fix messages from multiple senders in historical chunk. This also means that an app service does not need to define `?user_id` when using this endpoint. Follow-up to https://github.com/matrix-org/synapse/pull/9247 Part of MSC2716: https://github.com/matrix-org/matrix-doc/pull/2716
* | Add type hints to get_domain_from_id and get_localpart_from_id. (#10385)Patrick Cloke2021-07-131-0/+1
| |
* | Show all joinable rooms in the spaces summary. (#10298)Patrick Cloke2021-07-133-1/+2
| | | | | | | | | | | | | | | | | | | | Previously only world-readable rooms were shown. This means that rooms which are public, knockable, or invite-only with a pending invitation, are included in a space summary. It also applies the same logic to the experimental room version from MSC3083 -- if a user has access to the proper allowed rooms then it is shown in the spaces summary. This change is made per MSC3173 allowing stripped state of a room to be shown to any potential room joiner.
* | Fix some links in `docs` and `contrib` (#10370)Dirk Klimpel2021-07-131-0/+1
| |
* | Bugfix `make_room_admin` fails for users that have left a private room (#10367)Dirk Klimpel2021-07-131-0/+1
| | | | | | Fixes: #10338
* | Use inline type hints in `tests/` (#10350)Jonathan de Jong2021-07-131-0/+1
| | | | | | | | | | | | | | | | This PR is tantamount to running: python3.8 -m com2ann -v 6 tests/ (com2ann requires python 3.8 to run)
* | [pyupgrade] `tests/` (#10347)Jonathan de Jong2021-07-131-0/+1
| |
* | Fix federation inbound age metric. (#10355)Erik Johnston2021-07-131-0/+1
| | | | | | We should be reporting the age rather than absolute timestamp.
* | Replace `room_depth.min_depth` with a BIGINT (#10289)Richard van der Hoff2021-07-121-0/+1
| | | | | | | | | | while I'm dealing with INTEGERs and BIGINTs, let's replace room_depth.min_depth with a BIGINT.
* | Additional unit tests for spaces summary. (#10305)Patrick Cloke2021-07-121-0/+1
| |
* | Unblacklist fixed tests (#10357)Erik Johnston2021-07-092-1/+2
| |
* | Re-enable room v6 sytest (#10345)Richard van der Hoff2021-07-091-0/+1
| | | | | | ... now that it has been fixed in https://github.com/matrix-org/sytest/pull/1061.
* | Revert "Newsfile"Erik Johnston2021-07-091-1/+0
| | | | | | | | This reverts commit 944428d1163d1521ef96db88040852520ad6cbff.
* | NewsfileErik Johnston2021-07-091-0/+1
| |
* | Fix the user directory becoming broken (and noisy errors being logged) when ↵reivilibre2021-07-091-0/+1
| | | | | | | | | | knocking and room statistics are in use. (#10344) Signed-off-by: Olivier Wilkinson (reivilibre) <olivier@librepush.net>
* | Switch `application_services_txns.txn_id` to BIGINT (#10349)Richard van der Hoff2021-07-091-0/+1
| |
* | Merge tag 'v1.38.0rc2' into developErik Johnston2021-07-091-1/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.38.0rc2 (2021-07-09) ============================== Bugfixes -------- - Fix bug where inbound federation in a room could be delayed due to not correctly dropping a lock. Introduced in v1.37.1. ([\#10336](https://github.com/matrix-org/synapse/issues/10336)) Improved Documentation ---------------------- - Update links to documentation in the sample config. Contributed by @dklimpel. ([\#10287](https://github.com/matrix-org/synapse/issues/10287)) - Fix broken links in [INSTALL.md](INSTALL.md). Contributed by @dklimpel. ([\#10331](https://github.com/matrix-org/synapse/issues/10331))
| * 1.38.0rc2Erik Johnston2021-07-093-3/+0
| |
| * Ensure we always drop the federation inbound lock (#10336)Erik Johnston2021-07-091-0/+1
| |
| * Fix broken links in INSTALL.md (#10331)Dirk Klimpel2021-07-081-0/+1
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Upsert redactions in case they already exists (#10343)Andreas Rammhold2021-07-091-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Upsert redactions in case they already exists Occasionally, in combination with retention, redactions aren't deleted from the database whenever they are due for deletion. The server will eventually try to backfill the deleted events and trip over the already existing redaction events. Switching to an UPSERT for those events allows us to recover from there situations. The retention code still needs fixing but that is outside of my current comfort zone on this code base. This is related to #8707 where the error was discussed already. Signed-off-by: Andreas Rammhold <andreas@rammhold.de> * Also purge redactions when purging events Previously redacints where left behind leading to backfilling issues when the server stumbled across the already existing yet to be backfilled redactions. This issues has been discussed in #8707. Signed-off-by: Andreas Rammhold <andreas@rammhold.de>
* | Add base starting insertion event when no chunk ID is provided (MSC2716) ↵Eric Eastwood2021-07-081-0/+1
| | | | | | | | | | | | | | | | | | (#10250) * Add base starting insertion point when no chunk ID is provided This is so we can have the marker event point to this initial insertion event and be able to traverse the events in the first chunk.
* | Fix formatting in the logcontext doc (#10337)Brendan Abolivier2021-07-081-0/+1
| |
* | Remove functionality associated with unused historical stats tables (#9721)Cristina2021-07-081-0/+1
| | | | | | Fixes #9602
* | Minor changes to `user_daily_visits` (#10324)reivilibre2021-07-081-0/+1
| | | | | | | | | | | | | | * Use fake time in tests in _get_start_of_day. * Change the inequality of last_seen in user_daily_visits Co-authored-by: Erik Johnston <erik@matrix.org>
* | Rebuild event auth when rebuilding an event after a call to a ↵Brendan Abolivier2021-07-081-0/+1
| | | | | | | | | | `ThirdPartyEventRules` module (#10316) Because modules might send extra state events when processing an event (e.g. matrix-org/synapse-dinsic#100), and in some cases these extra events might get dropped if we don't recalculate the initial event's auth.
* | Fix a broken link in the admin api docs (#10322)Richard van der Hoff2021-07-071-0/+1
| | | | | | | | | | | | | | * Fix a broken link in the admin api docs * Rename 10321.doc to 10321.docs * Rename 10321.docs to 10322.doc
* | Merge remote-tracking branch 'origin/release-v1.38' into developRichard van der Hoff2021-07-071-0/+1
|\| | | | | | | merge @dklimpel's fixes to the sample config
| * Update links to documentation in sample config (#10287)Dirk Klimpel2021-07-071-0/+1
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Simplify structure of room admin API docs (#10313)Dirk Klimpel2021-07-071-0/+1
| |
* | Merge tag 'v1.38.0rc1' into developBrendan Abolivier2021-07-071-1/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.38.0rc1 (2021-07-06) ============================== This release includes a database schema update which could result in elevated disk usage. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#upgrading-to-v1380) for more information. Features -------- - Implement refresh tokens as specified by [MSC2918](https://github.com/matrix-org/matrix-doc/pull/2918). ([\#9450](https://github.com/matrix-org/synapse/issues/9450)) - Add support for evicting cache entries based on last access time. ([\#10205](https://github.com/matrix-org/synapse/issues/10205)) - Omit empty fields from the `/sync` response. Contributed by @deepbluev7. ([\#10214](https://github.com/matrix-org/synapse/issues/10214)) - Improve validation on federation `send_{join,leave,knock}` endpoints. ([\#10225](https://github.com/matrix-org/synapse/issues/10225), [\#10243](https://github.com/matrix-org/synapse/issues/10243)) - Add SSO `external_ids` to the Query User Account admin API. ([\#10261](https://github.com/matrix-org/synapse/issues/10261)) - Mark events received over federation which fail a spam check as "soft-failed". ([\#10263](https://github.com/matrix-org/synapse/issues/10263)) - Add metrics for new inbound federation staging area. ([\#10284](https://github.com/matrix-org/synapse/issues/10284)) - Add script to print information about recently registered users. ([\#10290](https://github.com/matrix-org/synapse/issues/10290)) Bugfixes -------- - Fix a long-standing bug which meant that invite rejections and knocks were not sent out over federation in a timely manner. ([\#10223](https://github.com/matrix-org/synapse/issues/10223)) - Fix a bug introduced in v1.26.0 where only users who have set profile information could be deactivated with erasure enabled. ([\#10252](https://github.com/matrix-org/synapse/issues/10252)) - Fix a long-standing bug where Synapse would return errors after 2<sup>31</sup> events were handled by the server. ([\#10264](https://github.com/matrix-org/synapse/issues/10264), [\#10267](https://github.com/matrix-org/synapse/issues/10267), [\#10282](https://github.com/matrix-org/synapse/issues/10282), [\#10286](https://github.com/matrix-org/synapse/issues/10286), [\#10291](https://github.com/matrix-org/synapse/issues/10291), [\#10314](https://github.com/matrix-org/synapse/issues/10314), [\#10326](https://github.com/matrix-org/synapse/issues/10326)) - Fix the prometheus `synapse_federation_server_pdu_process_time` metric. Broke in v1.37.1. ([\#10279](https://github.com/matrix-org/synapse/issues/10279)) - Ensure that inbound events from federation that were being processed when Synapse was restarted get promptly processed on start up. ([\#10303](https://github.com/matrix-org/synapse/issues/10303)) Improved Documentation ---------------------- - Move the upgrade notes to [docs/upgrade.md](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md) and convert them to markdown. ([\#10166](https://github.com/matrix-org/synapse/issues/10166)) - Choose Welcome & Overview as the default page for synapse documentation website. ([\#10242](https://github.com/matrix-org/synapse/issues/10242)) - Adjust the URL in the README.rst file to point to irc.libera.chat. ([\#10258](https://github.com/matrix-org/synapse/issues/10258)) - Fix homeserver config option name in presence router documentation. ([\#10288](https://github.com/matrix-org/synapse/issues/10288)) - Fix link pointing at the wrong section in the modules documentation page. ([\#10302](https://github.com/matrix-org/synapse/issues/10302)) Internal Changes ---------------- - Drop `Origin` and `Accept` from the value of the `Access-Control-Allow-Headers` response header. ([\#10114](https://github.com/matrix-org/synapse/issues/10114)) - Add type hints to the federation servlets. ([\#10213](https://github.com/matrix-org/synapse/issues/10213)) - Improve the reliability of auto-joining remote rooms. ([\#10237](https://github.com/matrix-org/synapse/issues/10237)) - Update the release script to use the semver terminology and determine the release branch based on the next version. ([\#10239](https://github.com/matrix-org/synapse/issues/10239)) - Fix type hints for computing auth events. ([\#10253](https://github.com/matrix-org/synapse/issues/10253)) - Improve the performance of the spaces summary endpoint by only recursing into spaces (and not rooms in general). ([\#10256](https://github.com/matrix-org/synapse/issues/10256)) - Move event authentication methods from `Auth` to `EventAuthHandler`. ([\#10268](https://github.com/matrix-org/synapse/issues/10268)) - Re-enable a SyTest after it has been fixed. ([\#10292](https://github.com/matrix-org/synapse/issues/10292))
| * Merge latest fix into the changelogBrendan Abolivier2021-07-071-1/+0
| |
* | Merge branch 'release-v1.38' into developRichard van der Hoff2021-07-0732-31/+0
|\|
| * ANALYZE new stream ordering column (#10326)Brendan Abolivier2021-07-071-0/+1
| | | | | | Fixes #10325
| * 1.38.0rc1Brendan Abolivier2021-07-0632-32/+0
| |
* | Ignore EDUs for rooms we're not in (#10317)Dagfinn Ilmari Mannsåker2021-07-061-0/+1
|/
* Fix deactivate a user if he does not have a profile (#10252)Dirk Klimpel2021-07-061-0/+1
|
* Add script for getting info about recently registered users (#10290)Erik Johnston2021-07-061-0/+1
|
* Handle old staged inbound events (#10303)Erik Johnston2021-07-061-0/+1
| | | | | | | We might have events in the staging area if the service was restarted while there were unhandled events in the staging area. Fixes #10295
* Add upgrade notes about disk space for events migration (#10314)Richard van der Hoff2021-07-061-0/+1
|
* Add support for evicting cache entries based on last access time. (#10205)Erik Johnston2021-07-051-0/+1
|
* Fix bad link in modules documentation (#10302)Brendan Abolivier2021-07-021-0/+1
| | | Fix link in modules doc to point at instructions on registering a callback instead of ones on registering a web resource.
* Move methods involving event authentication to EventAuthHandler. (#10268)Patrick Cloke2021-07-011-0/+1
| | | Instead of mixing them with user authentication methods.
* fix ordering of bg update (#10291)Richard van der Hoff2021-07-011-0/+1
| | | | | this was a typo introduced in #10282. We don't want to end up doing the `replace_stream_ordering_column` update after anything that comes up in migration 60/03.
* Reenable 'Backfilled events whose prev_events...' sytest (#10292)Erik Johnston2021-07-011-0/+1
| | | Now that we've fixed it.
* Add SSO `external_ids` to Query User Account admin API (#10261)Dirk Klimpel2021-07-011-0/+1
| | | Related to #10251
* Add some metrics to staging area (#10284)Erik Johnston2021-07-011-0/+1
|
* Fix the homeserver config example in presence router docs (#10288)Andrew Morgan2021-06-301-0/+1
| | | | | The presence router docs include some sample homeserver config. At some point we changed the name of the [config option](https://github.com/matrix-org/synapse/blob/859dc05b3692a3672c1a0db8deaaa9274b6aa6f5/docs/sample_config.yaml#L104-L113), but forgot to update the docs. I've also added `presence.enabled: true` to the example, as that's the new way to enable presence (the `presence_enabled` option has been deprecated).
* Change more stream_ordering columns to BIGINT (#10286)Richard van der Hoff2021-06-301-0/+1
|
* Rebuild other indexes using `stream_ordering` (#10282)Richard van der Hoff2021-06-301-0/+1
| | | | We need to rebuild *all* of the indexes that use the current `stream_ordering` column.
* Correct type hints for synapse.event_auth. (#10253)Patrick Cloke2021-06-301-0/+1
|
* Fix the inbound PDU metric (#10279)Erik Johnston2021-06-301-0/+1
| | | This broke in #10272
* Merge branch 'release-v1.37' into developRichard van der Hoff2021-06-292-2/+0
|\
| * 1.37.1rc1 v1.37.1rc1Richard van der Hoff2021-06-292-2/+0
| |
* | Merge branch 'release-v1.37' into developRichard van der Hoff2021-06-292-0/+2
|\|
| * Update newsfiles v1.37.1a1Richard van der Hoff2021-06-292-1/+1
| |
| * Handle inbound events from federation asynchronously (#10272)Erik Johnston2021-06-291-0/+1
| | | | | | | | | | | | | | | | | | | | | | Fixes #9490 This will break a couple of SyTest that are expecting failures to be added to the response of a federation /send, which obviously doesn't happen now that things are asynchronous. Two drawbacks: Currently there is no logic to handle any events left in the staging area after restart, and so they'll only be handled on the next incoming event in that room. That can be fixed separately. We now only process one event per room at a time. This can be fixed up further down the line.
| * Add a distributed lock (#10269)Erik Johnston2021-06-291-0/+1
| | | | | | This adds a simple best effort locking mechanism that works cross workers.
* | Do not recurse into non-spaces in the spaces summary. (#10256)Patrick Cloke2021-06-291-0/+1
| | | | | | | | | | Previously m.child.room events in non-space rooms would be treated as part of the room graph, but this is no longer supported.
* | Fix `populate_stream_ordering2` background job (#10267)Richard van der Hoff2021-06-291-0/+1
| | | | | | | | It was possible for us not to find any rows in a batch, and hence conclude that we had finished. Let's not do that.
* | Migrate stream_ordering to a bigint (#10264)Richard van der Hoff2021-06-291-0/+1
| | | | | | | | | | | | | | | | | | | | * Move background update names out to a separate class `EventsBackgroundUpdatesStore` gets inherited and we don't really want to further pollute the namespace. * Migrate stream_ordering to a bigint * changelog
* | Soft-fail spammy events received over federation (#10263)Richard van der Hoff2021-06-291-0/+1
| |
* | Add additional types to the federation transport server. (#10213)Patrick Cloke2021-06-281-0/+1
| |
* | Adjust the URL in the README.rst file to point to LiberaChat instead of ↵Felix Kronlage-Dammers2021-06-281-0/+1
| | | | | | | | freenode (#10258)
* | Create an index.html file when generating a docs build (#10242)Andrew Morgan2021-06-241-0/+1
| | | | | | | | | | | | | | | | | | Currently when a new build of the docs is created, an `index.html` file does not exist. Typically this would be generated from a`docs/README.md` file - which we have - however we're currently using [docs/README.md](https://github.com/matrix-org/synapse/blob/394673055db4df49bfd58c2f6118834a6d928563/docs/README.md) to explain the docs and point to the website. It is not part of the content of the website. So we end up not having an `index.html` file, which will result in a 404 page if one tries to navigate to `https://matrix-org.github.io/synapse/<docs_version>/index.html`. This isn't a really problem for the default version of the documentation (currently `develop`), as [navigating to the top-level root](https://matrix-org.github.io/synapse/) of the website (without specifying a version) will [redirect](https://github.com/matrix-org/synapse/blob/a77e6925f26597958eccf0ef9956cb13c536e57e/index.html#L2) you to the Welcome and Overview page of the `develop` docs version. However, ideally once we add a GUI for switching between versions, we'll want to send the user to `matrix-org.github.io/synapse/<version>/index.html`, which currently isn't generated. This PR modifies the CI that builds the docs to simply copy the rendered [Welcome & Overview page](https://matrix-org.github.io/synapse/develop/welcome_and_overview.html) to `index.html`.
* | Return errors from `send_join` etc if the event is rejected (#10243)Richard van der Hoff2021-06-241-0/+1
| | | | | | Rather than persisting rejected events via `send_join` and friends, raise a 403 if someone tries to pull a fast one.
* | Improve validation for `send_{join,leave,knock}` (#10225)Richard van der Hoff2021-06-241-0/+1
| | | | | | The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
* | MSC2918 Refresh tokens implementation (#9450)Quentin Gliech2021-06-241-0/+1
| | | | | | | | | | | | | | | | | | | | This implements refresh tokens, as defined by MSC2918 This MSC has been implemented client side in Hydrogen Web: vector-im/hydrogen-web#235 The basics of the MSC works: requesting refresh tokens on login, having the access tokens expire, and using the refresh token to get a new one. Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
* | Merge tag 'v1.37.0rc1' into developBrendan Abolivier2021-06-2446-46/+0
|\| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Synapse 1.37.0rc1 (2021-06-24) ============================== This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new generic module interface. This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. Features -------- - Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739), [\#9359](https://github.com/matrix-org/synapse/issues/9359), [\#10167](https://github.com/matrix-org/synapse/issues/10167), [\#10212](https://github.com/matrix-org/synapse/issues/10212), [\#10227](https://github.com/matrix-org/synapse/issues/10227)) - Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716)). ([\#9247](https://github.com/matrix-org/synapse/issues/9247)) - Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10206](https://github.com/matrix-org/synapse/issues/10206)) - Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108)) - Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191)) Bugfixes -------- - Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115)) - Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154)) - Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157), [\#10158](https://github.com/matrix-org/synapse/issues/10158)) - Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175)) - Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184)) - Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195)) - Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208)) - Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221)) Improved Documentation ---------------------- - Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436)) - Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122)) - Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180)) - Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198)) Deprecations and Removals ------------------------- - The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062), [\#10210](https://github.com/matrix-org/synapse/issues/10210), [\#10238](https://github.com/matrix-org/synapse/issues/10238)) - Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161)) - Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/)) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194)) Internal Changes ---------------- - Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933)) - Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080)) - Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134), [\#10193](https://github.com/matrix-org/synapse/issues/10193)) - Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143)) - Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144)) - Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145)) - Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148)) - Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155)) - Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156)) - Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160)) - Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164)) - Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168)) - Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183)) - Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188)) - Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189)) - Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190)) - Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197)) - Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199))
| * Tweak changelogBrendan Abolivier2021-06-241-1/+0
| |
| * Fix wrapping of legacy check_registration_for_spam (#10238)Brendan Abolivier2021-06-231-0/+1
| | | | | | Fixes #10234
| * 1.37.0rc1Brendan Abolivier2021-06-2346-46/+0
| |
* | Convert UPGRADE.rst to markdown (#10166)Andrew Morgan2021-06-232-1/+2
| | | | | | | | | | | | | | | | | | This PR: * Converts UPGRADE.rst to markdown and moves the contents into the `docs/` directory. * Updates the contents of UPGRADE.rst to point to the website instead. * Updates links around the codebase that point to UPGRADE.rst. `pandoc` + some manual editing was used to convert from RST to md.
* | Fixes to the release script (#10239)Brendan Abolivier2021-06-231-0/+1
| | | | | | | | * rename major/minor into the right semver terminology minor/patch (since this was something that got me very confused the first couple of times I've used the script) * name the release branch based on the new version, not the previous one
* | Re-introduce "Leave out optional keys from /sync" change (#10214)Andrew Morgan2021-06-231-0/+1
| | | | | | Required some fixes due to merge conflicts with #6739, but nothing too hairy. The first commit is the same as the original (after merge conflict resolution) then two more for compatibility with the latest sync code.
* | Improve the reliability of auto-joining remote rooms (#10237)Brendan Abolivier2021-06-231-0/+1
| | | | | | | | | | | | If a room is remote and we don't have a user in it, always try to join it. It might fail if the room is invite-only, but we don't have a user to invite with, so at this point it's the best we can do. Fixes #10233 (at least to some extent)
* | Send out invite rejections and knocks over federation (#10223)Richard van der Hoff2021-06-231-0/+1
| | | | | | | | | | ensure that events sent via `send_leave` and `send_knock` are sent on to the rest of the federation.
* | Drop Origin & Accept from Access-Control-Allow-Headers value (#10114)Michael[tm] Smith2021-06-231-0/+1
|/ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | * Drop Origin & Accept from Access-Control-Allow-Headers value This change drops the Origin and Accept header names from the value of the Access-Control-Allow-Headers response header sent by Synapse. Per the CORS protocol, it’s not necessary or useful to include those header names. Details: Per-spec at https://fetch.spec.whatwg.org/#forbidden-header-name, Origin is a “forbidden header name” set by the browser and that frontend JavaScript code is never allowed to set. So the value of Access-Control-Allow-Headers isn’t relevant to Origin or in general to other headers set by the browser itself — the browser never ever consults the Access-Control-Allow-Headers value to confirm that it’s OK for the request to include an Origin header. And per-spec at https://fetch.spec.whatwg.org/#cors-safelisted-request-header, Accept is a “CORS-safelisted request-header”, which means that browsers allow requests to contain the Accept header regardless of whether the Access-Control-Allow-Headers value contains "Accept". So it’s unnecessary for the Access-Control-Allow-Headers to explicitly include Accept. Browsers will not perform a CORS preflight for requests containing an Accept request header. Related: https://github.com/matrix-org/matrix-doc/pull/3225 Signed-off-by: Michael[tm] Smith <mike@w3.org>
* Fix schema delta to not take as long on large servers (#10227)Erik Johnston2021-06-221-0/+1
| | | Introduced in #6739
* Warn users trying to use the deprecated spam checker interface (#10210)Brendan Abolivier2021-06-221-0/+1
| | | So admins aren't surprised if things break when we remove this code in a couple of months.
* Add endpoints for backfilling history (MSC2716) (#9247)Eric Eastwood2021-06-221-0/+1
| | | Work on https://github.com/matrix-org/matrix-doc/pull/2716
* Implement config option `sso.update_profile_information` (#10108)jkanefendt2021-06-211-0/+1
| | | | | | Implemented config option sso.update_profile_information to keep user's display name in sync with the SSO displayname. Signed-off-by: Johannes Kanefendt <johannes.kanefendt@krzn.de>
* Fix performance of responding to user key requests over federation (#10221)Erik Johnston2021-06-211-0/+1
| | | | | We were repeatedly looking up a config option in a loop (using the unclassed config style), which is expensive enough that it can cause large CPU usage.
* Check third party rules before persisting knocks over federation (#10212)Andrew Morgan2021-06-211-0/+1
| | | | | An accidental mis-ordering of operations during #6739 technically allowed an incoming knock event over federation in before checking it against any configured Third Party Access Rules modules. This PR corrects that by performing the TPAR check *before* persisting the event.
* Ensure that errors during startup are written to the logs and the console. ↵Richard van der Hoff2021-06-211-0/+1
| | | | | | | | (#10191) * Defer stdio redirection until we are about to start the reactor * Catch and handle exceptions during startup
* Deploy a documentation version for each new Synapse release (#10198)Andrew Morgan2021-06-181-0/+1
| | | | | | | | | This PR will run a new "Deploy release-specific documentation" job whenever a push to a branch name matching `release-v*` occurs. Doing so will create/add to a folder named `vX.Y` on the `gh-pages` branch. Doing so will allow us to build up `major.minor` releases of the docs as we release Synapse. This is especially useful for having a mechanism for keeping around documentation of old/removed features (for those running older versions of Synapse), without needing to clutter the latest copy of the docs. After a [discussion](https://matrix.to/#/!XaqDhxuTIlvldquJaV:matrix.org/$rKmkBmQle8OwTlGcoyu0BkcWXdnHW3_oap8BMgclwIY?via=matrix.org&via=vector.modular.im&via=envs.net) in #synapse-dev, we wanted to use tags to trigger the documentation deployments, which I agreed with. However, I soon realised that the bash-foo required to turn a tag of `v1.2.3rc1` into `1.2` was a lot more complex than the branch's `release-v1.2`. So, I've gone with the latter for simplicity. In the future we'll have some UI on the website to switch between versions, but for now you can simply just change 'develop' to 'v1.2' in the URL.
* Fix a missing await when in the spaces summary. (#10208)Patrick Cloke2021-06-181-0/+1
| | | | | | | This could cause a minor data leak if someone defined a non-restricted join rule with an allow key or used a restricted join rule in an older room version, but this is unlikely. Additionally this starts adding unit tests to the spaces summary handler.
* Describe callbacks signatures as async in new modules doc (#10206)Brendan Abolivier2021-06-181-0/+1
|
* Standardise the module interface (#10062)Brendan Abolivier2021-06-182-0/+2
| | | This PR adds a common configuration section for all modules (see docs). These modules are then loaded at startup by the homeserver. Modules register their hooks and web resources using the new `register_[...]_callbacks` and `register_web_resource` methods of the module API.
* Expose opentracing trace id in response headers (#10199)Richard van der Hoff2021-06-181-0/+1
| | | Fixes: #9480
* Remove support for ACME v1 (#10194)Brendan Abolivier2021-06-171-0/+1
| | | | | Fixes #9778 ACME v1 has been fully decommissioned for existing installs on June 1st 2021(see https://community.letsencrypt.org/t/end-of-life-plan-for-acmev1/88430/27), so we can now safely remove it from Synapse.
* Update MSC3083 support per changes in the MSC. (#10189)Patrick Cloke2021-06-171-0/+1
| | | Adds a "type" field and generalize "space" to "room_id".
* Ensure that we do not cache empty sync responses after a timeout (#10158)Richard van der Hoff2021-06-173-1/+2
| | | Fixes #8518 by telling the ResponseCache not to cache the /sync response if the next_batch param is the same as the since token.
* Rip out the DNS lookup limiter (#10190)Richard van der Hoff2021-06-171-0/+1
| | | As I've written in various places in the past (#7113, #9865) I'm pretty sure this is doing nothing useful at all.
* update black to 21.6b0 (#10197)Marcus2021-06-171-0/+1
| | | | | Reformat all files with the new version. Signed-off-by: Marcus Hoffmann <bubu@bubu1.eu>
* Fix incorrect time magnitude on delayed call (#10195)Andrew Morgan2021-06-171-0/+1
| | | | | | | | | Fixes https://github.com/matrix-org/synapse/issues/10030. We were expecting milliseconds where we should have provided a value in seconds. The impact of this bug isn't too bad. The code is intended to count the number of remote servers that the homeserver can see and report that as a metric. This metric is supposed to run initially 1 second after server startup, and every 60s as well. Instead, it ran 1,000 seconds after server startup, and every 60s after startup. This fix allows for the correct metrics to be collected immediately, as well as preventing a random collection 1,000s in the future after startup.
* Add fields to better debug where events are being soft_failed (#10168)Eric Eastwood2021-06-171-0/+1
| | | Follow-up to https://github.com/matrix-org/synapse/pull/10156#discussion_r650292223
* Fix persist_events to stop leaking opentracing contexts (#10193)Richard van der Hoff2021-06-171-0/+1
|
* Improve comments in the structured logging code. (#10188)Patrick Cloke2021-06-161-0/+1
|
* Always require users to re-authenticate for dangerous operations. (#10184)Patrick Cloke2021-06-161-0/+1
| | | | | | | Dangerous actions means deactivating an account, modifying an account password, or adding a 3PID. Other actions (deleting devices, uploading keys) can re-use the same UI auth session if ui_auth.session_timeout is configured.
* A guide to the request log lines format. (#8436)Michael Kaye2021-06-161-0/+1
| | | | | | | This doc is short but a useful guide to what the request log lines mean. Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com> Co-authored-by: Erik Johnston <erik@matrix.org> Co-authored-by: Daniele Sluijters <daenney@users.noreply.github.com>
* Add debug logging when we enter/exit Measure block (#10183)Erik Johnston2021-06-161-0/+1
| | | It can be helpful to know when trying to track down slow requests.
* Fix requestOpenIdToken response: integer expires_in (#10175)Lukas Lihotzki2021-06-161-0/+1
| | | | | | | | | | `expires_in` must be an integer according to the OpenAPI spec: https://github.com/matrix-org/matrix-doc/blob/master/data/api/client-server/definitions/openid_token.yaml#L32 True division (`/`) returns a float instead (`"expires_in": 3600.0`). Floor division (`//`) returns an integer, so the response is spec compliant. Signed-off-by: Lukas Lihotzki <lukas@lihotzki.de>
* Fix broken links in documentation (#10180)Dirk Klimpel2021-06-161-0/+1
| | | | | * Fix broken links in documentation * newsfile
* Make opentracing trace into event persistence (#10134)Richard van der Hoff2021-06-161-0/+1
| | | | | | | | | | | | | | * Trace event persistence When we persist a batch of events, set the parent opentracing span to the that from the request, so that we can trace all the way in. * changelog * When we force tracing, set a baggage item ... so that we can check again later. * Link in both directions between persist_events spans
* Remove support for unstable MSC1772 prefixes. (#10161)Patrick Cloke2021-06-151-0/+1
| | | | The stable prefixes have been supported since v1.34.0. The unstable prefixes are not supported by any known clients.
* Remove the experimental flag for knocking and use stable prefixes / ↵Patrick Cloke2021-06-151-0/+1
| | | | | | | endpoints. (#10167) * Room version 7 for knocking. * Stable prefixes and endpoints (both client and federation) for knocking. * Removes the experimental configuration flag.
* Fix 'ip_range_whitelist' not working for federation servers (#10115)Michael Kutzner2021-06-151-0/+1
| | | | | Add 'federation_ip_range_whitelist'. This allows backwards-compatibility, If 'federation_ip_range_blacklist' is set. Otherwise 'ip_range_whitelist' will be used for federation servers. Signed-off-by: Michael Kutzner 1mikure@gmail.com
* Refactor `EventPersistenceQueue` (#10145)Richard van der Hoff2021-06-141-0/+1
| | | some cleanup, pulled out of #10134.
* Extend `ResponseCache` to pass a context object into the callback (#10157)Richard van der Hoff2021-06-141-0/+1
| | | | | This is the first of two PRs which seek to address #8518. This first PR lays the groundwork by extending ResponseCache; a second PR (#10158) will update the SyncHandler to actually use it, and fix the bug. The idea here is that we allow the callback given to ResponseCache.wrap to decide whether its result should be cached or not. We do that by (optionally) passing a ResponseCacheContext into it, which it can modify.
* Notes on boolean columns in database schemas (#10164)Richard van der Hoff2021-06-111-0/+1
|
* Merge tag 'v1.36.0rc2' into developErik Johnston2021-06-113-3/+0
|\ | | | | | | | | | | | | | | | | | | | | | | Synapse 1.36.0rc2 (2021-06-11) ============================== Bugfixes -------- - Fix a bug which caused presence updates to stop working some time after a restart, when using a presence writer worker. Broke in v1.33.0. ([\#10149](https://github.com/matrix-org/synapse/issues/10149)) - Fix a bug when using federation sender worker where it would send out more presence updates than necessary, leading to high resource usage. Broke in v1.33.0. ([\#10163](https://github.com/matrix-org/synapse/issues/10163)) - Fix a bug where Synapse could send the same presence update to a remote twice. ([\#10165](https://github.com/matrix-org/synapse/issues/10165))
| * 1.36.0rc2Erik Johnston2021-06-113-3/+0
| |
| * Only send a presence state to a destination once (#10165)Erik Johnston2021-06-111-0/+1
| | | | | | | | It turns out that we were sending the same presence state to a remote potentially multiple times.
| * Fix sending presence over federation when using workers (#10163)Erik Johnston2021-06-111-0/+1
| | | | | | | | | | | | When using a federation sender we'd send out all local presence updates over federation even when they shouldn't be. Fixes #10153.
| * Fix bug when running presence off master (#10149)Erik Johnston2021-06-111-0/+1
| | | | | | Hopefully fixes #10027.
* | Only send a presence state to a destination once (#10165)Erik Johnston2021-06-111-0/+1
| | | | | | | | It turns out that we were sending the same presence state to a remote potentially multiple times.
* | Support for database schema version ranges (#9933)Richard van der Hoff2021-06-111-0/+1
| | | | | | This is essentially an implementation of the proposal made at https://hackmd.io/@richvdh/BJYXQMQHO, though the details have ended up looking slightly different.
* | Use the matching complement branch when running tests in CI. (#10160)Patrick Cloke2021-06-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | This implements similar behavior to sytest where a matching branch is used, if one exists. This is useful when needing to modify both application code and tests at the same time. The following rules are used to find a matching complement branch: 1. Search for the branch name of the pull request. (E.g. feature/foo.) 2. Search for the base branch of the pull request. (E.g. develop or release-vX.Y.) 3. Search for the reference branch of the commit. (E.g. master or release-vX.Y.) 4. Fallback to 'master', the default complement branch name.
* | Fix sending presence over federation when using workers (#10163)Erik Johnston2021-06-111-0/+1
| | | | | | | | | | | | When using a federation sender we'd send out all local presence updates over federation even when they shouldn't be. Fixes #10153.
* | Clean up a broken import in admin_cmd.py (#10154)Andrew Morgan2021-06-111-0/+1
| |
* | Fix bug when running presence off master (#10149)Erik Johnston2021-06-111-0/+1
| | | | | | Hopefully fixes #10027.
* | Add metrics to track how often events are `soft_failed` (#10156)Eric Eastwood2021-06-111-0/+1
| | | | | | | | | | | | | | | | | | | | | | Spawned from missing messages we were seeing on `matrix.org` from a federated Gtiter bridged room, https://gitlab.com/gitterHQ/webapp/-/issues/2770. The underlying issue in Synapse is tracked by https://github.com/matrix-org/synapse/issues/10066 where the message and join event race and the message is `soft_failed` before the `join` event reaches the remote federated server. Less soft_failed events = better and usually this should only trigger for events where people are doing bad things and trying to fuzz and fake everything.
* | Document how to see logger output when running the twisted tests (#10148)Eric Eastwood2021-06-111-0/+1
| |
* | Mention that you need to configure max upload size in reverse proxy as well ↵Aaron Raimist2021-06-101-0/+1
| | | | | | | | | | (#10122) Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Update Complement run with Synapse-supported MSC-related build tags (#10155)Andrew Morgan2021-06-091-0/+1
| | | | | | | | | | This PR updates the build tags that we perform Complement runs with to match our [buildkite pipeline](https://github.com/matrix-org/pipelines/blob/618b3e90bcae8efd1a71502ae95b7913e6e24665/synapse/pipeline.yml#L570), as well as adding `msc2403` (as it will be required once #9359 is merged). Build tags are what we use to determine which tests to run in Complement (really it determines which test files are compiled into the final binary). I haven't put in a comment about updating the buildkite side here, as we've decided to migrate fully to GitHub Actions anyhow.
* | Integrate knock rooms with the public rooms directory (#9359)Andrew Morgan2021-06-091-0/+1
| | | | | | | | | | | | | | | | | | | | This PR implements the ["Changes regarding the Public Rooms Directory"](https://github.com/Sorunome/matrix-doc/blob/soru/knock/proposals/2403-knock.md#changes-regarding-the-public-rooms-directory) section of knocking MSC2403. Specifically, it: * Allows rooms with `join_rule` "knock" to be returned by the query behind the public rooms directory * Adds the field `join_rule` to each room entry returned by a public rooms directory query, so clients can know whether to attempt a join or knock on a room Based on https://github.com/matrix-org/synapse/issues/6739. Complement tests for this change: https://github.com/matrix-org/complement/pull/72
* | Implement knock feature (#6739)Sorunome2021-06-091-0/+1
| | | | | | | | | | | | This PR aims to implement the knock feature as proposed in https://github.com/matrix-org/matrix-doc/pull/2403 Signed-off-by: Sorunome mail@sorunome.de Signed-off-by: Andrew Morgan andrewm@element.io
* | Limit the number of in-flight /keys/query requests from a single device. ↵Patrick Cloke2021-06-091-0/+1
| | | | | | | | (#10144)
* | Clean up the interface for injecting opentracing over HTTP (#10143)Richard van der Hoff2021-06-091-0/+1
| | | | | | | | | | | | | | * Remove unused helper functions * Clean up the interface for injecting opentracing over HTTP * changelog
* | Add type hints to the federation server transport. (#10080)Patrick Cloke2021-06-081-0/+1
|/
* 1.36.0rc1Andrew Morgan2021-06-0844-44/+0
|
* Fix logging context when opening new DB connection (#10141)Erik Johnston2021-06-081-0/+1
| | | | Fixes #10140
* Correct type hints for parse_string(s)_from_args. (#10137)Patrick Cloke2021-06-081-0/+1
|
* Name release branches just after major.minor (#10013)Dan Callahan2021-06-081-0/+1
| | | | | | | | | | | | | | | | | | With the prior format, 1.33.0 / 1.33.1 / 1.33.2 got separate branches: release-v1.33.0 release-v1.33.1 release-v1.33.2 Under the new model, all three would share a common branch: release-v1.33 As before, RCs and actual releases exist as tags on these branches. This better reflects our support model, e.g., that the "1.33" series had a formal release followed by two patches / updates. Signed-off-by: Dan Callahan <danc@element.io>
* When joining a remote room limit the number of events we concurrently check ↵Erik Johnston2021-06-081-0/+1
| | | | | signatures/hashes for (#10117) If we do hundreds of thousands at once the memory overhead can easily reach 500+ MB.
* Handle /backfill returning no events (#10133)Erik Johnston2021-06-081-0/+1
| | | Fixes #10123
* More database opentracing (#10136)Richard van der Hoff2021-06-071-0/+1
| | | Add a couple of extra logs/spans, to give a bit of a better idea.
* opentracing: use a consistent name for background processes (#10135)Richard van der Hoff2021-06-071-0/+1
| | | | ... otherwise we tend to get a namespace clash between the bg process and the functions that it calls.
* Make link in docs use HTTPS (#10130)Rohan Sharma2021-06-071-0/+1
| | | | | Fixes #10121 Signed-off-by: Rohan Sharma <rhnsharma5113@gmail.com>
* Fix broken link to README at root of repo (#10132)Chris Castle2021-06-071-0/+1
| | | Signed-off-by: Chris Castle chris@crc.io
* Always update AS last_pos, even on no events (#10107)14mRh4X0r2021-06-071-0/+1
| | | | | | | | | | Fixes #1834. `get_new_events_for_appservice` internally calls `get_events_as_list`, which will filter out any rejected events. If all returned events are filtered out, `_notify_interested_services` will return without updating the last handled stream position. If there are 100 consecutive such events, processing will halt altogether. Breaking the loop is now done by checking whether we're up-to-date with `current_max` in the loop condition, instead of relying on an empty `events` list. Signed-off-by: Willem Mulder <14mRh4X0r@gmail.com>
* Add missing type hints to the admin API servlets (#10105)Dirk Klimpel2021-06-071-0/+1
|
* Delete completes to-device messages earlier in /sync (#10124)Richard van der Hoff2021-06-071-0/+1
| | | | I hope this will improve https://github.com/matrix-org/synapse/issues/9564.
* Don't try and backfill the same room in parallel. (#10116)Erik Johnston2021-06-041-0/+1
| | | | | If backfilling is slow then the client may time out and retry, causing Synapse to start a new `/backfill` before the existing backfill has finished, duplicating work.
* Limit number of events in a replication request (#10118)Erik Johnston2021-06-041-0/+1
| | | Fixes #9956.
* Enable Prometheus metrics for the jaeger client library (#10112)Richard van der Hoff2021-06-041-0/+1
|
* Compile and render Synapse's docs into a browsable, mobile-friendly and ↵Andrew Morgan2021-06-031-0/+1
| | | | searchable website (#10086)
* Add OpenTracing for database activity. (#10113)Richard van der Hoff2021-06-031-0/+1
| | | | | | | | | | This adds quite a lot of OpenTracing decoration for database activity. Specifically it adds tracing at four different levels: * emit a span for each "interaction" - ie, the top level database function that we tend to call "transaction", but isn't really, because it can end up as multiple transactions. * emit a span while we hold a database connection open * emit a span for each database transaction - actual actual transaction. * emit a span for each database query. I'm aware this might be quite a lot of overhead, but even just running it on a local Synapse it looks really interesting, and I hope the overhead can be offset just by turning down the sampling frequency and finding other ways of tracing requests of interest (eg, the `force_tracing_for_users` setting).
* Improve opentracing annotations for Notifier (#10111)Richard van der Hoff2021-06-031-0/+1
| | | | | | | The existing tracing reports an error each time there is a timeout, which isn't really representative. Additionally, we log things about the way `wait_for_events` works (eg, the result of the callback) to the *parent* span, which is confusing.
* Convert admin api docs to markdown (#10089)Andrew Morgan2021-06-031-0/+1
| | | So that they render nicely in mdbook (see #10086), and so that we no longer have a mix of structured text languages in our documentation (excluding files outside of `docs/`).
* r0.6.1 support: /rooms/:roomId/aliases endpoint (#9224)Travis Ralston2021-06-031-0/+1
| | | | | | [MSC2432](https://github.com/matrix-org/matrix-doc/pull/2432) added this endpoint originally but it has since been included in the spec for nearly a year. This is progress towards https://github.com/matrix-org/synapse/issues/8334
* Merge branch 'master' into developPatrick Cloke2021-06-031-1/+0
|\
| * 1.35.1Patrick Cloke2021-06-031-1/+0
| |
| * Do not show invite-only rooms in spaces summary (unless joined/invited). ↵Patrick Cloke2021-06-031-0/+1
| | | | | | | | (#10109)
| * 1.35.0Andrew Morgan2021-06-011-1/+0
| |
| * Announce deprecation of experimental `msc2858_enabled` option. (#10101)Erik Johnston2021-06-011-0/+1
| | | | | | | | | | c.f. https://github.com/matrix-org/synapse/pull/9617 and https://github.com/matrix-org/matrix-doc/blob/master/proposals/2858-Multiple-SSO-Identity-Providers.md Fixes #9627.
| * 1.35.0rc3Erik Johnston2021-05-283-3/+0
| |
| * Merge remote-tracking branch 'origin/release-v1.35.0' into release-v1.35Erik Johnston2021-05-281-1/+0
| |\
| | * 1.35.0rc2 v1.35.0rc2 github/release-v1.35.0 release-v1.35.0Erik Johnston2021-05-271-1/+0
| | |
| * | Limit the number of events sent over replication when persisting events. ↵Brendan Abolivier2021-05-281-0/+1
| | | | | | | | | | | | (#10082)
| * | Log method and path when dropping request due to size limit (#10091)Erik Johnston2021-05-281-0/+1
| | |
| * | Allow response of `/send_join` to be larger. (#10093)Erik Johnston2021-05-281-0/+1
| |/ | | | | Fixes #10087.
| * Pass the origin when calculating the spaces summary over GET. (#10079)Patrick Cloke2021-05-271-0/+1
| | | | | | | | Fixes a bug due to conflicting PRs which were merged. (One added a new caller to a method, the other added a new parameter to the same method.)
* | Add new admin APIs to remove media by media ID from quarantine. (#10044)Dirk Klimpel2021-06-021-0/+1
| | | | | | | | | | Related to: #6681, #5956, #10040 Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | github actions: summarize Sytest results in an easy-to-read format (#10094)Richard van der Hoff2021-06-021-0/+1
| | | | | | ... using the script from matrix-org/sytest#1052
* | Rewrite the KeyRing (#10035)Erik Johnston2021-06-021-0/+1
| |
* | Do not show invite-only rooms in spaces summary (unless joined/invited). ↵Patrick Cloke2021-06-021-0/+1
| | | | | | | | (#10109)
* | Make /sync do less state res (#10102)Erik Johnston2021-06-021-0/+1
| |
* | add a cache to have_seen_event (#9953)Richard van der Hoff2021-06-013-1/+2
| | | | | | Empirically, this helped my server considerably when handling gaps in Matrix HQ. The problem was that we would repeatedly call have_seen_events for the same set of (50K or so) auth_events, each of which would take many minutes to complete, even though it's only an index scan.
* | Fix opentracing inject to use the SpanContext, not the Span (#10074)Brad Murray2021-06-011-0/+1
| | | | | | Signed-off-by: Brad Murray brad@beeper.com
* | Set opentracing priority before setting other tags (#10092)Richard van der Hoff2021-05-281-0/+1
| | | | | | ... because tags on spans which aren't being sampled get thrown away.
* | Log method and path when dropping request due to size limit (#10091)Erik Johnston2021-05-281-0/+1
| |
* | Add `parse_strings_from_args` to get `prev_events` array (#10048)Eric Eastwood2021-05-281-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Split out from https://github.com/matrix-org/synapse/pull/9247 Strings: - `parse_string` - `parse_string_from_args` - `parse_strings_from_args` For comparison with ints: - `parse_integer` - `parse_integer_from_args` Previous discussions: - https://github.com/matrix-org/synapse/pull/9247#discussion_r573195687 - https://github.com/matrix-org/synapse/pull/9247#discussion_r574214156 - https://github.com/matrix-org/synapse/pull/9247#discussion_r573264791 Signed-off-by: Eric Eastwood <erice@element.io>
* | Move some more endpoints off master (#10084)Erik Johnston2021-05-271-0/+1
| |
* | Make reason and score optional for report_event (#10077)Callum Brown2021-05-271-0/+1
| | | | | | | | | | | | Implements MSC2414: https://github.com/matrix-org/matrix-doc/pull/2414 See #8551 Signed-off-by: Callum Brown <callum@calcuode.com>
* | Limit the number of events sent over replication when persisting events. ↵Brendan Abolivier2021-05-271-0/+1
| | | | | | | | (#10082)
* | Fix up `BatchingQueue` (#10078)Erik Johnston2021-05-271-0/+1
| | | | | | Fixes #10068
* | Clarify security note regarding the domain Synapse is hosted on. (#9221)Denis Kasak2021-05-271-0/+1
| |
* | Improve the error message printed by synctl when synapse fails to start. ↵Richard van der Hoff2021-05-271-0/+1
| | | | | | | | (#10059)
* | Remove redundant, unmaintained `convert_server_keys` script. (#10055)Richard van der Hoff2021-05-271-0/+1
| |
* | Remove redundant code to reload tls cert (#10054)Richard van der Hoff2021-05-271-0/+1
| | | | | | | | | | we don't need to reload the tls cert if we don't have any tls listeners. Follow-up to #9280.
* | Combine `LruCache.invalidate` and `invalidate_many` (#9973)Richard van der Hoff2021-05-271-0/+1
| | | | | | | | | | | | | | | | | | | | * Make `invalidate` and `invalidate_many` do the same thing ... so that we can do either over the invalidation replication stream, and also because they always confused me a bit. * Kill off `invalidate_many` * changelog
* | Remove the experimental spaces enabled flag. (#10063)Patrick Cloke2021-05-261-0/+1
| | | | | | | | In lieu of just always enabling the unstable spaces endpoint and unstable room version.
* | Fix GitHub Actions lint for newsfragments (#10069)Dan Callahan2021-05-261-0/+1
| | | | | | | | | | * Fix GitHub Actions lint for newsfragments Signed-off-by: Dan Callahan <danc@element.io>
* | Tweak wording of database recommendation in INSTALL.md (#10057)Aaron Raimist2021-05-261-0/+1
| | | | | | | | | | | | * Tweak wording of database recommendation in INSTALL.md Signed-off-by: Aaron Raimist <aaron@raim.ist>
* | Tell CircleCI to build Docker images from `main` (#9906)Dan Callahan2021-05-261-0/+1
| | | | | | | | | | | | The `only` field takes a string or list of strings per the Circle docs: https://circleci.com/docs/2.0/configuration-reference/#branches Signed-off-by: Dan Callahan <danc@element.io>
* | Add an admin API for unprotecting local media from quarantine (#10040)Dirk Klimpel2021-05-261-0/+1
| | | | | | Signed-off-by: Dirk Klimpel dirk@klimpel.org
* | Update CAPTCHA documentation to mention turning off verify origin feature ↵Aaron Raimist2021-05-261-0/+1
|/ | | | | | | | (#10046) * Update CAPTCHA documentation to mention turning off verify origin Signed-off-by: Aaron Raimist <aaron@raim.ist>
* 1.35.0rc1 v1.35.0rc1Erik Johnston2021-05-2537-37/+0
|
* Run complement with Synapse workers manually. (#10039)Patrick Cloke2021-05-241-0/+1
| | | | Adds an option to complement.sh to run Synapse in worker mode (instead of the default monolith mode).
* Add missing type hints to synapse.util (#9982)Patrick Cloke2021-05-241-0/+1
|
* Fix docker image to not log at `/homeserver.log` (#10045)Sergio Miguéns2021-05-241-0/+1
| | | | | Fixes #9970 Signed-off-by: Sergio Miguéns Iglesias lonyelon@lony.xyz
* Remove tls_fingerprints option (#9280)Jerin J Titus2021-05-241-0/+1
| | | | Signed-off-by: Jerin J Titus <72017981+jerinjtitus@users.noreply.github.com>
* Fix --no-daemonize for synctl with workers (#9995)Richard van der Hoff2021-05-241-0/+1
|
* Fix off-by-one-error in synapse_port_db (#9991)Richard van der Hoff2021-05-241-0/+1
| | | fixes #9979
* Remove `keylen` from `LruCache`. (#9993)Richard van der Hoff2021-05-241-0/+1
| | | | | | | `keylen` seems to be a thing that is frequently incorrectly set, and we don't really need it. The only time it was used was to figure out if we had removed a subtree in `del_multi`, which we can do better by changing `TreeCache.pop` to return a different type (`TreeCacheNode`). Commits should be independently reviewable.
* Enable experimental spaces by default. (#10011)Patrick Cloke2021-05-241-0/+1
| | | | The previous spaces_enabled flag now defaults to true and is exposed in the sample config.
* Add missing entry to the table of contents of room admin API (#10043)Dirk Klimpel2021-05-241-0/+1
|
* Fix `get_state_ids_for_event` return type typo to match what the function ↵Eric Eastwood2021-05-241-0/+1
| | | | | actually does (#10050) It looks like a typo copy/paste from `get_state_for_event` above.
* Don't hammer the database for destination retry timings every ~5mins (#10036)Erik Johnston2021-05-211-0/+1
|
* Fix /upload 500'ing when presented a very large image (#10029)Michael Telatynski2021-05-211-0/+1
| | | | | | | | | | | | * Fix /upload 500'ing when presented a very large image Catch DecompressionBombError and re-raise as ThumbnailErrors * Set PIL's MAX_IMAGE_PIXELS to match homeserver.yaml to get it to bomb out quicker, to load less into memory in the case of super large images * Add changelog entry for 10029
* Add a test for update_presence (#10033)Andrew Morgan2021-05-211-0/+1
| | | | | | | https://github.com/matrix-org/synapse/issues/9962 uncovered that we accidentally removed all but one of the presence updates that we store in the database when persisting multiple updates. This could cause users' presence state to be stale. The bug was fixed in #10014, and this PR just adds a test that failed on the old code, and was used to initially verify the bug. The test attempts to insert some presence into the database in a batch using `PresenceStore.update_presence`, and then simply pulls it out again.
* Remove unused properties from the SpaceSummaryHandler. (#10038)Patrick Cloke2021-05-211-0/+1
|
* Fixed removal of new presence stream states (#10014)Marek Matys2021-05-211-0/+1
| | | | | | | | | Fixes: https://github.com/matrix-org/synapse/issues/9962 This is a fix for above problem. I fixed it by swaping the order of insertion of new records and deletion of old ones. This ensures that we don't delete fresh database records as we do deletes before inserts. Signed-off-by: Marek Matys <themarcq@gmail.com>
* Add a batching queue implementation. (#10017)Erik Johnston2021-05-211-0/+1
|
* Add `Keyring.verify_events_for_server` and reduce memory usage (#10018)Erik Johnston2021-05-201-0/+1
| | | | | | Also add support for giving a callback to generate the JSON object to verify. This should reduce memory usage, as we no longer have the event in memory in dict form (which has a large memory footprint) for extend periods of time.
* Use ijson to parse the response to `/send_join`, reducing memory usage. (#9958)Erik Johnston2021-05-201-0/+1
| | | Instead of parsing the full response to `/send_join` into Python objects (which can be huge for large rooms) and *then* parsing that into events, we instead use ijson to stream parse the response directly into `EventBase` objects.
* Allow a user who could join a restricted room to see it in spaces summary. ↵Patrick Cloke2021-05-201-0/+1
| | | | | | (#9922) This finishes up the experimental implementation of MSC3083 by showing the restricted rooms in the spaces summary (from MSC2946).
* Merge branch 'master' of github.com:matrix-org/synapse into developAndrew Morgan2021-05-201-0/+1
|\
| * Update user_directory.md (#10016)Javier Junquera Sánchez2021-05-201-0/+1
| | | | | | Signed-off-by: Javier Junquera Sánchez <javier@junquera.io>
* | Update the contrib grafana dashboard (#10001)Erik Johnston2021-05-191-0/+1
| |
* | Hardened systemd unit files (#9803)Savyasachee Jha2021-05-191-0/+1
| | | | | | Signed-off-by: Savyasachee Jha savya.jha@hawkradius.com
* | Refactor checking restricted join rules (#10007)Patrick Cloke2021-05-181-0/+1
| | | | | | | | | | To be more consistent with similar code. The check now automatically raises an AuthError instead of passing back a boolean. It also absorbs some shared logic between callers.
* | Use a database table to hold the users that should have full presence sent ↵Andrew Morgan2021-05-181-0/+1
| | | | | | | | to them, instead of something in-memory (#9823)
* | Fix the allowed range of valid ordering characters for spaces. (#10002)Patrick Cloke2021-05-171-0/+1
| | | | | | | | \x7F was meant to be \0x7E (~) this was originally incorrect in MSC1772.
* | Clarify comments in the space summary handler. (#9974)Patrick Cloke2021-05-171-0/+1
| |
* | Split multiplart email sending into a dedicated handler (#9977)Brendan Abolivier2021-05-171-0/+1
| | | | | | Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* | Update postgres docs (#9989)Richard van der Hoff2021-05-142-1/+2
| |
* | Run `black` on the scripts (#9981)Richard van der Hoff2021-05-141-0/+1
| | | | | | | | Turns out these scripts weren't getting linted.
* | Minor `@cachedList` enhancements (#9975)Richard van der Hoff2021-05-141-0/+1
| | | | | | | | | | | | - use a tuple rather than a list for the iterable that is passed into the wrapped function, for performance - test that we can pass an iterable and that keys are correctly deduped.
* | Remove unnecessary SystemRandom from SQLBaseStore (#9987)Dan Callahan2021-05-141-0/+1
| | | | | | | | | | | | | | | | It's not obvious that instances of SQLBaseStore each need their own instances of random.SystemRandom(); let's just use random directly. Introduced by 52839886d664576831462e033b88e5aba4c019e3 Signed-off-by: Dan Callahan <danc@element.io>
* | Remove superfluous call to bool() (#9986)Dan Callahan2021-05-141-0/+1
| | | | | | | | | | Our strtobool already returns a bool, so no need to re-cast here Signed-off-by: Dan Callahan <danc@element.io>
* | Simplify exception handling in is_ascii. (#9985)Dan Callahan2021-05-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | We can get away with just catching UnicodeError here. ⋮ +-- ValueError | +-- UnicodeError | +-- UnicodeDecodeError | +-- UnicodeEncodeError | +-- UnicodeTranslateError ⋮ https://docs.python.org/3/library/exceptions.html#exception-hierarchy Signed-off-by: Dan Callahan <danc@element.io>
* | Use Python's secrets module instead of random (#9984)Dan Callahan2021-05-141-0/+1
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Functionally identical, but more obviously cryptographically secure. ...Explicit is better than implicit? Avoids needing to know that SystemRandom() implies a CSPRNG, and complies with the big scary red box on the documentation for random: > Warning: > The pseudo-random generators of this module should not be used for > security purposes. For security or cryptographic uses, see the > secrets module. https://docs.python.org/3/library/random.html Signed-off-by: Dan Callahan <danc@element.io>
* | Support enabling opentracing by user (#9978)Richard van der Hoff2021-05-141-0/+1
| | | | | | | | | | Add a config option which allows enabling opentracing by user id, eg for debugging requests made by a test user.
* | Update minimum supported version in postgres.md (#9988)Andrew Morgan2021-05-141-0/+1
| |
* | Update SSO mapping providers documentation about unique IDs. (#9980)Patrick Cloke2021-05-131-0/+1
|/