From 8810c93e828a9ed1dcb008d08be8aa9fcb4d28c3 Mon Sep 17 00:00:00 2001 From: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com> Date: Thu, 24 Mar 2022 17:16:13 +0000 Subject: Replace instances of deprecated `Jinja2.Markup` with `markupsafe.Markup` (#12289) Co-authored-by: Patrick Cloke --- changelog.d/12289.misc | 1 + synapse/push/mailer.py | 9 +++++---- synapse/python_dependencies.py | 1 + 3 files changed, 7 insertions(+), 4 deletions(-) create mode 100644 changelog.d/12289.misc diff --git a/changelog.d/12289.misc b/changelog.d/12289.misc new file mode 100644 index 0000000000..f80ccf3284 --- /dev/null +++ b/changelog.d/12289.misc @@ -0,0 +1 @@ +Remove uses of the long-deprecated `Jinja2.Markup` which would prevent Synapse from starting with Jinja2 3.1.0 or above installed. This does not affect deployments of Synapse using our Docker images or Debian packages. \ No newline at end of file diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py index 649a4f49d0..5ccdd88364 100644 --- a/synapse/push/mailer.py +++ b/synapse/push/mailer.py @@ -18,6 +18,7 @@ from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, TypeVar import bleach import jinja2 +from markupsafe import Markup from synapse.api.constants import EventTypes, Membership, RoomTypes from synapse.api.errors import StoreError @@ -867,7 +868,7 @@ class Mailer: ) -def safe_markup(raw_html: str) -> jinja2.Markup: +def safe_markup(raw_html: str) -> Markup: """ Sanitise a raw HTML string to a set of allowed tags and attributes, and linkify any bare URLs. @@ -877,7 +878,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify( bleach.clean( raw_html, @@ -891,7 +892,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: ) -def safe_text(raw_text: str) -> jinja2.Markup: +def safe_text(raw_text: str) -> Markup: """ Sanitise text (escape any HTML tags), and then linkify any bare URLs. @@ -901,7 +902,7 @@ def safe_text(raw_text: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify(bleach.clean(raw_text, tags=[], attributes=[], strip=False)) ) diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index 1dd39f06cf..232f9a9595 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -75,6 +75,7 @@ REQUIREMENTS = [ "attrs>=19.2.0,!=21.1.0", "netaddr>=0.7.18", "Jinja2>=2.9", + "MarkupSafe>=2.0", "bleach>=1.4.3", # We use `ParamSpec`, which was added in `typing-extensions` 3.10.0.0. "typing-extensions>=3.10.0", -- cgit 1.4.1 From 088f3ae1823f335b6fa6d470a49d55a4c3cfdf0a Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Thu, 24 Mar 2022 17:47:03 +0000 Subject: 1.55.1 --- CHANGES.md | 11 +++++++++++ changelog.d/12289.misc | 1 - debian/changelog | 6 ++++++ synapse/__init__.py | 2 +- 4 files changed, 18 insertions(+), 2 deletions(-) delete mode 100644 changelog.d/12289.misc diff --git a/CHANGES.md b/CHANGES.md index 6618378c06..58775e3519 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,14 @@ +Synapse 1.55.1 (2022-03-24) +=========================== + +This is a patch release that fixes an incompatibility with version 3.1.0 of the Jinja2 library, released on March 24th, 2022. Deployments of Synapse using the official Docker images or Debian packages are not affected. + +Internal Changes +---------------- + +- Remove uses of the long-deprecated `Jinja2.Markup` which would prevent Synapse from starting with Jinja2 3.1.0 or above installed. ([\#12289](https://github.com/matrix-org/synapse/issues/12289)) + + Synapse 1.55.0 (2022-03-22) =========================== diff --git a/changelog.d/12289.misc b/changelog.d/12289.misc deleted file mode 100644 index f80ccf3284..0000000000 --- a/changelog.d/12289.misc +++ /dev/null @@ -1 +0,0 @@ -Remove uses of the long-deprecated `Jinja2.Markup` which would prevent Synapse from starting with Jinja2 3.1.0 or above installed. This does not affect deployments of Synapse using our Docker images or Debian packages. \ No newline at end of file diff --git a/debian/changelog b/debian/changelog index 7eed6c5b4a..f3ac279302 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.55.1) stable; urgency=medium + + * New synapse release 1.55.1. + + -- Synapse Packaging team Thu, 24 Mar 2022 17:44:23 +0000 + matrix-synapse-py3 (1.55.0) stable; urgency=medium * New synapse release 1.55.0. diff --git a/synapse/__init__.py b/synapse/__init__.py index f0f224d0bb..70f56824f9 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -68,7 +68,7 @@ try: except ImportError: pass -__version__ = "1.55.0" +__version__ = "1.55.1" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when -- cgit 1.4.1 From e689cae47dad3bb31b3b0a54d30ca60a0582fcfc Mon Sep 17 00:00:00 2001 From: Andrew Morgan Date: Thu, 24 Mar 2022 17:54:43 +0000 Subject: update changelog for 1.55.1 --- CHANGES.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/CHANGES.md b/CHANGES.md index 58775e3519..05ca83df5d 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,12 +1,12 @@ Synapse 1.55.1 (2022-03-24) =========================== -This is a patch release that fixes an incompatibility with version 3.1.0 of the Jinja2 library, released on March 24th, 2022. Deployments of Synapse using the official Docker images or Debian packages are not affected. +This is a patch release that fixes an incompatibility with version 3.1.0 of the [Jinja](https://pypi.org/project/Jinja2/) library, released on March 24th, 2022. Deployments of Synapse using the `matrixdotorg/synapse` Docker image or Debian packages from packages.matrix.org are not affected. Internal Changes ---------------- -- Remove uses of the long-deprecated `Jinja2.Markup` which would prevent Synapse from starting with Jinja2 3.1.0 or above installed. ([\#12289](https://github.com/matrix-org/synapse/issues/12289)) +- Remove uses of the long-deprecated `jinja2.Markup` which would prevent Synapse from starting with Jinja 3.1.0 or above installed. ([\#12289](https://github.com/matrix-org/synapse/issues/12289)) Synapse 1.55.0 (2022-03-22) -- cgit 1.4.1