Merge branch 'master' into develop

pull/12301/head
Richard van der Hoff 2022-03-24 19:39:45 +00:00
commit b0659a112d
5 changed files with 25 additions and 8 deletions

View File

@ -1,3 +1,15 @@
Synapse 1.55.2 (2022-03-24)
===========================
This patch version reverts the earlier fixes from Synapse 1.55.1, which could cause problems in certain deployments, and instead adds a cap to the version of Jinja to be installed. Again, this is to fix an incompatibility with version 3.1.0 of the [Jinja](https://pypi.org/project/Jinja2/) library, and again, deployments of Synapse using the `matrixdotorg/synapse` Docker image or Debian packages from packages.matrix.org are not affected.
Internal Changes
----------------
- Pin Jinja to <3.1.0, as Synapse fails to start with Jinja 3.1.0. ([\#12297](https://github.com/matrix-org/synapse/issues/12297))
- Revert changes from 1.55.1 as they caused problems with older versions of Jinja ([\#12296](https://github.com/matrix-org/synapse/issues/12296))
Synapse 1.55.1 (2022-03-24)
===========================

6
debian/changelog vendored
View File

@ -1,3 +1,9 @@
matrix-synapse-py3 (1.55.2) stable; urgency=medium
* New synapse release 1.55.2.
-- Synapse Packaging team <packages@matrix.org> Thu, 24 Mar 2022 19:07:11 +0000
matrix-synapse-py3 (1.55.1) stable; urgency=medium
* New synapse release 1.55.1.

View File

@ -68,7 +68,7 @@ try:
except ImportError:
pass
__version__ = "1.55.1"
__version__ = "1.55.2"
if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)):
# We import here so that we don't have to install a bunch of deps when

View File

@ -18,7 +18,6 @@ from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, TypeVar
import bleach
import jinja2
from markupsafe import Markup
from synapse.api.constants import EventTypes, Membership, RoomTypes
from synapse.api.errors import StoreError
@ -868,7 +867,7 @@ class Mailer:
)
def safe_markup(raw_html: str) -> Markup:
def safe_markup(raw_html: str) -> jinja2.Markup:
"""
Sanitise a raw HTML string to a set of allowed tags and attributes, and linkify any bare URLs.
@ -878,7 +877,7 @@ def safe_markup(raw_html: str) -> Markup:
Returns:
A Markup object ready to safely use in a Jinja template.
"""
return Markup(
return jinja2.Markup(
bleach.linkify(
bleach.clean(
raw_html,
@ -892,7 +891,7 @@ def safe_markup(raw_html: str) -> Markup:
)
def safe_text(raw_text: str) -> Markup:
def safe_text(raw_text: str) -> jinja2.Markup:
"""
Sanitise text (escape any HTML tags), and then linkify any bare URLs.
@ -902,7 +901,7 @@ def safe_text(raw_text: str) -> Markup:
Returns:
A Markup object ready to safely use in a Jinja template.
"""
return Markup(
return jinja2.Markup(
bleach.linkify(bleach.clean(raw_text, tags=[], attributes=[], strip=False))
)

View File

@ -74,8 +74,8 @@ REQUIREMENTS = [
# Note: 21.1.0 broke `/sync`, see #9936
"attrs>=19.2.0,!=21.1.0",
"netaddr>=0.7.18",
"Jinja2>=2.9",
"MarkupSafe>=2.0",
# Jinja2 3.1.0 removes the deprecated jinja2.Markup class, which we rely on.
"Jinja2<3.1.0",
"bleach>=1.4.3",
# We use `ParamSpec`, which was added in `typing-extensions` 3.10.0.0.
"typing-extensions>=3.10.0",