* 'develop' of github.com:matrix-org/synapse: (75 commits)
Add instance name to RDATA/POSITION commands (#7364)
Don't relay REMOTE_SERVER_UP cmds to same conn. (#7352)
Fix limit logic for EventsStream (#7358)
Fix fallback value for account_threepid_delegates.email (#7316)
Clean up admin api docs (#7361)
Return total number of users and profile attributes in admin users endpoint (#6881)
Add some replication tests (#7278)
Fix typo 'datbases' in ConfigError
Fix collation for postgres for unit tests (#7359)
Run replication streamers on workers (#7146)
Fix incorrect metrics reporting for renew_attestations (#7344)
Document monitoring workers (#7357)
Add some explanation to application_services.md (#7091)
Don't crash when one of the configuration files is empty (#7341)
Add documentation to the sample config about the templates for SSO. (#7343)
Convert some of the federation handler methods to async/await. (#7338)
changelog
Fix EventsStream raising assertions when it falls behind
1.12.4
Make it clear that the limit for an update_function is a target
...
Also:
* rename VerifyKeyRequest->VerifyJsonRequest
* calculate key_ids on VerifyJsonRequest construction
* refactor things to pass around VerifyJsonRequests instead of 4-tuples
When handling incoming federation requests, make sure that we have an
up-to-date copy of the signing key.
We do not yet enforce the validity period for event signatures.
It turns out that looping_call does check the deferred returned by its
callback, and (at least in the case of client_ips), we were relying on this,
and I broke it in #3604.
Update run_as_background_process to return the deferred, and make sure we
return it to clock.looping_call.
While I was going through uses of preserve_fn for other PRs, I converted places
which only use the wrapped function once to use run_in_background, to avoid
creating the function object.
There were a bunch of places where we fire off a process to happen in the
background, but don't have any exception handling on it - instead relying on
the unhandled error being logged when the relevent deferred gets
garbage-collected.
This is unsatisfactory for a number of reasons:
- logging on garbage collection is best-effort and may happen some time after
the error, if at all
- it can be hard to figure out where the error actually happened.
- it is logged as a scary CRITICAL error which (a) I always forget to grep for
and (b) it's not really CRITICAL if a background process we don't care about
fails.
So this is an attempt to add exception handling to everything we fire off into
the background.
as opposed to join_policy, which is really only pertinent to the
synapse implementation of the group server.
By doing this we keep the group server concept extensible by
allowing arbitrarily complex rules for deciding whether a group
is openly joinable.
The API is now under
/groups/$group_id/setting/m.join_policy
and expects a JSON blob of the shape
```json
{
"m.join_policy": {
"type": "invite"
}
}
```
where "invite" could alternatively be "open".
Andrew Morgan