Commit Graph

356 Commits (ba48c563c98966400488c8972d2e9964f9510399)

Author SHA1 Message Date
Sean Quah 6173d585df 1.63.0rc1 2022-07-12 11:26:25 +01:00
David Robertson cf63d57dce
1.62.0 2022-07-05 11:14:27 +01:00
Andrew Morgan 046d87756b 1.62.0rc3 2022-07-04 16:16:47 +01:00
Andrew Morgan d40b2708cf 1.62.0rc2 2022-07-01 11:42:57 +01:00
Andrew Morgan b210146fd9 1.62.0rc1 2022-06-28 16:42:44 +01:00
Andrew Morgan ea10cdbea7 1.61.1 2022-06-28 14:37:35 +01:00
Erik Johnston d580014e22 1.61.0 2022-06-14 11:44:27 +01:00
Olivier Wilkinson (reivilibre) 495fbf5d63 1.61.0rc1 2022-06-07 13:18:02 +01:00
Olivier Wilkinson (reivilibre) a68dfef1f7 Fix Debian changelog 2022-06-07 12:42:23 +01:00
Erik Johnston 3594f6c1f3 Merge branch 'master' into develop 2022-05-31 14:48:22 +01:00
Erik Johnston 5984ada6bb 1.60.0 2022-05-31 13:41:49 +01:00
David Robertson 563ef172ae
Remove contrib/jitsimeetbridge (#12909) 2022-05-30 10:47:40 +01:00
Sean Quah e409ab8e92 1.60.0rc2 2022-05-27 11:06:45 +01:00
Sean Quah a670b5cda2 1.60.0rc1 2022-05-24 12:05:33 +01:00
Brendan Abolivier 1aa30f7b3e 1.59.1 2022-05-18 11:41:53 +01:00
David Robertson 5c3d525cad
1.59.0 2022-05-17 10:27:51 +01:00
David Robertson c3b232cb39
1.59.0rc2 2022-05-16 12:52:29 +01:00
David Robertson e5fd23fb6f
1.59.0rc1 2022-05-10 10:45:13 +01:00
David Robertson 0ce2201932
Move `pympler` back into the `all` extras (#12652)
* Move `pympler` back into the `all` extras

Undoes a change I made in #12381. I can't fully remember my reasoning,
but this changed the contents of the debian packages in a backwards
incompatible way. We're not aware of anyone who's been bitten by this,
but we still want to fix it.

To the reviewer: please be convinced that the debian packages will still
contain pympler after this change.

* Debian changelog entry to keep the linter happy
2022-05-07 13:40:58 +01:00
Andrew Morgan 6a17a291a6 1.58.1 2022-05-05 15:05:58 +01:00
Andrew Morgan e923fc20bd
Include extra dependency groups 'systemd' and 'cache_memory' in debian packages (#12640)
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
2022-05-05 13:51:15 +00:00
Andrew Morgan 8f5d2823df 1.58.0 2022-05-03 10:53:09 +01:00
David Robertson 6b64ee9ec7
1.58.0rc2 2022-04-26 17:16:43 +01:00
David Robertson 30db7fdb91
1.58.0rc1 2022-04-26 11:15:33 +01:00
David Robertson 7c063da25c
Temporarily lower debian changelog version number
This seems to make dch happy when we prepare the release.
2022-04-26 11:14:41 +01:00
Olivier Wilkinson (reivilibre) 01c8f9ca69 Merge branch 'master' into develop 2022-04-20 17:44:19 +01:00
Olivier Wilkinson (reivilibre) 05e8a5d298 1.57.1 2022-04-20 15:30:03 +01:00
Richard van der Hoff 7dec4ce7e4 fix typo in debian changelog 2022-04-19 13:45:27 +01:00
Olivier Wilkinson (reivilibre) dbe016e258 Remove 'Non-maintainer upload' line from Debian changelog 2022-04-19 13:33:36 +01:00
Olivier Wilkinson (reivilibre) 0921d93dcd Merge branch 'master' into develop 2022-04-19 13:28:28 +01:00
Olivier Wilkinson (reivilibre) 88fe72cc1e 1.57.0 2022-04-19 11:00:37 +01:00
David Robertson 6b3e0ea6bd
Use `poetry` to manage the virtualenv in debian packages (#12449)
* Use `poetry` to build venv in debian packages

Co-authored-by: Dan Callahan <danc@element.io>
Co-authored-by: Shay <hillerys@element.io>

* Changelog

* Only pull in from requirements.txt

Addresses the same problem as #12439.

* Include `test` and `all` extras

`poetry export` helpfully silently ignores an unknown extra

Haven't seen this before because it's the only place we export `all` and
`test`. I could have __sworm__ that the syntax `--extra "all test"`
worked for `poetry install`...

* Clean up requirements file on subsequence builds

* Fix shell syntax

Co-authored-by: Dan Callahan <danc@element.io>
Co-authored-by: Shay <hillerys@element.io>
2022-04-14 11:03:24 +01:00
Erik Johnston 641f43ba81 1.57.0rc1 2022-04-12 13:39:35 +01:00
Sean Quah 7a95e80418 1.56.0 2022-04-05 12:44:00 +01:00
Brendan Abolivier b690fe749b 1.56.0rc1 2022-03-29 10:41:04 +01:00
Richard van der Hoff 1642abd77e 1.55.2 2022-03-24 19:13:20 +00:00
Andrew Morgan 088f3ae182 1.55.1 2022-03-24 17:47:03 +00:00
Andrew Morgan 34baf76451 1.55.0 2022-03-22 14:02:52 +00:00
David Robertson d1130a249b
1.55.0rc1 2022-03-15 11:00:01 +00:00
Olivier Wilkinson (reivilibre) ea992adf86 1.54.0 2022-03-08 10:55:26 +00:00
Olivier Wilkinson (reivilibre) 879e4a7bd7 1.54.0rc1 2022-03-02 10:45:16 +00:00
Erik Johnston 551dd8c9f8 1.53.0 2022-02-22 11:32:11 +00:00
Sean Quah 7c05599041 1.53.0rc1 2022-02-15 10:44:24 +00:00
Brendan Abolivier 7d56b6c083 1.52.0 2022-02-08 11:35:05 +00:00
David Robertson a35e9db9be
1.52.0rc1 2022-02-01 11:04:17 +00:00
David Robertson b500fcbc0c Synapse 1.51.0 (2022-01-25)
===========================
 
 No significant changes since 1.51.0rc2.
 
 Synapse 1.51.0 deprecates `webclient` listeners and non-HTTP(S) `web_client_location`s. Support for these will be removed in Synapse 1.53.0, at which point Synapse will not be capable of directly serving a web client for Matrix.
 
 Synapse 1.51.0rc2 (2022-01-24)
 ==============================
 
 Bugfixes
 --------
 
 - Fix a bug introduced in Synapse 1.40.0 that caused Synapse to fail to process incoming federation traffic after handling a large amount of events in a v1 room. ([\#11806](https://github.com/matrix-org/synapse/issues/11806))
 
 Synapse 1.51.0rc1 (2022-01-21)
 ==============================
 
 Features
 --------
 
 - Add `track_puppeted_user_ips` config flag to record client IP addresses against puppeted users, and include the puppeted users in monthly active user counts. ([\#11561](https://github.com/matrix-org/synapse/issues/11561), [\#11749](https://github.com/matrix-org/synapse/issues/11749), [\#11757](https://github.com/matrix-org/synapse/issues/11757))
 - Include whether the requesting user has participated in a thread when generating a summary for [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11577](https://github.com/matrix-org/synapse/issues/11577))
 - Return an `M_FORBIDDEN` error code instead of `M_UNKNOWN` when a spam checker module prevents a user from creating a room. ([\#11672](https://github.com/matrix-org/synapse/issues/11672))
 - Add a flag to the `synapse_review_recent_signups` script to ignore and filter appservice users. ([\#11675](https://github.com/matrix-org/synapse/issues/11675), [\#11770](https://github.com/matrix-org/synapse/issues/11770))
 
 Bugfixes
 --------
 
 - Fix a long-standing issue which could cause Synapse to incorrectly accept data in the unsigned field of events
   received over federation. ([\#11530](https://github.com/matrix-org/synapse/issues/11530))
 - Fix a long-standing bug where Synapse wouldn't cache a response indicating that a remote user has no devices. ([\#11587](https://github.com/matrix-org/synapse/issues/11587))
 - Fix an error that occurs whilst trying to get the federation status of a destination server that was working normally. This admin API was newly introduced in Synapse v1.49.0. ([\#11593](https://github.com/matrix-org/synapse/issues/11593))
 - Fix bundled aggregations not being included in the `/sync` response, per [MSC2675](https://github.com/matrix-org/matrix-doc/pull/2675). ([\#11612](https://github.com/matrix-org/synapse/issues/11612), [\#11659](https://github.com/matrix-org/synapse/issues/11659), [\#11791](https://github.com/matrix-org/synapse/issues/11791))
 - Fix the `/_matrix/client/v1/room/{roomId}/hierarchy` endpoint returning incorrect fields which have been present since Synapse 1.49.0. ([\#11667](https://github.com/matrix-org/synapse/issues/11667))
 - Fix preview of some GIF URLs (like tenor.com). Contributed by Philippe Daouadi. ([\#11669](https://github.com/matrix-org/synapse/issues/11669))
 - Fix a bug where only the first 50 rooms from a space were returned from the `/hierarchy` API. This has existed since the introduction of the API in Synapse v1.41.0. ([\#11695](https://github.com/matrix-org/synapse/issues/11695))
 - Fix a bug introduced in Synapse v1.18.0 where password reset and address validation emails would not be sent if their subject was configured to use the 'app' template variable. Contributed by @br4nnigan. ([\#11710](https://github.com/matrix-org/synapse/issues/11710), [\#11745](https://github.com/matrix-org/synapse/issues/11745))
 - Make the 'List Rooms' Admin API sort stable. Contributed by Daniël Sonck. ([\#11737](https://github.com/matrix-org/synapse/issues/11737))
 - Fix a long-standing bug where space hierarchy over federation would only work correctly some of the time. ([\#11775](https://github.com/matrix-org/synapse/issues/11775))
 - Fix a bug introduced in Synapse v1.46.0 that prevented `on_logged_out` module callbacks from being correctly awaited by Synapse. ([\#11786](https://github.com/matrix-org/synapse/issues/11786))
 
 Improved Documentation
 ----------------------
 
 - Warn against using a Let's Encrypt certificate for TLS/DTLS TURN server client connections, and suggest using ZeroSSL certificate instead. This works around client-side connectivity errors caused by WebRTC libraries that reject Let's Encrypt certificates. Contibuted by @AndrewFerr. ([\#11686](https://github.com/matrix-org/synapse/issues/11686))
 - Document the new `SYNAPSE_TEST_PERSIST_SQLITE_DB` environment variable in the contributing guide. ([\#11715](https://github.com/matrix-org/synapse/issues/11715))
 - Document that the minimum supported PostgreSQL version is now 10. ([\#11725](https://github.com/matrix-org/synapse/issues/11725))
 - Fix typo in demo docs: differnt. ([\#11735](https://github.com/matrix-org/synapse/issues/11735))
 - Update room spec URL in config files. ([\#11739](https://github.com/matrix-org/synapse/issues/11739))
 - Mention `python3-venv` and `libpq-dev` dependencies in the contribution guide. ([\#11740](https://github.com/matrix-org/synapse/issues/11740))
 - Update documentation for configuring login with Facebook. ([\#11755](https://github.com/matrix-org/synapse/issues/11755))
 - Update installation instructions to note that Python 3.6 is no longer supported. ([\#11781](https://github.com/matrix-org/synapse/issues/11781))
 
 Deprecations and Removals
 -------------------------
 
 - Remove the unstable `/send_relation` endpoint. ([\#11682](https://github.com/matrix-org/synapse/issues/11682))
 - Remove `python_twisted_reactor_pending_calls` Prometheus metric. ([\#11724](https://github.com/matrix-org/synapse/issues/11724))
 - Remove the `password_hash` field from the response dictionaries of the [Users Admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html). ([\#11576](https://github.com/matrix-org/synapse/issues/11576))
 - **Deprecate support for `webclient` listeners and non-HTTP(S) `web_client_location` configuration. ([\#11774](https://github.com/matrix-org/synapse/issues/11774), [\#11783](https://github.com/matrix-org/synapse/issues/11783))**
 
 Internal Changes
 ----------------
 
 - Run `pyupgrade --py37-plus --keep-percent-format` on Synapse. ([\#11685](https://github.com/matrix-org/synapse/issues/11685))
 - Use buildkit's cache feature to speed up docker builds. ([\#11691](https://github.com/matrix-org/synapse/issues/11691))
 - Use `auto_attribs` and native type hints for attrs classes. ([\#11692](https://github.com/matrix-org/synapse/issues/11692), [\#11768](https://github.com/matrix-org/synapse/issues/11768))
 - Remove debug logging for #4422, which has been closed since Synapse 0.99. ([\#11693](https://github.com/matrix-org/synapse/issues/11693))
 - Remove fallback code for Python 2. ([\#11699](https://github.com/matrix-org/synapse/issues/11699))
 - Add a test for [an edge case](https://github.com/matrix-org/synapse/pull/11532#discussion_r769104461) in the `/sync` logic. ([\#11701](https://github.com/matrix-org/synapse/issues/11701))
 - Add the option to write SQLite test dbs to disk when running tests. ([\#11702](https://github.com/matrix-org/synapse/issues/11702))
 - Improve Complement test output for Gitub Actions. ([\#11707](https://github.com/matrix-org/synapse/issues/11707))
 - Fix docstring on `add_account_data_for_user`. ([\#11716](https://github.com/matrix-org/synapse/issues/11716))
 - Complement environment variable name change and update `.gitignore`. ([\#11718](https://github.com/matrix-org/synapse/issues/11718))
 - Simplify calculation of Prometheus metrics for garbage collection. ([\#11723](https://github.com/matrix-org/synapse/issues/11723))
 - Improve accuracy of `python_twisted_reactor_tick_time` Prometheus metric. ([\#11724](https://github.com/matrix-org/synapse/issues/11724), [\#11771](https://github.com/matrix-org/synapse/issues/11771))
 - Minor efficiency improvements when inserting many values into the database. ([\#11742](https://github.com/matrix-org/synapse/issues/11742))
 - Invite PR authors to give themselves credit in the changelog. ([\#11744](https://github.com/matrix-org/synapse/issues/11744))
 - Add optional debugging to investigate [issue 8631](https://github.com/matrix-org/synapse/issues/8631). ([\#11760](https://github.com/matrix-org/synapse/issues/11760))
 - Remove `log_function` utility function and its uses. ([\#11761](https://github.com/matrix-org/synapse/issues/11761))
 - Add a unit test that checks both `client` and `webclient` resources will function when simultaneously enabled. ([\#11765](https://github.com/matrix-org/synapse/issues/11765))
 - Allow overriding complement commit using `COMPLEMENT_REF`. ([\#11766](https://github.com/matrix-org/synapse/issues/11766))
 - Add some comments and type annotations for `_update_outliers_txn`. ([\#11776](https://github.com/matrix-org/synapse/issues/11776))
 -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE1508oLYUKainYFJakD7OEIo53t0FAmHv5K8ACgkQkD7OEIo5
 3t0TOg/+LQAWWi2RFUiezajSJS5LH5n7FNVs0XPAahKsrU6Xc6NHPHCQ5TpUSfKu
 MxLE5E4+5rsXpcHkb4NqNhyl5sEXPVWatmPkD+o9eo3LXBh42CHjcfOrboPaBRBJ
 DkmPYE3DhL++RBtdYoTRTLfVwq6L35Yi9CNjc19IMDAecqayC9Yl2E4ilcFZpS0R
 RB1ZULeNBa5oQmQEWbceGgAxhjAKgI/zkadSH2jsVWMxMUoh8zk1OzOc8DOaImRv
 yNr/8kB7wyCLLTRIR3AgcwI5nQHYCaYmnuoOP1+Y0axf1IVuQneo0kSNQJ9bf3Ob
 8/ICIb3e9qqbYKYiy4aCV41n9F4fhGRUoD+2s6S+QWC49hIVIrBoW1d6J8xNlV3r
 CbwKRuif1hIR4MTec+wjOBZScucpTDFx7wn94ivFtGlJmI58wikTunGKseczWTJN
 ujzdF6oPQc/qlJGG8zKIUgn11795RkZfFTFRJTrHaSWYmnMzSX6wEtXBp8ChoaFY
 X4fGdZqkgTjAt/wcReKI5cbhfmoigpwAPZQIGuvt/1E3YlkTl1VPiO7nxx3fNZEY
 SPNG0UtCaQ3IXOzqQy20cGb8lE8DeaGG3WrN2QeNczxeytoqymKFBq5DBoYXviBw
 D4zr0VpRQpDQUqf7EnreAhN+ZZMvYllK/zDeIFk+5ap2nrj8/9A=
 =b1tp
 -----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
 
 iQIzBAABCAAdFiEE1508oLYUKainYFJakD7OEIo53t0FAmHv7oIACgkQkD7OEIo5
 3t2qVw//YPSUAdcW3+MSFJLobheMB/tdycNUd3xoyTYcDQJPmyuoVBrsjibCpojK
 aifZfEqP9r2PLplJIAiS/7Z7F5DixdZ//KBOcHHJWBeIxCtEEPnk/pT9n4bDBx8w
 mGPajpq7JFail0oktmotx+xLHjnK1YdO0XXXOs1Haqz1/TB8OfMzVSKfWv/zI4eT
 ovsGIUiSLuVeOHl1QBHIBoerfyCHegYZf1B00cp9vMDwzIzMFY1oAzSMu//nGW2i
 4hqWMt4y2wPJz9ez0o5sBtLxj91fZGeqAEuvVNb2IkUjtclJpGbLnXXL6LtIqTHq
 ZH+HXNehEzVDtisq1mfSfczFa4Ma7bwFaizcOB8uuc9w8S2r1mxPSRv3u1CEpCIh
 leOPPXdlGlJ4jbOeV7IPj5Hie3AdFBeX6Sd6ivtzmvWvPWVketRiUUKww4X0oi+6
 0/qSdLiE60meleDJa2dB8vMSG8JKk8Swx1FR/T3e53Q3JmU+wZmwHgfl51ou8Ofe
 W1GhycT3Sb8Ei1XmttxxfE4+aikSu2JpUAu8MnizGPPJX9VCRPFYjTv5aMYxlX02
 XQw2TB8xwusNfWs4I84002FTg2Q/hLgloe5wZQOhHICBfYDuKETGF2LcASpMld53
 jS0vm0pp+Jlj8K3faIcHu+KrMFB2DwhDEORiU0QGeZTobckUzOA=
 =vMwg
 -----END PGP SIGNATURE-----

Merge tag 'v1.51.0'

Synapse 1.51.0 (2022-01-25)
===========================

No significant changes since 1.51.0rc2.

Synapse 1.51.0 deprecates `webclient` listeners and non-HTTP(S) `web_client_location`s. Support for these will be removed in Synapse 1.53.0, at which point Synapse will not be capable of directly serving a web client for Matrix.

Synapse 1.51.0rc2 (2022-01-24)
==============================

Bugfixes
--------

- Fix a bug introduced in Synapse 1.40.0 that caused Synapse to fail to process incoming federation traffic after handling a large amount of events in a v1 room. ([\#11806](https://github.com/matrix-org/synapse/issues/11806))

Synapse 1.51.0rc1 (2022-01-21)
==============================

Features
--------

- Add `track_puppeted_user_ips` config flag to record client IP addresses against puppeted users, and include the puppeted users in monthly active user counts. ([\#11561](https://github.com/matrix-org/synapse/issues/11561), [\#11749](https://github.com/matrix-org/synapse/issues/11749), [\#11757](https://github.com/matrix-org/synapse/issues/11757))
- Include whether the requesting user has participated in a thread when generating a summary for [MSC3440](https://github.com/matrix-org/matrix-doc/pull/3440). ([\#11577](https://github.com/matrix-org/synapse/issues/11577))
- Return an `M_FORBIDDEN` error code instead of `M_UNKNOWN` when a spam checker module prevents a user from creating a room. ([\#11672](https://github.com/matrix-org/synapse/issues/11672))
- Add a flag to the `synapse_review_recent_signups` script to ignore and filter appservice users. ([\#11675](https://github.com/matrix-org/synapse/issues/11675), [\#11770](https://github.com/matrix-org/synapse/issues/11770))

Bugfixes
--------

- Fix a long-standing issue which could cause Synapse to incorrectly accept data in the unsigned field of events
  received over federation. ([\#11530](https://github.com/matrix-org/synapse/issues/11530))
- Fix a long-standing bug where Synapse wouldn't cache a response indicating that a remote user has no devices. ([\#11587](https://github.com/matrix-org/synapse/issues/11587))
- Fix an error that occurs whilst trying to get the federation status of a destination server that was working normally. This admin API was newly introduced in Synapse v1.49.0. ([\#11593](https://github.com/matrix-org/synapse/issues/11593))
- Fix bundled aggregations not being included in the `/sync` response, per [MSC2675](https://github.com/matrix-org/matrix-doc/pull/2675). ([\#11612](https://github.com/matrix-org/synapse/issues/11612), [\#11659](https://github.com/matrix-org/synapse/issues/11659), [\#11791](https://github.com/matrix-org/synapse/issues/11791))
- Fix the `/_matrix/client/v1/room/{roomId}/hierarchy` endpoint returning incorrect fields which have been present since Synapse 1.49.0. ([\#11667](https://github.com/matrix-org/synapse/issues/11667))
- Fix preview of some GIF URLs (like tenor.com). Contributed by Philippe Daouadi. ([\#11669](https://github.com/matrix-org/synapse/issues/11669))
- Fix a bug where only the first 50 rooms from a space were returned from the `/hierarchy` API. This has existed since the introduction of the API in Synapse v1.41.0. ([\#11695](https://github.com/matrix-org/synapse/issues/11695))
- Fix a bug introduced in Synapse v1.18.0 where password reset and address validation emails would not be sent if their subject was configured to use the 'app' template variable. Contributed by @br4nnigan. ([\#11710](https://github.com/matrix-org/synapse/issues/11710), [\#11745](https://github.com/matrix-org/synapse/issues/11745))
- Make the 'List Rooms' Admin API sort stable. Contributed by Daniël Sonck. ([\#11737](https://github.com/matrix-org/synapse/issues/11737))
- Fix a long-standing bug where space hierarchy over federation would only work correctly some of the time. ([\#11775](https://github.com/matrix-org/synapse/issues/11775))
- Fix a bug introduced in Synapse v1.46.0 that prevented `on_logged_out` module callbacks from being correctly awaited by Synapse. ([\#11786](https://github.com/matrix-org/synapse/issues/11786))

Improved Documentation
----------------------

- Warn against using a Let's Encrypt certificate for TLS/DTLS TURN server client connections, and suggest using ZeroSSL certificate instead. This works around client-side connectivity errors caused by WebRTC libraries that reject Let's Encrypt certificates. Contibuted by @AndrewFerr. ([\#11686](https://github.com/matrix-org/synapse/issues/11686))
- Document the new `SYNAPSE_TEST_PERSIST_SQLITE_DB` environment variable in the contributing guide. ([\#11715](https://github.com/matrix-org/synapse/issues/11715))
- Document that the minimum supported PostgreSQL version is now 10. ([\#11725](https://github.com/matrix-org/synapse/issues/11725))
- Fix typo in demo docs: differnt. ([\#11735](https://github.com/matrix-org/synapse/issues/11735))
- Update room spec URL in config files. ([\#11739](https://github.com/matrix-org/synapse/issues/11739))
- Mention `python3-venv` and `libpq-dev` dependencies in the contribution guide. ([\#11740](https://github.com/matrix-org/synapse/issues/11740))
- Update documentation for configuring login with Facebook. ([\#11755](https://github.com/matrix-org/synapse/issues/11755))
- Update installation instructions to note that Python 3.6 is no longer supported. ([\#11781](https://github.com/matrix-org/synapse/issues/11781))

Deprecations and Removals
-------------------------

- Remove the unstable `/send_relation` endpoint. ([\#11682](https://github.com/matrix-org/synapse/issues/11682))
- Remove `python_twisted_reactor_pending_calls` Prometheus metric. ([\#11724](https://github.com/matrix-org/synapse/issues/11724))
- Remove the `password_hash` field from the response dictionaries of the [Users Admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html). ([\#11576](https://github.com/matrix-org/synapse/issues/11576))
- **Deprecate support for `webclient` listeners and non-HTTP(S) `web_client_location` configuration. ([\#11774](https://github.com/matrix-org/synapse/issues/11774), [\#11783](https://github.com/matrix-org/synapse/issues/11783))**

Internal Changes
----------------

- Run `pyupgrade --py37-plus --keep-percent-format` on Synapse. ([\#11685](https://github.com/matrix-org/synapse/issues/11685))
- Use buildkit's cache feature to speed up docker builds. ([\#11691](https://github.com/matrix-org/synapse/issues/11691))
- Use `auto_attribs` and native type hints for attrs classes. ([\#11692](https://github.com/matrix-org/synapse/issues/11692), [\#11768](https://github.com/matrix-org/synapse/issues/11768))
- Remove debug logging for #4422, which has been closed since Synapse 0.99. ([\#11693](https://github.com/matrix-org/synapse/issues/11693))
- Remove fallback code for Python 2. ([\#11699](https://github.com/matrix-org/synapse/issues/11699))
- Add a test for [an edge case](https://github.com/matrix-org/synapse/pull/11532#discussion_r769104461) in the `/sync` logic. ([\#11701](https://github.com/matrix-org/synapse/issues/11701))
- Add the option to write SQLite test dbs to disk when running tests. ([\#11702](https://github.com/matrix-org/synapse/issues/11702))
- Improve Complement test output for Gitub Actions. ([\#11707](https://github.com/matrix-org/synapse/issues/11707))
- Fix docstring on `add_account_data_for_user`. ([\#11716](https://github.com/matrix-org/synapse/issues/11716))
- Complement environment variable name change and update `.gitignore`. ([\#11718](https://github.com/matrix-org/synapse/issues/11718))
- Simplify calculation of Prometheus metrics for garbage collection. ([\#11723](https://github.com/matrix-org/synapse/issues/11723))
- Improve accuracy of `python_twisted_reactor_tick_time` Prometheus metric. ([\#11724](https://github.com/matrix-org/synapse/issues/11724), [\#11771](https://github.com/matrix-org/synapse/issues/11771))
- Minor efficiency improvements when inserting many values into the database. ([\#11742](https://github.com/matrix-org/synapse/issues/11742))
- Invite PR authors to give themselves credit in the changelog. ([\#11744](https://github.com/matrix-org/synapse/issues/11744))
- Add optional debugging to investigate [issue 8631](https://github.com/matrix-org/synapse/issues/8631). ([\#11760](https://github.com/matrix-org/synapse/issues/11760))
- Remove `log_function` utility function and its uses. ([\#11761](https://github.com/matrix-org/synapse/issues/11761))
- Add a unit test that checks both `client` and `webclient` resources will function when simultaneously enabled. ([\#11765](https://github.com/matrix-org/synapse/issues/11765))
- Allow overriding complement commit using `COMPLEMENT_REF`. ([\#11766](https://github.com/matrix-org/synapse/issues/11766))
- Add some comments and type annotations for `_update_outliers_txn`. ([\#11776](https://github.com/matrix-org/synapse/issues/11776))
2022-01-25 12:35:11 +00:00
David Robertson 874365fc05
1.51.0 2022-01-25 11:30:02 +00:00
Andrew Morgan 36f37acf53 1.50.2 2022-01-24 13:37:20 +00:00
Andrew Morgan 14b45b25dd 1.51.0rc2 2022-01-24 12:25:18 +00:00
Olivier Wilkinson (reivilibre) 266df5c908 1.51.0rc1 2022-01-21 10:47:03 +00:00
Andrew Morgan ab12c909a2 1.50.1 2022-01-18 16:09:04 +00:00
Andrew Morgan 3ba9389699 1.50.0 2022-01-18 10:41:36 +00:00
Olivier Wilkinson (reivilibre) 867443472c 1.50.0rc2 2022-01-14 11:34:57 +00:00
Olivier Wilkinson (reivilibre) 9be5aacc2d 1.50.0rc1 2022-01-05 12:39:48 +00:00
Richard van der Hoff aa874a1390 1.49.2 2021-12-21 17:32:16 +00:00
Richard van der Hoff 8c36d332d5 1.49.1 2021-12-21 11:07:41 +00:00
Olivier Wilkinson (reivilibre) 9f3c7e85a4 1.49.0 2021-12-14 12:56:14 +00:00
Sean Quah 966b5d0fa0 1.49.0rc1 2021-12-07 13:56:09 +00:00
Brendan Abolivier 4bdad80de1 1.48.0 2021-11-30 11:24:21 +00:00
Brendan Abolivier 946c102ac9 1.48.0rc1 2021-11-25 15:57:04 +00:00
Sean Quah 97a402302c 1.47.1 2021-11-19 14:08:59 +00:00
David Robertson 9f9d82aa84
1.47.0 2021-11-17 13:10:12 +00:00
Andrew Morgan edcdc5fd82 1.47.0rc3 2021-11-16 14:34:46 +00:00
Olivier Wilkinson (reivilibre) ef7f9286d1 Move Debian changelog entries to rc2 since rc1 was not published 2021-11-10 09:48:50 +00:00
Olivier Wilkinson (reivilibre) 82e62b488a 1.47.0rc2 2021-11-10 09:44:38 +00:00
Olivier Wilkinson (reivilibre) af6374905a Correct the Debian changelog 2021-11-10 09:37:48 +00:00
Olivier Wilkinson (reivilibre) 01f61da77f 1.47.0rc1 2021-11-09 12:17:35 +00:00
Dan Callahan 556a488209
Address review feedback from #11269 (#11273)
Signed-off-by: Dan Callahan <danc@element.io>
2021-11-08 11:57:37 +00:00
Dan Callahan 9799c569bb
Minor cleanup to Debian packaging (#11269)
* Remove unused Vagrant scripts

* Change package Architecture to any

* Preinstall the wheel package when building venvs.

Addresses the following warnings during Debian builds:

    Using legacy 'setup.py install' for jaeger-client, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for matrix-synapse-ldap3, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for opentracing, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for psycopg2, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for systemd-python, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for pympler, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for threadloop, since package 'wheel' is not installed.
    Using legacy 'setup.py install' for thrift, since package 'wheel' is not installed.

* Allow /etc/default/matrix-synapse to be missing

Per the systemd.exec manpage, prefixing an EnvironmentFile with "-":

> indicates that if the file does not exist, it will not be read and no
> error or warning message is logged.

Signed-off-by: Dan Callahan <danc@element.io>
2021-11-07 21:18:33 +00:00
Erik Johnston 237f7eb87a Merge remote-tracking branch 'origin/master' into develop 2021-11-02 14:28:27 +00:00
Erik Johnston df84ad602b 1.46.0 2021-11-02 13:23:01 +00:00
Dan Callahan 0dffa9d0e0
Merge remote-tracking branch 'origin/develop' into shellcheck
Fixes a merge conflict with debian/changelog

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-27 20:04:00 +01:00
Richard van der Hoff 576921c66a
Force deb compression with `xz`. (#11197)
Fixes a problem where `impish` packages could not be processed by `reprepro`.
2021-10-27 17:06:32 +01:00
Sean Quah cc75a6b1b2 1.46.0rc1 2021-10-26 14:04:51 +01:00
Dan Callahan 1afc6ecae1
Changelog
Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:21:40 +01:00
Dan Callahan d7141e0b8b
Fix Shellcheck SC2006: Use $(...) notation
Use $(...) notation instead of legacy backticked `...`.

https://github.com/koalaman/shellcheck/wiki/SC2006

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:55 +01:00
Dan Callahan 13f084eb58
Fix Shellcheck SC2086: Quote to prevent splitting
Double quote to prevent globbing and word splitting.

https://github.com/koalaman/shellcheck/wiki/SC2086

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:54 +01:00
Dan Callahan 31096132c3
Fix Shellcheck SC2012: Use find instead of ls
Use find instead of ls to better handle non-alphanumeric filenames.

https://github.com/koalaman/shellcheck/wiki/SC2012

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:54 +01:00
Dan Callahan 9d0f9d51d5
Fix Shellcheck SC2016: Single quotes don't expand
Expressions don't expand in single quotes, use double quotes for that.

https://github.com/koalaman/shellcheck/wiki/SC2016

This specifically warned about the '$aregis...' part of the sed script.
Which is a relatively obscure use of sed.

Splitting this into two commands makes its intent more obvious and
avoids contravening Shellcheck's lints.

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:54 +01:00
Dan Callahan bab2bc844c
Fix Shellcheck SC1091: Can't follow file
Not following: (error message here)

https://github.com/koalaman/shellcheck/wiki/SC1091

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:54 +01:00
Dan Callahan 898e3be4c9
Fix Shellcheck SC2064: Use single quotes on traps
Use single quotes, otherwise this expands now rather than when signalled.

https://github.com/koalaman/shellcheck/wiki/SC2064

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:54 +01:00
Dan Callahan 64adbb7b54
Fix Shellcheck SC2046: Quote to prevent word split
Quote this to prevent word splitting

https://www.shellcheck.net/wiki/SC2046

Signed-off-by: Dan Callahan <danc@element.io>
2021-10-22 23:08:53 +01:00
Sean Quah 522489fbcd 1.45.1 2021-10-20 12:00:03 +01:00
David Robertson 8b1185347a
1.45.0 2021-10-19 11:19:55 +01:00
David Robertson 99a4e5222d
1.45.0rc2 2021-10-14 10:59:27 +01:00
Brendan Abolivier 8c5255b664 1.45.0rc1 2021-10-12 10:47:15 +01:00
Nick Barrett c80878d22a
Add `--run-background-updates` option to `update_database` script. (#10954)
Signed-off-by: Nick Barrett <nick@beeper.com>
2021-10-06 11:26:18 +01:00
Brendan Abolivier b2c5e79291 1.44.0 2021-10-05 13:45:24 +01:00
Brendan Abolivier 2d2c6a41fe 1.44.0rc3 2021-10-04 14:57:40 +01:00
Olivier Wilkinson (reivilibre) 3412f5c8d8 1.44.0rc2 2021-09-30 12:40:24 +01:00
Erik Johnston 3c50192d3f 1.44.0rc1 2021-09-28 13:42:21 +01:00
David Robertson c4ef61136f 1.43.0 2021-09-21 11:49:15 +01:00
David Robertson daac1e645c 1.43.0rc2 2021-09-17 10:43:51 +01:00
Andrew Morgan d725e0956f 1.43.0rc1 2021-09-14 11:47:11 +01:00
Azrenbeth 6631321687 1.42.0 2021-09-07 16:20:03 +01:00
Brendan Abolivier e9958d908d 1.42.0rc2 2021-09-06 15:25:23 +01:00
Olivier Wilkinson (reivilibre) 6b2aca473a 1.42.0rc1 2021-09-01 11:47:24 +01:00
Richard van der Hoff a4c8a2f08b 1.41.1 2021-08-31 13:43:28 +01:00
Erik Johnston 6f77a3d433 1.41.0 2021-08-24 15:31:55 +01:00
Erik Johnston 49cb7eae97 1.41.0rc1 2021-08-18 15:52:11 +01:00
Brendan Abolivier b5de77cf86 Merge branch 'master' into develop 2021-08-10 14:23:57 +01:00
Brendan Abolivier 9f7c038272 1.40.0 2021-08-10 13:50:58 +01:00
Brendan Abolivier f8e86b7d2e
Merge branch 'release-v1.40' into develop 2021-08-09 14:44:28 +01:00
Brendan Abolivier ad35b7739e 1.40.0rc3 2021-08-09 13:41:29 +01:00
Erik Johnston a36d77c563 Merge tag 'v1.40.0rc2' into develop
Synapse 1.40.0rc2 (2021-08-04)
==============================

Bugfixes
--------

- Fix the `PeriodicallyFlushingMemoryHandler` inhibiting application shutdown because of its background thread. ([\#10517](https://github.com/matrix-org/synapse/issues/10517))
- Fix a bug introduced in Synapse v1.40.0rc1 that could cause Synapse to respond with an error when clients would update read receipts. ([\#10531](https://github.com/matrix-org/synapse/issues/10531))

Internal Changes
----------------

- Fix release script to open the correct URL for the release. ([\#10516](https://github.com/matrix-org/synapse/issues/10516))
2021-08-05 11:15:29 +01:00
Brendan Abolivier 02c2f631ae 1.40.0rc2 2021-08-04 17:09:27 +01:00
Richard van der Hoff 951648f26a
Fix debian package triggers (#10481)
Replace the outdated list of dpkg triggers with an autogenerated one.
2021-08-03 14:45:21 +01:00
Erik Johnston c8566191fc 1.40.0rc1 2021-08-03 11:32:10 +01:00
Erik Johnston 65f520697d Merge remote-tracking branch 'origin/master' into develop 2021-07-29 16:29:17 +01:00
Erik Johnston 5522a103a9 1.39.0 2021-07-29 09:59:07 +01:00
Erik Johnston 8c201c97ec Synapse 1.39.0rc3 (2021-07-28)
==============================
 
 Bugfixes
 --------
 
 - Fix a bug introduced in Synapse 1.38 which caused an exception at startup when SAML authentication was enabled. ([\#10477](https://github.com/matrix-org/synapse/issues/10477))
 - Fix a long-standing bug where Synapse would not inform clients that a device had exhausted its one-time-key pool, potentially causing problems decrypting events. ([\#10485](https://github.com/matrix-org/synapse/issues/10485))
 - Fix reporting old R30 stats as R30v2 stats. Introduced in v1.39.0rc1. ([\#10486](https://github.com/matrix-org/synapse/issues/10486))
 
 Internal Changes
 ----------------
 
 - Fix an error which prevented the Github Actions workflow to build the docker images from running. ([\#10461](https://github.com/matrix-org/synapse/issues/10461))
 - Fix release script to correctly version debian changelog when doing RCs. ([\#10465](https://github.com/matrix-org/synapse/issues/10465))
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmEBUJUQHGVyaWtAbWF0
 cml4Lm9yZwAKCRClQuTtGw+sCWi6CACfA3B7rXfQIO893mctSZkNhtAG/e4o310M
 etvjAtovKmKeFqBvm89FPmFoXvGA2ypoz7Jz2fdkP56DNKIXvihnDc8EeQ3gGawf
 hQ8GBjICOL1e7R/4qzuOCWYdppBGoGNAbz7qyxAUxZ/XOzsPJ2VBGkgyXWZkyPe/
 nJYsuMuMp117HUwTqPqs3oZuTN0MRTy6xgaDfbFbcX9UC/amLmGIWOhlme8iV15r
 HQAW0X7F2Un5h7eQwogWTDb9gBHKnJ4ApaSJLfZl9E72i0Sv7o9UFcLIdy2DRVSq
 gxlRBVzVU6ZndCQ4vQXFSjQ20VGNXc2vpKVRE1D6YXxmxVNbBQB4
 =lb6H
 -----END PGP SIGNATURE-----

Merge tag 'v1.39.0rc3' into develop

Synapse 1.39.0rc3 (2021-07-28)
==============================

Bugfixes
--------

- Fix a bug introduced in Synapse 1.38 which caused an exception at startup when SAML authentication was enabled. ([\#10477](https://github.com/matrix-org/synapse/issues/10477))
- Fix a long-standing bug where Synapse would not inform clients that a device had exhausted its one-time-key pool, potentially causing problems decrypting events. ([\#10485](https://github.com/matrix-org/synapse/issues/10485))
- Fix reporting old R30 stats as R30v2 stats. Introduced in v1.39.0rc1. ([\#10486](https://github.com/matrix-org/synapse/issues/10486))

Internal Changes
----------------

- Fix an error which prevented the Github Actions workflow to build the docker images from running. ([\#10461](https://github.com/matrix-org/synapse/issues/10461))
- Fix release script to correctly version debian changelog when doing RCs. ([\#10465](https://github.com/matrix-org/synapse/issues/10465))
2021-07-28 15:53:53 +01:00
Erik Johnston 5146e19880 1.39.0rc3 2021-07-28 13:31:18 +01:00
Erik Johnston 6e2275649c Synapse 1.38.1 (2021-07-22)
===========================
 
 Bugfixes
 --------
 
 - Always include `device_one_time_keys_count` key in `/sync` response to work around a bug in Element Android that broke encryption for new devices. ([\#10457](https://github.com/matrix-org/synapse/issues/10457))
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmD5g1QQHGVyaWtAbWF0
 cml4Lm9yZwAKCRClQuTtGw+sCZ9CB/9ha7LLrLRyU8hfxOi9uXDvnogFTTpkdxs9
 iqIlB9bzy7u7B2Cl/y9eEK1uRBEDYuwH43515wVoPrfixECt3JROkv8D0T7nzcia
 m3oiiA4XW1wWV1YmK89nbSQpb8X8DdnaXWJlkqZZYKEKlLlNCZDu+rWLXSLhIHNJ
 ERsc8SmlxCDzF1fuzbPrwTc8MD8WVJU6spuYVHJ2p7NsW9Zqjybs0ZORXq06Ih5I
 eeZ67Tc6BiDubV+DvRK451t84DazHG6AXyz2As4kSvzkca6GmN8KwcMrFXderhDj
 F5mHGAMDUjB/mUCHveB2WdL5OjyvUlTY5FrFwfMu1wrNmp2/93Tg
 =MTCR
 -----END PGP SIGNATURE-----

Merge tag 'v1.38.1' into release-v1.39

Synapse 1.38.1 (2021-07-22)
===========================

Bugfixes
--------

- Always include `device_one_time_keys_count` key in `/sync` response to work around a bug in Element Android that broke encryption for new devices. ([\#10457](https://github.com/matrix-org/synapse/issues/10457))
2021-07-23 09:07:42 +01:00
Erik Johnston 683deee9a4 Merge branch 'master' into develop 2021-07-23 09:03:19 +01:00
Erik Johnston 283bb5c94e 1.38.1 2021-07-22 15:37:10 +01:00
Richard van der Hoff 8ae0bdca75
Drop xenial-support hacks (#10429) 2021-07-21 21:25:28 +01:00
Andrew Morgan e009d2e90a 1.39.0rc1 2021-07-20 14:28:49 +01:00
Richard van der Hoff 08a8297c0d fix debian changelog 2021-07-13 13:22:12 +01:00
Richard van der Hoff c647c2a9ac 1.38.0 2021-07-13 13:19:06 +01:00
Richard van der Hoff f7bfa694ae 1.38.0rc3 2021-07-13 11:57:55 +01:00
Erik Johnston 6655ea5587
Add script for getting info about recently registered users (#10290) 2021-07-06 13:03:16 +01:00
Erik Johnston f193034d59 1.37.1 2021-06-30 12:24:13 +01:00
Brendan Abolivier cdf569e468 1.37.0 2021-06-29 10:15:34 +01:00
Erik Johnston 1c8045f674 1.36.0 2021-06-15 15:42:02 +01:00
Patrick Cloke 57c01dca29 1.35.1 2021-06-03 08:18:22 -04:00
Andrew Morgan a8372ad591 1.35.0 2021-06-01 13:23:55 +01:00
Erik Johnston afb6dcf806 1.34.0 2021-05-17 11:34:39 +01:00
Brendan Abolivier 86fb71431c
1.33.2 2021-05-11 14:01:32 +01:00
Erik Johnston ac88aca7f7 1.33.1 2021-05-06 14:06:38 +01:00
Brendan Abolivier 0644ac0989 1.33.0 2021-05-05 14:15:54 +01:00
Andrew Morgan ca380881b1 Update dates in changelogs 2021-04-21 18:47:31 +01:00
Andrew Morgan 55159c48e3 1.32.2 2021-04-21 18:45:39 +01:00
Andrew Morgan a745531c10 1.32.1 2021-04-21 14:01:12 +01:00
Andrew Morgan e031c7e0cc 1.32.0 2021-04-20 14:31:27 +01:00
Dan Callahan 3efde8b69a
Add option to skip unit tests when building debs (#9793)
Signed-off-by: Dan Callahan <danc@element.io>
2021-04-12 15:27:05 +01:00
Erik Johnston 1d8863c67d 1.31.0 2021-04-06 13:09:56 +01:00
Erik Johnston c6f8e8086c 1.30.1 2021-03-26 12:03:29 +00:00
Erik Johnston e2904f720d 1.30.0 2021-03-22 13:15:55 +00:00
Erik Johnston 15c788e22d 1.29.0 2021-03-08 13:52:13 +00:00
Jonathan de Jong e12077a78a
Allow bytecode again (#9502)
In #75, bytecode was disabled (from a bit of FUD back in `python<2.4` days, according to dev chat), I think it's safe enough to enable it again.

Added in `__pycache__/` and `.pyc`/`.pyd` to `.gitignore`, to extra-insure compiled files don't get committed.

`Signed-off-by: Jonathan de Jong <jonathan@automatia.nl>`
2021-02-26 18:30:54 +00:00
Erik Johnston b5c4fe1971 1.28.0 2021-02-25 10:22:07 +00:00
Erik Johnston a27c1fd74b 1.27.0 2021-02-16 13:12:02 +00:00
Dan Callahan e19396d622
Fix Debian builds on Xenial (#9254)
Adds note about updating dh-virtualenv once we drop support for Xenial.

We can't update now, because it needs debhelper 12, while Xenial only
backports 10.

Signed-off-by: Dan Callahan <danc@element.io>
2021-01-29 14:56:04 +00:00
Patrick Cloke ccb9616f26 Update debian changelog. 2021-01-27 12:45:02 -05:00
Richard van der Hoff 9ffac2bef1
Remote dependency on distutils (#9125)
`distutils` is pretty much deprecated these days, and replaced with
`setuptools`. It's also annoying because it's you can't `pip install` it, and
it's hard to figure out which debian package we should depend on to make sure
it's there.

Since we only use it for a tiny function anyway, let's just vendor said
function into our codebase.
2021-01-15 15:59:20 +00:00
Erik Johnston 3dd6ba135e 1.25.0 2021-01-13 10:19:12 +00:00
Dan Callahan fa6deb298b
Fix failures in Debian packaging (#9079)
Debian package builds were failing for two reasons:

 1. Python versions prior to 3.7 throw exceptions when attempting to print
    Unicode characters under a "C" locale. (#9076)

 2. We depended on `dh-systemd` which no longer exists in Debian Bullseye, but
    is necessary in Ubuntu Xenial. (#9073)

Setting `LANG="C.UTF-8"` in the build environment fixes the first issue.
See also: https://bugs.python.org/issue19846

The second issue is a bit trickier. The dh-systemd package was merged into
debhelper version 9.20160709 and a transitional package left in its wake.

The transitional dh-systemd package was removed in Debian Bullseye.

However, Ubuntu Xenial ships an older debhelper, and still needs dh-systemd.

Thus, builds were failing on Bullseye since we depended on a package which had
ceased existing, but we couldn't remove it from the debian/control file and our
build scripts because we still needed it for Ubuntu Xenial.

We can fix the debian/control issue by listing dh-systemd as an alternative to
the newer versions of debhelper. Since dh-systemd declares that it depends on
debhelper, Ubuntu Xenial will select its older dh-systemd which will in turn
pull in its older debhelper, resulting in no change from the status quo. All
other supported releases will satisfy the debhelper dependency constraint and
skip the dh-systemd alternative.

Build scripts were fixed by unconditionally attempting to install dh-systemd on
all releases and suppressing failures.

Once we drop support for Ubuntu Xenial, we can revert most of this commit and
rely on the version constraint on debhelper in debian/control.

Fixes #9076
Fixes #9073

Signed-off-by: Dan Callahan <danc@element.io>
2021-01-12 14:15:04 +00:00
Erik Johnston 320e8c8064 Synapse 1.23.1 (2020-12-09)
===========================
 
 Due to the two security issues highlighted below, server administrators are
 encouraged to update Synapse. We are not aware of these vulnerabilities being
 exploited in the wild.
 
 Security advisory
 -----------------
 
 The following issues are fixed in v1.23.1 and v1.24.0.
 
 - There is a denial of service attack
   ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
   against the federation APIs in which future events will not be correctly sent
   to other servers over federation. This affects all servers that participate in
   open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).
 
 - Synapse may be affected by OpenSSL
   [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
   Synapse administrators should ensure that they have the latest versions of
   the cryptography Python package installed.
 
 To upgrade Synapse along with the cryptography package:
 
 * Administrators using the [`matrix.org` Docker
   image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
   packages from
   `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
   should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
   the updated packages.
 * Administrators who have [installed Synapse from
   source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
   should upgrade the cryptography package within their virtualenv by running:
   ```sh
   <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
   ```
 * Administrators who have installed Synapse from distribution packages should
   consult the information from their distributions.
 
 Bugfixes
 --------
 
 - Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776))
 
 Internal Changes
 ----------------
 
 - Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
 -----BEGIN PGP SIGNATURE-----
 
 iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAl/QsOYQHGVyaWtAbWF0
 cml4Lm9yZwAKCRClQuTtGw+sCZTkCACEDbyMY/UCqJaUILxtYeBE7K4GvOqPPHyo
 2VLjyitI7XWVzB/paUOPxAtOtiwXS0GOrL+UsW6Lky2HIjafjLe1Z3LHzATQwF2I
 J2bZWTY1Y4v3y8B7noPmp7+QFIBIey++09BY+MwzT3EQYnXt6lvoHmEvPH/htzjg
 LfdZpSj4WrJr4S2/W0rVlkGSuIShN0Tnv6pTgbGRZMt1N4JH2mo65mCGt3xrMS7E
 us+xqStGh5Q+9g3F913iIJ8noUMeCvTT7hbr1eonhZ3MIKWG30z+zcXwmGb0t3B8
 zvTFXqdbZPSw+ZZdxaZwZuJzNCnYOu6t0JuzXqDoE0xsHb8RVUe9
 =Z9US
 -----END PGP SIGNATURE-----

Merge tag 'v1.23.1'

Synapse 1.23.1 (2020-12-09)
===========================

Due to the two security issues highlighted below, server administrators are
encouraged to update Synapse. We are not aware of these vulnerabilities being
exploited in the wild.

Security advisory
-----------------

The following issues are fixed in v1.23.1 and v1.24.0.

- There is a denial of service attack
  ([CVE-2020-26257](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-26257))
  against the federation APIs in which future events will not be correctly sent
  to other servers over federation. This affects all servers that participate in
  open federation. (Fixed in [#8776](https://github.com/matrix-org/synapse/pull/8776)).

- Synapse may be affected by OpenSSL
  [CVE-2020-1971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1971).
  Synapse administrators should ensure that they have the latest versions of
  the cryptography Python package installed.

To upgrade Synapse along with the cryptography package:

* Administrators using the [`matrix.org` Docker
  image](https://hub.docker.com/r/matrixdotorg/synapse/) or the [Debian/Ubuntu
  packages from
  `matrix.org`](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#matrixorg-packages)
  should ensure that they have version 1.24.0 or 1.23.1 installed: these images include
  the updated packages.
* Administrators who have [installed Synapse from
  source](https://github.com/matrix-org/synapse/blob/master/INSTALL.md#installing-from-source)
  should upgrade the cryptography package within their virtualenv by running:
  ```sh
  <path_to_virtualenv>/bin/pip install 'cryptography>=3.3'
  ```
* Administrators who have installed Synapse from distribution packages should
  consult the information from their distributions.

Bugfixes
--------

- Fix a bug in some federation APIs which could lead to unexpected behaviour if different parameters were set in the URI and the request body. ([\#8776](https://github.com/matrix-org/synapse/issues/8776))

Internal Changes
----------------

- Add a maximum version for pysaml2 on Python 3.5. ([\#8898](https://github.com/matrix-org/synapse/issues/8898))
2020-12-09 11:29:56 +00:00
Erik Johnston 1cec3d1457 1.23.1 2020-12-09 11:07:41 +00:00
Erik Johnston 9b26a4ac87 1.24.0 2020-12-09 11:07:24 +00:00