CHANGES.md 185 KB

Synapse 1.98.0 (2023-12-12)

Synapse 1.98.0 will be the last Synapse release in 2023; the regular release cadence will resume in January 2024.

Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for proprietary dual licensing). You can read more about this here:

The Matrix.org Foundation copy of the project will be archived. Any changes needed by server administrators will be communicated via our usual announcements channels, but we are striving to make this as seamless as possible.

No significant changes since 1.98.0rc1.

Synapse 1.98.0rc1 (2023-12-05)

Features

  • Synapse now declares support for Matrix v1.7, v1.8, and v1.9. (#16707)
  • Add on_user_login module API callback for when a user logs in. (#15207)
  • Support MSC4069: Inhibit profile propagation. (#16636)
  • Restore tracking of requests and monthly active users when delegating authentication via MSC3861 to an OIDC provider. (#16672)
  • Add an autojoin setting for server notices rooms, so users may be joined directly instead of receiving an invite. (#16699)
  • Follow redirects when downloading media over federation (per MSC3860). (#16701)

Bugfixes

  • Enable refreshable tokens on the admin registration endpoint. (#16642)
  • Consistently bypass rate limits when using the server notice admin API. (#16670)
  • Fix a bug introduced in Synapse 1.7.2 where rooms whose power levels lacked an events field could not be upgraded. (#16725)
  • Fix GET /_synapse/admin/v1/federation/destinations admin API returning null (instead of 0) for retry_last_ts and retry_interval. (#16729)

Improved Documentation

  • Add schema rollback information to documentation. (#16661)
  • Fix poetry version typo in the contributors' guide. (#16695)
  • Switch the example UNIX socket paths to /run. Add HAProxy example configuration for UNIX sockets. (#16700)
  • Add documentation for how to validate the configuration file with synapse.config script. (#16714)

Internal Changes

  • Clean-up unused tables. (#16522)
  • Reduce a little database load while processing state auth chains. (#16552)
  • Reduce database load of pruning old user_ips. (#16667)
  • Reduce DB load when forget on leave setting is disabled. (#16668)
  • Ignore encryption_enabled_by_default_for_room_type setting when creating server notices room, since the notices will be send unencrypted anyway. (#16677)
  • Correctly read the to-device stream ID on startup using SQLite. (#16682)
  • Reoranganise test files. (#16684)
  • Remove old full schema dumps which are no longer used. (#16697)
  • Raise poetry-core upper bound to <=1.8.1. This allows contributors to import Synapse after poetry installing with Poetry 1.6 and above. Contributed by Mo Balaa. (#16702)
  • Add a workflow to try and automatically fixup linting in a PR. (#16704)

Updates to locked dependencies

  • Bump cryptography from 41.0.5 to 41.0.6. (#16703)
  • Bump cryptography from 41.0.6 to 41.0.7. (#16721)
  • Bump idna from 3.4 to 3.6. (#16720)
  • Bump jsonschema from 4.19.1 to 4.20.0. (#16692)
  • Bump matrix-org/netlify-pr-preview from 2 to 3. (#16719)
  • Bump phonenumbers from 8.13.23 to 8.13.26. (#16722)
  • Bump prometheus-client from 0.18.0 to 0.19.0. (#16691)
  • Bump pyasn1 from 0.5.0 to 0.5.1. (#16689)
  • Bump pydantic from 2.4.2 to 2.5.1. (#16663)
  • Bump pyo3 (0.19.2→0.20.0), pythonize (0.19.0→0.20.0) and pyo3-log (0.8.1→0.9.0). (#16673)
  • Bump pyopenssl from 23.2.0 to 23.3.0. (#16662)
  • Bump ruff from 0.1.4 to 0.1.6. (#16690)
  • Bump sentry-sdk from 1.32.0 to 1.35.0. (#16666)
  • Bump serde from 1.0.192 to 1.0.193. (#16693)
  • Bump sphinx-autodoc2 from 0.4.2 to 0.5.0. (#16723)
  • Bump types-jsonschema from 4.19.0.4 to 4.20.0.0. (#16724)
  • Bump types-pillow from 10.1.0.0 to 10.1.0.2. (#16664)
  • Bump types-psycopg2 from 2.9.21.15 to 2.9.21.16. (#16665)
  • Bump types-setuptools from 68.2.0.0 to 68.2.0.2. (#16688)

Synapse 1.97.0 (2023-11-28)

Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for proprietary dual licensing). You can read more about this here:

The Matrix.org Foundation copy of the project will be archived. Any changes needed by server administrators will be communicated via our usual announcements channels, but we are striving to make this as seamless as possible.

No significant changes since 1.97.0rc1.

Synapse 1.97.0rc1 (2023-11-21)

Features

Bugfixes

  • Fix a long-standing bug where some queries updated the same row twice. Introduced in Synapse 1.57.0. (#16609)
  • Fix a long-standing bug where Synapse would not unbind third-party identifiers for Application Service users when deactivated and would not emit a compliant response. (#16617)
  • Fix sending out of order POSITION over replication, causing additional database load. (#16639)

Improved Documentation

  • Note that the option outbound_federation_restricted_to was added in Synapse 1.89.0, and fix a nearby formatting error. (#16628)
  • Update parameter information for the /timestamp_to_event admin API. (#16631)
  • Provide an example for a common encrypted media response from the admin user media API and mention possible null values. (#16654)

Internal Changes

  • Remove whole table locks on push rule modifications. Contributed by Nick @ Beeper (@fizzadar). (#16051)
  • Support reactor tick timings on more types of event loops. (#16532)
  • Improve type hints. (#16564, #16611, #16612)
  • Avoid executing no-op queries. (#16583)
  • Simplify persistence code to be per-room. (#16584)
  • Use standard SQL helpers in persistence code. (#16585)
  • Avoid updating the stream cache unnecessarily. (#16586)
  • Improve performance when using opentracing. (#16589)
  • Run push rule evaluator setup in parallel. (#16590)
  • Improve tests of the SQL generator. (#16596)
  • Use more generic database methods. (#16615)
  • Use dbname instead of the deprecated database connection parameter for psycopg2. (#16618)
  • Add an internal Admin API endpoint to temporarily grant the ability to update an existing cross-signing key without UIA. (#16634)
  • Improve references to GitHub issues. (#16637, #16638)
  • More efficiently handle no-op POSITION over replication. (#16640, #16655)
  • Speed up deleting of device messages when deleting a device. (#16643)
  • Speed up persisting large number of outliers. (#16649)
  • Reduce max concurrency of background tasks, reducing potential max DB load. (#16656, #16660)
  • Speed up purge room by adding an index to event_push_summary. (#16657)

Updates to locked dependencies

  • Bump prometheus-client from 0.17.1 to 0.18.0. (#16626)
  • Bump pyicu from 2.11 to 2.12. (#16603)
  • Bump requests-toolbelt from 0.10.1 to 1.0.0. (#16659)
  • Bump ruff from 0.0.292 to 0.1.4. (#16600)
  • Bump serde from 1.0.190 to 1.0.192. (#16627)
  • Bump serde_json from 1.0.107 to 1.0.108. (#16604)
  • Bump setuptools-rust from 1.8.0 to 1.8.1. (#16601)
  • Bump towncrier from 23.6.0 to 23.11.0. (#16622)
  • Bump treq from 22.2.0 to 23.11.0. (#16623)
  • Bump twisted from 23.8.0 to 23.10.0. (#16588)
  • Bump types-bleach from 6.1.0.0 to 6.1.0.1. (#16624)
  • Bump types-jsonschema from 4.19.0.3 to 4.19.0.4. (#16599)
  • Bump types-pyopenssl from 23.2.0.2 to 23.3.0.0. (#16625)
  • Bump types-pyyaml from 6.0.12.11 to 6.0.12.12. (#16602)

Synapse 1.96.1 (2023-11-17)

Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for proprietary dual licensing). You can read more about this here:

The Matrix.org Foundation copy of the project will be archived. Any changes needed by server administrators will be communicated via our usual announcements channels, but we are striving to make this as seamless as possible.

This minor release was needed only because of CI-related trouble on v1.96.0, which was never released.

Internal Changes

  • Fix building of wheels in CI. (#16653)

Synapse 1.96.0 (2023-11-16)

Bugfixes

  • Fix "'int' object is not iterable" error in set_device_id_for_pushers background update introduced in Synapse 1.95.0. (#16594)

Synapse 1.96.0rc1 (2023-10-31)

Features

  • Add experimental support to allow multiple workers to write to receipts stream. (#16432)
  • Add a new module API for controller presence. (#16544)
  • Add a new module API callback that allows adding extra fields to events' unsigned section when sent down to clients. (#16549)
  • Improve the performance of claiming encryption keys. (#16565, #16570)

Bugfixes

  • Fixed a bug in the example Grafana dashboard that prevents it from finding the correct datasource. Contributed by @MichaelSasser. (#16471)
  • Fix a long-standing, exceedingly rare edge case where the first event persisted by a new event persister worker might not be sent down /sync. (#16473, #16557, #16561, #16578, #16580)
  • Fix long-standing bug where /sync incorrectly did not mark a room as limited in a sync requests when there were missing remote events. (#16485)
  • Fix a bug introduced in Synapse 1.41 where HTTP(S) forward proxy authorization would fail when using basic HTTP authentication with a long username:password string. (#16504)
  • Force TLS certificate verification in user registration script. (#16530)
  • Fix long-standing bug where /sync could tightloop after restart when using SQLite. (#16540)
  • Fix ratelimiting of message sending when using workers, where the ratelimit would only be applied after most of the work has been done. (#16558)
  • Fix a long-standing bug where invited/knocking users would not leave during a room purge. (#16559)

Improved Documentation

Internal Changes

  • Improve performance of delete device messages query, cf issue 16479. (#16492)
  • Reduce memory allocations. (#16505)
  • Improve replication performance when purging rooms. (#16510)
  • Run tests against Python 3.12. (#16511)
  • Run trial & integration tests in continuous integration when .ci directory is modified. (#16512)
  • Remove duplicate call to mark remote server 'awake' when using a federation sending worker. (#16515)
  • Enable dirty runs on Complement CI, which is significantly faster. (#16520)
  • Stop deleting from an unused table. (#16521)
  • Improve type hints. (#16526, #16551)
  • Fix running unit tests on Twisted trunk. (#16528)
  • Reduce some spurious logging in worker mode. (#16555)
  • Stop porting a table in port db that we're going to nuke and rebuild anyway. (#16563)
  • Deal with warnings from running complement in CI. (#16567)
  • Allow building with setuptools_rust 1.8.0. (#16574)

Updates to locked dependencies

  • Bump black from 23.10.0 to 23.10.1. (#16575)
  • Bump black from 23.9.1 to 23.10.0. (#16538)
  • Bump cryptography from 41.0.4 to 41.0.5. (#16572)
  • Bump gitpython from 3.1.37 to 3.1.40. (#16534)
  • Bump phonenumbers from 8.13.22 to 8.13.23. (#16576)
  • Bump pygithub from 1.59.1 to 2.1.1. (#16535)
  • Bump matrix-synapse-ldap3 from 0.2.2 to 0.3.0. (#16539)
  • Bump serde from 1.0.189 to 1.0.190. (#16577)
  • Bump setuptools-rust from 1.7.0 to 1.8.0. (#16574)
  • Bump types-pillow from 10.0.0.3 to 10.1.0.0. (#16536)
  • Bump types-psycopg2 from 2.9.21.14 to 2.9.21.15. (#16573)
  • Bump types-requests from 2.31.0.2 to 2.31.0.10. (#16537)
  • Bump urllib3 from 1.26.17 to 1.26.18. (#16516)

Synapse 1.95.1 (2023-10-31)

Security advisory

The following issue is fixed in 1.95.1.

Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver.

See the advisory for more details. If you have any questions, email security@matrix.org.

Synapse 1.95.0 (2023-10-24)

Internal Changes

Synapse 1.95.0rc1 (2023-10-17)

Bugfixes

  • Remove legacy unspecced knock_state_events field returned in some responses. (#16403)
  • Fix a bug introduced in Synapse 1.81.0 where an AttributeError would be raised when _matrix/client/v3/account/whoami is called over a unix socket. Contributed by @Sir-Photch. (#16404)
  • Properly return inline media when content types have parameters. (#16440)
  • Prevent the purging of large rooms from timing out when Postgres is in use. The timeout which causes this issue was introduced in Synapse 1.88.0. (#16455)
  • Improve the performance of purging rooms, particularly encrypted rooms. (#16457)
  • Fix a bug introduced in Synapse 1.59.0 where servers could be incorrectly marked as available after an error response was received. (#16506)

Improved Documentation

Internal Changes

  • Bump pyo3 from 0.17.1 to 0.19.2. (#16162)
  • Update registration of media repository URLs. (#16419)
  • Improve type hints. (#16421, #16468, #16469, #16507)
  • Refactor some code to simplify and better type receipts stream adjacent code. (#16426)
  • Factor out MultiWriter token from RoomStreamToken. (#16427)
  • Improve code comments. (#16428)
  • Reduce memory allocations. (#16429, #16431, #16433, #16434, #16438, #16444)
  • Remove unused method. (#16435)
  • Improve rate limiting logic. (#16441)
  • Do not block running of CI behind the check for sign-off on PRs. (#16454)
  • Update the release script to remind releaser to check for special release notes. (#16461)
  • Update complement.sh to match new public API shape. (#16466)
  • Clean up logging on event persister endpoints. (#16488)
  • Remove useless async job to delete device messages on sync, since we only deliver (and hence delete) up to 100 device messages at a time. (#16491)

Updates to locked dependencies

  • Bump bleach from 6.0.0 to 6.1.0. (#16451)
  • Bump jsonschema from 4.19.0 to 4.19.1. (#16500)
  • Bump netaddr from 0.8.0 to 0.9.0. (#16453)
  • Bump packaging from 23.1 to 23.2. (#16497)
  • Bump pillow from 10.0.1 to 10.1.0. (#16498)
  • Bump psycopg2 from 2.9.8 to 2.9.9. (#16452)
  • Bump pyo3-log from 0.8.3 to 0.8.4. (#16495)
  • Bump ruff from 0.0.290 to 0.0.292. (#16449)
  • Bump sentry-sdk from 1.31.0 to 1.32.0. (#16496)
  • Bump serde from 1.0.188 to 1.0.189. (#16494)
  • Bump types-bleach from 6.0.0.4 to 6.1.0.0. (#16450)
  • Bump types-jsonschema from 4.17.0.10 to 4.19.0.3. (#16499)

Synapse 1.94.0 (2023-10-10)

No significant changes since 1.94.0rc1. However, please take note of the security advisory that follows.

Security advisory

The following issue is fixed in 1.94.0 (and RC).

A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.

Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.

See the advisory for more details. If you have any questions, email security@matrix.org.

Synapse 1.94.0rc1 (2023-10-03)

Features

  • Render plain, CSS, CSV, JSON and common image formats in the browser (inline) when requested through the /download endpoint. (#15988)
  • Add experimental support for MSC4028 to push all encrypted events to clients. (#16361)
  • Minor performance improvement when sending presence to federated servers. (#16385)
  • Minor performance improvement by caching server ACL checking. (#16360)

Improved Documentation

  • Add developer documentation concerning gradual schema migrations with column alterations. (#15691)
  • Improve documentation of the user directory search algorithm. (#16320)
  • Fix rendering of user admin API documentation around deactivation. This was broken in Synapse 1.91.0. (#16355)
  • Update documentation around message retention policies. (#16382)
  • Add note to federation_domain_whitelist config option to clarify its usage. (#16416)
  • Improve legacy release notes. (#16418)

Deprecations and Removals

  • Remove Python version from /_synapse/admin/v1/server_version. (#16380)

Internal Changes

  • Avoid running CI steps when the files they check have not been changed. (#14745, #16387)
  • Improve type hints. (#14911, #16350, #16356, #16395)
  • Added support for pydantic v2 in addition to pydantic v1. Contributed by Maxwell G (@gotmax23). (#16332)
  • Get CI to check PRs have been signed-off. (#16348)
  • Add missing licence header. (#16359)
  • Improve type hints, and bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. (#16381)
  • Improve comments in StateGroupBackgroundUpdateStore. (#16383)
  • Update maturin configuration. (#16394)
  • Downgrade replication stream time out error log lines to warning. (#16401)

Updates to locked dependencies

  • Bump actions/checkout from 3 to 4. (#16250)
  • Bump cryptography from 41.0.3 to 41.0.4. (#16362)
  • Bump dawidd6/action-download-artifact from 2.27.0 to 2.28.0. (#16374)
  • Bump docker/setup-buildx-action from 2 to 3. (#16375)
  • Bump gitpython from 3.1.35 to 3.1.37. (#16376)
  • Bump msgpack from 1.0.5 to 1.0.6. (#16377)
  • Bump msgpack from 1.0.6 to 1.0.7. (#16412)
  • Bump phonenumbers from 8.13.19 to 8.13.22. (#16413)
  • Bump psycopg2 from 2.9.7 to 2.9.8. (#16409)
  • Bump pydantic from 2.3.0 to 2.4.2. (#16410)
  • Bump regex from 1.9.5 to 1.9.6. (#16408)
  • Bump sentry-sdk from 1.30.0 to 1.31.0. (#16378)
  • Bump types-netaddr from 0.8.0.9 to 0.9.0.1. (#16411)
  • Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. (#16381)
  • Bump urllib3 from 1.26.15 to 1.26.17. (#16422)

Synapse 1.93.0 (2023-09-26)

No significant changes since 1.93.0rc1.

Security advisory

The following issues are fixed in 1.93.0 (and RCs).

Temporary storage of plaintext passwords during password changes.

Improper validation of receipts allows forged read receipts.

See the advisories for more details. If you have any questions, email security@matrix.org.

Synapse 1.93.0rc1 (2023-09-19)

Features

  • Add automatic purge after all users have forgotten a room. (#15488)
  • Restore room purge/shutdown after a Synapse restart. (#15488)
  • Support resolving homeservers using matrix-fed DNS SRV records from MSC4040. (#16137)
  • Add the ability to use G (GiB) and T (TiB) suffixes in configuration options that refer to numbers of bytes. (#16219)
  • Add span information to requests sent to appservices. Contributed by MTRNord. (#16227)
  • Add the ability to enable/disable registrations when using CAS. Contributed by AurĂ©lien Grimpard. (#16262)
  • Allow the /notifications endpoint to be routed to workers. (#16265)
  • Enable users to easily unsubscribe to notifications emails via the List-Unsubscribe header. (#16274)
  • Report whether a user is locked in the List Accounts admin API, and exclude locked users by default. (#16328)

Bugfixes

  • Fix a long-standing bug where multi-device accounts could cause high load due to presence. (#16066, #16170, #16171, #16172, #16174)
  • Fix a long-standing bug where appservices using MSC2409 to receive to_device messages would only get messages for one user. (#16251)
  • Fix bug when using workers where Synapse could end up re-requesting the same remote device repeatedly. (#16252)
  • Fix long-standing bug where we kept re-requesting a remote server's key repeatedly, potentially causing delays in receiving events over federation. (#16257)
  • Avoid temporary storage of sensitive information. (#16272)
  • Fix bug introduced in Synapse 1.49.0 when using dehydrated devices (MSC2697) and refresh tokens. Contributed by Hanadi. (#16288)
  • Fix a long-standing bug where invalid receipts would be accepted. (#16327)
  • Use standard name for UTF-8 charset in emails. (#16329)
  • Don't try refetching device lists for users on remote hosts that are marked as "down". (#16298)

Improved Documentation

  • Fix typos in the documentation. (#16282)
  • Link to the Alpine Linux community package for Synapse. (#16304)
  • Use string for federation_client_minimum_tls_version documentation examples. Contributed by @jcgruenhage. (#16353)

Internal Changes

  • Allow modules to delete rooms. (#15997)
  • Add GCC and GNU Make to the Nix flake development environment so that ruff can be compiled. (#16090, #16263)
  • Fix type checking when using the new version of Twisted. (#16235)
  • Delete device messages asynchronously and in staged batches using the task scheduler. (#16240, #16311, #16312, #16313)
  • Bump minimum supported Rust version to 1.61.0. (#16248)
  • Update rust to version 1.71.1 in the nix development environment. (#16260)
  • Simplify server key storage. (#16261)
  • Reduce CPU overhead of change password endpoint. (#16264)
  • Stop purging from tables slated for removal. (#16273)
  • Improve type hints. (#16276, #16301, #16325, #16326)
  • Raise setuptools_rust version cap to 1.7.0. (#16277)
  • Fix using the new task scheduler causing lots of CPU to be used. (#16278)
  • Upgrade CI run of Python 3.12 from rc1 to rc2. (#16280)
  • Include values in SQL debug when using execute_values with Postgres. (#16281)
  • Enable additional linting checks. (#16283)
  • Refactor receipts_graph Postgres transactions to stop error messages. (#16299)
  • Small improvements to logging in replication code. (#16309)
  • Remove a reference cycle in background processes. (#16314)
  • Only use literal strings for background process names. (#16315)
  • Refactor get_user_by_id. (#16316)
  • Speed up task to delete to-device messages. (#16318)
  • Avoid patching code in tests. (#16349)
  • Test against PostgreSQL 16. (#16351)

Updates to locked dependencies

  • Bump mypy from 1.4.1 to 1.5.1. (#16300)
  • Bump black from 23.7.0 to 23.9.1. (#16295)
  • Bump docker/build-push-action from 4 to 5. (#16336)
  • Bump docker/login-action from 2 to 3. (#16339)
  • Bump docker/metadata-action from 4 to 5. (#16337)
  • Bump docker/setup-qemu-action from 2 to 3. (#16338)
  • Bump furo from 2023.8.19 to 2023.9.10. (#16340)
  • Bump gitpython from 3.1.32 to 3.1.35. (#16267, #16279)
  • Bump mypy-zope from 1.0.0 to 1.0.1. (#16291)
  • Bump pillow from 10.0.0 to 10.0.1. (#16344)
  • Bump regex from 1.9.4 to 1.9.5. (#16233)
  • Bump ruff from 0.0.286 to 0.0.290. (#16342)
  • Bump serde_json from 1.0.105 to 1.0.107. (#16296, #16345)
  • Bump twisted from 22.10.0 to 23.8.0. (#16235)
  • Bump types-pillow from 10.0.0.2 to 10.0.0.3. (#16293)
  • Bump types-setuptools from 68.0.0.3 to 68.2.0.0. (#16292)
  • Bump typing-extensions from 4.7.1 to 4.8.0. (#16341)

Synapse 1.92.3 (2023-09-18)

This is again a security update targeted at mitigating CVE-2023-4863. It turns out that libwebp is bundled statically in Pillow wheels so we need to update this dependency instead of libwebp package at the OS level.

Unlike what was advertised in 1.92.2 changelog this release also impacts PyPI wheels and Debian packages from matrix.org.

We encourage admins to upgrade as soon as possible.

Internal Changes

  • Pillow 10.0.1 is now mandatory because of libwebp CVE-2023-4863, since Pillow provides libwebp in the wheels. (#16347)

Updates to locked dependencies

  • Bump pillow from 10.0.0 to 10.0.1. (#16344)

Synapse 1.92.2 (2023-09-15)

This is a Docker-only update to mitigate CVE-2023-4863, a critical vulnerability in libwebp. Server admins not using Docker should ensure that their libwebp is up to date (if installed). We encourage admins to upgrade as soon as possible.

Updates to the Docker image

  • Update docker image to use Debian bookworm as the base. (#16324)

Synapse 1.92.1 (2023-09-12)

This minor release was needed only because of CI-related trouble on v1.92.0, which was never released.

Internal Changes

  • Stop building Ubuntu Kinetic since it is EOL and repos seem to be dead.

Synapse 1.92.0 (2023-09-12)

This release includes the same bugfix as Synapse 1.91.2.

This version was never released following a CI build failure, cf v1.92.1 changelog.

Bugfixes

  • Revert MSC3861 introspection cache, admin impersonation and account lock. (#16258)

Internal Changes

  • Fix incorrect docstring for Ratelimiter. (#16255)
  • Update the release script to work on macOS. (#16266)

Synapse 1.91.2 (2023-09-06)

Bugfixes

  • Revert MSC3861 introspection cache, admin impersonation and account lock. (#16258)

Synapse 1.92.0rc1 (2023-09-05)

Features

  • Add configuration setting for CAS protocol version. Contributed by AurĂ©lien Grimpard. (#15816)
  • Suppress notifications from message edits per MSC3958. (#16113)
  • Experimental support for MSC4041: return a Retry-After header with M_LIMIT_EXCEEDED error responses. (#16136)
  • Add last_seen_ts to the admin users API. (#16218)
  • Improve resource usage when sending data to a large number of remote hosts that are marked as "down". (#16223)

Bugfixes

  • Fix IPv6-related bugs on SMTP settings, adding groundwork to fix similar issues. Contributed by @evilham and @telmich (ungleich.ch). (#16155)
  • Fix a spec compliance issue where requests to the /publicRooms federation API would specify include_all_networks as a string. (#16185)
  • Fix inaccurate error message while attempting to ban or unban a user with the same or higher PL by spliting the conditional statements. Contributed by @leviosacz. (#16205)
  • Fix a rare bug that broke looping calls, which could lead to e.g. linearly increasing memory usage. Introduced in v1.90.0. (#16210)
  • Fix a long-standing bug where uploading images would fail if we could not generate thumbnails for them. (#16211)
  • Fix a long-standing bug where we did not correctly back off from servers that had "gone" if they returned 4xx series error codes. (#16221)

Improved Documentation

Internal Changes

  • Prepare unit tests for Python 3.12. (#16099)
  • Fix nightly CI jobs. (#16121, #16213)
  • Describe which rate limiter was hit in logs. (#16135)
  • Simplify presence code when using workers. (#16170)
  • Track per-device information in the presence code. (#16171, #16172)
  • Stop using the event_txn_id table. (#16175)
  • Use AsyncMock instead of custom code. (#16179, #16180)
  • Improve error reporting of invalid data passed to /_matrix/key/v2/query. (#16183)
  • Task scheduler: add replication notify for new task to launch ASAP. (#16184)
  • Improve type hints. (#16186, #16188, #16201)
  • Bump black version to 23.7.0. (#16187)
  • Log the details of background update failures. (#16212)
  • Cache device resync requests over replication. (#16241)

Updates to locked dependencies

  • Bump anyhow from 1.0.72 to 1.0.75. (#16141)
  • Bump furo from 2023.7.26 to 2023.8.19. (#16238)
  • Bump phonenumbers from 8.13.18 to 8.13.19. (#16237)
  • Bump psycopg2 from 2.9.6 to 2.9.7. (#16196)
  • Bump regex from 1.9.3 to 1.9.4. (#16195)
  • Bump ruff from 0.0.277 to 0.0.286. (#16198)
  • Bump sentry-sdk from 1.29.2 to 1.30.0. (#16236)
  • Bump serde from 1.0.184 to 1.0.188. (#16194)
  • Bump serde_json from 1.0.104 to 1.0.105. (#16140)
  • Bump types-psycopg2 from 2.9.21.10 to 2.9.21.11. (#16200)
  • Bump types-pyyaml from 6.0.12.10 to 6.0.12.11. (#16199)

Synapse 1.91.1 (2023-09-04)

Bugfixes

  • Fix a performance regression introduced in Synapse 1.91.0 where event persistence would cause an excessive linear growth in CPU usage. (#16220)

Synapse 1.91.0 (2023-08-30)

No significant changes since 1.91.0rc1.

Synapse 1.91.0rc1 (2023-08-23)

Features

  • Implements an admin API to lock an user without deactivating them. Based on MSC3939. (#15870)
  • Implements a task scheduler for resumable potentially long running tasks. (#15891)
  • Allow specifying client_secret_path as alternative to client_secret for OIDC providers. This avoids leaking the client secret in the homeserver config. Contributed by @Ma27. (#16030)
  • Allow customising the IdP display name, icon, and brand for SAML and CAS providers (in addition to OIDC provider). (#16094)
  • Add an admins query parameter to the List Accounts admin API, to include only admins or to exclude admins in user queries. (#16114)

Bugfixes

  • Fix long-standing bug where concurrent requests to change a user's push rules could cause a deadlock. Contributed by Nick @ Beeper (@fizzadar). (#16052)
  • Fix a long-standing bu in /sync where timeout=0 does not skip caching, resulting in slow calls in cases where there are no new changes. Contributed by @PlasmaIntec. (#16080)
  • Fix performance of state resolutions for large, old rooms that did not have the full auth chain persisted. (#16116)
  • Filter out user agent references to the sliding sync proxy and rust-sdk from the user_daily_visits table to ensure that Element X can be represented fully. (#16124)
  • User constent and 3-PID changes capability cannot be enabled when using experimental MSC3861 support. (#16127, #16134)
  • Fix a rare race that could block new events from being sent for up to two minutes. Introduced in v1.90.0. (#16133, #16169)
  • Fix performance degredation when there are a lot of in-flight replication requests. (#16148)
  • Fix a bug introduced in 1.87 where synapse would send an excessive amount of federation requests to servers which have been offline for a long time. Contributed by Nico. (#16156, #16164)

Improved Documentation

  • Structured logging docs: add a link to explain the ELK stack (#16091)

Internal Changes

  • Update dehydrated devices implementation. (#16010)
  • Fix database performance of read/write worker locks. (#16061)
  • Fix building the nix development environment on MacOS systems. (#16063)
  • Override global statement timeout when creating indexes in Postgres. (#16085)
  • Fix the type annotation on run_db_interaction in the Module API. (#16089)
  • Clean-up the presence code. (#16092)
  • Run pyupgrade for Python 3.8+. (#16110)
  • Rename pagination and purge locks and add comments to explain why they exist and how they work. (#16112)
  • Attempt to fix the twisted trunk job. (#16115)
  • Cache token introspection response from OIDC provider. (#16117)
  • Add cache to get_server_keys_json_for_remote. (#16123)
  • Add an admin endpoint to allow authorizing server to signal token revocations. (#16125)
  • Add response time metrics for introspection requests for delegated auth. (#16131)
  • MSC3861: allow impersonation by an admin user using _oidc_admin_impersonate_user_id query parameter. (#16132)
  • Increase performance of read/write locks. (#16149)
  • Improve presence tests. (#16150, #16151, #16158)
  • Raised the poetry-core version cap to 1.7.0. (#16152)
  • Fix assertion in user directory unit tests. (#16157)
  • Reduce scope of locks when paginating to alleviate DB contention. (#16159)
  • Reduce DB contention on worker locks. (#16160)
  • Task scheduler: mark task as active if we are scheduling as soon as possible. (#16165)

Updates to locked dependencies

  • Bump click from 8.1.6 to 8.1.7. (#16145)
  • Bump gitpython from 3.1.31 to 3.1.32. (#16103)
  • Bump ijson from 3.2.1 to 3.2.3. (#16143)
  • Bump isort from 5.11.5 to 5.12.0. (#16108)
  • Bump log from 0.4.19 to 0.4.20. (#16109)
  • Bump pygithub from 1.59.0 to 1.59.1. (#16144)
  • Bump sentry-sdk from 1.28.1 to 1.29.2. (#16142)
  • Bump serde from 1.0.183 to 1.0.184. (#16139)
  • Bump txredisapi from 1.4.9 to 1.4.10. (#16107)
  • Bump types-bleach from 6.0.0.3 to 6.0.0.4. (#16106)
  • Bump types-pillow from 10.0.0.1 to 10.0.0.2. (#16105)
  • Bump types-pyopenssl from 23.2.0.1 to 23.2.0.2. (#16146)

Synapse 1.91.0rc1 (2023-08-23)

Features

  • Implements an admin API to lock an user without deactivating them. Based on MSC3939. (#15870)
  • Allow specifying client_secret_path as alternative to client_secret for OIDC providers. This avoids leaking the client secret in the homeserver config. Contributed by @Ma27. (#16030)
  • Allow customising the IdP display name, icon, and brand for SAML and CAS providers (in addition to OIDC provider). (#16094)
  • Add an admins query parameter to the List Accounts admin API, to include only admins or to exclude admins in user queries. (#16114)

Bugfixes

  • Fix long-standing bug where concurrent requests to change a user's push rules could cause a deadlock. Contributed by Nick @ Beeper (@fizzadar). (#16052)
  • Fix a long-standing bug in /sync where timeout=0 does not skip caching, resulting in slow calls in cases where there are no new changes. Contributed by @PlasmaIntec. (#16080)
  • Fix performance of state resolutions for large, old rooms that did not have the full auth chain persisted. (#16116)
  • Filter out user agent references to the sliding sync proxy and rust-sdk from the user_daily_visits table to ensure that Element X can be represented fully. (#16124)
  • User constent and third-party ID changes capability cannot be enabled when using experimental MSC3861 support. (#16127, #16134)
  • Fix a rare race that could block new events from being sent for up to two minutes. Introduced in v1.90.0. (#16133, #16169)
  • Fix performance degredation when there are a lot of in-flight replication requests. (#16148)
  • Fix a bug introduced in 1.87 where synapse would send an excessive amount of federation requests to servers which have been offline for a long time. Contributed by Nico. (#16156, #16164)

Improved Documentation

  • Structured logging docs: add a link to explain the ELK stack (#16091)

Internal Changes

  • Update dehydrated devices implementation. (#16010)
  • Fix database performance of read/write worker locks. (#16061)
  • Fix building the nix development environment on MacOS systems. (#16063)
  • Override global statement timeout when creating indexes in Postgres. (#16085)
  • Fix the type annotation on run_db_interaction in the Module API. (#16089)
  • Clean-up the presence code. (#16092)
  • Run pyupgrade for Python 3.8+. (#16110)
  • Rename pagination and purge locks and add comments to explain why they exist and how they work. (#16112)
  • Attempt to fix the twisted trunk job. (#16115)
  • Cache token introspection response from OIDC provider. (#16117)
  • Add cache to get_server_keys_json_for_remote. (#16123)
  • Add an admin endpoint to allow authorizing server to signal token revocations. (#16125)
  • Add response time metrics for introspection requests for delegated auth. (#16131)
  • MSC3861: allow impersonation by an admin user using _oidc_admin_impersonate_user_id query parameter. (#16132)
  • Increase performance of read/write locks. (#16149)
  • Improve presence tests. (#16150, #16151, #16158)
  • Raised the poetry-core version cap to 1.7.0. (#16152)
  • Fix assertion in user directory unit tests. (#16157)
  • Reduce scope of locks when paginating to alleviate DB contention. (#16159)
  • Reduce DB contention on worker locks. (#16160)
  • Task scheduler: mark task as active if we are scheduling as soon as possible. (#16165)
  • Implements a task scheduler for resumable potentially long running tasks. (#15891)

Updates to locked dependencies

  • Bump click from 8.1.6 to 8.1.7. (#16145)
  • Bump gitpython from 3.1.31 to 3.1.32. (#16103)
  • Bump ijson from 3.2.1 to 3.2.3. (#16143)
  • Bump isort from 5.11.5 to 5.12.0. (#16108)
  • Bump log from 0.4.19 to 0.4.20. (#16109)
  • Bump pygithub from 1.59.0 to 1.59.1. (#16144)
  • Bump sentry-sdk from 1.28.1 to 1.29.2. (#16142)
  • Bump serde from 1.0.183 to 1.0.184. (#16139)
  • Bump txredisapi from 1.4.9 to 1.4.10. (#16107)
  • Bump types-bleach from 6.0.0.3 to 6.0.0.4. (#16106)
  • Bump types-pillow from 10.0.0.1 to 10.0.0.2. (#16105)
  • Bump types-pyopenssl from 23.2.0.1 to 23.2.0.2. (#16146)

Synapse 1.90.0 (2023-08-15)

No significant changes since 1.90.0rc1.

Synapse 1.90.0rc1 (2023-08-08)

Features

  • Scope transaction IDs to devices (implement MSC3970). (#15629)
  • Remove old rows from the cache_invalidation_stream_by_instance table automatically (this table is unused in SQLite). (#15868)

Bugfixes

  • Fix a long-standing bug where purging history and paginating simultaneously could lead to database corruption when using workers. (#15791)
  • Fix a long-standing bug where profile endpoint returned a 404 when the user's display name was empty. (#16012)
  • Fix a long-standing bug where the synapse_port_db failed to configure sequences for application services and partial stated rooms. (#16043)
  • Fix long-standing bug with deletion in dehydrated devices v2. (#16046)

Updates to the Docker image

Improved Documentation

Deprecations and Removals

  • Remove support for legacy application service paths. (#15964)
  • Move support for application service query parameter authorization behind a configuration option. (#16017)

Internal Changes

  • Update SQL queries to inline boolean parameters as supported in SQLite 3.27. (#15525)
  • Allow for the configuration of the backoff algorithm for federation destinations. (#15754)
  • Allow modules to check whether the current worker is configured to run background tasks. (#15991)
  • Update support for MSC3958 to match the latest revision of the MSC. (#15992)
  • Allow modules to schedule delayed background calls. (#15993)
  • Properly overwrite the redacts content-property for forwards-compatibility with room versions 1 through 10. (#16013)
  • Fix building the nix development environment on MacOS systems. (#16019)
  • Remove leading and trailing spaces when setting a display name. (#16031)
  • Combine duplicated code. (#16023)
  • Collect additional metrics from ResponseCache for eviction. (#16028)
  • Fix endpoint improperly declaring support for MSC3814. (#16068)
  • Drop backwards compat hack for event serialization. (#16069)

Updates to locked dependencies

  • Update PyYAML to 6.0.1. (#16011)
  • Bump cryptography from 41.0.2 to 41.0.3. (#16048)
  • Bump furo from 2023.5.20 to 2023.7.26. (#16077)
  • Bump immutabledict from 2.2.4 to 3.0.0. (#16034)
  • Update certifi to 2023.7.22 and pygments to 2.15.1. (#16044)
  • Bump jsonschema from 4.18.3 to 4.19.0. (#16081)
  • Bump phonenumbers from 8.13.14 to 8.13.18. (#16076)
  • Bump regex from 1.9.1 to 1.9.3. (#16073)
  • Bump serde from 1.0.171 to 1.0.175. (#15982)
  • Bump serde from 1.0.175 to 1.0.179. (#16033)
  • Bump serde from 1.0.179 to 1.0.183. (#16074)
  • Bump serde_json from 1.0.103 to 1.0.104. (#16032)
  • Bump service-identity from 21.1.0 to 23.1.0. (#16038)
  • Bump types-commonmark from 0.9.2.3 to 0.9.2.4. (#16037)
  • Bump types-jsonschema from 4.17.0.8 to 4.17.0.10. (#16036)
  • Bump types-netaddr from 0.8.0.8 to 0.8.0.9. (#16035)
  • Bump types-opentracing from 2.4.10.5 to 2.4.10.6. (#16078)
  • Bump types-setuptools from 68.0.0.0 to 68.0.0.3. (#16079)

Synapse 1.89.0 (2023-08-01)

No significant changes since 1.89.0rc1.

Synapse 1.89.0rc1 (2023-07-25)

Features

  • Add Unix Socket support for HTTP Replication Listeners. Document and provide usage instructions for utilizing Unix sockets in Synapse. Contributed by Jason Little. (#15708, #15924)
  • Allow + in Matrix IDs, per MSC4009. (#15911)
  • Support room version 11 from MSC3820. (#15912)
  • Allow configuring the set of workers to proxy outbound federation traffic through via outbound_federation_restricted_to. (#15913, #15969)
  • Implement MSC3814, dehydrated devices v2/shrivelled sessions and move MSC2697 behind a config flag. Contributed by Nico from Famedly, H-Shay and poljar. (#15929)

Bugfixes

  • Fix a long-standing bug where remote invites weren't correctly pushed. (#15820)
  • Fix background schema updates failing over a large upgrade gap. (#15887)
  • Fix a bug introduced in 1.86.0 where Synapse starting with an empty experimental_features configuration setting. (#15925)
  • Fixed deploy annotations in the provided Grafana dashboard config, so that it shows for any homeserver and not just matrix.org. Contributed by @wrjlewis. (#15957)
  • Ensure a long state res does not starve CPU by occasionally yielding to the reactor. (#15960)
  • Properly handle redactions of creation events. (#15973)
  • Fix a bug where resyncing stale device lists could block responding to federation transactions, and thus delay receiving new data from the remote server. (#15975)

Improved Documentation

Deprecations and Removals

  • Remove support for calling the /register endpoint with an unspecced user property for application services. (#15928)

Internal Changes

  • Mark get_user_in_directory private since it is only used in tests. Also remove the cache from it. (#15884)
  • Document which Python version runs on a given Linux distribution so we can more easily clean up later. (#15909)
  • Add details to warning in log when we fail to fetch an alias. (#15922)
  • Remove unneeded __init__. (#15926)
  • Fix bug with read/write lock implementation. This is currently unused so has no observable effects. (#15933, #15958)
  • Unbreak the nix development environment by pinning the Rust version to 1.70.0. (#15940)
  • Update presence metrics to differentiate remote vs local users. (#15952)
  • Stop reading from column user_id of table profiles. (#15955)
  • Build packages for Debian Trixie. (#15961)
  • Reduce the amount of state we pull out. (#15968)
  • Speed up updating state in large rooms. (#15971)

Updates to locked dependencies

  • Bump anyhow from 1.0.71 to 1.0.72. (#15949)
  • Bump click from 8.1.3 to 8.1.6. (#15984)
  • Bump cryptography from 41.0.1 to 41.0.2. (#15943)
  • Bump jsonschema from 4.17.3 to 4.18.3. (#15948)
  • Bump pillow from 9.4.0 to 10.0.0. (#15986)
  • Bump prometheus-client from 0.17.0 to 0.17.1. (#15945)
  • Bump pydantic from 1.10.10 to 1.10.11. (#15946)
  • Bump pygithub from 1.58.2 to 1.59.0. (#15834)
  • Bump pyo3-log from 0.8.2 to 0.8.3. (#15951)
  • Bump sentry-sdk from 1.26.0 to 1.28.1. (#15985)
  • Bump serde_json from 1.0.100 to 1.0.103. (#15950)
  • Bump types-pillow from 9.5.0.4 to 10.0.0.1. (#15932)
  • Bump types-requests from 2.31.0.1 to 2.31.0.2. (#15983)
  • Bump typing-extensions from 4.5.0 to 4.7.1. (#15947)

Synapse 1.88.0 (2023-07-18)

This release

  • raises the minimum supported version of Python to 3.8, as Python 3.7 is now end-of-life, and
  • removes deprecated config options related to worker deployment.

See the upgrade notes for more information.

Bugfixes

  • Revert "Stop writing to column user_id of tables profiles and user_filters", which was introduced in Synapse 1.88.0rc1. (#15953)

Synapse 1.88.0rc1 (2023-07-11)

Features

Bugfixes

  • Pin pydantic to ^=1.7.4 to avoid backwards-incompatible API changes from the 2.0.0 release. Contributed by @PaarthShah. (#15862)
  • Correctly resize thumbnails with pillow version >=10. (#15876)

Improved Documentation

  • Fixed header levels on the Admin API "Users" documentation page. Contributed by @sumnerevans at @beeper. (#15852)
  • Remove deprecated worker_replication_host, worker_replication_http_port and worker_replication_http_tls configuration options. (#15872)

Deprecations and Removals

  • Remove deprecated worker_replication_host, worker_replication_http_port and worker_replication_http_tls configuration options. See the upgrade notes for more details. (#15860)
  • Remove support for Python 3.7 and hence for Debian Buster. (#15851, #15892, #15893, #15917)

Internal Changes

  • Add foreign key constraint to event_forward_extremities. (#15751, #15907)
  • Add read/write style cross-worker locks. (#15782)
  • Stop writing to column user_id of tables profiles and user_filters. (#15787)
  • Use lower isolation level when cleaning old presence stream data to avoid serialization errors. (#15826)
  • Add tracing to media /upload code paths. (#15850, #15888)
  • Add a timeout that aborts any Postgres statement taking more than 1 hour. (#15853)
  • Fix the devenv up configuration which was ignoring the config overrides. (#15854)
  • Optimised cleanup of old entries in device_lists_stream. (#15861)
  • Update the Matrix clients link in the It works! Synapse is running landing page. (#15874)
  • Fix building Synapse with the nightly Rust compiler. (#15906)
  • Add Server to Access-Control-Expose-Headers header. (#15908)

Updates to locked dependencies

  • Bump authlib from 1.2.0 to 1.2.1. (#15864)
  • Bump importlib-metadata from 6.6.0 to 6.7.0. (#15865)
  • Bump lxml from 4.9.2 to 4.9.3. (#15897)
  • Bump regex from 1.8.4 to 1.9.1. (#15902)
  • Bump ruff from 0.0.275 to 0.0.277. (#15900)
  • Bump sentry-sdk from 1.25.1 to 1.26.0. (#15867)
  • Bump serde_json from 1.0.99 to 1.0.100. (#15901)
  • Bump types-pyopenssl from 23.2.0.0 to 23.2.0.1. (#15866)

Synapse 1.87.0 (2023-07-04)

Please note that this will be the last release of Synapse that is compatible with Python 3.7 and earlier. This is due to Python 3.7 now having reached End of Life; see our deprecation policy for more details.

Bugfixes

Internal Changes

  • Split out 2022 changes from the changelog so the rendered version in GitHub doesn't timeout as much. (#15846)

Synapse 1.87.0rc1 (2023-06-27)

Features

  • Improve /messages response time by avoiding backfill when we already have messages to return. (#15737)
  • Add spam checker module API for logins. (#15838)

Bugfixes

  • Fix a long-standing bug where media files were served in an unsafe manner. Contributed by @joshqou. (#15680)
  • Avoid invalidating a cache that was just prefilled. (#15758)
  • Fix requesting multiple keys at once over federation, related to MSC3983. (#15770)
  • Fix joining rooms through aliases where the alias server isn't a real homeserver. Contributed by @tulir @ Beeper. (#15776)
  • Fix a bug in push rules handling leading to an invalid (per spec) is_user_mention rule sent to clients. Also fix wrong rule names for is_user_mention and is_room_mention. (#15781)
  • Fix a bug introduced in 1.57.0 where the wrong table would be locked on updating database rows when using SQLite as the database backend. (#15788)
  • Fix Sytest environmental variable evaluation in CI. (#15804)
  • Fix forgotten rooms missing from initial sync after rejoining them. Contributed by Nico from Famedly. (#15815)
  • Fix sqlite user_filters upgrade introduced in v1.86.0. (#15817)

Improved Documentation

  • Document looping_call() functionality that will wait for the given function to finish before scheduling another. (#15772)
  • Fix a typo in the Admin API. (#15805)
  • Fix typo in MSC number in faster remote room join architecture doc. (#15812)

Deprecations and Removals

  • Remove experimental MSC2716 implementation to incrementally import history into existing rooms. (#15748)

Internal Changes

  • Replace EventContext fields prev_group and delta_ids with field state_group_deltas. (#15233)
  • Regularly try to send transactions to other servers after they failed instead of waiting for a new event to be available before trying. (#15743)
  • Fix requesting multiple keys at once over federation, related to MSC3983. (#15755)
  • Allow for the configuration of max request retries and min/max retry delays in the matrix federation client. (#15783)
  • Switch from matrix:// to matrix-federation:// scheme for internal Synapse routing of outbound federation traffic. (#15806)
  • Fix harmless exceptions being printed when running the port DB script. (#15814)

Updates to locked dependencies

  • Bump attrs from 22.2.0 to 23.1.0. (#15801)
  • Bump cryptography from 40.0.2 to 41.0.1. (#15800)
  • Bump ijson from 3.2.0.post0 to 3.2.1. (#15802)
  • Bump phonenumbers from 8.13.13 to 8.13.14. (#15798)
  • Bump ruff from 0.0.265 to 0.0.272. (#15799)
  • Bump ruff from 0.0.272 to 0.0.275. (#15833)
  • Bump serde_json from 1.0.96 to 1.0.97. (#15797)
  • Bump serde_json from 1.0.97 to 1.0.99. (#15832)
  • Bump towncrier from 22.12.0 to 23.6.0. (#15831)
  • Bump types-opentracing from 2.4.10.4 to 2.4.10.5. (#15830)
  • Bump types-setuptools from 67.8.0.0 to 68.0.0.0. (#15835)

Synapse 1.86.0 (2023-06-20)

No significant changes since 1.86.0rc2.

Synapse 1.86.0rc2 (2023-06-14)

Bugfixes

  • Fix an error when having workers of different versions running. (#15774)

Synapse 1.86.0rc1 (2023-06-13)

This version was tagged but never released.

Features

  • Stable support for MSC3882 to allow an existing device/session to generate a login token for use on a new device/session. (#15388)
  • Support resolving a room's canonical alias via the module API. (#15450)
  • Enable support for MSC3952: intentional mentions. (#15520)
  • Experimental MSC3861 support: delegate auth to an OIDC provider. (#15582)
  • Add Synapse version deploy annotations to Grafana dashboard which enables easy correlation between behavior changes witnessed in a graph to a certain Synapse version and nail down regressions. (#15674)
  • Add a catch-all * to the supported relation types when redacting an event and its related events. This is an update to MSC3912 implementation. (#15705)
  • Speed up /messages by backfilling in the background when there are no backward extremities where we are directly paginating. (#15710)
  • Expose a metric reporting the database background update status. (#15740)

Bugfixes

  • Correctly clear caches when we delete a room. (#15609)
  • Check permissions for enabling encryption earlier during room creation to avoid creating broken rooms. (#15695)

Improved Documentation

  • Simplify query to find participating servers in a room. (#15732)

Internal Changes

  • Log when events are (maybe unexpectedly) filtered out of responses in tests. (#14213)
  • Read from column full_user_id rather than user_id of tables profiles and user_filters. (#15649)
  • Add support for tracing functions which return Awaitables. (#15650)
  • Cache requests for user's devices over federation. (#15675)
  • Add fully qualified docker image names to Dockerfiles. (#15689)
  • Remove some unused code. (#15690)
  • Improve type hints. (#15694, #15697)
  • Update docstring and traces on maybe_backfill() functions. (#15709)
  • Add context for when/why to use the long_retries option when sending Federation requests. (#15721)
  • Removed some unused fields. (#15723)
  • Update federation error to more plainly explain we can only authorize our own membership events. (#15725)
  • Prevent the latest_deps and twisted_trunk daily GitHub Actions workflows from running on forks of the codebase. (#15726)
  • Improve performance of user directory search. (#15729)
  • Remove redundant table join with room_memberships when doing a is_host_joined()/is_host_invited() call (membership is already part of the current_state_events). (#15731)
  • Remove superfluous room_memberships join from background update. (#15733)
  • Speed up typechecking CI. (#15752)
  • Bump minimum supported Rust version to 1.60.0. (#15768)

Updates to locked dependencies

  • Bump importlib-metadata from 6.1.0 to 6.6.0. (#15711)
  • Bump library/redis from 6-bullseye to 7-bullseye in /docker. (#15712)
  • Bump log from 0.4.18 to 0.4.19. (#15761)
  • Bump phonenumbers from 8.13.11 to 8.13.13. (#15763)
  • Bump pyasn1 from 0.4.8 to 0.5.0. (#15713)
  • Bump pydantic from 1.10.8 to 1.10.9. (#15762)
  • Bump pyo3-log from 0.8.1 to 0.8.2. (#157