Erik Johnston
c65067d673
Handle old staged inbound events ( #10303 )
...
We might have events in the staging area if the service was restarted while there were unhandled events in the staging area.
Fixes #10295
2021-07-06 13:02:37 +01:00
Richard van der Hoff
d7a94a7dcc
Add upgrade notes about disk space for events migration ( #10314 )
2021-07-06 11:00:05 +01:00
Erik Johnston
7a5873277e
Add support for evicting cache entries based on last access time. ( #10205 )
2021-07-05 16:32:12 +01:00
Brendan Abolivier
10671da05b
Fix bad link in modules documentation ( #10302 )
...
Fix link in modules doc to point at instructions on registering a callback instead of ones on registering a web resource.
2021-07-02 13:20:43 +02:00
Patrick Cloke
8d609435c0
Move methods involving event authentication to EventAuthHandler. ( #10268 )
...
Instead of mixing them with user authentication methods.
2021-07-01 14:25:37 -04:00
Richard van der Hoff
0aab50c772
fix ordering of bg update ( #10291 )
...
this was a typo introduced in #10282 . We don't want to end up doing the
`replace_stream_ordering_column` update after anything that comes up in
migration 60/03.
2021-07-01 18:45:55 +01:00
Erik Johnston
e72c287418
Reenable 'Backfilled events whose prev_events...' sytest ( #10292 )
...
Now that we've fixed it.
2021-07-01 12:21:58 +01:00
Dirk Klimpel
6c02cca95f
Add SSO external_ids
to Query User Account admin API ( #10261 )
...
Related to #10251
2021-07-01 11:26:24 +02:00
Erik Johnston
76addadd7c
Add some metrics to staging area ( #10284 )
2021-07-01 10:18:25 +01:00
Andrew Morgan
04c8f308f4
Fix the homeserver config example in presence router docs ( #10288 )
...
The presence router docs include some sample homeserver config. At some point we changed the name of the [config option](859dc05b36/docs/sample_config.yaml (L104-L113)
), but forgot to update the docs.
I've also added `presence.enabled: true` to the example, as that's the new way to enable presence (the `presence_enabled` option has been deprecated).
2021-06-30 23:43:58 +01:00
Richard van der Hoff
b6dbf89fae
Change more stream_ordering columns to BIGINT ( #10286 )
2021-06-30 17:27:20 +01:00
Richard van der Hoff
859dc05b36
Rebuild other indexes using stream_ordering
( #10282 )
...
We need to rebuild *all* of the indexes that use the current `stream_ordering`
column.
2021-06-30 15:01:24 +01:00
Erik Johnston
e6f5b9359f
Merge branch 'master' into develop
2021-06-30 14:57:33 +01:00
Erik Johnston
c45246153f
Fixup changelog
2021-06-30 14:47:06 +01:00
Erik Johnston
ad36cb3588
Add note to changelog
2021-06-30 14:45:09 +01:00
Erik Johnston
f193034d59
1.37.1
2021-06-30 12:24:13 +01:00
Patrick Cloke
aaf7d1acb8
Correct type hints for synapse.event_auth. ( #10253 )
2021-06-30 07:08:42 -04:00
Erik Johnston
329ef5c715
Fix the inbound PDU metric ( #10279 )
...
This broke in #10272
2021-06-30 12:07:16 +01:00
Richard van der Hoff
bc5589a1bb
Merge branch 'release-v1.37' into develop
2021-06-29 21:48:24 +01:00
Richard van der Hoff
d561367c18
1.37.1rc1
2021-06-29 21:39:30 +01:00
Richard van der Hoff
785bceef72
Merge branch 'release-v1.37' into develop
2021-06-29 20:25:47 +01:00
Richard van der Hoff
ba9b744bb2
Update newsfiles
2021-06-29 20:02:39 +01:00
Richard van der Hoff
f99e9cc2da
v1.37.1a1
2021-06-29 19:58:25 +01:00
Richard van der Hoff
c0bebd00ef
Merge remote-tracking branch 'origin/erikj/async_federation_base_branch' into release-v1.37
2021-06-29 19:55:55 +01:00
Erik Johnston
c54db67d0e
Handle inbound events from federation asynchronously ( #10272 )
...
Fixes #9490
This will break a couple of SyTest that are expecting failures to be added to the response of a federation /send, which obviously doesn't happen now that things are asynchronous.
Two drawbacks:
Currently there is no logic to handle any events left in the staging area after restart, and so they'll only be handled on the next incoming event in that room. That can be fixed separately.
We now only process one event per room at a time. This can be fixed up further down the line.
2021-06-29 19:55:22 +01:00
Erik Johnston
85d237eba7
Add a distributed lock ( #10269 )
...
This adds a simple best effort locking mechanism that works cross workers.
2021-06-29 19:15:47 +01:00
Patrick Cloke
f55836929d
Do not recurse into non-spaces in the spaces summary. ( #10256 )
...
Previously m.child.room events in non-space rooms would be
treated as part of the room graph, but this is no longer
supported.
2021-06-29 12:00:04 -04:00
Richard van der Hoff
7647b0337f
Fix populate_stream_ordering2
background job ( #10267 )
...
It was possible for us not to find any rows in a batch, and hence conclude that
we had finished. Let's not do that.
2021-06-29 12:43:36 +01:00
Richard van der Hoff
60efc51a2b
Migrate stream_ordering to a bigint ( #10264 )
...
* Move background update names out to a separate class
`EventsBackgroundUpdatesStore` gets inherited and we don't really want to
further pollute the namespace.
* Migrate stream_ordering to a bigint
* changelog
2021-06-29 11:25:34 +01:00
Richard van der Hoff
a0ed0f363e
Soft-fail spammy events received over federation ( #10263 )
2021-06-29 11:08:06 +01:00
Brendan Abolivier
3d370efc6d
Merge branch 'master' into develop
2021-06-29 10:20:38 +01:00
Brendan Abolivier
88f9e8d62e
Move deprecation notices to the top of the changelog
2021-06-29 10:16:43 +01:00
Brendan Abolivier
cdf569e468
1.37.0
2021-06-29 10:15:34 +01:00
Patrick Cloke
0555d7b0dc
Add additional types to the federation transport server. ( #10213 )
2021-06-28 07:36:41 -04:00
Felix Kronlage-Dammers
717f73c411
Adjust the URL in the README.rst file to point to LiberaChat instead of freenode ( #10258 )
2021-06-28 11:07:25 +02:00
Andrew Morgan
f0e02f5df2
Create an index.html file when generating a docs build ( #10242 )
...
Currently when a new build of the docs is created, an `index.html` file does not exist. Typically this would be generated from a`docs/README.md` file - which we have - however we're currently using [docs/README.md](394673055d/docs/README.md
) to explain the docs and point to the website. It is not part of the content of the website. So we end up not having an `index.html` file, which will result in a 404 page if one tries to navigate to `https://matrix-org.github.io/synapse/ <docs_version>/index.html`.
This isn't a really problem for the default version of the documentation (currently `develop`), as [navigating to the top-level root](https://matrix-org.github.io/synapse/ ) of the website (without specifying a version) will [redirect](a77e6925f2/index.html (L2)
) you to the Welcome and Overview page of the `develop` docs version.
However, ideally once we add a GUI for switching between versions, we'll want to send the user to `matrix-org.github.io/synapse/<version>/index.html`, which currently isn't generated.
This PR modifies the CI that builds the docs to simply copy the rendered [Welcome & Overview page](https://matrix-org.github.io/synapse/develop/welcome_and_overview.html ) to `index.html`.
2021-06-24 18:00:56 +01:00
Richard van der Hoff
8165ba48b1
Return errors from send_join
etc if the event is rejected ( #10243 )
...
Rather than persisting rejected events via `send_join` and friends, raise a 403 if someone tries to pull a fast one.
2021-06-24 16:00:08 +01:00
Richard van der Hoff
6e8fb42be7
Improve validation for send_{join,leave,knock}
( #10225 )
...
The idea here is to stop people sending things that aren't joins/leaves/knocks through these endpoints: previously you could send anything you liked through them. I wasn't able to find any security holes from doing so, but it doesn't sound like a good thing.
2021-06-24 15:30:49 +01:00
Quentin Gliech
bd4919fb72
MSC2918 Refresh tokens implementation ( #9450 )
...
This implements refresh tokens, as defined by MSC2918
This MSC has been implemented client side in Hydrogen Web: vector-im/hydrogen-web#235
The basics of the MSC works: requesting refresh tokens on login, having the access tokens expire, and using the refresh token to get a new one.
Signed-off-by: Quentin Gliech <quentingliech@gmail.com>
2021-06-24 14:33:20 +01:00
Brendan Abolivier
763dba77ef
Synapse 1.37.0rc1 (2021-06-24)
...
==============================
This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface ) for more information on how to update to the new generic module interface.
This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html ) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/ )) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings.
Features
--------
- Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403 ). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739 ), [\#9359](https://github.com/matrix-org/synapse/issues/9359 ), [\#10167](https://github.com/matrix-org/synapse/issues/10167 ), [\#10212](https://github.com/matrix-org/synapse/issues/10212 ), [\#10227](https://github.com/matrix-org/synapse/issues/10227 ))
- Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716 )). ([\#9247](https://github.com/matrix-org/synapse/issues/9247 ))
- Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062 ), [\#10206](https://github.com/matrix-org/synapse/issues/10206 ))
- Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108 ))
- Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191 ))
Bugfixes
--------
- Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115 ))
- Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154 ))
- Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157 ), [\#10158](https://github.com/matrix-org/synapse/issues/10158 ))
- Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175 ))
- Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184 ))
- Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195 ))
- Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208 ))
- Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221 ))
Improved Documentation
----------------------
- Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436 ))
- Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122 ))
- Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180 ))
- Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198 ))
Deprecations and Removals
-------------------------
- The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface ) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062 ), [\#10210](https://github.com/matrix-org/synapse/issues/10210 ), [\#10238](https://github.com/matrix-org/synapse/issues/10238 ))
- Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161 ))
- Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html ) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/ )) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194 ))
Internal Changes
----------------
- Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933 ))
- Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080 ))
- Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134 ), [\#10193](https://github.com/matrix-org/synapse/issues/10193 ))
- Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143 ))
- Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144 ))
- Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145 ))
- Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148 ))
- Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155 ))
- Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156 ))
- Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160 ))
- Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164 ))
- Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168 ))
- Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183 ))
- Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188 ))
- Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083 ) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189 ))
- Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190 ))
- Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197 ))
- Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199 ))
-----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdVkXOgzrGzds0jtrHgFcFF8ZFs0FAmDUW7UACgkQHgFcFF8Z
Fs1ZfQ//bSyzg9mB7F43JdVBH9cpGups3Ur6nmsqE608/i/OEtomx9kTZsoN/9AO
j6WoM1bhJ3j9hoE63w4DIPVhBrojtwmYWeFrRvpRVlwTzZPhfij1nIH9pPrNVwd6
/LE0uA1kW5sDZCTiOhrz84BBBz6knjBH4otl+MDDdrszYixoP3i3SrrZVJAEYyGz
Dpw2OudpoOtMdGyzFMr2ewf2mQm5UFEPs9MT0AqhQJMjyM1lJYzrq3Obv1oTdCJq
BdLx6kMhK8+MbZPrcqIMXgSMHLYeQYeJOrdTzuCozFo0DSblThpW//aa21+sZtPx
dnIE0PpjAsm2Qg1II3EUX+YycYpI5KPhMq0ydEmUD7vTuGgJCKqAV3FBRwMlF2VE
9SOr8Mjd1ip03dHz2vlg38OlrFJ52P0e1RDZwlDtWfeJjZGZ4W6VjMhT7H/Z5USg
2J1FRPTD8E9w8wBOkjVcl76Lj6AY1KU36/ZLoYUbtrt58XYfkD4OzZmAxdJrqbMg
na5T9bd9iM8vWditU+vncxU+c7Bkn55GFyDVMQYl8QtXzBvnbv8gQilGwJLkncZJ
MreQ3OIBPbLNcHml56nmmY+ab+AtrIxuFl0UcZu+LGW8+lN+UZ9G9q0NFO3HbAWN
/LuhCVpO42SLAuLlIhnO3mcHM5jzZodKIa6oXpcMS2jv0nylQWo=
=MtOo
-----END PGP SIGNATURE-----
gpgsig -----BEGIN PGP SIGNATURE-----
iQIzBAABCAAdFiEEdVkXOgzrGzds0jtrHgFcFF8ZFs0FAmDUXG8ACgkQHgFcFF8Z
Fs2buxAAg7X4mYKHwlWLn2n2W6bUKY24HAnjtzMrNW76xIHXBJJiJMnhQD3MSKVd
uiUdolc+Tt3drJYOJyurP8R3YI0OuEVbSL0Krs8f3l6jNOU0Gy7YQzc6XUHnA42J
rb6mU8gMdCusk9RHHr1r+sBefwzmxTk4naCkw2n5i+r4ZfNparJK7H9yXCPoedUN
VBZi9f09jaUIm1SiHgK24sW9XfE6ifjdVg+E/r599v2eHJxtCTHUasH9TCAFD8KL
g17NtAP95+SQWPGwUXJFZYcVee+pGbylXuwP0RXXmMvyOWVKloI0LE6phGyLQ5cH
rMRagIkvVLMdYagaX8Tf47hNLVCXRJpuryxMgY3+5fx0O7lCMXlC3mDfs9zze+Fj
KXmJtVy/vpd+zpjQw+HHPnL1dDzsKnDqLFXFCj9Sjv6A/ruckxwWofuh0z83dYtv
1Abp8k7gVTVGZqLGPo8gRoqI2jQhWDvmJd+crb05qp86SzCz1sCma2ujWQtv3c1t
6aQpfmGMhFPp+hS2lS8AcyxK4vq+GudtXUOgzdqCNvIs+eJAV5cq6uufLIy6c2XR
FAR7UowoAoDvqTdD7+i5nHEjbudjjN5KgPXlO3a9+gG5jOR3IsOLZ8FVN0ML6qIJ
wzl0wM9YIlxyleMlWb0l4CFNDKrGJVhWgOupruHS+D5jfZQsZ3g=
=AjRf
-----END PGP SIGNATURE-----
Merge tag 'v1.37.0rc1' into develop
Synapse 1.37.0rc1 (2021-06-24)
==============================
This release deprecates the current spam checker interface. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface ) for more information on how to update to the new generic module interface.
This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html ) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/ )) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings.
Features
--------
- Implement "room knocking" as per [MSC2403](https://github.com/matrix-org/matrix-doc/pull/2403 ). Contributed by @Sorunome and anoa. ([\#6739](https://github.com/matrix-org/synapse/issues/6739 ), [\#9359](https://github.com/matrix-org/synapse/issues/9359 ), [\#10167](https://github.com/matrix-org/synapse/issues/10167 ), [\#10212](https://github.com/matrix-org/synapse/issues/10212 ), [\#10227](https://github.com/matrix-org/synapse/issues/10227 ))
- Add experimental support for backfilling history into rooms ([MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716 )). ([\#9247](https://github.com/matrix-org/synapse/issues/9247 ))
- Implement a generic interface for third-party plugin modules. ([\#10062](https://github.com/matrix-org/synapse/issues/10062 ), [\#10206](https://github.com/matrix-org/synapse/issues/10206 ))
- Implement config option `sso.update_profile_information` to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. ([\#10108](https://github.com/matrix-org/synapse/issues/10108 ))
- Ensure that errors during startup are written to the logs and the console. ([\#10191](https://github.com/matrix-org/synapse/issues/10191 ))
Bugfixes
--------
- Fix a bug introduced in Synapse v1.25.0 that prevented the `ip_range_whitelist` configuration option from working for federation and identity servers. Contributed by @mikure. ([\#10115](https://github.com/matrix-org/synapse/issues/10115 ))
- Remove a broken import line in Synapse's `admin_cmd` worker. Broke in Synapse v1.33.0. ([\#10154](https://github.com/matrix-org/synapse/issues/10154 ))
- Fix a bug introduced in Synapse v1.21.0 which could cause `/sync` to return immediately with an empty response. ([\#10157](https://github.com/matrix-org/synapse/issues/10157 ), [\#10158](https://github.com/matrix-org/synapse/issues/10158 ))
- Fix a minor bug in the response to `/_matrix/client/r0/user/{user}/openid/request_token` causing `expires_in` to be a float instead of an integer. Contributed by @lukaslihotzki. ([\#10175](https://github.com/matrix-org/synapse/issues/10175 ))
- Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. ([\#10184](https://github.com/matrix-org/synapse/issues/10184 ))
- Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @heftig. ([\#10195](https://github.com/matrix-org/synapse/issues/10195 ))
- Fix a bug introduced in Synapse v1.35.1 where an `allow` key of a `m.room.join_rules` event could be applied for incorrect room versions and configurations. ([\#10208](https://github.com/matrix-org/synapse/issues/10208 ))
- Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. ([\#10221](https://github.com/matrix-org/synapse/issues/10221 ))
Improved Documentation
----------------------
- Add a new guide to decoding request logs. ([\#8436](https://github.com/matrix-org/synapse/issues/8436 ))
- Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @aaronraimist. ([\#10122](https://github.com/matrix-org/synapse/issues/10122 ))
- Fix broken links in documentation. ([\#10180](https://github.com/matrix-org/synapse/issues/10180 ))
- Deploy a snapshot of the documentation website upon each new Synapse release. ([\#10198](https://github.com/matrix-org/synapse/issues/10198 ))
Deprecations and Removals
-------------------------
- The current spam checker interface is deprecated in favour of a new generic modules system. See the [upgrade notes](https://matrix-org.github.io/synapse/develop/upgrade#deprecation-of-the-current-spam-checker-interface ) for more information on how to update to the new system. ([\#10062](https://github.com/matrix-org/synapse/issues/10062 ), [\#10210](https://github.com/matrix-org/synapse/issues/10210 ), [\#10238](https://github.com/matrix-org/synapse/issues/10238 ))
- Stop supporting the unstable spaces prefixes from MSC1772. ([\#10161](https://github.com/matrix-org/synapse/issues/10161 ))
- Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a [reverse proxy](https://matrix-org.github.io/synapse/develop/reverse_proxy.html ) to handle TLS termination, or use an external ACME client (such as [certbot](https://certbot.eff.org/ )) to retrieve a certificate and key and provide them to Synapse using the `tls_certificate_path` and `tls_private_key_path` configuration settings. ([\#10194](https://github.com/matrix-org/synapse/issues/10194 ))
Internal Changes
----------------
- Update the database schema versioning to support gradual migration away from legacy tables. ([\#9933](https://github.com/matrix-org/synapse/issues/9933 ))
- Add type hints to the federation servlets. ([\#10080](https://github.com/matrix-org/synapse/issues/10080 ))
- Improve OpenTracing for event persistence. ([\#10134](https://github.com/matrix-org/synapse/issues/10134 ), [\#10193](https://github.com/matrix-org/synapse/issues/10193 ))
- Clean up the interface for injecting OpenTracing over HTTP. ([\#10143](https://github.com/matrix-org/synapse/issues/10143 ))
- Limit the number of in-flight `/keys/query` requests from a single device. ([\#10144](https://github.com/matrix-org/synapse/issues/10144 ))
- Refactor EventPersistenceQueue. ([\#10145](https://github.com/matrix-org/synapse/issues/10145 ))
- Document `SYNAPSE_TEST_LOG_LEVEL` to see the logger output when running tests. ([\#10148](https://github.com/matrix-org/synapse/issues/10148 ))
- Update the Complement build tags in GitHub Actions to test currently experimental features. ([\#10155](https://github.com/matrix-org/synapse/issues/10155 ))
- Add a `synapse_federation_soft_failed_events_total` metric to track how often events are soft failed. ([\#10156](https://github.com/matrix-org/synapse/issues/10156 ))
- Fetch the corresponding complement branch when performing CI. ([\#10160](https://github.com/matrix-org/synapse/issues/10160 ))
- Add some developer documentation about boolean columns in database schemas. ([\#10164](https://github.com/matrix-org/synapse/issues/10164 ))
- Add extra logging fields to better debug where events are being soft failed. ([\#10168](https://github.com/matrix-org/synapse/issues/10168 ))
- Add debug logging for when we enter and exit `Measure` blocks. ([\#10183](https://github.com/matrix-org/synapse/issues/10183 ))
- Improve comments in structured logging code. ([\#10188](https://github.com/matrix-org/synapse/issues/10188 ))
- Update [MSC3083](https://github.com/matrix-org/matrix-doc/pull/3083 ) support with modifications from the MSC. ([\#10189](https://github.com/matrix-org/synapse/issues/10189 ))
- Remove redundant DNS lookup limiter. ([\#10190](https://github.com/matrix-org/synapse/issues/10190 ))
- Upgrade `black` linting tool to 21.6b0. ([\#10197](https://github.com/matrix-org/synapse/issues/10197 ))
- Expose OpenTracing trace id in response headers. ([\#10199](https://github.com/matrix-org/synapse/issues/10199 ))
2021-06-24 11:20:28 +01:00
Brendan Abolivier
bb472f3a94
Incorportate review comments
2021-06-24 11:14:46 +01:00
Brendan Abolivier
7e0cd502c7
Fix date in changelog
2021-06-24 10:59:45 +01:00
Brendan Abolivier
acac4535c5
Tweak changelog
2021-06-24 10:58:08 +01:00
Andrew Morgan
7f25d73859
Convert UPGRADE.rst to markdown ( #10166 )
...
This PR:
* Converts UPGRADE.rst to markdown and moves the contents into the `docs/` directory.
* Updates the contents of UPGRADE.rst to point to the website instead.
* Updates links around the codebase that point to UPGRADE.rst.
`pandoc` + some manual editing was used to convert from RST to md.
2021-06-23 16:57:57 +01:00
Brendan Abolivier
d731ed70d9
Fixes to the release script ( #10239 )
...
* rename major/minor into the right semver terminology minor/patch (since this was something that got me very confused the first couple of times I've used the script)
* name the release branch based on the new version, not the previous one
2021-06-23 17:55:26 +02:00
Brendan Abolivier
c955e37868
Fix wrapping of legacy check_registration_for_spam ( #10238 )
...
Fixes #10234
2021-06-23 17:22:08 +02:00
Andrew Morgan
394673055d
Re-introduce "Leave out optional keys from /sync" change ( #10214 )
...
Required some fixes due to merge conflicts with #6739 , but nothing too hairy. The first commit is the same as the original (after merge conflict resolution) then two more for compatibility with the latest sync code.
2021-06-23 15:57:41 +01:00
Brendan Abolivier
e19e3d452d
Improve the reliability of auto-joining remote rooms ( #10237 )
...
If a room is remote and we don't have a user in it, always try to join it. It might fail if the room is invite-only, but we don't have a user to invite with, so at this point it's the best we can do.
Fixes #10233 (at least to some extent)
2021-06-23 16:14:52 +02:00
Richard van der Hoff
8beead66ae
Send out invite rejections and knocks over federation ( #10223 )
...
ensure that events sent via `send_leave` and `send_knock` are sent on to
the rest of the federation.
2021-06-23 12:54:50 +01:00
Michael[tm] Smith
27c06a6e06
Drop Origin & Accept from Access-Control-Allow-Headers value ( #10114 )
...
* Drop Origin & Accept from Access-Control-Allow-Headers value
This change drops the Origin and Accept header names from the value of the
Access-Control-Allow-Headers response header sent by Synapse. Per the CORS
protocol, it’s not necessary or useful to include those header names.
Details:
Per-spec at https://fetch.spec.whatwg.org/#forbidden-header-name , Origin
is a “forbidden header name” set by the browser and that frontend
JavaScript code is never allowed to set.
So the value of Access-Control-Allow-Headers isn’t relevant to Origin or
in general to other headers set by the browser itself — the browser
never ever consults the Access-Control-Allow-Headers value to confirm
that it’s OK for the request to include an Origin header.
And per-spec at https://fetch.spec.whatwg.org/#cors-safelisted-request-header ,
Accept is a “CORS-safelisted request-header”, which means that browsers
allow requests to contain the Accept header regardless of whether the
Access-Control-Allow-Headers value contains "Accept".
So it’s unnecessary for the Access-Control-Allow-Headers to explicitly
include Accept. Browsers will not perform a CORS preflight for requests
containing an Accept request header.
Related: https://github.com/matrix-org/matrix-doc/pull/3225
Signed-off-by: Michael[tm] Smith <mike@w3.org>
2021-06-23 11:25:03 +01:00