New matrix.org Security Disclosure Policy and moderation pages
Check out the Matrix Official Security Disclosure Policy, which also features a "Hall of Fame": https://matrix.org/security-disclosure-policy/
We also have an official moderation guide now at https://matrix.org/docs/guides/moderation
Work progresses on reactions support, expect a more formal MSC rsn, but for check out https://github.com/matrix-org/matrix-doc/blob/matthew/msc1849/proposals/1849-aggregations.md for more details. Aside from that we now have an API to send server notices, support is coming for blacklisting IP ranges for federation traffic and finally we published a security disclosure policy and hall of fame https://matrix.org/security-disclosure-policy/. We’ve also been tracking down some device management bugs that prevent e2e message decryption as well as fixing some security bugs.
More reactions work, device management bug hunting and server key validity support.
- Olm 3.1.2 bugfix release.
- Pantalaimon: Initial SAS support through panctl http://webmshare.com/play/QeBY1
- Pantalaimon: Support for sending out key requests.
There are some BIG (capital and bold!) client releases this week, let's take a look
Quaternion is now officially at version 0.0.9.4! Optional native scrollbar for the timeline, files uploading, initial support of matrix.to links (the foundation for future Matrix URIs), first complete translations, and much much more - the long list is here: https://github.com/QMatrixClient/Quaternion/releases/tag/0.0.9.4. Packagers are advised to take a look at the building and packaging section of the release notes: there are a few updates for you there.
A new version of Spectral is released on Flathub this week! The last release is half a year ago, and there are a lot of changes since then, including a better UI, bug fixes and performance improvements.
Increase minimum Qt version to 5.12.
Emoji and username auto completion in text input.
Respect server-side notification settings.
Fix font size in HiDPI.
Improved reply UI/UX and rich reply UI.
Sending/receiving typing notifications.
Switch to hoedown for parsing markdown.
Display notification count.
Fix #2(Room/People separator issue).
Infer device name from system information.
And of course various performance improvements. For my account Spectral takes ~35MB RAM initially, compared to 45~50MB before.
Pattle new release
Wilko came to announce a new Pattle release, that's the Flutter client:
A new release of Pattle has been pushed to F-droid! Lots of different changes this release, including:
- Viewing images!
- Actual local echo (message is immediately placed in the timeline)
- Sent state indicators are now shown next to the message time (clock for still being sent and a checkmark for sent)
- Show member change events! (x has joined, left, invited, etc)
- Thumbnails are now used for chat avatars, which should improve performance a bit
- Other small fixes :)
Check out a video demo at here.
yuforia reports that:
This week in continuum:
- Remove support for embedded webview and open external browsers when necessary instead. Many users actually prefer it this way. And dependency on a fairly large native module is gone.
- Improvements on the emoji input. Removed some style classes and tweaked some sizes to make the appearance more compact and flat. https://matrix.org/_matrix/media/v1/download/matrix.org/PvFFPAvoDhiHghsyeJnWVyAK
Initial UI work on reactions and editing, nothing useable yet though.
- Release of 0.8.5 :
- Grouped notifications
- Interactive device verification (by emoji)
- WebRTC and Jitsi libs updates
- min iOS version is now 10 (Jitsi constraints)
- Initial UI work on reactions, nothing useable yet though.
Benoit from the Riot team:
- CI has been configured on Buildkite for the Android matrix sdk, riot and riotx.
- The Android sdk can now be integrate as a grate dependency via Jitpack.
- Riot 0.9.1 has been released with sas feature included! Device verification is easier with riot web and riot Android users, soon with riot ios users. Will be on production channel on Monday.
- We have finally pushed the security fix on GH.
- Also working on the crypto modularization to integrate it on RiotX.
- We will concentrate our effort on RiotX now
- Working on reactions
matrix-appservice-discord searching for a new maintainer
Sorunome reports that:
We (matrix-appservice-discord) are looking for a new maintainer!
What are we looking for in a maintainer?
You wouldn't have to be super active, however a few minutes per day would be greatly appreciated. You'd be responsible of reviewing PRs! Because of this not being afraid of Typescript and not being afraid of Discord is required - no need to be at pro-level!
So we are basically looking for someone who can help us look over PRs and maybe do some themself. If you think you are interested, please message us in our matrix room!
Bridging Facebook Messenger
I made a new Facebook Messenger bridge: https://github.com/tulir/mautrix-facebook / #facebook:maunium.net. Currently the main difference to matrix-puppet-facebook is multi-user support like my WhatsApp and Telegram bridges. The bridge is Python and the code structure is similar to mautrix-telegram, so I'll probably eventually create a generic bridge library out of the common parts.
SDKs and Frameworks
Ananace reports that:
Working on the Ruby SDK again, planning to try and get it to the point where I feel comfortable calling it a provisionary 1.0 release. I want to propose additions to various software using it after all, and that tends to look better if it's 1.0 - or close. 😃
That's all I know
That's all for this week folks, come chat in #twim:matrix.org for more, or to share what you've been working on.
The Foundation needs you
The Matrix.org Foundation is a non-profit and only relies on donations to operate. Its core mission is to maintain the Matrix Specification, but it does much more than that.
It maintains the matrix.org homeserver and hosts several bridges for free. It fights for our collective rights to digital privacy and dignity.Support us