For Synapse admins, this release support generating structured logs via the standard logging configuration (#8607, #8685). This may require changing your synapse configuration; see the upgrade notes for more information.
We've also added many new Admin APIs, contributed by @dklimpel:
Add API to get information about uploaded media (#8647)
Make it possible to delete files that were not used for a defined time (#8519)
Split API for reported events into detail and list endpoints. This is a breaking change to #8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts (#8539)
Allow server admins to list users' notification pushers (#8610, #8689)
Lastly, Synapse 1.23.0 addresses some significant bugs, including regressions in the SQLite-to-PostgreSQL database porting script (#8729, #8730, #8755) and an issue which could prevent Synapse from recovering after losing its connection to its database (#8726). Synapse will also reject ACL modifications from clients which would otherwise cause a server to ban itself from a room (#8708).
Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including @chagai95 and @dklimpel.
The full changelog for 1.23.0 is as follows:
Synapse 1.23.0 (2020-11-18)
This release changes the way structured logging is configured. See the upgrade notes for details.
Note: We are aware of a trivially exploitable denial of service vulnerability in versions of Synapse prior to 1.20.0. Complete details will be disclosed on Monday, November 23rd. If you have not upgraded recently, please do so.
Fix a dependency versioning bug in the Dockerfile that prevented Synapse from starting. (#8767)
Synapse 1.23.0rc1 (2020-11-13)
Add a push rule that highlights when a jitsi conference is created in a room. (#8286)
Add an admin api to delete a single file or files that were not used for a defined time from server. Contributed by @dklimpel. (#8519)
Split admin API for reported events (GET /_synapse/admin/v1/event_reports) into detail and list endpoints. This is a breaking change to #8217 which was introduced in Synapse v1.21.0. Those who already use this API should check their scripts. Contributed by @dklimpel. (#8539)
Support generating structured logs via the standard logging configuration. (#8607, #8685)
Add an admin API to allow server admins to list users' pushers. Contributed by @dklimpel. (#8610, #8689)
Add an admin API GET /_synapse/admin/v1/users/<user_id>/media to get information about uploaded media. Contributed by @dklimpel. (#8647)
Add an admin API for local user media statistics. Contributed by @dklimpel. (#8700)
Add displayname to Shared-Secret Registration for admins. (#8722)
Fix fetching of E2E cross signing keys over federation when only one of the master key and device signing key is cached already. (#8455)
Fix a bug where Synapse would blindly forward bad responses from federation to clients when retrieving profile information. (#8580)
Fix a bug where the account validity endpoint would silently fail if the user ID did not have an expiration time. It now returns a 400 error. (#8620)
Fix email notifications for invites without local state. (#8627)
Fix handling of invalid group IDs to return a 400 rather than log an exception and return a 500. (#8628)
Fix handling of User-Agent headers that are invalid UTF-8, which caused user agents of users to not get correctly recorded. (#8632)
Fix a bug in the joined_rooms admin API if the user has never joined any rooms. The bug was introduced, along with the API, in v1.21.0. (#8643)
Fix exception during handling multiple concurrent requests for remote media when using multiple media repositories. (#8682)
Fix bug that prevented Synapse from recovering after losing connection to the database. (#8726)
Fix bug where the /_synapse/admin/v1/send_server_notice API could send notices to non-notice rooms. (#8728)
Fix PostgreSQL port script fails when DB has no backfilled events. Broke in v1.21.0. (#8729)
Fix PostgreSQL port script to correctly handle foreign key constraints. Broke in v1.21.0. (#8730)
Fix PostgreSQL port script so that it can be run again after a failure. Broke in v1.21.0. (#8755)
Instructions for Azure AD in the OpenID Connect documentation. Contributed by peterk. (#8582)
Improve the sample configuration for single sign-on providers. (#8635)
Fix the filepath of Dex's example config and the link to Dex's Getting Started guide in the OpenID Connect docs. (#8657)