It's that time again: there's a new Synapse release, fresh out of the oven! Let's take a look at what's inside Synapse 1.64.
Delegating email verification is now deprecated
Synapse 1.4.0
introduced a configuration option (account_threepid_delegates.email
) to allow
homeservers to delegate validating the ownership of email addresses to an
external identity server. This validation is used by Synapse when adding an
email address to a Matrix account, or before performing a password reset.
As of Synapse 1.64, this option is deprecated, and Synapse will print a warning if it is used. This is because this option relies on old API endpoints that have since been removed from the Matrix specification.
Synapse can do this validation internally provided it is configured with details
of an SMTP server. Administrators currently relying on
account_threepid_delegates.email
should therefore ensure that an SMTP server
is correctly configured, and remove the account_threepid_delegates.email
option. See the configuration
guide
for more information.
We plan to fully remove this configuration option in Synapse 1.66, which is expected to be released on August 30th.
Note that the equivalent option to validate the ownership of phone numbers
(account_threepid_delegates.msisdn
) can still be used, though we expect to
deprecate it in a future release of Synapse.
Improved TLS support for sending emails
When configuring an SMTP server to use to send out emails to users, server administrators can configure Synapse to use TLS to communicate to that server. Until now, only STARTTLS was supported in this case.
Synapse 1.64 introduces a new force_tls
configuration option in the email
section of the configuration file. If this new setting is set to true
Synapse
will use TLS for the initial connection rather than upgrading via STARTTLS.
See the configuration guide for more information.
Memory leak in frozendict
A couple of weeks ago, we
identified a
memory leak within frozendict, which is
a library that Synapse relies on. This would in turn cause Synapse instances to
slowly leak memory when processing /sync
requests.
We highly encourage server administrators who installed Synapse via pip
to
upgrade their local version of frozendict
to version 2.3.3 or later, which
includes a fix to this issue. The Docker image matrixdotorg/synapse
and the
Debian packages from packages.matrix.org
already include the updated library.
Everything else
This version of Synapse introduces support for room version 10! This new room
version enables support for the new knock_restricted
join rule, to allow
knocking into rooms which are otherwise restricted to members of a specific room
(or space). See the Matrix specification about room version
10 for more information.
Additionally, Synapse 1.64 features a new rate limiter to limit the rate of joins to the same room. It is intended as a mitigation against abuse scenarios involving joining a lot of users from different homeservers to a room to then send spam across it. See the configuration guide for more information.
This release of Synapse also extends the List Rooms and Room Details admin APIs to include the type of a room in responses, allowing server administrators to differentiate spaces from other rooms.
See the full changelog for a complete list of changes in this release. Also please have a look at the upgrade notes for this version.
Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Beeper, andrewdoh, Thomas Weston, jejo86, villepeh, Jörg Behrmann and Jacek Kuśnierz, as well as anyone helping us make Synapse better by sharing their feedback and reporting issues.
The Foundation needs you
The Matrix.org Foundation is a non-profit and only relies on donations to operate. Its core mission is to maintain the Matrix Specification, but it does much more than that.
It maintains the matrix.org homeserver and hosts several bridges for free. It fights for our collective rights to digital privacy and dignity.
Support us