Matrix logo

This Week in Matrix 2022-05-27

27.05.2022 00:00 — This Week in Matrix Brendan Abolivier

Hey everyone! Thib is out today, so I'll be exceptionally hosting TWIM in his stead this week. Let's have a look at what's been going on in Matrix-land!

Open Tech Will Save Us #16 🎙

The 16th edition of our virtual meetup Open Tech Will Save Us happened this week! This edition featured a few very interesting projects:

  • Quentin and Maximilien from Deuxfleurs are creating Garage, a robust and distributed storage backend that can run on old computers. Who can use it? Why? And when should I not use it? Let's find out!
  • Nathan from the Guardian Project is working with wind, butter, and rasperries to provide applications and messaging to people in low-connectivity areas. A fascinating dive off the grid.

Dept of Status of Matrix 🌡️

andybalaam says

Matrix's Outreachy intern for this summer has been chosen! Usman is starting in early June, and will be working on experiments with Starring Messages! He will be blogging every two weeks, so look out for more updates.

Dept of Spec 📜

Andrew Morgan (anoa) reports

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

Merged MSCs:

  • No MSCs were merged this week.

Spec Updates

The upcoming release of Matrix v1.3 is still in the works, but near! Expect a solid release date to be announced next week.

Random MSC of the Week

The random MSC of the week is... MSC2872: Move the widget title to the top level of the definition!

A bite-size MSC which aims to clean up the definition of a widget state event... by moving the "title" field to the root of the state event, alongside the existing "name" field.

This MSC needs someone to write an implementation in at least one homeserver and client to move forwards. Perhaps that someone could be you?

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

squah reports

This week we cut two release candidates for Synapse v1.60, which include:

Meanwhile work continues on fast room joins and testing Synapse with workers on Complement. We'd like to remind readers that the fast room joins feature is highly experimental right now and we do not recommend enabling it on production homeservers just yet.

Synapse admin scripts (website)

Pierre announces

Morning, maybe it's useful for someone else, I just published my admin scripts for synapse. It's still WiP but it make some basic stuff that I needed in my organisation :

  • System notify users (all users/users from a list, specific user)
  • delete sessions/devices not seen for X days
  • purge the remote media cache
  • select rooms with various criteria (external/local/empty/created by/encrypted/cleartext)
  • purge history of theses rooms
  • shutdown rooms

https://git.fout.re/pi/matrixadminhelpers

It's my first python project, so the code may not structured as it should, I'm still learning, and it's early alpha :)

Dendrite (website)

Second generation Matrix homeserver

neilalexander says

This week we released Dendrite 0.8.6 which contains a number of fixes and tweaks:

  • Room versions 8 and 9 are now marked as stable
  • Dendrite can now assist remote users to join restricted rooms via /make_join and /send_join
  • The sync API no longer returns immediately on /sync requests unnecessarily if it can be avoided
  • A race condition has been fixed in the sync API when updating presence via /sync
  • A race condition has been fixed sending E2EE keys to remote servers over federation when joining rooms
  • The trusted_private_chat preset should now grant power level 100 to all participant users, which should improve the user experience of direct messages
  • Invited users are now authed correctly in restricted rooms
  • The join_authorised_by_users_server key is now correctly stripped in restricted rooms when updating the membership event
  • Appservices should now receive invite events correctly
  • Device list updates should no longer contain optional fields with null values
  • The /deactivate endpoint has been fixed to no longer confuse Element with incorrect completed flows

As always, please feel free to join us in the #dendrite:matrix.org room for more discussion!

Dept of Clients 📱

Nheko (website)

Desktop client for Matrix using Qt and C++17.

Nico announces

We added a way to edit permissions in Nheko now. It is an unconventional drag and drop dialog, where you drag users and permissions between different roles. We are hoping that this will make powerlevels easier to understand. Be careful when trying it, the wrong powerlevels might make your room unusable. Now... the bad part about that is, that powerlevels add around 50-100 new strings to translate... Help is appreciated! <3

Nheko now also supports fallback keys, which should make E2EE more reliable after long periods of being offline and you can send images by pressing enter again. The privacy screen is also now fixed for separate room windows and our flatpak supports more image formats.

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle announces

  • On Element Web this week we’ve smashed some bugs including those around Threads.
  • Threads work continues as we’re aiming to improve the notifications and read receipts to improve the experience.
  • Continuing to make improvements to our automated tests.
  • The team is driving to complete the work needed to move our new search experience out of Beta. We think this new search is easier to use and helps folks to find what they’re looking for faster.
  • We’re also making improvements specifically for new users, this will include a new home screen, watch out for those!

In labs (you can enable labs features in settings on develop.element.io or on Nightly):

  • Video rooms; We’re ironing out some of the details to polish the experience

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Ștefan reports

  • This week we’ve fixed a crash, and a few bugs; specifically the bug where some rooms were missing from the room list.
  • On the iOS team generally we’re working towards a Sentry.io integration for better crash reporting to help us with this in the future.
  • Live location sharing and other features are making great progress.
  • Our new first time user experience will be ready for feedback soon!
  • ElementX has been refactored to adopt Swift’s new structured concurrency.

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

adam says

  • This week we added emoji14 support so if you want to hide 🫣 , salute 🫡 , or melt 🫠 for your friends, you’ll soon be able to! 🫶 (for Android 12 and above, or devices that support emoji14)
  • We’re getting ever nearer to a new sign up flow for new users. Our flow today can be confusing and complex, especially when all you want to do is chat with friends. We’ve been working on simplifying the flow and we’ll announce a community testing session very soon!
  • Also new this week, we’ve opened up a new layout of the app to a small selection of folks. These 15 people will trial the new layout for us, providing feedback along the way. We’ll be opening it up to more feedback soon.

Element (website)

Everything related to Element but not strictly bound to a client

Danielle reports

Hello and happy Friday!

Threads

  • Threads are still in progress as we continue to make progress on the notifications and sort/ordering work that remains.
  • In order for notifications to work better, we need read receipts to be updated. We’ve got several MSCs ongoing, along with a few Proof of Concepts (PoCs) to move us forward.
    • MSC3771: Read receipts for threads
    • MSC3772: Push rule for mutually related events
    • MSC3773: Notifications for threads
  • With that we’ve also updated some layouts and completed some bug fixes, on all platforms.

Community testing

Dept of SDKs and Frameworks 🧰

Trixnity (website)

Multiplatform Kotlin SDK for Matrix

Benedict says

Trixnity 2.1.0 has been released. It includes support for Server-Server-API endpoints (client and server) and fetching missing TimelineEvents in client. The latter is used for fragmented timelines: If you want to show a timeline starting from any EventId and RoomId (e. g. from unread marker), Trixnity will try to fetch missing TimelineEvents from server. If you reach TimelineEvents, that are already saved in the local database, the timeline fragments are merged magically 🧙

Ruma (website)

A set of Rust library crates for working with the Matrix protocol. Ruma’s approach to Matrix emphasizes correctness, security, stability and performance.

Kévin Commaille announces

Since our last update from about a month ago, we had two bugfix releases:

  • Ruma 0.6.2 added methods to get the current room powerlevels from a StrippedPowerLevelsEvent and to get a user's membership whether the state event is redacted or not, and added a missing export to track member changes.
  • Ruma 0.6.3 fixed the serialization and deserialization of events with a dynamic event_type and added convenience constructors for logging in with a UserIdentifier.

We have also landed a bunch of internal work:

And there are of course new fixes and features for our next release:

matrix-rust-sdk (website)

Matrix Client-Server SDK for Rust

ben reports

The majority of changes we've seen over the last week, where minor fixes in style, squashing of bugs and CI improvements as most work is currently happening in the background on Sliding Sync, mobile and UniFFI support. But there have been two additions worth mentioning: first, we've improved on the autojoin example for appservices, and secondly we've merged a community contribution to make resolving of room-alias more handy.

👉️ Wanna hack on matrix rust? Go check out our help wanted tagged issues and join our matrix channel at #matrix-rust-sdk:matrix.org.

Matrix Dart SDK (website)

Matrix SDK written in pure Dart.

Henri Carnot announces

This week, the team released version 0.9.7.

This week, we migrated to Matrix Api Lite 1.0.0, our simple wrapper around the matrix API endpoints and data models. This means we are now using the v1.2 Matrix spec 🎉.

Also, support for HiveCollections as Database provider was added now that our patches to hive were accepted upstream. And we now provide a way to dump and restore the client local database.

Finally, we fixed a bug with where reactions were not properly discarded from the cache and some bugs in our e2e tests.

See you next time ;)

Dept of Events and Talks 🗣️

saces reports

Matrix User Meetup Berlin

Next Matrix user meetup 1.6.2022, 8 pm @ c-base

Meet other matrix users, chat about Matrix, the rest, and everything else, discuss your Matrix ideas, sign each other in persona, and maybe spice the evening with a good mate or beer.

Also when the bbq is lit you may wish you brougth your favorite item :)

Every first Wednesday of the month in the c-base at 8pm ('til the next pandemic).

Matrix room: #mumb:c-base.org

Dept of Rockets 🚀

uhoreg shared with us a press release from Rocket.Chat announcing their work on interoperability with Matrix. It is super exciting to see another big player join the ecosystem. Watch this space next week for more announcements!

Dept of Ping 🏓

Thib is out this week, therefore so are the ping stats in TWIM (don't worry, they'll be back next week!).

You can still go check them out yourself in #ping:maunium.net and #ping-no-synapse:maunium.net!

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

This Week in Matrix 2022-05-20

20.05.2022 20:03 — This Week in Matrix Thib

Matrix Live 🎙

Dept of Social Good 🙆

Thib says

Element has signed the open letter of the Global Encryption Coalition, of which we are members of. We are working with them to push back against any intrusive measures that could compromise the privacy of users.

Dept of Spec 📜

Andrew Morgan (anoa) reports

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

New MSCs:

MSCs with Proposed Final Comment Period:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Merged MSCs:

Spec Updates

Some new MSCs popping up this week around widgets, room types, fixing notifications with threads and room version 11! Though note that the last one currently serves as a means for the Spec Core Team to publicly track what should be included in room version 11, and is by no means is its content considered final.

The Spec Core Team are currently focused on room version 10 and getting Matrix v1.3 out the door soon. There's also been some discussion on MSC2676: Message editing this week, with the intention of finally landing that in the spec. Thanks to richvdh for driving the charge there.

Random MSC of the Week

The random MSC of the week is... MSC1902: Split the media repo into s2s and c2s parts!

Homeservers currently make use of Client Server Media APIs to pull media from other homeservers over federation. This has worked for a long time, but is a bit of a confusing blur of the lines between client<->server and server<->server traffic. It also makes it difficult to require different authentication rules for clients versus servers.

This MSC aims to help clean that up. Take a look if you're interested!

Dept of GSoC 🎓️

Thib says

It's May 20, and Google has announced the results for its Summer of Code program.

This year the Matrix.org Foundation participated, and we could be granted the five slots we asked for!

  • Jayesh Nirve is going to work on WebRTC support for FluffyChat, mentored by Krille
  • nannako is going help handling multimedia files in kazv, mentored by tusooa
  • Aditya Rajput will implement encrypted search for Matrix, mentored by cvwright
  • Munukurthi Binesh is going to work on 3rd Party Authorised Room Membership, mentored by Cadair
  • r0hit2005 will work on updating the implementation of VoIP support, mentored by Nico

Many thanks to all the candidates, we had some very strong proposals this year.

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

Brendan Abolivier announces

This week we released Synapse 1.59, which features a bunch of niceties including new features, bug fixes and performance improvements. Read all about it, including increased flexibility for workers and improvements on push rules, on the matrix.org blog!

Aside from this, the team is still hard at work and focusing on making Synapse better, among other things by looking at improving performances on room join and decreasing memory usage.

Dept of Bridges 🌉

matrix-hookshot (website)

A multi purpose multi platform bridge, formerly known as matrix-github

tadzik says

matrix-hookshot 1.7.0 is out

Last week new version of Hookshot came out starring the following changes:

  • Docker images can now be built cross-platform. Thanks Paul for getting arm64 builds going!
  • Improved GitLab push hook formatting: markdown commit hashes, link "N commits" to the list of commits, if there are more commits than can be shown only link instead, and show committer unless a single person committed and pushed
  • RSS feed support got a configuration widget: now need for using bot commands anymore! (though they are still supported)
  • Added widgets.openIdOverrides option to help developers test configuration widgets locally
  • Fixed regression where GitHubRepo and GitLabRepo connection config options were not being honoured

and more! Visit #hookshot:half-shot.uk to follow the development in real-time.

matrix-appservice-kakaotalk (website)

A Matrix-KakaoTalk puppeting bridge.

Fair announces

Last week's testing updates are now in master!

Also included:

  • Better error handling: if the backend hits an error that causes your connection to KT chats to be dropped, the bridge should notify you about it (not that it should ever happen in the first place, but you never know!)
  • Better logging: the Node module can be configured to print the arguments of RPC commands received from / sent to the Python module. The example Node config includes a default set that should be helpful for general debugging.
  • Room metadata bridging: setting an Open Chat title & topic from Matrix should work now!
    • Setting the title of a Direct Chat should work too, but topics remain unbridged (since KT Direct Chats don't have topics/descriptions)
  • Defensive error handling: Attempts to add a non-friend user to a DM will be refused by the bridge, since KT only allows Direct Chats between friends
    • KT does allow "1:1 Open Chats" between non-friends, but those aren't bridged yet

Also, testing adds support for joining KakaoTalk rooms from Matrix, either by joining an existing portal or providing an Open Chat URL to the bot with a join command. ...However, I've been unable to test this, since KT is stingy about whom it allows to join Open Chats! So please give this a try if you can.

In other news, this bridge is now listed on Matrix.org! 🥳 Thanks Thib !

Also, for the time being, I will be taking a hiatus from this bridge & the LINE bridge, as I'll be quite occupied for the foreseeable future on account of having joined Element 🤩!! (The bridges aren't paused forever--I just have to work out the details of their future before making any promises I can't keep 🙂)

Special thanks to all those who have given feedback & advice on these bridges, and to Beeper for having sponsored their development ❤️

matrix-appservice-discord (website)

A bridge between Matrix and Discord.

Half-Shot announces

Hello! Just a notice to say that the `matrix-appservice-discord project has kindly been adopted by the matrix.org foundation, which means that hopefully there will be a lot more time available to maintain it than when it was my personal project! We expect to have a new update for you (the first one in 1.5 years) very soon! If you've got any questions about this, please feel free to ask in the usual spots like #discord:half-shot.uk.

Happy bridging!

Heisenbridge (website)

Heisenbridge is a bouncer-style Matrix IRC bridge.

hifi says

Release v1.13.0 🥳

  • Read default port and listen address from config url (@BtbN)
  • Improvements to pillifying IRC nicks, again
  • Fixes for AUTOQUERY not always working correctly
  • Allow anyone to use STATUS command to get their own status
  • Filter control characters only for plumbs so people can send garbage to IRC if they wish from Matrix
  • Support for converting IRC color codes to Matrix (@tjaderxyz)
  • Fixed compose docker Synapse configuration for registration
  • Improved Python 3.10 compatibliy (@BtbN)
  • Hidden room to hide joins using restricted rooms join rule (@BtbN)

Some cool stuff this time around! Aside from many bug fixes this release has two great new features: IRC message colors and hiding invites from channels.

IRC colors are enabled by default and are rendered how your Matrix client sees fit. They can be disabled per network if needed.

Hiding joins works with room v9 restricted join rules feture to allow IRC ghosts to join rooms without an invite from the bridge bot first. This clears some clutter and may even make joining a bit faster in the long run - we will see. This feature is disabled by default and needs to be enabled by the bridge administrator as it is consiered a "labs" feature for now.

Go and get a Dell from GitHub, PyPI or matrix-docker-ansible-deploy!

Thanks!

Dept of Clients 📱

Neochat (website)

A client for matrix, the decentralized communication protocol

Tobias Fella says

In the last weeks, we've landed a few smaller features and papercut fixes in NeoChat:

  • Urls will now more often be shown as links
  • A couple of input processing bugs have been fixed, which lead, among others, to fewer broken ASCII emojis :)
  • Clicking on a notification will now properly open NeoChat even on wayland 🥳
  • Users can now disable sending typing notifications

We're also making progress on the end-to-end encryption support where we hopefully will soon have news from libQuotient's side.

Element (website)

Everything related to Element but not strictly bound to a client

kittykat says

Threads

Community Testing

  • We ran 47 different tests on this week’s RC and found 20 defects/potential improvements
  • We are inviting community testers to take part in the Android and iOS app layout experiments
  • For more info on our next testing sessions (sync or async), you can join us at #element-community-testing:matrix.org!

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

kittykat says

  • Improved logging Jitsi errors for video call issues
  • Added option to ignore user when reporting spam
  • Made lots of improvements to our automated tests
  • Show metaspaces even when there are no real spaces joined
  • Add shortcut to get to the explore space page more easily via the space avatar in the left panel
  • Remove invites from breadcrumbs
  • Fall back to untranslated strings rather than showing error for missing translations
  • Improve lightbox (image viewing when you click on an attached file or profile pic)
  • Improve email verification dialog on registration page
  • In labs (you can enable labs features in settings on develop.element.io or on Nightly):

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Ștefan says

Element iOS

  • We have a release candidate available that squashes quite a few problematic bugs
  • Mention pills have been improved and are now better than ever
  • Work is continuing on the new authentication flows and live location sharing
  • Launching home layout experiment next week

Element X

  • The iOS FII crate is now being checked on the CI and has been merged into the main RustSDK branch
  • We're making progress on crash reporting tools and rage shakes
  • Starting on adopting Swift's async/await throughout the project

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

benoit says

  • Launching spaces layout experiments next week
  • Release 1.4.16 is out. Should be available in production at the beginning of next week. Sadly this release will not be available on F-Droid.
  • FTUE screens are nearly finished. We are implementing the latest ones. For instance Email input and validation.
  • Also still working on the integration of the crypto Rust SDK. We are at a point of fixing the remaining issues.

Cinny (website)

Cinny is a Matrix client focused on simplicity, elegance and security

Lozenge says

Cinny v2.0.3 - What's changed

  • Add the ability to focus on paste
  • Add allowCustomHomeservers config option
  • Fix crash in a room without m.room.create state event
  • Fix message edit isn't reflected in the reply
  • Fix join room with alias
  • Fix crash on leaving room

Find more about Cinny at https://cinny.in/ · Join our room: #cinny:matrix.org · Github: https://github.com/ajbura/cinny · Twitter: https://twitter.com/@cinnyapp

Dept of Non Chat Clients 🎛️

Populus Viewer (website)

A Social Annotation Tool Powered by Matrix

gleachkr says

In the last two weeks, populus-viewer has seen some exciting changes:

Here's a demo video of video annotation, and a screenshot of the new landing page:

Dept of Widgets 🧩

Mjolnir Widget (website)

A widget for moderating with mjolnir. Highly WIP. Use at your own risk!

MTRNord (they/them) reports

Hi, just some small update this week:

  • Philantrop 🏳️‍🌈 pointed out the widget was missing the room ban type, which is now added to the widget.
  • The ban list view now also shows the room id of the room the ban is from. (it will get extended to be an alias at some point. This is planned)
  • Dependencies have been updated.

Check it out at https://github.com/MTRNord/matrix-moderation-widget or join #mjolnir-widget:nordgedanken.dev if you have any questions.

Dept of SDKs and Frameworks 🧰

matrix-rust-sdk (website)

Matrix Client-Server SDK for Rust

ben says

Post release (we have release 0.5.0 last week) the main focus was on minor fixes and bigger features we had pending but didn't want to merge before. Aside from a few documentation and other minor fixes - among others switching to resolver v2 or more accurate power_level calculation - the biggest merge was around the FFI interface for Apple (iOS and Mac), which we have initial support for now 🎉.

The main work is currently happening behind the scenes, while we prepare for the upcoming tasks - like WASM and NodeJS support for the crypto-crate and work on UniFFI. We are also hardening our processes for improved security and risk management around our code base, dependencies and the potential to ship binaries.

👉️ We are very happy about the influx of people, who joined our developer community questions since the release. We'd like to take this opportunity again to invite anyone else interested in hacking on matrix in rust to check out our help wanted tagged issues and join our matrix channel at #matrix-rust-sdk:matrix.org.

Matrix Dart SDK (website)

Matrix SDK written in pure Dart and maintained by famedly.com

Henri Carnot reports

Matrix Dart SDK : Version 0.9.6

This week, the team released version 0.9.6.

This release brings various bug fixes. We fixed cache corruption with fragmented timeline, and we now gracefully handle invalid recent emojis states.

Also, we now properly update the user lastActiveAgo on presence event updates and not when opening a room.

Finally, we moved the MSC2835 support into its own extension.

See you next time ;)

Dept of Services 🚀

Samuel Philipp says

We are proud to announce that Ossrox is now listed as a hosting provider on matrix.org! 😍 We offer Matrix Home Servers via https://ossrox.org - for the time being only in the German-speaking area. We are dedicated to hosting open-source software and also offer other services in the messaging, groupware and web meeting segments. If you got any questions, just reach out to us at #public:ossrox.org.

Dept of Interesting Projects 🛰️

addanno says

Hello Matrix friends. We have recently launched an online learning platform that has Element at its core. We added some great features such as annotations for both course material and web pages. Here is an overview video of what we are doing.

https://www.youtube.com/watch?v=rY3safwbllQ

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1envs.net441.5
2thewords.faith482
3almum.de551
4lw1.at661
5matrix.org768
6aria-net.org897
7quyo.de963
8mindlesstux.com970
9shortestpath.dev1205
10phorcys.net1395

#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1conduit.grich.sk179
2grin.hu702
3cry.is705
4sspaeth.de1174

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.59 released

18.05.2022 00:00 — Releases Brendan Abolivier

Synapse 1.59 is out! Let's see what's new in this version.

Generic worker types

When Synapse instances are subject to high load, it can be useful to use workers to balance the load more effectively. Workers are separate processes that can take some of the load off the main Synapse process, and allow the homeserver to scale more effectively.

In the past, Synapse only provided a specific set of types of workers, each capable of handling a specific set of operations. For some time now we have been working on allowing more flexibility around worker configuration, which started all the way back in Synapse 1.12.0 with the introduction of a generic worker application type.

Synapse 1.59 furthers this work by deprecating the synapse.app.appservice and synapse.app.user_dir worker application types. Homeserver administrators should change the configuration of instances using these types to the generic synapse.app.generic_worker application type, and use the notify_appservices_from_worker and update_user_directory_from_worker to delegate application service and user directory work (respectively) to a worker.

See the upgrade notes for more information on this change.

Push rules

Push rules allow Matrix clients to define notification rules on a homeserver. One often reported issue with notification in Matrix is the fact that notifications are sent out when server ACLs, which define which server(s) can and cannot interact in a room, change. This is especially annoying during big waves of abuse, as there might be multiple servers that need to be banned from rooms, thus causing a lot of unneeded notifications.

Synapse 1.59 now supports silencing server ACL updates, by implementing the new push rule documented in MSC3786. However, since this MSC hasn't been incorporated into the spec yet, this behaviour is disabled by default in Synapse: see the implementation pull request for more information on turning it on.

Synapse 1.59 also allows third-party modules to validate and change the actions associated with an existing push rule via the Module API. This is helpful for modules wishing to, for example, configuring specific notification settings when new users register.

Everything else

As of Synapse 1.59, Synapse will not communicate the name of devices over federation (unless configured otherwise), in order to better preserve user privacy. See the upgrade notes for more information.

Also note that we have issued a patch release for 1.59 (1.59.1) which fixes a long-standing bug that started to bite a good amount of server administrators. Server admins that are looking into upgrading their instance to Synapse 1.59 are recommended to upgrade to 1.59.1 rather than 1.59.0.

See the full changelog for a complete list of changes in this release. Also please have a look at the upgrade notes for this version.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Beeper, Dirk Klimpel, Šimon Brandner, henryclw and Andrew Do.

Independent public audit of Vodozemac, a native Rust reference implementation of Matrix end-to-end encryption

16.05.2022 17:04 — General Matthew Hodgson
Last update: 16.05.2022 16:02

Hi all,

It’s been quite a while since our last independent E2EE review, and so we’re incredibly proud to present an entirely new independent security audit of vodozemac, our next generation native Rust implementation of Matrix’s Olm and Megolm E2EE protocols. The audit has been conducted by Least Authority, who specialise in comprehensive audits of security-sensitive decentralized technologies - and we are very grateful to gematik, who kindly shared the costs of funding the audit as part of their commitment to Matrix for healthcare in Germany.

This audit was a bit of a whirlwind, as while we were clearly overdue an audit of Matrix’s E2EE implementations, we decided quite late in the day to focus on bringing vodozemac to auditable production quality rather than simply doing a refresh of the original libolm audit. However, we got there in time, thanks to a monumental sprint from Damir and Denis over Christmas. The reason we went this route is that vodozemac is an enormous step change forwards in quality over libolm, and vodozemac is now the reference Matrix E2EE implementation going forward. Just as libolm went live with NCC’s security review back in 2016, similarly we’re kicking off the first stable release of vodozemac today with Least Authority’s audit. In fact, vodozemac just shipped as the default E2EE library in matrix-rust-sdk 0.5, released at the end of last week!

The main advantages of vodozemac over libolm include:

  • Native Rust - type, memory and thread safety is preserved both internally, and within the context of larger Rust programs (such as those building on matrix-rust-sdk). This is particularly important given the memory bugs which libolm sprouted, despite our best efforts to the contrary.
  • Performance - vodozemac benchmarks roughly 5-6x faster than libolm on typical hardware
  • Better primitives - vodozemac is built on the best practice cryptographic primitives from the Rust community, rather than the generic Brad Conte primitives used by libolm.

Also, we’ve finally fixed one of the biggest problems with libolm - which was that the hardest bit of implementing E2EE in Matrix wasn’t necessarily the encryption protocol implementation itself, but how you glue it into your Matrix client’s SDK. It turns out ~80% of the code and complexity needed to securely implement encryption ends up being in the SDK rather than the Olm implementation - and each client SDK ended up implementing its own independent state machine and glue for E2EE, leading to a needlessly large attack & bug surface.

To address this problem, vodozemac is designed to plug into matrix-sdk-crypto - an SDK-independent Rust library which abstracts away the complexities and risks of implementing E2EE, designed to plug into existing SDKs in any language. For instance, Element Android already supports delegating its encryption to matrix-sdk-crypto; Element iOS got this working too last week, and we’re hard at work adding it to Element Web too. (This set of projects is codenamed Element R). Meanwhile, Element X (the project to switch Element iOS and Element Android to use matrix-rust-sdk entirely) obviously benefits from it too, as matrix-rust-sdk now leans on matrix-sdk-crypto for its encryption.

Therefore we highly recommend that developers using libolm migrate over to vodozemac - ideally by switching to matrix-sdk-crypto as a way of managing the interface between Matrix and the E2EE implementation. Vodozemac does also provides a similar API to libolm with bindings for JS and Python (and C++ in progress) if you want to link directly against it - e.g. if you’re using libolm for something other than Matrix, for example XMPP, ActivityPub or Jitsi. We’ll continue to support and maintain libolm for now though, at least until the majority of folks have switched to vodozemac.

In terms of the audit itself - we recommend reading it yourself, but the main takeaway is that Least Authority identified 10 valid concerns, of which we addressed 8 during the audit process. The remaining two are valid but lower priority, and we’ll fix them as part of our maintenance backlog. All the issues identified are excellent valid points, and we’re very glad that Least Authority have added huge value here by highlighting some subtle gotchas which we’d missed. (If you write Rust, you’ll particularly want to check out their zeroisation comments).

So: exciting times! Vodozemac should be landing in a Matrix client near you in the near future - we’ll yell about it loudly once Element switches over. In the meantime, if you have any questions, please head over to #e2ee:matrix.org.

Thanks again to gematik for helping fund the audit, and to Least Authority for doing an excellent job - and being patient and accommodating beyond the call of duty when we suddenly switched the scope from libolm to vodozemac at the last minute ;)

Next up: we’re going to get the Rust matrix-sdk-crypto independently audited (once this burndown is complete) so that everyone using the matrix-sdk-crypto state machine for Matrix E2EE can have some independent reassurance too - a huge step forward from the wild west of E2EE SDK implementations today!

– Matthew

This Week in Matrix 2022-05-13

13.05.2022 18:50 — This Week in Matrix Thib

Matrix Live 🎙

Dept of Spec 📜

Andrew Morgan (anoa) says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

New MSCs:

MSCs with Proposed Final Comment Period:

  • No MSCs had final comment period proposed this week.

MSCs in Final Comment Period:

Merged MSCs:

  • No MSCs were closed this week.

Closed MSCs:

Spec Updates

The Spec Core Team has decided to not include MSC3440 (threading via m.thread relations) specifically in the upcoming Matrix v1.3 release. We previously stated that it would be in v1.3, but there's a few unproven MSCs (namely MSC3773 (notifications for threads)) which make it feel improper to put threads into the spec at this stage. We're aiming for a future (very near) spec release to contain threads, assuming we can get enough of the feature landed. This is a very similar approach to what we did with Spaces: while the core feature existed as FCP-concluded for a while, we wanted to give some other MSCs a chance to land before writing it up formally.

As a follow-on from this, any implementations that are currently assuming "v1.3" spec support translates to threading support should note the following:

  • Clients which are pre-emptively checking for v1.3 in /versions should stop doing that. Look for org.matrix.msc3440.stable as an "unstable" feature flag instead.
  • Servers which offer MSC3440's behaviour should expose it on stable endpoints and expose org.matrix.msc3440.stable for clients to detect.
  • Optionally, clients and servers can drop support for the org.matrix.msc3440 (truly unstable) flag, given clients & servers should have already upgraded.

At the spec level, we'll still be writing up MSC3440's dependencies (aggregations and friends), but will notably be missing MSC3440 specifically in v1.3. If folks can update their clients urgently, it would be massively appreciated!

Random MSC of the Week

The random MSC of the week is... MSC2596: Proposal to always allow rescinding invites!

A simple change to the auth rules to help prevent an edge case where one is able to invite a user, but not disinvite them as the latter requires a separate permission. The MSC attempts to solve this by always allowing the cancellation of invitations you've sent.

A small MSC, but one with some open threads still. Perhaps a good opportunity to go in and clean it up!

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

squah says

Hello everyone. This week the team cut a release candidate for Synapse v1.59, which includes:

Meanwhile, the core team has looking at caches and memory usage: Erik has been looking at ways to reduce the memory usage of small servers, Shay's been adding some exciting new config options to limit the total memory usage of Synapse and David's added the ability to reload the cache factors of a running Synapse instance via SIGHUP.

In parallel, Olivier's been doing groundwork to reduce replication traffic for workerised Synapse deployments, Andrew (anoa) has been looking at media retention policies and work continues on faster room joins.

Dendrite (website)

Second generation Matrix homeserver

neilalexander reports

This week we've actually made two releases — Dendrite 0.8.4 and Dendrite 0.8.5 — which are both primarily targeting performance and bug fixes.

We've also released our new living documentation, which is available at https://matrix-org.github.io/dendrite/, which features new installation instructions and documents that will be helpful to Dendrite server administrators. We will be writing more documentation and expanding this over time.

Changes include:

  • The built-in NATS Server has been updated to version 2.8.2
  • Monolith deployments will no longer panic at startup if given a config file that does not include the internal_api and external_api options
  • State resolution v2 now correctly identifies other events related to power events, which should fix some event auth issues
  • The latest events updater will no longer implicitly trust the new forward extremities when calculating the current room state, which may help to avoid some state resets
  • The one-time key count is now correctly returned in /sync even if the request otherwise timed out, which should reduce the chance that unnecessary one-time keys will be uploaded by clients
  • The create-account tool should now work properly when the database is configured using the global connection pool
  • Fixes a regression introduced in the previous version where appservices, push and phone-home statistics would not work over plain HTTP
  • Adds missing indexes to the sync API output events table, which should significantly improve /sync performance and reduce database CPU usage
  • Building Dendrite with the bimg thumbnailer should now work again (contributed by database64128)

As always, feel free to join us in #dendrite:matrix.org for more Dendrite-related discussion.

Dept of Bridges 🌉

matrix-appservice-kakaotalk (website)

A Matrix-KakaoTalk puppeting bridge.

Fair reports

Most of this week's fixes are in the testing branch, so try it out!

  • Ability to DM your own KakaoTalk puppet
  • Fix to the problem of needing to DM a puppet twice to start chatting with them
  • Fixes to leaving KakaoTalk chats from Matrix (via the !kt leave bot command)
  • Nicer output of the whoami command, to make it easier to click on your own KakaoTalk puppet to DM it

Coming soon:

  • Proper support for setting an Open Chat title & topic from Matrix
  • Support for joining KakaoTalk rooms from Matrix, either by joining an existing portal or providing an Open Chat URL to the bot with a join command

Dept of Clients 📱

Ement.el (website)

Matrix client for Emacs

alphapapa announces

Ement.el, a Matrix client for [GNU Emacs](https://www.gnu.org/software/emacs], received some more updates this week:

Additions

  • New Transient-based command menu for room buffers, bound to ?.
  • New command ement-list-members, which lists all members in a room.
  • Member completion now completes from all members in a room (rather than only those whose messages have been seen).
  • Power-level events are displayed.
  • Grouped membership events have tooltips showing each member's individual event.
  • When usernames are colorized, message bodies may optionally be colorized in a less intense shade of the same color, so they are easily distinguished yet easy on the eyes (and, of course, the shading is customizable).

Changes

  • When displaying usernames in the margin, names that are wider than the margin are abbreviated, with the full name in the tooltip.

Fixes

  • Typing notifications (recently broken--oops!).
  • Sending direct messages marks new direct rooms as direct rooms.
  • Event notifications for rooms not displayed in a buffer.

As always, feel free to join us in #ement.el:matrix.org.

Element (website)

Everything related to Element but not strictly bound to a client

Danielle announces

Hello and welcome to another Element TWIM!

Threads

  • We’re still hard at work improving the Threads Beta experience for y’all. Starting with Notifications and UI polish.

Community testing

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle reports

In labs (you can enable labs features in settings on develop.element.io or on Nightly):

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Ștefan says

  • The newest version of the app (1.8.14) was released on Monday! In this release we’ve made a bunch of improvements and bug fixes, check it out here
  • 💊 We also merged an initial version of mention pills and are working on ironing out edge cases. Exciting!
  • There’s good progress on the new authentication flows and live location sharing, both of which we’re looking forward to sharing and testing with you soon.
  • On the ElementX front we're nearly done with the DevX setup and are working towards using the latest Rust SDK
    • unit and UI test runs on the CI and Codecov.io coverage reports
    • swiftlint, danger-swift and sonarcloud.io checks for code quality
    • automatic generation of PR builds, published on diawi
    • scripts for importing and reusing localizable strings from Android
    • towncrier changelogs and more

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

Danielle reports

  • We’ve been working on smashing bugs, improving stability, and reducing crashes.
  • Our first time user flow is progressing - we’re starting to test the new authentication flow internally and will be asking for help testing this soon.

Cinny (website)

Cinny is a Matrix client focused on simplicity, elegance and security

ajbura says

Cinny v2.0.0: Session verification and other e2ee features

Features

  • Redesign app/user settings
  • Add support to manage cross-signing and key backup
  • Add support to manage sessions
  • Add Session verification by emojis
  • Add recently used section to emoji board
  • Add LaTeX / math input and rendering support
  • Add notification sounds
  • Add sound on incoming invites
  • Sort DM's by activity
  • Sort search results by activity
  • Improve jump to unread button
  • Replace confirm and prompt with custom dialogs
  • Adapt to different device widths
  • Native application using Tauri

Bugs

  • Fix loading on older browsers
  • Fix crash on load and room creation on dendrite
  • Fix can't open spaces from public room list
  • Fix max power level in room permissions
  • Fix incorrect custom html crashing app
  • Fix crash on unable to getContent of tombstoned room
  • Don't enable e2ee for bridged platform

See release at: https://github.com/ajbura/cinny/releases/tag/v2.0.0

Cinny for desktop

Since this release, we are also shipping a desktop app of Cinny for Windows, MacOS and Linux. You can download the app for your platform from https://github.com/cinnyapp/cinny-desktop/releases

Find more about Cinny at https://cinny.in/ Join our channel at: #cinny:matrix.org Github: https://github.com/ajbura/cinny Twitter: https://twitter.com/@cinnyapp

Dept of SDKs and Frameworks 🧰

matrix-rust-sdk (website)

Matrix Client-Server SDK for Rust

ben reports

The Rust Matrix team is very excited to announce the next major release Matrix SDK 0.5 "stores and native crypto", now available for everyone by adding matrix-sdk = "0.5.0" to their dependencies in their Cargo.toml. This first major release in about 8 months brings significant changes many have been waiting for:

  • Better, safer, native-er crypto: matrix-sdk 0.5 ditches libolm in favor of Vodozemac, the completely fresh rust-native re-implementation of the crypto crate. It has also been audited, the report of which is scheduled to be released soon.
  • Store revamp: the entire cache storage infrastructure for crypto and state has been restructured to allow for full plug-ability, with even the two default supported backends, sled and indexeddb both being separate crates now. And as a matter of fact, a community-driven sql implementation has already been published as beta (with postgres and sqlite support) by charlotte 🦝.
  • WebAssembly; both of these changes also allow us to finally make WASM a Tier 1 supported target for the SDK. Not only does it build and even use the browser native indexeddb for permanent storage, we also have CI tests ensuring nothing will break this support going forward.
  • Features, Features and Process: there's plenty more features and bug fixes in this release, e.g. native thumbnail generation support, as well as changes on our processes going forward.

For more details, check out the Release Notes.

Sidenote: If you want to contribute, or just learn Rust by actually doing it, we recommend taking a look team at the help wanted issues in our repo.

Dept of Ops 🛠

Buscarron (website)

Web forms (HTTP POST) to matrix

Aine announces

Buscarron v1.1.0 is here

Buscarron is the new backoffice of the etke.cc and its main feature is to receive web forms (HTML/HTTP POST) and convert them into (encrypted) matrix messages.

So, what's new?

  • Email confirmation after form submissions with Postmark
  • Templates support for redirect URLs
  • Automatically ban spammers, scanners and bots

Check out the source code and say hi in #buscarron:etke.cc

Dept of Bots 🤖

Who's In This Room Matrix Bot

Jake C says

If you use Matrix with the Signal bridge (or any bridge) with relay mode enabled, your guests have probably experienced the confusion where they don't know who else (on Matrix) is in the chat as only Matrix can double-puppet.

When this bot is added to a Matrix room, it will announce:

  • Who the room members are when a new Signal user joins;
  • When a Matrix user joins or leaves, who that Matrix user was.

I built it just this afternoon using the excellent matrix-bot-sdk, but it's in Typescript and has plentyful unit tests!

I don't currently have a public bot, but if anyone is interested please join #whos-in-this-room-bot-discussion:jakecopp.chat and say hello!

PRs for adding support for other chat apps (basically identifying which bridge from the puppeted username) are very welcome! https://github.com/jakecoppinger/whos-in-this-room-matrix-bot

Dept of Events and Talks 🗣️

J. Ryan Stinnett says

The videos from the HYTRADBOI conference a few weeks back are now publicly available, in case anyone was curious but couldn't make the conference. I gave a talk about building collaborative, open software on Matrix. The whole conference was great, so I recommend browsing the schedule for videos that may interest you. 😄

Dept of Interesting Projects 🛰️

uhoreg reports

Loomio, an open source collaborative decision making tool, now supports integrating with Matrix rooms using their chatbot. They previously supported other (lesser) chat systems, but have recently added support for Matrix.

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1envs.net451
2loang.net576
3jameskitt616.one842.5
4aria-net.org857
5jeroenhd.nl892
6mindlesstux.com983
7shortestpath.dev1014
8quyo.de1345
9matrix.nicfab.it1571
10halogen.city1599

#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1jameskitt616.one171
2loang.net307
3foxo.me540
4cry.is763
5kszczot.pl777.5
6dendrite.matrix.org844.5
7beckmeyer.us851.5
8dendrite.neilalexander.dev1225.5
9schuwi.science1620
10sspaeth.de1978

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

This Week in Matrix 2022-05-06

06.05.2022 00:00 — This Week in Matrix Thib

Matrix Live 🎙

Dept of Spec 📜

Andrew Morgan (anoa) reports

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

New MSCs:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

MSCs with proposed Final Comment Period:

Merged MSCs:

  • No MSCs were merged this week.

"Wowza, that's a lot of new MSCs!" I hear you say. This is actually a listing of the last 3 weeks, as it was pointed out to me that the last 3 editions of TWIM have not all features an MSC status update - which means some MSCs may not have necessary made it into the limelight.

As such, here's those from this past week, as well as the ones that were missed!

Spec Updates

It's that time of the year again - a new Spec release is on the horizon! Matrix v1.3 is expected to land sometime this month, and will include:

  • MSC3440 (threads) + related MSCs
  • MSC3787 (knock+restricted join rules)
  • MSC3604 (room version 10)
  • Any other MSCs which have so far been accepted, but not yet made it into the spec.

MSCs which land between now and v1.3 might get incorporated if easy enough, though chances are they'll slip to v1.4 (expected next quarter).

On top of that, the other bit of news is that the proposal-in-review label has now been removed from the matrix-spec-proposals repo and thus all MSCs. This doesn't mean your MSC is no longer in review! We simply found the label redundant along with the other labels in the process (it was attached to all MSCs which hadn't been accepted/merged yet, which means very little) and thus we decided to remove it to reduce noise.

Random MSC of the Week

The random MSC of the week is... MSC2881: Message Attachments!

This MSC has actually been potentially(?) superseded by MSC3382. In short, both look to provide a solution to the problem of attaching (multiple!) images to messages, such that clients can display an album of images in a single event in the timeline.

Check it out if you're interested in introducing such a feature!

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

Andrew Morgan (anoa) says

Synapse v1.58.0 was released this week! Check out the v1.58 blog post for the full scoop, but the highlights are:

  • Our Docker images and Debian packages are now built from a dependency lockfile courtesy of Poetry. Props to David for leading the charge on this multi-week epic.
  • An experimental implementation of MSC3383 has been contributed by @Bubu and @jcgruenhage at Famedly, which will help with proxying federation traffic, amongst other uses.
  • An experimental implementation of MSC2815 has been merged, which allows room moderators to view redact event content for the purposes of moderation. This was contributed by @tulir at Beeper.
  • Device list updates are now asynchronous thanks to Erik, leading to much faster login times for accounts in big rooms.
  • plus many other bug fixes and improvements!

We also released a v1.58.1 patch shortly afterwards to address an issue with the Debian packages on some configurations. Server admins not using the Matrix.org Debian packages do not need to install this patch release.

Otherwise, ongoing work from the core team continues with Sean and Rich working on faster room join performance, Olivier pushing forwards on testing Synapse with workers in Complement, while Erik has been tackling general performance work.

Dept of Bridges 🌉

matrix-hookshot (website)

A multi purpose multi platform bridge, formerly known as matrix-github

Half-Shot reports

Hey folks! We're announcing our 1.6.0 release for matrix-hookshot today. More features in this release: tadzik has gotten involved and given us support for RSS feeds in this release. You can check out how to get going with those in our hosted documentation.

The highlights this time around are:

  • Add RSS/Atom feed support (#315)
  • Add support for GitLab in the widgets configuration UI. (#320)
  • Send a notice when a GitLab merge request gets some review comments. (#314)
  • Add new !hookshot gitlab project command to configure project bridges in rooms. See the docs for instructions. (#321)
  • New hookshot_connection_event(_failed) metrics for tracking successful event handling. Reinstate matrix_* metrics which were previously not being recorded. (#312)

matrix-appservice-kakaotalk (website)

A Matrix-KakaoTalk puppeting bridge.

Fair announces

This week brings another round of big improvements & new features!

Features & fixes include:

  • Fixes to Docker support & the documentation for setting it up
  • Changes to the login flow
    • The bridge can now be configured to enforce a login flow that more closely matches the official KakaoTalk desktop client's, and to better warn you when a new login will kick out another one of your KT sessions. This will hopefully prevent the bridge from getting KT accounts banned!
  • Backfilling for KT->Matrix read receipts
  • Commands for adding/removing KakaoTalk friends
  • Commands to edit your KakaoTalk ID & mark it as shared or hidden
  • Matrix->KT DM creation, i.e. the ability to create a new DM with a KakaoTalk user from within Matrix
    • This might fail on the first attempt at creating a DM. If it does, try re-inviting the KakaoTalk puppet to the room.
  • Many stability & correctness improvements

With the combination of friends list curation & DM creation support, it should now be possible to connect with KT contacts entirely from Matrix! Simply add some friends, list them, and invite a listed friend to a 1:1 room!

matrix-appservice-irc (website)

Node.js IRC bridge for Matrix

Half-Shot announces

Hi folks, note that today (Wednesday) we released a high security update for the matrix-appservice-irc bridge. Please update to 0.34.0 as soon as you can.

Dept of Clients 📱

Thunderbird (website)

Thunderbird is a free open-source email, calendar & chat app.

freaktechnik reports

This week we released Thunderbird Beta 101.0b1. It includes a bunch of bug fixes for the Matrix implementation and shows reactions as system messages, so you know when someone gives you a 👍️.

Nheko (website)

Desktop client for Matrix using Qt and C++17.

Nico reports

Someone on Twitter complained that no chat client works like MSN anymore, where you could have separate windows for each chat. So for MSN compatibility we added that. (It is a bit experimental still, expect some stuff to not work or crash)

Bulbu also went through a lot of effort to add a second set of emoji shortcodes to Nheko. Those should be more familiar to people coming from other platforms or clients while the old shortcodes are available still as well. We also saw a lot of progress on the Finnish, Chinese, Indonesian and Russian translations, animated images should work properly in the image viewer again, buttons for opening the member list are now clearly marked with a people icon next to them. The memberlist is also now search- and sortable.

Anyway, have a look at how important multiple windows are:

FluffyChat (website)

Krille Fear reports

FluffyChat 1.4.0 has been released with a lot of bug fixes, performance improvements and new designs. Take a look at the new designed sign up screen, which also now supports recommended homeservers from joinmatrix.org

Krille Fear reports

Full changelog:

  • design: Display icon for failed sent messages (Krille Fear)
  • design: Display own stories at first place and combine with new stories button (Krille Fear)
  • feat: Add "Show related DMs in spaces" settings (20kdc)
  • feat: Better image sending experience (Krille Fear)
  • feat: Display event timestamp if selected (Krille Fear)
  • feat: Faster image resizing (Krille Fear)
  • feat: Groups and Direct Chats virtual spaces option (20kdc)
  • feat: New onboarding design (Krille Fear)
  • feat: Onboarding with dynamic homeservers from joinmatrix.org (Krille Fear)
  • feat: Play audio messages in stories (Krille Fear)
  • feat: Use native imaging for much faster thumbnail calc on mobile (Krille Fear)
  • feat: add Dockerfile for nginx/web builds (TheOneWithTheBraid)
  • feat: allow to create widgets (TheOneWithTheBraid)
  • feat: remove diacritics (henri2h)
  • feat: irish language support (Graeme Power)
  • feat: Enable screensharing on Mobile
  • feat: support AppImage builds
  • feat: Improve spaces design
  • fix: Android theme is not auto updating when system theme changes (Krille Fear)
  • fix: Chat view becomes gray for a second on sending reaction (Krille Fear)
  • fix: Don't request new thumbnail resolution on every window resize (Samuel Mezger)
  • fix: Dont display own failed-to-send events in stories (Krille Fear)
  • fix: Hide markdown in chat list preview and local notifications (Krille Fear)
  • fix: Hide pinned events if event is not accessible or loading (Krille Fear)
  • fix: Image sending (Krille Fear)
  • fix: Make audioplayer waveforms thinner and better clickable (Krille Fear)
  • fix: Some story layout bugs (Krille Fear)
  • fix: Widgets dialog crashes (Krille Fear)
  • fix: login form supports switching fields via tab (Philip Molares)

Ement.el (website)

Matrix client for Emacs

alphapapa announces

Ement.el has received several updates since the last time it was mentioned in TWIM:

Additions

  • A new room list command, ement-taxy-room-list, shows rooms grouped "smartly" (and programmably). (It will be made the default soon; until then, call the command to use it.)
    • The new room list shows unread-notification/highlight counts, similar to Element.
  • Basic support for spaces:
    • Rooms (and spaces) can be added to and removed from spaces.
    • Rooms are listed under their spaces in ement-taxy-room-list.
  • Reactions can now be toggled off (i.e. redacted) by clicking them, like in Element.
  • Command ement-room-send-file allows uploading non-image files to rooms, and file messages are now displayed usefully, so the files can be downloaded or viewed.
  • Command ement-ignore-user ignores and unignores users.
  • Command ement-tag-room adds and removes favourite, low-priority, or custom tags on rooms.
  • Command ement-room-occur allows searching messages in a room buffer, similar to Emacs's occur command (i.e. it locally searches already-received messages).
  • Membership events are now coalesced by default, similar to Element (especially helpful in large public rooms, like bridged IRC rooms, where join/part spam can be overwhelming).
  • "In reply to" links in replies, as well as other matrix.to links, can be activated in a room buffer to go to the linked message.
  • Mentions in outgoing messages are HTML-linkified (aka "pilled"), like Element.
  • Generated avatars for rooms that have none, similar to Element. (Only displayed in ement-taxy-room-list for now.)
  • Option ement-shr-use-fonts (disabled by default, which prevents HTML messages from being displayed in a different font).
  • Faces for favourite/low-priority rooms.
  • Redacted messages that are still known locally are now displayed with a strikethrough (after reconnecting, their content will be unknown).
  • When images are disabled, image messages are presented as clickable URLs, so they can still be viewed.
  • Some events, like membership events and images, are displayed alongside a vertical bar to help distinguish them from normal messages.
  • Even "hotter"-looking timestamps for rooms updated in the last hour.

Changes

  • Refactored notification system. Now easier to configure (see M-x customize-group RET ement-notify RET).

Fixes

  • Improved error handling when looking up homeserver hostnames and .well-known URIs.
  • Improved error handling when processing malformed events.
  • "Elemental" display style (not used by many users, apparently).

Come join us in #ement.el:matrix.org!

Element (website)

Everything related to Element but not strictly bound to a client

kittykat announces

Element

Decryption

  • Progressing through implementing sharing keys for past messages (MSC3061)
  • Improved UTD (Unable to Decrypt) analytics to gather more insight on the most common errors faced by users

Community testing

  • Thank you all who joined the async community testing sessions.
  • We tested 51 cases and found 16 issues and potential improvements this week in the RC (release candidates) between all platforms
  • Next week, we are planning to test:
    • New search experience on Web
  • For more info on our next testing sessions (sync or async), you can join us at #element-community-testing:matrix.org!

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

madlittlemods (Eric Eastwood) reports

In this months demos (also shown off at the top of the TWIM post), Eric showed off a proof of concept to anonymize your screenshots so you can easily include more context when submitting logs or bug reports without worrying where the bug occurred. The current concept will color block all of the text on the page to still maintain the structure of the app but completely hide the content itself.

This still has a ways to go before it's integrated in Element under the click of a button so if anyone wants to take over or give feedback, go comment on the issue, https://github.com/vector-im/element-web/issues/9615. If you want to use the anonymization now, you can manually run the JavaScript snippet from the issue in the browser devtools.

This mode could even be further extended further to include event_id labels in the corner of each message to easily correlate the logs to the screenshot.

Happy screenshotting!

kittykat reports

  • Continuing with UI polish and MSCs for releasing threads out of Beta:
    • MSC3771: Read receipts for threads
    • MSC3772: Push rule for mutually related events
    • MSC3773: Notifications for threads
  • We are testing out Sonarcloud, you’ll see comments from the sonarcloud bot in new PRs about bugs, vulnerabilities and other inconsistencies that it has found
  • Our first time user experience is getting some attention in Web. We’re working on simplifying a user’s first session as we know it can be pretty daunting
  • As part of our efforts to improve PR review times, we have put together some guidance on how to choose a good issue to work on
  • There have been some bug fixes and improvements around ending Jitsi calls
  • In labs (you can enable labs features in settings on develop.element.io or on Nightly):
  • Check out this week’s Matrix Live for a preview of video rooms :)

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Manu says

  • We’re thinking about new ways to give flexibility on the Home screen - watch this space!
  • The new Create Account flow is being implemented, currently we’re working on the captcha and T&Cs pages
  • Fix several crashes like when searching or when clicking bottom bar twice
  • Improve interaction with spaces which are in a space
  • ElementX-iOS
    • We are going to share more and more about ElementX-iOS, a complete rewrite of the Element-iOS app using matrix-rust-sdk. We made a prototype last quarter. The result was so promising that we want to go full steam on it
    • We are finishing the setup of the project to have a good developer experience
    • Then, we will attack user stories listed in this board that target the personal message use case
    • Watch the today TWIM video with Stefan, Manu and Thib for more details

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

benoit announces

  • Work is moving forward with our proposals for a new app layout, we’re excited to share it with you
  • Our Create Account experience is still being updated, we’re currently working on ensuring that the Sign-in pieces work as expected
  • Fixed a number of crash bugs around calls, launching app and space list
  • Notifications have have been improved so that there is a noise for every notification which is received when they are enabled, in line with how web and iOS work
  • On the SDK side, we are working to improve / clarify / document the public API. It’s still in progress, but the generated API documentation is already visible here: https://matrix-org.github.io/matrix-android-sdk2/

Dept of Non Chat Clients 🎛️

Populus Viewer (website)

A Social Annotation Tool Powered by Matrix

gleachkr reports

Over the last two weeks, the theme in populus-viewer development has been permissions:

  1. The settings menu for rooms has been redesigned
  2. It's now possible to assign and remove standard roles (admin and moderator) from populus viewer
  3. It's now possible to set power levels for standard events and actions from populus viewer
  4. It's now possible to ban and unban using the membership management modal
  5. Redacting the messages of others is now exposed as an action for those with that permission.

Besides that, I've been having some fun on the css-overhaul branch reorganizing some design elements, and centralizing the color CSS in a few variables, opening the way for things like a dark mode and user-definable themes. Here's a peek at the new milder and more welcoming default look:

gleachkr says

The permissions work now has us at one thousand commits. Here's to the next thousand! 🎉 As always, if you want to learn more, follow project progress, or talk about the future of social annotation on matrix, come join us at #opentower:matrix.org.

Matrix Wrench (website)

Matrix Wrench is a web client to tweak Matrix rooms.

ChristianP announces

Matrix Wrench 0.7.0

I'm working on a few features for Wrench's anniversary on 13th June. Here's a bug fix for storing identities and a new button to check your membership status in a room.

  • Added: A "Am I a member?" button tells your membership state in a room.
  • Fixed: Unchanged identities got deleted from localStorage when editing identities twice.

Dept of SDKs and Frameworks 🧰

Trixnity (website)

Multiplatform Kotlin SDK for Matrix

Benedict says

After a few release candidates and weeks later, we released Trixnity 2.0.0 today! It contains many breaking changes due to a large refactoring, which allows us to share a lot code between server and client implementations of the Matrix APIs. This means, that Trixnity can be used to implement matrix servers in addition to application services and clients!

Trixnity finally has support for Kotlin/JS. You can implement a browser client or even better: multiplatform client. Support for Kotlin/Native will follow soon (e. g. for iOS clients). Right now, there is no trixnity-client-store implementation for JavaScript (e. g. IndexedDB), so you need to stick with InMemoryStore at the moment.

Besides notification support (push rules are evaluated), we introduced helpers to get the complete timeline as Kotlin-Flow (no more complicated loops to get the timeline). You can even subscribe to all timeline events, which is really helpful to implement bots with e2e encryption support. Speaking of e2e encryption: libolm is bundled into trixnity-olm jars, so you don't need to build olm by your own anymore.

These are the most important features. For the complete changelog, have a look at the release candidates.

Matrix Dart SDK (website)

Matrix SDK written in pure Dart.

Henri Carnot [famedly] announces

This week the team released version 0.9.0 which contains new features and some refactoring as many deprecated endpoints were removed so make sure to use the new ones when doing the migration. Support for the Element recent emoji (io.element.recent_emoji) was added. A new method to get the last read marker was added. Lastly, the timeline logic was enhanced, and it's now possible to load the timeline at a specific event. So you can load the room to the last event and then paginate through the new events. When reaching the last event, the timeline will automatically allow new events to be added in the timeline when received.

See you next week ;)

Dept of Ops 🛠

Cadair announces

I have spent the day ignoring more important things and trying to have something to TWIM. I wrote (yet another) GitHub Action for sending build status to matrix rooms. This action looks at all the completed jobs in your workflow and posts a combined status for the workflow as a message and reactions for all the individual jobs, inspired by the maubot GitLab plugin.

Dept of Bots 🤖

Sundar

Hyperbased in Hyperspace says

Hello together. I made a generic bot, named Safed Sundarata, or Sundar in short, that should make it easy to get basic special functionality working. It has a lot of different functionality so you have an example code to work off of. The main motivation for this bot was to provide an !error <code> command for the developers in the ReactOS Matrix Rooms, which translates error codes to human readable text. Then of course i added other useful or fun commands to the bot. You want to read the Readme to find out more. This is the first time i ever wrote a bot, so feedback and corrections to the Source Code are highly appreciated. It is written in Go using the mautrix-go framework (thanks tulir and everyone who worked on this making it easy!). Even easier is to run and build it with go, no insane build system with broken dependencies required, which was the reason why i made it from scratch.

Mjölnir (website)

The moderation bot for Matrix

Gnuxie 💜🐝 announces

Mjölnir

We have released v1.4.2 of Mjolnir https://github.com/matrix-org/mjolnir/releases/tag/v1.4.2 which includes:

Bot:

  • A new JoinWaveShortCircuit protection, thanks to Jonathan with https://github.com/matrix-org/mjolnir/pull/280. This protection can be used to detect a mass-join scenario and set the room to invite-only.
  • Change of behaviour: Mjolnir will now apply server ACL and member bans to the most recently active rooms first (while syncing). The order was random before.
  • The causes of errors at startup (e.g. via misconfiguration) have been made more clear.
  • The image with the latest tag on dockerhub is now correctly in sync with the main branch.

Synapse Module:

  • The python module version is now in sync with the current git tag.
  • The Readme's example config has been fixed (thanks to Maranda ).

graim (website)

A bot to moderate communities bridged with Discord via matrix-appservice-discord

luphoria announces

I am releasing a brand new moderation bot, graim! This bot allows you to moderate communities that are bridged with Discord via matrix-appservice-discord. You can tie a Matrix account to a Discord account, and moderate both platforms seamlessly from either end! Graim supports one Discord server and as many Matrix rooms as you want, per instance. :) You can run it yourself from the Github - https://github.com/luphoria/graim You can join the matrix space, which is bridged to the Discord server

Dept of Events and Talks 🗣️

andybalaam says

I'm streaming every week live coding Rust and Matrix at https://twitch.tv/andybalaam and https://andybalaam.uk.to (Owncast). Feel free to join me as I write a Rust Matrix bot. I'm currently on a side quest to add Redis support to the matrix-rust-sdk crypto store. You can watch past streams at diode.zone/a/andybalaam.

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1maunium.net271.5
2envs.net388
3aria-net.org472
4matrix.nkrw.art687
5quyo.de719
6computerlie.be809
7magdeburg.jetzt847.5
8mindlesstux.com877
9alemann.dev1008
10fab.network1196

#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1matrix.awesomesheep48.me310
2conduit.grich.sk445
3dendrite.s3cr3t.me455
4cry.is579
5foxo.me738
6beckmeyer.us752
7grin.hu1142
8sspaeth.de1255.5
9forlorn.day1680
10pohiijekpkd55sbbrcbufkner2wkq3lcv7ruyxwjsgimrb5acbiupead.ml1813

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.58 released

05.05.2022 00:00 — Releases Brendan Abolivier

Synapse 1.58 is out! Let's dive into this new release.

Poetry

If you've been reading the past few Synapse release announcements, you might have already heard about our efforts to integrate Poetry into Synapse. Poetry is a tool which manages dependencies of a Python project. Its killer feature is its lockfile, which explicitly pins all dependencies (direct and transitive) to a fixed version, even across multiple Python versions and platforms. See more about why we choose Poetry here.

During the past few months, we've been hard at work converting Synapse and its CI to use Poetry. The goal is to make our Docker images and Debian packages more reproducible and to provide a fixed, known-good environment for CI. This will help us to ensure the stability and security of Synapse installations.

Synapse 1.57's Docker image was the first to use Poetry; after a successful trial, this was extended to Synapse 1.58's Debian packages. Installations from PyPI using pip will not use the locked environment, though everyone is welcome to install from source using our lockfile.

Huge props to David from the Synapse team for leading the work on this front.

Everything else

This release of Synapse also includes performance improvements around sharing device list updates, which should greatly improve login times for large Matrix accounts.

Synapse 1.58 also features the implementation of two MSCs: MSC3383 to include a destination parameter in federation authentication headers, and MSC2815 which (if enabled) allows room moderators to see the content of a redacted event (as long as it hasn't already been deleted by the homeserver).

See the full changelog for a complete list of changes in this release. Also please have a look at the upgrade notes for this version.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Beeper, Dirk Klimpel, Famedly and Sami Olmari.

0.34.0 security release for matrix-appservice-irc (High severity)

04.05.2022 11:02 — Releases Tadeusz Sośnierz
Last update: 04.05.2022 09:27

We've released updates to matrix-appservice-irc and our forked node-irc that it depends on to patch a High security vulnerability. It's advised to update to 0.34.0 as soon as possible.

The vulnerability allows an attacker to manipulate a Matrix user into executing IRC commands by having them reply to a maliciously crafted message.

Incorrect handling of a CR character allowed for making part of the message be sent to the IRC server verbatim rather than as a message to the channel.

If you are currently a matrix-appservice-irc user, exercise caution when replying to messages from untrusted participants in IRC bridged rooms until your bridge instance has been upgraded.

The vulnerability has been patched in node-irc version 1.2.1 and matrix-appservice-irc 0.34.0. You can get the release on Github.

The bridges running on the Libera Chat, OFTC and other networks bridged by the Matrix.org Foundation have been patched.

The vulnerabilities are tracked as GHSA-37hr-348p-rmf4 and GHSA-52rh-5rpj-c3w6.

Thank you, Val Lorentz for reporting this vulnerability.

This Week in Matrix 2022-04-29

29.04.2022 19:05 — This Week in Matrix Thib

Matrix Live 🎙

Dept of Status of Matrix 🌡️

Thib says

Taking my GNOME Foundation hat on for this news: the GNOME Foundation is adopting Matrix! Is this TWIM worthy? It probably wouldn't have been if it wasn't for all the great work of Gwmngilfen! We published a joint blog post (though in all fairness Greg did all the heavy lifting) to explain how the decision was taken, and transparently share the data we had at hand.

In practice that means after years of Matrix being around in the GNOME community and being the most popular platform, it's finally moving out of the grey zone of "everyone is using it but some older contributors really like their current set up, so it exists but it's not officially our primary platform". For now we're keeping both our Matrix instance and the bridge to GIMPnet (the IRC network GNOME people have been using for years). The major change is that IRC is now our legacy, so if tradeoffs have to be made Matrix will keep the premium experience.

Again, huge shout out to Gwmngilfen who gave meaning to the data I handed to him.

https://blog.ergaster.org/post/20220425-adopting-matrix/

Dept of Spec 📜

Andrew Morgan (anoa) reports

Spec

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

New MSCs:

MSCs with Proposed Final Comment Period:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

Merged MSCs:

  • No MSCs were merged this week.

Spec Updates

Hello again everyone! Your regularly-scheduled TWIM Spec update has returned, along with graph-based media!

Quick news to point out this week is that a new maubot plugin has been written to simply note the details of MSCs after their IDs ("msc1234") have been posted in a room. The bot supports multiple MSC IDs in a message, message edits, threads and end-to-end encrypted rooms.

A copy of the bot is currently running under @mscbot:matrix.org, so feel free to invite it to a room if you'd find that useful!

Random MSC of the Week

The random MSC of the week is... MSC3216: Synchronized access control for Spaces!

This MSC serves as an alternative to MSC2962, and essentially allows for user permissions to be simultaneously enforced across a set of rooms in a Space. This would allow functionality to users of platforms like Discord, where a user can be a moderator in a guild, and thus in all of that guild's channels.

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

richvdh says

A few operational issues have taken up quite a bit of the team's time this week, but we've still found time to cut a couple of release candidates of v1.58. Highlights include:

We're also excited to see quite a few contributions from outside the core maintenance team: thanks to Dirk, Beeper, Famedly and everyone else in the community who has made pull requests!

Meanwhile on the core team, Sean has been continuing to lay groundwork for faster room joins, and Olivier has been doing some exciting work so that we will (finally) be able to test Synapse in worker mode under Complement.

Dendrite (website)

Second generation Matrix homeserver

neilalexander says

This week we announced Dendrite 0.8.2 with a bunch of usability fixes. As always, join us in #dendrite:matrix.org for more discussion and updates.

Features

  • Lazy-loading has been added to the /sync endpoint, which should speed up syncs considerably
  • Filtering has been added to the /messages endpoint
  • The room summary now contains "heroes" (up to 5 users in the room) for clients to display when no room name is set
  • The existing lazy-loading caches will now be used by /messages and /context so that member events will not be sent to clients more times than necessary
  • The account data stream now uses the provided filters
  • The built-in NATS Server has been updated to version 2.8.0
  • The /state and /state_ids endpoints will now return M_NOT_FOUND for rejected events
  • Repeated calls to the /redact endpoint will now be idempotent when a transaction ID is given
  • Dendrite should now be able to run as a Windows service under Service Control Manager

Fixes

  • Fictitious presence updates will no longer be created for users which have not sent us presence updates, which should speed up complete syncs considerably
  • Uploading cross-signing device signatures should now be more reliable, fixing a number of bugs with cross-signing
  • All account data should now be sent properly on a complete sync, which should eliminate problems with client settings or key backups appearing to be missing
  • Account data will now be limited correctly on incremental syncs, returning the stream position of the most recent update rather than the latest stream position
  • Account data will not be sent for parted rooms, which should reduce the number of left/forgotten rooms reappearing in clients as empty rooms
  • The TURN username hash has been fixed which should help to resolve some problems when using TURN for voice calls (contributed by fcwoknhenuxdfiyv)
  • Push rules can no longer be modified using the account data endpoints
  • Querying account availability should now work properly in polylith deployments
  • A number of bugs with sync filters have been fixed
  • A default sync filter will now be used if the request contains a filter ID that does not exist
  • The pushkey_ts field is now using seconds instead of milliseconds
  • A race condition when gracefully shutting down has been fixed, so JetStream should no longer cause the process to exit before other Dendrite components are finished shutting down

Dept of Bridges 🌉

matrix-appservice-kakaotalk (website)

A Matrix-KakaoTalk puppeting bridge.

Fair announces

The bridge should finally be at "Good Enough" status--and to celebrate, I've bumped the version to 0.2.0 🥳

Features & fixes include:

  • KT->Matrix file messages
  • Matrix->KT room leaves
    • To leave a KT channel from Matrix, issue the !kt leave command in a portal room.
  • Ability to name the virtual "device" for the KakaoTalk login session created by the bridge
    • This makes it easier to distinguish between multiple login sessions of the bridge
  • Improvements to KT->Matrix joins, kicks, and admin status
  • Many significant stability & correctness improvements
  • Docker support
    • This is currently in the testing branch until I can confirm that it works properly

I've also opened a PR to showcase this bridge on https://matrix.org/bridges/ 😃

Discussion: #matrix-appservice-kakaotalk:miscworks.net Testing room: #kakaotalk-bridge-testing:miscworks.net / https://open.kakao.com/o/gjGQFuae Issue page: https://src.miscworks.net/fair/matrix-appservice-kakaotalk/issues

Dept of Clients 📱

Element (website)

Everything related to Element but not strictly bound to a client

Danielle says

Threads

  • The Threads Beta is live! Turn it on in Labs

    • Let us know your feedback as we continue to work on this feature.

  • The next step for Threads is improving our notifications and push rules on threaded messages. We’ve drafted some MSCs and are excited to move them forwards.

Community testing

  • Thank you all who joined the async community testing sessions.

  • Next week, we are planning to test:

    • Improvements to the new search experience on web
    • Video rooms!
    • And the new release candidate

  • For more info on our next testing sessions (sync or async), you can join us at #element-community-testing:matrix.org!

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle says

  • We have increased our pool of issue triagers, so expect to meet more of our web team on GitHub

  • Published epic issue for our tech strategy for 2022

  • The way that read receipts are displayed in rooms with lots of people has improved

  • In labs (you can enable labs in settings on develop.element.io or on Nightly)

    • Focusing on resolving last issues with threads, currently blocking on MSCs for read receipts for threads and push rules for mutually related events
    • Video rooms are getting ready to enter beta!

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Danielle announces

  • The leaving space experience is now in line with web: you can leave all rooms, none of the rooms or only selected ones
  • Our first time user experience and create account flow is being improved.
  • Started prototypes for IA experiments. We’re hoping to make the app much easier to use and will test out new interactions and patterns to see what works for users.

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

Danielle reports

  • Hard at work fixing bugs - we’ve squashed one where the UI would freeze after incremental syncs and we’ve also made improvements to the read line and read markers.
  • Our team is still working on the sign up flow. It’ll be ready soon and we hope that new-to-element users will find it much easier (and less scary) to create an account and get chatting.
  • We’ve started designing and building prototypes for a new home experience; we’re excited to start experimenting with ways we can simplify our app.

Dept of Non Chat Clients 🎛️

Thirdroom (website)

A browser-based open metaverse client

Matthew reports

lots of exciting progress happening on Third Room - an open metaverse client powered by Matrix: https://github.com/matrix-org/thirdroom/discussions/47

Matrix Wrench (website)

Matrix Wrench is a web client to tweak Matrix rooms.

ChristianP says

v0.6.2

  • Added: A "Remember login" checkbox lets you decide whether to store an access token in localStorage.
  • Added: The room lists now have external matrix.to links.

Dept of SDKs and Frameworks 🧰

Ruma (website)

A set of Rust library crates for working with the Matrix protocol. Ruma’s approach to Matrix emphasizes correctness, security, stability and performance.

Jonas Platte announces

Our last update included the words "if things go to plan", and even though that's usually calling for trouble, not so this time! We released Ruma 0.6.0 yesterday and apart from a tiny missing feature that was fixed and released as 0.6.1 today, everything went smooth 🙂

The biggest breaking changes are

  • new owned identifier types – calling .to_owned() on &UserId now gives you an OwnedUserId instead of Box<UserId>
  • a new event enum hierarchy, where redacted events are better taken into account

Also, with this release we can now claim practically 100% coverage of Matrix v1.2, that is you can send and receive requests for all specified endpoints of the various APIs, as well as send and inspect all specified event types, all with a strongly-typed Rust API.

Dept of Ops 🛠

matrix-docker-ansible-deploy (website)

Matrix server setup using Ansible and Docker

Slavi reports

Thanks to Aine of etke.cc, matrix-docker-ansible-deploy can now set up the Buscarron bot. It's a bot you can use to send any form (HTTP POST, HTML) to a (encrypted) Matrix room

See our Setting up Buscarron documentation to get started.

Buscarron (website)

Web forms (HTTP POST) to matrix

Aine reports

the Miounne's successor is here - meet Buscarron!

There were no news about miounne for a while because we worked on a new "iteration" that can handle matrix encryption (thanks to the mautrix-go).

So, here is it - Buscarron v1.0.0 with e2e encryption and multiarch (arm32, arm64, amd64) support. It can handle any HTTP POST/HTML form and send it to a (encrypted) matrix room. Of course, Buscarron has small neat features like spam checker and rate limiter.

etke.cc is migrating to Buscarron and deprecating Miounne.

Go check out the source code and say hi in the #buscarron:etke.cc

Dept of Bots 🤖

Location streams bot for MSC3489

ChristianP announces

I wrote a small, extensible bot that replays GPX recordings as a location sharing stream. This is an implementation of MSC3489: Sharing streams of location data with history and may help you debug the feature or see it with real world data. Join my Space to see this in action (with the Element Web Labs feature): #geo-trackers:iot-staging.ems.host or run the bot with your own rooms and GPX files. https://gitlab.com/jaller94/matrix-location-sharing

Opsdroid (website)

An open source chat-ops bot framework

Cadair says

Opsdroid 0.26 has been released this week. Included in this release are some improvements to the Rasa NLU parser if you want natural language training for your matrix bots as well as some small documentation improvements to the matrix connector and other bug fixes. Big thanks to Oleg for many of the changes as well as all the other contributors.

Matrix Community Manager (website)

The highly configurable message aggregation and filtering bot for matrix!

Sleuth reports

Matrix Community Manager has seen some work in the features department over the past week.

With the new Ansible playbook I think it's possible for someone with a bit of Ansible experience to get this bot up and running in under 10 minutes. I did a fresh install in 4 minutes. That is a fresh VPS and creating a new matrix account. Instructions for the Ansible deploy can be found here.

The major features are:

  • An Ansible playbook that should simplify the installation process for new users.
  • Edits to the message that triggered the bot will now be reflected in the bots message. This bot now has a feature Twitter doesn't have :laughing:.
  • Hashtags are now called filters. Filters are more customizable allowing for custom delimiters and now show the originating room.
  • The AutoJoin feature has filters to control who or from where invites will be excepted.
  • Announcements can have more than one output room. Using a comma separated list of room ids.

A few bugs were fixed as well:

  • Some text characters were causing messages to be classed incorrectly thus causing crashes.
  • Exotic characters specifically in links were causing crashes.

Come chat on Matrix

Dept of Events and Talks 🗣️

Matrix Meetup Berlin

ChristianP says

We're meeting on Fri, 6th May at 6:30 PM in the c-base. Please join us, if you're looking for locals who work with Matrix and use it regularly. Our Matrix room is Matrix Meetup Berlin.

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1maunium.net259
2envs.net315
3neko.dev366
4carnot.cc481
5tchncs.de562.5
6jeroenhd.nl588
7broccoli.town604.5
8kohlernet.de762
9matrix.cirk2.de867
10quyo.de1126

#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1carnot.cc294
2matrix.sum7.eu389
3cry.is499.5
4foxo.me654
5rustybever.be693.5
6matrix.awesomesheep48.me898
7beckmeyer.us899
8sspaeth.de991
9dendrite.matrix.org1370.5

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

This Week in Matrix 2022-04-22

22.04.2022 00:00 — This Week in Matrix Thib

Matrix Live 🎙

Dept of Servers 🏢

Synapse (website)

Synapse is a Matrix homeserver implementation developed by the matrix.org core team

dmr says

Hello again everyone. This week the team released Synapse 1.57.0, followed by a 1.57.1 patch release that fixed a problem in the 1.57.0 docker image.

This week was a little on the quieter side again, with some of us away on holiday and others away with illness. Nevertheless, this week develop saw a variety of activity. Some personal highlights:

  • Shay's effort to document Synapse's numerous config options landed. This is a huge and comprehensive effort that'll help administrators to understand all the options they have to configure Synapse.
  • Further progress from Rich on the fast room joins project. In some tests we've seen a 5x speed-up over the status quo!
  • A subtle bugfix from Erik which corrects incorrect counts in one of the Admin API endpoints.
  • The remainder of the poetry work has landed. There were a few last-minute complications in CI to smooth out, but we've now finished the migration. Synapse's docker images and debian package now come with a fixed set of dependencies (even transitive ones) in a way that lets us support multiple Python versions and interpreters.

We're looking forward to shipping these in Synapse 1.58, whose RC is scheduled for Tuesday the 26th of April.

I'm also keen to see how PR 12522 from Rich and Olivier progresses. It aims to fix a nasty memory bug which can cause Synapse to get stuck in an OOM loop.

As ever, I'd like to express thanks to our community of users, server operators and contributors. Thanks are also due to @callahad: today is his last day of managing the Synapse team. We're all going to miss him and wish him well: thank you for everything you'd done over the last year and a half.

Dept of Bridges 🌉

Heisenbridge (website)

Heisenbridge is a bouncer-style Matrix IRC bridge.

hifi reports

Release v1.12.0 🥳

  • Make MAXLINES and PASTEBIN option available to every room & global defaults (thanks @BtbN)
  • Fix 'NoneType' is not iterable error (thanks @BtbN)
  • Upgrade to Mautrix 0.16

Not much to see here. A small contribution release which is always a nice thing when people come around and help 🤗.

Go and get some ☀️ sunlight from GitHub, PyPI or matrix-docker-ansible-deploy!

Thanks!

Dept of Clients 📱

Sailtrix (website)

Sailtrix is a matrix client for SailfishOS

HengYeDev says

Summary of development this week

  • Sailtrix is fixed on Sailfish 4.4, which added sandboxing to all apps
  • Sorting is fixed in the favorites tab
  • The create room dialog is fixed
  • Some validation is added to the login page
  • Sharing with other apps and bluetooth is added for newer Sailfish versions
  • SSO seems to be working, still in testing

Element (website)

Everything related to Element but not strictly bound to a client

kittykat announces

Location sharing

  • As a follow on from our previous launches, the team is building “live location sharing”. This will allow you to automatically share where you are in the world with others for a period you choose (15 minutes, 1 hour, or 8 hours), instead of sending a single static location.

Community testing

  • We ran our first async community testing session this week. Thank you all who joined in! We found 13 issues so far, which is good going.
  • We have some new features landing for the search experience on Web, join us for testing from Thursday!
  • You can join us at #element-community-testing:matrix.org to find out more!

Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle says

  • Threads is in Beta! The team is hard at work smashing bugs and improving notifications so that we can remove the beta label and get everybody access to our new feature!
    • If you’re using Threads, don’t forget to give us your feedback.
  • This week the team discussed how our Web product looks and feels to new users. While we use our own products all the time, it can be good to take a step back and ensure that our product decisions benefit all users, including the newbies. Watch this space for more info in the coming weeks as we continue to trial things that we hope will make onboarding to Element easier.
  • In labs (you can enable labs in settings on develop.element.io or on Nightly)
    • Video rooms are coming together nicely, with the addition of lobby screens and room list stickiness to wrap up the design implementation

Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Manu announces

  • The newest version of the app (1.8.13) is ready! In this release we’ve made a bunch of improvements and bug fixes, check it out here.
    • Our favourites include: Force touching room previews no longer update your read receipts, there’s a congratulations screen for new users when creating an account, and we’ve reduced the number of home page reloads.
  • Also new in product are presence indicators! From your home page or DMs you’ll be able to see if a user is present or away. Note; this is only supported if your homeserver has it enabled.
  • Upcoming; We’re working on adding ‘mention pills’ when tagging users in a room.
  • Please note; We’ll soon be removing support for iOS 12 and iOS 13

Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

benoit says

  • The team is working on fixing bugs and making improvements to flows like “ignore user”. We’ve also made some changes to the way we format code.
  • Element Android 1.4.12 is ready to be released but currently on hold in the Play Store due to rules around User Generated Content (UGC). We’re chatting with Google and the new update should be available soon.

Dept of Non Chat Clients 🎛️

Populus Viewer (website)

A Social Annotation Tool Powered by Matrix

gleachkr says

We've added two major user-facing features to populus viewer:

  1. A two-up view in the pdf viewer, allowing you to view and annotate two pages at once on a wider screen
  2. An audio viewer, complete with audio annotation, so that you can annotate temporal segments of an audio recording

I'm especially excited about the latter - being able to discuss audio recordings will be a great teaching tool, and I'm hoping it might also be useful for things like people who want to talk about podcasts together (for purposes of editing, or just for fun), and people who want to annotate recordings of public talks of various kinds. The last use case would also be pretty well served by video annotation - so that's now rising on the agenda. I've created an MSC, here where I'll be filling in the details of a proposed format for interoperable audiovisual media annotations. As always, if you've got questions, want to follow development progress, or just want to talk about the future of social annotation on Matrix, come join us at #opentower:matrix.org.

nheko-krunner (website)

A KRunner plugin to list joined rooms and possibly other things from nheko.

LorenDB says

nheko-krunner has finally been released! Version 0.1.0 contains several handy features such as searching your rooms, joining new rooms, and starting and switching to direct chats. Furthermore, if a room has unread notifications, nheko-krunner will let you know by tacking on a notification count to the room name (e.g. This Week in Matrix (TWIM) (1). Currently this feature is not disable-able, but I plan to dive into writing KCMs (KConfig Modules) soon so that I can add a toggle for this.

Hopefully a few people find this handy, and remember that if you don't use KDE, nheko still has a handy D-Bus API that you can use to write integrations with other software.

Dept of SDKs and Frameworks 🧰

matrix-rust-sdk (website)

Matrix Client-Server SDK for Rust

Jonas Platte says

Over the last weeks, we've been doing a lot of refactoring in preparation for the 0.5.0 release, but we also

Matrix Dart SDK (website)

Matrix SDK written in pure Dart.

Henri Carnot [famedly] says

We haven't done any regular posts about it in a while, but the SDK sees almost weekly releases. (We did release version 0.8.20 last week) If you forgot about it, the Matrix Dart SDK is the SDK FluffyChat, the Famedly clients and a few others use. Let me summarize some of the changes for those who haven't kept up:

One of the killer features is probably WebRTC support 🚀. It handles all the signalling for you, which makes integrating call support into your Flutter or Dart Matrix client fairly simple. Currently it supports version 1 of the call protocol, which is still an MSC and implements a few of the other MSCs. Experiments with group calls are still in progress.

We also switched databases a few times and tuned it more (we posted about FluffyBox last year). The database backend should now be a lot more stable and more performant, while also using less memory.

Continuing with stability, we worked a lot on how the timeline is stored and structured, leading to a much more robust experience. The SDK is also now completely nullsafe 🎉, which gets rid of a lot of annoying error modes. There were some fixes to E2EE here and there, but mostly the experience has been really solid and didn't need much work.

Some of the more recent developments include widget support as well as improving the file upload experience. The SDK now inserts a dummy event for a pending upload, images are thumbnailed and resided in a different isolate and uploads are automatically retried after a connection failure. We are also working on improving the push support, making it easier to fetch events from a push.

And I'm currently working on bringing fragmented timeline support. Nico told me it would be pretty (not) easy to do... and I have to say, he was right. Good first issue 🙃

See you next week ;)

Dept of Ops 🛠

Nix-matrix-appservices

Pacman99 announces

I've created a NixOS module, nix-matrix-appservices, that can simplify the bootstrap and maintenance of matrix appservices on nixos. With it, appservices can be spun up easily with registration and tokens handled by the module. Most mautrix and mx-puppet bridges have been tested to work and they can be setup in a couple lines of nix code. There are plenty of options you can make use of to configure more complex appservices. You can find the the code, matrix room(gitlab badge), and usage information here: https://gitlab.com/coffeetables/nix-matrix-appservices

Synatainer (website)

Synapse Maintenance Container – Docker container with tools for synapse & postgres database maintenance

saces announces

Synatainer v0.4.0

New since v0.3.x

  • autocompressor have only one setting
  • add a golang tool stui - synatainer terminal ui
  • replace the vacuum shell script with stui

stui is a typical golang binary, it's also available as stand alone version from the release page

For now it can only do a full vacuum and show some rugged formatted database info

[docker run -it --rm registry.gitlab.com/mb-saces/synatainer:latest] stui vacuum-db --help
[docker run -it --rm registry.gitlab.com/mb-saces/synatainer:latest] stui db-info

The doc have a lot of space for improvements…

Start the container without command and let do its magic :)

What it does by default:

  • daily:
    • purge all rooms without local members
    • run the state autocompressor (500/100)
  • weekly:
    • delete old remote media (>90 days)
    • delete old message history from public joinable rooms (>180 days)
  • monthly:
    • vacuum the database

Source: https://gitlab.com/mb-saces/synatainer

Room: #synatainer:c-base.org

Compose example: https://gitlab.com/mb-saces/synatainer/-/snippets/2264828

If you are looking for a docker container with just the auto compressor for linux amd64/arm64 in it, her you go: https://gitlab.com/mb-saces/rust-synapse-compress-state

matrix-docker-ansible-deploy (website)

Matrix server setup using Ansible and Docker

Slavi announces

Thanks to Julian-Samuel Gebühr (@moan0s) - moanos [he/him], matrix-docker-ansible-deploy can now help you set up matrix-registration-bot - a bot that is used to create and manage registration tokens for a Matrix server.

See our Setting up matrix-registration-bot documentation to get started.

Slavi says

Thanks to Aine of etke.cc, matrix-docker-ansible-deploy can now set up Borg backups with borgmatic of your Matrix server.

See our Setting up borg backup documentation to get started.

Dept of Interesting Projects 🛰️

MinesTRIX (website)

A privacy focused social media based on MATRIX

Henri Carnot announces

just did release V.1.5.5 today, this is the last update since a few months ago.

Some of the changes are:

  • feat: compliance to the latest version of MSC3639: Matrix for the social media use case
  • feat: added images support for posts. You can now send multiple images in a post and display them in a gallery view.
  • feat: New emoji picker, you can now select and react to message in one continuous press.
  • feat: Comments nesting, (using threads)
  • feat: Image comment (read only :()
  • feat: Dark theme support
  • feat: New settings page (added a lab section :D, seems you need to have one if you want to build a proper Matrix client)
  • feat: proper emoji support for desktop. Thanks fluffychat :)
  • feat: Initial story support
  • feat: various UI enhancements.

Concerning the messaging feature:

  • feat: Initial poll support
  • feat: read only spaces support
  • feat: room list search box
  • feat: chat settings dialog
  • feat: read receipts list dialog
  • feat: reaction list dialog
  • feat: now use rounded avatar. Let's be consistent with other clients.
  • feat: better display for replies and m.notice.
  • feat: Localization support thanks to the Matrix Dart SDK

And some work already in for multiple profiles support, and profile as space (just use a public space to store your profile rooms).

If you are interested, come say hi in the room.

PS: You can also help us to design the underlying MSC, especially, we need some opinions on how to name things (the profile rooms) the room !!

Dept of Ping 🏓

We know you missed it, here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1envs.net359.5
2intothecyber.space443
3tedomum.net468
4maescool.be693
5jeroenhd.nl729
6jauriarts.org734
7alemann.dev855.5
8nevarro.space969
90wnz.at998
10quyo.de1494

#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1nognu.de278
2cry.is391
3rustybever.be558
4sspaeth.de700.5
5beckmeyer.us911
6grin.hu981

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!