This Week in Matrix 2022-02-18

2022-02-18 — This Week in Matrix — Thib

🔗Matrix Live 🎙

🔗Dept of Spec 📜

Hello everyone! It's me, not-anoa, here with your weekly spec update. I finally got the scripts to run which means you get a proper update once again (yay).

The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

🔗MSC Status

MSCs in Final Comment Period:

MSC3589: Room version 9 as the default room version (merge)

MSC3582: Remove m.room.message.feedback (merge)

New MSCs:

[WIP] MSC3726: Safer Password-based Authentication with BS-SPEKE

MSC3725: Content warnings

MSC3723: Federation /versions

Closed MSCs:

MSC3286: Media spoilers

🔗Spec Core Team

In terms of Spec Core Team MSC focus for this week, we've been looking at unblocking MSC3440: Threads so it can make a smooth journey into acceptance. This involves quite a lot of work to ensure that the features we're concerned about are addressed, but so far the FCP progress on it is looking good.

We're also spending a bunch of time working out what room version 10 looks like to try and fix some usability issues with join rules and general maintenance of things like power levels. The hope is that in time for Matrix 1.3 we'll have v10 out (but not made default) for folks to experiment with.

🔗Random MSC of the week

Your random MSC is MSC2974: Widgets: Capabilities re-exchange. I swear it was actually random and only after running the script exactly once. The MSC is interesting because it allows widgets (a feature working its way into the general spec, slowly) to ask for more permissions when they need them. This ensures the widget doesn't need to ask for everything at startup (which is more likely to mean that it gets rejected), and that it can maintain a clean security state during normal operation.

One day it'll probably make it into the spec as part of the larger widget movement, but first we need to get widgets into the spec properly.

🔗The Graph

Numbers only mean so much, and graphs show progress. Here's the breakdown of MSCs over time:

🔗Of note

If you look carefully at the OpenAPI viewer, you might notice a dropdown for not-client-server APIs 👀. There's still work to be done to bring on the missing APIs, but this is in a place where it can be experimented with. Thanks to Alexandre Franke for getting this over the line :)

🔗Dept of Servers 🏢

🔗Synapse (website)

Synapse is the reference homeserver for Matrix

Brendan Abolivier reports

This week we've released Synapse 1.53.0rc1, which includes a bunch of new features, improvements, and other niceties... But more on that next week when we release Synapse 1.53.0 🙂 As usual, we're super grateful for anyone that helps us test release candidates by running them with their homeservers! Please report any breakage or feedback in #synapse:matrix.org

Apart from this we have been continuing our experimentations with Poetry to better manage our dependencies in our Python projects after we switched Sydent to it last week. We're already starting to see improvements off the back of this work, such as automated security PRs and an opportunity to centralise our automated workflows to better reuse them in our projects (see https://github.com/matrix-org/backend-meta). We look forward to bringing all this goodness to Synapse soon!

See you next week! 😀

🔗Homeserver Deployment 📥️

🔗Helm Chart (website)

Matrix Kubernetes applications packaged into helm charts

Ananace says

And my Helm Chart updates are still happening, also now listed on Artifact Hub for easier discovery. This week saw several element-web updates, finally ending on 1.10.4

🔗Dept of Clients 📱

🔗Nheko (website)

Desktop client for Matrix using Qt and C++17.

Nico says

Is using Nheko a bit of a pain on your PinePhone? Do you just want bubbles in your chat app, not raw lines of text? Does Nheko waste too much space on timestamps and other metadata for messages?

Well, I am assuming Malte was annoyed by that or similar reasons. But in the end, they did spend a lot of effort reorganizing the way Nheko layouts messages so that people can have bubbles. This should make Nheko feel much more at home on the PinePhone and it seems like they are doing even more to make Nheko a great experience on mobile devices! But just look at it yourself:

If you are scared now and you think: "This is not the Nheko I came to love!", don't worry, all of this is optional. You can play around with the different avatar sizes as well as the bubbles themselves. You can even make Nheko look like it always looked!

There will be some regressions though. If you want to contribute, it would help a lot if you test those changes and report issues that you find! <3

Apart from that, there were also a lot of other bugfixes and cleanups by various contributors. You can also hide events by type now. If you don't want to see stickers or when someone joins a room, just disable that in the room settings! Tastytea implemented that. Long usernames should now also no longer overflow the profile pages and you can reset the state for a single room using the /reset-state /command. This is helpful when updating Nheko to use widgets, but Nheko just threw those events away (or pinned messages or other state events).

That's all, have a wonderful bubbly day!

🔗Element (website)

Everything related to Element but not strictly bound to a client

kittykat reports

Hello and welcome back to another week at Element!

Location Sharing

As of this week, Location Sharing is now available by default for users on all platforms, except desktop where you can receive but not send locations.

We’re starting work on the next stage, which is to enable live location sharing, and ‘pin dropping’ where you can pick any location on a map to share.

Threads

Threads are now live in Labs on all Element platforms!

Please remember this feature is experimental; let us know your feedback and report any bugs as we continue to improve.

The teams on all platforms are working hard on improving the stability and performance of Threads.

🔗Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

kittykat says

The new search experience came out this week, you can enable it in Beta to try it out! We are collecting feedback from users to inform upcoming improvements.

We’re working hard on smashing bugs and reducing the number of defects.

🔗Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

kittykat announces

Along with closing bugs, we’re working hard on adding finesse to our app and removing some of those “papercut” issues that users experience.

Keep your eyes peeled for updates and let us know what you think!

Our first time user experience is being updated also. We’ve introduced new splash screens to help introduce Element. Don’t panic! You can skip straight to “sign-in” if this isn’t for you.

A new spinner is here… While we work on the speed and performance of the app we’ve introduced a new spinner that does not get in your way while you work.

🔗Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

kittykat says

Bugs and Papercuts… Our app is getting some love from our developer team as we try to reduce confusion and simplify flows throughout the app.

Keep an eye out for any small changes and let us know what you think!

Creating a new account in Element can be intimidating for new users, especially those who aren’t familiar with Matrix. We’re introducing new screens and simplifying our questions so that users can sign up with confidence!

If you have any feedback, or want to share your thoughts on our first time user experience, get in touch.

A new layout option hit our app this week: Message Bubbles! If you’re used to seeing inbound messages on the right, and outgoing messages on the left this might be for you. You can access the new appearance option from Settings.

🔗Dept of Non Chat Clients 🎛️

🔗Beeper media viewer

tulir says

I wrote a small web app thing that can download, decrypt and display Matrix media in a browser. The goal is to use it in the Android SMS bridge for sending attachments that are too big for MMS, but it might be useful for other things too.

Currently it consists of the web frontend, a maubot plugin to generate links, and a small server that stores file metadata (so the URLs just contain the decryption key and a short ID to find the metadata on the server). I'll probably continue working on the exact URL format to make it shorter and to encrypt the metadata, and maybe also add an alternative mode where all info is included in the URL to make the server component optional.

You can try it out by sending files in an encrypted room with @media:maunium.net. It'll reply with a link like https://media.mau.chat/AGIPyjtJQAU#KHBwuZFrv1ffCd4ZUylo8MV03P9N4sz2T75zLi1Urcw

The code can be found at https://gitlab.com/beeper/media-viewer

🔗Cactus Comments (website)

Cactus Comments is a federated comment system for the web, based on the Matrix protocol.

Asbjørn says

Cactus Comments is a comment system for the open web, built on Matrix.

Another small-ish release for the client: v0.12.0

This update introduces a new UI for the login form.

Here's the changelog:

Re-structure login form to more clearly separate matrix.to links from direct login.

Require user id (e.g. @alice:example.com) instead of username. Only show homeserver url field if .well-known lookup fails.

Add top-right "X" button to close login modal.

Login modal now closes when you press outside it.

Fix some CSS bugs related to positioning the login form in viewport center.

Make LoginForm a stateful component.

/ipns/latest.cactus.chat is updated to point to the latest release, so sites linking there should already be using the new version.

Try out a live demo: cactus.chat/demo

Join our Matrix room: #cactus:cactus.chat

🔗Dept of Ops 🛠

f0x says

I worked on adapting the NixOS module for Synapse to support worker deployments. It's a great reproducible deployment method, and super easy to configure. My module is perhaps less quality than the rest of the chain, but it's pretty neat to define your whole Matrix deployment like this: https://git.pixie.town/f0x/nixos/src/branch/synapse-workers/nodes/cosmos/containers/synapse-workers.nix#L60 and have Nix figure out all the systemd units and nginx routes that have to be added

Full Nix code for the module is at https://git.pixie.town/f0x/nixos/src/branch/synapse-workers/common/modules/synapse pictured is the ping stat for a little test deployment with 8 federation senders :P

Dandellion dares

do tell your about publishing my NixOS module for workers in a git repository as well then 👀? https://github.com/dali99/nixos-matrix-modules

🔗matrix-docker-ansible-deploy (website)

Matrix server setup using Ansible and Docker

Slavi says

matrix-docker-ansible-deploy now supports installing the matrix_encryption_disabler Synapse module (details here), which homeserver admins can use to prevent End-to-End-Encryption from being enabled by users on their homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed in this Synapse issue.

🔗Dept of Services 🚀

🔗etke.cc (website)

Your matrix server on your conditions

Aine reports

🎉 Today marks 1 year of the etke.cc! 🎉

During that year, we did:

Pushed 234 updates and enhancements to the automation framework used as the service core

Integrated 17 additional components to the matrix stack

Developed 5 bots and tools to extend matrix capabilities

Installed 92 new matrix servers

Helped 172 people and organizations to achieve their goals in the matrix

Posted 74 updates in the announcements room

Some history:

the project (not service yet) started on February 12, 2021

the first installed server was etke.cc itself (yes, etke.cc homeserver is a customer of etke.cc service from the day 1)

the second installed server was a chatbot, that uses matrix as a platform to interact with users across different chat networks (Telegram, WhatsApp, Signal, etc.) - one API to rule them all.

In May 2021 the service was published globally

#news:etke.cc | #discussion:etke.cc

🔗Dept of Bots 🤖

🔗matrix-wordle (website)

An implementation of the popular Wordle game for the Matrix Protocol.

krazykirby99999 reports

An implementation of the popular Wordle game for the Matrix Protocol.

Source: Github Repository

Made with simplematrixbotlib

🔗Setup

Install Python 3.8 or higher

Install python-poetry
python -m pip install poetry
Clone Repository
git clone https://github.com/KrazyKirby99999/matrix-wordle.git
Install Dependencies
cd matrix-wordle
python -m poetry install
🔗Usage:

Set environment variables
HOMESERVER=https://matrix.org
USERNAME=wordle-bot
PASSWORD=password # or ACCESS_TOKEN=syt_...
Run main.py
python -m poetry run python main.py
🔗Example:

🔗Dept of Interesting Projects 🛰️

TravisR reports

After a few years, matrix-room-directory-server has finally gotten an upgrade to modern times. Intended to eventually be a standalone directory server (making vanity aliases possible, but otherwise not functional as a homeserver), it currently only supports overriding the federation /publicRooms endpoint.

The changes made today are to replace the old, broken, appservice-backed approach with a space-backed approach. You can see this in action on t2bot.io: querying the room directory over federation will hit the room directory server, which is watching #directory:t2bot.io in the background to determine which rooms to serve.

🔗Dept of Guides 🧭

minecraftchest1 says

Hay y'all. I created a blog post about how to host element and matrix .well-known files using cloudflare pages that I thought might be worth sharing. Have a few kinks to work out regarding CORS (might need to clean my browsers cache) though. https://minecraftchest1.wordpress.com/2022/02/17/hosting-element-and-matrix-well-known-files-with-cloudflare-pages/ https://matrix.to/#/#minecraftchest1-blog-matrix-elemet-cloudflare:matrix.org

🔗Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

🔗#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	workers2.pixie.town	270.5
2	matrix.org	320
3	neko.dev	345
4	magdeburg.jetzt	427
5	koyax.org	491
6	jae.fi	565
7	wuks.space	664
8	fachschaften.org	703
9	balsillie.net	704
10	matrix.sp-codes.de	743.5

🔗#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	nognu.de	210
2	rustybever.be	262.5
3	cry.is	299
4	matrix.org	322.5
5	conduit.grich.sk	331
6	dendrite.grin.hu	568
7	conduit.rs	613.5
8	matrix.sum7.eu	635.5
9	dendrite.s3cr3t.me	896
10	dendrite.matrix.org	1430

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

This Week in Matrix 2022-02-11

2022-02-11 — This Week in Matrix — Thib

🔗Matrix Live 🎙

🔗Dept of Spec 📜

anoa announces

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

🔗MSC Status

New MSCs:

MSC3720: Account status

MSC3715: /relations parity with /messages

MSC3713: Alleviating ACL exhaustion with ACL Slots

[WIP] MSC3710: User groups

MSCs in Final Comment Period:

No MSCs are in FCP.

MSCs with newly proposed Final Comment Period:

MSC3440: Threading via m.thread relation

MSC3613: Combinatorial join rules

MSC3667: Enforce integer power levels

Closed MSCs:

[WIP] MSC3348: Server-Server Room based extensible communication

🔗Spec Updates

MSC3440 (threading) continues to move forward with a proposed final comment period this week. As a really useful feature in Matrix, it's great to see it getting closer to landing in the spec.

In a similar vein, MSC3613 (combinatorial join rules) had a proposed final comment period. The intention of this is to be a simple mechanism for resolving the "it's not possible to have both a restricted and knock room" situation - as both introduced mutually exclusive join rules. This MSC will likely serve as the basis of a new room version whenever it lands.

🔗Random MSC of the Week

The random MSC of the week is... MSC3144: Allow Widgets By Default in Private Rooms!

This MSC makes the case for allowing widgets to be created in private rooms by default. The actual spec for it is blocked behind having widgets in the spec (see this tracking PR if you're interested).

As noted in the PR though, this MSC could build on the existing im.vector.modular.widgets unstable prefix for widgets in order to create an implementation for this feature. It does not appear to have happened yet though.

🔗Dept of Servers 🏢

🔗Synapse (website)

Synapse is the reference homeserver for Matrix

callahad announces

Hello, TWIM! This week we released Synapse 1.52, which includes new Admin APIs for monitoring federation status and immediately retrying failed connections, as well as for reporting on rooms shared between two homeservers. We've also fixed / improved media previews for sites like Reddit. Plus lots more fixes / refactors / improvements under the hood.

This is a smaller release as it's coming off of our FOSDEM sprint, but we look forward to getting back to more regularly-sized and featureful Synapses this month.

Notably, we've been experimenting with Poetry to better manage Python dependencies in our applications (Synapse, Sygnal, and Sydent). We just switched Sydent over this week and are working out the kinks in our CI and build pipelines. We're looking forward to bringing this consistency to Synapse next month!

See you next week!

🔗Dendrite (website)

Second generation Matrix homeserver

neilalexander reports

Yesterday we released Dendrite 0.6.3 which is a primarily bug fix release. It contains the following changes:

Initial support for m.login.token

A number of regressions from earlier v0.6.x versions should now be corrected

Missing state is now correctly retrieved in cases where a gap in the timeline was closed but some of those events were missing state snapshots, which should help to unstick slow or broken rooms

Fixed a transaction issue where inserting events into the database could deadlock, which should stop rooms from getting stuck

Fixed a problem where rejected events could result in rolled back database transactions

Avoided a potential race condition on fetching latest events by using the room updater instead

Processing events from /get_missing_events will no longer result in potential recursion

Federation events are now correctly generated for updated self-signing keys and signed devices

Rejected events can now be un-rejected if they are reprocessed and all of the correct conditions are met

Fetching missing auth events will no longer error as long as all needed events for auth were satisfied

Users can now correctly forget rooms if they were not a member of the room

As always, please feel free to join us in #dendrite:matrix.org for more Dendrite-related discussions!

🔗Conduit (website)

Conduit is a simple, fast and reliable chat server powered by Matrix

Timo ⚡️ says

Conduit v0.3.0 released last week and over 50 servers already upgraded! This week we looked into some bugs that still happen with this version:

Element Android doesn't show notifications: A bug where we send 'null' instead of leaving out a field https://github.com/matrix-org/sygnal/issues/295

Missing profiles when scrolling up: Bug in multiple clients: https://gitlab.com/famedly/conduit/-/issues/233

These bugs will be fixed in the coming days.

Thanks to everyone who supports me on Liberapay or Bitcoin!

🔗Homeserver Deployment 📥️

🔗Helm Chart (website)

Matrix Kubernetes applications packaged into helm charts

Ananace announces

This week saw more updates to my Helm Charts as usual; matrix-synapse is now at 1.52.0

🔗Dendrite Helm Chart (website)

Helm Chart to deploy Dendrite on Kubernetes

jonnobrow reports

I am pleased to share that both v2 and v3 of the Dendrite Helm Chart have now been released.

🔗Dendrite Helm Chart v2

Version 2 included a bump in app version up to v0.6.0 and the necessary switch from Kafka to NATS.

🔗Dendrite Helm Chart v3

Version 3 includes the addition of polylith support as well as some general improvements and fixes.

You can find the latest version of the chart and documentation on GitHub

Thanks to @anthr76:mozilla.org and @s7evink:matrix.org for their support throughout the development of polylith mode.

🔗Dept of Clients 📱

🔗Neochat (website)

A client for matrix, the decentralized communication protocol

Carl Schwan announces

NeoChat 22.02 is out with the possibility of sharing files directly from NeoChat to other apps and services (Nextcloud, Imgur, email, ...). We also added support for minimizing the application to the system tray on startup and you can now label accounts to better organize them if you are using the multi-account feature. Aside from that, we spend some time fixing many small bugs and paper cuts reducing the total amount of open bug reports by 20%.

https://plasma-mobile.org/2022/02/09/plasma-mobile-gear-22-02/#neochat

🔗Hydrogen (website)

Hydrogen is a lightweight matrix client with legacy and mobile browser support

Bruno announces

We've release 0.2.26. You can now create rooms and direct messages with Hydrogen. There's also a bug fix in this release for replies not loading in e2ee rooms under certain conditions.

🔗Element (website)

Everything related to Element but not strictly bound to a client

Danielle announces

Welcome to another week of TWIM at Element! Here’s our updates:

Polls and Location Sharing

Polls is now out of labs, and available in the composer for all users with the latest app versions.

Location sharing is available on the mobile apps. For now you will need to enable it in settings in order to see the composer icon and send your location. As of next week’s releases it will be enabled by default on all platforms.

Threads

Threads aims to reduce cross-talk on the timeline by moving side-convo’s to the right panel. If you want to try it out, it's available in Labs on Web today and in Labs on Mobile from next week!

We’ve been working on improving the stability and speed of threads across platforms.

Community Testing

Join#element-community-testing:matrix.org to join us for future testing sessions!

🔗Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle announces

Metaspaces have landed! Giving users a new way to display favourites, DMs and rooms outside of other spaces. Switch these on in Quick Settings at the bottom left of your app.

New and improved Search! We’re pleased to move the new search experience into Beta. Head to Settings > Labs to access it.

Those of you using Nightly or Develop will see the new experience by default.

Provide feedback on your experience directly from the Search window.

On Web we’ve also been chasing away some bugs, specifically desynced memberlist and stale display names.

In Labs (Enable labs features in settings on develop.element.io or Nightly)

Threads: The MSC is available here MSC3440

J. Ryan Stinnett announces

Thanks to everyone who tested the maximised widgets feature which was recently added to Element Web. It received a sudden burst of attention as part of the FOSDEM conference. 😄 This week we've been fine tuning the feature to ensure it works for more workflows, and we've also cleaned up various associated widget bugs. In particular, in the develop version of Element Web, the pin and maximise actions are more consistent accessible, so you can toggle between pinned and maximised if e.g. you're in a conference room and temporarily want the stream widget to be larger while still having access to the chat timeline.

Next week we'll be focusing more on our Matrix-native collaborative document plans.

🔗Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Doug says

The next update of iOS (1.8.0) will have improved emoji reactions and location sharing will be on by default!

We will also be releasing fixes to the incorrect scrolling on the timeline and home screen sorting.

Work on a Rust prototype is also underway. We’re excited to learn about the opportunities and advantages of this approach as we start to learn and experiment.

In Labs

From next week Threads will be available in Labs on Mobile. Switch it on and try it out!

🔗Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

adam reports

This version of the Android app (1.4.0) includes message bubbles and location sharing!

Also, notifications are back online! Some of our users were experiencing intermittent notifications when connected to wifi, but ‘tis no more.

We’ve also squashed a bunch of other bugs, our favourites include:

Welcoming back some font weights that had disappeared

Fixing statuses in the timeline for missed or rejected calls

Closing the “Invited to Space” dialog after you invited someone to the Space…

In Labs

Threads have landed in Labs. Switch it on and try it out!

🔗Beeper (website)

All you chats in one app.

Brad Murray says

Beeper is a universal chat app built on top of Matrix. We've created 12+ open source Matrix bridges and integrated them into an easy to use all-in-one service which does not require setting up your own homeserver.

We’re excited to announce that as of today we are now out of Beta! We have been hard at work and we’re now ready to be sharing Beeper with a lot more people, starting first with the people we’ve built up on our waitlist.

For more details and demos on the current state of Beeper, including our recently rebuilt and relaunched iOS app, check out the update on our blog: https://blog.beeper.com/p/beeper-update-4-out-of-beta or watch the video below.

🔗Dept of Non Chat Clients 🎛️

🔗Matrix Wrench (website)

Matrix Wrench is a web client to tweak Matrix rooms.

ChristianP announces

The new version contains two new features around the Synapse Admin API, making someone a room admin and listing all unencrypted media URLs.

I've had some good ideas on how to make Matrix Wrench cover more use cases while staying simple for both users and me as a developer. New components allow me to add new API endpoints in as little as 7 lines. So far this only applies to simple endpoints without parameters, like joining and leaving a room, but it can be expanded to more endpoints because of how similar all Matrix endpoints are. Props to the Spec! 🙌

Stay tuned for an editable UI coming soon™️.

🔗Dept of SDKs and Frameworks 🧰

🔗Trixnity (website)

Multiplatform Kotlin SDK for Matrix

Benedict says

Trixnity is now on version 1.1.7. Since 1.1.0 we have fixed many bugs and added some improvements and features. Our reference client runs amazingly reliable and fast thanks to Trixnity 🚀

Features and improvements:

support presence

support read receipts

support push notifications API

add Unknown to UserTrustLevel

basic support for relates_to field

🔗Halcyon (website)

Halcyon is an easy to use matrix library inspired by discord.py

gen3 says

Version 1.1.1 released This was a quick bugfix release for a finding by jeffcasavant, in which joining a room with a predecessor, the bot could crash. Thanks Jeff!

If you missed it last week, I published a template / demo stock reporting bot you can find here: https://github.com/WesR/Halcyon-stock-bot . Short and sweet, this little bot should be a great starting point if your looking into making a bot. Make sure to also checkout the library itself for more examples, and usage information https://github.com/WesR/Halcyon.

I'm always looking for more feedback, and love to see what people are working on. Come hangout with us in the Halcyon room: https://matrix.to/#/#halcyon:blackline.xyz

🔗Dept of Interesting Projects 🛰️

🔗Pretix Matrix Plugin

Felix says

We have been using Matrix as a chat solution for the attendees of our biannual conference (KIF) and for new students during the introduction week, as well as Pretix to register attendants. Up until now the process to invite attendees to the corresponding Matrix Rooms and Spaces involved some curl and jq magic as well as manual intervention to connect both.

We have now replaced said manual process with a Pretix plugin that invites registered attendees to a configurable Matrix Room or Space. This plugin is now available on the Pretix marketplace or directly from its repository.

🔗Gatho

Jake C announces

I'm excited to share a side-project I've been working on for the last ~3 months: Gatho (http://gatho.party) - a web app for hosting small gatherings.

Gatho is perfect as a replacement for Facebook Events for small social gatherings. I'm a 24 year old Australian who recently deleted Facebook - I've used Gatho for a few parties now and the guests have loved it!

Gatho includes a Matrix bot which, when added to a room, can synchronise RSVP emoji reactions to a linked Gatho event! See gatho.party/getting-started to hear how the Matrix synchronization works.

You can also create one-click RSVP links to send to your friends - no matter which chat/social app they use!

It's fully GDPR compliant and multi-region with an EU server and database, and uses NextAuth.js for passwordless authentication.

The Gatho website and bot is open source (AGPL-3.0) on Github, PRs and Github issues are very welcome! It's built using Next.js in Typescript.

I'd love to hear your feedback! Join the Matrix room at #gatho-events:matrix.gatho.party

🔗Dept of Ping 🏓

🔗Ping Room

tulir reports

The ping room has been upgraded to room v9. During the 452 days the previous (v6) ping room was alive, it received a total of 735997 org.matrix.dummy_events and 604459 m.room.message events.

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

🔗#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	neko.dev	300
2	catvibers.me	325
3	deuteronomiumcloud.com	375.5
4	thomcat.rocks	396.5
5	asra.gr	400.5
6	maunium.net	408
7	matrix.infra.reflect-media.de	461
8	matrix.ring-0.net	480.5
9	stefanberger.net	487
10	zehka.net	650.5

🔗#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	conduit.supercable.onl	101
2	schuwi.science	292
3	dendrite.grin.hu	361
4	cry.is	522.5
5	nognu.de	631.5
6	conduit.cyberdi.sk	730
7	conduit.beckmeyer.us	858
8	matrix.awesomesheep48.me	1164.5
9	dendrite.matrix.org	1216.5
10	grin.hu	3054

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.52 released

2022-02-08 — Releases — Brendan Abolivier

Synapse 1.52 is out! Here's what's new with this week's release.

🔗Twisted security release

The team behind Twisted, which is the main framework Synapse uses under the hood, recently released Twisted 22.1. This version fixes a security vulnerability within the Twisted library.

While preparing the release of Synapse 1.52, we have investigated the impact of this vulnerability on Synapse. We came to the conclusion that it does not affect Synapse. We however advise server administrators to ensure they use an up-to-date version of the library as a matter of good practice.

For instances installed with pip, the library can be updated with pip install --upgrade Twisted treq. For instances installed with the matrixdotorg/synapse Docker image or Debian packages from packages.matrix.org, updating to Synapse 1.52.0 is sufficient, as these images and packages include up-to-date versions of all dependencies.

It is also worth noting that a release candidate for Twisted 22.2 has been published, with a fix for a potential denial of service vulnerability with SSH. Administrators of Synapse homeservers that have the manhole feature enabled (which is the only feature of Synapse using SSH) are encouraged to ensure access to the manhole is correctly restricted (e.g. by preventing access from external locations).

🔗Federation admin APIs

This release of Synapse introduces a few admin APIs to help server administrators monitor and handle how their Synapse homeserver interacts with other federated homeservers. One of these APIs offers server administrators a way to visualise which rooms are shared between the local homeserver and a given remote one.

Another API allows server administrators to reset federation timeouts. If Synapse fails to connect to a remote homeserver, it will make note of the failure and will not retry the connection after a certain amount of time. This can happen if the remote homeserver goes offline or experiences connectivity issues. Synapse has a few ways of figuring out whether a remote homeserver has come back online, but this new admin API adds a way for administrators to manually tell Synapse a destination should be available.

🔗Everything else

This release also improves Synapse's deactivation behaviour by deleting account data when deactivating a user. "Account data" refers to private arbitrary data that is specific to an account. It is used among other things for secure server-side storage (SSSS) which allows securely backing up end-to-end encryption keys.

Please see the Synapse release notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Dirk Klimpel, Vaishnav Nair, SequentialRead Software and Nick Barrett from Beeper.

Hosting FOSDEM 2022 on Matrix

2022-02-07 — Events, FOSDEM, News — Thib

Last year was the first time FOSDEM was hosted on Matrix, and it was generally a huge success - and so the FOSDEM team trusted us again this year and we’re happy to say that it seems to have gone really well! This year’s FOSDEM was massive once again, featuring 654 speakers, 731 events, and 103 tracks.

This year hosting the event went smoother than last year, the only significant issue was some of the Q&A Jitsis not being broadcast to the devrooms on Saturday before 10:15 UTC, for which we offer our apologies to the speakers impacted. This turned out to be a problem with the Matrix<->Jitsi access control sync system which hadn’t showed up during earlier testing, but we patched around it rapidly on the day.

The most notable difference between this year and the previous year has been the usage of a “attendees.fosdem.org” instance in addition to the original “fosdem.org” one, specifically for attendees. The graphs speak for themselves: Synapse could handle the load of the 23K users (13K joined users and 10K lurkers) spread across a total number of 941 rooms. The real eye-opener however is that of the 13K joined users, only 4K came came from the FOSDEM attendee server, and 1K from Libera Chat, meaning that ~70% of the Matrix participants were already on Matrix and came in from existing servers! 🤯 That means the vast majority of people attended over federation. Decentralisation at work, people! It works! We didn’t host the conference… you did!!

FOSDEM attendees heatmap

But not only did the backend handle the load smoothly: the general user experience felt tightly integrated. People were welcomed by a tailor-made home page in Element to help them navigate through all the tracks and stands:.

Homescreen of chat.fosdem.org

One of the great things is it doesn’t require heavy modifications to Element: anyone who installs their own instance of Element can use a simple html file to display relevant information to their audience.

New this year, we also generated a space hierarchy for the whole conference at #fosdem2022:fosdem.org to help navigate the maze of rooms, making it even easier for users on their own servers to jump in:

FOSDEM Space listing all the FOSDEM rooms

Another greatly appreciated feature was the famous “maximised widgets” I (Thib) keep telling you about in Matrix Live episodes. Attendees and speakers could give the conference the central attention it deserved while simultaneously keeping an eye on what was happening in the chat.

FOSDEM stand with maximised widget view

From the speaker's perspective, we tried to streamline the user journey as much as possible: a bot invited them to a backstage room, in which they joined a Jitsi widget while their talk was being played in the track or devroom. They could see the most upvoted questions by the audience in a dedicated widget. A few minutes before their pre-recorded talk was over, a countdown (new this year!) could be displayed to tell them and the host they were about to go live. At the end of the countdown, the backstage Jitsi was broadcasted to the track so the speaker could answer the questions.

Backstage room where the speaker and host could talk and see the questions

If you want to have an in-depth look at the backend’s architecture, it didn’t change much from last year. You can have a look at last year’s blog post for the details on the setup. Most of the heavy lifting was around the conference bot used to set rooms up, create the spaces, populate them with widgets, arrange layouts and trigger countdowns before going live…

Finally we are immensely proud that we had our first ever Matrix Devroom! Not only does it mean the staff of a large international open source conference thinks it’s worth having a track of our own, it also means our community has grown to the point where we could have 8 hours of back to back Matrix content! Here’s a link to the YouTube playlists to which we are going to add the videos of FOSDEM as they’re being published.

Huge thanks to the FOSDEM team for trusting us, massive shout-out to Element Matrix Services and Element’s Ops and infrastructure team for their fantastic job in setting everything up and making sure everything was ready in time, a sincere thank you to all the fantastic speakers who shared awesome content, and finally to all the attendees. What a weekend!

This Week in Matrix 2022-02-04

2022-02-04 — This Week in Matrix — Thib

🔗Matrix Live 🎙

🔗Dept of oh hey it's FOSDEM

TravisR says

We've got a devroom. check it out. https://fosdem.org/2022/schedule/track/matrixorg_foundation_and_community

And let me add

You can join our devroom at #matrix-devroom:fosdem.org to watch all the talks, and our stand at #matrix-stand:fosdem.org

🔗Dept of Spec 📜

anoa announces

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/unstable/proposals.

🔗MSC Status

New MSCs:

WIP: MSC3706: Extensions to /_matrix/federation/v2/send_join/{roomId}/{eventId} for partial state

MSC3700: Deprecate plaintext sender key

MSCs with proposed Final Comment Period:

MSC3383: Include destination in X-Matrix Auth Header

MSCs in Final Comment Period:

No MSCs are in FCP.

Abandoned MSCs:

MSC2810: Consistent globs specification

Merged MSCs:

MSC3676: Transitioning away from reply fallbacks

🔗Spec Updates

Matrix v1.2 has landed! 🥳 Read the official announcement blogpost and check it out over at https://spec.matrix.org/v1.2/. This release includes headlining features such as Spaces, room versions 8 and 9 which bring restricted join rules, as well as the new Matrix URI scheme.

I'd also like to point out that v1.2 released on 2/2/2022 :)

Otherwise, thank you to aaronraimist and devonh from the community for their fixes to the spec's text that merged this week. They are highly appreciated!

🔗Random MSC of the Week

The random MSC of the week is... MSC3051: A scalable relation format!

This MSC proposes to pave a way to allowing relating an event to multiple other events, which unlocks some additional use cases. Go check it out if you're interested in extending Matrix's capabilities even further!

🔗Dept of Servers 🏢

🔗Synapse (website)

Synapse is the reference homeserver for Matrix

callahad announces

Synapse 1.52.0rc1 is out, but honestly, we're just all hands on deck for FOSDEM tomorrow! As a reminder, members of the Synapse team will be giving a couple of talks during at the event:

Events for the Uninitiated by Shay at 10:10 UTC

Beyond the Matrix: Extend the capabilities of your Synapse homeserver by Brendan at 15:40 UTC

Be sure to check out all of the talks in the Matrix.org Foundation & Community devroom or visit the Matrix stand for more freeform discussion — we'll see you there!

🔗Dendrite (website)

Second generation Matrix homeserver

neilalexander says

Today we've released Dendrite 0.6.1 which contains a number of fixes and improvements. This release includes the following changes:

Roomserver inputs now take place with full transactional isolation in PostgreSQL deployments

Pull consumers are now used instead of push consumers when retrieving messages from NATS to better guarantee ordering and to reduce redelivery of duplicate messages

Further logging tweaks, particularly when joining rooms

Improved calculation of servers in the room, when checking for missing auth/prev events or state

Dendrite will now skip dead servers more quickly when federating by reducing the TCP dial timeout

The key change consumers have now been converted to use native NATS code rather than a wrapper

Go 1.16 is now the minimum supported version for Dendrite

Local clients should now be notified correctly of invites

The roomserver input API now has more time to process events, particularly when fetching missing events or state, which should fix a number of errors from expired contexts

Fixed a panic that could happen due to a closed channel in the roomserver input API

Logging in with uppercase usernames from old installations is now supported again (contributed by hoernschen)

Federated room joins now have more time to complete and should not fail due to expired contexts

Events that were sent to the roomserver along with a complete state snapshot are now persisted with the correct state, even if they were rejected or soft-failed

Spec compliance, as measured by Sytest, currently sits at:

Client-server APIs: 65%

Server-server APIs: 94%

As always, you can join us in #dendrite:matrix.org for Dendrite discussion and announcements.

🔗Conduit (website)

Conduit is a simple, fast and reliable chat server powered by Matrix

Timo ⚡️ says

Hey everyone, this evening we will finally release the next Conduit version: v0.3

If you have questions about anything, come and ask us in #conduit:fachschaften.org

We have managed to get a lot of features and improvements into this release, here are some of the most exciting ones:

Feature: Support server ACLs !248

Feature: RocksDB Database Backend !217

Feature: Database backend selection at runtime !217

Feature: Report users to homeserver admin !218

Feature: Creation of Spaces (exploring spaces is not supported yet) !220

Feature: Enable voice calls (requires configuring a TURN server) !208

Feature: Lazy loading for much faster initial syncs !240

Improvement: Batch inserts for events !204

Improvement: Significantly faster state resolution !217

Improvement: Reuse reqwest client !265

Thanks to everyone who supports me on Liberapay or Bitcoin!

🔗Homeserver Deployment 📥️

🔗Dendrite Helm (website)

This chart creates a polylith, where every component is in its own deployment and requires a Postgres server aswell as a NATS JetStream server.

Till F. reports

Hi TWIM followers :)

dendrite-helm is an experimental Helm Chart to deploy a polylith/monolith Server.

After last weeks release of Dendrite 0.6.0, I finally updated my Helm Chart to finally reflect that.

Changes:

Versioned releases (no morelatest docker tags or such)

locmai added dependencies (NATS JetStream, Postgres)

Update README (helm-docs)

Special thanks to locmai, who added the missing dependencies!

Chart

🔗Dept of Clients 📱

🔗Nheko (website)

Desktop client for Matrix using Qt and C++17.

Nico reports

It's FOSDEM! Don't forget to checkout my 5 min ramble about custom stickers and emotes in Matrx: https://fosdem.org/2022/schedule/event/matrix_custom_stickers/

In preparation for FOSDEM, I've also been working on some goodies so that you can participate using Nheko in a limited manner:

Previews for rooms are now fetched for spaces using the hierarchy API

Widgets for the talks should be shown below the topic as links

While this isn't grand, it should be good enough for some to participate using Nheko. You will need the latest master (some commits aren't even pushed at the time of writing!), but if you are just watching, this should give you an easy way to fetch the talk link for each room. You will still have to watch the actual talk in your browser though.

LorenDB also added a big, fat, red offline indicator. If your server dies because of FOSDEM, now Nheko will tell you.

I hope you all will have a great time and I hope I see you around!

🔗Moment (website)

A Matrix client; forked from Mirage.

@maze:mazie.rocks announces

Releasing Moment, a fork of Mirage! In case you missed out on Mirage, here's what this is:

A fancy QML + Python client aimed at power users

Keyboard bindings for almost everything

Very customizable, with ability to adjust any keybinding/functionality

A multi-account client

Adjusts to any screen size

After 6 months of inactivity on the Mirage project, Moment brings it back to life. We have fixed some important issues and will continue to maintain Moment!

🏠 Matrix room: #moment-client:matrix.org

📁 Repo: https://gitlab.com/mx-moment/moment 🌐 Website: mx-moment.xyz 🔍 Differences between Mirage and Moment

🛠 Install Moment from source 📦 Install Moment from Flatpak ⛰ Install Moment on Alpine Linux

🔗Hydrogen (website)

Hydrogen is a lightweight matrix client with legacy and mobile browser support

Bruno announces

🎺 We've released Hydrogen 0.2.24 and 0.2.25 with session backup writing and some bug fixes! From now on you shouldn't need to have another client running along hydrogen for keys to be written to the key backup!

Bruno adds

We've also just released 0.0.5 of the hydrogen-view-sdk with very early support for registration and exporting more symbols.

🔗Element (website)

Everything related to Element but not strictly bound to a client

Danielle reports

Welcome to another week of TWIM at Element! Here’s our updates:

Polls and Location Sharing

Polls is now out of labs, and available in the composer for all users with the latest app versions.

Location sharing is also now available on the mobile apps. For now you will need to enable it in settings in order to see the composer icon and send your location.

Threads

Threaded Messaging is making forward progress on all 3 platforms; we’re aiming to help clear up cross-talk on the timeline by moving side-convo’s to the right panel. If you want to try it out, it's available in Labs on Web. We’ll be pushing Threads into Labs on Mobile in the next release!

Community Testing

Join #element-community-testing:matrix.org to help out with the testing

Coming up this week:

The new search experience: Monday, 7th Feb at 15:30 UTC / 16:30 CET

🔗Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

Danielle says

Bubbles are now available! Keeping your inbound messages on the left, and your outbound messages on the right your timeline should now be easier to skim read. This layout is off by default but to see it in action, update your Message Layout appearance preferences from Settings.

Metaspaces have landed! Giving users a new way to display favourites, DMs and rooms outside of other spaces. Switch these on in Quick Settings at the bottom left of your app.

In Labs (Enable labs features in settings on develop.element.io or Nightly)

New and improved Search!

Provide feedback on your experience directly from the Search window.

Threads, including design updates. The MSC is available hereMSC3440

🔗Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Manu reports

We’ve been working hard on improving the startup and resume times, you should start to see these in your app in 1.7.0.

Work on a Rust prototype is underway. We’re excited to learn about the opportunities and advantages of this approach as we start to learn and experiment.

Also, Xcode13 & iOS15 compatibility has been added for developers

Coming soon in 1.8.0! Bubbles and an improved Onboarding experience

Threads will also be hitting Labs on Mobile soon so let us know what you think.

🔗Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

Danielle announces

A hotfix (1.3.18) on Android will fix some bugs we found in this week’s release.

Bubbles will also be landing soon, you can find this new feature in Settings > Preferences > Timeline. The feature has been merged to develop if you want to give it a try!

Threads have also been merged on develop.

We’ve been making improvements to the Onboarding experience for new users too.

In Labs

Threads will soon be in Labs on Mobile. Switch it on and try it out!

🔗Dept of Non Chat Clients 🎛️

🔗Populus Viewer (website)

A Social Annotation Tool Powered by Matrix

gleachkr says

🔗Viewer Updates

Here's a big populus viewer update! Since last time, I've been mostly working on improving the user experience and onboarding for non-experts, as well as making my teaching-assistant bot a little smarter - this work is ongoing. But I have had time for a few new features 😁

Populus now implements MSC3592 - Markup locations for PDF documents, a proposal building on MSC3574 - Marking up resources, so there's a documented format for interoperable PDF annotations (though this is not the final draft, see below!)

I've reworked the sidebar for the PDF view, improving the aesthetics and allowing for a "fullscreen" view of PDF content.

I've added user-directory search and improved the usability of the invite modal.

The reason that MSC3574 is not a final draft is that I'm increasingly looking at the w3c's web annotation data model as a compelling foundation for annotations on Matrix. Stay tuned for a upcoming MSC, or come over to #opentower:matrix.org to talk about the future of annotation on Matrix!

🔗Populus-Philarchive

I've also been working on a proof-of-concept for one Matrix use-case that I'm hoping Populus can help fill. Social annotation can be a good tool for getting feedback on works in progress, or for discussing new research with your team or lab. Wouldn't it be nice if you could just pop open a paper on a preprint archive and start commenting, or say "hey friends, I'm reading this paper, what do you think?" And wouldn't it be nicer if you could do that and host the discussion on your university or team's Matrix server?

Here's a first pass at that idea: https://opentower.github.io/populus-philarchive/

At the moment works by just pasting in paper codes from philarchive.org - it'll preview bibliographic information and give you a list of discussions taking place around a given paper, with the option to create a new one. Sessions are shared with populus-viewer, and pdfs continue to be hosted by the original archive. There are a number of clear upgrade paths, by integrating with a preprint archive that has an open search API, or even by adding an OAI-PMH metadata harvester to the backend, to combine the metadata from a bunch of open paper archives. I'm really excited to see where this work goes.

🔗nehko-krunner (website)

A KRunner plugin to list joined rooms and possibly other things from nheko.

LorenDB announces

I have been working on a little project over the last week: nheko-krunner. nheko-krunner is a KRunner plugin that loads rooms from nheko, displays them to the user, and allows the user to activate said rooms. How does it do this? Well, I've also been creating a D-Bus API for nheko! This code has not been merged yet, but once it is, you will be able to create your own plugins that access nheko via D-Bus!

The current functionality of nheko-krunner is simply (1) search and switch to rooms that you are in (not unlike the Ctrl-K switcher), and (2) join rooms from their aliases.

If you want to try out nheko-krunner, you will need to build from the dbus branch in my personal fork of nheko and then install nheko-krunner from the above repo.

I hope that somebody finds this useful and I am excited to see what other D-Bus plugins may show up in the future!

🔗Matrix Wrench (website)

Matrix Wrench is a web client to tweak Matrix rooms.

ChristianP announces

The versions 0.4.x brought improvements to the network log, letting you spot and investigate HTTP errors, bad JSON and network errors.

Ideally, I want to focus as much on the Matrix Spec as possible, but for the v0.5.0 I might venture into the territory of the Synapse Admin API, e.g. for listing and deleting media in a room. Please contact me, if you have use cases around media moderation you'd like me to consider.

🔗export matrix messages (website)

A commandline utility to export matrix messages

Aine reports

emm (export matrix messages) v0.9.4 is here

Now you can ignore messages from some users, defined in the -i cli argument.

For example, to ignore TWIM bot and me, -i @twim:cadair.com,@aine:etke.cc

Source code

🔗Dept of SDKs and Frameworks 🧰

🔗Halcyon (website)

Halcyon is an easy to use matrix library inspired by discord.py

gen3 announces

No new release this week. I've been working on the video sending functionality, and I am looking forward to seeing what that enables ya'll to do! In the meantime, I've published a template / demo bot you can find here: https://github.com/WesR/Halcyon-stock-bot . In just 37 lines of (unminified) code, this little bot:

Sets a status message

Automatically joins rooms via invite

Searches messages for $stocks mentioned, then formats and replies the current price and daily percent change for all the tickers in the message Screenshot below

I'm always looking for more feedback, and love to see what people are working on. Come hangout in the Halcyon room: https://matrix.to/#/#halcyon:blackline.xyz Lastly, for more info at on the bot library visit https://github.com/WesR/Halcyon Happy Hacking!

🔗Polyjuice (website)

Elixir libraries related to the Matrix communications protocol.

uhoreg announces

The Polyjuice Project has a new component: Polyjuice Client Test, a tool for testing Matrix clients. Each test has its own preconfigured homeserver environment, implemented using the Polyjuice Server library, and can be customized according to the needs of the test. Only a few tests are implemented so far, but many more are planned, initially focusing on testing functionality related to end-to-end encryption. You can see a demo of it in the Matrix Live video.

🔗Dept of Ops 🛠

🔗matrix-docker-ansible-deploy (website)

Matrix server setup using Ansible and Docker

Slavi says

Thanks to HarHarLinks, matrix-docker-ansible-deploy can now install the matrix-hookshot bridge for bridging Matrix to multiple project management services, such as GitHub, GitLab and JIRA.

See our Setting up matrix-hookshot documentation to get started.

🔗Matrix Corporal (website)

reconciliator and gateway for a managed Matrix server

Slavi says

matrix-corporal (as of version 2.2.3) is now published to Docker Hub (see devture/matrix-corporal) as a multi-arch container image with support for all these platforms: linux/amd64, linux/arm64/v8 and linux/arm/v7. Users on these ARM architectures no longer need to build matrix-corporal manually.

🔗Dept of Bots 🤖

🔗Honoroit (website)

A Matrix helpdesk bot

Aine announces

Honoroit v0.9.4 is here!

New version comes with in-memory caching for thread relations. It significantly decreases amount of requests to homeserver during thread relations solving, both for MSC3440 threads and reply-to chain fallback

Source code, say hi in #honoroit:etke.cc

🔗matrix-art (website)

A Deviantart Fork based on Matrix

MTRNord (they/them) says

This week the focus was on fixing quirks and making the profile (at least partially) editable and adding translations.

🔗Changes

Fonts now get hosted on the page itself due to the legal issues in Germany with Google Fonts hosted fonts

Profile page has a rough UI to edit the profile page if logged in

Licence gets now correctly displayed according to the Creative Commons Licence requirements

Initial work on translations has started. A Weblate instance has been set up at https://trans.nordgedanken.dev for this.

German translation was added

Progress on the HS side to be able to use it as a public registration server for anyone who wants to post to Matrix Art. (yes, this really has a public registration HS)

Mjölnir instance is set up which also is used to moderate Matrix Art in complete (Aka it is joining on creation.) This is used for being able to moderate the website.

Errors are now properly reported to the user

🔗Dept of Interesting Projects 🛰️

🔗ChatStat (website)

An R package To Gather Stats From Chat Platforms

Gwmngilfen announces

🔗ChatStat 0.1.0 release

ChatStat is an R package for making reports on Matrix rooms.

Ahead of my lightning talk on Sunday, ChatStat has been polished up and given it's first release. You can get it here. Huge thanks to @johrpan:johrpan.de for their contributions too.

The main highlight since my last TWIM is that we actually have report generation now! You can see an example here, or check the project wiki for an example of using the raw data with ggplot2 to make custom plots of your own.

If you do give it a try, please stop by #matrix-matrix_chat_stat:fosdem.org to let us know how you got on!

🔗Matrix in the News 📰

Carl Schwan says

The season 2 of Raising Dion (a Netflix TV show) featured shortly a video call with Riot/Element and a few other open source software (e.g. Karbon). Oh and you might recognize a few usernames in the sidebar 😅

Moe (Moritz Dietz) announces

Circles has made it into a small German speaking Apple News site/App called ifun.de. „Circles-App: Neue alte Ideen für private soziale Netzwerke“ https://www.iphone-ticker.de/circles-app-neue-ideen-fuer-private-soziale-netzwerke-185764/ There wasn’t a mention of Matrix - which is kind of exciting really. This means it can just be the transparent layer of great apps :)

🔗Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

🔗#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	neko.dev	315
2	envs.net	579
3	sosnowkadub.de	822
4	maescool.be	1004.5
5	aria-net.org	1621
6	utzutzutz.net	1689
7	rollyourown.xyz	2247
8	trygve.me	2293.5
9	midnightthoughts.space	3045.5
10	diasp.in	3441

🔗#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	rustybever.be	899.5
2	nognu.de	947
3	schuwi.science	992
4	conduit.cyberdi.sk	1203.5
5	dendrite01.fiksel.info	1871
6	dendrite.neilalexander.dev	12309

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Digital Markets Act and interoperability: Debunking the gatekeepers' myths

2022-02-03 — General — Amandine Le Pape

Today the European Parliament, the European Council and the European Commission will meet again for a discussion about the Digital Markets Act (DMA). This is the second of three of these meetings, appropriately called trilogues, where each party exposes their stance on a proposed law and the group tries to agree on the final version.

The DMA is a groundbreaking step forward in shaking the hold a few gatekeepers have on users and the market, in particular because it looks to (among others):

Require gatekeepers to allow other services to interoperate with their services
Prevent them to treat their own services and products more favourably (for example by ranking)
Require them to allow users to uninstall any pre-installed software or app

The interoperability obligation is obviously the one on which we’ve kept a particularly close eye, as if it lands well it could take the success of Matrix to the next level completely overnight.

However, whilst in our mind interoperability automatically implies “open standard”, there are actually different ways of implementing it, depending on how far one wants to go. Typical debates here have been between whether to force gatekeepers to maintain open and well documented APIs, or whether to go full swing and mandate an open standard, and every shade in between.

We’ve been lucky to have had the opportunity to talk to policy advisors from different European member states, and it has been pretty fascinating to realise that it was always the same arguments which were being presented back at us, straight from the gatekeepers partyline.

We’ve ended up just listing them in a quick, high level, Myth Debunking exercise and thought it would be useful to actually publish them for everyone to access, so here they are!

MYTH #1 - "It is impossible to have a standard that is open, decentralized and secure at the same time"
⇒ false: HTTPS did it, Matrix did it.
MYTH #2 - "It is difficult and expensive to make existing services compatible with a standard"
⇒ false: Gitter was integrated into Matrix in less than a month, with a single developer
MYTH #3 - "Interoperability is incompatible with end-to-end encryption"
⇒ false: services just have to speak the same language, email has proved this with S/MIME and PGP - where different vendors can and do interoperate with E2EE. It’s even better when the protocol is E2EE by default.
MYTH #4 - "It may work for messaging, but less so for social networks"
⇒ false: it's still about managing content and users. Even though social networks have more varied content, it is already well modelled for their own APIs, ready to be expressed in a common language. The key is in the fallback option on unsupported features, as well as the ability to have moderation tools (more on that later).
MYTH #5 - “Interoperability is not compatible with data privacy”
⇒ false: Interoperability gives the ability to users to choose who is hosting their data and as such choose providers they trust. Besides, the DMA doesn’t live in a vacuum: it will exist alongside horizontal regulations like the GDPR and the Data Act, which give people sufficient control over their data to rectify their choices if they are not happy. Because the possibility of interoperability is there, it does not mean it will become mandatory for users to use it: they will still have their own threat models and will make decisions accordingly, just as they do today. But enshrining interoperability in law will at least ensure gatekeepers need to provide recourse for people to have further control over their data, which will be an improvement from the landscape today.
MYTH #6 - "There is no user need"
⇒ false: most haven't had a taste of interoperable chat/social media (but they know email), others are demanding bridges between services: 25% users of 2 communication apps lose contact with friends because they are using too many apps. And this figure doubles for people using more than 5 apps. There was no demand for cars when they were created: people only wanted faster horses.
MYTH #7 - "There is no demand from European companies"
⇒ false: The fact it is so hard for European companies to remain competitive enough to stay alive means there are few of them to complain about what is killing them! However these companies are gathering to push for interoperability (like the Coalition for Competitive Digital Markets). It will enable them to be more innovative in the product they develop by benefiting from an existing open network rather than being slowed down by having to build one from scratch. Companies will compete on the value they add rather than the size of their network. An open standard also gives an open field for innovation from a business model perspective. The Web is an excellent example of how much an open network fuels innovation and growth.
MYTH #8 - "It is better to require providers to have open and stable APIs than define a single open standard"
⇒ false: this is the best way to leave gatekeepers at the center of the ecosystem as it means that each player has to multiply its effort to interface with every single other player, but every player will only have the resources to interface with a few of its counterparts and will logically default to the bigger ones, effectively not solving the problem. In addition, if providers are not aligned on which encryption to use it will just break end-to-end encryption and create risk for the user in every bridge. In practice the DMA is about forcing the gatekeepers to interoperate only, but we strongly believe that everyone should be interoperating if we are about improving the user’s experience and control, and giving more space to companies to innovate. Limiting it to the gatekeepers is a first step, but only a defensive one.
MYTH #9 - “An open standard limits innovation if it defines a lowest common denominator”
⇒ false: the lowest common denominator should match what users consider as table stakes in a messaging or social media app. Providers can innovate on top by providing different features which go beyond table stakes, for example by targeting niche use cases, like messaging services focused on elderly and disabled users, or focused on healthcare, warehouse workers, or integrated in a CRM for call centers, or creatives… Providers also can implement a profile of the standard which is a subset of its full scope, ensuring the standard remains a highest common denominator..
MYTH #10 - “It will be impossible to moderate social networks built on an open standard”
⇒ false: decentralised networks actually have driven the adoption of much more sophisticated moderation techniques than the coarse approaches of centralised silos. Appropriate moderation means have to be part of the open standard definition, and some are already used in Matrix. It would also empower victims who today have no choice but get in touch with providers one by one. Each provider will also have control over their own users, and users can select providers whose T&Cs are aligned with their ethics. The world is not black and white, unlike what Silicon Valley tries to make us believe.
MYTH #11 - “It will take years before being able to define an open standard”
⇒ you don’t have to: You could leverage existing technologies which are being used by the industry. Matrix, XMPP and ActivityPub exist today. For instance, Matrix has been managed by its own standard body (The Matrix Foundation) and could be ratified by a more established one like IETF, ETSI or W3C if needed.

Obviously the devil will be in the details of the way the final text is formulated, as well as the limits, obligations and controls put in place, but overall it should be an improvement for all European users and companies and we’re looking forward to seeing how today’s trilogue goes!

Matrix v1.2 release

2022-02-02 — Releases, Spec — Travis Ralston

Hey all,

Welcome to the second installment of our quarterly spec releases. If it feels like it hasn’t been long since our last release, you’re not alone! Our last release was just 3 months ago, introducing the new platform and world we build within.

This improvement in speed might seem too fast, but fret not: implementations are not expected to update as soon as the new spec is published. Rather, it is more realistic to expect that the ecosystem gradually update over the course of the following few months/year. Particularly after the massive release that was v1.1.

So, what’s new in v1.2? With 18 MSCs merged there’s a lot to cover - we’ve picked some notable highlights and recommend the full changelog at the bottom for a complete idea of what’s been going on.

🔗Rearchitecting with Spaces

Spaces launched into beta last May, redefining how we can use rooms on Matrix to represent different data structures. Described mostly as MSC1772, Spaces are simply rooms with a specific type in their m.room.create event. With state events being used to define which other rooms (meaning Spaces too) are part of that Space, the possibilities for tree-like structured data become endless.

There’s still quite a lot of work to do in the Spaces space (hah), though we’re excited to see it all land. For instance, MSC3216 and MSC2962 target power level syncing, MSC3219 aims for flair, and MSC3089 looks at file structures using Spaces. We might even be able to replace the public room directory with a server-wide space, making writing clients a little bit easier.

🔗Public, but not too public, join rules

Restricted rooms are new in this release from MSC3083. In these rooms (and therefore Spaces too!), the join rules can be configured such that a member of another room can join without needing an invite. In a typical setup, this means that a Space could be set as invite-only, but all the rooms and Spaces underneath that Space could allow joins for members of the parent Space. When someone wishes to explore the universe you’ve laid out in your Space they can simply join the interesting rooms without having to ask for invites constantly.

This feature changes how membership events are authorized, so is only available in room versions 8 and 9 (both introduced in this release). Room version 9 fixes a relatively rare bug from version 8, so we’d recommend using v9 if you’re planning an upgrade for this functionality.

Further work in this area involves figuring out how to keep membership lists perfectly in sync between the rooms, which is currently done by external tooling. For example, evicting someone from the parent Space could (optionally) evict the user from all the subsequent rooms and Spaces too.

We also need to figure out how to support both knocking and restricted rooms at the same time (oops). MSC3613 and MSC3386 both tackle this problem in different ways and timescales.

🔗Matrix: A URI

A massive shoutout goes to kitsune and the whole community for working on MSC2312, giving us a URI we can pass around outside of Matrix to bring us back in. The early work on this dates all the way back to 2014, the very beginning of Matrix’s development, and has since been marked Provisional by the IANA.

The full spec is available here - feel free to discuss it at matrix:r/matrix-spec:matrix.org ;)

🔗The full changelog

MSCs are how the spec changes in the way it does - adding, fixing, and maintaining features for the whole ecosystem to use. The blog post can’t cover them all, but that doesn’t make them any less important! Check out the full changelog below, and the Spec Change Proposals page for more information on how these MSCs got merged (hint: they submitted a proposal, which anyone can do - take a look at the Matrix Live episode where Matthew covers the proposal process).

🔗Client-Server API

Breaking Changes

The prev_content field is now returned inside the unsigned property of events, rather than at the top level, as per MSC3442. (#3524)
The aliases property from the chunks returned by /publicRooms, as per MSC2432. (#3624)

New Endpoints

Add the Space Hierarchy API (GET /_matrix/client/v1/rooms/{roomId}/hierarchy) as per MSC2946. (#3610)
Add /_matrix/client/v1/register/m.login.registration_token/validity as per MSC3231. (#3616)

Backwards Compatible Changes

Extend /_matrix/client/r0/login to accept a m.login.appservice, as per MSC2778. (#3324)
Add support for restricted rooms as per MSC3083, MSC3289, and MSC3375. (#3387)
Add is_guest to /account/whoami as per MSC3069. (#3605)
Expand guest access to sending any room event and state event as per MSC3419. (#3605)
Add Spaces and room types as per MSC1772 and MSC2946. (#3610)
Add new m.set_displayname, m.set_avatar_url, and m.3pid_changes capabilities as per MSC3283. (#3614)
Add support for fallback keys (optional keys used once one-time keys run out), as per MSC2732. (#3615)
Add token-authenticated registration support as per MSC3231. (#3616)

Spec Clarifications

Make AesHmacSha2KeyDescription consistent with KeyDescription in marking name as optional. (#3481)
Fix various typos throughout the specification. (#3482, #3495, #3509, #3535, #3591, #3601, #3611, #3671, #3680)
Explicitly mention RFC5870 in the definition of m.location events (#3492)
Add 403 M_FORBIDDEN error code to /profile/{userId} as per MSC3550. (#3530)
Clarify the description of the /sync API, including a fix to an ASCII art diagram. (#3543)
Clarify that base_url in client well_known may or may not include trailing slash. (#3562)
Clarify which signature to check when decrypting m.olm.v1.curve25519-aes-sha2 messages. (#3573)
Clarify what "Stripped State" is and what purpose it serves, as per MSC3173. (#3606)
Clarify how to interpret missing one-time key counts. (#3636)
Correct the schema for the responses for various API endpoints. (#3650)
Clarify that group mentions are no longer in the specification. (#3652)
Distinguish between "federation" event format as exchanged by the Federation API, and the "client" event formats as used in the client-server and AS APIs. (#3658)
Fix the rendering of the responses for various API endpoints. (#3674)

🔗Server-Server API

New Endpoints

Add the Space Hierarchy API (GET /_matrix/federation/v1/hierarchy/{roomId}) as per MSC2946. (#3610, #3660)

Backwards Compatible Changes

Add support for restricted rooms as per MSC3083, MSC3289, and MSC3375. (#3387)

Spec Clarifications

Fix various typos throughout the specification. (#3527)
Clarify that GET /_matrix/federation/v1/event_auth/{roomId}/{eventId} does not return the auth chain for the full state of the room. (#3583)
Fix the rendering of the responses for various API endpoints. (#3674)

🔗Application Service API

Spec Clarifications

Distinguish between "federation" event format as exchanged by the Federation API, and the "client" event formats as used in the client-server and AS APIs. (#3658)
Fix the rendering of the responses for various API endpoints. (#3674)
Correct the documentation for the response value for GET /_matrix/app/v1/thirdparty/protocol/{protocol}. (#3675)

🔗Identity Service API

Backwards Compatible Changes

Add the room_type to stored invites as per MSC3288. (#3610)

Spec Clarifications

Fix the rendering of the responses for various API endpoints. (#3674)

🔗Push Gateway API

Spec Clarifications

Fix the rendering of the responses for various API endpoints. (#3674)

🔗Room Versions

Backwards Compatible Changes

Add Room Version 8 as per MSC3289. (#3387)
Add Room Version 9 as per MSC3375. (#3387)

Spec Clarifications

Fully specify room versions to indicate what exactly is carried over from parent versions. (#3432, #3661)
Clarifications to sections on event IDs and event formats. (#3501)
Remove a number of fields which were incorrectly shown to form part of the unsigned data of a Federation PDU. (#3522)
Fix heading order of room version specifications to be consistent. (#3683)
Add missing "Signing key validity period" section to room version 6. (#3683)
Fix auth rules to allow membership of knock -> leave in v7, v8, and v9. (#3694)

🔗Appendices

Backwards Compatible Changes

Describe "Common Namespaced Identifier Grammar" as per MSC2758. (#3171)
Describe the matrix: URI scheme as per MSC2312. (#3608)

High severity vulnerability in Element Desktop 1.9.6 and earlier

2022-01-31 — Security — Matrix Security Team

Element Desktop 1.9.6 and earlier depend on a vulnerable version of Electron, leading to a High severity vulnerability in Element Desktop, relating to its functionality for opening downloaded files. If successfully exploited, the vulnerability allows an attacker to open an arbitrary file path on the user's machine using the platform's standard mechanisms, but without the ability to pass additional arguments or data to the program being executed.

However in certain platform configurations, the same vulnerability could allow an attacker to open an arbitrary URL with an arbitrary scheme instead of a file path, again using the platform's standard mechanisms. There has been research demonstrating that the ability to open arbitrary URLs can sometimes lead to arbitrary code execution.

The attack requires user interaction and the exploit is complex. To the best of our knowledge, the vulnerability has never been exploited in the wild.

Patched in 1.9.7 with further hardening done in 1.9.9 to ensure it's harder to exploit even in light of new Electron vulnerabilities. Please upgrade to 1.9.9 as soon as possible. The vulnerability has been assigned CVE-2022-23597.

Discovered and reported by Sirius and TheGrandPew.

This Week in Matrix 2022-01-28

2022-01-28 — This Week in Matrix — Thib

🔗Matrix Live 🎙

🔗Dept of Matrix.org?

Thib reports

Kudos to Aaron for adding a GitHub action to matrix.org's repository to check for typos, and taking the time to fix them all! Worry not fellow proofreaders, our post-publication TWIM proofreading tradition is not extinct: some typos are not caught by the CI, such as misspelling of proper nouns (e.g. Devianart) or articles (e.g. "an proofreader" won't make the CI upset)

Alexandre Franke says

May be worth mentioning that Aaron added the same thing to matrix-doc so spec changes and MSCs get the same treatment.

🔗Dept of Spec 📜

anoa says

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

🔗MSC Status

In terms of MSC updates this past week:

New MSCs:

MSC3676: Transitioning away from reply fallbacks

MSC3673: Encrypted ephemeral data units

MSC3672: Sharing ephemeral streams of location data

MSC3667: Enforce integer power levels

MSC3666: Bundled aggregations for server side search

Merged MSCs:

No MSCs were merged this week.

MSCs currently in Final Comment Period:

MSC3676: Transitioning away from reply fallbacks (merge)

🔗Spec Updates

The release of Matrix v1.2 is right around the corner, and is expected to go out on February 2nd. This is in line with our quarterly release cycle for the spec going forwards.

Please reach out to us in #sct-office:matrix.org if there are any last-minute MSCs that haven't started/finished Final Comment Period that you believe should be included!

Otherwise there was a lot of discussion surrounding MSC2781: Remove the reply fallbacks from the specification. I'll let the other spec updates in TWIM speak to that though :)

🔗Random MSC of the Week

The random MSC of the week is... MSC2291: Configuration to Control Crawling!

A concept similar to robots.txt for the web, but for Matrix! Currently the way to inform room-crawling bots in Matrix today is by banning/kicking them from the room. However, this doesn't allow you to blanket prevent bots from joining - nor does it only inform bots that they should access some of the room's data. It's a binary switch.

Consider if you wanted your room to be crawled, but the room topic to not be indexed. This MSC could help with that! Give it a read/review if you're interested.

Nico announces

Have you ever pinged someone by accident, because you replied to a message with their name in it or maybe even a whole room mention? Or are you avoiding replies for that reason? Did the quote of a messages suddenly vanish when someone edited their message in a client? Or are you just in general unhappy with replies only showing what type of message was replied to, instead of showing the actual image being replied to (on mobile for example)? Were you annoyed, that you could only reply with a text message, but not an emote message, an image, a sticker or even a video?

I spent a bunch of time trying to remove the blocker for that in the Matrix specification, you can find the proposal here: https://github.com/matrix-org/matrix-doc/pull/2781

As it turns out, it is not quite as simple, because notifications for replies to your messages rely on a bunch of implicit interactions, which is why I also wrote another MSC to fix that: https://github.com/matrix-org/matrix-doc/pull/3664

I'm a bit unhappy with replies across the matrix ecosystem at the moment and I hope this is a small step towards improving things. It's certainly not as exciting as spaces, voip, threads or stickers, but it is something which affects me every day and I think those small papercuts need some attention too.

I hope some of you share my love for the less exciting stuff!

Jonathan announces

To add onto Nico's efforts, I think that mentions today are based on too many "false-positives" (ping on displayname or username mention), and i kinda wish for the "just mention them" UX of discord, telegram, whatsapp, and so many other messengers.

So I've also made a proposal that tries to bring some explicitness in that, a new push rule that'll fire on "mention"; https://github.com/matrix-org/matrix-doc/pull/3517

It'll look for any @-MXID mention in the plaintext, or look for an <a>-mention "pill" in the HTML. It is a hack, but it is the most correct way of determining if you've been pinged in matrix, at the moment.

Matthew announces

In terms of reply fallbacks - the Spec Core Team gave an overwhelming thumbs up to removing reply fallbacks via MSC2781... but given practically this causes a cascade of other work (defining and implementing push_rules for replies, and defining and implementing push_rules for threads (MSC TBD)) and so as a temporary transitional measure we've instead made reply fallbacks best effort (MSC3676). This means that clients can now reply using non-textual events, and we can use replies as a fallback for threads for non-thread-capable-clients/ASes once MSC3440 lands. To be clear, the intention is still to incorporate all of Nico's excellent contributions on MSC2781 and MSC3664 however.

🔗Dept of Servers 🏢

🔗Synapse (website)

Synapse is the reference homeserver for Matrix

callahad announces

Hello TWIM! Last week we released Synapse 1.51. This is a great release which includes lots of performance work around sending aggregations down /sync. It also makes Spaces much more reliable: we tracked down a bug with caching which could cause some sub-spaces to randomly appear empty when queried over federation. We also removed the 50 result limit when listing the contents of a Space.

We're also starting to see some promising results experimenting with ways to make room joins faster (MSC2775). It's not quite ready to demo, but we should have something to show off before too long. 🤞

Last but not least, FOSDEM is in 8 days! The Synapse team will be giving a couple of talks during the day: Events for the Uninitiated by Shay at 10:10 UTC, and Beyond the Matrix: Extend the capabilities of your Synapse homeserver by Brendan at 15:40 UTC. Come say hi! 🙂

🔗Dendrite (website)

Second generation Matrix homeserver

neilalexander says

We know that it has been a while coming but today we have released Dendrite 0.6! This version contains a number of significant changes, including switching away from Kafka to NATS JetStream and refactoring a number of other components. We have been making architectural changes recently to help Dendrite scale better in the future and to fix a number of race conditions that were present before. Federation in particular is much smoother and better behaved in this release, with overall lower CPU and memory usage and less resource spikes.

The full changelog is available on GitHub but the highlights are:

NATS JetStream support, deprecating Kafka and Naffka

The roomserver now being responsible for fetching missing events and state instead of the federation API, which fixes some race conditions

Strict ordering and asynchronous input support in the roomserver input API, which smooths out incoming federation significantly

Consolidated federation API, including functionality from the now-deprecated federation sender and signing key server components

Database-backed device list synchronisation, which is now more reliable

Correct gap checking when fetching missing events and state

Better behaviour and lower resource usage by the /event_auth endpoint

Spec compliance, as measured by Sytest, currently sits at:

Client-server APIs: 65%

Server-server APIs: 94%

This is a highly recommended update so if you are running a Dendrite server, please upgrade! As always, you can join us in #dendrite:matrix.org for Dendrite discussion and announcements.

🔗Homeserver Deployment 📥️

🔗Helm Chart (website)

Matrix Kubernetes applications packaged into helm charts

Ananace says

And this week has seen some updates to my Helm Charts as well, with matrix-synapse passing through 1.50.2 to end up on 1.51.0

🔗Dept of Bridges 🌉

Half-Shot says

Hey folks, no releases this week but a general update on a little project of ours. I've been working through the problem of making bridges easier to use and supplimenting our command interfaces with pretty buttons and forms. To that effect, we've landed out first PR on adding widget communication support to the matrix-appservice-bridge library \o/.

You can see some of the details here https://github.com/matrix-org/matrix-appservice-bridge/pull/365

but that's not all. I'm doing a talk about this whole subject at FOSDEM which you can tune into! See the deets at https://fosdem.org/2022/schedule/event/matrix_next_gen_interfaces/

🔗Dept of Clients 📱

🔗Nheko (website)

Desktop client for Matrix using Qt and C++17.

Nico reports

Next to spec work, progress on porting Nheko to 100% qml continues. This week I ported the login and registration pages. I also did some minor cleanups on them and prep work for future improvements (like buttons for each SSO provider or providing email address and registration token inline instead of in a separate popup, if the server requires it). Logging in or registering is often the first thing a user does on a client or maybe even the first thing they do on Matrix! As such I should really spend more effort optimizing that feature, that usually falls off the priority list because I don't use it often!

Once Nheko is 100% Qml we should also see lower memory usage again, here is a screenshot from a Nheko instance with over 100 rooms, that's been running for a few days of active use on Windows:

We also fixed an issue where Nheko could crash the notification service, because it sent images not following the Freedesktop notification specification and tasty spent some time further improving the man page.

🔗Fractal (website)

Matrix messaging app for GNOME written in Rust.

Julian Sparber reports

Hello folks, it's been a while since we last spoke! We have been focused on the code, but we're long overdue for an update. A lot has happened since November. Fractal-Next is getting closer to feature parity with current Fractal, and even supports new things:

Timeline

Fractal-Next now allows you to open and save sent files

It also displays images, videos and stickers in the timeline

You can also get a better view of media send to the room thanks to the built-in media viewer

It (finally!) supports reactions (displaying them and sending new ones)

User verification

Fractal-Next now supports verification of other users by scanning their QR code, or via emoji

When a user is verified, an icon is displayed next to their username in the list of room members

Room details

The room details show now the members of the room including the power level

General UX

Fractal-Next is better integrated with GNOME's secret management service Seahorse

It supports room upgrades

It also supports inviting users to a room

Users can change the category of rooms in the sidebar via drag and drop or by using the context menu

If you want a more lengthy writing about what we've been up to and a note about the NLnet grant, please head out to my blog post "A Long Overdue Update — Fractal Next"

🔗Element (website)

Everything related to Element but not strictly bound to a client

kittykat says

Polls and location sharing

Polls is coming out of labs with the next release on all three platforms

Location sharing is coming out in mobile apps with the next release on Monday and will need to be enabled in labs

Community testing

Join #element-community-testing:matrix.org to help out with the testing

Coming up this week:

FOSDEM conferencing

Threads with the new APIs

The new search experience

All dates and times to be confirmed, follow our channel for updates

Decryption

You can help us fix decryption errors by enabling automated error reporting

On Android, enable “Auto Report Decryption Errors” in the settings

If you are using Nightly or develop.element.io, you can help us fix decryption errors by enabling “Automatically send debug logs on decryption errors”

🔗Element Web/Desktop (website)

Secure and independent communication, connected via Matrix. Come talk with us in #element-web:matrix.org!

kittykat reports

Release candidate was late as we have more regressions and release blockers than normal: last minute fixes include a couple of crashes when hanging up a call from the picture-in-picture view and in the appearance tab of settings, plus chasing a crashing bug on Linux.

Metaspaces has landed in the release candidate: it will give you a new way to group your favourites, DMs and rooms outside of spaces. You can switch these on in the Quick Settings menu at the bottom left from Monday.

Bubble layout for messages has landed for the upcoming release!

This release will update to Electron 15 which uses a newer Chromium, so if you host your own Jitsi, please make sure it’s up to date, or you may find calls start breaking.

Nightly testing went well on Tuesday, with 47 test cases showing up 15 new issues

In labs (you can enable labs in settings on develop.element.io or on Nightly)

New thread fallback using the reply chain

Better stability when home server supports threads API defined in MSC3440

We are intending to add the new and improved search to the next release candidate on 8th Feb, community testing planned for next week

🔗Element iOS (website)

Secure and independent communication for iOS, connected via Matrix. Come talk with us in #element-ios:matrix.org!

Manu announces

Startup and resume times improved for upcoming release

Xcode13 & iOS15 compatibility added for developers

Release v1.3.17 coming out on Monday

In development:

Work continues on Spaces and Authentication

🔗Element Android (website)

Secure and independent communication for Android, connected via Matrix. Come talk with us in #element-android:matrix.org!

kittykat reports

Release v1.3.17 coming out on Monday, includes message bubbles, polls and location sharing

In development:

Message bubbles and Thread are progressing well and will probably be merged on develop next week

Improved automated testing (more screened added to the sanity test, including all the Spaces screens)

🔗Cinny (website)

Cinny is a Matrix client focused on simplicity, elegance and security

ajbura announces

🔗Features

Room settings

Add support for room message search in unencrypted rooms

Support options for Room visibility and Room addresses

Manage room permissions

Enable encryption and manage room history visibility

Custom emoji

Show user and room emoji in auto-complete cmd and emojiboard

Show custom emojis in reactions

Use jumbo emojis for emoji only messages

Add toggle to use browser's preferred theme

Show placeholder profile picture when it fails to load

Show ban, kick, unban options in profile viewer

Ability to change power level in profile viewer

🔗Bugs

Fix loading all twemoji on startup

Fix wrong read receipt count in encrypted rooms

Reset scroll when switching Home/DM

Fix gap under typing indicator in some device

Fix username overflow in timeline change messages

Fix message formatting

Find more about Cinny at https://cinny.in/ Join our channel at: https://matrix.to/#/#cinny:matrix.org Github: https://github.com/ajbura/cinny Twitter: https://twitter.com/@cinnyapp

🔗Dept of Non Chat Clients 🎛️

🔗Matrix Highlight (website)

A decentralized and federated way of annotating the web based on Matrix.

Daniel reports

Matrix highlight got experimental support for Firefox! It's still a bit crashy, but it shouldn't be much harder to stabilize it, and get the tool working properly there, too. Firefox is my personal browser of choice, and others have requested it, so it's nice that it's on the horizon :)

Also, after the discussion in Matrix Live and with some minor tweaks, I was able to get the extension to play nice with conduit! So that's now a viable alternative if you want to use Matrix Highlight with your own, self-hosted server.

🔗Circles (website)

E2E encrypted social networking built on Matrix. Safe, private sharing for your friends, family, and community.

cvwright reports

Circles is a project to build a secure, end-to-end encrypted social network using Matrix technology.

This week the primary focus was on updating Circles to work with the latest Matrix iOS SDK. I also successfully built and packaged the first beta release from an Apple M1 Mac.

The next step is to develop and integrate a new, more secure password-based login based on the BS-SPEKE protocol. This will replace Circles' current approach, which is described in MSC3265. Hopefully the new login flow will also be of interest to the broader Matrix community.

Our search continues for an Android developer to help us bring Circles to the world's largest mobile device platform. If you are excited about working with Matrix, Android Studio, and Jetpack Compose, send a resume and cover letter to [email protected].

More info:

Circles

Code

Try the beta

🔗Dept of SDKs and Frameworks 🧰

🔗Trixnity (website)

Multiplatform Kotlin SDK for Matrix

Benedict announces

Trixnity version 1.1.0 has been released! It adds support for room key backup, which makes developing a matrix client a lot more comfortable.

Here is the changelog:

Added key backup support!

RoomService::getAll() returns a reactive list of reactive rooms instead of a reactive list of rooms. This allows to implement huge room lists without performance losses in the UI.

Some reactive data can be accessed in a non reactive way. Note that you will then only get a snapshot of the data.

Prevent sending room keys as to device messages, when they cannot be encrypted (e.g. due to missing one time keys).

🔗Halcyon (website)

Halcyon is an easy to use matrix library inspired by discord.py

gen3 reports

Version 1.1.0 Released

Hello again! Halcyon is a python Matrix bot library created with the intention of being easy to install and use. With this release, we have reached our second release milestone! Check out the roadmap in notes.md (located in the repository), for what is planned for RC3! I'm really happy about the performance and functionality gains for this release. If you have any questions or bug reports, come and chat with us over in https://matrix.to/#/#halcyon:blackline.xyz

More info at on the project at https://github.com/WesR/Halcyon

Added

Detailed room info is here! The bot will now cache and provide room info with each message, automatically refreshing in the background. Check out usage.md for info on what is provided

get room admin / moderators, topic, related groups and more

Better polling through long polling (Thanks @forden:matrix.org for pointing out this improvement)

send images with the new send_image() function. It includes simple toggles for blurhash and thumbnail generation

More examples in /examples

General roadmap and documentation updates

Fixed

A fix for the slow polling, which might have also caused issues on systems with frequent network drops (Thanks @octt:matrix.org)

🔗Dept of Bots 🤖

🔗Bubo (website)

Matrix bot to help with community management

jaywink says

https://github.com/elokapina/bubo

Bubo is a friendly little owl (bot) that helps maintain your community. It's been over a year since cutting the last release, so the changelog contains a bunch of things, namely:

Added command to set power levels in rooms.

Added users command to list and create users in a configured Keycloak. Optionally send invites via keycloak-signup, a web app that allows self-registering with Keycloak via short lived tokens.

Add logging to a Matrix room.

Bubo admins and coordinators can now be set based on room memberships.

Add command to make Bubo unlink and part itself from a room.

Add command to list rooms Bubo maintains but is not admin in.

Add command to recreate a room. This follows the upgrade room functionality, but does it without needing admin permissions (basically almost everything except a tombstone event). Useful if for example you have accidentally lost admin in a hundred or so rooms in your community. Which may have happened 😅

The communities command is now deprecated (support for spaces coming in the next version).

Additionally some other changes and fixes, see changelog for full details.

Plans for next up features include syncing with Discourse to replicate spaces from Discourse groups and populate space members from Discourse group memberships (when Discourse shares the same Keycloak SSO provider with the homeserver).

🔗Dept of Interesting Projects 🛰️

🔗matrix-art (website)

A Deviantart Fork based on Matrix

MTRNord (they/them) reports

🔗Reaching another feature Milestone – Submitting images via Matrix Art.

Matrix Art now supports logging in with any account (well-known not supported yet. You need to provide the full server address) and submitting images through the interface. You can now either just log in (No benefit though at this time as comments and follows are missing) or create a Matrix Art Profile.

An Account can also be created later. An Account would create a Profile room at #<mxid> on your server if it doesn't exist. This currently is only possible by doing a logout and login in again with the box checked. A better way will be added soon. Editing the Profile is not yet implemented at this time.

These 2 changes should allow some people to experiment with this. Mobile design is not tested at this time. Submits should work. If you were previously logged in, you will need to log out and back in for some variables to get set correctly.

Registration is still WIP as there is some more moderation prep needed before the server accepts the registrations.

I hope people cheer in and post their images :) (Also, please use the nsfw flag if required. This will make them hidden on the front page but shown in your profile page. I will block people that don't use it from the instance otherwise. Please be sensible.)

🔗Other Changes

Form readability increased

Search engine getting filled in the background (Self hosted https://meilisearch.com instance gets used) when submitting

Loading indicator gets correctly positioned

Images without thumbnails or html caption don't break anymore

Directory Database was switched to SQLite

Roboto font was replaced with Inter font

Directory Endpoint got secured using the OpenID module in Matrix

"Devianart" typo got replaced with correct "Deviantart"

Logout state management got improved

🔗Project Information

For more information, feel free to take a look at https://github.com/MTRNord/matrix-art Or join our room: #matrix-art:nordgedanken.dev

🔗Matrix in the News 📰

msirringhaus says

Apparently, a German school forked FluffyChat and is using it for homeschooling: https://www.golem.de/news/matrix-grundschule-forkt-messenger-2201-162562.html (German only news article) Sources: https://gitlab.com/hermanncoders/hermannpost

🔗Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.

🔗#ping:maunium.net

Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	plocki.ddns.net	766
2	aria-net.org	1320
3	trygve.me	1359
4	almum.de	1393
5	matrix.org	1412.5
6	envs.net	1429
7	sosnowkadub.de	1482
8	polarbear.army	2157
9	pavot.ca	2668
10	matrix.fomin.site	2736.5

🔗#ping-no-synapse:maunium.net

Join #ping-no-synapse:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	matrix.sum7.eu	567
2	sspaeth.de	717
3	rustybever.be	992
4	dendrite.neilalexander.dev	1091
5	matrix.awesomesheep48.me	1659
6	grin.hu	4148
7	conduit.beckmeyer.us	6223
8	conduit.cyberdi.sk	96446

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.51 released

2022-01-25 — Releases — Brendan Abolivier

Synapse 1.51 is out! Here's what's new with this week's release.

🔗Deprecation of the `webclient` listener

A long time ago, Synapse used to serve a very basic web Matrix client (named "console") that could be used to connect to the homeserver. Server administrators could chose to make it available to their users by configuring a webclient listener.

This web client was removed in Synapse 0.34 back in 2018, but the webclient listener stayed, instead allowing server admins to serve the web client of their choice (or redirect to it) through the web_client_location configuration file.

Synapse 1.53 will remove the webclient listener, as well as the ability to set web_client_location to a static directory (instead of a HTTP(S) URL). See the upgrade notes for more information.

🔗Aggregations and sync

The concept of server-side aggregation in Matrix is defined in MSC2675 and is the ability for homeservers to extend the information included in an event using other events that relate to it. This allows, for example, clients to quickly retrieve the reactions associated with a given message, or its latest edit.

This release includes a number of notable performance improvements to calculating aggregations when responding to /sync requests. We continue to measure and investigate potential performance improvements in this area, which should end up greatly benefiting /sync response times.

🔗FOSDEM

FOSDEM, one of the biggest gatherings around free and open-source software in the world, is happening next week! Just like last year, the conference will happen online and will be hosted on Matrix. And just like last year, it will be packed with super interesting Matrix-related (but not only) talks.

One new addition this year is the presence of a whole devroom dedicated to Matrix. It will be hosted on February 6th, and you can already find its whole schedule of talks right here.

The Synapse team will be giving a couple of talks during the day: Events for the Uninitiated by Shay at 11:10, and Beyond the Matrix: Extend the capabilities of your Synapse homeserver by yours truly at 16:40 (all times CET). Come say hi! 🙂

🔗Everything else

This release includes a couple of spaces-related bug fixes, specifically related to the /_matrix/client/v1/room/{roomId}/hierarchy API. One of them in particular targets a bug in spaces that include more than 50 rooms, and should make it much easier to look for a specific room inside a space.

The synapse_review_recent_signups script, which allows homeserver administrators to review recent signups (e.g. in the event of a spam attack), was also improved with an option to exclude virtual users belonging to an application service from the results. See synapse_review_recent_signups --help for more information.

Please see the Synapse release notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Dirk Klimpel, br4nnigan, Philippe Daouadi, Daniël Sonck and AndrewFerr.