Matrix logo

This Week in Matrix 2019-08-09

09.08.2019 00:00 — This Week in Matrix Ben Parsons

Matrix Live

Something a little different this week: Erik helped me install Prometheus logging on my own homeserver, and we recorded it for Matrix Live.

Interesting reading: https://github.com/matrix-org/synapse/blob/master/docs/metrics-howto.rst

Dept of Status of Matrix 🌡

The Official Merch Store

<blink>YOU NEED MATRIX MERCH</blink>

Yes, it's true: Official Matrix Merch is available now. There are stickers, t-shirts and hoodies all available now, go and claim yours from https://shop.matrix.org.

stickers

<blink>CONSUME</blink>

Free Open Source Conference appearance from Oleg

Oleg:

I will be doing a talk on Matrix this weekend (tomorrow) at the annual Free Open Source Conference (FrOSCon) in Sankt Augustin (Germany). If you are around - come by and get some awesome [matrix] stickers! =)

https://programm.froscon.de/2019/events/2330.html

Visit #FrOSCon2019:froscon2019.fiksel.info to talk about the event.

Dept of Spec 📜

Approved MSCs

[MSC 2134]: MSC2134: Identity Hash Lookups 🎉

Final Comment Period

No MSCs have entered FCP

In Progress MSCs

[MSC 2213]: Rejoinability of private/invite-only rooms [MSC 2214]: Joining upgraded private rooms

Dept of Servers 🏢

Dendrite

Huge update from Andrew:

This week’s stats for Dendrite are in! 4 authors have pushed 11 commits to master and 11 commits to all branches. On master, 48 files have changed and there have been 676 additions and 146 deletions.

Of note are the following merged PRs:

We also have a number of PRs that were moved forward but not merged. Add auth fallback endpoint (our oldest PR at the moment!) which we mentioned last week is so very close, but not quite there in time for this TWIM.

In terms of passing Sytests, Dendrite now passes 172 tests, up from 167 last week. This is out of 761 tests in total. So just a small bump (0.6%), but note that things that are crucial for Dendrite development at the moment, such as federating, only cover a small subset of tests, so each passing one can bring us much closer to getting Dendrite usable day-to-day.

Synapse

From Neil:

The big news this week we’ve landed some massive DB improvements (https://github.com/matrix-org/synapse/pull/5706) which should make message sending on matrix.org (and any other server) feel noticeably snappier. :) It'll be in the next release.

Outside of perf, we’ve also been continuing with our privacy project, sydent now supports hashing third party identifiers instead of storing the raw form, and in the coming week we’ll look at minimising the meta data we store. You can track our progress across the full project here (https://vector-im.github.io/feature-dashboard/#/plan?label=privacy-sprint&repo=matrix-org/synapse&repo=vector-im/riot-web&repo=vector-im/riot-ios&repo=vector-im/riot-android&repo=vector-im/riotX-android&repo=matrix-org/matrix-doc&repo=matrix-org/sydent)

Work continues on our installer to make it easier to configure Synapse and we’ll be looking for some community feedback rsn. The room directory revamp is now very close and we hope to have something live on matrix.org in about a week.

Finally we’re working on improving the efficiency of smaller instances sending messages into large rooms, we’re still at the design stage, but it will make a huge difference for anyone self hosting.

andrewsh also informs us:

synapse in up-to-date in Debian unstable — and in buster-backports (uploaded last week)

Ruma

This Week in Ruma: https://www.ruma.io/news/this-week-in-ruma-2019-08-04/

Also, get live-streamed Ruma development: https://www.jimmycuadra.com/posts/twitch-live-streams-of-ruma-development/

Does the video include time spent waiting for async to land in Rust?

signaller - new "lightweight server"

ChronosX88 announced that he is "developing a lightweight Matrix server" - check on their progress at https://github.com/signaller-matrix/signaller, also join #signaller_dev:netwhood.online.

TravisR announces various unstable interesting things

TravisR:

If you fancy running highly experimental software on your homeserver which might break things, I have two things for you:

  1. matrix-key-server ( #matrix-key-server:t2bot.io ) is an implementation of a Matrix key server with notary support. Although it follows the specification, it has not been tested against Synapse. It is however fully featured: check it out on the federation tester ( https://federationtester.matrix.org/#keys.t2host.io ) or by querying it yourself ( https://keys.t2host.io/_matrix/key/v2/query/matrix.org ).

  2. matrix-room-directory-server ( #matrix-room-directory:t2bot.io ) is less experimental than the key server but is still very early days. Currently it only offers the ability to manipulate the federated public room directory for your server, but in future it is planned to be its own standalone directory server (room aliases without having to run a whole homeserver). Check it out by searching the t2bot.io room directory from your client.

Dept of Clients 📱

Continuum progressing!

I love getting updates from yuforia - they've been consistently working on Continuum for some time, and by increments are making a great client.

Reuse the ListView of messages across different rooms to reduce memory usage (Experimental) Remember and refocus the last read message, making it easier to go through all unread messages while switching chat rooms freely.

QMatrixClient is now Quotient

kitsune:

Renaming of QMatrixClient to Quotient has been finally merged to the master branch; Quaternion master uses it from now, too. Packagers are welcome to make test builds and report bugs in #quotient:matrix.org. libQuotient 0.6 beta is coming close now!

Riot iOS

  • Test on iOS 13 Beta. Beta 6 fixed most bugs discovered on Beta 5
  • Released 0.9.2 (Waiting for Apple review at the time of writing)
  • Working on privacy concern.

Riot Android

  • Working on privacy concern.

RiotX (Android)

Dept of Identity 🛂

ma1sd 2.1.1

ma1uta announced ma1sd release 2.1.0:

Changes: reworked unbind (MSC1915).

Now ma1sd is compliant with the MSC1915 (unbind).

and then 2.1.1:

ma1sd release 2.1.1 with the security fix and more strict request validation, allows only requests from ma1sd's matrix domains (mirroring bind). Download links: https://github.com/ma1uta/ma1sd/releases/tag/2.1.1 (archives and the deb package) and https://hub.docker.com/r/ma1uta/ma1sd for docker image.

Dept of Bridges 🌉

mautrix-facebook, mautrix-telegram and the tulirverse

tulir has been making big updates to two of his bridges:

mautrix-facebook can now bridge formatting, mentions, replies and reactions in both directions.

There is also a logout command now.

mautrix-telegram's switch to mautrix-python is nearly finished (i.e. it didn't cause any errors for the past few days when testing in production). The main reason for the switch is using one Matrix library for all my python bridges. It also means the bridging code like double puppeting and command handling I shared between mautrix-facebook and mautrix-hangouts is now also used in mautrix-telegram.

Visible changes directly caused by using mautrix-python:

  • Logs are now colorful.
  • Python 3.5 is no longer supported.
  • The bridge will refuse to start without access to the base config file.

Other changes that happened during the switch:

  • Telegram "Saved Messages" can now be bridged even when using double puppeting.
  • Mentions on Telegram are marked as read when using double puppeting (messages were already being marked as read, but mentions weren't).

Also, this actually happened last week and the week before that, but anyway: I've moved the CI and docker registry of my active projects to a self-hosted GitLab at mau.dev. Specifically, the CI/docker registry for all four mautrix bridges and maubot and automatic builds for gomuks have been moved. My maubot plugins also have automatic .mbp builds in the CI. For the docker registry, prepending dock.mau.dev/ to the existing image names will work. The old places (docker hub, dl.maunium.net) won't get new builds anymore. The repos on GitHub are still the "canonical" repos, but they're mirrored more or less instantly with maumirror.

He adds:

mautrix-telegram will probably get some sort of history filling in the near-ish future

Also,

I'm going to add some way to put bridged rooms into personal communities for filtering purposes. Not yet sure if it'll be fully built into the bridges or some kind of an external script

IRC bridge RC

Half-Shot:

Hi folks, we've released a RC of the next irc bridge version. Check it out at https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.13.0-rc1

Email2Matrix

Slavi, famed for his ansible playbooks, announced:

I've just released Email2Matrix - an SMTP server that can relay incoming messages over to Matrix based on mappings defined in a configuration file.

While it can also be installed standalone and work with any Matrix homeserver (see its documentation), the simplest way to install it is using matrix-docker-ansible-deploy and its guide for Email2Matrix installation.

The configuration process (users, rooms, mappings) is quite manual, but it's simple and has worked well for me for the past year and a half. I've only just polished it up a bit, released and integrated with the Ansible playbook, so others could benefit from it too.

matrix-xmpp-filter

mijutu appeared, and announced:

I started a "matrix-xmpp-filter" project. It's like matrix-ircd, but with xmpp instead of irc. It can also filter messages by weekday, time and regular expressions. Target audience is Sailfish phone users, but it could be used with other xmpp clients too (no xmpp MUC support required). https://k2c42.dy.fi/matrix-xmpp-filter.git/ #matrix-xmpp-filter:ellipsis.fi.

matrix-github (GH issues bridge)

Half-Shot:

https://github.com/Half-Shot/matrix-github has had quite a few updates. Notably:

  • Support for storing users access tokens securely, using a bot command.
  • Multi-process bridging: The webhook portion of the bridge can be run in a separate function if needed for performance.
  • Images and mentions now work in both directions
  • The readme is now actually helpful, and have also made *.sample.yaml files.
  • You can now use it via oauth

Dept of Ops 🛠

Ananace:

Currently working on a Puppet module to manage Matrix Synapse installs (both directly and through docker), not quite ready for prime-time yet but watch this spot.

Dept of Bots 🤖

Voice to text bot

progserega announced:

I develop matrix Bot, which converting voice messages to text. It use Yandex Speech API and Yandex API cloud (some as aws) for temporary store voice-data before converting. https://github.com/progserega/voice2textMatrix Bot have such logic:

  1. user add bot to room (for example room with whatsapp bridge users - now bridge support adding bot to such rooms)
  2. bot listen room, and when get voice-message - send it to Yandex-cloud for translate (now support only Russian language).
  3. When translating is success - bot get result text and show it in room as notice, such: "Username said: text"
  4. Bot also receive some command, which allow disable it in this room, or disable translating for user, which send command..

Seeing this, I wondered, "y tho?", luckily progserega was able to explain with a graphic! They say a picture paints a thousand words, and it's clear from the conversation below why he'd want to have speech-to-text capabilities.

Speech to Text

Dept of Services 🚀

The Modular Matrix -> Matrix migration tool now supports migration of power levels to the new user.

That's all I know 🏁

So that's all I have to say to you right now! See you next week, and be sure to stop by #twim:matrix.org with your updates!

This Week in Matrix 2019-08-02

02.08.2019 23:35 — This Week in Matrix Ben Parsons
Last update: 02.08.2019 20:23

Matrix Live

I chatted to Rick about the new Small instances available on modular.im.

Dept of Spec 📜

Approved MSCs

No MSCs have been approved.

Final Comment Period

In Progress MSCs

(kudos to anoa for providing this well-formatted summary section)

KaTeX rendering support

Tim:

there's now a pull request in for full native math rendering support (via KaTeX), which will replace the shoddy bot that I made last week (or whenever)
https://github.com/matrix-org/matrix-react-sdk/pull/3251

Dept of Servers 🏢

Synapse

This week we’ve been working on implementing identifier hashing in sydent, a brand new installer for Synapse, we’ve trialled some new db perf improvements which look very promising (more on this soon) and finally very close to an all new implementation of room search.

Next week we’ll push out the all new Sygnal, continue with the installer and room search and pick up some tasks under our privacy umbrella to ensure that Synapse is not holding onto any data that it does not strictly need to.

Dendrite

anoa:

Dendrite progress marches forwards. This week we had:

  • Room tagging implemented (thanks peekay_46!)
  • A PR for redactions opened by our GSoC student cnly
  • A PR for authentication fallback (for when clients don’t have a web browser built in and want to use recaptcha from trion129
    • This has been in the works for a while, and just has a couple small changes left to go!
  • Two PRs for filtering database functionality from CromFr
  • A PR for fixing the scope of transaction IDs in Dendrite’s transaction cache from cnly

Cnly’s GSoC period ends on August 26th. He has been a massive boon to the project’s cadence so far and we hope he will continue even after GSoC ends when he has time :)

Dept of SDKs and Frameworks 🏗

koma, Kotlin Library

yuforia has this update about koma, the library used to power continuum:

Provide automatic deduplication and rate-limiting when downloading media resources. This improves performance of GUI applications, where avatars of many users may appear on screen at once, and some of them may be identical.

libQuotient

kitsune:

libQuotient's master branch now supports sending and receiving reactions, and receiving message edits. We also have another PR in the works from aa13q that would add support for events decryption, as a part of his GSoC endeavour.

Dept of Clients 📱

Fractal 4.2 released

Alexandre Franke announced a new edition of Fractal:

Nightlies of Fractal are currently stuck on a 2 weeks old build because of one of our dependencies… but the long awaited 4.2 stable release is out! You can get it out fresh from flathub as usual.

Changelog:

New features:

    Adaptive window, mobile friendly
    Window size and position are remembered
    Redesigned login
    Spellcheck
    Network proxy support
    Typing notifications
    Badges are shown for operators and moderators
    Keyboard shortcuts for easier navigation across rooms

Better uploads:

    Audio and video files are now tagged correctly
    Image files have a thumbnail
    Various tweaks to the file chooser

Bugfixes:

    Logs actually output something now
    A few issues with invites and direct chats have been resolved
    More reliable scrolling
    Some crashes fixed

Under the hood:

    Code refactor continues
    We’re now using Rust 2018
    Many improvements to the build system and CI

Neo huge update!

joepie91:

Lots of news about Neo!

  • There's now an additional maintainer (joepie91)!
  • A lot of the internals have been refactored, so they should be more maintainable and reliable going forward. Also some future work planned on refactoring the state handling using Redux, which should make it much faster to fix issues and add new features in the future. There are even some ideas already for a future plugin API!
  • Display has been improved in a lot of places. Error messages are now more clearly formatted, images in reply-quotes are now shown as thumbnails rather than just a filename, and the reply-to popup now shows the full event that you're replying to properly. The chat window now correctly sticks to the bottom when you're scrolled to the end and receive new messages, even when an image or video loads - though per-room scroll position restoration isn't done yet.
  • There's now an experimental compact mode! It uses a more IRC-client-like layout for messages, and generally just fits more content onto the screen. It can be enabled with an experimental flag. A screenshot of the compact mode can be found here.

You can try the compact mode at https://neo.pixie.town/app/?compactMode=true.

Riot Web

Message editing composer now supports undo/redo.

Riot iOS

  • Reactions: List of who reacted
  • Native Camera. The embedded camera view has been removed. There is now a new action “Take photo and video”
  • Privacy: We have been working on implementing terms to display before using integrations

Riot Android

  • VOIP / Remove default stun server
  • Make Integration Manager optional (disables widgets, calls)

RiotX (Android)

  • Feature / Direct Room Creation Flow
  • Improvement / Local echo of pending edits
  • Improvement / Seamless transition from timeline to fullscreen image preview
  • Bug fixes

Pattle

Wilko:

Pattle is now available on Google Play!

Dept of Bridges 🌉

Half-Shot:

Hey folks, first an update from the bridges integrations side. We've brought back snoonet and oftc on the integrations menu so you can once again connect matrix rooms to these networks. Other networks should work as standard.

matrix-appservice-irc

Half-Shot again:

On the matrix-appservice-irc side we've made a few fixes to the handling of IRC modes (things that handle how users should behave) when bridged to IRC. This should hopefully make opping and voicing users more reliable. There are a few other fixes in the pipeline too, so a release isn't too far off.

GitHub issue bridging !?

Half-Shot AGAIN:

I had an adventure this afternoon into the world of bridging again, and have made a Github to Matrix bridge. At the moment you can join aliases and saturate your homeserver with the entire history of a issue or PR. You can also chat to folks on issues in realtime.

Check it out at: https://github.com/Half-Shot/matrix-github

GitHub issue bridging

Dept of Ops 🛠

debian-based K8s-optimized image

Ananace:

Just pushed a debian-based K8s-optimized image as well, it's 150MB larger than the alpine one, but on the other hand it comes with jemalloc support so it's nicer on the RAM instead.

CLI federation tester

kai is someone with no fear of rapid iteration! Versions 1.2, 1.3, 1.4 and 1.5 of his script were made available this week:

I finished version 1.5 of my small command line based federation tester. The bash script relies heavily on popular Unix tools like awk, curl, jq, sed and so on. Compared to https://federationtester.matrix.org, the outputs are a little more detailed and additional tests are performed, especially on the supported SSL protocols. Currently, it has only been tested under Linux.
The current version improves the handling of port in the .well-known and DNS SRV configuration.
You can download it from #cli_federation-tester_de:matrix.chat-secure.de or directly via https://matrix.chat-secure.de/_matrix/media/r0/download/matrix.chat-secure.de/MDwYLdrxRdudmcgDzBEALCzN

Dept of Bots 🤖

jcgruenhage has been working on a bot in relation to the startup he's working with:

I made a bot for issuing Json Web Tokens to matrix users based on what homeserver they are on. It's implemented as a maubot plugin (best way to write bots right now) and licensed under the AGPLv3. You can find it over at https://gitlab.com/famedly/bots/jwt, and talk about it in #jwt-bot:famedly.de
As for the usecase, we want to give people from customer homeservers access to an API component, but don't want to maintain a separate account database. This way, they can request a token from the bot and then use that to interact with the API component

Dept of Services 🚀

jaywink used an underrated HTML tag tag to inform us:

<Feneas community hat> We've added a public fully featured Telegram bridge to our Matrix stack. More info in our forum. </Feneas community hat>

This is great - we must tip the hat to tulir, creator of this widely-used bridge.

Final thoughts 💭

red_sky: Nheko now has a weblate instance set-up for users to contribute translations: https://weblate.nheko.im/engage/nheko/

Interview about DINSIC's use of Matrix (all in French)

That's all I know 🏁

So that's all I have to say to you right now! See you next week, and be sure to stop by #twim:matrix.org with your updates!

Critical Security Update - Synapse 1.2.1 released

26.07.2019 00:00 — Releases Neil Johnson

Today we release Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation. The patches address long standing bugs, and are not regressions specific to the previous version (1.2). All admins, regardless of current version, should upgrade asap.

This release includes four security fixes:

  • Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. (#5767)
  • Prevent a denial-of-service attack where cycles of redaction events would make Synapse spin infinitely. Thanks to @lrizika:matrix.org for identifying and responsibly disclosing this issue. (0f2ecb961)
  • Prevent an attack where users could be joined or parted from public rooms without their consent. Thanks to Dylanger for identifying and responsibly disclosing this issue. (#5744)
  • Fix a vulnerability where a federated server could spoof read-receipts from users on other servers. Thanks to Dylanger for identifying this issue too. (#5743)

Additionally, the following fix was in Synapse 1.2.0, but was not correctly identified during the original release:

  • It was possible for a room moderator to send a redaction for an m.room.create event, which would downgrade the room to version 1. Thanks to @/dev/ponies:ponies.im for identifying and responsibly disclosing this issue! (#5701)

You can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Alternatively check out our Synapse installation guide page

Thanks for bearing with us.

This Week in Matrix 2019-07-26

26.07.2019 00:00 — This Week in Matrix Ben Parsons

Matrix Live - demos!

We had a great demo session this afternoon, unfortunately the recording quality for some of the items was not good enough to share - and it was interesting stuff too! I cut everything from the RiotX and Riot iOS sections - but we'll make it up to you by getting more news from those projects soon.

Dept of Status of Matrix 🌡

Matthew informed the community:

We're getting more and more folks reaching out for paid help setting up smaller self-hosted Matrix deployments. The core team has its hands full currently with helping out with larger deployments; so if anyone reading this wants to offer paid support to those getting up and running on Matrix then please make us aware so we can potentially route inquiries to you.

This is a great step for Matrix, and a great opportunity for you the reader! There are already several people prepared to start work on Matrix-related endeavours, but the fact that there is more work coming in than we can currently route is amazing. If you'd like to be on an informal shortlist, contact support@, or come chat to me directly.

Dept of Servers 🏢

Synapse

So said Neil, who oversees the Synapse-makers:

This week we shipped two new versions, 1.2 (https://matrix.org/blog/2019/07/25/synapse-1-2-0-released) and 1.2.1(https://matrix.org/blog/2019/07/26/critical-security-update-synapse-1-2-1-released). 1.2.1 contains critical security updates, the bugs are long lived and not regressions introduced in 1.2 so all admins are encouraged to upgrade asap.

We’ve also been having some success in improving database performance and hope to ship that rsn so everyone can benefit.

Next week

We’ll continue on db perf, improving logging verbosity (through recategorising some log lines) and generally looking to improve the experience for those admins running on smaller instances.

Ruma

Jimmy released TWIR:

GSOC project: Matrix Visualisations 🎓

Eisha:

The GSoc project “Matrix Visualisations” has continued its progression during the second period:

A “multi-view” has been implemented for the frontend application. It means that it is now possible to independently view multiple DAGs at the same time in the same canvas. It can be useful for observing the same DAG but on different HS’s, at the same time. The only current limitation is that you have to use the same backend for every view (with CS API or with the backend talking to a Synapse PostgreSQL database). This change took a long time as it required to make a lot of changes in the code.

The implementation of the support of the Federation API within the backend is in progress. It is slowly progressing as it needed some discussion before starting the work on it and its implementation requires me to become familiar with a lot of new things, regarding the federation process and the authentication of requests between HS’s.

Dept of SDKs and Frameworks 🏗

matrix-shell-suite taking feature requests

darnir:

Hey, I'd like to put out a call to everyone out there. If there's any script people desire for interacting with matrix homeservers, the #matrix-shell-suite:matrix.org project is taking feature requests.

Olm SAS interface for RubyOlm

Willem:

I had the code laying around for quite a while, but I just completed the Olm SAS interface for my fork of RubyOlm. It also includes interfaces for generating the emoji! 😀

Dept of Clients 📱

Pattle 0.10.0

I've been playing with Pattle 0.10 and have to say, it feels silky smooth to scroll with. It's really making me look again at Flutter development.

From Wilko, project lead:

A new version has been pushed to F-droid and TestFlight!

Note that for TestFlight the new version will be available in a few days.

  • Improve scrolling through chat messages!
    • Messages are now paginated under the hood, before the whole message list was rebuild when loading more messages, causing a jittery scrolling experience.
  • Support typing notifications!
    • Typing notifications are shown and send while typing.
  • Add chat settings screen
    • Currently you can see the chat name, avatar, description and members. More will be added in the future.
    • You can go to the chat settings screen by clicking on the title of the chat. This'll probably change in the future (at least to be easier).
  • Reverse swipe direction of images (thanks Nathan!)
  • Fix ripple not showing on send button
  • Make UI refreshing more efficient
  • The App Store (iOS) name is now 'Pattle' instead of 'Pattle IM'
  • When a chat is open, the UI will only be rebuild if that chat has updates.
  • Lot's of code clean ups and improvements, mostly in the SDK

What's coming up?

  • A release on Google Play!
  • A release on the official F-droid repo!
  • Remove Cupertino specific styling on iOS
    • Will now use Material Design, but altered for iOS. Having the discrepancy between Cupertino and Material was also the reason why some things didn't show up in iOS or why some things would be blue instead of the Pattle red.
  • Notifications!? (F-droid)

Follow development in #app:pattle.im!

Pattle 0.10

Spectral introduces support for reactions

Black Hat:

Reaction support is coming to Spectral!

Reactions in Spectral

Riot Web

From the team:

The edit history of a message now shows differences also for formatted (html) messages.

Riot iOS

From the team:

  • Reactions: We have now an Emoji picker and the screen that displays who reacted
  • Soft logout fully implemented

Riot Android

From the team:

  • New release of Riot (0.9.3) to fix crash on Android 4.x
  • The package is bigger because we embed both 32bits and 64bits, which is now required by Play Store

RiotX (Android)

From the team:

  • Room screen: Manage cancel/resend of unsent messages
  • New DM room creation flow
  • Room upgrade support

Dept of Encryption 🔐

New Pantalaimon release

poljar told us:

Pantalaimon got a new release. This release brings experimental support for search in E2E encrypted rooms, performance improvements in the database department, better support for true headless mode for all the bot lovers, and of course the usual bug fixes and small improvements.

Dept of Bridges 🌉

matrix-appservice-slack

Half-Shot announced:

0.3.1 of the slack bridge is out with a few bugfixes

Be sure to watch Cadair provide a demo in the Matrix Live video above.

Picard Bot (slack bridging)

Cadair:

SolarDrew and I have been working on re-writing our Picard Bot for a conference next week. Picard helps you bridge between a slack team and a matrix community.

This second version of Picard adds support for reacting to creation of new rooms on slack in real time as well as implementing a set of commands for creating new bridged rooms from either matrix or slack. In addition to this, Picard has matrix commands for inviting you to all the bridged rooms in the communtiy and automatically inviting you to new rooms as they are created. Finally, we have added support for sending welcome messages to all new members of your slack team or matrix community in a DM with the bot, which we are using to explain the chat setup to users and giving them a private place to issue commands.

This is uses matrix-appservice-slack for actually sending events in bridged rooms, and PIcard itself is a skill for the opsdroid bot framework #opsdroid-general:matrix.org and uses the matrix-database plugin for opsdroid which uses matrix room state to back the opsdroid memory.

mx-puppet-bridge, new bridge: mx-puppet-instagram

The work on mx-puppet-bridge things continue! The core library and the implementation received some bugfixes, however, a new bridge is there: mx-puppet-instagram. Currently it supports

  • Auth currently only by username+password :(
  • basic message sending
  • I->M photoes, voice messages, animated image thingies
  • M->I images
  • M->I files as links only

mautrix-whatsapp

tulir has been putting a lot of time into WhatsApp bridging lately, the bridge is more stable than ever:

There's a mysterious new mautrix-whatsapp branch. Related to that, I made a spec proposal and a synapse PR to allow appservice bots to use /sync.

GSoC Project: Reliable Bridges

Thanks for this update from Kai:

It's all coming together now. While all pieces of the puzzle were roughly there, now they are put into the big picture.

The bridge SDK PR has been merged to develop, now providing bridges the benefit of error reporting. The modifications to the SDK are non-breaking, but activation of the feature requires small changes to the bridge using it. But be warned, everything is still under an unstable prefix and rightly so – the implementation is still subject to change. >

The MSC didn't get much love in public, but the concepts required to evolve it are taking shape. It was contemplated to piggyback on MSC 1410: Rich Bridging and to add a retry mechanism. So heads up for more to come on this front.

The display of bridge errors in Riot Web is now a PR and in the state of getting its last few kinks removed. It will start to be available under a lab flag soon.

With everything getting to play together nicely, there will be the first rooms enabling bridge errors to test the code in the wild. Stabilizing the code for everyday use and getting the MSC into a respectable form are the next goals for the project. Those will help in fostering broader adoption among bridges and clients.

Dept of Ops 🛠

k8s images

Ananace made sure everything is up to date for Synapse with 1.2.1 images now available.

Dept of Identity 🛂

ma1sd, identity server forked from mxisd released

ma1uta has been working on ma1sd, a fork of the discontinued mxisd:

ma1sd (https://github.com/ma1uta/ma1sd) is released. ma1sd is a fork of the discontinued mxisd (https://github.com/kamax-matrix/mxisd) is a federated Matrix Identity Service.

Changes:

  • rename the application name, configuration options to ma1sd. Internal names, packages still use old name mxisd
  • bump some dependencies to the latest versions
  • add openjdk-11 dependency for debian package due to debian 10 doesn't include openjdk-8 (yep, ma1sd can work with java 11).

Downloads:

Feel free to ask me questions about ma1sd in #ma1sd:ru-matrix.org

Final thoughts 💭

kitsune: "the latest versions of libQMatrixClient (0.5.2 - still under the old name) and Quaternion (0.0.9.4) are now available in Debian unstable, thanks to uhoreg"

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.2.0 released

25.07.2019 00:00 — Releases Neil Johnson

Hey hey, Synapse 1.2.0 is here. It contains aggregations support, better error handling for deactivated accounts and some important bug fixes for redacting messages. Special thanks to community members skalarproduktraum and Lrizika for submissions to improve our documentation.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our Synapse installation guide page

The changelog since 1.1.0 follows:

Synapse 1.2.0 (2019-07-25)

No significant changes.

Synapse 1.2.0rc2 (2019-07-24)

Bugfixes

  • Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. (#5734)

Synapse 1.2.0rc1 (2019-07-22)

Features

  • Add support for opentracing. (#5544, #5712)
  • Add ability to pull all locally stored events out of synapse that a particular user can see. (#5589)
  • Add a basic admin command app to allow server operators to run Synapse admin commands separately from the main production instance. (#5597)
  • Add sender and origin_server_ts fields to m.replace. (#5613)
  • Add default push rule to ignore reactions. (#5623)
  • Include the original event when asking for its relations. (#5626)
  • Implement session_lifetime configuration option, after which access tokens will expire. (#5660)
  • Return "This account has been deactivated" when a deactivated user tries to login. (#5674)
  • Enable aggregations support by default (#5714)

Bugfixes

  • Fix 'utime went backwards' errors on daemonization. (#5609)
  • Various minor fixes to the federation request rate limiter. (#5621)
  • Forbid viewing relations on an event once it has been redacted. (#5629)
  • Fix requests to the /store_invite endpoint of identity servers being sent in the wrong format. (#5638)
  • Fix newly-registered users not being able to lookup their own profile without joining a room. (#5644)
  • Fix bug in #5626 that prevented the original_event field from actually having the contents of the original event in a call to /relations. (#5654)
  • Fix 3PID bind requests being sent to identity servers as application/x-form-www-urlencoded data, which is deprecated. (#5658)
  • Fix some problems with authenticating redactions in recent room versions. (#5699, #5700, #5707)
  • Ignore redactions of m.room.create events. (#5701)

Updates to the Docker image

  • Base Docker image on a newer Alpine Linux version (3.8 -> 3.10). (#5619)
  • Add missing space in default logging file format generated by the Docker image. (#5620)

Improved Documentation

  • Add information about nginx normalisation to reverse_proxy.rst. Contributed by @skalarproduktraum - thanks! (#5397)
  • --no-pep517 should be --no-use-pep517 in the documentation to setup the development environment. (#5651)
  • Improvements to Postgres setup instructions. Contributed by @Lrizika - thanks! (#5661)
  • Minor tweaks to postgres documentation. (#5675)

Deprecations and Removals

  • Remove support for the invite_3pid_guest configuration setting. (#5625)

Internal Changes

  • Move logging code out of synapse.util and into synapse.logging. (#5606, #5617)
  • Add a blacklist file to the repo to blacklist certain sytests from failing CI. (#5611)
  • Make runtime errors surrounding password reset emails much clearer. (#5616)
  • Remove dead code for persiting outgoing federation transactions. (#5622)
  • Add lint.sh to the scripts-dev folder which will run all linting steps required by CI. (#5627)
  • Move RegistrationHandler.get_or_create_user to test code. (#5628)
  • Add some more common python virtual-environment paths to the black exclusion list. (#5630)
  • Some counter metrics exposed over Prometheus have been renamed, with the old names preserved for backwards compatibility and deprecated. See docs/metrics-howto.rst for details. (#5636)
  • Unblacklist some user_directory sytests. (#5637)
  • Factor out some redundant code in the login implementation. (#5639)
  • Update ModuleApi to avoid register(generate_token=True). (#5640)
  • Remove access-token support from RegistrationHandler.register, and rename it. (#5641)
  • Remove access-token support from RegistrationStore.register, and rename it. (#5642)
  • Improve logging for auto-join when a new user is created. (#5643)
  • Remove unused and unnecessary check for FederationDeniedError in _exception_to_failure. (#5645)
  • Fix a small typo in a code comment. (#5655)
  • Clean up exception handling around client access tokens. (#5656)
  • Add a mechanism for per-test homeserver configuration in the unit tests. (#5657)
  • Inline issue_access_token. (#5659)
  • Update the sytest BuildKite configuration to checkout Synapse in /src. (#5664)
  • Add a docker type to the towncrier configuration. (#5673)
  • Convert synapse.federation.transport.server to async. Might improve some stack traces. (#5689)
  • Documentation for opentracing. (#5703)

Data Portability Tooling Bug

24.07.2019 00:00 — Privacy Thomas Lant

It was drawn to our attention this afternoon that there is a bug in our GDPR data portability tooling that resulted in the data dump including some events that should not have been included.

This tooling has recently been updated (here is the new code), and the bug only affects reports generated with the updated tool. So far we have generated one report using the updated tooling.

The bug affects events which:

  • were sent in rooms in which, at the point at which the message was sent, the message visibility was set to 'shared' or 'world readable', and
  • were pulled in over federation from another server after the data subject left the room

As a reminder, 'shared' message visibility means anyone in the room can view the message, from the point in time at which visibility was set to 'shared' and 'world readable' means anyone can read the messages without joining the room, from the point in time at which visibility was set to 'world readable'.

Events are pulled onto a homeserver over federation when a user on that homeserver tries to access events which, for whatever reason, their homeserver does not already have a local copy. This most often happens when their homeserver is offline for any period of time, but can also happen when a user is the first user from their homeserver to join a room with active participants on other homeservers.

We're still analysing the data but so far it looks like the bug resulted in only a small number of events that were not publicly-accessible being shared (there were also publicly-accessible events mistakenly included). At this stage we have identified 19 events from 4 users across 2 rooms (the dump contained ~3.5 million events). This is not to diminish the severity of the bug - just to reassure that the scale of its impact appears to be extremely limited.

It is also worth noting that any encrypted events erroneously included in the dump will not have been decryptable (since the data subject would not have had access to the keys).

Update (2019-08-06)

In our original analysis we stated that 19 events were shared erroneously. On closer analysis we missed 5 other timeline events - the correct figure is 24 timeline events originating from 4 users over 2 rooms. However, this figure focused on timeline data and does not take into account all state events (such as user joins, parts, topic changes etc). When considering these too, a further 56 state events were erroneously shared, referencing 64 users across these 2 rooms (mainly detailing when users had joined/left the room after the requesting user themselves had left). These membership events contained avatar & display name details which may not have been public (but in practice, the vast majority appear to be public data).

Aside from the events referenced above, the full dump contained ~20,000 events that also ought not to have been included; however these events were already publicly accessible due to being part of publicly accessible rooms (eg Matrix HQ) and so we do not consider them a breach of data.

What caused the bug?

Events that are pulled in over federation are assigned a negative 'stream ordering' ID. This is designed to avoid their being sent down the sync (where they would likely be out of sequence). In normal operation (accessing your homeserver via a Matrix client) these events would be appropriately filtered, but a bug in the data dump tooling caused them to be included.

The bug was introduced as a result of two factors:

  • The event filtering code assumes that the user is currently in the room - this was not intuitive, and was not called out in the documentation
  • When we fetched the events from the database, we tried to limit to events sent before the user left the room. On reflection, we used the wrong ordering mechanism (stream ordering instead of topological ordering), resulting in the inclusion of events that were fetched from a remote server after the data subject had left

We are working to fix the bug, and we'll update here when it is resolved. As a reminder, please do report security bugs responsibly as per the Security Disclosure Policy so we can validate the issue and mitigate abuse.

As is standard practice for any data breach, we have notified the ICO.

Privacy Changes to New Vector Identity Servers

19.07.2019 16:35 — Privacy Thomas Lant

As a step towards implementing Terms of Service for Sydent Identity Servers (MSC2140), we're rolling out a couple of changes to the two Identity Servers run by New Vector (running at vector.im and matrix.org):

  1. We have erased all of the data where there is any chance that the data subject didn't understand how, why or with whom their data was being shared.
  2. We've made a change to Sydent so that it no longer persists new associations relating to users on homeservers not run by New Vector.

The impact of these changes is that users on homeservers not run by New Vector will no longer be discoverable by their email or telephone number via the Identity Servers running at vector.im and matrix.org. As we roll out the rest of the changes for Terms of Service for Identity Servers, this functionality will again be made available for users who make an informed choice to opt in.

Registration with Email and Password Reset

In the short term, the New Vector Identity Servers will continue to support registration with email (signing up with an email address as well as a matrix username) and password reset. However, as we continue to improve Identity Server data hygiene practices, we will phase out their use in registration with email and password reset entirely. We have already made the change to Synapse to support password reset without relying on an Identity Server (though this can optionally be re-enabled).

Once Synapse can support registration with email without relying on an Identity Server we will announce a schedule for disabling registration with email and password reset in our Identity Servers entirely. After this point, homeserver administrators will have to make sure their homeservers are configured to send email to keep registration with email and password reset working. More details on this to follow - please watch this space.

This Week in Matrix 2019-07-19

19.07.2019 00:00 — This Week in Matrix Ben Parsons

Matrix Live Smörgåsbord 🎙

Featuring: Open Tracing, Synapse, Dendrite and Riot Web

Dept of Spec 📜

Spec News

(not quite matrix) feneas call for comments on spec for metadata

jaywink:

<community-hat>
I'm working on a specification for exporting metadata and usage metrics out of federated servers. The aim is that the same specification could be re-used cross-protocol for example with not only Matrix servers but also ActivityPub, Diaspora and XMPP servers, as an example. Looking for comments here: https://talk.feneas.org/t/serverinfo-specification-for-server-metadata/99
</community-hat>

Dept of Servers 🏢

Dendrite

anoa:

Feature Updates

Dendrite continues along with more development from anoa, our resident GSoC student cnly, and a few community members. cnly has been working mainly on fixing up /sync issues and other areas of the CS API, fixing the various federation issues, mainly those dealing with room state, and various other maintenance tasks around the codebase that are highly appreciated. peekay_46 has been hard at work completing Dendrite’s implementation of room tagging and trion129 returned to continue with adding a fallback page for recaptcha (for clients that can’t render web pages). We have a number of community PRs still with active members, but most are waiting for reviews, which anoa is working towards.

The Plan

A couple TWIMs ago we teased that Dendrite had a plan in the works. Well one meeting later and here is the proposal:

It will take a while for Dendrite to become feature complete with Synapse, but we’d like people to be able to actually use Dendrite before then. Instead of waiting for feature-completeness, we propose a set of milestones for Dendrite development to reach and prioritize development for.

These milestones are currently listed on Dendrite’s github. The first is “Bot Hosting”, which means, once complete, Dendrite would be suitable as a “bot hub”, allowing server admins to run massive bridges on top of Dendrite while taking advantage of its horizontal-scaling capabilities. As written in the description, this goal includes basic CS API support, as well as federation with other homeservers. At this stage Dendrite should already be usable in rooms with other Synapse servers, which should make it a lot more interesting.

After that is several more milestones, each representing another use case that Dendrite can fill.

Don’t be alarmed at the currently quite small percentage of completeness, as these milestones have just been built from the open issue list. We’re actually quite far along to #1 already :)

We also want to mention that the milestones aren’t completely built yet - there’s still a few more issues to comb through. It’s taken a few days as anoa can’t help himself to fix things as he goes along. A few open issues have also been closed as they had already been fixed earlier.

This is all mentioned in this week’s Matrix Live above by the way, so be sure to catch for some extra details if you’re interested.

We look forward to shipping you a working Dendrite soon™. And as always feel free to join us in #dendrite-dev:matrix.org for discussion.

Synapse

Neil, who oversees the Synapse factory:

This week we’ve been working on improving database performance, shipping the new small hosted homeserver instances - expect a lot of improvements to come that will benefit the whole community and merged our recent OpenTracing support. We’ve also made some changes to how Sydent processes and stores email - more details here https://matrix.org/blog/2019/07/19/privacy-changes-to-new-vector-identity-servers

Next week, expect a new release, more database performance improvements and general Synapse performance work.

Listen to Matrix Live to hear Erik talking about his DB perf work ☝️

Ruma

This Week in Ruma, from Jimmy:

...
While I was working on ruma-signatures, I decided to fill in the missing functionality—signing and verifying events. In the process of doing that, I ended up with a significantly revised API for the crate, which has now been released as version 0.5.0.
...

Dept of SDKs and Frameworks 🏗

New release of matrix-nio (Python SDK)

poljar said:

New matrix-nio release bringing you documentation improvements across the board, while the documentation is still not fully complete yet it should be much easier to get started with nio.
Another highlight of this release is couroutine support for the event callbacks for the AsyncClient.

Take a look at the getting started guide too.

Ruby SDK

Ananace:

I just cut a 1.3.0 release of the Ruby SDK, mainly focusing on solving an issue due to Ruby extensions polluting the global scope. It also adds a very slightly extended response handling, which recursively adds getters for the keys of the resulting objects.
Many thanks to the people reporting issues to me so I can keep improving the SDK.

The Kotlin library koma

yuforia, author of koma and Continuum:

  • Fixed incorrect type casting in function KResult.map
  • Reorganize the structure of modules, separate APIs that don't require authentication, so that they can be used before signing in

Dept of Bridges 🌉

matrix-appservice-slack

Half-Shot announced:

Today we've released 0.3.0 of the slack bridge since the last rc has proved to be stable. I hope you all enjoy the new features we've packed into this release. And as a reminder, there is another release right around the corner :)

Dept of Clients 📱

RiotX (Android)

From the team (see Matrix Live from last week for more from them):

  • RiotX 0.2.0 has been released on Thursday. Main new features: room filtering, message editing in e2e rooms, view editing history. Also many small new features and bugfixes.
  • The team is still working on the main missing features: creation of direct chat, read receipt, along with UI/UX polishing.

If you're using Android, definitely start trying RiotX, you can even find it in the Play Store now.

Riot Web

From the team:

Riot v1.3.0 was released with support for reactions and message editing enabled. Check out the Riot blog post for more details. No changes are needed to enable these features for self-hosted installs anymore (which is change from what was stated in last week’s TWIM update).

We’re continuing to work on several privacy improvements to related to integration managers and identity servers to give users more control over these.

Riot Android

From the team:

Riot 0.9.2 has been released on Friday. It contains some bug fixes and new translations for many strings especially for the device verification feature.

Riot iOS

From the team:

  • We released v0.9.1 with message editing, reactions and file upload.
  • We are continuing to work on reactions (emoji picker).
  • We have started to implement soft logout.

FluffyChat

krille:

In the newest update FluffyChat now supports avatars in Push Notifications. Also translations have been updated and some minor design tweaks have been made.

I know that E2EE for FluffyChat is continuing to be worked on, just not quite ready yet.

Continuum, client based on koma

yuforia, author of koma and Continuum:

  • Update GUI library openjfx from version 11 to 12
  • Rewrite build script in Kotlin, replacing Groovy

Fractal, GNOME client

Alexandre Franke on Fractal:

Several bugs were fixed in the past three weeks. We are also sending typing notifications now. With 4.1.1 out, we’re at the second beta on the way to 4.2.

Also:

some people might be interested in a tweak in our build config that makes it so that crashes are aborts now (i.e. you get a trace and they are not silent anymore)

Spectral

Black Hat is changing Spectral's buildsystem from QMake to CMake.

Dept of Ops 🛠

sendtomatrix script

Madic has created a shell script to send messages to a room:

I've written a linux shell script with which you can send (multiline) messages to a matrix room. It only needs a username / password or access token, server fqdn and roomid as argument or provided by a configuration file. Arguments can overwrite settings from the file, for e.g. using same credentials but different channel. If no access token is provided, a new one will be requested and used to send the message. You can use the script for e.g. cronjobs, nagios notifications or ci pipelines. An example for a cronjob and a nagios notification script is also provided.

shell script nagios

I have ended up with an similar file of my own containing a bunch of commented-out curl lines, but this is a lot cleaner!

You may also recall a similar project: matrix-shell-suite (#matrix-shell-suite:matrix.org).

Dept of Bots 🤖

Maths bot(s)

Tim created a bot for rendering Maths:

I was told that people here might be interested: I just wrote a small bot that can reply with PNG renderings of maths (https://github.com/thosgood/matrix-maths-bot)

and then, tulir blatantly ripped him off was inspired to create a maubot providing the LaTeX to SVG rendering: https://github.com/maubot/tex

Dept of Services 🚀

New room for t2bot.io

TravisR, who arranges and hosts the various bots and bridges on t2bot.io:

#news:t2bot.io is now a room for people who want to follow along with news about t2bot.io which might be missed in #help:t2bot.io. Stuff like when bridges are updated and new services will be announced in there. #status:t2bot.io is where service stability is addressed during major problems with the service.

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

5-user Matrix homeserver hosting now available from Modular

17.07.2019 00:00 — General Modular.im

Hi all,

If you’ve been looking for a way to have you own Matrix homeserver without having to run it yourself, you may be interested to hear that Modular (the Matrix hosting provider run by New Vector, the startup which hires many of the Matrix core team) is now offering a personal-sized small homeserver hosting service, supporting a minimum size of 5 user servers.

A lot of recent performance work on Synapse has been driven by the need to make smaller dedicated servers more efficient to run - and so if you run your own homeserver you’ll be benefiting from all this work too :) Meanwhile, if you choose to outsource your server hosting to Modular, you’ll be indirectly supporting core Matrix and Synapse development, given most of the core Matrix team work for New Vector - it’s through buying services like this which lets us keep folks able to hack on Matrix as their day job.

See more details over at the Modular blog post!

This Week in Matrix 2019-07-12

12.07.2019 00:00 — This Week in Matrix Ben Parsons

Matrix Live: RiotX

Nice! Manu and Benoit, who work on the Riot Mobile, discuss the development status of RiotX.

Dept of Servers 🏢

Synapse

A bit of everything this week, we’ve made changes to support the upcoming edits and reactions release, worked on soft log out, experimented with improving general perf for small homeservers, landed open tracing support, improved db query load.
Next week we’ll see about landing the small homeserver perf improvements, work on id hashing in sydent, fix some e2ee bugs (made easier to track down with OpenTracing), do some more database performance work and start gradually rolling out the new Sygnal instance.

Construct

Jason back on it:

This week in Matrix, Construct made the crazy-loading mode of client sync the default. Crazy-loading is an approach to initial sync that goes beyond lazy-loading for a better UX. It's even backwards compatible with clients that don't support lazy-loading.

Construct also made significant progress on implementing version 3 and 4 rooms during the week. This is nearly complete, and should be ready for testing by the weekend.

Good to know there is progress with new room versions as more and more rooms start to be moved over to v4. #zemos-test:matrix.org for testing and more info.

Dendrite

This week we’ve implemented profile retrieval over federation, single event retrieval, room tagging as well as host of bug fixes.
Next week we’ll be looking at state resolution and implementing our latest and greatest algorithm needed by modern room versions.

This Week in Ruma

Jimmy provided This Week in Ruma:

Work continues on the major revamp of ruma-events mentioned in the last update.
...
There are also a few modules that are somewhat blocked on an issue in ring. Some of the types in ruma-events contain types from ruma-signatures which don't implement Clone and PartialEq because they contain types from ring which don't.
...
Rust 1.36 was released, and it includes stabilization of the Future trait, one of the long-awaited building blocks for first-class async support in Rust. [...] the biggest reason for Ruma's development hiatus is waiting for async networking in Rust to mature, and this is one of the final pieces of foundational support we've been waiting for. The remaining pieces are async/await syntax, which is expected in either the next version or the one following it, and finally, waiting for important libraries like Hyper and Tokio, as well as web frameworks, to adopt the new stuff.

Dept of SDKs and Frameworks 🏗

libQuotient gets .well-known support

kitsune:

Thanks to Black Hat, libQuotient gained support of .well-known - a very useful feature to connect to Modular-hosted homeservers!

Also, the first block of E2EE functionality from aa13q has been merged to libQuotient master - so far it's just uploading the keys but receiving messages is already well in the works!

Dept of Bridges 🌉

mautrix-telegram v0.6.0

tulir:

mautrix-telegram v0.6.0 was released. Recent changes include bridging strikethrough, underline and nested formatting to telegram and some bug fixes, including one security fix. Full changelog on GitHub.

Debian 10 was also released recently, which means v0.6 is the last version with Python 3.5 support. Starting from v0.7.0, mautrix-telegram will only support Python 3.6 and up.

mautrix-telegram v0.6.0 also includes Native Matrix edit support, message editing between platforms.

matrix-appservice-slack 0.3.0-rc2

Half-Shot and the Slack-bridge-gang have announced matrix-appservice-slack 0.3.0-rc2

Hi folks, the slack bridge has had another RC release this week 0.3.0-rc2 which has been deployed onto matrix.org :). In other news, we are nearly done with the port of the bridge to Typescript (slated for the 0.4 release) which has allowed us to clean up the codebase significantly and splat a lot of bugs.

I'm for any movement toward TypeScript - seems to be a winner in the JS-world. Says Half-Shot:

I'm a bit fanatical about Typescript, it's objectively better to write things in TS than JS if you have the freedom to do so. It's also allowed us to keep the bug count down on the Discord bridge, so I'm starting to look at the other bridges for typescript support too.

Reliable Bridges GSoC project 🎓

Thanks Kai for this update!

The new Spec proposal MSC2162: Signaling Errors at Bridges landed! It is about adding permanent errors: The ability of bridges to mark events as not delivered to all participants. While there is already code supporting the feature, the Spec process is important for getting everyone on board and finding potential problems with the current approach.

In spite of being a relatively small proposal, there were already a lot of suggestions and directions in which it can evolve. Shoutout and thanks to everyone who already contributed to it with their comments!

Meanwhile on the more practical front a fork of Riot Web was extended to now support the actual visual display of bridge error markings on messages.

See it in action:

Bridge Error message

Dept of Clients 📱

RiotX big announcement!

  • We have released a beta version to the PlayStore on Thursday! You can download (and rate it) here: https://play.google.com/store/apps/details?id=im.vector.riotx . Also feel free to join https://matrix.to/#/#riotx:matrix.org to provide any feedback!
  • You will find more details about what RiotX can (and cannot yet) do here: https://medium.com/@RiotChat/introducing-the-riotx-beta-for-android-b17952e8f771
  • Now we are working on fixing bugs, and keep going implementing the missing features

I've been using RiotX a lot lately and find it great - really snappy.

Spectral

Black Hat:

Spectral supports .well-known now obviously. see libQuotient update above
Also a lot of changes:

  1. Bubble shapes for pending events are fixed.
  2. You can set device name when logging in. This becomes important as libQuotient begins to upload one-time device key as part of E2EE implementation.
  3. Markdown is parsed automatically by default, and works with replies.
  4. Small UI improvements in timeline and room list.

Continuum

yuforia has continued work on Continuum, a desktop client written in Kotlin:

Continuum now preserves media content URI (mxc://) internally in order to treat them specially, instead of converting to all URI to http (or https) upon receiving.
This week's version never considers cached mxc resources stale and no network request will be performed for refreshing.
Continuum also loads previews for http image links in text messages automatically. The usual http cache control rules are still followed in those cases.

Join #tkmc:matrix.org to chat more about Continuum, or about koma, the underlying library.

Riot Web

Riot v1.3.0-rc.1 is now ready for testing at https://riot.im/staging. This includes some last minute polish of reactions and edits, and also adds initial support for soft logout. This release will have reactions and message editing enabled via configuration on riot.im once it stabilises.
Self-hosted installs that wish to do the same would need to alter their config.json in similar fashion. This is because these features currently depend on unstable APIs, and we don't want to move them out of labs and fully on by default until that is resolved.

Riot iOS

  • Reactions and edits:
    • Enabled by default (no more LABS setting)
    • Reactions with non-unicode keys
    • Original event in the edit history (need homeserver update)
  • Upgraded rooms are now autojoined when tapping on the upgraded banner
  • File upload from the room screen and from the share extension
  • Crypto: logs have been improved and a script has been created to help to debug e2e bugs (see the screenshot at https://github.com/matrix-org/matrix-ios-sdk/pull/692)
  • This Friday TestFlight can be considered as a release candidate

Dept of Ops 🛠

matrix-docker-ansible-deploy: synapse-janitor now available

Slavi:

Thanks to Aaron's frequent mention of synapse-janitor and other such cleanup methods, I've finally gotten inspired enough to give it a try.

The playbook now contains a new Synapse Maintenance documentation page and an easy/safe way to run synapse-janitor.

To give an example, using synapse-janitor and a full Postgres VACUUM yielded a 29% reduction in disk space used by Postgres on my personal homeserver (5.3GB -> 3.8GB).

Alexey Murz Korepov also reminded us about synapse-purge, which we've mentioned here before - but is designed for a similar purpose.

avhost/docker-matrix

Mathijs:

the avhost/docker-matrix image has moved to a debian buster base image, which got us an upgrade from python 3.5 to python 3.7.3 and jemalloc1 to jemalloc2, which should improve the performance of synapse.

Dept of Articles 📝

Pneumaticat: "wrote a blog post on integrating Riot chat with our dapp & scientific research auditing platform, Delphus!"

Final thoughts 💭

I had/stole the idea to create a bot which uses message edits to send frames of an ASCII-art animation. I indeed created the bot, which works to a degree, but is quickly punished by rate-limiting, which limits the effectiveness. Still it's quite fun, you can check out the code here.

TravisR's work on matrix-bot-sdk is interesting for bot or other client devs, and there is a new guide available: http://matrix.org/docs/guides/usage-of-matrix-bot-sdk

A few weeks ago I mentioned matrix-enact, which uses Web Audio API to play back room history. There is a guide to how it was built, looking at the /context endpoint now available: https://matrix.org/docs/guides/creating-a-simple-read-only-matrix-client

Half-Shot "bridged #synapse:matrix.org to #matrix-synapse on freenode to help folks who might be experiencing issues with their homeserver and need a IRC based support channel"

Black Hat made a cool-looking thing: "It basically shows all pictures in this room in a waterfall, with 'infinite scroll'"

Bridge Error message

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!