Synapse 1.6.0 has landed and is here to brighten your day!

1.6.0's most notable feature is that of label based filtering. It allows for messages to be tagged with a given label so that clients can filter on the label, this means that clients can subscribe to specific topics in a room, such as #lunch.

Completely separately, from here on in new rooms will be version 5 by default, all this means in practice is that servers will respect server signing key validity periods. This won't make a lot of difference in day to day operation, but it is an important security consideration and we now have sufficient penetration across the federation to make version 5 the default.

Aside from that there are a bunch of bug fixes and improvements, including fixing a bug that in some cases prevented messages being decrypted shortly after a restart (#6363) and generally improving the room upgrade experience (#6232, #6235).

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.5.1 follows:

🔗Synapse 1.6.0 (2019-11-26)

🔗Bugfixes

• Fix phone home stats reporting. (#6418)

🔗Synapse 1.6.0rc2 (2019-11-25)

🔗Bugfixes

• Fix a bug which could cause the background database update handler for event labels to get stuck in a loop raising exceptions. (#6407)

🔗Synapse 1.6.0rc1 (2019-11-20)

🔗Features

• Add federation support for cross-signing. (#5727)
• Increase default room version from 4 to 5, thereby enforcing server key validity period checks. (#6220)
• Add support for outbound http proxying via http_proxy/HTTPS_PROXY env vars. (#6238)
• Implement label-based filtering on /sync and /messages (MSC2326). (#6301, #6310, #6340)

🔗Bugfixes

• Fix LruCache callback deduplication for Python 3.8. Contributed by @V02460. (#6213)
• Remove a room from a server's public rooms list on room upgrade. (#6232, #6235)
• Delete keys from key backup when deleting backup versions. (#6253)
• Make notification of cross-signing signatures work with workers. (#6254)
• Fix exception when remote servers attempt to join a room that they're not allowed to join. (#6278)
• Prevent errors from appearing on Synapse startup if git is not installed. (#6284)
• Appservice requests will no longer contain a double slash prefix when the appservice url provided ends in a slash. (#6306)
• Fix /purge_room admin API. (#6307)
• Fix the hidden field in the devices table for SQLite versions prior to 3.23.0. (#6313)
• Fix bug which caused rejected events to be persisted with the wrong room state. (#6320)
• Fix bug where rc_login ratelimiting would prematurely kick in. (#6335)
• Prevent the server taking a long time to start up when guest registration is enabled. (#6338)
• Fix bug where upgrading a guest account to a full user would fail when account validity is enabled. (#6359)
• Fix to_device stream ID getting reset every time Synapse restarts, which had the potential to cause unable to decrypt errors. (#6363)
• Fix permission denied error when trying to generate a config file with the docker image. (#6389)

🔗Improved Documentation

• Contributor documentation now mentions script to run linters. (#6164)
• Modify CAPTCHA_SETUP.md to update the terms private key and public key to secret key and site key respectively. Contributed by Yash Jipkate. (#6257)
• Update INSTALL.md Email section to talk about account_threepid_delegates. (#6272)
• Fix a small typo in account_threepid_delegates configuration option. (#6273)

🔗Internal Changes

• Add a CI job to test the synapse_port_db script. (#6140, #6276)
• Convert EventContext to an attrs. (#6218)
• Move persist_events out from main data store. (#6240, #6300)
• Reduce verbosity of user/room stats. (#6250)
• Reduce impact of debug logging. (#6251)
• Expose some homeserver functionality to spam checkers. (#6259)
• Change cache descriptors to always return deferreds. (#6263, #6291)
• Fix incorrect comment regarding the functionality of an if statement. (#6269)
• Update CI to run isort over the scripts and scripts-dev directories. (#6270)
• Replace every instance of logger.warn method with logger.warning as the former is deprecated. (#6271, #6314)
• Port replication http server endpoints to async/await. (#6274)
• Port room rest handlers to async/await. (#6275)
• Remove redundant CLI parameters on CI's flake8 step. (#6277)
• Port federation_server.py to async/await. (#6279)
• Port receipt and read markers to async/wait. (#6280)
• Split out state storage into separate data store. (#6294, #6295)
• Refactor EventContext for clarity. (#6298)
• Update the version of black used to 19.10b0. (#6304)
• Add some documentation about worker replication. (#6305)
• Move admin endpoints into separate files. Contributed by Awesome Technologies Innovationslabor GmbH. (#6308)
• Document the use of lint.sh for code style enforcement & extend it to run on specified paths only. (#6312)
• Add optional python dependencies and dependant binary libraries to snapcraft packaging. (#6317)
• Remove the dependency on psutil and replace functionality with the stdlib resource module. (#6318, #6336)
• Improve documentation for EventContext fields. (#6319)
• Add some checks that we aren't using state from rejected events. (#6330)
• Add continuous integration for python 3.8. (#6341)
• Correct spacing/case of various instances of the word "homeserver". (#6357)
• Temporarily blacklist the failing unit test PurgeRoomTestCase.test_purge_room. (#6361)

🔗Matrix Live 🎙

OpenPush is Marcus' project to remove the need for Google to be involved with push notifications on Android. We chat in some detail here about his work, the Prototype Fund, and other great topics.

🔗Dept of Status of Matrix 🌡

🔗matrix.org server migration

Neil reported:

Those following closely will know that the matrix.org home server has been having some problems with our hosting provider. This really came down to I/O provision and stability therein. It turns out that running a homeserver is harder when it can’t talk to the db.

We have now fully migrated to our new provider (with improved hardware specs) and you should notice everything feeling much much snappier.

https://twitter.com/matrixdotorg/status/1197828358664589312?s=20

https://twitter.com/matrixdotorg/status/1197576886278393856?s=20

🔗Public rooms upgraded

Neil reported:

We have also taking the time to upgrade all of our community rooms to modern room versions. This should mean an end to state resets and other unintuitive behaviour associated with large public rooms.

🔗kitsune, international man of mystery

kitsune offered:

I have been dismantling my habitat in Japan and will spend a couple of weeks in Moscow, Russia before moving further west to the Netherlands. Due to this, expect very low activity on Quotient front in December; but I still intend to release the first beta of libQuotient 0.6 in the remaining week, breaking the half-year span without releases.

Good luck!

🔗Dept of Spec 📜

🔗Spec

anoa told us:

Here's your weekly spec update on what happened last week in spec land.

New MSCs:

• MSC 2359: E2EE VoIP Conferencing [WIP]
• MSC 2356: Bulk /joined_members endpoint

Entered Final Comment Period:

• MSC 1756: cross-signing devices using a master identity key
• MSC 2313: Moderation policies as rooms (ban lists)

Merged:

• MSC 2284: Making the identity server optional during discovery

This week, the Spec Core Team is focusing on the following 3 MSCs: 2241 (DM key verification), 2324 (new spec process), and 2326 (label-based filtering).

🔗Dept of Servers 🏢

🔗Synapse v1.6.0rc1

Neil told us:

This week released Synapse v1.6.0rc1 and will release the real deal next week. 1.6.0 contains a lot of ground work for e2ee cross signing, supporting multiple databases (to aid db sharing) as well as a bunch of bug fixes and perf improvements.

Aside from that we’ve been working on room retention support and ephemeral messages which should be ready to merge rsn.

Finally we’ve been working on improving config granularity for caching, such that individual caches can be configured via homeserver.yaml. Experimenting with this approach to caching has proved to be very powerful in tuning performance, expect to see it on mainline shortly. Further down the line we'd like to make it more dynamic so that manual tuning is unnecessary.

This is also now available from Mathijs' docker hub repo.

🔗Dept of Bridges 🌉

🔗mautrix-facebook

Tulir reported:

Facebook decided to break everything and switch from long polling to MQTT over websockets, but mautrix-facebook has already been updated with initial support for the new protocol. It's still a bit buggy though, e.g. reconnecting after a disconnection doesn't seem to work properly

🔗Dept of Clients 📱

🔗Brawl 0.0.12

Bruno offered:

I have started deploying Brawl, you can try it at https://bwindels.github.io/brawl/

Also few small new features and fixes since the last TWIM mention a while back:

• make initial sync faster: it uses the lazy load members feature to not load a lot of room state on initial sync as that isn't used yet anyways.
• more useful room list: room aliases and are now recognized for the room name, and DMs are named after the user id.
• some smaller bugs fixed

🔗Continuum and koma progress

yuforia announced:

koma, Kotlin library:

• Update Kotlin to latest release 1.3.60
• Start making use of kotlinx.serialization, making the first step toward multi-platform support (which enables a Kotlin project to be compiled to native, JavaScript, or JVM)

Continuum, desktop client based on koma:

• Implement pop-up and sound, which will be used to show notifications

https://matrix.org/_matrix/media/r0/download/matrix.org/TJlhyKntaXngkHJvdgPIhOsK

🔗Riot iOS

Manu announced:

We are almost done in our privacy work around integrations and integrations manager. While we were working on widgets, we made some improvements on them. They now have a menu with some actions (refresh, open in Browser, remove). The jitsi widget now displays the room name, user avatar and name.

🔗Seshat

@poljar:matrix.org told us:

The PR for matrix-react-sdk has finally landed, the PR for riot-web needed some documentation and is waiting for final review. Work on the UI for our indexer inside of riot has started and some more functionality to load events that are files has been added inside of Seshat as well.

🔗Riot Android

@valere35:matrix.org reported:

Privacy work related to Integration Manager about to be released (SDK + App). Also a couple of bug fixed (including the infinite app restart after SSO token expiration)

🔗riot-web

Bruno reported:

riot web just gained in-app notifications for verification requests on /develop. See PR at https://github.com/matrix-org/matrix-react-sdk/pull/3661 . All of this is behind the verification over DM labs flag!

🔗matrix-notepad

Check out these docs, very nice!

@kb1rd:kb1rd.net said:

matrix-notepad It's been a slow two weeks for matrix-notepad since I've been a bit busy.

• The core "Logootish" algorithm was documented
• "Logootish" was separated out into its own repo (logootish-js) and converted to TypeScript.
• TypeDoc was used to document the logootish-js algorithm
• Fixed some wonderful spelling errors in the algorithm code
• Nothing has changed for the main Matrix Notepad repo, so there's no user difference. It just makes the core algorithm a bit easier to read.

My plan in the future is basically to work out rich text and JSON object collaboration (clearly, this is far away!) and create some kind of "universal client" that can load up web apps to use the algorithm in a single Matrix room. The result would be that it's much easier to create collaboration apps.
Obviously, that's a far-off goal, but my point in documenting the algo is to get ahead of the game a bit

🔗Dept of SDKs and Frameworks 🧰

🔗matrix-bot-sdk v0.4.0 release

TravisR announced:

v0.4.0 has been released of the matrix-bot-sdk. Last week was beta 15, and now it's out for real. There's quite a few changes from v0.3.9, but here's an overview:

• Support for encryption through Pantalaimon

• Support for metrics

• Finished support for appservices

• Better support for bridges (storage, mappings, and utility functions)

• Classes for events and other structures in Matrix

• Utility classes for permalinks, profile caching, Synapse admin APIs, and server ACLs (globs)

• Improved documentation

• A template repository for bots

• Improved logging support

• Various bug fixes and improvements

Give it a test, and report any issues in #matrix-bot-sdk:t2bot.io ! The full diff is available here: https://github.com/turt2live/matrix-bot-sdk/compare/v0.3.9...v0.4.0

🔗simplematrixlib, new Python library

@swedneck:permaweb.io said:

I made a really simple matrix library for python, and a couple of utility scripts that make use of it! https://gitlab.com/Swedneck/simplematrixlib, https://gitlab.com/Swedneck/py-matrix-utils

🔗Dept of Bots 🤖

🔗maubot

Tulir announced:

Maubot will now automatically follow room upgrades. In addition to that, plugins storing room IDs in the database have been updated to automatically update the database when the room is upgraded.

In other maubot news, the PR by lorico to rewrite my old GitLab bot as maubot plugin was finally merged.

🔗Dept of Ping 🏓

🔗Final Thoughts 💭

Impressive progress on the PinePhone, Martijn Braam has been showing off various apps running, particularly interesting is that they are showing Quaternion.

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

🔗Matrix Live 🎙

This week I spoke to Annie from the Ditto project.

Find out more:

#ditto:elequin.io
Testflight: https://testflight.apple.com/join/9M0ERlKd
Feedback: https://ditto.upvoty.com

🔗Dept of Spec 📜

🔗MSC2354: Device to device streaming file transfers

Mathijs offered:

I opened my first MSC, to use webrtc for streaming file transfers from device to device (rather than account to account)

🔗Spec

anoa said:

** New MSCs **

• MSC2354: Device to device streaming file transfers
• MSC2356: Bulk /joined_members endpoint

** In Final Comment Period **

• MSC2284: Making the identity server optional during discovery

** Merged MSCs **

• MSC1946: Secure Secret Storage and Sharing
• MSC2244: Mass redactions

The Spec Core Team's focused MSC's continue to be MSC1756 (cross-signing), MSC2324 (new spec process), and MSC2313 (ban lists).

🔗Dept of Servers 🏢

🔗Synapse

anoa said:

This week saw work on implementing message retention policies, the continuation of migrating matrix.org to new hardware and some other little fixes.

The public rooms directory is also set to private by default now. Please read the accompanying blog post for the reasoning behind it.

🔗Ruma updates

We missed it at the time, but the Ruma project has some updates to share, focused on the ruma-events projects.

https://ruma.dev/news/new-releases-2019-11-05/

🔗Known Matrix Server Selector Websites

Over in #matrixservers:raim.ist, grin provided this list-of-lists of Matrix public home servers:

• https://www.hello-matrix.net/
• https://matrix.grin.hu/stat/
• https://the-federation.info/matrix%7Csynapse
• https://www.anchel.nl/matrix-publiclist/

🔗Dept of Bridges 🌉

🔗mautrix-whatsapp

Tulir reported:

mautrix-whatsapp now has basic relaybot support. Since WhatsApp doesn't have usable bots, relaybot in this case means using a normal account as a relay. To enable the relaybot in your bridge instance, copy this config block into your config, update is as needed, and simply log in normally in the configured relaybot management room.

🔗matrix-appservice-slack 1.0.2

Half-Shot announced:

Hey all, matrix-appservice-slack 1.0.2 has been released. This contains a small number of bug fixes and doc changes.

🔗Dept of Clients 📱

🔗Pattle: version 0.14.0

Wilko announced:

A new version has been made available and should soon be on Google Play!

Note that this version will not be on TestFlight (yet) because notifications are currently only implemented on Android (using Firebase, so same goes for F-Droid for the time being).

🔗Changes

• Show notifications when receiving a new message!
• Username is not checked whether it's available anymore

This was done for a future feature (registration), however, a different approach will probably be taken.

🔗Get Pattle

• Android
  • F-Droid
  • Google Play
• iOS (TestFlight)

🔗Issues or suggestions

If you stumble upon any issues or would like to suggest features, please do so here! You can login via GitHub and Gitlab.com!

🔗Follow development

Follow development in #app:pattle.im!

🔗Kotlin projects: koma and Continuum

yuforia told us:

koma, Kotlin library:

• Implement timeout in coroutines instead of waiting for timeout errors from HTTP library, which makes it easier to change the timeout on demand and may improve performance to some degree
• Make use of experimental feature contracts in Kotlin 1.3 to avoid cast errors when inline class is used in non-local returns
• Add API for getting thumbnails

Continuum, desktop client based on koma, version 0.9.28:

• Use thumbnails of images and avatars to reduce data usage

https://matrix.org/_matrix/media/r0/download/matrix.org/GMyoaOATXbdcgKnGXCgpDnEA

🔗Riot web

Bruno said:

Riot web should gain a new design for the member panel, with a UX more suited for a world where cross-signing is a thing. Will land today or early next week behind a feature flag on /develop.

There are some screenshots on the PR: https://github.com/matrix-org/matrix-react-sdk/pull/3620

🔗Riot-Android

benoit offered:

Riot-Android: we are working on widget permission: new widget permission UX and use integration manager defined on the homeserver by default.

🔗Riot iOS

Manu offered:

Riot iOS: We have fixed the display of terms for integrations. Riot iOS 0.10.2 is on his way to the App Store

🔗RiotX

benoit offered:

RiotX: We are working on registration and login flow. Also spoiler are rendered and can even be sent using /spoiler command. It's also possible to block (ignore) and unblock users. Performance have been improved, and we are now using the new FragmentFactory. We are working on room detail screen, sticker rendering, and lots of other fun features. We schedule a release at the beginning of next week.

🔗Dept of SDKs and Frameworks 🧰

🔗matrix-bot-sdk v0.4.0-beta.15

TravisR reported:

v0.4.0-beta.15 of the matrix-bot-sdk has been released. v0.4.0 final is a themed release for lightweight bridges, and so far much of the common functionality is there. Some of the more niche and large features have yet to land, but the final release is still on the horizon (see what's left here). Please give it a test (npm install [email protected]) and report any issues to #matrix-bot-sdk:t2bot.io.

BETA FIFTEEN

🔗Seshat new release

@poljar:matrix.org offered:

Seshat got a new release 🎉. Seshat now supports transparent index encryption. The PRs for Riot-desktop have been updated and encryption has been enabled for the index. The PRs are currently awaiting review, encrypted search will come to a place near you really soon™.

🔗Dept of Ops 🛠

🔗New guide about installing Synapse using only free resources

@ptman:feneas.org offered:

I (and hopefully others) feel that matrix needs more home servers. That's why I wrote a guide for setting one up using free resources and @benpa was kind enough to include it on matrix.org: https://matrix.org/docs/guides/free-small-matrix-server/

🔗Room Directory defaults in matrix-docker-ansible-deploy

Regarding the recent discussions about room security, Slavi has been thinking about default settings for his ansible playbooks:

I wasn't entirely convinced what we should do about it. For my own personal (family & friends) homeserver, I have a few rooms published (this room being one of them), which are all public and OK to be published publicly. I was okay with the old defaults. Still, I can see how people may expect stricter defaults though. I've leaned on following this advice and making it not publish by default. I've made that change here.

🔗Dept of Bots 🤖

🔗Matrix-Alertmanager v0.1.0

@jaywink:federator.dev reported:

Matrix-Alertmanager, a bot that relays Prometheus Alertmanager alerts to Matrix rooms, gets a new release v0.1.0. Thanks to "daniego" the messages are now HTML formatted. Also dependencies have been bumped, Matrix JS SDK by "Lyr" and all the other deps by me. For more info: https://git.feneas.org/jaywink/matrix-alertmanager

🔗Dept of Events and Talks 🗣

aa13q offered:

I've made a presentation about Matrix at the local 2600 meetup at Saint Petersburg, Russia recently. And now translated the text retelling into English too. It's an introduction presentation in general but (thanks to kitsune! :) it also contains good comments about the parts I've missed :) Would be happy to get feedback about the typos/etc. I hope it could be helpful to somebody who is willing to tell about Matrix in other local places :) https://aa13q.ru/#!posts/2019-11-01-matrix-2600/meta.md

@jaywink:federator.dev reported:

Not a part of the organizers, but syncing here for wider reach. There is a "FediConf 2020" conference being planned to happen in Barcelona sometime between May and September next year. It will be a conference for a wide audience of federated folk, so Matrix people might be interested in joining up. There is a poll for dates, a forum and also a Matrix room: #fediconf:matrix.libertalia.world

kitsune said:

in a complete coincidence with aa13q, I also talked about Matrix at Tokyo LUG. Plenty of good discussion. TLUG folks are extremely interested in decentralised identities and data retention as next most important frontiers in Matrix evolution.

🔗Dept of Ping 🏓

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Hi all,

Over the course of today we've been made aware of folks port-scanning the general internet to discover private Matrix servers, looking for publicly visible room directories, and then trying to join rooms listed in them.

If you are running a Matrix server that is intended to be private, you must correctly configure your server to not expose its public room list to the general public - and also ensure that any sensitive rooms are invite-only (especially if the server is federated with the public Matrix network).

In Synapse, this means ensuring that the following options are set correctly in your homeserver.yaml:

# If set to 'false', requires authentication to access the server's public rooms
# directory through the client API. Defaults to 'true'.
#
#allow_public_rooms_without_auth: false

# If set to 'false', forbids any other homeserver to fetch the server's public
# rooms directory via federation. Defaults to 'true'.
#
#allow_public_rooms_over_federation: false

For private servers, you will almost certainly want to explicitly set these to false, meaning that the server's "public" room directory is hidden from the general internet and wider Matrix network.

You can test whether your room directory is visible to arbitrary Matrix clients on the general internet by viewing a URL like https://sandbox.modular.im/_matrix/client/r0/publicRooms (but for your server). If it gives a "Missing access token" error, you are okay.

You can test whether your room directory is visible to arbitrary Matrix servers on the general internet by loading Riot (or similar) on another server, and entering the target server's domain name into the room directory's server selection box. If you can't see any rooms, then are okay.

Relatedly, please ensure that any sensitive rooms are set to be "invite only" and room history is not world visible - particularly if your server is federated, or if it has public registration enabled. This stops random members of the public peeking into them (let alone joining them).

Relying on security-by-obscurity is a very bad idea: all it takes is for someone to scan the whole internet for Matrix servers, and then trying to join (say) #finance on each discovered domain (either by signing up on that server or by trying to join over federation) to cause problems.

Finally, if you don't want the general public reading your room directory, please also remember to turn off public registration on your homeserver. Otherwise even with the changes above, if randoms can sign up on your server to view & join rooms then all bets are off.

We'll be rethinking the security model of room directories in future (e.g. whether to default them to being only visible to registered users on the local server, or whether to replace per-server directories with per-community directories with finer grained access control, etc) - but until this is sorted, please heed this advice.

If you have concerns about randoms having managed to discover or join rooms which should have been private, please contact [email protected].

🔗Matrix Live 🎙

Sorry folks, no matrix live this week, your regular programming will continue next week.

🔗Dept of Spec

A big week in spec land.

🔗Client-server r0.6.0 and Identity r0.3.0 spec releases

TravisR offered:

If you've been waiting all this time to start implementing some of the privacy improvements the team has been making over the last few months, now's the best time to do it. Clients interacting with identity servers or 3rd party identifiers (3PIDs) have some changes to make, and identity servers themselves have a whole new authed API so they can expose terms of service requirements to users.

Check out the specs at https://matrix.org/docs/spec/client_server/r0.6.0 and https://matrix.org/docs/spec/identity_service/r0.3.0

You can read all about it here

anoa announced:

Approved MSCs

• MSC2334 - Change default room version to v5
  • Our fastest FCP ever - less than 24hrs!

Final Comment Period

• MSC2244: Mass redactions
• MSC1946: Secure Secret Storage and Sharing

New MSCs

• [WIP] MSC2346: Bridge information state event

The Spec Core Team have chosen MSC1756 (cross-signing), MSC2324 (new spec process), and MSC2313 (ban lists) to focus on this week :)

🔗Dept of Clients 📱

🔗Riot-iOS

Manu offered:

• 0.10.1 has been released on the app store. It includes minor improvements and bug fixes like the call issue. Full release descriptions can be found on respective repos: Riot, matrix-ios-kit and matrix-ios-sdk.
• This release includes better logging to track app kills in background but it seems that iOS13.2.2 released by Apple yesterday fixes the issue. We are looking for more feedbacks on that topic.
• On develop, the app can now use the integrations manager advertised by the homeserver.

🔗RiotX

benoit reported:

We have finished implementing long click on a Room item, to configure notification settings of the room and to be able to leave the room. We can now ignore user (after a report of content only for the moment). The list of ignored users is displayed in the setting. Users can be un-ignored. We are also working on improving performance and improving code structure. As usual, we have also fixed some bugs. A release will be done at the beginning of next week, then we will try to work on the login flow and account creation flow.

🔗Riot Android

benoit offered:

We are working on the Integration Manager management.

🔗Riot Web

Neil had this to say:

The Riot gang landed 1.5.1 which contained the emoji picker (thanks Tulir!).

Additionally they have been working furiously to make some progress against e2ee device cross signing and have just merged the ability to authenticate via DMs. It's behind a labs flag and will only work if both parties are enabled, but this is big step towards our cross signing dreams. Watch this space for more cross signing features over the coming weeks.

🔗Fractal

Alexandre Franke offered:

We did a couple bugfixes including one for a long standing crasher and another more recent crasher.

🔗Seshat

@poljar:matrix.org said:

Seshat gained the ability to encrypt the event database and index. A PR has landed and is awaiting review. Now your Matrix client can securely store and index your E2EE messages.

🔗Quarternion

kitsune said:

I took time to port Quaternion from Qt Quick Controls 1 (deprecated upstream) to Qt Quick Controls 2, the lighter UI widgets kit that Spectral also uses. Most of regressions are fixed and the result is likely to land in the master branch sometime next week. The overall looks will remain the same, just a minor refresh of visuals. Aside from improving performance the porting should help to solve widget scaling issues on multi-monitor configurations.

🔗Matrix Notepad

@kb1rd:kb1rd.net reported:

• Released version 0.1.4, which fixes a number of bugs and cleans up a lot of the code
• I'm considering converting the algorithm code only to TypeScript (it's a mess rn)
• I said this last week, but I think I finally got all the bugs out of the internal algorithm 🤞
• I'm also working on a proper explanation of how the algorithm works (An explanation of just the events is here)

🔗Dept of Servers 🏢

🔗Synapse

Neil said:

This week we shipped 1.5.1 which contains a small bug fix to prevent a potential DoS vector.

Separately we merged support for label based filtering into develop and are now working on allowing admins to configure message retention policies.

Aside from that we’ve continued to work on sharding out the database which we’ll put live once we have migrated matrix.org onto new hardware (woo!) and finally we’ve been fixing some bugs affecting event auth rules.

Coming up on the horizon are ephemeral messages (the ability to send messages with a specific ttl), more io perf work and a bit further down the line we’ll dust off our attempts to shard out room processing from the master process, meaning Synapses running in worker mode will have much more CPU headroom.

🔗Rust Workers

Black Hat told us:

I'm working on writing Synapse workers in Rust. Only a few things are working, but the performance seems good.

🔗Department of Ops

🔗Kubernetes

Ananace announced:

Just pushed the K8s-optimized Synapse 1.5.1 image

🔗Docker - improved LDAP

JCG reported:

another Synapse container image, but this one is new: If you had problems with LDAP in the official Synapse image, try this image: https://gitlab.com/famedly/container/synapse-ldap/container_registry. It's based on the official images, but updates the LDAP auth provider to the latest commit of the master branch. The official image comes with the latest version released to pypi.org, which is a bit older. Aside of that change, it's exactly the same, so you can use it as a drop in replacement.

🔗Docker - multi-arch

Black Hat told us:

my multi-arch synapse docker image is updated to synapse 1.5.1

🔗Docker

Mathijs said:

The images for synapse v1.5.1 were pushed to docker hub for avhost and my personal repo.

🔗Server Tombola

@mj:nltrix.net offered:

It gets a tombola of versions at the list of Public Synapse Homeservers https://www.anchel.nl/matrix-publiclist/

🔗Dept of Bridges 🌉

Half-Shot announced:

Hey folks, I've released matrix-appservice-irc 0.13.1 which fixes a critical bug in 0.13.0 where messages from matrix would crash the bridge. Users brave enough to be running develop do not need to do anything. https://github.com/matrix-org/matrix-appservice-irc/releases/tag/0.13.1. This would only have affected you if you tried to install or update the 0.13 bridge in the last two weeks.

🔗Dept of Ping 🏓

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Hey all,

For the last several months the team has been working on tightening up privacy in Matrix, and with the 1.4 release of Synapse and Riot quite a lot has been done in the area. One of the remaining pieces was to release all the specification changes to help other client/server implementations achieve the same goals, and now we've done that.

The Client-Server r0.6.0 and Identity Service r0.3.0 spec releases both cover the privacy improvements added through a number of MSCs in the last few months. Of particular note is that identity servers are now expected to support terms of service endpoints, which requires authentication that clients might need to worry about - check the spec changelogs for details.

The full changelog for the Client-Server r0.6.0 release is:

• Breaking Changes

  • Add id_access_token as a required request parameter to a few endpoints which require an id_server parameter as part of MSC2140. (#2255)

• New Endpoints

  • Add POST /account/3pid/unbind for removing a 3PID from an identity server. (#2282)

• Backwards Compatible Changes

  • Add M_USER_DEACTIVATED error code. (#2234)
  • Remove bind_msisdn and bind_email from /register now that the identity server's bind endpoint requires authentication. (#2279)
  • Add m.identity_server account data for tracking the user's preferred identity server. (#2281)
  • Deprecate id_server and make it optional in several places. (#2310)

• Spec Clarifications

  • Add missing format fields to m.room.message$m.notice schema. (#2125)
  • Remove "required" designation from the url field of certain m.room.message msgtypes. (#2129)
  • Fix various typos throughout the specification. (#2131, #2136, #2148, #2215)
  • Clarify the distinction between m.key.verification.start and its m.sas.v1 variant. (#2132)
  • Fix link to Olm signing specification. (#2133)
  • Clarify the conditions for the .m.rule.room_one_to_one push rule. (#2152)
  • Clarify the encryption algorithms supported by the device of the device keys example. (#2157)
  • Clarify that /rooms/:roomId/event/:eventId returns a Matrix error. (#2204)
  • Add a missing state_key check on .m.rule.tombstone. (#2223)
  • Fix the m.room_key_request action value, setting it from cancel_request to request_cancellation. (#2247)
  • Clarify that the submit_url field is without authentication. (#2341)
  • Clarify the expected phone number format. (#2342)
  • Clarify that clients should consider not requesting URL previews in encrypted rooms. (#2343)
  • Add missing information on how filters are meant to work with /context. (#2344)
  • Clarify what the keys are for rooms in /sync. (#2345)

The full changelog for the Identity Service r0.3.0 release is:

• New Endpoints

  • Add /account, /account/register, and /account/logout to authenticate with the identity server. (#2255)
  • Add endpoints for accepting and handling terms of service. (#2258)
  • Add /hash_details and a new /lookup endpoint for performing hashed association lookups. (#2287)

• Backwards Compatible Changes

  • Deprecate the v1 API in favour of an authenticated v2 API. (#2254)

Hi all,

This morning (06:11 UTC) it became apparent through mails to [email protected] that a security researcher was working through the TLS Certificate Transparency logs for *.matrix.org,*.riot.im and *.modular.im to identify and try to access non-public services run by New Vector (the company formed by the original Matrix team, which hosts *.matrix.org on behalf of the Matrix.org Foundation, and develops Riot and runs the https://modular.im hosting service).

Certificate Transparency (CT) is a feature of the TLS ecosystem which lets you see which public certificates have been created and signed by given authorities - intended to help identify and mitigate against malicious certificates. This means that the DNS name of any host with a dedicated public TLS certificate (i.e. not using a wildcard certificate) is visible to the general public.

In practice, this revealed a handful of internal-facing services using dedicated public TLS certificates which were accessible to the general internet - some of which should have been locked to be accessible only from our internal network.

Specifically:

• kibana.ap-southeast-1.k8s.i.modular.im - a Kibana deployment for a new experimental Modular cluster which is being set up in SE Asia. The Kibana is in the middle of being deployed, and was exposed without authentication during deployment due to a firewall & config error. However, it is not a production system and carries no production traffic or user data (it was just being used for experimentation for hypothetical geography-specific Modular deployments). We firewalled this off at 07:53 UTC, and are doing analysis to confirm there was no further compromise, and will then rebuild the cluster (having fixed the firewall config error from repeating).
• AWX deployments used by our internal Modular platform, which were behind authentication but should not be exposed to the public net.
• Various semi-internal dev and testing services which should be IP-locked to our internal network (but are all locked behind authentication too).

Additionally, certain historical Modular homeservers & Riots (from before we switched to using wildcard certs, or where we’ve created a custom LetsEncrypt certificate for the server) are named in the CT logs - thus leaking the server’s name (which is typically public anyway in that server’s matrix IDs if the server is federated).

We’re working through the services whose names were exposed checking for any other issues, but other than the non-production SE Asia Kibana instance we are not aware of problems resulting from this activity.

Meanwhile, we’ll be ensuring that semi-internal services are only exposed on our internal network in future, and that Modular server names are not exposed by CT logs where possible.

TL;DR: You can list all the public non-wildcard TLS certs for a given domain by looking somewhere like https://crt.sh/?q=%25.matrix.org. This lets you find internal-sounding services to try to attack. In practice no production services were compromised, and most of our internal services are correctly firewalled from the public internet. However, we’re reviewing the IP locking for ones in the grey zone (and preventing the bug which caused an experimental Kibana to be exposed without auth).

We’d like to thank Linda Lapinlampi for notifying us about this. We’d also like to remind everyone that we operate a Security Disclosure Policy (SDP) and Hall of Fame at https://matrix.org/security-disclosure-policy/ which is designed to protect innocent users from being hurt by security issues - everyone: please consider disclosing issues responsibly to us as per the SDP.

🔗Dept of Spec 📜

🔗Spec Updates

anoa reported:

Merged MSCs

• Proposal for storing megolm keys serverside

Final Comment Period

• MSC2334 - Change default room version to v5
  • This one rushed right from new into FCP! Mostly due to it being very non-contentious.

New MSCs

No other new MSCs appeared this week.

MSCs the Spec Core Team are focusing on next week are: MSC2244 (mass redactions), MSC1946 (SSSS), and MSC2313 (ban lists).

🔗Dept of Servers 🏢

🔗Synapse 1.5.0 released

Various updates including a security fix, check the announcement.

Several packaging projects have been updated to deploy the new version:

• matrix-docker-ansible-deploy from Slavi
• Kubernetes from Ananace
• multi-arch synapse docker image from Black Hat
• avhost/docker-matrix and mvgorcum/docker-matrix from Mathijs

Like always the mvgorcum/docker-matrix repo also includes the release candidates, as they were released.

🔗Install Party

Brendan announced:

A couple of weeks ago I shouted here about a project I've been working on named Install Party, which provides tools for provisioning and managing servers for Matrix homeserver install workshops/parties.

Since then, I've been working on improving it, and today it's finally reached v1.0! This version includes configurable DNS and infrastructure providers, the ability to create multiple server in one run, user-defined post-install scripts, as well as codebase cleanups and a better documentation.

You can find more details about the project and this release at https://brendan.abolivier.bzh/install-party-1.0/, and in #install-party:abolivier.bzh 🙂

🔗Dept of Bridges 🌉

🔗mautrix-telegram

Tulir told us:

• Parallelized file transfer: The bridge now has an option to use multiple telegram connections and a streaming connection to the Matrix media repo when copying files. This should make it much faster and use less ram for big files.
• Matrix doesn't have native captions, so !tg caption <text> now exists to send the next image or file to telegram with <text> as the caption.
• Animated sticker bridging and helm charts were merged into master.

🔗matrix-appservice-node 0.4.1 released

Half-Shot reported:

Bridges-in-nodejs-fans, today we have released 0.4.1 of the matrix-appservice-node library. For those not aware (presumably most), this library is a barebones piece of kit that helps you to listen over the AS api for transactions, in a more barebones manner than matrix-appservice-bridge. The changes in this release are a total transformation of the library into Typescript, and updating dependency packages which had gotten out of date.

EDIT: I cocked up the release, so have a 0.4.1

🔗matrix-appservice-bridge 1.11.1 released

Half-Shot offered:

Also, https://github.com/matrix-org/matrix-appservice-bridge/releases/tag/1.11.1

🔗Dept of Clients 📱

🔗Ditto Chat project announcement

Annie said:

Officially announcing a new mobile client project: Ditto Chat

• Project Status

  • Minimum Viable Product is on TestFlight
  • Can: login, send / receive messages

• Tech Stack

  • Bare React Native - no Expo
  • matrix-js-sdk

• Vision

• I want Ditto to be a chat app that is user-friendly and performant for the average user, rivaling apps like GroupMe, Messenger, and WhatsApp.

• Later on, I want Ditto to have a desktop / browser version and be stable enough for regular use.

CONTRIBUTORS: I would love to have some help on Ditto if anybody is looking for a side project! Join #ditto:elequin.io for updates.

More photos: http://dittochat.org

Check out the room at #ditto:elequin.io.

🔗miitrix

sorunome offered:

Miitrix has received some updates!

• Save state and resume when starting up - no need for an initial sync each time anymore!
• Send read receipts
• Send typing notifications
• Remove HTTPC and only use CURL to add support for servers that don't have TLS1.1 anymore! And way faster!

Support room: #miitrix:sorunome.de Donate: https://liberapay.com/Sorunome

Miitrix was featured as a star attraction at MozFest last weekend, thanks Soru!

Good morning #mozfest! We're here for the final day, come and see us on the 6th floor and see Matrix running on a Nintendo 3DS 🎮 #matrix #mozfest19 pic.twitter.com/cZqcAn2tcZ

— Matrix (@matrixdotorg) October 27, 2019

🔗Continuum 0.9.27

yuforia reported:

Continuum, desktop client in Kotlin, version 0.9.27:

Added notification viewer.

https://matrix.org/_matrix/media/r0/download/matrix.org/ziPiTnybBwEEcSMPZRjhNlsV

🔗Fractal

Alexandre Franke told us:

We fixed redaction, it’s working again. We still don’t remove the messages from view but there is a WIP merge request to do just that.

🔗#matrix-client-developers:matrix.org

f0x announced:

#matrix-client-developers:matrix.org has been revived, intended for discussion between developers of different Matrix clients.

This is the room to head to for Matrix Client developer chat.

🔗Matrix Notepad

KB1RD announced:

Version 0.1.2 update brings a major overhaul of the user interface. The main features are:

• A new sign in dialog (with password authentication. No access tokens!)
  • Those who are already signed in will stay signed in
  • Also created a Matrix Notepad logo
• Technically, a single Matrix client is used instead of re-creating it each time a new document is opened
  • This makes document loading faster
• Added a document list and an add button
• Added the document room ID to the URL
• Fixed various bugs that have been encountered. Maybe I can finally say that it's bug-free!

🔗Riot v1.5.1-rc.1

Riot v1.5.1-rc.1 is up on https://riot.im/staging with a collection of bugfixes, some further a11y fixes and... a new reaction picker from tulir!

🔗Dept of Bots 🤖

🔗matrix-episode-bot

anoa told us:

I made a bot that can give you links to TV show episodes that get mentioned in rooms: https://github.com/anoadragon453/matrix-episode-bot

It's not as cool as it sounds. Basically you put all the titles and links in a config file and whenever someone says e.g "I really like S05E09", it'll give you the name of that episode and a link to it. You can also just mention an episode title and it'll give you the link.

Made with nio-template.

🔗Dept of Ping 🏓

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

That's right folks Synapse 1.5.0 is here and ready to make your life just a little bit better.

First things first, this release includes a security fix (#6262, below). Administrators are encouraged to upgrade as soon as possible.

Aside from that, the main thing you'll notice in 1.5.0 is a massive performance improvement to the room directory, which means that servers with large directories to scan will return much more quickly. This is especially true for matrix.org but all servers will benefit.

Another key win is finally fixing some bugs in the sqlite -> postgres migrator script. Sqlite mode is there strictly for testing purposes and should never be used in a production setting let alone a federating homeserver. So if you are currently using Sqlite now is the time to migrate. What's more the script is now in CI so it can't easily break in the future (with apologies to anyone bitten by the old script...).

A final final point, we have some preparatory work for e2ee cross signing, the overall feature is not ready for release just yet but we are getting really close. Watch this space.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.4.1 follows:

🔗Synapse 1.5.0 (2019-10-29)

🔗Security updates

This release includes a security fix (#6262, below). Administrators are encouraged to upgrade as soon as possible.

🔗Bugfixes

• Fix bug where room directory search was case sensitive. (#6268)

🔗Synapse 1.5.0rc2 (2019-10-28)

🔗Bugfixes

• Update list of boolean columns in synapse_port_db. (#6247)
• Fix /keys/query API on workers. (#6256)
• Improve signature checking on some federation APIs. (#6262)

🔗Internal Changes

• Move schema delta files to the correct data store. (#6248)
• Small performance improvement by removing repeated config lookups in room stats calculation. (#6255)

🔗Synapse 1.5.0rc1 (2019-10-24)

🔗Features

• Improve quality of thumbnails for 1-bit/8-bit color palette images. (#2142)
• Add ability to upload cross-signing signatures. (#5726)
• Allow uploading of cross-signing keys. (#5769)
• CAS login now provides a default display name for users if a displayname_attribute is set in the configuration file. (#6114)
• Reject all pending invites for a user during deactivation. (#6125)
• Add config option to suppress client side resource limit alerting. (#6173)

🔗Bugfixes

• Return an HTTP 404 instead of 400 when requesting a filter by ID that is unknown to the server. Thanks to @krombel for contributing this! (#2380)
• Fix a bug where users could be invited twice to the same group. (#3436)
• Fix /createRoom failing with badly-formatted MXIDs in the invitee list. Thanks to @wener291! (#4088)
• Make the synapse_port_db script create the right indexes on a new PostgreSQL database. (#6102, #6178, #6243)
• Fix bug when uploading a large file: Synapse responds with M_UNKNOWN while it should be M_TOO_LARGE according to spec. Contributed by Anshul Angaria. (#6109)
• Fix user push rules being deleted from a room when it is upgraded. (#6144)
• Don't 500 when trying to exchange a revoked 3PID invite. (#6147)
• Fix transferring notifications and tags when joining an upgraded room that is new to your server. (#6155)
• Fix bug where guest account registration can wedge after restart. (#6161)
• Fix monthly active user reaping when reserved users are specified. (#6168)
• Fix /federation/v1/state endpoint not supporting newer room versions. (#6170)
• Fix bug where we were updating censored events as bytes rather than text, occasionally causing invalid JSON being inserted breaking APIs that attempted to fetch such events. (#6186)
• Fix occasional missed updates in the room and user directories. (#6187)
• Fix tracing of non-JSON APIs, /media, /key etc. (#6195)
• Fix bug where presence would not get timed out correctly if a synchrotron worker is used and restarted. (#6212)
• synapse_port_db: Add 2 additional BOOLEAN_COLUMNS to be able to convert from database schema v56. (#6216)
• Fix a bug where the Synapse demo script blacklisted ::1 (ipv6 localhost) from receiving federation traffic. (#6229)

🔗Updates to the Docker image

• Fix logging getting lost for the docker image. (#6197)

🔗Internal Changes

• Update user_filters table to have a unique index, and non-null columns. Thanks to @pik for contributing this. (#1172, #6175, #6184)
• Allow devices to be marked as hidden, for use by features such as cross-signing. This adds a new field with a default value to the devices field in the database, and so the database upgrade may take a long time depending on how many devices are in the database. (#5759)
• Move lookup-related functions from RoomMemberHandler to IdentityHandler. (#5978)
• Improve performance of the public room list directory. (#6019, #6152, #6153, #6154)
• Edit header dicts docstrings in SimpleHttpClient to note that str or bytes can be passed as header keys. (#6077)
• Add snapcraft packaging information. Contributed by @devec0. (#6084, #6191)
• Kill off half-implemented password-reset via sms. (#6101)
• Remove get_user_by_req opentracing span and add some tags. (#6108)
• Drop some unused database tables. (#6115)
• Add env var to turn on tracking of log context changes. (#6127)
• Refactor configuration loading to allow better typechecking. (#6137)
• Log responder when responding to media request. (#6139)
• Improve performance of find_next_generated_user_id DB query. (#6148)
• Expand type-checking on modules imported by synapse.config. (#6150)
• Use Postgres ANY for selecting many values. (#6156)
• Add more caching to _get_joined_users_from_context DB query. (#6159)
• Add some metrics on the federation sender. (#6160)
• Add some logging to the rooms stats updates, to try to track down a flaky test. (#6167)
• Remove unused timeout parameter from _get_public_room_list. (#6179)
• Reject (accidental) attempts to insert bytes into postgres tables. (#6186)
• Make version optional in body of PUT /room_keys/version/{version}, since it's redundant. (#6189)
• Make storage layer responsible for adding device names to key, rather than the handler. (#6193)
• Port synapse.rest.admin module to use async/await. (#6196)
• Enforce that all boolean configuration values are lowercase in CI. (#6203)
• Remove some unused event-auth code. (#6214)
• Remove Auth.check method. (#6217)
• Remove format_tap.py script in favour of a perl reimplementation in Sytest's repo. (#6219)
• Refactor storage layer in preparation to support having multiple databases. (#6231)
• Remove some extra quotation marks across the codebase. (#6236)

🔗Dept of Status of Matrix 🌡

🔗Matrix.org

Public service notice from vdh:

It won't have escaped many peoples' notice that the matrix.org homeserver has been struggling over the last few weeks. The main problem is poor disk I/O performance on our database server: for various reasons, it seems that the server can no longer keep up with the demands we're putting on it.

The good news is that we have a plan to sort it out, and we're working on setting up alternative hosting which will be able to handle our traffic for the foreseeable future! Please bear with us over the next couple of weeks while we get new servers set up.

🔗Matrix Notepad

@kb1rd:kb1rd.net told us:

Just released the first version of the Matrix Notepad, a small webapp designed to allow people to collaborate on text files over Matrix. There are a bunch of bugs that I'm still working on fixing, but if you'd like to check it out it's here! I will be adding incremental fixes for various issues, but feel free to add to the issues. :) If you'd like to chat, I'll be checking #matrix-collaboration:kb1rd.net.

🔗Dept of Servers 🏢

🔗Synapse

@richvdh:sw1v.org told us:

This week much of the team's focus has been on performance, both in terms of dealing with matrix.org's immediate woes and some more strategic work on helping Synapse to scale. On the latter front, Erik has been making great progress in supporting multiple Postgres databases.

We've also put out a release candidate for Synapse 1.5.0 with lots of bugfixes and changes under the hood. As ever, help with testing the RC is much appreciated!

🔗Dept of Bridges 🌉

🔗matrix-appservice-discord v0.5.2 released

Half-Shot reported:

matrix-appservice-discord has had a new release (v0.5.2) to fix some out of date packages.

🔗matrix-appservice-bridge v0.11.0

Half-Shot announced:

matrix-appservice-bridge has had a new release (v0.11.0) which allows developers to disable usage of the stores entirely. This should solve problems facing some bridges which no longer use them.

🔗mautrix-hangouts image bridging

Tulir offered:

Cadair's pull request to add Hangouts->Matrix image bridging to mautrix-hangouts was merged.

🔗Dept of Clients 📱

🔗miitrix

From sorunome, this crazy 3DS project!

Miitrix is a client for the Nintendo 3DS, using the matrix-3ds-sdk! Here is an early demonstration video. The current featureset includes:

• Sorting room list by last messages
• Room name fallbacks (canonical alias, joined members)
• sending messages
• receiving messages
• receiving edits & redactions
• receiving join, leave, ban events
• lazy-loading extra information in the background

Support room: #miitrix:sorunome.de Donate: https://liberapay.com/Sorunome

🔗Riot web

Tulir announced:

Two of the Riot pull requests that I twimmed last week, the reaction emoji picker and edit html parser improvements, have been merged into develop. The remaining one (reply rendering improvements) still needs some code and design work.

🔗Ruby Matrix SDK version 1.5.0 released

Ananace said:

The Ruby SDK is out with another new version, 1.5.0 this time. Adding an event and a check to let applications track and handle errors that occur in the background listener thread of the client abstraction. This version also exposes a setter for the open_timeout value on the lower-level API client (and the client abstraction through it), for users that are plagued by slow-to-open TCP connections to their relevant HSes.

As always, feel free to drop by #ruby-matrix-sdk:kittenface.studio if you have questions, comments, corrections, or just want to discuss the project - or use cases - in general.

🔗Fractal

Alexandre Franke reported:

Since the 4.2.1 release a month ago, there’s been a slow but steady stream of commits including code cleanups, translation updates and minor bugfixes. The highlights are issues solved around settings not being reloaded after verification dialog was closed, account settings not loading, connections to http only servers failing, and a regression that prevented users from sending messages to newly created rooms.

🔗Riot iOS

Manu reported:

We are still working on 2 fronts:

• fixing most important issues in our stabilisation sprint
• privacy project: Adding an email or phone number is now protected by a password (if your homeserver requests this authentication)

🔗Riot Android

Manu offered:

• privacy project: Adding an email or phone number is now protected by a password (if your homeserver requires it)

🔗RiotX Android

Manu offered:

• We released 0.7.0 this week. You now have read markers and can share content to Riot. You should also find the app even faster.

🔗Dept of SDKs and Frameworks 🧰

🔗matrix-3ds-sdk

sorunome offered:

A lot has happened on the side of matrix-3ds-sdk. So much so, that it is possible now to write clients out of it! The changelog includes:

• fetching member info
• fetching room info
• proper sync loop
• aggressive filters to reduce data (initial sync would crash on large accs otherwise)
• room leave and invite callbacks
• room info callback

Support room: #matrix-3ds-sdk:sorunome.de

🔗Dept of Ops 🛠

🔗Helm charts for mautrix-telegram, mautrix-twilio and maubot

Tulir offered:

mautrix-telegram and mautrix-twilio now have experimental Helm charts: https://github.com/tulir/mautrix-telegram/tree/helm/helm/mautrix-telegram. There's no replication/horizontal scaling stuff, but they should be useful if you're already using Helm for other stuff.

To make managing maubot plugins possible with Helm, I added a simple standalone plugin executor to maubot. It's basically just a simple script that sets up all the things plugins want (matrix client, config, database, webserver) and passes them to the plugin.

The standalone executor can be used to run any maubot plugin without any changes to the plugin itself, but building good docker images needs to be done separately for each plugin. The supportportal plugin has a standalone docker image and a helm chart using that image.

🔗Dept of Ping 🏓

🔗That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!