Today we release Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation. The patches address long standing bugs, and are not regressions specific to the previous version (1.2). All admins, regardless of current version, should upgrade asap.
This release includes four security fixes:
Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. (#5767)
Prevent a denial-of-service attack where cycles of redaction events would make Synapse spin infinitely. Thanks to @lrizika:matrix.org for identifying and responsibly disclosing this issue. (0f2ecb961)
Prevent an attack where users could be joined or parted from public rooms without their consent. Thanks to Dylanger for identifying and responsibly disclosing this issue. (#5744)
Fix a vulnerability where a federated server could spoof read-receipts from
users on other servers. Thanks to Dylanger for identifying this issue too. (#5743)
Additionally, the following fix was in Synapse 1.2.0, but was not correctly
identified during the original release:
It was possible for a room moderator to send a redaction for an m.room.create event, which would downgrade the room to version 1. Thanks to @/dev/ponies:ponies.im for identifying and responsibly disclosing this issue! (#5701)
We had a great demo session this afternoon, unfortunately the recording quality for some of the items was not good enough to share - and it was interesting stuff too! I cut everything from the RiotX and Riot iOS sections - but we'll make it up to you by getting more news from those projects soon.
πOpportunities available for paid Matrix-related work
Matthew informed the community:
We're getting more and more folks reaching out for paid help setting up smaller self-hosted Matrix deployments. The core team has its hands full currently with helping out with larger deployments; so if anyone reading this wants to offer paid support to those getting up and running on Matrix then please make us aware so we can potentially route inquiries to you.
This is a great step for Matrix, and a great opportunity for you the reader! There are already several people prepared to start work on Matrix-related endeavours, but the fact that there is more work coming in than we can currently route is amazing. If you'd like to be on an informal shortlist, contact support@, or come chat to me directly.
Weβve also been having some success in improving database performance and hope to ship that rsn so everyone can benefit.
Next week
Weβll continue on db perf, improving logging verbosity (through recategorising some log lines) and generally looking to improve the experience for those admins running on smaller instances.
The GSoc project βMatrix Visualisationsβ has continued its progression during the second period:
A βmulti-viewβ has been implemented for the frontend application. It means that it is now possible to independently view multiple DAGs at the same time in the same canvas. It can be useful for observing the same DAG but on different HSβs, at the same time. The only current limitation is that you have to use the same backend for every view (with CS API or with the backend talking to a Synapse PostgreSQL database). This change took a long time as it required to make a lot of changes in the code.
The implementation of the support of the Federation API within the backend is in progress. It is slowly progressing as it needed some discussion before starting the work on it and its implementation requires me to become familiar with a lot of new things, regarding the federation process and the authentication of requests between HSβs.
Hey, I'd like to put out a call to everyone out there. If there's any script people desire for interacting with matrix homeservers, the #matrix-shell-suite:matrix.org project is taking feature requests.
I had the code laying around for quite a while, but I just completed the Olm SAS interface for my fork of RubyOlm. It also includes interfaces for generating the emoji! π
A new version has been pushed to F-droid and TestFlight!
Note that for TestFlight the new version will be available in a few days.
Improve scrolling through chat messages!
Messages are now paginated under the hood, before the whole message list was rebuild when loading more messages, causing a jittery scrolling experience.
Support typing notifications!
Typing notifications are shown and send while typing.
Add chat settings screen
Currently you can see the chat name, avatar, description and members. More will be added in the future.
You can go to the chat settings screen by clicking on the title of the chat. This'll probably change in the future (at least to be easier).
Reverse swipe direction of images (thanks Nathan!)
Fix ripple not showing on send button
Make UI refreshing more efficient
The App Store (iOS) name is now 'Pattle' instead of 'Pattle IM'
When a chat is open, the UI will only be rebuild if that chat has updates.
Lot's of code clean ups and improvements, mostly in the SDK
What's coming up?
A release on Google Play!
A release on the official F-droid repo!
Remove Cupertino specific styling on iOS
Will now use Material Design, but altered for iOS. Having the discrepancy between Cupertino and Material was also the reason why some things didn't show up in iOS or why some things would be blue instead of the Pattle red.
Pantalaimon got a new release. This release brings experimental support for search in E2E encrypted rooms, performance improvements in the database department, better support for true headless mode for all the bot lovers, and of course the usual bug fixes and small improvements.
SolarDrew and I have been working on re-writing our Picard Bot for a conference next week. Picard helps you bridge between a slack team and a matrix community.
This second version of Picard adds support for reacting to creation of new rooms on slack in real time as well as implementing a set of commands for creating new bridged rooms from either matrix or slack. In addition to this, Picard has matrix commands for inviting you to all the bridged rooms in the community and automatically inviting you to new rooms as they are created. Finally, we have added support for sending welcome messages to all new members of your slack team or matrix community in a DM with the bot, which we are using to explain the chat setup to users and giving them a private place to issue commands.
This is uses matrix-appservice-slack for actually sending events in bridged rooms, and PIcard itself is a skill for the opsdroid bot framework #opsdroid-general:matrix.org and uses the matrix-database plugin for opsdroid which uses matrix room state to back the opsdroid memory.
πmx-puppet-bridge, new bridge: mx-puppet-instagram
The work on mx-puppet-bridge things continue! The core library and the implementation received some bugfixes, however, a new bridge is there: mx-puppet-instagram. Currently it supports
It's all coming together now. While all pieces of the puzzle were roughly there, now they are put into the big picture.
The bridge SDK PR has been merged to develop, now providing bridges the benefit of error reporting. The modifications to the SDK are non-breaking, but activation of the feature requires small changes to the bridge using it. But be warned, everything is still under an unstable prefix and rightly so β the implementation is still subject to change.
The MSC didn't get much love in public, but the concepts required to evolve it are taking shape. It was contemplated to piggyback on MSC 1410: Rich Bridging and to add a retry mechanism. So heads up for more to come on this front.
The display of bridge errors in Riot Web is now a PR and in the state of getting its last few kinks removed. It will start to be available under a lab flag soon.
With everything getting to play together nicely, there will be the first rooms enabling bridge errors to test the code in the wild. Stabilizing the code for everyday use and getting the MSC into a respectable form are the next goals for the project. Those will help in fostering broader adoption among bridges and clients.
kitsune: "the latest versions of libQMatrixClient (0.5.2 - still under the old name) and Quaternion (0.0.9.4) are now available in Debian unstable, thanks to uhoreg"
Hey hey, Synapse 1.2.0 is here. It contains aggregations support, better error handling for deactivated accounts and some important bug fixes for redacting messages. Special thanks to community members skalarproduktraum and Lrizika for submissions to improve our documentation.
Move logging code out of synapse.util and into synapse.logging. (#5606, #5617)
Add a blacklist file to the repo to blacklist certain sytests from failing CI. (#5611)
Make runtime errors surrounding password reset emails much clearer. (#5616)
Remove dead code for persiting outgoing federation transactions. (#5622)
Add lint.sh to the scripts-dev folder which will run all linting steps required by CI. (#5627)
Move RegistrationHandler.get_or_create_user to test code. (#5628)
Add some more common python virtual-environment paths to the black exclusion list. (#5630)
Some counter metrics exposed over Prometheus have been renamed, with the old names preserved for backwards compatibility and deprecated. See docs/metrics-howto.rst for details. (#5636)
It was drawn to our attention this afternoon that there is a bug in our GDPR data portability tooling that resulted in the data dump including some events that should not have been included.
This tooling has recently been updated (here is the new code), and the bug only affects reports generated with the updated tool. So far we have generated one report using the updated tooling.
The bug affects events which:
were sent in rooms in which, at the point at which the message was sent, the message visibility was set to 'shared' or 'world readable', and
were pulled in over federation from another server after the data subject left the room
As a reminder, 'shared' message visibility means anyone in the room can view the message, from the point in time at which visibility was set to 'shared' and 'world readable' means anyone can read the messages without joining the room, from the point in time at which visibility was set to 'world readable'.
Events are pulled onto a homeserver over federation when a user on that homeserver tries to access events which, for whatever reason, their homeserver does not already have a local copy. This most often happens when their homeserver is offline for any period of time, but can also happen when a user is the first user from their homeserver to join a room with active participants on other homeservers.
We're still analysing the data but so far it looks like the bug resulted in only a small number of events that were not publicly-accessible being shared (there were also publicly-accessible events mistakenly included). At this stage we have identified 19 events from 4 users across 2 rooms (the dump contained ~3.5 million events). This is not to diminish the severity of the bug - just to reassure that the scale of its impact appears to be extremely limited.
It is also worth noting that any encrypted events erroneously included in the dump will not have been decryptable (since the data subject would not have had access to the keys).
In our original analysis we stated that 19 events were shared erroneously. On closer analysis we missed 5 other timeline events - the correct figure is 24 timeline events originating from 4 users over 2 rooms. However, this figure focused on timeline data and does not take into account all state events (such as user joins, parts, topic changes etc). When considering these too, a further 56 state events were erroneously shared, referencing 64 users across these 2 rooms (mainly detailing when users had joined/left the room after the requesting user themselves had left). These membership events contained avatar & display name details which may not have been public (but in practice, the vast majority appear to be public data).
Aside from the events referenced above, the full dump contained ~20,000 events that also ought not to have been included; however these events were already publicly accessible due to being part of publicly accessible rooms (eg Matrix HQ) and so we do not consider them a breach of data.
Events that are pulled in over federation are assigned a negative 'stream ordering' ID. This is designed to avoid their being sent down the sync (where they would likely be out of sequence). In normal operation (accessing your homeserver via a Matrix client) these events would be appropriately filtered, but a bug in the data dump tooling caused them to be included.
The bug was introduced as a result of two factors:
The event filtering code assumes that the user is currently in the room - this was not intuitive, and was not called out in the documentation
When we fetched the events from the database, we tried to limit to events sent before the user left the room. On reflection, we used the wrong ordering mechanism (stream ordering instead of topological ordering), resulting in the inclusion of events that were fetched from a remote server after the data subject had left
We are working to fix the bug, and we'll update here when it is resolved. As a reminder, please do report security bugs responsibly as per the Security Disclosure Policy so we can validate the issue and mitigate abuse.
As is standard practice for any data breach, we have notified the ICO.
As a step towards implementing Terms of Service for Sydent Identity Servers (MSC2140), we're rolling out a couple of changes to the two Identity Servers run by New Vector (running at vector.im and matrix.org):
We have erased all of the data where there is any chance that the data subject didn't understand how, why or with whom their data was being shared.
We've made a change to Sydent so that it no longer persists new associations relating to users on homeservers not run by New Vector.
The impact of these changes is that users on homeservers not run by New Vector will no longer be discoverable by their email or telephone number via the Identity Servers running at vector.im and matrix.org. As we roll out the rest of the changes for Terms of Service for Identity Servers, this functionality will again be made available for users who make an informed choice to opt in.
In the short term, the New Vector Identity Servers will continue to support registration with email (signing up with an email address as well as a matrix username) and password reset. However, as we continue to improve Identity Server data hygiene practices, we will phase out their use in registration with email and password reset entirely. We have already made the change to Synapse to support password reset without relying on an Identity Server (though this can optionally be re-enabled).
Once Synapse can support registration with email without relying on an Identity Server we will announce a schedule for disabling registration with email and password reset in our Identity Servers entirely. After this point, homeserver administrators will have to make sure their homeservers are configured to send email to keep registration with email and password reset working. More details on this to follow - please watch this space.
<community-hat>
I'm working on a specification for exporting metadata and usage metrics out of federated servers. The aim is that the same specification could be re-used cross-protocol for example with not only Matrix servers but also ActivityPub, Diaspora and XMPP servers, as an example. Looking for comments here: https://talk.feneas.org/t/serverinfo-specification-for-server-metadata/99 </community-hat>
A couple TWIMs ago we teased that Dendrite had a plan in the works. Well one meeting later and here is the proposal:
It will take a while for Dendrite to become feature complete with Synapse, but weβd like people to be able to actually use Dendrite before then. Instead of waiting for feature-completeness, we propose a set of milestones for Dendrite development to reach and prioritize development for.
These milestones are currently listed on Dendriteβs github. The first is βBot Hostingβ, which means, once complete, Dendrite would be suitable as a βbot hubβ, allowing server admins to run massive bridges on top of Dendrite while taking advantage of its horizontal-scaling capabilities. As written in the description, this goal includes basic CS API support, as well as federation with other homeservers. At this stage Dendrite should already be usable in rooms with other Synapse servers, which should make it a lot more interesting.
After that is several more milestones, each representing another use case that Dendrite can fill.
Donβt be alarmed at the currently quite small percentage of completeness, as these milestones have just been built from the open issue list. Weβre actually quite far along to #1 already :)
We also want to mention that the milestones arenβt completely built yet - thereβs still a few more issues to comb through. Itβs taken a few days as anoa canβt help himself to fix things as he goes along. A few open issues have also been closed as they had already been fixed earlier.
This is all mentioned in this weekβs Matrix Live above by the way, so be sure to catch for some extra details if youβre interested.
We look forward to shipping you a working Dendrite soonβ’. And as always feel free to join us in #dendrite-dev:matrix.org for discussion.
This week weβve been working on improving database performance, shipping the new small hosted homeserver instances - expect a lot of improvements to come that will benefit the whole community and merged our recent OpenTracing support. Weβve also made some changes to how Sydent processes and stores email - more details here https://matrix.org/blog/2019/07/19/privacy-changes-to-new-vector-identity-servers
Next week, expect a new release, more database performance improvements and general Synapse performance work.
Listen to Matrix Live to hear Erik talking about his DB perf work βοΈ
...
While I was working on ruma-signatures, I decided to fill in the missing functionalityβsigning and verifying events. In the process of doing that, I ended up with a significantly revised API for the crate, which has now been released as version 0.5.0.
...
New matrix-nio release bringing you documentation improvements across the board, while the documentation is still not fully complete yet it should be much easier to get started with nio.
Another highlight of this release is couroutine support for the event callbacks for the AsyncClient.
I just cut a 1.3.0 release of the Ruby SDK, mainly focusing on solving an issue due to Ruby extensions polluting the global scope. It also adds a very slightly extended response handling, which recursively adds getters for the keys of the resulting objects.
Many thanks to the people reporting issues to me so I can keep improving the SDK.
Today we've released 0.3.0 of the slack bridge since the last rc has proved to be stable. I hope you all enjoy the new features we've packed into this release. And as a reminder, there is another release right around the corner :)
From the team (see Matrix Live from last week for more from them):
RiotX 0.2.0 has been released on Thursday. Main new features: room filtering, message editing in e2e rooms, view editing history. Also many small new features and bugfixes.
Known limitation: crash on device running Android KitKat (4.4). We are considering supporting only device running Android Lollipop (5.0) and up (see/approve/comment https://github.com/vector-im/riotX-android/issues/405)
The team is still working on the main missing features: creation of direct chat, read receipt, along with UI/UX polishing.
Riot v1.3.0 was released with support for reactions and message editing enabled. Check out the Riot blog post for more details. No changes are needed to enable these features for self-hosted installs anymore (which is change from what was stated in last weekβs TWIM update).
Weβre continuing to work on several privacy improvements to related to integration managers and identity servers to give users more control over these.
Riot 0.9.2 has been released on Friday. It contains some bug fixes and new translations for many strings especially for the device verification feature.
In the newest update FluffyChat now supports avatars in Push Notifications. Also translations have been updated and some minor design tweaks have been made.
I know that E2EE for FluffyChat is continuing to be worked on, just not quite ready yet.
Several bugs were fixed in the past three weeks. We are also sending typing notifications now. With 4.1.1 out, weβre at the second beta on the way to 4.2.
Also:
some people might be interested in a tweak in our build config that makes it so that crashes are aborts now (i.e. you get a trace and they are not silent anymore)
Madic has created a shell script to send messages to a room:
I've written a linux shell script with which you can send (multiline) messages to a matrix room. It only needs a username / password or access token, server fqdn and roomid as argument or provided by a configuration file. Arguments can overwrite settings from the file, for e.g. using same credentials but different channel. If no access token is provided, a new one will be requested and used to send the message. You can use the script for e.g. cronjobs, nagios notifications or ci pipelines. An example for a cronjob and a nagios notification script is also provided.
I have ended up with an similar file of my own containing a bunch of commented-out curl lines, but this is a lot cleaner!
TravisR, who arranges and hosts the various bots and bridges on t2bot.io:
#news:t2bot.io is now a room for people who want to follow along with news about t2bot.io which might be missed in #help:t2bot.io. Stuff like when bridges are updated and new services will be announced in there. #status:t2bot.io is where service stability is addressed during major problems with the service.
If youβve been looking for a way to have you own Matrix homeserver without having to run it yourself, you may be interested to hear that Modular (the Matrix hosting provider run by New Vector, the startup which hires many of the Matrix core team) is now offering a personal-sized small homeserver hosting service, supporting a minimum size of 5 user servers.
A lot of recent performance work on Synapse has been driven by the need to make smaller dedicated servers more efficient to run - and so if you run your own homeserver youβll be benefiting from all this work too :) Meanwhile, if you choose to outsource your server hosting to Modular, youβll be indirectly supporting core Matrix and Synapse development, given most of the core Matrix team work for New Vector - itβs through buying services like this which lets us keep folks able to hack on Matrix as their day job.
A bit of everything this week, weβve made changes to support the upcoming edits and reactions release, worked on soft log out, experimented with improving general perf for small homeservers, landed open tracing support, improved db query load.
Next week weβll see about landing the small homeserver perf improvements, work on id hashing in sydent, fix some e2ee bugs (made easier to track down with OpenTracing), do some more database performance work and start gradually rolling out the new Sygnal instance.
This week in Matrix, Construct made the crazy-loading mode of client sync the default. Crazy-loading is an approach to initial sync that goes beyond lazy-loading for a better UX. It's even backwards compatible with clients that don't support lazy-loading.
Construct also made significant progress on implementing version 3 and 4 rooms during the week. This is nearly complete, and should be ready for testing by the weekend.
Good to know there is progress with new room versions as more and more rooms start to be moved over to v4. #zemos-test:matrix.org for testing and more info.
This week weβve implemented profile retrieval over federation, single event retrieval, room tagging as well as host of bug fixes.
Next week weβll be looking at state resolution and implementing our latest and greatest algorithm needed by modern room versions.
Work continues on the major revamp of ruma-events mentioned in the last update.
...
There are also a few modules that are somewhat blocked on an issue in ring. Some of the types in ruma-events contain types from ruma-signatures which don't implement Clone and PartialEq because they contain types from ring which don't.
...
Rust 1.36 was released, and it includes stabilization of the Future trait, one of the long-awaited building blocks for first-class async support in Rust. [...] the biggest reason for Ruma's development hiatus is waiting for async networking in Rust to mature, and this is one of the final pieces of foundational support we've been waiting for. The remaining pieces are async/await syntax, which is expected in either the next version or the one following it, and finally, waiting for important libraries like Hyper and Tokio, as well as web frameworks, to adopt the new stuff.
Thanks to Black Hat, libQuotient gained support of .well-known - a very useful feature to connect to Modular-hosted homeservers!
Also, the first block of E2EE functionality from aa13q has been merged to libQuotient master - so far it's just uploading the keys but receiving messages is already well in the works!
mautrix-telegram v0.6.0 was released. Recent changes include bridging strikethrough, underline and nested formatting to telegram and some bug fixes, including one security fix. Full changelog on GitHub.
Debian 10 was also released recently, which means v0.6 is the last version with Python 3.5 support. Starting from v0.7.0, mautrix-telegram will only support Python 3.6 and up.
mautrix-telegram v0.6.0 also includes Native Matrix edit support, message editing between platforms.
Hi folks, the slack bridge has had another RC release this week 0.3.0-rc2 which has been deployed onto matrix.org :). In other news, we are nearly done with the port of the bridge to Typescript (slated for the 0.4 release) which has allowed us to clean up the codebase significantly and splat a lot of bugs.
I'm for any movement toward TypeScript - seems to be a winner in the JS-world. Says Half-Shot:
I'm a bit fanatical about Typescript, it's objectively better to write things in TS than JS if you have the freedom to do so. It's also allowed us to keep the bug count down on the Discord bridge, so I'm starting to look at the other bridges for typescript support too.
The new Spec proposal MSC2162: Signaling Errors at Bridges landed! It is about adding permanent errors: The ability of bridges to mark events as not delivered to all participants. While there is already code supporting the feature, the Spec process is important for getting everyone on board and finding potential problems with the current approach.
In spite of being a relatively small proposal, there were already a lot of suggestions and directions in which it can evolve. Shoutout and thanks to everyone who already contributed to it with their comments!
Meanwhile on the more practical front a fork of Riot Web was extended to now support the actual visual display of bridge error markings on messages.
We have released a beta version to the PlayStore on Thursday! You can download (and rate it) here: https://play.google.com/store/apps/details?id=im.vector.riotx . Also feel free to join https://matrix.to/#/#riotx:matrix.org to provide any feedback!
You will find more details about what RiotX can (and cannot yet) do here: https://medium.com/@RiotChat/introducing-the-riotx-beta-for-android-b17952e8f771
Now we are working on fixing bugs, and keep going implementing the missing features
I've been using RiotX a lot lately and find it great - really snappy.
yuforia has continued work on Continuum, a desktop client written in Kotlin:
Continuum now preserves media content URI (mxc://) internally in order to treat them specially, instead of converting to all URI to http (or https) upon receiving.
This week's version never considers cached mxc resources stale and no network request will be performed for refreshing.
Continuum also loads previews for http image links in text messages automatically. The usual http cache control rules are still followed in those cases.
Join #tkmc:matrix.org to chat more about Continuum, or about koma, the underlying library.
Riot v1.3.0-rc.1 is now ready for testing at https://riot.im/staging. This includes some last minute polish of reactions and edits, and also adds initial support for soft logout. This release will have reactions and message editing enabled via configuration on riot.im once it stabilises.
Self-hosted installs that wish to do the same would need to alter their config.json in similar fashion. This is because these features currently depend on unstable APIs, and we don't want to move them out of labs and fully on by default until that is resolved.
Thanks to Aaron's frequent mention of synapse-janitor and other such cleanup methods, I've finally gotten inspired enough to give it a try.
The playbook now contains a new Synapse Maintenance documentation page and an easy/safe way to run synapse-janitor.
To give an example, using synapse-janitor and a full Postgres VACUUM yielded a 29% reduction in disk space used by Postgres on my personal homeserver (5.3GB -> 3.8GB).
Alexey Murz Korepov also reminded us about synapse-purge, which we've mentioned here before - but is designed for a similar purpose.
the avhost/docker-matrix image has moved to a debian buster base image, which got us an upgrade from python 3.5 to python 3.7.3 and jemalloc1 to jemalloc2, which should improve the performance of synapse.
I had/stole the idea to create a bot which uses message edits to send frames of an ASCII-art animation. I indeed created the bot, which works to a degree, but is quickly punished by rate-limiting, which limits the effectiveness. Still it's quite fun, you can check out the code here.
Half-Shot "bridged #synapse:matrix.org to #matrix-synapse on freenode to help folks who might be experiencing issues with their homeserver and need a IRC based support channel"
Black Hat made a cool-looking thing: "It basically shows all pictures in this room in a waterfall, with 'infinite scroll'"
Dendrite continues marching forward! As more attention is turned towards our fairly lengthy PR list, contributors who have not done so already are reminded to merge Dendrite's master branch into their PRs, as converting the project to go modules caused a lot of conflicts. A tag has been added to each PR that needs forward merging, visible here.
This week we shipped v1.1.0, which provides an overhaul of docker configuration, more authentication options and improved db io. Itβs worth noting that v1.1.0 is the first Synapse release to drop support for Python 2 (and Postgres 9.4), this paves the way for using Python 3 only functionality.
Weβve been working on supporting soft logout, more edits and reactions support, open tracing support not to mention a complete rewrite of the push server Sygnal. Weβll be rolling out new Sygnal gradually over the next week or two.
Finally, aided by dropping Python 2 support, weβve been putting in a bunch of work to improve Synapse in resource constrained environments. This will be a constant theme over the coming months.
Brian Γ appeared to tell us about python-matrixbot. This is a project that has existed for some time.
A Python module meant to act as a base class for a Matrix bot.
The MatrixBot class will connect to the Matrix server, start a listener on each joined room, and listen for room invites from other users. It also includes helper methods you can use to extend the functionality. It is built on the Matrix Python SDK which can be directly accessed via MatrixBot.client
koma got some improvements, based on what's learned developing Continuum, which is a desktop client based on it.
Make api calls suspendable functions (which are like Kotlin's flavor of async). This way, the caller don't need to worry about forgetting to call await or a coroutine being left unstarted.
Borrowing from functional programming, model the outcome of a call as a discriminated union, which can be either a success or a failure. The successful case is optimized with inline classes, an experimental feature in Kotlin 1.3, and wrapping is avoided.
Make MatrixError a subclass of HttpError, because the http status code can be handy
Half-Shot was seen to exist IRL this week, he also found time for a new release:
Today we have a new matrix-appservice-bridge release 1.9.0. The bigname feature this week is a new store for mapping matrix events to remote ones, so bridges can handle changes made to sent events like reactions/threading/edits/redactions :). The reason for this feature appearing suddenly will become clear very soon.. π
Another week, which means more work on the mx-puppet-bridge ecosystem! A new > bridge has been added, mx-puppet-discord. Soru finally added license files > (Apache-2-0) and some readmes.
This is the new puppeting bridge! The idea is that, in the long run, this will > be run in conjunction with matrix-appservice-discord Half-Shot/matrix-appservice-discord), where mx-puppet-discord handles DM > puppeting and matrix-appservice-discord the remaining. For this, the message > parsing was split in a new repository, matrix-discord-parser. The idea is that, in the > future, when inviting a ghost on matrix-appservice-discord it'll initiate > conversation within mx-puppet-discord
basic text messages
handle files
handle edits, deletes
mx-puppet-discord does only DMs, for non-DMs please use matrix-appservice-discord
We've got a dedicated room for slack bridge development over at #matrix_appservice_slack:cadair.com, since it's picked up in terms of community PRs and general interest. It's not currently being used as a support room, however.
They mention,
warning may contain ranting about the codebase
But that could be any room, so it seems ok to me.
WARNING: LATE ADDITION
Hi everyone! Myself and Cadair have been working hard on a new Slack bridge release, and we are finally ready to push out a release candidate for 0.3.
The headline features are:
Implement message deletion.
Add support for edits.
Add support for reactions.
Add support for threading (using replies).
Support displayname and avatar lookups for Slack bots.
Replace channel mentions with canonical aliases for bridged rooms.
Support for slack attachments (Thanks @umitalp for the initial groundwork and @Cadair for the cleanup)
After an internal release, we are working on improving the performance, especially for initial sync and for navigation between rooms.
Also we are fighting bugs.
I've invested a lot of money in making Pattle happen
on iOS: MacBook, Apple Developer Program, and an iPhone.
Pretty costly, so any donations will be greatly appreciated!
What to expect in the next release:
Fix timeline jump issues
Remove redundant state messages when a room is upgraded
Start work on chat details screen (members, change name, etc.)
to push things forward on Matrix URIs front, Quaternion master branch now supports matrix:user/userid, matrix:room/roomalias and matrix:roomid/roomid URIs. For example, Quotient/Quaternion room can be opened by a link matrix:room/quotient:matrix.org.
This will be so much easier to use! Also:
Quaternion has got a new contributor, Roland Pallai (https://github.com/rpallai), who added colouring of messages sent by the local user and support of drag-n-drop of text and images on Quaternion, along with general improvements on the timeline. Many thanks!
Windows builds of Quaternion (CI and future releases) come with Qt Keychain enabled, storing your access tokens in Windows secure storage.
Bumped the K8s optimized Docker image to 1.1.0, with the same dropping of Python 2 and Postgres 9.4 support as the official image.
NB: The upstream docker configuration changes do not affect the K8s-optimized image, no configuration change is necessary to upgrade from 1.0.0 to 1.1.0
πmodular.im starting to make Small instances available
modular.im are making the much-asked-for SMALL instances available. This service is rolling out starting with people who have previously enquired about availability, which I gather is a lot of people. Go sign up if you're interested!
The wait is almost over ... We're now rolling out our trial of Small Hosted Homeservers for Matrix. Have you got your golden ticket yet? πποΈ pic.twitter.com/iUkAIHW9MY
we've been working on a v1 admin dashboard for managing your Synapse instances through Modular. This is now live on the site and provides a basic suite of functionality including:
Viewing users of your synapse homeserver(s)
Creating users
Deleting users
Resetting user passwords
Viewing user profile and server access / activity
Sending messages to all system users as the system alerts user
Ananace is "continuing the rewrite of the release tracker project. Working towards getting it to only store state in Matrix so it can be run in a read-only environment like a K8s deployment."
Right folks, this is our first post 1.0 release, which means that we have now
officially dropped support for Python 2 and Postgres
9.4.
This means that we can start making use of Python 3 specific features and you
should expect lots of associated performance wins over the coming months. See the upgrade notes for more.
Synapse 1.1.0 also contains a reworked approach to the Docker image, as well lots
of performance improvements with special focus on DB IO - expect more to come
in this area.
Special thanks to community member Alexander
Trost for rounding out our SAML support and also
to Daniel Hoffend for contributing the ability
to disable local password authentication.
Fix regression in 1.1rc1 where OPTIONS requests to the media repo would fail. (#5593)
Removed the SYNAPSE_SMTP_* docker container environment variables. Using these environment variables prevented the docker container from starting in Synapse v1.0, even though they didn't actually allow any functionality anyway. (#5596)
Fix a number of "Starting txn from sentinel context" warnings. (#5605)
Added possibility to disable local password authentication. Contributed by Daniel Hoffend. (#5092)
Add monthly active users to phonehome stats. (#5252)
Allow expired user to trigger renewal email sending manually. (#5363)
Statistics on forward extremities per room are now exposed via Prometheus. (#5384, #5458, #5461)
Add --no-daemonize option to run synapse in the foreground, per issue #4130. Contributed by Soham Gumaste. (#5412, #5587)
Fully support SAML2 authentication. Contributed by Alexander Trost - thank you! (#5422)
Allow server admins to define implementations of extra rules for allowing or denying incoming events. (#5440, #5474, #5477)
Add support for handling pagination APIs on client reader worker. (#5505, #5513, #5531)
Improve help and cmdline option names for --generate-config options. (#5512)
Allow configuration of the path used for ACME account keys. (#5516, #5521, #5522)
Add --data-dir and --open-private-ports options. (#5524)
Split public rooms directory auth config in two settings, in order to manage client auth independently from the federation part of it. Obsoletes the "restrict_public_rooms_to_local_users" configuration setting. If "restrict_public_rooms_to_local_users" is set in the config, Synapse will act as if both new options are enabled, i.e. require authentication through the client API and deny federation requests. (#5534)
The minimum TLS version used for outgoing federation requests can now be set with federation_client_minimum_tls_version. (#5550)
Optimise devices changed query to not pull unnecessary rows from the database, reducing database load. (#5559)
Add new metrics for number of forward extremities being persisted and number of state groups involved in resolution. (#5476)
Fix bug processing incoming events over federation if call to /get_missing_events fails. (#5042)
Prevent more than one room upgrade happening simultaneously on the same room. (#5051)
Fix a bug where running synapse_port_db would cause the account validity feature to fail because it didn't set the type of the email_sent column to boolean. (#5325)
Warn about disabling email-based password resets when a reset occurs, and remove warning when someone attempts a phone-based reset. (#5387)
Fix email notifications for unnamed rooms with multiple people. (#5388)
Fix exceptions in federation reader worker caused by attempting to renew attestations, which should only happen on master worker. (#5389)
Fix handling of failures fetching remote content to not log failures as exceptions. (#5390)
Fix a bug where deactivated users could receive renewal emails if the account validity feature is on. (#5394)
Fix missing invite state after exchanging 3PID invites over federaton. (#5464)
Fix intermittent exceptions on Apple hardware. Also fix bug that caused database activity times to be under-reported in log lines. (#5498)
Fix logging error when a tampered event is detected. (#5500)
Fix bug where clients could tight loop calling /sync for a period. (#5507)
Fix bug with jinja2 preventing Synapse from starting. Users who had this problem should now simply need to run pip install matrix-synapse. (#5514)
Fix a regression where homeservers on private IP addresses were incorrectly blacklisted. (#5523)
Fixed m.login.jwt using unregistered user_id and added pyjwt>=1.6.4 as jwt conditional dependencies. Contributed by Pau Rodriguez-Estivill. (#5555, #5586)
Fix a bug that would cause invited users to receive several emails for a single 3PID invite in case the inviter is rate limited. (#5576)
Fix "Unexpected entry in 'full_schemas'" log warning. (#5509)
Improve logging when generating config files. (#5510)
Refactor and clean up Config parser for maintainability. (#5511)
Make the config clearer in that email.template_dir is relative to the Synapse's root directory, not the synapse/ folder within it. (#5543)
Update v1.0.0 release changelog to include more information about changes to password resets. (#5545)
Remove non-functioning check_event_hash.py dev script. (#5548)
Synapse will now only allow TLS v1.2 connections when serving federation, if it terminates TLS. As Synapse's allowed ciphers were only able to be used in TLSv1.2 before, this does not change behaviour. (#5550)
Logging when running GC collection on generation 0 is now at the DEBUG level, not INFO. (#5557)
Reduce the amount of stuff we send in the docker context. (#5564)
Point the reverse links in the Purge History contrib scripts at the intended location. (#5570)
