This Week in Matrix 2020-05-22

2020-05-22 — This Week in Matrix — Ben Parsons

Matrix Live 🎙

Dept of Status of Matrix 🌡

Automattic invests in New Vector

Huge news, read more detail here! Check out Matrix Live with Matt Mullenweg above, too.

Matthew announced:

Automattic invested in New Vector in order to support Matrix, and are also hiring Matrix Integration Engineers! https://automattic.com/work-with-us/matrix-integrations-engineer/

Do check out the job description - this is a really fascinating role! If only I didn't have a job already...

Dept of Spec 📜

anoa reported:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
MSC Status
Merged MSCs:
MSC2526: Add ability to delete key backups
MSC2472: Symmetric SSSS
MSCs in Final Comment Period:
MSC2540: Stricter event validation: JSON compliance (merge)
MSC2240: Room version 6 (merge)
MSC2209: Alter auth rules to check notifications in m.room.power_levels (merge)
New MSCs:
MSC2557: Proposal to clarify spoilers
Spec Core Team
In terms of Spec Core Team MSC focus for this week, the room v6 MSCs from last week's focus have all reached FCP 🎉 So we're continuing on with the E2E MSCs; MSC2366 (verification flows) and MSC2399 (UISI messaging).
We'll soon be releasing Federation API r0.1.3 and Client-Server API r0.6.1, which brings room v6.

Interestingly, this was produced with some new automation.

MSC status chart

As if this wasn't enough, sorunome reported:

heya twimers who were excited about the emotes msc thing, soru added a few more things and it'd be cool if someone could cross-check it https://github.com/matrix-org/matrix-doc/pull/2545

Dept of Servers 🏢

Conduit

Conduit is a Matrix homeserver written in Rust https://conduit.rs

timo offered:

This week I finished support for end to end encryption and also implemented media uploading, downloading and thumbnail generation! See it in action here:

If you want to see it with your own eyes, create an account via https://riot.conduit.rs. We hope to push our changes to Riot upstream soon, so you can use your own Riot to connect.
Finally, I want to thank my kind supporters on Liberapay.

P2P/Dendrite

Dendrite is a next-generation homeserver written in Go

kegan told us:

Dendrite has seen a number of improvements this week, including:
Backfill will now backfill more messages than before, resulting in a snappier experience when scrolling back in a room.
Dendrite is now compliant with Synapse on backfill behaviour.
Inline CS API filters will now honour the timeline limit value.
Making more Sytests pass.
Modifications to how Dendrite tracks memberships.
Addition of an -api flag to expose internal HTTP APIs.
Clearer separation of internal/external HTTP APIs.
This has culminated in the following values for Are We Synapse Yet:
Client-Server APIs: 34% (227/672 tests) - up from 33%
Federation APIs: 34% (35/103 tests) - up from 27%
As for P2P....
p2p.riot.im v0.1.0 released!
This is a significant milestone because we now persist Dendrite databases to IndexedDB, greatly improving UX and giving users a consistent identity on the P2P network. In addition to this, the following changes have been made:
We now bake in the Dendrite commit SHA into the logs on startup.
Dendrite will now restart itself in case of panics/segfaults.
Known issues with this release:
Databases are only flushed to IndexedDB every 30 seconds, making it possible to lose the most recent messages. This has a variety of effects on the Dendrite instance, but in testing it has been able to mostly gracefully recover. Messages that you have sent will be backfilled but will be redacted. Rooms you have joined will be forgotten, and you need to be kicked/re-invited/re-join for communication to be re-established. We're looking into a better flushing mechanism going forwards.
If you have previously visited p2p.riot.im, you MUST manually clear your service worker via chrome:serviceworker-internals or about:debugging#/runtime/this-firefox or else you might get errors such as "LinkError: WebAssembly.instantiate(): memory import 37 has no maximum limit, expected at most 4294967295".
Please do not rely on p2p.riot.im to have any form of stability. Patch version bumps (0.1.0 -> 0.1.1) will not remove databases but minor version bumps will (0.1.1 -> 0.2.0) so we can continue to progress with Dendrite development at speed.

Synapse

anoa announced:

Synapse v1.13.0 has landed with SSO fixes and support in User-Interactive Authentication sessions, the ability to run in worker mode using redis as an experimental backend (which will soon be considered the default transport for Synapse workers), the ability for server admins to define password policies, some alias bugfixes, some cross-signing fixes as well as many more continuous improvements.
v1.14.0 in now in development, which will feature room v6 support.
Be sure to read the upgrade notes before upgrading.
And btw, upgrade notes != release notes

Synapse Deployment 📥

Kubernetes

Ananace offered:

1.13.0 tags for the K8s-optimized docker image have been pushed

Docker-matrix

Mathijs announced:

The synapse 1.13.0 image including coturn and jemalloc is available as avhost/docker-matrix:v1.13.0, as always the RCs were (and are) available under mvgorcum/docker-matrix:v1.13.0rcX

Dept of Bridges 🌉

matrix-sms-bridge

Benedict told us:

I released a new matrix bridge called matrix-sms-bridge, which allows you to bridge matrix rooms to SMS with one telephone number only. It is build on top of matrix-spring-boot-sdk and written in kotlin. Currently, only modems via Gammu are supported, but new Providers (e.g. some REST API) can be added very easily.
I'm going to integrate it into matrix-docker-ansible-deploy to use it in my corporate-environment.

mautrix-telegram

Tulir said:

mautrix-telegram v0.8.0-rc2 was released with some bugfixes and a basic implementation of Half-Shot's bridge information state event MSC. There will probably be at least one more RC with some more bugfixes in a week or two.

mautrix-facebook

Tulir said:

Last week I updated the messenger library mautrix-facebook uses to the latest upstream version, which might have made things work a bit better. This week mautrix-facebook got some more bugfixes and also a new feature to bridge animated stickers on Messenger into gifs on Matrix.

Dept of Clients 📱

Fluffychat

sorunome reported:

Fluffychat Version 0.14.0 is out now and this is new:
Implement image viewer
Implement room pills
New chat appBar showing presences and room avatars
Implement well-known support
Minor fixes, refactoring and performance improvements
F-Droid is already published here: https://christianpauly.gitlab.io/fluffychat-website/en/fdroid.html
PlayStore and TestFlight will follow in the next few days.

Radical

stoic said:

Riot Web as Firefox Add-on? Yep, it's (still) a thing, now available as version 1.6.1 and supports search in encrypted rooms (via Radical Native)

Mirage

miruka offered:

Mirage 0.5.0 has been released today:
Major performance improvements. Although there is still work to be done, such has persisting client state between restarts to avoid initial syncs everytime, accounts will hundreds of rooms should now be able to finish loading and no longer take your entire RAM and CPU until everything freezes
Rooms with unread messages or mentions for your user (currently only those received while the client is running) will be highlighted and sorted first
New UI component allowing you to quickly jump between accounts in the room list, and always keep an eye how many total unread messages or mentions you have
Messages can now be replied to
Room members can now be kicked and banned
New keybinds for jumping between accounts, cycling through unread rooms, replying to messages and opening links in a message
Kinetic scrolling can now be disabled, this should fix scrolling for some trackpads incorrectly handled by Qt
The order in which accounts are shown in the side pane can now be customized
And a lot more, see full changelog

Nheko

Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico (@deepbluev7:neko.dev) announced:

lkito has been contributing this week to Nheko as part of his homework for university or so? Anyway, he added an option to highlight whatever message you are currently hovering over, so that you have an easier time locating the proper timestamps and buttons for that specific message. He's now working through a few other issues to improve his coding skills, like optionally having big emojis in the timeline or showing tooltips to explain the settings Nheko has.
You can now set a /roomnick
You can now tag rooms using the room context menu. You can assign multiple tags and create new tags as you like. This helps organizing your rooms, since Nheko supported filtering you room list using tags for a few years already, but until now you couldn't assign them.
red_sky has been tying up the loose ends for reaction support. Once that is done, we'll release 0.7.2

RiotX Android

valere offered:

The team is working on getting feature parity with old-riot
Identity server support has been merged to develop
Switch language
1:1 Voip calls, Widgets, and room attachement list screen (media, files) are work in progress, and coming next
Matrix Android SDK
v0.9.35 has been released
Fixes Favs bug (no more favs after update)
=> Riot android release coming soon with SDK update

Riot-iOS

From Manu:

This week, we released Riot-iOS 0.11.5 with the support of the new version of SAS (emoji) verification. This release contains also a fix for share and Siri extensions to make them compatible with cross-signing.
We continued to make progress on the full support of the iOS13 SDK. The new push extension is almost here but it is tricky to make it work as VoIP pushes we abused for years.

Dept of SDKs and Frameworks 🧰

Ruby

Ananace told us:

Just released version 2.1.0 of the Ruby SDK, headlines changes are the addition of request IDs (and timing) to the debug output to make request/response tracking easier, as well as finalized support for extending both the low-level and higher-level clients with MSCs - along with a much improved implementation for MSC2108 (Sync over SSE). Also included are some bug fixes, as usual, as well as many improvements to the provided example bot.
You can still find it on rubygems as matrix_sdk, and feel free to drop by #ruby-matrix-sdk:kittenface.studio for questions, comments, or just general discussion.

Ruma

Ruma is a Rust project to create a comprehensive set of APIs for Matrix. Previously there was a Ruma homeserver project.

jplatte told us:

Rust bits
This week, we worked on support for endpoints with multiple values for one query parameter (in a livestream), federation endpoints for joining rooms and the next revision of ruma-events [1, 2] (that will, once finished, allow us to finally support redacted events properly, amongst other things). We also fixed two small bugs in ruma-client-api. Just today, we released ruma-client-api 0.9.0 and ruma-client 0.4.0 (sorry, no change log ☹︎).
www.ruma.io
Our website has been revamped! It has been ported from Middleman to Zola and has received some style improvements. RSS support has temporarily been removed, but you can expect it to be restored along with some content updates soon.

Dept of Guides 🧭

New documentation from Nataraj

Nataraj offered:

I have written a guide about configuring bridge to FreeNode: https://github.com/matrix-org/matrix-appservice-irc/wiki/Setting-Up-Bridge-To-FreeNode
And wrote a HowTo for installation matrix-appservice-irc on Debian: https://wiki.debian.org/matrix-appservice-irc

Dept of Tulir 🇫🇮

A rather infrequent section.

Tulir offered:

Since multiple people have asked me about it, I now have a GitHub sponsor thing where you can get a fancy flair in my rooms and access to a highly exclusive sponsor room.
I didn't have any public donation things earlier due to the Finnish money collection act, but I realized that I can bypass that by selling things (like access to a Matrix room) instead of it only being a donation.
Completely unrelated to that: Following the bridge info state event implementation in my bridges, I've made a PR to Riot web to fix some bugs related to showing the bridge info there: https://github.com/matrix-org/matrix-react-sdk/pull/4621

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

Rank	Hostname	Median MS
1	fairydust.space	329
2	envs.net	429
3	maunium.net	473.5
4	danielvinci.com	540
5	maescool.be	565
6	matrix.vgorcum.com	614
7	aragon.sh	774
8	dmnd.sh	1448
9	utzutzutz.net	1689.5
10	kittenface.studio	2009.5

Final thoughts 💭

Last week we featured some Sytest output and compared the results between homeservers, which was fun! We'll bring this back as an occasional feature.

I didn't feature this last month: GNU Radio are now using Matrix.

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Welcoming Automattic to Matrix!

2020-05-21 — General — Matthew Hodgson

Automattic ♥️ Matrix

Hi all,

We’re very excited indeed to announce that Automattic, the creators of WordPress.com, are jumping head first into the Matrix ecosystem with a strategic investment of almost $5M into New Vector (the company which makes Riot and Modular.im, founded by the core Matrix team in 2017). More importantly, Matt Mullenweg (co-founder of WordPress and founder of Automattic) and the Automattic gang are committing to make the most of Matrix in their work going forwards!

This is huge news, not least because WordPress literally runs over 36% of the websites on today’s web - and the potential of bringing Matrix to all those users is incredible. Imagine if every WP site automatically came with its own Matrix room or community? Imagine if all content in WP automatically was published into Matrix as well as the Web? (This isn’t so far fetched an idea - turns out that Automattic already runs a XMPP bridge for wordpress.com over at im.wordpress.com!). Imagine there was an excellent Matrix client available as a WordPress plugin for embedding realtime chat into your site? Imagine if Tumblr (which is part of Automattic these days) became decentralised!?

In fact, if you’re a developer in either the Matrix or WordPress communities, now might be a good time to think about how to cross the streams.... not least because Automattic just opened up a role for a Matrix.org/WordPress Integrations Engineer! Quite aside from the investment, this shows Automattic is serious about Matrix - and we’d like to thank them for opening up jobs in these challenging times to further accelerate Matrix. Perhaps some day Matrix Engineer will be as common a career choice as Web Developer ;)

That said, it’s super early days for integration work, and there isn’t a concrete project to announce yet beyond the investment in New Vector (which is effectively an extension of the funding NV raised in October) and Automattic’s Job opening - but these are the sort of ideas we’ve been kicking around. And at the very least, we should expect to see Automattic’s communities migrating over to Matrix in the coming months.

It’s been loads of fun working with Matt and the team on this: we see a huge overlap in terms of a genuine love for the open web, open source and open standards. It’s also no coincidence that Matt (independently of Automattic) donated substantially to Matrix via Patreon back in 2017 when we needed it the most. We’re also looking forward to benefiting from Automattic’s experience in sustainably and responsibly funding and growing open source projects in general - WordPress.com is an excellent example of how one can support development of a project like WordPress without compromising its open source nature.

So, we’d like to formally welcome WordPress and the rest of the Automattic family into Matrix. It’s incredibly exciting times, and we can’t wait to see what will come of the partnership! And meanwhile, if any other massive open source organisations want to join Automattic and Mozilla in leaping into Matrix, you know where to find us… :D

Huge thanks go to Matt for believing in Matrix - watch this space for updates.

Matthew, Amandine & the Matrix Team.

Synapse 1.13.0 released

2020-05-19 — Releases — Neil Johnson

Synapse 1.13.0 is here and it's a whopper!

Highlights include new support for User Interactive Authentication (UIA) for Single Sign-on (SSO) installations. This means that for the first time features that require the user to re-authenticate are available for servers that authenticate by SSO. Notably this means that these servers now support cross signing!

SSO admins should take a look at the SSO notes in the changelog.

We have been working hard on performance for large scale installations. Anyone supporting more than a few thousand users is probably running Synapse in worker mode. This means splitting out functionality from the master process and making use of multiple cores (or machines) to spread the load. Cross process communication was previously handled by a home grown TCP based replication protocol. As part of our ongoing efforts to improve performance we have replaced this replication system with Redis and have been running Redis in production on matrix.org for the past 2 weeks.

Redis itself does not provide a significant performance win directly but it means that it is much less expensive to add new workers to a cluster. The topology of the old system meant that every additional worker carried a small but not insignificant overhead to the master process. Since moving to Redis we have doubled the number of workers backing matrix.org.

We still consider Redis to be experimental and admins should not feel obliged to upgrade. However it looks very promising and we are likely to deprecate the old replication system in future. So watch this space - Redis is the future.

Finally we've seen lots of improvements to our documentation and many thanks for those in the community making contributions in this area.

It is also worth noting for those of you contributing to Synapse that the develop branch is now the default. More details in the changelog, so take a look.

Get 1.13.0 from github or any of the sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md.

Changelog since v1.12.4

Synapse 1.13.0 (2020-05-19)

This release brings some potential changes necessary for certain configurations of Synapse:

If your Synapse is configured to use SSO and have a custom sso_redirect_confirm_template_dir configuration option set, you will need to duplicate the new sso_auth_confirm.html, sso_auth_success.html and sso_account_deactivated.html templates into that directory.
Synapse plugins using the complete_sso_login method of synapse.module_api.ModuleApi should instead switch to the async/await version, complete_sso_login_async, which includes additional checks. The former version is now deprecated.
A bug was introduced in Synapse 1.4.0 which could cause the room directory to be incomplete or empty if Synapse was upgraded directly from v1.2.1 or earlier, to versions between v1.4.0 and v1.12.x.

Please review UPGRADE.rst for more details on these changes and for general upgrade guidance.

Notice of change to the default `git` branch for Synapse

With the release of Synapse 1.13.0, the default git branch for Synapse has changed to develop, which is the development tip. This is more consistent with common practice and modern git usage.

The master branch, which tracks the latest release, is still available. It is recommended that developers and distributors who have scripts which run builds using the default branch of Synapse should therefore consider pinning their scripts to master.

Features

Extend the web_client_location option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata. (#7006)
Set Referrer-Policy header to no-referrer on media downloads. (#7009)
Add support for running replication over Redis when using workers. (#7040, #7325, #7352, #7401, #7427, #7439, #7446, #7450, #7454)
Admin API POST /_synapse/admin/v1/join/<roomIdOrAlias> to join users to a room like auto_join_rooms for creation of users. (#7051)
Add options to prevent users from changing their profile or associated 3PIDs. (#7096)
Support SSO in the user interactive authentication workflow. (#7102, #7186, #7279, #7343)
Allow server admins to define and enforce a password policy (MSC2000). (#7118)
Improve the support for SSO authentication on the login fallback page. (#7152, #7235)
Always whitelist the login fallback in the SSO configuration if public_baseurl is set. (#7153)
Admin users are no longer required to be in a room to create an alias for it. (#7191)
Require admin privileges to enable room encryption by default. This does not affect existing rooms. (#7230)
Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews. (#7265)
Allow /requestToken endpoints to hide the existence (or lack thereof) of 3PID associations on the homeserver. (#7315)
Add a configuration setting to tweak the threshold for dummy events. (#7422)

Bugfixes

Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak. (#6573)
Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the proxyValidate URL. Contributed by @Naugrimm. (#6634)
Fix missing field default when fetching user-defined push rules. (#6639)
Improve error responses when accessing remote public room lists. (#6899, #7368)
Transfer alias mappings on room upgrade. (#6946)
Ensure that a user interactive authentication session is tied to a single request. (#7068, #7455)
Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors. (#7089)
Return the proper error (M_BAD_ALIAS) when a non-existant canonical alias is provided. (#7109)
Fix a bug which meant that groups updates were not correctly replicated between workers. (#7117)
Fix starting workers when federation sending not split out. (#7133)
Ensure is_verified is a boolean in responses to GET /_matrix/client/r0/room_keys/keys. Also warn the user if they forgot the version query param. (#7150)
Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response. (#7151)
Avoid importing sqlite3 when using the postgres backend. Contributed by David Vo. (#7155)
Fix excessive CPU usage by prune_old_outbound_device_pokes job. (#7159)
Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. (#7177)
Fix a bug which could cause incorrect 'cyclic dependency' error. (#7178)
Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent. (#7199)
Fix some worker-mode replication handling not being correctly recorded in CPU usage stats. (#7203)
Do not allow a deactivated user to login via SSO. (#7240, #7259)
Fix --help command-line argument. (#7249)
Fix room publish permissions not being checked on room creation. (#7260)
Reject unknown session IDs during user interactive authentication instead of silently creating a new session. (#7268)
Fix a SQL query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log. (#7274)
Persist user interactive authentication sessions across workers and Synapse restarts. (#7302)
Fixed backwards compatibility logic of the first value of trusted_third_party_id_servers being used for account_threepid_delegates.email, which occurs when the former, deprecated option is set and the latter is not. (#7316)
Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. (#7337, #7358)
Fix bad error handling that would cause Synapse to crash if it's provided with a YAML configuration file that's either empty or doesn't parse into a key-value map. (#7341)
Fix incorrect metrics reporting for renew_attestations background task. (#7344)
Prevent non-federating rooms from appearing in responses to federated POST /publicRoom requests when a filter was included. (#7367)
Fix a bug which would cause the room durectory to be incorrectly populated if Synapse was upgraded directly from v1.2.1 or earlier to v1.4.0 or later. Note that this fix does not apply retrospectively; see the upgrade notes for more information. (#7387)
Fix bug in EventContext.deserialize. (#7393)
Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. (#7376)
Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. (#7483)
Hash passwords as early as possible during registration. (#7523)

Improved Documentation

Update Debian installation instructions to recommend installing the virtualenv package instead of python3-virtualenv. (#6892)
Improve the documentation for database configuration. (#6988)
Improve the documentation of application service configuration files. (#7091)
Update pre-built package name for FreeBSD. (#7107)
Update postgres docs with login troubleshooting information. (#7119)
Clean up INSTALL.md a bit. (#7141)
Add documentation for running a local CAS server for testing. (#7147)
Improve README.md by being explicit about public IP recommendation for TURN relaying. (#7167)
Fix a small typo in the metrics_flags config option. (#7171)
Update the contributed documentation on managing synapse workers with systemd, and bring it into the core distribution. (#7234)
Add documentation to the password_providers config option. Add known password provider implementations to docs. (#7238, #7248)
Modify suggested nginx reverse proxy configuration to match Synapse's default file upload size. Contributed by @ProCycleDev. (#7251)
Documentation of media_storage_providers options updated to avoid misunderstandings. Contributed by Tristan Lins. (#7272)
Add documentation on monitoring workers with Prometheus. (#7357)
Clarify endpoint usage in the users admin api documentation. (#7361)

Deprecations and Removals

Remove nonfunctional captcha_bypass_secret option from homeserver.yaml. (#7137)

Internal Changes

Add benchmarks for LruCache. (#6446)
Return total number of users and profile attributes in admin users endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. (#6881)
Change device list streams to have one row per ID. (#7010)
Remove concept of a non-limited stream. (#7011)
Move catchup of replication streams logic to worker. (#7024, #7195, #7226, #7239, #7286, #7290, #7318, #7326, #7378, #7421)
Convert some of synapse.rest.media to async/await. (#7110, #7184, #7241)
De-duplicate / remove unused REST code for login and auth. (#7115)
Convert *StreamRow classes to inner classes. (#7116)
Clean up some LoggingContext code. (#7120, #7181, #7183, #7408, #7426)
Add explicit instance_id for USER_SYNC commands and remove implicit conn_id usage. (#7128)
Refactored the CAS authentication logic to a separate class. (#7136)
Run replication streamers on workers. (#7146)
Add tests for outbound device pokes. (#7157)
Fix device list update stream ids going backward. (#7158)
Use stream.current_token() and remove stream_positions(). (#7172)
Move client command handling out of TCP protocol. (#7185)
Move server command handling out of TCP protocol. (#7187)
Fix consistency of HTTP status codes reported in log lines. (#7188)
Only run one background database update at a time. (#7190)
Remove sent outbound device list pokes from the database. (#7192)
Add a background database update job to clear out duplicate device_lists_outbound_pokes. (#7193)
Remove some extraneous debugging log lines. (#7207)
Add explicit Python build tooling as dependencies for the snapcraft build. (#7213)
Add typing information to federation server code. (#7219)
Extend room admin api (GET /_synapse/admin/v1/rooms) with additional attributes. (#7225)
Unblacklist '/upgrade creates a new room' sytest for workers. (#7228)
Remove redundant checks on daemonize from synctl. (#7233)
Upgrade jQuery to v3.4.1 on fallback login/registration pages. (#7236)
Change log line that told user to implement onLogin/onRegister fallback js functions to a warning, instead of an info, so it's more visible. (#7237)
Correct the parameters of a test fixture. Contributed by Isaiah Singletary. (#7243)
Convert auth handler to async/await. (#7261)
Add some unit tests for replication. (#7278)
Improve typing annotations in synapse.replication.tcp.streams.Stream. (#7291)
Reduce log verbosity of url cache cleanup tasks. (#7295)
Fix sample SAML Service Provider configuration. Contributed by @frcl. (#7300)
Fix StreamChangeCache to work with multiple entities changing on the same stream id. (#7303)
Fix an incorrect import in IdentityHandler. (#7319)
Reduce logging verbosity for successful federation requests. (#7321)
Convert some federation handler code to async/await. (#7338)
Fix collation for postgres for unit tests. (#7359)
Convert RegistrationWorkerStore.is_server_admin and dependent code to async/await. (#7363)
Add an instance_name to RDATA and POSITION replication commands. (#7364)
Thread through instance name to replication client. (#7369)
Convert synapse.server_notices to async/await. (#7394)
Convert synapse.notifier to async/await. (#7395)
Fix issues with the Python package manifest. (#7404)
Prevent methods in synapse.handlers.auth from polling the homeserver config every request. (#7420)
Speed up fetching device lists changes when handling /sync requests. (#7423)
Run group attestation renewal in series rather than parallel for performance. (#7442)
Fix linting errors in new version of Flake8. (#7470)
Update the version of dh-virtualenv we use to build debs, and add focal to the list of target distributions. (#7526)

This Week in Matrix 2020-05-15

2020-05-15 — This Week in Matrix — Ben Parsons

Open Tech Will Save Us 🎙

Second edition of OTWSU took place this week! Chance to watch it if you haven't already, or (pro-tip), watch it again.

Mike Hoye from Mozilla talks about "Verbs in the fediverse"
Eugen (@[email protected]) discusses "how we keep mastodon.social running at scale" as a Q&A
... and a new VIP tour of Dendrite, the next-gen Matrix Homeserver, from our own neilalexander and Kegan!

Dept of Status of Matrix 🌡

Bundeswehr switching to Matrix

Oleg said:

German army reported in December 2019 their intentions for Matrix.
Now they decided to replace Stashcat with Matrix in this autumn.
Around 50'000 account are planned.
Riot will be used as a Matrix client. The E2EE by default and device Cross-Signing will be extensively used.
Full article (in German): https://www.heise.de/newsticker/meldung/Bundeswehr-setzt-kuenftig-auf-Matrix-als-Messenger-4719474.html

Mozilla are happy with their deployment!

About a year after this tweet, four months after deployment of our open source @matrixdotorg instance, community participation in the Mozilla project has increased from 4x to 10x across all the projects that previously relied on IRC.https://t.co/E5HRsfHkzk
— mhoye (@mhoye) May 12, 2020

For more from Mike check out the OTSWU recording above, he's on first.

Dept of Spec 📜

Spec

anoa announced:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
MSC Status
Merged MSCs:
No MSCs were merged this week.
MSCs in Final Comment Period:
MSC2526: Add ability to delete key backups
MSC2390: On the EDU-to-PDU transition.
MSC2389: Toward the EDU-to-PDU transition: Typing.
New MSCs:
[WIP] MSC2545: Emotes
MSC2540: Stricter event validation: JSON compliance
Spec Core Team
In terms of Spec Core Team MSC focus for this week, MSC2526 has entered FCP. We'd like to keep the E2E MSCs in flight in focus, but are also concious that room v6 is coming up. We're sticking the MSCs for the latter alongside the existing E2E ones in the focus queue, for a total of 5. Those MSCs are: MSC2366 (verification flows), MSC2399 (UISI messaging), MSC2540 (canonical JSON validation), MSC2209 (notifications auth rules), and MSC2240 (room version 6).

Dept of Servers 🏢