Synapse 1.17.0 released

2020-07-13 — Releases — Neil Johnson

Synapse 1.17.0 is here!

Hot on the heels of Synapse 1.16.1, 1.17.0 is a bug fix release most notably containing a fix for 'stuck invites' which happen when we are unable to reject a room invite received over federation.

Get the new releases from any of the usual sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md. 1.17.0 is on github here.

Changelog for 1.17.0 follows:

Synapse 1.17.0 (2020-07-13)

Synapse 1.17.0 is identical to 1.17.0rc1, with the addition of the fix that was included in 1.16.1.

Synapse 1.17.0rc1 (2020-07-09)

Bugfixes

  • Fix inconsistent handling of upper and lower case in email addresses when used as identifiers for login, etc. Contributed by @dklimpel. (#7021)
  • Fix "Tried to close a non-active scope!" error messages when opentracing is enabled. (#7732)
  • Fix incorrect error message when database CTYPE was set incorrectly. (#7760)
  • Fix to not ignore set_tweak actions in Push Rules that have no value, as permitted by the specification. (#7766)
  • Fix synctl to handle empty config files correctly. Contributed by @kotovalexarian. (#7779)
  • Fixes a long standing bug in worker mode where worker information was saved in the devices table instead of the original IP address and user agent. (#7797)
  • Fix 'stuck invites' which happen when we are unable to reject a room invite received over federation. (#7804, #7809, #7810)

Updates to the Docker image

  • Include libwebp in the Docker file to properly handle webp image uploads. (#7791)

Improved Documentation

  • Improve the documentation of the non-standard JSON web token login type. (#7776)
  • Update doc links for caddy. Contributed by Nicolai Søborg. (#7789)

Internal Changes

  • Refactor getting replication updates from database. (#7740)
  • Send push notifications with a high or low priority depending upon whether they may generate user-observable effects. (#7765)
  • Use symbolic names for replication stream names. (#7768)
  • Add early returns to _check_for_soft_fail. (#7769)
  • Fix up synapse.handlers.federation to pass mypy. (#7770)
  • Convert the appserver handler to async/await. (#7775)
  • Allow to use higher versions of prometheus_client <0.9.0 which are expected to introduce no breaking changes. Contributed by Oliver Kurz. (#7780)
  • Update linting scripts and codebase to be compatible with isort v5. (#7786)
  • Stop populating unused table local_invites. (#7793)
  • Ensure that strings (not bytes) are passed into JSON serialization. (#7799)
  • Switch from simplejson to the standard library json. (#7800)
  • Add signing_key property to HomeServer to save code duplication. (#7805)
  • Improve stacktraces from exceptions in background processes. (#7808)
  • Fix various spelling errors in comments and log lines. (#7811)

This Week in Matrix 2020-07-10

2020-07-10 — This Week in Matrix — Ben Parsons

Matrix Live 🎙

This week it's Open Tech Will Save Us!

Dept of Spec 📜

anoa reported:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

Merged MSCs:

  • No MSCs were merged this week.

MSCs in Final Comment Period:

New MSCs:

Note that a majority of those new MSCs are split out from MSC1849 (the aggregations MSC) to make it easier to review 🙂

Spec Core Team

In terms of Spec Core Team MSC focus for this week, we're sticking to implementation work. anoa did have some time this week to make the graphs more useful though:

2020-07-10-FFL8i-image.png

Check out that graph!

Dept of GSoC 🎓️

HTML embeddable client GSoC project

arnav-t told us:

This week for my HTML embeddable client GSoC project:

  • Added full markdown support and made replying and quoting fully functional

  • Added a lot more configuration options to the client, including a read-only mode

  • Fixed some bugs

go-neb

nikofil said:

  • work is still being done on the bot's functionality to test different crypto functionalities of other Matrix clients when thrown in a room with them

  • slight improvements to mautrix-go (sql store can now store multiple Olm accounts and their sessions, key rotation params taken from encryption event, other minor things)

  • add some simple instructions to the readme for enabling e2ee for neb as well as integrate these mautrix changes (PR #330)

  • room_key_requests will probably be the next thing to be developed for mautrix-go

Nheko (GSoC)

Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Chethan said:

  • Added user cache which stores the encrypted user keys and updates them on sync

  • Added Verification Cache which stores verified devices of a user

  • Showing Verification Status of a device on Userprofile

Dept of P2P 👥

Riot iOS P2P Demo

Neil Alexander announced:

Over the last couple of weeks I have been working on the next P2P demo, using Yggdrasil as the transport instead of libp2p. Although libp2p is arguably more featureful in many ways, Yggdrasil does have one major benefit in that it provides full overlay routing. Participants in the network can carry traffic on behalf of other participants, resulting in something much closer to a true mesh network.

The mad science doesn't end there however. I've also built a custom Riot iOS build that includes the full Dendrite P2P demo (yes, that's a homeserver running locally on your phone). If you have an iPhone or iPad, it's available in public TestFlight right now and you can play with it!

The demo still is very experimental and has a number of bugs still (including but not limited to messages occasionally taking a while to deliver, the app crashing when going into the background sometimes etc.) but we'll be improving it further in the coming weeks and it's quite fun to play with, particularly if you can do so with other people nearby.

Thanks to the same technology that powers AirDrop, the demo will automatically find and connect to other nearby devices running the demo and build up a network automatically - even if you are not on the same Wi-Fi network (or indeed connected to Wi-Fi at all)! If you don't have any other nearby peers to test with then fear not - you can still configure a public static peer in the app settings and join the wider network that way.

With any luck the room directory will even work too, showing published rooms from other nearby devices. If not, try joining #beachparty:b5ae50589e50991dd9dd7d59c5c5f7a4521e8da5b603b7f57076272abc58b374 from within the app.

Questions, comments or feedback? Join us in #p2p:matrix.org!

Dept of Servers 🏢

A new way to test homeservers - Complement

kegan reported:

Many of you know that I work on a Go homeserver called Dendrite, and so I've had to get familiar with SyTest: a black-box homeserver integration testing project. Unfortunately SyTest has a number of problems: from the dialect of perl, lack of documentation for federation bits, the inability to run a single test, and so on. Having a solid black-box integration testing project is crucial for the ecosystem to ensure spec compliance (and hence compatibility between server implementations) and for making all servers more stable and reliable.

As a side project I've been working on a modern Go rewrite called Complement which is now ready for a bit more exposure. It currently only has a handful of SyTests converted but I hope to rapidly expand the number in the coming weeks. Complement makes heavy use of Docker to agnostically run homeservers, and already includes a Dockerfile for configuring a Dendrite instance. To try it out, clone the repo and run:

(cd dockerfiles && docker build -t complement-dendrite -f Dendrite.Dockerfile .)

COMPLEMENT_BASE_IMAGE=complement-dendrite:latest go test -v ./tests

If you're interested in learning more and maybe adding some tests check out ONBOARDING.md.

My overall hope is that Complement will lower the barrier to entry when adding tests by so much that it encourages any bugfix/feature in any homeserver implementation to result in a new test. This will benefit everyone and create a feedback loop which will make Matrix even more reliable.

Asked about Sytest and SyTS, Kegan added:

Complement currently implements the same tests as sytest, so tests which pass sytest will pass complement (though that will diverge as complement will guard against more race conditions by default). There's about 9 different kinds of tests currently testing CS-API and Federation (outbound to a dummy server and inbound via a federation client)

The problem with SyTS was that the test tooling around it ultimately wasn't expressive enough. I was using Jest and kept finding myself fighting it by bumping up against issues like https://github.com/facebook/jest/pull/8751 and the multi-process parallelisation stuff was too opaque. The assertion helper functions also lacked context because they rely on behavioural testing names like describe("foo") { it("should say bar") { ... } etc so when your assertion fails (eg wrong value for a JSON key using assert equals) it just says unhelpfully "foo != bar" where what I really want is to know what it actually does say then, and other contextual info around the object (maybe the key name was typod). When I realised that the assertion lib didn't have this and I'd need to add it, coupled with parallelisation concerns and head-desking against Jest, I found myself wishing I just used something else. I stuck with it though and then realised that all the federation stuff (signature checking, canonical JSON, etc) would need to re-implemented when I knew I had working code in Go. Both of these things combined and I thought "you know what, I'm just going to do this in Go" but you'll note that the architecture is identical, so SyTS lives on as an early prototype for Complement ;)

Find out more in the room: #complement:matrix.org.

Dendrite / gomatrixserverlib

Dendrite is a next-generation homeserver written in Go

Neil Alexander told us:

While I've been busy distracted with the P2P demo, Kegan has been on a mission to implement some new features. Changes this week include:

  • Redaction is now mostly implemented

  • User-interactive authentication is now implemented

  • Device lists in the client API are now implemented

  • Media APIs are now available on both /r0 and /v1 endpoints which makes Riot iOS a bit happier

  • Some federation sender bugs have been fixed

  • Some database locks in the federation sender in SQLite mode have been fixed

Spec compliance has improved a bit:

  • Client-Server APIs: 48%, up from 45% last week

  • Server-Server APIs: 51%, up from 50% last week

Conduit

Conduit is a Matrix homeserver written in Rust https://conduit.rs

timo said:

Conduit

Hi everyone, here are some things we worked on this week:

  • Work on to-device sending improvements

  • Work on room tags (thanks to @gnieto)

  • Merged /logout/all endpoint (thanks to @CapsizeGlimmer)

  • Work on /joined_members (thanks to @CapsizeGlimmer)

Last week we had a list of major features still missing. Here's a list of what already works:

Registering, logging in, creating rooms, room visibility, join rules, basic permission management, public room list, inviting, creating DMs, e2e encryption, key backups, device verification, cross signing, notifications, uploading media/files (also user/room avatars), lower-resolution media thumbnails, voip calls and a few other thing's I'm forgetting right now. So it's useable for non-federating chats already.

Thanks to everyone who supports me on Liberapay or Bitcoin!

Synapse

Neil reported:

In Synapse land this week, we shipped 1.16.0 and err 1.16.1.

Lifting from the blog post, the highlights are:-

  • An important performance fix to improve room state resolution.

  • An option to enable e2e by default for new rooms.

  • Ability to run multiple media repo workers side by side.

  • Ability to mark specific content as being safe from quarantine.

  • Bug fixes to make migrating from SQLite to Postgres more reliable - if you are running sqlite for anything other than evaluation purposes then please migrate!

We also put out a release candidate for 1.17.0 which all being well we’ll release on Monday. 1.17.0 is really a bug fix release the most notable being finally squashing a long standing bug that caused locally rejected invites to get ‘stuck’ client side.

Continuing our matrix.org performance theme, having now got the CS API largely into a good state of responsiveness, we are looking at federation lag. Today we shipped a sharded Federation Reader to matrix.org which has reduced the average lag from seconds to milliseconds. We are just running two currently and are still tuning as we figure out how to get the best from it. Initial impressions seem promising. Watch this space.

2020-07-10-qiwpr-Screenshot2020-07-10at16.02.39.png

We also have a PR out for review to shard the Federation Sender, which will have much the same effect in the other direction.

Once we have sending messages via the Client-Server API, much reduced federation lag and a sharded Pusher we’ll take a look at room joins.

Synapse Deployment 📥️

dacruz21/matrix-chart

Typo Kign reported:

v2.3.0 of dacruz21/matrix-chart has been published with Synapse 1.16.

Kubernetes

Just pushed the 1.16 K8s-optimized Synapse image tags, this time done from a tablet in a server room between moving a bunch of hardware.

New WireGuard-based deployment

balaa announced:

Hi everyone, my friend Patrick and I have been working on making Matrix more accessible in the context of personal overlay networks powered by WireGuard. We’ve built a 1-click deployment solution for Synapse & Riot based on docker. The interesting part is that it gives you public addressability via a distributed proxy service that we have been developing. We are free and open source and welcoming contributors and testers ASAP! We are imagining an ecosystem for building collaborative intranets and see them as foundational to a freer, more equitable internet. Please join us at #noteworthy:tincan.community See https://www.patrickdlg.com/personal-messaging/ and https://noteworthy.tech/start/

Dept of Bridges 🌉

mautrix-whatsapp

Tulir announced:

mautrix-whatsapp got some bugfixes and improvements:

  • You can now create private chat portals by inviting a WhatsApp ghost user (e.g. from a group chat)

  • WhatsApp users in groups are now synced to Matrix properly, including kicking users who left the group without the bridge noticing

matrix-sms-bridge

Benedict offered:

I fixed some bugs in matrix-sms-bridge and added a feature that allows delayed sending of sms messages with the sms send command. It runs very fast and stable in my production environment.

Dept of Clients 📱

Nheko

Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico (@deepbluev7:neko.dev) reported:

Not much to talk about currently, since I'm breaking my Nheko to replace the entire event store at this moment, but I have some heads up on an annoying bug that I fixed on my branch:

Sometimes we had a weird issue, where Nheko wouldn't load the language the user set on their system. This was especially annoying when I wanted to test a specific language, like Japanese, and I couldn't figure out the right LANG* variables to set the language to Japanese in Nheko. Turns out, this was a bug in Nheko and you wouldn't have guessed so, when looking at the examples in the Qt documentation. Anyway, KDAB wrote a nice blogpost explaining this issue: https://www.kdab.com/fixing-a-common-antipattern-when-loading-translations-in-qt/

If you are a Qt developer, you may want to check your applications, if you are also affected.

Riot-iOS

steve offered:

This week, we worked on the rebranding.

RiotX / Riot-Android

benoit announced:

We will release a beta (0.91.5) of Riot-Android this evening, including all the recent changes and lots of fixes. We are still working to prepare the great release!

Daydream

MTRNord told us:

While not much is happening on the master branch some things happened on the Redesign branch:

  • Daydream does the sync now on a worker which is similiar to using a thread

  • jplatte made a PR for optimizing multiple Parts of the Code which significantly improved the overall Daydream performance ( https://github.com/daydream-mx/Daydream/pull/22 )

  • Some rework of the Login logic happened to prepare for well-known support

Dept of SDKs and Frameworks 🧰

mautrix-python

Tulir offered:

When I initially implemented end-to-bridge encryption in mautrix-python, I used matrix-nio in a slightly hacky way to get it done quickly. It worked fine in some cases, but also caused some undecryptable messages. I tried switching to using matrix-nio's crypto module directly, but the sans-I/O design made that difficult: there were too many parts that needed to be hooked up to the actual I/O and I wasn't able to find them all. In the end, I just decided to implement the basic e2ee stuff directly in mautrix-python the same way it's implemented in mautrix-go.

All my bridges based on mautrix-python (Telegram, Facebook and Hangouts) have been switched to use the new crypto stuff. After a few initial bugs that are already fixed, it seems to work better than the old system. I'll probably add native e2ee to maubot soon too, which is my last main project that's still missing e2ee.

Dept of Internet of Things 💡

Mozilla IoT Matrix Adapter 0.3

Christian reported:

The Mozilla IoT Matrix Adapter can send posts based on events in your home.

Version 0.3 brings the ability to use room aliases instead of internal room ids. Furthermore, you can configure it to accept invites and follow room upgrades.

Due to utter negligence and malpractice by myself, we missed the update for this project last week. Of course, 0.2 is now superseded by 0.3, but here is the 0.2 update anyway:

Released v0.2.0 of the Mozilla IoT Matrix adapter. It's now possible to post in multiple rooms (still one per post).

Dept of Bots 🤖

Cat Disruptor 7000

Stephen D told us:

I wrote a pretty simple Matrix bot in Rust which is loosely based on Cat Disruptor 6000. It will react with 🐈️ to any message containing the string "cat" *. Since it is a small project, I hope it can be used as an example for other people interested in writing Matrix bots in Rust. It implements several important features (crypto/device store, auto-accepting invites, crafting custom events, etc.) You can host it yourself, or you can try it out by inviting the user "@catdisruptor:m.scd31.com" to your room! https://git.scd31.com/stephen/cat-disruptor-7000

* Cat Disruptor 6000 does not do this (it is used for disrupting monologues with cat pictures). However, many instances of Cat Disruptor 6000 also include a separate bot, which is what Cat Disruptor 7000 is mimicking.

matrix-imposter-bot

mr_johnson22 said:

matrix-imposter-bot - A bot that uses your account to repeat other people's messages. This gives relay-bot capabilities to puppet-only bridges.

Updates:

  • Can be much more easily deployed with a production-level WSGI server. It comes with waitress but it's possible to use any other server.

  • Member join/leave/rename now post messages

  • Shuts down when receiving a term/exit/quit signal, instead of hanging

For more details, see https://github.com/mrjohnson22/matrix-imposter-bot

Dept of Interesting Projects 🛰️

cody

carl offered:

cody is a REPL for your matrix chat rooms.

This week, the big new feature was support for Ruby with the message prefix !rb.

Chat with cody: @cody:bordum.dk

Read the source: https://gitlab.com/carlbordum/matrix-cody

Dept of Jobs 💰️

Famedly is recruiting

sorunome announced:

Heya, we (famedly) are looking for about 2-3 more flutter developers. We are a german startup which works on revolutionizing communication in the medical area. We build on top of matrix, so having some matrix-knowledge would be very beneficial.

You might have seen us previously in TWIM with projects such as famedly-email-bridge or the famedly dart SDK.

While we are based in Berlin we do allow remote work, and communication in english is fine, too.

If you are interested or have more questions, please message Niklas Zender.

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1fairydust.space334
2matrix.vgorcum.com637.5
3lossy.network657
4asra.gr795
5swag.industries1407.5
6lo.hn1481
7finallycoffee.eu1804
8nzbr.de1885.5
9halogen.city2275
10utzutzutz.net2462.5

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.16.0 released

2020-07-08 — Releases — Neil Johnson

Synapse 1.16.0 is here!

Notable additions in 1.16.0 include:-

  • An important performance fix to improve room state resolution.
  • An option to enable e2e by default for new rooms.
  • Ability to run multiple media repo workers side by side.
  • Ability to mark specific content as being safe from quarantine.
  • Bug fixes to make migrating from SQLite to Postgres more reliable - if you are running sqlite for anything other than evaluation purposes then please migrate!

Note, we have deprecated the m.login.jwt login method in favour of org.matrix.login.jwt see the changelog for more details.

Enjoy!

Get the new releases from any of the usual sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md. 1.16.0 is on github here.

Changelog for 1.16.0 follows:

Synapse 1.16.0 (2020-07-08)

No significant changes since 1.16.0rc2.

Note that this release deprecates the m.login.jwt login method, renaming it to org.matrix.login.jwt, as m.login.jwt is not part of the Matrix spec. Otherwise the behaviour is identical. Synapse will accept both names for now, but this may change in a future release.

Synapse 1.16.0rc2 (2020-07-02)

Synapse 1.16.0rc2 includes the security fixes released with Synapse 1.15.2. Please see the 1.15.2 release notes for more details.

Improved Documentation

  • Update postgres image in example docker-compose.yaml to tag 12-alpine. (#7696)

Internal Changes

  • Add some metrics for inbound and outbound federation latencies: synapse_federation_server_pdu_process_time and synapse_event_processing_lag_by_event. (#7771)

Synapse 1.16.0rc1 (2020-07-01)

Features

  • Add an option to enable encryption by default for new rooms. (#7639)
  • Add support for running multiple media repository workers. See docs/workers.md for instructions. (#7706)
  • Media can now be marked as safe from quarantined. (#7718)
  • Expand the configuration options for auto-join rooms. (#7763)

Bugfixes

  • Remove user_id from the response to GET /_matrix/client/r0/presence/{userId}/status to match the specification. (#7606)
  • In worker mode, ensure that replicated data has not already been received. (#7648)
  • Fix intermittent exception during startup, introduced in Synapse 1.14.0. (#7663)
  • Include a user-agent for federation and well-known requests. (#7677)
  • Accept the proper field (phone) for the m.id.phone identifier type. The legacy field of number is still accepted as a fallback. Bug introduced in v0.20.0. (#7687)
  • Fix "Starting db txn 'get_completed_ui_auth_stages' from sentinel context" warning. The bug was introduced in 1.13.0. (#7688)
  • Compare the URI and method during user interactive authentication (instead of the URI twice). Bug introduced in 1.13.0. (#7689)
  • Fix a long standing bug where the response to the GET room_keys/version endpoint had the incorrect type for the etag field. (#7691)
  • Fix logged error during device resync in opentracing. Broke in v1.14.0. (#7698)
  • Do not break push rule evaluation when receiving an event with a non-string body. This is a long-standing bug. (#7701)
  • Fixs a long standing bug which resulted in an exception: "TypeError: argument of type 'ObservableDeferred' is not iterable". (#7708)
  • The synapse_port_db script no longer fails when the ui_auth_sessions table is non-empty. This bug has existed since v1.13.0. (#7711)
  • Synapse will now fetch media from the proper specified URL (using the r0 prefix instead of the unspecified v1). (#7714)
  • Fix the tables ignored by synapse_port_db to be in sync the current database schema. (#7717)
  • Fix missing Content-Length on HTTP responses from the metrics handler. (#7730)
  • Fix large state resolutions from stalling Synapse for seconds at a time. (#7735, #7746)

Improved Documentation

  • Spelling correction in sample_config.yaml. (#7652)
  • Added instructions for how to use Keycloak via OpenID Connect to authenticate with Synapse. (#7659)
  • Corrected misspelling of PostgreSQL. (#7724)

Deprecations and Removals

  • Deprecate m.login.jwt login method in favour of org.matrix.login.jwt, as m.login.jwt is not part of the Matrix spec. (#7675)

Internal Changes

  • Refactor getting replication updates from database. (#7636)
  • Clean-up the login fallback code. (#7657)
  • Increase the default SAML session expiry time to 15 minutes. (#7664)
  • Convert the device message and pagination handlers to async/await. (#7678)
  • Convert typing handler to async/await. (#7679)
  • Require parameterized package version to be at least 0.7.0. (#7680)
  • Refactor handling of listeners configuration settings. (#7681)
  • Replace uses of six.iterkeys/iteritems/itervalues with keys()/items()/values(). (#7692)
  • Add support for using rust-python-jaeger-reporter library to reduce jaeger tracing overhead. (#7697)
  • Make Tox actions work on Debian 10. (#7703)
  • Replace all remaining uses of six with native Python 3 equivalents. Contributed by @ilmari. (#7704)
  • Fix broken link in sample config. (#7712)
  • Speed up state res v2 across large state differences. (#7725)
  • Convert directory handler to async/await. (#7727)
  • Move flake8 to the end of scripts-dev/lint.sh as it takes the longest and could cause the script to exit early. (#7738)
  • Explain the "test" conditional requirement for dependencies is not all of the modules necessary to run the unit tests. (#7751)
  • Add some metrics for inbound and outbound federation latencies: synapse_federation_server_pdu_process_time and synapse_event_processing_lag_by_event. (#7755)

This Week in Matrix 2020-07-03

2020-07-03 — This Week in Matrix — Ben Parsons

Matrix Live 🎙

Dept of Status of Matrix 🌡️

Open Tech Will Save Us 4

The next Open Tech Will Save Us event will take place on Wednesday, that's 2020-07-08! Line-up is confirmed as:

Dept of Spec 📜

anoa reported:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

Finished Final Comment Period:

MSCs in Final Comment Period:

  • No MSCs are in FCP.

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, as last week we are sticking with "implementation" for now. We'll be back soon :)

Dept of GSoC 🎓️

This week was the first evaluations, we'll have results to share next week.

matrix-ircd (GSOC)

karlik offered:

for matrix-ircd:

  • Removed futures 0.1 dependency & move all modules to futures 0.3

  • Update all tests to use async / await

  • Begin merging updated futures to async_await branch

go-neb

From nikofil:

  • e2ee merged and some bugs fixed (pr #324)! You should be able to use neb normally in an encrypted room now, if that's not the case please let us know!
  • Added integration tests for both encrypted and unencrypted rooms to neb in order to catch things that might break some core functionality in a subtle way (issue #326)
  • Similarly, created a PR for mautrix-go for testing the Olm and Megolm session establishment and message encryption / decryption (pr #12)
  • Next up, working on a service for neb for testing the crypto functionality of other clients: neb will send messages to a room, rotate keys etc. and your client is supposed to respond!

Dept of Servers 🏢

Dendrite / gomatrixserverlib

Dendrite is a next-generation homeserver written in Go

Neil Alexander said:

This week has seen some new architectural changes and a number of bugs fixed:

  • A new Current State Server component has been added, which tracks room state

  • The Public Rooms API has been deprecated in favour of the Current State Server

  • Event size limits are now honoured with the correct return code

  • Invites have seen some refactoring and retiring invites should work better now

  • The federation sender now persists unsent PDUs to the database and will automatically retry when Dendrite is restarted, making resend behaviour much more reliable (particularly in the P2P demos)

  • Some room checks in /state and /state_ids have been fixed

  • Some additional restrictions have been added to /send and we now return the correct error codes

  • A bug where current state was incorrectly used when getting missing/backfill events has been fixed

  • A bug where you couldn't rejoin a room that you created after wiping your database has been fixed

Spec compliance:

  • Client-Server APIs: 45%

  • Server-Server APIs: 50%

Conduit

Conduit is a Matrix homeserver written in Rust https://conduit.rs

timo reported:

This week I didn't have much time to work on Conduit, but together with @the0 we could implement both password changing and account deactivation!

With last week's key backup and cross-signing PR landing in master, here's a list of all major features still missing from Conduit:

  • All of Federation

  • Appservices

  • Push Notifications

  • Notification settings

  • Message Search

  • Presence

  • Room Tagging

Thanks to everyone who supports me on Liberapay or Bitcoin!

Synapse

richvdh reported:

Synapse 1.15.2 shipped this week with some important security fixes - if you haven't already upgraded, please do asap! Meanwhile, we're also preparing a 1.16 release with the normal round of bugfixes and incremental improvements.

The big focus in the Synapse team continues to be on performance for larger Synapse instances, which is reflected in the support in 1.16 for running multiple media worker processes. We're working on giving other worker processes the same treatment, so expect more of the same in the weeks to come!

Synapse Deployment 📥️

Kubernetes

Ananace announced:

Just pushed the 1.15.2 tags for the K8s-optimized Synapse image.

Docker matrix

Mathijs offered:

The avhost image including coturn, jemalloc, and mjolnir for synapse 1.15.2 was released at avhost/docker-matrix:v1.15.2, while the RCs images were released on my personal repo; mvgorcum/docker-matrix:v1.16.0rc1 and mvgorcum/docker-matrix:v1.16.0rc2

Dept of Bridges 🌉

Twilio & Maubot based SMS bridge

Jeff Casavant offered:

I wrote a very simple Twilio & Maubot based SMS bridge recently which I've been running for long enough with no delivery errors that I'd consider it stable. It's oriented towards bridging many individuals to single rooms via SMS. You'll need to have a Maubot instance in order to run it.

https://github.com/jeffcasavant/MaubotTwilio

Dept of Clients 📱

Syphon - new client announcement

usbfingers offered:

Hey TWIM ,

Tuesday, I did a soft announcement of open alpha for Syphon - a privacy centric matrix client

Source: https://github.com/syphon-org/syphon

Website: https://syphon.org

Features:

  • no analytics.

  • no proprietary third party services

    • iOS will have APNS opt-in, but will be made clear to the user
  • all data is AES-256 encrypted at rest

  • E2EE for direct chats using Olm/Megolm

    • group chats will be supported in the coming weeks
  • all indicators of presence are opt-in only (typing indicators, read receipts, etc)

  • customize themes and colors throughout the app

Please note there's still a lot of work to do and a lot of features missing that other clients have. It's not ready for everyday use.

Please let me know if you have any questions or would like to contribute!

Riot Web

Ryan told us:

This week we released 1.6.8, and the highlights include:

  • Upgraded to Electron 9 for desktop builds, which should fix various Linux tray icon issues

  • Jump to first unread message improved to handle reactions and other non-message events

  • Desktop now shows a file saved message when downloading a file

  • Cross-signing setup flows reworked to simplify choosing a security phrase or key

Fractal

Alexandre Franke announced:

The previous Fractal update was quite a while ago but we’ve kept busy.

There has been a lot of under the hood work that users won’t notice and which we won’t delve into. In addition to them, we have a few nice things:

  • Matrix API tokens are redacted in logs for better privacy when submitting bug reports.

  • A send button was added next the message entry. This is especially relevant for touch screens.

  • We are less noisy with typing notifications that we send out.

  • We support SOCKS proxies.

  • Notifications for non text messages have been tweaked.

  • We gained support for edited message display. They are replaced with the newer content and a little icon is shown next to them. Editing messages is not supported yet though.

2020-07-03-ZFc9l-Captured’écrande2020-07-0317-26-53.png

NovaChat July 3 update:

eric told us:

  • Added icons for each chat network to room list

  • Got Twitter DM bridge working again

  • Improved search bar UI

  • On-boarded 30 new users!

  • Launched (accidentally) on Hacker News

  • Fixed a ton of reliability bugs in the 7 bridges we support (changelog)

  • We are hiring (full-time or part-time) remote React developers to work on our (source available, still TBD on final license) Riot fork Send me a DM if interested.

2020-07-03-LUhRG-image.png

NovaChat has been getting good coverage lately, on Twitter and Hacker News.

RiotX published in the beta channel of the Riot-Android app

benoit announced:

RiotX is now published in the beta channel of the Riot-Android app: https://play.google.com/store/apps/details?id=im.vector.app. You can get the last beta version by becoming a tester if you want to. There will be no more update of RiotX on the PlayStore. Current RiotX users should signout from RiotX and signin again on Riot-Android. Riot-Android users do not have to do that. The changelog can be read here https://github.com/vector-im/riotX-android/releases/tag/v0.91.3-beta. And this week we are working on implementing what's remain on our list, and we are fixing as many bugs as we can before the great release.

Riot-iOS

steve offered:

This week, we made some improvements for the cross-signing UX.

We started to work on the rebranding. And we also made some small improvements in the display of some events in the timeline.

Dept of Ops 🛠

ma1sd release 2.4.0

ma1uta offered:

ma1sd release 2.4.0.

Changes:

  • Enabled v2 API by default.

  • Added experimental support of the database connection pooling for postgresql

  • Added option to bind ma1sd to specified address.

  • Added error logging for LDAP authorization.

  • Added full request and response logs for debug.

  • Avoid including bridged user in directory lookups (https://github.com/ma1uta/ma1sd/pull/45)

  • Add experimental multi-platform buillds for amd64 and arm64 platforms.

  • remove warning about matrix-synapse-ldap3 (https://github.com/ma1uta/ma1sd/pull/50)

Bugfixes:

Downloads:

matrix-docker-ansible-deploy

This Ansible playbook is meant to easily let you run your own Matrix homeserver.

Slavi said:

it appears to be puppet week in matrix-docker-ansible-deploy-land!

Thanks to various contributors (Johanna Dorothea Reichmann, Tulir Asokan and Hugues Morisset), the playbook has gained support for 4 new bridges: mx-puppet-instagram (see our docs), mx-puppet-twitter (see our docs), mx-puppet-discord (see our docs) and mx-puppet-steam (see our docs).

This brings the total number of bridges supported by the playbook to 15!

Dept of Bots 🤖

matrix-reminder-bot v0.1.0

anoa offered:

The release, v0.1.0, of matrix-reminder-bot is out! 🎉

I've eliminated most of the bad bugs that were present, so will be doing some feature development for a bit. As of now, the features of the bot are:

  • Setting reminders

  • Have a reminder ping yourself or the whole room

  • Alarms which continue ringing until silenced

  • Support for end-to-end encrypted rooms

  • Postgres and SQLite support

  • Docker support

Find it here: https://github.com/anoadragon453/matrix-reminder-bot/ and join the discussion at #matrix-reminder-bot:matrix.org!

Enjoy! ❤️

IPFS Bot

MTRNord offered:

Did you ever have the issue that a media event sent from someone is too large for your HS and you don't want to fiddle with the link?

IPFS Bot might be a solution. Invite @ipfs:nordgedanken.dev or Check out https://github.com/MTRNord/matrix-ipfs-bot/ to use the bot.

If you reply to any media event with !ipfs the bot will send you a link to the media stored on ipfs.

Known issues are:

  • E2EE not yet working (It joins but can't yet decrypt the related event)

  • Error handling is basically not existent. Therefore crashes might happen until I sort this out.

  • It currently does very verbose logging. This will be removed when the bot is more stable

  • Images sent from RiotX sometimes seem to not play nice with ruma

(Demo for the IPFS Bot): https://ipfs.nordgedanken.dev/ipfs/QmSfde3V4QL1Lv96Ar62qgnhaEtyi9jzPkKRCBMh4Wqm6F?filename=2020-06-27_16-41-09.mp4

We could include this video here, but it seems me appropriate to link to an actual IPFS location.

cody, REPL for your Matrix chat rooms

carl offered:

Hello, I am announcing my first matrix bot - cody - that will evaluate code snippets in your Matrix rooms and return the result. Here is an example interaction:


user> !py "Hello world!"
cody> 'Hello world!'

user> !py list(range(10))
cody> [0, 1, 2, 3, 4, 5, 6, 7, 8, 9]

You can chat with him @cody:bordum.dk and view the source code at https://gitlab.com/carlbordum/matrix-cody

This initial release only supports Python, but the plan is to add support for more languages in the next few weeks. The repo might also be of interest to some of you as it has CI, CD to DockerHub, complete dev environment with cody, pantalaimon, synapse and riot using docker-compose, simple metrics and Grafana-dashboards-as-code.

Dept of Interesting Projects 🛰️

Matrix Notepad Version v0.2.2

KB1RD told us:

A real-time collaboratie text editor using the Matrix protocol.

matrix-notepad.kb1rd.net

Nope, it's not dead.

  • New version of logootish-js with a completely new algorithm

    • In particular, I should note that this new algorithm is tested extensively, so I think the bugs should be out
  • Corresponding updates to internal event structure

  • Fixed UI & CSS bugs

  • Improved UX for room title editor

  • Currently, conflicting text will be displayed, but conflicts will not be indicated in any way

  • I almost forgot to mention: The room list is now filtered using the typed rooms MSC (event ID org.matrix.msc1840). #test-document0:kb1rd.net is a room with that state event set.

I also made a flame graph of the internal algorithm and I'm surprised by some of the results. The good thing is that I think there's quite a few ways to speed up the algorithm. Here it is:

https://logootish-js.matrix-notepad.kb1rd.net/flamegraph/test/listmodel-nc.perf.js/flamegraph.html#{%22merged%22:false,%22nodeId%22:null,%22excludeTypes%22:[%22cpp%22,%22regexp%22,%22v8%22,%22native%22,%22init%22,%22core%22]}

2020-07-03-SmuSp-image.png

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1fairydust.space385
2talk.go7box.xyz502.5
3gottliebtfreitag.de524
4phys.ethz.ch552
5eisfunke.com997
6c.mau.dev1422
7halogen.city1613
8nzbr.de1722
9asra.gr1774
10utzutzutz.net1875

That's all I know 🏁

See you first thing tomorrow morning, and be sure to stop by #twim:matrix.org with your updates!

Synapse 1.15.2 released with security fixes

2020-07-02 — Releases, Security — Richard van der Hoff

Folks, today we are releasing Synapse 1.15.2, which is a security release which contains fixes to two separate problems. We are also putting out the second release candidate for the forthcoming Synapse 1.16, including the same fixes.

Firstly, we have fixed a bug in the implementation of the room state resolution algorithm which could cause users to be unexpectedly ejected from rooms (Synapse issue #7742).

Secondly, we have improved the security of pages served as part of the Single-Sign-on login flows to prevent clickjacking attacks. Thank you to Quentin Gliech for reporting this.

We are not aware of either of these vulnerabilities being exploited in the wild, but we recommend that administrators upgrade as soon as possible. Those on Synapse 1.15.1 or earlier should upgrade to Synapse 1.15.2, while those who have already upgraded to Synapse 1.16.0rc1 should upgrade to 1.16.0rc2.

Get the new releases from any of the usual sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md. 1.15.2 is on github here, and 1.16.0rc2 is here.

Changelog for 1.15.2 follows:

Synapse 1.15.2 (2020-07-02)

Due to the two security issues highlighted below, server administrators are encouraged to update Synapse. We are not aware of these vulnerabilities being exploited in the wild.

Security advisory

  • A malicious homeserver could force Synapse to reset the state in a room to a small subset of the correct state. This affects all Synapse deployments which federate with untrusted servers. (96e9afe6)

  • HTML pages served via Synapse were vulnerable to clickjacking attacks. This predominantly affects homeservers with single-sign-on enabled, but all server administrators are encouraged to upgrade. (ea26e9a9)

    This was reported by Quentin Gliech.

This Week in Matrix 2020-06-26

2020-06-26 — This Week in Matrix — Ben Parsons

Matrix Live 🎙

It's demos this week!

  • Riot X video calls (valere)
  • Room list (TravisR)
  • Notifications - (Michael (t3chguy) & richvdh)
  • E2E Onboarding (Dave & Nad)
  • Modular SAML support (ChristianP)

Dept of Status of Matrix 🌡

Merch Returns!

Yes it's back! For the first time in months we are shipping branded IRL-items featuring Matrix branding. Head to The Shop to stock-up.

Dept of Spec 📜

anoa announced:

Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.

MSC Status

Merged MSCs:

MSCs in Final Comment Period:

New MSCs:

Spec Core Team

In terms of Spec Core Team MSC focus for this week, unfortunately our three MSCs from last week ( MSC2366 (verification flows), MSC2403 (knocking), and MSC2630 (SAS security)) are still pre-FCP. Most of the team has been quite busy with implementation for the past few weeks. Instead of advertising those 3 MSCs again, we're going to switch the focus to "implementation" for a bit until we're freed up again.

So the focus for this week is: MSC implementation work. However, this should not discourage any MSC authors from responding to MSC feedback in the meantime 🙂

2020-06-26-MxzSP-plot.png

Dept of GSoC 🎓

Ruma GSoC

devinr528 reported:

This week in the ruma/matrix Google Summer of Code project, ruma-events was made ready for use! After adding stripped and sync event generation to the event_enum! macro there were only a few small tweaks needed to try it out in some dependent rust crates. I spent a few days converting matrix-rust-sdk to use the ruma-monorepo. Since ruma is used on both client and server-side, I also opened a PR to update Conduit, a homeserver implementation written in Rust. To test that everything worked together, I updated rumatui, my command-line client written in rust.

Then I could test that Conduit sent, and matrix-rust-sdk received the new ruma events successfully. While updating, I felt the pain of not having accessor methods for the Any*Event enums to get at the event fields held within. I have opened a pull request to add the generation of these methods to the event_enums! macro. Hopefully, the Conduit and matrix-sdk PR's will be merged and the ruma monorepo can be tested in the wild!

matrix-ircd GSOC

karlik told us:

Moved matrix protocol, irc protocol, and bridge module to futures 0.3. Converted some utility functions to new futures, and updated the http implementation to use the standardized Hyper library instead of using a custom http implementation.

go-neb

nikofil said:

  • Created PR for enabling e2ee across all services! This required a few changes to how the bot client is initialised, as well as changes to all services to use the new functionality instead of directly sending messages to a room. https://github.com/matrix-org/go-neb/pull/324

  • Added code from another of tulir's projects to Mautrix to allow storing the crypto material (olm / megolm sessions, accounts etc.) in a SQL database, adding a second way besides using Gob storage. https://github.com/tulir/mautrix-go/pull/10

  • Future plans are to work on the library itself to add any features that might be missing.

HTML embeddable chat rooms

arnav-t told us:

This week I've worked on the following features for the project "HTML embeddable chat rooms" under GSoC '20:

Added support for signing-in

Via sign-in popup

The user can enter their credentials into the modal dialogue box.

Via postMessage interface


iframe.contentWindow.postMessage({
    cmd: 'login',

    args: {
        user: 'username',

        passwd: 'password'
    }

}, origin);

Arguments:

args (object):

  • username (string) - Username

  • passwd (string) - Password

Response:

{

    status: 'success', 
    message: 'Attempting sign in...'

}

Added support for default avatars

Using the same design as Riot. However, I am just using flexbox and text instead of drawing on an HTML5 canvas. The HSL color is generated by hashing the user ID.

Quoting and replying

Added on-hover buttons and reply popup above message composer similar to Riot web. Quoting prepends the message (quoted) to the message composer similar to Riot web and replying would also work similar to Riot web. It will be fully functional once markdown parsing is added.

Guest access

The client now supports guest access. If no access token or user ID is provided in the configuration file, the client attempts to register a guest account on the home server. Room contents are viewed using peekInRoom.

If the guest attempts to send a message, only then joinRoom is called to avoid spam (each page load would lead to a guest joining the room).

Nheko

Chethan told us:

SAS Verification is completed and works !

Supports both Emoji and Decimal Verification Only uses curve25519-hkdf-sha256 as key_agreement protocol

Brand new UserProfile written entirely in qml. https://github.com/Nheko-Reborn/nheko/pull/203

Mtxclient

Updated with needed APIs for SAS verification.

https://github.com/Nheko-Reborn/mtxclient/pull/32

Opsdroid

tyagdit reported:

Port to Matrix-nio

  • The matrix connector is now using matrix-nio!

  • Bots can send and receive texts, images, files as before

  • No change in configuration required, just update opsdroid and run as before

  • Encryption is not yet implemented

  • You can check out the PR here

Enabling E2EE

  • Sending and receiving encrypted texts, edits, replies works just as normal messages

  • Images and files are being worked on

  • User shouldn't have to change much about their configuration to use encryption

  • Some testing is due

  • Check out the progress here

Dept of Servers 🏢

Dendrite

Dendrite is a next-generation homeserver written in Go

kegan reported:

This week has been mainly about testing to ensure that all the progress over the past few months is kept up-to-date and correct. We've also added a few features in order to get certain sytests working. To that end:

  • Invites can now be declined over federation and they will be reflected in /sync responses.

  • Errors encountered when joining a room over federation are now sent back to the client.

  • Errors encountered when accepting an invite over federation are now sent back to the client.

  • Dendrite will now check server names meet the server name grammar in the specification.

  • A bug which caused client-api-proxy to not actually proxy correctly has been fixed, thanks @fantashley !

  • /send now abides by the limits in the specification: 50 PDUs / 100 EDUs.

  • The docker-compose scripts now include appservice_api, thanks @fantashley !

  • Sending invites over federation will now fall back to v1 if v2 fails with a 404.

  • Dendrite now implements room.timeline.limit completely (in both in-line and stored filter formats).

  • Dendrite now sets the limited flag on /sync responses correctly.

In addition, we now have support for collecting code coverage output from SyTest. This indicates we are testing roughly 70% of the Dendrite codebase. The remaining 30% are hard to reach via intergration tests (e.g database failures, communication problems between internal APIs).

Spec compliance:

  • Client-Server APIs: 45%, up from 40% last week

  • Server-Server APIs: 50%, up from 38% last week

In total, we've made an additional 45 sytests pass this week.

Mascarene

Nico reported:

Mascarene v0.2.0 has been released.

This version implements a minimal set of client API endpoints to work with Riot and allow user registration,

room creation, invitation and messages sending on the same running instance (no federation support).

Docker image are also available. See this documentation

for rough installation instructions.

Join us at #mascarene:beerfactory.org

Conduit

Conduit is a Matrix homeserver written in Rust https://conduit.rs

timo told us:

This week I finished the cross-signing PR:

To try it out yourself, open Riot (preferably https://riot.im/develop) and join the <https://conduit.koesters.xyz:14004> homeserver.

Thanks to everyone who supports me on Liberapay or Bitcoin!

Synapse

Neil told us:

This week we’ve been working on further improvements to event persistence and ironed out a nasty bug where an unusually long state resolution could block the reactor overall and impact send times. We seem to have got to the bottom of this and m.org has improved a lot as of today.

More generally we’ve been trying to characterise matrix.org performance so that we can continue to improve over the coming months.

We are going to focus on:-

  • Client send event

  • Outbound Federation Latency

  • Inbound Federation Latency

  • Room joins

As well as tracking the CS API generally.

We are using apdex with a satisfied limit of 250 ms and a tolerating limit of 1000 ms. By the end of the Summer we will aim to hit an apdex score of 0.9 for each area.

For instance here is Federation Send Event Apdex graphed overtime. You can see that we are averaging about ~0.8 currently, so plenty to keeping us busy!

2020-06-26-JR9Vx-Screenshot2020-06-26at17.51.57.png

Next up will be to work on Outbound Federation Latency

Aside from that we’ve been working hard on the upcoming Notifications improvements. Mapping the push rules to the demands of the UI has been challenging and we’ve been through several iterations. If you’d like to learn more take a look at Michael and Rich’s explanation in this week’s Matrix Live. Rich’s presentation has Sheltie pictures #justsayin’

Dept of Bridges 🌉

It's a Tulir kind of week.

mautrix-whatsapp

Tulir told us:

The WhatsApp bridge got a bunch of improvements this week, such as:

  • Matrix -> WhatsApp gif bridging

  • Bridge status notices if your phone battery is low

  • A command to get group invite links and another command to join groups using invite links

  • Matrix <-> WhatsApp bridging of most membership changes

mautrix-facebook

Tulir reported:

The Messenger bridge mostly got bugfixes, but also Matrix->Facebook bridging of all media and location messages

mautrix-telegram

Tulir offered:

The Telegram bridge now supports logging in by scanning a QR code, although it requires using the master branch of Telethon instead of a release. I also fixed bridging captions in file messages, so they're now bridged as separate messages like with images

Half-Shot bridges roundup

Half-Shot offered:

Hey all, I've got several releases to talk about this week!

First, matrix-appservice-slack has been updated to 1.4.0 with several quality of life changes such as automatically setting the bot profile on startup, supporting logging out of slack accounts and adding a health checkpoint. There are also quite a few bugfixes so make sure you update.

matrix-appservice-irc was also bumped to 0.18.0 with the headline features being Node 14.x support.

We've also shipped 0.19.0-rc1 which has stopped support for Node 10.x. Why? Because we're adding worker support to the bridge! This release starts to make use of the new(ish) worker_threads feature so that we can dish out processing to seperate threads (running their own UV event loops, for node enthusiasts). The first thing to be workerized is metrics, so that metrics may still be reported should the bridge become saturated, but we plan to split out more work as things progress.

Finally matrix-appservice-bridge got a few fixes to support our new worker land, as well as being updated to support matrix-js-sdk 6.0.0. You can checkout the changes for 1.13.1 here.

Dept of Clients 📱

Fluffychat

sorunome offered:

Fluffychat Version 0.15.0 is released, and should be available in the Play Store, on F-Droid and in IOS Testflight soon! This makes Fluffychat the first non-Riot matrix client that supports Cross-Signing.

Features:

  • New room list app bar design

  • Chat app bar transparent

  • Implement web file picker

  • Minor design and UX improvements

  • Implement Cross Signing

  • Restore keys from online key backup

  • Added translations: Czech, Spanish, Slovakian

Changes:

  • Show presences of users sharing a direct chat

  • Big refactoring

Fixes:

  • Various fixes, including e2ee fixes and olm session recovery

2020-06-26-rN8uB-scaled_screenshot_20200619-173753_fluffychat.png.jpg

Pattle: version 0.18.0

Wilko said:

A new version has been released and will soon become available on Google Play, TestFlight and F-Droid!

Changes

  • You can now play videos!

  • The main public address (room alias) of chats are now shown in chat's details

  • The time of sending is now always show on the right side for images

  • Notifications are grouped nicer, there's now one notification for Pattle, grouped by chat

  • Fix sending an image crashing the app

  • Fix urls not being accounted for in time placement (#132)

  • Fix chat input not scrolling

  • Fix multiple issues regarding showing notifications

  • F-Droid: All left-over proprietary code is now removed, thanks to Bubu for notifying me!

Get Pattle

Get involved

Mirage

miruka* reported:

0.5.2 is now out:

Added

  • Sessions/device list: you can now inspect, rename and manually verify

    your devices from the account settings page. The interface is still work in progress, keyboard navigation and signing

    out sessions will be added in a next version.

  • Re-add client-side unread/highlight room indicators.

    If your account has push notifications disabled, which precise cross-client counters depend on, the local indicators will be used as fallback.

  • Support the MIRAGE_CACHE_DIR environment variable to override where

    files and thumbnails are downloaded

  • A bunch of theme additions, check the full log

Changed

  • Overhauled account settings to match the design of other tabbed pages.

    The horizontal layout design has been removed due to complicated code and being impossible to extend without breaking it.

  • The display name field in account settings is now colored,

    preview your new display name's color as you type

  • For rooms without image avatars set, the room settings's avatar color now

    responds to the name field as you type

  • Overhauled scrollbars:

    • Now match the Mirage theme and much better visibility

    • No more right margin for the timeline's bar

    • Minimum height to prevent the bar from becoming impossible to grab

  • Use brighter text for room names of rooms that have unread messages

  • Buttons, tabs, text fields and areas now have animated bottom borders

    to represent keyboard focus instead of being highlighted like when hovered

  • Text fields and areas can now have rounded corners, following the theme

  • Tabbed pages (Sign In, Add Chat, etc) can now be swiped left and right

  • Popups can now be scrolled when their content is bigger than the

    window's height

  • Replace most generic checkmark icons for apply buttons in popups

  • Pressing escape in forms will consistently trigger corresponding

    cancel buttons

Fixed

2020-06-26-KSsyD-sessions.png

Nheko

Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at

Nico (@deepbluev7:neko.dev) offered:

  • Most of our time this week was spent trying out device verification with Chethan. It's fun and I could finally file bugs in Nheko against someone else!

  • We fixed some issues that should hopefully make text in the timeline less blurry again.

  • Fixed a bug which cause some clients like fluffychat to break in E2EE rooms (we accidentaly sent a null relation when not replying...)

  • Fixed an issue, where Nheko didn't verify the format of html formatted messages correctly, causing it to render messages in a way which wasn't compliant to the spec.

  • Thanks to the work of a Pirate and his friends, current versions of Nheko should be available in backports for Debian Buster once again!

Riot Chat for Nextcloud

Gary Kim announced:

Riot Chat for Nextcloud 0.5.0 The new version updated the Riot.im version to 1.6.6 and added the ability for admins to set their own custom config for Riot rather then using the settings interface in addition to a few bug fixes.

Riot Chat for Nextcloud allows individuals and organizations with a Nextcloud instance to easily set up and configure their own Riot instance with just a few clicks on a web interface without the need to write a config file.

Join the development Matrix room at #riotchatfornextcloud-general:garykim.dev. Check out the source code here.

Riot-iOS

Manu told us:

This week, we completed UX for cross-signing and secure backup. We made associated settings but we still need to polish them.

Sygnal and the new push extension have been updated to match Apple requirement and our privacy concerns. Events content are no more sent anymore. We started to implement the new room notifications settings UI.

RiotX

benoit told us:

This week we were mainly working on cross-signing, room settings, VoIP stabilization and performance improvement.

Riot-Android

benoit reported:

We will publish at the beginning of next week a beta version of the migration to RiotX codebase on the beta channel of the PlayStore, to be able to ensure the migration works fine, before release it to production.

Dept of SDKs and Frameworks 🧰

Matrix Dart SDK: v0.33.0

Wilko told us:

  • Support custom events using RawRoomEvent and RawStateEvent

    Check the README for details.

  • Add ability to register using Homeserver.register

  • Add VideoMessageEvent

  • Add Room.canonicalAlias and Room.alternativeAliases

  • Add format field to TextMessage (thank you Cyril!)

  • Remove equatable dependency

Get it on pub!

Net::Matrix::Webhook

joepie91 discovered this project, presented yesterday at Conference in the Cloud:

Net::Matrix::Webhook implements a webhook, so you can easily post messages to your matrix chat rooms via HTTP requests. It uses IO::Async to start a web server and connect as a client to matrix. It will then forward your messages.

matrix_scrape_emoji_translations script project

sorunome announced:

Soru wrote a quick program that scrapes riot-web, riot-x and riot-ios for translations of the emoji names for emoji verification and combines them all into an easily-readable json file, so that other client developers can use it. Since all three riot versions have a different set of translations, it might also be helpful for them. You can find the source code along with the outputted json files here.

Dept of Bots 🤖

"Scandinavia and the World" comic bot

Tulir offered:

To add to my existing xkcd and CommitStrip maubot plugins, there's now a similar plugin for Scandinavia and the World comics: https://github.com/maubot/satwcomic

Like the other bots, you can self-host it, use my instance (@satw:maunium.net) in your own room or simply join #satwcomic:maunium.net to automatically get the latest comics in Matrix.

matrix-webhooker

kinta announced:

A bot that will allow to room administrators and moderators to generate room custom commands (in a similar way how telegram commands are thought).

When they are invoked it will post the message event object data and a predefined context object along with a token to a custom url. More information in: https://gitlab.com/communia/matrix-webhooker

Matrix webhook

kinta told us:

https://www.drupal.org/project/matrix_webhook

Drupal module to receive links shared from a matrix room. Get links provided by a matrix bot in a room. With this module one can get media from a matrix own bot to any drupal site. Once installed and bot is created through matrix-webhooker bot. A blog entry about it (in spanish) in https://planet.communia.org/content/enlaces-desde-matrix

Dept of Interesting Projects 🛰

Pollvis - new poll visualiser project

We have a couple of conferences coming up who are planning to use Matrix as part of their offering, much as we do with Open Tech Will Save Us. To help add some more features, I created an MVP "poll visualiser", which watches a room and works in tandem with the poll-bot from Brendan Abolivier . This project is still at the beginning, but might be interesting to some! Find the code at https://github.com/benparsons/pollvis.

Dept of Ping 🏓

Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.

RankHostnameMedian MS
1fairydust.space331
2services.pyrahex.com537
3heitkoetter.net604
4nitro.chat646.5
5mchus.pro660
6privacytools.io671
7matrix.vgorcum.com727.5
8eiselecloud.de740
9aruiz.io855
10neko.dev923.5

That's all I know 🏁

See you next week, and be sure to stop by #twim:matrix.org with your updates!

NextPage 2