Releases

147 posts tagged with "Releases" (See all Category)

Atom Feed

Synapse 1.4.1 released

18.10.2019 00:00 — Releases Matthew Hodgson

Hi all,

We've released Synapse 1.4.1 as a small but important bugfix to 1.4.0.

This fixes a regression which crept in with our newly implemented "erase redacted data after N days" feature where some APIs would fail when hitting erased redactions - anyone on Synapse 1.4.0 will want to upgrade asap.

As always, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.4.0 follows:

Synapse 1.4.1 (2019-10-18)

No changes since 1.4.1rc1.

Synapse 1.4.1rc1 (2019-10-17)

Bugfixes

  • Fix bug where redacted events were sometimes incorrectly censored in the database, breaking APIs that attempted to fetch such events. (#6185, 5b0e9948)

matrix-appservice-slack bridge 1.0 is here!

03.10.2019 00:00 — General Half-Shot

Hello Matrix enthusiasts! Yesterday we released matrix-appservice-slack 1.0. This marks a major milestone in bridge development for the Matrix.org team, being our first bridge to ever reach 1.0. The decision to release this version came after we decided that the bridge had gained enough features and reached a point of stability where it could be deployed in the wild with minimal risk.

For those not in the know, the Slack bridge is Node.JS based, and bridges slack channels & users into Matrix seamlessly. And for those wondering, yes it works with Mattermost too (since their API is compatible with Slack)! In previous versions only a limited subset of features were supported, making heavy usage of Slack’s webhook API. As of 1.0, the bridge now makes use of the newer Slack Events/RTM API which gives us all we need for a richer bridging experience. Everything from edits and reactions to typing notifications is supported in the 1.0 release.

Finally for those who are self hosting, we are pleased to offer the ability to "puppet" your Slack account using the bridge. Puppeting is the process in which the bridge will send messages as if you were sending them from the Slack client directly, when you talk using your Matrix account. This opens the door to seamless bridging and direct messaging support.

For those wishing to bridge their whole workspace across, picard exists as a tool to manage large scale Slack bridge deployments. This tool is provided by Cadair and SolarDrew

Slack Screenshot Threading & Reactions!

The bridge has undergone some pretty serious code surgery as well. The whole codebase has been rewritten in TypeScript to take advantage of type checking and generic types. The bridge is currently based upon the matrix-appservice-bridge library. The datastore interface now supports PostgreSQL, which allows for administrators to inspect and edit the database while the bridge is running, as well as offering helpful performance boost over the NeDB datastore format that was used previously. Finally, the codebase has proper Unit and Integration Tests to ensure new changes will not cause any regressions in behaviour. In short, now is an excellent time to get involved and hack on the bridge. There is already a crafted list of easy issues for new and experienced bridge devs.

Grafana memory usage graph Memory usage of the bridge comparison

Grafana CPU usage graph CPU usage of the bridge comparison

In terms of how many users matrix.org is currently serving at the moment, we present to you some figures:

  • 2562 bridged rooms
  • 764 teams connected to the bridge
  • 103711 events have passed through the bridge since the launch of 0.3.2

Of course, our work doesn’t stop at 1.0. The plan for the immediate future of the bridge is to continue adding support for other event types coming from Matrix and Slack to create an ever richer experience. Obvious features are things like topic changes, and syncing membership across the bridge. In the long term future we would also like to add community support to the bridge, so whole Slack workspaces can be bridged across with a single click.

That’s all from me, and I would like to say a massive thank you to Cadair and Ben for both their code and review work on the project and as always, thank you to the community for using the bridge and reporting issues. 🙂

Useful links:

Synapse 1.4.0 released

03.10.2019 00:00 — Releases Neil Johnson

Wheyhey as I live and breathe 1.4.0 is here!

1.4.0 should be considered ‘The Privacy Release’ and is the cumulation of a huge body of work spanning multiple projects to improve data privacy in the matrix ecosystem. You can read more about the full project here.

While we consider 1.4.0 to be a huge leap forward in terms of data privacy, it is really important to note that it contains breaking changes.

  • If you currently rely on email or SMS delivery via an identity server you must modify your Synapse configuration.
  • If you have configured custom templates, then eight new templates must be added to your templates directory.

If either apply to you failure to act will break your installation. Full details can be found in the upgrade notes.

So what has changed?

It is possible for a user to associate an email address or phone number with their account, for a number of reasons:

  • For use when logging in, as an alternative to the user id.
  • In the case of email, as an alternative contact to help with account recovery.
  • In the case of email, to receive notifications of missed messages.

Before an email address or phone number can be added to a user's account, or before such an address is used to carry out a password-reset, Synapse must confirm the operation with the owner of the email address or phone number. It does this by sending an email or text giving the user a link or token to confirm receipt. This process is known as '3pid verification'. ('3pid', or 'threepid', stands for third-party identifier, and we use it to refer to external identifiers such as email addresses and phone numbers.)

Previous versions of Synapse delegated the task of 3pid verification to an identity server by default. In most cases this server is vector.im or matrix.org.

In Synapse 1.4.0, for security and privacy reasons, the homeserver will no longer delegate this task to an identity server by default. Instead, the server administrator will need to explicitly decide how they would like the verification messages to be sent.

In the medium term, the vector.im and matrix.org identity servers will disable support for delegated 3pid verification entirely. However, in order to ease the transition, they will retain the capability for a limited period. Delegated email verification will be disabled on Monday 2nd December 2019 (giving roughly 2 months notice). Disabling delegated SMS verification will follow some time after that once SMS verification support lands in Synapse.

Once delegated 3pid verification support has been disabled in the vector.im and matrix.org identity servers, all Synapse versions that depend on those instances will be unable to verify email and phone numbers through them. There are no imminent plans to remove delegated 3pid verification from Sydent generally. (Sydent is the identity server project that backs the vector.im and matrix.org instances).

Why is this necessary?

Prior to 1.4.0, the identity server was providing two related-but-separate functions:

a directory for users to publish their contact details and to look up their contacts by their email addresses and phone numbers. a "trusted third party communications network delegate", providing SMS- and email-sending functionality to all homeservers for registration and password reset.

The intention behind the identity server's providing 2. was one of convenience: to save homeserver admins the burden of configuring their homeservers to send email, as well as sparing us the effort of writing generic SMS-gateway integration that would allow any homeserver admin to configure their homeserver to send SMS via their chosen SMS aggregator.

By exposing this 'trusted email/sms delegate' functionality, however, and by including references to the New Vector identity servers in the default configuration for both Synapse and Riot, we created a situation in which users on non-New Vector run homeservers (who had never seen our privacy notice) could easily end up sharing their email addresses and phone numbers with a New Vector identity server.

Using identity servers for registration and password reset introduced yet further complexity - since password reset is a sensitive operation, it was important that the homeserver only use 'trusted' identity servers for this purpose (with the trust being configured by the homeserver admin in the homeserver config). But this created ambiguity over who was ultimately responsible for the choice of identity server and when they could make that choice - the client could present a default identity server at login/registration/password reset time, which the user could choose to override before logging in, but unless the identity server ultimately selected were on the homeserver admin's 'trusted identity servers' list, any identity server operations that were proxied via the homeserver would have been blocked by the homeserver. However, not all identity server operations initiated by the client were proxied via the homeserver - some were sent directly from the client to the identity server, and would not have been filtered.

The best way to solve this problem is to have individual homeservers take ownership for their own email and SMS needs. In the case of email this means configuring details of an appropriate SMTP server or continuing to delegate through an identity server that will allow it to do so. If a homeserver admin makes the active choice to use New Vector's identity servers for delegation (up until 1st December), they should make their own users aware through their privacy notice.

This delegation is entirely separate from the user's choice of identity server for user directory services. As of right now the user is free to choose and trust whichever identity server they wish, or to choose not to use an identity server at all.

Are there any other data privacy features?

Yes, 1.4.0 now automatically garbage collects redacted messages (defaults to 7 days) and removes unused IP and user agent information stored in the user_ips table (defaults to 30 days). Finally, Synapse now warns in its logs if you are using matrix.org as a trusted key server, in case you wish to use a different server to help discover other servers’ keys.

Anything else?

Aside from privacy, we’ve expanded our OpenTracing support and fixed a host of bugs. However the thing that is most exciting is switching on our solution for mitigating forward extremities build up’ by default.

In some cases rooms can accumulate ‘forward extremities’, which are simply an artefact of attempting to resolve the room state over multiple servers. Forward extremities are necessary to ensure that each server can independently arrive at the same view of the room eventually, however processing these extremities can be computationally expensive and degrade server performance overall.

Originally it was an experimental config option but we now feel confident to turn it on by default for all instances - it should make a big difference for the CPU of servers in fragmented rooms.

So that’s it folks, thanks for making it this far. As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.3.1 follows:

Synapse 1.4.0 (2019-10-03)

Bugfixes

  • Redact client_secret in server logs. (#6158)

Synapse 1.4.0rc2 (2019-10-02)

Bugfixes

  • Fix bug in background update that adds last seen information to the devices table, and improve its performance on Postgres. (#6135)
  • Fix bad performance of censoring redactions background task. (#6141)
  • Fix fetching censored redactions from DB, which caused APIs like initial sync to fail if it tried to include the censored redaction. (#6145)
  • Fix exceptions when storing large retry intervals for down remote servers. (#6146)

Internal Changes

  • Fix up sample config entry for redaction_retention_period option. (#6117)

Synapse 1.4.0rc1 (2019-09-26)

Note that this release includes significant changes around 3pid verification. Administrators are reminded to review the upgrade notes.

Features

  • Changes to 3pid verification:
    • Add the ability to send registration emails from the homeserver rather than delegating to an identity server. (#5835, #5940, #5993, #5994, #5868)
    • Replace trust_identity_server_for_password_resets config option with account_threepid_delegates, and make the id_server parameteter optional on */requestToken endpoints, as per MSC2263. (#5876, #5969, #6028)
    • Switch to using the v2 Identity Service /lookup API where available, with fallback to v1. (Implements MSC2134 plus id_access_token authentication for v2 Identity Service APIs from MSC2140). (#5897)
    • Remove bind_email and bind_msisdn parameters from /register ala MSC2140. (#5964)
    • Add m.id_access_token to unstable_features in /versions as per MSC2264. (#5974)
    • Use the v2 Identity Service API for 3PID invites. (#5979)
    • Add POST /_matrix/client/unstable/account/3pid/unbind endpoint from MSC2140 for unbinding a 3PID from an identity server without removing it from the homeserver user account. (#5980, #6062)
    • Use account_threepid_delegate.email and account_threepid_delegate.msisdn for validating threepid sessions. (#6011)
    • Allow homeserver to handle or delegate email validation when adding an email to a user's account. (#6042)
    • Implement new Client Server API endpoints /account/3pid/add and /account/3pid/bind as per MSC2290. (#6043)
    • Add an unstable feature flag for separate add/bind 3pid APIs. (#6044)
    • Remove bind parameter from Client Server POST /account endpoint as per MSC2290. (#6067)
    • Add POST /add_threepid/msisdn/submit_token endpoint for proxying submitToken on an account_threepid_handler. (#6078)
    • Add submit_url response parameter to */msisdn/requestToken endpoints. (#6079)
    • Add m.require_identity_server flag to /version's unstable_features. (#5972)
  • Enhancements to OpenTracing support:
    • Make OpenTracing work in worker mode. (#5771)
    • Pass OpenTracing contexts between servers when transmitting EDUs. (#5852)
    • OpenTracing for device list updates. (#5853)
    • Add a tag recording a request's authenticated entity and corresponding servlet in OpenTracing. (#5856)
    • Add minimum OpenTracing for client servlets. (#5983)
    • Check at setup that OpenTracing is installed if it's enabled in the config. (#5985)
    • Trace replication send times. (#5986)
    • Include missing OpenTracing contexts in outbout replication requests. (#5982)
    • Fix sending of EDUs when OpenTracing is enabled with an empty whitelist. (#5984)
    • Fix invalid references to None while OpenTracing if the log context slips. (#5988, #5991)
    • OpenTracing for room and e2e keys. (#5855)
    • Add OpenTracing span over HTTP push processing. (#6003)
  • Add an admin API to purge old rooms from the database. (#5845)
  • Retry well-known lookups if we have recently seen a valid well-known record for the server. (#5850)
  • Add support for filtered room-directory search requests over federation (MSC2197, in order to allow upcoming room directory query performance improvements. (#5859)
  • Correctly retry all hosts returned from SRV when we fail to connect. (#5864)
  • Add admin API endpoint for setting whether or not a user is a server administrator. (#5878)
  • Enable cleaning up extremities with dummy events by default to prevent undue build up of forward extremities. (#5884)
  • Add config option to sign remote key query responses with a separate key. (#5895)
  • Add support for config templating. (#5900)
  • Users with the type of "support" or "bot" are no longer required to consent. (#5902)
  • Let synctl accept a directory of config files. (#5904)
  • Increase max display name size to 256. (#5906)
  • Add admin API endpoint for getting whether or not a user is a server administrator. (#5914)
  • Redact events in the database that have been redacted for a week. (#5934)
  • New prometheus metrics:
    • synapse_federation_known_servers: represents the total number of servers your server knows about (i.e. is in rooms with), including itself. Enable by setting metrics_flags.known_servers to True in the configuration.(#5981)
    • synapse_build_info: exposes the Python version, OS version, and Synapse version of the running server. (#6005)
  • Give appropriate exit codes when synctl fails. (#5992)
  • Apply the federation blacklist to requests to identity servers. (#6000)
  • Add report_stats_endpoint option to configure where stats are reported to, if enabled. Contributed by @Sorunome. (#6012)
  • Add config option to increase ratelimits for room admins redacting messages. (#6015)
  • Stop sending federation transactions to servers which have been down for a long time. (#6026)
  • Make the process for mapping SAML2 users to matrix IDs more flexible. (#6037)
  • Return a clearer error message when a timeout occurs when attempting to contact an identity server. (#6073)
  • Prevent password reset's submit_token endpoint from accepting trailing slashes. (#6074)
  • Return 403 on /register/available if registration has been disabled. (#6082)
  • Explicitly log when a homeserver does not have the trusted_key_servers config field configured. (#6090)
  • Add support for pruning old rows in user_ips table. (#6098)

Bugfixes

  • Don't create broken room when power_level_content_override.users does not contain creator_id. (#5633)
  • Fix database index so that different backup versions can have the same sessions. (#5857)
  • Fix Synapse looking for config options password_reset_failure_template and password_reset_success_template, when they are actually password_reset_template_failure_html, password_reset_template_success_html. (#5863)
  • Fix stack overflow when recovering an appservice which had an outage. (#5885)
  • Fix error message which referred to public_base_url instead of public_baseurl. Thanks to @aaronraimist for the fix! (#5909)
  • Fix 404 for thumbnail download when dynamic_thumbnails is false and the thumbnail was dynamically generated. Fix reported by rkfg. (#5915)
  • Fix a cache-invalidation bug for worker-based deployments. (#5920)
  • Fix admin API for listing media in a room not being available with an external media repo. (#5966)
  • Fix list media admin API always returning an error. (#5967)
  • Fix room and user stats tracking. (#5971, #5998, #6029)
  • Return a M_MISSING_PARAM if sid is not provided to /account/3pid. (#5995)
  • federation_certificate_verification_whitelist now will not cause TypeErrors to be raised (a regression in 1.3). Additionally, it now supports internationalised domain names in their non-canonical representation. (#5996)
  • Only count real users when checking for auto-creation of auto-join room. (#6004)
  • Ensure support users can be registered even if MAU limit is reached. (#6020)
  • Fix bug where login error was shown incorrectly on SSO fallback login. (#6024)
  • Fix bug in calculating the federation retry backoff period. (#6025)
  • Prevent exceptions being logged when extremity-cleanup events fail due to lack of user consent to the terms of service. (#6053)
  • Remove POST method from password-reset submit_token endpoint until we implement submit_url functionality. (#6056)
  • Fix logcontext spam on non-Linux platforms. (#6059)
  • Ensure query parameters in email validation links are URL-encoded. (#6063)
  • Fix a bug which caused SAML attribute maps to be overridden by defaults. (#6069)
  • Fix the logged number of updated items for the users_set_deactivated_flag background update. (#6092)
  • Add sid to next_link for email validation. (#6097)
  • Threepid validity checks on msisdns should not be dependent on threepid_behaviour_email. (#6104)
  • Ensure that servers which are not configured to support email address verification do not offer it in the registration flows. (#6107)

Updates to the Docker image

  • Avoid changing UID/GID if they are already correct. (#5970)
  • Provide SYNAPSE_WORKER envvar to specify python module. (#6058)

Improved Documentation

  • Convert documentation to markdown (from rst) (#5849)
  • Update INSTALL.md to say that Python 2 is no longer supported. (#5953)
  • Add developer documentation for using SAML2. (#6032)
  • Add some notes on rolling back to v1.3.1. (#6049)
  • Update the upgrade notes. (#6050)

Deprecations and Removals

  • Remove shared-secret registration from /_matrix/client/r0/register endpoint. Contributed by Awesome Technologies Innovationslabor GmbH. (#5877)
  • Deprecate the trusted_third_party_id_servers option. (#5875)

Internal Changes

  • Lay the groundwork for structured logging output. (#5680)
  • Retry well-known lookup before the cache expires, giving a grace period where the remote well-known can be down but we still use the old result. (#5844)
  • Remove log line for debugging issue #5407. (#5860)
  • Refactor the Appservice scheduler code. (#5886)
  • Compatibility with v2 Identity Service APIs other than /lookup. (#5892, #6013)
  • Stop populating some unused tables. (#5893, #6047)
  • Add missing index on users_in_public_rooms to improve the performance of directory queries. (#5894)
  • Improve the logging when we have an error when fetching signing keys. (#5896)
  • Add support for database engine-specific schema deltas, based on file extension. (#5911)
  • Update Buildkite pipeline to use plugins instead of buildkite-agent commands. (#5922)
  • Add link in sample config to the logging config schema. (#5926)
  • Remove unnecessary parentheses in return statements. (#5931)
  • Remove unused jenkins/prepare_sytest.sh file. (#5938)
  • Move Buildkite pipeline config to the pipelines repo. (#5943)
  • Remove unnecessary return statements in the codebase which were the result of a regex run. (#5962)
  • Remove left-over methods from v1 registration API. (#5963)
  • Cleanup event auth type initialisation. (#5975)
  • Clean up dependency checking at setup. (#5989)
  • Update OpenTracing docs to use the unified trace method. (#5776)
  • Small refactor of function arguments and docstrings in RoomMemberHandler. (#6009)
  • Remove unused origin argument on FederationHandler.add_display_name_to_third_party_invite. (#6010)
  • Add a failure_ts column to the destinations database table. (#6016, #6072)
  • Clean up some code in the retry logic. (#6017)
  • Fix the structured logging tests stomping on the global log configuration for subsequent tests. (#6023)
  • Clean up the sample config for SAML authentication. (#6064)
  • Change mailer logging to reflect Synapse doesn't just do chat notifications by email now. (#6075)
  • Move last-seen info into devices table. (#6089)
  • Remove unused parameter to get_user_id_by_threepid. (#6099)
  • Refactor the user-interactive auth handling. (#6105)
  • Refactor code for calculating registration flows. (#6106)

Synapse 1.3.1 released

17.08.2019 00:00 — Releases Neil Johnson

Some of you will have been bitten by a bug that prevented Synapse 1.3.0 from starting up correctly. If this is you, please upgrade.

Additionally we have taken the opportunity to fix a dependency bug for our intrepid packagers.

Apologies for the inconvenience.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.3.0 follows:

Synapse 1.3.1 (2019-08-17)

Features

  • Drop hard dependency on sdnotify python package. (#5871)

Bugfixes

  • Fix startup issue (hang on ACME provisioning) due to ordering of Twisted reactor startup. Thanks to @chrismoos for supplying the fix. (#5867)

Synapse 1.3.0 released

15.08.2019 00:00 — Releases Neil Johnson

Well now, Synapse 1.3.0 is here.

The main thing to know about 1.3.0 is that is contains performance improvements to reduce disk I/O and reduce RAM usage. We’ve been running it on matrix.org for a week or so and are really pleased with the results.

Check out our message send heat map.

Message Send

Other than that there are a bunch of bug fixes and tweaks to generally make things run more smoothly.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Also, check out our Synapse installation guide page

The changelog since 1.2.1 follows:

Synapse 1.3.0 (2019-08-15)

Bugfixes

  • Fix 500 Internal Server Error on publicRooms when the public room list was cached. (#5851)

Synapse 1.3.0rc1 (2019-08-13)

Features

  • Use M_USER_DEACTIVATED instead of M_UNKNOWN for errcode when a deactivated user attempts to login. (#5686)
  • Add sd_notify hooks to ease systemd integration and allows usage of Type=Notify. (#5732)
  • Synapse will no longer serve any media repo admin endpoints when enable_media_repo is set to False in the configuration. If a media repo worker is used, the admin APIs relating to the media repo will be served from it instead. (#5754, #5848)
  • Synapse can now be configured to not join remote rooms of a given "complexity" (currently, state events) over federation. This option can be used to prevent adverse performance on resource-constrained homeservers. (#5783)
  • Allow defining HTML templates to serve the user on account renewal attempt when using the account validity feature. (#5807)

Bugfixes

  • Fix UISIs during homeserver outage. (#5693, #5789)
  • Fix stack overflow in server key lookup code. (#5724)
  • start.sh no longer uses deprecated cli option. (#5725)
  • Log when we receive an event receipt from an unexpected origin. (#5743)
  • Fix debian packaging scripts to correctly build sid packages. (#5775)
  • Correctly handle redactions of redactions. (#5788)
  • Return 404 instead of 403 when accessing /rooms/{roomId}/event/{eventId} for an event without the appropriate permissions. (#5798)
  • Fix check that tombstone is a state event in push rules. (#5804)
  • Fix error when trying to login as a deactivated user when using a worker to handle login. (#5806)
  • Fix bug where user /sync stream could get wedged in rare circumstances. (#5825)
  • The purge_remote_media.sh script was fixed. (#5839)

Deprecations and Removals

  • Synapse now no longer accepts the -v/--verbose, -f/--log-file, or --log-config command line flags, and removes the deprecated verbose and log_file configuration file options. Users of these options should migrate their options into the dedicated log configuration. (#5678, #5729)
  • Remove non-functional 'expire_access_token' setting. (#5782)

Internal Changes

  • Make Jaeger fully configurable. (#5694)
  • Add precautionary measures to prevent future abuse of window.opener in default welcome page. (#5695)
  • Reduce database IO usage by optimising queries for current membership. (#5706, #5738, #5746, #5752, #5770, #5774, #5792, #5793)
  • Improve caching when fetching get_filtered_current_state_ids. (#5713)
  • Don't accept opentracing data from clients. (#5715)
  • Speed up PostgreSQL unit tests in CI. (#5717)
  • Update the coding style document. (#5719)
  • Improve database query performance when recording retry intervals for remote hosts. (#5720)
  • Add a set of opentracing utils. (#5722)
  • Cache result of get_version_string to reduce overhead of /version federation requests. (#5730)
  • Return 'user_type' in admin API user endpoints results. (#5731)
  • Don't package the sytest test blacklist file. (#5733)
  • Replace uses of returnValue with plain return, as returnValue is not needed on Python 3. (#5736)
  • Blacklist some flakey tests in worker mode. (#5740)
  • Fix some error cases in the caching layer. (#5749)
  • Add a prometheus metric for pending cache lookups. (#5750)
  • Stop trying to fetch events with event_id=None. (#5753)
  • Convert RedactionTestCase to modern test style. (#5768)
  • Allow looping calls to be given arguments. (#5780)
  • Set the logs emitted when checking typing and presence timeouts to DEBUG level, not INFO. (#5785)
  • Remove DelayedCall debugging from the test suite, as it is no longer required in the vast majority of Synapse's tests. (#5787)
  • Remove some spurious exceptions from the logs where we failed to talk to a remote server. (#5790)
  • Improve performance when making .well-known requests by sharing the SSL options between requests. (#5794)
  • Disable codecov GitHub comments on PRs. (#5796)
  • Don't allow clients to send tombstone events that reference the room it's sent in. (#5801)
  • Deny redactions of events sent in a different room. (#5802)
  • Deny sending well known state types as non-state events. (#5805)
  • Handle incorrectly encoded query params correctly by returning a 400. (#5808)
  • Handle pusher being deleted during processing rather than logging an exception. (#5809)
  • Return 502 not 500 when failing to reach any remote server. (#5810)
  • Reduce global pauses in the events stream caused by expensive state resolution during persistence. (#5826)
  • Add a lower bound to well-known lookup cache time to avoid repeated lookups. (#5836)
  • Whitelist history visibility sytests in worker mode tests. (#5843)

Critical Security Update - Synapse 1.2.1 released

26.07.2019 00:00 — Releases Neil Johnson

Today we release Synapse 1.2.1 as a critical security update. It contains patches relating to redactions and event federation. The patches address long standing bugs, and are not regressions specific to the previous version (1.2). All admins, regardless of current version, should upgrade asap.

This release includes four security fixes:

  • Prevent an attack where a federated server could send redactions for arbitrary events in v1 and v2 rooms. (#5767)
  • Prevent a denial-of-service attack where cycles of redaction events would make Synapse spin infinitely. Thanks to @lrizika:matrix.org for identifying and responsibly disclosing this issue. (0f2ecb961)
  • Prevent an attack where users could be joined or parted from public rooms without their consent. Thanks to Dylanger for identifying and responsibly disclosing this issue. (#5744)
  • Fix a vulnerability where a federated server could spoof read-receipts from users on other servers. Thanks to Dylanger for identifying this issue too. (#5743)

Additionally, the following fix was in Synapse 1.2.0, but was not correctly identified during the original release:

  • It was possible for a room moderator to send a redaction for an m.room.create event, which would downgrade the room to version 1. Thanks to @/dev/ponies:ponies.im for identifying and responsibly disclosing this issue! (#5701)

You can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Alternatively check out our Synapse installation guide page

Thanks for bearing with us.

Synapse 1.2.0 released

25.07.2019 00:00 — Releases Neil Johnson

Hey hey, Synapse 1.2.0 is here. It contains aggregations support, better error handling for deactivated accounts and some important bug fixes for redacting messages. Special thanks to community members skalarproduktraum and Lrizika for submissions to improve our documentation.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our Synapse installation guide page

The changelog since 1.1.0 follows:

Synapse 1.2.0 (2019-07-25)

No significant changes.

Synapse 1.2.0rc2 (2019-07-24)

Bugfixes

  • Fix a regression introduced in v1.2.0rc1 which led to incorrect labels on some prometheus metrics. (#5734)

Synapse 1.2.0rc1 (2019-07-22)

Features

  • Add support for opentracing. (#5544, #5712)
  • Add ability to pull all locally stored events out of synapse that a particular user can see. (#5589)
  • Add a basic admin command app to allow server operators to run Synapse admin commands separately from the main production instance. (#5597)
  • Add sender and origin_server_ts fields to m.replace. (#5613)
  • Add default push rule to ignore reactions. (#5623)
  • Include the original event when asking for its relations. (#5626)
  • Implement session_lifetime configuration option, after which access tokens will expire. (#5660)
  • Return "This account has been deactivated" when a deactivated user tries to login. (#5674)
  • Enable aggregations support by default (#5714)

Bugfixes

  • Fix 'utime went backwards' errors on daemonization. (#5609)
  • Various minor fixes to the federation request rate limiter. (#5621)
  • Forbid viewing relations on an event once it has been redacted. (#5629)
  • Fix requests to the /store_invite endpoint of identity servers being sent in the wrong format. (#5638)
  • Fix newly-registered users not being able to lookup their own profile without joining a room. (#5644)
  • Fix bug in #5626 that prevented the original_event field from actually having the contents of the original event in a call to /relations. (#5654)
  • Fix 3PID bind requests being sent to identity servers as application/x-form-www-urlencoded data, which is deprecated. (#5658)
  • Fix some problems with authenticating redactions in recent room versions. (#5699, #5700, #5707)
  • Ignore redactions of m.room.create events. (#5701)

Updates to the Docker image

  • Base Docker image on a newer Alpine Linux version (3.8 -> 3.10). (#5619)
  • Add missing space in default logging file format generated by the Docker image. (#5620)

Improved Documentation

  • Add information about nginx normalisation to reverse_proxy.rst. Contributed by @skalarproduktraum - thanks! (#5397)
  • --no-pep517 should be --no-use-pep517 in the documentation to setup the development environment. (#5651)
  • Improvements to Postgres setup instructions. Contributed by @Lrizika - thanks! (#5661)
  • Minor tweaks to postgres documentation. (#5675)

Deprecations and Removals

  • Remove support for the invite_3pid_guest configuration setting. (#5625)

Internal Changes

  • Move logging code out of synapse.util and into synapse.logging. (#5606, #5617)
  • Add a blacklist file to the repo to blacklist certain sytests from failing CI. (#5611)
  • Make runtime errors surrounding password reset emails much clearer. (#5616)
  • Remove dead code for persiting outgoing federation transactions. (#5622)
  • Add lint.sh to the scripts-dev folder which will run all linting steps required by CI. (#5627)
  • Move RegistrationHandler.get_or_create_user to test code. (#5628)
  • Add some more common python virtual-environment paths to the black exclusion list. (#5630)
  • Some counter metrics exposed over Prometheus have been renamed, with the old names preserved for backwards compatibility and deprecated. See docs/metrics-howto.rst for details. (#5636)
  • Unblacklist some user_directory sytests. (#5637)
  • Factor out some redundant code in the login implementation. (#5639)
  • Update ModuleApi to avoid register(generate_token=True). (#5640)
  • Remove access-token support from RegistrationHandler.register, and rename it. (#5641)
  • Remove access-token support from RegistrationStore.register, and rename it. (#5642)
  • Improve logging for auto-join when a new user is created. (#5643)
  • Remove unused and unnecessary check for FederationDeniedError in _exception_to_failure. (#5645)
  • Fix a small typo in a code comment. (#5655)
  • Clean up exception handling around client access tokens. (#5656)
  • Add a mechanism for per-test homeserver configuration in the unit tests. (#5657)
  • Inline issue_access_token. (#5659)
  • Update the sytest BuildKite configuration to checkout Synapse in /src. (#5664)
  • Add a docker type to the towncrier configuration. (#5673)
  • Convert synapse.federation.transport.server to async. Might improve some stack traces. (#5689)
  • Documentation for opentracing. (#5703)

Synapse 1.1.0 released

04.07.2019 00:00 — Releases Neil Johnson

Right folks, this is our first post 1.0 release, which means that we have now officially dropped support for Python 2 and Postgres 9.4. This means that we can start making use of Python 3 specific features and you should expect lots of associated performance wins over the coming months. See the upgrade notes for more.

Synapse 1.1.0 also contains a reworked approach to the Docker image, as well lots of performance improvements with special focus on DB IO - expect more to come in this area.

Special thanks to community member Alexander Trost for rounding out our SAML support and also to Daniel Hoffend for contributing the ability to disable local password authentication.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our Synapse installation guide page

The changelog since 1.0.0 follows:

Synapse 1.1.0 (2019-07-04)

As of v1.1.0, Synapse no longer supports Python 2, nor Postgres version 9.4. See the upgrade notes for more details.

This release also deprecates the use of environment variables to configure the docker image. See the docker README for more details.

No changes since 1.1.0rc2.

Synapse 1.1.0rc2 (2019-07-03)

Bugfixes

  • Fix regression in 1.1rc1 where OPTIONS requests to the media repo would fail. (#5593)
  • Removed the SYNAPSE_SMTP_* docker container environment variables. Using these environment variables prevented the docker container from starting in Synapse v1.0, even though they didn't actually allow any functionality anyway. (#5596)
  • Fix a number of "Starting txn from sentinel context" warnings. (#5605)

Internal Changes

  • Update github templates. (#5552)

Synapse 1.1.0rc1 (2019-07-02)

As of v1.1.0, Synapse no longer supports Python 2, nor Postgres version 9.4. See the upgrade notes for more details.

Features

  • Added possibility to disable local password authentication. Contributed by Daniel Hoffend. (#5092)
  • Add monthly active users to phonehome stats. (#5252)
  • Allow expired user to trigger renewal email sending manually. (#5363)
  • Statistics on forward extremities per room are now exposed via Prometheus. (#5384, #5458, #5461)
  • Add --no-daemonize option to run synapse in the foreground, per issue #4130. Contributed by Soham Gumaste. (#5412, #5587)
  • Fully support SAML2 authentication. Contributed by Alexander Trost - thank you! (#5422)
  • Allow server admins to define implementations of extra rules for allowing or denying incoming events. (#5440, #5474, #5477)
  • Add support for handling pagination APIs on client reader worker. (#5505, #5513, #5531)
  • Improve help and cmdline option names for --generate-config options. (#5512)
  • Allow configuration of the path used for ACME account keys. (#5516, #5521, #5522)
  • Add --data-dir and --open-private-ports options. (#5524)
  • Split public rooms directory auth config in two settings, in order to manage client auth independently from the federation part of it. Obsoletes the "restrict_public_rooms_to_local_users" configuration setting. If "restrict_public_rooms_to_local_users" is set in the config, Synapse will act as if both new options are enabled, i.e. require authentication through the client API and deny federation requests. (#5534)
  • The minimum TLS version used for outgoing federation requests can now be set with federation_client_minimum_tls_version. (#5550)
  • Optimise devices changed query to not pull unnecessary rows from the database, reducing database load. (#5559)
  • Add new metrics for number of forward extremities being persisted and number of state groups involved in resolution. (#5476)

Bugfixes

  • Fix bug processing incoming events over federation if call to /get_missing_events fails. (#5042)
  • Prevent more than one room upgrade happening simultaneously on the same room. (#5051)
  • Fix a bug where running synapse_port_db would cause the account validity feature to fail because it didn't set the type of the email_sent column to boolean. (#5325)
  • Warn about disabling email-based password resets when a reset occurs, and remove warning when someone attempts a phone-based reset. (#5387)
  • Fix email notifications for unnamed rooms with multiple people. (#5388)
  • Fix exceptions in federation reader worker caused by attempting to renew attestations, which should only happen on master worker. (#5389)
  • Fix handling of failures fetching remote content to not log failures as exceptions. (#5390)
  • Fix a bug where deactivated users could receive renewal emails if the account validity feature is on. (#5394)
  • Fix missing invite state after exchanging 3PID invites over federaton. (#5464)
  • Fix intermittent exceptions on Apple hardware. Also fix bug that caused database activity times to be under-reported in log lines. (#5498)
  • Fix logging error when a tampered event is detected. (#5500)
  • Fix bug where clients could tight loop calling /sync for a period. (#5507)
  • Fix bug with jinja2 preventing Synapse from starting. Users who had this problem should now simply need to run pip install matrix-synapse. (#5514)
  • Fix a regression where homeservers on private IP addresses were incorrectly blacklisted. (#5523)
  • Fixed m.login.jwt using unregistered user_id and added pyjwt>=1.6.4 as jwt conditional dependencies. Contributed by Pau Rodriguez-Estivill. (#5555, #5586)
  • Fix a bug that would cause invited users to receive several emails for a single 3PID invite in case the inviter is rate limited. (#5576)

Updates to the Docker image

  • Add ability to change Docker containers timezone with the TZ variable. (#5383)
  • Update docker image to use Python 3.7. (#5546)
  • Deprecate the use of environment variables for configuration, and make the use of a static configuration the default. (#5561, #5562, #5566, #5567)
  • Increase default log level for docker image to INFO. It can still be changed by editing the generated log.config file. (#5547)
  • Send synapse logs to the docker logging system, by default. (#5565)
  • Open the non-TLS port by default. (#5568)
  • Fix failure to start under docker with SAML support enabled. (#5490)
  • Use a sensible location for data files when generating a config file. (#5563)

Deprecations and Removals

  • Python 2.7 is no longer a supported platform. Synapse now requires Python 3.5+ to run. (#5425)
  • PostgreSQL 9.4 is no longer supported. Synapse requires Postgres 9.5+ or above for Postgres support. (#5448)
  • Remove support for cpu_affinity setting. (#5525)

Improved Documentation

  • Improve README section on performance troubleshooting. (#4276)
  • Add information about how to install and run black on the codebase to code_style.rst. (#5537)
  • Improve install docs on choosing server_name. (#5558)

Internal Changes

  • Add logging to 3pid invite signature verification. (#5015)
  • Update example haproxy config to a more compatible setup. (#5313)
  • Track deactivated accounts in the database. (#5378, #5465, #5493)
  • Clean up code for sending federation EDUs. (#5381)
  • Add a sponsor button to the repo. (#5382, #5386)
  • Don't log non-200 responses from federation queries as exceptions. (#5383)
  • Update Python syntax in contrib/ to Python 3. (#5446)
  • Update federation_client dev script to support .well-known and work with python3. (#5447)
  • SyTest has been moved to Buildkite. (#5459)
  • Demo script now uses python3. (#5460)
  • Synapse can now handle RestServlets that return coroutines. (#5475, #5585)
  • The demo servers talk to each other again. (#5478)
  • Add an EXPERIMENTAL config option to try and periodically clean up extremities by sending dummy events. (#5480)
  • Synapse's codebase is now formatted by black. (#5482)
  • Some cleanups and sanity-checking in the CPU and database metrics. (#5499)
  • Improve email notification logging. (#5502)
  • Fix "Unexpected entry in 'full_schemas'" log warning. (#5509)
  • Improve logging when generating config files. (#5510)
  • Refactor and clean up Config parser for maintainability. (#5511)
  • Make the config clearer in that email.template_dir is relative to the Synapse's root directory, not the synapse/ folder within it. (#5543)
  • Update v1.0.0 release changelog to include more information about changes to password resets. (#5545)
  • Remove non-functioning check_event_hash.py dev script. (#5548)
  • Synapse will now only allow TLS v1.2 connections when serving federation, if it terminates TLS. As Synapse's allowed ciphers were only able to be used in TLSv1.2 before, this does not change behaviour. (#5550)
  • Logging when running GC collection on generation 0 is now at the DEBUG level, not INFO. (#5557)
  • Reduce the amount of stuff we send in the docker context. (#5564)
  • Point the reverse links in the Purge History contrib scripts at the intended location. (#5570)

Synapse 1.0.0 released

11.06.2019 00:00 — General Neil Johnson

Well here it is: Synapse 1.0.

Synapse 1.0 is the reference implementation of the Matrix 1.0 spec. The goal of the release overall has been to focus on security and stability, such that we can officially declare Synapse (and Matrix) out of beta and recommended for production use. This means changing the default room protocol version used for new rooms to be v4, which includes the new state resolution algorithm, as well as collision-resistant event IDs, which are now formatted to be URL safe.

Synapse 1.0 also ships with support for the upcoming v5 room protocol (which enforces honouring server key validity periods), but this will not be used as the default for new rooms until a sufficient number of servers support it.

Please note that Synapse 1.0 does not include significant performance work or new features - our focus has been almost exclusively on providing a reference implementation of the Matrix 1.0 protocol. But having cleared our backlog on security/stability issues we will finally be now unblocked to pursue work around reducing RAM footprint, eliminating forward-extremity build up, and shipping new features like Edits, Reactions & E2E cross-signing support.

As part of the security work, Synapse 1.0 contains a breaking change that requires a valid TLS certificate on the federation API endpoint. Servers that do not configure their certificate will no longer be able to federate post 1.0.

It is also worth noting that Synapse 1.0.0 is the last release that will support Python 2.x and Postgres 9.4. For more information see here but the TL;DR is that you should upgrade asap.

This release has been a long time coming. Many thanks indeed to everyone who helped test the release candidates and provided feedback along the way.

Synapse 1.0 is just one component of a larger Matrix 1.0 release, which you can read all about here.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our Synapse installation guide page

The changelog since 0.99.5 follows:

Synapse 1.0.0 (2019-06-11)

Bugfixes

  • Fix bug where attempting to send transactions with large number of EDUs can fail. (#5418)

Improved Documentation

  • Expand the federation guide to include relevant content from the MSC1711 FAQ (#5419)

Internal Changes

  • Move password reset links to /_matrix/client/unstable namespace. (#5424)

Synapse 1.0.0rc3 (2019-06-10)

Security: Fix authentication bug introduced in 1.0.0rc1. Please upgrade to rc3 immediately

Synapse 1.0.0rc2 (2019-06-10)

Bugfixes

  • Remove redundant warning about key server response validation. (#5392)
  • Fix bug where old keys stored in the database with a null valid until timestamp caused all verification requests for that key to fail. (#5415)
  • Fix excessive memory using with default federation_verify_certificates: true configuration. (#5417)

Synapse 1.0.0rc1 (2019-06-07)

Features

  • Synapse now more efficiently collates room statistics. (#4338, #5260, #5324)
  • Add experimental support for relations (aka reactions and edits). (#5220)
  • Ability to configure default room version. (#5223, #5249)
  • Allow configuring a range for the account validity startup job. (#5276)
  • CAS login will now hit the r0 API, not the deprecated v1 one. (#5286)
  • Validate federation server TLS certificates by default (implements MSC1711). (#5359)
  • Update /_matrix/client/versions to reference support for r0.5.0. (#5360)
  • Add a script to generate new signing-key files. (#5361)
  • Update upgrade and installation guides ahead of 1.0. (#5371)
  • Replace the perspectives configuration section with trusted_key_servers, and make validating the signatures on responses optional (since TLS will do this job for us). (#5374)
  • Add ability to perform password reset via email without trusting the identity server. (#5377)
  • Set default room version to v4. (#5379)

Bugfixes

  • Fixes client-server API not sending "m.heroes" to lazy-load /sync requests when a rooms name or its canonical alias are empty. Thanks to @dnaf for this work! (#5089)
  • Prevent federation device list updates breaking when processing multiple updates at once. (#5156)
  • Fix worker registration bug caused by ClientReaderSlavedStore being unable to see get_profileinfo. (#5200)
  • Fix race when backfilling in rooms with worker mode. (#5221)
  • Fix appservice timestamp massaging. (#5233)
  • Ensure that server_keys fetched via a notary server are correctly signed. (#5251)
  • Show the correct error when logging out and access token is missing. (#5256)
  • Fix error code when there is an invalid parameter on /_matrix/client/r0/publicRooms (#5257)
  • Fix error when downloading thumbnail with missing width/height parameter. (#5258)
  • Fix schema update for account validity. (#5268)
  • Fix bug where we leaked extremities when we soft failed events, leading to performance degradation. (#5274, #5278, #5291)
  • Fix "db txn 'update_presence' from sentinel context" log messages. (#5275)
  • Fix dropped logcontexts during high outbound traffic. (#5277)
  • Fix a bug where it is not possible to get events in the federation format with the request GET /_matrix/client/r0/rooms/{roomId}/messages. (#5293)
  • Fix performance problems with the rooms stats background update. (#5294)
  • Fix noisy 'no key for server' logs. (#5300)
  • Fix bug where a notary server would sometimes forget old keys. (#5307)
  • Prevent users from setting huge displaynames and avatar URLs. (#5309)
  • Fix handling of failures when processing incoming events where calling /event_auth on remote server fails. (#5317)
  • Ensure that we have an up-to-date copy of the signing key when validating incoming federation requests. (#5321)
  • Fix various problems which made the signing-key notary server time out for some requests. (#5333)
  • Fix bug which would make certain operations (such as room joins) block for 20 minutes while attemoting to fetch verification keys. (#5334)
  • Fix a bug where we could rapidly mark a server as unreachable even though it was only down for a few minutes. (#5335, #5340)
  • Fix a bug where account validity renewal emails could only be sent when email notifs were enabled. (#5341)
  • Fix failure when fetching batches of events during backfill, etc. (#5342)
  • Add a new room version where the timestamps on events are checked against the validity periods on signing keys. (#5348, #5354)
  • Fix room stats and presence background updates to correctly handle missing events. (#5352)
  • Include left members in room summaries' heroes. (#5355)
  • Fix federation_custom_ca_list configuration option. (#5362)
  • Fix missing logcontext warnings on shutdown. (#5369)

Improved Documentation

  • Fix docs on resetting the user directory. (#5282)
  • Fix notes about ACME in the MSC1711 faq. (#5357)

Internal Changes

  • Synapse will now serve the experimental "room complexity" API endpoint. (#5216)
  • The base classes for the v1 and v2_alpha REST APIs have been unified. (#5226, #5328)
  • Simplifications and comments in do_auth. (#5227)
  • Remove urllib3 pin as requests 2.22.0 has been released supporting urllib3 1.25.2. (#5230)
  • Preparatory work for key-validity features. (#5232, #5234, #5235, #5236, #5237, #5244, #5250, #5296, #5299, #5343, #5347, #5356)
  • Specify the type of reCAPTCHA key to use. (#5283)
  • Improve sample config for monthly active user blocking. (#5284)
  • Remove spurious debug from MatrixFederationHttpClient.get_json. (#5287)
  • Improve logging for logcontext leaks. (#5288)
  • Clarify that the admin change password API logs the user out. (#5303)
  • New installs will now use the v54 full schema, rather than the full schema v14 and applying incremental updates to v54. (#5320)
  • Improve docstrings on MatrixFederationClient. (#5332)
  • Clean up FederationClient.get_events for clarity. (#5344)
  • Various improvements to debug logging. (#5353)
  • Don't run CI build checks until sample config check has passed. (#5370)
  • Automatically retry buildkite builds (max twice) when an agent is lost. (#5380)

Synapse 0.99.5.2 released

30.05.2019 00:00 — Releases Neil Johnson

0.99.5.2 contains a critical performance fix following a regression that was introduced in 0.99.5. Affected servers will have experienced increased CPU and RAM usage with a knock on effect of generally sluggish performance.

Separately, we are also looking into reports relating to further performance degradations that may have been introduced as part of 0.99.5, though consider the 0.99.5.2 fix to be a significant improvement on previous 0.99.5.x releases.

Please upgrade asap.

You can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our Synapse installation guide page.

Synapse v0.99.5.2 Changelog

Bugfixes

  • Fix bug where we leaked extremities when we soft failed events, leading to performance degradation. (#5274, #5278, #5291)