Releases

148 posts tagged with "Releases" (See all Category)

Atom Feed

Synapse 1.44.0 released

05.10.2021 23:44 — Releases Dan Callahan

Synapse 1.44.0 is out now!

🔗Loads of Bug Fixes

This release primarily includes fixes for over a dozen long-standing bugs. For example:

  • Messages containing null bytes are now properly indexed for search.
  • The Room Search Admin API now allows searching for rooms with non-ascii titles.
  • URL preview caches, which are meant to be ephemeral, are no longer mirrored from the local media store into other media providers.

🔗Faster JSON Responses

We now stay within C code while generating large JSON objects for responses, which should be substantially faster than the previous technique, which fell back to Python for encoding.

🔗New Extension Module APIs

Spam checker modules can now use a user_may_create_room_with_invites callback to inspect room creation events which include invitations to users via Matrix or other media (email, etc.).

Additionally, the ModuleApi can now inspect IP and User Agent data, as well as checking whether Rooms and MXIDs are local to the current homeserver.

🔗Everything Else

We've also been busy refactoring. For example:

  • Prometheus stats now distinguish between cache evictions due to entries expiring, and cache evictions due to the cache being full.
  • The synapse.handlers, synapse.rest, and synapse.storage.databases.state modules are now fully type annotated and checked by mypy, among others.
  • The user directory search code was cleaned up in preparation for future fixes.
  • Another half dozen pull requests were merged with an aim toward clarifying federated event authentication code (and associated logging).

Lastly, this release has seen considerable work toward supporting MSC2716: Incrementally importing history into existing rooms, along with an update to match the current state of MSC3231: Token authenticated registration.

These are just the highlights; please see the Upgrade Notes and Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including aaronraimist, cvwright, govynnus, Kokokokoka, and tulir.

Synapse 1.43.0 released

21.09.2021 22:03 — Releases Dan Callahan

Synapse 1.43.0 is out now!

🔗Preparing for Spaces

Quite a lot of work has gone into preparing for Spaces to graduate from beta testing. For example, Synapse now:

  • Asks clients to prefer room version 9 when creating restricted rooms (#10772), via the API defined in MSC3244: room version capabilities.
  • Allows the Spaces Summary APIs to be handled by worker processes.
  • Omits rooms with unknown room versions from the Spaces Summary.
  • Properly handles upgrades of Spaces to different room versions.

🔗Everything Else

This release of Synapse also:

  • Includes initial work toward fully supporting oEmbed for embedding URL previews (#10714, #10759).
  • Slightly speeds up room joins over federation (#10754, #10755, #10756, #10780, #10784).
  • Somewhat improves service restart times for large Synapse deployments.
  • Significantly refactors federation event authentication code for greater clarity (#10744, #10745, #10746, #10771, #10773, #10781).
  • Adds further static type hints to various modules.

We've also spent quite a lot of time on SyTest, our integration test suite. In particular, many of the tests made assumptions about event processing which were not correct when targeting a multi-worker Synapse deployment. These flakey tests have plagued our continuous integration pipelines, and are finally being fixed.

These are just the highlights; please see the Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including AndrewFerr, BramvdnHeuvel, and cuttingedge1109.

Synapse 1.42.0 released

07.09.2021 00:00 — Releases Dan Callahan

Synapse 1.42.0 is out now!

This release includes changes that you may need to be aware of before upgrading, such as the removal of two deprecated Admin APIs or a retroactive fix to ensure that email notifications are only sent to addresses which are presently associated with an account. Please see the Upgrade Notes for details.

🔗Room Version 9: A Bugfix for Restricted Rooms

Synapse 1.42 includes support for Room Version 9, which fixes an oversight in the list of event fields which were protected from redaction in Room Version 8's restricted rooms. This makes it possible, in certain circumstances, for a restricted room to degrade into a state where participating servers will disagree about the room's membership.

Because changing a room version's redaction algorithm also changes the way that event IDs are calculated, properly fixing this issue required the creation of a new room version.

To ensure compatibility with existing servers, Synapse 1.42's MSC3244: Room version capabilities hints will continue to ask clients to prefer Room Version 8 when creating restricted rooms and Room Version 6 otherwise. A future release of Synapse will ask clients to prefer Room Version 9 for restricted rooms.

🔗Handling Unknown Rooms

Very rarely, users find themselves in rooms created with unstable or experimental room versions. Then, when Synapse removes support for these versions, bad things happen. The server no longer understands how to interact with that room version, which means you can't interact with that room. And if you can't interact with that room, you can't leave.

In Synapse 1.42, rooms with unknown room versions are no longer returned down /sync. This prevents them from appearing in your client, though you may need to empty your client's cache and re-sync to see any effect.

🔗New MSCs

In addition to Room Version 9 (MSC3375), this release includes:

  • An initial implementation of MSC3231: Token authenticated registration, which makes it possible for homeservers to disable user registration while still allowing new accounts to be made by people who know a pre-shared secret.

    This MSC and its implementations were produced as part of a Google Summer of Code (GSoC) project by Callum Brown.

  • An updated implementation of MSC2946: Spaces Summary following recent changes to the proposal.

  • Support for MSC3283: Expose capabilities for profile actions, which hints to clients whether or not a server allows users to change their display name, avatar, or email address.

🔗Everything Else

In addition to the usual array of improvements to performance, type hints, error messages, and documentation:

  • Custom Presence Router modules can now be built using Synapse's new, unified module interface which debuted in Synapse 1.37.
  • Code around federation event handling and authentication has been significantly refactored to improve reliability and maintainability, including extracting nearly 1,800 lines of code from the FederationHandler class into a separate FederationEventHandler class.
  • Backfilling history and fetching missing events now use the same code paths, reducing the potential for bugs.
  • Concurrently fetching the same large set of events (#10703) is now much more efficient, preventing the process hangs which were possible in prior, extreme cases.

These are just the highlights; please see the Upgrade Notes and Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including aaronraimist, dklimpel, govynnus, and HugoDelval.

Synapse 1.41.1 released

31.08.2021 00:00 — Releases Dan Callahan

Today we are releasing Synapse 1.41.1, a security update based on last week's release of Synapse 1.41.0. This release patches two moderate severity issues which could reveal metadata about private rooms:

  • GHSA-3x4c-pq33-4w3q / CVE-2021-39164: Enumerating a private room's list of members and their display names.

    If an unauthorized user both knows the Room ID of a private room and that room's history visibility is set to shared, then they may be able to enumerate the room's members, including their display names.

    The unauthorized user must be on the same homeserver as a user who is a member of the target room.

  • GHSA-jj53-8fmw-f2w2 / CVE-2021-39163: Disclosing a private room's name, avatar, topic, and number of members.

    If an unauthorized user knows the Room ID of a private room, then its name, avatar, topic, and number of members may be disclosed through Group / Community features.

    The unauthorized user must be on the same homeserver as a user who is a member of the target room, and their homeserver must allow non-administrators to create groups (enable_group_creation in the Synapse configuration; off by default).

Note that in both cases:

  • The private room's Room ID must be known to the attacker.
  • Another user on the attacker's homeserver must be a legitimate member of the target room.
  • The information disclosed is already present in the database and thus legitimately known to the administrators of homeservers participating in the target room.

We'd like to credit 0xkasper for discovering and responsibly disclosing these issues.

This release also fixes a small regression in 1.41.0 (#10709) which broke compatibility with older Twisted versions when Synapse was a configured to send email.

Please update at your earliest convenience.

Synapse 1.41.0 released

24.08.2021 00:00 — Releases Dan Callahan

Synapse 1.41.0 is out now!

NOTE: We anticipate publishing a security release next Tuesday, the 31st of August.

Synapse 1.41.1 will contain fixes for two moderate severity issues.

Synapse 1.41 includes changes to forward proxies, template settings, and media workers which may require your attention. Please see the Upgrade Notes for details.

Also, this release removes support for Ubuntu 20.10 (Groovy Gorilla), which reached End of Life last month. Support for Ubuntu 18.04 LTS (Bionic Beaver) and Ubuntu 21.04 (Hirsute Hippo) will be withdrawn near the end of this year under our platform deprecation policy.

🔗Promoting Restricted Rooms

Synapse 1.41 includes experimental support for MSC3244: Room version capabilities, which indicates to clients that they should use Room Version 8 when creating restricted rooms. For example, Element's clients will use the MSC3244 metadata, which is on by default in Synapse 1.41, to determine whether to show end users the UI for creating restricted rooms.

Room Version 6 will remain the default for newly created rooms which do not explicitly request the restricted room capabilities at creation time. This strikes a balance between the broad compatibility of an older default room version, while still making newer features available upon request.

🔗New MSCs

This version of Synapse implements experimental support for:

We've also added pagination to the Spaces Summary API based on updates to MSC2946.

Work towards implementing MSC2716: Incrementally importing history into existing rooms continues, with several related pull requests landing in this release.

🔗More Admin APIs

Synapse now has an Admin APIs to:

🔗Everything Else

In addition to the usual boosts to performance and reliability like #10119 or #10513, this release includes several notable improvements:

  • The /createRoom endpoint can now be handled by workers.
  • Synapse can now route outbound federation requests, remote media downloads, and public key fetches through a forward proxy.
  • Custom template configuration has now been centralized into a single custom_templates_directory configuration setting.
  • Matrix clients which allow users to set a status_msg with their presence will find that Synapse no longer arbitrarily unsets the message when a user goes offline. Instead, each user's status_msg will persist until it is deliberately cleared by their client.
  • The extension module API now exposes a function, get_userinfo_by_id, which accepts an MXID and returns a UserInfo object. This should simplify writing extension modules like spam checkers.

These are just the highlights; please see the Upgrade Notes and Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including Bubu, dklimpel, H-Shay, ilmari, Kentokamoto, SimonBrandner, and warricksothr.

Synapse 1.40.0 released

10.08.2021 00:00 — Releases Dan Callahan

Synapse 1.40.0 is out now!

🔗Support for Room Version 8

This release of Synapse includes stable support for Room Version 8! Version 8 codifies a concept of "restricted rooms" which are private rooms joinable only by direct invitation or by being a member of other, designated Spaces / rooms.

This means you can create a Matrix Space for your company, team, or guild, and instead of inviting people to the Space and directly to a bunch of private rooms, you can simply configure your private rooms such that membership in the Space automatically confers access to the private rooms.

This is a major improvement to access control in Matrix, and we can't wait to use it ourselves.

Note that client support for managing restricted rooms is still forthcoming, and you'll want to ensure that your users are on homeservers which support v8 before upgrading existing rooms. To ensure compatibility across federation, the default for newly created rooms remains at v6 for the time being.

🔗Everything Else

A few other items worth calling out:

  • Synapse can now optionally recycle PostgreSQL connections after a specified number of transactions (#10440), which may mitigate slow memory leaks in the database. Thanks to GitHub user hifi.
  • We have a whole new documentation page explaining Room DAG Concepts like depth, stream ordering, extremities, outliers, and state groups.
  • The Admin API for listing accounts now returns a creation_ts property indicating when an account was created. Thanks to work by dklimpel.
  • Synapse should better detect character encodings in URL previews thanks to a contribution by srividyut.

In addition to further work towards implementing MSC2716: Incrementally Importing History into Existing Rooms, we've landed support for:

  • MSC2033: The /account/whoami endpoint now includes the device_id associated with the access token used to make the request.
  • (Experimental) MSC3244: The /_matrix/client/r0/capabilities endpoint may include metadata about which room versions support which capabilities (like knocking on restricted joins).
  • (Experimental) MSC2285: Clients may mark messages as read on the server without updating their externally visible read receipts, implemented by SimonBrandner.

These are just the highlights; please see the Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including dklimpel, hifi, SimonBrandner, and srividyut.

Synapse 1.39.0 released

29.07.2021 00:00 — Releases Dan Callahan

Synapse 1.39.0 is now available!

We've done quite a bit of work this release on Synapse's new interface for extension modules:

  • Synapse's account_validity option has been extracted into a built-in extension module. If your configuration previously enabled account_validity, it will continue working as before, but it is now easier to override and customize.
  • The third party event rules callbacks have also been experimentally ported to the new module interface.

We've also improved the Space Summary API to list all rooms which a user could join (#10298). This is especially important with the pending standardization of Room Version 8, which includes MSC3083: Restricting room membership based on membership in other rooms.

MadLittleMods landed several pull requests on the path to implementing MSC2716: Incrementally importing history into existing rooms (#10250, #10276).

More than anything else, this release contains an absolutely enormous load of internal cleanup. For example:

  • ShadowJonathan ran pyupgrade on the entire codebase, bringing it up to modern Py3.6+ conventions, then separately used com2ann to move us from legacy # type: foo type hints to more modern inline annotations.
  • We finished converting several integer columns in our database to bigint as a precautionary measure.
  • We've made innumerable improvements to our CI configuration; including moving completely to GitHub Actions.
  • Countless small improvements to performance, reliability, and error logging.

But that's not all! Synapse 1.39 also allows for setting credentials for HTTP proxy connections thanks to work by dklimpel; previously, Synapse was only able to provide authentication for HTTPS proxies.

Please see the Upgrade Notes and Release Notes for a complete list of changes in this rele ase.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including andir, dklimpel, ilmari, LukeWalsh, moritzdietz, ShadowJonathan, and xmunoz.

Dendrite 0.4.1 Released

26.07.2021 00:00 — Releases Matthew Hodgson

It's only been two weeks since Dendrite 0.4 landed, but there's already a significant new release with Dendrite 0.4.1 (it's amazing how much work we can do on Dendrite when not off chasing low-bandwidth and P2P Matrix!)

This release further improves memory performance and radically improves state resolution performance (rumour has it that it's a 10x speed-up). Meanwhile, SS API sytest coverage is up to 91%(!!) and CS API is now at 63%.

We're going to try to keep the pressure up over the coming weeks - and once sytest is at 100% coverage (and we're not missing any big features which sytest doesn't cover yet) we'll be declaring a 1.0 :)

If you're running Dendrite, please upgrade. If not, perhaps this would be a good version to give it a try? You can get it, as always from, https://github.com/matrix-org/dendrite/releases/tag/v0.4.1. The changelog follows:

🔗Features

  • Support for room version 7 has been added
  • Key notary support is now more complete, allowing Dendrite to be used as a notary server for looking up signing keys
  • State resolution v2 performance has been optimised further by caching the create event, power levels and join rules in memory instead of parsing them repeatedly
  • The media API now handles cases where the maximum file size is configured to be less than 0 for unlimited size
  • The initial_state in a /createRoom request is now respected when creating a room
  • Code paths for checking if servers are joined to rooms have been optimised significantly

🔗Fixes

  • A bug resulting in cannot xref null state block with snapshot during the new state storage migration has been fixed
  • Invites are now retired correctly when rejecting an invite from a remote server which is no longer reachable
  • The DNS cache cache_lifetime option is now handled correctly (contributed by S7evinK)
  • Invalid events in a room join response are now dropped correctly, rather than failing the entire join
  • The prev_state of an event will no longer be populated incorrectly to the state of the current event
  • Receiving an invite to an unsupported room version will now correctly return the M_UNSUPPORTED_ROOM_VERSION error code instead of M_BAD_JSON (contributed by meenal06)

-- Team Dendrite

Synapse 1.38.0 released

13.07.2021 00:00 — Releases Dan Callahan

Synapse 1.38.0 is out now!

NOTE: We released Synapse 1.38.1 on Thursday, July 22nd. It mitigates a client bug with Synapse 1.38.0's smaller sync responses which prevented new Element Android sessions from successfully participating in encrypted conversations. Server administrators are strongly encouraged to upgrade.

🔗(Big) Integers

Synapse's database schema used integer columns in a few places where values could potentially overflow a maximum value of 231. One such column is events.stream_ordering, which surpassed 231 on matrix.org last week.

To prevent overflows, Synapse 1.38 will automatically convert several integer columns to bigint as a background update. While homeservers will function normally during this task, it could result in increased disk I/O for several hours or days. Note that homeservers may need several gigabytes of free space to successfully rebuild associated database indexes and complete the upgrade.

See the upgrade notes for more details.

🔗Expiring Caches

Synapse has a new configuration option, caches.expiry_time, which can be set to enable evicting items from caches if they go too long without being accessed. This helps servers reclaim memory used by large yet infrequently used caches.

🔗Smaller Sync Responses

The response to /sync now omits optional keys when they would otherwise be empty. This can significantly reduce the size of incremental syncs, as demonstrated in #6579. Thanks to deepbluev7 for initially submitting this in #9919, which made it into this release via #10214.

🔗Everything Else

A few other items worth calling out:

  • This release includes an experimental implementation of MSC2918: Refresh tokens, which adds initial support for complementary access / refresh tokens in line with OAuth best practices (#9450).
  • Synapse now ships a script to review recently registered accounts, which can be useful in cleaning up servers in the wake of malicious, automated registrations like we witnessed during last month's spam attack.
  • We've also fixed a few rough edges (#10263, #10303, #10336) in the spam mitigations from 1.37.1, and would encourage you to update.
  • The Admin API for querying user information now includes information about a user's SSO identities in its response.

These are just the highlights; please see the Upgrade Notes and Release Notes for a complete list of changes in this release.

Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including deepbluev7, dklimpel, fkr, and sideshowbarker

Dendrite 0.4.0 Released

12.07.2021 00:00 — Releases Neil Alexander

After quite a significant gap between releases — version 0.3.11 was released at the beginning of March — we're happy to finally announce the release of Dendrite 0.4.0 today!

The full changelog for the release is available on GitHub, but we wanted to take the opportunity to talk a little about some of the changes that have gone into this release.

Recently our release cadence for Dendrite has slowed as we have spent more time within the team working on Pinecone and Low Bandwidth Matrix. These are major areas of research for us which we hope will unlock a number of new opportunities within the Matrix ecosystem, allowing us to build on Matrix anywhere and to reduce the protocol-level footprint. However, Dendrite has not been forgotten amidst the excitement and we will be spending more time working on Dendrite again in the coming months.

🔗State storage

One of the major features in v0.4.0 is that we've introduced newly-refactored state storage in the roomserver database. The goal here is to make state storage significantly more efficient by ensuring that we deduplicate state blocks and snapshots wherever we can. By ensuring that all state blocks and snapshots are ordered strictly, and by enforcing uniqueness constraints on the hashes of the blocks/snapshots, we've been able to achieve this.

This was largely spurred on by watching dendrite.matrix.org consuming a rather alarming amount of disk space on a daily basis. In this particular instance, moving to the new state storage resulted in a 15x improvement on disk utilisation for state blocks and a further 2x improvement for state snapshot references immediately after the migration, and the growth rate of the database has slowed substantially since.

Ensuring that we don't waste disk space is one of the most important factors in ensuring that Dendrite operates well at any scale — future datacentre deployments supporting many users will find storage overheads decreased and small/embedded single-user deployments (such as P2P, on mobile devices or in the browser) will fit much more effectively onto resource-constrained targets.

After upgrading to v0.4.0, Dendrite will run an automatic migration to update your homeserver to the new state storage format. This might take a while on larger databases so please expect some downtime.

🔗Optimisations

We've continued to squeeze further optimisations into the federation and state resolution code, aiming to reduce the amount of CPU burn and memory utilisation. Some of the feedback that we receive most often from those that have been experimenting with the Dendrite betas is around the sudden spikes in resource usage, especially when joined to large rooms.

The bulk of this resource usage comes either from attempting to reconcile missing events or running state resolution in rooms with lots of members, as potentially large state sets of events need to be brought into memory in order to do so. We've introduced some transaction-level caches for dealing with missing auth/prev events to reduce the memory pressure and we've also tweaked the caching around around /get_missing_events to ensure we don't duplicate any state events in memory.

Resource spikes aren't completely eliminated but this should smooth out CPU and memory utilisation significantly. In the case of dendrite.matrix.org, which is joined to some 6500 rooms at present, memory utilisation of the Dendrite process typically sits around 1.5GB at present.

State Resolution v2 has also seen further optimisations in the power-level checking, which should reduce CPU usage even more.

🔗Bridges

Thanks to Half-Shot's perseverance and contributions, we've merged a couple PRs and worked on some further fixes for getting Application Services working correctly in Dendrite. Whilst not entirely feature-complete and with a number of features still to go, enough support is now present to support basic bridging functionality.

We've done quite a bit of preliminary testing with matrix-appservice-irc and have also heard a number of success stories from the community with mautrix-whatsapp and mautrix-telegram. Others may work too — let us know what you find!

🔗Bug-hunting

A number of bugs in various places (including the roomserver, federation API and media API) which could cause Dendrite to crash have also been fixed. Some of these have been contributed by the community in pull requests, so we extend our thanks to anyone who has submitted a fix to the project.

A special mention also goes to Jakob Varmose Bentzen for reporting a security issue to us around the legacy /v1/register endpoint, where a flaw in the legacy shared secret registration allowed malicious users to create accounts. We've since removed this legacy endpoint and the vulnerability is now fixed.

🔗What's next

There are still a number of missing user-facing features which we will be working on over the coming months, as well as some architectural issues that we will look to address.

A notable area of work involves attempting to remove the dependency on Kafka for polylith deployments. Kafka is very resource-heavy in operation and somewhat limits us to the types of interactions that we can perform between components. It's also very difficult to manage retention correctly, in the interests of not endlessly consuming disk space here either.

As usual, Dendrite is still considered beta so you may not want to rely on it for production systems, although it should be stable enough to experiment with. If you find any bugs or anything that doesn't look right, please let us know:

We're also open to contributions, so don't be afraid to open pull requests. Finally, thanks for your continued support!

— Team Dendrite