diff --git a/CHANGES.md b/CHANGES.md index 6618378c06..05ca83df5d 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,14 @@ +Synapse 1.55.1 (2022-03-24) +=========================== + +This is a patch release that fixes an incompatibility with version 3.1.0 of the [Jinja](https://pypi.org/project/Jinja2/) library, released on March 24th, 2022. Deployments of Synapse using the `matrixdotorg/synapse` Docker image or Debian packages from packages.matrix.org are not affected. + +Internal Changes +---------------- + +- Remove uses of the long-deprecated `jinja2.Markup` which would prevent Synapse from starting with Jinja 3.1.0 or above installed. ([\#12289](https://github.com/matrix-org/synapse/issues/12289)) + + Synapse 1.55.0 (2022-03-22) =========================== diff --git a/debian/changelog b/debian/changelog index 7eed6c5b4a..f3ac279302 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.55.1) stable; urgency=medium + + * New synapse release 1.55.1. + + -- Synapse Packaging team Thu, 24 Mar 2022 17:44:23 +0000 + matrix-synapse-py3 (1.55.0) stable; urgency=medium * New synapse release 1.55.0. diff --git a/synapse/__init__.py b/synapse/__init__.py index f0f224d0bb..70f56824f9 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -68,7 +68,7 @@ try: except ImportError: pass -__version__ = "1.55.0" +__version__ = "1.55.1" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when diff --git a/synapse/push/mailer.py b/synapse/push/mailer.py index 649a4f49d0..5ccdd88364 100644 --- a/synapse/push/mailer.py +++ b/synapse/push/mailer.py @@ -18,6 +18,7 @@ from typing import TYPE_CHECKING, Dict, Iterable, List, Optional, TypeVar import bleach import jinja2 +from markupsafe import Markup from synapse.api.constants import EventTypes, Membership, RoomTypes from synapse.api.errors import StoreError @@ -867,7 +868,7 @@ class Mailer: ) -def safe_markup(raw_html: str) -> jinja2.Markup: +def safe_markup(raw_html: str) -> Markup: """ Sanitise a raw HTML string to a set of allowed tags and attributes, and linkify any bare URLs. @@ -877,7 +878,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify( bleach.clean( raw_html, @@ -891,7 +892,7 @@ def safe_markup(raw_html: str) -> jinja2.Markup: ) -def safe_text(raw_text: str) -> jinja2.Markup: +def safe_text(raw_text: str) -> Markup: """ Sanitise text (escape any HTML tags), and then linkify any bare URLs. @@ -901,7 +902,7 @@ def safe_text(raw_text: str) -> jinja2.Markup: Returns: A Markup object ready to safely use in a Jinja template. """ - return jinja2.Markup( + return Markup( bleach.linkify(bleach.clean(raw_text, tags=[], attributes=[], strip=False)) ) diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index 1dd39f06cf..232f9a9595 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -75,6 +75,7 @@ REQUIREMENTS = [ "attrs>=19.2.0,!=21.1.0", "netaddr>=0.7.18", "Jinja2>=2.9", + "MarkupSafe>=2.0", "bleach>=1.4.3", # We use `ParamSpec`, which was added in `typing-extensions` 3.10.0.0. "typing-extensions>=3.10.0",