dependabot[bot]
d648c8ce3f
Bump bytes from 1.8.0 to 1.9.0 ( #17982 )
2024-12-02 16:55:53 +00:00
dependabot[bot]
190c400a83
Bump tomli from 2.1.0 to 2.2.1 ( #17979 )
2024-12-02 16:55:40 +00:00
Eric Eastwood
e5d3bfba30
Sliding Sync: Include invite, ban, kick, targets when $LAZY
-loading room members ( #17947 )
...
Part of https://github.com/element-hq/synapse/issues/17929
2024-12-02 10:17:55 -06:00
Travis Ralston
9b2ae62d20
Use stable error code for account locking ( #17965 )
2024-12-02 15:28:47 +00:00
dependabot[bot]
a89b697209
Bump pysaml2 from 7.3.1 to 7.5.0 ( #17978 )
2024-12-02 15:28:08 +00:00
Erik Johnston
a82f5f206f
Fix release process to not create duplicate releases ( #17970 )
...
This is to work around
https://github.com/softprops/action-gh-release/issues/445
---------
Co-authored-by: Quentin Gliech <quenting@element.io>
2024-12-02 10:54:14 +00:00
Eric Eastwood
6a909aade2
Consolidate SSO redirects through /_matrix/client/v3/login/sso/redirect(/{idpId})
( #17972 )
...
Consolidate SSO redirects through
`/_matrix/client/v3/login/sso/redirect(/{idpId})`
Spawning from
https://github.com/element-hq/sbg/pull/421#discussion_r1859497330 where
we have a proxy that intercepts responses to
`/_matrix/client/v3/login/sso/redirect(/{idpId})` in order to upgrade
them to use OAuth 2.0 Pushed Authorization Requests (PAR). Instead of
needing to intercept multiple endpoints that redirect to the
authorization endpoint, it seems better to just have Synapse consolidate
to a single flow.
### Testing strategy
1. Create a new OAuth application. I'll be using GitHub for example but
there are [many
options](be65a8ec01/docs/openid.md
).
Visit https://github.com/settings/developers -> **New OAuth App**
- Application name: `Synapse local testing`
- Homepage URL: `http://localhost:8008 `
- Authorization callback URL:
`http://localhost:8008/_synapse/client/oidc/callback `
1. Update your Synapse `homeserver.yaml`
```yaml
server_name: "my.synapse.server"
public_baseurl: http://localhost:8008/
listeners:
- port: 8008
bind_addresses: [
#'::1',
'127.0.0.1'
]
tls: false
type: http
x_forwarded: true
resources:
- names: [client, federation, metrics]
compress: false
# SSO login testing
oidc_providers:
- idp_id: github
idp_name: Github
idp_brand: "github" # optional: styling hint for clients
discover: false
issuer: "https://github.com/ "
client_id: "xxx" # TO BE FILLED
client_secret: "xxx" # TO BE FILLED
authorization_endpoint: "https://github.com/login/oauth/authorize "
token_endpoint: "https://github.com/login/oauth/access_token "
userinfo_endpoint: "https://api.github.com/user "
scopes: ["read:user"]
user_mapping_provider:
config:
subject_claim: "id"
localpart_template: "{{ user.login }}"
display_name_template: "{{ user.name }}"
```
1. Start Synapse: `poetry run synapse_homeserver --config-path
homeserver.yaml`
1. Visit
`http://localhost:8008/_synapse/client/pick_idp?redirectUrl=http%3A%2F%2Fexample.com `
1. Choose GitHub
1. Notice that you're redirected to GitHub to sign in
(`https://github.com/login/oauth/authorize ?...`)
Tested locally and works:
1.
`http://localhost:8008/_synapse/client/pick_idp?idp=oidc-github&redirectUrl=http%3A//example.com `
->
1.
`http://localhost:8008/_matrix/client/v3/login/sso/redirect/oidc-github?redirectUrl=http://example.com `
->
1.
`https://github.com/login/oauth/authorize?response_type=code&client_id=xxx&redirect_uri=http%3A%2F%2Flocalhost%3A8008%2F_synapse%2Fclient%2Foidc%2Fcallback&scope=read%3Auser&state=xxx&nonce=xxx `
2024-11-29 11:26:37 -06:00
Richard van der Hoff
d80cd57c54
Fix new scheduled tasks jumping the queue ( #17962 )
...
Currently, when a new scheduled task is added and its scheduled time has
already passed, we set it to ACTIVE. This is problematic, because it
means it will jump the queue ahead of all other SCHEDULED tasks;
furthermore, if the Synapse process gets restarted, it will jump ahead
of any ACTIVE tasks which have been started but are taking a while to
run.
Instead, we leave it set to SCHEDULED, but kick off a call to
`_launch_scheduled_tasks`, which will decide if we actually have
capacity to start a new task, and start the newly-added task if so.
2024-11-28 18:06:19 +00:00
Erik Johnston
59ad4b18fc
Update setuptools-rust and fix building abi3 wheels ( #17969 )
...
Newer versions of `setuptools-rust` ignore the `py_limited_api` flag to
`RustExtension`, and instead read it from `bdist_wheel` config.
c.f.
https://github.com/PyO3/setuptools-rust/blob/main/CHANGELOG.md#190-2024-02-24
2024-11-27 13:31:43 +00:00
V02460
a58f09acc7
Bump pyo3 to v0.23.2 ( #17966 )
...
Keep up-to-date with pyo3 releases. This bump enables Python 3.13
support and resolves deprecations.
Links for quick reference:
https://github.com/PyO3/pyo3/releases
https://github.com/davidhewitt/pythonize/releases
https://github.com/vorner/pyo3-log
2024-11-27 10:46:00 +00:00
Quentin Gliech
cee9da0da5
MSC4108: Add a Content-Type header on the PUT response ( #17253 )
...
This is a workaround for some proxy setup, where the ETag header gets
stripped from the response headers unless there is a Content-Type header
set.
In particular, we saw this bug when putting Cloudflare in front of
Synapse.
I'm pretty sure this is a Cloudflare bug, as this behaviour isn't
documented anywhere, and doesn't make sense whatsoever.
---------
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-11-26 19:43:26 +01:00
Quentin Gliech
a9c4d1c8ac
Merge branch 'master' into develop
2024-11-26 16:08:27 +01:00
Quentin Gliech
8c653e1dd6
1.120.0
2024-11-26 14:11:12 +01:00
dependabot[bot]
cd7d90bd28
Bump tomli from 2.0.2 to 2.1.0 ( #17959 )
2024-11-26 09:30:16 +00:00
Richard van der Hoff
02aa7adf4c
Fix delete_old_otks
job on worker deployments ( #17960 )
...
In a worker-mode deployment, the `E2eKeysHandler` is not necessarily
loaded, which means the handler for the `delete_old_otks` task will not
be registered. Make sure we load the handler.
Introduced in https://github.com/element-hq/synapse/pull/17934
2024-11-26 08:45:18 +01:00
Erik Johnston
3943d2fde7
Fix up logic for delaying sending read receipts over federation. ( #17933 )
...
For context of why we delay read receipts, see
https://github.com/matrix-org/synapse/issues/4730 .
Element Web often sends read receipts in quick succession, if it reloads
the timeline it'll send one for the last message in the old timeline and
again for the last message in the new timeline. This caused remote users
to see a read receipt for older messages come through quickly, but then
the second read receipt taking a while to arrive for the most recent
message.
There are two things going on in this PR:
1. There was a mismatch between seconds and milliseconds, and so we
ended up delaying for far longer than intended.
2. Changing the logic to reuse the `DestinationWakeupQueue` (used for
presence)
The changes in logic are:
- Treat the first receipt and subsequent receipts in a room in the same
way
- Whitelist certain classes of receipts to never delay being sent, i.e.
receipts in small rooms, receipts for events that were sent within the
last 60s, and sending receipts to the event sender's server.
- The maximum delay a receipt can have before being sent to a server is
30s, and we'll send out receipts to remotes at least at 50Hz (by
default)
The upshot is that this should make receipts feel more snappy over
federation.
This new logic should send roughly between 10%–20% of transactions
immediately on matrix.org.
2024-11-25 18:12:33 +00:00
dependabot[bot]
93cc955051
Bump tornado from 6.4.1 to 6.4.2 ( #17955 )
2024-11-25 14:23:32 +00:00
Shay
4587decd67
Return suspended status when querying user account ( #17952 )
2024-11-22 12:37:19 +00:00
Matthew Hodgson
4c67d20af7
link to element-docker-demo from contrib/docker* ( #17953 )
2024-11-22 12:35:03 +00:00
Valentin Iovene
80e39fd834
Add Forgejo oidc provider config example ( #17872 )
2024-11-20 16:06:08 -06:00
Olivier 'reivilibre
573bdbc824
Merge branch 'release-v1.120' into develop
2024-11-20 17:26:16 +00:00
Erik Johnston
79c02cada0
Fix incorrect comment in new schema delta ( #17936 )
...
Added in #17912 , was a bad copy and paste.
2024-11-20 17:12:17 +00:00
dependabot[bot]
81b080f7a2
Bump serde_json from 1.0.132 to 1.0.133 ( #17939 )
2024-11-20 16:52:19 +00:00
V02460
84ec15c47e
Raise setuptools_rust version cap to 1.10.2 ( #17944 )
2024-11-20 16:49:21 +00:00
Olivier 'reivilibre
0202e5f210
Tweak changelog
2024-11-20 16:45:54 +00:00
Will Hunt
f73edbe4d2
Add encrypted appservice extensions to Complement test image. ( #17945 )
2024-11-20 16:35:43 +00:00
Olivier 'reivilibre
ec4d136965
1.120.0rc1
2024-11-20 15:13:32 +00:00
Olivier 'reivilibre
ddd1d79d03
Fix nix flake
2024-11-20 15:01:56 +00:00
Travis Ralston
d0a474d312
Enable authenticated media by default ( #17889 )
...
Co-authored-by: Olivier 'reivilibre <oliverw@matrix.org>
2024-11-20 14:48:22 +00:00
Renaud Allard
8291aa8fd7
Support both import names of PyPI package python-multipart
. ( #17932 )
2024-11-20 11:48:04 +00:00
Erik Johnston
1092a35a2a
Speed up slow initial sliding syncs on large servers ( #17946 )
...
This was due to a missing index, which meant that deleting previous
connections associated with the device and `conn_id` took a long time.
2024-11-19 15:03:32 +00:00
Richard van der Hoff
c5e89f5fae
Create one-off scheduled task to delete old OTKs ( #17934 )
...
To work around the fact that,
pre-https://github.com/element-hq/synapse/pull/17903 , our database may
have old one-time-keys that the clients have long thrown away the
private keys for, we want to delete OTKs that look like they came from
libolm.
To spread the load a bit, without holding up other background database
updates, we use a scheduled task to do the work.
2024-11-19 11:20:48 +00:00
dependabot[bot]
e918f683d4
Bump serde from 1.0.214 to 1.0.215 ( #17938 )
2024-11-18 15:48:26 +00:00
dependabot[bot]
4efd1056ca
Bump packaging from 24.1 to 24.2 ( #17940 )
2024-11-18 15:48:05 +00:00
dependabot[bot]
0f32408c80
Bump phonenumbers from 8.13.49 to 8.13.50 ( #17942 )
2024-11-18 15:47:54 +00:00
dependabot[bot]
9d837daa8a
Bump immutabledict from 4.2.0 to 4.2.1 ( #17941 )
2024-11-18 15:24:44 +00:00
Richard van der Hoff
d72843056b
Add some documentation about backing up Synapse ( #17931 )
...
Fixes: https://github.com/element-hq/element-meta/issues/2155
Fixes: https://github.com/element-hq/synapse/issues/2046
2024-11-18 14:05:49 +00:00
Devon Hudson
e80dad5fa9
Move server event filtering logic to rust ( #17928 )
...
### Pull Request Checklist
<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->
* [X] Pull request is based on the develop branch
* [X] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog ).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
- Use markdown where necessary, mostly for `code blocks`.
- End with either a period (.) or an exclamation mark (!).
- Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [X] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html ) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters ))
2024-11-14 16:18:24 +00:00
Erik Johnston
97284689ea
Merge branch 'master' into develop
2024-11-13 21:51:44 +00:00
Poruri Sai Rahul
c812a79422
Removal: Remove support for experimental msc3886 ( #17638 )
2024-11-13 14:10:20 +00:00
Erik Johnston
850ff14613
1.119.0
2024-11-13 13:58:18 +00:00
Erik Johnston
e0fdb862cb
Bump macos version used to build wheels ( #17924 )
...
MacOS 12 is end-of-life and GitHub is deprecating support for it
(including doing brown outs). Let's bump to MacOS 13.
2024-11-13 11:30:04 +00:00
Erik Johnston
73dc05c993
Unpin the upload release GHA action ( #17923 )
...
We were pinned to an old version that had deprecation warnings.
In new versions of the action leaving off properties (i.e. `draft` and
`prerelease`) tells the action to not modify those properties of the
release.
2024-11-12 16:52:00 +00:00
Benjamin Bouvier
bfb197c596
Fix typo in error message when a media ID isn't known ( #17865 )
2024-11-12 16:41:14 +00:00
Erik Johnston
f387f47a6a
Merge branch 'release-v1.119' into develop
2024-11-11 15:47:27 +00:00
Erik Johnston
a4c503674f
1.119.0rc2
2024-11-11 14:33:37 +00:00
Erik Johnston
2637b26cfe
Fix building and attaching release artifacts ( #17921 )
...
Broke in #17905 due to upgrading the `upload-artifact` action, as we
didn't rename debs. I think we also need to change how we download the
artefacts and attach them to a release, as they'll download to a
different place.
Docs:
- https://github.com/actions/upload-artifact/tree/v4/
- https://github.com/actions/download-artifact/tree/v4/
2024-11-11 14:32:45 +00:00
dependabot[bot]
db59067e78
Bump bleach from 6.1.0 to 6.2.0 ( #17918 )
2024-11-11 14:15:17 +00:00
dependabot[bot]
7feb07c3e9
Bump pygithub from 2.4.0 to 2.5.0 ( #17917 )
2024-11-11 13:52:14 +00:00
dependabot[bot]
54e0086abd
Bump ruff from 0.7.2 to 0.7.3 ( #17919 )
2024-11-11 13:51:47 +00:00