Skip to content

Releases: the-draupnir-project/Draupnir

[v2.0.0-beta.9] 2024-12-14

14 Dec 15:25
56a36de
Compare
Choose a tag to compare
Pre-release

[v2.0.0-beta.9] 2024-12-14

Fixed

  • The !draupnir protections config <protection> <set/add/remove> <value>
    commands are now working again. A tutorial has been written explaining how to
    use these commands
    https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections.
    Reviewed by @FSG-Cat.

  • The BanPropagationProtection now shows a prompt for all unbans, even when
    there is no matching rule. This is to make it easier to unban a user from all
    the rooms draupnir is protecting, and not just when removing policy rules.
    Reported by @mahdi1234 in
    #622.

  • The JoinWaveShortCircuitProtection has been improved:

    • The JoinWaveShortCircuitProtection now uses a leaky bucket token
      algorithm, prior to this the entire bucket got dumped after a preconfigured
      time.
    • The status command for the protection has returned and will show how full
      each bucket is.
  • A bug where providing a bad or missing argument could render the help hint
    poorly or crash draupnir has been fixed.
    #642.

Added

  • A new !draupnir protections show <protection> command that can display all
    of the settings and capability providers for a protection.

  • A new command
    !draupnir protections capability <capability name> <provider name> to
    configure a protection's active capabilitity providers. This is experimental
    and is intended to be used in conjunction with the
    !draupnir protections show <protection> command. It's not clear whether we
    will demonstrate protection capabilities before or after the upcoming 2.0.0
    release.

Special thanks

Special thanks to @TheArcaneBrony, @ll-SKY-ll, @MTRNord, and @daedric7 for
providing support to myself and others in
#draupnir:matrix.org.

v2.0.0-beta.8

22 Oct 18:41
e36fefb
Compare
Choose a tag to compare
v2.0.0-beta.8 Pre-release
Pre-release

[v2.0.0-beta.8] - 2024-10-22

Changed

  • Breaking: The Node version required to run Draupnir has been updated from Node 18 to Node 20. If you are using Debian, please follow our documentation for using Debian and node source here, kindly contributed by @ll-SKY-ll. This is due to of the release policy of one of our major dependencies, matrix-appservice-bridge, by @MTRNord in #609. We did this as part of larger work to attempt to fix issues with Element's "invisible crypto" documented in #608.

  • The Dockerfile now uses a multi-stage build, so docker build will just work again. Thanks to @ShadowJonathan for reporting. We also optimized the image size just slightly. Long term we've been blocked on for years on matrix-org/matrix-rust-sdk-crypto-nodejs#19 which would allow us to use the alpine image and take the size down to under 200MB again. So if anyone can help out there it'll make a massive difference and be greatly appreciated.

  • Dockerfile: entry-point was renamed from mjolnir-entrypoint.sh to draupnir-entrypoint.sh. If you have built a Dockerfile based on ours, you may need to make some changes.

  • Dockerfile: source code was moved from /mjolnir to /draupnir. If you have built a custom docker image based on our Dockerfile based on ours, you may need to make some changes.

  • The appservice registration file generator no longer emitsmjolnir-registration.yaml as it has been renamed to draupnir-registration.yaml. This is only a concern if you have automated tooling that generates a registration file.

  • The safe mode recovery command now prompts for confirmation.

  • Some references to Mjolnir have been changed to Draupnir thanks to @FSG-Cat in #591.

Development

  • Enable proseWrap in prettier, by @Mikaela in #605. We thought that this was enabled already but turns out we missed it.

  • The no-confirm keyword argument now has special meaning, see the safe mode recover command and renderer description for an example.

Added

  • Safe mode now shows a preview of the persistent configs, including the property or item that is causing Draupnir to fail to start. Special thanks for the feedback from @jimmackenzie and @TheArcaneBrony. Thanks to @julianfoad for documenting the use case for safe mode.

  • Draupnir now logs at startup the path used to load its configuration file, and which options are used for loading secrets. We also show any non-default configuration values if Draupnir crashes. This is to to try make it very clear to system administrators which configuration options are being used by Draupnir and help them diagnose startup issues.

Deprecated

  • Starting Draupnir without the --draupnir-config option will cause a deprecation warning.

Removed

  • The spurious warnings about not being able to find a config file when the --draupnir-config option was used have been been removed.

  • The documentation for the WordListProtection in the configuration file claimed that regexes where supported when this wasn't the case. Removed by @FSG-Cat in #600. We will rewrite this protection entirely at a later date.

Fixed

  • Fixed a bug where sometimes the help command wouldn't show if --keyword or options were used in an unrecognized command.

Screenshots

recovery-options
recovery-confirm

v2.0.0-beta.7

02 Oct 18:56
cb88aa5
Compare
Choose a tag to compare
v2.0.0-beta.7 Pre-release
Pre-release

Added

  • Draupnir will now enter "safe mode" by default when Draupnir fails to start up and the failure mode is recoverable.
    What this means is that you will get a prompt in the safe mode status message that gives you simple options for recovery.
    A screenshot is provided at the end to show what this currently looks like. Feedback is welcome.
    • Currently we can recover when one of the protected rooms or watched lists becomes un-joinable, or the account data
      becomes corrupted.
    • If you have a monitoring or a pager system you may wish to review the configuration here. As it is possible to disable this feature.
  • Add a welcome flow to appservice mode by @MTRNord in #568

Changed

  • Skip calling /join for rooms we already know we are joined to, thanks to @TheArcaneBrony for reporting.
  • Start draupnir bots in batches when running in appservice mode by @MTRNord in #569

Fixed

  • !draupnir protections command has now been added back, thanks to @ll-SKY-ll for reporting.
    • This sort of bug shouldn't happen again as we added some code to detect when commands get forgotten.
  • Typos and broken links in the readme thanks to @ll-SKY-ll for reporting.
  • Harden MentionLimitProtection after Mjolnir's introduction of the protection by @Gnuxie in #574
  • Update the README with the status of the project. by @Gnuxie in #575

Screenshot

Screenshot_20241001_201303

Full Changelog: v2.0.0-beta.6...v2.0.0-beta.7

v2.0.0-beta.6

11 Sep 17:23
d3fe508
Compare
Choose a tag to compare
v2.0.0-beta.6 Pre-release
Pre-release

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

  • Draupnir now depends on a new library @the-draupnir-project/interface-manager for command parsing and rendering.
  • The kick command is fully functional again.
  • All other commands that were modified as a part of v2.0.0-beta.* should be a lot less buggy, please keep reporting bugs. We are in a much better position to be able to fix and unit test commands now.
    • The ban, unban, kick, watch and unwatch all have unit tests now in addition to existing integration tests.
  • The ban command will prompt for the ban reason again, reported by @FSG-Cat in #441.

Development changes

  • Replace dependabot with renovate by @Mikaela in #526
  • Enable strictPropertyInitialization in tsconfig.json. by @Gnuxie in #541
  • Update dependency express to v4.20.0 [SECURITY] by @renovatebot in #546
  • Update dependency body-parser to v1.20.3 [SECURITY] by @renovatebot in #543
  • Use @gnuxie/typescript-result's expect where applicable instead of throwing garbage. by @Gnuxie in #552

Full Changelog: v2.0.0-beta.5...v2.0.0-beta.6

v2.0.0-beta.5

26 Aug 11:48
272d109
Compare
Choose a tag to compare
v2.0.0-beta.5 Pre-release
Pre-release

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

  • Added a new experimental NewJoinerProtection, find the documentation here.
  • Added a new experimental MentionLimitProtection, find the documentation here.
  • Fix a bug in experimentalRustCrypto where sometimes Draupnir would crash sending an encrypted message before the bot had fully started. by @MTRNord in #512
  • Fix a bug where you couldn't create policy lists while signed in as the same user as the bot by @morguldir in #471.
  • Fix a bug where any protection using the StandardEventConsequences capability, such as the BasicFloodingProtection, would crash when being enabled. by @Gnuxie in #517
  • Add SBOM and Attestation to the Docker release process by @MTRNord in #477

Development changes

  • Add eslint to pre-commit by @Mikaela in #87
  • TypeCheck JSX expressions, children, and attributes ^-^ by @Gnuxie in #454
  • [Yarn Classic] Enable corepack & fix pre-commit run --all-files by @Mikaela in #472
  • Migrate to eslint-9 flat config, typescript 5, typescript-eslint strictTypeChecked by @Gnuxie in #476
  • Add prettier by @Gnuxie in #484
  • Update all headers to be reuse.software compliant by @Gnuxie in #486
  • Move to @the-draupnir-project/basic-matrix-types. by @Gnuxie in #508

New Contributors

Full Changelog: v2.0.0-beta.4...v2.0.0-beta.5

v2.0.0-beta.4

29 May 11:48
Compare
Choose a tag to compare
v2.0.0-beta.4 Pre-release
Pre-release

What's Changed

We have revised the setup documentation for moderators, introducing the moderator's guide. The new documentation website is now linked from both !draupnir status and !draupnir help. The website isn't complete yet and we're still working on it.

While creating the moderator's guide it was clear that a lot of users setting up Draupnir would much rather invite the bot through their client interface than use the !rooms add command.
So Draupnir will now prompt to protect rooms as it is invited to them
image

Full Changelog: v2.0.0-beta.3...v2.0.0-beta.4

v2.0.0-beta.3

06 May 17:03
Compare
Choose a tag to compare
v2.0.0-beta.3 Pre-release
Pre-release

What's Changed

Please see the notes for v2.0.0-beta.0 for a full list of changes.

Fixes for bugs introduced since v2.0.0-beta.0

New Contributors

Full Changelog: v2.0.0-beta.2...v2.0.0-beta.3

v2.0.0-beta.2

22 Apr 15:02
Compare
Choose a tag to compare
v2.0.0-beta.2 Pre-release
Pre-release

What's Changed

  • Make Draupnir refer to it self in help output by @FSG-Cat in #358
  • Stop MemberBanSynchronisationProtection reacting twice to some joins, reported by @mahdi1234
  • Stop capability renderers from showing consequences as failed when they were really OK, reported by @mahdi1234

Full Changelog: v2.0.0-beta.1...v2.0.0-beta.2

v2.0.0-beta.1

19 Apr 10:31
Compare
Choose a tag to compare
v2.0.0-beta.1 Pre-release
Pre-release

This is just a simple patch update on the previous prerelease with a couple of changes:

  • The startup complete message has returned and Draupnir will show the status command after starting.
  • It's now clearer if protections have failed to apply a consequence without drilling down into the <details> elements.

Please see the notes for v2.0.0-beta.0 for a full list of changes.

v2.0.0-beta.0

16 Apr 13:37
Compare
Choose a tag to compare
v2.0.0-beta.0 Pre-release
Pre-release

Process

We've now merged our changes to depend on the MPS (matrix-protection-suite). We're in the process of beta
testing v2.0.0 and this is the first of those pre-releases.

This release notes page is likely incomplete and will be updated
as more changes are uncovered or summarised.

What's Changed

  • Draupnir now uses MPS (matrix-protection-suite) to provide its core functionality.
  • Draupnir no longer requests components of room state when applying various actions, which should lead to a huge noticeable difference to Draupnir's responsiveness.
  • An optional RoomStateBackingStore has been added to improve startup time for instances that run against slow servers
    (e.g. matrix.org). Checkout the config description for it here.
  • New protections MemberBanSynchronisationProtection, ServerBanSynchronisationProtection, RedactionSynchronisationProtection, and PolicyChangeNotification.
    • These replace the core functionality for applying policies related to users, servers and redactions.
    • They will be enabled by default when you upgrade.
  • config.disableServerACL will disable the ServerBanSynchronisationProtection.
  • The joins, since, default, sync, protections status commands have all been removed for now.
  • The DetectFederationLag protection has been removed.
  • We have new contributing documentation.

Upgrade steps

There are no manual upgrade steps, the new protections are automatically enabled.
The only thing you should note is that if you notice that Draupnir is slow to startup, then you should enable the room state backing store

⚠️ Some configuration options may no longer be functioning (alternatives are pending)

  • config.noop will do nothing.
  • config.protectedRooms will also do nothing, and protected rooms need to be configured using !draupnir rooms add/remove.

Development Changes Summary

  • MPS now parses events sourced from /sync, appservice push, and
    other APIs for us, so no more any or unknown.
  • MPS provides us with string types for StringRoomID, StringEventID,
    and StringUserID. So no more mixing those up.
  • MPS provides us with an interface to immutable room state snapshots
    with the RoomStateRevisionIssuer and RoomStateRevision.
  • MPS provides PolicyRoomRevisionIssuer, PolicyRoomRevision,
    RoomMembershipRevisionIssuer, and RoomMembershipRevision to
    provide a convenient interface for listening to changes to
    room membership and policy rules.
  • MPS provides protections with new hooks:
    • handleTimelineEvent
    • handlePolicyChange
    • handleMembershipChange
    • handleStateChange
    • handleEventReport
    • handleProtectionDisable
  • Capability providers are introduced:
    • Each capability has an interface.
    • A CapabilityProvider constructs an instance, a Capability,
      that matches the matching capability interface.
  • Protections now carry out their effects through instances of
    Capability:
    • Each ProtectionDescription describes a capability set with
      their interfaces.
    • Each ProtectionDescription describes a default capability
      provider to use to fulfill the prior interface.
    • When a Protection is instantiated, capability providers can be
      swapped and replaced provided they match the same interface.
    • This means that you can extend or change the functionality
      of protections without changing the code of the protections.

Internal Changes

  • moved MatrixEmitter to matrix-protection-suite-for-matrix-bot-sdk and replaced with the SafeMatrixEmitter
  • moved ProtectedRoomsConfig to matrix-protection-suite and has been interfaced away from Mjolnir's account data.
  • moved ProtectedRoomsSet has been moved to matrix-protection-suite and now provides the fundamental event source for protections.
  • deleted RoomMembers and has not been completely replaced. In matrix-protection-suite there exists an alternative of SetMembership and RoomMembershipRevisions.
    • RoomMembers would only load members that had joined since Mjolnir had started, membership revisions have all members.
    • There is no API for finding when a member first joined the room, since this is a lot more complicated to do and I don't know yet if that
      is the right metric protections should use for finding if a user is new or not or participating.
  • moved AccessControlUnit to matrix-protection-suite, it no longer acts as a cache for rules though, PolicyRoomRevisions handle that instead.
  • moved ListRule to matrix-protections-suite as PolicyRule.
  • deleted PolicyList. Has been replaced by distinct components
    • PolicyRoomRevision: An immutable snapshot of policies in a room.
    • PolicyRoomRevisionIssuer: Creates PolicyRoomRevisions as room state changes and emits events to notify listeners.
    • PolicyRoomEditor: Edits policies in a policy room.
    • PolicyRoomManager: Provides and builds the issuers and editors.
  • deleted PolicyListManager. Has been replaced with PolicyListConfig in the matrix-protection-suite.
  • moved ServerACL to matrix-protection-suite, now called the ServerACLBuilder.
  • renamed Mjolnir to Draupnir.
    • Draupnir has far fewer responsibilities than Mjolnir, we have and are continuing to move as much functionality as possible to protections.
  • deleted RuleServer this was never used in production and we do not have access to the Synapse module it was written for, so it is impossible to maintain.
  • moved RoomUpdateError to the matrix-protection-suite.
  • moved several interface manager components to MPS:
    • CommandError and CommandException are now ActionError and ActionException.
    • MatrixRoomReference types are now sourced from the matrix-protection-suite.
    • There are new string types for StringUserID, StringRoomID and StringEventID.
  • deleted room directory commands
    • 76a58b6
    • It didn't seem like these ever worked with a Synapse admin API?
  • deleted joins and since commands:
    • joins depended on the API RoomMembers provided and we do not have a replacement for finding the join time.
    • They did not work as intended because they could only provide information for joins that happened while Draupnir
      was running.
    • If necessary, we could bring back an equivalent API that shows anyone with a top level membership of join
      as a recent joiner.
  • deleted default banlist command, as there is no place where we have a default list.
    • The implementation from Mjolnir stored this list as a "default shortcode" to find a list with, which is not great either.
  • deleted sync command
    • As all functionality that the sync command effected has now been moved to protections,
      the concept doesn't move across very well. There might be a replacement in future if it makes sense.
  • deleted DetectFederationLag this is a pretty huge protection 4b41541
    • It can be brought back in the future, there is not time to make it work and it never did work as intended.
    • It is a shame because it was a bold piece of work.
  • deleted protections status <protection> command.
    • There needs to be some thought about how to give protections their own commands.
    • fc163ed
    • 4110b62
  • ? verify permissions command may or may not be working?
  • moved all remaining commands to use the interface manager introduced in v1.80.0.
  • deleted Mjolnir's ProtectionManager as it has been made redundant in MPS.
  • replaced consequences. The same functionality is now provided by CapabilityProviders.
  • deleted AppServiceBotEmitter. No code uses emitters anymore.
  • added DraupnirFactory:
    • This uses matrix-protetion-suite's ClientsInRoomsMap and RoomStateManagerFactory to create Draupnir.
  • delted MjolnirManager:
    • Now depends on a DraupnirManager and AppserviceDraupnirManager which have smaller and cleaner implementations.
  • added <span> to DeadDocument
  • enabled Member/ServerBanSynchronisation protections by default
  • added RoomStateBackingStore.
  • pass config.disableServerACL to ServerBanSynchronisationProtection
  • added PolicyChangeNotificationProtection

Full Changelog: v1.87.0...v2.0.0-beta.0