Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

MSC3823: Account Suspension #3823

Open
wants to merge 6 commits into
base: main
Choose a base branch
from

Conversation

Yoric
Copy link

@Yoric Yoric commented May 23, 2022

@Yoric Yoric changed the title New MSC: A code for account suspension MSC: A code for account suspension May 23, 2022
Signed-off-by: David Teller <davidt@element.io>
@turt2live turt2live changed the title MSC: A code for account suspension MSC3823: A code for account suspension May 23, 2022
@turt2live turt2live added proposal A matrix spec change proposal client-server Client-Server API kind:maintenance MSC which clarifies/updates existing spec needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. labels May 23, 2022
proposals/3823-code-for-account-suspension.md Outdated Show resolved Hide resolved
Co-authored-by: Travis Ralston <travpc@gmail.com>
Fizzadar added a commit to Fizzadar/synapse that referenced this pull request Jun 15, 2022
Synapse 1.61.0 (2022-06-14)
===========================

This release removes support for the non-standard feature known both as 'groups' and as 'communities', which have been superseded by *Spaces*.

See [the upgrade notes](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#upgrading-to-v1610)
for more details.

Improved Documentation
----------------------

- Mention removed community/group worker endpoints in [upgrade.md](https://github.com/matrix-org/synapse/blob/develop/docs/upgrade.md#upgrading-to-v1610s). Contributed by @olmari. ([\matrix-org#13023](matrix-org#13023))

Synapse 1.61.0rc1 (2022-06-07)
==============================

Features
--------

- Add new `media_retention` options to the homeserver config for routinely cleaning up non-recently accessed media. ([\matrix-org#12732](matrix-org#12732), [\matrix-org#12972](matrix-org#12972), [\matrix-org#12977](matrix-org#12977))
- Experimental support for [MSC3772](matrix-org/matrix-spec-proposals#3772): Push rule for mutually related events. ([\matrix-org#12740](matrix-org#12740), [\matrix-org#12859](matrix-org#12859))
- Update to the `check_event_for_spam` module callback: Deprecate the current callback signature, replace it with a new signature that is both less ambiguous (replacing booleans with explicit allow/block) and more powerful (ability to return explicit error codes). ([\matrix-org#12808](matrix-org#12808))
- Add storage and module API methods to get monthly active users (and their corresponding appservices) within an optionally specified time range. ([\matrix-org#12838](matrix-org#12838), [\matrix-org#12917](matrix-org#12917))
- Support the new error code `ORG.MATRIX.MSC3823.USER_ACCOUNT_SUSPENDED` from [MSC3823](matrix-org/matrix-spec-proposals#3823). ([\matrix-org#12845](matrix-org#12845), [\matrix-org#12923](matrix-org#12923))
- Add a configurable background job to delete stale devices. ([\matrix-org#12855](matrix-org#12855))
- Improve URL previews for pages with empty elements. ([\matrix-org#12951](matrix-org#12951))
- Allow updating a user's password using the admin API without logging out their devices. Contributed by @jcgruenhage. ([\matrix-org#12952](matrix-org#12952))

Bugfixes
--------

- Always send an `access_token` in `/thirdparty/` requests to appservices, as required by the [Application Service API specification](https://spec.matrix.org/v1.1/application-service-api/#third-party-networks). ([\matrix-org#12746](matrix-org#12746))
- Implement [MSC3816](matrix-org/matrix-spec-proposals#3816): sending the root event in a thread should count as having 'participated' in it. ([\matrix-org#12766](matrix-org#12766))
- Delete events from the `federation_inbound_events_staging` table when a room is purged through the admin API. ([\matrix-org#12784](matrix-org#12784))
- Fix a bug where we did not correctly handle invalid device list updates over federation. Contributed by Carl Bordum Hansen. ([\matrix-org#12829](matrix-org#12829))
- Fix a bug which allowed multiple async operations to access database locks concurrently. Contributed by @sumnerevans @ Beeper. ([\matrix-org#12832](matrix-org#12832))
- Fix an issue introduced in Synapse 0.34 where the `/notifications` endpoint would only return notifications if a user registered at least one pusher. Contributed by Famedly. ([\matrix-org#12840](matrix-org#12840))
- Fix a bug where servers using a Postgres database would fail to backfill from an insertion event when MSC2716 is enabled (`experimental_features.msc2716_enabled`). ([\matrix-org#12843](matrix-org#12843))
- Fix [MSC3787](matrix-org/matrix-spec-proposals#3787) rooms being omitted from room directory, room summary and space hierarchy responses. ([\matrix-org#12858](matrix-org#12858))
- Fix a bug introduced in Synapse 1.54.0 which could sometimes cause exceptions when handling federated traffic. ([\matrix-org#12877](matrix-org#12877))
- Fix a bug introduced in Synapse 1.59.0 which caused room deletion to fail with a foreign key violation error. ([\matrix-org#12889](matrix-org#12889))
- Fix a long-standing bug which caused the `/messages` endpoint to return an incorrect `end` attribute when there were no more events. Contributed by @Vetchu. ([\matrix-org#12903](matrix-org#12903))
- Fix a bug introduced in Synapse 1.58.0 where `/sync` would fail if the most recent event in a room was a redaction of an event that has since been purged. ([\matrix-org#12905](matrix-org#12905))
- Fix a potential memory leak when generating thumbnails. ([\matrix-org#12932](matrix-org#12932))
- Fix a long-standing bug where a URL preview would break if the image failed to download. ([\matrix-org#12950](matrix-org#12950))

Improved Documentation
----------------------

- Fix typographical errors in documentation. ([\matrix-org#12863](matrix-org#12863))
- Fix documentation incorrectly stating the `sendToDevice` endpoint can be directed at generic workers. Contributed by Nick @ Beeper. ([\matrix-org#12867](matrix-org#12867))

Deprecations and Removals
-------------------------

- Remove support for the non-standard groups/communities feature from Synapse. ([\matrix-org#12553](matrix-org#12553), [\matrix-org#12558](matrix-org#12558), [\matrix-org#12563](matrix-org#12563), [\matrix-org#12895](matrix-org#12895), [\matrix-org#12897](matrix-org#12897), [\matrix-org#12899](matrix-org#12899), [\matrix-org#12900](matrix-org#12900), [\matrix-org#12936](matrix-org#12936), [\matrix-org#12966](matrix-org#12966))
- Remove contributed `kick_users.py` script. This is broken under Python 3, and is not added to the environment when `pip install`ing Synapse. ([\matrix-org#12908](matrix-org#12908))
- Remove `contrib/jitsimeetbridge`. This was an unused experiment that hasn't been meaningfully changed since 2014. ([\matrix-org#12909](matrix-org#12909))
- Remove unused `contrib/experiements/cursesio.py` script, which fails to run under Python 3. ([\matrix-org#12910](matrix-org#12910))
- Remove unused `contrib/experiements/test_messaging.py` script. This fails to run on Python 3. ([\matrix-org#12911](matrix-org#12911))

Internal Changes
----------------

- Test Synapse against Complement with workers. ([\matrix-org#12810](matrix-org#12810), [\matrix-org#12933](matrix-org#12933))
- Reduce the amount of state we pull from the DB. ([\matrix-org#12811](matrix-org#12811), [\matrix-org#12964](matrix-org#12964))
- Try other homeservers when re-syncing state for rooms with partial state. ([\matrix-org#12812](matrix-org#12812))
- Resume state re-syncing for rooms with partial state after a Synapse restart. ([\matrix-org#12813](matrix-org#12813))
- Remove Mutual Rooms' ([MSC2666](matrix-org/matrix-spec-proposals#2666)) endpoint dependency on the User Directory. ([\matrix-org#12836](matrix-org#12836))
- Experimental: expand `check_event_for_spam` with ability to return additional fields. This enables spam-checker implementations to experiment with mechanisms to give users more information about why they are blocked and whether any action is needed from them to be unblocked. ([\matrix-org#12846](matrix-org#12846))
- Remove `dont_notify` from the `.m.rule.room.server_acl` rule. ([\matrix-org#12849](matrix-org#12849))
- Remove the unstable `/hierarchy` endpoint from [MSC2946](matrix-org/matrix-spec-proposals#2946). ([\matrix-org#12851](matrix-org#12851))
- Pull out less state when handling gaps in room DAG. ([\matrix-org#12852](matrix-org#12852), [\matrix-org#12904](matrix-org#12904))
- Clean-up the push rules datastore. ([\matrix-org#12856](matrix-org#12856))
- Correct a type annotation in the URL preview source code. ([\matrix-org#12860](matrix-org#12860))
- Update `pyjwt` dependency to [2.4.0](https://github.com/jpadilla/pyjwt/releases/tag/2.4.0). ([\matrix-org#12865](matrix-org#12865))
- Enable the `/account/whoami` endpoint on synapse worker processes. Contributed by Nick @ Beeper. ([\matrix-org#12866](matrix-org#12866))
- Enable the `batch_send` endpoint on synapse worker processes. Contributed by Nick @ Beeper. ([\matrix-org#12868](matrix-org#12868))
- Don't generate empty AS transactions when the AS is flagged as down. Contributed by Nick @ Beeper. ([\matrix-org#12869](matrix-org#12869))
- Fix up the variable `state_store` naming. ([\matrix-org#12871](matrix-org#12871))
- Faster room joins: when querying the current state of the room, wait for state to be populated. ([\matrix-org#12872](matrix-org#12872))
- Avoid running queries which will never result in deletions. ([\matrix-org#12879](matrix-org#12879))
- Use constants for EDU types. ([\matrix-org#12884](matrix-org#12884))
- Reduce database load of `/sync` when presence is enabled. ([\matrix-org#12885](matrix-org#12885))
- Refactor `have_seen_events` to reduce memory consumed when processing federation traffic. ([\matrix-org#12886](matrix-org#12886))
- Refactor receipt linearization code. ([\matrix-org#12888](matrix-org#12888))
- Add type annotations to `synapse.logging.opentracing`. ([\matrix-org#12894](matrix-org#12894))
- Remove PyNaCl occurrences directly used in Synapse code. ([\matrix-org#12902](matrix-org#12902))
- Bump types-jsonschema from 4.4.1 to 4.4.6. ([\matrix-org#12912](matrix-org#12912))
- Rename storage classes. ([\matrix-org#12913](matrix-org#12913))
- Preparation for database schema simplifications: stop reading from `event_edges.room_id`. ([\matrix-org#12914](matrix-org#12914))
- Check if we are in a virtual environment before overriding the `PYTHONPATH` environment variable in the demo script. ([\matrix-org#12916](matrix-org#12916))
- Improve the logging when signature checks on events fail. ([\matrix-org#12925](matrix-org#12925))

# -----BEGIN PGP SIGNATURE-----
#
# iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmKoaa0QHGVyaWtAbWF0
# cml4Lm9yZwAKCRClQuTtGw+sCVn3B/sF8hdhrZ7hWW40ST3eG9cEKNFrj/xZXiaI
# zho3ryrxaQF68BSKot15AvZSprEdwBXWrb8WeTjyw+QH7vTKrCQDZ0p7qubn10Z7
# BuKq9hyYjyCLjBZrgy8d4U3Y8gsSByuO59YKHNLn+UTJLOs5GTH8Wprwh4mpU3Jl
# +o+cC+lMSVcyZij2hihFymcSxWq/I9WL0dsjRif8x0BUQwRXwmXc6+mhlgLBe2Zs
# 2dUouzJ8NVZcjfWvsg4noXPrNQ/IiyCVZlSIgaDftDIxVSPk5/rXiUUNex8Tn1+I
# TnOgnXhpOQD1vwVGYS8LrcfA0ubSili7xUJ8k2e5TkCjpkaVnYNu
# =q+7N
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Jun 14 11:57:49 2022 BST
# gpg:                using RSA key 053191DFF4670330465227F7A542E4ED1B0FAC09
# gpg:                issuer "erik@matrix.org"
# gpg: WARNING: server 'dirmngr' is older than us (2.2.34 < 2.3.6)
# gpg: Note: Outdated servers may lack important security fixes.
# gpg: Note: Use the command "gpgconf --kill all" to restart them.
# gpg: Can't check signature: No public key

# Conflicts:
#	docs/workers.md
#	synapse/handlers/message.py
#	synapse/handlers/pagination.py
#	synapse/push/bulk_push_rule_evaluator.py
#	synapse/push/push_rule_evaluator.py
#	synapse/rest/client/receipts.py
#	synapse/storage/databases/main/appservice.py
#	tests/push/test_push_rule_evaluator.py
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jun 16, 2022
Upstream NEWS, less bugfixes and minor improvements:

Synapse 1.61.0 (2022-06-14)
===========================

This release removes support for the non-standard feature known both as 'groups' and as 'communities', which have been superseded by *Spaces*.

Synapse 1.61.0rc1 (2022-06-07)
==============================

Features
--------

- Add new `media_retention` options to the homeserver config for routinely cleaning up non-recently accessed media. ([\#12732](matrix-org/synapse#12732), [\#12972](matrix-org/synapse#12972), [\#12977](matrix-org/synapse#12977))
- Experimental support for [MSC3772](matrix-org/matrix-spec-proposals#3772): Push rule for mutually related events. ([\#12740](matrix-org/synapse#12740), [\#12859](matrix-org/synapse#12859))
- Update to the `check_event_for_spam` module callback: Deprecate the current callback signature, replace it with a new signature that is both less ambiguous (replacing booleans with explicit allow/block) and more powerful (ability to return explicit error codes). ([\#12808](matrix-org/synapse#12808))
- Add storage and module API methods to get monthly active users (and their corresponding appservices) within an optionally specified time range. ([\#12838](matrix-org/synapse#12838), [\#12917](matrix-org/synapse#12917))
- Support the new error code `ORG.MATRIX.MSC3823.USER_ACCOUNT_SUSPENDED` from [MSC3823](matrix-org/matrix-spec-proposals#3823). ([\#12845](matrix-org/synapse#12845), [\#12923](matrix-org/synapse#12923))
- Add a configurable background job to delete stale devices. ([\#12855](matrix-org/synapse#12855))
- Allow updating a user's password using the admin API without logging out their devices. Contributed by @jcgruenhage. ([\#12952](matrix-org/synapse#12952))


Deprecations and Removals
-------------------------

- Remove support for the non-standard groups/communities feature from Synapse. ([\#12553](matrix-org/synapse#12553), [\#12558](matrix-org/synapse#12558), [\#12563](matrix-org/synapse#12563), [\#12895](matrix-org/synapse#12895), [\#12897](matrix-org/synapse#12897), [\#12899](matrix-org/synapse#12899), [\#12900](matrix-org/synapse#12900), [\#12936](matrix-org/synapse#12936), [\#12966](matrix-org/synapse#12966))
- Remove contributed `kick_users.py` script. This is broken under Python 3, and is not added to the environment when `pip install`ing Synapse. ([\#12908](matrix-org/synapse#12908))



Synapse 1.60.0 (2022-05-31)
===========================

This release of Synapse adds a unique index to the `state_group_edges` table, in
order to prevent accidentally introducing duplicate information (for example,
because a database backup was restored multiple times). If your Synapse database
already has duplicate rows in this table, this could fail with an error and
require manual remediation.

Additionally, the signature of the `check_event_for_spam` module callback has changed.
The previous signature has been deprecated and remains working for now. Module authors
should update their modules to use the new signature where possible.


Synapse 1.60.0rc2 (2022-05-27)
==============================

Features
--------

- Add an option allowing users to use their password to reauthenticate for privileged actions even though password login is disabled. ([\#12883](matrix-org/synapse#12883))


Synapse 1.60.0rc1 (2022-05-24)
==============================

Features
--------

- Measure the time taken in spam-checking callbacks and expose those measurements as metrics. ([\#12513](matrix-org/synapse#12513))
- Add a `default_power_level_content_override` config option to set default room power levels per room preset. ([\#12618](matrix-org/synapse#12618))
- Add support for [MSC3787: Allowing knocks to restricted rooms](matrix-org/matrix-spec-proposals#3787). ([\#12623](matrix-org/synapse#12623))
- Send `USER_IP` commands on a different Redis channel, in order to reduce traffic to workers that do not process these commands. ([\#12672](matrix-org/synapse#12672), [\#12809](matrix-org/synapse#12809))
- Synapse will now reload [cache config](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#caching) when it receives a [SIGHUP](https://en.wikipedia.org/wiki/SIGHUP) signal. ([\#12673](matrix-org/synapse#12673))
- Add a config options to allow for auto-tuning of caches. ([\#12701](matrix-org/synapse#12701))
- Update [MSC2716](matrix-org/matrix-spec-proposals#2716) implementation to process marker events from the current state to avoid markers being lost in timeline gaps for federated servers which would cause the imported history to be undiscovered. ([\#12718](matrix-org/synapse#12718))
- Add a `drop_federated_event` callback to `SpamChecker` to disregard inbound federated events before they take up much processing power, in an emergency. ([\#12744](matrix-org/synapse#12744))
- Implement [MSC3818: Copy room type on upgrade](matrix-org/matrix-spec-proposals#3818). ([\#12786](matrix-org/synapse#12786), [\#12792](matrix-org/synapse#12792))
- Update to the `check_event_for_spam` module callback. Deprecate the current callback signature, replace it with a new signature that is both less ambiguous (replacing booleans with explicit allow/block) and more powerful (ability to return explicit error codes). ([\#12808](matrix-org/synapse#12808))


Deprecations and Removals
-------------------------

- Require a body in POST requests to `/rooms/{roomId}/receipt/{receiptType}/{eventId}`, as required by the [Matrix specification](https://spec.matrix.org/v1.2/client-server-api/#post_matrixclientv3roomsroomidreceiptreceipttypeeventid). This breaks compatibility with Element Android 1.2.0 and earlier: users of those clients will be unable to send read receipts. ([\#12709](matrix-org/synapse#12709))



Synapse 1.59.1 (2022-05-18)
===========================

This release fixes a long-standing issue which could prevent Synapse's user directory for updating properly.


Synapse 1.59.0 (2022-05-17)
===========================

Synapse 1.59 makes several changes that server administrators should be aware of:

- Device name lookup over federation is now disabled by default. ([\#12616](matrix-org/synapse#12616))
- The `synapse.app.appservice` and `synapse.app.user_dir` worker application types are now deprecated. ([\#12452](matrix-org/synapse#12452), [\#12654](matrix-org/synapse#12654))

Additionally, this release removes the non-standard `m.login.jwt` login type from Synapse. It can be replaced with `org.matrix.login.jwt` for identical behaviour. This is only used if `jwt_config.enabled` is set to `true` in the configuration. ([\#12597](matrix-org/synapse#12597))


Synapse 1.59.0rc2 (2022-05-16)
==============================


Synapse 1.59.0rc1 (2022-05-10)
==============================

Features
--------

- Support [MSC3266](matrix-org/matrix-spec-proposals#3266) room summaries over federation. ([\#11507](matrix-org/synapse#11507))
- Implement [changes](matrix-org/matrix-spec-proposals@4a77139) to [MSC2285 (hidden read receipts)](matrix-org/matrix-spec-proposals#2285). Contributed by @SimonBrandner. ([\#12168](matrix-org/synapse#12168), [\#12635](matrix-org/synapse#12635), [\#12636](matrix-org/synapse#12636), [\#12670](matrix-org/synapse#12670))
- Extend the [module API](https://github.com/matrix-org/synapse/blob/release-v1.59/synapse/module_api/__init__.py) to allow modules to change actions for existing push rules of local users. ([\#12406](matrix-org/synapse#12406))
- Add the `notify_appservices_from_worker` configuration option (superseding `notify_appservices`) to allow a generic worker to be designated as the worker to send traffic to Application Services. ([\#12452](matrix-org/synapse#12452))
- Add the `update_user_directory_from_worker` configuration option (superseding `update_user_directory`) to allow a generic worker to be designated as the worker to update the user directory. ([\#12654](matrix-org/synapse#12654))
- Add new `enable_registration_token_3pid_bypass` configuration option to allow registrations via token as an alternative to verifying a 3pid. ([\#12526](matrix-org/synapse#12526))
- Implement [MSC3786](matrix-org/matrix-spec-proposals#3786): Add a default push rule to ignore `m.room.server_acl` events. ([\#12601](matrix-org/synapse#12601))
- Add new `mau_appservice_trial_days` configuration option to specify a different trial period for users registered via an appservice. ([\#12619](matrix-org/synapse#12619))


Deprecations and Removals
-------------------------

- Remove unstable identifiers from [MSC3069](matrix-org/matrix-spec-proposals#3069). ([\#12596](matrix-org/synapse#12596))
- Remove the unspecified `m.login.jwt` login type and the unstable `uk.half-shot.msc2778.login.application_service` from
  [MSC2778](matrix-org/matrix-spec-proposals#2778). ([\#12597](matrix-org/synapse#12597))
- Synapse now requires at least Python 3.7.1 (up from 3.7.0), for compatibility with the latest Twisted trunk. ([\#12613](matrix-org/synapse#12613))
Copy link
Contributor

@dklimpel dklimpel left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Only typos

proposals/3823-code-for-account-suspension.md Outdated Show resolved Hide resolved
proposals/3823-code-for-account-suspension.md Outdated Show resolved Hide resolved
@turt2live
Copy link
Member

@Yoric I am assuming you're not in a position to continue working on this, so am looking to modernize it for today's MSC requirements. Implementation is expected to take place soon, possibly part of Matrix 1.11's release cycle.

Disclosure: this is being done with my Element T&S hat in service of the Foundation, like #3939 (comment)

Co-authored-by: Dirk Klimpel <5740567+dklimpel@users.noreply.github.com>
@turt2live turt2live changed the title MSC3823: A code for account suspension MSC3823: Account Suspension Mar 26, 2024
* Add list of permitted/forbidden actions
* Remove `href` from error code - this will be handled in a later MSC
* Match modern template
@turt2live
Copy link
Member

I've updated this to match a modern template, and removed href from the proposal text. In a future MSC, the T&S team will be proposing a way to inform the user of actions taken against their account, and an appeals system - we'll pick up href then, as needed.

I've also added a set of permitted/forbidden actions a user can take while suspended. This is based upon the T&S team's current research in the area as it applies to regulatory/legislation compliance.

@turt2live turt2live dismissed their stale review March 26, 2024 02:42

clearing - taking on an author role

Copy link
Member

@turt2live turt2live May 1, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Implementation requirements:

Copy link
Member

@turt2live turt2live Sep 30, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The client implementation requirement has been questioned a bit - I think for this MSC, evidence of clients not exploding would be fine. The list won't be exhaustive or fully representative of the ecosystem, but would indicate the typical user experience.

Specifically, I think the following clients need to be tested with a suspended account:

  • Element Web
  • Element X (iOS or Android, or both)
  • Cinny
  • FluffyChat
  • Nheko

"Exploding" would be defined as the user being logged out, or otherwise unable to interact with their account. Failing to show the error message ("your account is suspended") is fine, but bonus points to the client if it makes it clear to the user. If the user can (minimally) interact with their rooms without being kicked to an error screen or login page, the client "works", even if clunky.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This testing has been completed by the T&S team at the Foundation. Results are compiled here: https://docs.google.com/document/d/1oTVKRLHCc6x4iYti8bkhRN3YbBO29oAjqmZE-mj-xXY/edit?usp=sharing

TLDR: The above-listed clients all passed, but a few had some weird-ish errors/rough edges. With my SCT hat, I don't think these rough edges are blockers for merging.

yingziwu added a commit to yingziwu/synapse that referenced this pull request May 15, 2024
Synapse 1.107.0 (2024-05-14)
============================

No significant changes since 1.107.0rc1.

- Add preliminary support for [MSC3823: Account Suspension](matrix-org/matrix-spec-proposals#3823). ([\#17051](element-hq/synapse#17051))
- Declare support for [Matrix v1.10](https://matrix.org/blog/2024/03/22/matrix-v1.10-release/). Contributed by @clokep. ([\#17082](element-hq/synapse#17082))
- Add support for [MSC4115: membership metadata on events](matrix-org/matrix-spec-proposals#4115). ([\#17104](element-hq/synapse#17104), [\#17137](element-hq/synapse#17137))

- Fixed search feature of Element Android on homesevers using SQLite by returning search terms as search highlights. ([\#17000](element-hq/synapse#17000))
- Fixes a bug introduced in v1.52.0 where the `destination` query parameter for the  [Destination Rooms Admin API](https://element-hq.github.io/synapse/v1.105/usage/administration/admin_api/federation.html#destination-rooms) failed to actually filter returned rooms. ([\#17077](element-hq/synapse#17077))
- For MSC3266 room summaries, support queries at the recommended endpoint of `/_matrix/client/unstable/im.nheko.summary/summary/{roomIdOrAlias}`. The existing endpoint of `/_matrix/client/unstable/im.nheko.summary/rooms/{roomIdOrAlias}/summary` is deprecated. ([\#17078](element-hq/synapse#17078))
- Apply user email & picture during OIDC registration if present & selected. ([\#17120](element-hq/synapse#17120))
- Improve error message for cross signing reset with [MSC3861](matrix-org/matrix-spec-proposals#3861) enabled. ([\#17121](element-hq/synapse#17121))
- Fix a bug which meant that to-device messages received over federation could be dropped when the server was under load or networking problems caused problems between Synapse processes or the database. ([\#17127](element-hq/synapse#17127))
- Fix bug where `StreamChangeCache` would not respect configured cache factors. ([\#17152](element-hq/synapse#17152))

- Correct licensing metadata on Docker image. ([\#17141](element-hq/synapse#17141))

- Update the `event_cache_size` and `global_factor` configuration options' documentation. ([\#17071](element-hq/synapse#17071))
- Remove broken sphinx docs. ([\#17073](element-hq/synapse#17073), [\#17148](element-hq/synapse#17148))
- Add RuntimeDirectory to example matrix-synapse.service systemd unit. ([\#17084](element-hq/synapse#17084))
- Fix various small typos throughout the docs. ([\#17114](element-hq/synapse#17114))
- Update enable_notifs configuration documentation. ([\#17116](element-hq/synapse#17116))
- Update the Upgrade Notes with the latest minimum supported Rust version of 1.66.0. Contributed by @jahway603. ([\#17140](element-hq/synapse#17140))

- Enable [MSC3266](matrix-org/matrix-spec-proposals#3266) by default in the Synapse Complement image. ([\#17105](element-hq/synapse#17105))
- Add optimisation to `StreamChangeCache.get_entities_changed(..)`. ([\#17130](element-hq/synapse#17130))

* Bump furo from 2024.1.29 to 2024.4.27. ([\#17133](element-hq/synapse#17133))
* Bump idna from 3.6 to 3.7. ([\#17136](element-hq/synapse#17136))
* Bump jsonschema from 4.21.1 to 4.22.0. ([\#17157](element-hq/synapse#17157))
* Bump lxml from 5.1.0 to 5.2.1. ([\#17158](element-hq/synapse#17158))
* Bump phonenumbers from 8.13.29 to 8.13.35. ([\#17106](element-hq/synapse#17106))
- Bump pillow from 10.2.0 to 10.3.0. ([\#17146](element-hq/synapse#17146))
* Bump pydantic from 2.6.4 to 2.7.0. ([\#17107](element-hq/synapse#17107))
* Bump pydantic from 2.7.0 to 2.7.1. ([\#17160](element-hq/synapse#17160))
* Bump pyicu from 2.12 to 2.13. ([\#17109](element-hq/synapse#17109))
* Bump serde from 1.0.197 to 1.0.198. ([\#17111](element-hq/synapse#17111))
* Bump serde from 1.0.198 to 1.0.199. ([\#17132](element-hq/synapse#17132))
* Bump serde from 1.0.199 to 1.0.200. ([\#17161](element-hq/synapse#17161))
* Bump serde_json from 1.0.115 to 1.0.116. ([\#17112](element-hq/synapse#17112))
- Update `tornado` Python dependency from 6.2 to 6.4. ([\#17131](element-hq/synapse#17131))
* Bump twisted from 23.10.0 to 24.3.0. ([\#17135](element-hq/synapse#17135))
* Bump types-bleach from 6.1.0.1 to 6.1.0.20240331. ([\#17110](element-hq/synapse#17110))
* Bump types-pillow from 10.2.0.20240415 to 10.2.0.20240423. ([\#17159](element-hq/synapse#17159))
* Bump types-setuptools from 69.0.0.20240125 to 69.5.0.20240423. ([\#17134](element-hq/synapse#17134))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Jun 18, 2024
# Synapse 1.109.0 (2024-06-18)

- Add the ability to auto-accept invites on the behalf of users. See
  the
  [`auto_accept_invites`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#auto-accept-invites)
  config option for
  details. ([\#17147](element-hq/synapse#17147))

- Add experimental
  [MSC3575](matrix-org/matrix-spec-proposals#3575)
  Sliding Sync `/sync/e2ee` endpoint for to-device messages and device
  encryption
  info. ([\#17167](element-hq/synapse#17167))

- Support
  [MSC3916](matrix-org/matrix-spec-proposals#3916)
  by adding unstable media endpoints to
  `/_matrix/client`. ([\#17213](element-hq/synapse#17213))

- Add logging to tasks managed by the task scheduler, showing CPU and
  database
  usage. ([\#17219](element-hq/synapse#17219))


# Synapse 1.108.0 (2024-05-28)

- Add a feature that allows clients to query the configured federation
  whitelist. Disabled by
  default. ([\#16848](element-hq/synapse#16848),
  [\#17199](element-hq/synapse#17199))

- Add the ability to allow numeric user IDs with a specific prefix
  when in the CAS flow. Contributed by Aurélien
  Grimpard. ([\#17098](element-hq/synapse#17098))


Synapse 1.107.0 (2024-05-14)

- Add preliminary support for [MSC3823: Account
  Suspension](matrix-org/matrix-spec-proposals#3823).
  ([\#17051](element-hq/synapse#17051))

- Declare support for [Matrix
  v1.10](https://matrix.org/blog/2024/03/22/matrix-v1.10-release/). Contributed
  by
  @clokep. ([\#17082](element-hq/synapse#17082))

- Add support for [MSC4115: membership metadata on
  events](matrix-org/matrix-spec-proposals#4115).
  ([\#17104](element-hq/synapse#17104),
  [\#17137](element-hq/synapse#17137))


# Synapse 1.106.0 (2024-04-30)

- Send an email if the address is already bound to an user
  account. ([\#16819](element-hq/synapse#16819))

- Implement the rendezvous mechanism described by
  [MSC4108](matrix-org/matrix-spec-proposals#4108).
  ([\#17056](element-hq/synapse#17056))

- Support delegating the rendezvous mechanism described
  [MSC4108](matrix-org/matrix-spec-proposals#4108)
  to an external
  implementation. ([\#17086](element-hq/synapse#17086))
yingziwu added a commit to yingziwu/synapse that referenced this pull request Jul 4, 2024
No significant changes since 1.110.0rc3.

- Fix bug where `/sync` requests could get blocked indefinitely after an upgrade from Synapse versions before v1.109.0. ([\#17386](element-hq/synapse#17386), [\#17391](element-hq/synapse#17391))

- Limit size of presence EDUs to 50 entries. ([\#17371](element-hq/synapse#17371))
- Fix building debian package for debian sid. ([\#17389](element-hq/synapse#17389))

- Fix uploading packages to PyPi. ([\#17363](element-hq/synapse#17363))

- Add initial implementation of an experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17187](element-hq/synapse#17187))
- Add experimental support for [MSC3823](matrix-org/matrix-spec-proposals#3823) - Account suspension. ([\#17255](element-hq/synapse#17255))
- Improve ratelimiting in Synapse. ([\#17256](element-hq/synapse#17256))
- Add support for the unstable [MSC4151](matrix-org/matrix-spec-proposals#4151) report room API. ([\#17270](element-hq/synapse#17270), [\#17296](element-hq/synapse#17296))
- Filter for public and empty rooms added to Admin-API [List Room API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#list-room-api). ([\#17276](element-hq/synapse#17276))
- Add `is_dm` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17277](element-hq/synapse#17277))
- Add `is_encrypted` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17281](element-hq/synapse#17281))
- Include user membership in events served to clients, per [MSC4115](matrix-org/matrix-spec-proposals#4115). ([\#17282](element-hq/synapse#17282))
- Do not require user-interactive authentication for uploading cross-signing keys for the first time, per [MSC3967](matrix-org/matrix-spec-proposals#3967). ([\#17284](element-hq/synapse#17284))
- Add `stream_ordering` sort to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17293](element-hq/synapse#17293))
- `register_new_matrix_user` now supports a --password-file flag, which
  is useful for scripting. ([\#17294](element-hq/synapse#17294))
- `register_new_matrix_user` now supports a --exists-ok flag to allow registration of users that already exist in the database.
  This is useful for scripts that bootstrap user accounts with initial passwords. ([\#17304](element-hq/synapse#17304))
- Add support for via query parameter from [MSC4156](matrix-org/matrix-spec-proposals#4156). ([\#17322](element-hq/synapse#17322))
- Add `is_invite` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17335](element-hq/synapse#17335))
- Support [MSC3916](https://github.com/matrix-org/matrix-spec-proposals/blob/rav/authentication-for-media/proposals/3916-authentication-for-media.md) by adding a federation /download endpoint. ([\#17350](element-hq/synapse#17350))

- Fix searching for users with their exact localpart whose ID includes a hyphen. ([\#17254](element-hq/synapse#17254))
- Fix wrong retention policy being used when filtering events. ([\#17272](element-hq/synapse#17272))
- Fix bug where OTKs were not always included in `/sync` response when using workers. ([\#17275](element-hq/synapse#17275))
- Fix a long-standing bug where an invalid 'from' parameter to [`/notifications`](https://spec.matrix.org/v1.10/client-server-api/#get_matrixclientv3notifications) would result in an Internal Server Error. ([\#17283](element-hq/synapse#17283))
- Fix edge case in `/sync` returning the wrong the state when using sharded event persisters. ([\#17295](element-hq/synapse#17295))
- Add initial implementation of an experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17301](element-hq/synapse#17301))
- Fix email notification subject when invited to a space. ([\#17336](element-hq/synapse#17336))

- Add missing quotes for example for `exclude_rooms_from_sync`. ([\#17308](element-hq/synapse#17308))
- Update header in the README to visually fix the the auto-generated table of contents. ([\#17329](element-hq/synapse#17329))
- Fix stale references to the Foundation's Security Disclosure Policy. ([\#17341](element-hq/synapse#17341))
- Add default values for `rc_invites.per_issuer` to docs. ([\#17347](element-hq/synapse#17347))
- Fix an error in the docs for `search_all_users` parameter under `user_directory`. ([\#17348](element-hq/synapse#17348))

- Remove unused `expire_access_token` option in the Synapse Docker config file. Contributed by @AaronDewes. ([\#17198](element-hq/synapse#17198))
- Use fully-qualified `PersistedEventPosition` when returning `RoomsForUser` to facilitate proper comparisons and `RoomStreamToken` generation. ([\#17265](element-hq/synapse#17265))
- Add debug logging for when room keys are uploaded, including whether they are replacing other room keys. ([\#17266](element-hq/synapse#17266))
- Handle OTK uploads off master. ([\#17271](element-hq/synapse#17271))
- Don't try and resync devices for remote users whose servers are marked as down. ([\#17273](element-hq/synapse#17273))
- Re-organize Pydantic models and types used in handlers. ([\#17279](element-hq/synapse#17279))
- Expose the worker instance that persisted the event on `event.internal_metadata.instance_name`. ([\#17300](element-hq/synapse#17300))
- Update the README with Element branding, improve headers and fix the #synapse:matrix.org support room link rendering. ([\#17324](element-hq/synapse#17324))
- Change path of the experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync implementation to `/org.matrix.simplified_msc3575/sync` since our simplified API is slightly incompatible with what's in the current MSC. ([\#17331](element-hq/synapse#17331))
- Handle device lists notifications for large accounts more efficiently in worker mode. ([\#17333](element-hq/synapse#17333), [\#17358](element-hq/synapse#17358))
- Do not block event sending/receiving while calculating large event auth chains. ([\#17338](element-hq/synapse#17338))
- Tidy up `parse_integer` docs and call sites to reflect the fact that they require non-negative integers by default, and bring `parse_integer_from_args` default in alignment. Contributed by Denis Kasak (@dkasak). ([\#17339](element-hq/synapse#17339))

* Bump authlib from 1.3.0 to 1.3.1. ([\#17343](element-hq/synapse#17343))
* Bump dawidd6/action-download-artifact from 3.1.4 to 5. ([\#17289](element-hq/synapse#17289))
* Bump dawidd6/action-download-artifact from 5 to 6. ([\#17313](element-hq/synapse#17313))
* Bump docker/build-push-action from 5 to 6. ([\#17312](element-hq/synapse#17312))
* Bump jinja2 from 3.1.3 to 3.1.4. ([\#17287](element-hq/synapse#17287))
* Bump lazy_static from 1.4.0 to 1.5.0. ([\#17355](element-hq/synapse#17355))
* Bump msgpack from 1.0.7 to 1.0.8. ([\#17317](element-hq/synapse#17317))
* Bump netaddr from 1.2.1 to 1.3.0. ([\#17353](element-hq/synapse#17353))
* Bump packaging from 24.0 to 24.1. ([\#17352](element-hq/synapse#17352))
* Bump phonenumbers from 8.13.37 to 8.13.39. ([\#17315](element-hq/synapse#17315))
* Bump regex from 1.10.4 to 1.10.5. ([\#17290](element-hq/synapse#17290))
* Bump requests from 2.31.0 to 2.32.2. ([\#17345](element-hq/synapse#17345))
* Bump sentry-sdk from 2.1.1 to 2.3.1. ([\#17263](element-hq/synapse#17263))
* Bump sentry-sdk from 2.3.1 to 2.6.0. ([\#17351](element-hq/synapse#17351))
* Bump tornado from 6.4 to 6.4.1. ([\#17344](element-hq/synapse#17344))
* Bump mypy from 1.8.0 to 1.9.0. ([\#17297](element-hq/synapse#17297))
* Bump types-jsonschema from 4.21.0.20240311 to 4.22.0.20240610. ([\#17288](element-hq/synapse#17288))
* Bump types-netaddr from 1.2.0.20240219 to 1.3.0.20240530. ([\#17314](element-hq/synapse#17314))
* Bump types-pillow from 10.2.0.20240423 to 10.2.0.20240520. ([\#17285](element-hq/synapse#17285))
* Bump types-pyyaml from 6.0.12.12 to 6.0.12.20240311. ([\#17316](element-hq/synapse#17316))
* Bump typing-extensions from 4.11.0 to 4.12.2. ([\#17354](element-hq/synapse#17354))
* Bump urllib3 from 2.0.7 to 2.2.2. ([\#17346](element-hq/synapse#17346))
netbsd-srcmastr pushed a commit to NetBSD/pkgsrc that referenced this pull request Aug 12, 2024
# Synapse 1.112.0 (2024-07-30)

This security release is to update our locked dependency on Twisted to 24.7.0rc1, which includes a security fix for [CVE-2024-41671 / GHSA-c8m8-j448-xjx7: Disordered HTTP pipeline response in twisted.web, again](GHSA-c8m8-j448-xjx7).

Note that this security fix is also available as **Synapse 1.111.1**, which does not include the rest of the changes in Synapse 1.112.0.

This issue means that, if multiple HTTP requests are pipelined in the same TCP connection, Synapse can send responses to the wrong HTTP request.
If a reverse proxy was configured to use HTTP pipelining, this could result in responses being sent to the wrong user, severely harming confidentiality.

With that said, despite being a high severity issue, **we consider it unlikely that Synapse installations will be affected**.
The use of HTTP pipelining in this fashion would cause worse performance for clients (request-response latencies would be increased as users' responses would be artificially blocked behind other users' slow requests). Further, Nginx and Haproxy, two common reverse proxies, do not appear to support configuring their upstreams to use HTTP pipelining and thus would not be affected. For both of these reasons, we consider it unlikely that a Synapse deployment would be set up in such a configuration.

Despite that, we cannot rule out that some installations may exist with this unusual setup and so we are releasing this security update today.

**pip users:** Note that by default, upgrading Synapse using pip will not automatically upgrade Twisted. **Please manually install the new version of Twisted** using `pip install Twisted==24.7.0rc1`. Note also that even the `--upgrade-strategy=eager` flag to `pip install -U matrix-synapse` will not upgrade Twisted to a patched version because it is only a release candidate at this time.

### Internal Changes

- Upgrade locked dependency on Twisted to 24.7.0rc1. ([\#17502](element-hq/synapse#17502))


# Synapse 1.112.0rc1 (2024-07-23)

Please note that this release candidate does not include the security dependency update
included in version 1.111.1 as this version was released before 1.111.1.
The same security fix can be found in the full release of 1.112.0.

### Features

- Add to-device extension support to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17416](element-hq/synapse#17416))
- Populate `name`/`avatar` fields in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17418](element-hq/synapse#17418))
- Populate `heroes` and room summary fields (`joined_count`, `invited_count`) in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17419](element-hq/synapse#17419))
- Populate `is_dm` room field in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17429](element-hq/synapse#17429))
- Add room subscriptions to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17432](element-hq/synapse#17432))
- Prepare for authenticated media freeze. ([\#17433](element-hq/synapse#17433))
- Add E2EE extension support to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17454](element-hq/synapse#17454))

### Bugfixes

- Add configurable option to always include offline users in presence sync results. Contributed by @Michael-Hollister. ([\#17231](element-hq/synapse#17231))
- Fix bug in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint when using room type filters and the user has one or more remote invites. ([\#17434](element-hq/synapse#17434))
- Order `heroes` by `stream_ordering` as the Matrix specification states (applies to `/sync`). ([\#17435](element-hq/synapse#17435))
- Fix rare bug where `/sync` would break for a user when using workers with multiple stream writers. ([\#17438](element-hq/synapse#17438))

### Improved Documentation

- Update the readme image to have a white background, so that it is readable in dark mode. ([\#17387](element-hq/synapse#17387))
- Add Red Hat Enterprise Linux and Rocky Linux 8 and 9 installation instructions. ([\#17423](element-hq/synapse#17423))
- Improve documentation for the [`default_power_level_content_override`](https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html#default_power_level_content_override) config option. ([\#17451](element-hq/synapse#17451))

### Internal Changes

- Make sure we always use the right logic for enabling the media repo. ([\#17424](element-hq/synapse#17424))
- Fix argument documentation for method `RateLimiter.record_action`. ([\#17426](element-hq/synapse#17426))
- Reduce volume of 'Waiting for current token' logs, which were introduced in v1.109.0. ([\#17428](element-hq/synapse#17428))
- Limit concurrent remote downloads to 6 per IP address, and decrement remote downloads without a content-length from the ratelimiter after the download is complete. ([\#17439](element-hq/synapse#17439))
- Remove unnecessary call to resume producing in fake channel. ([\#17449](element-hq/synapse#17449))
- Update experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint to bump room when it is created. ([\#17453](element-hq/synapse#17453))
- Speed up generating sliding sync responses. ([\#17458](element-hq/synapse#17458))
- Add cache to `get_rooms_for_local_user_where_membership_is` to speed up sliding sync. ([\#17460](element-hq/synapse#17460))
- Speed up fetching room keys from backup. ([\#17461](element-hq/synapse#17461))
- Speed up sorting of the room list in sliding sync. ([\#17468](element-hq/synapse#17468))
- Implement handling of `$ME` as a state key in sliding sync. ([\#17469](element-hq/synapse#17469))



### Updates to locked dependencies

* Bump bytes from 1.6.0 to 1.6.1. ([\#17441](element-hq/synapse#17441))
* Bump hiredis from 2.3.2 to 3.0.0. ([\#17464](element-hq/synapse#17464))
* Bump jsonschema from 4.22.0 to 4.23.0. ([\#17444](element-hq/synapse#17444))
* Bump matrix-org/done-action from 2 to 3. ([\#17440](element-hq/synapse#17440))
* Bump mypy from 1.9.0 to 1.10.1. ([\#17445](element-hq/synapse#17445))
* Bump pyopenssl from 24.1.0 to 24.2.1. ([\#17465](element-hq/synapse#17465))
* Bump ruff from 0.5.0 to 0.5.4. ([\#17466](element-hq/synapse#17466))
* Bump sentry-sdk from 2.6.0 to 2.8.0. ([\#17456](element-hq/synapse#17456))
* Bump sentry-sdk from 2.8.0 to 2.10.0. ([\#17467](element-hq/synapse#17467))
* Bump setuptools from 67.6.0 to 70.0.0. ([\#17448](element-hq/synapse#17448))
* Bump twine from 5.1.0 to 5.1.1. ([\#17443](element-hq/synapse#17443))
* Bump types-jsonschema from 4.22.0.20240610 to 4.23.0.20240712. ([\#17446](element-hq/synapse#17446))
* Bump ulid from 1.1.2 to 1.1.3. ([\#17442](element-hq/synapse#17442))
* Bump zipp from 3.15.0 to 3.19.1. ([\#17427](element-hq/synapse#17427))

# Synapse 1.111.0 (2024-07-16)

No significant changes since 1.111.0rc2.




# Synapse 1.111.0rc2 (2024-07-10)

### Bugfixes

- Fix bug where using `synapse.app.media_repository` worker configuration would break the new media endpoints. ([\#17420](element-hq/synapse#17420))

### Improved Documentation

- Document the new federation media worker endpoints in the [upgrade notes](https://element-hq.github.io/synapse/v1.111/upgrade.html) and [worker docs](https://element-hq.github.io/synapse/v1.111/workers.html). ([\#17421](element-hq/synapse#17421))

### Internal Changes

- Route authenticated federation media requests to media repository workers in Complement tests. ([\#17422](element-hq/synapse#17422))




# Synapse 1.111.0rc1 (2024-07-09)

### Features

- Add `rooms` data to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17320](element-hq/synapse#17320))
- Add `room_types`/`not_room_types` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17337](element-hq/synapse#17337))
- Return "required state" in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17342](element-hq/synapse#17342))
- Support [MSC3916](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3916-authentication-for-media.md) by adding [`_matrix/client/v1/media/download`](https://spec.matrix.org/v1.11/client-server-api/#get_matrixclientv1mediadownloadservernamemediaid) endpoint. ([\#17365](element-hq/synapse#17365))
- Support [MSC3916](https://github.com/matrix-org/matrix-spec-proposals/blob/rav/authentication-for-media/proposals/3916-authentication-for-media.md)
  by adding [`_matrix/client/v1/media/thumbnail`](https://spec.matrix.org/v1.11/client-server-api/#get_matrixclientv1mediathumbnailservernamemediaid), [`_matrix/federation/v1/media/thumbnail`](https://spec.matrix.org/v1.11/server-server-api/#get_matrixfederationv1mediathumbnailmediaid) endpoints and stabilizing the
  remaining [`_matrix/client/v1/media`](https://spec.matrix.org/v1.11/client-server-api/#get_matrixclientv1mediaconfig) endpoints. ([\#17388](element-hq/synapse#17388))
- Add `rooms.bump_stamp` for easier client-side sorting in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17395](element-hq/synapse#17395))
- Forget all of a user's rooms upon deactivation, preventing local room purges from being blocked on deactivated users. ([\#17400](element-hq/synapse#17400))
- Declare support for [Matrix 1.11](https://matrix.org/blog/2024/06/20/matrix-v1.11-release/). ([\#17403](element-hq/synapse#17403))
- [MSC3861](matrix-org/matrix-spec-proposals#3861): allow overriding the introspection endpoint. ([\#17406](element-hq/synapse#17406))

### Bugfixes

- Fix rare race which caused no new to-device messages to be received from remote server. ([\#17362](element-hq/synapse#17362))
- Fix bug in experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint when using an old database. ([\#17398](element-hq/synapse#17398))

### Improved Documentation

- Clarify that `url_preview_url_blacklist` is a usability feature. ([\#17356](element-hq/synapse#17356))
- Fix broken links in README. ([\#17379](element-hq/synapse#17379))
- Clarify that changelog content *and file extension* need to match in order for entries to merge. ([\#17399](element-hq/synapse#17399))

### Internal Changes

- Make the release script create a release branch for Complement as well. ([\#17318](element-hq/synapse#17318))
- Fix uploading packages to PyPi. ([\#17363](element-hq/synapse#17363))
- Add CI check for the README. ([\#17367](element-hq/synapse#17367))
- Fix linting errors from new `ruff` version. ([\#17381](element-hq/synapse#17381), [\#17411](element-hq/synapse#17411))
- Fix building debian packages on non-clean checkouts. ([\#17390](element-hq/synapse#17390))
- Finish up work to allow per-user feature flags. ([\#17392](element-hq/synapse#17392), [\#17410](element-hq/synapse#17410))
- Allow enabling sliding sync per-user. ([\#17393](element-hq/synapse#17393))



### Updates to locked dependencies

* Bump certifi from 2023.7.22 to 2024.7.4. ([\#17404](element-hq/synapse#17404))
* Bump cryptography from 42.0.7 to 42.0.8. ([\#17382](element-hq/synapse#17382))
* Bump ijson from 3.2.3 to 3.3.0. ([\#17413](element-hq/synapse#17413))
* Bump log from 0.4.21 to 0.4.22. ([\#17384](element-hq/synapse#17384))
* Bump mypy-zope from 1.0.4 to 1.0.5. ([\#17414](element-hq/synapse#17414))
* Bump pillow from 10.3.0 to 10.4.0. ([\#17412](element-hq/synapse#17412))
* Bump pydantic from 2.7.1 to 2.8.2. ([\#17415](element-hq/synapse#17415))
* Bump ruff from 0.3.7 to 0.5.0. ([\#17381](element-hq/synapse#17381))
* Bump serde from 1.0.203 to 1.0.204. ([\#17409](element-hq/synapse#17409))
* Bump serde_json from 1.0.117 to 1.0.120. ([\#17385](element-hq/synapse#17385), [\#17408](element-hq/synapse#17408))
* Bump types-setuptools from 69.5.0.20240423 to 70.1.0.20240627. ([\#17380](element-hq/synapse#17380))

# Synapse 1.110.0 (2024-07-03)

No significant changes since 1.110.0rc3.




# Synapse 1.110.0rc3 (2024-07-02)

### Bugfixes

- Fix bug where `/sync` requests could get blocked indefinitely after an upgrade from Synapse versions before v1.109.0. ([\#17386](element-hq/synapse#17386), [\#17391](element-hq/synapse#17391))

### Internal Changes

- Limit size of presence EDUs to 50 entries. ([\#17371](element-hq/synapse#17371))
- Fix building debian package for debian sid. ([\#17389](element-hq/synapse#17389))




# Synapse 1.110.0rc2 (2024-06-26)

### Internal Changes

- Fix uploading packages to PyPi. ([\#17363](element-hq/synapse#17363))




# Synapse 1.110.0rc1 (2024-06-26)

### Features

- Add initial implementation of an experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17187](element-hq/synapse#17187))
- Add experimental support for [MSC3823](matrix-org/matrix-spec-proposals#3823) - Account suspension. ([\#17255](element-hq/synapse#17255))
- Improve ratelimiting in Synapse. ([\#17256](element-hq/synapse#17256))
- Add support for the unstable [MSC4151](matrix-org/matrix-spec-proposals#4151) report room API. ([\#17270](element-hq/synapse#17270), [\#17296](element-hq/synapse#17296))
- Filter for public and empty rooms added to Admin-API [List Room API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#list-room-api). ([\#17276](element-hq/synapse#17276))
- Add `is_dm` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17277](element-hq/synapse#17277))
- Add `is_encrypted` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17281](element-hq/synapse#17281))
- Include user membership in events served to clients, per [MSC4115](matrix-org/matrix-spec-proposals#4115). ([\#17282](element-hq/synapse#17282))
- Do not require user-interactive authentication for uploading cross-signing keys for the first time, per [MSC3967](matrix-org/matrix-spec-proposals#3967). ([\#17284](element-hq/synapse#17284))
- Add `stream_ordering` sort to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17293](element-hq/synapse#17293))
- `register_new_matrix_user` now supports a --password-file flag, which
  is useful for scripting. ([\#17294](element-hq/synapse#17294))
- `register_new_matrix_user` now supports a --exists-ok flag to allow registration of users that already exist in the database.
  This is useful for scripts that bootstrap user accounts with initial passwords. ([\#17304](element-hq/synapse#17304))
- Add support for via query parameter from [MSC4156](matrix-org/matrix-spec-proposals#4156). ([\#17322](element-hq/synapse#17322))
- Add `is_invite` filtering to experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17335](element-hq/synapse#17335))
- Support [MSC3916](https://github.com/matrix-org/matrix-spec-proposals/blob/main/proposals/3916-authentication-for-media.md) by adding a federation /download endpoint. ([\#17350](element-hq/synapse#17350))

### Bugfixes

- Fix searching for users with their exact localpart whose ID includes a hyphen. ([\#17254](element-hq/synapse#17254))
- Fix wrong retention policy being used when filtering events. ([\#17272](element-hq/synapse#17272))
- Fix bug where OTKs were not always included in `/sync` response when using workers. ([\#17275](element-hq/synapse#17275))
- Fix a long-standing bug where an invalid 'from' parameter to [`/notifications`](https://spec.matrix.org/v1.10/client-server-api/#get_matrixclientv3notifications) would result in an Internal Server Error. ([\#17283](element-hq/synapse#17283))
- Fix edge case in `/sync` returning the wrong the state when using sharded event persisters. ([\#17295](element-hq/synapse#17295))
- Add initial implementation of an experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync `/sync` endpoint. ([\#17301](element-hq/synapse#17301))
- Fix email notification subject when invited to a space. ([\#17336](element-hq/synapse#17336))

### Improved Documentation

- Add missing quotes for example for `exclude_rooms_from_sync`. ([\#17308](element-hq/synapse#17308))
- Update header in the README to visually fix the the auto-generated table of contents. ([\#17329](element-hq/synapse#17329))
- Fix stale references to the Foundation's Security Disclosure Policy. ([\#17341](element-hq/synapse#17341))
- Add default values for `rc_invites.per_issuer` to docs. ([\#17347](element-hq/synapse#17347))
- Fix an error in the docs for `search_all_users` parameter under `user_directory`. ([\#17348](element-hq/synapse#17348))

### Internal Changes

- Remove unused `expire_access_token` option in the Synapse Docker config file. Contributed by @AaronDewes. ([\#17198](element-hq/synapse#17198))
- Use fully-qualified `PersistedEventPosition` when returning `RoomsForUser` to facilitate proper comparisons and `RoomStreamToken` generation. ([\#17265](element-hq/synapse#17265))
- Add debug logging for when room keys are uploaded, including whether they are replacing other room keys. ([\#17266](element-hq/synapse#17266))
- Handle OTK uploads off master. ([\#17271](element-hq/synapse#17271))
- Don't try and resync devices for remote users whose servers are marked as down. ([\#17273](element-hq/synapse#17273))
- Re-organize Pydantic models and types used in handlers. ([\#17279](element-hq/synapse#17279))
- Expose the worker instance that persisted the event on `event.internal_metadata.instance_name`. ([\#17300](element-hq/synapse#17300))
- Update the README with Element branding, improve headers and fix the #synapse:matrix.org support room link rendering. ([\#17324](element-hq/synapse#17324))
- Change path of the experimental [MSC3575](matrix-org/matrix-spec-proposals#3575) Sliding Sync implementation to `/org.matrix.simplified_msc3575/sync` since our simplified API is slightly incompatible with what's in the current MSC. ([\#17331](element-hq/synapse#17331))
- Handle device lists notifications for large accounts more efficiently in worker mode. ([\#17333](element-hq/synapse#17333), [\#17358](element-hq/synapse#17358))
- Do not block event sending/receiving while calculating large event auth chains. ([\#17338](element-hq/synapse#17338))
- Tidy up `parse_integer` docs and call sites to reflect the fact that they require non-negative integers by default, and bring `parse_integer_from_args` default in alignment. Contributed by Denis Kasak (@dkasak). ([\#17339](element-hq/synapse#17339))



### Updates to locked dependencies

* Bump authlib from 1.3.0 to 1.3.1. ([\#17343](element-hq/synapse#17343))
* Bump dawidd6/action-download-artifact from 3.1.4 to 5. ([\#17289](element-hq/synapse#17289))
* Bump dawidd6/action-download-artifact from 5 to 6. ([\#17313](element-hq/synapse#17313))
* Bump docker/build-push-action from 5 to 6. ([\#17312](element-hq/synapse#17312))
* Bump jinja2 from 3.1.3 to 3.1.4. ([\#17287](element-hq/synapse#17287))
* Bump lazy_static from 1.4.0 to 1.5.0. ([\#17355](element-hq/synapse#17355))
* Bump msgpack from 1.0.7 to 1.0.8. ([\#17317](element-hq/synapse#17317))
* Bump netaddr from 1.2.1 to 1.3.0. ([\#17353](element-hq/synapse#17353))
* Bump packaging from 24.0 to 24.1. ([\#17352](element-hq/synapse#17352))
* Bump phonenumbers from 8.13.37 to 8.13.39. ([\#17315](element-hq/synapse#17315))
* Bump regex from 1.10.4 to 1.10.5. ([\#17290](element-hq/synapse#17290))
* Bump requests from 2.31.0 to 2.32.2. ([\#17345](element-hq/synapse#17345))
* Bump sentry-sdk from 2.1.1 to 2.3.1. ([\#17263](element-hq/synapse#17263))
* Bump sentry-sdk from 2.3.1 to 2.6.0. ([\#17351](element-hq/synapse#17351))
* Bump tornado from 6.4 to 6.4.1. ([\#17344](element-hq/synapse#17344))
* Bump mypy from 1.8.0 to 1.9.0. ([\#17297](element-hq/synapse#17297))
* Bump types-jsonschema from 4.21.0.20240311 to 4.22.0.20240610. ([\#17288](element-hq/synapse#17288))
* Bump types-netaddr from 1.2.0.20240219 to 1.3.0.20240530. ([\#17314](element-hq/synapse#17314))
* Bump types-pillow from 10.2.0.20240423 to 10.2.0.20240520. ([\#17285](element-hq/synapse#17285))
* Bump types-pyyaml from 6.0.12.12 to 6.0.12.20240311. ([\#17316](element-hq/synapse#17316))
* Bump typing-extensions from 4.11.0 to 4.12.2. ([\#17354](element-hq/synapse#17354))
* Bump urllib3 from 2.0.7 to 2.2.2. ([\#17346](element-hq/synapse#17346))
@turt2live turt2live removed the needs-implementation This MSC does not have a qualifying implementation for the SCT to review. The MSC cannot enter FCP. label Oct 23, 2024
@turt2live
Copy link
Member

I think this is ready to go.

@mscbot fcp merge

@mscbot
Copy link
Collaborator

mscbot commented Oct 23, 2024

Team member @mscbot has proposed to merge this. The next step is review by the rest of the tagged people:

Concerns:

  • Confusion/overlap with account locking is unclear.

Once at least 75% of reviewers approve (and there are no outstanding concerns), this will enter its final comment period. If you spot a major issue that hasn't been raised at any point in this process, please speak up!

See this document for information about what commands tagged team members can give me.

@mscbot mscbot added proposed-final-comment-period Currently awaiting signoff of a majority of team members in order to enter the final comment period. disposition-merge labels Oct 23, 2024
Comment on lines +70 to +72
The related concept of locking, as discussed in places like [MSC3939](https://github.com/matrix-org/matrix-spec-proposals/pull/3939)
and [matrix-org/glossary](https://github.com/matrix-org/glossary), is semantically different from
suspension.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think this is still very confusing -- as a server operator I would constantly be unsure whether to lock or suspend an account. It is unclear when they would be used. From the glossary (which I don't know if it is anything official or not?) it says:

Account locking: User is unable to log in to their account, and it is preserved in-place. This action is reversible.
Account suspension: Similar to locking, though the user can still log in and read their account. Writes are not possible. This action is reversible.

Which sounds to me like the only difference is users being able to login or not. I don't understand the differentiation.

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

An example for each might help:

  • As a server admin, you detect unusual login activity for a user. While you investigate, you lock the account.
  • As a server admin, you receive a number of reports about a user posting content that is against your Terms of Service. You suspend the user - this could be until they remove the offending content, until they successfully appeal your decision, or until a set period of time elapses, whatever you decide/your Terms of Service state.

Locking is for scenarios where preventing any activity is important. It's a narrower use case, but there is overlap where you might reach for either locking or suspension.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I've read this a bunch of times and can't really figure out the difference from either an operator or user point of view.

@mscbot concern Confusion/overlap with account locking is unclear.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

(did Jim's comment help, or is it still confusing? I'm struggling to figure out how to add clarity here, honestly)

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

It didn't help clarify. It mostly felt like synonyms were being used. E.g. Why not just lock the account for a period of time or during investigation?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems like using M_USER_ACCESS_LIMITED or something like that would be ok?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given the widespread use of "suspended", I'm heavily inclined to follow that precedent.

I'll add some text to the proposal to clarify locking vs suspension in any case.

Copy link
Member

@KitsuneRal KitsuneRal Nov 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Getting back to the subject of distinct error codes: okay, we have a certain set of permissions (forbiddings?) for these two, what happens when we happen to need one more level (e.g. only allowed to change the password but not anything else, even redaction)? Do we state that the fundamental difference between "locked" and "suspended" is ability to log in but as long as a user can log in, the rest is shades of "suspended"? As a client author, I would really like to advise the user what they can and cannot do, without them trying and failing.

Copy link
Member

@KitsuneRal KitsuneRal Nov 7, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To clarify: I'd really prefer this to be future-proof, i.e. if we need to introduce additional levels of access (either for safety or for security purposes) or if different homeservers end up providing different levels of access to suspended users, the solution should be able to incorporate it.

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Improving communication to the user on what they can/can't do is planned for a future MSC as part of a regulatory compliance series relating to T&S. I'd encourage us to think about sub-codes or similar at that stage rather than delaying a needed feature.

@mscbot mscbot added the unresolved-concerns This proposal has at least one outstanding concern label Oct 29, 2024
Comment on lines +21 to +23
When an account is suspended, any [Client-Server API](https://spec.matrix.org/v1.10/client-server-api/)
endpoint MAY return a 403 HTTP status code with `errcode` of `M_USER_SUSPENDED`. This indicates to
the user that the associated action is unavailable.
Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

someone remind me why this should be a 403 rather than a 401 (and why does locking specify a 401)?

Copy link
Member

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

401 is "token doesn't work anymore" while 403 is "your token works, but server says no".

Comment on lines +70 to +72
The related concept of locking, as discussed in places like [MSC3939](https://github.com/matrix-org/matrix-spec-proposals/pull/3939)
and [matrix-org/glossary](https://github.com/matrix-org/glossary), is semantically different from
suspension.
Copy link
Member

@richvdh richvdh Nov 5, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Personally, I'm pretty relaxed about having both concepts. If this is a useful tool for T&S, I'm prepared to believe that (and I am minded to agree with Jim that a clear distinction from locking is nicer to work with than defining locking to have shades of grey).

I wouldn't mind some more discussion within the proposal doc about how the two methods differ in functionality (and what the user is expected to see in their client), and how the anticipated usecases differ, but I don't consider that a blocker.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
client-server Client-Server API disposition-merge kind:maintenance MSC which clarifies/updates existing spec proposal A matrix spec change proposal proposed-final-comment-period Currently awaiting signoff of a majority of team members in order to enter the final comment period. unresolved-concerns This proposal has at least one outstanding concern
Projects
Status: Ready for FCP ticks
Development

Successfully merging this pull request may close these issues.