-
v0.18.3291628d4 · ·
Changes in synapse v0.18.3 (2016-11-08) ======================================= SECURITY UPDATE Explicitly require authentication when using LDAP3. This is the default on versions of ``ldap3`` above 1.0, but some distributions will package an older version. If you are using LDAP3 login and have a version of ``ldap3`` older than 1.0 it is **CRITICAL to updgrade**.
-
v0.18.24a9055d4 · ·
Changes in synapse v0.18.2 (2016-11-01) ======================================= No changes since v0.18.2-rc5 Changes in synapse v0.18.2-rc5 (2016-10-28) =========================================== Bug fixes: * Fix prometheus process metrics in worker processes (PR #1184) Changes in synapse v0.18.2-rc4 (2016-10-27) =========================================== Bug fixes: * Fix ``user_threepids`` schema delta, which in some instances prevented startup after upgrade (PR #1183) Changes in synapse v0.18.2-rc3 (2016-10-27) =========================================== Changes: * Allow clients to supply access tokens as headers (PR #1098) * Clarify error codes for GET /filter/, thanks to Alexander Maznev (PR #1164) * Make password reset email field case insensitive (PR #1170) * Reduce redundant database work in email pusher (PR #1174) * Allow configurable rate limiting per AS (PR #1175) * Check whether to ratelimit sooner to avoid work (PR #1176) * Standardise prometheus metrics (PR #1177) Bug fixes: * Fix incredibly slow back pagination query (PR #1178) * Fix infinite typing bug (PR #1179) Changes in synapse v0.18.2-rc2 (2016-10-25) =========================================== (This release did not include the changes advertised and was identical to RC1) Changes in synapse v0.18.2-rc1 (2016-10-17) =========================================== Changes: * Remove redundant event_auth index (PR #1113) * Reduce DB hits for replication (PR #1141) * Implement pluggable password auth (PR #1155) * Remove rate limiting from app service senders and fix get_or_create_user requester, thanks to Patrik Oldsberg (PR #1157) * window.postmessage for Interactive Auth fallback (PR #1159) * Use sys.executable instead of hardcoded python, thanks to Pedro Larroy (PR #1162) * Add config option for adding additional TLS fingerprints (PR #1167) * User-interactive auth on delete device (PR #1168) Bug fixes: * Fix not being allowed to set your own state_key, thanks to Patrik Oldsberg (PR #1150) * Fix interactive auth to return 401 from for incorrect password (PR #1160, #1166) * Fix email push notifs being dropped (PR #1169)
-
v0.18.2-rc5264f6c2a · ·
Changes in synapse v0.18.2-rc5 (2016-10-28) =========================================== Bug fixes: * Fix prometheus process metrics in worker processes (PR #1184)
-
v0.18.2-rc4665e5352 · ·
Changes in synapse v0.18.2-rc4 (2016-10-27) =========================================== Bug fixes: * Fix ``user_threepids`` schema delta, which in some instances prevented startup after upgrade (PR #1183)
-
v0.18.2-rc3db0609f1 · ·
Changes in synapse v0.18.2-rc3 (2016-10-27) =========================================== Changes: * Clarify error codes for GET /filter/, thanks to Alexander Maznev (PR #1164) * Make password reset email field case insensitive (PR #1170) * Reduce redundant database work in email pusher (PR #1174) * Allow configurable rate limiting per AS (PR #1175) * Check whether to ratelimit sooner to avoid work (PR #1176) * Standardise prometheus metrics (PR #1177) Bug fixes: * Fix incredibly slow back pagination query (PR #1178) * Fix infinite typing bug (PR #1179)
-
v0.18.2-rc2f138bb40 · ·
Changes in synapse v0.18.2-rc2 (2016-10-25) =========================================== (This release did not include the changes advertised and was identical to RC1)
-
v0.18.2-rc1513e600f · ·
Changes in synapse v0.18.2-rc1 (2016-10-17) =========================================== Changes: * Remove redundant event_auth index (PR #1113) * Reduce DB hits for replication (PR #1141) * Implement pluggable password auth (PR #1155) * Remove rate limiting from app service senders and fix get_or_create_user requester, thanks to Patrik Oldsberg (PR #1157) * window.postmessage for Interactive Auth fallback (PR #1159) * Use sys.executable instead of hardcoded python, thanks to Pedro Larroy (PR #1162) * Add config option for adding additional TLS fingerprints (PR #1167) * User-interactive auth on delete device (PR #1168) Bug fixes: * Fix not being allowed to set your own state_key, thanks to Patrik Oldsberg (PR #1150) * Fix interactive auth to return 401 from for incorrect password (PR #1160, #1166) * Fix email push notifs being dropped (PR #1169)
-
v0.18.1e779ee0e · ·
Changes in synapse v0.18.1 (2016-10-0) ====================================== No changes since v0.18.1-rc1 Changes in synapse v0.18.1-rc1 (2016-09-30) =========================================== Features: * Add total_room_count_estimate to ``/publicRooms`` (PR #1133) Changes: * Time out typing over federation (PR #1140) * Restructure LDAP authentication (PR #1153) Bug fixes: * Fix 3pid invites when server is already in the room (PR #1136) * Fix upgrading with SQLite taking lots of CPU for a few days after upgrade (PR #1144) * Fix upgrading from very old database versions (PR #1145) * Fix port script to work with recently added tables (PR #1146)
-
v0.18.1-rc121185e3e · ·
Changes in synapse v0.18.1-rc1 (2016-09-30) =========================================== Features: * Add total_room_count_estimate to ``/publicRooms`` (PR #1133) Changes: * Time out typing over federation (PR #1140) * Restructure LDAP authentication (PR #1153) Bug fixes: * Fix 3pid invites when server is already in the room (PR #1136) * Fix upgrading with SQLite taking lots of CPU for a few days after upgrade (PR #1144) * Fix upgrading from very old database versions (PR #1145) * Fix port script to work with recently added tables (PR #1146)
-
v0.18.088acb997 · ·
Changes in synapse v0.18.0 (2016-09-19) ======================================= The release includes major changes to the state storage database schemas, which significantly reduce database size. Synapse will attempt to upgrade the current data in the background. Servers with large SQLite database may experience degradation of performance while this upgrade is in progress, therefore you may want to consider migrating to using Postgres before upgrading very large SQLite daabases Changes: * Make public room search case insensitive (PR #1127) Bug fixes: * Fix and clean up publicRooms pagination (PR #1129) Changes in synapse v0.18.0-rc1 (2016-09-16) =========================================== Features: * Add ``only=highlight`` on ``/notifications`` (PR #1081) * Add server param to /publicRooms (PR #1082) * Allow clients to ask for the whole of a single state event (PR #1094) * Add is_direct param to /createRoom (PR #1108) * Add pagination support to publicRooms (PR #1121) * Add very basic filter API to /publicRooms (PR #1126) * Add basic direct to device messaging support for E2E (PR #1074, #1084, #1104, #1111) Changes: * Move to storing state_groups_state as deltas, greatly reducing DB size (PR #1065) * Reduce amount of state pulled out of the DB during common requests (PR #1069) * Allow PDF to be rendered from media repo (PR #1071) * Reindex state_groups_state after pruning (PR #1085) * Clobber EDUs in send queue (PR #1095) * Conform better to the CAS protocol specification (PR #1100) * Limit how often we ask for keys from dead servers (PR #1114) Bug fixes: * Fix /notifications API when used with ``from`` param (PR #1080) * Fix backfill when cannot find an event. (PR #1107)
-
v0.18.0-rc1fa9d2c72 · ·
Changes in synapse v0.18.0-rc1 (2016-09-16) =========================================== The release includes major changes to the state storage database schemas, which significantly reduce database size. Synapse will attempt to upgrade the current data in the background. Servers with large SQLite database may experience degradation of performance while this upgrade is in progress, therefore you may want to consider migrating to using Postgres before upgrading very large SQLite daabases Features: * Add ``only=highlight`` on ``/notifications`` (PR #1081) * Add server param to /publicRooms (PR #1082) * Allow clients to ask for the whole of a single state event (PR #1094) * Add is_direct param to /createRoom (PR #1108) * Add pagination support to publicRooms (PR #1121) * Add very basic filter API to /publicRooms (PR #1126) * Add basic direct to device messaging support for E2E (PR #1074, #1084, #1104, #1111) Changes: * Move to storing state_groups_state as deltas, greatly reducing DB size (PR #1065) * Reduce amount of state pulled out of the DB during common requests (PR #1069) * Allow PDF to be rendered from media repo (PR #1071) * Reindex state_groups_state after pruning (PR #1085) * Clobber EDUs in send queue (PR #1095) * Conform better to the CAS protocol specification (PR #1100) * Limit how often we ask for keys from dead servers (PR #1114) Bug fixes: * Fix /notifications API when used with ``from`` param (PR #1080) * Fix backfill when cannot find an event. (PR #1107)
-
v0.17.25834c617 · ·
Changes in synapse v0.17.2 (2016-09-08) ======================================= This release contains security bug fixes. Please upgrade. No changes since v0.17.2 Changes in synapse v0.17.2-rc1 (2016-09-05) =========================================== Features: * Start adding store-and-forward direct-to-device messaging (PR #1046, #1050, #1062, #1066) Changes: * Avoid pulling the full state of a room out so often (PR #1047, #1049, #1063, #1068) * Don't notify for online to online presence transitions. (PR #1054) * Occasionally persist unpersisted presence updates (PR #1055) * Allow application services to have an optional 'url' (PR #1056) * Clean up old sent transactions from DB (PR #1059) Bug fixes: * Fix None check in backfill (PR #1043) * Fix membership changes to be idempotent (PR #1067) * Fix bug in get_pdu where it would sometimes return events with incorrect signature
-
v0.17.2-rc14ec67a3d · ·
Changes in synapse v0.17.2-rc1 (2016-09-05) =========================================== Features: * Start adding store-and-forward direct-to-device messaging (PR #1046, #1050, #1062, #1066) Changes: * Avoid pulling the full state of a room out so often (PR #1047, #1049, #1063, #1068) * Don't notify for online to online presence transitions. (PR #1054) * Occasionally persist unpersisted presence updates (PR #1055) * Allow application services to have an optional 'url' (PR #1056) * Clean up old sent transactions from DB (PR #1059) Bug fixes: * Fix None check in backfill (PR #1043) * Fix membership changes to be idempotent (PR #1067) * Fix bug in get_pdu where it would sometimes return events with incorrect signature
-
v0.17.137638c06 · ·
Changes in synapse v0.17.1 (2016-08-24) ======================================= Changes: * Delete old received_transactions rows (PR #1038) * Pass through user-supplied content in /join/$room_id (PR #1039) Bug fixes: * Fix bug with backfill (PR #1040) Changes in synapse v0.17.1-rc1 (2016-08-22) =========================================== Features: * Add notification API (PR #1028) Changes: * Don't print stack traces when failing to get remote keys (PR #996) * Various federation /event/ perf improvements (PR #998) * Only process one local membership event per room at a time (PR #1005) * Move default display name push rule (PR #1011, #1023) * Fix up preview URL API. Add tests. (PR #1015) * Set ``Content-Security-Policy`` on media repo (PR #1021) * Make notify_interested_services faster (PR #1022) * Add usage stats to prometheus monitoring (PR #1037) Bug fixes: * Fix token login (PR #993) * Fix CAS login (PR #994, #995) * Fix /sync to not clobber status_msg (PR #997) * Fix redacted state events to include prev_content (PR #1003) * Fix some bugs in the auth/ldap handler (PR #1007) * Fix backfill request to limit URI length, so that remotes don't reject the requests due to path length limits (PR #1012) * Fix AS push code to not send duplicate events (PR #1025)
-
v0.17.1-rc114047126 · ·
Changes in synapse v0.17.1-rc1 (2016-08-22) =========================================== Features: * Add notification API (PR #1028) Changes: * Don't print stack traces when failing to get remote keys (PR #996) * Various federation /event/ perf improvements (PR #998) * Only process one local membership event per room at a time (PR #1005) * Move default display name push rule (PR #1011, #1023) * Fix up preview URL API. Add tests. (PR #1015) * Set ``Content-Security-Policy`` on media repo (PR #1021) * Make notify_interested_services faster (PR #1022) * Add usage stats to prometheus monitoring (PR #1037) Bug fixes: * Fix token login (PR #993) * Fix CAS login (PR #994, #995) * Fix /sync to not clobber status_msg (PR #997) * Fix redacted state events to include prev_content (PR #1003) * Fix some bugs in the auth/ldap handler (PR #1007) * Fix backfill request to limit URI length, so that remotes don't reject the requests due to path length limits (PR #1012) * Fix AS push code to not send duplicate events (PR #1025)
-
v0.17.0d330d45e · ·
Changes in synapse v0.17.0 (2016-08-08) ======================================= This release contains significant security bug fixes regarding authenticating events received over federation. PLEASE UPGRADE. This release changes the LDAP configuration format in a backwards incompatible way, see PR #843 for details. Changes: * Add federation /version API (PR #990) * Make psutil dependency optional (PR #992) Bug fixes: * Fix URL preview API to exclude HTML comments in description (PR #988) * Fix error handling of remote joins (PR #991) Changes in synapse v0.17.0-rc4 (2016-08-05) =========================================== Changes: * Change the way we summarize URLs when previewing (PR #973) * Add new ``/state_ids/`` federation API (PR #979) * Speed up processing of ``/state/`` response (PR #986) Bug fixes: * Fix event persistence when event has already been partially persisted (PR #975, #983, #985) * Fix port script to also copy across backfilled events (PR #982) Changes in synapse v0.17.0-rc3 (2016-08-02) =========================================== Changes: * Forbid non-ASes from registering users whose names begin with '_' (PR #958) * Add some basic admin API docs (PR #963) Bug fixes: * Send the correct host header when fetching keys (PR #941) * Fix joining a room that has missing auth events (PR #964) * Fix various push bugs (PR #966, #970) * Fix adding emails on registration (PR #968) Changes in synapse v0.17.0-rc2 (2016-08-02) =========================================== (This release did not include the changes advertised and was identical to RC1) Changes in synapse v0.17.0-rc1 (2016-07-28) =========================================== This release changes the LDAP configuration format in a backwards incompatible way, see PR #843 for details. Features: * Add purge_media_cache admin API (PR #902) * Add deactivate account admin API (PR #903) * Add optional pepper to password hashing (PR #907, #910 by KentShikama) * Add an admin option to shared secret registration (breaks backwards compat) (PR #909) * Add purge local room history API (PR #911, #923, #924) * Add requestToken endpoints (PR #915) * Add an /account/deactivate endpoint (PR #921) * Add filter param to /messages. Add 'contains_url' to filter. (PR #922) * Add device_id support to /login (PR #929) * Add device_id support to /v2/register flow. (PR #937, #942) * Add GET /devices endpoint (PR #939, #944) * Add GET /device/{deviceId} (PR #943) * Add update and delete APIs for devices (PR #949) Changes: * Rewrite LDAP Authentication against ldap3 (PR #843 by mweinelt) * Linearize some federation endpoints based on (origin, room_id) (PR #879) * Remove the legacy v0 content upload API. (PR #888) * Use similar naming we use in email notifs for push (PR #894) * Optionally include password hash in createUser endpoint (PR #905 by KentShikama) * Use a query that postgresql optimises better for get_events_around (PR #906) * Fall back to 'username' if 'user' is not given for appservice registration. (PR #927 by Half-Shot) * Add metrics for psutil derived memory usage (PR #936) * Record device_id in client_ips (PR #938) * Send the correct host header when fetching keys (PR #941) * Log the hostname the reCAPTCHA was completed on (PR #946) * Make the device id on e2e key upload optional (PR #956) * Add r0.2.0 to the "supported versions" list (PR #960) * Don't include name of room for invites in push (PR #961) Bug fixes: * Fix substitution failure in mail template (PR #887) * Put most recent 20 messages in email notif (PR #892) * Ensure that the guest user is in the database when upgrading accounts (PR #914) * Fix various edge cases in auth handling (PR #919) * Fix 500 ISE when sending alias event without a state_key (PR #925) * Fix bug where we stored rejections in the state_group, persist all rejections (PR #948) * Fix lack of check of if the user is banned when handling 3pid invites (PR #952) * Fix a couple of bugs in the transaction and keyring code (PR #954, #955)
-
v0.17.0-rc4c95dd7a4 · ·
Changes in synapse v0.17.0-rc4 (2016-08-05) =========================================== Changes: * Change the way we summarize URLs when previewing (PR #973) * Add new ``/state_ids/`` federation API (PR #979) * Speed up processing of ``/state/`` response (PR #986) Bug fixes: * Fix event persistence when event has already been partially persisted (PR #975, #983, #985) * Fix port script to also copy across backfilled events (PR #982)
-
v0.17.0-rc349e047c5 · ·
Changes in synapse v0.17.0-rc3 (2016-08-02) =========================================== Changes: * Forbid non-ASes from registering users whose names begin with '_' (PR #958) * Add some basic admin API docs (PR #963) Bug fixes: * Send the correct host header when fetching keys (PR #941) * Fix joining a room that has missing auth events (PR #964) * Fix various push bugs (PR #966, #970) * Fix adding emails on registration (PR #968)
-
v0.17.0-rc2456544b6 · ·
Changes in synapse v0.17.0-rc2 (2016-08-02) =========================================== Changes: * Forbid non-ASes from registering users whose names begin with '_' (PR #958) * Add some basic admin API docs (PR #963) Bug fixes: * Send the correct host header when fetching keys (PR #941) * Fix joining a room that has missing auth events (PR #964) * Fix various push bugs (PR #966, #970) * Fix adding emails on registration (PR #968)