Matrix (Synapse/Element) - Package Updates
-
Element [1.5.2]
- Update Element to 1.7.22
- Full changelog
- Fixes a severity issue (CVE-2021-21320) where the user content sandbox can be abused to trick users into opening unexpected documents
-
Synapse [1.20.0]
- Update Synapse to 1.29.0
- Full changelog
- Add rate limiters to cross-user key sharing requests. (#8957)
- Add order_by to the admin API GET /_synapse/admin/v1/users/<user_id>/media. Contributed by @dklimpel. (#8978)
- Add some configuration settings to make users' profile data more private. (#9203)
- The no_proxy and NO_PROXY environment variables are now respected in proxied HTTP clients with the lowercase form taking precedence if both are present. Additionally, the lowercase https_proxy environment variable is now respected in proxied HTTP clients on top of existing support for the uppercase HTTPS_PROXY form and takes precedence if both are present. Contributed by Timothy Leung. (#9372)
- Add a configuration option, user_directory.prefer_local_users, which when enabled will make it more likely for users on the same server as you to appear above other users. (#9383, #9385)
- Add support for regenerating thumbnails if they have been deleted but the original image is still stored. (#9438)
-
-
[1.21.0]
- Update Synapse to 1.30.0
- Full changelog
- Add prometheus metrics for number of users successfully registering and logging in. (#9510, #9511, #9573)
- Add synapse_federation_last_sent_pdu_time and synapse_federation_last_received_pdu_time prometheus metrics, which monitor federation delays by reporting the timestamps of messages sent and received to a set of remote servers. (#9540)
- Add support for generating JSON Web Tokens dynamically for use as OIDC client secrets. (#9549)
- Optimise handling of incomplete room history for incoming federation. (#9601)
- Finalise support for allowing clients to pick an SSO Identity Provider (MSC2858). (#9617)
- Tell spam checker modules about the SSO IdP a user registered through if one was used. (#9626)
-
[1.5.3]
- Update Element to 1.7.24
- Full changelog
-
-
[1.22.0]
- Update Synapse to 1.31.0
- Full changelog
- Add support to OpenID Connect login for requiring attributes on the userinfo response. Contributed by Hubbe King. (#9609)
- Add initial experimental support for a "space summary" API. (#9643, #9652, #9653)
- Add support for the busy presence state as described in MSC3026. (#9644)
- Add support for credentials for proxy authentication in the HTTPS_PROXY environment variable. (#9657)
-
-
[1.22.2]
- Update Synapse to 1.32.0
- Add a Synapse module for routing presence updates between users. (#9491)
- Add an admin API to manage ratelimit for a specific user. (#9648)
- Include request information in structured logging output. (#9654)
- Add order_by to the admin API GET /_synapse/admin/v2/users. Contributed by @dklimpel. (#9691)
- Replace the room_invite_state_types configuration setting with room_prejoin_state. (#9700)
- Add experimental support for MSC3083: restricting room access via group membership. (#9717, #9735)
- Update experimental support for Spaces: include m.room.create in the room state sent with room-invites. (#9710)
- Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
- Prevent synapse_forward_extremities and synapse_excess_extremity_events Prometheus metrics from initially reporting zero-values after startup. (#8926)
- Fix recently added ratelimits to correctly honour the application service rate_limited flag. (#9711)
- Fix longstanding bug which caused duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key" errors. (#9725)
- Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. (#9770)
- Fix duplicate logging of exceptions thrown during federation transaction processing. (#9780)
-
-
[1.23.0]
- Update Synapse to 1.33.0
- Update experimental support for MSC3083: restricting room access via group membership. (#9800, #9814)
- Add experimental support for handling presence on a worker. (#9819, #9820, #9828, #9850)
- Return a new template when an user attempts to renew their account multiple times with the same token, stating that their account is set to expire. This replaces the invalid token template that would previously be shown in this case. This change concerns the optional account validity feature. (#9832)
- Fixes the OIDC SSO flow when using a public_baseurl value including a non-root URL path. (#9726)
- Fix thumbnail generation for some sites with non-standard content types. Contributed by @rkfg. (#9788)
- Add some sanity checks to identity server passed to 3PID bind/unbind endpoints. (#9802)
- Limit the size of HTTP responses read over federation. (#9833)
- Fix a bug which could cause Synapse to get stuck in a loop of resyncing device lists. (#9867)
- Fix a long-standing bug where errors from federation did not propagate to the client. (#9868)
-
[1.24.0]
- Update Synapse to 1.34.0
- Full changelog
- Add support for DELETE /_synapse/admin/v1/rooms/<room_id>. (#9889)
- Improve performance after joining a large room when presence is enabled. (#9910, #9916)
- Support stable identifiers for MSC1772 Spaces. m.space.child events will now be taken into account when populating the experimental spaces summary response. Please see the upgrade notes if you have customised room_invite_state_types in your configuration. (#9915, #9966)
- Improve performance of backfilling in large rooms. (#9935)
-
-
-
Synapse [1.25.0]
- Update Synapse to 1.35.0
- Full changelog
- Add experimental support to allow a user who could join a restricted room to view it in the spaces summary. (#9922, #10007, #10038)
- Reduce memory usage when joining very large rooms over federation. (#9958)
- Add a configuration option which allows enabling opentracing by user id. (#9978)
- Enable experimental support for MSC2946 (spaces summary API) and MSC3083 (restricted join rules) by default. (#10011)
-
-
Synapse [1.26.0]
- Update Synapse to 1.36.0
- Full changelog
-
-
-
For those asking about the recent releases, there's been a regression somewhere in Synapse with how auth providers are handled. You can read up here - https://github.com/matrix-org/synapse/issues/10171 . I opened https://github.com/matrix-org/matrix-synapse-ldap3/issues/123 and https://github.com/matrix-org/matrix-synapse-ldap3/issues/124 . Luckily, there is a workaround, so we can fix things in the package.
-
[1.27.0]
- Update Synapse to 1.38.0
- Full changelog
- Implement refresh tokens as specified by MSC2918. (#9450)
- Add support for evicting cache entries based on last access time. (#10205)
- Omit empty fields from the /sync response. Contributed by @deepbluev7. (#10214)
- Improve validation on federation send_{join,leave,knock} endpoints. (#10225, #10243)
- Mark events received over federation which fail a spam check as "soft-failed". (#10263)
- Add metrics for new inbound federation staging area. (#10284)
- Add script to print information about recently registered users. (#10290)
-
[1.27.1]
- Update Synapse to 1.38.1
- Full changelog
-
[1.28.0]
- Update Synapse to 1.39.0
- Full changelog
-
-
Synapse [1.29.0]
- Update Synapse to 1.40.0
- Full changelog
-
Element [1.6.0]
- Update Element to 1.8.0
- Full changelog
- Show how long a call was on call tiles (#6570). Fixes #18405. Contributed by SimonBrandner.
- Add regional indicators to emoji picker (#6490). Fixes #14963. Contributed by robintown.
- Make call control buttons accessible to screen reader users (#6181). Fixes #18358. Contributed by pvagner.
- Skip sending a thumbnail if it is not a sufficient saving over the original (#6559). Fixes #17906.
- Increase PiP snapping speed (#6539). Fixes #18371. Contributed by SimonBrandner.
- Improve and move the incoming call toast (#6470). Fixes #17912. Contributed by SimonBrandner.
- Allow all of the URL schemes that Firefox allows (#6457). Contributed by aaronraimist.
- Improve bubble layout colors (#6452). Fixes #18081. Contributed by SimonBrandner.
- Spaces let users switch between Home and All Rooms behaviours (#6497). Fixes #18093.
- Support for MSC2285 (hidden read receipts) (#6390). Contributed by SimonBrandner.
- Group pinned message events with MELS (#6349). Fixes #17938. Contributed by SimonBrandner.
- Make version copiable (#6227). Fixes #17603 and #18329. Contributed by SimonBrandner.
-
[1.6.1]
- Update Element to 1.8.1
- Full changelog
- Fix multiple VoIP regressions (matrix-org/matrix-js-sdk#1860).
-
-
Synapse [1.30.0]
- Update Synapse to 1.41.0
- Full changelog
-
Element [1.6.2]
- Update Element to 1.8.2
- Full changelog
- Add a warning on E2EE rooms if you try to make them public (#5698). Contributed by SimonBrandner.
- Allow pagination of the space hierarchy and use new APIs (#6507). Fixes #18089 and #18427.
- Improve emoji in composer (#6650). Fixes #18593 and #18593. Contributed by SimonBrandner.
- Allow playback of replied-to voice message (#6629). Fixes #18599 and #18599. Contributed by SimonBrandner.
- Format autocomplete suggestions vertically (#6620). Fixes #17574 and #17574. Contributed by SimonBrandner.
- Remember last MemberList search query per-room (#6640). Fixes #18613 and #18613. Contributed by SimonBrandner.
-
Synapse [1.30.2]
- Update Synapse to 1.41.1
- Full changelog
- GHSA-3x4c-pq33-4w3q / CVE-2021-39164: Enumerating a private room's list of members and their display names.
- GHSA-jj53-8fmw-f2w2 / CVE-2021-39163: Disclosing a private room's name, avatar, topic, and number of members.
-
-
[1.31.0]
- Update Synapse to 1.42.0
- Full changelog
- Support room version 9 from MSC3375. (#10747)
- Add support for MSC3231: Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. (#10142)
- Add support for MSC3283: Expose enable_set_displayname in capabilities. (#10452)
- Port the PresenceRouter module interface to the new generic interface. (#10524)
- Add pagination to the spaces summary based on updates to MSC2946. (#10613, #10725)
-
[1.6.3]
- Update Element to 1.8.4
- Full changelog
- Fix a security issue with message key sharing. See https://matrix.org/blog/2021/09/13/vulnerability-disclosure-key-sharing for details.
-
[1.6.4]
- Update Element to 1.8.5
- Full changelog
- Add bubble highlight styling (#6582). Fixes #18295 and #18295. Contributed by SimonBrandner.
- Create narrow mode for Composer (#6682). Fixes #18533 and #18533.
- Prefer matrix.to alias links over room id in spaces & share (#6745). Fixes #18796 and #18796.
- Stop automatic playback of voice messages if a non-voice message is encountered (#6728). Fixes #18850 and #18850.
- Show call length during a call (#6700). Fixes #18566 and #18566. Contributed by SimonBrandner.
- Serialize and retry mass-leave when leaving space (#6737). Fixes #18789 and #18789.
- Improve form handling in and around space creation (#6739). Fixes #18775 and #18775.
- Split autoplay GIFs and videos into different settings (#6726). Fixes #5771 and #5771. Contributed by SimonBrandner.
- Add autoplay for voice messages (#6710). Fixes #18804, #18715, #18714 #17961 and #18804.
- Allow to use basic html to format invite messages (#6703). Fixes #15738 and #15738. Contributed by skolmer.
-
[1.32.0]
- Update Synapse to 1.43.0
- Full changelog
-
[1.7.0]
- Update Element to 1.9.0
- Full changelog
-
-
[1.33.0]
- Update Synapse to 1.44.0
- Full changelog
- Only allow the MSC2716 /batch_send?chunk_id=xxx endpoint to connect to an already existing insertion event. (#10776)
- Improve oEmbed URL previews by processing the author name, photo, and video information. (#10814, #10819)
- Speed up responding with large JSON objects to requests. (#10868, #10905)
- Add a user_may_create_room_with_invites spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. (#10898)
-
[1.7.1]
- Update Element to 1.9.1
- Full changelog
- Decrease profile button touch target (#6900). Contributed by ColonisationCaptain.
- Don't let click events propagate out of context menus (#6892).
- Allow closing Dropdown via its chevron (#6885). Fixes #19030 and #19030.
- Improve AUX panel behaviour (#6699). Fixes #18787 and #18787. Contributed by SimonBrandner.
- A nicer opening animation for the Image View (#6454). Fixes #18186 and #18186. Contributed by SimonBrandner.
-
[1.7.2]
- Update Element to 1.9.2
- Full changelog
- Upgrade to matrix-js-sdk#14.0.1
-
-
[1.34.0]
- Update Synapse to 1.45.0
- Full changelog
- Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down /sync due to a race. (#11045)
- Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a user not in the users table. (#11053)
- Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. (#11061)
-
[1.34.1]
- Update Synapse to 1.45.1
- Full changelog
- Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. (#11127)
-
[1.7.3]
- Update Element to 1.9.3
- Full changelog
- Convert the "Cryptography" settings panel to an HTML table to assist screen reader users. (#6968). Contributed by andybalaam.
- Swap order of private space creation and tweak copy (#6967). Fixes #18768 and #18768.
- Add spacing to Room settings - Notifications subsection (#6962). Contributed by CicadaCinema.
- Use HTML tables for some tabular user interface areas, to assist with screen reader use (#6955). Contributed by andybalaam.
- Fix space invite edge cases (#6884). Fixes #19010 #17345 and #19010.
- Allow options to cascade kicks/bans throughout spaces (#6829). Fixes #18969 and #18969.
- Hide kick & ban options in UserInfo when looking at own profile (#6911). Fixes #19066 and #19066.
-
-
[1.35.0]
- Update Synapse to 1.46.0
- Full changelog
- Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. (#11196)
-
-
[1.36.0]
- Update Synapse to 1.47.0
- Full changelog
- Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. (#11346)
- Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from device_inbox column' background process from running when updating from a recent Synapse version. (#11303, #11353)
-
[1.7.5]
- Update Element to 1.9.5
- Full changelog
-
[1.36.1]
- Update Synapse to 1.47.1
- Full changelog
- GHSA-3hfw-x7gx-437c / CVE-2021-41281: Path traversal when downloading remote media.
-
-
[1.37.0]
- Update Synapse to 1.48.0
- Full changelog
-
[1.7.6]
- Update Element to 1.9.6
- Full changelog
-
-
Element [1.7.7]
- Update Element to 1.9.7
- Full changelog
-
[1.38.0]
- Update Synapse to 1.49.0
- Full changelog
-
Element [1.7.8]
- Update Element to 1.9.8
- Full changelog
-
Synapse [1.38.1]
- Update Synapse to 1.49.2
- Full changelog
Post 87 of 321