Bump version

https://forum.cloudron.io/topic/7285/request-include-s3-storage-module

CHANGELOG

@@ -279,3 +279,383 @@
 * [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.24.0)
 * Add a maximum version for pysaml2 on Python 3.5
 
+[1.16.0]
+* Update Synapse to 1.25.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.25.0)
+* Add an admin API that lets server admins get power in rooms in which local users have power. (#8756)
+* Add optional HTTP authentication to replication endpoints. (#8853)
+* Improve the error messages printed as a result of configuration problems for extension modules. (#8874)
+* Add the number of local devices to Room Details Admin API. Contributed by @dklimpel. (#8886)
+* Add X-Robots-Tag header to stop web crawlers from indexing media. Contributed by Aaron Raimist. (#8887)
+* Spam-checkers may now define their methods as async. (#8890)
+* Add support for allowing users to pick their own user ID during a single-sign-on login. (#8897, #8900, #8911, #8938, #8941, #8942, #8951)
+* Add an email.invite_client_location configuration option to send a web client location to the invite endpoint on the identity server which allows customisation of the email template. (#8930)
+* The search term in the list room and list user Admin APIs is now treated as case-insensitive. (#8931)
+* Apply an IP range blacklist to push and key revocation requests. (#8821, #8870, #8954)
+* Add an option to allow re-use of user-interactive authentication sessions for a period of time. (#8970)
+* Allow running the redact endpoint on workers. (#8994)
+
+[1.17.0]
+* Update Synapse to 1.26.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.26.0)
+* During user-interactive authentication via single-sign-on, give a better error if the user uses the wrong account on the SSO IdP. (#9091)
+* Give the public_baseurl a default value, if it is not explicitly set in the configuration file. (#9159)
+* Improve performance when calculating ignored users in large rooms. (#9024)
+* Implement MSC2176 in an experimental room version. (#8984)
+* Add an admin API for protecting local media from quarantine. (#9086)
+* Remove a user's avatar URL and display name when deactivated with the Admin API. (#8932)
+
+[1.18.0]
+* Update Synapse to 1.27.0
+* Use base image v3
+* Update python to 3.8
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.27.0)
+* Add an admin API for getting and deleting forward extremities for a room. (#9062)
+* Add an admin API for retrieving the current room state of a room. (#9168)
+* Add an admin API endpoint for shadow-banning users. (#9209)
+
+[1.19.0]
+* Update Synapse to 1.28.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.28.0)
+* New admin API to get the context of an event: /_synapse/admin/rooms/{roomId}/context/{eventId}. (#9150)
+* Further improvements to the user experience of registration via single sign-on. (#9300, #9301)
+* Add hook to spam checker modules that allow checking file uploads and remote downloads. (#9311)
+* Add support for receiving OpenID Connect authentication responses via form POSTs rather than GETs. (#9376)
+* Add the shadow-banning status to the admin API for user info. (#9400)
+
+[1.20.0]
+* Update Synapse to 1.29.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.29.0)
+* Add rate limiters to cross-user key sharing requests. (#8957)
+* Add order_by to the admin API GET /_synapse/admin/v1/users/<user_id>/media. Contributed by @dklimpel. (#8978)
+* Add some configuration settings to make users' profile data more private. (#9203)
+* The no_proxy and NO_PROXY environment variables are now respected in proxied HTTP clients with the lowercase form taking precedence if both are present. Additionally, the lowercase https_proxy environment variable is now respected in proxied HTTP clients on top of existing support for the uppercase HTTPS_PROXY form and takes precedence if both are present. Contributed by Timothy Leung. (#9372)
+* Add a configuration option, user_directory.prefer_local_users, which when enabled will make it more likely for users on the same server as you to appear above other users. (#9383, #9385)
+* Add support for regenerating thumbnails if they have been deleted but the original image is still stored. (#9438)
+
+[1.21.0]
+* Update Synapse to 1.30.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.30.0)
+* Add prometheus metrics for number of users successfully registering and logging in. (#9510, #9511, #9573)
+* Add synapse_federation_last_sent_pdu_time and synapse_federation_last_received_pdu_time prometheus metrics, which monitor federation delays by reporting the timestamps of messages sent and received to a set of remote servers. (#9540)
+* Add support for generating JSON Web Tokens dynamically for use as OIDC client secrets. (#9549)
+* Optimise handling of incomplete room history for incoming federation. (#9601)
+* Finalise support for allowing clients to pick an SSO Identity Provider (MSC2858). (#9617)
+* Tell spam checker modules about the SSO IdP a user registered through if one was used. (#9626)
+
+[1.21.1]
+* Update Synapse to 1.30.1
+
+[1.22.0]
+* Update Synapse to 1.31.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.31.0)
+* Add support to OpenID Connect login for requiring attributes on the userinfo response. Contributed by Hubbe King. (#9609)
+* Add initial experimental support for a "space summary" API. (#9643, #9652, #9653)
+* Add support for the busy presence state as described in MSC3026. (#9644)
+* Add support for credentials for proxy authentication in the HTTPS_PROXY environment variable. (#9657)
+
+[1.22.1]
+* Update Synapse to 1.32.0
+* Add a Synapse module for routing presence updates between users. (#9491)
+* Add an admin API to manage ratelimit for a specific user. (#9648)
+* Include request information in structured logging output. (#9654)
+* Add order_by to the admin API GET /_synapse/admin/v2/users. Contributed by @dklimpel. (#9691)
+* Replace the room_invite_state_types configuration setting with room_prejoin_state. (#9700)
+* Add experimental support for MSC3083: restricting room access via group membership. (#9717, #9735)
+* Update experimental support for Spaces: include m.room.create in the room state sent with room-invites. (#9710)
+* Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
+* Prevent synapse_forward_extremities and synapse_excess_extremity_events Prometheus metrics from initially reporting zero-values after startup. (#8926)
+* Fix recently added ratelimits to correctly honour the application service rate_limited flag. (#9711)
+* Fix longstanding bug which caused duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key" errors. (#9725)
+* Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. (#9770)
+* Fix duplicate logging of exceptions thrown during federation transaction processing. (#9780)
+
+[1.22.2]
+* Update Synapse to 1.32.0
+* Add a Synapse module for routing presence updates between users. (#9491)
+* Add an admin API to manage ratelimit for a specific user. (#9648)
+* Include request information in structured logging output. (#9654)
+* Add order_by to the admin API GET /_synapse/admin/v2/users. Contributed by @dklimpel. (#9691)
+* Replace the room_invite_state_types configuration setting with room_prejoin_state. (#9700)
+* Add experimental support for MSC3083: restricting room access via group membership. (#9717, #9735)
+* Update experimental support for Spaces: include m.room.create in the room state sent with room-invites. (#9710)
+* Synapse now requires Python 3.6 or later. It also requires Postgres 9.6 or later or SQLite 3.22 or later. (#9766)
+* Prevent synapse_forward_extremities and synapse_excess_extremity_events Prometheus metrics from initially reporting zero-values after startup. (#8926)
+* Fix recently added ratelimits to correctly honour the application service rate_limited flag. (#9711)
+* Fix longstanding bug which caused duplicate key value violates unique constraint "remote_media_cache_thumbnails_media_origin_media_id_thumbna_key" errors. (#9725)
+* Fix bug where sharded federation senders could get stuck repeatedly querying the DB in a loop, using lots of CPU. (#9770)
+* Fix duplicate logging of exceptions thrown during federation transaction processing. (#9780)
+
+[1.22.3]
+* Update Synapse to 1.32.1
+* Fix a regression in Synapse 1.32.0 which caused Synapse to report large numbers of Prometheus time series, potentially overwhelming Prometheus instances. (#9854)
+
+[1.22.4]
+* Update Synapse to 1.32.2
+* Fix a regression in Synapse 1.32.0 and 1.32.1 which caused LoggingContext errors in plugins. (#9857)
+
+[1.23.0]
+* Update Synapse to 1.33.0
+* Update experimental support for MSC3083: restricting room access via group membership. (#9800, #9814)
+* Add experimental support for handling presence on a worker. (#9819, #9820, #9828, #9850)
+* Return a new template when an user attempts to renew their account multiple times with the same token, stating that their account is set to expire. This replaces the invalid token template that would previously be shown in this case. This change concerns the optional account validity feature. (#9832)
+* Fixes the OIDC SSO flow when using a public_baseurl value including a non-root URL path. (#9726)
+* Fix thumbnail generation for some sites with non-standard content types. Contributed by @rkfg. (#9788)
+* Add some sanity checks to identity server passed to 3PID bind/unbind endpoints. (#9802)
+* Limit the size of HTTP responses read over federation. (#9833)
+* Fix a bug which could cause Synapse to get stuck in a loop of resyncing device lists. (#9867)
+* Fix a long-standing bug where errors from federation did not propagate to the client. (#9868)
+
+[1.23.1]
+* Update Synapse to 1.33.1
+* Fix bug where /sync would break if using the latest version of attrs dependency, by pinning to a previous version. (#9937)
+
+[1.23.2]
+* Update Synapse to 1.33.2
+* This release fixes a denial of service attack (CVE-2021-29471) against Synapse's push rules implementation.
+
+[1.24.0]
+* Update Synapse to 1.34.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.34.0)
+* Add support for DELETE /_synapse/admin/v1/rooms/<room_id>. (#9889)
+* Improve performance after joining a large room when presence is enabled. (#9910, #9916)
+* Support stable identifiers for MSC1772 Spaces. m.space.child events will now be taken into account when populating the experimental spaces summary response. Please see the upgrade notes if you have customised room_invite_state_types in your configuration. (#9915, #9966)
+* Improve performance of backfilling in large rooms. (#9935)
+
+[1.25.0]
+* Update Synapse to 1.35.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.35.0)
+* Add experimental support to allow a user who could join a restricted room to view it in the spaces summary. (#9922, #10007, #10038)
+* Reduce memory usage when joining very large rooms over federation. (#9958)
+* Add a configuration option which allows enabling opentracing by user id. (#9978)
+* Enable experimental support for MSC2946 (spaces summary API) and MSC3083 (restricted join rules) by default. (#10011)
+
+[1.25.1]
+* Update Synapse to 1.35.1
+* Fix a bug introduced in v1.35.0 where invite-only rooms would be shown to all users in a space, regardless of if the user had access to it. (#10109)
+
+[1.26.0]
+* Update Synapse to 1.36.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.36.0)
+
+[1.27.0]
+* Update Synapse to 1.38.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.38.0)
+* Implement refresh tokens as specified by MSC2918. (#9450)
+* Add support for evicting cache entries based on last access time. (#10205)
+* Omit empty fields from the /sync response. Contributed by @deepbluev7. (#10214)
+* Improve validation on federation send_{join,leave,knock} endpoints. (#10225, #10243)
+* Mark events received over federation which fail a spam check as "soft-failed". (#10263)
+* Add metrics for new inbound federation staging area. (#10284)
+* Add script to print information about recently registered users. (#10290)
+
+[1.27.1]
+* Update Synapse to 1.38.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.38.1)
+
+[1.28.0]
+* Update Synapse to 1.39.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.39.0)
+
+[1.29.0]
+* Update Synapse to 1.40.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.40.0)
+
+[1.30.0]
+* Update Synapse to 1.41.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.41.0)
+
+[1.30.1]
+* Send logs to the console
+* Fix postinstall message about federation
+
+[1.30.2]
+* Update Synapse to 1.41.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.41.1)
+* GHSA-3x4c-pq33-4w3q / CVE-2021-39164: Enumerating a private room's list of members and their display names.
+* GHSA-jj53-8fmw-f2w2 / CVE-2021-39163: Disclosing a private room's name, avatar, topic, and number of members.
+
+[1.31.0]
+* Update Synapse to 1.42.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.42.0)
+* Support room version 9 from MSC3375. (#10747)
+* Add support for MSC3231: Token authenticated registration. Users can be required to submit a token during registration to authenticate themselves. Contributed by Callum Brown. (#10142)
+* Add support for MSC3283: Expose enable_set_displayname in capabilities. (#10452)
+* Port the PresenceRouter module interface to the new generic interface. (#10524)
+* Add pagination to the spaces summary based on updates to MSC2946. (#10613, #10725)
+
+[1.32.0]
+* Update Synapse to 1.43.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.43.0)
+
+[1.33.0]
+* Update Synapse to 1.44.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.44.0)
+* Only allow the MSC2716 /batch_send?chunk_id=xxx endpoint to connect to an already existing insertion event. (#10776)
+* Improve oEmbed URL previews by processing the author name, photo, and video information. (#10814, #10819)
+* Speed up responding with large JSON objects to requests. (#10868, #10905)
+* Add a user_may_create_room_with_invites spam checker callback to allow modules to allow or deny a room creation request based on the invites and/or 3PID invites it includes. (#10898)
+
+[1.34.0]
+* Update Synapse to 1.45.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.45.0)
+* Fix a long-standing bug when using multiple event persister workers where events were not correctly sent down /sync due to a race. (#11045)
+* Fix a bug introduced in Synapse 1.45.0rc1 where the user directory would stop updating if it processed an event from a user not in the users table. (#11053)
+* Fix a bug introduced in Synapse 1.44.0 when logging errors during oEmbed processing. (#11061)
+
+[1.34.1]
+* Update Synapse to 1.45.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.45.1)
+* Revert change to counting of deactivated users towards the monthly active users limit, introduced in 1.45.0rc1. (#11127)
+
+[1.35.0]
+* Update Synapse to 1.46.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.46.0)
+* Fix a bug introduced in v1.46.0rc1 where URL previews of some XML documents would fail. (#11196)
+
+[1.36.0]
+* Update Synapse to 1.47.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.47.0)
+* Fix a bug introduced in 1.47.0rc1 which caused worker processes to not halt startup in the presence of outstanding database migrations. (#11346)
+* Fix a bug introduced in 1.47.0rc1 which prevented the 'remove deleted devices from device_inbox column' background process from running when updating from a recent Synapse version. (#11303, #11353)
+
+[1.36.1]
+* Update Synapse to 1.47.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.47.1)
+* GHSA-3hfw-x7gx-437c / CVE-2021-41281: Path traversal when downloading remote media.
+
+[1.37.0]
+* Update Synapse to 1.48.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.48.0)
+
+[1.38.0]
+* Update Synapse to 1.49.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.49.0)
+
+[1.38.1]
+* Update Synapse to 1.49.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.49.2)
+
+[1.38.2]
+* Update Synapse to 1.50.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.50.1)
+
+[1.38.3]
+* Update Synapse to 1.50.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.50.2)
+* Fix a bug introduced in Synapse 1.40.0 that caused Synapse to fail to process incoming federation traffic after handling a large amount of events in a v1 room. (#11806)
+
+[1.38.4]
+* Update Synapse to 1.51.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.51.0)
+
+[1.38.5]
+* Update Synapse to 1.52.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.52.0)
+* Remove account data (including client config, push rules and ignored users) upon user deactivation. (#11621, #11788, #11789)
+* Add an admin API to reset connection timeouts for remote server. (#11639)
+* Add an admin API to get a list of rooms that federate with a given remote homeserver. (#11658)
+* Add a config flag to inhibit M_USER_IN_USE during registration. (#11743)
+* Add a module callback to set username at registration. (#11790)
+* Allow configuring a maximum file size as well as a list of allowed content types for avatars. (#11846)
+
+[1.38.6]
+* Update Synapse to 1.53.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.53.0)
+* Add experimental support for sending to-device messages to application services, as specified by MSC2409. (#11215, #11966)
+* Add a background database update to purge account data for deactivated users. (#11655)
+* Experimental support for MSC3666: including bundled aggregations in server side search results. (#11837)
+* Enable cache time-based expiry by default. The expiry_time config flag has been superseded by expire_caches and cache_entry_ttl. (#11849)
+* Add a callback to allow modules to allow or forbid a 3PID (email address, phone number) from being associated to a local account. (#11854)
+* Stabilize support and remove unstable endpoints for MSC3231. Clients must switch to the stable identifier and endpoint. See the upgrade notes for more information. (#11867)
+* Allow modules to retrieve the current instance's server name and worker name. (#11868)
+* Use a dedicated configurable rate limiter for 3PID invites. (#11892)
+* Support the stable API endpoint for MSC3283: new settings in /capabilities endpoint. (#11933, #11989)
+* Support the dir parameter on the /relations endpoint, per MSC3715. (#11941)
+* Experimental implementation of MSC3706: extensions to /send_join to support reduced response size. (#11967)
+
+[1.39.0]
+* Update Synapse to 1.54.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.54.0)
+* Fix a bug introduced in Synapse 1.54.0rc1 preventing the new module callbacks introduced in this release from being registered by modules. (#12141)
+* Fix a bug introduced in Synapse 1.54.0rc1 where runtime dependency version checks would mistakenly check development dependencies if they were present and would not accept pre-release versions of dependencies. (#12129, #12177)
+
+[1.40.0]
+* Update Synapse to 1.55.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.55.0)
+* Add third-party rules callbacks check_can_shutdown_room and check_can_deactivate_user. (#12028)
+* Improve performance of logging in for large accounts. (#12132)
+* Support the stable identifiers from MSC3440: threads. (#12151)
+* Add a new Jinja2 template filter to extract the local part of an email address. (#12212)
+
+[1.40.1]
+* Update Synapse to 1.55.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.55.2)
+
+[1.41.0]
+* Update Synapse to 1.57.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.57.0)
+
+[1.41.1]
+* Update Synapse to 1.57.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.57.1)
+
+[1.42.0]
+* Update Synapse to 1.58.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.58.0)
+* Implement MSC3383 for including the destination in server-to-server authentication headers. Contributed by @Bubu and @jcgruenhage for Famedly. (#11398)
+* Enable processing of device list updates asynchronously. (#12365, #12465)
+* Implement MSC2815 to allow room moderators to view redacted event content. Contributed by @tulir @ Beeper. (#12427)
+
+[1.43.0]
+* Update Synapse to 1.59.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.59.0)
+
+[1.43.1]
+* Update Synapse to 1.59.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.59.1)
+
+[1.44.0]
+* Update Synapse to 1.60.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.60.0)
+* Add an option allowing users to use their password to reauthenticate for privileged actions even though password login is disabled. (#12883)
+* Explicitly close ijson coroutines once we are done with them, instead of leaving the garbage collector to close them. (#12875)
+* Improve URL previews by not including the content of media tags in the generated description. (#12887)
+
+[1.45.0]
+* Update Synapse to 1.61.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.61.0)
+* Add new media_retention options to the homeserver config for routinely cleaning up non-recently accessed media. (#12732, #12972, #12977)
+* Experimental support for MSC3772: Push rule for mutually related events. (#12740, #12859)
+* Update to the check_event_for_spam module callback: Deprecate the current callback signature, replace it with a new signature that is both less ambiguous (replacing booleans with explicit allow/block) and more powerful (ability to return explicit error codes). (#12808)
+* Add storage and module API methods to get monthly active users (and their corresponding appservices) within an optionally specified time range. (#12838, #12917)
+* Support the new error code ORG.MATRIX.MSC3823.USER_ACCOUNT_SUSPENDED from MSC3823. (#12845, #12923)
+* Add a configurable background job to delete stale devices. (#12855)
+* Improve URL previews for pages with empty elements. (#12951)
+* Allow updating a user's password using the admin API without logging out their devices. Contributed by @jcgruenhage. (#12952)
+
+[1.45.1]
+* Add s3 storage provider module
+
+[1.45.2]
+* Update Synapse to 1.61.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.61.1)
+* Linkify GHSA commit
+
+[1.46.0]
+* Update Synapse to 1.62.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.62.0)
+
+[1.47.0]
+* Update Synapse to 1.63.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.63.0)
+
+[1.47.1]
+* Update Synapse to 1.63.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.63.1)
+* Fix a bug introduced in Synapse 1.63.0 where push actions were incorrectly calculated for appservice users. This caused performance issues on servers with large numbers of appservices. (#13332)
+
+[1.48.0]
+* Update Synapse to 1.64.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.64.0)
+

CloudronManifest.json

@@ -5,7 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG",
   "tagline": "Secure & decentralized communication",
-  "version": "1.15.0-1",
+  "version": "1.48.0",
+  "upstreamVersion": "1.64.0",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,
@@ -13,7 +14,7 @@
     "localstorage": {},
     "ldap": {},
     "postgresql": {},
-    "sendmail": {},
+    "sendmail": { "supportsDisplayName": true },
     "turn": {}
   },
   "manifestVersion": 2,
@@ -30,7 +31,7 @@
   ],
   "changelog": "file://CHANGELOG",
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "5.3.0",
+  "minBoxVersion": "7.2.0",
   "forumUrl": "https://forum.cloudron.io/category/50/matrix-synapse-riot",
   "documentationUrl": "https://docs.cloudron.io/apps/synapse/",
   "optionalSso": true

DESCRIPTION.md

@@ -1,12 +1,10 @@
-This app packages Synapse <upstream>1.24.0</upstream>.
-
 **This package only provides the Matrix backend. A variety of clients are available
 [here](https://matrix.org/clients/). Riot is a popular web frontend for Matrix and
 is available as a separate app.**
 
-Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP.
+## About
 
-## Matrix
+Matrix is an ambitious new ecosystem for open federated Instant Messaging and VoIP.
 
 Matrix specifies a set of pragmatic RESTful HTTP JSON APIs as an open standard, which handle:
 
@@ -18,7 +16,7 @@ Matrix specifies a set of pragmatic RESTful HTTP JSON APIs as an open standard,
 * Using 3rd Party IDs (3PIDs) such as email addresses, phone numbers, Facebook accounts to authenticate, identify and discover users on Matrix.
 * Placing 1:1 VoIP and Video calls
 
-## Synapse
+## What is Synapse?
 
 Synapse is a reference "homeserver" implementation of Matrix from the core development
 team at matrix.org, written in Python/Twisted.

Dockerfile

@@ -1,26 +1,23 @@
-FROM cloudron/base:2.0.0@sha256:f9fea80513aa7c92fe2e7bf3978b54c8ac5222f47a9a32a7f8833edf0eb5a4f4
+FROM cloudron/base:3.2.0@sha256:ba1d566164a67c266782545ea9809dc611c4152e27686fd14060332dd88263ea
  
 RUN mkdir -p /app/pkg
 
 WORKDIR /app/code
 
-ARG VERSION=v1.24.0
-
 # https://pythonspeed.com/articles/activate-virtualenv-dockerfile/
 RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
+ARG VERSION=v1.64.0
+
 # Synapse (https://github.com/matrix-org/synapse/blob/master/INSTALL.md)
 # lxml - required for previews
 RUN pip install --upgrade pip && \
     pip install --upgrade setuptools && \
-    pip install matrix-synapse==${VERSION} psycopg2-binary python-ldap matrix-synapse-ldap3 lxml publicsuffix2
+    pip install matrix-synapse==${VERSION} psycopg2-binary python-ldap matrix-synapse-ldap3 lxml publicsuffix2 git+https://github.com/matrix-org/synapse-s3-storage-provider.git@ffd3fa477321608e57d27644197e721965e0e858
 
-RUN curl -sL https://github.com/mikefarah/yq/releases/download/3.2.1/yq_linux_amd64 -o /usr/bin/yq && \
-    chmod +x /usr/bin/yq
-
-RUN ln -sf /app/data/index.html /app/code/env/lib/python3.6/site-packages/synapse/static/index.html
+RUN ln -sf /app/data/index.html /app/code/env/lib/python3.8/site-packages/synapse/static/index.html
 
 RUN chown -R cloudron.cloudron /app/code
 

POSTINSTALL.md

@@ -1,8 +1,6 @@
 Account ids are created with the username and the second level domain under which the
 app is installed e.g. `@$CLOUDRON-USERNAME@$CLOUDRON-APP-DOMAIN`.
 
-For federation to work, the second level domain has to be configured to serve up the
-`.well-known/domain.com/matrix` URI. See the 
-[federation docs](https://cloudron.io/documentation/apps/synapse/) on
-how to do this.
+For federation to work, the delegation URI `https://$CLOUDRON-APP-DOMAIN/.well-known/matrix/server`
+must be configured. See the [docs](https://docs.cloudron.io/apps/synapse/#post-installation) on how to do this.
 

homeserver.yaml.template

@@ -72,6 +72,7 @@ federation_ip_range_blacklist:
   - 'fc00::/7'
 
 enable_registration: false
+enable_registration_without_verification: true
 registration_shared_secret: "somesecret"
 allow_guest_access: false
 

start.sh

@@ -21,62 +21,74 @@ if [[ ! -f /app/data/configs/homeserver.yaml ]]; then
     # fix logging configuration
     cp /app/pkg/homeserver.yaml.template /app/data/configs/homeserver.yaml
     mv /app/data/configs/${server_name}.log.config /app/data/configs/log.config
-    yq w -i /app/data/configs/homeserver.yaml log_config /app/data/configs/log.config
-    yq w -i /app/data/configs/log.config handlers.file.filename /run/synapse/homeserver.log
+    yq eval -i ".log_config=\"/app/data/configs/log.config\"" /app/data/configs/homeserver.yaml
+
+    # delete default file and buffer handlers
+    yq eval -i "del(.handlers.file)" /app/data/configs/log.config
+    yq eval -i "del(.handlers.buffer)" /app/data/configs/log.config
 
     mv /app/data/configs/${server_name}.signing.key /app/data/configs/signing.key
 
-    yq w -i /app/data/configs/homeserver.yaml server_name "${server_name}"
-    yq w -i /app/data/configs/homeserver.yaml registration_shared_secret "$(pwgen -1s 64)"
+    yq eval -i ".server_name=\"${server_name}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".registration_shared_secret=\"$(pwgen -1s 64)\"" /app/data/configs/homeserver.yaml
 
-    yq w -i /app/data/configs/homeserver.yaml auto_join_rooms "[]"
-    yq w -i /app/data/configs/homeserver.yaml auto_join_rooms\[0\] "#discuss:${server_name}"
+    yq eval -i ".auto_join_rooms=[]" /app/data/configs/homeserver.yaml
+    yq eval -i ".auto_join_rooms[0]=\"#discuss:${server_name}\"" /app/data/configs/homeserver.yaml
 
     if [[ -z "${CLOUDRON_LDAP_SERVER:-}" ]]; then
-        yq w -i /app/data/configs/homeserver.yaml enable_registration true
-        yq w -i /app/data/configs/homeserver.yaml password_config.pepper "$(pwgen -1s 12)"
+        yq eval -i ".enable_registration=true" /app/data/configs/homeserver.yaml
+        yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml
+        # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
+        yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
     fi
 fi
 
+echo "==> Ensure we log to console"
+yq eval -i ".root.handlers=[\"console\"]" /app/data/configs/log.config
+yq eval -i ".loggers.twisted.handlers=[\"console\"]" /app/data/configs/log.config
+
 [[ ! -f /app/data/index.html ]] && cp /app/pkg/index.html /app/data/index.html
 
 echo "==> Configuring synapse"
-yq w -i /app/data/configs/homeserver.yaml public_baseurl "${CLOUDRON_APP_ORIGIN}"
+yq eval -i ".public_baseurl=\"${CLOUDRON_APP_ORIGIN}\"" /app/data/configs/homeserver.yaml
 
 # database
-yq w -i /app/data/configs/homeserver.yaml database.args.user "${CLOUDRON_POSTGRESQL_USERNAME}"
-yq w -i /app/data/configs/homeserver.yaml database.args.password "${CLOUDRON_POSTGRESQL_PASSWORD}"
-yq w -i /app/data/configs/homeserver.yaml database.args.database "${CLOUDRON_POSTGRESQL_DATABASE}"
-yq w -i /app/data/configs/homeserver.yaml database.args.host "${CLOUDRON_POSTGRESQL_HOST}"
+yq eval -i ".database.args.user=\"${CLOUDRON_POSTGRESQL_USERNAME}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.password=\"${CLOUDRON_POSTGRESQL_PASSWORD}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.database=\"${CLOUDRON_POSTGRESQL_DATABASE}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".database.args.host=\"${CLOUDRON_POSTGRESQL_HOST}\"" /app/data/configs/homeserver.yaml
 
 # email
-yq w -i /app/data/configs/homeserver.yaml email.smtp_host "${CLOUDRON_MAIL_SMTP_SERVER}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_port "${CLOUDRON_MAIL_SMTP_PORT}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_user "${CLOUDRON_MAIL_SMTP_USERNAME}"
-yq w -i /app/data/configs/homeserver.yaml email.smtp_pass "${CLOUDRON_MAIL_SMTP_PASSWORD}"
-yq w -i /app/data/configs/homeserver.yaml email.notif_from "%(app)s <${CLOUDRON_MAIL_FROM}>"
+yq eval -i ".email.smtp_host=\"${CLOUDRON_MAIL_SMTP_SERVER}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_port=${CLOUDRON_MAIL_SMTP_PORT}" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_user=\"${CLOUDRON_MAIL_SMTP_USERNAME}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.smtp_pass=\"${CLOUDRON_MAIL_SMTP_PASSWORD}\"" /app/data/configs/homeserver.yaml
+yq eval -i ".email.notif_from=\"${CLOUDRON_MAIL_FROM_DISPLAY_NAME:-Matrix} <${CLOUDRON_MAIL_FROM}>\"" /app/data/configs/homeserver.yaml
 
 # ldap
 if [[ -n "${CLOUDRON_LDAP_SERVER:-}" ]]; then
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.uri' "${CLOUDRON_LDAP_URL}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.start_tls' false
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.base' "${CLOUDRON_LDAP_USERS_BASE_DN}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.bind_dn' "${CLOUDRON_LDAP_BIND_DN}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.bind_password' "${CLOUDRON_LDAP_BIND_PASSWORD}"
-    yq w -i /app/data/configs/homeserver.yaml 'password_providers[0].config.filter' "(objectClass=user)"
+    yq eval -i ".password_providers[0].config.uri=\"${CLOUDRON_LDAP_URL}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.start_tls=false" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.base=\"${CLOUDRON_LDAP_USERS_BASE_DN}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.bind_dn=\"${CLOUDRON_LDAP_BIND_DN}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.bind_password=\"${CLOUDRON_LDAP_BIND_PASSWORD}\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".password_providers[0].config.filter=\"(objectClass=user)\"" /app/data/configs/homeserver.yaml
+
 else
-    yq w -i /app/data/configs/homeserver.yaml password_config.localdb_enabled true
+    yq eval -i ".password_config.localdb_enabled=true" /app/data/configs/homeserver.yaml
+    # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
+    yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
 fi
 
 # turn (https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md#synapse-setup)
-yq w -i /app/data/configs/homeserver.yaml turn_uris "[]"
-yq w -i /app/data/configs/homeserver.yaml turn_uris\[0\] "turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp"
-yq w -i /app/data/configs/homeserver.yaml turn_uris\[1\] "turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp"
-yq w -i /app/data/configs/homeserver.yaml turn_shared_secret "${CLOUDRON_TURN_SECRET}"
+yq eval -i ".turn_uris=[]" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_uris[0]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp\"" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_uris[1]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp\"" /app/data/configs/homeserver.yaml
+yq eval -i ".turn_shared_secret=\"${CLOUDRON_TURN_SECRET}\"" /app/data/configs/homeserver.yaml
 
 # fix permissions
 echo "==> Fixing permissions"
 chown -R cloudron.cloudron /app/data /run/synapse
 
 echo "==> Starting synapse"
-gosu cloudron:cloudron python3 -m synapse.app.homeserver --config-path /app/data/configs/homeserver.yaml
+gosu cloudron:cloudron python3 -m synapse.app.homeserver --config-path /app/data/configs/homeserver.yaml -n

test/package.json

@@ -9,14 +9,11 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^86.0.0",
-    "ejs": "^3.1.5",
+    "chromedriver": "^103.0.0",
     "expect.js": "^0.3.1",
-    "mkdirp": "^1.0.4",
-    "mocha": "^8.1.3",
-    "rimraf": "^3.0.2",
+    "mocha": "^10.0.0",
     "selenium-server-standalone-jar": "^3.141.59",
-    "selenium-webdriver": "^3.6.0",
-    "superagent": "^6.1.0"
+    "selenium-webdriver": "^4.3.1",
+    "superagent": "^8.0.0"
   }
 }

test/test.js

@@ -1,11 +1,11 @@
 #!/usr/bin/env node
 
-/* jslint node:true */
-/* global it:false */
-/* global xit:false */
-/* global describe:false */
-/* global before:false */
-/* global after:false */
+/* jshint esversion: 8 */
+/* global describe */
+/* global before */
+/* global after */
+/* global it */
+/* global xit */
 
 'use strict';
 
@@ -15,47 +15,42 @@ var execSync = require('child_process').execSync,
     expect = require('expect.js'),
     path = require('path'),
     superagent = require('superagent'),
-    webdriver = require('selenium-webdriver');
-
-var by = require('selenium-webdriver').By,
-    until = require('selenium-webdriver').until,
-    Key = require('selenium-webdriver').Key;
+    { Builder, By, Key, until } = require('selenium-webdriver'),
+    { Options } = require('selenium-webdriver/chrome');
 
 describe('Application life cycle test', function () {
     this.timeout(0);
-    var server, browser = new webdriver.Builder().forBrowser('chrome').build();
 
-    var LOCATION = 'test';
-    var app;
-    var username = process.env.USERNAME;
-    var password = process.env.PASSWORD;
-    var TIMEOUT = process.env.TIMEOUT | 30000;
+    const LOCATION = 'test';
+    const TEST_TIMEOUT = 10000;
+    const EXEC_ARGS = { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' };
+
+    const username = process.env.USERNAME;
+    const password = process.env.PASSWORD;
+
+    var app, browser;
     var token, roomId;
 
-    before(function (done) {
-        if (!process.env.USERNAME) return done(new Error('USERNAME env var not set'));
-        if (!process.env.PASSWORD) return done(new Error('PASSWORD env var not set'));
+    before(function () {
+        if (!process.env.USERNAME) throw new Error('USERNAME env var not set');
+        if (!process.env.PASSWORD) throw new Error('PASSWORD env var not set');
 
-        var seleniumJar= require('selenium-server-standalone-jar');
-        var SeleniumServer = require('selenium-webdriver/remote').SeleniumServer;
-        server = new SeleniumServer(seleniumJar.path, { port: 4444 });
-        server.start();
-
-        done();
+        browser = new Builder().forBrowser('chrome').setChromeOptions(new Options().windowSize({ width: 1280, height: 1024 })).build();
     });
 
-    after(function (done) {
+    after(function () {
         browser.quit();
-        server.stop();
-        done();
     });
 
-    function checkLandingPage(done) {
-        browser.get('https://' + app.fqdn).then(function () {
-            return browser.wait(until.elementLocated(by.xpath('//h1[contains(text(),"Synapse is running")]')), TIMEOUT);
-        }).then(function () {
-            done();
-        });
+    function getAppInfo() {
+        var inspect = JSON.parse(execSync('cloudron inspect'));
+        app = inspect.apps.filter(function (a) { return a.location.indexOf(LOCATION) === 0; })[0];
+        expect(app).to.be.an('object');
+    }
+
+    async function checkLandingPage() {
+        await browser.get(`https://${app.fqdn}`);
+        await browser.wait(until.elementLocated(By.xpath('//h1[contains(text(),"Synapse is running")]')), TEST_TIMEOUT);
     }
 
     // https://matrix.org/docs/spec/client_server/latest#user-interactive-api-in-the-rest-api
@@ -82,7 +77,7 @@ describe('Application life cycle test', function () {
                 if (error) return done(error);
                 if (result.statusCode !== 200) return done(new Error('Login failed with status ' + result.statusCode));
 
-                console.log('registered user with id', result.user_id);
+                console.log('registered user with id', result.body.user_id);
 
                 done();
             });
@@ -141,22 +136,12 @@ describe('Application life cycle test', function () {
         });
     }
 
-    xit('build app', function () {
-        execSync('cloudron build', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    xit('build app', function () { execSync('cloudron build', EXEC_ARGS); });
 
     // No SSO
-    it('install app (no sso)', function () {
-        execSync('cloudron install --no-sso --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('install app (no sso)', function () { execSync('cloudron install --no-sso --location ' + LOCATION, EXEC_ARGS); });
 
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can register new user', registerUser);
@@ -165,22 +150,12 @@ describe('Application life cycle test', function () {
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // SSO
-    it('install app', function () {
-        execSync('cloudron install --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
 
-    it('can get app information', function () {
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-
-        expect(app).to.be.an('object');
-    });
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can login', checkLogin);
@@ -188,28 +163,22 @@ describe('Application life cycle test', function () {
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('can restart app', function (done) {
-        execSync('cloudron restart');
-        done();
-    });
+    it('can restart app', function () { execSync('cloudron restart'); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
-    it('backup app', function () {
-        execSync('cloudron backup create --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('backup app', function () { execSync('cloudron backup create --app ' + app.id, EXEC_ARGS); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
     it('restore app', function () {
         const backups = JSON.parse(execSync('cloudron backup list --raw'));
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        execSync('cloudron install --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        execSync(`cloudron restore --backup ${backups[0].id} --app ${app.id}`, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
+        execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS);
+        execSync('cloudron install --location ' + LOCATION, EXEC_ARGS);
+        getAppInfo();
+        execSync(`cloudron restore --backup ${backups[0].id} --app ${app.id}`, EXEC_ARGS);
     });
 
     it('check landing page', checkLandingPage);
@@ -217,40 +186,29 @@ describe('Application life cycle test', function () {
 
     it('move to different location', function () {
         browser.manage().deleteAllCookies();
-        execSync('cloudron configure --location ' + LOCATION + '2', { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION + '2'; })[0];
-        expect(app).to.be.an('object');
+        execSync('cloudron configure --location ' + LOCATION + '2', EXEC_ARGS);
+        getAppInfo();
     });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
 
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // test update
-    it('can install app', function () {
-        execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-        var inspect = JSON.parse(execSync('cloudron inspect'));
-        app = inspect.apps.filter(function (a) { return a.location === LOCATION; })[0];
-        expect(app).to.be.an('object');
-    });
+    it('can install app', function () { execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, EXEC_ARGS); });
+
+    it('can get app information', getAppInfo);
 
     it('check landing page', checkLandingPage);
     it('can login', checkLogin);
     it('create room', createRoom);
     it('check room', checkRoom);
 
-    it('can update', function () {
-        execSync('cloudron update --app ' + LOCATION, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
+    it('can update', function () { execSync('cloudron update --app ' + LOCATION, EXEC_ARGS); });
 
     it('check landing page', checkLandingPage);
     it('check room', checkRoom);
-    it('uninstall app', function () {
-        execSync('cloudron uninstall --app ' + app.id, { cwd: path.resolve(__dirname, '..'), stdio: 'inherit' });
-    });
-});
 
+    it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
+});