Version 1.80.1

CHANGELOG.md

@@ -1032,3 +1032,74 @@
 * Fix a long-standing bug where the synapse_port_db failed to configure sequences for application services and partial stated rooms. (#16043)
 * Fix long-standing bug with deletion in dehydrated devices v2. (#16046)
 
+[1.74.0]
+* Turn addon can be optionally enabled/disabled
+
+[1.75.0]
+* Update Synapse to 1.91.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.91.0)
+
+[1.75.1]
+* Update Synapse to 1.91.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.91.1)
+* Fix a performance regression introduced in Synapse 1.91.0 where event persistence would cause an excessive linear growth in CPU usage. (#16220)
+
+[1.75.2]
+* Update Synapse to 1.91.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.91.2)
+* Revert MSC3861 introspection cache, admin impersonation and account lock. (#16258)
+
+[1.76.0]
+* Update Synapse to 1.92.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.92.0)
+* Revert MSC3861 introspection cache, admin impersonation and account lock. (#16258)
+* Fix incorrect docstring for Ratelimiter. (#16255)
+
+[1.76.1]
+* Update Synapse to 1.92.2
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.92.2)
+
+[1.76.2]
+* Update Synapse to 1.92.3
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.92.3)
+* Pillow 10.0.1 is now mandatory because of libwebp CVE-2023-4863, since Pillow provides libwebp in the wheels. (#16347)
+
+[1.77.0]
+* Update Synapse to 1.93.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.93.0)
+* GHSA-4f74-84v3-j9q5 / CVE-2023-41335 — Low Severity  Temporary storage of plaintext passwords during password changes.
+* GHSA-7565-cq32-vx2x / CVE-2023-42453 — Low Severity Improper validation of receipts allows forged read receipts.
+* Add automatic purge after all users have forgotten a room. (#15488)
+* Restore room purge/shutdown after a Synapse restart. (#15488)
+* Support resolving homeservers using matrix-fed DNS SRV records from MSC4040. (#16137)
+* Add the ability to use G (GiB) and T (TiB) suffixes in configuration options that refer to numbers of bytes. (#16219)
+* Add span information to requests sent to appservices. Contributed by MTRNord. (#16227)
+* Add the ability to enable/disable registrations when using CAS. Contributed by Aurélien Grimpard. (#16262)
+* Allow the /notifications endpoint to be routed to workers. (#16265)
+
+[1.78.0]
+* Update base image to 4.2.0
+
+[1.79.0]
+* Update Synapse to 1.94.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.94.0)
+* Render plain, CSS, CSV, JSON and common image formats in the browser (inline) when requested through the /download endpoint. (#15988)
+* Add experimental support for MSC4028 to push all encrypted events to clients. (#16361)
+* Minor performance improvement when sending presence to federated servers. (#16385)
+* Minor performance improvement by caching server ACL checking. (#16360)
+
+[1.80.0]
+* Update Synapse to 1.95.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.95.0)
+* Remove legacy unspecced `knock_state_events` field returned in some responses. (#16403)
+* Fix a bug introduced in Synapse 1.81.0 where an AttributeError would be raised when `_matrix/client/v3/account/whoami` is called over a unix socket. Contributed by @Sir-Photch. (#16404)
+* Properly return inline media when content types have parameters. (#16440)
+* Prevent the purging of large rooms from timing out when Postgres is in use. The timeout which causes this issue was introduced in Synapse 1.88.0. (#16455)
+* Improve the performance of purging rooms, particularly encrypted rooms. (#16457)
+* Fix a bug introduced in Synapse 1.59.0 where servers could be incorrectly marked as available after an error response was received. (#16506)
+
+[1.80.1]
+* Update Synapse to 1.95.1
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.95.1)
+* GHSA-mp92-3jfm-3575 / CVE-2023-43796 — Moderate Severity
+

CloudronManifest.json

@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.73.0",
-  "upstreamVersion": "1.90.0",
+  "version": "1.80.1",
+  "upstreamVersion": "1.95.1",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,
@@ -15,7 +15,7 @@
     "ldap": {},
     "postgresql": {},
     "sendmail": { "supportsDisplayName": true },
-    "turn": {}
+    "turn": { "optional": true }
   },
   "manifestVersion": 2,
   "website": "https://matrix.org",
@@ -30,7 +30,7 @@
     "https://screenshots.cloudron.io/org.matrix.synapse/3.png"
   ],
   "postInstallMessage": "file://POSTINSTALL.md",
-  "minBoxVersion": "7.2.0",
+  "minBoxVersion": "7.5.1",
   "forumUrl": "https://forum.cloudron.io/category/50/matrix-synapse-riot",
   "documentationUrl": "https://docs.cloudron.io/apps/synapse/",
   "optionalSso": true

Dockerfile

@@ -1,4 +1,4 @@
-FROM cloudron/base:4.0.0@sha256:31b195ed0662bdb06a6e8a5ddbedb6f191ce92e8bee04c03fb02dd4e9d0286df
+FROM cloudron/base:4.2.0@sha256:46da2fffb36353ef714f97ae8e962bd2c212ca091108d768ba473078319a47f4
 
 RUN mkdir -p /app/pkg
 
@@ -9,7 +9,7 @@ RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
-ARG VERSION=1.90.0
+ARG VERSION=1.95.1
 
 # https://github.com/matrix-org/synapse-s3-storage-provider
 ARG STORAGE_PROVIDER_VERSION=1beb6af95e1f5caedb8e6e7e1cc176cdb2106d37

start.sh

@@ -81,10 +81,12 @@ else
 fi
 
 # turn (https://github.com/matrix-org/synapse/blob/master/docs/turn-howto.md#synapse-setup)
-yq eval -i ".turn_uris=[]" /app/data/configs/homeserver.yaml
-yq eval -i ".turn_uris[0]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp\"" /app/data/configs/homeserver.yaml
-yq eval -i ".turn_uris[1]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp\"" /app/data/configs/homeserver.yaml
-yq eval -i ".turn_shared_secret=\"${CLOUDRON_TURN_SECRET}\"" /app/data/configs/homeserver.yaml
+if [[ -n "${CLOUDRON_TURN_SERVER:-}" ]]; then
+    yq eval -i ".turn_uris=[]" /app/data/configs/homeserver.yaml
+    yq eval -i ".turn_uris[0]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=udp\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".turn_uris[1]=\"turn:${CLOUDRON_TURN_SERVER}:${CLOUDRON_TURN_TLS_PORT}?transport=tcp\"" /app/data/configs/homeserver.yaml
+    yq eval -i ".turn_shared_secret=\"${CLOUDRON_TURN_SECRET}\"" /app/data/configs/homeserver.yaml
+fi
 
 # fix permissions
 echo "==> Fixing permissions"

test/package-lock.json

@@ -9,11 +9,11 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "chromedriver": "^115.0.1",
+        "chromedriver": "^119.0.0",
         "expect.js": "^0.3.1",
         "mocha": "^10.2.0",
-        "selenium-webdriver": "^4.11.1",
-        "superagent": "^8.1.0"
+        "selenium-webdriver": "^4.14.0",
+        "superagent": "^8.1.2"
       }
     },
     "node_modules/@testim/chrome-version": {
@@ -236,9 +236,9 @@
       }
     },
     "node_modules/chromedriver": {
-      "version": "115.0.1",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-115.0.1.tgz",
-      "integrity": "sha512-faE6WvIhXfhnoZ3nAxUXYzeDCKy612oPwpkUp0mVkA7fZPg2JHSUiYOQhUYgzHQgGvDWD5Fy2+M2xV55GKHBVQ==",
+      "version": "119.0.0",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-119.0.0.tgz",
+      "integrity": "sha512-3TmabGT7xg57/Jbsg6B/Kqk3HaSbCP1ZHkR5zNft5vT/IWKjZCAGTH9waMI+i5KHSEiMH0zOw/WF98l+1Npkpw==",
       "hasInstallScript": true,
       "dependencies": {
         "@testim/chrome-version": "^1.1.3",
@@ -253,7 +253,7 @@
         "chromedriver": "bin/chromedriver"
       },
       "engines": {
-        "node": ">=16"
+        "node": ">=18"
       }
     },
     "node_modules/cliui": {
@@ -1166,13 +1166,13 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "node_modules/selenium-webdriver": {
-      "version": "4.11.1",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.11.1.tgz",
-      "integrity": "sha512-bvrnr3UZlLScErOmn8gV6cqc+1PYDHn0575CxUR2U14fMWt7OKxSy0lAThhZq4sq4d1HqP8ebz11oiHSlAQ2WA==",
+      "version": "4.14.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.14.0.tgz",
+      "integrity": "sha512-637rs8anqMKHbWxcBZpyG3Gcs+rBUtAUiqk0O/knUqH4Paj3MFUZrz88/pVGOLNryEVy2z92fZomT8p1ENl1gA==",
       "dependencies": {
         "jszip": "^3.10.1",
         "tmp": "^0.2.1",
-        "ws": ">=8.13.0"
+        "ws": ">=8.14.2"
       },
       "engines": {
         "node": ">= 14.20.0"
@@ -1262,9 +1262,9 @@
       }
     },
     "node_modules/superagent": {
-      "version": "8.1.0",
-      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.0.tgz",
-      "integrity": "sha512-AYkYFEJj3owXXqZU6wvQfOicjYaQY6B6Oa4U7t9oWn/YIPpFUSzA9ire8Exa5bTdtFW05/WY3rPBhJx+T49WOw==",
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.2.tgz",
+      "integrity": "sha512-6WTxW1EB6yCxV5VFOIPQruWGHqc3yI7hEmZK6h+pyk69Lk/Ut7rLUY6W/ONF2MjBuGjvmMiIpsrVJ2vjrHlslA==",
       "dependencies": {
         "component-emitter": "^1.3.0",
         "cookiejar": "^2.1.4",
@@ -1274,8 +1274,8 @@
         "formidable": "^2.1.2",
         "methods": "^1.1.2",
         "mime": "2.6.0",
-        "qs": "^6.11.2",
-        "semver": "^7.5.4"
+        "qs": "^6.11.0",
+        "semver": "^7.3.8"
       },
       "engines": {
         "node": ">=6.4.0 <13 || >=14"
@@ -1374,9 +1374,9 @@
       "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
     },
     "node_modules/ws": {
-      "version": "8.13.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz",
-      "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==",
+      "version": "8.14.2",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.14.2.tgz",
+      "integrity": "sha512-wEBG1ftX4jcglPxgFCMJmZ2PLtSbJ2Peg6TmpJFTbe9GZYOQCDPdMYu/Tm0/bGZkw8paZnJY45J4K2PZrLYq8g==",
       "engines": {
         "node": ">=10.0.0"
       },
@@ -1633,9 +1633,9 @@
       }
     },
     "chromedriver": {
-      "version": "115.0.1",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-115.0.1.tgz",
-      "integrity": "sha512-faE6WvIhXfhnoZ3nAxUXYzeDCKy612oPwpkUp0mVkA7fZPg2JHSUiYOQhUYgzHQgGvDWD5Fy2+M2xV55GKHBVQ==",
+      "version": "119.0.0",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-119.0.0.tgz",
+      "integrity": "sha512-3TmabGT7xg57/Jbsg6B/Kqk3HaSbCP1ZHkR5zNft5vT/IWKjZCAGTH9waMI+i5KHSEiMH0zOw/WF98l+1Npkpw==",
       "requires": {
         "@testim/chrome-version": "^1.1.3",
         "axios": "^1.4.0",
@@ -2300,13 +2300,13 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "selenium-webdriver": {
-      "version": "4.11.1",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.11.1.tgz",
-      "integrity": "sha512-bvrnr3UZlLScErOmn8gV6cqc+1PYDHn0575CxUR2U14fMWt7OKxSy0lAThhZq4sq4d1HqP8ebz11oiHSlAQ2WA==",
+      "version": "4.14.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.14.0.tgz",
+      "integrity": "sha512-637rs8anqMKHbWxcBZpyG3Gcs+rBUtAUiqk0O/knUqH4Paj3MFUZrz88/pVGOLNryEVy2z92fZomT8p1ENl1gA==",
       "requires": {
         "jszip": "^3.10.1",
         "tmp": "^0.2.1",
-        "ws": ">=8.13.0"
+        "ws": ">=8.14.2"
       }
     },
     "semver": {
@@ -2372,9 +2372,9 @@
       "integrity": "sha512-6fPc+R4ihwqP6N/aIv2f1gMH8lOVtWQHoqC4yK6oSDVVocumAsfCqjkXnqiYMhmMwS/mEHLp7Vehlt3ql6lEig=="
     },
     "superagent": {
-      "version": "8.1.0",
-      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.0.tgz",
-      "integrity": "sha512-AYkYFEJj3owXXqZU6wvQfOicjYaQY6B6Oa4U7t9oWn/YIPpFUSzA9ire8Exa5bTdtFW05/WY3rPBhJx+T49WOw==",
+      "version": "8.1.2",
+      "resolved": "https://registry.npmjs.org/superagent/-/superagent-8.1.2.tgz",
+      "integrity": "sha512-6WTxW1EB6yCxV5VFOIPQruWGHqc3yI7hEmZK6h+pyk69Lk/Ut7rLUY6W/ONF2MjBuGjvmMiIpsrVJ2vjrHlslA==",
       "requires": {
         "component-emitter": "^1.3.0",
         "cookiejar": "^2.1.4",
@@ -2384,8 +2384,8 @@
         "formidable": "^2.1.2",
         "methods": "^1.1.2",
         "mime": "2.6.0",
-        "qs": "^6.11.2",
-        "semver": "^7.5.4"
+        "qs": "^6.11.0",
+        "semver": "^7.3.8"
       }
     },
     "supports-color": {
@@ -2457,9 +2457,9 @@
       "integrity": "sha1-tSQ9jz7BqjXxNkYFvA0QNuMKtp8="
     },
     "ws": {
-      "version": "8.13.0",
-      "resolved": "https://registry.npmjs.org/ws/-/ws-8.13.0.tgz",
-      "integrity": "sha512-x9vcZYTrFPC7aSIbj7sRCYo7L/Xb8Iy+pW0ng0wt2vCJv7M9HOMy0UoN3rr+IFC7hb7vXoqS+P9ktyLLLhO+LA==",
+      "version": "8.14.2",
+      "resolved": "https://registry.npmjs.org/ws/-/ws-8.14.2.tgz",
+      "integrity": "sha512-wEBG1ftX4jcglPxgFCMJmZ2PLtSbJ2Peg6TmpJFTbe9GZYOQCDPdMYu/Tm0/bGZkw8paZnJY45J4K2PZrLYq8g==",
       "requires": {}
     },
     "y18n": {

test/package.json

@@ -9,10 +9,10 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^115.0.1",
+    "chromedriver": "^119.0.0",
     "expect.js": "^0.3.1",
     "mocha": "^10.2.0",
-    "selenium-webdriver": "^4.11.1",
-    "superagent": "^8.1.0"
+    "selenium-webdriver": "^4.14.0",
+    "superagent": "^8.1.2"
   }
 }