Bump version

CHANGELOG.md

@@ -1114,3 +1114,97 @@
 [1.82.0]
 * Switch LDAP authentication to OIDC login
 
+[1.83.0]
+* Update Synapse to 1.97.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.97.0)
+* Add support for asynchronous uploads as defined by MSC2246. Contributed by @sumnerevans at @beeper. (#15503)
+* Improve the performance of some operations in multi-worker deployments. (#16613, #16616)
+* Fix a long-standing bug where some queries updated the same row twice. Introduced in Synapse 1.57.0. (#16609)
+* Fix a long-standing bug where Synapse would not unbind third-party identifiers for Application Service users when deactivated and would not emit a compliant response. (#16617)
+* Fix sending out of order POSITION over replication, causing additional database load. (#16639)
+
+[1.84.0]
+* Update Synapse to 1.98.0
+* [Full changelog](https://github.com/matrix-org/synapse/releases/tag/v1.98.0)
+* Synapse now declares support for Matrix v1.7, v1.8, and v1.9. (#16707)
+* Add `on_user_login` module API callback for when a user logs in. (#15207)
+* Support MSC4069: Inhibit profile propagation. (#16636)
+* Restore tracking of requests and monthly active users when delegating authentication via MSC3861 to an OIDC provider. (#16672)
+* Add an autojoin setting for server notices rooms, so users may be joined directly instead of receiving an invite. (#16699)
+* Follow redirects when downloading media over federation (per MSC3860). (#16701)
+
+[1.85.0]
+* Update public suffix list as part of the base image to get the latest domains
+
+[1.86.0]
+* Update Synapse to 1.99.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.99.0)
+* Add config options to set the avatar and the topic of the server notices room, as well as the avatar of the server notices user. (\https://github.com/element-hq/synapse/issues/16679)
+* Add config option email.notif_delay_before_mail to tweak the delay before an email is sent following a notification. (\https://github.com/element-hq/synapse/issues/16696)
+* Add new configuration option sentry.environment for improved system monitoring. Contributed by @zeeshanrafiqrana. (\https://github.com/element-hq/synapse/issues/16738)
+* Filter out rooms from the room directory being served to other homeservers when those rooms block that homeserver by their Access Control Lists. (\https://github.com/element-hq/synapse/pull/16759)
+* Fix a long-standing bug where the signing keys generated by Synapse were world-readable. Contributed by Fabian Klemp. (\https://github.com/element-hq/synapse/issues/16740)
+* Fix email verification redirection. Contributed by Fadhlan Ridhwanallah. (\https://github.com/element-hq/synapse/pull/16761)
+* Fixed a bug that prevented users from being queried by display name if it contains non-ASCII characters. (\https://github.com/element-hq/synapse/pull/16767)
+* Allow reactivate user without password with Admin API in some edge cases. (\https://github.com/element-hq/synapse/pull/16770)
+* Adds the recursion_depth parameter to the response of the /relations endpoint if MSC3981 recursion is being performed. (\https://github.com/element-hq/synapse/pull/16775)
+* Added version picker for Synapse documentation. Contributed by @Dmytro27Ind. (\https://github.com/element-hq/synapse/issues/16533)
+* Clarify that password_config.enabled: "only_for_reauth" does not allow new logins to be created using password auth. (\https://github.com/element-hq/synapse/issues/16737)
+* Remove value from header in configuration documentation for refresh_token_lifetime. (\https://github.com/element-hq/synapse/pull/16763)
+* Add another custom statistics collection server to the documentation. Contributed by @loelkes. (\https://github.com/element-hq/synapse/pull/16769)
+* Remove run-once workflow after adding the version picker to the documentation. (\https://github.com/element-hq/synapse/pull/9453)
+* Update the implementation of [MSC2965](matrix-org/matrix-spec-proposals#2965) (OIDC Provider discovery). (\https://github.com/element-hq/synapse/issues/16726)
+* Move the rust stubs inline for better IDE integration. (\https://github.com/element-hq/synapse/pull/16757)
+* Fix sample config doc CI. (\https://github.com/element-hq/synapse/pull/16758)
+* Simplify event internal metadata class. (\https://github.com/element-hq/synapse/pull/16762, \https://github.com/element-hq/synapse/pull/16780)
+* Sign the published docker image using cosign. (\https://github.com/element-hq/synapse/pull/16774)
+* Port EventInternalMetadata class to Rust. (\https://github.com/element-hq/synapse/pull/16782)
+* Bump actions/setup-go from 4 to 5. (\https://github.com/element-hq/synapse/issues/16749)
+* Bump actions/setup-python from 4 to 5. (\https://github.com/element-hq/synapse/issues/16748)
+* Bump immutabledict from 3.0.0 to 4.0.0. (\https://github.com/element-hq/synapse/issues/16743)
+* Bump isort from 5.12.0 to 5.13.0. (\https://github.com/element-hq/synapse/issues/16745)
+* Bump isort from 5.13.0 to 5.13.1. (\https://github.com/element-hq/synapse/issues/16752)
+* Bump pydantic from 2.5.1 to 2.5.2. (\https://github.com/element-hq/synapse/issues/16747)
+* Bump ruff from 0.1.6 to 0.1.7. (\https://github.com/element-hq/synapse/issues/16746)
+* Bump types-setuptools from 68.2.0.2 to 69.0.0.0. (\https://github.com/element-hq/synapse/issues/16744)
+
+[1.87.0]
+* Update Synapse to 1.100.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.100.0)
+* Fix database performance regression due to changing Postgres table statistics. Introduced in v1.100.0rc1. (#16849)
+* Advertise experimental support for MSC4028 through /matrix/clients/versions if enabled. Contributed by @hanadi92. (#16787)
+* Handle wildcard type filters properly for room messages endpoint. Contributed by Mo Balaa. (#14984)
+
+[1.88.0]
+* Update Synapse to 1.101.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.101.0)
+* Add support for stabilised MSC3981 that adds a recurse parameter on the /relations API. (#16842)
+* Fix performance regression when fetching auth chains from the DB. Introduced in v1.100.0. (#16893)
+
+[1.89.0]
+* Update Synapse to 1.102.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.102.0)
+* A metric was added for emails sent by Synapse, broken down by type: `synapse_emails_sent_total`. Contributed by Remi Rampin. (#16881)
+* Do not send multiple concurrent requests for keys for the same server. (#16894)
+* Fix performance issue when joining very large rooms that can cause the server to lock up. Introduced in v1.100.0. (#16903)
+* Always prefer unthreaded receipt when >1 exist (MSC4102). (#16927)
+
+[1.90.0]
+* Update Synapse to 1.103.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.103.0)
+* Add a new List Accounts v3 Admin API with improved deactivated user filtering capabilities. (#16874)
+* Include Retry-After header by default per MSC4041. Contributed by @clokep. (#16947)
+* Fix joining remote rooms when a module uses the `on_new_event` callback. This callback may now pass partial state events instead of the full state for remote rooms. Introduced in v1.76.0. (#16973)
+* Fix performance issue when joining very large rooms that can cause the server to lock up. Introduced in v1.100.0. Contributed by @ggogel. (#16968)
+
+[1.91.0]
+* Update Synapse to 1.104.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.104.0)
+* Fix regression when using OIDC provider. Introduced in v1.104.0rc1. (#17031)
+* Add an OIDC config to specify extra parameters for the authorization grant URL. IT can be useful to pass an ACR value for example. (#16971)
+* Add support for OIDC provider returning JWT. (#16972, #17031)
+* Fix a bug which meant that, under certain circumstances, we might never retry sending events or to-device messages over federation after a failure. (#16925)
+* Fix various long-standing bugs which could cause incorrect state to be returned from /sync in certain situations. (#16949)
+* Fix case in which m.fully_read marker would not get updated. Contributed by @SpiritCroc. (#16990)
+* Fix bug which did not retract a user's pending knocks at rooms when their account was deactivated. Contributed by @hanadi92. (#17010)
+

CloudronManifest.json

@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.82.0",
+  "version": "1.91.0",
-  "upstreamVersion": "1.96.1",
+  "upstreamVersion": "1.104.0",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,

Dockerfile

@@ -9,7 +9,7 @@ RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
-ARG VERSION=1.96.1
+ARG VERSION=1.104.0
 
 # https://github.com/matrix-org/synapse-s3-storage-provider
 ARG STORAGE_PROVIDER_VERSION=1beb6af95e1f5caedb8e6e7e1cc176cdb2106d37
@@ -20,8 +20,8 @@ RUN pip install --upgrade pip && \
     pip install --upgrade setuptools && \
     pip install matrix-synapse==v${VERSION} psycopg2-binary python-ldap matrix-synapse-ldap3 lxml publicsuffix2 git+https://github.com/matrix-org/synapse-s3-storage-provider.git@${STORAGE_PROVIDER_VERSION} matrix-synapse[oidc]
 
-# workaround (https://github.com/matrix-org/synapse/issues/15873) . remove after 1.87.0
+# Updated suffix list
-RUN sed -e "s/Image.ANTIALIAS/Image.LANCZOS/" -i /app/code/env/lib/python3.10/site-packages/synapse/media/thumbnailer.py
+RUN curl -L https://publicsuffix.org/list/public_suffix_list.dat -o /app/code/env/lib/python3.10/site-packages/publicsuffix2/public_suffix_list.dat
 
 RUN ln -sf /app/data/index.html /app/code/env/lib/python3.10/site-packages/synapse/static/index.html
 

start.sh

@@ -37,10 +37,10 @@ if [[ ! -f /app/data/configs/homeserver.yaml ]]; then
 
     if [[ -z "${CLOUDRON_OIDC_ISSUER:-}" ]]; then
         yq eval -i ".enable_registration=true" /app/data/configs/homeserver.yaml
-        yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml
         # just setting enabled to false is not enough. see https://github.com/matrix-org/matrix-synapse-ldap3/issues/123
         yq eval -i "del(.password_providers)" /app/data/configs/homeserver.yaml
     fi
+    yq eval -i ".password_config.pepper=\"$(pwgen -1s 12)\"" /app/data/configs/homeserver.yaml # always set this so that users can enable password login if needed
 fi
 
 echo "==> Ensure we log to console"

test/package.json

@@ -9,10 +9,9 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^119.0.1",
+    "chromedriver": "^123.0.1",
     "expect.js": "^0.3.1",
-    "mocha": "^10.2.0",
+    "mocha": "^10.4.0",
-    "selenium-webdriver": "^4.15.0",
+    "selenium-webdriver": "^4.19.0"
-    "superagent": "^8.1.2"
   }
 }

test/test.js

@@ -120,7 +120,7 @@ describe('Application life cycle test', function () {
             await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
             await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
             await browser.sleep(2000);
-            await browser.findElement(By.xpath('//button[@type="submit" and contains(text(), "Sign in")]')).click();
+            await browser.findElement(By.id('loginSubmitButton')).click();
             await browser.sleep(2000);
 
             athenticated_by_oidc = true;
@@ -322,13 +322,14 @@ describe('Application life cycle test', function () {
     });
 
     // test update
-    it('can install app', function () { execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, EXEC_ARGS); });
+    it('can install app for update', function () { execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, EXEC_ARGS); });
     it('can get app info', getAppInfo);
     it('update element-app config', updateSynapseConfig);
 
     it('can get Element app info', getElementAppInfo);
 
-    it('can login', login);
+    it('can login via OIDC', loginOIDC.bind(null, USERNAME, PASSWORD));
+    it('is logged in', isLoggedIn);
     it('create room', createRoom);
     it('can send message', sendMessage);
     it('can logout', logout);