Bump version

CHANGELOG.md

@@ -1133,3 +1133,145 @@
 * Add an autojoin setting for server notices rooms, so users may be joined directly instead of receiving an invite. (#16699)
 * Follow redirects when downloading media over federation (per MSC3860). (#16701)
 
+[1.85.0]
+* Update public suffix list as part of the base image to get the latest domains
+
+[1.86.0]
+* Update Synapse to 1.99.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.99.0)
+* Add config options to set the avatar and the topic of the server notices room, as well as the avatar of the server notices user. (\https://github.com/element-hq/synapse/issues/16679)
+* Add config option email.notif_delay_before_mail to tweak the delay before an email is sent following a notification. (\https://github.com/element-hq/synapse/issues/16696)
+* Add new configuration option sentry.environment for improved system monitoring. Contributed by @zeeshanrafiqrana. (\https://github.com/element-hq/synapse/issues/16738)
+* Filter out rooms from the room directory being served to other homeservers when those rooms block that homeserver by their Access Control Lists. (\https://github.com/element-hq/synapse/pull/16759)
+* Fix a long-standing bug where the signing keys generated by Synapse were world-readable. Contributed by Fabian Klemp. (\https://github.com/element-hq/synapse/issues/16740)
+* Fix email verification redirection. Contributed by Fadhlan Ridhwanallah. (\https://github.com/element-hq/synapse/pull/16761)
+* Fixed a bug that prevented users from being queried by display name if it contains non-ASCII characters. (\https://github.com/element-hq/synapse/pull/16767)
+* Allow reactivate user without password with Admin API in some edge cases. (\https://github.com/element-hq/synapse/pull/16770)
+* Adds the recursion_depth parameter to the response of the /relations endpoint if MSC3981 recursion is being performed. (\https://github.com/element-hq/synapse/pull/16775)
+* Added version picker for Synapse documentation. Contributed by @Dmytro27Ind. (\https://github.com/element-hq/synapse/issues/16533)
+* Clarify that password_config.enabled: "only_for_reauth" does not allow new logins to be created using password auth. (\https://github.com/element-hq/synapse/issues/16737)
+* Remove value from header in configuration documentation for refresh_token_lifetime. (\https://github.com/element-hq/synapse/pull/16763)
+* Add another custom statistics collection server to the documentation. Contributed by @loelkes. (\https://github.com/element-hq/synapse/pull/16769)
+* Remove run-once workflow after adding the version picker to the documentation. (\https://github.com/element-hq/synapse/pull/9453)
+* Update the implementation of [MSC2965](matrix-org/matrix-spec-proposals#2965) (OIDC Provider discovery). (\https://github.com/element-hq/synapse/issues/16726)
+* Move the rust stubs inline for better IDE integration. (\https://github.com/element-hq/synapse/pull/16757)
+* Fix sample config doc CI. (\https://github.com/element-hq/synapse/pull/16758)
+* Simplify event internal metadata class. (\https://github.com/element-hq/synapse/pull/16762, \https://github.com/element-hq/synapse/pull/16780)
+* Sign the published docker image using cosign. (\https://github.com/element-hq/synapse/pull/16774)
+* Port EventInternalMetadata class to Rust. (\https://github.com/element-hq/synapse/pull/16782)
+* Bump actions/setup-go from 4 to 5. (\https://github.com/element-hq/synapse/issues/16749)
+* Bump actions/setup-python from 4 to 5. (\https://github.com/element-hq/synapse/issues/16748)
+* Bump immutabledict from 3.0.0 to 4.0.0. (\https://github.com/element-hq/synapse/issues/16743)
+* Bump isort from 5.12.0 to 5.13.0. (\https://github.com/element-hq/synapse/issues/16745)
+* Bump isort from 5.13.0 to 5.13.1. (\https://github.com/element-hq/synapse/issues/16752)
+* Bump pydantic from 2.5.1 to 2.5.2. (\https://github.com/element-hq/synapse/issues/16747)
+* Bump ruff from 0.1.6 to 0.1.7. (\https://github.com/element-hq/synapse/issues/16746)
+* Bump types-setuptools from 68.2.0.2 to 69.0.0.0. (\https://github.com/element-hq/synapse/issues/16744)
+
+[1.87.0]
+* Update Synapse to 1.100.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.100.0)
+* Fix database performance regression due to changing Postgres table statistics. Introduced in v1.100.0rc1. (#16849)
+* Advertise experimental support for MSC4028 through /matrix/clients/versions if enabled. Contributed by @hanadi92. (#16787)
+* Handle wildcard type filters properly for room messages endpoint. Contributed by Mo Balaa. (#14984)
+
+[1.88.0]
+* Update Synapse to 1.101.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.101.0)
+* Add support for stabilised MSC3981 that adds a recurse parameter on the /relations API. (#16842)
+* Fix performance regression when fetching auth chains from the DB. Introduced in v1.100.0. (#16893)
+
+[1.89.0]
+* Update Synapse to 1.102.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.102.0)
+* A metric was added for emails sent by Synapse, broken down by type: `synapse_emails_sent_total`. Contributed by Remi Rampin. (#16881)
+* Do not send multiple concurrent requests for keys for the same server. (#16894)
+* Fix performance issue when joining very large rooms that can cause the server to lock up. Introduced in v1.100.0. (#16903)
+* Always prefer unthreaded receipt when >1 exist (MSC4102). (#16927)
+
+[1.90.0]
+* Update Synapse to 1.103.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.103.0)
+* Add a new List Accounts v3 Admin API with improved deactivated user filtering capabilities. (#16874)
+* Include Retry-After header by default per MSC4041. Contributed by @clokep. (#16947)
+* Fix joining remote rooms when a module uses the `on_new_event` callback. This callback may now pass partial state events instead of the full state for remote rooms. Introduced in v1.76.0. (#16973)
+* Fix performance issue when joining very large rooms that can cause the server to lock up. Introduced in v1.100.0. Contributed by @ggogel. (#16968)
+
+[1.91.0]
+* Update Synapse to 1.104.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.104.0)
+* Fix regression when using OIDC provider. Introduced in v1.104.0rc1. (#17031)
+* Add an OIDC config to specify extra parameters for the authorization grant URL. IT can be useful to pass an ACR value for example. (#16971)
+* Add support for OIDC provider returning JWT. (#16972, #17031)
+* Fix a bug which meant that, under certain circumstances, we might never retry sending events or to-device messages over federation after a failure. (#16925)
+* Fix various long-standing bugs which could cause incorrect state to be returned from /sync in certain situations. (#16949)
+* Fix case in which m.fully_read marker would not get updated. Contributed by @SpiritCroc. (#16990)
+* Fix bug which did not retract a user's pending knocks at rooms when their account was deactivated. Contributed by @hanadi92. (#17010)
+
+[1.91.1]
+* Update Synapse to 1.105.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.105.0)
+* Stabilize support for MSC4010 which clarifies the interaction of push rules and account data. Contributed by @clokep. (#17022)
+* Stabilize support for MSC3981: /relations recursion. Contributed by @clokep. (#17023)
+* Add support for moving /pushrules off of main process. (#17037, #17038)
+* Fix various long-standing bugs which could cause incorrect state to be returned from /sync in certain situations. (#16930, #16932, #16942, #17064, #17065, #17066)
+* Fix server notice rooms not always being created as unencrypted rooms, even when encryption_enabled_by_default_for_room_type is in use (server notices are always unencrypted). (#17033)
+* Fix the .m.rule.encrypted_room_one_to_one and .m.rule.room_one_to_one default underride push rules being in the wrong order. Contributed by @Sumpy1. (#17043)
+
+[1.91.2]
+* Update Synapse to 1.105.1
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.105.1)
+* GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity . Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage.
+
+[1.92.0]
+* Update Synapse to 1.106.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.106.0)
+* Send an email if the address is already bound to an user account. (#16819)
+* Implement the rendezvous mechanism described by MSC4108. (#17056)
+* Support delegating the rendezvous mechanism described MSC4108 to an external implementation. (#17086)
+* Add validation to ensure that the limit parameter on /publicRooms is non-negative. (#16920)
+* Return 400 M_NOT_JSON upon receiving invalid JSON in query parameters across various client and admin endpoints, rather than an internal server error. (#16923)
+* Make the CSAPI endpoint /keys/device_signing/upload idempotent. (#16943)
+* Redact membership events if the user requested erasure upon deactivating. (#17076)
+
+[1.93.0]
+* Update Synapse to 1.107.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.107.0)
+
+[1.94.0]
+* Update Synapse to 1.108.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.108.0)
+* Add a feature that allows clients to query the configured federation whitelist. Disabled by default. (#16848, #17199)
+* Add the ability to allow numeric user IDs with a specific prefix when in the CAS flow. Contributed by Aurélien Grimpard. (#17098)
+* Fix bug where push rules would be empty in /sync for some accounts. Introduced in v1.93.0. (#17142)
+* Add support for optional whitespace around the Federation API's Authorization header's parameter commas. (#17145)
+* Fix bug where disabling room publication prevented public rooms being created on workers. (#17177, #17184)
+
+[1.95.0]
+* Update Synapse to 1.109.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.109.0)
+
+[1.96.0]
+* Update Synapse to 1.110.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.110.0)
+
+[1.97.0]
+* Update Synapse to 1.111.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.111.0)
+
+[1.97.1]
+* Update Synapse to 1.111.1
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.111.1)
+
+[1.97.2]
+* Update Synapse to 1.112.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.112.0)
+
+[1.97.3]
+* Update Synapse to 1.113.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.113.0)
+
+[1.97.4]
+* Update Synapse to 1.114.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.114.0)
+

CloudronManifest.json

@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.84.0",
+  "version": "1.97.4",
-  "upstreamVersion": "1.98.0",
+  "upstreamVersion": "1.114.0",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,

Dockerfile

@@ -9,7 +9,7 @@ RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
-ARG VERSION=1.98.0
+ARG VERSION=1.114.0
 
 # https://github.com/matrix-org/synapse-s3-storage-provider
 ARG STORAGE_PROVIDER_VERSION=1beb6af95e1f5caedb8e6e7e1cc176cdb2106d37
@@ -20,8 +20,8 @@ RUN pip install --upgrade pip && \
     pip install --upgrade setuptools && \
     pip install matrix-synapse==v${VERSION} psycopg2-binary python-ldap matrix-synapse-ldap3 lxml publicsuffix2 git+https://github.com/matrix-org/synapse-s3-storage-provider.git@${STORAGE_PROVIDER_VERSION} matrix-synapse[oidc]
 
-# workaround (https://github.com/matrix-org/synapse/issues/15873) . remove after 1.87.0
+# Updated suffix list
-RUN sed -e "s/Image.ANTIALIAS/Image.LANCZOS/" -i /app/code/env/lib/python3.10/site-packages/synapse/media/thumbnailer.py
+RUN curl -L https://publicsuffix.org/list/public_suffix_list.dat -o /app/code/env/lib/python3.10/site-packages/publicsuffix2/public_suffix_list.dat
 
 RUN ln -sf /app/data/index.html /app/code/env/lib/python3.10/site-packages/synapse/static/index.html
 

test/package.json

@@ -9,9 +9,9 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^120.0.0",
+    "chromedriver": "^128.0.1",
     "expect.js": "^0.3.1",
-    "mocha": "^10.2.0",
+    "mocha": "^10.7.3",
-    "selenium-webdriver": "^4.16.0"
+    "selenium-webdriver": "^4.24.0"
   }
 }

test/test.js

@@ -120,7 +120,7 @@ describe('Application life cycle test', function () {
             await browser.findElement(By.xpath('//input[@name="username"]')).sendKeys(username);
             await browser.findElement(By.xpath('//input[@name="password"]')).sendKeys(password);
             await browser.sleep(2000);
-            await browser.findElement(By.xpath('//button[@type="submit" and contains(text(), "Sign in")]')).click();
+            await browser.findElement(By.id('loginSubmitButton')).click();
             await browser.sleep(2000);
 
             athenticated_by_oidc = true;
@@ -130,8 +130,29 @@ describe('Application life cycle test', function () {
         await browser.findElement(By.xpath('//a[contains(., "Continue")]')).click();
         await browser.sleep(2000);
 
-        if (await browser.findElements(By.xpath('//div[@aria-label="Skip verification for now"]')).then(found => !!found.length)) {
+        //if (await browser.findElements(By.xpath('//div[@aria-label="Skip verification for now"]')).then(found => !!found.length)) {
-            await skipVerification();
+//            await skipVerification();
+        //}
+
+        if (await browser.findElements(By.xpath('//div[text()="Proceed with reset"]')).then(found => !!found.length)) {
+            await browser.findElement(By.xpath('//div[text()="Proceed with reset"]')).click();
+
+            await waitForElement(By.xpath('//button[text()="Continue"]'));
+            await browser.findElement(By.xpath('//button[text()="Continue"]')).click();
+
+            await waitForElement(By.xpath('//div[text()="Copy"]'));
+            await browser.findElement(By.xpath('//div[text()="Copy"]')).click();
+
+            await browser.sleep(1000);
+
+            await waitForElement(By.xpath('//button[text()="Continue"]'));
+            await browser.findElement(By.xpath('//button[text()="Continue"]')).click();
+
+            await waitForElement(By.xpath('//button[text()="Done"]'));
+            await browser.findElement(By.xpath('//button[text()="Done"]')).click();
+
+            await waitForElement(By.xpath('//div[text()="Cancel"]'));
+            await browser.findElement(By.xpath('//div[text()="Cancel"]')).click();
         }
 
         await browser.sleep(3000);
@@ -166,18 +187,18 @@ describe('Application life cycle test', function () {
     async function logout() {
         await browser.get('https://' + app.fqdn + '/#/home');
         await browser.sleep(5000);
-        await waitForElement(By.xpath('//div[@role="button" and @title="User menu"]'));
+        await waitForElement(By.xpath('//div[@role="button" and @aria-label="User menu"]'));
 
-        await browser.findElement(By.xpath('//div[@role="button" and @title="User menu"]')).click();
+        await browser.findElement(By.xpath('//div[@role="button" and @aria-label="User menu"]')).click();
         await browser.sleep(2000);
 
         await browser.findElement(By.xpath('//li[@role="menuitem" and @aria-label="Sign out"]')).click();
         await browser.sleep(2000);
 
-        if (await browser.findElements(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).then(found => !!found.length)) {
+//        if (await browser.findElements(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).then(found => !!found.length)) {
             await browser.findElement(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).click();
             await browser.sleep(3000);
-        }
+//        }
 
         await waitForElement(By.xpath('//h1[text()="Sign in"]'));
     }
@@ -233,7 +254,7 @@ describe('Application life cycle test', function () {
     it('can get app information', getAppInfo);
     it('check landing page', checkLandingPage);
 
-    it('can install element-web app', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
+    it('can install element-web app (no sso)', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
     it('update element-app config', updateSynapseConfig);
 
     it('can get Element app info', getElementAppInfo);
@@ -256,10 +277,10 @@ describe('Application life cycle test', function () {
     it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // SSO
-    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
+    it('install app (sso)', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
     it('can get app info', getAppInfo);
 
-    it('can install element-web app', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
+    it('can install element-web app (sso)', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
     it('update element-app config', updateSynapseConfig);
 
     it('can get Element app info', getElementAppInfo);
@@ -323,6 +344,8 @@ describe('Application life cycle test', function () {
 
     // test update
     it('can install app for update', function () { execSync('cloudron install --appstore-id org.matrix.synapse --location ' + LOCATION, EXEC_ARGS); });
+    it('can install element-web app (update)', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
+
     it('can get app info', getAppInfo);
     it('update element-app config', updateSynapseConfig);