Commit graph

22480 commits

Author SHA1 Message Date
dependabot[bot]
efab118251
Bump pillow from 9.4.0 to 9.5.0 (#15444)
* Bump pillow from 9.4.0 to 9.5.0

Bumps [pillow](https://github.com/python-pillow/Pillow) from 9.4.0 to 9.5.0.
- [Release notes](https://github.com/python-pillow/Pillow/releases)
- [Changelog](https://github.com/python-pillow/Pillow/blob/main/CHANGES.rst)
- [Commits](https://github.com/python-pillow/Pillow/compare/9.4.0...9.5.0)

---
updated-dependencies:
- dependency-name: pillow
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-17 10:54:35 +01:00
dependabot[bot]
49482222ca
Bump serde from 1.0.159 to 1.0.160 (#15443)
* Bump serde from 1.0.159 to 1.0.160

Bumps [serde](https://github.com/serde-rs/serde) from 1.0.159 to 1.0.160.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](https://github.com/serde-rs/serde/compare/v1.0.159...v1.0.160)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-17 10:53:40 +01:00
dependabot[bot]
fce59ca5a1
Bump dawidd6/action-download-artifact from 2.26.1 to 2.27.0 (#15441)
* Bump dawidd6/action-download-artifact from 2.26.1 to 2.27.0

Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.26.1 to 2.27.0.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](7132ab516f...246dbf436b)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-17 10:53:13 +01:00
dependabot[bot]
0475cae3ac
Bump serde_json from 1.0.95 to 1.0.96 (#15442)
* Bump serde_json from 1.0.95 to 1.0.96

Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.95 to 1.0.96.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.95...v1.0.96)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-17 10:52:35 +01:00
Jason Little
c9326140dc
Refactor SimpleHttpClient to pull out reusable methods (#15427)
Pulls out some methods to `BaseHttpClient` to eventually be
reused in other contexts.
2023-04-14 20:46:04 +00:00
David Robertson
8a47d6e3a6
More precise type for LoggingTransaction.execute (#15432)
* More precise type for LoggingTransaction.execute
* Add an annotation for stream_ordering_month_ago

This would have spotted the error that was fixed in "Add comma missing from #15382. (#15429)"
2023-04-14 18:04:49 +00:00
Dirk Klimpel
24b61f32ff
Disable directory listing for StaticResource (#15438) 2023-04-14 13:49:47 -04:00
Dirk Klimpel
e4a25d022c
Load /capabilities endpoint on workers (#15436) 2023-04-14 12:26:07 -04:00
Erik Johnston
b5192355f6
User directory background update speedup (#15435)
c.f. #15264

The two changes are:
1. Add indexes so that the select / deletes don't do sequential scans
2. Don't repeatedly call `SELECT count(*)` each iteration, as that's slow
2023-04-14 16:10:32 +01:00
Mathieu Velten
dabbb94faf
Delete pushers after calling on_logged_out module hook on device delete (#15410) 2023-04-14 14:12:37 +02:00
Dirk Klimpel
de4390cd40
Convert async to normal tests in TestSSOHandler (#15433)
* Convert async to normal tests in `TestSSOHandler`

* newsfile
2023-04-14 10:48:35 +00:00
Dirk Klimpel
4af0aec54d
Load /directory/room/{roomAlias} endpoint on workers (#15333)
* Enable `directory`

* move to worker store

* newsfile

* disable `ClientDirectoryListServer` and `ClientAppserviceDirectoryListServer` for workers
2023-04-14 10:24:06 +01:00
Patrick Cloke
d751f65e71
Remove registration fallback code. (#15405)
The registration fallback is broken and unspecced. This removes it
since there is no plan to spec it.

Note that this does not modify the login fallback code.
2023-04-13 11:36:29 -04:00
reivilibre
edae20f926
Improve robustness when handling a perspective key response by deduplicating received server keys. (#15423)
* Change `store_server_verify_keys` to take a `Mapping[(str, str), FKR]`

This is because we already can't handle duplicate keys — leads to cardinality violation

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-04-13 15:35:03 +01:00
reivilibre
38272be037
Add comma missing from #15382. (#15429)
* Add missing comma

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2023-04-13 15:06:25 +01:00
Patrick Cloke
2503126d52
Implement MSC2174: move redacts to a content property. (#15395)
This moves `redacts` from being a top-level property to
a `content` property in a new room version.

MSC2176 (which was previously implemented) states to not
`redact` this property.
2023-04-13 13:47:07 +00:00
Dirk Klimpel
c9723a1c1f
Only load the SSO redirect servlet if SSO is enabled. (#15421) 2023-04-13 13:08:00 +00:00
Dirk Klimpel
be36600327
Disable loading RefreshTokenServlet on workers (#15428) 2023-04-13 13:28:55 +02:00
Will Hunt
253e86a72e
Throw if the appservice config list is the wrong type (#15425)
* raise a ConfigError on an invalid app_service_config_files

* changelog

* Move config check to read_config

* Add test

* Ensure list also contains strings
2023-04-12 11:28:46 +00:00
Erik Johnston
66ad1b8984 Merge branch 'master' into develop 2023-04-11 15:09:26 +01:00
Erik Johnston
c1b7da69cc 1.81.0 2023-04-11 14:18:54 +01:00
dependabot[bot]
c94307adfe
Bump immutabledict from 2.2.3 to 2.2.4 (#15415) 2023-04-10 09:36:56 -04:00
dependabot[bot]
0bc1061119
Bump sentry-sdk from 1.17.0 to 1.19.1 (#15414) 2023-04-10 09:36:05 -04:00
dependabot[bot]
ce40330de1
Bump parameterized from 0.8.1 to 0.9.0 (#15412) 2023-04-10 09:19:02 -04:00
dependabot[bot]
8e0a3428d7
Bump types-pillow from 9.4.0.17 to 9.4.0.19 (#15413) 2023-04-10 09:18:40 -04:00
dependabot[bot]
70781d3691
Bump black from 23.1.0 to 23.3.0 (#15372) 2023-04-10 08:37:42 -04:00
David Robertson
3dd72b924e
Attempt to fix weird mypy failures on ignored files. (#15409)
By inlining the typechecking job from backend-meta.

This seems to resolve odd errors (maybe due to caching?)
to have been seen on Dependabot PRs.
2023-04-10 08:25:08 -04:00
Patrick Cloke
d07d255830
Implement MSC2175: remove the creator field from create events. (#15394) 2023-04-06 16:26:28 -04:00
dependabot[bot]
3ad221ea40
Bump pyopenssl from 23.1.0 to 23.1.1 (#15373)
* Bump pyopenssl from 23.1.0 to 23.1.1

Bumps [pyopenssl](https://github.com/pyca/pyopenssl) from 23.1.0 to 23.1.1.
- [Release notes](https://github.com/pyca/pyopenssl/releases)
- [Changelog](https://github.com/pyca/pyopenssl/blob/main/CHANGELOG.rst)
- [Commits](https://github.com/pyca/pyopenssl/compare/23.1.0...23.1.1)

---
updated-dependencies:
- dependency-name: pyopenssl
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
Co-authored-by: David Robertson <davidr@element.io>
2023-04-06 20:14:49 +01:00
David Robertson
d5cc911167
Trust dtolnay/rust-toolchain (#15406)
* Trust dtolnay/rust-toolchain

The author is a big deal in the Rust world and I'm happy to trust them.
I'm also bored of the dependabot updates tbh.

* Changelog
2023-04-06 19:41:29 +01:00
dependabot[bot]
61251275fe
Bump types-psycopg2 from 2.9.21.8 to 2.9.21.9 (#15374)
* Bump types-psycopg2 from 2.9.21.8 to 2.9.21.9

Bumps [types-psycopg2](https://github.com/python/typeshed) from 2.9.21.8 to 2.9.21.9.
- [Release notes](https://github.com/python/typeshed/releases)
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-psycopg2
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
Co-authored-by: Mathieu Velten <mathieuv@matrix.org>
Co-authored-by: David Robertson <davidr@element.io>
2023-04-06 19:09:24 +01:00
dependabot[bot]
b5355dfde8
Bump types-netaddr from 0.8.0.6 to 0.8.0.7 (#15375)
* Bump types-netaddr from 0.8.0.6 to 0.8.0.7

Bumps [types-netaddr](https://github.com/python/typeshed) from 0.8.0.6 to 0.8.0.7.
- [Release notes](https://github.com/python/typeshed/releases)
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-netaddr
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
Co-authored-by: David Robertson <davidr@element.io>
2023-04-06 19:08:59 +01:00
dependabot[bot]
d62076003d
Bump types-opentracing from 2.4.10.3 to 2.4.10.4 (#15376)
* Bump types-opentracing from 2.4.10.3 to 2.4.10.4

Bumps [types-opentracing](https://github.com/python/typeshed) from 2.4.10.3 to 2.4.10.4.
- [Release notes](https://github.com/python/typeshed/releases)
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-opentracing
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-06 19:08:28 +01:00
dependabot[bot]
e708a33cd9
Bump dawidd6/action-download-artifact from 2.26.0 to 2.26.1 (#15404)
* Bump dawidd6/action-download-artifact from 2.26.0 to 2.26.1

Bumps [dawidd6/action-download-artifact](https://github.com/dawidd6/action-download-artifact) from 2.26.0 to 2.26.1.
- [Release notes](https://github.com/dawidd6/action-download-artifact/releases)
- [Commits](5e780fc7bb...7132ab516f)

---
updated-dependencies:
- dependency-name: dawidd6/action-download-artifact
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-06 17:50:39 +01:00
Erik Johnston
485b9fdefb
Don't keep old stream_ordering_to_exterm around (#15382) 2023-04-06 16:42:39 +00:00
Patrick Cloke
72b43bec8b Merge remote-tracking branch 'origin/release-v1.81' into develop 2023-04-06 11:44:26 -04:00
David Robertson
edf046ece7
1.81.0rc2 2023-04-06 16:08:28 +01:00
David Robertson
ec6430bad8
Use setup-go instead of relying on go 1.17 to exist (#15403)
* Use setup-go instead of relying on 1.17 to exist

See https://github.com/actions/runner-images/issues/7276

* Changelog
2023-04-06 15:23:36 +01:00
Patrick Cloke
83649b891d
Implement MSC3989 to redact the origin field. (#15393)
This will be done in a future room version, for now an unstable
room version is added which redacts the origin field.
2023-04-05 14:42:46 -04:00
Quentin Gliech
6eb3edec47
Fix the 'set_device_id_for_pushers_txn' background update. (#15391)
Refer to the correct field from the response when updating
the background update progress.
2023-04-05 07:49:15 -04:00
Shay
6b23d74ad1
Delete server-side backup keys when deactivating an account. (#15181) 2023-04-04 20:16:08 +00:00
Erik Johnston
6d103373e2 Update changelog 2023-04-04 14:38:33 +01:00
Erik Johnston
735e4d1f9d 1.81.0rc1 2023-04-04 14:29:08 +01:00
Erik Johnston
79d2e2e79c
Speed up membership queries for users with forgotten rooms (#15385) 2023-04-04 14:11:34 +01:00
Sean Quah
89a71e7390
Fix a rare bug where initial /syncs would fail (#15383)
This change fixes a rare bug where initial /syncs would fail with a
`KeyError` under the following circumstances:
 1. A user fast joins a remote room.
 2. The user is kicked from the room before the room's full state has
    been synced.
 3. A second local user fast joins the room.
 4. Events are backfilled into the room with a higher topological
    ordering than the original user's leave. They are assigned a
    negative stream ordering. It's not clear how backfill happened here,
    since it is expected to be equivalent to syncing the full state.
 5. The second local user leaves the room before the room's full state
    has been synced. The homeserver does not complete the sync.
 6. The original user performs an initial /sync with lazy_load_members
    enabled.
     * Because they were kicked from the room, the room is included in
       the /sync response even though the include_leave option is not
       specified.
     * To populate the room's timeline, `_load_filtered_recents` /
       `get_recent_events_for_room` fetches events with a lower stream
       ordering than the leave event and picks the ones with the highest
       topological orderings (which are most recent). This captures the
       backfilled events after the leave, since they have a negative
       stream ordering. These events are filtered out of the timeline,
       since the user was not in the room at the time and cannot view
       them. The sync code ends up with an empty timeline for the room
       that notably does not include the user's leave event.
       This seems buggy, but at least we don't disclose events the user
       isn't allowed to see.
     * Normally, `compute_state_delta` would fetch the state at the
       start and end of the room's timeline to generate the sync
       response. Since the timeline is empty, it fetches the state at
       `min(now, last event in the room)`, which corresponds with the
       second user's leave. The state during the entirety of the second
       user's membership does not include the membership for the first
       user because of partial state.
       This part is also questionable, since we are fetching state from
       outside the bounds of the user's membership.
     * `compute_state_delta` then tries and fails to find the user's
       membership in the auth events of timeline events. Because there
       is no timeline event whose auth events are expected to contain
       the user's membership, a `KeyError` is raised.

Also contains a drive-by fix for a separate unlikely race condition.

Signed-off-by: Sean Quah <seanq@matrix.org>
2023-04-04 13:10:25 +01:00
David Robertson
c0772b4461
Note that Synapse 1.74 queued a user dir rebuild (#15386)
* Note that Synapse 1.74 queued a user dir rebuild

* Changelog
2023-04-04 12:08:17 +00:00
Sean Quah
8aa121c2be
Build Debian packages for Ubuntu 23.04 Lunar Lobster (#15381)
Signed-off-by: Sean Quah <seanq@matrix.org>
2023-04-03 19:37:26 +01:00
Patrick Cloke
cf2f2934ad
Call appservices on modern paths, falling back to legacy paths. (#15317)
This uses the specced /_matrix/app/v1/... paths instead of the
"legacy" paths. If the homeserver receives an error it will retry
using the legacy path.
2023-04-03 13:20:32 -04:00
Jason Little
56efa9b167
Experimental Unix socket support (#15353)
* Add IReactorUNIX to ISynapseReactor type hint.

* Create listen_unix().

Two options, 'path' to the file and 'mode' of permissions(not umask, recommend 666 as default as
nginx/other reverse proxies write to it and it's setup as user www-data)

For the moment, leave the option to always create a PID lockfile turned on by default

* Create UnixListenerConfig and wire it up.

Rename ListenerConfig to TCPListenerConfig, then Union them together into ListenerConfig.
This spidered around a bit, but I think I got it all. Metrics and manhole have been placed
behind a conditional in case of accidental putting them onto a unix socket.

Use new helpers to get if a listener is configured for TLS, and to help create a site tag
for logging.

There are 2 TODO things in parse_listener_def() to finish up at a later point.

* Refactor SynapseRequest to handle logging correctly when using a unix socket.

This prevents an exception when an IP address can not be retrieved for a request.

* Make the 'Synapse now listening on Unix socket' log line a little prettier.

* No silent failures on generic workers when trying to use a unix socket with metrics or manhole.

* Inline variables in app/_base.py

* Update docstring for listen_unix() to remove reference to a hardcoded permission of 0o666 and add a few comments saying where the default IS declared.

* Disallow both a unix socket and a ip/port combo on the same listener resource

* Linting

* Changelog

* review: simplify how listen_unix returns(and get rid of a type: ignore)

* review: fix typo from ConfigError in app/homeserver.py

* review: roll conditional for http_options.tag into get_site_tag() helper(and add docstring)

* review: enhance the conditionals for checking if a port or path is valid, remove a TODO line

* review: Try updating comment in get_client_ip_if_available to clarify what is being retrieved and why

* Pretty up how 'Synapse now listening on Unix Socket' looks by decoding the byte string.

* review: In parse_listener_def(), raise ConfigError if neither socket_path nor port is declared(and fix a typo)
2023-04-03 10:27:51 +01:00
dependabot[bot]
9b2ab506c5
Bump serde_json from 1.0.94 to 1.0.95 (#15371)
* Bump serde_json from 1.0.94 to 1.0.95

Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.94 to 1.0.95.
- [Release notes](https://github.com/serde-rs/json/releases)
- [Commits](https://github.com/serde-rs/json/compare/v1.0.94...v1.0.95)

---
updated-dependencies:
- dependency-name: serde_json
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

* Changelog

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: GitHub Actions <github-actions[bot]@users.noreply.github.com>
2023-04-03 08:08:46 +01:00