- Feb 20, 2025
-
-
Eric Eastwood authored
Add support for overriding `id_token_signing_alg_values_supported` for an OpenID identity provider (#18177) Normally, when `discovery` is enabled, `id_token_signing_alg_values_supported` comes from the OpenID Discovery Document (`/.well-known/openid-configuration`). If nothing was specified, we default to supporting `RS256` in the downstream usage. This PR just adds support for adding a default/overriding the the discovered value [just like we do for other things like the `token_endpoint`](https://github.com/element-hq/synapse/blob/1525a3b4d48a0f5657d61423e1f205bff9a77948/docs/usage/configuration/config_documentation.md#oidc_providers), etc.
-
Shay authored
Missed in the transition from experimental to stable. Fixes #18160
-
- Feb 19, 2025
-
-
Quentin Gliech authored
This is a split off #18033 This uses a few tricks to speed up the building of docker images: - This switches to use `uv pip install` instead of `pip install`. This saves a bunch of time, especially when cross-compiling - I then looked at what packages were not using binary wheels: I upgraded MarkupSafe to have binaries for py3.12, and got back to Python 3.12 because hiredis didn't have builds for py3.13 with the version we were using - The generation of the requirements.txt is arch-agnostic, so I've switched this one to run on the build architecture, so that both arch can share it - The download of runtime depdendencies can be done on the build architecture through manual `apt-get download` plus `dpkg --extract` - We were using -slim images, but still installed a bunch of -dev dependencies. Turns out, all the dev dependencies were already installed in the non-slim image, which saves a bunch of time as well
-
- Feb 18, 2025
-
-
Quentin Gliech authored
-
Quentin Gliech authored
This has been a problem with Element Web, as it will proble /register with an empty body, which gave this error: ``` curl -d '{}' -HContent-Type:application/json /_matrix/client/v3/register {"errcode": "M_UNKNOWN", "error": "Invalid username"} ``` And Element Web would choke on it. This changes that so we reply instead: ``` {"errcode": "M_FORBIDDEN", "error": "Registration has been disabled. Only m.login.application_service registrations are allowed."} ``` Also adds a test for this. See https://github.com/element-hq/element-web/issues/27993 --------- Co-authored-by:
Andrew Morgan <andrew@amorgan.xyz>
-
Devon Hudson authored
### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
-
Quentin Gliech authored
-
qashlan authored
- Add `get_current_time_msec()` method to the [module API](https://matrix-org.github.io/synapse/latest/modules/writing_a_module.html ) for sound time comparisons with Synapse. - Fixes #18104 Signed-off-by:
Ahmed Qashlan <ahmedelqashlan@gmail.com> Co-authored-by:
Eric Eastwood <madlittlemods@gmail.com> Co-authored-by:
Erik Johnston <erikj@jki.re>
-
- Feb 17, 2025
-
-
Eric Eastwood authored
Adds new environment variables that can be used with the Docker image (`SYNAPSE_HTTP_PROXY`/`SYNAPSE_HTTPS_PROXY`/`SYNAPSE_NO_PROXY`) Useful for things like the [Secure Border Gateway](https://element.io/server-suite/secure-border-gateways) ### Why is this necessary? You can already configure the `HTTP_PROXY`/`HTTPS_PROXY` environment variables to proxy outbound requests but setting this globally in the Docker image affects all processes which isn't always desirable or workable in the case where the proxy is running in the Docker image itself (because the Debian packages will fail to download because the proxy isn't up and running yet) . Adding Synapse specific environment variables (`SYNAPSE_HTTP_PROXY`/`SYNAPSE_HTTPS_PROXY`/`SYNAPSE_NO_PROXY`) makes things much more targetable.
-
Erik Johnston authored
If a user search has many words we can end up creating really large queries that take a long time for the database to process. Generally, such searches don't return any results anyway (due to limits on user ID and display name length). We "fix" this by cheating and only searching for the first ten words.
-
V02460 authored
Document consequences of replacing secrets. The covered config options are `registration_shared_secret`, `macaroon_secret_key`, `form_secret` and `worker_replication_secret`. Even though I looked at the source code to check the added documentation is right, I would appreciate additional verification of the statements made. In an hand-wavy attempt at classifying how bad the consequences of secret replacement are, I added some explanations as warnings and others as regular paragraphs. Closes #17971 ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
-
dependabot[bot] authored
-
dependabot[bot] authored
-
dependabot[bot] authored
-
- Feb 14, 2025
-
-
Andrew Morgan authored
-
- Feb 12, 2025
-
-
Eric Eastwood authored
I was looking into the `USE_FROZEN_DICTS` option during the review of https://github.com/element-hq/synapse/pull/18103#discussion_r1935876168 and noticed that there are several other server config options that aren't in the docs.
-
Devon Hudson authored
This is to help track down a possible, but very rare, worker deadlock that was seen on matrix.org. In theory, you could work back from an instance of these new logs to the approximate time when the lock was obtained and focus the diagnostic efforts there. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
-
qashlan authored
When updating 3pid for a user email from admin api and sending invalid email the server throws 500 internal server error. changed to 400 Bad request and returned the error message Signed-off-by:
qashlan <ahmedelqashlan@gmail.com> Signed-off-by:
Ahmed Qashlan <ahmedelqashlan@gmail.com>
-
dependabot[bot] authored
-
dependabot[bot] authored
-
dependabot[bot] authored
-
dependabot[bot] authored
-
dependabot[bot] authored
-
dependabot[bot] authored
-
- Feb 11, 2025
-
-
Till Faelligen authored
-
Andrew Morgan authored
Missed in https://github.com/element-hq/synapse/pull/18000
-
- Feb 10, 2025
-
-
dependabot[bot] authored
-
V02460 authored
Some small cleanups after Python3.8 became EOL. - Move some type imports from `typing_extensions` to `typing` - Remove the `abi3-py38` feature from pyo3 ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters) ) --------- Co-authored-by:
Quentin Gliech <quenting@element.io>
-
Andrew Ferrazzutti authored
### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters) ) --------- Co-authored-by:
Quentin Gliech <quenting@element.io>
-
meise authored
In the current `attribute_requirements` implementation it is only possible to allow exact matching attribute values. Multiple allowed values for one attribute are not possible as described in #13238. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters) ) --------- Co-authored-by:
Sebastian Neuser <pzkz@infra.run> Co-authored-by:
Quentin Gliech <quenting@element.io>
-
Erik Johnston authored
We log incorrect ones as we want to catch bugs where Synapse returns bad tokens. However, sometimes clients just send tokens that are e.g. empty. --------- Co-authored-by:
Eric Eastwood <erice@element.io>
-
villepeh authored
### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [X] Pull request is based on the develop branch * [X] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [X] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters) ) I forgot the guide applies to Oracle Linux as well. In fact, I ran a small homeserver on OEL a few months back. I did minimal installations on Rocky and OEL on VirtualBox and noticed Codeready/Powertools repos aren't required, so I removed those commands from the guide. I switched `RHEL`-references to `EL`. #17423 was merged before I remembered about OEL but a new PR shouldn't hurt :) --------- Co-authored-by:
Quentin Gliech <quenting@element.io>
-
- Feb 07, 2025
-
-
Erik Johnston authored
-
Erik Johnston authored
Regressed as part of https://github.com/element-hq/synapse/pull/18107 This does two things: 1. Only check if the state groups have been deleted when calculating the event context (as that's when we will insert them). This avoids lots of checks for read operations. 2. Don't lock the `state_groups` rows when doing the check. This adds overhead, and it doesn't prevent any races.
-
- Feb 05, 2025
-
-
Erik Johnston authored
-
Erik Johnston authored
Introduced in #18107 `UniqueViolation: duplicate key value violates unique constraint "state_groups_persisting_pkey"`
-