* Labeled a lot more code blocks with the appropriate type
* Fixed a couple of minor typos (missing/extraneous commas)

Signed-off-by: Sumner Evans <me@sumnerevans.com>

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

#10969 was merged after 1.46.0rc1 was cut and will be included
in v1.47.0rc1 instead.

Signed-off-by: Rafael Goncalves <rafaelgoncalves@riseup.net>

Fetch verify key locally rather than trying to do so over federation if origin and host are the same. (#11129)

* add tests for fetching key locally

* add logic to check if origin server is same as host and fetch verify key locally rather than over federation

* add changelog

* slight refactor, add docstring, change changelog entry

* Make changelog entry one line

* remove verify_json_locally and push locality check to process_request, add function process_request_locally

* remove leftover code reference

* refactor to add common call to 'verify_json and associated handling code

* add type hint to process_json

* add some docstrings + very slight refactor

Co-authored-by: reivilibre <oliverw@matrix.org>

* Teach MyPy that the sentinel context is False

This means that if `ctx: LoggingContextOrSentinel`
then `bool(ctx)` narrows us to `ctx:LoggingContext`, which is a really
neat find!

* Annotate RequestMetrics

- Raise errors for sentry if we use the sentinel context
- Ensure we don't raise an error and carry on, but not recording stats
- Include stack trace in the error case to lower Sean's blood pressure

* Make mypy pass for synapse.http.request_metrics

* Make synapse.http.connectproxyclient pass mypy

Co-authored-by: reivilibre <oliverw@matrix.org>

Fixes a merge conflict with debian/changelog

Signed-off-by: Dan Callahan <danc@element.io>

Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>

This avoids filtering against fields which cannot exist on an
event source. E.g. presence updates don't have a room.

Fixes: #9346

Includes both the stable and unstable identifier to store-invite
calls to the identity server. In the future we should remove the
unstable identifier.

The DNS threadpool must be explicitly stopped, otherwise Synapse will
hang indefinitely when asked to shut down.

For some reason the query optimiser decided to seq scan both tables,
rather than index scanning `event_json`.

Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>

This is to stop large bursts of lookups starving out other users of the
thread pools.

Fixes #11049.

Users admin API can now also modify user
type in addition to allowing it to be
set on user creation.

Signed-off-by: Jason Robinson <jasonr@matrix.org>
Co-authored-by: Brendan Abolivier <babolivier@matrix.org>

Introduced in #10548

See https://github.com/matrix-org/synapse-email-account-validity/runs/3979337154?check_suite_focus=true for an example of a module's CI choking over this issue.

Fixes: #10929 

Signed-off-by: Andrew Ferrazzutti <fair@miscworks.net>

This is the final piece of the jigsaw for #9595. As with other changes before this one (eg #10771), we need to make sure that we auth the auth events in the right order, and actually check that their predecessors haven't been rejected.

To do this I've reused the existing code we use when persisting outliers elsewhere.

I've removed the code for attempting to fetch missing auth_events - the events should have been present in the send_join response, so the likely reason they are missing is that we couldn't verify them, so requesting them again is unlikely to help. Instead, we simply drop any state which relies on those auth events, as we do at a backwards-extremity. See also matrix-org/complement#216 for a test for this.