Update docker.io/matrixdotorg/synapse Docker tag to v1.95.0
This MR contains the following updates:
| Package | Update | Change |
|---|---|---|
| docker.io/matrixdotorg/synapse | minor |
v1.93.0 -> v1.95.0
|
Release Notes
matrix-org/synapse (docker.io/matrixdotorg/synapse)
v1.95.0
Synapse 1.95.0 (2023-10-24)
Internal Changes
- Build Debian packages for Ubuntu 23.10 Mantic Minotaur. (#16524)
Synapse 1.95.0rc1 (2023-10-17)
Bugfixes
- Remove legacy unspecced
knock_state_eventsfield returned in some responses. (#16403) - Fix a bug introduced in Synapse 1.81.0 where an
AttributeErrorwould be raised when_matrix/client/v3/account/whoamiis called over a unix socket. Contributed by @Sir-Photch. (#16404) - Properly return inline media when content types have parameters. (#16440)
- Prevent the purging of large rooms from timing out when Postgres is in use. The timeout which causes this issue was introduced in Synapse 1.88.0. (#16455)
- Improve the performance of purging rooms, particularly encrypted rooms. (#16457)
- Fix a bug introduced in Synapse 1.59.0 where servers could be incorrectly marked as available after an error response was received. (#16506)
Improved Documentation
- Document internal background update mechanism. (#16420)
- Fix a typo in the sql for useful SQL for admins document. (#16477)
Internal Changes
- Bump pyo3 from 0.17.1 to 0.19.2. (#16162)
- Update registration of media repository URLs. (#16419)
- Improve type hints. (#16421, #16468, #16469, #16507)
- Refactor some code to simplify and better type receipts stream adjacent code. (#16426)
- Factor out
MultiWritertoken fromRoomStreamToken. (#16427) - Improve code comments. (#16428)
- Reduce memory allocations. (#16429, #16431, #16433, #16434, #16438, #16444)
- Remove unused method. (#16435)
- Improve rate limiting logic. (#16441)
- Do not block running of CI behind the check for sign-off on MRs. (#16454)
- Update the release script to remind releaser to check for special release notes. (#16461)
- Update complement.sh to match new public API shape. (#16466)
- Clean up logging on event persister endpoints. (#16488)
- Remove useless async job to delete device messages on sync, since we only deliver (and hence delete) up to 100 device messages at a time. (#16491)
Updates to locked dependencies
- Bump bleach from 6.0.0 to 6.1.0. (#16451)
- Bump jsonschema from 4.19.0 to 4.19.1. (#16500)
- Bump netaddr from 0.8.0 to 0.9.0. (#16453)
- Bump packaging from 23.1 to 23.2. (#16497)
- Bump pillow from 10.0.1 to 10.1.0. (#16498)
- Bump psycopg2 from 2.9.8 to 2.9.9. (#16452)
- Bump pyo3-log from 0.8.3 to 0.8.4. (#16495)
- Bump ruff from 0.0.290 to 0.0.292. (#16449)
- Bump sentry-sdk from 1.31.0 to 1.32.0. (#16496)
- Bump serde from 1.0.188 to 1.0.189. (#16494)
- Bump types-bleach from 6.0.0.4 to 6.1.0.0. (#16450)
- Bump types-jsonschema from 4.17.0.10 to 4.19.0.3. (#16499)
v1.94.0
Synapse 1.94.0 (2023-10-10)
No significant changes since 1.94.0rc1. However, please take note of the security advisory that follows.
Security advisory
The following issue is fixed in 1.94.0 (and RC).
-
GHSA-5chr-wjw5-3gq4 / CVE-2023-45129 — Moderate Severity
A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.
Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.
See the advisory for more details. If you have any questions, email security@matrix.org.
Synapse 1.94.0rc1 (2023-10-03)
Features
- Render plain, CSS, CSV, JSON and common image formats in the browser (inline) when requested through the /download endpoint. (#15988)
- Add experimental support for MSC4028 to push all encrypted events to clients. (#16361)
- Minor performance improvement when sending presence to federated servers. (#16385)
- Minor performance improvement by caching server ACL checking. (#16360)
Improved Documentation
- Add developer documentation concerning gradual schema migrations with column alterations. (#15691)
- Improve documentation of the user directory search algorithm. (#16320)
- Fix rendering of user admin API documentation around deactivation. This was broken in Synapse 1.91.0. (#16355)
- Update documentation around message retention policies. (#16382)
- Add note to
federation_domain_whitelistconfig option to clarify its usage. (#16416) - Improve legacy release notes. (#16418)
Deprecations and Removals
- Remove Python version from
/_synapse/admin/v1/server_version. (#16380)
Internal Changes
- Avoid running CI steps when the files they check have not been changed. (#14745, #16387)
- Improve type hints. (#14911, #16350, #16356, #16395)
- Added support for pydantic v2 in addition to pydantic v1. Contributed by Maxwell G (@gotmax23). (#16332)
- Get CI to check MRs have been signed-off. (#16348)
- Add missing licence header. (#16359)
- Improve type hints, and bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. (#16381)
- Improve comments in
StateGroupBackgroundUpdateStore. (#16383) - Update maturin configuration. (#16394)
- Downgrade replication stream time out error log lines to warning. (#16401)
Updates to locked dependencies
- Bump actions/checkout from 3 to 4. (#16250)
- Bump cryptography from 41.0.3 to 41.0.4. (#16362)
- Bump dawidd6/action-download-artifact from 2.27.0 to 2.28.0. (#16374)
- Bump docker/setup-buildx-action from 2 to 3. (#16375)
- Bump gitpython from 3.1.35 to 3.1.37. (#16376)
- Bump msgpack from 1.0.5 to 1.0.6. (#16377)
- Bump msgpack from 1.0.6 to 1.0.7. (#16412)
- Bump phonenumbers from 8.13.19 to 8.13.22. (#16413)
- Bump psycopg2 from 2.9.7 to 2.9.8. (#16409)
- Bump pydantic from 2.3.0 to 2.4.2. (#16410)
- Bump regex from 1.9.5 to 1.9.6. (#16408)
- Bump sentry-sdk from 1.30.0 to 1.31.0. (#16378)
- Bump types-netaddr from 0.8.0.9 to 0.9.0.1. (#16411)
- Bump types-psycopg2 from 2.9.21.11 to 2.9.21.14. (#16381)
- Bump urllib3 from 1.26.15 to 1.26.17. (#16422)
Configuration
-
If you want to rebase/retry this MR, check this box
This MR has been generated by Renovate Bot.
Edited by Renovate [bot]
