Skip to content

Commit

Permalink
Merge remote-tracking branch 'upstream/develop' into msc4210
Browse files Browse the repository at this point in the history
  • Loading branch information
tulir committed Oct 11, 2024
2 parents aab2ae0 + f6a3e5e commit 1d5f3f8
Show file tree
Hide file tree
Showing 50 changed files with 722 additions and 147 deletions.
2 changes: 1 addition & 1 deletion .github/workflows/docker.yml
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,7 @@ jobs:
run: docker buildx inspect

- name: Install Cosign
uses: sigstore/cosign-installer@v3.6.0
uses: sigstore/cosign-installer@v3.7.0

- name: Checkout repository
uses: actions/checkout@v4
Expand Down
40 changes: 40 additions & 0 deletions CHANGES.md
Original file line number Diff line number Diff line change
@@ -1,3 +1,43 @@
# Synapse 1.117.0rc1 (2024-10-08)

### Features

- Add config option `redis.password_path`. ([\#17717](https://github.com/element-hq/synapse/issues/17717))

### Bugfixes

- Fix a rare bug introduced in v1.29.0 where invalidating a user's access token from a worker could raise an error. ([\#17779](https://github.com/element-hq/synapse/issues/17779))
- In the response to `GET /_matrix/client/versions`, set the `unstable_features` flag for [MSC4140](https://github.com/matrix-org/matrix-spec-proposals/pull/4140) to `false` when server configuration disables support for delayed events. ([\#17780](https://github.com/element-hq/synapse/issues/17780))
- Improve input validation and room membership checks in admin redaction API. ([\#17792](https://github.com/element-hq/synapse/issues/17792))

### Improved Documentation

- Clarify the docstring of `test_forget_when_not_left`. ([\#17628](https://github.com/element-hq/synapse/issues/17628))
- Add documentation note about PYTHONMALLOC for accurate jemalloc memory tracking. Contributed by @hensg. ([\#17709](https://github.com/element-hq/synapse/issues/17709))
- Remove spurious "TODO UPDATE ALL THIS" note in the Debian installation docs. ([\#17749](https://github.com/element-hq/synapse/issues/17749))
- Explain how load balancing works for `federation_sender_instances`. ([\#17776](https://github.com/element-hq/synapse/issues/17776))

### Internal Changes

- Minor performance increase for large accounts using sliding sync. ([\#17751](https://github.com/element-hq/synapse/issues/17751))
- Increase performance of the notifier when there are many syncing users. ([\#17765](https://github.com/element-hq/synapse/issues/17765), [\#17766](https://github.com/element-hq/synapse/issues/17766))
- Fix performance of streams that don't change often. ([\#17767](https://github.com/element-hq/synapse/issues/17767))
- Improve performance of sliding sync connections that do not ask for any rooms. ([\#17768](https://github.com/element-hq/synapse/issues/17768))
- Reduce overhead of sliding sync E2EE loops. ([\#17771](https://github.com/element-hq/synapse/issues/17771))
- Sliding sync minor performance speed up using new table. ([\#17787](https://github.com/element-hq/synapse/issues/17787))
- Sliding sync minor performance improvement by omitting unchanged data from incremental responses. ([\#17788](https://github.com/element-hq/synapse/issues/17788))
- Speed up sliding sync when there are many active subscriptions. ([\#17789](https://github.com/element-hq/synapse/issues/17789))
- Add missing license headers on new source files. ([\#17799](https://github.com/element-hq/synapse/issues/17799))



### Updates to locked dependencies

* Bump phonenumbers from 8.13.45 to 8.13.46. ([\#17773](https://github.com/element-hq/synapse/issues/17773))
* Bump python-multipart from 0.0.10 to 0.0.12. ([\#17772](https://github.com/element-hq/synapse/issues/17772))
* Bump regex from 1.10.6 to 1.11.0. ([\#17770](https://github.com/element-hq/synapse/issues/17770))
* Bump ruff from 0.6.7 to 0.6.8. ([\#17774](https://github.com/element-hq/synapse/issues/17774))

# Synapse 1.116.0 (2024-10-01)

No significant changes since 1.116.0rc2.
Expand Down
1 change: 1 addition & 0 deletions changelog.d/17708.feature
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Added the `display_name_claim` option to the JWT configuration. This option allows specifying the claim key that contains the user's display name in the JWT payload.
1 change: 1 addition & 0 deletions changelog.d/17736.bugfix
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Fix saving of PNG thumbnails, when the original image is in the CMYK color space.
1 change: 0 additions & 1 deletion changelog.d/17749.doc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17751.misc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17765.misc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17766.misc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17767.misc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17768.misc

This file was deleted.

1 change: 0 additions & 1 deletion changelog.d/17771.misc

This file was deleted.

1 change: 1 addition & 0 deletions changelog.d/17802.doc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Correct documentation to refer to the `--config-path` argument instead of `--config-file`.
1 change: 1 addition & 0 deletions changelog.d/17803.misc
Original file line number Diff line number Diff line change
@@ -0,0 +1 @@
Test github token before running release script steps.
6 changes: 6 additions & 0 deletions debian/changelog
Original file line number Diff line number Diff line change
@@ -1,3 +1,9 @@
matrix-synapse-py3 (1.117.0~rc1) stable; urgency=medium

* New Synapse release 1.117.0rc1.

-- Synapse Packaging team <[email protected]> Tue, 08 Oct 2024 14:37:11 +0100

matrix-synapse-py3 (1.116.0) stable; urgency=medium

* New Synapse release 1.116.0.
Expand Down
2 changes: 2 additions & 0 deletions docs/usage/administration/admin_faq.md
Original file line number Diff line number Diff line change
Expand Up @@ -255,6 +255,8 @@ line to `/etc/default/matrix-synapse`:

LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2

*Note*: You may need to set `PYTHONMALLOC=malloc` to ensure that `jemalloc` can accurately calculate memory usage. By default, Python uses its internal small-object allocator, which may interfere with jemalloc's ability to track memory consumption correctly. This could prevent the [cache_autotuning](../configuration/config_documentation.md#caches-and-associated-values) feature from functioning as expected, as the Python allocator may not reach the memory threshold set by `max_cache_memory_usage`, thus not triggering the cache eviction process.

This made a significant difference on Python 2.7 - it's unclear how
much of an improvement it provides on Python 3.x.

Expand Down
19 changes: 17 additions & 2 deletions docs/usage/configuration/config_documentation.md
Original file line number Diff line number Diff line change
Expand Up @@ -3722,6 +3722,8 @@ Additional sub-options for this setting include:
Required if `enabled` is set to true.
* `subject_claim`: Name of the claim containing a unique identifier for the user.
Optional, defaults to `sub`.
* `display_name_claim`: Name of the claim containing the display name for the user. Optional.
If provided, the display name will be set to the value of this claim upon first login.
* `issuer`: The issuer to validate the "iss" claim against. Optional. If provided the
"iss" claim will be required and validated for all JSON web tokens.
* `audiences`: A list of audiences to validate the "aud" claim against. Optional.
Expand All @@ -3736,6 +3738,7 @@ jwt_config:
secret: "provided-by-your-issuer"
algorithm: "provided-by-your-issuer"
subject_claim: "name_of_claim"
display_name_claim: "name_of_claim"
issuer: "provided-by-your-issuer"
audiences:
- "provided-by-your-issuer"
Expand Down Expand Up @@ -4368,7 +4371,13 @@ It is possible to scale the processes that handle sending outbound federation re
by running a [`generic_worker`](../../workers.md#synapseappgeneric_worker) and adding it's [`worker_name`](#worker_name) to
a `federation_sender_instances` map. Doing so will remove handling of this function from
the main process. Multiple workers can be added to this map, in which case the work is
balanced across them.
balanced across them.

The way that the load balancing works is any outbound federation request will be assigned
to a federation sender worker based on the hash of the destination server name. This
means that all requests being sent to the same destination will be processed by the same
worker instance. Multiple `federation_sender_instances` are useful if there is a federation
with multiple servers.

This configuration setting must be shared between all workers handling federation
sending, and if changed all federation sender workers must be stopped at the same time
Expand Down Expand Up @@ -4518,6 +4527,9 @@ This setting has the following sub-options:
* `path`: The full path to a local Unix socket file. **If this is used, `host` and
`port` are ignored.** Defaults to `/tmp/redis.sock'
* `password`: Optional password if configured on the Redis instance.
* `password_path`: Alternative to `password`, reading the password from an
external file. The file should be a plain text file, containing only the
password. Synapse reads the password from the given file once at startup.
* `dbid`: Optional redis dbid if needs to connect to specific redis logical db.
* `use_tls`: Whether to use tls connection. Defaults to false.
* `certificate_file`: Optional path to the certificate file
Expand All @@ -4531,13 +4543,16 @@ This setting has the following sub-options:

_Changed in Synapse 1.85.0: Added path option to use a local Unix socket_

_Changed in Synapse 1.116.0: Added password\_path_

Example configuration:
```yaml
redis:
enabled: true
host: localhost
port: 6379
password: <secret_password>
password_path: <path_to_the_password_file>
# OR password: <secret_password>
dbid: <dbid>
#use_tls: True
#certificate_file: <path_to_the_certificate_file>
Expand Down
4 changes: 2 additions & 2 deletions docs/workers.md
Original file line number Diff line number Diff line change
Expand Up @@ -177,11 +177,11 @@ The following applies to Synapse installations that have been installed from sou

You can start the main Synapse process with Poetry by running the following command:
```console
poetry run synapse_homeserver --config-file [your homeserver.yaml]
poetry run synapse_homeserver --config-path [your homeserver.yaml]
```
For worker setups, you can run the following command
```console
poetry run synapse_worker --config-file [your homeserver.yaml] --config-file [your worker.yaml]
poetry run synapse_worker --config-path [your homeserver.yaml] --config-path [your worker.yaml]
```
## Available worker applications

Expand Down
66 changes: 33 additions & 33 deletions poetry.lock

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

4 changes: 2 additions & 2 deletions pyproject.toml
Original file line number Diff line number Diff line change
Expand Up @@ -97,7 +97,7 @@ module-name = "synapse.synapse_rust"

[tool.poetry]
name = "matrix-synapse"
version = "1.116.0"
version = "1.117.0rc1"
description = "Homeserver for the Matrix decentralised comms protocol"
authors = ["Matrix.org Team and Contributors <[email protected]>"]
license = "AGPL-3.0-or-later"
Expand Down Expand Up @@ -320,7 +320,7 @@ all = [
# failing on new releases. Keeping lower bounds loose here means that dependabot
# can bump versions without having to update the content-hash in the lockfile.
# This helps prevents merge conflicts when running a batch of dependabot updates.
ruff = "0.6.8"
ruff = "0.6.9"
# Type checking only works with the pydantic.v1 compat module from pydantic v2
pydantic = "^2"

Expand Down
Loading

0 comments on commit 1d5f3f8

Please sign in to comment.