-
-
Notifications
You must be signed in to change notification settings - Fork 2.1k
Document the usage of refresh tokens. #11427
Conversation
|
||
Assuming that clients keep their access token valid whilst they are active, and | ||
that you set `refresh_token_lifetime` to some value *R* and | ||
`refreshable_access_token_lifetime` to some value *A* (which is not bigger than *R*), |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I parse this as A <= R
. Judging by point 1 below, I think you don't want to allow A = R
?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There's nothing too wrong with A = R
; clients would just have to be diligent about refreshing...
The only confusing part is that the section below explaining the range of inactivities that will kick a client would then have a lower bound of zero.
In reality this depends on client behaviour and it's unlikely that clients would wait until the absolute last second to refresh their tokens, but I was trying to be helpful to admins who are thinking something like 'I want sessions inactive for 15 minutes to be logged out' and trying to paint a picture that it depends on when the clients happen to have refreshed their token — are you really OK with that meaning that an inactivity of (e.g. 5 minutes) could also trigger that behaviour?
If you'd like to force sessions to be logged out upon inactivity, you can enable | ||
refreshable access token expiry and refresh token expiry. | ||
|
||
Assuming that clients keep their access token valid whilst they are active, and |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
keep their access token valid
What does this mean?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Short answer: it's misleading but I mean that the clients keep refreshing their access tokens when needed so they always have a valid one.
I'm making a bit of an assumption that an active client wants to be syncing all the time.
To sync, it needs a valid access token.
I'm then saying that an 'active' client that has a valid refresh token but an invalid access token will refresh immediately, because otherwise it can't sync (and therefore it contradicts the fact that it's supposedly an 'active' client and all active clients sync all the time).
1. sessions may become logged out if they are inactive for more than *R - A*. | ||
(Explanation: if a client goes offline just before it was about to refresh its | ||
access token, then it must come online before the refresh token expires.) | ||
2. sessions will always become logged out if they are inactive for more than *R*. | ||
(Explanation: if a client refreshes its access token just before going offline, | ||
then returns just before the refresh token expires, it will be able to continue | ||
its session.) | ||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I don't follow this. What is the trigger for a session to be logged out? Your refresh token expires without being used?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
The key thing I didn't understand here is that the start of the inactivity period can be before your access and refresh tokens were generated. I think the example below would be improved by this.
(Is it always the case that the active access and active refresh tokens are generated at the same instant?)
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
the start of the inactivity period can be before your access and refresh tokens were generated. I think the example below would be improved by this.
I'm confused by this and on first hand it sounds wrong but I think it's more that I've misunderstood.
(Is it always the case that the active access and active refresh tokens are generated at the same instant?)
Yup, maybe I should actually explain that 'refreshing an access token' means that you exchange your (old) refresh token for a new access token AND a new refresh token at the same time. It's kind of implicit knowledge to me now but I suppose I didn't actually tell you that before :P
As an example, if refresh tokens are configured to expire after 20 minutes and | ||
access tokens are configured to expire after 5 minutes, then sessions will definitely | ||
end if inactive for 20 minutes, but may end if inactive for as few as 15 minutes. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Something like
Suppose I am granted an access token and refresh token at 12:00. These last for 5 and 20 minutes respectively.
- I can keep using my access token until 12:05.
- If I go inactive at 12:00 immediately, I must use my refresh token before it expires at 12:20. This gives me a 20 minute window.
- If I go inactive at 12:02, I must use my refresh token before it expires at 12:20. This gives me an 18 minute window.
- If I go inactive at 12:05, I must use my refresh token before it expires at 12:20. This gives me a 15 minute window.
Feels like an information overload. I wonder if it'd be simpler to just say something like
Each time they login or refresh a token, clients must refresh again within time
R
to avoid being logged out.
Hmm. I'm not really convinced by my effort there.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I'm attempting (maybe not very well) to paint a picture of how homeserver admins can configure their servers to have which user-visible behaviours.
What clients should do should hopefully be obvious from the spec.
Basically, if a homeserver admin (or one of our customers...) has a problem statement like 'I want sessions to get logged out automatically if inactive for 15 minutes', this document should help them decide what values they need and hopefully explain why you get a bit of a range of times (with the widest range assuming that clients are lazy and only refresh at the last possible moment)...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A few smaller things:
Make this long if you don't want to inconvenience users of clients which don't | ||
support refresh tokens. | ||
* `refresh_token_lifetime`: lifetime of refresh tokens. | ||
Unless you want to log inactive sessions out, it is often fine to use a long | ||
value here or even leave it unset (infinite). | ||
Beware that making it too short will inconvenience clients that do not connect | ||
very often, including mobile clients and clients of infrequent users. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Two uses of inconvenience here. Can we explain how they're inconvenienced, i.e. that they must re-authenticate with the login credentials?
Co-authored-by: David Robertson <davidr@element.io>
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
LGTM. Thanks for bearing with me.
Au contraire, thanks for the feedback — it's very difficult to read docs from the position of someone who knows next to nothing after just spending the effort to figure it out and write it up... :) |
Synapse 1.50.0 (2022-01-18) =========================== Please note that we now only support Python 3.7+ and PostgreSQL 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have reached end-of-life. No significant changes since 1.50.0rc2. Synapse 1.50.0rc2 (2022-01-14) ============================== This release candidate fixes a federation-breaking regression introduced in Synapse 1.50.0rc1. Bugfixes -------- - Fix a bug introduced in Synapse v1.0.0 whereby some device list updates would not be sent to remote homeservers if there were too many to send at once. ([\matrix-org#11729](matrix-org#11729)) - Fix a bug introduced in Synapse v1.50.0rc1 whereby outbound federation could fail because too many EDUs were produced for device updates. ([\matrix-org#11730](matrix-org#11730)) Improved Documentation ---------------------- - Document that now the minimum supported PostgreSQL version is 10. ([\matrix-org#11725](matrix-org#11725)) Internal Changes ---------------- - Fix a typechecker problem related to our (ab)use of `nacl.signing.SigningKey`s. ([\matrix-org#11714](matrix-org#11714)) Synapse 1.50.0rc1 (2022-01-05) ============================== Features -------- - Allow guests to send state events per [MSC3419](matrix-org/matrix-spec-proposals#3419). ([\matrix-org#11378](matrix-org#11378)) - Add experimental support for part of [MSC3202](matrix-org/matrix-spec-proposals#3202): allowing application services to masquerade as specific devices. ([\matrix-org#11538](matrix-org#11538)) - Add admin API to get users' account data. ([\matrix-org#11664](matrix-org#11664)) - Include the room topic in the stripped state included with invites and knocking. ([\matrix-org#11666](matrix-org#11666)) - Send and handle cross-signing messages using the stable prefix. ([\matrix-org#10520](matrix-org#10520)) - Support unprefixed versions of fallback key property names. ([\matrix-org#11541](matrix-org#11541)) Bugfixes -------- - Fix a long-standing bug where relations from other rooms could be included in the bundled aggregations of an event. ([\matrix-org#11516](matrix-org#11516)) - Fix a long-standing bug which could cause `AssertionError`s to be written to the log when Synapse was restarted after purging events from the database. ([\matrix-org#11536](matrix-org#11536), [\matrix-org#11642](matrix-org#11642)) - Fix a bug introduced in Synapse 1.17.0 where a pusher created for an email with capital letters would fail to be created. ([\matrix-org#11547](matrix-org#11547)) - Fix a long-standing bug where responses included bundled aggregations when they should not, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\matrix-org#11592](matrix-org#11592), [\matrix-org#11623](matrix-org#11623)) - Fix a long-standing bug that some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\matrix-org#11602](matrix-org#11602)) - Fix a bug introduced in Synapse 1.19.3 which could sometimes cause `AssertionError`s when backfilling rooms over federation. ([\matrix-org#11632](matrix-org#11632)) Improved Documentation ---------------------- - Update Synapse install command for FreeBSD as the package is now prefixed with `py38`. Contributed by @itchychips. ([\matrix-org#11267](matrix-org#11267)) - Document the usage of refresh tokens. ([\matrix-org#11427](matrix-org#11427)) - Add details for how to configure a TURN server when behind a NAT. Contibuted by @AndrewFerr. ([\matrix-org#11553](matrix-org#11553)) - Add references for using Postgres to the Docker documentation. ([\matrix-org#11640](matrix-org#11640)) - Fix the documentation link in newly-generated configuration files. ([\matrix-org#11678](matrix-org#11678)) - Correct the documentation for `nginx` to use a case-sensitive url pattern. Fixes an error introduced in v1.21.0. ([\matrix-org#11680](matrix-org#11680)) - Clarify SSO mapping provider documentation by writing `def` or `async def` before the names of methods, as appropriate. ([\matrix-org#11681](matrix-org#11681)) Deprecations and Removals ------------------------- - Replace `mock` package by its standard library version. ([\matrix-org#11588](matrix-org#11588)) - Drop support for Python 3.6 and Ubuntu 18.04. ([\matrix-org#11633](matrix-org#11633)) Internal Changes ---------------- - Allow specific, experimental events to be created without `prev_events`. Used by [MSC2716](matrix-org/matrix-spec-proposals#2716). ([\matrix-org#11243](matrix-org#11243)) - A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property. ([\matrix-org#11331](matrix-org#11331)) - Add type hints to `synapse.appservice`. ([\matrix-org#11360](matrix-org#11360)) - Add missing type hints to `synapse.config` module. ([\matrix-org#11480](matrix-org#11480)) - Add test to ensure we share the same `state_group` across the whole historical batch when using the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint. ([\matrix-org#11487](matrix-org#11487)) - Refactor `tests.util.setup_test_homeserver` and `tests.server.setup_test_homeserver`. ([\matrix-org#11503](matrix-org#11503)) - Move `glob_to_regex` and `re_word_boundary` to `matrix-python-common`. ([\matrix-org#11505](matrix-org#11505), [\matrix-org#11687](matrix-org#11687)) - Use `HTTPStatus` constants in place of literals in `tests.rest.client.test_auth`. ([\matrix-org#11520](matrix-org#11520)) - Add a receipt types constant for `m.read`. ([\matrix-org#11531](matrix-org#11531)) - Clean up `synapse.rest.admin`. ([\matrix-org#11535](matrix-org#11535)) - Add missing `errcode` to `parse_string` and `parse_boolean`. ([\matrix-org#11542](matrix-org#11542)) - Use `HTTPStatus` constants in place of literals in `synapse.http`. ([\matrix-org#11543](matrix-org#11543)) - Add missing type hints to storage classes. ([\matrix-org#11546](matrix-org#11546), [\matrix-org#11549](matrix-org#11549), [\matrix-org#11551](matrix-org#11551), [\matrix-org#11555](matrix-org#11555), [\matrix-org#11575](matrix-org#11575), [\matrix-org#11589](matrix-org#11589), [\matrix-org#11594](matrix-org#11594), [\matrix-org#11652](matrix-org#11652), [\matrix-org#11653](matrix-org#11653), [\matrix-org#11654](matrix-org#11654), [\matrix-org#11657](matrix-org#11657)) - Fix an inaccurate and misleading comment in the `/sync` code. ([\matrix-org#11550](matrix-org#11550)) - Add missing type hints to `synapse.logging.context`. ([\matrix-org#11556](matrix-org#11556)) - Stop populating unused database column `state_events.prev_state`. ([\matrix-org#11558](matrix-org#11558)) - Minor efficiency improvements in event persistence. ([\matrix-org#11560](matrix-org#11560)) - Add some safety checks that storage functions are used correctly. ([\matrix-org#11564](matrix-org#11564), [\matrix-org#11580](matrix-org#11580)) - Make `get_device` return `None` if the device doesn't exist rather than raising an exception. ([\matrix-org#11565](matrix-org#11565)) - Split the HTML parsing code from the URL preview resource code. ([\matrix-org#11566](matrix-org#11566)) - Remove redundant `COALESCE()`s around `COUNT()`s in database queries. ([\matrix-org#11570](matrix-org#11570)) - Add missing type hints to `synapse.http`. ([\matrix-org#11571](matrix-org#11571)) - Add [MSC2716](matrix-org/matrix-spec-proposals#2716) and [MSC3030](matrix-org/matrix-spec-proposals#3030) to `/versions` -> `unstable_features` to detect server support. ([\matrix-org#11582](matrix-org#11582)) - Add type hints to `synapse/tests/rest/admin`. ([\matrix-org#11590](matrix-org#11590)) - Drop end-of-life Python 3.6 and Postgres 9.6 from CI. ([\matrix-org#11595](matrix-org#11595)) - Update black version and run it on all the files. ([\matrix-org#11596](matrix-org#11596)) - Add opentracing type stubs and fix associated mypy errors. ([\matrix-org#11603](matrix-org#11603), [\matrix-org#11622](matrix-org#11622)) - Improve OpenTracing support for requests which use a `ResponseCache`. ([\matrix-org#11607](matrix-org#11607)) - Improve OpenTracing support for incoming HTTP requests. ([\matrix-org#11618](matrix-org#11618)) - A number of improvements to opentracing support. ([\matrix-org#11619](matrix-org#11619)) - Refactor the way that the `outlier` flag is set on events received over federation. ([\matrix-org#11634](matrix-org#11634)) - Improve the error messages from `get_create_event_for_room`. ([\matrix-org#11638](matrix-org#11638)) - Remove redundant `get_current_events_token` method. ([\matrix-org#11643](matrix-org#11643)) - Convert `namedtuples` to `attrs`. ([\matrix-org#11665](matrix-org#11665), [\matrix-org#11574](matrix-org#11574)) - Update the `/capabilities` response to include whether support for [MSC3440](matrix-org/matrix-spec-proposals#3440) is available. ([\matrix-org#11690](matrix-org#11690)) - Send the `Accept` header in HTTP requests made using `SimpleHttpClient.get_json`. ([\matrix-org#11677](matrix-org#11677)) - Work around Mjolnir compatibility issue by adding an import for `glob_to_regex` in `synapse.util`, where it moved from. ([\matrix-org#11696](matrix-org#11696))
Synapse 1.51.0 (2022-01-25) =========================== No significant changes since 1.51.0rc2. Synapse 1.51.0 deprecates `webclient` listeners and non-HTTP(S) `web_client_location`s. Support for these will be removed in Synapse 1.53.0, at which point Synapse will not be capable of directly serving a web client for Matrix. Synapse 1.51.0rc2 (2022-01-24) ============================== Bugfixes -------- - Fix a bug introduced in Synapse 1.40.0 that caused Synapse to fail to process incoming federation traffic after handling a large amount of events in a v1 room. ([\#11806](matrix-org/synapse#11806)) Synapse 1.51.0rc1 (2022-01-21) ============================== Features -------- - Add `track_puppeted_user_ips` config flag to record client IP addresses against puppeted users, and include the puppeted users in monthly active user counts. ([\#11561](matrix-org/synapse#11561), [\#11749](matrix-org/synapse#11749), [\#11757](matrix-org/synapse#11757)) - Include whether the requesting user has participated in a thread when generating a summary for [MSC3440](matrix-org/matrix-spec-proposals#3440). ([\#11577](matrix-org/synapse#11577)) - Return an `M_FORBIDDEN` error code instead of `M_UNKNOWN` when a spam checker module prevents a user from creating a room. ([\#11672](matrix-org/synapse#11672)) - Add a flag to the `synapse_review_recent_signups` script to ignore and filter appservice users. ([\#11675](matrix-org/synapse#11675), [\#11770](matrix-org/synapse#11770)) Bugfixes -------- - Fix a long-standing issue which could cause Synapse to incorrectly accept data in the unsigned field of events received over federation. ([\#11530](matrix-org/synapse#11530)) - Fix a long-standing bug where Synapse wouldn't cache a response indicating that a remote user has no devices. ([\#11587](matrix-org/synapse#11587)) - Fix an error that occurs whilst trying to get the federation status of a destination server that was working normally. This admin API was newly introduced in Synapse v1.49.0. ([\#11593](matrix-org/synapse#11593)) - Fix bundled aggregations not being included in the `/sync` response, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\#11612](matrix-org/synapse#11612), [\#11659](matrix-org/synapse#11659), [\#11791](matrix-org/synapse#11791)) - Fix the `/_matrix/client/v1/room/{roomId}/hierarchy` endpoint returning incorrect fields which have been present since Synapse 1.49.0. ([\#11667](matrix-org/synapse#11667)) - Fix preview of some GIF URLs (like tenor.com). Contributed by Philippe Daouadi. ([\#11669](matrix-org/synapse#11669)) - Fix a bug where only the first 50 rooms from a space were returned from the `/hierarchy` API. This has existed since the introduction of the API in Synapse v1.41.0. ([\#11695](matrix-org/synapse#11695)) - Fix a bug introduced in Synapse v1.18.0 where password reset and address validation emails would not be sent if their subject was configured to use the 'app' template variable. Contributed by @br4nnigan. ([\#11710](matrix-org/synapse#11710), [\#11745](matrix-org/synapse#11745)) - Make the 'List Rooms' Admin API sort stable. Contributed by Daniël Sonck. ([\#11737](matrix-org/synapse#11737)) - Fix a long-standing bug where space hierarchy over federation would only work correctly some of the time. ([\#11775](matrix-org/synapse#11775)) - Fix a bug introduced in Synapse v1.46.0 that prevented `on_logged_out` module callbacks from being correctly awaited by Synapse. ([\#11786](matrix-org/synapse#11786)) Improved Documentation ---------------------- - Warn against using a Let's Encrypt certificate for TLS/DTLS TURN server client connections, and suggest using ZeroSSL certificate instead. This works around client-side connectivity errors caused by WebRTC libraries that reject Let's Encrypt certificates. Contibuted by @AndrewFerr. ([\#11686](matrix-org/synapse#11686)) - Document the new `SYNAPSE_TEST_PERSIST_SQLITE_DB` environment variable in the contributing guide. ([\#11715](matrix-org/synapse#11715)) - Document that the minimum supported PostgreSQL version is now 10. ([\#11725](matrix-org/synapse#11725)) - Fix typo in demo docs: differnt. ([\#11735](matrix-org/synapse#11735)) - Update room spec URL in config files. ([\#11739](matrix-org/synapse#11739)) - Mention `python3-venv` and `libpq-dev` dependencies in the contribution guide. ([\#11740](matrix-org/synapse#11740)) - Update documentation for configuring login with Facebook. ([\#11755](matrix-org/synapse#11755)) - Update installation instructions to note that Python 3.6 is no longer supported. ([\#11781](matrix-org/synapse#11781)) Deprecations and Removals ------------------------- - Remove the unstable `/send_relation` endpoint. ([\#11682](matrix-org/synapse#11682)) - Remove `python_twisted_reactor_pending_calls` Prometheus metric. ([\#11724](matrix-org/synapse#11724)) - Remove the `password_hash` field from the response dictionaries of the [Users Admin API](https://matrix-org.github.io/synapse/latest/admin_api/user_admin_api.html). ([\#11576](matrix-org/synapse#11576)) - **Deprecate support for `webclient` listeners and non-HTTP(S) `web_client_location` configuration. ([\#11774](matrix-org/synapse#11774), [\#11783](matrix-org/synapse#11783 Internal Changes ---------------- - Run `pyupgrade --py37-plus --keep-percent-format` on Synapse. ([\#11685](matrix-org/synapse#11685)) - Use buildkit's cache feature to speed up docker builds. ([\#11691](matrix-org/synapse#11691)) - Use `auto_attribs` and native type hints for attrs classes. ([\#11692](matrix-org/synapse#11692), [\#11768](matrix-org/synapse#11768)) - Remove debug logging for #4422, which has been closed since Synapse 0.99. ([\#11693](matrix-org/synapse#11693)) - Remove fallback code for Python 2. ([\#11699](matrix-org/synapse#11699)) - Add a test for [an edge case](matrix-org/synapse#11532 (comment)) in the `/sync` logic. ([\#11701](matrix-org/synapse#11701)) - Add the option to write SQLite test dbs to disk when running tests. ([\#11702](matrix-org/synapse#11702)) - Improve Complement test output for Gitub Actions. ([\#11707](matrix-org/synapse#11707)) - Fix docstring on `add_account_data_for_user`. ([\#11716](matrix-org/synapse#11716)) - Complement environment variable name change and update `.gitignore`. ([\#11718](matrix-org/synapse#11718)) - Simplify calculation of Prometheus metrics for garbage collection. ([\#11723](matrix-org/synapse#11723)) - Improve accuracy of `python_twisted_reactor_tick_time` Prometheus metric. ([\#11724](matrix-org/synapse#11724), [\#11771](matrix-org/synapse#11771)) - Minor efficiency improvements when inserting many values into the database. ([\#11742](matrix-org/synapse#11742)) - Invite PR authors to give themselves credit in the changelog. ([\#11744](matrix-org/synapse#11744)) - Add optional debugging to investigate [issue 8631](matrix-org/synapse#8631). ([\#11760](matrix-org/synapse#11760)) - Remove `log_function` utility function and its uses. ([\#11761](matrix-org/synapse#11761)) - Add a unit test that checks both `client` and `webclient` resources will function when simultaneously enabled. ([\#11765](matrix-org/synapse#11765)) - Allow overriding complement commit using `COMPLEMENT_REF`. ([\#11766](matrix-org/synapse#11766)) - Add some comments and type annotations for `_update_outliers_txn`. ([\#11776](matrix-org/synapse#11776)) Synapse 1.50.1 (2022-01-18) =========================== This release fixes a bug in Synapse 1.50.0 that could prevent clients from being able to connect to Synapse if the `webclient` resource was enabled. Further details are available in [this issue](matrix-org/synapse#11763). Bugfixes -------- - Fix a bug introduced in Synapse 1.50.0rc1 that could cause Matrix clients to be unable to connect to Synapse instances with the `webclient` resource enabled. ([\#11764](matrix-org/synapse#11764)) Synapse 1.50.0 (2022-01-18) =========================== **This release contains a critical bug that may prevent clients from being able to connect. As such, it is not recommended to upgrade to 1.50.0. Instead, please upgrade straight to to 1.50.1. Further details are available in [this issue](matrix-org/synapse#11763 Please note that we now only support Python 3.7+ and PostgreSQL 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have reached end-of-life. No significant changes since 1.50.0rc2. Synapse 1.50.0rc2 (2022-01-14) ============================== This release candidate fixes a federation-breaking regression introduced in Synapse 1.50.0rc1. Bugfixes -------- - Fix a bug introduced in Synapse v1.0.0 whereby some device list updates would not be sent to remote homeservers if there were too many to send at once. ([\#11729](matrix-org/synapse#11729)) - Fix a bug introduced in Synapse v1.50.0rc1 whereby outbound federation could fail because too many EDUs were produced for device updates. ([\#11730](matrix-org/synapse#11730)) Improved Documentation ---------------------- - Document that now the minimum supported PostgreSQL version is 10. ([\#11725](matrix-org/synapse#11725)) Internal Changes ---------------- - Fix a typechecker problem related to our (ab)use of `nacl.signing.SigningKey`s. ([\#11714](matrix-org/synapse#11714)) Synapse 1.50.0rc1 (2022-01-05) ============================== Features -------- - Allow guests to send state events per [MSC3419](matrix-org/matrix-spec-proposals#3419). ([\#11378](matrix-org/synapse#11378)) - Add experimental support for part of [MSC3202](matrix-org/matrix-spec-proposals#3202): allowing application services to masquerade as specific devices. ([\#11538](matrix-org/synapse#11538)) - Add admin API to get users' account data. ([\#11664](matrix-org/synapse#11664)) - Include the room topic in the stripped state included with invites and knocking. ([\#11666](matrix-org/synapse#11666)) - Send and handle cross-signing messages using the stable prefix. ([\#10520](matrix-org/synapse#10520)) - Support unprefixed versions of fallback key property names. ([\#11541](matrix-org/synapse#11541)) Bugfixes -------- - Fix a long-standing bug where relations from other rooms could be included in the bundled aggregations of an event. ([\#11516](matrix-org/synapse#11516)) - Fix a long-standing bug which could cause `AssertionError`s to be written to the log when Synapse was restarted after purging events from the database. ([\#11536](matrix-org/synapse#11536), [\#11642](matrix-org/synapse#11642)) - Fix a bug introduced in Synapse 1.17.0 where a pusher created for an email with capital letters would fail to be created. ([\#11547](matrix-org/synapse#11547)) - Fix a long-standing bug where responses included bundled aggregations when they should not, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\#11592](matrix-org/synapse#11592), [\#11623](matrix-org/synapse#11623)) - Fix a long-standing bug that some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11602](matrix-org/synapse#11602)) - Fix a bug introduced in Synapse 1.19.3 which could sometimes cause `AssertionError`s when backfilling rooms over federation. ([\#11632](matrix-org/synapse#11632)) Improved Documentation ---------------------- - Update Synapse install command for FreeBSD as the package is now prefixed with `py38`. Contributed by @itchychips. ([\#11267](matrix-org/synapse#11267)) - Document the usage of refresh tokens. ([\#11427](matrix-org/synapse#11427)) - Add details for how to configure a TURN server when behind a NAT. Contibuted by @AndrewFerr. ([\#11553](matrix-org/synapse#11553)) - Add references for using Postgres to the Docker documentation. ([\#11640](matrix-org/synapse#11640)) - Fix the documentation link in newly-generated configuration files. ([\#11678](matrix-org/synapse#11678)) - Correct the documentation for `nginx` to use a case-sensitive url pattern. Fixes an error introduced in v1.21.0. ([\#11680](matrix-org/synapse#11680)) - Clarify SSO mapping provider documentation by writing `def` or `async def` before the names of methods, as appropriate. ([\#11681](matrix-org/synapse#11681)) Deprecations and Removals ------------------------- - Replace `mock` package by its standard library version. ([\#11588](matrix-org/synapse#11588)) - Drop support for Python 3.6 and Ubuntu 18.04. ([\#11633](matrix-org/synapse#11633)) Internal Changes ---------------- - Allow specific, experimental events to be created without `prev_events`. Used by [MSC2716](matrix-org/matrix-spec-proposals#2716). ([\#11243](matrix-org/synapse#11243)) - A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property. ([\#11331](matrix-org/synapse#11331)) - Add type hints to `synapse.appservice`. ([\#11360](matrix-org/synapse#11360)) - Add missing type hints to `synapse.config` module. ([\#11480](matrix-org/synapse#11480)) - Add test to ensure we share the same `state_group` across the whole historical batch when using the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint. ([\#11487](matrix-org/synapse#11487)) - Refactor `tests.util.setup_test_homeserver` and `tests.server.setup_test_homeserver`. ([\#11503](matrix-org/synapse#11503)) - Move `glob_to_regex` and `re_word_boundary` to `matrix-python-common`. ([\#11505](matrix-org/synapse#11505), [\#11687](matrix-org/synapse#11687)) - Use `HTTPStatus` constants in place of literals in `tests.rest.client.test_auth`. ([\#11520](matrix-org/synapse#11520)) - Add a receipt types constant for `m.read`. ([\#11531](matrix-org/synapse#11531)) - Clean up `synapse.rest.admin`. ([\#11535](matrix-org/synapse#11535)) - Add missing `errcode` to `parse_string` and `parse_boolean`. ([\#11542](matrix-org/synapse#11542)) - Use `HTTPStatus` constants in place of literals in `synapse.http`. ([\#11543](matrix-org/synapse#11543)) - Add missing type hints to storage classes. ([\#11546](matrix-org/synapse#11546), [\#11549](matrix-org/synapse#11549), [\#11551](matrix-org/synapse#11551), [\#11555](matrix-org/synapse#11555), [\#11575](matrix-org/synapse#11575), [\#11589](matrix-org/synapse#11589), [\#11594](matrix-org/synapse#11594), [\#11652](matrix-org/synapse#11652), [\#11653](matrix-org/synapse#11653), [\#11654](matrix-org/synapse#11654), [\#11657](matrix-org/synapse#11657)) - Fix an inaccurate and misleading comment in the `/sync` code. ([\#11550](matrix-org/synapse#11550)) - Add missing type hints to `synapse.logging.context`. ([\#11556](matrix-org/synapse#11556)) - Stop populating unused database column `state_events.prev_state`. ([\#11558](matrix-org/synapse#11558)) - Minor efficiency improvements in event persistence. ([\#11560](matrix-org/synapse#11560)) - Add some safety checks that storage functions are used correctly. ([\#11564](matrix-org/synapse#11564), [\#11580](matrix-org/synapse#11580)) - Make `get_device` return `None` if the device doesn't exist rather than raising an exception. ([\#11565](matrix-org/synapse#11565)) - Split the HTML parsing code from the URL preview resource code. ([\#11566](matrix-org/synapse#11566)) - Remove redundant `COALESCE()`s around `COUNT()`s in database queries. ([\#11570](matrix-org/synapse#11570)) - Add missing type hints to `synapse.http`. ([\#11571](matrix-org/synapse#11571)) - Add [MSC2716](matrix-org/matrix-spec-proposals#2716) and [MSC3030](matrix-org/matrix-spec-proposals#3030) to `/versions` -> `unstable_features` to detect server support. ([\#11582](matrix-org/synapse#11582)) - Add type hints to `synapse/tests/rest/admin`. ([\#11590](matrix-org/synapse#11590)) - Drop end-of-life Python 3.6 and Postgres 9.6 from CI. ([\#11595](matrix-org/synapse#11595)) - Update black version and run it on all the files. ([\#11596](matrix-org/synapse#11596)) - Add opentracing type stubs and fix associated mypy errors. ([\#11603](matrix-org/synapse#11603), [\#11622](matrix-org/synapse#11622)) - Improve OpenTracing support for requests which use a `ResponseCache`. ([\#11607](matrix-org/synapse#11607)) - Improve OpenTracing support for incoming HTTP requests. ([\#11618](matrix-org/synapse#11618)) - A number of improvements to opentracing support. ([\#11619](matrix-org/synapse#11619)) - Refactor the way that the `outlier` flag is set on events received over federation. ([\#11634](matrix-org/synapse#11634)) - Improve the error messages from `get_create_event_for_room`. ([\#11638](matrix-org/synapse#11638)) - Remove redundant `get_current_events_token` method. ([\#11643](matrix-org/synapse#11643)) - Convert `namedtuples` to `attrs`. ([\#11665](matrix-org/synapse#11665), [\#11574](matrix-org/synapse#11574)) - Update the `/capabilities` response to include whether support for [MSC3440](matrix-org/matrix-spec-proposals#3440) is available. ([\#11690](matrix-org/synapse#11690)) - Send the `Accept` header in HTTP requests made using `SimpleHttpClient.get_json`. ([\#11677](matrix-org/synapse#11677)) - Work around Mjolnir compatibility issue by adding an import for `glob_to_regex` in `synapse.util`, where it moved from. ([\#11696](matrix-org/synapse#11696)) Synapse 1.49.2 (2021-12-21) =========================== This release fixes a regression introduced in Synapse 1.49.0 which could cause `/sync` requests to take significantly longer. This would particularly affect "initial" syncs for users participating in a large number of rooms, and in extreme cases, could make it impossible for such users to log in on a new client. **Note:** in line with our [deprecation policy](https://matrix-org.github.io/synapse/latest/deprecation_policy.html) for platform dependencies, this will be the last release to support Python 3.6 and PostgreSQL 9.6, both of which have now reached upstream end-of-life. Synapse will require Python 3.7+ and PostgreSQL 10+. **Note:** We will also stop producing packages for Ubuntu 18.04 (Bionic Beaver) after this release, as it uses Python 3.6. Bugfixes -------- - Fix a performance regression in `/sync` handling, introduced in 1.49.0. ([\#11583](matrix-org/synapse#11583)) Internal Changes ---------------- - Work around a build problem on Debian Buster. ([\#11625](matrix-org/synapse#11625)) Synapse 1.49.1 (2021-12-21) =========================== Not released due to problems building the debian packages. Synapse 1.49.0 (2021-12-14) =========================== No significant changes since version 1.49.0rc1. Support for Ubuntu 21.04 ends next month on the 20th of January --------------------------------------------------------------- For users of Ubuntu 21.04 (Hirsute Hippo), please be aware that [upstream support for this version of Ubuntu will end next month][Ubuntu2104EOL]. We will stop producing packages for Ubuntu 21.04 after upstream support ends. [Ubuntu2104EOL]: https://lists.ubuntu.com/archives/ubuntu-announce/2021-December/000275.html The wiki has been migrated to the documentation website ------------------------------------------------------- We've decided to move the existing, somewhat stagnant pages from the GitHub wiki to the [documentation website](https://matrix-org.github.io/synapse/latest/). This was done for two reasons. The first was to ensure that changes are checked by multiple authors before being committed (everyone makes mistakes!) and the second was visibility of the documentation. Not everyone knows that Synapse has some very useful information hidden away in its GitHub wiki pages. Bringing them to the documentation website should help with visibility, as well as keep all Synapse documentation in one, easily-searchable location. Note that contributions to the documentation website happen through [GitHub pull requests](https://github.com/matrix-org/synapse/pulls). Please visit [#synapse-dev:matrix.org](https://matrix.to/#/#synapse-dev:matrix.org) if you need help with the process! Synapse 1.49.0rc1 (2021-12-07) ============================== Features -------- - Add [MSC3030](matrix-org/matrix-spec-proposals#3030) experimental client and federation API endpoints to get the closest event to a given timestamp. ([\#9445](matrix-org/synapse#9445)) - Include bundled relation aggregations during a limited `/sync` request and `/relations` request, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\#11284](matrix-org/synapse#11284), [\#11478](matrix-org/synapse#11478)) - Add plugin support for controlling database background updates. ([\#11306](matrix-org/synapse#11306), [\#11475](matrix-org/synapse#11475), [\#11479](matrix-org/synapse#11479)) - Support the stable API endpoints for [MSC2946](matrix-org/matrix-spec-proposals#2946): the room `/hierarchy` endpoint. ([\#11329](matrix-org/synapse#11329)) - Add admin API to get some information about federation status with remote servers. ([\#11407](matrix-org/synapse#11407)) - Support expiry of refresh tokens and expiry of the overall session when refresh tokens are in use. ([\#11425](matrix-org/synapse#11425)) - Stabilise support for [MSC2918](https://github.com/matrix-org/matrix-doc/blob/main/proposals/2918-refreshtokens.md#msc2918-refresh-tokens) refresh tokens as they have now been merged into the Matrix specification. ([\#11435](matrix-org/synapse#11435), [\#11522](matrix-org/synapse#11522)) - Update [MSC2918 refresh token](https://github.com/matrix-org/matrix-doc/blob/main/proposals/2918-refreshtokens.md#msc2918-refresh-tokens) support to confirm with the latest revision: accept the `refresh_tokens` parameter in the request body rather than in the URL parameters. ([\#11430](matrix-org/synapse#11430)) - Support configuring the lifetime of non-refreshable access tokens separately to refreshable access tokens. ([\#11445](matrix-org/synapse#11445)) - Expose `synapse_homeserver` and `synapse_worker` commands as entry points to run Synapse's main process and worker processes, respectively. Contributed by @Ma27. ([\#11449](matrix-org/synapse#11449)) - `synctl stop` will now wait for Synapse to exit before returning. ([\#11459](matrix-org/synapse#11459), [\#11490](matrix-org/synapse#11490)) - Extend the "delete room" admin api to work correctly on rooms which have previously been partially deleted. ([\#11523](matrix-org/synapse#11523)) - Add support for the `/_matrix/client/v3/login/sso/redirect/{idpId}` API from Matrix v1.1. This endpoint was overlooked when support for v3 endpoints was added in Synapse 1.48.0rc1. ([\#11451](matrix-org/synapse#11451)) Bugfixes -------- - Fix using [MSC2716](matrix-org/matrix-spec-proposals#2716) batch sending in combination with event persistence workers. Contributed by @tulir at Beeper. ([\#11220](matrix-org/synapse#11220)) - Fix a long-standing bug where all requests that read events from the database could get stuck as a result of losing the database connection, properly this time. Also fix a race condition introduced in the previous insufficient fix in Synapse 1.47.0. ([\#11376](matrix-org/synapse#11376)) - The `/send_join` response now includes the stable `event` field instead of the unstable field from [MSC3083](matrix-org/matrix-spec-proposals#3083). ([\#11413](matrix-org/synapse#11413)) - Fix a bug introduced in Synapse 1.47.0 where `send_join` could fail due to an outdated `ijson` version. ([\#11439](matrix-org/synapse#11439), [\#11441](matrix-org/synapse#11441), [\#11460](matrix-org/synapse#11460)) - Fix a bug introduced in Synapse 1.36.0 which could cause problems fetching event-signing keys from trusted key servers. ([\#11440](matrix-org/synapse#11440)) - Fix a bug introduced in Synapse 1.47.1 where the media repository would fail to work if the media store path contained any symbolic links. ([\#11446](matrix-org/synapse#11446)) - Fix an `LruCache` corruption bug, introduced in Synapse 1.38.0, that would cause certain requests to fail until the next Synapse restart. ([\#11454](matrix-org/synapse#11454)) - Fix a long-standing bug where invites from ignored users were included in incremental syncs. ([\#11511](matrix-org/synapse#11511)) - Fix a regression in Synapse 1.48.0 where presence workers would not clear their presence updates over replication on shutdown. ([\#11518](matrix-org/synapse#11518)) - Fix a regression in Synapse 1.48.0 where the module API's `looping_background_call` method would spam errors to the logs when given a non-async function. ([\#11524](matrix-org/synapse#11524)) Updates to the Docker image --------------------------- - Update `Dockerfile-workers` to healthcheck all workers in the container. ([\#11429](matrix-org/synapse#11429)) Improved Documentation ---------------------- - Update the media repository documentation. ([\#11415](matrix-org/synapse#11415)) - Update section about backward extremities in the room DAG concepts doc to correct the misconception about backward extremities indicating whether we have fetched an events' `prev_events`. ([\#11469](matrix-org/synapse#11469)) Internal Changes ---------------- - Add `Final` annotation to string constants in `synapse.api.constants` so that they get typed as `Literal`s. ([\#11356](matrix-org/synapse#11356)) - Add a check to ensure that users cannot start the Synapse master process when `worker_app` is set. ([\#11416](matrix-org/synapse#11416)) - Add a note about postgres memory management and hugepages to postgres doc. ([\#11467](matrix-org/synapse#11467)) - Add missing type hints to `synapse.config` module. ([\#11465](matrix-org/synapse#11465)) - Add missing type hints to `synapse.federation`. ([\#11483](matrix-org/synapse#11483)) - Add type annotations to `tests.storage.test_appservice`. ([\#11488](matrix-org/synapse#11488), [\#11492](matrix-org/synapse#11492)) - Add type annotations to some of the configuration surrounding refresh tokens. ([\#11428](matrix-org/synapse#11428)) - Add type hints to `synapse/tests/rest/admin`. ([\#11501](matrix-org/synapse#11501)) - Add type hints to storage classes. ([\#11411](matrix-org/synapse#11411)) - Add wiki pages to documentation website. ([\#11402](matrix-org/synapse#11402)) - Clean up `tests.storage.test_main` to remove use of legacy code. ([\#11493](matrix-org/synapse#11493)) - Clean up `tests.test_visibility` to remove legacy code. ([\#11495](matrix-org/synapse#11495)) - Convert status codes to `HTTPStatus` in `synapse.rest.admin`. ([\#11452](matrix-org/synapse#11452), [\#11455](matrix-org/synapse#11455)) - Extend the `scripts-dev/sign_json` script to support signing events. ([\#11486](matrix-org/synapse#11486)) - Improve internal types in push code. ([\#11409](matrix-org/synapse#11409)) - Improve type annotations in `synapse.module_api`. ([\#11029](matrix-org/synapse#11029)) - Improve type hints for `LruCache`. ([\#11453](matrix-org/synapse#11453)) - Preparation for database schema simplifications: disambiguate queries on `state_key`. ([\#11497](matrix-org/synapse#11497)) - Refactor `backfilled` into specific behavior function arguments (`_persist_events_and_state_updates` and downstream calls). ([\#11417](matrix-org/synapse#11417)) - Refactor `get_version_string` to fix-up types and duplicated code. ([\#11468](matrix-org/synapse#11468)) - Refactor various parts of the `/sync` handler. ([\#11494](matrix-org/synapse#11494), [\#11515](matrix-org/synapse#11515)) - Remove unnecessary `json.dumps` from `tests.rest.admin`. ([\#11461](matrix-org/synapse#11461)) - Save the OpenID Connect session ID on login. ([\#11482](matrix-org/synapse#11482)) - Update and clean up recently ported documentation pages. ([\#11466](matrix-org/synapse#11466))
Synapse 1.50.0 (2022-01-18) =========================== Please note that we now only support Python 3.7+ and PostgreSQL 10+ (if applicable), because Python 3.6 and PostgreSQL 9.6 have reached end-of-life. No significant changes since 1.50.0rc2. Synapse 1.50.0rc2 (2022-01-14) ============================== This release candidate fixes a federation-breaking regression introduced in Synapse 1.50.0rc1. Bugfixes -------- - Fix a bug introduced in Synapse v1.0.0 whereby some device list updates would not be sent to remote homeservers if there were too many to send at once. ([\#11729](matrix-org/synapse#11729)) - Fix a bug introduced in Synapse v1.50.0rc1 whereby outbound federation could fail because too many EDUs were produced for device updates. ([\#11730](matrix-org/synapse#11730)) Improved Documentation ---------------------- - Document that now the minimum supported PostgreSQL version is 10. ([\#11725](matrix-org/synapse#11725)) Internal Changes ---------------- - Fix a typechecker problem related to our (ab)use of `nacl.signing.SigningKey`s. ([\#11714](matrix-org/synapse#11714)) Synapse 1.50.0rc1 (2022-01-05) ============================== Features -------- - Allow guests to send state events per [MSC3419](matrix-org/matrix-spec-proposals#3419). ([\#11378](matrix-org/synapse#11378)) - Add experimental support for part of [MSC3202](matrix-org/matrix-spec-proposals#3202): allowing application services to masquerade as specific devices. ([\#11538](matrix-org/synapse#11538)) - Add admin API to get users' account data. ([\#11664](matrix-org/synapse#11664)) - Include the room topic in the stripped state included with invites and knocking. ([\#11666](matrix-org/synapse#11666)) - Send and handle cross-signing messages using the stable prefix. ([\#10520](matrix-org/synapse#10520)) - Support unprefixed versions of fallback key property names. ([\#11541](matrix-org/synapse#11541)) Bugfixes -------- - Fix a long-standing bug where relations from other rooms could be included in the bundled aggregations of an event. ([\#11516](matrix-org/synapse#11516)) - Fix a long-standing bug which could cause `AssertionError`s to be written to the log when Synapse was restarted after purging events from the database. ([\#11536](matrix-org/synapse#11536), [\#11642](matrix-org/synapse#11642)) - Fix a bug introduced in Synapse 1.17.0 where a pusher created for an email with capital letters would fail to be created. ([\#11547](matrix-org/synapse#11547)) - Fix a long-standing bug where responses included bundled aggregations when they should not, per [MSC2675](matrix-org/matrix-spec-proposals#2675). ([\#11592](matrix-org/synapse#11592), [\#11623](matrix-org/synapse#11623)) - Fix a long-standing bug that some unknown endpoints would return HTML error pages instead of JSON `M_UNRECOGNIZED` errors. ([\#11602](matrix-org/synapse#11602)) - Fix a bug introduced in Synapse 1.19.3 which could sometimes cause `AssertionError`s when backfilling rooms over federation. ([\#11632](matrix-org/synapse#11632)) Improved Documentation ---------------------- - Update Synapse install command for FreeBSD as the package is now prefixed with `py38`. Contributed by @itchychips. ([\#11267](matrix-org/synapse#11267)) - Document the usage of refresh tokens. ([\#11427](matrix-org/synapse#11427)) - Add details for how to configure a TURN server when behind a NAT. Contibuted by @AndrewFerr. ([\#11553](matrix-org/synapse#11553)) - Add references for using Postgres to the Docker documentation. ([\#11640](matrix-org/synapse#11640)) - Fix the documentation link in newly-generated configuration files. ([\#11678](matrix-org/synapse#11678)) - Correct the documentation for `nginx` to use a case-sensitive url pattern. Fixes an error introduced in v1.21.0. ([\#11680](matrix-org/synapse#11680)) - Clarify SSO mapping provider documentation by writing `def` or `async def` before the names of methods, as appropriate. ([\#11681](matrix-org/synapse#11681)) Deprecations and Removals ------------------------- - Replace `mock` package by its standard library version. ([\#11588](matrix-org/synapse#11588)) - Drop support for Python 3.6 and Ubuntu 18.04. ([\#11633](matrix-org/synapse#11633)) Internal Changes ---------------- - Allow specific, experimental events to be created without `prev_events`. Used by [MSC2716](matrix-org/matrix-spec-proposals#2716). ([\#11243](matrix-org/synapse#11243)) - A test helper (`wait_for_background_updates`) no longer depends on classes defining a `store` property. ([\#11331](matrix-org/synapse#11331)) - Add type hints to `synapse.appservice`. ([\#11360](matrix-org/synapse#11360)) - Add missing type hints to `synapse.config` module. ([\#11480](matrix-org/synapse#11480)) - Add test to ensure we share the same `state_group` across the whole historical batch when using the [MSC2716](matrix-org/matrix-spec-proposals#2716) `/batch_send` endpoint. ([\#11487](matrix-org/synapse#11487)) - Refactor `tests.util.setup_test_homeserver` and `tests.server.setup_test_homeserver`. ([\#11503](matrix-org/synapse#11503)) - Move `glob_to_regex` and `re_word_boundary` to `matrix-python-common`. ([\#11505](matrix-org/synapse#11505), [\#11687](matrix-org/synapse#11687)) - Use `HTTPStatus` constants in place of literals in `tests.rest.client.test_auth`. ([\#11520](matrix-org/synapse#11520)) - Add a receipt types constant for `m.read`. ([\#11531](matrix-org/synapse#11531)) - Clean up `synapse.rest.admin`. ([\#11535](matrix-org/synapse#11535)) - Add missing `errcode` to `parse_string` and `parse_boolean`. ([\#11542](matrix-org/synapse#11542)) - Use `HTTPStatus` constants in place of literals in `synapse.http`. ([\#11543](matrix-org/synapse#11543)) - Add missing type hints to storage classes. ([\#11546](matrix-org/synapse#11546), [\#11549](matrix-org/synapse#11549), [\#11551](matrix-org/synapse#11551), [\#11555](matrix-org/synapse#11555), [\#11575](matrix-org/synapse#11575), [\#11589](matrix-org/synapse#11589), [\#11594](matrix-org/synapse#11594), [\#11652](matrix-org/synapse#11652), [\#11653](matrix-org/synapse#11653), [\#11654](matrix-org/synapse#11654), [\#11657](matrix-org/synapse#11657)) - Fix an inaccurate and misleading comment in the `/sync` code. ([\#11550](matrix-org/synapse#11550)) - Add missing type hints to `synapse.logging.context`. ([\#11556](matrix-org/synapse#11556)) - Stop populating unused database column `state_events.prev_state`. ([\#11558](matrix-org/synapse#11558)) - Minor efficiency improvements in event persistence. ([\#11560](matrix-org/synapse#11560)) - Add some safety checks that storage functions are used correctly. ([\#11564](matrix-org/synapse#11564), [\#11580](matrix-org/synapse#11580)) - Make `get_device` return `None` if the device doesn't exist rather than raising an exception. ([\#11565](matrix-org/synapse#11565)) - Split the HTML parsing code from the URL preview resource code. ([\#11566](matrix-org/synapse#11566)) - Remove redundant `COALESCE()`s around `COUNT()`s in database queries. ([\#11570](matrix-org/synapse#11570)) - Add missing type hints to `synapse.http`. ([\#11571](matrix-org/synapse#11571)) - Add [MSC2716](matrix-org/matrix-spec-proposals#2716) and [MSC3030](matrix-org/matrix-spec-proposals#3030) to `/versions` -> `unstable_features` to detect server support. ([\#11582](matrix-org/synapse#11582)) - Add type hints to `synapse/tests/rest/admin`. ([\#11590](matrix-org/synapse#11590)) - Drop end-of-life Python 3.6 and Postgres 9.6 from CI. ([\#11595](matrix-org/synapse#11595)) - Update black version and run it on all the files. ([\#11596](matrix-org/synapse#11596)) - Add opentracing type stubs and fix associated mypy errors. ([\#11603](matrix-org/synapse#11603), [\#11622](matrix-org/synapse#11622)) - Improve OpenTracing support for requests which use a `ResponseCache`. ([\#11607](matrix-org/synapse#11607)) - Improve OpenTracing support for incoming HTTP requests. ([\#11618](matrix-org/synapse#11618)) - A number of improvements to opentracing support. ([\#11619](matrix-org/synapse#11619)) - Refactor the way that the `outlier` flag is set on events received over federation. ([\#11634](matrix-org/synapse#11634)) - Improve the error messages from `get_create_event_for_room`. ([\#11638](matrix-org/synapse#11638)) - Remove redundant `get_current_events_token` method. ([\#11643](matrix-org/synapse#11643)) - Convert `namedtuples` to `attrs`. ([\#11665](matrix-org/synapse#11665), [\#11574](matrix-org/synapse#11574)) - Update the `/capabilities` response to include whether support for [MSC3440](matrix-org/matrix-spec-proposals#3440) is available. ([\#11690](matrix-org/synapse#11690)) - Send the `Accept` header in HTTP requests made using `SimpleHttpClient.get_json`. ([\#11677](matrix-org/synapse#11677)) - Work around Mjolnir compatibility issue by adding an import for `glob_to_regex` in `synapse.util`, where it moved from. ([\#11696](matrix-org/synapse#11696))
No description provided.