v2.0.0-beta.8

[v2.0.0-beta.8] - 2024-10-22

Changed

• Breaking: The Node version required to run Draupnir has been updated from Node 18 to Node 20. If you are using Debian, please follow our documentation for using Debian and node source here, kindly contributed by @ll-SKY-ll. This is due to of the release policy of one of our major dependencies, matrix-appservice-bridge, by @MTRNord in #609. We did this as part of larger work to attempt to fix issues with Element's "invisible crypto" documented in #608.

• The Dockerfile now uses a multi-stage build, so docker build will just work again. Thanks to @ShadowJonathan for reporting. We also optimized the image size just slightly. Long term we've been blocked on for years on matrix-org/matrix-rust-sdk-crypto-nodejs#19 which would allow us to use the alpine image and take the size down to under 200MB again. So if anyone can help out there it'll make a massive difference and be greatly appreciated.

• Dockerfile: entry-point was renamed from mjolnir-entrypoint.sh to draupnir-entrypoint.sh. If you have built a Dockerfile based on ours, you may need to make some changes.

• Dockerfile: source code was moved from /mjolnir to /draupnir. If you have built a custom docker image based on our Dockerfile based on ours, you may need to make some changes.

• The appservice registration file generator no longer emitsmjolnir-registration.yaml as it has been renamed to draupnir-registration.yaml. This is only a concern if you have automated tooling that generates a registration file.

• The safe mode recovery command now prompts for confirmation.

• Some references to Mjolnir have been changed to Draupnir thanks to @FSG-Cat in #591.

Development

• Enable proseWrap in prettier, by @Mikaela in #605. We thought that this was enabled already but turns out we missed it.

• The no-confirm keyword argument now has special meaning, see the safe mode recover command and renderer description for an example.

Added

• Safe mode now shows a preview of the persistent configs, including the property or item that is causing Draupnir to fail to start. Special thanks for the feedback from @jimmackenzie and @TheArcaneBrony. Thanks to @julianfoad for documenting the use case for safe mode.

• Draupnir now logs at startup the path used to load its configuration file, and which options are used for loading secrets. We also show any non-default configuration values if Draupnir crashes. This is to to try make it very clear to system administrators which configuration options are being used by Draupnir and help them diagnose startup issues.

Deprecated

• Starting Draupnir without the --draupnir-config option will cause a deprecation warning.

Removed

• The spurious warnings about not being able to find a config file when the --draupnir-config option was used have been been removed.

• The documentation for the WordListProtection in the configuration file claimed that regexes where supported when this wasn't the case. Removed by @FSG-Cat in #600. We will rewrite this protection entirely at a later date.

Fixed

• Fixed a bug where sometimes the help command wouldn't show if --keyword or options were used in an unrecognized command.

Screenshots

v2.0.0-beta.7

Added

• Draupnir will now enter "safe mode" by default when Draupnir fails to start up and the failure mode is recoverable.
  What this means is that you will get a prompt in the safe mode status message that gives you simple options for recovery.
  A screenshot is provided at the end to show what this currently looks like. Feedback is welcome.
  • Currently we can recover when one of the protected rooms or watched lists becomes un-joinable, or the account data
    becomes corrupted.
  • If you have a monitoring or a pager system you may wish to review the configuration here. As it is possible to disable this feature.
• Add a welcome flow to appservice mode by @MTRNord in #568

Changed

• Skip calling /join for rooms we already know we are joined to, thanks to @TheArcaneBrony for reporting.
• Start draupnir bots in batches when running in appservice mode by @MTRNord in #569

Fixed

• !draupnir protections command has now been added back, thanks to @ll-SKY-ll for reporting.
  • This sort of bug shouldn't happen again as we added some code to detect when commands get forgotten.
• Typos and broken links in the readme thanks to @ll-SKY-ll for reporting.
• Harden MentionLimitProtection after Mjolnir's introduction of the protection by @Gnuxie in #574
• Update the README with the status of the project. by @Gnuxie in #575

Screenshot

Full Changelog: v2.0.0-beta.6...v2.0.0-beta.7

v2.0.0-beta.6

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

• Draupnir now depends on a new library @the-draupnir-project/interface-manager for command parsing and rendering.
• The kick command is fully functional again.
• All other commands that were modified as a part of v2.0.0-beta.* should be a lot less buggy, please keep reporting bugs. We are in a much better position to be able to fix and unit test commands now.
  • The ban, unban, kick, watch and unwatch all have unit tests now in addition to existing integration tests.
• The ban command will prompt for the ban reason again, reported by @FSG-Cat in #441.

Development changes

• Replace dependabot with renovate by @Mikaela in #526
• Enable strictPropertyInitialization in tsconfig.json. by @Gnuxie in #541
• Update dependency express to v4.20.0 [SECURITY] by @renovatebot in #546
• Update dependency body-parser to v1.20.3 [SECURITY] by @renovatebot in #543
• Use @gnuxie/typescript-result's expect where applicable instead of throwing garbage. by @Gnuxie in #552

Full Changelog: v2.0.0-beta.5...v2.0.0-beta.6

v2.0.0-beta.5

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

• Added a new experimental NewJoinerProtection, find the documentation here.
• Added a new experimental MentionLimitProtection, find the documentation here.
• Fix a bug in experimentalRustCrypto where sometimes Draupnir would crash sending an encrypted message before the bot had fully started. by @MTRNord in #512
• Fix a bug where you couldn't create policy lists while signed in as the same user as the bot by @morguldir in #471.
• Fix a bug where any protection using the StandardEventConsequences capability, such as the BasicFloodingProtection, would crash when being enabled. by @Gnuxie in #517
• Add SBOM and Attestation to the Docker release process by @MTRNord in #477

Development changes

• Add eslint to pre-commit by @Mikaela in #87
• TypeCheck JSX expressions, children, and attributes ^-^ by @Gnuxie in #454
• [Yarn Classic] Enable corepack & fix pre-commit run --all-files by @Mikaela in #472
• Migrate to eslint-9 flat config, typescript 5, typescript-eslint strictTypeChecked by @Gnuxie in #476
• Add prettier by @Gnuxie in #484
• Update all headers to be reuse.software compliant by @Gnuxie in #486
• Move to @the-draupnir-project/basic-matrix-types. by @Gnuxie in #508

New Contributors

• @morguldir made their first contribution in #471

Full Changelog: v2.0.0-beta.4...v2.0.0-beta.5

v2.0.0-beta.4

What's Changed

We have revised the setup documentation for moderators, introducing the moderator's guide. The new documentation website is now linked from both !draupnir status and !draupnir help. The website isn't complete yet and we're still working on it.

While creating the moderator's guide it was clear that a lot of users setting up Draupnir would much rather invite the bot through their client interface than use the !rooms add command.
So Draupnir will now prompt to protect rooms as it is invited to them

Full Changelog: v2.0.0-beta.3...v2.0.0-beta.4

v2.0.0-beta.3

What's Changed

• Send a notice when protections have missing permissions in protected rooms.
• Reapply MemberBanSynchronisationProtection and ServerBanSynchronisationProtection once permission requirements have been met in newly protected rooms.
• Fixed typo in README.md by @avdb13 in #368
• documentation has been moved to https://the-draupnir-project.github.io/draupnir-documentation/docs/intro & https://github.com/the-draupnir-project/draupnir-documentation by @FSG-Cat.

Please see the notes for v2.0.0-beta.0 for a full list of changes.

Fixes for bugs introduced since v2.0.0-beta.0

• Fixed an issue with the unban command, reported by @guillaumechauvat & @Kladki.
• Fixed an issue with prompt-for-accept in all commands, reported by @FSG-Cat.
• Fixed an issue where policies removed by @jjj333-p's spam police stopped Draupnir from being able to watch the list, reported by @daedric7.

New Contributors

• @avdb13 made their first contribution in #368

Full Changelog: v2.0.0-beta.2...v2.0.0-beta.3

v2.0.0-beta.2

What's Changed

• Make Draupnir refer to it self in help output by @FSG-Cat in #358
• Stop MemberBanSynchronisationProtection reacting twice to some joins, reported by @mahdi1234
• Stop capability renderers from showing consequences as failed when they were really OK, reported by @mahdi1234

Full Changelog: v2.0.0-beta.1...v2.0.0-beta.2

v2.0.0-beta.1

This is just a simple patch update on the previous prerelease with a couple of changes:

• The startup complete message has returned and Draupnir will show the status command after starting.
• It's now clearer if protections have failed to apply a consequence without drilling down into the <details> elements.

Please see the notes for v2.0.0-beta.0 for a full list of changes.

v2.0.0-beta.0

Process

We've now merged our changes to depend on the MPS (matrix-protection-suite). We're in the process of beta
testing v2.0.0 and this is the first of those pre-releases.

This release notes page is likely incomplete and will be updated
as more changes are uncovered or summarised.

What's Changed

• Draupnir now uses MPS (matrix-protection-suite) to provide its core functionality.
• Draupnir no longer requests components of room state when applying various actions, which should lead to a huge noticeable difference to Draupnir's responsiveness.
• An optional RoomStateBackingStore has been added to improve startup time for instances that run against slow servers
  (e.g. matrix.org). Checkout the config description for it here.
• New protections MemberBanSynchronisationProtection, ServerBanSynchronisationProtection, RedactionSynchronisationProtection, and PolicyChangeNotification.
  • These replace the core functionality for applying policies related to users, servers and redactions.
  • They will be enabled by default when you upgrade.
• config.disableServerACL will disable the ServerBanSynchronisationProtection.
• The joins, since, default, sync, protections status commands have all been removed for now.
• The DetectFederationLag protection has been removed.
• We have new contributing documentation.

Upgrade steps

There are no manual upgrade steps, the new protections are automatically enabled.
The only thing you should note is that if you notice that Draupnir is slow to startup, then you should enable the room state backing store

⚠️ Some configuration options may no longer be functioning (alternatives are pending)

• config.noop will do nothing.
• config.protectedRooms will also do nothing, and protected rooms need to be configured using !draupnir rooms add/remove.

Development Changes Summary

• MPS now parses events sourced from /sync, appservice push, and
  other APIs for us, so no more any or unknown.
• MPS provides us with string types for StringRoomID, StringEventID,
  and StringUserID. So no more mixing those up.
• MPS provides us with an interface to immutable room state snapshots
  with the RoomStateRevisionIssuer and RoomStateRevision.
• MPS provides PolicyRoomRevisionIssuer, PolicyRoomRevision,
  RoomMembershipRevisionIssuer, and RoomMembershipRevision to
  provide a convenient interface for listening to changes to
  room membership and policy rules.
• MPS provides protections with new hooks:
  • handleTimelineEvent
  • handlePolicyChange
  • handleMembershipChange
  • handleStateChange
  • handleEventReport
  • handleProtectionDisable
• Capability providers are introduced:
  • Each capability has an interface.
  • A CapabilityProvider constructs an instance, a Capability,
    that matches the matching capability interface.
• Protections now carry out their effects through instances of
  Capability:
  • Each ProtectionDescription describes a capability set with
    their interfaces.
  • Each ProtectionDescription describes a default capability
    provider to use to fulfill the prior interface.
  • When a Protection is instantiated, capability providers can be
    swapped and replaced provided they match the same interface.
  • This means that you can extend or change the functionality
    of protections without changing the code of the protections.

Internal Changes

• moved MatrixEmitter to matrix-protection-suite-for-matrix-bot-sdk and replaced with the SafeMatrixEmitter
• moved ProtectedRoomsConfig to matrix-protection-suite and has been interfaced away from Mjolnir's account data.
• moved ProtectedRoomsSet has been moved to matrix-protection-suite and now provides the fundamental event source for protections.
• deleted RoomMembers and has not been completely replaced. In matrix-protection-suite there exists an alternative of SetMembership and RoomMembershipRevisions.
  • RoomMembers would only load members that had joined since Mjolnir had started, membership revisions have all members.
  • There is no API for finding when a member first joined the room, since this is a lot more complicated to do and I don't know yet if that
    is the right metric protections should use for finding if a user is new or not or participating.
• moved AccessControlUnit to matrix-protection-suite, it no longer acts as a cache for rules though, PolicyRoomRevisions handle that instead.
• moved ListRule to matrix-protections-suite as PolicyRule.
• deleted PolicyList. Has been replaced by distinct components
  • PolicyRoomRevision: An immutable snapshot of policies in a room.
  • PolicyRoomRevisionIssuer: Creates PolicyRoomRevisions as room state changes and emits events to notify listeners.
  • PolicyRoomEditor: Edits policies in a policy room.
  • PolicyRoomManager: Provides and builds the issuers and editors.
• deleted PolicyListManager. Has been replaced with PolicyListConfig in the matrix-protection-suite.
• moved ServerACL to matrix-protection-suite, now called the ServerACLBuilder.
• renamed Mjolnir to Draupnir.
  • Draupnir has far fewer responsibilities than Mjolnir, we have and are continuing to move as much functionality as possible to protections.
• deleted RuleServer this was never used in production and we do not have access to the Synapse module it was written for, so it is impossible to maintain.
• moved RoomUpdateError to the matrix-protection-suite.
• moved several interface manager components to MPS:
  • CommandError and CommandException are now ActionError and ActionException.
  • MatrixRoomReference types are now sourced from the matrix-protection-suite.
  • There are new string types for StringUserID, StringRoomID and StringEventID.
• deleted room directory commands
  • 76a58b6
  • It didn't seem like these ever worked with a Synapse admin API?
• deleted joins and since commands:
  • joins depended on the API RoomMembers provided and we do not have a replacement for finding the join time.
  • They did not work as intended because they could only provide information for joins that happened while Draupnir
    was running.
  • If necessary, we could bring back an equivalent API that shows anyone with a top level membership of join
    as a recent joiner.
• deleted default banlist command, as there is no place where we have a default list.
  • The implementation from Mjolnir stored this list as a "default shortcode" to find a list with, which is not great either.
• deleted sync command
  • As all functionality that the sync command effected has now been moved to protections,
    the concept doesn't move across very well. There might be a replacement in future if it makes sense.
• deleted DetectFederationLag this is a pretty huge protection 4b41541
  • It can be brought back in the future, there is not time to make it work and it never did work as intended.
  • It is a shame because it was a bold piece of work.
• deleted protections status <protection> command.
  • There needs to be some thought about how to give protections their own commands.
  • fc163ed
  • 4110b62
• ? verify permissions command may or may not be working?
  • 9b48a48
• moved all remaining commands to use the interface manager introduced in v1.80.0.
• deleted Mjolnir's ProtectionManager as it has been made redundant in MPS.
• replaced consequences. The same functionality is now provided by CapabilityProviders.
• deleted AppServiceBotEmitter. No code uses emitters anymore.
• added DraupnirFactory:
  • This uses matrix-protetion-suite's ClientsInRoomsMap and RoomStateManagerFactory to create Draupnir.
• delted MjolnirManager:
  • Now depends on a DraupnirManager and AppserviceDraupnirManager which have smaller and cleaner implementations.
• added <span> to DeadDocument
• enabled Member/ServerBanSynchronisation protections by default
• added RoomStateBackingStore.
• pass config.disableServerACL to ServerBanSynchronisationProtection
• added PolicyChangeNotificationProtection

Full Changelog: v1.87.0...v2.0.0-beta.0

v1.87.0

⚠️ Warning

To those running against gnuxie/draupnir:develop or the main branch, we are about to begin the process of merging Draupnir MPS. We advise you to pin against this release, gnuxie/draupnir:v1.87.0. Draupnir MPS is a rewrite of the entire core, and its release will be v2.0.0, we do however expect migration to be seamless (with no intervention required). However, the main branch is likely going to become unstable and the UX is temporarily going to be disrupted. More news to follow over the coming weeks.

What's Changed

• @FSG-Cat has drastically improved documentation for running the appservice mode of deployment, and has done the work to add a role to matrix-ansible-docker-deploy to help new admins. The appservice is still alpha quality and we recommend waiting for further QOL improvements to follow post Draupnir v2.0.0 before starting trying this out yourself.
• Some changes to the appservice mode of deployment have been made:
  • The appservice bot has been renamed to @draupnir-moderation by default
  • The default mxid for provisioned draupnir now include draupnir in their name rather than mjolnir, with thanks to @MTRNord. This is a backwards compatible change if your registration file contains both draupnir and mjolnir as namespaces within the appservice registration file.
  • The restart admin command for the appservice has been fixed

Full Changelog: v1.86.2...v1.87.0