wxRemind: remove

dead upstream since 2009

(wiz)

gitso: remove

dead upstream

(wiz)

libkate: remove python option (which was default-off)

Uses wxGTK28, which will be removed soon

(wiz)

usbprog: remove

dead upstream since 2015

(wiz)

extrema: remove

dead upstream since 2010

(wiz)

atque: remove

dead upstream since 2012

(wiz)

nts: remove

dead upstream since 2011

(wiz)

boa-constructor: remove

dead upstream since 2007

(wiz)

ExmanIDE: remove

there is no upstream for this

(wiz)

bossa: remove

Uses wxGTK28, which will be removed soon

(wiz)

boolean: remove

uses wxGTK28, which will be removed soon

(wiz)

tunapie: remove

dead upstream since 2015

(wiz)

doc: Added databases/diesel-cli version 2.1.0

(wiz)

databases/Makefile: + diesel-cli

(wiz)

databases/diesel-cli: import diesel-cli-2.1.0

Packaged mostly by pin@ in wip, thanks!

Diesel CLI is a tool that aids in managing your database schema.
Migrations are bi-directional changes to your database that get applied
sequentially.

(wiz)

doc: Updated security/keepassxc to 2.7.5nb2

(wiz)

keepassx: switch to botan3, and add yubikey option (default off)

Bump PKGREVISION.

(wiz)

botan3: needs gcc 11

(wiz)

doc: Added security/botan3 version 3.0.0

(wiz)

security/Makefile: + botan3

(wiz)

botan2: update DESCR

(wiz)

security/botan3: import botan3-3.0.0

Botan is a crypto library written in C++. It provides a variety of
cryptographic algorithms, including common ones such as AES, MD5, SHA,
HMAC, RSA, Diffie-Hellman, DSA, and ECDSA, as well as many others that
are more obscure or specialized. It also offers X.509v3 certificates
and CRLs, and PKCS #10 certificate requests. A message processing
system that uses a filter/pipeline metaphor allows for many common
cryptographic tasks to be completed with just a few lines of code.
Assembly optimizations for common CPUs, including x86, x86-64, and
PowerPC, offers further speedups for critical tasks such as SHA-1
hashing and multiple precision integer operations.

This package contains major version 3 of the library.

(wiz)

doc: Added databases/prometheus-cpp version 1.1.0

(wiz)

databases/Makefile: + prometheus-cpp

(wiz)

databases/prometheus-cpp: import prometheus-cpp-1.1.0

This library aims to enable Metrics-Driven Development for C++
services. It implements the Prometheus Data Model, a powerful
abstraction on which to collect and expose metrics. We offer the
possibility for metrics to be collected by Prometheus, but other
push/pull collections can be added as plugins.

(wiz)

doc: Updated devel/py-hg-git to 1.0.2

(wiz)

py-hg-git: update to 1.0.2.

This is a minor release, focusing on bugs and compatibility.

Fix --source/-s argument to transplant with Hg-Git
enabled. (#392)
Fix cloning repositories using the old static HTTP support with
Hg-Git enabled.
Handle pushing tags to Git that cannot be stored as references such
as double-quotes on Windows. (#397)
Avoid converting unrelated refs on pull, such as Github PR-related refs. (#386)
Fix tests with GNU Grep 3.8 and later, by avoiding the egrep
alias (#400)
Support reading remote refs even if packed.
Add support for Dulwich 0.21 and later.
Mark Mercurial 6.4 as supported and tested.
Address slowness when pulling large repositories, caused by writing
unchanged references. (#401)

(wiz)

mk: let GCC_REQD 11 work and pull in gcc12, since we don't have gcc11

(wiz)

doc: Updated archivers/libzip to 1.10.0

(wiz)

libzip: update to 1.10.0.

# 1.10.0 [2023-06-23]

* Make support for layered sources public.
* Add `zip_source_zip_file` and `zip_source_zip_file_create`, deprecate `zip_source_zip` and `zip_source_zip_create`.
* Allow reading changed file data.
* Fix handling of files of size 4294967295.
* `zipmerge`: copy extra fields.
* `zipmerge`: add option to keep files uncompressed.
* Switch test framework to use nihtest instead of Perl.
* Fix reading/writing compressed data with buffers > 4GiB.
* Restore support for torrentzip.
* Add warnings when using deprecated functions.
* Allow keeping files for empty archives.
* Support mbedTLS>=3.3.0.
* Support OpenSSL 3.
* Use ISO C secure library functions, if available.

(wiz)

doc: Updated devel/editline to 3.1.20221030

(wiz)

editline: update to 3.1.20221030.

2022-10-30 Jess Thrysoee

  * src/sys.h, src/reallocarr.c: Remove unused sys/cdefs.h include, to compile against musl libc
Reported by Matt Boehlke

  * version-info: 0:70:0

2022-10-09 Jess Thrysoee

  * version-info: 0:69:0

  * src/sys.h: Add __sun guard around sys/types.h in sys.h

  * all: sync with upstream source

2021-09-10 Jess Thrysoee

  * all: sync with upstream source

2021-07-14 Jess Thrysoee

  * all: sync with upstream source

  * src/histedit.h: Add wcsdup declaration when ifndef HAVE_WCSDUP. Patch by Rainer Jung.

  * examples/wtc1.c: Fix warnings and add missing brace. Patch by Rainer Jung.

2021-05-22 Jess Thrysoee

  * version-info: 0:66:0

  * all: sync with upstream source

  * src/el.c: editrc not read on systems without issetugid
Patch by Trevor Cordes

(wiz)

Updated print/ghostscript-agpl, audio/flac

(adam)

flac: updated to 1.4.3

FLAC 1.4.3 (23-Jun-2023)

As there have been additions to the libFLAC interfaces, the libFLAC version number is incremented to 13. The libFLAC++ version number stays at 10.

* General
        * All PowerPC-specific code has been removed, as it turned out those improvements didn't actually improve anything
        * Large improvements in encoder speed for all presets. The largest change is for the fastest presets and for 24-bit and 32-bit inputs.
        * Small improvement in decoder speed for BMI2-capable CPUs
        * Various documentation fixes and cleanups (Mark Grassi, Jake Schmidt)
        * Various fixes (Ozkan Sezer, Zhipeng Xue, orbea, Sam James, Harish Mahendrakar)
        * Fix building on Universal Windows Platform (Dmitry Kostju��enko)
* flac
        * A lot of small fixes for bugs found by fuzzing
        * Various improvements to the --keep-foreign-metadata and --keep-foreign-metadata-if-present options on decoding
                * The output format (WAV/AIFF/RF64 etc.) is now automatically selected based on what kind of foreign metadata is stored
                * Decoded file is checked afterwards, to see whether stored foreign format data agrees with FLAC audio properties
                * AIFF-C sowt data can now be restored
        * Add --force-legacy-wave-format option, to decode to WAV with WAVEFORMATPCM where WAVE_FORMAT_EXTENSIBLE would be more appropriate
        * Add --force-aiff-c-none-format and --force-aiff-c-sowt-format to decode to AIFF-C
        * The storage of WAVEFORMATEXTENSIBLE_CHANNEL_MASK is no longer restricted to known channel orderings
        * Throw an error when WAV or AIFF files are over 4GiB in length and the --ignore-chunk-sizes option is not set
        * Warn on testing files when ID3v2 tags are found
        * Warn when data trails the audio data of a WAV/AIFF/RF64/W64 file
        * Fix output file not being deleted after error on Windows
        * Removal of the --sector--align option
* metaflac
        * A lot of small fixes for bugs found by fuzzing
        * Added options --append and --data-format, which makes it possible to copy metadata blocks from one FLAC file to another
        * Added option --remove-all-tags-except
        * Added option --show-all-tags (harridu, Martijn van Beurden)
* libFLAC
        * No longer write seektables to Ogg, even when specifically asked for. Seektables in Ogg are not defined
        * Add functions FLAC__metadata_object_set_raw and FLAC__metadata_object_get_raw to convert between blob and FLAC__StreamMetadata
* Build system
        * Autoconf (configure)
                * The option --enable-64-bit-words is now on by default
        * CMake
                * The option ENABLE_64_BIT_WORDS is now on by default
* Testing/validation
        * Fuzzers were added for the flac and metaflac command line tools
        * Fuzzer coverage was improved

(adam)

ghostscript-agpl: updated to 10.01.2

Version 10.01.2 (2023-06-21)

Highlights in this release include:

We've continued to improve the performance of the PDF interpreter written in C and improve it's behaviour in edge and out-of-specification cases.
Our efforts in code hygiene and maintainability continue.
The usual round of bug fixes, compatibility changes, and incremental improvements.
(9.53.0) We have added the capability to build with the Tesseract OCR engine. In such a build, new devices are available (pdfocr8/pdfocr24/pdfocr32) which render the output file to an image, OCR that image, and output the image "wrapped" up as a PDF file, with the OCR generated text information included as "invisible" text (in PDF terms, text rendering mode 3).

(adam)

doc/TODO: + gnucash-5.2 [wait for bugfix release].

(wiz)

doc/CHANGES: remove dupe

(wiz)

doc: note freeze end

(wiz)

doc: add CHANGES file for 2023Q2

(wiz)

xteddy2: SunOS needs -lXext.

(jperkin)

Pullup tickets #6763 to #6765

(bsiegert)

Pullup ticket #6765 - requested by nia
www/firefox102: security fix
www/firefox102-l10n: dependent update

Revisions pulled up:
- www/firefox102-l10n/Makefile                                  1.12
- www/firefox102-l10n/distinfo                                  1.11
- www/firefox102/Makefile                                      1.21
- www/firefox102/distinfo                                      1.13

---
  Module Name: pkgsrc
  Committed By: nia
  Date: Sun Jun 25 16:07:08 UTC 2023

  Modified Files:
  pkgsrc/www/firefox102: Makefile distinfo
  pkgsrc/www/firefox102-l10n: Makefile distinfo

  Log Message:
  firefox102: update to 102.12

  Security Vulnerabilities fixed in Firefox ESR 102.12

      #CVE-2023-34414: Click-jacking certificate exceptions through rendering lag

      #CVE-2023-34416: Memory safety bugs fixed in Firefox 114 and Firefox ESR
      102.12

(bsiegert)

Pullup ticket #6764 - requested by taca
net/bind918: security fix

Revisions pulled up:
- net/bind918/Makefile                                          1.10-1.12
- net/bind918/PLIST                                            1.4
- net/bind918/distinfo                                          1.7-1.9
- net/bind918/options.mk                                        1.2

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Apr 24 13:48:06 UTC 2023

  Modified Files:
  pkgsrc/net/bind918: Makefile PLIST distinfo options.mk

  Log Message:
  net/bind918: update to 9.18.14

  pkgsrc change: reduce some pkglint warnings.

  --- 9.18.14 released ---

  6145. [bug] Fix a possible use-after-free bug in the
  dns__catz_done_cb() function. [GL #3997]

  6143. [bug] A reference counting problem on the error path in
  the xfrin_connect_done() might cause an assertion
  failure on shutdown.  [GL #3989]

  6142. [bug] Reduce the number of dns_dnssec_verify calls made
  determining if revoked keys needs to be removed from
  the trust anchors. [GL #3981]

  6141. [bug] Fix several issues in nsupdate timeout handling and
  update the -t option's documentation. [GL #3674]

  6138. [doc] Fix the DF-flag documentation on the outgoing
  UDP packets. [GL #3710]

  6136. [cleanup] Remove the isc_fsaccess API in favor of creating
  temporary file first and atomically replace the key
  with non-truncated content. [GL #3982]

  6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967]

  6129. [cleanup] Value stored to 'source' during its initialization is
  never read. [GL #3965]

  6128. [bug] Fix an omission in an earlier commit to avoid a race
  between the 'dns__catz_update_cb()' and
  'dns_catz_dbupdate_callback()' functions. [GL #3968]

  6126. [cleanup] Deprecate zone type "delegation-only" and the
  "delegation-only" and "root-delegation-only"
  options. [GL #3953]

  6125. [bug] Hold a catz reference while the update process is
  running, so that the catalog zone is not destroyed
  during shutdown until the update process is finished or
  properly canceled by the activated 'shuttingdown' flag.
  [GL #3955]

  6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to
  an NSEC3 incapable DNSSEC algorithm using KASP the zone
  could sometimes be incompletely signed. [GL #3937]

  6121. [bug] Fix BIND and dig zone transfer hanging when
  downloading large zones over TLS from a primary server,
  especially over unstable connections. [GL #3867]

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Wed May 17 13:43:52 UTC 2023

  Modified Files:
  pkgsrc/net/bind918: Makefile distinfo

  Log Message:
  net/bind918: update to 9.18.15

  --- 9.18.15 released ---

  6164. [bug] Set the rndc idle read timeout back to 60 seconds,
  from the netmgr default of 30 seconds, in order to
  match the behavior of 9.16 and earlier. [GL #4046]

  6161. [bug] Fix log file rotation when using absolute path as
  file. [GL #3991]

  6157. [bug] When removing delegations in an OPTOUT range
  empty-non-terminal NSEC3 records generated by
  those delegations were not removed. [GL #4027]

  6156. [bug] Reimplement the maximum and idle timeouts for incoming
  zone tranfers. [GL #4004]

  6155. [bug] Treat ISC_R_INVALIDPROTO as a networking error
  in the dispatch code to avoid retrying with the
  same server. [GL #4005]

  6152. [bug] In dispatch, honour the configured source-port
  selection when UDP connection fails with address
  in use error.

  Also treat ISC_R_NOPERM same as ISC_R_ADDRINUSE.
  [GL #3986]

  6149. [test] As a workaround, include an OpenSSL header file before
  including cmocka.h in the unit tests, because OpenSSL
  3.1.0 uses __attribute__(malloc), conflicting with a
  redefined malloc in cmocka.h. [GL #4000]

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Wed Jun 21 14:42:23 UTC 2023

  Modified Files:
  pkgsrc/net/bind918: Makefile distinfo

  Log Message:
  net/bind918: update to 9.18.16

  9.18.16 (2023-06-21)

  Security release:

  - CVE-2023-2828
  - CVE-2023-2911

  6192. [security] A query that prioritizes stale data over lookup
  triggers a fetch to refresh the stale data in cache.
  If the fetch is aborted for exceeding the recursion
  quota, it was possible for 'named' to enter an infinite
  callback loop and crash due to stack overflow. This has
  been fixed. (CVE-2023-2911) [GL #4089]

  6190. [security] Improve the overmem cleaning process to prevent the
  cache going over the configured limit. (CVE-2023-2828)
  [GL #4055]

  6188. [performance] Reduce memory consumption by allocating properly
  sized send buffers for stream-based transports.
  [GL #4038]

  6186. [bug] Fix a 'clients-per-query' miscalculation bug. When the
  'stale-answer-enable' options was enabled and the
  'stale-answer-client-timeout' option was enabled and
  larger than 0, named was taking two places from the
  'clients-per-query' limit for each client and was
  failing to gradually auto-tune its value, as configured.
  [GL #4074]

  6185. [func] Add "ClientQuota" statistics channel counter, which
  indicates the number of the resolver's spilled queries
  due to reaching the clients per query quota. [GL !7978]

  6183. [bug] Fix a serve-stale bug where a delegation from cache
  could be returned to the client. [GL #3950]

  6182. [cleanup] Remove configure checks for epoll, kqueue and
  /dev/poll. [GL #4098]

  6181. [func] The "tkey-dhkey" option has been deprecated; a
  warning will be logged when it is used. In a future
  release, Diffie-Hellman TKEY mode will be removed.
  [GL #3905]

  6180. [bug] The session key object could be incorrectly added
  to multiple different views' keyrings. [GL #4079]

  6179. [bug] Fix an interfacemgr use-after-free error in
  zoneconf.c:isself(). [GL #3765]

  6176. [test] Add support for using pytest & pytest-xdist to
  execute the system test suite. [GL #3978]

  6174. [bug] BIND could get stuck on reconfiguration when a
  'listen' statement for HTTP is removed from the
  configuration. That has been fixed. [GL #4071]

  6173. [bug] Properly process extra "nameserver" lines in
  resolv.conf otherwise the next line is not properly
  processed. [GL #4066]

  6169. [bug] named could crash when deleting inline-signing zones
  with "rndc delzone". [GL #4054]

  6165. [bug] Fix a logic error in dighost.c which could call the
  dighost_shutdown() callback twice and cause problems
  if the callback function was not idempotent. [GL #4039]

(bsiegert)

Pullup ticket #6763 - requested by taca
net/bind916: security fix

Revisions pulled up:
- net/bind916/Makefile                                          1.56-1.58
- net/bind916/distinfo                                          1.47-1.49
- net/bind916/options.mk                                        1.5

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Mon Apr 24 13:45:10 UTC 2023

  Modified Files:
  pkgsrc/net/bind916: Makefile distinfo

  Log Message:
  net/bind916: update to 9.16.40

  --- 9.16.40 released ---

  6142. [bug] Reduce the number of dns_dnssec_verify calls made
  determining if revoked keys needs to be removed from
  the trust anchors. [GL #3981]

  6138. [doc] Fix the DF-flag documentation on the outgoing
  UDP packets. [GL #3710]

  6132. [doc] Remove a dead link in the DNSSEC guide. [GL #3967]

  6129. [cleanup] Value stored to 'source' during its initialization is
  never read. [GL #3965]

  6124. [bug] When changing from a NSEC3 capable DNSSEC algorithm to
  an NSEC3 incapable DNSSEC algorithm using KASP the zone
  could sometimes be incompletely signed. [GL #3937]

  5741. [bug] Log files with "timestamp" suffixes could be left in
  place after rolling, even if the number of preserved
  log files exceeded the configured "versions" limit.
  [GL #828] [GL #3959]

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Wed May 17 13:41:58 UTC 2023

  Modified Files:
  pkgsrc/net/bind916: Makefile distinfo

  Log Message:
  net/bind916: update to 9.16.41

  --- 9.16.41 released ---

  6157. [bug] When removing delegations in an OPTOUT range
  empty-non-terminal NSEC3 records generated by
  those delegations were not removed. [GL #4027]

---
  Module Name: pkgsrc
  Committed By: taca
  Date: Wed Jun 21 14:40:43 UTC 2023

  Modified Files:
  pkgsrc/net/bind916: Makefile distinfo options.mk

  Log Message:
  net/bind916: update to 9.16.42

  pkgsrc change: reduce pkglint warnings.

  9.16.42 (2023-06-21)

  Security release:

  - CVE-2023-2828
  - CVE-2023-2911

  6192. [security] A query that prioritizes stale data over lookup
  triggers a fetch to refresh the stale data in cache.
  If the fetch is aborted for exceeding the recursion
  quota, it was possible for 'named' to enter an infinite
  callback loop and crash due to stack overflow. This has
  been fixed. (CVE-2023-2911) [GL #4089]

  6190. [security] Improve the overmem cleaning process to prevent the
  cache going over the configured limit. (CVE-2023-2828)
  [GL #4055]

  6183. [bug] Fix a serve-stale bug where a delegation from cache
  could be returned to the client. [GL #3950]

  6173. [bug] Properly process extra "nameserver" lines in
  resolv.conf otherwise the next line is not properly
  processed. [GL #4066]

  6169. [bug] named could crash when deleting inline-signing zones
  with "rndc delzone". [GL #4054]

(bsiegert)

wwwoffle: SunOS needs libnsl.

(jperkin)

surf: SunOS needs libsocket.

(jperkin)

pcmanfm-qt: SunOS needs libsocket.

(jperkin)

bsdec2-image-upload: SunOS needs libsocket.

(jperkin)

cups-filters: SunOS needs libresolv.

(jperkin)

tsocks: SunOS needs libnsl.

(jperkin)

inetutils: SunOS needs socket libraries.

(jperkin)

gssdp12: SunOS needs libsocket.

(jperkin)

grilo-plugins: SunOS needs libsocket.

(jperkin)

dante: SunOS needs libnsl.

(jperkin)

btget: SunOS needs -lcrypto -lsocket.

(jperkin)

bbk_cli: SunOS needs libsocket.

(jperkin)

srs-milter: SunOS needs socket libraries.

(jperkin)

asc: SunOS needs libfreetype.

(jperkin)

cpuminer: SunOS needs libsocket.

(jperkin)

dnsperf: SunOS needs libsocket.

(jperkin)

kate: SunOS needs libsocket.

(jperkin)

kldap: SunOS needs libsocket.

(jperkin)

cinepaint: SunOS needs explicit -lstdc++.

(jperkin)

enigma: SunOS needs socket libraries.

(jperkin)

devilutionx: SunOS needs libsocket.

(jperkin)

sweep: SunOS needs -lgmodule-2.0.

(jperkin)

ed2k-gtk-gui: SunOS needs -lX11 -lgmodule-2.0.

(jperkin)

xsol: SunOS needs -lX11 -lXt.

(jperkin)

doc: Updated shells/oh-my-posh to 17.5.0

(pin)

shells/oh-my-posh: update to 17.5.0

Features
- scm: allow status override (32ee6fa), closes #3992

(pin)

kchmviewer: Needs socket libraries on SunOS.

(jperkin)

ccache: SunOS needs libsocket.

(jperkin)

dctc: SunOS needs libnsl.

(jperkin)

wmii: Needs -lX11 -lXrender on SunOS.

(jperkin)

zlib-ng: Remove --version-script on SunOS.

(jperkin)

doc: Updated sysutils/onefetch to 2.18.1

(pin)

sysutils/onefetch: update to 2.18.1

Bug Fixes
- don't fail when computing diff on partial clones (#1093) @Byron @o2sh

Features
- fetch banner info from github (#1094) @spenserblack @o2sh

(pin)

rubberband: Prune another --version-script.

(jperkin)

mpv: Fix compiler flags on SunOS.

(jperkin)

textproc/py-rapidfuzz: Spell amd64 correctly as x86_64

This is MACHINE_ARCH, not MACHINE.

(gdt)

doc: Updated chat/matrix-synapse to 1.86.0

(js)

Update chat/matrix-synapse to 1.86.0

Synapse 1.86.0 (2023-06-20)
===========================

No significant changes since 1.86.0rc2.

Synapse 1.86.0rc2 (2023-06-14)
==============================

Bugfixes
--------

- Fix an error when having workers of different versions running. ([\#15774](https://github.com/matrix-org/synapse/issues/15774))

Synapse 1.86.0rc1 (2023-06-13)
==============================

This version was tagged but never released.

Features
--------

- Stable support for [MSC3882](https://github.com/matrix-org/matrix-spec-proposals/pull/3882) to allow an existing device/session to generate a login token for use on a new device/session. ([\#15388](https://github.com/matrix-org/synapse/issues/15388))
- Support resolving a room's [canonical alias](https://spec.matrix.org/v1.7/client-server-api/#mroomcanonical_alias) via the module API. ([\#15450](https://github.com/matrix-org/synapse/issues/15450))
- Enable support for [MSC3952](https://github.com/matrix-org/matrix-spec-proposals/pull/3952): intentional mentions. ([\#15520](https://github.com/matrix-org/synapse/issues/15520))
- Experimental [MSC3861](https://github.com/matrix-org/matrix-spec-proposals/pull/3861) support: delegate auth to an OIDC provider. ([\#15582](https://github.com/matrix-org/synapse/issues/15582))
- Add Synapse version deploy annotations to Grafana dashboard which enables easy correlation between behavior changes witnessed in a graph to a certain Synapse version and nail down regressions. ([\#15674](https://github.com/matrix-org/synapse/issues/15674))
- Add a catch-all * to the supported relation types when redacting an event and its related events. This is an update to [MSC3912](https://github.com/matrix-org/matrix-spec-proposals/pull/3861) implementation. ([\#15705](https://github.com/matrix-org/synapse/issues/15705))
- Speed up `/messages` by backfilling in the background when there are no backward extremities where we are directly paginating. ([\#15710](https://github.com/matrix-org/synapse/issues/15710))
- Expose a metric reporting the database background update status. ([\#15740](https://github.com/matrix-org/synapse/issues/15740))

Bugfixes
--------

- Correctly clear caches when we delete a room. ([\#15609](https://github.com/matrix-org/synapse/issues/15609))
- Check permissions for enabling encryption earlier during room creation to avoid creating broken rooms. ([\#15695](https://github.com/matrix-org/synapse/issues/15695))

Improved Documentation
----------------------

- Simplify query to find participating servers in a room. ([\#15732](https://github.com/matrix-org/synapse/issues/15732))

Internal Changes
----------------

- Log when events are (maybe unexpectedly) filtered out of responses in tests. ([\#14213](https://github.com/matrix-org/synapse/issues/14213))
- Read from column `full_user_id` rather than `user_id` of tables `profiles` and `user_filters`. ([\#15649](https://github.com/matrix-org/synapse/issues/15649))
- Add support for tracing functions which return `Awaitable`s. ([\#15650](https://github.com/matrix-org/synapse/issues/15650))
- Cache requests for user's devices over federation. ([\#15675](https://github.com/matrix-org/synapse/issues/15675))
- Add fully qualified docker image names to Dockerfiles. ([\#15689](https://github.com/matrix-org/synapse/issues/15689))
- Remove some unused code. ([\#15690](https://github.com/matrix-org/synapse/issues/15690))
- Improve type hints. ([\#15694](https://github.com/matrix-org/synapse/issues/15694), [\#15697](https://github.com/matrix-org/synapse/issues/15697))
- Update docstring and traces on `maybe_backfill()` functions. ([\#15709](https://github.com/matrix-org/synapse/issues/15709))
- Add context for when/why to use the `long_retries` option when sending Federation requests. ([\#15721](https://github.com/matrix-org/synapse/issues/15721))
- Removed some unused fields. ([\#15723](https://github.com/matrix-org/synapse/issues/15723))
- Update federation error to more plainly explain we can only authorize our own membership events. ([\#15725](https://github.com/matrix-org/synapse/issues/15725))
- Prevent the `latest_deps` and `twisted_trunk` daily GitHub Actions workflows from running on forks of the codebase. ([\#15726](https://github.com/matrix-org/synapse/issues/15726))
- Improve performance of user directory search. ([\#15729](https://github.com/matrix-org/synapse/issues/15729))
- Remove redundant table join with `room_memberships` when doing a `is_host_joined()`/`is_host_invited()` call (`membership` is already part of the `current_state_events`). ([\#15731](https://github.com/matrix-org/synapse/issues/15731))
- Remove superfluous `room_memberships` join from background update. ([\#15733](https://github.com/matrix-org/synapse/issues/15733))
- Speed up typechecking CI. ([\#15752](https://github.com/matrix-org/synapse/issues/15752))
- Bump minimum supported Rust version to 1.60.0. ([\#15768](https://github.com/matrix-org/synapse/issues/15768))

### Updates to locked dependencies

* Bump importlib-metadata from 6.1.0 to 6.6.0. ([\#15711](https://github.com/matrix-org/synapse/issues/15711))
* Bump library/redis from 6-bullseye to 7-bullseye in /docker. ([\#15712](https://github.com/matrix-org/synapse/issues/15712))
* Bump log from 0.4.18 to 0.4.19. ([\#15761](https://github.com/matrix-org/synapse/issues/15761))
* Bump phonenumbers from 8.13.11 to 8.13.13. ([\#15763](https://github.com/matrix-org/synapse/issues/15763))
* Bump pyasn1 from 0.4.8 to 0.5.0. ([\#15713](https://github.com/matrix-org/synapse/issues/15713))
* Bump pydantic from 1.10.8 to 1.10.9. ([\#15762](https://github.com/matrix-org/synapse/issues/15762))
* Bump pyo3-log from 0.8.1 to 0.8.2. ([\#15759](https://github.com/matrix-org/synapse/issues/15759))
* Bump pyopenssl from 23.1.1 to 23.2.0. ([\#15765](https://github.com/matrix-org/synapse/issues/15765))
* Bump regex from 1.7.3 to 1.8.4. ([\#15769](https://github.com/matrix-org/synapse/issues/15769))
* Bump sentry-sdk from 1.22.1 to 1.25.0. ([\#15714](https://github.com/matrix-org/synapse/issues/15714))
* Bump sentry-sdk from 1.25.0 to 1.25.1. ([\#15764](https://github.com/matrix-org/synapse/issues/15764))
* Bump serde from 1.0.163 to 1.0.164. ([\#15760](https://github.com/matrix-org/synapse/issues/15760))
* Bump types-jsonschema from 4.17.0.7 to 4.17.0.8. ([\#15716](https://github.com/matrix-org/synapse/issues/15716))
* Bump types-pyopenssl from 23.1.0.2 to 23.2.0.0. ([\#15766](https://github.com/matrix-org/synapse/issues/15766))
* Bump types-requests from 2.31.0.0 to 2.31.0.1. ([\#15715](https://github.com/matrix-org/synapse/issues/15715))

Synapse 1.85.2 (2023-06-08)
===========================

Bugfixes
--------

- Fix regression where using TLS for HTTP replication between workers did not work. Introduced in v1.85.0. ([\#15746](https://github.com/matrix-org/synapse/issues/15746))

Synapse 1.85.1 (2023-06-07)
===========================

Note: this release only fixes a bug that stopped some deployments from upgrading to v1.85.0. There is no need to upgrade to v1.85.1 if successfully running v1.85.0.

Bugfixes
--------

- Fix bug in schema delta that broke upgrades for some deployments. Introduced in v1.85.0. ([\#15738](https://github.com/matrix-org/synapse/issues/15738), [\#15739](https://github.com/matrix-org/synapse/issues/15739))

Synapse 1.85.0 (2023-06-06)
===========================

No significant changes since 1.85.0rc2.

## Security advisory

The following issues are fixed in 1.85.0 (and RCs).

- [GHSA-26c5-ppr8-f33p](https://github.com/matrix-org/synapse/security/advisories/GHSA-26c5-ppr8-f33p) / [CVE-2023-32682](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32682) — Low Severity

  It may be possible for a deactivated user to login when using uncommon configurations.

- [GHSA-98px-6486-j7qc](https://github.com/matrix-org/synapse/security/advisories/GHSA-98px-6486-j7qc) / [CVE-2023-32683](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-32683) — Low Severity

  A discovered oEmbed or image URL can bypass the `url_preview_url_blacklist` setting potentially allowing server side request forgery or bypassing network policies. Impact is limited to IP addresses allowed by the `url_preview_ip_range_blacklist` setting (by default this only allows public IPs).

See the advisories for more details. If you have any questions, email security@matrix.org.

Synapse 1.85.0rc2 (2023-06-01)
==============================

Bugfixes
--------

- Fix a performance issue introduced in Synapse v1.83.0 which meant that purging rooms was very slow and database-intensive. ([\#15693](https://github.com/matrix-org/synapse/issues/15693))

Deprecations and Removals
-------------------------

- Deprecate calling the `/register` endpoint with an unspecced `user` property for application services. ([\#15703](https://github.com/matrix-org/synapse/issues/15703))

Internal Changes
----------------

- Speed up background jobs `populate_full_user_id_user_filters` and `populate_full_user_id_profiles`. ([\#15700](https://github.com/matrix-org/synapse/issues/15700))

Synapse 1.85.0rc1 (2023-05-30)
==============================

Features
--------

- Improve performance of backfill requests by performing backfill of previously failed requests in the background. ([\#15585](https://github.com/matrix-org/synapse/issues/15585))
- Add a new [admin API](https://matrix-org.github.io/synapse/v1.85/usage/administration/admin_api/index.html) to [create a new device for a user](https://matrix-org.github.io/synapse/v1.85/admin_api/user_admin_api.html#create-a-device). ([\#15611](https://github.com/matrix-org/synapse/issues/15611))
- Add Unix socket support for Redis connections. Contributed by Jason Little. ([\#15644](https://github.com/matrix-org/synapse/issues/15644))

Bugfixes
--------

- Fix a long-standing bug where setting the read marker could fail when using message retention. Contributed by Nick @ Beeper (@fizzadar). ([\#15464](https://github.com/matrix-org/synapse/issues/15464))
- Fix a long-standing bug where the `url_preview_url_blacklist` configuration setting was not applied to oEmbed or image URLs found while previewing a URL. ([\#15601](https://github.com/matrix-org/synapse/issues/15601))
- Fix a long-standing bug where filters with multiple backslashes were rejected. ([\#15607](https://github.com/matrix-org/synapse/issues/15607))
- Fix a bug introduced in Synapse 1.82.0 where the error message displayed when validation of the `app_service_config_files` config option fails would be incorrectly formatted. ([\#15614](https://github.com/matrix-org/synapse/issues/15614))
- Fix a long-standing bug where deactivated users were still able to login using the custom `org.matrix.login.jwt` login type (if enabled). ([\#15624](https://github.com/matrix-org/synapse/issues/15624))
- Fix a long-standing bug where deactivated users were able to login in uncommon situations. ([\#15634](https://github.com/matrix-org/synapse/issues/15634))

Improved Documentation
----------------------

- Warn users that at least 3.75GB of space is needed for the nix Synapse development environment. ([\#15613](https://github.com/matrix-org/synapse/issues/15613))
- Remove outdated comment from the generated and sample homeserver log configs. ([\#15648](https://github.com/matrix-org/synapse/issues/15648))
- Improve contributor docs to make it more clear that Rust is a necessary prerequisite. Contributed by @grantm. ([\#15668](https://github.com/matrix-org/synapse/issues/15668))

Deprecations and Removals
-------------------------

- Remove the old version of the R30 (30-day retained users) phone-home metric. ([\#10428](https://github.com/matrix-org/synapse/issues/10428))

Internal Changes
----------------

- Create dependabot changelogs at release time. ([\#15481](https://github.com/matrix-org/synapse/issues/15481))
- Add not null constraint to column `full_user_id` of tables `profiles` and `user_filters`. ([\#15537](https://github.com/matrix-org/synapse/issues/15537))
- Allow connecting to HTTP Replication Endpoints by using `worker_name` when constructing the request. ([\#15578](https://github.com/matrix-org/synapse/issues/15578))
- Make the `thread_id` column on `event_push_actions`, `event_push_actions_staging`, and `event_push_summary` non-null. ([\#15597](https://github.com/matrix-org/synapse/issues/15597))
- Run mypy type checking with the minimum supported Python version to catch new usage that isn't backwards-compatible. ([\#15602](https://github.com/matrix-org/synapse/issues/15602))
- Fix subscriptable type usage in Python <3.9. ([\#15604](https://github.com/matrix-org/synapse/issues/15604))
- Update internal terminology. ([\#15606](https://github.com/matrix-org/synapse/issues/15606), [\#15620](https://github.com/matrix-org/synapse/issues/15620))
- Instrument `state` and `state_group` storage-related operations to better picture what's happening when tracing. ([\#15610](https://github.com/matrix-org/synapse/issues/15610), [\#15647](https://github.com/matrix-org/synapse/issues/15647))
- Trace how many new events from the backfill response we need to process. ([\#15633](https://github.com/matrix-org/synapse/issues/15633))
- Re-type config paths in `ConfigError`s to be `StrSequence`s instead of `Iterable[str]`s. ([\#15615](https://github.com/matrix-org/synapse/issues/15615))
- Update Mutual Rooms ([MSC2666](https://github.com/matrix-org/matrix-spec-proposals/pull/2666)) implementation to match new proposal text. ([\#15621](https://github.com/matrix-org/synapse/issues/15621))
- Remove the unstable identifiers from faster joins ([MSC3706](https://github.com/matrix-org/matrix-spec-proposals/pull/3706)). ([\#15625](https://github.com/matrix-org/synapse/issues/15625))
- Fix the olddeps CI. ([\#15626](https://github.com/matrix-org/synapse/issues/15626))
- Remove duplicate timestamp from test logs (`_trial_temp/test.log`). ([\#15636](https://github.com/matrix-org/synapse/issues/15636))
- Fix two memory leaks in `trial` test runs. ([\#15630](https://github.com/matrix-org/synapse/issues/15630))
- Limit the size of the `HomeServerConfig` cache in trial test runs. ([\#15646](https://github.com/matrix-org/synapse/issues/15646))
- Improve type hints. ([\#15658](https://github.com/matrix-org/synapse/issues/15658), [\#15659](https://github.com/matrix-org/synapse/issues/15659))
- Add requesting user id parameter to key claim methods in `TransportLayerClient`. ([\#15663](https://github.com/matrix-org/synapse/issues/15663))
- Speed up rebuilding of the user directory for local users. ([\#15665](https://github.com/matrix-org/synapse/issues/15665))
- Implement "option 2" for [MSC3820](https://github.com/matrix-org/matrix-spec-proposals/pull/3820): Room version 11. ([\#15666](https://github.com/matrix-org/synapse/issues/15666), [\#15678](https://github.com/matrix-org/synapse/issues/15678))

### Updates to locked dependencies

* Bump furo from 2023.3.27 to 2023.5.20. ([\#15642](https://github.com/matrix-org/synapse/issues/15642))
* Bump log from 0.4.17 to 0.4.18. ([\#15681](https://github.com/matrix-org/synapse/issues/15681))
* Bump prometheus-client from 0.16.0 to 0.17.0. ([\#15682](https://github.com/matrix-org/synapse/issues/15682))
* Bump pydantic from 1.10.7 to 1.10.8. ([\#15685](https://github.com/matrix-org/synapse/issues/15685))
* Bump pygithub from 1.58.1 to 1.58.2. ([\#15643](https://github.com/matrix-org/synapse/issues/15643))
* Bump requests from 2.28.2 to 2.31.0. ([\#15651](https://github.com/matrix-org/synapse/issues/15651))
* Bump sphinx from 6.1.3 to 6.2.1. ([\#15641](https://github.com/matrix-org/synapse/issues/15641))
* Bump types-bleach from 6.0.0.1 to 6.0.0.3. ([\#15686](https://github.com/matrix-org/synapse/issues/15686))
* Bump types-pillow from 9.5.0.2 to 9.5.0.4. ([\#15640](https://github.com/matrix-org/synapse/issues/15640))
* Bump types-pyyaml from 6.0.12.9 to 6.0.12.10. ([\#15683](https://github.com/matrix-org/synapse/issues/15683))
* Bump types-requests from 2.30.0.0 to 2.31.0.0. ([\#15684](https://github.com/matrix-org/synapse/issues/15684))
* Bump types-setuptools from 67.7.0.2 to 67.8.0.0. ([\#15639](https://github.com/matrix-org/synapse/issues/15639))

Synapse 1.84.1 (2023-05-26)
===========================

This patch release fixes a major issue with homeservers that do not have an `instance_map` defined but which do use workers.
If you have already upgraded to Synapse 1.84.0 and your homeserver is working normally, then there is no need to update to this patch release.

Bugfixes
--------

- Fix a bug introduced in Synapse v1.84.0 where workers do not start up when no `instance_map` was provided. ([\#15672](https://github.com/matrix-org/synapse/issues/15672))

Internal Changes
----------------

- Add `dch` and `notify-send` to the development Nix flake so that the release script can be used. ([\#15673](https://github.com/matrix-org/synapse/issues/15673))

Synapse 1.84.0 (2023-05-23)
===========================

The `worker_replication_*` configuration settings have been deprecated in favour of configuring the main process consistently with other instances in the `instance_map`. The deprecated settings will be removed in Synapse v1.88.0, but changing your configuration in advance is recommended. See the [upgrade notes](https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840) for more information.

Bugfixes
--------

- Fix a bug introduced in Synapse 1.84.0rc1 where errors during startup were not reported correctly on Python < 3.10. ([\#15599](https://github.com/matrix-org/synapse/issues/15599))

Synapse 1.84.0rc1 (2023-05-16)
==============================

Features
--------

- Add an option to prevent media downloads from configured domains. ([\#15197](https://github.com/matrix-org/synapse/issues/15197))
- Add `forget_rooms_on_leave` config option to automatically forget rooms when users leave them or are removed from them. ([\#15224](https://github.com/matrix-org/synapse/issues/15224))
- Add redis TLS configuration options. ([\#15312](https://github.com/matrix-org/synapse/issues/15312))
- Add a config option to delay push notifications by a random amount, to discourage time-based profiling. ([\#15516](https://github.com/matrix-org/synapse/issues/15516))
- Stabilize support for [MSC2659](https://github.com/matrix-org/matrix-spec-proposals/pull/2659): application service ping endpoint. Contributed by Tulir @ Beeper. ([\#15528](https://github.com/matrix-org/synapse/issues/15528))
- Implement [MSC4009](https://github.com/matrix-org/matrix-spec-proposals/pull/4009) to expand the supported characters in Matrix IDs. ([\#15536](https://github.com/matrix-org/synapse/issues/15536))
- Advertise support for Matrix 1.6 on `/_matrix/client/versions`. ([\#15559](https://github.com/matrix-org/synapse/issues/15559))
- Print full error and stack-trace of any exception that occurs during startup/initialization. ([\#15569](https://github.com/matrix-org/synapse/issues/15569))

Bugfixes
--------

- Don't fail on federation over TOR where SRV queries are not supported. Contributed by Zdzichu. ([\#15523](https://github.com/matrix-org/synapse/issues/15523))
- Experimental support for [MSC4010](https://github.com/matrix-org/matrix-spec-proposals/pull/4010) which rejects setting the `"m.push_rules"` via account data. ([\#15554](https://github.com/matrix-org/synapse/issues/15554), [\#15555](https://github.com/matrix-org/synapse/issues/15555))
- Fix a long-standing bug where an invalid membership event could cause an internal server error. ([\#15564](https://github.com/matrix-org/synapse/issues/15564))
- Require at least poetry-core v1.1.0. ([\#15566](https://github.com/matrix-org/synapse/issues/15566), [\#15571](https://github.com/matrix-org/synapse/issues/15571))

Deprecations and Removals
-------------------------

- Remove need for `worker_replication_*` based settings in worker configuration yaml by placing this data directly on the `instance_map` instead. ([\#15491](https://github.com/matrix-org/synapse/issues/15491))

Updates to the Docker image
---------------------------

- Add pkg-config package to Stage 0 to be able to build Dockerfile on ppc64le architecture. ([\#15567](https://github.com/matrix-org/synapse/issues/15567))

Improved Documentation
----------------------

- Clarify documentation of the "Create or modify account" Admin API. ([\#15544](https://github.com/matrix-org/synapse/issues/15544))
- Fix path to the `statistics/database/rooms` admin API in documentation. ([\#15560](https://github.com/matrix-org/synapse/issues/15560))
- Update and improve Mastodon Single Sign-On documentation. ([\#15587](https://github.com/matrix-org/synapse/issues/15587))

Internal Changes
----------------

- Use oEmbed to generate URL previews for YouTube Shorts. ([\#15025](https://github.com/matrix-org/synapse/issues/15025))
- Create new `Client` for use with HTTP Replication between workers. Contributed by Jason Little. ([\#15470](https://github.com/matrix-org/synapse/issues/15470))
- Bump pyicu from 2.10.2 to 2.11. ([\#15509](https://github.com/matrix-org/synapse/issues/15509))
- Remove references to supporting per-user flag for [MSC2654](https://github.com/matrix-org/matrix-spec-proposals/pull/2654). ([\#15522](https://github.com/matrix-org/synapse/issues/15522))
- Don't use a trusted key server when running the demo scripts. ([\#15527](https://github.com/matrix-org/synapse/issues/15527))
- Speed up rebuilding of the user directory for local users. ([\#15529](https://github.com/matrix-org/synapse/issues/15529))
- Speed up deleting of old rows in `event_push_actions`. ([\#15531](https://github.com/matrix-org/synapse/issues/15531))
- Install the `xmlsec` and `mdbook` packages and switch back to the upstream [cachix/devenv](https://github.com/cachix/devenv) repo in the nix development environment. ([\#15532](https://github.com/matrix-org/synapse/issues/15532), [\#15533](https://github.com/matrix-org/synapse/issues/15533), [\#15545](https://github.com/matrix-org/synapse/issues/15545))
- Implement [MSC3987](https://github.com/matrix-org/matrix-spec-proposals/pull/3987) by removing `"dont_notify"` from the list of actions in default push rules. ([\#15534](https://github.com/matrix-org/synapse/issues/15534))
- Move various module API callback registration methods to a dedicated class. ([\#15535](https://github.com/matrix-org/synapse/issues/15535))
- Proxy `/user/devices` federation queries to application services for [MSC3984](https://github.com/matrix-org/matrix-spec-proposals/pull/3984). ([\#15539](https://github.com/matrix-org/synapse/issues/15539))
- Factor out an `is_mine_server_name` method. ([\#15542](https://github.com/matrix-org/synapse/issues/15542))
- Allow running Complement tests using [podman](https://podman.io/) by adding a `PODMAN` environment variable to `scripts-dev/complement.sh`. ([\#15543](https://github.com/matrix-org/synapse/issues/15543))
- Bump serde from 1.0.160 to 1.0.162. ([\#15548](https://github.com/matrix-org/synapse/issues/15548))
- Bump types-setuptools from 67.6.0.5 to 67.7.0.1. ([\#15549](https://github.com/matrix-org/synapse/issues/15549))
- Bump sentry-sdk from 1.19.1 to 1.22.1. ([\#15550](https://github.com/matrix-org/synapse/issues/15550))
- Bump ruff from 0.0.259 to 0.0.265. ([\#15551](https://github.com/matrix-org/synapse/issues/15551))
- Bump hiredis from 2.2.2 to 2.2.3. ([\#15552](https://github.com/matrix-org/synapse/issues/15552))
- Bump types-requests from 2.29.0.0 to 2.30.0.0. ([\#15553](https://github.com/matrix-org/synapse/issues/15553))
- Add `org.matrix.msc3981` info to `/_matrix/client/versions`. ([\#15558](https://github.com/matrix-org/synapse/issues/15558))
- Declare unstable support for [MSC3391](https://github.com/matrix-org/matrix-spec-proposals/pull/3391) under `/_matrix/client/versions` if the experimental implementation is enabled. ([\#15562](https://github.com/matrix-org/synapse/issues/15562))
- Implement [MSC3821](https://github.com/matrix-org/matrix-spec-proposals/pull/3821) to update the redaction rules. ([\#15563](https://github.com/matrix-org/synapse/issues/15563))
- Implement updated redaction rules from [MSC3389](https://github.com/matrix-org/matrix-spec-proposals/pull/3389). ([\#15565](https://github.com/matrix-org/synapse/issues/15565))
- Allow `pip install` to use setuptools_rust 1.6.0 when building Synapse. ([\#15570](https://github.com/matrix-org/synapse/issues/15570))
- Deal with upcoming Github Actions deprecations. ([\#15576](https://github.com/matrix-org/synapse/issues/15576))
- Export `run_as_background_process` from the module API. ([\#15577](https://github.com/matrix-org/synapse/issues/15577))
- Update build system requirements to allow building with poetry-core==1.6.0. ([\#15588](https://github.com/matrix-org/synapse/issues/15588))
- Bump serde from 1.0.162 to 1.0.163. ([\#15589](https://github.com/matrix-org/synapse/issues/15589))
- Bump phonenumbers from 8.13.7 to 8.13.11. ([\#15590](https://github.com/matrix-org/synapse/issues/15590))
- Bump types-psycopg2 from 2.9.21.9 to 2.9.21.10. ([\#15591](https://github.com/matrix-org/synapse/issues/15591))
- Bump types-commonmark from 0.9.2.2 to 0.9.2.3. ([\#15592](https://github.com/matrix-org/synapse/issues/15592))
- Bump types-setuptools from 67.7.0.1 to 67.7.0.2. ([\#15594](https://github.com/matrix-org/synapse/issues/15594))

Synapse 1.83.0 (2023-05-09)
===========================

No significant changes since 1.83.0rc1.

Synapse 1.83.0rc1 (2023-05-02)
==============================

Features
--------

- Experimental support to recursively provide relations per [MSC3981](https://github.com/matrix-org/matrix-spec-proposals/pull/3981). ([\#15315](https://github.com/matrix-org/synapse/issues/15315))
- Experimental support for [MSC3970](https://github.com/matrix-org/matrix-spec-proposals/pull/3970): Scope transaction IDs to devices. ([\#15318](https://github.com/matrix-org/synapse/issues/15318))
- Add an [admin API endpoint](https://matrix-org.github.io/synapse/v1.83/admin_api/experimental_features.html) to support per-user feature flags. ([\#15344](https://github.com/matrix-org/synapse/issues/15344))
- Add a module API to send an HTTP push notification. ([\#15387](https://github.com/matrix-org/synapse/issues/15387))
- Add an [admin API endpoint](https://matrix-org.github.io/synapse/v1.83/admin_api/statistics.html#get-largest-rooms-by-size-in-database) to query the largest rooms by disk space used in the database. ([\#15482](https://github.com/matrix-org/synapse/issues/15482))

Bugfixes
--------

- Disable push rule evaluation for rooms excluded from sync. ([\#15361](https://github.com/matrix-org/synapse/issues/15361))
- Fix a long-standing bug where cached server key results which were directly fetched would not be properly re-used. ([\#15417](https://github.com/matrix-org/synapse/issues/15417))
- Fix a bug introduced in Synapse 1.73.0 where some experimental push rules were returned by default. ([\#15494](https://github.com/matrix-org/synapse/issues/15494))

Improved Documentation
----------------------

- Add Nginx loadbalancing example with sticky mxid for workers. ([\#15411](https://github.com/matrix-org/synapse/issues/15411))
- Update outdated development docs that mention restrictions in versions of SQLite that we no longer support. ([\#15498](https://github.com/matrix-org/synapse/issues/15498))

Internal Changes
----------------

- Speedup tests by caching HomeServerConfig instances. ([\#15284](https://github.com/matrix-org/synapse/issues/15284))
- Add denormalised event stream ordering column to membership state tables for future use. Contributed by Nick @ Beeper (@fizzadar). ([\#15356](https://github.com/matrix-org/synapse/issues/15356))
- Always use multi-user device resync replication endpoints. ([\#15418](https://github.com/matrix-org/synapse/issues/15418))
- Add column `full_user_id` to tables `profiles` and `user_filters`. ([\#15458](https://github.com/matrix-org/synapse/issues/15458))
- Update support for [MSC3983](https://github.com/matrix-org/matrix-spec-proposals/pull/3983) to allow always returning fallback-keys in a `/keys/claim` request. ([\#15462](https://github.com/matrix-org/synapse/issues/15462))
- Improve type hints. ([\#15465](https://github.com/matrix-org/synapse/issues/15465), [\#15496](https://github.com/matrix-org/synapse/issues/15496), [\#15497](https://github.com/matrix-org/synapse/issues/15497))
- Support claiming more than one OTK at a time. ([\#15468](https://github.com/matrix-org/synapse/issues/15468))
- Bump types-pyyaml from 6.0.12.8 to 6.0.12.9. ([\#15471](https://github.com/matrix-org/synapse/issues/15471))
- Bump pyasn1-modules from 0.2.8 to 0.3.0. ([\#15473](https://github.com/matrix-org/synapse/issues/15473))
- Bump cryptography from 40.0.1 to 40.0.2. ([\#15474](https://github.com/matrix-org/synapse/issues/15474))
- Bump types-netaddr from 0.8.0.7 to 0.8.0.8. ([\#15475](https://github.com/matrix-org/synapse/issues/15475))
- Bump types-jsonschema from 4.17.0.6 to 4.17.0.7. ([\#15476](https://github.com/matrix-org/synapse/issues/15476))
- Ask bug reporters to provide logs as text. ([\#15479](https://github.com/matrix-org/synapse/issues/15479))
- Add a Nix flake for use as a development environment. ([\#15495](https://github.com/matrix-org/synapse/issues/15495))
- Bump anyhow from 1.0.70 to 1.0.71. ([\#15507](https://github.com/matrix-org/synapse/issues/15507))
- Bump types-pillow from 9.4.0.19 to 9.5.0.2. ([\#15508](https://github.com/matrix-org/synapse/issues/15508))
- Bump packaging from 23.0 to 23.1. ([\#15510](https://github.com/matrix-org/synapse/issues/15510))
- Bump types-requests from 2.28.11.16 to 2.29.0.0. ([\#15511](https://github.com/matrix-org/synapse/issues/15511))
- Bump setuptools-rust from 1.5.2 to 1.6.0. ([\#15512](https://github.com/matrix-org/synapse/issues/15512))
- Update the check_schema_delta script to account for when the schema version has been bumped locally. ([\#15466](https://github.com/matrix-org/synapse/issues/15466))

Synapse 1.82.0 (2023-04-25)
===========================

No significant changes since 1.82.0rc1.

Synapse 1.82.0rc1 (2023-04-18)
==============================

Features
--------

- Allow loading the `/directory/room/{roomAlias}` endpoint on workers. ([\#15333](https://github.com/matrix-org/synapse/issues/15333))
- Add some validation to `instance_map` configuration loading. ([\#15431](https://github.com/matrix-org/synapse/issues/15431))
- Allow loading the `/capabilities` endpoint on workers. ([\#15436](https://github.com/matrix-org/synapse/issues/15436))

Bugfixes
--------

- Delete server-side backup keys when deactivating an account. ([\#15181](https://github.com/matrix-org/synapse/issues/15181))
- Fix and document untold assumption that `on_logged_out` module hooks will be called before the deletion of pushers. ([\#15410](https://github.com/matrix-org/synapse/issues/15410))
- Improve robustness when handling a perspective key response by deduplicating received server keys. ([\#15423](https://github.com/matrix-org/synapse/issues/15423))
- Synapse now correctly fails to start if the config option `app_service_config_files` is not a list. ([\#15425](https://github.com/matrix-org/synapse/issues/15425))
- Disable loading `RefreshTokenServlet` (`/_matrix/client/(r0|v3|unstable)/refresh`) on workers. ([\#15428](https://github.com/matrix-org/synapse/issues/15428))

Improved Documentation
----------------------

- Note that the `delete_stale_devices_after` background job always runs on the main process. ([\#15452](https://github.com/matrix-org/synapse/issues/15452))

Deprecations and Removals
-------------------------

- Remove the broken, unspecced registration fallback. Note that the *login* fallback is unaffected by this change. ([\#15405](https://github.com/matrix-org/synapse/issues/15405))

Internal Changes
----------------

- Bump black from 23.1.0 to 23.3.0. ([\#15372](https://github.com/matrix-org/synapse/issues/15372))
- Bump pyopenssl from 23.1.0 to 23.1.1. ([\#15373](https://github.com/matrix-org/synapse/issues/15373))
- Bump types-psycopg2 from 2.9.21.8 to 2.9.21.9. ([\#15374](https://github.com/matrix-org/synapse/issues/15374))
- Bump types-netaddr from 0.8.0.6 to 0.8.0.7. ([\#15375](https://github.com/matrix-org/synapse/issues/15375))
- Bump types-opentracing from 2.4.10.3 to 2.4.10.4. ([\#15376](https://github.com/matrix-org/synapse/issues/15376))
- Bump dawidd6/action-download-artifact from 2.26.0 to 2.26.1. ([\#15404](https://github.com/matrix-org/synapse/issues/15404))
- Bump parameterized from 0.8.1 to 0.9.0. ([\#15412](https://github.com/matrix-org/synapse/issues/15412))
- Bump types-pillow from 9.4.0.17 to 9.4.0.19. ([\#15413](https://github.com/matrix-org/synapse/issues/15413))
- Bump sentry-sdk from 1.17.0 to 1.19.1. ([\#15414](https://github.com/matrix-org/synapse/issues/15414))
- Bump immutabledict from 2.2.3 to 2.2.4. ([\#15415](https://github.com/matrix-org/synapse/issues/15415))
- Bump dawidd6/action-download-artifact from 2.26.1 to 2.27.0. ([\#15441](https://github.com/matrix-org/synapse/issues/15441))
- Bump serde_json from 1.0.95 to 1.0.96. ([\#15442](https://github.com/matrix-org/synapse/issues/15442))
- Bump serde from 1.0.159 to 1.0.160. ([\#15443](https://github.com/matrix-org/synapse/issues/15443))
- Bump pillow from 9.4.0 to 9.5.0. ([\#15444](https://github.com/matrix-org/synapse/issues/15444))
- Bump furo from 2023.3.23 to 2023.3.27. ([\#15445](https://github.com/matrix-org/synapse/issues/15445))
- Bump types-pyopenssl from 23.1.0.0 to 23.1.0.2. ([\#15446](https://github.com/matrix-org/synapse/issues/15446))
- Bump mypy from 1.0.0 to 1.0.1. ([\#15447](https://github.com/matrix-org/synapse/issues/15447))
- Bump psycopg2 from 2.9.5 to 2.9.6. ([\#15448](https://github.com/matrix-org/synapse/issues/15448))
- Improve DB performance of clearing out old data from `stream_ordering_to_exterm`. ([\#15382](https://github.com/matrix-org/synapse/issues/15382), [\#15429](https://github.com/matrix-org/synapse/issues/15429))
- Implement [MSC3989](https://github.com/matrix-org/matrix-spec-proposals/pull/3989) redaction algorithm. ([\#15393](https://github.com/matrix-org/synapse/issues/15393))
- Implement [MSC2175](https://github.com/matrix-org/matrix-doc/pull/2175) to stop adding `creator` to create events. ([\#15394](https://github.com/matrix-org/synapse/issues/15394))
- Implement [MSC2174](https://github.com/matrix-org/matrix-spec-proposals/pull/2174) to move the `redacts` key to a `content` property. ([\#15395](https://github.com/matrix-org/synapse/issues/15395))
- Trust dtonlay/rust-toolchain in CI. ([\#15406](https://github.com/matrix-org/synapse/issues/15406))
- Explicitly install Synapse during typechecking in CI. ([\#15409](https://github.com/matrix-org/synapse/issues/15409))
- Only load the SSO redirect servlet if SSO is enabled. ([\#15421](https://github.com/matrix-org/synapse/issues/15421))
- Refactor `SimpleHttpClient` to pull out a base class. ([\#15427](https://github.com/matrix-org/synapse/issues/15427))
- Improve type hints. ([\#15432](https://github.com/matrix-org/synapse/issues/15432))
- Convert async to normal tests in `TestSSOHandler`. ([\#15433](https://github.com/matrix-org/synapse/issues/15433))
- Speed up the user directory background update. ([\#15435](https://github.com/matrix-org/synapse/issues/15435))
- Disable directory listing for static resources in `/_matrix/static/`. ([\#15438](https://github.com/matrix-org/synapse/issues/15438))
- Move various module API callback registration methods to a dedicated class. ([\#15453](https://github.com/matrix-org/synapse/issues/15453))

Synapse 1.81.0 (2023-04-11)
===========================

Synapse now attempts the versioned appservice paths before falling back to the
[legacy paths](https://spec.matrix.org/v1.6/application-service-api/#legacy-routes).
Usage of the legacy routes should be considered deprecated.

Additionally, Synapse has supported sending the application service access token
via [the `Authorization` header](https://spec.matrix.org/v1.6/application-service-api/#authorization)
since v1.70.0. For backwards compatibility it is *also* sent as the `access_token`
query parameter. This is insecure and should be considered deprecated.

A future version of Synapse (v1.88.0 or later) will remove support for legacy
application service routes and query parameter authorization.

No significant changes since 1.81.0rc2.

Synapse 1.81.0rc2 (2023-04-06)
==============================

Bugfixes
--------

- Fix the `set_device_id_for_pushers_txn` background update crash. ([\#15391](https://github.com/matrix-org/synapse/issues/15391))

Internal Changes
----------------

- Update CI to run complement under the latest stable go version. ([\#15403](https://github.com/matrix-org/synapse/issues/15403))

Synapse 1.81.0rc1 (2023-04-04)
==============================

Features
--------

- Add the ability to enable/disable registrations when in the OIDC flow. ([\#14978](https://github.com/matrix-org/synapse/issues/14978))
- Add a primitive helper script for listing worker endpoints. ([\#15243](https://github.com/matrix-org/synapse/issues/15243))
- Experimental support for passing One Time Key and device key requests to application services ([MSC3983](https://github.com/matrix-org/matrix-spec-proposals/pull/3983) and [MSC3984](https://github.com/matrix-org/matrix-spec-proposals/pull/3984)). ([\#15314](https://github.com/matrix-org/synapse/issues/15314), [\#15321](https://github.com/matrix-org/synapse/issues/15321))
- Allow loading `/password_policy` endpoint on workers. ([\#15331](https://github.com/matrix-org/synapse/issues/15331))
- Add experimental support for Unix sockets. Contributed by Jason Little. ([\#15353](https://github.com/matrix-org/synapse/issues/15353))
- Build Debian packages for Ubuntu 23.04 (Lunar Lobster). ([\#15381](https://github.com/matrix-org/synapse/issues/15381))

Bugfixes
--------

- Fix a long-standing bug where edits of non-`m.room.message` events would not be correctly bundled. ([\#15295](https://github.com/matrix-org/synapse/issues/15295))
- Fix a bug introduced in Synapse v1.55.0 which could delay remote homeservers being able to decrypt encrypted messages sent by local users. ([\#15297](https://github.com/matrix-org/synapse/issues/15297))
- Add a check to [SQLite port_db script](https://matrix-org.github.io/synapse/latest/postgres.html#porting-from-sqlite)
  to ensure that the sqlite database passed to the script exists before trying to port from it. ([\#15306](https://github.com/matrix-org/synapse/issues/15306))
- Fix a bug introduced in Synapse 1.76.0 where responses from worker deployments could include an internal `_INT_STREAM_POS` key. ([\#15309](https://github.com/matrix-org/synapse/issues/15309))
- Fix a long-standing bug that Synpase only used the [legacy appservice routes](https://spec.matrix.org/v1.6/application-service-api/#legacy-routes). ([\#15317](https://github.com/matrix-org/synapse/issues/15317))
- Fix a long-standing bug preventing users from rejoining rooms after being banned and unbanned over federation. Contributed by Nico. ([\#15323](https://github.com/matrix-org/synapse/issues/15323))
- Fix bug in worker mode where on a rolling restart of workers the "typing" worker would consume 100% CPU until it got restarted. ([\#15332](https://github.com/matrix-org/synapse/issues/15332))
- Fix a long-standing bug where some to_device messages could be dropped when using workers. ([\#15349](https://github.com/matrix-org/synapse/issues/15349))
- Fix a bug introduced in Synapse 1.70.0 where the background sync from a faster join could spin for hours when one of the events involved had been marked for backoff. ([\#15351](https://github.com/matrix-org/synapse/issues/15351))
- Fix missing app variable in mail subject for password resets. Contributed by Cyberes. ([\#15352](https://github.com/matrix-org/synapse/issues/15352))
- Fix a rare bug introduced in Synapse 1.66.0 where initial syncs would fail when the user had been kicked from a faster joined room that had not finished syncing. ([\#15383](https://github.com/matrix-org/synapse/issues/15383))

Improved Documentation
----------------------

- Fix a typo in login requests ratelimit defaults. ([\#15341](https://github.com/matrix-org/synapse/issues/15341))
- Add some clarification to the doc/comments regarding TCP replication. ([\#15354](https://github.com/matrix-org/synapse/issues/15354))
- Note that Synapse 1.74 queued a rebuild of the user directory tables. ([\#15386](https://github.com/matrix-org/synapse/issues/15386))

Internal Changes
----------------

- Use `immutabledict` instead of `frozendict`. ([\#15113](https://github.com/matrix-org/synapse/issues/15113))
- Add developer documentation for the Federation Sender and add a documentation mechanism using Sphinx. ([\#15265](https://github.com/matrix-org/synapse/issues/15265), [\#15336](https://github.com/matrix-org/synapse/issues/15336))
- Make the pushers rely on the `device_id` instead of the `access_token_id` for various operations. ([\#15280](https://github.com/matrix-org/synapse/issues/15280))
- Bump sentry-sdk from 1.15.0 to 1.17.0. ([\#15285](https://github.com/matrix-org/synapse/issues/15285))
- Allow running the Twisted trunk job against other branches. ([\#15302](https://github.com/matrix-org/synapse/issues/15302))
- Remind the releaser to ask for changelog feedback in [#synapse-dev](https://matrix.to/#/#synapse-dev:matrix.org). ([\#15303](https://github.com/matrix-org/synapse/issues/15303))
- Bump dtolnay/rust-toolchain from e12eda571dc9a5ee5d58eecf4738ec291c66f295 to fc3253060d0c959bea12a59f10f8391454a0b02d. ([\#15304](https://github.com/matrix-org/synapse/issues/15304))
- Reject events with an invalid "mentions" property per [MSC3952](https://github.com/matrix-org/matrix-spec-proposals/pull/3952). ([\#15311](https://github.com/matrix-org/synapse/issues/15311))
- As an optimisation, use `TRUNCATE` on Postgres when clearing the user directory tables. ([\#15316](https://github.com/matrix-org/synapse/issues/15316))
- Fix `.gitignore` rule for the Complement source tarball downloaded automatically by `complement.sh`. ([\#15319](https://github.com/matrix-org/synapse/issues/15319))
- Bump serde from 1.0.157 to 1.0.158. ([\#15324](https://github.com/matrix-org/synapse/issues/15324))
- Bump regex from 1.7.1 to 1.7.3. ([\#15325](https://github.com/matrix-org/synapse/issues/15325))
- Bump types-pyopenssl from 23.0.0.4 to 23.1.0.0. ([\#15326](https://github.com/matrix-org/synapse/issues/15326))
- Bump furo from 2022.12.7 to 2023.3.23. ([\#15327](https://github.com/matrix-org/synapse/issues/15327))
- Bump ruff from 0.0.252 to 0.0.259. ([\#15328](https://github.com/matrix-org/synapse/issues/15328))
- Bump cryptography from 40.0.0 to 40.0.1. ([\#15329](https://github.com/matrix-org/synapse/issues/15329))
- Bump mypy-zope from 0.9.0 to 0.9.1. ([\#15330](https://github.com/matrix-org/synapse/issues/15330))
- Speed up unit tests when using SQLite3. ([\#15334](https://github.com/matrix-org/synapse/issues/15334))
- Speed up pydantic CI job. ([\#15339](https://github.com/matrix-org/synapse/issues/15339))
- Speed up sample config CI job. ([\#15340](https://github.com/matrix-org/synapse/issues/15340))
- Fix copyright year in SSO footer template. ([\#15358](https://github.com/matrix-org/synapse/issues/15358))
- Bump peaceiris/actions-gh-pages from 3.9.2 to 3.9.3. ([\#15369](https://github.com/matrix-org/synapse/issues/15369))
- Bump serde from 1.0.158 to 1.0.159. ([\#15370](https://github.com/matrix-org/synapse/issues/15370))
- Bump serde_json from 1.0.94 to 1.0.95. ([\#15371](https://github.com/matrix-org/synapse/issues/15371))
- Speed up membership queries for users with forgotten rooms. ([\#15385](https://github.com/matrix-org/synapse/issues/15385))

(js)