Sourced from matrix-synapse's releases.

v1.37.0

Synapse 1.37.0 (2021-06-29)

This release deprecates the current spam checker interface. See the upgrade notes for more information on how to update to the new generic module interface.

This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a reverse proxy to handle TLS termination, or use an external ACME client (such as certbot) to retrieve a certificate and key and provide them to Synapse using the tls_certificate_path and tls_private_key_path configuration settings.

Synapse 1.37.0rc1 (2021-06-24)

Features

• Implement "room knocking" as per MSC2403. Contributed by @​Sorunome and anoa. (#6739, #9359, #10167, #10212, #10227)
• Add experimental support for backfilling history into rooms (MSC2716). (#9247)
• Implement a generic interface for third-party plugin modules. (#10062, #10206)
• Implement config option sso.update_profile_information to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. (#10108)
• Ensure that errors during startup are written to the logs and the console. (#10191)

Bugfixes

• Fix a bug introduced in Synapse v1.25.0 that prevented the ip_range_whitelist configuration option from working for federation and identity servers. Contributed by @​mikure. (#10115)
• Remove a broken import line in Synapse's admin_cmd worker. Broke in Synapse v1.33.0. (#10154)
• Fix a bug introduced in Synapse v1.21.0 which could cause /sync to return immediately with an empty response. (#10157, #10158)
• Fix a minor bug in the response to /_matrix/client/r0/user/{user}/openid/request_token causing expires_in to be a float instead of an integer. Contributed by @​lukaslihotzki. (#10175)
• Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. (#10184)
• Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @​heftig. (#10195)
• Fix a bug introduced in Synapse v1.35.1 where an allow key of a m.room.join_rules event could be applied for incorrect room versions and configurations. (#10208)
• Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. (#10221)

Improved Documentation

• Add a new guide to decoding request logs. (#8436)
• Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @​aaronraimist. (#10122)
• Fix broken links in documentation. (#10180)
• Deploy a snapshot of the documentation website upon each new Synapse release. (#10198)

Deprecations and Removals

• The current spam checker interface is deprecated in favour of a new generic modules system. See the upgrade notes for more information on how to update to the new system. (#10062, #10210, #10238)
• Stop supporting the unstable spaces prefixes from MSC1772. (#10161)
• Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a reverse proxy to handle TLS termination, or use an external ACME client (such as certbot) to retrieve a certificate and key and provide them to Synapse using the tls_certificate_path and tls_private_key_path configuration settings. (#10194)

Internal Changes

... (truncated)

Sourced from matrix-synapse's changelog.

Synapse 1.37.0 (2021-06-29)

This release deprecates the current spam checker interface. See the upgrade notes for more information on how to update to the new generic module interface.

This release also removes support for fetching and renewing TLS certificates using the ACME v1 protocol, which has been fully decommissioned by Let's Encrypt on June 1st 2021. Admins previously using this feature should use a reverse proxy to handle TLS termination, or use an external ACME client (such as certbot) to retrieve a certificate and key and provide them to Synapse using the tls_certificate_path and tls_private_key_path configuration settings.

Synapse 1.37.0rc1 (2021-06-24)

Features

• Implement "room knocking" as per MSC2403. Contributed by @​Sorunome and anoa. (#6739, #9359, #10167, #10212, #10227)
• Add experimental support for backfilling history into rooms (MSC2716). (#9247)
• Implement a generic interface for third-party plugin modules. (#10062, #10206)
• Implement config option sso.update_profile_information to sync SSO users' profile information with the identity provider each time they login. Currently only displayname is supported. (#10108)
• Ensure that errors during startup are written to the logs and the console. (#10191)

Bugfixes

• Fix a bug introduced in Synapse v1.25.0 that prevented the ip_range_whitelist configuration option from working for federation and identity servers. Contributed by @​mikure. (#10115)
• Remove a broken import line in Synapse's admin_cmd worker. Broke in Synapse v1.33.0. (#10154)
• Fix a bug introduced in Synapse v1.21.0 which could cause /sync to return immediately with an empty response. (#10157, #10158)
• Fix a minor bug in the response to /_matrix/client/r0/user/{user}/openid/request_token causing expires_in to be a float instead of an integer. Contributed by @​lukaslihotzki. (#10175)
• Always require users to re-authenticate for dangerous operations: deactivating an account, modifying an account password, and adding 3PIDs. (#10184)
• Fix a bug introduced in Synpase v1.7.2 where remote server count metrics collection would be incorrectly delayed on startup. Found by @​heftig. (#10195)
• Fix a bug introduced in Synapse v1.35.1 where an allow key of a m.room.join_rules event could be applied for incorrect room versions and configurations. (#10208)
• Fix performance regression in responding to user key requests over federation. Introduced in Synapse v1.34.0rc1. (#10221)

Improved Documentation

• Add a new guide to decoding request logs. (#8436)
• Mention in the sample homeserver config that you may need to configure max upload size in your reverse proxy. Contributed by @​aaronraimist. (#10122)
• Fix broken links in documentation. (#10180)
• Deploy a snapshot of the documentation website upon each new Synapse release. (#10198)

Deprecations and Removals

• The current spam checker interface is deprecated in favour of a new generic modules system. See the upgrade notes for more information on how to update to the new system. (#10062, #10210, #10238)
• Stop supporting the unstable spaces prefixes from MSC1772. (#10161)
• Remove Synapse's support for automatically fetching and renewing certificates using the ACME v1 protocol. This protocol has been fully turned off by Let's Encrypt for existing installations on June 1st 2021. Admins previously using this feature should use a reverse proxy to handle TLS termination, or use an external ACME client (such as certbot) to retrieve a certificate and key and provide them to Synapse using the tls_certificate_path and tls_private_key_path configuration settings. (#10194)

... (truncated)

• 88f9e8d Move deprecation notices to the top of the changelog
• cdf569e 1.37.0
• bb472f3 Incorportate review comments
• 7e0cd50 Fix date in changelog
• acac453 Tweak changelog
• c955e37 Fix wrapping of legacy check_registration_for_spam (#10238)
• 9ec45ac 1.37.0rc1
• 33701dc Fix schema delta to not take as long on large servers (#10227)
• 34db6bb Warn users trying to use the deprecated spam checker interface (#10210)
• 96f6293 Add endpoints for backfilling history (MSC2716) (#9247)
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)