Sourced from matrix-synapse's releases.

v1.56.0

Synapse 1.56.0 (2022-04-05)

Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding email, recaptcha or token-based verification in order to prevent automated registration from bad actors. This check can be disabled by setting the enable_registration_without_verification option in your homeserver configuration file to true. More details are available in the upgrade notes.

Synapse will additionally now refuse to start when using PostgreSQL with a non-C values for COLLATE and CTYPE, unless the config flag allow_unsafe_locale, found in the database section of the configuration file, is set to true. See the upgrade notes for details.

Internal Changes

• Bump the version of black for compatibility with the latest click release. (#12320)

Synapse 1.56.0rc1 (2022-03-29)

Features

• Allow modules to store already existing 3PID associations. (#12195)
• Allow registering server administrators using the module API. Contributed by Famedly. (#12250)

Bugfixes

• Fix a long-standing bug which caused the /_matrix/federation/v1/state and /_matrix/federation/v1/state_ids endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". (#12087)
• Fix a long-standing bug where events from ignored users would still be considered for relations. (#12227, #12232, #12285)
• Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. (#12228)
• Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. (#12261)

Improved Documentation

• Fix the link to the module documentation in the legacy spam checker warning message. (#12231)
• Remove incorrect prefixes in the worker documentation for some endpoints. (#12243)
• Correct check_username_for_spam annotations and docs. (#12246)
• Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @​IronTooch. (#12275)
• HAProxy reverse proxy guide update to stop sending IPv4-mapped address to homeserver. Contributed by @​villepeh. (#12279)

Internal Changes

• Rename shared_rooms to mutual_rooms (MSC2666), as per proposal changes. (#12036)
• Remove check on update_user_directory for shared rooms handler (MSC2666), and update/expand documentation. (#12038)
• Refactor create_new_client_event to use a new parameter, state_event_ids, which accurately describes the usage with MSC2716 instead of abusing auth_event_ids. (#12083, #12304)
• Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag enable_registration_without_verification is set to true. (#12091, #12322)
• Add tests for database transaction callbacks. (#12198)
• Handle cancellation in DatabasePool.runInteraction. (#12199)
• Add missing type hints for cache storage. (#12216)
• Add missing type hints for storage. (#12248, #12255)

... (truncated)

Sourced from matrix-synapse's changelog.

Synapse 1.56.0 (2022-04-05)

Synapse will now refuse to start up if open registration is enabled, in order to help mitigate abuse across the federation. If you would like to provide registration to anyone, consider adding email, recaptcha or token-based verification in order to prevent automated registration from bad actors. This check can be disabled by setting the enable_registration_without_verification option in your homeserver configuration file to true. More details are available in the upgrade notes.

Synapse will additionally now refuse to start when using PostgreSQL with a non-C values for COLLATE and CTYPE, unless the config flag allow_unsafe_locale, found in the database section of the configuration file, is set to true. See the upgrade notes for details.

Internal Changes

• Bump the version of black for compatibility with the latest click release. (#12320)

Synapse 1.56.0rc1 (2022-03-29)

Features

• Allow modules to store already existing 3PID associations. (#12195)
• Allow registering server administrators using the module API. Contributed by Famedly. (#12250)

Bugfixes

• Fix a long-standing bug which caused the /_matrix/federation/v1/state and /_matrix/federation/v1/state_ids endpoints to return incorrect or invalid data when called for an event which we have stored as an "outlier". (#12087)
• Fix a long-standing bug where events from ignored users would still be considered for relations. (#12227, #12232, #12285)
• Fix a bug introduced in Synapse 1.53.0 where an unnecessary query could be performed when fetching bundled aggregations for threads. (#12228)
• Fix a bug introduced in Synapse 1.52.0 where admins could not deactivate and GDPR-erase a user if Synapse was configured with limits on avatars. (#12261)

Improved Documentation

• Fix the link to the module documentation in the legacy spam checker warning message. (#12231)
• Remove incorrect prefixes in the worker documentation for some endpoints. (#12243)
• Correct check_username_for_spam annotations and docs. (#12246)
• Correct Authentik OpenID typo, and add notes on troubleshooting. Contributed by @​IronTooch. (#12275)

... (truncated)

• ac80bfb Tweak CHANGES.md
• 7a95e80 1.56.0
• ca7e34c Pin signedjson to <= 1.1.1 as a temporary workaround for #12324
• a7293ef Bump black and click versions (#12320)
• 4d693f9 Add note in changelog of non-C type locale causing Synapse to refuse to start...
• 013f3f5 Move warning of open registration to v1.56 upgrade notes (#12322)
• 8a5d691 Missing period
• 512007f Fix formatting
• e9220ad Link to pre-1.0 changelog
• 28a6480 Linkify MSCs
• Additional commits viewable in compare view

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)