Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package matrix-synapse for openSUSE:Factory
checked in at 2021-03-28 11:56:50
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/matrix-synapse (Old)
and /work/SRC/openSUSE:Factory/.matrix-synapse.new.2401 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "matrix-synapse"
Sun Mar 28 11:56:50 2021 rev:29 rq:881588 version:1.30.1
Changes:
--------
--- /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse.changes
2021-02-26 22:02:55.604003951 +0100
+++ /work/SRC/openSUSE:Factory/.matrix-synapse.new.2401/matrix-synapse.changes
2021-03-28 11:58:51.700356735 +0200
@@ -1,0 +2,193 @@
+Fri Mar 26 12:39:34 UTC 2021 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.30.1
+ This release is identical to Synapse 1.30.0, with the exception
+ of explicitly setting a minimum version of Python's Cryptography
+ library to ensure that users of Synapse are protected from the
+ recent OpenSSL security advisories, especially CVE-2021-3449.
+ - Internal Changes
+ - Enforce that `cryptography` dependency is up to date to
+ ensure it has the most recent openssl patches. (#9697)
+
+- Note: we do not bump the cryptography dependency in our package
+ as we use the system OpenSSL which gets the fix.
+
+ Add dont-bump-cryptography-with-system-openssl.patch to comment
+ out the dependency because otherwise the newer version
+ requirement is enforced on startup
+
+-------------------------------------------------------------------
+Mon Mar 22 14:02:31 UTC 2021 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.30.0
+ Note that this release deprecates the ability for appservices to
+ call POST /_matrix/client/r0/register without the body parameter
+ type. Appservice developers should use a type value of
+ m.login.application_service as per the spec. In future releases,
+ calling this endpoint with an access token - but without a
+ m.login.application_service type - will fail.
+
+ - Features
+ - Add prometheus metrics for number of users successfully
+ registering and logging in. (#9510, #9511, #9573)
+ - Add synapse_federation_last_sent_pdu_time and
+ synapse_federation_last_received_pdu_time prometheus metrics,
+ which monitor federation delays by reporting the timestamps
+ of messages sent and received to a set of remote servers.
+ (#9540)
+ - Add support for generating JSON Web Tokens dynamically for
+ use as OIDC client secrets. (#9549)
+ - Optimise handling of incomplete room history for incoming
+ federation. (#9601)
+ - Finalise support for allowing clients to pick an SSO Identity
+ Provider (MSC2858). (#9617)
+ - Tell spam checker modules about the SSO IdP a user registered
+ through if one was used. (#9626)
+ - Bugfixes
+ - Fix long-standing bug when generating thumbnails for some
+ images with transparency: TypeError: cannot unpack
+ non-iterable int object. (#9473)
+ - Purge chain cover indexes for events that were purged prior
+ to Synapse v1.29.0. (#9542, #9583)
+ - Fix bug where federation requests were not correctly retried
+ on 5xx responses. (#9567)
+ - Fix re-activating an account via the admin API when local
+ passwords are disabled. (#9587)
+ - Fix a bug introduced in Synapse 1.20 which caused incoming
+ federation transactions to stack up, causing slow recovery
+ from outages. (#9597)
+ - Fix a bug introduced in v1.28.0 where the OpenID Connect
+ callback endpoint could error with a MacaroonInitException.
+ (#9620)
+ - Fix Internal Server Error on GET
+ /_synapse/client/saml2/authn_response request. (#9623)
+ - Updates to the Docker image
+ - Use jemalloc if available in docker. (#8553)
+ - Improved Documentation
+ - Add relayd entry to reverse proxy example configurations.
+ (#9508)
+ - Improve the SAML2 upgrade notes for 1.27.0. (#9550)
+ - Link to the "List user's media" admin API from the media
+ admin API docs. (#9571)
+ - Clarify the spam checker modules documentation example to
+ mention that parse_config is a required method. (#9580)
+ - Clarify the sample configuration for stats settings. (#9604)
+ - Deprecations and Removals
+ - The synapse_federation_last_sent_pdu_age and
+ synapse_federation_last_received_pdu_age prometheus metrics
+ have been removed. They are replaced by
+ synapse_federation_last_sent_pdu_time and
+ synapse_federation_last_received_pdu_time. (#9540)
+ - Registering an Application Service user without using the
+ m.login.application_service login type will be unsupported in
+ an upcoming Synapse release. (#9559)
+ - Internal Changes
+ - Add tests to ResponseCache. (#9458)
+ - Add type hints to purge room and server notice admin API.
+ (#9520)
+ - Add extra logging to ObservableDeferred when callbacks throw
+ exceptions. (#9523)
+ - Fix incorrect type hints. (#9528, #9543, #9591, #9608, #9618)
+ - Add an additional test for purging a room. (#9541)
+ - Add a .git-blame-ignore-revs file with the hashes of
+ auto-formatting. (#9560)
+ - Increase the threshold before which outbound federation to a
+ server goes into "catch up" mode, which is expensive for the
+ remote server to handle. (#9561)
+ - Fix spurious errors reported by the config-lint.sh script.
+ (#9562)
+ - Fix type hints and tests for BlacklistingAgentWrapper and
+ BlacklistingReactorWrapper. (#9563)
+ - Do not have mypy ignore type hints from unpaddedbase64.
+ (#9568)
+ - Improve efficiency of calculating the auth chain in large
+ rooms. (#9576)
+ - Convert synapse.types.Requester to an attrs class. (#9586)
+ - Add logging for redis connection setup. (#9590)
+ - Improve logging when processing incoming transactions.
+ (#9596)
+ - Remove unused stats.retention setting, and emit a warning if
+ stats are disabled. (#9604)
+ - Prevent attempting to bundle aggregations for state events in
+ /context APIs. (#9619)
+
+-------------------------------------------------------------------
+Mon Mar 8 21:27:57 UTC 2021 - Marcus Rueckert <mrueck...@suse.de>
+
+- Update to 1.29.0
+ Note that synapse now expects an X-Forwarded-Proto header when
+ used with a reverse proxy. Please see UPGRADE.rst for more
+ details on this change.
+
+ - Features
+ - Add rate limiters to cross-user key sharing requests. (#8957)
+ - Add order_by to the admin API GET
+ /_synapse/admin/v1/users/<user_id>/media. Contributed by
+ @dklimpel. (#8978)
+ - Add some configuration settings to make users' profile data
+ more private. (#9203)
+ - The no_proxy and NO_PROXY environment variables are now
+ respected in proxied HTTP clients with the lowercase form
+ taking precedence if both are present. Additionally, the
+ lowercase https_proxy environment variable is now respected
+ in proxied HTTP clients on top of existing support for the
+ uppercase HTTPS_PROXY form and takes precedence if both are
+ present. Contributed by Timothy Leung. (#9372)
+ - Add a configuration option,
+ user_directory.prefer_local_users, which when enabled will
+ make it more likely for users on the same server as you to
+ appear above other users. (#9383, #9385)
+ - Add support for regenerating thumbnails if they have been
+ deleted but the original image is still stored. (#9438)
+ - Add support for X-Forwarded-Proto header when using a reverse
+ proxy. (#9472, #9501, #9512, #9539)
+ - Bugfixes
+ - Fix a bug where users' pushers were not all deleted when they
+ deactivated their account. (#9285, #9516)
+ - Fix a bug where a lot of unnecessary presence updates were
+ sent when joining a room. (#9402)
+ - Fix a bug that caused multiple calls to the experimental
+ shared_rooms endpoint to return stale results. (#9416)
+ - Fix a bug in single sign-on which could cause a "No session
+ cookie found" error. (#9436)
+ - Fix bug introduced in v1.27.0 where allowing a user to choose
+ their own username when logging in via single sign-on did not
+ work unless an idp_icon was defined. (#9440)
+ - Fix a bug introduced in v1.26.0 where some sequences were not
+ properly configured when running synapse_port_db. (#9449)
+ - Fix deleting pushers when using sharded pushers. (#9465,
+ #9466, #9479, #9536)
+ - Fix missing startup checks for the consistency of certain
+ PostgreSQL sequences. (#9470)
+ - Fix a long-standing bug where the media repository could leak
+ file descriptors while previewing media. (#9497)
+ - Properly purge the event chain cover index when purging
+ history. (#9498)
+ - Fix missing chain cover index due to a schema delta not being
+ applied correctly. Only affected servers that ran development
+ versions. (#9503)
+ - Fix a bug introduced in v1.25.0 where /_synapse/admin/join/
+ would fail when given a room alias. (#9506)
+ - Prevent presence background jobs from running when presence
+ is disabled. (#9530)
+ - Fix rare edge case that caused a background update to fail if
+ the server had rejected an event that had duplicate auth
+ events. (#9537)
+ - Improved Documentation
+ - Update the example systemd config to propagate reloads to
+ individual units. (#9463)
+ - Internal Changes
+ - Add documentation and type hints to parse_duration. (#9432)
+ - Remove vestiges of uploads_path configuration setting.
+ (#9462)
+ - Add a comment about systemd-python. (#9464)
+ - Test that we require validated email for email pushers.
+ (#9496)
+ - Allow python to generate bytecode for synapse. (#9502)
+ - Fix incorrect type hints. (#9515, #9518)
+ - Add type hints to device and event report admin API. (#9519)
+ - Add type hints to user admin API. (#9521)
+ - Bump the versions of mypy and mypy-zope used for static type
+ checking. (#9529)
+
+-------------------------------------------------------------------
Old:
----
matrix-synapse-1.28.0.obscpio
New:
----
dont-bump-cryptography-with-system-openssl.patch
matrix-synapse-1.30.1.obscpio
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ matrix-synapse-test.spec ++++++
--- /var/tmp/diff_new_pack.tawMfd/_old 2021-03-28 11:58:52.640357567 +0200
+++ /var/tmp/diff_new_pack.tawMfd/_new 2021-03-28 11:58:52.640357567 +0200
@@ -27,7 +27,7 @@
%define pkgname matrix-synapse
Name: %{pkgname}-test
-Version: 1.28.0
+Version: 1.30.1
Release: 0
Summary: Test package for %{pkgname}
License: Apache-2.0
@@ -40,6 +40,7 @@
touch %{_sourcedir}/%{pkgname}
%build
+
%install
%check
++++++ matrix-synapse.spec ++++++
--- /var/tmp/diff_new_pack.tawMfd/_old 2021-03-28 11:58:52.664357589 +0200
+++ /var/tmp/diff_new_pack.tawMfd/_new 2021-03-28 11:58:52.664357589 +0200
@@ -45,7 +45,7 @@
%define pkgname matrix-synapse
%define eggname matrix_synapse
Name: %{pkgname}
-Version: 1.28.0
+Version: 1.30.1
Release: 0
Summary: Matrix protocol reference homeserver
License: Apache-2.0
@@ -61,6 +61,7 @@
# to clean up your working copy afterwards: git reset --hard ; rm -rv .pc
patches
Source99: series
Patch: matrix-synapse-1.4.1-paths.patch
+Patch1: dont-bump-cryptography-with-system-openssl.patch
BuildRequires: fdupes
BuildRequires: python-rpm-macros
BuildRequires: python3-base
@@ -83,7 +84,7 @@
%requires_eq python3-Twisted
BuildRequires: python3-attrs >= 17.4.0
%requires_eq python3-attrs
-BuildRequires: python3-bcrypt >= 3.1.0
+BuildRequires: python3-bcrypt >= 3.2.0
%requires_eq python3-bcrypt
BuildRequires: python3-bleach >= 1.4.3
%requires_eq python3-bleach
++++++ _service ++++++
--- /var/tmp/diff_new_pack.tawMfd/_old 2021-03-28 11:58:52.700357621 +0200
+++ /var/tmp/diff_new_pack.tawMfd/_new 2021-03-28 11:58:52.700357621 +0200
@@ -4,11 +4,11 @@
<param name="versionformat">@PARENT_TAG@</param>
<param name="url">https://github.com/matrix-org/synapse.git</param>
<param name="scm">git</param>
- <param name="revision">v1.28.0</param>
+ <param name="revision">v1.30.1</param>
<param name="versionrewrite-pattern">v(.*)</param>
<param name="versionrewrite-replacement">\1</param>
<!--
- <param name="revision">v1.28.0rc1</param>
+ <param name="revision">v1.30.0rc1</param>
<param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param>
<param name="versionrewrite-replacement">\1~\2</param>
-->
++++++ dont-bump-cryptography-with-system-openssl.patch ++++++
diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py
index 14ddaed02..eb2137c93 100644
--- a/synapse/python_dependencies.py
+++ b/synapse/python_dependencies.py
@@ -84,7 +84,7 @@ REQUIREMENTS = [
"typing-extensions>=3.7.4",
# We enforce that we have a `cryptography` version that bundles an
`openssl`
# with the latest security patches.
- "cryptography>=3.4.7;python_version>='3.6'",
+ # "cryptography>=3.4.7;python_version>='3.6'",
]
CONDITIONAL_REQUIREMENTS = {
++++++ matrix-synapse-1.28.0.obscpio -> matrix-synapse-1.30.1.obscpio ++++++
/work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse-1.28.0.obscpio
/work/SRC/openSUSE:Factory/.matrix-synapse.new.2401/matrix-synapse-1.30.1.obscpio
differ: char 49, line 1
++++++ matrix-synapse.obsinfo ++++++
--- /var/tmp/diff_new_pack.tawMfd/_old 2021-03-28 11:58:52.748357663 +0200
+++ /var/tmp/diff_new_pack.tawMfd/_new 2021-03-28 11:58:52.752357666 +0200
@@ -1,5 +1,5 @@
name: matrix-synapse
-version: 1.28.0
-mtime: 1614250039
-commit: 2756517f7a6e17d2403de44981569dc18329315b
+version: 1.30.1
+mtime: 1616761264
+commit: 262ed05f5b4bb1c489119129065babb29be7f3f1
