Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package matrix-synapse for openSUSE:Factory checked in at 2025-08-13 16:29:11 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/matrix-synapse (Old) and /work/SRC/openSUSE:Factory/.matrix-synapse.new.1085 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "matrix-synapse" Wed Aug 13 16:29:11 2025 rev:137 rq:1299100 version:1.136.0 Changes: -------- --- /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse.changes 2025-08-02 00:45:10.111062970 +0200 +++ /work/SRC/openSUSE:Factory/.matrix-synapse.new.1085/matrix-synapse.changes 2025-08-13 16:31:12.110120031 +0200 @@ -1,0 +2,139 @@ +Tue Aug 12 14:41:41 UTC 2025 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.136.0 (boo#1247970) + Please check the relevant section in the upgrade notes as this + release contains changes to MAS support, metrics labels and the + module API which may require your attention when upgrading. + + This is the Synapse portion of the Matrix coordinated security + release. This release includes support for room version 12 which + fixes a number of security vulnerabilities, including + CVE-2025-49090. + + The default room version is not changed. Not all clients will + support room version 12 immediately, and not all users will be + using the latest version of their clients. Large, public rooms + are advised to wait a few weeks before upgrading to room version + 12 to allow users throughout the Matrix ecosystem to update their + clients. + + https://github.com/element-hq/synapse/blob/develop/docs/upgrade.md#upgrading-to-v11360 + + - Features + - Add configurable rate limiting for the creation of rooms. + (#18514) + - Add support for MSC4293 - Redact on Kick/Ban. (#18540) + - When admins enable themselves to see soft-failed events, they + will also see if the cause is due to the policy server + flagging them as spam via unsigned. (#18585) + - Add ability to configure forward/outbound proxy via + homeserver config instead of environment variables. See + http_proxy, https_proxy, no_proxy_hosts. (#18686) + - Advertise experimental support for MSC4306 (Thread + Subscriptions) through /_matrix/clients/versions if enabled. + (#18722) + - Stabilise support for delegating authentication to Matrix + Authentication Service. (#18759) + - Implement the push rules for experimental MSC4306: Thread + Subscriptions. (#18762) + - Bugfixes + - Fix bug introduced in 1.135.2 and 1.136.0rc2 where the Make + Room Admin API would not treat a room v12's creator power + level as the highest in room. (#18805) + - Update MSC4293 redaction logic for room v12. (#80) + - Allow return code 403 (allowed by C2S Spec since v1.2) when + fetching profiles via federation. (#18696) + - Register the MSC4306 (Thread Subscriptions) endpoints in the + CS API when the experimental feature is enabled. (#18726) + - Fix a long-standing bug where suspended users could not have + server notices sent to them (a 403 was returned to the + admin). (#18750) + - Fix an issue that could cause logcontexts to be lost on + rate-limited requests. Found by @realtyem. (#18763) + - Fix invalidation of storage cache that was broken in 1.135.0. + (#18786) + - Improved Documentation + - Minor improvements to README. (#18700) + - Document that there can be multiple workers handling the + receipts stream. (#18760) + - Improve worker documentation for some device paths. (#18761) + - Deprecations and Removals + - Deprecate run_as_background_process exported as part of the + module API interface in favor of + ModuleApi.run_as_background_process. See the relevant section + in the upgrade notes for more information. (#18737) + - Internal Changes + - Add a parameter to upgrade_rooms(..) to allow auto join local + users. (#82) + - Add debug logging for HMAC digest verification failures when + using the admin API to register users. (#18474) + - Speed up upgrading a room with large numbers of banned users. + (#18574) + - Fix config documentation generation script on Windows by + enforcing UTF-8. (#18580) + - Refactor cache, background process, Counter, LaterGauge, + GaugeBucketCollector, Histogram, and Gauge metrics to be + homeserver-scoped. (#18656, #18714, #18715, #18724, #18753, + #18725, #18670, #18748, #18751) + - Reduce database usage in Sliding Sync by not querying for + background update completion after the update is known to be + complete. (#18718) + - Improve order of validation and ratelimiting in room + creation. (#18723) + - Bump minimum version bound on Twisted to 21.2.0. (#18727, + #18729) + - Use twisted.internet.testing module in tests instead of + deprecated twisted.test.proto_helpers. (#18728) + - Remove obsolete /send_event replication endpoint. (#18730) + - Update metrics linting to be able to handle custom metrics. + (#18733) + - Work around twisted.protocols.amp.TooLong error by reducing + logging in some tests. (#18736) + - Prevent "Move labelled issues to correct projects" GitHub + Actions workflow from failing when an issue is already on the + project board. (#18755) + - Bump minimum supported Rust version (MSRV) to 1.82.0. Missed + in #18553 (released in Synapse 1.134.0). (#18757) + - Make Clock.sleep(...) return a coroutine, so that mypy can + catch places where we don't await on it. (#18772) + - Update implementation of MSC4306: Thread Subscriptions to + include automatic subscription conflict prevention as + introduced in later drafts. (#18756) + - Updates to locked dependencies + - Bump gitpython from 3.1.44 to 3.1.45. (#18743) + - Bump mypy-zope from 1.0.12 to 1.0.13. (#18744) + - Bump phonenumbers from 9.0.9 to 9.0.10. (#18741) + - Bump ruff from 0.12.4 to 0.12.5. (#18742) + - Bump sentry-sdk from 2.32.0 to 2.33.2. (#18745) + - Bump tokio from 1.46.1 to 1.47.0. (#18740) + - Bump types-jsonschema from 4.24.0.20250708 to + 4.25.0.20250720. (#18703) + - Bump types-psycopg2 from 2.9.21.20250516 to 2.9.21.20250718. + (#18706) + +------------------------------------------------------------------- +Mon Aug 11 19:37:33 UTC 2025 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.135.2 + This is the Synapse portion of the Matrix coordinated security + release. This release includes support for room version 12 which + fixes a number of security vulnerabilities, including + CVE-2025-49090. + + The default room version is not changed. Not all clients will + support room version 12 immediately, and not all users will be + using the latest version of their clients. Large, public rooms + are advised to wait a few weeks before upgrading to room version + 12 to allow users throughout the Matrix ecosystem to update their + clients. + + - Bugfixes + - Fix invalidation of storage cache that was broken in 1.135.0. + (#18786) + - Internal Changes + - Add a parameter to upgrade_rooms(..) to allow auto join local + users. (#82) + - Speed up upgrading a room with large numbers of banned users. + (#18574) + +------------------------------------------------------------------- Old: ---- matrix-synapse-1.135.0.obscpio New: ---- matrix-synapse-1.136.0.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ matrix-synapse-test.spec ++++++ --- /var/tmp/diff_new_pack.Vv01HL/_old 2025-08-13 16:31:14.718229053 +0200 +++ /var/tmp/diff_new_pack.Vv01HL/_new 2025-08-13 16:31:14.722229220 +0200 @@ -2,7 +2,6 @@ # spec file for package matrix-synapse-test # # Copyright (c) 2025 SUSE LLC and contributors -# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -28,7 +27,7 @@ %define pkgname matrix-synapse Name: %{pkgname}-test -Version: 1.135.0 +Version: 1.136.0 Release: 0 Summary: Test package for %{pkgname} License: AGPL-3.0-or-later ++++++ matrix-synapse.spec ++++++ --- /var/tmp/diff_new_pack.Vv01HL/_old 2025-08-13 16:31:14.766231060 +0200 +++ /var/tmp/diff_new_pack.Vv01HL/_new 2025-08-13 16:31:14.766231060 +0200 @@ -2,7 +2,6 @@ # spec file for package matrix-synapse # # Copyright (c) 2025 SUSE LLC and contributors -# Copyright (c) 2025 SUSE LLC and contributors # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -38,7 +37,7 @@ %global matrix_common_max_version 2 %global msgpack_version 1.1.0 %global netaddr_version 1.3.0 -%global phonenumbers_version 9.0.9 +%global phonenumbers_version 9.0.10 %global prometheus_client_version 0.20.0 %global psutil_version 2.0.0 %global pyOpenSSL_version 25.0.0 @@ -60,6 +59,7 @@ # TOOD: 1.6.1 %global Authlib_version 1.6.0 %global lxml_version 6.0.0 +# TODO: 2.34.1 %global sentry_sdk_version 2.20.0 %global PyJWT_version 2.6.0 %global jaeger_client_version 4.8.0 @@ -76,7 +76,7 @@ %global Jinja2_version 3.0 %global Pillow_version 10.0.1 %global PyYAML_version 5.3 -%global Twisted_version 18.9.0 +%global Twisted_version 21.2.0 %global attrs_version 21.1.1 %global bcrypt_version 3.1.7 %global bleach_version 1.4.3 @@ -103,7 +103,7 @@ %global sortedcontainers_version 1.5.2 %global systemd_version 231 %global typing_extensions_version 3.10.0 -%global treq_version 15.1 +%global treq_version 21.5.0 %global unpaddedbase64_version 2.1.0 %global matrix_synapse_ldap3_version 0.2.1 %global packaging_version 20.0 @@ -157,7 +157,7 @@ %define pkgname matrix-synapse %define eggname matrix_synapse Name: %{pkgname} -Version: 1.135.0 +Version: 1.136.0 Release: 0 Summary: Matrix protocol reference homeserver License: AGPL-3.0-or-later ++++++ _service ++++++ --- /var/tmp/diff_new_pack.Vv01HL/_old 2025-08-13 16:31:14.838234069 +0200 +++ /var/tmp/diff_new_pack.Vv01HL/_new 2025-08-13 16:31:14.838234069 +0200 @@ -4,11 +4,11 @@ <param name="versionformat">@PARENT_TAG@</param> <param name="url">https://github.com/element-hq/synapse.git</param> <param name="scm">git</param> - <param name="revision">v1.135.0</param> + <param name="revision">v1.136.0</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="versionrewrite-replacement">\1</param> <!-- - <param name="revision">v1.136.0rc1</param> + <param name="revision">v1.137.0rc1</param> <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param> <param name="versionrewrite-replacement">\1~\2</param> --> ++++++ matrix-synapse-1.135.0.obscpio -> matrix-synapse-1.136.0.obscpio ++++++ ++++ 26506 lines of diff (skipped) ++++++ matrix-synapse.obsinfo ++++++ --- /var/tmp/diff_new_pack.Vv01HL/_old 2025-08-13 16:31:17.778356970 +0200 +++ /var/tmp/diff_new_pack.Vv01HL/_new 2025-08-13 16:31:17.782357137 +0200 @@ -1,5 +1,5 @@ name: matrix-synapse -version: 1.135.0 -mtime: 1754050353 -commit: edac7a471f92479bed1143c8fa8b7719fef05112 +version: 1.136.0 +mtime: 1755001198 +commit: e8c6cb3d9e4cc5a20c40f9b6d79d5bfdfa73fcab ++++++ vendor.tar.zst ++++++ /work/SRC/openSUSE:Factory/matrix-synapse/vendor.tar.zst /work/SRC/openSUSE:Factory/.matrix-synapse.new.1085/vendor.tar.zst differ: char 7, line 1
