Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package matrix-synapse for openSUSE:Factory checked in at 2023-07-08 22:46:40 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/matrix-synapse (Old) and /work/SRC/openSUSE:Factory/.matrix-synapse.new.23466 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "matrix-synapse" Sat Jul 8 22:46:40 2023 rev:81 rq:1097110 version:1.85.2 Changes: -------- --- /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse.changes 2023-02-20 17:47:53.792124011 +0100 +++ /work/SRC/openSUSE:Factory/.matrix-synapse.new.23466/matrix-synapse.changes 2023-07-08 22:46:49.231006979 +0200 @@ -1,0 +2,749 @@ +Thu Jun 8 17:49:10 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.85.2 + - Bugfixes + - Fix regression where using TLS for HTTP replication between + workers did not work. Introduced in v1.85.0. (#15746) + +------------------------------------------------------------------- +Wed Jun 7 15:28:24 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.85.1 + Note: this release only fixes a bug that stopped some deployments + from upgrading to v1.85.0. There is no need to upgrade to v1.85.1 + if successfully running v1.85.0. + + - Bugfixes + - Fix bug in schema delta that broke upgrades for some + deployments. Introduced in v1.85.0. (#15738, #15739) + +------------------------------------------------------------------- +Tue Jun 6 11:34:10 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- make use that the pythons define and use_python do not diverge by + moving them closer to each other. + +------------------------------------------------------------------- +Tue Jun 6 10:06:46 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.85.0 + - Security + + - GHSA-26c5-ppr8-f33p / CVE-2023-32682 â Low Severity It may be + possible for a deactivated user to login when using uncommon + configurations. (boo#1212055) + + - GHSA-98px-6486-j7qc / CVE-2023-32683 â Low Severity A + discovered oEmbed or image URL can bypass the + url_preview_url_blacklist setting potentially allowing server + side request forgery or bypassing network policies. Impact is + limited to IP addresses allowed by the + url_preview_ip_range_blacklist setting (by default this only + allows public IPs). (boo#1212054) + + - Features + - Improve performance of backfill requests by performing + backfill of previously failed requests in the background. + (#15585) + - Add a new admin API to create a new device for a user. + (#15611) + - Add Unix socket support for Redis connections. Contributed by + Jason Little. (#15644) + - Bugfixes + - Fix a performance issue introduced in Synapse v1.83.0 which + meant that purging rooms was very slow and + database-intensive. (#15693) + - Fix a long-standing bug where setting the read marker could + fail when using message retention. Contributed by Nick @ + Beeper (@Fizzadar). (#15464) + - Fix a long-standing bug where the url_preview_url_blacklist + configuration setting was not applied to oEmbed or image URLs + found while previewing a URL. (#15601) + - Fix a long-standing bug where filters with multiple + backslashes were rejected. (#15607) + - Fix a bug introduced in Synapse 1.82.0 where the error + message displayed when validation of the + app_service_config_files config option fails would be + incorrectly formatted. (#15614) + - Fix a long-standing bug where deactivated users were still + able to login using the custom org.matrix.login.jwt login + type (if enabled). (#15624) + - Fix a long-standing bug where deactivated users were able to + login in uncommon situations. (#15634) + - Improved Documentation + - Warn users that at least 3.75GB of space is needed for the + nix Synapse development environment. (#15613) + - Remove outdated comment from the generated and sample + homeserver log configs. (#15648) + - Improve contributor docs to make it more clear that Rust is a + necessary prerequisite. Contributed by @grantm. (#15668) + - Deprecations and Removals + - Deprecate calling the /register endpoint with an unspecced + user property for application services. (#15703) + - Remove the old version of the R30 (30-day retained users) + phone-home metric. (#10428) + - Internal Changes + - Speed up background jobs populate_full_user_id_user_filters + and populate_full_user_id_profiles. (#15700) + - Create dependabot changelogs at release time. (#15481) + - Add not null constraint to column full_user_id of tables + profiles and user_filters. (#15537) + - Allow connecting to HTTP Replication Endpoints by using + worker_name when constructing the request. (#15578) + - Make the thread_id column on event_push_actions, + event_push_actions_staging, and event_push_summary non-null. + (#15597) + - Run mypy type checking with the minimum supported Python + version to catch new usage that isn't backwards-compatible. + (#15602) + - Fix subscriptable type usage in Python <3.9. (#15604) + - Update internal terminology. (#15606, #15620) + - Instrument state and state_group storage-related operations + to better picture what's happening when tracing. (#15610, + #15647) + - Trace how many new events from the backfill response we need + to process. (#15633) + - Re-type config paths in ConfigErrors to be StrSequences + instead of Iterable[str]s. (#15615) + - Update Mutual Rooms (MSC2666) implementation to match new + proposal text. (#15621) + - Remove the unstable identifiers from faster joins (MSC3706). + (#15625) + - Fix the olddeps CI. (#15626) + - Remove duplicate timestamp from test logs + (_trial_temp/test.log). (#15636) + - Fix two memory leaks in trial test runs. (#15630) + - Limit the size of the HomeServerConfig cache in trial test + runs. (#15646) + - Improve type hints. (#15658, #15659) + - Add requesting user id parameter to key claim methods in + TransportLayerClient. (#15663) + - Speed up rebuilding of the user directory for local users. + (#15665) + - Implement "option 2" for MSC3820: Room version 11. (#15666, + #15678) + +------------------------------------------------------------------- +Fri May 26 19:16:23 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.84.1 + This patch release fixes a major issue with homeservers that do + not have an instance_map defined but which do use workers. If you + have already upgraded to Synapse 1.84.0 and your homeserver is + working normally, then there is no need to update to this patch + release. + + - Bugfixes + - Fix a bug introduced in Synapse v1.84.0 where workers do not + start up when no instance_map was provided. (#15672) + - Internal Changes + - Add dch and notify-send to the development Nix flake so that + the release script can be used. (#15673) + +------------------------------------------------------------------- +Wed May 24 00:15:46 UTC 2023 - Marcus Rueckert <mrueck...@suse.de> + +- Update to 1.84.0 + The worker_replication_* configuration settings have been + deprecated in favour of configuring the main process consistently + with other instances in the instance_map. The deprecated settings + will be removed in Synapse v1.88.0, but changing your + configuration in advance is recommended. See the upgrade notes + for more information. + + https://github.com/matrix-org/synapse/blob/release-v1.84/docs/upgrade.md#upgrading-to-v1840 + + - Features + - Add an option to prevent media downloads from configured + domains. (#15197) + - Add forget_rooms_on_leave config option to automatically + forget rooms when users leave them or are removed from them. + (#15224) + - Add redis TLS configuration options. (#15312) + - Add a config option to delay push notifications by a random + amount, to discourage time-based profiling. (#15516) + - Stabilize support for MSC2659: application service ping + endpoint. Contributed by Tulir @ Beeper. (#15528) + - Implement MSC4009 to expand the supported characters in + Matrix IDs. (#15536) + - Advertise support for Matrix 1.6 on /_matrix/client/versions. + (#15559) + - Print full error and stack-trace of any exception that occurs + during startup/initialization. (#15569) + - Bugfixes + - Fix a bug introduced in Synapse 1.84.0rc1 where errors during + startup were not reported correctly on Python < 3.10. + (#15599) + - Don't fail on federation over TOR where SRV queries are not + supported. Contributed by Zdzichu. (#15523) + - Experimental support for MSC4010 which rejects setting the + "m.push_rules" via account data. (#15554, #15555) + - Fix a long-standing bug where an invalid membership event + could cause an internal server error. (#15564) + - Require at least poetry-core v1.1.0. (#15566, #15571) + - Deprecations and Removals + - Remove need for worker_replication_* based settings in worker + configuration yaml by placing this data directly on the + instance_map instead. (#15491) + - Updates to the Docker image + - Add pkg-config package to Stage 0 to be able to build + Dockerfile on ppc64le architecture. (#15567) + - Improved Documentation + - Clarify documentation of the "Create or modify account" Admin + API. (#15544) + - Fix path to the statistics/database/rooms admin API in + documentation. (#15560) + - Update and improve Mastodon Single Sign-On documentation. + (#15587) ++++ 552 more lines (skipped) ++++ between /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse.changes ++++ and /work/SRC/openSUSE:Factory/.matrix-synapse.new.23466/matrix-synapse.changes Old: ---- matrix-synapse-1.77.0.obscpio New: ---- matrix-synapse-1.85.2.obscpio ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ matrix-synapse-test.spec ++++++ --- /var/tmp/diff_new_pack.cfb2yY/_old 2023-07-08 22:46:51.687021742 +0200 +++ /var/tmp/diff_new_pack.cfb2yY/_new 2023-07-08 22:46:51.691021766 +0200 @@ -27,7 +27,7 @@ %define pkgname matrix-synapse Name: %{pkgname}-test -Version: 1.77.0 +Version: 1.85.2 Release: 0 Summary: Test package for %{pkgname} License: Apache-2.0 ++++++ matrix-synapse.spec ++++++ --- /var/tmp/diff_new_pack.cfb2yY/_old 2023-07-08 22:46:51.719021934 +0200 +++ /var/tmp/diff_new_pack.cfb2yY/_new 2023-07-08 22:46:51.723021959 +0200 @@ -27,22 +27,23 @@ %global attrs_version 22.2.0 %global bcrypt_version 4.0.1 %global bleach_version 5.0.1 -%global canonicaljson_version 1.6.4 -%global canonicaljson_max_version 2 -%global cryptography_version 38.0.4 -%global frozendict_version 2.3.4 +%global canonicaljson_version 2.0.0 +%global cryptography_version 40.0.2 +%global immutabledict_version 2.2.4 %global idna_version 3.4 %global ijson_version 3.1.4 %global jsonschema_version 4.17.3 %global matrix_common_version 1.3.0 %global matrix_common_max_version 2 -%global msgpack_version 1.0.4 +%global msgpack_version 1.0.5 %global netaddr_version 0.8.0 +# TODO: 8.13.11 %global phonenumbers_version 8.13.5 -%global prometheus_client_version 0.16.0 +%global prometheus_client_version 0.17.0 %global psutil_version 2.0.0 %global pyOpenSSL_version 23.0.0 %global pyasn1_version 0.4.8 +# TODO 0.3.0 %global pyasn1_modules_version 0.2.8 %global pymacaroons_version 0.13.0 %global service_identity_version 21.1.0 @@ -54,20 +55,22 @@ %global treq_version 22.2.0 %global unpaddedbase64_version 2.1.0 %global matrix_synapse_ldap3_version 0.2.2 -# TODO: bump to 22.0 -%global packaging_version 23.0 -%global psycopg2_version 2.9.5 +%global packaging_version 23.1 +%global psycopg2_version 2.9.6 +# TODO 7.3.1 %global pysaml2_version 7.2.1 %global Authlib_version 1.2.0 %global lxml_version 4.9.2 -%global sentry_sdk_version 1.11.1 +%global sentry_sdk_version 1.22.1 %global PyJWT_version 2.4.0 %global jaeger_client_version 4.8.0 %global opentracing_version 2.4.0 -%global hiredis_version 2.0.0 -%global txredisapi_version 1.4.7 +# TODO: 2.2.3 +%global hiredis_version 2.2.2 +%global txredisapi_version 1.4.9 %global Pympler_version 1.0.1 %global pydantic_version 1.9.1 +# TODO: 2.10.2 %global pyicu_version 2.10.2 %else # some version locks based on poetry.lock @@ -78,10 +81,9 @@ %global attrs_version 21.1.1 %global bcrypt_version 3.1.7 %global bleach_version 1.4.3 -%global canonicaljson_version 1.6.3 -%global canonicaljson_max_version 2 +%global canonicaljson_version 2.0.0 %global cryptography_version 3.4.7 -%global frozendict_version 2.1.3 +%global immutabledict_version 2.0 %global idna_version 2.5 %global ijson_version 3.2.0 %global jsonschema_version 3.0.0 @@ -122,8 +124,10 @@ %endif %define requires_peq() %(echo '%*' | LC_ALL=C xargs -r rpm -q --whatprovides --qf 'Requires: %%{name} = %%{epoch}:%%{version}\\n' | sed -e 's/ (none):/ /' -e 's/ 0:/ /' | grep -v "is not") -# only switch this back to python3 when frozendict supports the current default python version -%define pythons python310 + +%define use_python python3 + +%define pythons %{use_python} # These come from matrix-synapse's CONDITIONAL_REQUIREMENTS. # missing deps @@ -146,18 +150,11 @@ # https://github.com/matrix-org/synapse/releases or synapse/CHANGES.md # * Commit+submit -#if 0%{?suse_version} >= 1550 -#define use_python python38 -#define __python3 #{_bindir}/python3 -#else -%define use_python python310 -#endif - %define modname synapse %define pkgname matrix-synapse %define eggname matrix_synapse Name: %{pkgname} -Version: 1.77.0 +Version: 1.85.2 Release: 0 Summary: Matrix protocol reference homeserver License: Apache-2.0 @@ -182,7 +179,6 @@ Source100: 10719-Fix-instert-of-duplicate-key-into-event_json.patch BuildRequires: %{use_python}-base >= 3.8 BuildRequires: %{use_python}-pip -BuildRequires: %{use_python}-poetry-core >= 1.0.0 BuildRequires: %{use_python}-setuptools BuildRequires: %{use_python}-wheel BuildRequires: cargo @@ -192,10 +188,11 @@ BuildRequires: sysuser-shadow BuildRequires: sysuser-tools BuildRequires: unzip +BuildRequires: (%{use_python}-poetry-core >= 1.0.0 with %{use_python}-poetry-core =< 1.6.1) %{?systemd_ordering} %{sysusers_requires} %requires_peq %{use_python}-base -BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust < 1.5.3) +BuildRequires: (%{use_python}-setuptools-rust >= 1.3 with %{use_python}-setuptools-rust =< 1.6.0) # NOTE: Keep this is in the same order as pyproject.toml. # some version locks based on poetry.lock BuildRequires: %{use_python}-Jinja2 >= %{Jinja2_version} @@ -212,12 +209,12 @@ %requires_peq %{use_python}-bcrypt BuildRequires: %{use_python}-bleach >= %{bleach_version} %requires_peq %{use_python}-bleach -BuildRequires: (%{use_python}-canonicaljson >= %{canonicaljson_version} with %{use_python}-canonicaljson < %{canonicaljson_max_version}) +BuildRequires: (%{use_python}-canonicaljson >= %{canonicaljson_version}) %requires_peq %{use_python}-canonicaljson BuildRequires: %{use_python}-cryptography >= %{cryptography_version} %requires_peq %{use_python}-cryptography -BuildRequires: %{use_python}-frozendict >= %{frozendict_version} -%requires_peq %{use_python}-frozendict +BuildRequires: (%{use_python}-immutabledict >= %{immutabledict_version}) +%requires_peq %{use_python}-immutabledict BuildRequires: %{use_python}-idna >= %{idna_version} %requires_peq %{use_python}-idna BuildRequires: %{use_python}-ijson >= %{ijson_version} ++++++ _service ++++++ --- /var/tmp/diff_new_pack.cfb2yY/_old 2023-07-08 22:46:51.779022295 +0200 +++ /var/tmp/diff_new_pack.cfb2yY/_new 2023-07-08 22:46:51.783022319 +0200 @@ -4,11 +4,11 @@ <param name="versionformat">@PARENT_TAG@</param> <param name="url">https://github.com/matrix-org/synapse.git</param> <param name="scm">git</param> - <param name="revision">v1.77.0</param> + <param name="revision">v1.85.2</param> <param name="versionrewrite-pattern">v(.*)</param> <param name="versionrewrite-replacement">\1</param> <!-- - <param name="revision">v1.78.0rc1</param> + <param name="revision">v1.86.0rc1</param> <param name="versionrewrite-pattern">v([\.\d]+)(rc.*)</param> <param name="versionrewrite-replacement">\1~\2</param> --> ++++++ matrix-synapse-1.77.0.obscpio -> matrix-synapse-1.85.2.obscpio ++++++ /work/SRC/openSUSE:Factory/matrix-synapse/matrix-synapse-1.77.0.obscpio /work/SRC/openSUSE:Factory/.matrix-synapse.new.23466/matrix-synapse-1.85.2.obscpio differ: char 48, line 1 ++++++ matrix-synapse.obsinfo ++++++ --- /var/tmp/diff_new_pack.cfb2yY/_old 2023-07-08 22:46:51.855022752 +0200 +++ /var/tmp/diff_new_pack.cfb2yY/_new 2023-07-08 22:46:51.859022776 +0200 @@ -1,5 +1,5 @@ name: matrix-synapse -version: 1.77.0 -mtime: 1676375955 -commit: 3e90dfdd81c2c6dcaf1f21f24fbca0a4c820b150 +version: 1.85.2 +mtime: 1686226556 +commit: ac3a70a7dd4070bf3953b8913f7c316d701db588 ++++++ vendor.tar.zst ++++++ Binary files /var/tmp/diff_new_pack.cfb2yY/_old and /var/tmp/diff_new_pack.cfb2yY/_new differ
