v1.124.0

Synapse 1.124.0 (2025-02-11)

No significant changes since 1.124.0rc3.

Synapse 1.124.0rc3 (2025-02-07)

Bugfixes

• Fix regression in performance of sending events due to superfluous reads and locks. Introduced in v1.124.0rc1. (#18141)

Synapse 1.124.0rc2 (2025-02-05)

Bugfixes

• Fix regression where persisting events in some rooms could fail after a previous unclean shutdown. Introduced in v1.124.0rc1. (#18137)

Synapse 1.124.0rc1 (2025-02-04)

Bugfixes

• Add rate limit rc_presence.per_user. This prevents load from excessive presence updates sent by clients via sync api. Also rate limit /_matrix/client/v3/presence as per the spec. Contributed by @rda0. (#18000)
• Deactivated users will no longer automatically accept an invite when auto_accept_invites is enabled. (#18073)
• Fix join being denied after being invited over federation. Also fixes other out-of-band membership transitions. (#18075)
• Updates contributed docker-compose.yml file to PostgreSQL v15, as v12 is no longer supported by Synapse.
  Contributed by @maxkratz. (#18089)
• Fix rare edge case where state groups could be deleted while we are persisting new events that reference them. (#18107, #18130, #18131)
• Raise an error if someone is using an incorrect suffix in a config duration string. (#18112)
• Fix a bug where the Delete Room Admin API would fail if the block parameter was set to true and a worker other than the main process was configured to handle background tasks. (#18119)

Internal Changes

• Increase the length of the generated nonce parameter when perfoming OIDC logins to comply with the TI-Messenger spec. (#18109)

Updates to locked dependencies

• Bump dawidd6/action-download-artifact from 7 to 8. (#18108)
• Bump log from 0.4.22 to 0.4.25. (#18098)
• Bump python-multipart from 0.0.18 to 0.0.20. (#18096)
• Bump serde_json from 1.0.135 to 1.0.137. (#18099)
• Bump types-bleach from 6.1.0.20240331 to 6.2.0.20241123. (#18082)

v1.124.0rc3

Synapse 1.124.0rc3 (2025-02-07)

Bugfixes

• Fix regression in performance of sending events due to superfluous reads and locks. Introduced in v1.124.0rc1. (#18141)

v1.124.0rc2

Synapse 1.124.0rc2 (2025-02-05)

Bugfixes

• Fix regression where persisting events in some rooms could fail after a previous unclean shutdown. Introduced in v1.124.0rc1. (#18137)

v1.124.0rc1

Synapse 1.124.0rc1 (2025-02-04)

Bugfixes

• Add rate limit rc_presence.per_user. This prevents load from excessive presence updates sent by clients via sync api. Also rate limit /_matrix/client/v3/presence as per the spec. Contributed by @rda0. (#18000)
• Deactivated users will no longer automatically accept an invite when auto_accept_invites is enabled. (#18073)
• Fix join being denied after being invited over federation. Also fixes other out-of-band membership transitions. (#18075)
• Updates contributed docker-compose.yml file to PostgreSQL v15, as v12 is no longer supported by Synapse.
  Contributed by @maxkratz. (#18089)
• Fix rare edge case where state groups could be deleted while we are persisting new events that reference them. (#18107, #18130, #18131)
• Raise an error if someone is using an incorrect suffix in a config duration string. (#18112)
• Fix a bug where the Delete Room Admin API would fail if the block parameter was set to true and a worker other than the main process was configured to handle background tasks. (#18119)

Internal Changes

• Increase the length of the generated nonce parameter when perfoming OIDC logins to comply with the TI-Messenger spec. (#18109)

Updates to locked dependencies

• Bump dawidd6/action-download-artifact from 7 to 8. (#18108)
• Bump log from 0.4.22 to 0.4.25. (#18098)
• Bump python-multipart from 0.0.18 to 0.0.20. (#18096)
• Bump serde_json from 1.0.135 to 1.0.137. (#18099)
• Bump types-bleach from 6.1.0.20240331 to 6.2.0.20241123. (#18082)

v1.123.0

Synapse 1.123.0 (2025-01-28)

No significant changes since 1.123.0rc1.

Synapse 1.123.0rc1 (2025-01-21)

Features

• Implement MSC4133 for custom profile fields. Contributed by @clokep. (#17488)
• Add a query parameter type to the Room State Admin API that filters the state event. (#18035)
• Support the new /auth_metadata endpoint defined in MSC2965. (#18093)

Bugfixes

• Fix membership caches not updating in state reset scenarios. (#17732)
• Fix rare race where on upgrade to v1.122.0 a long running database upgrade could lock out new events from being received or sent. (#18091)

Improved Documentation

• Document tls option for a worker instance in instance_map. (#18064)

Deprecations and Removals

• Remove the unstable MSC4151 implementation. The stable support remains, per Matrix 1.13. (#18052)

Internal Changes

• Increase invite rate limits (rc_invites.per_issuer) for Complement. (#18072)

Updates to locked dependencies

• Bump jinja2 from 3.1.4 to 3.1.5. (#18067)
• Bump mypy from 1.12.1 to 1.13.0. (#18083)
• Bump pillow from 11.0.0 to 11.1.0. (#18084)
• Bump pyo3 from 0.23.3 to 0.23.4. (#18079)
• Bump pyopenssl from 24.2.1 to 24.3.0. (#18062)
• Bump serde_json from 1.0.134 to 1.0.135. (#18081)
• Bump ulid from 1.1.3 to 1.1.4. (#18080)

v1.123.0rc1

Synapse 1.123.0rc1 (2025-01-21)

Features

• Implement MSC4133 for custom profile fields. Contributed by @clokep. (#17488)
• Add a query parameter type to the Room State Admin API that filters the state event. (#18035)
• Support the new /auth_metadata endpoint defined in MSC2965. (#18093)

Bugfixes

• Fix membership caches not updating in state reset scenarios. (#17732)
• Fix rare race where on upgrade to v1.122.0 a long running database upgrade could lock out new events from being received or sent. (#18091)

Improved Documentation

• Document tls option for a worker instance in instance_map. (#18064)

Deprecations and Removals

• Remove the unstable MSC4151 implementation. The stable support remains, per Matrix 1.13. (#18052)

Internal Changes

• Increase invite rate limits (rc_invites.per_issuer) for Complement. (#18072)

Updates to locked dependencies

• Bump jinja2 from 3.1.4 to 3.1.5. (#18067)
• Bump mypy from 1.12.1 to 1.13.0. (#18083)
• Bump pillow from 11.0.0 to 11.1.0. (#18084)
• Bump pyo3 from 0.23.3 to 0.23.4. (#18079)
• Bump pyopenssl from 24.2.1 to 24.3.0. (#18062)
• Bump serde_json from 1.0.134 to 1.0.135. (#18081)
• Bump ulid from 1.1.3 to 1.1.4. (#18080)

v1.122.0

Synapse 1.122.0 (2025-01-14)

Please note that this version of Synapse drops support for PostgreSQL 11 and 12. The minimum version of PostgreSQL supported is now version 13.

No significant changes since 1.122.0rc1.

Synapse 1.122.0rc1 (2025-01-07)

Deprecations and Removals

• Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034)

Features

• Added the email.tlsname config option. This allows specifying the domain name used to validate the SMTP server's TLS certificate separately from the email.smtp_host to connect to. (#17849)
• Module developers will have access to the user ID of the requester when adding check_username_for_spam callbacks to spam_checker_module_callbacks. Contributed by [email protected]. (#17916)
• Add endpoints to the Admin API to fetch the number of invites the provided user has sent after a given timestamp,
  fetch the number of rooms the provided user has joined after a given timestamp, and get report IDs of event
  reports against a provided user (i.e. where the user was the sender of the reported event). (#17948)
• Support stable account suspension from MSC3823. (#17964)
• Add macaroon_secret_key_path config option. (#17983)

Bugfixes

• Fix bug when rejecting withdrew invite with a third_party_rules module, where the invite would be stuck for the client. (#17930)
• Properly purge state groups tables when purging a room with the Admin API. (#18024)
• Fix a bug preventing the admin redaction endpoint from working on messages from remote users. (#18029, #18043)

Improved Documentation

• Update synapse.app.generic_worker documentation to only recommend GET requests for stream writer routes by default, unless the worker is also configured as a stream writer. Contributed by @evoL. (#17954)
• Add documentation for the previously-undocumented last_seen_ts query parameter to the query user Admin API. (#17976)
• Improve documentation for the TaskScheduler class. (#17992)
• Fix example in reverse proxy docs to include server port. (#17994)
• Update Alpine Linux Synapse Package Maintainer within the installation instructions. (#17846)

Internal Changes

• Add RoomID & EventID rust types. (#17996)
• Fix various type errors across the codebase. (#17998)
• Disable DB statement timeout when doing a room purge since it can be quite long. (#18017)
• Remove some remaining uses of twisted.internet.defer.returnValue. Contributed by Colin Watson. (#18020)
• Refactor get_profile to no longer include fields with a value of None. (#18063)

Updates to locked dependencies

• Bump anyhow from 1.0.93 to 1.0.95. (#18012, #18045)
• Bump authlib from 1.3.2 to 1.4.0. (#18048)
• Bump dawidd6/action-download-artifact from 6 to 7. (#17981)
• Bump http from 1.1.0 to 1.2.0. (#18013)

• Bump mypy from 1.11.2 to 1.12.1. (#17999)

• Bump mypy-zope from 1.0.8 to 1.0.9. (#18047)
• Bump pillow from 10.4.0 to 11.0.0. (#18015)
• Bump pydantic from 2.9.2 to 2.10.3. (#18014)
• Bump pyicu from 2.13.1 to 2.14. (#18060)
• Bump pyo3 from 0.23.2 to 0.23.3. (#18001)
• Bump python-multipart from 0.0.16 to 0.0.18. (#17985)
• Bump sentry-sdk from 2.17.0 to 2.19.2. (#18061)
• Bump serde from 1.0.215 to 1.0.217. (#18031, #18059)
• Bump serde_json from 1.0.133 to 1.0.134. (#18044)
• Bump twine from 5.1.1 to 6.0.1. (#18049)

Changelogs for older versions can be found here.

Synapse 1.122.0rc1 (2025-01-07)

Please note that this version of Synapse drops support for PostgreSQL 11 and 12. The minimum version of PostgreSQL supported is now version 13.

Deprecations and Removals

• Remove support for PostgreSQL 11 and 12. Contributed by @clokep. (#18034)

Features

• Added the email.tlsname config option. This allows specifying the domain name used to validate the SMTP server's TLS certificate separately from the email.smtp_host to connect to. (#17849)
• Module developers will have access to the user ID of the requester when adding check_username_for_spam callbacks to spam_checker_module_callbacks. Contributed by [email protected]. (#17916)
• Add endpoints to the Admin API to fetch the number of invites the provided user has sent after a given timestamp,
  fetch the number of rooms the provided user has joined after a given timestamp, and get report IDs of event
  reports against a provided user (i.e. where the user was the sender of the reported event). (#17948)
• Support stable account suspension from MSC3823. (#17964)
• Add macaroon_secret_key_path config option. (#17983)

Bugfixes

• Fix bug when rejecting withdrew invite with a third_party_rules module, where the invite would be stuck for the client. (#17930)
• Properly purge state groups tables when purging a room with the Admin API. (#18024)
• Fix a bug preventing the admin redaction endpoint from working on messages from remote users. (#18029, #18043)

Improved Documentation

• Update synapse.app.generic_worker documentation to only recommend GET requests for stream writer routes by default, unless the worker is also configured as a stream writer. Contributed by @evoL. (#17954)
• Add documentation for the previously-undocumented last_seen_ts query parameter to the query user Admin API. (#17976)
• Improve documentation for the TaskScheduler class. (#17992)
• Fix example in reverse proxy docs to include server port. (#17994)
• Update Alpine Linux Synapse Package Maintainer within the installation instructions. (#17846)

Internal Changes

• Add RoomID & EventID rust types. (#17996)
• Fix various type errors across the codebase. (#17998)
• Disable DB statement timeout when doing a room purge since it can be quite long. (#18017)
• Remove some remaining uses of twisted.internet.defer.returnValue. Contributed by Colin Watson. (#18020)
• Refactor get_profile to no longer include fields with a value of None. (#18063)

Updates to locked dependencies

• Bump anyhow from 1.0.93 to 1.0.95. (#18012, #18045)
• Bump authlib from 1.3.2 to 1.4.0. (#18048)
• Bump dawidd6/action-download-artifact from 6 to 7. (#17981)
• Bump http from 1.1.0 to 1.2.0. (#18013)

• Bump mypy from 1.11.2 to 1.12.1. (#17999)

• Bump mypy-zope from 1.0.8 to 1.0.9. (#18047)
• Bump pillow from 10.4.0 to 11.0.0. (#18015)
• Bump pydantic from 2.9.2 to 2.10.3. (#18014)
• Bump pyicu from 2.13.1 to 2.14. (#18060)
• Bump pyo3 from 0.23.2 to 0.23.3. (#18001)
• Bump python-multipart from 0.0.16 to 0.0.18. (#17985)
• Bump sentry-sdk from 2.17.0 to 2.19.2. (#18061)
• Bump serde from 1.0.215 to 1.0.217. (#18031, #18059)
• Bump serde_json from 1.0.133 to 1.0.134. (#18044)
• Bump twine from 5.1.1 to 6.0.1. (#18049)

v1.121.1

Synapse 1.121.1 (2024-12-11)

This release contains a fix for our docker build CI. It is functionally identical to 1.121.0, whose changelog is below.

Internal Changes

• Downgrade the Ubuntu GHA runner when building docker images. (#18026)

Synapse 1.121.0 (2024-12-11)

Internal Changes

• Fix release process to not create duplicate releases. (#18025)

Synapse 1.121.0rc1 (2024-12-04)

Features

• Support for MSC4190: device management for Application Services. (#17705)
• Update MSC4186 Sliding Sync to include invite, ban, kick, targets when $LAZY-loading room members. (#17947)
• Use stable M_USER_LOCKED error code for locked accounts, as per Matrix 1.12. (#17965)
• MSC4076: Add disable_badge_count to pusher configuration. (#17975)

Bugfixes

• Fix long-standing bug where read receipts could get overly delayed being sent over federation. (#17933)

Improved Documentation

• Add OIDC example configuration for Forgejo (fork of Gitea). (#17872)
• Link to element-docker-demo from contrib/docker*. (#17953)

Internal Changes

• MSC4108: Add a Content-Type header on the PUT response to work around a faulty behavior in some caching reverse proxies. (#17253)
• Fix incorrect comment in new schema delta. (#17936)
• Raise setuptools_rust version cap to 1.10.2. (#17944)
• Enable encrypted appservice related experimental features in the complement docker image. (#17945)
• Return whether the user is suspended when querying the user account in the Admin API. (#17952)
• Fix new scheduled tasks jumping the queue. (#17962)
• Bump pyo3 and dependencies to v0.23.2. (#17966)
• Update setuptools-rust and fix building abi3 wheels in latest version. (#17969)
• Consolidate SSO redirects through /_matrix/client/v3/login/sso/redirect(/{idpId}). (#17972)
• Fix Docker and Complement config to be able to use public_baseurl. (#17986)
• Fix building wheels for MacOS which was temporarily disabled in Synapse 1.120.2. (#17993)
• Fix release process to not create duplicate releases. (#17970, #17995)

Updates to locked dependencies

• Bump bytes from 1.8.0 to 1.9.0. (#17982)
• Bump pysaml2 from 7.3.1 to 7.5.0. (#17978)
• Bump serde_json from 1.0.132 to 1.0.133. (#17939)
• Bump tomli from 2.0.2 to 2.1.0. (#17959)
• Bump tomli from 2.1.0 to 2.2.1. (#17979)
• Bump tornado from 6.4.1 to 6.4.2. (#17955)

v1.121.0

Synapse 1.121.0 (2024-12-11)

Note that docker images failed to build for this release. See v1.121.1, which is otherwise functionally identical, but has docker images published.

Internal Changes

• Fix release process to not create duplicate releases. (#18025)

Synapse 1.121.0rc1 (2024-12-04)

Features

• Support for MSC4190: device management for Application Services. (#17705)
• Update MSC4186 Sliding Sync to include invite, ban, kick, targets when $LAZY-loading room members. (#17947)
• Use stable M_USER_LOCKED error code for locked accounts, as per Matrix 1.12. (#17965)
• MSC4076: Add disable_badge_count to pusher configuration. (#17975)

Bugfixes

• Fix long-standing bug where read receipts could get overly delayed being sent over federation. (#17933)

Improved Documentation

• Add OIDC example configuration for Forgejo (fork of Gitea). (#17872)
• Link to element-docker-demo from contrib/docker*. (#17953)

Internal Changes

• MSC4108: Add a Content-Type header on the PUT response to work around a faulty behavior in some caching reverse proxies. (#17253)
• Fix incorrect comment in new schema delta. (#17936)
• Raise setuptools_rust version cap to 1.10.2. (#17944)
• Enable encrypted appservice related experimental features in the complement docker image. (#17945)
• Return whether the user is suspended when querying the user account in the Admin API. (#17952)
• Fix new scheduled tasks jumping the queue. (#17962)
• Bump pyo3 and dependencies to v0.23.2. (#17966)
• Update setuptools-rust and fix building abi3 wheels in latest version. (#17969)
• Consolidate SSO redirects through /_matrix/client/v3/login/sso/redirect(/{idpId}). (#17972)
• Fix Docker and Complement config to be able to use public_baseurl. (#17986)
• Fix building wheels for MacOS which was temporarily disabled in Synapse 1.120.2. (#17993)
• Fix release process to not create duplicate releases. (#17970, #17995)

Updates to locked dependencies

• Bump bytes from 1.8.0 to 1.9.0. (#17982)
• Bump pysaml2 from 7.3.1 to 7.5.0. (#17978)
• Bump serde_json from 1.0.132 to 1.0.133. (#17939)
• Bump tomli from 2.0.2 to 2.1.0. (#17959)
• Bump tomli from 2.1.0 to 2.2.1. (#17979)
• Bump tornado from 6.4.1 to 6.4.2. (#17955)