diff --git a/CHANGES.md b/CHANGES.md index ee1eb9a582..518781f931 100644 --- a/CHANGES.md +++ b/CHANGES.md @@ -1,3 +1,27 @@ +Synapse 1.56.0 (2022-04-05) +=========================== + +Synapse will now refuse to start up if open registration is enabled, in order to help mitigate +abuse across the federation. If you would like +to provide registration to anyone, consider adding [email](https://github.com/matrix-org/synapse/blob/8a519f8abc6de772167c2cca101d22ee2052fafc/docs/sample_config.yaml#L1285), +[recaptcha](https://matrix-org.github.io/synapse/v1.56/CAPTCHA_SETUP.html) +or [token-based](https://matrix-org.github.io/synapse/v1.56/usage/administration/admin_api/registration_tokens.html) verification +in order to prevent automated registration from bad actors. +This check can be disabled by setting the `enable_registration_without_verification` option in your +homeserver configuration file to `true`. More details are available in the +[upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade.html#open-registration-without-verification-is-now-disabled-by-default). + +Synapse will additionally now refuse to start when using PostgreSQL with a non-`C` values for `COLLATE` and `CTYPE`, unless +the config flag `allow_unsafe_locale`, found in the database section of the configuration file, is set to `true`. See the +[upgrade notes](https://matrix-org.github.io/synapse/v1.56/upgrade#change-in-behaviour-for-postgresql-databases-with-unsafe-locale) +for details. + +Internal Changes +---------------- + +- Bump the version of `black` for compatibility with the latest `click` release. ([\#12320](https://github.com/matrix-org/synapse/issues/12320)) + + Synapse 1.56.0rc1 (2022-03-29) ============================== @@ -33,7 +57,7 @@ Internal Changes - Rename `shared_rooms` to `mutual_rooms` ([MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)), as per proposal changes. ([\#12036](https://github.com/matrix-org/synapse/issues/12036)) - Remove check on `update_user_directory` for shared rooms handler ([MSC2666](https://github.com/matrix-org/matrix-doc/pull/2666)), and update/expand documentation. ([\#12038](https://github.com/matrix-org/synapse/issues/12038)) - Refactor `create_new_client_event` to use a new parameter, `state_event_ids`, which accurately describes the usage with [MSC2716](https://github.com/matrix-org/matrix-doc/pull/2716) instead of abusing `auth_event_ids`. ([\#12083](https://github.com/matrix-org/synapse/issues/12083), [\#12304](https://github.com/matrix-org/synapse/issues/12304)) -- Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set. ([\#12091](https://github.com/matrix-org/synapse/issues/12091)) +- Refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config flag `enable_registration_without_verification` is set to `true`. ([\#12091](https://github.com/matrix-org/synapse/issues/12091), [\#12322](https://github.com/matrix-org/synapse/issues/12322)) - Add tests for database transaction callbacks. ([\#12198](https://github.com/matrix-org/synapse/issues/12198)) - Handle cancellation in `DatabasePool.runInteraction`. ([\#12199](https://github.com/matrix-org/synapse/issues/12199)) - Add missing type hints for cache storage. ([\#12216](https://github.com/matrix-org/synapse/issues/12216)) @@ -6441,4 +6465,4 @@ Internal Changes - Don't run CI build checks until sample config check has passed. ([\#5370](https://github.com/matrix-org/synapse/issues/5370)) - Automatically retry buildkite builds (max twice) when an agent is lost. ([\#5380](https://github.com/matrix-org/synapse/issues/5380)) -**Changelogs for versions older than 1.0.0 can be found [here](CHANGES-pre-1.0.md).** \ No newline at end of file +**Changelogs for versions older than 1.0.0 can be found [here](CHANGES-pre-1.0.md).** diff --git a/debian/changelog b/debian/changelog index d04954457d..903d98af02 100644 --- a/debian/changelog +++ b/debian/changelog @@ -1,3 +1,9 @@ +matrix-synapse-py3 (1.56.0) stable; urgency=medium + + * New synapse release 1.56.0. + + -- Synapse Packaging team Tue, 05 Apr 2022 12:38:39 +0100 + matrix-synapse-py3 (1.56.0~rc1) stable; urgency=medium * New synapse release 1.56.0~rc1. diff --git a/docs/upgrade.md b/docs/upgrade.md index f6d226526a..de3444930e 100644 --- a/docs/upgrade.md +++ b/docs/upgrade.md @@ -100,6 +100,11 @@ deployments where no applciation services are in use can be upgraded as normal. # Upgrading to v1.56.0 +## Open registration without verification is now disabled by default + +Synapse will refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config +flag `enable_registration_without_verification` is set to "true". + ## Groups/communities feature has been deprecated The non-standard groups/communities feature in Synapse has been deprecated and will @@ -121,12 +126,6 @@ for more information and instructions on how to fix a database with incorrect va # Upgrading to v1.55.0 -## Open registration without verification is now disabled by default - -Synapse will refuse to start if registration is enabled without email, captcha, or token-based verification unless the new config -flag `enable_registration_without_verification` is set to "true". - - ## `synctl` script has been moved The `synctl` script diff --git a/synapse/__init__.py b/synapse/__init__.py index 0960305d79..2e6510537f 100644 --- a/synapse/__init__.py +++ b/synapse/__init__.py @@ -68,7 +68,7 @@ try: except ImportError: pass -__version__ = "1.56.0rc1" +__version__ = "1.56.0" if bool(os.environ.get("SYNAPSE_TEST_PATCH_LOG_CONTEXTS", False)): # We import here so that we don't have to install a bunch of deps when diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py index 8419ab3aca..d02cca0bbb 100644 --- a/synapse/python_dependencies.py +++ b/synapse/python_dependencies.py @@ -48,7 +48,7 @@ REQUIREMENTS = [ "unpaddedbase64>=1.1.0", "canonicaljson>=1.4.0", # we use the type definitions added in signedjson 1.1. - "signedjson>=1.1.0", + "signedjson>=1.1.0,<=1.1.1", "pynacl>=1.2.1", "idna>=2.5", # validating SSL certs for IP addresses requires service_identity 18.1.