Newsfile

Fix building and attaching release artefacts
2025-12-07 01:20:16 +00:00 · 2024-11-11 13:53:48 +00:00 · 2024-11-11 13:49:33 +00:00
65 changed files with 194 additions and 1348 deletions
--- a/.github/workflows/fix_lint.yaml
+++ b/.github/workflows/fix_lint.yaml
@@ -20,7 +20,7 @@ jobs:
        with:
          # We use nightly so that `fmt` correctly groups together imports, and
          # clippy correctly fixes up the benchmarks.
-          toolchain: nightly-2024-03-16
+          toolchain: nightly-2022-12-01
          components: rustfmt
      - uses: Swatinem/rust-cache@v2

--- a/.github/workflows/release-artifacts.yml
+++ b/.github/workflows/release-artifacts.yml
@@ -91,19 +91,10 @@ jobs:
          rm -rf /tmp/.buildx-cache
          mv /tmp/.buildx-cache-new /tmp/.buildx-cache

-      - name: Artifact name
-        id: artifact-name
-        # We can't have colons in the upload name of the artifact, so we convert
-        # e.g. `debian:sid` to `sid`.
-        env:
-          DISTRO: ${{ matrix.distro }}
-        run: |
-          echo "ARTIFACT_NAME=${DISTRO#*:}" >> "$GITHUB_OUTPUT"
-
      - name: Upload debs as artifacts
        uses: actions/upload-artifact@v4
        with:
-          name: debs-${{ steps.artifact-name.outputs.ARTIFACT_NAME }}
+          name: debs-${{ matrix.distro }}
          path: debs/*

  build-wheels:
@@ -212,7 +203,7 @@ jobs:
          mv debs*/* debs/
          tar -cvJf debs.tar.xz debs
      - name: Attach to release
-        uses: softprops/action-gh-release@v2
+        uses: softprops/action-gh-release@a929a66f232c1b11af63782948aa2210f981808a  # PR#109
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
@@ -220,3 +211,7 @@ jobs:
            Sdist/*
            Wheel*/*
            debs.tar.xz
+          # if it's not already published, keep the release as a draft.
+          draft: true
+          # mark it as a prerelease if the tag contains 'rc'.
+          prerelease: ${{ contains(github.ref, 'rc') }}
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -85,7 +85,7 @@ jobs:
    steps:
      - uses: actions/checkout@v4
      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2
      - uses: matrix-org/setup-python-poetry@v1
        with:
@@ -148,7 +148,7 @@ jobs:
        uses: actions/checkout@v4

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      - name: Setup Poetry
@@ -208,7 +208,7 @@ jobs:
        with:
          ref: ${{ github.event.pull_request.head.sha }}
      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2
      - uses: matrix-org/setup-python-poetry@v1
        with:
@@ -225,7 +225,7 @@ jobs:
      - uses: actions/checkout@v4

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
        with:
            components: clippy
      - uses: Swatinem/rust-cache@v2
@@ -245,7 +245,7 @@ jobs:
      - name: Install Rust
        uses: dtolnay/rust-toolchain@master
        with:
-            toolchain: nightly-2024-03-16
+            toolchain: nightly-2022-12-01
            components: clippy
      - uses: Swatinem/rust-cache@v2

@@ -263,7 +263,7 @@ jobs:
        uses: dtolnay/rust-toolchain@master
        with:
          # We use nightly so that it correctly groups together imports
-          toolchain: nightly-2024-03-16
+          toolchain: nightly-2022-12-01
          components: rustfmt
      - uses: Swatinem/rust-cache@v2

@@ -360,7 +360,7 @@ jobs:
            postgres:${{ matrix.job.postgres-version }}

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      - uses: matrix-org/setup-python-poetry@v1
@@ -402,7 +402,7 @@ jobs:
      - uses: actions/checkout@v4

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      # There aren't wheels for some of the older deps, so we need to install
@@ -517,7 +517,7 @@ jobs:
        run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      - name: Run SyTest
@@ -661,7 +661,7 @@ jobs:
          path: synapse

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      - name: Prepare Complement's Prerequisites
@@ -693,7 +693,7 @@ jobs:
      - uses: actions/checkout@v4

      - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.75.0
+        uses: dtolnay/rust-toolchain@1.66.0
      - uses: Swatinem/rust-cache@v2

      - run: cargo test
@@ -713,7 +713,7 @@ jobs:
      - name: Install Rust
        uses: dtolnay/rust-toolchain@master
        with:
-            toolchain: nightly-2024-03-16
+            toolchain: nightly-2022-12-01
      - uses: Swatinem/rust-cache@v2

      - run: cargo bench --no-run
--- a/CHANGES.md
+++ b/CHANGES.md
@@ -1,62 +1,3 @@
-# Synapse 1.119.0rc2 (2024-11-11)
-
-Note that due to packaging issues there was no v1.119.0rc1.
-
-### Python 3.8 support dropped
-
-Python 3.8 is [end-of-life](https://devguide.python.org/versions/) and is no longer supported by Synapse. The minimum supported Python version is now 3.9.
-
-If you are running Synapse with Python 3.8, please upgrade to Python 3.9 (or greater) before upgrading Synapse.
-
-### Features
-
- Support [MSC4151](https://github.com/matrix-org/matrix-spec-proposals/pull/4151)'s stable report room API. ([\#17374](https://github.com/element-hq/synapse/issues/17374))
- Add experimental support for [MSC4222](https://github.com/matrix-org/matrix-spec-proposals/pull/4222) (Adding `state_after` to sync v2). ([\#17888](https://github.com/element-hq/synapse/issues/17888))
-
-### Bugfixes
-
- Fix bug with sliding sync where `$LAZY`-loading room members would not return `required_state` membership in incremental syncs. ([\#17809](https://github.com/element-hq/synapse/issues/17809))
- Check if user has membership in a room before tagging it. Contributed by Lama Alosaimi. ([\#17839](https://github.com/element-hq/synapse/issues/17839))
- Fix a bug in the admin redact endpoint where the background task would not run if a worker was specified in
-  the config option `run_background_tasks_on`. ([\#17847](https://github.com/element-hq/synapse/issues/17847))
- Fix bug where some presence and typing timeouts can expire early. ([\#17850](https://github.com/element-hq/synapse/issues/17850))
- Fix detection when the built Rust library was outdated when using source installations. ([\#17861](https://github.com/element-hq/synapse/issues/17861))
- Fix a long-standing bug in Synapse which could cause one-time keys to be issued in the incorrect order, causing message decryption failures. ([\#17903](https://github.com/element-hq/synapse/pull/17903))
- Fix experimental support for [MSC4222](https://github.com/matrix-org/matrix-spec-proposals/pull/4222) (Adding `state_after` to sync v2) where we would return the full state on incremental syncs when using lazy loaded members and there were no new events in the timeline. ([\#17915](https://github.com/element-hq/synapse/pull/17915))
-
-### Internal Changes
-
- Remove support for python 3.8. ([\#17908](https://github.com/element-hq/synapse/issues/17908))
- Add a test for downloading and thumbnailing a CMYK JPEG. ([\#17786](https://github.com/element-hq/synapse/issues/17786))
- Refactor database calls to remove `Generator` usage. ([\#17813](https://github.com/element-hq/synapse/issues/17813), [\#17814](https://github.com/element-hq/synapse/issues/17814), [\#17815](https://github.com/element-hq/synapse/issues/17815), [\#17816](https://github.com/element-hq/synapse/issues/17816), [\#17817](https://github.com/element-hq/synapse/issues/17817), [\#17818](https://github.com/element-hq/synapse/issues/17818), [\#17890](https://github.com/element-hq/synapse/issues/17890))
- Include the destination in the error of 'Destination mismatch' on federation requests. ([\#17830](https://github.com/element-hq/synapse/issues/17830))
- The nix flake inside the repository no longer tracks nixpkgs/master to not catch the latest bugs from a PR merged 5 minutes ago. ([\#17852](https://github.com/element-hq/synapse/issues/17852))
- Minor speed-up of sliding sync by computing extensions results in parallel. ([\#17884](https://github.com/element-hq/synapse/issues/17884))
- Bump the default Python version in the Synapse Dockerfile from 3.11 -> 3.12. ([\#17887](https://github.com/element-hq/synapse/issues/17887))
- Remove usage of internal header encoding API. ([\#17894](https://github.com/element-hq/synapse/issues/17894))
- Use unique name for each os.arch variant when uploading Wheel artifacts. ([\#17905](https://github.com/element-hq/synapse/issues/17905))
- Fix tests to run with latest Twisted. ([\#17906](https://github.com/element-hq/synapse/pull/17906), [\#17907](https://github.com/element-hq/synapse/pull/17907), [\#17911](https://github.com/element-hq/synapse/pull/17911))
- Update version constraint to allow the latest poetry-core 1.9.1. ([\#17902](https://github.com/element-hq/synapse/pull/17902))
- Update the portdb CI to use Python 3.13 and Postgres 17 as latest dependencies. ([\#17909](https://github.com/element-hq/synapse/pull/17909))
- Add an index to `current_state_delta_stream` table. ([\#17912](https://github.com/element-hq/synapse/issues/17912))
- Fix building and attaching release artifacts during the release process. ([\#17921](https://github.com/element-hq/synapse/issues/17921))
-
-### Updates to locked dependencies
-
-* Bump actions/download-artifact & actions/upload-artifact from 3 to 4 in /.github/workflows. ([\#17657](https://github.com/element-hq/synapse/issues/17657))
-* Bump anyhow from 1.0.89 to 1.0.92. ([\#17858](https://github.com/element-hq/synapse/issues/17858), [\#17876](https://github.com/element-hq/synapse/issues/17876), [\#17901](https://github.com/element-hq/synapse/issues/17901))
-* Bump bytes from 1.7.2 to 1.8.0. ([\#17877](https://github.com/element-hq/synapse/issues/17877))
-* Bump cryptography from 43.0.1 to 43.0.3. ([\#17853](https://github.com/element-hq/synapse/issues/17853))
-* Bump mypy-zope from 1.0.7 to 1.0.8. ([\#17898](https://github.com/element-hq/synapse/issues/17898))
-* Bump phonenumbers from 8.13.47 to 8.13.49. ([\#17880](https://github.com/element-hq/synapse/issues/17880), [\#17899](https://github.com/element-hq/synapse/issues/17899))
-* Bump python-multipart from 0.0.12 to 0.0.16. ([\#17879](https://github.com/element-hq/synapse/issues/17879))
-* Bump regex from 1.11.0 to 1.11.1. ([\#17874](https://github.com/element-hq/synapse/issues/17874))
-* Bump ruff from 0.6.9 to 0.7.2. ([\#17868](https://github.com/element-hq/synapse/issues/17868), [\#17897](https://github.com/element-hq/synapse/issues/17897))
-* Bump serde from 1.0.210 to 1.0.214. ([\#17875](https://github.com/element-hq/synapse/issues/17875), [\#17900](https://github.com/element-hq/synapse/issues/17900))
-* Bump serde_json from 1.0.128 to 1.0.132. ([\#17857](https://github.com/element-hq/synapse/issues/17857))
-* Bump types-psycopg2 from 2.9.21.20240819 to 2.9.21.20241019. ([\#17855](https://github.com/element-hq/synapse/issues/17855))
-* Bump types-setuptools from 75.1.0.20241014 to 75.2.0.20241019. ([\#17856](https://github.com/element-hq/synapse/issues/17856))
-
 # Synapse 1.118.0 (2024-10-29)

 No significant changes since 1.118.0rc1.
--- a/Cargo.lock
+++ b/Cargo.lock
--- a/changelog.d/17374.feature
+++ b/changelog.d/17374.feature
@@ -0,0 +1 @@
+Support [MSC4151](https://github.com/matrix-org/matrix-spec-proposals/pull/4151)'s stable report room API.
--- a/changelog.d/17657.misc
+++ b/changelog.d/17657.misc
@@ -0,0 +1 @@
+Bump actions/download-artifact and actions/upload-artifact from v3 -> v4.
--- a/changelog.d/17786.misc
+++ b/changelog.d/17786.misc
@@ -0,0 +1 @@
+Add a test for downloading and thumbnailing a CMYK JPEG.
--- a/changelog.d/17809.bugfix
+++ b/changelog.d/17809.bugfix
@@ -0,0 +1 @@
+Fix bug with sliding sync where `$LAZY`-loading room members would not return `required_state` membership in incremental syncs.
--- a/changelog.d/17813.misc
+++ b/changelog.d/17813.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17814.misc
+++ b/changelog.d/17814.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17815.misc
+++ b/changelog.d/17815.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17816.misc
+++ b/changelog.d/17816.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17817.misc
+++ b/changelog.d/17817.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17818.misc
+++ b/changelog.d/17818.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17830.misc
+++ b/changelog.d/17830.misc
@@ -0,0 +1 @@
+Include the destination in the error of 'Destination mismatch' on federation requests.
--- a/changelog.d/17839.bugfix
+++ b/changelog.d/17839.bugfix
@@ -0,0 +1 @@
+Check if user has membership in a room before tagging it. Contributed by Lama Alosaimi.
--- a/changelog.d/17847.bugfix
+++ b/changelog.d/17847.bugfix
@@ -0,0 +1,2 @@
+Fix a bug in the admin redact endpoint where the background task would not run if a worker was specified in
+the config option `run_background_tasks_on`.
--- a/changelog.d/17850.bugfix
+++ b/changelog.d/17850.bugfix
@@ -0,0 +1 @@
+Fix bug when some presence and typing timeouts can expire early.
--- a/changelog.d/17852.misc
+++ b/changelog.d/17852.misc
@@ -0,0 +1 @@
+The nix flake inside the repository no longer tracks nixpkgs/master to not catch the latest bugs from a PR merged 5 minutes ago.
--- a/changelog.d/17861.bugfix
+++ b/changelog.d/17861.bugfix
@@ -0,0 +1 @@
+Fix detection when the built Rust library was outdated when using source installations.
--- a/changelog.d/17865.misc
+++ b/changelog.d/17865.misc
@@ -1 +0,0 @@
-Addressed some typos in docs and returned error message for unknown MXC ID.
--- a/changelog.d/17884.misc
+++ b/changelog.d/17884.misc
@@ -0,0 +1 @@
+Minor speed-up of sliding sync by computing extensions results in parallel.
--- a/changelog.d/17887.misc
+++ b/changelog.d/17887.misc
@@ -0,0 +1 @@
+Bump the default Python version in the Synapse Dockerfile from 3.11 -> 3.12.
--- a/changelog.d/17888.feature
+++ b/changelog.d/17888.feature
@@ -0,0 +1 @@
+Add experimental support for [MSC4222](https://github.com/matrix-org/matrix-spec-proposals/pull/4222).
--- a/changelog.d/17890.misc
+++ b/changelog.d/17890.misc
@@ -0,0 +1 @@
+Refactor database calls to remove `Generator` usage.
--- a/changelog.d/17894.misc
+++ b/changelog.d/17894.misc
@@ -0,0 +1 @@
+Remove usage of internal header encoding API.
--- a/changelog.d/17902.misc
+++ b/changelog.d/17902.misc
@@ -0,0 +1 @@
+Update version constraint to allow the latest poetry-core 1.9.1.
--- a/changelog.d/17903.bugfix
+++ b/changelog.d/17903.bugfix
@@ -0,0 +1 @@
+Fix a long-standing bug in Synapse which could cause one-time keys to be issued in the incorrect order, causing message decryption failures.
--- a/changelog.d/17905.misc
+++ b/changelog.d/17905.misc
@@ -0,0 +1 @@
+Use unique name for each os.arch variant when uploading Wheel artifacts.
--- a/changelog.d/17906.bugfix
+++ b/changelog.d/17906.bugfix
@@ -0,0 +1 @@
+Fix tests to run with latest Twisted.
--- a/changelog.d/17907.bugfix
+++ b/changelog.d/17907.bugfix
@@ -0,0 +1 @@
+Fix tests to run with latest Twisted.
--- a/changelog.d/17908.misc
+++ b/changelog.d/17908.misc
@@ -0,0 +1 @@
+Remove support for python 3.8.
--- a/changelog.d/17909.misc
+++ b/changelog.d/17909.misc
@@ -0,0 +1 @@
+Update the portdb CI to use Python 3.13 and Postgres 17 as latest dependencies.
--- a/changelog.d/17911.bugfix
+++ b/changelog.d/17911.bugfix
@@ -0,0 +1 @@
+Fix tests to run with latest Twisted.
--- a/changelog.d/17913.doc
+++ b/changelog.d/17913.doc
@@ -1 +0,0 @@
-Clarify the semantics of the `enable_authenticated_media` configuration option.
--- a/changelog.d/17921.misc
+++ b/changelog.d/17921.misc
@@ -0,0 +1 @@
+Fix building and attaching release artifacts during the release process.
--- a/changelog.d/17923.misc
+++ b/changelog.d/17923.misc
@@ -1 +0,0 @@
-Unpin the upload release GHA action.
--- a/changelog.d/17928.misc
+++ b/changelog.d/17928.misc
@@ -1 +0,0 @@
-Move server event filtering logic to rust.
--- a/debian/changelog
+++ b/debian/changelog
@@ -1,15 +1,3 @@
-matrix-synapse-py3 (1.119.0~rc2) stable; urgency=medium
-
-  * New Synapse release 1.119.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Mon, 11 Nov 2024 14:33:02 +0000
-
-matrix-synapse-py3 (1.119.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.119.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 06 Nov 2024 08:59:43 -0700
-
 matrix-synapse-py3 (1.118.0) stable; urgency=medium

  * New Synapse release 1.118.0.
--- a/docs/usage/configuration/config_documentation.md
+++ b/docs/usage/configuration/config_documentation.md
@@ -1890,26 +1890,6 @@ unauthenticated media endpoints (`/_matrix/media/(r0|v3|v1)/download` and `/_mat
 after enabling, media marked as authenticated will be available over legacy endpoints. Defaults to false, but
 this will change to true in a future Synapse release.

-In all cases, authenticated requests to download media will succeed, but for unauthenticated requests, this
-case-by-case breakdown describes whether media downloads are permitted:
-
-* `enable_authenticated_media = False`:
-  * unauthenticated client or homeserver requesting local media: allowed
-  * unauthenticated client or homeserver requesting remote media: allowed as long as the media is in the cache,
-    or as long as the remote homeserver does not require authentication to retrieve the media
-* `enable_authenticated_media = True`:
-  * unauthenticated client or homeserver requesting local media:
-    allowed if the media was stored on the server whilst `enable_authenticated_media` was `False` (or in a previous Synapse version where this option did not exist);
-    otherwise denied.
-  * unauthenticated client or homeserver requesting remote media: the same as for local media;
-    allowed if the media was stored on the server whilst `enable_authenticated_media` was `False` (or in a previous Synapse version where this option did not exist);
-    otherwise denied.
-
-It is especially notable that media downloaded before this option existed (in older Synapse versions), or whilst this option was set to `False`,
-will perpetually be available over the legacy, unauthenticated endpoint, even after this option is set to `True`.
-This is for backwards compatibility with older clients and homeservers that do not yet support requesting authenticated media;
-those older clients or homeservers will not be cut off from media they can already see.
-
 Example configuration:
 ```yaml
 enable_authenticated_media: true
--- a/poetry.lock
+++ b/poetry.lock
@@ -1,4 +1,4 @@
-# This file is automatically @generated by Poetry 1.8.3 and should not be changed by hand.
+# This file is automatically @generated by Poetry 1.8.4 and should not be changed by hand.

 [[package]]
 name = "annotated-types"
@@ -104,20 +104,21 @@ typecheck = ["mypy"]

 [[package]]
 name = "bleach"
-version = "6.2.0"
+version = "6.1.0"
 description = "An easy safelist-based HTML-sanitizing tool."
 optional = false
-python-versions = ">=3.9"
+python-versions = ">=3.8"
 files = [
-    {file = "bleach-6.2.0-py3-none-any.whl", hash = "sha256:117d9c6097a7c3d22fd578fcd8d35ff1e125df6736f554da4e432fdd63f31e5e"},
-    {file = "bleach-6.2.0.tar.gz", hash = "sha256:123e894118b8a599fd80d3ec1a6d4cc7ce4e5882b1317a7e1ba69b56e95f991f"},
+    {file = "bleach-6.1.0-py3-none-any.whl", hash = "sha256:3225f354cfc436b9789c66c4ee030194bee0568fbf9cbdad3bc8b5c26c5f12b6"},
+    {file = "bleach-6.1.0.tar.gz", hash = "sha256:0a31f1837963c41d46bbf1331b8778e1308ea0791db03cc4e7357b97cf42a8fe"},
 ]

 [package.dependencies]
+six = ">=1.9.0"
 webencodings = "*"

 [package.extras]
-css = ["tinycss2 (>=1.1.0,<1.5)"]
+css = ["tinycss2 (>=1.1.0,<1.3)"]

 [[package]]
 name = "canonicaljson"
@@ -1784,13 +1785,13 @@ typing-extensions = ">=4.6.0,<4.7.0 || >4.7.0"

 [[package]]
 name = "pygithub"
-version = "2.5.0"
+version = "2.4.0"
 description = "Use the full Github API v3"
 optional = false
 python-versions = ">=3.8"
 files = [
-    {file = "PyGithub-2.5.0-py3-none-any.whl", hash = "sha256:b0b635999a658ab8e08720bdd3318893ff20e2275f6446fcf35bf3f44f2c0fd2"},
-    {file = "pygithub-2.5.0.tar.gz", hash = "sha256:e1613ac508a9be710920d26eb18b1905ebd9926aa49398e88151c1b526aad3cf"},
+    {file = "PyGithub-2.4.0-py3-none-any.whl", hash = "sha256:81935aa4bdc939fba98fee1cb47422c09157c56a27966476ff92775602b9ee24"},
+    {file = "pygithub-2.4.0.tar.gz", hash = "sha256:6601e22627e87bac192f1e2e39c6e6f69a43152cfb8f307cee575879320b3051"},
 ]

 [package.dependencies]
@@ -2256,29 +2257,29 @@ files = [

 [[package]]
 name = "ruff"
-version = "0.7.3"
+version = "0.7.2"
 description = "An extremely fast Python linter and code formatter, written in Rust."
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "ruff-0.7.3-py3-none-linux_armv6l.whl", hash = "sha256:34f2339dc22687ec7e7002792d1f50712bf84a13d5152e75712ac08be565d344"},
-    {file = "ruff-0.7.3-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:fb397332a1879b9764a3455a0bb1087bda876c2db8aca3a3cbb67b3dbce8cda0"},
-    {file = "ruff-0.7.3-py3-none-macosx_11_0_arm64.whl", hash = "sha256:37d0b619546103274e7f62643d14e1adcbccb242efda4e4bdb9544d7764782e9"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:5d59f0c3ee4d1a6787614e7135b72e21024875266101142a09a61439cb6e38a5"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:44eb93c2499a169d49fafd07bc62ac89b1bc800b197e50ff4633aed212569299"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:6d0242ce53f3a576c35ee32d907475a8d569944c0407f91d207c8af5be5dae4e"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:6b6224af8b5e09772c2ecb8dc9f3f344c1aa48201c7f07e7315367f6dd90ac29"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:c50f95a82b94421c964fae4c27c0242890a20fe67d203d127e84fbb8013855f5"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7f3eff9961b5d2644bcf1616c606e93baa2d6b349e8aa8b035f654df252c8c67"},
-    {file = "ruff-0.7.3-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:b8963cab06d130c4df2fd52c84e9f10d297826d2e8169ae0c798b6221be1d1d2"},
-    {file = "ruff-0.7.3-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:61b46049d6edc0e4317fb14b33bd693245281a3007288b68a3f5b74a22a0746d"},
-    {file = "ruff-0.7.3-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:10ebce7696afe4644e8c1a23b3cf8c0f2193a310c18387c06e583ae9ef284de2"},
-    {file = "ruff-0.7.3-py3-none-musllinux_1_2_i686.whl", hash = "sha256:3f36d56326b3aef8eeee150b700e519880d1aab92f471eefdef656fd57492aa2"},
-    {file = "ruff-0.7.3-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:5d024301109a0007b78d57ab0ba190087b43dce852e552734ebf0b0b85e4fb16"},
-    {file = "ruff-0.7.3-py3-none-win32.whl", hash = "sha256:4ba81a5f0c5478aa61674c5a2194de8b02652f17addf8dfc40c8937e6e7d79fc"},
-    {file = "ruff-0.7.3-py3-none-win_amd64.whl", hash = "sha256:588a9ff2fecf01025ed065fe28809cd5a53b43505f48b69a1ac7707b1b7e4088"},
-    {file = "ruff-0.7.3-py3-none-win_arm64.whl", hash = "sha256:1713e2c5545863cdbfe2cbce21f69ffaf37b813bfd1fb3b90dc9a6f1963f5a8c"},
-    {file = "ruff-0.7.3.tar.gz", hash = "sha256:e1d1ba2e40b6e71a61b063354d04be669ab0d39c352461f3d789cac68b54a313"},
+    {file = "ruff-0.7.2-py3-none-linux_armv6l.whl", hash = "sha256:b73f873b5f52092e63ed540adefc3c36f1f803790ecf2590e1df8bf0a9f72cb8"},
+    {file = "ruff-0.7.2-py3-none-macosx_10_12_x86_64.whl", hash = "sha256:5b813ef26db1015953daf476202585512afd6a6862a02cde63f3bafb53d0b2d4"},
+    {file = "ruff-0.7.2-py3-none-macosx_11_0_arm64.whl", hash = "sha256:853277dbd9675810c6826dad7a428d52a11760744508340e66bf46f8be9701d9"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_aarch64.manylinux2014_aarch64.whl", hash = "sha256:21aae53ab1490a52bf4e3bf520c10ce120987b047c494cacf4edad0ba0888da2"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_armv7l.manylinux2014_armv7l.whl", hash = "sha256:ccc7e0fc6e0cb3168443eeadb6445285abaae75142ee22b2b72c27d790ab60ba"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_i686.manylinux2014_i686.whl", hash = "sha256:fd77877a4e43b3a98e5ef4715ba3862105e299af0c48942cc6d51ba3d97dc859"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_ppc64.manylinux2014_ppc64.whl", hash = "sha256:e00163fb897d35523c70d71a46fbaa43bf7bf9af0f4534c53ea5b96b2e03397b"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_ppc64le.manylinux2014_ppc64le.whl", hash = "sha256:f3c54b538633482dc342e9b634d91168fe8cc56b30a4b4f99287f4e339103e88"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_s390x.manylinux2014_s390x.whl", hash = "sha256:7b792468e9804a204be221b14257566669d1db5c00d6bb335996e5cd7004ba80"},
+    {file = "ruff-0.7.2-py3-none-manylinux_2_17_x86_64.manylinux2014_x86_64.whl", hash = "sha256:dba53ed84ac19ae4bfb4ea4bf0172550a2285fa27fbb13e3746f04c80f7fa088"},
+    {file = "ruff-0.7.2-py3-none-musllinux_1_2_aarch64.whl", hash = "sha256:b19fafe261bf741bca2764c14cbb4ee1819b67adb63ebc2db6401dcd652e3748"},
+    {file = "ruff-0.7.2-py3-none-musllinux_1_2_armv7l.whl", hash = "sha256:28bd8220f4d8f79d590db9e2f6a0674f75ddbc3847277dd44ac1f8d30684b828"},
+    {file = "ruff-0.7.2-py3-none-musllinux_1_2_i686.whl", hash = "sha256:9fd67094e77efbea932e62b5d2483006154794040abb3a5072e659096415ae1e"},
+    {file = "ruff-0.7.2-py3-none-musllinux_1_2_x86_64.whl", hash = "sha256:576305393998b7bd6c46018f8104ea3a9cb3fa7908c21d8580e3274a3b04b691"},
+    {file = "ruff-0.7.2-py3-none-win32.whl", hash = "sha256:fa993cfc9f0ff11187e82de874dfc3611df80852540331bc85c75809c93253a8"},
+    {file = "ruff-0.7.2-py3-none-win_amd64.whl", hash = "sha256:dd8800cbe0254e06b8fec585e97554047fb82c894973f7ff18558eee33d1cb88"},
+    {file = "ruff-0.7.2-py3-none-win_arm64.whl", hash = "sha256:bb8368cd45bba3f57bb29cbb8d64b4a33f8415d0149d2655c5c8539452ce7760"},
+    {file = "ruff-0.7.2.tar.gz", hash = "sha256:2b14e77293380e475b4e3a7a368e14549288ed2931fce259a6f99978669e844f"},
 ]

 [[package]]
@@ -3101,4 +3102,4 @@ user-search = ["pyicu"]
 [metadata]
 lock-version = "2.0"
 python-versions = "^3.9.0"
-content-hash = "d71159b19349fdc0b7cd8e06e8c8778b603fc37b941c6df34ddc31746783d94d"
+content-hash = "0cd942a5193d01cbcef135a0bebd3fa0f12f7dbc63899d6f1c301e0649e9d902"
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -97,7 +97,7 @@ module-name = "synapse.synapse_rust"

 [tool.poetry]
 name = "matrix-synapse"
-version = "1.119.0rc2"
+version = "1.118.0"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "AGPL-3.0-or-later"
@@ -320,7 +320,7 @@ all = [
 # failing on new releases. Keeping lower bounds loose here means that dependabot
 # can bump versions without having to update the content-hash in the lockfile.
 # This helps prevents merge conflicts when running a batch of dependabot updates.
-ruff = "0.7.3"
+ruff = "0.7.2"
 # Type checking only works with the pydantic.v1 compat module from pydantic v2
 pydantic = "^2"

--- a/rust/Cargo.toml
+++ b/rust/Cargo.toml
@@ -7,7 +7,7 @@ name = "synapse"
 version = "0.1.0"

 edition = "2021"
-rust-version = "1.75.0"
+rust-version = "1.66.0"

 [lib]
 name = "synapse"
@@ -39,15 +39,6 @@ pyo3 = { version = "0.21.0", features = [
 pyo3-log = "0.10.0"
 pythonize = "0.21.0"
 regex = "1.6.0"
-ruma = { version = "0.10.1", features = [
-    "client-api-s",
-    "federation-api-s",
-    "server-util",
-    "compat-arbitrary-length-ids",
-    "compat-user-id"
-] }
-ruma-common = "0.13.0"
-ruma-events = { version = "0.28.0", features = ["unstable-pdu"] }
 sha2 = "0.10.8"
 serde = { version = "1.0.144", features = ["derive"] }
 serde_json = "1.0.85"
--- a/rust/src/events/filter.rs
+++ b/rust/src/events/filter.rs
@@ -1,102 +0,0 @@
-/*
- * This file is licensed under the Affero General Public License (AGPL) version 3.
- *
- * Copyright (C) 2024 New Vector, Ltd
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * See the GNU Affero General Public License for more details:
- * <https://www.gnu.org/licenses/agpl-3.0.html>.
- */
-
-use std::collections::HashMap;
-
-use pyo3::{exceptions::PyValueError, pyfunction, PyResult};
-use ruma_common::OwnedUserId;
-use ruma_events::room::{history_visibility::HistoryVisibility, member::MembershipState};
-
-#[pyfunction(name = "event_visible_to_server")]
-pub fn event_visible_to_server_py(
-    sender: String,
-    target_server_name: String,
-    history_visibility: String,
-    erased_senders: HashMap<String, bool>,
-    partial_state_invisible: bool,
-    memberships: Vec<(String, String)>, // (state_key, membership)
-) -> PyResult<bool> {
-    event_visible_to_server(
-        sender,
-        target_server_name,
-        history_visibility,
-        erased_senders,
-        partial_state_invisible,
-        memberships,
-    )
-    .map_err(|e| PyValueError::new_err(format!("{e}")))
-}
-
-/// Return whether the target server is allowed to see the event.
-///
-/// For a fully stated room, the target server is allowed to see an event E if:
-///   - the state at E has world readable or shared history vis, OR
-///   - the state at E says that the target server is in the room.
-///
-/// For a partially stated room, the target server is allowed to see E if:
-///   - E was created by this homeserver, AND:
-///       - the partial state at E has world readable or shared history vis, OR
-///       - the partial state at E says that the target server is in the room.
-pub fn event_visible_to_server(
-    sender: String,
-    target_server_name: String,
-    history_visibility: String,
-    erased_senders: HashMap<String, bool>,
-    partial_state_invisible: bool,
-    memberships: Vec<(String, String)>, // (state_key, membership)
-) -> anyhow::Result<bool> {
-    if let Some(&erased) = erased_senders.get(&sender) {
-        if erased {
-            return Ok(false);
-        }
-    }
-
-    if partial_state_invisible {
-        return Ok(false);
-    }
-
-    let history_visibility = HistoryVisibility::from(history_visibility);
-    if history_visibility != HistoryVisibility::Invited
-        && history_visibility != HistoryVisibility::Joined
-    {
-        return Ok(true);
-    }
-
-    let mut visible = false;
-    for (state_key, membership) in memberships {
-        let state_key = OwnedUserId::try_from(state_key.clone())
-            .map_err(|e| anyhow::anyhow!(format!("invalid user_id ({state_key}): {e}")))?;
-        if state_key.server_name().as_str() != target_server_name {
-            return Err(anyhow::anyhow!(
-                "state_key does not match target_server_name",
-            ));
-        }
-
-        match MembershipState::from(membership) {
-            MembershipState::Invite => {
-                if history_visibility == HistoryVisibility::Invited {
-                    visible = true;
-                    break;
-                }
-            }
-            MembershipState::Join => {
-                visible = true;
-                break;
-            }
-            _ => continue,
-        }
-    }
-
-    Ok(visible)
-}
--- a/rust/src/events/mod.rs
+++ b/rust/src/events/mod.rs
@@ -22,17 +22,15 @@

 use pyo3::{
    types::{PyAnyMethods, PyModule, PyModuleMethods},
-    wrap_pyfunction, Bound, PyResult, Python,
+    Bound, PyResult, Python,
 };

-pub mod filter;
 mod internal_metadata;

 /// Called when registering modules with python.
 pub fn register_module(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
    let child_module = PyModule::new_bound(py, "events")?;
    child_module.add_class::<internal_metadata::EventInternalMetadata>()?;
-    child_module.add_function(wrap_pyfunction!(filter::event_visible_to_server_py, m)?)?;

    m.add_submodule(&child_module)?;

--- a/rust/src/push/utils.rs
+++ b/rust/src/push/utils.rs
@@ -23,6 +23,7 @@ use anyhow::bail;
 use anyhow::Context;
 use anyhow::Error;
 use lazy_static::lazy_static;
+use regex;
 use regex::Regex;
 use regex::RegexBuilder;

--- a/synapse/handlers/message.py
+++ b/synapse/handlers/message.py
@@ -196,9 +196,7 @@ class MessageHandler:
            AuthError (403) if the user doesn't have permission to view
            members of this room.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
+        state_filter = state_filter or StateFilter.all()
        user_id = requester.user.to_string()

        if at_token:
--- a/synapse/handlers/sync.py
+++ b/synapse/handlers/sync.py
@@ -1520,7 +1520,7 @@ class SyncHandler:
        if sync_config.use_state_after:
            delta_state_ids: MutableStateMap[str] = {}

-            if members_to_fetch:
+            if members_to_fetch is not None:
                # We're lazy-loading, so the client might need some more member
                # events to understand the events in this timeline. So we always
                # fish out all the member events corresponding to the timeline
--- a/synapse/media/media_repository.py
+++ b/synapse/media/media_repository.py
@@ -259,7 +259,7 @@ class MediaRepository:
        """
        media = await self.store.get_local_media(media_id)
        if media is None:
-            raise NotFoundError("Unknown media ID")
+            raise SynapseError(404, "Unknow media ID", errcode=Codes.NOT_FOUND)

        if media.user_id != auth_user.to_string():
            raise SynapseError(
--- a/synapse/rest/media/upload_resource.py
+++ b/synapse/rest/media/upload_resource.py
@@ -94,7 +94,7 @@ class BaseUploadServlet(RestServlet):

        # if headers.hasHeader(b"Content-Disposition"):
        #     disposition = headers.getRawHeaders(b"Content-Disposition")[0]
-        # TODO(markjh): parse content-disposition
+        # TODO(markjh): parse content-dispostion

        return content_length, upload_name, media_type

--- a/synapse/storage/controllers/state.py
+++ b/synapse/storage/controllers/state.py
@@ -234,11 +234,8 @@ class StateStorageController:
            RuntimeError if we don't have a state group for one or more of the events
               (ie they are outliers or unknown)
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
        await_full_state = True
-        if not state_filter.must_await_full_state(self._is_mine_id):
+        if state_filter and not state_filter.must_await_full_state(self._is_mine_id):
            await_full_state = False

        event_to_groups = await self.get_state_group_for_events(
@@ -247,7 +244,7 @@ class StateStorageController:

        groups = set(event_to_groups.values())
        group_to_state = await self.stores.state._get_state_for_groups(
-            groups, state_filter
+            groups, state_filter or StateFilter.all()
        )

        state_event_map = await self.stores.main.get_events(
@@ -295,11 +292,10 @@ class StateStorageController:
            RuntimeError if we don't have a state group for one or more of the events
                (ie they are outliers or unknown)
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
-        if await_full_state and not state_filter.must_await_full_state(
-            self._is_mine_id
+        if (
+            await_full_state
+            and state_filter
+            and not state_filter.must_await_full_state(self._is_mine_id)
        ):
            # Full state is not required if the state filter is restrictive enough.
            await_full_state = False
@@ -310,7 +306,7 @@ class StateStorageController:

        groups = set(event_to_groups.values())
        group_to_state = await self.stores.state._get_state_for_groups(
-            groups, state_filter
+            groups, state_filter or StateFilter.all()
        )

        event_to_state = {
@@ -339,10 +335,9 @@ class StateStorageController:
            RuntimeError if we don't have a state group for the event (ie it is an
                outlier or is unknown)
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
-        state_map = await self.get_state_for_events([event_id], state_filter)
+        state_map = await self.get_state_for_events(
+            [event_id], state_filter or StateFilter.all()
+        )
        return state_map[event_id]

    @trace
@@ -370,12 +365,9 @@ class StateStorageController:
            RuntimeError if we don't have a state group for the event (ie it is an
                outlier or is unknown)
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
        state_map = await self.get_state_ids_for_events(
            [event_id],
-            state_filter,
+            state_filter or StateFilter.all(),
            await_full_state=await_full_state,
        )
        return state_map[event_id]
@@ -396,12 +388,9 @@ class StateStorageController:
                at the event and `state_filter` is not satisfied by partial state.
                Defaults to `True`.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
        state_ids = await self.get_state_ids_for_event(
            event_id,
-            state_filter=state_filter,
+            state_filter=state_filter or StateFilter.all(),
            await_full_state=await_full_state,
        )

@@ -437,9 +426,6 @@ class StateStorageController:
                at the last event in the room before `stream_position` and
                `state_filter` is not satisfied by partial state. Defaults to `True`.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
        # FIXME: This gets the state at the latest event before the stream ordering,
        # which might not be the same as the "current state" of the room at the time
        # of the stream token if there were multiple forward extremities at the time.
@@ -456,7 +442,7 @@ class StateStorageController:
        if last_event_id:
            state = await self.get_state_after_event(
                last_event_id,
-                state_filter=state_filter,
+                state_filter=state_filter or StateFilter.all(),
                await_full_state=await_full_state,
            )

@@ -514,10 +500,9 @@ class StateStorageController:
        Returns:
            Dict of state group to state map.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
-        return await self.stores.state._get_state_for_groups(groups, state_filter)
+        return await self.stores.state._get_state_for_groups(
+            groups, state_filter or StateFilter.all()
+        )

    @trace
    @tag_args
@@ -598,13 +583,12 @@ class StateStorageController:
        Returns:
            The current state of the room.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
-
-        if await_full_state and state_filter.must_await_full_state(self._is_mine_id):
+        if await_full_state and (
+            not state_filter or state_filter.must_await_full_state(self._is_mine_id)
+        ):
            await self._partial_state_room_tracker.await_full_state(room_id)

-        if state_filter is not None and not state_filter.is_full():
+        if state_filter and not state_filter.is_full():
            return await self.stores.main.get_partial_filtered_current_state_ids(
                room_id, state_filter
            )
--- a/synapse/storage/databases/main/state.py
+++ b/synapse/storage/databases/main/state.py
@@ -572,10 +572,10 @@ class StateGroupWorkerStore(EventsWorkerStore, SQLBaseStore):
        Returns:
            Map from type/state_key to event ID.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()

-        where_clause, where_args = (state_filter).make_sql_filter_clause()
+        where_clause, where_args = (
+            state_filter or StateFilter.all()
+        ).make_sql_filter_clause()

        if not where_clause:
            # We delegate to the cached version
@@ -584,7 +584,7 @@ class StateGroupWorkerStore(EventsWorkerStore, SQLBaseStore):
        def _get_filtered_current_state_ids_txn(
            txn: LoggingTransaction,
        ) -> StateMap[str]:
-            results = StateMapWrapper(state_filter=state_filter)
+            results = StateMapWrapper(state_filter=state_filter or StateFilter.all())

            sql = """
                SELECT type, state_key, event_id FROM current_state_events
--- a/synapse/storage/databases/main/state_deltas.py
+++ b/synapse/storage/databases/main/state_deltas.py
@@ -20,26 +20,18 @@
 #

 import logging
-from typing import TYPE_CHECKING, List, Optional, Tuple
+from typing import List, Optional, Tuple

 import attr

 from synapse.logging.opentracing import trace
 from synapse.storage._base import SQLBaseStore
-from synapse.storage.database import (
-    DatabasePool,
-    LoggingDatabaseConnection,
-    LoggingTransaction,
-    make_in_list_sql_clause,
-)
+from synapse.storage.database import LoggingTransaction, make_in_list_sql_clause
 from synapse.storage.databases.main.stream import _filter_results_by_stream
 from synapse.types import RoomStreamToken, StrCollection
 from synapse.util.caches.stream_change_cache import StreamChangeCache
 from synapse.util.iterutils import batch_iter

-if TYPE_CHECKING:
-    from synapse.server import HomeServer
-
 logger = logging.getLogger(__name__)


@@ -62,21 +54,6 @@ class StateDeltasStore(SQLBaseStore):
    # attribute. TODO: can we get static analysis to enforce this?
    _curr_state_delta_stream_cache: StreamChangeCache

-    def __init__(
-        self,
-        database: DatabasePool,
-        db_conn: LoggingDatabaseConnection,
-        hs: "HomeServer",
-    ):
-        super().__init__(database, db_conn, hs)
-
-        self.db_pool.updates.register_background_index_update(
-            update_name="current_state_delta_stream_room_index",
-            index_name="current_state_delta_stream_room_idx",
-            table="current_state_delta_stream",
-            columns=("room_id", "stream_id"),
-        )
-
    async def get_partial_current_state_deltas(
        self, prev_stream_id: int, max_stream_id: int
    ) -> Tuple[int, List[StateDelta]]:
--- a/synapse/storage/databases/state/bg_updates.py
+++ b/synapse/storage/databases/state/bg_updates.py
@@ -112,8 +112,8 @@ class StateGroupBackgroundUpdateStore(SQLBaseStore):
        Returns:
            Map from state_group to a StateMap at that point.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
+
+        state_filter = state_filter or StateFilter.all()

        results: Dict[int, MutableStateMap[str]] = {group: {} for group in groups}

--- a/synapse/storage/databases/state/store.py
+++ b/synapse/storage/databases/state/store.py
@@ -284,8 +284,7 @@ class StateGroupDataStore(StateBackgroundUpdateStore, SQLBaseStore):
        Returns:
            Dict of state group to state map.
        """
-        if state_filter is None:
-            state_filter = StateFilter.all()
+        state_filter = state_filter or StateFilter.all()

        member_filter, non_member_filter = state_filter.get_member_split()

--- a/synapse/storage/schema/main/delta/88/04_current_state_delta_index.sql
+++ b/synapse/storage/schema/main/delta/88/04_current_state_delta_index.sql
@@ -1,18 +0,0 @@
--
-- This file is licensed under the Affero General Public License (AGPL) version 3.
--
-- Copyright (C) 2024 New Vector, Ltd
--
-- This program is free software: you can redistribute it and/or modify
-- it under the terms of the GNU Affero General Public License as
-- published by the Free Software Foundation, either version 3 of the
-- License, or (at your option) any later version.
--
-- See the GNU Affero General Public License for more details:
-- <https://www.gnu.org/licenses/agpl-3.0.html>.
-
-
-- Add an index on (user_id, device_id, algorithm, ts_added_ms) on e2e_one_time_keys_json, so that OTKs can
-- efficiently be issued in the same order they were uploaded.
-INSERT INTO background_updates (ordering, update_name, progress_json) VALUES
-    (8804, 'current_state_delta_stream_room_index', '{}');
--- a/synapse/synapse_rust/events.pyi
+++ b/synapse/synapse_rust/events.pyi
@@ -10,7 +10,7 @@
 # See the GNU Affero General Public License for more details:
 # <https://www.gnu.org/licenses/agpl-3.0.html>.

-from typing import List, Mapping, Optional, Tuple
+from typing import Optional

 from synapse.types import JsonDict

@@ -105,13 +105,3 @@ class EventInternalMetadata:

    def is_notifiable(self) -> bool:
        """Whether this event can trigger a push notification"""
-
-def event_visible_to_server(
-    sender: str,
-    target_server_name: str,
-    history_visibility: str,
-    erased_senders: Mapping[str, bool],
-    partial_state_invisible: bool,
-    memberships: List[Tuple[str, str]],
-) -> bool:
-    """Whether the server is allowed to see the unredacted event"""
--- a/synapse/types/state.py
+++ b/synapse/types/state.py
@@ -68,23 +68,15 @@ class StateFilter:
    include_others: bool = False

    def __attrs_post_init__(self) -> None:
+        # If `include_others` is set we canonicalise the filter by removing
+        # wildcards from the types dictionary
        if self.include_others:
-            # If `include_others` is set we canonicalise the filter by removing
-            # wildcards from the types dictionary
-
            # this is needed to work around the fact that StateFilter is frozen
            object.__setattr__(
                self,
                "types",
                immutabledict({k: v for k, v in self.types.items() if v is not None}),
            )
-        else:
-            # Otherwise we remove entries where the value is the empty set.
-            object.__setattr__(
-                self,
-                "types",
-                immutabledict({k: v for k, v in self.types.items() if v is None or v}),
-            )

    @staticmethod
    def all() -> "StateFilter":
--- a/synapse/visibility.py
+++ b/synapse/visibility.py
@@ -27,6 +27,7 @@ from typing import (
    Final,
    FrozenSet,
    List,
+    Mapping,
    Optional,
    Sequence,
    Set,
@@ -47,7 +48,6 @@ from synapse.events.utils import clone_event, prune_event
 from synapse.logging.opentracing import trace
 from synapse.storage.controllers import StorageControllers
 from synapse.storage.databases.main import DataStore
-from synapse.synapse_rust.events import event_visible_to_server
 from synapse.types import RetentionPolicy, StateMap, StrCollection, get_domain_from_id
 from synapse.types.state import StateFilter
 from synapse.util import Clock
@@ -628,6 +628,17 @@ async def filter_events_for_server(
    """Filter a list of events based on whether the target server is allowed to
    see them.

+    For a fully stated room, the target server is allowed to see an event E if:
+      - the state at E has world readable or shared history vis, OR
+      - the state at E says that the target server is in the room.
+
+    For a partially stated room, the target server is allowed to see E if:
+      - E was created by this homeserver, AND:
+          - the partial state at E has world readable or shared history vis, OR
+          - the partial state at E says that the target server is in the room.
+
+    TODO: state before or state after?
+
    Args:
        storage
        target_server_name
@@ -644,6 +655,35 @@ async def filter_events_for_server(
        The filtered events.
    """

+    def is_sender_erased(event: EventBase, erased_senders: Mapping[str, bool]) -> bool:
+        if erased_senders and erased_senders[event.sender]:
+            logger.info("Sender of %s has been erased, redacting", event.event_id)
+            return True
+        return False
+
+    def check_event_is_visible(
+        visibility: str, memberships: StateMap[EventBase]
+    ) -> bool:
+        if visibility not in (HistoryVisibility.INVITED, HistoryVisibility.JOINED):
+            return True
+
+        # We now loop through all membership events looking for
+        # membership states for the requesting server to determine
+        # if the server is either in the room or has been invited
+        # into the room.
+        for ev in memberships.values():
+            assert get_domain_from_id(ev.state_key) == target_server_name
+
+            memtype = ev.membership
+            if memtype == Membership.JOIN:
+                return True
+            elif memtype == Membership.INVITE:
+                if visibility == HistoryVisibility.INVITED:
+                    return True
+
+        # server has no users in the room: redact
+        return False
+
    if filter_out_erased_senders:
        erased_senders = await storage.main.are_users_erased(e.sender for e in events)
    else:
@@ -686,16 +726,20 @@ async def filter_events_for_server(
        target_server_name,
    )

+    def include_event_in_output(e: EventBase) -> bool:
+        erased = is_sender_erased(e, erased_senders)
+        visible = check_event_is_visible(
+            event_to_history_vis[e.event_id], event_to_memberships.get(e.event_id, {})
+        )
+
+        if e.event_id in partial_state_invisible_event_ids:
+            visible = False
+
+        return visible and not erased
+
    to_return = []
    for e in events:
-        if event_visible_to_server(
-            e.sender,
-            target_server_name,
-            event_to_history_vis[e.event_id],
-            erased_senders,
-            e.event_id in partial_state_invisible_event_ids,
-            list(event_to_memberships.get(e.event_id, {}).values()),
-        ):
+        if include_event_in_output(e):
            to_return.append(e)
        elif redact:
            to_return.append(prune_event(e))
@@ -752,7 +796,7 @@ async def _event_to_history_vis(

 async def _event_to_memberships(
    storage: StorageControllers, events: Collection[EventBase], server_name: str
-) -> Dict[str, StateMap[Tuple[str, str]]]:
+) -> Dict[str, StateMap[EventBase]]:
    """Get the remote membership list at each of the given events

    Returns a map from event id to state map, which will contain only membership events
@@ -805,7 +849,7 @@ async def _event_to_memberships(

    return {
        e_id: {
-            key: (event_map[inner_e_id].state_key, event_map[inner_e_id].membership)
+            key: event_map[inner_e_id]
            for key, inner_e_id in key_to_eid.items()
            if inner_e_id in event_map
        }
--- a/tests/handlers/test_sync.py
+++ b/tests/handlers/test_sync.py
@@ -1262,35 +1262,3 @@ class SyncStateAfterTestCase(tests.unittest.HomeserverTestCase):
            )
        )
        self.assertEqual(state[("m.test_event", "")], second_state["event_id"])
-
-    def test_incremental_sync_lazy_loaded_no_timeline(self) -> None:
-        """Test that lazy-loading with an empty timeline doesn't return the full
-        state.
-
-        There was a bug where an empty state filter would cause the DB to return
-        the full state, rather than an empty set.
-        """
-        user = self.register_user("user", "password")
-        tok = self.login("user", "password")
-
-        # Create a room as the user and set some custom state.
-        joined_room = self.helper.create_room_as(user, tok=tok)
-
-        since_token = self.hs.get_event_sources().get_current_token()
-        end_stream_token = self.hs.get_event_sources().get_current_token()
-
-        state = self.get_success(
-            self.sync_handler._compute_state_delta_for_incremental_sync(
-                room_id=joined_room,
-                sync_config=generate_sync_config(user, use_state_after=True),
-                batch=TimelineBatch(
-                    prev_batch=end_stream_token, events=[], limited=True
-                ),
-                since_token=since_token,
-                end_token=end_stream_token,
-                members_to_fetch=set(),
-                timeline_state={},
-            )
-        )
-
-        self.assertEqual(state, {})
--- a/tests/rest/admin/test_federation.py
+++ b/tests/rest/admin/test_federation.py
@@ -96,7 +96,7 @@ class FederationTestCase(unittest.HomeserverTestCase):
        self.assertEqual(400, channel.code, msg=channel.json_body)
        self.assertEqual(Codes.INVALID_PARAM, channel.json_body["errcode"])

-        # unknown order_by
+        # unkown order_by
        channel = self.make_request(
            "GET",
            self.url + "?order_by=bar",
--- a/tests/rest/admin/test_statistics.py
+++ b/tests/rest/admin/test_statistics.py
@@ -82,7 +82,7 @@ class UserMediaStatisticsTestCase(unittest.HomeserverTestCase):
        """
        If parameters are invalid, an error is returned.
        """
-        # unknown order_by
+        # unkown order_by
        channel = self.make_request(
            "GET",
            self.url + "?order_by=bar",
--- a/tests/rest/admin/test_user.py
+++ b/tests/rest/admin/test_user.py
@@ -719,7 +719,7 @@ class UsersListTestCase(unittest.HomeserverTestCase):
        self.assertEqual(400, channel.code, msg=channel.json_body)
        self.assertEqual(Codes.INVALID_PARAM, channel.json_body["errcode"])

-        # unknown order_by
+        # unkown order_by
        channel = self.make_request(
            "GET",
            self.url + "?order_by=bar",
@@ -3696,7 +3696,7 @@ class UserMediaRestTestCase(unittest.HomeserverTestCase):
    @parameterized.expand(["GET", "DELETE"])
    def test_invalid_parameter(self, method: str) -> None:
        """If parameters are invalid, an error is returned."""
-        # unknown order_by
+        # unkown order_by
        channel = self.make_request(
            method,
            self.url + "?order_by=bar",
--- a/tests/test_visibility.py
+++ b/tests/test_visibility.py
@@ -82,7 +82,7 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):
                inject_member_event(
                    self.hs,
                    TEST_ROOM_ID,
-                    "@user%i:%s" % (i, "test-server" if i == 5 else "other-server"),
+                    "@user%i:%s" % (i, "test_server" if i == 5 else "other_server"),
                    "join",
                    extra_content={"a": "b"},
                )
@@ -92,7 +92,7 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):
        filtered = self.get_success(
            filter_events_for_server(
                self._storage_controllers,
-                "test-server",
+                "test_server",
                "hs",
                events_to_filter,
                redact=True,
@@ -116,13 +116,13 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):
            inject_member_event(
                self.hs,
                TEST_ROOM_ID,
-                "@resident:remote-hs",
+                "@resident:remote_hs",
                "join",
            )
        )
        self.get_success(
            inject_visibility_event(
-                self.hs, TEST_ROOM_ID, "@resident:remote-hs", "joined"
+                self.hs, TEST_ROOM_ID, "@resident:remote_hs", "joined"
            )
        )

@@ -131,7 +131,7 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):
            self.get_success(
                filter_events_for_server(
                    self._storage_controllers,
-                    "remote-hs",
+                    "remote_hs",
                    "hs",
                    [outlier],
                    redact=True,
@@ -144,14 +144,14 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):

        # it should also work when there are other events in the list
        evt = self.get_success(
-            inject_message_event(self.hs, TEST_ROOM_ID, "@unerased:local-hs")
+            inject_message_event(self.hs, TEST_ROOM_ID, "@unerased:local_hs")
        )

        filtered = self.get_success(
            filter_events_for_server(
                self._storage_controllers,
-                "remote-hs",
-                "local-hs",
+                "remote_hs",
+                "local_hs",
                [outlier, evt],
                redact=True,
                filter_out_erased_senders=True,
@@ -168,8 +168,8 @@ class FilterEventsForServerTestCase(unittest.HomeserverTestCase):
        filtered = self.get_success(
            filter_events_for_server(
                self._storage_controllers,
-                "other-server",
-                "local-hs",
+                "other_server",
+                "local_hs",
                [outlier, evt],
                redact=True,
                filter_out_erased_senders=True,
Author	SHA1	Message	Date
Erik Johnston	e53ebb9b34	Newsfile	2024-11-11 13:53:48 +00:00
Erik Johnston	7f5f561df7	Fix building and attaching release artefacts	2024-11-11 13:49:33 +00:00
				`@@ -0,0 +1 @@`
				`Support [MSC4151](https://github.com/matrix-org/matrix-spec-proposals/pull/4151)'s stable report room API.`
				`@@ -0,0 +1 @@`
				`Bump actions/download-artifact and actions/upload-artifact from v3 -> v4.`
				`@@ -0,0 +1 @@`
				`Add a test for downloading and thumbnailing a CMYK JPEG.`
				`@@ -0,0 +1 @@`
				Fix bug with sliding sync where `$LAZY`-loading room members would not return `required_state` membership in incremental syncs.
				`@@ -0,0 +1 @@`
				Refactor database calls to remove `Generator` usage.
				`@@ -0,0 +1 @@`
				`Include the destination in the error of 'Destination mismatch' on federation requests.`
				`@@ -0,0 +1 @@`
				`Check if user has membership in a room before tagging it. Contributed by Lama Alosaimi.`
				`@@ -0,0 +1 @@`
				`Fix bug when some presence and typing timeouts can expire early.`
				`@@ -0,0 +1 @@`
				`The nix flake inside the repository no longer tracks nixpkgs/master to not catch the latest bugs from a PR merged 5 minutes ago.`