Update tracer to give more information

Add a utility class that can be used to generate a twisted deferred aware call graph
2025-12-17 02:10:27 +00:00 · 2015-03-13 11:38:57 +00:00 · 2015-03-12 16:52:02 +00:00
1667 changed files with 34504 additions and 336875 deletions
--- a/.ci/latest_deps_build_failed_issue_template.md
+++ b/.ci/latest_deps_build_failed_issue_template.md
@@ -1,4 +0,0 @@
 ---
 title: CI run against latest deps is failing
 ---
 See https://github.com/{{env.GITHUB_REPOSITORY}}/actions/runs/{{env.GITHUB_RUN_ID}}
--- a/.ci/postgres-config.yaml
+++ b/.ci/postgres-config.yaml
@@ -1,19 +0,0 @@
 # Configuration file used for testing the 'synapse_port_db' script.
 # Tells the script to connect to the postgresql database that will be available in the
 # CI's Docker setup at the point where this file is considered.
 server_name: "localhost:8800"
 signing_key_path: ".ci/test.signing.key"
 report_stats: false
 database:
  name: "psycopg2"
  args:
    user: postgres
    host: localhost
    password: postgres
    database: synapse
 # Suppress the key server warning.
 trusted_key_servers: []
--- a/.ci/scripts/postgres_exec.py
+++ b/.ci/scripts/postgres_exec.py
@@ -1,31 +0,0 @@
 #!/usr/bin/env python
 # Copyright 2019 The Matrix.org Foundation C.I.C.
 #
 # Licensed under the Apache License, Version 2.0 (the "License");
 # you may not use this file except in compliance with the License.
 # You may obtain a copy of the License at
 #
 #     http://www.apache.org/licenses/LICENSE-2.0
 #
 # Unless required by applicable law or agreed to in writing, software
 # distributed under the License is distributed on an "AS IS" BASIS,
 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 # See the License for the specific language governing permissions and
 # limitations under the License.
 import sys
 import psycopg2
 # a very simple replacment for `psql`, to make up for the lack of the postgres client
 # libraries in the synapse docker image.
 # We use "postgres" as a database because it's bound to exist and the "synapse" one
 # doesn't exist yet.
 db_conn = psycopg2.connect(
    user="postgres", host="localhost", password="postgres", dbname="postgres"
 )
 db_conn.autocommit = True
 cur = db_conn.cursor()
 for c in sys.argv[1:]:
    cur.execute(c)
--- a/.ci/scripts/test_export_data_command.sh
+++ b/.ci/scripts/test_export_data_command.sh
@@ -1,52 +0,0 @@
 #!/usr/bin/env bash
 # Test for the export-data admin command against sqlite and postgres
 # Expects Synapse to have been already installed with `poetry install --extras postgres`.
 # Expects `poetry` to be available on the `PATH`.
 set -xe
 cd "$(dirname "$0")/../.."
 echo "--- Generate the signing key"
 # Generate the server's signing key.
 poetry run synapse_homeserver --generate-keys -c .ci/sqlite-config.yaml
 echo "--- Prepare test database"
 # Make sure the SQLite3 database is using the latest schema and has no pending background update.
 poetry run update_synapse_database --database-config .ci/sqlite-config.yaml --run-background-updates
 # Run the export-data command on the sqlite test database
 poetry run python -m synapse.app.admin_cmd -c .ci/sqlite-config.yaml  export-data @anon-20191002_181700-832:localhost:8800 \
 --output-directory /tmp/export_data
 # Test that the output directory exists and contains the rooms directory
 dir="/tmp/export_data/rooms"
 if [ -d "$dir" ]; then
  echo "Command successful, this test passes"
 else
  echo "No output directories found, the command fails against a sqlite database."
  exit 1
 fi
 # Create the PostgreSQL database.
 poetry run .ci/scripts/postgres_exec.py "CREATE DATABASE synapse"
 # Port the SQLite databse to postgres so we can check command works against postgres
 echo "+++ Port SQLite3 databse to postgres"
 poetry run synapse_port_db --sqlite-database .ci/test_db.db --postgres-config .ci/postgres-config.yaml
 # Run the export-data command on postgres database
 poetry run python -m synapse.app.admin_cmd -c .ci/postgres-config.yaml  export-data @anon-20191002_181700-832:localhost:8800 \
 --output-directory /tmp/export_data2
 # Test that the output directory exists and contains the rooms directory
 dir2="/tmp/export_data2/rooms"
 if [ -d "$dir2" ]; then
  echo "Command successful, this test passes"
 else
  echo "No output directories found, the command fails against a postgres database."
  exit 1
 fi
--- a/.ci/scripts/test_old_deps.sh
+++ b/.ci/scripts/test_old_deps.sh
@@ -1,81 +0,0 @@
 #!/usr/bin/env bash
 # this script is run by GitHub Actions in a plain `focal` container; it
 # - installs the minimal system requirements, and poetry;
 # - patches the project definition file to refer to old versions only;
 # - creates a venv with these old versions using poetry; and finally
 # - invokes `trial` to run the tests with old deps.
 # Prevent tzdata from asking for user input
 export DEBIAN_FRONTEND=noninteractive
 set -ex
 apt-get update
 apt-get install -y \
        python3 python3-dev python3-pip python3-venv pipx \
        libxml2-dev libxslt-dev xmlsec1 zlib1g-dev libjpeg-dev libwebp-dev
 export LANG="C.UTF-8"
 # Prevent virtualenv from auto-updating pip to an incompatible version
 export VIRTUALENV_NO_DOWNLOAD=1
 # TODO: in the future, we could use an implementation of
 #   https://github.com/python-poetry/poetry/issues/3527
 #   https://github.com/pypa/pip/issues/8085
 # to select the lowest possible versions, rather than resorting to this sed script.
 # Patch the project definitions in-place:
 # - Replace all lower and tilde bounds with exact bounds
 # - Make the pyopenssl 17.0, which is the oldest version that works with
 #   a `cryptography` compiled against OpenSSL 1.1.
 # - Delete all lines referring to psycopg2 --- so no testing of postgres support.
 # - Omit systemd: we're not logging to journal here.
 # TODO: also replace caret bounds, see https://python-poetry.org/docs/dependency-specification/#version-constraints
 # We don't use these yet, but IIRC they are the default bound used when you `poetry add`.
 # The sed expression 's/\^/==/g' ought to do the trick. But it would also change
 # `python = "^3.7"` to `python = "==3.7", which would mean we fail because olddeps
 # runs on 3.8 (#12343).
 sed -i \
   -e "s/[~>]=/==/g" \
   -e "/psycopg2/d" \
   -e 's/pyOpenSSL = "==16.0.0"/pyOpenSSL = "==17.0.0"/' \
   -e '/systemd/d' \
   pyproject.toml
 # Use poetry to do the installation. This ensures that the versions are all mutually
 # compatible (as far the package metadata declares, anyway); pip's package resolver
 # is more lax.
 #
 # Rather than `poetry install --no-dev`, we drop all dev dependencies from the
 # toml file. This means we don't have to ensure compatibility between old deps and
 # dev tools.
 pip install --user toml
 REMOVE_DEV_DEPENDENCIES="
 import toml
 with open('pyproject.toml', 'r') as f:
    data = toml.loads(f.read())
 del data['tool']['poetry']['dev-dependencies']
 with open('pyproject.toml', 'w') as f:
    toml.dump(data, f)
 "
 python3 -c "$REMOVE_DEV_DEPENDENCIES"
 pipx install poetry==1.1.12
 ~/.local/bin/poetry lock
 echo "::group::Patched pyproject.toml"
 cat pyproject.toml
 echo "::endgroup::"
 echo "::group::Lockfile after patch"
 cat poetry.lock
 echo "::endgroup::"
 ~/.local/bin/poetry install -E "all test"
 ~/.local/bin/poetry run trial --jobs=2 tests
--- a/.ci/scripts/test_synapse_port_db.sh
+++ b/.ci/scripts/test_synapse_port_db.sh
@@ -1,53 +0,0 @@
 #!/usr/bin/env bash
 #
 # Test script for 'synapse_port_db'.
 #   - configures synapse and a postgres server.
 #   - runs the port script on a prepopulated test sqlite db
 #   - also runs it against an new sqlite db
 #
 # Expects Synapse to have been already installed with `poetry install --extras postgres`.
 # Expects `poetry` to be available on the `PATH`.
 set -xe
 cd "$(dirname "$0")/../.."
 echo "--- Generate the signing key"
 # Generate the server's signing key.
 poetry run synapse_homeserver --generate-keys -c .ci/sqlite-config.yaml
 echo "--- Prepare test database"
 # Make sure the SQLite3 database is using the latest schema and has no pending background update.
 poetry run update_synapse_database --database-config .ci/sqlite-config.yaml --run-background-updates
 # Create the PostgreSQL database.
 poetry run .ci/scripts/postgres_exec.py "CREATE DATABASE synapse"
 echo "+++ Run synapse_port_db against test database"
 # TODO: this invocation of synapse_port_db (and others below) used to be prepended with `coverage run`,
 # but coverage seems unable to find the entrypoints installed by `pip install -e .`.
 poetry run synapse_port_db --sqlite-database .ci/test_db.db --postgres-config .ci/postgres-config.yaml
 # We should be able to run twice against the same database.
 echo "+++ Run synapse_port_db a second time"
 poetry run synapse_port_db --sqlite-database .ci/test_db.db --postgres-config .ci/postgres-config.yaml
 #####
 # Now do the same again, on an empty database.
 echo "--- Prepare empty SQLite database"
 # we do this by deleting the sqlite db, and then doing the same again.
 rm .ci/test_db.db
 poetry run update_synapse_database --database-config .ci/sqlite-config.yaml --run-background-updates
 # re-create the PostgreSQL database.
 poetry run .ci/scripts/postgres_exec.py \
  "DROP DATABASE synapse" \
  "CREATE DATABASE synapse"
 echo "+++ Run synapse_port_db against empty database"
 poetry run synapse_port_db --sqlite-database .ci/test_db.db --postgres-config .ci/postgres-config.yaml
--- a/.ci/sqlite-config.yaml
+++ b/.ci/sqlite-config.yaml
@@ -1,16 +0,0 @@
 # Configuration file used for testing the 'synapse_port_db' script.
 # Tells the 'update_database' script to connect to the test SQLite database to upgrade its
 # schema and run background updates on it.
 server_name: "localhost:8800"
 signing_key_path: ".ci/test.signing.key"
 report_stats: false
 database:
  name: "sqlite3"
  args:
    database: ".ci/test_db.db"
 # Suppress the key server warning.
 trusted_key_servers: []
--- a/.ci/test_db.db
+++ b/.ci/test_db.db
--- a/.ci/twisted_trunk_build_failed_issue_template.md
+++ b/.ci/twisted_trunk_build_failed_issue_template.md
@@ -1,4 +0,0 @@
 ---
 title: CI run against Twisted trunk is failing
 ---
 See https://github.com/{{env.GITHUB_REPOSITORY}}/actions/runs/{{env.GITHUB_RUN_ID}}
--- a/.ci/worker-blacklist
+++ b/.ci/worker-blacklist
@@ -1,2 +0,0 @@
 # This file serves as a blacklist for SyTest tests that we expect will fail in
 # Synapse when run under worker mode. For more details, see sytest-blacklist.
--- a/.codecov.yml
+++ b/.codecov.yml
@@ -1,14 +0,0 @@
 comment: off
 coverage:
  status:
    project:
      default:
        target: 0  # Target % coverage, can be auto. Turned off for now
        threshold: null
        base: auto
    patch:
      default:
        target: 0
        threshold: null
        base: auto
--- a/.coveragerc
+++ b/.coveragerc
@@ -1,8 +0,0 @@
 [run]
 branch = True
 parallel = True
 include=$TOP/synapse/*
 data_file = $TOP/.coverage
 [report]
 precision = 2
--- a/.dockerignore
+++ b/.dockerignore
@@ -1,11 +0,0 @@
 # ignore everything by default
 *
 # things to include
 !docker
 !synapse
 !README.rst
 !pyproject.toml
 !poetry.lock
 **/__pycache__
--- a/.editorconfig
+++ b/.editorconfig
@@ -1,9 +0,0 @@
 # EditorConfig https://EditorConfig.org
 # top-most EditorConfig file
 root = true
 # 4 space indentation
 [*.py]
 indent_style = space
 indent_size = 4
--- a/.flake8
+++ b/.flake8
@@ -1,11 +0,0 @@
 # TODO: incorporate this into pyproject.toml if flake8 supports it in the future.
 # See https://github.com/PyCQA/flake8/issues/234
 [flake8]
 # see https://pycodestyle.readthedocs.io/en/latest/intro.html#error-codes
 # for error codes. The ones we ignore are:
 #  W503: line break before binary operator
 #  W504: line break after binary operator
 #  E203: whitespace before ':' (which is contrary to pep8?)
 #  E731: do not assign a lambda expression, use a def
 #  E501: Line too long (black enforces this for us)
 ignore=W503,W504,E203,E731,E501
--- a/.git-blame-ignore-revs
+++ b/.git-blame-ignore-revs
@@ -1,8 +0,0 @@
 # Black reformatting (#5482).
 32e7c9e7f20b57dd081023ac42d6931a8da9b3a3
 # Target Python 3.5 with black (#8664).
 aff1eb7c671b0a3813407321d2702ec46c71fa56
 # Update black to 20.8b1 (#9381).
 0a00b7ff14890987f09112a2ae696c61001e6cf1
--- a/.github/CODEOWNERS
+++ b/.github/CODEOWNERS
@@ -1,2 +0,0 @@
 # Automatically request reviews from the synapse-core team when a pull request comes in.
 * @matrix-org/synapse-core
--- a/.github/FUNDING.yml
+++ b/.github/FUNDING.yml
@@ -1,4 +0,0 @@
 # One username per supported platform and one custom link
 patreon: matrixdotorg
 liberapay: matrixdotorg
 custom: https://paypal.me/matrixdotorg
--- a/.github/ISSUE_TEMPLATE.md
+++ b/.github/ISSUE_TEMPLATE.md
@@ -1,5 +0,0 @@
 **If you are looking for support** please ask in **#synapse:matrix.org**
 (using a matrix.org account if necessary). We do not use GitHub issues for
 support.
 **If you want to report a security issue** please see https://matrix.org/security-disclosure-policy/
--- a/.github/ISSUE_TEMPLATE/BUG_REPORT.md
+++ b/.github/ISSUE_TEMPLATE/BUG_REPORT.md
@@ -1,72 +0,0 @@
 ---
 name: Bug report
 about: Create a report to help us improve
 ---
 <!--
 **THIS IS NOT A SUPPORT CHANNEL!**
 **IF YOU HAVE SUPPORT QUESTIONS ABOUT RUNNING OR CONFIGURING YOUR OWN HOME SERVER**,
 please ask in **#synapse:matrix.org** (using a matrix.org account if necessary)
 If you want to report a security issue, please see https://matrix.org/security-disclosure-policy/
 This is a bug report template. By following the instructions below and
 filling out the sections with your information, you will help the us to get all
 the necessary data to fix your issue.
 You can also preview your report before submitting it. You may remove sections
 that aren't relevant to your particular case.
 Text between <!-- and --> marks will be invisible in the report.
 -->
 ### Description
 <!-- Describe here the problem that you are experiencing -->
 ### Steps to reproduce
 - list the steps
 - that reproduce the bug
 - using hyphens as bullet points
 <!--
 Describe how what happens differs from what you expected.
 If you can identify any relevant log snippets from _homeserver.log_, please include
 those (please be careful to remove any personal or private data). Please surround them with
 ``` (three backticks, on a line on their own), so that they are formatted legibly.
 -->
 ### Version information
 <!-- IMPORTANT: please answer the following questions, to help us narrow down the problem -->
 <!-- Was this issue identified on matrix.org or another homeserver? -->
 - **Homeserver**:
 If not matrix.org:
 <!--
 What version of Synapse is running?
 You can find the Synapse version with this command:
 $ curl http://localhost:8008/_synapse/admin/v1/server_version
 (You may need to replace `localhost:8008` if Synapse is not configured to
 listen on that port.)
 -->
 - **Version**:
 - **Install method**:
 <!-- examples: package manager/git clone/pip  -->
 - **Platform**:
 <!--
 Tell us about the environment in which your homeserver is operating
 distro, hardware, if it's running in a vm/container, etc.
 -->
--- a/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
+++ b/.github/ISSUE_TEMPLATE/FEATURE_REQUEST.md
@@ -1,9 +0,0 @@
 ---
 name: Feature request
 about: Suggest an idea for this project
 ---
 **Description:**
 <!-- Describe here the feature you are requesting. -->
--- a/.github/ISSUE_TEMPLATE/SUPPORT_REQUEST.md
+++ b/.github/ISSUE_TEMPLATE/SUPPORT_REQUEST.md
@@ -1,10 +0,0 @@
 ---
 name: Support request
 about: I need support for Synapse
 ---
 Please don't file github issues asking for support.
 Instead, please join [`#synapse:matrix.org`](https://matrix.to/#/#synapse:matrix.org)
 (from a matrix.org account if necessary), and ask there.
--- a/.github/PULL_REQUEST_TEMPLATE.md
+++ b/.github/PULL_REQUEST_TEMPLATE.md
@@ -1,14 +0,0 @@
 ### Pull Request Checklist
 <!-- Please read https://matrix-org.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request -->
 * [ ] Pull request is based on the develop branch
 * [ ] Pull request includes a [changelog file](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should:
  - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
  - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
 * [ ] Pull request includes a [sign off](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html#sign-off)
 * [ ] [Code style](https://matrix-org.github.io/synapse/latest/code_style.html) is correct
  (run the [linters](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
--- a/.github/SUPPORT.md
+++ b/.github/SUPPORT.md
@@ -1,3 +0,0 @@
 [**#synapse:matrix.org**](https://matrix.to/#/#synapse:matrix.org) is the official support room for
 Synapse, and can be accessed by any client from https://matrix.org/docs/projects/try-matrix-now.html.
 Please ask for support there, rather than filing github issues.
--- a/.github/workflows/docker.yml
+++ b/.github/workflows/docker.yml
@@ -1,57 +0,0 @@
 # GitHub actions workflow which builds and publishes the docker images.
 name: Build docker images
 on:
  push:
    tags: ["v*"]
    branches: [ master, main, develop ]
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  build:
    runs-on: ubuntu-latest
    steps:
      - name: Set up QEMU
        id: qemu
        uses: docker/setup-qemu-action@v1
        with:
          platforms: arm64
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v1
      - name: Inspect builder
        run: docker buildx inspect
      - name: Log in to DockerHub
        uses: docker/login-action@v1
        with:
          username: ${{ secrets.DOCKERHUB_USERNAME }}
          password: ${{ secrets.DOCKERHUB_TOKEN }}
      - name: Calculate docker image tag
        id: set-tag
        uses: docker/metadata-action@master
        with:
          images: matrixdotorg/synapse
          flavor: |
            latest=false
          tags: |
            type=raw,value=develop,enable=${{ github.ref == 'refs/heads/develop' }}
            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/master' }}
            type=raw,value=latest,enable=${{ github.ref == 'refs/heads/main' }}
            type=pep440,pattern={{raw}}
      - name: Build and push all platforms
        uses: docker/build-push-action@v2
        with:
          push: true
          labels: "gitsha1=${{ github.sha }}"
          tags: "${{ steps.set-tag.outputs.tags }}"
          file: "docker/Dockerfile"
          platforms: linux/amd64,linux/arm64
--- a/.github/workflows/docs.yaml
+++ b/.github/workflows/docs.yaml
@@ -1,65 +0,0 @@
 name: Deploy the documentation
 on:
  push:
    branches:
      # For bleeding-edge documentation
      - develop
      # For documentation specific to a release
      - 'release-v*'
      # stable docs
      - master
  workflow_dispatch:
 jobs:
  pages:
    name: GitHub Pages
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Setup mdbook
        uses: peaceiris/actions-mdbook@4b5ef36b314c2599664ca107bb8c02412548d79d # v1.1.14
        with:
          mdbook-version: '0.4.17'
      - name: Build the documentation
        # mdbook will only create an index.html if we're including docs/README.md in SUMMARY.md.
        # However, we're using docs/README.md for other purposes and need to pick a new page
        # as the default. Let's opt for the welcome page instead.
        run: |
          mdbook build
          cp book/welcome_and_overview.html book/index.html
      # Figure out the target directory.
      #
      # The target directory depends on the name of the branch
      #
      - name: Get the target directory name
        id: vars
        run: |
          # first strip the 'refs/heads/' prefix with some shell foo
          branch="${GITHUB_REF#refs/heads/}"
          case $branch in
              release-*)
                  # strip 'release-' from the name for release branches.
                  branch="${branch#release-}"
                  ;;
              master)
                  # deploy to "latest" for the master branch.
                  branch="latest"
                  ;;
          esac
          # finally, set the 'branch-version' var.
          echo "::set-output name=branch-version::$branch"
      # Deploy to the target directory.
      - name: Deploy to gh pages
        uses: peaceiris/actions-gh-pages@068dc23d9710f1ba62e86896f84735d869951305 # v3.8.0
        with:
          github_token: ${{ secrets.GITHUB_TOKEN }}
          publish_dir: ./book
          destination_dir: ./${{ steps.vars.outputs.branch-version }}
--- a/.github/workflows/latest_deps.yml
+++ b/.github/workflows/latest_deps.yml
@@ -1,159 +0,0 @@
 # People who are freshly `pip install`ing from PyPI will pull in the latest versions of
 # dependencies which match the broad requirements. Since most CI runs are against
 # the locked poetry environment, run specifically against the latest dependencies to
 # know if there's an upcoming breaking change.
 #
 # As an overview this workflow:
 # - checks out develop,
 # - installs from source, pulling in the dependencies like a fresh `pip install` would, and 
 # - runs mypy and test suites in that checkout.
 #
 # Based on the twisted trunk CI job.
 name: Latest dependencies
 on:
  schedule:
    - cron: 0 7 * * *
  workflow_dispatch:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  mypy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      # The dev dependencies aren't exposed in the wheel metadata (at least with current
      # poetry-core versions), so we install with poetry.
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: "3.x"
          poetry-version: "1.2.0b1"
          extras: "all"
      # Dump installed versions for debugging.
      - run: poetry run pip list > before.txt
      # Upgrade all runtime dependencies only. This is intended to mimic a fresh
      # `pip install matrix-synapse[all]` as closely as possible.
      - run: poetry update --no-dev
      - run: poetry run pip list > after.txt && (diff -u before.txt after.txt || true)
      - name: Remove warn_unused_ignores from mypy config
        run: sed '/warn_unused_ignores = True/d' -i mypy.ini
      - run: poetry run mypy
  trial:
    runs-on: ubuntu-latest
    strategy:
      matrix:
        include:
          - database: "sqlite"
          - database: "postgres"
            postgres-version: "14"
    steps:
      - uses: actions/checkout@v2
      - run: sudo apt-get -qq install xmlsec1
      - name: Set up PostgreSQL ${{ matrix.postgres-version }}
        if: ${{ matrix.postgres-version }}
        run: |
          docker run -d -p 5432:5432 \
            -e POSTGRES_PASSWORD=postgres \
            -e POSTGRES_INITDB_ARGS="--lc-collate C --lc-ctype C --encoding UTF8" \
            postgres:${{ matrix.postgres-version }}
      - uses: actions/setup-python@v2
        with:
          python-version: "3.x"
      - run: pip install .[all,test]
      - name: Await PostgreSQL
        if: ${{ matrix.postgres-version }}
        timeout-minutes: 2
        run: until pg_isready -h localhost; do sleep 1; done
      - run: python -m twisted.trial --jobs=2 tests
        env:
          SYNAPSE_POSTGRES: ${{ matrix.database == 'postgres' || '' }}
          SYNAPSE_POSTGRES_HOST: localhost
          SYNAPSE_POSTGRES_USER: postgres
          SYNAPSE_POSTGRES_PASSWORD: postgres
      - name: Dump logs
        # Logs are most useful when the command fails, always include them.
        if: ${{ always() }}
        # Note: Dumps to workflow logs instead of using actions/upload-artifact
        #       This keeps logs colocated with failing jobs
        #       It also ignores find's exit code; this is a best effort affair
        run: >-
          find _trial_temp -name '*.log'
          -exec echo "::group::{}" \;
          -exec cat {} \;
          -exec echo "::endgroup::" \;
          || true
  sytest:
    runs-on: ubuntu-latest
    container:
      image: matrixdotorg/sytest-synapse:testing
      volumes:
        - ${{ github.workspace }}:/src
    strategy:
      fail-fast: false
      matrix:
        include:
          - sytest-tag: focal
          - sytest-tag: focal
            postgres: postgres
            workers: workers
            redis: redis
    env:
      POSTGRES: ${{ matrix.postgres && 1}}
      WORKERS: ${{ matrix.workers && 1 }}
      REDIS: ${{ matrix.redis && 1 }}
      BLACKLIST: ${{ matrix.workers && 'synapse-blacklist-with-workers' }}
    steps:
      - uses: actions/checkout@v2
      - name: Ensure sytest runs `pip install`
        # Delete the lockfile so sytest will `pip install` rather than `poetry install`
        run: rm /src/poetry.lock
        working-directory: /src
      - name: Prepare test blacklist
        run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers
      - name: Run SyTest
        run: /bootstrap.sh synapse
        working-directory: /src
      - name: Summarise results.tap
        if: ${{ always() }}
        run: /sytest/scripts/tap_to_gha.pl /logs/results.tap
      - name: Upload SyTest logs
        uses: actions/upload-artifact@v2
        if: ${{ always() }}
        with:
          name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.*, ', ') }})
          path: |
            /logs/results.tap
            /logs/**/*.log*
  # TODO: run complement (as with twisted trunk, see #12473).
  # open an issue if the build fails, so we know about it.
  open-issue:
    if: failure()
    needs:
      # TODO: should mypy be included here? It feels more brittle than the other two.
      - mypy
      - trial
      - sytest
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: JasonEtco/create-an-issue@5d9504915f79f9cc6d791934b8ef34f2353dd74d # v2.5.0, 2020-12-06
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          update_existing: true
          filename: .ci/latest_deps_build_failed_issue_template.md
--- a/.github/workflows/release-artifacts.yml
+++ b/.github/workflows/release-artifacts.yml
@@ -1,121 +0,0 @@
 # GitHub actions workflow which builds the release artifacts.
 name: Build release artifacts
 on:
  # we build on PRs and develop to (hopefully) get early warning
  # of things breaking (but only build one set of debs)
  pull_request:
  push:
    branches: ["develop", "release-*"]
    # we do the full build on tags.
    tags: ["v*"]
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 permissions:
  contents: write
 jobs:
  get-distros:
    name: "Calculate list of debian distros"
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-python@v2
      - id: set-distros
        run: |
          # if we're running from a tag, get the full list of distros; otherwise just use debian:sid
          dists='["debian:sid"]'
          if [[ $GITHUB_REF == refs/tags/* ]]; then
              dists=$(scripts-dev/build_debian_packages.py --show-dists-json)
          fi
          echo "::set-output name=distros::$dists"
    # map the step outputs to job outputs
    outputs:
      distros: ${{ steps.set-distros.outputs.distros }}
  # now build the packages with a matrix build.
  build-debs:
    needs: get-distros
    name: "Build .deb packages"
    runs-on: ubuntu-latest
    strategy:
      matrix:
        distro: ${{ fromJson(needs.get-distros.outputs.distros) }}
    steps:
      - name: Checkout
        uses: actions/checkout@v2
        with:
          path: src
      - name: Set up Docker Buildx
        id: buildx
        uses: docker/setup-buildx-action@v1
        with:
          install: true
      - name: Set up docker layer caching
        uses: actions/cache@v2
        with:
          path: /tmp/.buildx-cache
          key: ${{ runner.os }}-buildx-${{ github.sha }}
          restore-keys: |
            ${{ runner.os }}-buildx-
      - name: Set up python
        uses: actions/setup-python@v2
      - name: Build the packages
        # see https://github.com/docker/build-push-action/issues/252
        # for the cache magic here
        run: |
          ./src/scripts-dev/build_debian_packages.py \
            --docker-build-arg=--cache-from=type=local,src=/tmp/.buildx-cache \
            --docker-build-arg=--cache-to=type=local,mode=max,dest=/tmp/.buildx-cache-new \
            --docker-build-arg=--progress=plain \
            --docker-build-arg=--load \
            "${{ matrix.distro }}"
          rm -rf /tmp/.buildx-cache
          mv /tmp/.buildx-cache-new /tmp/.buildx-cache
      - name: Upload debs as artifacts
        uses: actions/upload-artifact@v2
        with:
          name: debs
          path: debs/*
  build-sdist:
    name: "Build pypi distribution files"
    uses: "matrix-org/backend-meta/.github/workflows/packaging.yml@v1"
  # if it's a tag, create a release and attach the artifacts to it
  attach-assets:
    name: "Attach assets to release"
    if: ${{ !failure() && !cancelled() && startsWith(github.ref, 'refs/tags/') }}
    needs:
      - build-debs
      - build-sdist
    runs-on: ubuntu-latest
    steps:
      - name: Download all workflow run artifacts
        uses: actions/download-artifact@v2
      - name: Build a tarball for the debs
        run: tar -cvJf debs.tar.xz debs
      - name: Attach to release
        uses: softprops/action-gh-release@a929a66f232c1b11af63782948aa2210f981808a  # PR#109
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          files: |
            Sdist/*
            Wheel/*
            debs.tar.xz
          # if it's not already published, keep the release as a draft.
          draft: true
          # mark it as a prerelease if the tag contains 'rc'.
          prerelease: ${{ contains(github.ref, 'rc') }}
--- a/.github/workflows/tests.yml
+++ b/.github/workflows/tests.yml
@@ -1,385 +0,0 @@
 name: Tests
 on:
  push:
    branches: ["develop", "release-*"]
  pull_request:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  check-sampleconfig:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: actions/setup-python@v2
      - run: pip install .
      - run: scripts-dev/generate_sample_config.sh --check
      - run: scripts-dev/config-lint.sh
  lint:
    uses: "matrix-org/backend-meta/.github/workflows/python-poetry-ci.yml@v1"
    with:
      typechecking-extras: "all"
  lint-crlf:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Check line endings
        run: scripts-dev/check_line_terminators.sh
  lint-newsfile:
    if: ${{ github.base_ref == 'develop'  || contains(github.base_ref, 'release-') }}
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
        with:
          ref: ${{ github.event.pull_request.head.sha }}
          fetch-depth: 0
      - uses: actions/setup-python@v2
      - run: "pip install 'towncrier>=18.6.0rc1'"
      - run: scripts-dev/check-newsfragment.sh
        env:
          PULL_REQUEST_NUMBER: ${{ github.event.number }}
  # Dummy step to gate other tests on without repeating the whole list
  linting-done:
    if: ${{ !cancelled() }} # Run this even if prior jobs were skipped
    needs: [lint, lint-crlf, lint-newsfile, check-sampleconfig]
    runs-on: ubuntu-latest
    steps:
      - run: "true"
  trial:
    if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail
    needs: linting-done
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["3.7", "3.8", "3.9", "3.10"]
        database: ["sqlite"]
        extras: ["all"]
        include:
          # Newest Python without optional deps
          - python-version: "3.10"
            extras: ""
          # Oldest Python with PostgreSQL
          - python-version: "3.7"
            database: "postgres"
            postgres-version: "10"
            extras: "all"
          # Newest Python with newest PostgreSQL
          - python-version: "3.10"
            database: "postgres"
            postgres-version: "14"
            extras: "all"
    steps:
      - uses: actions/checkout@v2
      - run: sudo apt-get -qq install xmlsec1
      - name: Set up PostgreSQL ${{ matrix.postgres-version }}
        if: ${{ matrix.postgres-version }}
        run: |
          docker run -d -p 5432:5432 \
            -e POSTGRES_PASSWORD=postgres \
            -e POSTGRES_INITDB_ARGS="--lc-collate C --lc-ctype C --encoding UTF8" \
            postgres:${{ matrix.postgres-version }}
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: ${{ matrix.python-version }}
          extras: ${{ matrix.extras }}
      - name: Await PostgreSQL
        if: ${{ matrix.postgres-version }}
        timeout-minutes: 2
        run: until pg_isready -h localhost; do sleep 1; done
      - run: poetry run trial --jobs=2 tests
        env:
          SYNAPSE_POSTGRES: ${{ matrix.database == 'postgres' || '' }}
          SYNAPSE_POSTGRES_HOST: localhost
          SYNAPSE_POSTGRES_USER: postgres
          SYNAPSE_POSTGRES_PASSWORD: postgres
      - name: Dump logs
        # Logs are most useful when the command fails, always include them.
        if: ${{ always() }}
        # Note: Dumps to workflow logs instead of using actions/upload-artifact
        #       This keeps logs colocated with failing jobs
        #       It also ignores find's exit code; this is a best effort affair
        run: >-
          find _trial_temp -name '*.log'
          -exec echo "::group::{}" \;
          -exec cat {} \;
          -exec echo "::endgroup::" \;
          || true
  trial-olddeps:
    # Note: sqlite only; no postgres
    if: ${{ !cancelled() && !failure() }} # Allow previous steps to be skipped, but not fail
    needs: linting-done
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - name: Test with old deps
        uses: docker://ubuntu:focal # For old python and sqlite
        # Note: focal seems to be using 3.8, but the oldest is 3.7?
        # See https://github.com/matrix-org/synapse/issues/12343
        with:
          workdir: /github/workspace
          entrypoint: .ci/scripts/test_old_deps.sh
      - name: Dump logs
        # Logs are most useful when the command fails, always include them.
        if: ${{ always() }}
        # Note: Dumps to workflow logs instead of using actions/upload-artifact
        #       This keeps logs colocated with failing jobs
        #       It also ignores find's exit code; this is a best effort affair
        run: >-
          find _trial_temp -name '*.log'
          -exec echo "::group::{}" \;
          -exec cat {} \;
          -exec echo "::endgroup::" \;
          || true
  trial-pypy:
    # Very slow; only run if the branch name includes 'pypy'
    # Note: sqlite only; no postgres. Completely untested since poetry move.
    if: ${{ contains(github.ref, 'pypy') && !failure() && !cancelled() }}
    needs: linting-done
    runs-on: ubuntu-latest
    strategy:
      matrix:
        python-version: ["pypy-3.7"]
        extras: ["all"]
    steps:
      - uses: actions/checkout@v2
      # Install libs necessary for PyPy to build binary wheels for dependencies
      - run: sudo apt-get -qq install xmlsec1 libxml2-dev libxslt-dev
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: ${{ matrix.python-version }}
          extras: ${{ matrix.extras }}
      - run: poetry run trial --jobs=2 tests
      - name: Dump logs
        # Logs are most useful when the command fails, always include them.
        if: ${{ always() }}
        # Note: Dumps to workflow logs instead of using actions/upload-artifact
        #       This keeps logs colocated with failing jobs
        #       It also ignores find's exit code; this is a best effort affair
        run: >-
          find _trial_temp -name '*.log'
          -exec echo "::group::{}" \;
          -exec cat {} \;
          -exec echo "::endgroup::" \;
          || true
  sytest:
    if: ${{ !failure() && !cancelled() }}
    needs: linting-done
    runs-on: ubuntu-latest
    container:
      image: matrixdotorg/sytest-synapse:${{ matrix.sytest-tag }}
      volumes:
        - ${{ github.workspace }}:/src
      env:
        SYTEST_BRANCH: ${{ github.head_ref }}
        POSTGRES: ${{ matrix.postgres && 1}}
        MULTI_POSTGRES: ${{ (matrix.postgres == 'multi-postgres') && 1}}
        WORKERS: ${{ matrix.workers && 1 }}
        REDIS: ${{ matrix.redis && 1 }}
        BLACKLIST: ${{ matrix.workers && 'synapse-blacklist-with-workers' }}
        TOP: ${{ github.workspace }}
    strategy:
      fail-fast: false
      matrix:
        include:
          - sytest-tag: focal
          - sytest-tag: focal
            postgres: postgres
          - sytest-tag: testing
            postgres: postgres
          - sytest-tag: focal
            postgres: multi-postgres
            workers: workers
          - sytest-tag: buster
            postgres: multi-postgres
            workers: workers
          - sytest-tag: buster
            postgres: postgres
            workers: workers
            redis: redis
    steps:
      - uses: actions/checkout@v2
      - name: Prepare test blacklist
        run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers
      - name: Run SyTest
        run: /bootstrap.sh synapse
        working-directory: /src
      - name: Summarise results.tap
        if: ${{ always() }}
        run: /sytest/scripts/tap_to_gha.pl /logs/results.tap
      - name: Upload SyTest logs
        uses: actions/upload-artifact@v2
        if: ${{ always() }}
        with:
          name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.*, ', ') }})
          path: |
            /logs/results.tap
            /logs/**/*.log*
  export-data:
    if: ${{ !failure() && !cancelled() }} # Allow previous steps to be skipped, but not fail
    needs: [linting-done, portdb]
    runs-on: ubuntu-latest
    env:
      TOP: ${{ github.workspace }}
    services:
      postgres:
        image: postgres
        ports:
          - 5432:5432
        env:
          POSTGRES_PASSWORD: "postgres"
          POSTGRES_INITDB_ARGS: "--lc-collate C --lc-ctype C --encoding UTF8"
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v2
      - run: sudo apt-get -qq install xmlsec1
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: ${{ matrix.python-version }}
          extras: "postgres"
      - run: .ci/scripts/test_export_data_command.sh
  portdb:
    if: ${{ !failure() && !cancelled() }} # Allow previous steps to be skipped, but not fail
    needs: linting-done
    runs-on: ubuntu-latest
    env:
      TOP: ${{ github.workspace }}
    strategy:
      matrix:
        include:
          - python-version: "3.7"
            postgres-version: "10"
          - python-version: "3.10"
            postgres-version: "14"
    services:
      postgres:
        image: postgres:${{ matrix.postgres-version }}
        ports:
          - 5432:5432
        env:
          POSTGRES_PASSWORD: "postgres"
          POSTGRES_INITDB_ARGS: "--lc-collate C --lc-ctype C --encoding UTF8"
        options: >-
          --health-cmd pg_isready
          --health-interval 10s
          --health-timeout 5s
          --health-retries 5
    steps:
      - uses: actions/checkout@v2
      - run: sudo apt-get -qq install xmlsec1
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: ${{ matrix.python-version }}
          extras: "postgres"
      - run: .ci/scripts/test_synapse_port_db.sh
  complement:
    if: ${{ !failure() && !cancelled() }}
    needs: linting-done
    runs-on: ubuntu-latest
    steps:
      # The path is set via a file given by $GITHUB_PATH. We need both Go 1.17 and GOPATH on the path to run Complement.
      # See https://docs.github.com/en/actions/using-workflows/workflow-commands-for-github-actions#adding-a-system-path
      - name: "Set Go Version"
        run: |
          # Add Go 1.17 to the PATH: see https://github.com/actions/virtual-environments/blob/main/images/linux/Ubuntu2004-Readme.md#environment-variables-2
          echo "$GOROOT_1_17_X64/bin" >> $GITHUB_PATH
          # Add the Go path to the PATH: We need this so we can call gotestfmt
          echo "~/go/bin" >> $GITHUB_PATH
      - name: "Install Complement Dependencies"
        run: |
          sudo apt-get update && sudo apt-get install -y libolm3 libolm-dev
          go get -v github.com/haveyoudebuggedit/gotestfmt/v2/cmd/gotestfmt@latest
      - name: Run actions/checkout@v2 for synapse
        uses: actions/checkout@v2
        with:
          path: synapse
      # Attempt to check out the same branch of Complement as the PR. If it
      # doesn't exist, fallback to HEAD.
      - name: Checkout complement
        shell: bash
        run: |
          mkdir -p complement
          # Attempt to use the version of complement which best matches the current
          # build. Depending on whether this is a PR or release, etc. we need to
          # use different fallbacks.
          #
          # 1. First check if there's a similarly named branch (GITHUB_HEAD_REF
          #    for pull requests, otherwise GITHUB_REF).
          # 2. Attempt to use the base branch, e.g. when merging into release-vX.Y
          #    (GITHUB_BASE_REF for pull requests).
          # 3. Use the default complement branch ("HEAD").
          for BRANCH_NAME in "$GITHUB_HEAD_REF" "$GITHUB_BASE_REF" "${GITHUB_REF#refs/heads/}" "HEAD"; do
            # Skip empty branch names and merge commits.
            if [[ -z "$BRANCH_NAME" || $BRANCH_NAME =~ ^refs/pull/.* ]]; then
              continue
            fi
            (wget -O - "https://github.com/matrix-org/complement/archive/$BRANCH_NAME.tar.gz" | tar -xz --strip-components=1 -C complement) && break
          done
      - run: |
          set -o pipefail
          COMPLEMENT_DIR=`pwd`/complement synapse/scripts-dev/complement.sh -json 2>&1 | gotestfmt
        shell: bash
        name: Run Complement Tests
  # a job which marks all the other jobs as complete, thus allowing PRs to be merged.
  tests-done:
    if: ${{ always() }}
    needs:
      - check-sampleconfig
      - lint
      - lint-crlf
      - lint-newsfile
      - trial
      - trial-olddeps
      - sytest
      - export-data
      - portdb
      - complement
    runs-on: ubuntu-latest
    steps:
      - uses: matrix-org/done-action@v2
        with:
          needs: ${{ toJSON(needs) }}
          # The newsfile lint may be skipped on non PR builds
          skippable:
            lint-newsfile
--- a/.github/workflows/twisted_trunk.yml
+++ b/.github/workflows/twisted_trunk.yml
@@ -1,116 +0,0 @@
 name: Twisted Trunk
 on:
  schedule:
    - cron: 0 8 * * *
  workflow_dispatch:
 concurrency:
  group: ${{ github.workflow }}-${{ github.ref }}
  cancel-in-progress: true
 jobs:
  mypy:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: "3.x"
          extras: "all"
      - run: |
          poetry remove twisted
          poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk
          poetry install --no-interaction --extras "all test"
      - name: Remove warn_unused_ignores from mypy config
        run: sed '/warn_unused_ignores = True/d' -i mypy.ini
      - run: poetry run mypy
  trial:
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - run: sudo apt-get -qq install xmlsec1
      - uses: matrix-org/setup-python-poetry@v1
        with:
          python-version: "3.x"
          extras: "all test"
      - run: |
          poetry remove twisted
          poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk
          poetry install --no-interaction --extras "all test"
      - run: poetry run trial --jobs 2 tests
      - name: Dump logs
        # Logs are most useful when the command fails, always include them.
        if: ${{ always() }}
        # Note: Dumps to workflow logs instead of using actions/upload-artifact
        #       This keeps logs colocated with failing jobs
        #       It also ignores find's exit code; this is a best effort affair
        run: >-
          find _trial_temp -name '*.log'
          -exec echo "::group::{}" \;
          -exec cat {} \;
          -exec echo "::endgroup::" \;
          || true
  sytest:
    runs-on: ubuntu-latest
    container:
      image: matrixdotorg/sytest-synapse:buster
      volumes:
        - ${{ github.workspace }}:/src
    steps:
      - uses: actions/checkout@v2
      - name: Patch dependencies
        # Note: The poetry commands want to create a virtualenv in /src/.venv/,
        #       but the sytest-synapse container expects it to be in /venv/.
        #       We symlink it before running poetry so that poetry actually
        #       ends up installing to `/venv`.
        run: |
          ln -s -T /venv /src/.venv
          poetry remove twisted
          poetry add --extras tls git+https://github.com/twisted/twisted.git#trunk
          poetry install --no-interaction --extras "all test"
        working-directory: /src
      - name: Run SyTest
        run: /bootstrap.sh synapse
        working-directory: /src
        env:
          # Use offline mode to avoid reinstalling the pinned version of
          # twisted.
          OFFLINE: 1
      - name: Summarise results.tap
        if: ${{ always() }}
        run: /sytest/scripts/tap_to_gha.pl /logs/results.tap
      - name: Upload SyTest logs
        uses: actions/upload-artifact@v2
        if: ${{ always() }}
        with:
          name: Sytest Logs - ${{ job.status }} - (${{ join(matrix.*, ', ') }})
          path: |
            /logs/results.tap
            /logs/**/*.log*
  # open an issue if the build fails, so we know about it.
  open-issue:
    if: failure()
    needs:
      - mypy
      - trial
      - sytest
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v2
      - uses: JasonEtco/create-an-issue@5d9504915f79f9cc6d791934b8ef34f2353dd74d # v2.5.0, 2020-12-06
        env:
          GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
        with:
          update_existing: true
          filename: .ci/twisted_trunk_build_failed_issue_template.md
--- a/.gitignore
+++ b/.gitignore
@@ -1,62 +1,44 @@
-# filename patterns
+*.pyc
 *~
 .*.swp
-.#*
+
 *.deb
 *.egg
 *.egg-info
 *.lock
 *.py[cod]
 *.snap
 *.tac
 _trial_temp/
 _trial_temp*/
 /out
 .DS_Store
-__pycache__/
+_trial_temp/
 logs/
 dbs/
 *.egg
 dist/
 docs/build/
 *.egg-info
-# We do want the poetry lockfile.
+cmdclient_config.json
-!poetry.lock
+homeserver*.db
 homeserver*.log
 homeserver*.pid
 homeserver*.yaml
-# stuff that is likely to exist when you run a server locally
+*.signing.key
-/*.db
+*.tls.crt
-/*.log
+*.tls.dh
-/*.log.*
+*.tls.key
 /*.log.config
 /*.pid
 /.python-version
 /*.signing.key
 /env/
 /.venv*/
 /homeserver*.yaml
 /logs
 /media_store/
 /uploads
-# For direnv users
+.coverage
-/.envrc
+htmlcov
-# IDEs
+demo/*.db
-/.idea/
+demo/*.log
-/.ropeproject/
+demo/*.log.*
-/.vscode/
+demo/*.pid
 demo/media_store.*
 demo/etc
-# build products
+uploads
 !/.coveragerc
 /.coverage*
 /.mypy_cache/
 /.tox
 /.tox-pg-container
 /build/
 /coverage.*
 /dist/
 /docs/build/
 /htmlcov
 /pip-wheel-metadata/
-# docs
+.idea/
-book/
+media_store/
-# complement
+*.tac
-/complement-*
+
-/master.tar.gz
+build/
 localhost-800*/
 static/client/register/register_config.js
--- a/AUTHORS.rst
+++ b/AUTHORS.rst
@@ -1,51 +0,0 @@
 The following is an incomplete list of people outside the core team who have
 contributed to Synapse. It is no longer maintained: more recent contributions
 are listed in the `changelog <CHANGES.md>`_.
 ----
 Turned to Dust <dwinslow86 at gmail.com>
 * ArchLinux installation instructions
 Brabo <brabo at riseup.net>
 * Installation instruction fixes
 Ivan Shapovalov <intelfx100 at gmail.com>
 * contrib/systemd: a sample systemd unit file and a logger configuration
 Eric Myhre <hash at exultant.us>
 * Fix bug where ``media_store_path`` config option was ignored by v0 content
   repository API.
 Muthu Subramanian <muthu.subramanian.karunanidhi at ericsson.com>
 * Add SAML2 support for registration and login.
 Steven Hammerton <steven.hammerton at openmarket.com>
 * Add CAS support for registration and login.
 Mads Robin Christensen <mads at v42 dot dk>
 * CentOS 7 installation instructions.
 Florent Violleau <floviolleau at gmail dot com>
 * Add Raspberry Pi installation instructions and general troubleshooting items
 Niklas Riekenbrauck <nikriek at gmail dot.com>
 * Add JWT support for registration and login
 Christoph Witzany <christoph at web.crofting.com>
 * Add LDAP support for authentication
 Pierre Jaury <pierre at jaury.eu>
 * Docker packaging
 Serban Constantin <serban.constantin at gmail dot com>
 * Small bug fix
 Joseph Weston <joseph at weston.cloud>
 * Add admin API for querying HS version
 Benjamin Saunders <ben.e.saunders at gmail dot com>
 * Documentation improvements
 Werner Sembach <werner.sembach at fau dot de>
 * Automatically remove a group/community when it is empty
--- a/CHANGES.md
+++ b/CHANGES.md
--- a/CHANGES.rst
+++ b/CHANGES.rst
@@ -0,0 +1,449 @@
 Changes in synapse v0.8.0 (2015-03-06)
 ======================================
 General:
 * Add support for registration fallback. This is a page hosted on the server
  which allows a user to register for an account, regardless of what client
  they are using (e.g. mobile devices).
 * Added new default push rules and made them configurable by clients:
  * Suppress all notice messages.
  * Notify when invited to a new room.
  * Notify for messages that don't match any rule.
  * Notify on incoming call.
 Federation:
 * Added per host server side rate-limiting of incoming federation requests.
 * Added a ``/get_missing_events/`` API to federation to reduce number of
  ``/events/`` requests.
 Configuration:
 * Added configuration option to disable registration:
  ``disable_registration``.
 * Added configuration option to change soft limit of number of open file
  descriptors: ``soft_file_limit``.
 * Make ``tls_private_key_path`` optional when running with ``no_tls``.
 Application services:
 * Application services can now poll on the CS API ``/events`` for their events,
  by providing their application service ``access_token``.
 * Added exclusive namespace support to application services API.
 Changes in synapse v0.7.1 (2015-02-19)
 ======================================
 * Initial alpha implementation of parts of the Application Services API.
  Including:
  - AS Registration / Unregistration
  - User Query API
  - Room Alias Query API
  - Push transport for receiving events.
  - User/Alias namespace admin control
 * Add cache when fetching events from remote servers to stop repeatedly
  fetching events with bad signatures.
 * Respect the per remote server retry scheme when fetching both events and
  server keys to reduce the number of times we send requests to dead servers.
 * Inform remote servers when the local server fails to handle a received event.
 * Turn off python bytecode generation due to problems experienced when
  upgrading from previous versions.
 Changes in synapse v0.7.0 (2015-02-12)
 ======================================
 * Add initial implementation of the query auth federation API, allowing
  servers to agree on whether an event should be allowed or rejected.
 * Persist events we have rejected from federation, fixing the bug where
  servers would keep requesting the same events.
 * Various federation performance improvements, including:
  - Add in memory caches on queries such as:
     * Computing the state of a room at a point in time, used for
       authorization on federation requests.
     * Fetching events from the database.
     * User's room membership, used for authorizing presence updates.
  - Upgraded JSON library to improve parsing and serialisation speeds.
 * Add default avatars to new user accounts using pydenticon library.
 * Correctly time out federation requests.
 * Retry federation requests against different servers.
 * Add support for push and push rules.
 * Add alpha versions of proposed new CSv2 APIs, including ``/sync`` API.
 Changes in synapse 0.6.1 (2015-01-07)
 =====================================
 * Major optimizations to improve performance of initial sync and event sending
  in large rooms (by up to 10x)
 * Media repository now includes a Content-Length header on media downloads.
 * Improve quality of thumbnails by changing resizing algorithm.
 Changes in synapse 0.6.0 (2014-12-16)
 =====================================
 * Add new API for media upload and download that supports thumbnailing.
 * Replicate media uploads over multiple homeservers so media is always served
  to clients from their local homeserver.  This obsoletes the
  --content-addr parameter and confusion over accessing content directly
  from remote homeservers.
 * Implement exponential backoff when retrying federation requests when
  sending to remote homeservers which are offline.
 * Implement typing notifications.
 * Fix bugs where we sent events with invalid signatures due to bugs where
  we incorrectly persisted events.
 * Improve performance of database queries involving retrieving events.
 Changes in synapse 0.5.4a (2014-12-13)
 ======================================
 * Fix bug while generating the error message when a file path specified in
  the config doesn't exist.
 Changes in synapse 0.5.4 (2014-12-03)
 =====================================
 * Fix presence bug where some rooms did not display presence updates for
  remote users.
 * Do not log SQL timing log lines when started with "-v"
 * Fix potential memory leak.
 Changes in synapse 0.5.3c (2014-12-02)
 ======================================
 * Change the default value for the `content_addr` option to use the HTTP
  listener, as by default the HTTPS listener will be using a self-signed
  certificate.
 Changes in synapse 0.5.3 (2014-11-27)
 =====================================
 * Fix bug that caused joining a remote room to fail if a single event was not
  signed correctly.
 * Fix bug which caused servers to continuously try and fetch events from other
  servers.
 Changes in synapse 0.5.2 (2014-11-26)
 =====================================
 Fix major bug that caused rooms to disappear from peoples initial sync.
 Changes in synapse 0.5.1 (2014-11-26)
 =====================================
 See UPGRADES.rst for specific instructions on how to upgrade.
 * Fix bug where we served up an Event that did not match its signatures.
 * Fix regression where we no longer correctly handled the case where a
   homeserver receives an event for a room it doesn't recognise (but is in.)
 Changes in synapse 0.5.0 (2014-11-19)
 =====================================
 This release includes changes to the federation protocol and client-server API
 that is not backwards compatible.
 This release also changes the internal database schemas and so requires servers to
 drop their current history. See UPGRADES.rst for details.
 Homeserver:
 * Add authentication and authorization to the federation protocol. Events are
   now signed by their originating homeservers.
 * Implement the new authorization model for rooms.
 * Split out web client into a seperate repository: matrix-angular-sdk.
 * Change the structure of PDUs.
 * Fix bug where user could not join rooms via an alias containing 4-byte
   UTF-8 characters.
 * Merge concept of PDUs and Events internally.
 * Improve logging by adding request ids to log lines.
 * Implement a very basic room initial sync API.
 * Implement the new invite/join federation APIs.
 Webclient:
 * The webclient has been moved to a seperate repository.
 Changes in synapse 0.4.2 (2014-10-31)
 =====================================
 Homeserver:
 * Fix bugs where we did not notify users of correct presence updates.
 * Fix bug where we did not handle sub second event stream timeouts.
 Webclient:
 * Add ability to click on messages to see JSON.
 * Add ability to redact messages.
 * Add ability to view and edit all room state JSON.
 * Handle incoming redactions.
 * Improve feedback on errors.
 * Fix bugs in mobile CSS.
 * Fix bugs with desktop notifications.
 Changes in synapse 0.4.1 (2014-10-17)
 =====================================
 Webclient:
 * Fix bug with display of timestamps.
 Changes in synpase 0.4.0 (2014-10-17)
 =====================================
 This release includes changes to the federation protocol and client-server API
 that is not backwards compatible.
 The Matrix specification has been moved to a separate git repository:
 http://github.com/matrix-org/matrix-doc
 You will also need an updated syutil and config. See UPGRADES.rst.
 Homeserver:
 * Sign federation transactions to assert strong identity over federation.
 * Rename timestamp keys in PDUs and events from 'ts' and 'hsob_ts' to 'origin_server_ts'.
 Changes in synapse 0.3.4 (2014-09-25)
 =====================================
 This version adds support for using a TURN server. See docs/turn-howto.rst on
 how to set one up.
 Homeserver:
 * Add support for redaction of messages.
 * Fix bug where inviting a user on a remote home server could take up to
   20-30s.
 * Implement a get current room state API.
 * Add support specifying and retrieving turn server configuration.
 Webclient:
 * Add button to send messages to users from the home page.
 * Add support for using TURN for VoIP calls.
 * Show display name change messages.
 * Fix bug where the client didn't get the state of a newly joined room
   until after it has been refreshed.
 * Fix bugs with tab complete.
 * Fix bug where holding down the down arrow caused chrome to chew 100% CPU.
 * Fix bug where desktop notifications occasionally used "Undefined" as the
   display name.
 * Fix more places where we sometimes saw room IDs incorrectly.
 * Fix bug which caused lag when entering text in the text box.
 Changes in synapse 0.3.3 (2014-09-22)
 =====================================
 Homeserver:
 * Fix bug where you continued to get events for rooms you had left.
 Webclient:
 * Add support for video calls with basic UI.
 * Fix bug where one to one chats were named after your display name rather
   than the other person's.
 * Fix bug which caused lag when typing in the textarea.
 * Refuse to run on browsers we know won't work.
 * Trigger pagination when joining new rooms.
 * Fix bug where we sometimes didn't display invitations in recents.
 * Automatically join room when accepting a VoIP call.
 * Disable outgoing and reject incoming calls on browsers we don't support
   VoIP in.
 * Don't display desktop notifications for messages in the room you are
   non-idle and speaking in.
 Changes in synapse 0.3.2 (2014-09-18)
 =====================================
 Webclient:
 * Fix bug where an empty "bing words" list in old accounts didn't send
   notifications when it should have done.
 Changes in synapse 0.3.1 (2014-09-18)
 =====================================
 This is a release to hotfix v0.3.0 to fix two regressions.
 Webclient:
 * Fix a regression where we sometimes displayed duplicate events.
 * Fix a regression where we didn't immediately remove rooms you were
   banned in from the recents list.
 Changes in synapse 0.3.0 (2014-09-18)
 =====================================
 See UPGRADE for information about changes to the client server API, including
 breaking backwards compatibility with VoIP calls and registration API.
 Homeserver:
 * When a user changes their displayname or avatar the server will now update 
   all their join states to reflect this.
 * The server now adds "age" key to events to indicate how old they are. This
   is clock independent, so at no point does any server or webclient have to
   assume their clock is in sync with everyone else.
 * Fix bug where we didn't correctly pull in missing PDUs.
 * Fix bug where prev_content key wasn't always returned.
 * Add support for password resets.
 Webclient:
 * Improve page content loading.
 * Join/parts now trigger desktop notifications.
 * Always show room aliases in the UI if one is present.
 * No longer show user-count in the recents side panel.
 * Add up & down arrow support to the text box for message sending to step
   through your sent history.
 * Don't display notifications for our own messages.
 * Emotes are now formatted correctly in desktop notifications.
 * The recents list now differentiates between public & private rooms.
 * Fix bug where when switching between rooms the pagination flickered before
   the view jumped to the bottom of the screen.
 * Add bing word support.
 Registration API:
 * The registration API has been overhauled to function like the login API. In
   practice, this means registration requests must now include the following:
   'type':'m.login.password'. See UPGRADE for more information on this.
 * The 'user_id' key has been renamed to 'user' to better match the login API.
 * There is an additional login type: 'm.login.email.identity'.
 * The command client and web client have been updated to reflect these changes.
 Changes in synapse 0.2.3 (2014-09-12)
 =====================================
 Homeserver:
 * Fix bug where we stopped sending events to remote home servers if a
   user from that home server left, even if there were some still in the
   room.
 * Fix bugs in the state conflict resolution where it was incorrectly
   rejecting events.
 Webclient:
 * Display room names and topics.
 * Allow setting/editing of room names and topics.
 * Display information about rooms on the main page.
 * Handle ban and kick events in real time.
 * VoIP UI and reliability improvements.
 * Add glare support for VoIP.
 * Improvements to initial startup speed.
 * Don't display duplicate join events.
 * Local echo of messages.
 * Differentiate sending and sent of local echo.
 * Various minor bug fixes.
 Changes in synapse 0.2.2 (2014-09-06)
 =====================================
 Homeserver:
 * When the server returns state events it now also includes the previous 
   content.
 * Add support for inviting people when creating a new room.
 * Make the homeserver inform the room via `m.room.aliases` when a new alias
   is added for a room.
 * Validate `m.room.power_level` events.
 Webclient:
 * Add support for captchas on registration.
 * Handle `m.room.aliases` events.
 * Asynchronously send messages and show a local echo.
 * Inform the UI when a message failed to send.
 * Only autoscroll on receiving a new message if the user was already at the 
   bottom of the screen.
 * Add support for ban/kick reasons.
 Changes in synapse 0.2.1 (2014-09-03)
 =====================================
 Homeserver:
 * Added support for signing up with a third party id.
 * Add synctl scripts.
 * Added rate limiting.
 * Add option to change the external address the content repo uses.
 * Presence bug fixes.
 Webclient:
 * Added support for signing up with a third party id.
 * Added support for banning and kicking users.
 * Added support for displaying and setting ops.
 * Added support for room names.
 * Fix bugs with room membership event display.
 Changes in synapse 0.2.0 (2014-09-02)
 =====================================
 This update changes many configuration options, updates the
 database schema and mandates SSL for server-server connections.
 Homeserver:
 * Require SSL for server-server connections.
 * Add SSL listener for client-server connections.
 * Add ability to use config files.
 * Add support for kicking/banning and power levels.
 * Allow setting of room names and topics on creation.
 * Change presence to include last seen time of the user.
 * Change url path prefix to /_matrix/...
 * Bug fixes to presence.
 Webclient:
 * Reskin the CSS for registration and login.
 * Various improvements to rooms CSS.
 * Support changes in client-server API.
 * Bug fixes to VOIP UI.
 * Various bug fixes to handling of changes to room member list.
 Changes in synapse 0.1.2 (2014-08-29)
 =====================================
 Webclient:
 * Add basic call state UI for VoIP calls.
 Changes in synapse 0.1.1 (2014-08-29)
 =====================================
 Homeserver:
    * Fix bug that caused the event stream to not notify some clients about
      changes.
 Changes in synapse 0.1.0 (2014-08-29)
 =====================================
 Presence has been reenabled in this release.
 Homeserver:
 * Update client to server API, including:
    - Use a more consistent url scheme.
    - Provide more useful information in the initial sync api.
 * Change the presence handling to be much more efficient.
 * Change the presence server to server API to not require explicit polling of
   all users who share a room with a user.
 * Fix races in the event streaming logic.
 Webclient:
 * Update to use new client to server API.
 * Add basic VOIP support.
 * Add idle timers that change your status to away.
 * Add recent rooms column when viewing a room.
 * Various network efficiency improvements.
 * Add basic mobile browser support.
 * Add a settings page.
 Changes in synapse 0.0.1 (2014-08-22)
 =====================================
 Presence has been disabled in this release due to a bug that caused the
 homeserver to spam other remote homeservers.
 Homeserver:
 * Completely change the database schema to support generic event types.
 * Improve presence reliability.
 * Improve reliability of joining remote rooms.
 * Fix bug where room join events were duplicated.
 * Improve initial sync API to return more information to the client.
 * Stop generating fake messages for room membership events.
 Webclient:
 * Add tab completion of names.
 * Add ability to upload and send images.
 * Add profile pages.
 * Improve CSS layout of room.
 * Disambiguate identical display names.
 * Don't get remote users display names and avatars individually.
 * Use the new initial sync API to reduce number of round trips to the homeserver.
 * Change url scheme to use room aliases instead of room ids where known.
 * Increase longpoll timeout.
 Changes in synapse 0.0.0 (2014-08-13)
 =====================================
 * Initial alpha release
--- a/CONTRIBUTING.md
+++ b/CONTRIBUTING.md
@@ -1,3 +0,0 @@
 # Welcome to Synapse
 Please see the [contributors' guide](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html) in our rendered documentation.
--- a/INSTALL.md
+++ b/INSTALL.md
@@ -1,7 +0,0 @@
 # Installation Instructions
 This document has moved to the
 [Synapse documentation website](https://matrix-org.github.io/synapse/latest/setup/installation.html).
 Please update your links.
 The markdown source is available in [docs/setup/installation.md](docs/setup/installation.md).
--- a/MANIFEST.in
+++ b/MANIFEST.in
@@ -0,0 +1,14 @@
 include synctl
 include LICENSE
 include VERSION
 include *.rst
 include demo/README
 recursive-include synapse/storage/schema *.sql
 recursive-include demo *.dh
 recursive-include demo *.py
 recursive-include demo *.sh
 recursive-include docs *
 recursive-include scripts *
 recursive-include tests *.py
--- a/MAP.rst
+++ b/MAP.rst
@@ -0,0 +1,35 @@
 Directory Structure
 ===================
 Warning: this may be a bit stale...
 ::
    .
    ├── cmdclient           Basic CLI python Matrix client
    ├── demo                Scripts for running standalone Matrix demos
    ├── docs                All doc, including the draft Matrix API spec
    │   ├── client-server       The client-server Matrix API spec
    │   ├── model               Domain-specific elements of the Matrix API spec
    │   ├── server-server       The server-server model of the Matrix API spec
    │   └── sphinx              The internal API doc of the Synapse homeserver
    ├── experiments         Early experiments of using Synapse's internal APIs
    ├── graph               Visualisation of Matrix's distributed message store 
    ├── synapse             The reference Matrix homeserver implementation
    │   ├── api                 Common building blocks for the APIs
    │   │   ├── events              Definition of state representation Events 
    │   │   └── streams             Definition of streamable Event objects
    │   ├── app                 The __main__ entry point for the homeserver
    │   ├── crypto              The PKI client/server used for secure federation
    │   │   └── resource            PKI helper objects (e.g. keys)
    │   ├── federation          Server-server state replication logic
    │   ├── handlers            The main business logic of the homeserver
    │   ├── http                Wrappers around Twisted's HTTP server & client
    │   ├── rest                Servlet-style RESTful API
    │   ├── storage             Persistence subsystem (currently only sqlite3)
    │   │   └── schema              sqlite persistence schema
    │   └── util                Synapse-specific utilities
    ├── tests               Unit tests for the Synapse homeserver
    └── webclient           Basic AngularJS Matrix web client
--- a/README.rst
+++ b/README.rst
@@ -1,9 +1,3 @@
 =========================================================================
 Synapse |support| |development| |documentation| |license| |pypi| |python|
 =========================================================================
 .. contents::
 Introduction
 ============
@@ -11,12 +5,12 @@ Matrix is an ambitious new ecosystem for open federated Instant Messaging and
 VoIP.  The basics you need to know to get up and running are:
 - Everything in Matrix happens in a room.  Rooms are distributed and do not
-  exist on any single server.  Rooms can be located using convenience aliases
+  exist on any single server.  Rooms can be located using convenience aliases 
  like ``#matrix:matrix.org`` or ``#test:localhost:8448``.
 - Matrix user IDs look like ``@matthew:matrix.org`` (although in the future
-  you will normally refer to yourself and others using a third party identifier
+  you will normally refer to yourself and others using a 3PID: email
-  (3PID): email address, phone number, etc rather than manipulating Matrix user IDs)
+  address, phone number, etc rather than manipulating Matrix user IDs)
 The overall architecture is::
@@ -24,10 +18,10 @@ The overall architecture is::
             https://somewhere.org/_matrix      https://elsewhere.net/_matrix
 ``#matrix:matrix.org`` is the official support room for Matrix, and can be
-accessed by any client from https://matrix.org/docs/projects/try-matrix-now.html or
+accessed by the web client at http://matrix.org/alpha or via an IRC bridge at
-via IRC bridge at irc://irc.libera.chat/matrix.
+irc://irc.freenode.net/matrix.
-Synapse is currently in rapid development, but as of version 0.5 we believe it
+Synapse is currently in rapid development, but as of version 0.5 we believe it 
 is sufficiently stable to be run as an internet-facing service for real usage!
 About Matrix
@@ -41,7 +35,7 @@ which handle:
 - Eventually-consistent cryptographically secure synchronisation of room
  state across a global open network of federated servers and services
 - Sending and receiving extensible messages in a room with (optional)
-  end-to-end encryption
+  end-to-end encryption[1]
 - Inviting, joining, leaving, kicking, banning room members
 - Managing user accounts (registration, login, logout)
 - Using 3rd Party IDs (3PIDs) such as email addresses, phone numbers,
@@ -55,432 +49,396 @@ solutions. The hope is for Matrix to act as the building blocks for a new
 generation of fully open and interoperable messaging and VoIP apps for the
 internet.
-Synapse is a Matrix "homeserver" implementation developed by the matrix.org core
+Synapse is a reference "homeserver" implementation of Matrix from the core
-team, written in Python 3/Twisted.
+development team at matrix.org, written in Python/Twisted for clarity and
 simplicity.  It is intended to showcase the concept of Matrix and let folks see
 the spec in the context of a codebase and let you run your own homeserver and
 generally help bootstrap the ecosystem.
 In Matrix, every user runs one or more Matrix clients, which connect through to
-a Matrix homeserver. The homeserver stores all their personal chat history and
+a Matrix homeserver which stores all their personal chat history and user
-user account information - much as a mail client connects through to an
+account information - much as a mail client connects through to an IMAP/SMTP
-IMAP/SMTP server. Just like email, you can either run your own Matrix
+server. Just like email, you can either run your own Matrix homeserver and
-homeserver and control and own your own communications and history or use one
+control and own your own communications and history or use one hosted by
-hosted by someone else (e.g. matrix.org) - there is no single point of control
+someone else (e.g. matrix.org) - there is no single point of control or
-or mandatory service provider in Matrix, unlike WhatsApp, Facebook, Hangouts,
+mandatory service provider in Matrix, unlike WhatsApp, Facebook, Hangouts, etc.
 etc.
-We'd like to invite you to join #matrix:matrix.org (via
+Synapse ships with two basic demo Matrix clients: webclient (a basic group chat
-https://matrix.org/docs/projects/try-matrix-now.html), run a homeserver, take a look
+web client demo implemented in AngularJS) and cmdclient (a basic Python
-at the `Matrix spec <https://matrix.org/docs/spec>`_, and experiment with the
+command line utility which lets you easily see what the JSON APIs are up to).
-`APIs <https://matrix.org/docs/api>`_ and `Client SDKs
+
-<https://matrix.org/docs/projects/try-matrix-now.html#client-sdks>`_.
+Meanwhile, iOS and Android SDKs and clients are currently in development and available from:
 - https://github.com/matrix-org/matrix-ios-sdk
 - https://github.com/matrix-org/matrix-android-sdk
 We'd like to invite you to join #matrix:matrix.org (via http://matrix.org/alpha), run a homeserver, take a look at the Matrix spec at
 http://matrix.org/docs/spec, experiment with the APIs and the demo
 clients, and report any bugs via http://matrix.org/jira.
 Thanks for using Matrix!
-Support
+[1] End-to-end encryption is currently in development
 =======
-For support installing or managing Synapse, please join |room|_ (from a matrix.org
+Homeserver Installation
-account if necessary) and ask questions there. We do not use GitHub issues for
+=======================
 support requests, only for bug reports and feature requests.
-Synapse's documentation is `nicely rendered on GitHub Pages <https://matrix-org.github.io/synapse>`_,
+System requirements:
-with its source available in |docs|_.
+- POSIX-compliant system (tested on Linux & OSX)
 - Python 2.7
-.. |room| replace:: ``#synapse:matrix.org``
+Synapse is written in python but some of the libraries is uses are written in
-.. _room: https://matrix.to/#/#synapse:matrix.org
+C. So before we can install synapse itself we need a working C compiler and the
 header files for python C extensions.
-.. |docs| replace:: ``docs``
+Installing prerequisites on Ubuntu or Debian::
 .. _docs: docs
-Synapse Installation
+    $ sudo apt-get install build-essential python2.7-dev libffi-dev \
-====================
+                           python-pip python-setuptools sqlite3 \
                           libssl-dev python-virtualenv libjpeg-dev
 Installing prerequisites on ArchLinux::
-.. _federation:
+    $ sudo pacman -S base-devel python2 python-pip \
                     python-setuptools python-virtualenv sqlite3
-* For details on how to install synapse, see
+Installing prerequisites on Mac OS X::
  `Installation Instructions <https://matrix-org.github.io/synapse/latest/setup/installation.html>`_.
 * For specific details on how to configure Synapse for federation see `docs/federate.md <docs/federate.md>`_
    $ xcode-select --install
    $ sudo pip install virtualenv
 To install the synapse homeserver run::
-Connecting to Synapse from a client
+    $ virtualenv ~/.synapse
-===================================
+    $ source ~/.synapse/bin/activate
    $ pip install --process-dependency-links https://github.com/matrix-org/synapse/tarball/master
-The easiest way to try out your new Synapse installation is by connecting to it
+This installs synapse, along with the libraries it uses, into a virtual
-from a web client.
+environment under ``~/.synapse``.
-Unless you are running a test instance of Synapse on your local machine, in
+To set up your homeserver, run (in your virtualenv, as before)::
 general, you will need to enable TLS support before you can successfully
 connect from a client: see
 `TLS certificates <https://matrix-org.github.io/synapse/latest/setup/installation.html#tls-certificates>`_.
-An easy way to get started is to login or register via Element at
+    $ cd ~/.synapse
-https://app.element.io/#/login or https://app.element.io/#/register respectively.
+    $ python -m synapse.app.homeserver \
-You will need to change the server you are logging into from ``matrix.org``
+        --server-name machine.my.domain.name \
-and instead specify a Homeserver URL of ``https://<server_name>:8448``
+        --config-path homeserver.yaml \
-(or just ``https://<server_name>`` if you are using a reverse proxy).
+        --generate-config
 If you prefer to use another client, refer to our
 `client breakdown <https://matrix.org/docs/projects/clients-matrix>`_.
-If all goes well you should at least be able to log in, create a room, and
+Substituting your host and domain name as appropriate.
 start sending messages.
-.. _`client-user-reg`:
+For reliable VoIP calls to be routed via this homeserver, you MUST configure
 a TURN server.  See docs/turn-howto.rst for details.
-Registering a new user from a client
+Troubleshooting Installation
------------------------------------
+----------------------------
-By default, registration of new users via Matrix clients is disabled. To enable
+Synapse requires pip 1.7 or later, so if your OS provides too old a version and 
-it, specify ``enable_registration: true`` in ``homeserver.yaml``. (It is then
+you get errors about ``error: no such option: --process-dependency-links`` you 
-recommended to also set up CAPTCHA - see `<docs/CAPTCHA_SETUP.md>`_.)
+may need to manually upgrade it::
-Once ``enable_registration`` is set to ``true``, it is possible to register a
+    $ sudo pip install --upgrade pip
 user via a Matrix client.
-Your new user name will be formed partly from the ``server_name``, and partly
+If pip crashes mid-installation for reason (e.g. lost terminal), pip may
-from a localpart you specify when you create the account. Your name will take
+refuse to run until you remove the temporary installation directory it
-the form of::
+created. To reset the installation::
-    @localpart:my.domain.name
+    $ rm -rf /tmp/pip_install_matrix
-(pronounced "at localpart on my dot domain dot name").
+pip seems to leak *lots* of memory during installation.  For instance, a Linux 
 host with 512MB of RAM may run out of memory whilst installing Twisted.  If this 
 happens, you will have to individually install the dependencies which are 
 failing, e.g.::
-As when logging in, you will need to specify a "Custom server".  Specify your
+    $ pip install twisted
 desired ``localpart`` in the 'User name' box.
-Security note
+On OSX, if you encounter clang: error: unknown argument: '-mno-fused-madd' you
-=============
+will need to export CFLAGS=-Qunused-arguments.
-Matrix serves raw, user-supplied data in some APIs -- specifically the `content
+ArchLinux
-repository endpoints`_.
+---------
-.. _content repository endpoints: https://matrix.org/docs/spec/client_server/latest.html#get-matrix-media-r0-download-servername-mediaid
+Installation on ArchLinux may encounter a few hiccups as Arch defaults to
 python 3, but synapse currently assumes python 2.7 by default.
-Whilst we make a reasonable effort to mitigate against XSS attacks (for
+pip may be outdated (6.0.7-1 and needs to be upgraded to 6.0.8-1 )::
 instance, by using `CSP`_), a Matrix homeserver should not be hosted on a
 domain hosting other web applications. This especially applies to sharing
 the domain with Matrix web clients and other sensitive applications like
 webmail. See
 https://developer.github.com/changes/2014-04-25-user-content-security for more
 information.
-.. _CSP: https://github.com/matrix-org/synapse/pull/1021
+    $ sudo pip2.7 install --upgrade pip
 You also may need to explicitly specify python 2.7 again during the install
 request::
-Ideally, the homeserver should not simply be on a different subdomain, but on
+    $ pip2.7 install --process-dependency-links \
-a completely different `registered domain`_ (also known as top-level site or
+        https://github.com/matrix-org/synapse/tarball/master
-eTLD+1). This is because `some attacks`_ are still possible as long as the two
+    
-applications share the same registered domain.
+If you encounter an error with lib bcrypt causing an Wrong ELF Class:
 ELFCLASS32 (x64 Systems), you may need to reinstall py-bcrypt to correctly
 compile it under the right architecture. (This should not be needed if
 installing under virtualenv)::
-.. _registered domain: https://tools.ietf.org/html/draft-ietf-httpbis-rfc6265bis-03#section-2.3
+    $ sudo pip2.7 uninstall py-bcrypt
    $ sudo pip2.7 install py-bcrypt
 During setup of homeserver you need to call python2.7 directly again::
-.. _some attacks: https://en.wikipedia.org/wiki/Session_fixation#Attacks_using_cross-subdomain_cookie
+    $ cd ~/.synapse
    $ python2.7 -m synapse.app.homeserver \
      --server-name machine.my.domain.name \
      --config-path homeserver.yaml \
      --generate-config
 ...substituting your host and domain name as appropriate.
-To illustrate this with an example, if your Element Web or other sensitive web
+Windows Install
-application is hosted on ``A.example1.com``, you should ideally host Synapse on
+---------------
-``example2.com``. Some amount of protection is offered by hosting on
+Synapse can be installed on Cygwin. It requires the following Cygwin packages:
 ``B.example1.com`` instead, so this is also acceptable in some scenarios.
 However, you should *not* host your Synapse on ``A.example1.com``.
-Note that all of the above refers exclusively to the domain used in Synapse's
+ - gcc
-``public_baseurl`` setting. In particular, it has no bearing on the domain
+ - git
-mentioned in MXIDs hosted on that server.
+ - libffi-devel
 - openssl (and openssl-devel, python-openssl)
 - python
 - python-setuptools
-Following this advice ensures that even if an XSS is found in Synapse, the
+The content repository requires additional packages and will be unable to process
-impact to other applications will be minimal.
+uploads without them:
 - libjpeg8
 - libjpeg8-devel
 - zlib
 If you choose to install Synapse without these packages, you will need to reinstall
 ``pillow`` for changes to be applied, e.g. ``pip uninstall pillow`` ``pip install
 pillow --user``
 Troubleshooting:
-Upgrading an existing Synapse
+- You may need to upgrade ``setuptools`` to get this to work correctly:
-=============================
+  ``pip install setuptools --upgrade``.
 - You may encounter errors indicating that ``ffi.h`` is missing, even with
  ``libffi-devel`` installed. If you do, copy the ``.h`` files:
  ``cp /usr/lib/libffi-3.0.13/include/*.h /usr/include``
 - You may need to install libsodium from source in order to install PyNacl. If
  you do, you may need to create a symlink to ``libsodium.a`` so ``ld`` can find
  it: ``ln -s /usr/local/lib/libsodium.a /usr/lib/libsodium.a``
-The instructions for upgrading synapse are in `the upgrade notes`_.
+Running Your Homeserver
-Please check these instructions as upgrading may require extra steps for some
+=======================
 versions of synapse.
-.. _the upgrade notes: https://matrix-org.github.io/synapse/develop/upgrade.html
+To actually run your new homeserver, pick a working directory for Synapse to run 
 (e.g. ``~/.synapse``), and::
-.. _reverse-proxy:
+    $ cd ~/.synapse
    $ source ./bin/activate
    $ synctl start
-Using a reverse proxy with Synapse
+Troubleshooting Running
-==================================
+-----------------------
-It is recommended to put a reverse proxy such as
+If synapse fails with ``missing "sodium.h"`` crypto errors, you may need 
-`nginx <https://nginx.org/en/docs/http/ngx_http_proxy_module.html>`_,
+to manually upgrade PyNaCL, as synapse uses NaCl (http://nacl.cr.yp.to/) for 
-`Apache <https://httpd.apache.org/docs/current/mod/mod_proxy_http.html>`_,
+encryption and digital signatures.
-`Caddy <https://caddyserver.com/docs/quick-starts/reverse-proxy>`_,
+Unfortunately PyNACL currently has a few issues
-`HAProxy <https://www.haproxy.org/>`_ or
+(https://github.com/pyca/pynacl/issues/53) and
-`relayd <https://man.openbsd.org/relayd.8>`_ in front of Synapse. One advantage of
+(https://github.com/pyca/pynacl/issues/79) that mean it may not install
-doing so is that it means that you can expose the default https port (443) to
+correctly, causing all tests to fail with errors about missing "sodium.h". To
-Matrix clients without needing to run Synapse with root privileges.
+fix try re-installing from PyPI or directly from
 (https://github.com/pyca/pynacl)::
-For information on configuring one, see `<docs/reverse_proxy.md>`_.
+    $ # Install from PyPI
    $ pip install --user --upgrade --force pynacl
    $ # Install from github
    $ pip install --user https://github.com/pyca/pynacl/tarball/master
-Identity Servers
+ArchLinux
-================
+---------
-Identity servers have the job of mapping email addresses and other 3rd Party
+If running `$ synctl start` fails wit 'returned non-zero exit status 1', you will need to explicitly call Python2.7 - either running as::
 IDs (3PIDs) to Matrix user IDs, as well as verifying the ownership of 3PIDs
 before creating that mapping.
-**They are not where accounts or credentials are stored - these live on home
+    $ python2.7 -m synapse.app.homeserver --daemonize -c homeserver.yaml --pid-file homeserver.pid
-servers. Identity Servers are just for mapping 3rd party IDs to matrix IDs.**
+    
 ...or by editing synctl with the correct python executable.
-This process is very security-sensitive, as there is obvious risk of spam if it
+Homeserver Development
-is too easy to sign up for Matrix accounts or harvest 3PID data. In the longer
+======================
 term, we hope to create a decentralised system to manage it (`matrix-doc #712
 <https://github.com/matrix-org/matrix-doc/issues/712>`_), but in the meantime,
 the role of managing trusted identity in the Matrix ecosystem is farmed out to
 a cluster of known trusted ecosystem partners, who run 'Matrix Identity
 Servers' such as `Sydent <https://github.com/matrix-org/sydent>`_, whose role
 is purely to authenticate and track 3PID logins and publish end-user public
 keys.
-You can host your own copy of Sydent, but this will prevent you reaching other
+To check out a homeserver for development, clone the git repo into a working
 users in the Matrix ecosystem via their email address, and prevent them finding
 you. We therefore recommend that you use one of the centralised identity servers
 at ``https://matrix.org`` or ``https://vector.im`` for now.
 To reiterate: the Identity server will only be used if you choose to associate
 an email address with your account, or send an invite to another user via their
 email address.
 Password reset
 ==============
 Users can reset their password through their client. Alternatively, a server admin
 can reset a users password using the `admin API <docs/admin_api/user_admin_api.md#reset-password>`_
 or by directly editing the database as shown below.
 First calculate the hash of the new password::
    $ ~/synapse/env/bin/hash_password
    Password:
    Confirm password:
    $2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
 Then update the ``users`` table in the database::
    UPDATE users SET password_hash='$2a$12$xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx'
        WHERE name='@test:test.com';
 Synapse Development
 ===================
 The best place to get started is our
 `guide for contributors <https://matrix-org.github.io/synapse/latest/development/contributing_guide.html>`_.
 This is part of our larger `documentation <https://matrix-org.github.io/synapse/latest>`_, which includes
 information for synapse developers as well as synapse administrators.
 Developers might be particularly interested in:
 * `Synapse's database schema <https://matrix-org.github.io/synapse/latest/development/database_schema.html>`_,
 * `notes on Synapse's implementation details <https://matrix-org.github.io/synapse/latest/development/internal_documentation/index.html>`_, and
 * `how we use git <https://matrix-org.github.io/synapse/latest/development/git.html>`_.
 Alongside all that, join our developer community on Matrix:
 `#synapse-dev:matrix.org <https://matrix.to/#/#synapse-dev:matrix.org>`_, featuring real humans!
 Quick start
 -----------
 Before setting up a development environment for synapse, make sure you have the
 system dependencies (such as the python header files) installed - see
 `Platform-specific prerequisites <https://matrix-org.github.io/synapse/latest/setup/installation.html#platform-specific-prerequisites>`_.
 To check out a synapse for development, clone the git repo into a working
 directory of your choice::
-    git clone https://github.com/matrix-org/synapse.git
+    $ git clone https://github.com/matrix-org/synapse.git
-    cd synapse
+    $ cd synapse
-Synapse has a number of external dependencies. We maintain a fixed development
+The homeserver has a number of external dependencies, that are easiest
-environment using `Poetry <https://python-poetry.org/>`_. First, install poetry. We recommend::
+to install using pip and a virtualenv::
-    pip install --user pipx
+    $ virtualenv env
-    pipx install poetry
+    $ source env/bin/activate
-
+    $ python synapse/python_dependencies.py | xargs -n1 pip install
-as described `here <https://python-poetry.org/docs/#installing-with-pipx>`_.
+    $ pip install setuptools_trial mock
 (See `poetry's installation docs <https://python-poetry.org/docs/#installation>`_
 for other installation methods.) Then ask poetry to create a virtual environment
 from the project and install Synapse's dependencies::
    poetry install --extras "all test"
 This will run a process of downloading and installing all the needed
 dependencies into a virtual env.
-We recommend using the demo which starts 3 federated instances running on ports `8080` - `8082`::
+Once this is done, you may wish to run the homeserver's unit tests, to
 check that everything is installed as it should be::
-    poetry run ./demo/start.sh
+    $ python setup.py test
-(to stop, you can use ``poetry run ./demo/stop.sh``)
+This should end with a 'PASSED' result::
-See the `demo documentation <https://matrix-org.github.io/synapse/develop/development/demo.html>`_
+    Ran 143 tests in 0.601s
 for more information.
-If you just want to start a single instance of the app and run it directly::
+    PASSED (successes=143)
    # Create the homeserver.yaml config once
    poetry run synapse_homeserver \
      --server-name my.domain.name \
      --config-path homeserver.yaml \
      --generate-config \
      --report-stats=[yes|no]
    # Start the app
    poetry run synapse_homeserver --config-path homeserver.yaml
-Running the unit tests
+Upgrading an existing homeserver
----------------------
+================================
-After getting up and running, you may wish to run Synapse's unit tests to
+IMPORTANT: Before upgrading an existing homeserver to a new version, please
-check that everything is installed correctly::
+refer to UPGRADE.rst for any additional instructions.
-    poetry run trial tests
+Otherwise, simply re-install the new codebase over the current one - e.g.
-
+by ``pip install --process-dependency-links
-This should end with a 'PASSED' result (note that exact numbers will
+https://github.com/matrix-org/synapse/tarball/master``
-differ)::
+if using pip, or by ``git pull`` if running off a git working copy.
    Ran 1337 tests in 716.064s
    PASSED (skips=15, successes=1322)
 For more tips on running the unit tests, like running a specific test or
 to see the logging output, see the `CONTRIBUTING doc <CONTRIBUTING.md#run-the-unit-tests>`_.
-Running the Integration Tests
+Setting up Federation
 -----------------------------
 Synapse is accompanied by `SyTest <https://github.com/matrix-org/sytest>`_,
 a Matrix homeserver integration testing suite, which uses HTTP requests to
 access the API as a Matrix client would. It is able to run Synapse directly from
 the source tree, so installation of the server is not required.
 Testing with SyTest is recommended for verifying that changes related to the
 Client-Server API are functioning correctly. See the `SyTest installation
 instructions <https://github.com/matrix-org/sytest#installing>`_ for details.
 Platform dependencies
 =====================
-Synapse uses a number of platform dependencies such as Python and PostgreSQL,
+In order for other homeservers to send messages to your server, it will need to
-and aims to follow supported upstream versions. See the
+be publicly visible on the internet, and they will need to know its host name.
-`<docs/deprecation_policy.md>`_ document for more details.
+You have two choices here, which will influence the form of your Matrix user
 IDs:
 1) Use the machine's own hostname as available on public DNS in the form of
   its A or AAAA records. This is easier to set up initially, perhaps for
   testing, but lacks the flexibility of SRV.
 2) Set up a SRV record for your domain name. This requires you create a SRV
   record in DNS, but gives the flexibility to run the server on your own
   choice of TCP port, on a machine that might not be the same name as the
   domain name.
 For the first form, simply pass the required hostname (of the machine) as the
 --server-name parameter::
    $ python -m synapse.app.homeserver \
        --server-name machine.my.domain.name \
        --config-path homeserver.yaml \
        --generate-config
    $ python -m synapse.app.homeserver --config-path homeserver.yaml
 Alternatively, you can run ``synctl start`` to guide you through the process.
 For the second form, first create your SRV record and publish it in DNS. This
 needs to be named _matrix._tcp.YOURDOMAIN, and point at at least one hostname
 and port where the server is running.  (At the current time synapse does not
 support clustering multiple servers into a single logical homeserver).  The DNS
 record would then look something like::
    $ dig -t srv _matrix._tcp.machine.my.domaine.name
    _matrix._tcp    IN      SRV     10 0 8448 machine.my.domain.name.
-Troubleshooting
+At this point, you should then run the homeserver with the hostname of this
-===============
+SRV record, as that is the name other machines will expect it to have::
-Need help? Join our community support room on Matrix:
+    $ python -m synapse.app.homeserver \
-`#synapse:matrix.org <https://matrix.to/#/#synapse:matrix.org>`_
+        --server-name YOURDOMAIN \
        --bind-port 8448 \
        --config-path homeserver.yaml \
        --generate-config
    $ python -m synapse.app.homeserver --config-path homeserver.yaml
 Running out of File Handles
 ---------------------------
-If synapse runs out of file handles, it typically fails badly - live-locking
+You may additionally want to pass one or more "-v" options, in order to
-at 100% CPU, and/or failing to accept new TCP connections (blocking the
+increase the verbosity of logging output; at least for initial testing.
 connecting client).  Matrix currently can legitimately use a lot of file handles,
 thanks to busy rooms like #matrix:matrix.org containing hundreds of participating
 servers.  The first time a server talks in a room it will try to connect
 simultaneously to all participating servers, which could exhaust the available
 file descriptors between DNS queries & HTTPS sockets, especially if DNS is slow
 to respond. (We need to improve the routing algorithm used to be better than
 full mesh, but as of March 2019 this hasn't happened yet).
-If you hit this failure mode, we recommend increasing the maximum number of
+For the initial alpha release, the homeserver is not speaking TLS for
-open file handles to be at least 4096 (assuming a default of 1024 or 256).
+either client-server or server-server traffic for ease of debugging. We have
-This is typically done by editing ``/etc/security/limits.conf``
+also not spent any time yet getting the homeserver to run behind loadbalancers.
-Separately, Synapse may leak file handles if inbound HTTP requests get stuck
+Running a Demo Federation of Homeservers
-during processing - e.g. blocked behind a lock or talking to a remote server etc.
+----------------------------------------
 This is best diagnosed by matching up the 'Received request' and 'Processed request'
 log lines and looking for any 'Processed request' lines which take more than
 a few seconds to execute. Please let us know at #synapse:matrix.org if
 you see this failure mode so we can help debug it, however.
-Help!! Synapse is slow and eats all my RAM/CPU!
+If you want to get up and running quickly with a trio of homeservers in a
-----------------------------------------------
+private federation (``localhost:8080``, ``localhost:8081`` and
 ``localhost:8082``) which you can then access through the webclient running at
 http://localhost:8080. Simply run::
-First, ensure you are running the latest version of Synapse, using Python 3
+    $ demo/start.sh
-with a PostgreSQL database.
+    
 This is mainly useful just for development purposes.
-Synapse's architecture is quite RAM hungry currently - we deliberately
+Running The Demo Web Client
-cache a lot of recent room data and metadata in RAM in order to speed up
+===========================
 common requests. We'll improve this in the future, but for now the easiest
 way to either reduce the RAM usage (at the risk of slowing things down)
 is to set the almost-undocumented ``SYNAPSE_CACHE_FACTOR`` environment
 variable. The default is 0.5, which can be decreased to reduce RAM usage
 in memory constrained enviroments, or increased if performance starts to
 degrade.
-However, degraded performance due to a low cache factor, common on
+The homeserver runs a web client by default at https://localhost:8448/.
 machines with slow disks, often leads to explosions in memory use due
 backlogged requests. In this case, reducing the cache factor will make
 things worse. Instead, try increasing it drastically. 2.0 is a good
 starting value.
-Using `libjemalloc <http://jemalloc.net/>`_ can also yield a significant
+If this is the first time you have used the client from that browser (it uses
-improvement in overall memory use, and especially in terms of giving back
+HTML5 local storage to remember its config), you will need to log in to your
-RAM to the OS. To use it, the library must simply be put in the
+account. If you don't yet have an account, because you've just started the
-LD_PRELOAD environment variable when launching Synapse. On Debian, this
+homeserver for the first time, then you'll need to register one.
 can be done by installing the ``libjemalloc1`` package and adding this
 line to ``/etc/default/matrix-synapse``::
    LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.1
-This can make a significant difference on Python 2.7 - it's unclear how
+Registering A New Account
-much of an improvement it provides on Python 3.x.
+-------------------------
-If you're encountering high CPU use by the Synapse process itself, you
+Your new user name will be formed partly from the hostname your server is
-may be affected by a bug with presence tracking that leads to a
+running as, and partly from a localpart you specify when you create the
-massive excess of outgoing federation requests (see `discussion
+account. Your name will take the form of::
 <https://github.com/matrix-org/synapse/issues/3971>`_). If metrics
 indicate that your server is also issuing far more outgoing federation
 requests than can be accounted for by your users' activity, this is a
 likely cause. The misbehavior can be worked around by setting
 the following in the Synapse config file:
-.. code-block:: yaml
+    @localpart:my.domain.here
         (pronounced "at localpart on my dot domain dot here")
-   presence:
+Specify your desired localpart in the topmost box of the "Register for an
-       enabled: false
+account" form, and click the "Register" button. Hostnames can contain ports if
 required due to lack of SRV records (e.g. @matthew:localhost:8448 on an
 internal synapse sandbox running on localhost)
 People can't accept room invitations from me
 --------------------------------------------
-The typical failure mode here is that you send an invitation to someone
+Logging In To An Existing Account
-to join a room or direct chat, but when they go to accept it, they get an
+---------------------------------
 error (typically along the lines of "Invalid signature"). They might see
 something like the following in their logs::
-    2019-09-11 19:32:04,271 - synapse.federation.transport.server - 288 - WARNING - GET-11752 - authenticate_request failed: 401: Invalid signature for server <server> with key ed25519:a_EqML: Unable to verify signature for <server>
+Just enter the ``@localpart:my.domain.here`` Matrix user ID and password into
 the form and click the Login button.
 This is normally caused by a misconfiguration in your reverse-proxy. See
 `<docs/reverse_proxy.md>`_ and double-check that your settings are correct.
-.. |support| image:: https://img.shields.io/matrix/synapse:matrix.org?label=support&logo=matrix
+Identity Servers
-  :alt: (get support on #synapse:matrix.org)
+================
  :target: https://matrix.to/#/#synapse:matrix.org
-.. |development| image:: https://img.shields.io/matrix/synapse-dev:matrix.org?label=development&logo=matrix
+The job of authenticating 3PIDs and tracking which 3PIDs are associated with a
-  :alt: (discuss development on #synapse-dev:matrix.org)
+given Matrix user is very security-sensitive, as there is obvious risk of spam
-  :target: https://matrix.to/#/#synapse-dev:matrix.org
+if it is too easy to sign up for Matrix accounts or harvest 3PID data.
 Meanwhile the job of publishing the end-to-end encryption public keys for
 Matrix users is also very security-sensitive for similar reasons.
-.. |documentation| image:: https://img.shields.io/badge/documentation-%E2%9C%93-success
+Therefore the role of managing trusted identity in the Matrix ecosystem is
-  :alt: (Rendered documentation on GitHub Pages)
+farmed out to a cluster of known trusted ecosystem partners, who run 'Matrix
-  :target: https://matrix-org.github.io/synapse/latest/
+Identity Servers' such as ``sydent``, whose role is purely to authenticate and
 track 3PID logins and publish end-user public keys.
-.. |license| image:: https://img.shields.io/github/license/matrix-org/synapse
+It's currently early days for identity servers as Matrix is not yet using 3PIDs
-  :alt: (check license in LICENSE file)
+as the primary means of identity and E2E encryption is not complete. As such,
-  :target: LICENSE
+we are running a single identity server (http://matrix.org:8090) at the current
 time.
 .. |pypi| image:: https://img.shields.io/pypi/v/matrix-synapse
  :alt: (latest version released on PyPi)
  :target: https://pypi.org/project/matrix-synapse
-.. |python| image:: https://img.shields.io/pypi/pyversions/matrix-synapse
+Where's the spec?!
-  :alt: (supported python versions)
+==================
-  :target: https://pypi.org/project/matrix-synapse
+
 The source of the matrix spec lives at https://github.com/matrix-org/matrix-doc.  
 A recent HTML snapshot of this lives at http://matrix.org/docs/spec
 Building Internal API Documentation
 ===================================
 Before building internal API documentation install sphinx and
 sphinxcontrib-napoleon::
    $ pip install sphinx
    $ pip install sphinxcontrib-napoleon
 Building internal API documentation::
    $ python setup.py build_sphinx
--- a/UPGRADE.rst
+++ b/UPGRADE.rst
@@ -1,7 +1,188 @@
-Upgrading Synapse
+Upgrading to v0.8.0
-=================
+===================
-This document has moved to the `Synapse documentation website <https://matrix-org.github.io/synapse/latest/upgrade>`_.
+Servers which use captchas will need to add their public key to::
 Please update your links.
-The markdown source is available in `docs/upgrade.md <docs/upgrade.md>`_.
+  static/client/register/register_config.js
    window.matrixRegistrationConfig = {
        recaptcha_public_key: "YOUR_PUBLIC_KEY"
    };
 This is required in order to support registration fallback (typically used on
 mobile devices).
 Upgrading to v0.7.0
 ===================
 New dependencies are:
 - pydenticon
 - simplejson
 - syutil
 - matrix-angular-sdk
 To pull in these dependencies in a virtual env, run::
    python synapse/python_dependencies.py | xargs -n 1 pip install
 Upgrading to v0.6.0
 ===================
 To pull in new dependencies, run::
    python setup.py develop --user
 This update includes a change to the database schema. To upgrade you first need
 to upgrade the database by running::
    python scripts/upgrade_db_to_v0.6.0.py <db> <server_name> <signing_key>
 Where `<db>` is the location of the database, `<server_name>` is the
 server name as specified in the synapse configuration, and `<signing_key>` is
 the location of the signing key as specified in the synapse configuration.
 This may take some time to complete. Failures of signatures and content hashes
 can safely be ignored.
 Upgrading to v0.5.1
 ===================
 Depending on precisely when you installed v0.5.0 you may have ended up with
 a stale release of the reference matrix webclient installed as a python module.
 To uninstall it and ensure you are depending on the latest module, please run::
    $ pip uninstall syweb
 Upgrading to v0.5.0
 ===================
 The webclient has been split out into a seperate repository/pacakage in this
 release. Before you restart your homeserver you will need to pull in the
 webclient package by running::
  python setup.py develop --user
 This release completely changes the database schema and so requires upgrading
 it before starting the new version of the homeserver.
 The script "database-prepare-for-0.5.0.sh" should be used to upgrade the
 database. This will save all user information, such as logins and profiles, 
 but will otherwise purge the database. This includes messages, which
 rooms the home server was a member of and room alias mappings.
 If you would like to keep your history, please take a copy of your database
 file and ask for help in #matrix:matrix.org. The upgrade process is,
 unfortunately, non trivial and requires human intervention to resolve any
 resulting conflicts during the upgrade process.
 Before running the command the homeserver should be first completely 
 shutdown. To run it, simply specify the location of the database, e.g.:
  ./scripts/database-prepare-for-0.5.0.sh "homeserver.db"
 Once this has successfully completed it will be safe to restart the 
 homeserver. You may notice that the homeserver takes a few seconds longer to 
 restart than usual as it reinitializes the database.
 On startup of the new version, users can either rejoin remote rooms using room
 aliases or by being reinvited. Alternatively, if any other homeserver sends a
 message to a room that the homeserver was previously in the local HS will 
 automatically rejoin the room.
 Upgrading to v0.4.0
 ===================
 This release needs an updated syutil version. Run::
    python setup.py develop
 You will also need to upgrade your configuration as the signing key format has
 changed. Run::
    python -m synapse.app.homeserver --config-path <CONFIG> --generate-config
 Upgrading to v0.3.0
 ===================
 This registration API now closely matches the login API. This introduces a bit
 more backwards and forwards between the HS and the client, but this improves
 the overall flexibility of the API. You can now GET on /register to retrieve a list
 of valid registration flows. Upon choosing one, they are submitted in the same
 way as login, e.g::
  {
    type: m.login.password,
    user: foo,
    password: bar
  }
 The default HS supports 2 flows, with and without Identity Server email
 authentication. Enabling captcha on the HS will add in an extra step to all
 flows: ``m.login.recaptcha`` which must be completed before you can transition
 to the next stage. There is a new login type: ``m.login.email.identity`` which
 contains the ``threepidCreds`` key which were previously sent in the original
 register request. For more information on this, see the specification.
 Web Client
 ----------
 The VoIP specification has changed between v0.2.0 and v0.3.0. Users should
 refresh any browser tabs to get the latest web client code. Users on
 v0.2.0 of the web client will not be able to call those on v0.3.0 and
 vice versa.
 Upgrading to v0.2.0
 ===================
 The home server now requires setting up of SSL config before it can run. To
 automatically generate default config use::
    $ python synapse/app/homeserver.py \
        --server-name machine.my.domain.name \
        --bind-port 8448 \
        --config-path homeserver.config \
        --generate-config
 This config can be edited if desired, for example to specify a different SSL 
 certificate to use. Once done you can run the home server using::
    $ python synapse/app/homeserver.py --config-path homeserver.config
 See the README.rst for more information.
 Also note that some config options have been renamed, including:
 - "host" to "server-name"
 - "database" to "database-path"
 - "port" to "bind-port" and "unsecure-port"
 Upgrading to v0.0.1
 ===================
 This release completely changes the database schema and so requires upgrading
 it before starting the new version of the homeserver.
 The script "database-prepare-for-0.0.1.sh" should be used to upgrade the
 database. This will save all user information, such as logins and profiles, 
 but will otherwise purge the database. This includes messages, which
 rooms the home server was a member of and room alias mappings.
 Before running the command the homeserver should be first completely 
 shutdown. To run it, simply specify the location of the database, e.g.:
  ./scripts/database-prepare-for-0.0.1.sh "homeserver.db"
 Once this has successfully completed it will be safe to restart the 
 homeserver. You may notice that the homeserver takes a few seconds longer to 
 restart than usual as it reinitializes the database.
 On startup of the new version, users can either rejoin remote rooms using room
 aliases or by being reinvited. Alternatively, if any other homeserver sends a
 message to a room that the homeserver was previously in the local HS will 
 automatically rejoin the room.
--- a/book.toml
+++ b/book.toml
@@ -1,39 +0,0 @@
 # Documentation for possible options in this file is at
 # https://rust-lang.github.io/mdBook/format/config.html
 [book]
 title = "Synapse"
 authors = ["The Matrix.org Foundation C.I.C."]
 language = "en"
 multilingual = false
 # The directory that documentation files are stored in
 src = "docs"
 [build]
 # Prevent markdown pages from being automatically generated when they're
 # linked to in SUMMARY.md
 create-missing = false
 [output.html]
 # The URL visitors will be directed to when they try to edit a page
 edit-url-template = "https://github.com/matrix-org/synapse/edit/develop/{path}"
 # Remove the numbers that appear before each item in the sidebar, as they can
 # get quite messy as we nest deeper
 no-section-label = true
 # The source code URL of the repository
 git-repository-url = "https://github.com/matrix-org/synapse"
 # The path that the docs are hosted on
 site-url = "/synapse/"
 # Additional HTML, JS, CSS that's injected into each page of the book.
 # More information available in docs/website_files/README.md
 additional-css = [
    "docs/website_files/table-of-contents.css",
    "docs/website_files/remove-nav-buttons.css",
    "docs/website_files/indent-section-headers.css",
 ]
 additional-js = ["docs/website_files/table-of-contents.js"]
 theme = "docs/website_files/theme"
--- a/changelog.d/.gitignore
+++ b/changelog.d/.gitignore
@@ -1 +0,0 @@
 !.gitignore
--- a/changelog.d/10533.misc
+++ b/changelog.d/10533.misc
@@ -1 +0,0 @@
 Improve event caching mechanism to avoid having multiple copies of an event in memory at a time.
--- a/changelog.d/12477.misc
+++ b/changelog.d/12477.misc
@@ -1 +0,0 @@
 Add some type hints to datastore.
--- a/changelog.d/12498.misc
+++ b/changelog.d/12498.misc
@@ -1 +0,0 @@
 Preparation for faster-room-join work: return subsets of room state which we already have, immediately.
--- a/changelog.d/12513.feature
+++ b/changelog.d/12513.feature
@@ -1 +0,0 @@
 Measure the time taken in spam-checking callbacks and expose those measurements as metrics.
--- a/changelog.d/12567.misc
+++ b/changelog.d/12567.misc
@@ -1 +0,0 @@
 Replace string literal instances of stream key types with typed constants.
--- a/changelog.d/12586.misc
+++ b/changelog.d/12586.misc
@@ -1 +0,0 @@
 Add `@cancellable` decorator, for use on endpoint methods that can be cancelled when clients disconnect.
--- a/changelog.d/12588.misc
+++ b/changelog.d/12588.misc
@@ -1 +0,0 @@
 Add ability to cancel disconnected requests to `SynapseRequest`.
--- a/changelog.d/12618.feature
+++ b/changelog.d/12618.feature
@@ -1 +0,0 @@
 Add a `default_power_level_content_override` config option to set default room power levels per room preset.
--- a/changelog.d/12623.feature
+++ b/changelog.d/12623.feature
@@ -1 +0,0 @@
 Add support for [MSC3787: Allowing knocks to restricted rooms](https://github.com/matrix-org/matrix-spec-proposals/pull/3787).
--- a/changelog.d/12630.misc
+++ b/changelog.d/12630.misc
@@ -1 +0,0 @@
 Add a helper class for testing request cancellation.
--- a/changelog.d/12673.feature
+++ b/changelog.d/12673.feature
@@ -1 +0,0 @@
 Synapse will now reload [cache config](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#caching) when it receives a [SIGHUP](https://en.wikipedia.org/wiki/SIGHUP) signal.
--- a/changelog.d/12676.misc
+++ b/changelog.d/12676.misc
@@ -1 +0,0 @@
 Improve documentation of the `synapse.push` module.
--- a/changelog.d/12677.misc
+++ b/changelog.d/12677.misc
@@ -1 +0,0 @@
 Refactor functions to on `PushRuleEvaluatorForEvent`.
--- a/changelog.d/12679.misc
+++ b/changelog.d/12679.misc
@@ -1 +0,0 @@
 Preparation for database schema simplifications: stop writing to `event_reference_hashes`.
--- a/changelog.d/12680.misc
+++ b/changelog.d/12680.misc
@@ -1 +0,0 @@
 Remove code which updates unused database column `application_services_state.last_txn`.
--- a/changelog.d/12683.bugfix
+++ b/changelog.d/12683.bugfix
@@ -1 +0,0 @@
 Fix a bug introduced in Synapse 1.57.0 where `/messages` would throw a 500 error when querying for a non-existent room.
--- a/changelog.d/12689.misc
+++ b/changelog.d/12689.misc
@@ -1 +0,0 @@
 Refactor `EventContext` class.
--- a/changelog.d/12691.misc
+++ b/changelog.d/12691.misc
@@ -1 +0,0 @@
 Remove an unneeded class in the push code.
--- a/changelog.d/12693.misc
+++ b/changelog.d/12693.misc
@@ -1 +0,0 @@
 Consolidate parsing of relation information from events.
--- a/changelog.d/12694.misc
+++ b/changelog.d/12694.misc
@@ -1 +0,0 @@
 Capture the `Deferred` for request cancellation in `_AsyncResource`.
--- a/changelog.d/12695.misc
+++ b/changelog.d/12695.misc
@@ -1 +0,0 @@
 Fixes an incorrect type hint for `Filter._check_event_relations`.
--- a/changelog.d/12696.bugfix
+++ b/changelog.d/12696.bugfix
@@ -1 +0,0 @@
 Fix a long-standing bug where an empty room would be created when a user with an insufficient power level tried to upgrade a room.
--- a/changelog.d/12698.misc
+++ b/changelog.d/12698.misc
@@ -1 +0,0 @@
 Respect the `@cancellable` flag for `DirectServe{Html,Json}Resource`s.
--- a/changelog.d/12699.misc
+++ b/changelog.d/12699.misc
@@ -1 +0,0 @@
 Respect the `@cancellable` flag for `RestServlet`s and `BaseFederationServlet`s.
--- a/changelog.d/12700.misc
+++ b/changelog.d/12700.misc
@@ -1 +0,0 @@
 Respect the `@cancellable` flag for `ReplicationEndpoint`s.
--- a/changelog.d/12701.feature
+++ b/changelog.d/12701.feature
@@ -1 +0,0 @@
 Add a config options to allow for auto-tuning of caches.
--- a/changelog.d/12705.misc
+++ b/changelog.d/12705.misc
@@ -1 +0,0 @@
 Complain if a federation endpoint has the `@cancellable` flag, since some of the wrapper code may not handle cancellation correctly yet.
--- a/changelog.d/12708.misc
+++ b/changelog.d/12708.misc
@@ -1 +0,0 @@
 Enable cancellation of `GET /rooms/$room_id/members`, `GET /rooms/$room_id/state` and `GET /rooms/$room_id/state/$event_type/*` requests.
--- a/changelog.d/12709.removal
+++ b/changelog.d/12709.removal
@@ -1 +0,0 @@
 Require a body in POST requests to `/rooms/{roomId}/receipt/{receiptType}/{eventId}`, as required by the [Matrix specification](https://spec.matrix.org/v1.2/client-server-api/#post_matrixclientv3roomsroomidreceiptreceipttypeeventid). This breaks compatibility with Element Android 1.2.0 and earlier: users of those clients will be unable to send read receipts.
--- a/changelog.d/12711.misc
+++ b/changelog.d/12711.misc
@@ -1 +0,0 @@
 Optimize private read receipt filtering.
--- a/changelog.d/12713.bugfix
+++ b/changelog.d/12713.bugfix
@@ -1 +0,0 @@
 Fix a bug introduced in Synapse 1.30.0 where empty rooms could be automatically created if a monthly active users limit is set.
--- a/changelog.d/12715.doc
+++ b/changelog.d/12715.doc
@@ -1 +0,0 @@
 Fix a typo in the Media Admin API documentation.
--- a/changelog.d/12716.misc
+++ b/changelog.d/12716.misc
@@ -1 +0,0 @@
 Add type annotations to increase the number of modules passing `disallow-untyped-defs`.
--- a/changelog.d/12717.misc
+++ b/changelog.d/12717.misc
@@ -1 +0,0 @@
 Add some type hints to datastore.
--- a/changelog.d/12720.misc
+++ b/changelog.d/12720.misc
@@ -1 +0,0 @@
 Drop the logging level of status messages for the URL preview cache expiry job from INFO to DEBUG.
--- a/changelog.d/12721.bugfix
+++ b/changelog.d/12721.bugfix
@@ -1 +0,0 @@
 Fix push to dismiss notifications when read on another client. Contributed by @SpiritCroc @ Beeper.
--- a/changelog.d/12723.misc
+++ b/changelog.d/12723.misc
@@ -1 +0,0 @@
 Downgrade some OIDC errors to warnings in the logs, to reduce the noise of Sentry reports.
--- a/changelog.d/12726.misc
+++ b/changelog.d/12726.misc
@@ -1 +0,0 @@
 Add type annotations to increase the number of modules passing `disallow-untyped-defs`.
--- a/changelog.d/12727.doc
+++ b/changelog.d/12727.doc
@@ -1 +0,0 @@
 Update the OpenID Connect example for Keycloak to be compatible with newer versions of Keycloak. Contributed by @nhh.
--- a/changelog.d/12731.misc
+++ b/changelog.d/12731.misc
@@ -1 +0,0 @@
 Update configs used by Complement to allow more invites/3PID validations during tests.
--- a/changelog.d/12734.misc
+++ b/changelog.d/12734.misc
@@ -1 +0,0 @@
 Tidy up and type-hint the database engine modules.
--- a/changelog.d/12742.doc
+++ b/changelog.d/12742.doc
@@ -1 +0,0 @@
 Fix typo in server listener documentation.
--- a/changelog.d/12747.bugfix
+++ b/changelog.d/12747.bugfix
@@ -1 +0,0 @@
 Fix poor database performance when reading the cache invalidation stream for large servers with lots of workers.
--- a/changelog.d/12748.doc
+++ b/changelog.d/12748.doc
@@ -1 +0,0 @@
 Link to the configuration manual from the welcome page of the documentation.
--- a/changelog.d/12749.doc
+++ b/changelog.d/12749.doc
@@ -1 +0,0 @@
 Fix typo in 'run_background_tasks_on' option name in configuration manual documentation.
--- a/changelog.d/12753.misc
+++ b/changelog.d/12753.misc
@@ -1 +0,0 @@
 Add some type hints to datastore.
--- a/changelog.d/12759.doc
+++ b/changelog.d/12759.doc
@@ -1 +0,0 @@
 Add information regarding the `rc_invites` ratelimiting option to the configuration docs.
--- a/changelog.d/12761.doc
+++ b/changelog.d/12761.doc
@@ -1 +0,0 @@
 Add documentation for cancellation of request processing.
--- a/changelog.d/12762.misc
+++ b/changelog.d/12762.misc
@@ -1 +0,0 @@
 Fix a long-standing bug where the user directory background process would fail to make forward progress if a user included a null codepoint in their display name or avatar.
--- a/changelog.d/12765.doc
+++ b/changelog.d/12765.doc
@@ -1 +0,0 @@
 Recommend using docker to run tests against postgres.
--- a/changelog.d/12769.misc
+++ b/changelog.d/12769.misc
@@ -1 +0,0 @@
 Tweak the mypy plugin so that `@cached` can accept `on_invalidate=None`.
--- a/changelog.d/12770.bugfix
+++ b/changelog.d/12770.bugfix
@@ -1 +0,0 @@
 Delete events from the `federation_inbound_events_staging` table when a room is purged through the admin API.
--- a/changelog.d/12772.misc
+++ b/changelog.d/12772.misc
@@ -1 +0,0 @@
 Move methods that call `add_push_rule` to the `PushRuleStore` class.
--- a/changelog.d/12774.misc
+++ b/changelog.d/12774.misc
@@ -1 +0,0 @@
 Make handling of federation Authorization header (more) compliant with RFC7230.
--- a/changelog.d/12775.misc
+++ b/changelog.d/12775.misc
@@ -1 +0,0 @@
 Refactor `resolve_state_groups_for_events` to not pull out full state when no state resolution happens.
--- a/changelog.d/12779.bugfix
+++ b/changelog.d/12779.bugfix
@@ -1 +0,0 @@
 Give a meaningful error message when a client tries to create a room with an invalid alias localpart.
--- a/changelog.d/12781.misc
+++ b/changelog.d/12781.misc
@@ -1 +0,0 @@
 Do not keep going if there are 5 back-to-back background update failures.
--- a/changelog.d/12783.misc
+++ b/changelog.d/12783.misc
@@ -1 +0,0 @@
 Fix federation when using the demo scripts.
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
Erik Johnston	75bf48b905	Update tracer to give more information	2015-03-13 11:38:57 +00:00
Erik Johnston	d1ae594ae5	Add a utility class that can be used to generate a twisted deferred aware call graph	2015-03-12 16:52:02 +00:00
		`@@ -1,2 +0,0 @@`
			`# This file serves as a blacklist for SyTest tests that we expect will fail in`
			`# Synapse when run under worker mode. For more details, see sytest-blacklist.`
		`@@ -1,2 +0,0 @@`
			`# Automatically request reviews from the synapse-core team when a pull request comes in.`
			`* @matrix-org/synapse-core`
		`@@ -1,3 +0,0 @@`
			`# Welcome to Synapse`

			`Please see the [contributors' guide](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html) in our rendered documentation.`
		`@@ -1 +0,0 @@`
			`Improve event caching mechanism to avoid having multiple copies of an event in memory at a time.`
		`@@ -1 +0,0 @@`
			`Preparation for faster-room-join work: return subsets of room state which we already have, immediately.`
		`@@ -1 +0,0 @@`
			`Measure the time taken in spam-checking callbacks and expose those measurements as metrics.`
		`@@ -1 +0,0 @@`
			`Replace string literal instances of stream key types with typed constants.`
		`@@ -1 +0,0 @@`
			Add `@cancellable` decorator, for use on endpoint methods that can be cancelled when clients disconnect.
		`@@ -1 +0,0 @@`
			Add ability to cancel disconnected requests to `SynapseRequest`.