changelog

.github/ISSUE_TEMPLATE.md

@@ -2,4 +2,4 @@
 (using a matrix.org account if necessary). We do not use GitHub issues for
 support.
 
-**If you want to report a security issue** please see https://element.io/security/security-disclosure-policy
+**If you want to report a security issue** please see https://matrix.org/security-disclosure-policy/

.github/ISSUE_TEMPLATE/BUG_REPORT.yml

@@ -7,7 +7,7 @@ body:
         **THIS IS NOT A SUPPORT CHANNEL!**
         **IF YOU HAVE SUPPORT QUESTIONS ABOUT RUNNING OR CONFIGURING YOUR OWN HOME SERVER**, please ask in **[#synapse:matrix.org](https://matrix.to/#/#synapse:matrix.org)** (using a matrix.org account if necessary).
 
-        If you want to report a security issue, please see https://element.io/security/security-disclosure-policy
+        If you want to report a security issue, please see https://matrix.org/security-disclosure-policy/
 
         This is a bug report form. By following the instructions below and completing the sections with your information, you will help the us to get all the necessary data to fix your issue.
 

.github/workflows/docker.yml

@@ -30,7 +30,7 @@ jobs:
         run: docker buildx inspect
 
       - name: Install Cosign
-        uses: sigstore/cosign-installer@v3.6.0
+        uses: sigstore/cosign-installer@v3.3.0
 
       - name: Checkout repository
         uses: actions/checkout@v4
@@ -72,7 +72,7 @@ jobs:
 
       - name: Build and push all platforms
         id: build-and-push
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v5
         with:
           push: true
           labels: |

.github/workflows/docs-pr-netlify.yaml

@@ -14,7 +14,7 @@ jobs:
       # There's a 'download artifact' action, but it hasn't been updated for the workflow_run action
       # (https://github.com/actions/download-artifact/issues/60) so instead we get this mess:
       - name: 📥 Download artifact
-        uses: dawidd6/action-download-artifact@bf251b5aa9c2f7eeb574a96ee720e24f801b7c11 # v6
+        uses: dawidd6/action-download-artifact@e7466d1a7587ed14867642c2ca74b5bcc1e19a2d # v3.0.0
         with:
           workflow: docs-pr.yaml
           run_id: ${{ github.event.workflow_run.id }}

.github/workflows/docs-pr.yaml

@@ -19,7 +19,7 @@ jobs:
           fetch-depth: 0
 
       - name: Setup mdbook
-        uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0
+        uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0
         with:
           mdbook-version: '0.4.17'
 
@@ -53,7 +53,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Setup mdbook
-        uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0
+        uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0
         with:
           mdbook-version: '0.4.17'
 

.github/workflows/docs.yaml

@@ -9,6 +9,7 @@ on:
       - 'release-v*'
       # stable docs
       - master
+  pull_request:
 
   workflow_dispatch:
 
@@ -56,7 +57,7 @@ jobs:
           fetch-depth: 0
 
       - name: Setup mdbook
-        uses: peaceiris/actions-mdbook@ee69d230fe19748b7abf22df32acaa93833fad08 # v2.0.0
+        uses: peaceiris/actions-mdbook@adeb05db28a0c0004681db83893d56c0388ea9ea # v1.2.0
         with:
           mdbook-version: '0.4.17'
 
@@ -79,9 +80,39 @@ jobs:
           cp book/welcome_and_overview.html book/index.html
 
       # Deploy to the target directory.
-      - name: Deploy to gh pages
-        uses: peaceiris/actions-gh-pages@4f9cc6602d3f66b9c108549d475ec49e8ef4d45e # v4.0.0
+#      - name: Deploy to gh pages
+#        uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
+#        with:
+#          github_token: ${{ secrets.GITHUB_TOKEN }}
+#          publish_dir: ./book
+#          destination_dir: ./${{ needs.pre.outputs.branch-version }}
+
+################################################################################
+  pages-devdocs:
+    name: GitHub Pages (developer docs)
+    runs-on: ubuntu-latest
+    needs:
+      - pre
+    steps:
+      - uses: actions/checkout@v4
+
+      - name: "Set up Sphinx"
+        uses: matrix-org/setup-python-poetry@v1
         with:
-          github_token: ${{ secrets.GITHUB_TOKEN }}
-          publish_dir: ./book
-          destination_dir: ./${{ needs.pre.outputs.branch-version }}
+          python-version: "3.11"
+          poetry-version: "1.3.2"
+          groups: "dev-docs"
+          extras: ""
+
+      - name: Build the documentation
+        run: |
+          cd dev-docs
+          poetry run make html
+
+      # Deploy to the target directory.
+#      - name: Deploy to gh pages
+#        uses: peaceiris/actions-gh-pages@373f7f263a76c20808c831209c920827a82a2847 # v3.9.3
+#        with:
+#          github_token: ${{ secrets.GITHUB_TOKEN }}
+#          publish_dir: ./dev-docs/_build/html
+#          destination_dir: ./dev-docs/${{ needs.pre.outputs.branch-version }}

.github/workflows/fix_lint.yaml

@@ -29,13 +29,17 @@ jobs:
         with:
           install-project: "false"
 
-      - name: Run ruff check
+      - name: Import order (isort)
         continue-on-error: true
-        run: poetry run ruff check --fix .
+        run: poetry run isort .
 
-      - name: Run ruff format
+      - name: Code style (black)
         continue-on-error: true
-        run: poetry run ruff format --quiet .
+        run: poetry run black .
+
+      - name: Semantic checks (ruff)
+        continue-on-error: true
+        run: poetry run ruff --fix .
 
       - run: cargo clippy --all-features --fix -- -D warnings
         continue-on-error: true
@@ -45,4 +49,4 @@ jobs:
 
       - uses: stefanzweifel/git-auto-commit-action@v5
         with:
-          commit_message: "Attempt to fix linting"
+            commit_message: "Attempt to fix linting"

.github/workflows/latest_deps.yml

@@ -226,7 +226,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-      - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2
+      - uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd # v2.9.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

.github/workflows/release-artifacts.yml

@@ -102,7 +102,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        os: [ubuntu-20.04, macos-12]
+        os: [ubuntu-20.04, macos-11]
         arch: [x86_64, aarch64]
         # is_pr is a flag used to exclude certain jobs from the matrix on PRs.
         # It is not read by the rest of the workflow.
@@ -112,9 +112,9 @@ jobs:
         exclude:
           # Don't build macos wheels on PR CI.
           - is_pr: true
-            os: "macos-12"
+            os: "macos-11"
           # Don't build aarch64 wheels on mac.
-          - os: "macos-12"
+          - os: "macos-11"
             arch: aarch64
           # Don't build aarch64 wheels on PR CI.
           - is_pr: true
@@ -130,7 +130,7 @@ jobs:
           python-version: "3.x"
 
       - name: Install cibuildwheel
-        run: python -m pip install cibuildwheel==2.19.1
+        run: python -m pip install cibuildwheel==2.16.2
 
       - name: Set up QEMU to emulate aarch64
         if: matrix.arch == 'aarch64'

.github/workflows/tests.yml

@@ -21,9 +21,8 @@ jobs:
       trial: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.trial }}
       integration: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.integration }}
       linting: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.linting }}
-      linting_readme: ${{ !startsWith(github.ref, 'refs/pull/') || steps.filter.outputs.linting_readme }}
     steps:
-    - uses: dorny/paths-filter@v3
+    - uses: dorny/paths-filter@v2
       id: filter
       # We only check on PRs
       if: startsWith(github.ref, 'refs/pull/')
@@ -74,9 +73,6 @@ jobs:
             - 'poetry.lock'
             - '.github/workflows/tests.yml'
 
-          linting_readme:
-            - 'README.rst'
-
   check-sampleconfig:
     runs-on: ubuntu-latest
     needs: changes
@@ -85,7 +81,7 @@ jobs:
     steps:
       - uses: actions/checkout@v4
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
       - uses: matrix-org/setup-python-poetry@v1
         with:
@@ -131,11 +127,15 @@ jobs:
         with:
           install-project: "false"
 
-      - name: Run ruff check
-        run: poetry run ruff check --output-format=github .
+      - name: Import order (isort)
+        run: poetry run isort --check --diff .
 
-      - name: Run ruff format
-        run: poetry run ruff format --check .
+      - name: Code style (black)
+        run: poetry run black --check --diff .
+
+      - name: Semantic checks (ruff)
+        # --quiet suppresses the update check.
+        run: poetry run ruff --quiet .
 
   lint-mypy:
     runs-on: ubuntu-latest
@@ -148,7 +148,7 @@ jobs:
         uses: actions/checkout@v4
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       - name: Setup Poetry
@@ -208,7 +208,7 @@ jobs:
         with:
           ref: ${{ github.event.pull_request.head.sha }}
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
       - uses: matrix-org/setup-python-poetry@v1
         with:
@@ -225,7 +225,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
         with:
             components: clippy
       - uses: Swatinem/rust-cache@v2
@@ -269,20 +269,6 @@ jobs:
 
       - run: cargo fmt --check
 
-  # This is to detect issues with the rst file, which can otherwise cause issues
-  # when uploading packages to PyPi.
-  lint-readme:
-    runs-on: ubuntu-latest
-    needs: changes
-    if: ${{ needs.changes.outputs.linting_readme == 'true' }}
-    steps:
-      - uses: actions/checkout@v4
-      - uses: actions/setup-python@v5
-        with:
-          python-version: "3.x"
-      - run: "pip install rstcheck"
-      - run: "rstcheck --report-level=WARNING README.rst"
-
   # Dummy step to gate other tests on without repeating the whole list
   linting-done:
     if: ${{ !cancelled() }} # Run this even if prior jobs were skipped
@@ -298,10 +284,9 @@ jobs:
       - lint-clippy
       - lint-clippy-nightly
       - lint-rustfmt
-      - lint-readme
     runs-on: ubuntu-latest
     steps:
-      - uses: matrix-org/done-action@v3
+      - uses: matrix-org/done-action@v2
         with:
           needs: ${{ toJSON(needs) }}
 
@@ -316,7 +301,6 @@ jobs:
             lint-clippy
             lint-clippy-nightly
             lint-rustfmt
-            lint-readme
 
 
   calculate-test-jobs:
@@ -360,7 +344,7 @@ jobs:
             postgres:${{ matrix.job.postgres-version }}
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       - uses: matrix-org/setup-python-poetry@v1
@@ -402,7 +386,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       # There aren't wheels for some of the older deps, so we need to install
@@ -495,9 +479,6 @@ jobs:
       volumes:
         - ${{ github.workspace }}:/src
       env:
-        # If this is a pull request to a release branch, use that branch as default branch for sytest, else use develop
-        # This works because the release script always create a branch on the sytest repo with the same name as the release branch
-        SYTEST_DEFAULT_BRANCH: ${{ startsWith(github.base_ref, 'release-') && github.base_ref || 'develop' }}
         SYTEST_BRANCH: ${{ github.head_ref }}
         POSTGRES: ${{ matrix.job.postgres && 1}}
         MULTI_POSTGRES: ${{ (matrix.job.postgres == 'multi-postgres') || '' }}
@@ -517,7 +498,7 @@ jobs:
         run: cat sytest-blacklist .ci/worker-blacklist > synapse-blacklist-with-workers
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       - name: Run SyTest
@@ -661,7 +642,7 @@ jobs:
           path: synapse
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       - name: Prepare Complement's Prerequisites
@@ -693,7 +674,7 @@ jobs:
       - uses: actions/checkout@v4
 
       - name: Install Rust
-        uses: dtolnay/rust-toolchain@1.66.0
+        uses: dtolnay/rust-toolchain@1.65.0
       - uses: Swatinem/rust-cache@v2
 
       - run: cargo test
@@ -733,7 +714,7 @@ jobs:
       - linting-done
     runs-on: ubuntu-latest
     steps:
-      - uses: matrix-org/done-action@v3
+      - uses: matrix-org/done-action@v2
         with:
           needs: ${{ toJSON(needs) }}
 

.github/workflows/twisted_trunk.yml

@@ -207,7 +207,7 @@ jobs:
 
     steps:
       - uses: actions/checkout@v4
-      - uses: JasonEtco/create-an-issue@1b14a70e4d8dc185e5cc76d3bec9eab20257b2c5 # v2.9.2
+      - uses: JasonEtco/create-an-issue@e27dddc79c92bc6e4562f268fffa5ed752639abd # v2.9.1
         env:
           GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
         with:

Cargo.lock

@@ -4,42 +4,36 @@ version = 3
 
 [[package]]
 name = "aho-corasick"
-version = "1.1.3"
+version = "1.0.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8e60d3430d3a69478ad0993f19238d2df97c507009a52b3c10addcd7f6bcb916"
+checksum = "43f6cb1bf222025340178f382c426f13757b2960e89779dfcb319c32542a5a41"
 dependencies = [
  "memchr",
 ]
 
 [[package]]
 name = "anyhow"
-version = "1.0.86"
+version = "1.0.79"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b3d1d046238990b9cf5bcde22a3fb3584ee5cf65fb2765f454ed428c7a0063da"
+checksum = "080e9890a082662b09c1ad45f567faeeb47f22b5fb23895fbe1e651e718e25ca"
 
 [[package]]
 name = "arc-swap"
-version = "1.7.1"
+version = "1.5.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "69f7f8c3906b62b754cd5326047894316021dcfe5a194c8ea52bdd94934a3457"
+checksum = "983cd8b9d4b02a6dc6ffa557262eb5858a27a0038ffffe21a0f133eaa819a164"
 
 [[package]]
 name = "autocfg"
-version = "1.3.0"
+version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0c4b4d0bd25bd0b74681c0ad21497610ce1b7c91b1022cd21c80c6fbdd9476b0"
-
-[[package]]
-name = "base64"
-version = "0.21.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d297deb1925b89f2ccc13d7635fa0714f12c87adce1c75356b39ca9b7178567"
+checksum = "d468802bab17cbc0cc575e9b053f41e72aa36bfa6b7f55e3529ffa43161b97fa"
 
 [[package]]
 name = "bitflags"
-version = "2.5.0"
+version = "1.3.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "cf4b9d6a944f767f8e5e0db018570623c85f3d925ac718db4e06d0187adb21c1"
+checksum = "bef38d45163c2f1dde094a7dfd33ccf595c92905c8f8f4fdc18d06fb1037718a"
 
 [[package]]
 name = "blake2"
@@ -52,40 +46,19 @@ dependencies = [
 
 [[package]]
 name = "block-buffer"
-version = "0.10.4"
+version = "0.10.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3078c7629b62d3f0439517fa394996acacc5cbc91c5a20d8c658e77abd503a71"
+checksum = "69cce20737498f97b993470a6e536b8523f0af7892a4f928cceb1ac5e52ebe7e"
 dependencies = [
  "generic-array",
 ]
 
-[[package]]
-name = "bumpalo"
-version = "3.16.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "79296716171880943b8470b5f8d03aa55eb2e645a4874bdbb28adb49162e012c"
-
-[[package]]
-name = "bytes"
-version = "1.7.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8318a53db07bb3f8dca91a600466bdb3f2eaadeedfdbcf02e1accbad9271ba50"
-
 [[package]]
 name = "cfg-if"
 version = "1.0.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "baf1de4339761588bc0619e3cbc0120ee582ebb74b53b4efbf79117bd2da40fd"
 
-[[package]]
-name = "cpufeatures"
-version = "0.2.12"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "53fe5e26ff1b7aef8bca9c6080520cfb8d9333c7568e1829cef191a9723e5504"
-dependencies = [
- "libc",
-]
-
 [[package]]
 name = "crypto-common"
 version = "0.1.6"
@@ -98,68 +71,25 @@ dependencies = [
 
 [[package]]
 name = "digest"
-version = "0.10.7"
+version = "0.10.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9ed9a281f7bc9b7576e61468ba615a66a5c8cfdff42420a70aa82701a3b1e292"
+checksum = "adfbc57365a37acbd2ebf2b64d7e69bb766e2fea813521ed536f5d0520dcf86c"
 dependencies = [
  "block-buffer",
  "crypto-common",
  "subtle",
 ]
 
-[[package]]
-name = "fnv"
-version = "1.0.7"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3f9eec918d3f24069decb9af1554cad7c880e2da24a9afd88aca000531ab82c1"
-
 [[package]]
 name = "generic-array"
-version = "0.14.7"
+version = "0.14.6"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "85649ca51fd72272d7821adaf274ad91c288277713d9c18820d8499a7ff69e9a"
+checksum = "bff49e947297f3312447abdca79f45f4738097cc82b06e72054d2223f601f1b9"
 dependencies = [
  "typenum",
  "version_check",
 ]
 
-[[package]]
-name = "getrandom"
-version = "0.2.15"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c4567c8db10ae91089c99af84c68c38da3ec2f087c3f82960bcdbf3656b6f4d7"
-dependencies = [
- "cfg-if",
- "js-sys",
- "libc",
- "wasi",
- "wasm-bindgen",
-]
-
-[[package]]
-name = "headers"
-version = "0.4.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "322106e6bd0cba2d5ead589ddb8150a13d7c4217cf80d7c4f682ca994ccc6aa9"
-dependencies = [
- "base64",
- "bytes",
- "headers-core",
- "http",
- "httpdate",
- "mime",
- "sha1",
-]
-
-[[package]]
-name = "headers-core"
-version = "0.3.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "54b4a22553d4242c49fddb9ba998a99962b5cc6f22cb5a3482bec22522403ce4"
-dependencies = [
- "http",
-]
-
 [[package]]
 name = "heck"
 version = "0.4.1"
@@ -172,61 +102,35 @@ version = "0.4.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "7f24254aa9a54b5c858eaee2f5bccdb46aaf0e486a595ed5fd8f86ba55232a70"
 
-[[package]]
-name = "http"
-version = "1.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "21b9ddb458710bc376481b842f5da65cdf31522de232c1ca8146abce2a358258"
-dependencies = [
- "bytes",
- "fnv",
- "itoa",
-]
-
-[[package]]
-name = "httpdate"
-version = "1.0.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "df3b46402a9d5adb4c86a0cf463f42e19994e3ee891101b1841f30a545cb49a9"
-
 [[package]]
 name = "indoc"
-version = "2.0.5"
+version = "2.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "b248f5224d1d606005e02c97f5aa4e88eeb230488bcc03bc9ca4d7991399f2b5"
+checksum = "1e186cfbae8084e513daff4240b4797e342f988cecda4fb6c939150f96315fd8"
 
 [[package]]
 name = "itoa"
-version = "1.0.11"
+version = "1.0.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "49f1f14873335454500d59611f1cf4a4b0f786f9ac11f4312a78e4cf2566695b"
-
-[[package]]
-name = "js-sys"
-version = "0.3.69"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "29c15563dc2726973df627357ce0c9ddddbea194836909d655df6a75d2cf296d"
-dependencies = [
- "wasm-bindgen",
-]
+checksum = "4217ad341ebadf8d8e724e264f13e593e0648f5b3e94b3896a5df283be015ecc"
 
 [[package]]
 name = "lazy_static"
-version = "1.5.0"
+version = "1.4.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bbd2bcb4c963f2ddae06a2efc7e9f3591312473c50c6685e1f298068316e66fe"
+checksum = "e2abad23fbc42b3700f2f279844dc832adb2b2eb069b2df918f455c4e18cc646"
 
 [[package]]
 name = "libc"
-version = "0.2.154"
+version = "0.2.135"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ae743338b92ff9146ce83992f766a31066a91a8c84a45e0e9f21e7cf6de6d346"
+checksum = "68783febc7782c6c5cb401fbda4de5a9898be1762314da0bb2c10ced61f18b0c"
 
 [[package]]
 name = "lock_api"
-version = "0.4.12"
+version = "0.4.9"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "07af8b9cdd281b7915f413fa73f29ebd5d55d0d3f0155584dade1ff18cea1b17"
+checksum = "435011366fe56583b16cf956f9df0095b405b82d76425bc8981c0e22e60ec4df"
 dependencies = [
  "autocfg",
  "scopeguard",
@@ -234,42 +138,36 @@ dependencies = [
 
 [[package]]
 name = "log"
-version = "0.4.22"
+version = "0.4.20"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a7a70ba024b9dc04c27ea2f0c0548feb474ec5c54bba33a7f72f873a39d07b24"
+checksum = "b5e6163cb8c49088c2c36f57875e58ccd8c87c7427f7fbd50ea6710b2f3f2e8f"
 
 [[package]]
 name = "memchr"
-version = "2.7.2"
+version = "2.6.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6c8640c5d730cb13ebd907d8d04b52f55ac9a2eec55b440c8892f40d56c76c1d"
+checksum = "8f232d6ef707e1956a43342693d2a31e72989554d58299d7a88738cc95b0d35c"
 
 [[package]]
 name = "memoffset"
-version = "0.9.1"
+version = "0.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "488016bfae457b036d996092f6cb448677611ce4449e970ceaf42695203f218a"
+checksum = "5a634b1c61a95585bd15607c6ab0c4e5b226e695ff2800ba0cdccddf208c406c"
 dependencies = [
  "autocfg",
 ]
 
-[[package]]
-name = "mime"
-version = "0.3.17"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6877bb514081ee2a7ff5ef9de3281f14a4dd4bceac4c09388074a6b5df8a139a"
-
 [[package]]
 name = "once_cell"
-version = "1.19.0"
+version = "1.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3fdb12b2476b595f9358c5161aa467c2438859caa136dec86c26fdd2efe17b92"
+checksum = "e82dad04139b71a90c080c8463fe0dc7902db5192d939bd0950f074d014339e1"
 
 [[package]]
 name = "parking_lot"
-version = "0.12.2"
+version = "0.12.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7e4af0ca4f6caed20e900d564c242b8e5d4903fdacf31d3daf527b66fe6f42fb"
+checksum = "3742b2c103b9f06bc9fff0a37ff4912935851bee6d36f3c02bcc755bcfec228f"
 dependencies = [
  "lock_api",
  "parking_lot_core",
@@ -277,43 +175,31 @@ dependencies = [
 
 [[package]]
 name = "parking_lot_core"
-version = "0.9.10"
+version = "0.9.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "1e401f977ab385c9e4e3ab30627d6f26d00e2c73eef317493c4ec6d468726cf8"
+checksum = "09a279cbf25cb0757810394fbc1e359949b59e348145c643a939a525692e6929"
 dependencies = [
  "cfg-if",
  "libc",
  "redox_syscall",
  "smallvec",
- "windows-targets",
+ "windows-sys",
 ]
 
-[[package]]
-name = "portable-atomic"
-version = "1.6.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7170ef9988bc169ba16dd36a7fa041e5c4cbeb6a35b76d4c03daded371eae7c0"
-
-[[package]]
-name = "ppv-lite86"
-version = "0.2.17"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5b40af805b3121feab8a3c29f04d8ad262fa8e0561883e7653e024ae4479e6de"
-
 [[package]]
 name = "proc-macro2"
-version = "1.0.82"
+version = "1.0.76"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8ad3d49ab951a01fbaafe34f2ec74122942fe18a3f9814c3268f1bb72042131b"
+checksum = "95fc56cda0b5c3325f5fbbd7ff9fda9e02bb00bb3dac51252d2f1bfa1cb8cc8c"
 dependencies = [
  "unicode-ident",
 ]
 
 [[package]]
 name = "pyo3"
-version = "0.21.2"
+version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a5e00b96a521718e08e03b1a622f01c8a8deb50719335de3f60b3b3950f069d8"
+checksum = "9a89dc7a5850d0e983be1ec2a463a171d20990487c3cfcd68b5363f1ee3d6fe0"
 dependencies = [
  "anyhow",
  "cfg-if",
@@ -321,7 +207,6 @@ dependencies = [
  "libc",
  "memoffset",
  "parking_lot",
- "portable-atomic",
  "pyo3-build-config",
  "pyo3-ffi",
  "pyo3-macros",
@@ -330,9 +215,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-build-config"
-version = "0.21.2"
+version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7883df5835fafdad87c0d888b266c8ec0f4c9ca48a5bed6bbb592e8dedee1b50"
+checksum = "07426f0d8fe5a601f26293f300afd1a7b1ed5e78b2a705870c5f30893c5163be"
 dependencies = [
  "once_cell",
  "target-lexicon",
@@ -340,9 +225,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-ffi"
-version = "0.21.2"
+version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "01be5843dc60b916ab4dad1dca6d20b9b4e6ddc8e15f50c47fe6d85f1fb97403"
+checksum = "dbb7dec17e17766b46bca4f1a4215a85006b4c2ecde122076c562dd058da6cf1"
 dependencies = [
  "libc",
  "pyo3-build-config",
@@ -350,9 +235,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-log"
-version = "0.10.0"
+version = "0.9.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "2af49834b8d2ecd555177e63b273b708dea75150abc6f5341d0a6e1a9623976c"
+checksum = "4c10808ee7250403bedb24bc30c32493e93875fef7ba3e4292226fe924f398bd"
 dependencies = [
  "arc-swap",
  "log",
@@ -361,9 +246,9 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros"
-version = "0.21.2"
+version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "77b34069fc0682e11b31dbd10321cbf94808394c56fd996796ce45217dfac53c"
+checksum = "05f738b4e40d50b5711957f142878cfa0f28e054aa0ebdfc3fd137a843f74ed3"
 dependencies = [
  "proc-macro2",
  "pyo3-macros-backend",
@@ -373,22 +258,21 @@ dependencies = [
 
 [[package]]
 name = "pyo3-macros-backend"
-version = "0.21.2"
+version = "0.20.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "08260721f32db5e1a5beae69a55553f56b99bd0e1c3e6e0a5e8851a9d0f5a85c"
+checksum = "0fc910d4851847827daf9d6cdd4a823fbdaab5b8818325c5e97a86da79e8881f"
 dependencies = [
  "heck",
  "proc-macro2",
- "pyo3-build-config",
  "quote",
  "syn",
 ]
 
 [[package]]
 name = "pythonize"
-version = "0.21.1"
+version = "0.20.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9d0664248812c38cc55a4ed07f88e4df516ce82604b93b1ffdc041aa77a6cb3c"
+checksum = "ffd1c3ef39c725d63db5f9bc455461bafd80540cb7824c61afb823501921a850"
 dependencies = [
  "pyo3",
  "serde",
@@ -396,57 +280,27 @@ dependencies = [
 
 [[package]]
 name = "quote"
-version = "1.0.36"
+version = "1.0.35"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "0fa76aaf39101c457836aec0ce2316dbdc3ab723cdda1c6bd4e6ad4208acaca7"
+checksum = "291ec9ab5efd934aaf503a6466c5d5251535d108ee747472c3977cc5acc868ef"
 dependencies = [
  "proc-macro2",
 ]
 
-[[package]]
-name = "rand"
-version = "0.8.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "34af8d1a0e25924bc5b7c43c079c942339d8f0a8b57c39049bef581b46327404"
-dependencies = [
- "libc",
- "rand_chacha",
- "rand_core",
-]
-
-[[package]]
-name = "rand_chacha"
-version = "0.3.1"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e6c10a63a0fa32252be49d21e7709d4d4baf8d231c2dbce1eaa8141b9b127d88"
-dependencies = [
- "ppv-lite86",
- "rand_core",
-]
-
-[[package]]
-name = "rand_core"
-version = "0.6.4"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "ec0be4795e2f6a28069bec0b5ff3e2ac9bafc99e6a9a7dc3547996c5c816922c"
-dependencies = [
- "getrandom",
-]
-
 [[package]]
 name = "redox_syscall"
-version = "0.5.1"
+version = "0.2.16"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "469052894dcb553421e483e4209ee581a45100d31b4018de03e5a7ad86374a7e"
+checksum = "fb5a58c1855b4b6819d59012155603f0b22ad30cad752600aadfcb695265519a"
 dependencies = [
  "bitflags",
 ]
 
 [[package]]
 name = "regex"
-version = "1.10.6"
+version = "1.10.3"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4219d74c6b67a3654a9fbebc4b419e22126d13d2f3c4a07ee0cb61ff79a79619"
+checksum = "b62dbe01f0b06f9d8dc7d49e05a0785f153b00b2c227856282f671e0318c9b15"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -456,9 +310,9 @@ dependencies = [
 
 [[package]]
 name = "regex-automata"
-version = "0.4.6"
+version = "0.4.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "86b83b8b9847f9bf95ef68afb0b8e6cdb80f498442f5179a29fad448fcc1eaea"
+checksum = "3b7fa1134405e2ec9353fd416b17f8dacd46c473d7d3fd1cf202706a14eb792a"
 dependencies = [
  "aho-corasick",
  "memchr",
@@ -467,36 +321,36 @@ dependencies = [
 
 [[package]]
 name = "regex-syntax"
-version = "0.8.3"
+version = "0.8.2"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "adad44e29e4c806119491a7f06f03de4d1af22c3a680dd47f1e6e179439d1f56"
+checksum = "c08c74e62047bb2de4ff487b251e4a92e24f48745648451635cec7d591162d9f"
 
 [[package]]
 name = "ryu"
-version = "1.0.18"
+version = "1.0.11"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "f3cb5ba0dc43242ce17de99c180e96db90b235b8a9fdc9543c96d2209116bd9f"
+checksum = "4501abdff3ae82a1c1b477a17252eb69cee9e66eb915c1abaa4f44d873df9f09"
 
 [[package]]
 name = "scopeguard"
-version = "1.2.0"
+version = "1.1.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "94143f37725109f92c262ed2cf5e59bce7498c01bcc1502d7b9afe439a4e9f49"
+checksum = "d29ab0c6d3fc0ee92fe66e2d99f700eab17a8d57d1c1d3b748380fb20baa78cd"
 
 [[package]]
 name = "serde"
-version = "1.0.209"
+version = "1.0.195"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "99fce0ffe7310761ca6bf9faf5115afbc19688edd00171d81b1bb1b116c63e09"
+checksum = "63261df402c67811e9ac6def069e4786148c4563f4b50fd4bf30aa370d626b02"
 dependencies = [
  "serde_derive",
 ]
 
 [[package]]
 name = "serde_derive"
-version = "1.0.209"
+version = "1.0.195"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a5831b979fd7b5439637af1752d535ff49f4860c0f341d1baeb6faf0f4242170"
+checksum = "46fe8f8603d81ba86327b23a2e9cdf49e1255fb94a4c5f297f6ee0547178ea2c"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -505,55 +359,32 @@ dependencies = [
 
 [[package]]
 name = "serde_json"
-version = "1.0.127"
+version = "1.0.111"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "8043c06d9f82bd7271361ed64f415fe5e12a77fdb52e573e7f06a516dea329ad"
+checksum = "176e46fa42316f18edd598015a5166857fc835ec732f5215eac6b7bdbf0a84f4"
 dependencies = [
  "itoa",
- "memchr",
  "ryu",
  "serde",
 ]
 
-[[package]]
-name = "sha1"
-version = "0.10.6"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e3bf829a2d51ab4a5ddf1352d8470c140cadc8301b2ae1789db023f01cedd6ba"
-dependencies = [
- "cfg-if",
- "cpufeatures",
- "digest",
-]
-
-[[package]]
-name = "sha2"
-version = "0.10.8"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "793db75ad2bcafc3ffa7c68b215fee268f537982cd901d132f89c6343f3a3dc8"
-dependencies = [
- "cfg-if",
- "cpufeatures",
- "digest",
-]
-
 [[package]]
 name = "smallvec"
-version = "1.13.2"
+version = "1.10.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3c5e1a9a646d36c3599cd173a41282daf47c44583ad367b8e6837255952e5c67"
+checksum = "a507befe795404456341dfab10cef66ead4c041f62b8b11bbb92bffe5d0953e0"
 
 [[package]]
 name = "subtle"
-version = "2.5.0"
+version = "2.4.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "81cdd64d312baedb58e21336b31bc043b77e01cc99033ce76ef539f78e965ebc"
+checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
 
 [[package]]
 name = "syn"
-version = "2.0.61"
+version = "2.0.48"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "c993ed8ccba56ae856363b1845da7266a7cb78e1d146c8a32d54b45a8b831fc9"
+checksum = "0f3531638e407dfc0814761abb7c00a5b54992b849452a0646b7f65c9f770f3f"
 dependencies = [
  "proc-macro2",
  "quote",
@@ -565,53 +396,35 @@ name = "synapse"
 version = "0.1.0"
 dependencies = [
  "anyhow",
- "base64",
  "blake2",
- "bytes",
- "headers",
  "hex",
- "http",
  "lazy_static",
  "log",
- "mime",
  "pyo3",
  "pyo3-log",
  "pythonize",
  "regex",
  "serde",
  "serde_json",
- "sha2",
- "ulid",
 ]
 
 [[package]]
 name = "target-lexicon"
-version = "0.12.14"
+version = "0.12.4"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e1fc403891a21bcfb7c37834ba66a547a8f402146eba7265b5a6d88059c9ff2f"
+checksum = "c02424087780c9b71cc96799eaeddff35af2bc513278cda5c99fc1f5d026d3c1"
 
 [[package]]
 name = "typenum"
-version = "1.17.0"
+version = "1.15.0"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "42ff0bf0c66b8238c6f3b578df37d0b7848e55df8577b3f74f92a69acceeb825"
-
-[[package]]
-name = "ulid"
-version = "1.1.3"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "04f903f293d11f31c0c29e4148f6dc0d033a7f80cebc0282bea147611667d289"
-dependencies = [
- "getrandom",
- "rand",
- "web-time",
-]
+checksum = "dcf81ac59edc17cc8697ff311e8f5ef2d99fcbd9817b34cec66f90b6c3dfd987"
 
 [[package]]
 name = "unicode-ident"
-version = "1.0.12"
+version = "1.0.5"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "3354b9ac3fae1ff6755cb6db53683adb661634f67557942dea4facebec0fee4b"
+checksum = "6ceab39d59e4c9499d4e5a8ee0e2735b891bb7308ac83dfb4e80cad195c9f6f3"
 
 [[package]]
 name = "unindent"
@@ -626,135 +439,44 @@ source = "registry+https://github.com/rust-lang/crates.io-index"
 checksum = "49874b5167b65d7193b8aba1567f5c7d93d001cafc34600cee003eda787e483f"
 
 [[package]]
-name = "wasi"
-version = "0.11.0+wasi-snapshot-preview1"
+name = "windows-sys"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9c8d87e72b64a3b4db28d11ce29237c246188f4f51057d65a7eab63b7987e423"
-
-[[package]]
-name = "wasm-bindgen"
-version = "0.2.92"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4be2531df63900aeb2bca0daaaddec08491ee64ceecbee5076636a3b026795a8"
+checksum = "ea04155a16a59f9eab786fe12a4a450e75cdb175f9e0d80da1e17db09f55b8d2"
 dependencies = [
- "cfg-if",
- "wasm-bindgen-macro",
-]
-
-[[package]]
-name = "wasm-bindgen-backend"
-version = "0.2.92"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "614d787b966d3989fa7bb98a654e369c762374fd3213d212cfc0251257e747da"
-dependencies = [
- "bumpalo",
- "log",
- "once_cell",
- "proc-macro2",
- "quote",
- "syn",
- "wasm-bindgen-shared",
-]
-
-[[package]]
-name = "wasm-bindgen-macro"
-version = "0.2.92"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "a1f8823de937b71b9460c0c34e25f3da88250760bec0ebac694b49997550d726"
-dependencies = [
- "quote",
- "wasm-bindgen-macro-support",
-]
-
-[[package]]
-name = "wasm-bindgen-macro-support"
-version = "0.2.92"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "e94f17b526d0a461a191c78ea52bbce64071ed5c04c9ffe424dcb38f74171bb7"
-dependencies = [
- "proc-macro2",
- "quote",
- "syn",
- "wasm-bindgen-backend",
- "wasm-bindgen-shared",
-]
-
-[[package]]
-name = "wasm-bindgen-shared"
-version = "0.2.92"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "af190c94f2773fdb3729c55b007a722abb5384da03bc0986df4c289bf5567e96"
-
-[[package]]
-name = "web-time"
-version = "1.1.0"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "5a6580f308b1fad9207618087a65c04e7a10bc77e02c8e84e9b00dd4b12fa0bb"
-dependencies = [
- "js-sys",
- "wasm-bindgen",
-]
-
-[[package]]
-name = "windows-targets"
-version = "0.52.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "6f0713a46559409d202e70e28227288446bf7841d3211583a4b53e3f6d96e7eb"
-dependencies = [
- "windows_aarch64_gnullvm",
  "windows_aarch64_msvc",
  "windows_i686_gnu",
- "windows_i686_gnullvm",
  "windows_i686_msvc",
  "windows_x86_64_gnu",
- "windows_x86_64_gnullvm",
  "windows_x86_64_msvc",
 ]
 
-[[package]]
-name = "windows_aarch64_gnullvm"
-version = "0.52.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "7088eed71e8b8dda258ecc8bac5fb1153c5cffaf2578fc8ff5d61e23578d3263"
-
 [[package]]
 name = "windows_aarch64_msvc"
-version = "0.52.5"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "9985fd1504e250c615ca5f281c3f7a6da76213ebd5ccc9561496568a2752afb6"
+checksum = "9bb8c3fd39ade2d67e9874ac4f3db21f0d710bee00fe7cab16949ec184eeaa47"
 
 [[package]]
 name = "windows_i686_gnu"
-version = "0.52.5"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "88ba073cf16d5372720ec942a8ccbf61626074c6d4dd2e745299726ce8b89670"
-
-[[package]]
-name = "windows_i686_gnullvm"
-version = "0.52.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "87f4261229030a858f36b459e748ae97545d6f1ec60e5e0d6a3d32e0dc232ee9"
+checksum = "180e6ccf01daf4c426b846dfc66db1fc518f074baa793aa7d9b9aaeffad6a3b6"
 
 [[package]]
 name = "windows_i686_msvc"
-version = "0.52.5"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "db3c2bf3d13d5b658be73463284eaf12830ac9a26a90c717b7f771dfe97487bf"
+checksum = "e2e7917148b2812d1eeafaeb22a97e4813dfa60a3f8f78ebe204bcc88f12f024"
 
 [[package]]
 name = "windows_x86_64_gnu"
-version = "0.52.5"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "4e4246f76bdeff09eb48875a0fd3e2af6aada79d409d33011886d3e1581517d9"
-
-[[package]]
-name = "windows_x86_64_gnullvm"
-version = "0.52.5"
-source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "852298e482cd67c356ddd9570386e2862b5673c85bd5f88df9ab6802b334c596"
+checksum = "4dcd171b8776c41b97521e5da127a2d86ad280114807d0b2ab1e462bc764d9e1"
 
 [[package]]
 name = "windows_x86_64_msvc"
-version = "0.52.5"
+version = "0.36.1"
 source = "registry+https://github.com/rust-lang/crates.io-index"
-checksum = "bec47e5bfd1bff0eeaf6d8b485cc1074891a197ab4225d504cb7a1ab88b02bf0"
+checksum = "c811ca4a8c853ef420abd8592ba53ddbbac90410fab6903b3e79972a631f7680"

README.rst

@@ -1,34 +1,21 @@
-.. image:: ./docs/element_logo_white_bg.svg
-   :height: 60px
+=========================================================================
+Synapse |support| |development| |documentation| |license| |pypi| |python|
+=========================================================================
 
-**Element Synapse - Matrix homeserver implementation**
+Synapse is an open-source `Matrix <https://matrix.org/>`_ homeserver written and
+maintained by the Matrix.org Foundation. We began rapid development in 2014,
+reaching v1.0.0 in 2019. Development on Synapse and the Matrix protocol itself continues
+in earnest today.
 
-|support| |development| |documentation| |license| |pypi| |python|
-
-Synapse is an open source `Matrix <https://matrix.org>`__ homeserver
-implementation, written and maintained by `Element <https://element.io>`_.
-`Matrix <https://github.com/matrix-org>`__ is the open standard for
-secure and interoperable real time communications. You can directly run
-and manage the source code in this repository, available under an AGPL
-license. There is no support provided from Element unless you have a
-subscription.
-
-Subscription alternative
-========================
-
-Alternatively, for those that need an enterprise-ready solution, Element
-Server Suite (ESS) is `available as a subscription <https://element.io/pricing>`_.
-ESS builds on Synapse to offer a complete Matrix-based backend including the full
-`Admin Console product <https://element.io/enterprise-functionality/admin-console>`_,
-giving admins the power to easily manage an organization-wide
-deployment. It includes advanced identity management, auditing,
-moderation and data retention options as well as Long Term Support and
-SLAs. ESS can be used to support any Matrix-based frontend client.
+Briefly, Matrix is an open standard for communications on the internet, supporting
+federation, encryption and VoIP. Matrix.org has more to say about the `goals of the
+Matrix project <https://matrix.org/docs/guides/introduction>`_, and the `formal specification
+<https://spec.matrix.org/>`_ describes the technical details.
 
 .. contents::
 
-🛠️ Installing and configuration
-===============================
+Installing and configuration
+============================
 
 The Synapse documentation describes `how to install Synapse <https://element-hq.github.io/synapse/latest/setup/installation.html>`_. We recommend using
 `Docker images <https://element-hq.github.io/synapse/latest/setup/installation.html#docker-images-and-ansible-playbooks>`_ or `Debian packages from Matrix.org
@@ -118,8 +105,8 @@ Following this advice ensures that even if an XSS is found in Synapse, the
 impact to other applications will be minimal.
 
 
-🧪 Testing a new installation
-=============================
+Testing a new installation
+==========================
 
 The easiest way to try out your new Synapse installation is by connecting to it
 from a web client.
@@ -172,20 +159,8 @@ the form of::
 As when logging in, you will need to specify a "Custom server".  Specify your
 desired ``localpart`` in the 'User name' box.
 
-🎯 Troubleshooting and support
-==============================
-
-🚀 Professional support
------------------------
-
-Enterprise quality support for Synapse including SLAs is available as part of an
-`Element Server Suite (ESS) <https://element.io/pricing>`_ subscription.
-
-If you are an existing ESS subscriber then you can raise a `support request <https://ems.element.io/support>`_
-and access the `knowledge base <https://ems-docs.element.io>`_.
-
-🤝 Community support
---------------------
+Troubleshooting and support
+===========================
 
 The `Admin FAQ <https://element-hq.github.io/synapse/latest/usage/administration/admin_faq.html>`_
 includes tips on dealing with some common problems. For more details, see
@@ -201,8 +176,8 @@ issues for support requests, only for bug reports and feature requests.
 .. |docs| replace:: ``docs``
 .. _docs: docs
 
-🪪 Identity Servers
-===================
+Identity Servers
+================
 
 Identity servers have the job of mapping email addresses and other 3rd Party
 IDs (3PIDs) to Matrix user IDs, as well as verifying the ownership of 3PIDs
@@ -231,8 +206,8 @@ an email address with your account, or send an invite to another user via their
 email address.
 
 
-🛠️ Development
-==============
+Development
+===========
 
 We welcome contributions to Synapse from the community!
 The best place to get started is our
@@ -250,8 +225,8 @@ Alongside all that, join our developer community on Matrix:
 `#synapse-dev:matrix.org <https://matrix.to/#/#synapse-dev:matrix.org>`_, featuring real humans!
 
 
-.. |support| image:: https://img.shields.io/badge/matrix-community%20support-success
-  :alt: (get community support in #synapse:matrix.org)
+.. |support| image:: https://img.shields.io/matrix/synapse:matrix.org?label=support&logo=matrix
+  :alt: (get support on #synapse:matrix.org)
   :target: https://matrix.to/#/#synapse:matrix.org
 
 .. |development| image:: https://img.shields.io/matrix/synapse-dev:matrix.org?label=development&logo=matrix

changelog.d/16856.doc

@@ -0,0 +1 @@
+Fix building the developer documentation on the `develop` branch.

contrib/cmdclient/console.py

@@ -21,8 +21,7 @@
 #
 #
 
-"""Starts a synapse client console."""
-
+""" Starts a synapse client console. """
 import argparse
 import binascii
 import cmd

debian/changelog

@@ -1,238 +1,3 @@
-matrix-synapse-py3 (1.115.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.115.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 10 Sep 2024 08:39:09 -0600
-
-matrix-synapse-py3 (1.114.0) stable; urgency=medium
-
-  * New Synapse release 1.114.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Mon, 02 Sep 2024 15:14:53 +0100
-
-matrix-synapse-py3 (1.114.0~rc3) stable; urgency=medium
-
-  * New Synapse release 1.114.0rc3.
-
- -- Synapse Packaging team <packages@matrix.org>  Fri, 30 Aug 2024 16:38:05 +0100
-
-matrix-synapse-py3 (1.114.0~rc2) stable; urgency=medium
-
-  * New Synapse release 1.114.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Fri, 30 Aug 2024 15:35:13 +0100
-
-matrix-synapse-py3 (1.114.0~rc1) stable; urgency=medium
-
-  * New synapse release 1.114.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 20 Aug 2024 12:55:28 +0000
-
-matrix-synapse-py3 (1.113.0) stable; urgency=medium
-
-  * New Synapse release 1.113.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 13 Aug 2024 14:36:56 +0100
-
-matrix-synapse-py3 (1.113.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.113.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 06 Aug 2024 12:23:23 +0100
-
-matrix-synapse-py3 (1.112.0) stable; urgency=medium
-
-  * New Synapse release 1.112.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 30 Jul 2024 17:15:48 +0100
-
-matrix-synapse-py3 (1.112.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.112.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 23 Jul 2024 08:58:55 -0600
-
-matrix-synapse-py3 (1.111.1) stable; urgency=medium
-
-  * New Synapse release 1.111.1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 30 Jul 2024 16:13:52 +0100
-
-matrix-synapse-py3 (1.111.0) stable; urgency=medium
-
-  * New Synapse release 1.111.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 16 Jul 2024 12:42:46 +0200
-
-matrix-synapse-py3 (1.111.0~rc2) stable; urgency=medium
-
-  * New synapse release 1.111.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 10 Jul 2024 08:46:54 +0000
-
-matrix-synapse-py3 (1.111.0~rc1) stable; urgency=medium
-
-  * New synapse release 1.111.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 09 Jul 2024 09:49:25 +0000
-
-matrix-synapse-py3 (1.110.0) stable; urgency=medium
-
-  * New Synapse release 1.110.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 03 Jul 2024 09:08:59 -0600
-
-matrix-synapse-py3 (1.110.0~rc3) stable; urgency=medium
-
-  * New Synapse release 1.110.0rc3.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 02 Jul 2024 08:28:56 -0600
-
-matrix-synapse-py3 (1.110.0~rc2) stable; urgency=medium
-
-  * New Synapse release 1.110.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 26 Jun 2024 18:14:48 +0200
-
-matrix-synapse-py3 (1.110.0~rc1) stable; urgency=medium
-
-  * `register_new_matrix_user` now supports a --password-file and a --exists-ok flag.
-  * New Synapse release 1.110.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Wed, 26 Jun 2024 14:07:56 +0200
-
-matrix-synapse-py3 (1.109.0) stable; urgency=medium
-
-  * New synapse release 1.109.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 18 Jun 2024 09:45:15 +0000
-
-matrix-synapse-py3 (1.109.0~rc3) stable; urgency=medium
-
-  * New synapse release 1.109.0rc3.
-
- -- Synapse Packaging team <packages@matrix.org>  Mon, 17 Jun 2024 12:05:24 +0000
-
-matrix-synapse-py3 (1.109.0~rc2) stable; urgency=medium
-
-  * New synapse release 1.109.0rc2.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 11 Jun 2024 13:20:17 +0000
-
-matrix-synapse-py3 (1.109.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.109.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 04 Jun 2024 09:42:46 +0100
-
-matrix-synapse-py3 (1.108.0) stable; urgency=medium
-
-  * New Synapse release 1.108.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 28 May 2024 11:54:22 +0100
-
-matrix-synapse-py3 (1.108.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.108.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 21 May 2024 10:54:13 +0100
-
-matrix-synapse-py3 (1.107.0) stable; urgency=medium
-
-  * New Synapse release 1.107.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 14 May 2024 14:15:34 +0100
-
-matrix-synapse-py3 (1.107.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.107.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 07 May 2024 16:26:26 +0100
-
-matrix-synapse-py3 (1.106.0) stable; urgency=medium
-
-  * New Synapse release 1.106.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 30 Apr 2024 11:51:43 +0100
-
-matrix-synapse-py3 (1.106.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.106.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Thu, 25 Apr 2024 15:54:59 +0100
-
-matrix-synapse-py3 (1.105.1) stable; urgency=medium
-
-  * New Synapse release 1.105.1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 23 Apr 2024 15:56:18 +0100
-
-matrix-synapse-py3 (1.105.0) stable; urgency=medium
-
-  * New Synapse release 1.105.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 16 Apr 2024 15:53:23 +0100
-
-matrix-synapse-py3 (1.105.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.105.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Thu, 11 Apr 2024 12:15:49 +0100
-
-matrix-synapse-py3 (1.104.0) stable; urgency=medium
-
-  * New Synapse release 1.104.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 02 Apr 2024 17:15:45 +0100
-
-matrix-synapse-py3 (1.104.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.104.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 26 Mar 2024 11:48:58 +0000
-
-matrix-synapse-py3 (1.103.0) stable; urgency=medium
-
-  * New Synapse release 1.103.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 19 Mar 2024 12:24:36 +0000
-
-matrix-synapse-py3 (1.103.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.103.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 12 Mar 2024 15:02:56 +0000
-
-matrix-synapse-py3 (1.102.0) stable; urgency=medium
-
-  * New Synapse release 1.102.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 05 Mar 2024 14:47:03 +0000
-
-matrix-synapse-py3 (1.102.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.102.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 20 Feb 2024 15:50:36 +0000
-
-matrix-synapse-py3 (1.101.0) stable; urgency=medium
-
-  * New Synapse release 1.101.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 13 Feb 2024 10:45:35 +0000
-
-matrix-synapse-py3 (1.101.0~rc1) stable; urgency=medium
-
-  * New Synapse release 1.101.0rc1.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 06 Feb 2024 16:02:02 +0000
-
-matrix-synapse-py3 (1.100.0) stable; urgency=medium
-
-  * New Synapse release 1.100.0.
-
- -- Synapse Packaging team <packages@matrix.org>  Tue, 30 Jan 2024 16:58:19 +0000
-
 matrix-synapse-py3 (1.100.0~rc3) stable; urgency=medium
 
   * New Synapse release 1.100.0rc3.

debian/hash_password.1

@@ -1,13 +1,10 @@
-.\" generated with Ronn-NG/v0.10.1
-.\" http://github.com/apjanke/ronn-ng/tree/0.10.1
-.TH "HASH_PASSWORD" "1" "August 2024" ""
+.\" generated with Ronn-NG/v0.8.0
+.\" http://github.com/apjanke/ronn-ng/tree/0.8.0
+.TH "HASH_PASSWORD" "1" "July 2021" "" ""
 .SH "NAME"
 \fBhash_password\fR \- Calculate the hash of a new password, so that passwords can be reset
 .SH "SYNOPSIS"
-.TS
-allbox;
-\fBhash_password\fR [\fB\-p\fR	\fB\-\-password\fR [password]] [\fB\-c\fR	\fB\-\-config\fR \fIfile\fR]
-.TE
+\fBhash_password\fR [\fB\-p\fR|\fB\-\-password\fR [password]] [\fB\-c\fR|\fB\-\-config\fR \fIfile\fR]
 .SH "DESCRIPTION"
 \fBhash_password\fR calculates the hash of a supplied password using bcrypt\.
 .P
@@ -23,7 +20,7 @@ bcrypt_rounds: 17 password_config: pepper: "random hashing pepper"
 .SH "OPTIONS"
 .TP
 \fB\-p\fR, \fB\-\-password\fR
-Read the password form the command line if [password] is supplied, or from \fBSTDIN\fR\. If not, prompt the user and read the password from the tty prompt\. It is not recommended to type the password on the command line directly\. Use the STDIN instead\.
+Read the password form the command line if [password] is supplied\. If not, prompt the user and read the password form the \fBSTDIN\fR\. It is not recommended to type the password on the command line directly\. Use the STDIN instead\.
 .TP
 \fB\-c\fR, \fB\-\-config\fR
 Read the supplied YAML \fIfile\fR containing the options \fBbcrypt_rounds\fR and the \fBpassword_config\fR section containing the \fBpepper\fR value\.
@@ -36,17 +33,7 @@ $2b$12$VJNqWQYfsWTEwcELfoSi4Oa8eA17movHqqi8\.X8fWFpum7SxZ9MFe
 .fi
 .IP "" 0
 .P
-Hash from the stdin:
-.IP "" 4
-.nf
-$ cat password_file | hash_password
-Password:
-Confirm password:
-$2b$12$AszlvfmJl2esnyhmn8m/kuR2tdXgROWtWxnX\.rcuAbM8ErLoUhybG
-.fi
-.IP "" 0
-.P
-Hash from the prompt:
+Hash from the STDIN:
 .IP "" 4
 .nf
 $ hash_password
@@ -66,6 +53,6 @@ $2b$12$CwI\.wBNr\.w3kmiUlV3T5s\.GT2wH7uebDCovDrCOh18dFedlANK99O
 .fi
 .IP "" 0
 .SH "COPYRIGHT"
-This man page was written by Rahul De «rahulde@swecha\.net» for Debian GNU/Linux distribution\.
+This man page was written by Rahul De <\fI\%mailto:rahulde@swecha\.net\fR> for Debian GNU/Linux distribution\.
 .SH "SEE ALSO"
 synctl(1), synapse_port_db(1), register_new_matrix_user(1), synapse_review_recent_signups(1)

debian/hash_password.1.html

@@ -1,182 +0,0 @@
-<!DOCTYPE html>
-<html>
-<head>
-  <meta http-equiv='content-type' content='text/html;charset=utf-8'>
-  <meta name='generator' content='Ronn-NG/v0.10.1 (http://github.com/apjanke/ronn-ng/tree/0.10.1)'>
-  <title>hash_password(1) - Calculate the hash of a new password, so that passwords can be reset</title>
-  <style type='text/css' media='all'>
-  /* style: man */
-  body#manpage {margin:0}
-  .mp {max-width:100ex;padding:0 9ex 1ex 4ex}
-  .mp p,.mp pre,.mp ul,.mp ol,.mp dl {margin:0 0 20px 0}
-  .mp h2 {margin:10px 0 0 0}
-  .mp > p,.mp > pre,.mp > ul,.mp > ol,.mp > dl {margin-left:8ex}
-  .mp h3 {margin:0 0 0 4ex}
-  .mp dt {margin:0;clear:left}
-  .mp dt.flush {float:left;width:8ex}
-  .mp dd {margin:0 0 0 9ex}
-  .mp h1,.mp h2,.mp h3,.mp h4 {clear:left}
-  .mp pre {margin-bottom:20px}
-  .mp pre+h2,.mp pre+h3 {margin-top:22px}
-  .mp h2+pre,.mp h3+pre {margin-top:5px}
-  .mp img {display:block;margin:auto}
-  .mp h1.man-title {display:none}
-  .mp,.mp code,.mp pre,.mp tt,.mp kbd,.mp samp,.mp h3,.mp h4 {font-family:monospace;font-size:14px;line-height:1.42857142857143}
-  .mp h2 {font-size:16px;line-height:1.25}
-  .mp h1 {font-size:20px;line-height:2}
-  .mp {text-align:justify;background:#fff}
-  .mp,.mp code,.mp pre,.mp pre code,.mp tt,.mp kbd,.mp samp {color:#131211}
-  .mp h1,.mp h2,.mp h3,.mp h4 {color:#030201}
-  .mp u {text-decoration:underline}
-  .mp code,.mp strong,.mp b {font-weight:bold;color:#131211}
-  .mp em,.mp var {font-style:italic;color:#232221;text-decoration:none}
-  .mp a,.mp a:link,.mp a:hover,.mp a code,.mp a pre,.mp a tt,.mp a kbd,.mp a samp {color:#0000ff}
-  .mp b.man-ref {font-weight:normal;color:#434241}
-  .mp pre {padding:0 4ex}
-  .mp pre code {font-weight:normal;color:#434241}
-  .mp h2+pre,h3+pre {padding-left:0}
-  ol.man-decor,ol.man-decor li {margin:3px 0 10px 0;padding:0;float:left;width:33%;list-style-type:none;text-transform:uppercase;color:#999;letter-spacing:1px}
-  ol.man-decor {width:100%}
-  ol.man-decor li.tl {text-align:left}
-  ol.man-decor li.tc {text-align:center;letter-spacing:4px}
-  ol.man-decor li.tr {text-align:right;float:right}
-  </style>
-</head>
-<!--
-  The following styles are deprecated and will be removed at some point:
-  div#man, div#man ol.man, div#man ol.head, div#man ol.man.
-
-  The .man-page, .man-decor, .man-head, .man-foot, .man-title, and
-  .man-navigation should be used instead.
--->
-<body id='manpage'>
-  <div class='mp' id='man'>
-
-  <div class='man-navigation' style='display:none'>
-    <a href="#NAME">NAME</a>
-    <a href="#SYNOPSIS">SYNOPSIS</a>
-    <a href="#DESCRIPTION">DESCRIPTION</a>
-    <a href="#FILES">FILES</a>
-    <a href="#OPTIONS">OPTIONS</a>
-    <a href="#EXAMPLES">EXAMPLES</a>
-    <a href="#COPYRIGHT">COPYRIGHT</a>
-    <a href="#SEE-ALSO">SEE ALSO</a>
-  </div>
-
-  <ol class='man-decor man-head man head'>
-    <li class='tl'>hash_password(1)</li>
-    <li class='tc'></li>
-    <li class='tr'>hash_password(1)</li>
-  </ol>
-
-  
-
-<h2 id="NAME">NAME</h2>
-<p class="man-name">
-  <code>hash_password</code> - <span class="man-whatis">Calculate the hash of a new password, so that passwords can be reset</span>
-</p>
-<h2 id="SYNOPSIS">SYNOPSIS</h2>
-
-<table>
-  <tbody>
-    <tr>
-      <td>
-<code>hash_password</code> [<code>-p</code>
-</td>
-      <td>
-<code>--password</code> [password]] [<code>-c</code>
-</td>
-      <td>
-<code>--config</code> <var>file</var>]</td>
-    </tr>
-  </tbody>
-</table>
-
-<h2 id="DESCRIPTION">DESCRIPTION</h2>
-
-<p><strong>hash_password</strong> calculates the hash of a supplied password using bcrypt.</p>
-
-<p><code>hash_password</code> takes a password as an parameter either on the command line
-or the <code>STDIN</code> if not supplied.</p>
-
-<p>It accepts an YAML file which can be used to specify parameters like the
-number of rounds for bcrypt and password_config section having the pepper
-value used for the hashing. By default <code>bcrypt_rounds</code> is set to <strong>12</strong>.</p>
-
-<p>The hashed password is written on the <code>STDOUT</code>.</p>
-
-<h2 id="FILES">FILES</h2>
-
-<p>A sample YAML file accepted by <code>hash_password</code> is described below:</p>
-
-<p>bcrypt_rounds: 17
-  password_config:
-    pepper: "random hashing pepper"</p>
-
-<h2 id="OPTIONS">OPTIONS</h2>
-
-<dl>
-<dt>
-<code>-p</code>, <code>--password</code>
-</dt>
-<dd>Read the password form the command line if [password] is supplied, or from <code>STDIN</code>.
-If not, prompt the user and read the password from the tty prompt.
-It is not recommended to type the password on the command line
-directly. Use the STDIN instead.</dd>
-<dt>
-<code>-c</code>, <code>--config</code>
-</dt>
-<dd>Read the supplied YAML <var>file</var> containing the options <code>bcrypt_rounds</code>
-and the <code>password_config</code> section containing the <code>pepper</code> value.</dd>
-</dl>
-
-<h2 id="EXAMPLES">EXAMPLES</h2>
-
-<p>Hash from the command line:</p>
-
-<pre><code>$ hash_password -p "p@ssw0rd"
-$2b$12$VJNqWQYfsWTEwcELfoSi4Oa8eA17movHqqi8.X8fWFpum7SxZ9MFe
-</code></pre>
-
-<p>Hash from the stdin:</p>
-
-<pre><code>$ cat password_file | hash_password
-Password:
-Confirm password:
-$2b$12$AszlvfmJl2esnyhmn8m/kuR2tdXgROWtWxnX.rcuAbM8ErLoUhybG
-</code></pre>
-
-<p>Hash from the prompt:</p>
-
-<pre><code>$ hash_password
-Password:
-Confirm password:
-$2b$12$AszlvfmJl2esnyhmn8m/kuR2tdXgROWtWxnX.rcuAbM8ErLoUhybG
-</code></pre>
-
-<p>Using a config file:</p>
-
-<pre><code>$ hash_password -c config.yml
-Password:
-Confirm password:
-$2b$12$CwI.wBNr.w3kmiUlV3T5s.GT2wH7uebDCovDrCOh18dFedlANK99O
-</code></pre>
-
-<h2 id="COPYRIGHT">COPYRIGHT</h2>
-
-<p>This man page was written by Rahul De «rahulde@swecha.net»
-for Debian GNU/Linux distribution.</p>
-
-<h2 id="SEE-ALSO">SEE ALSO</h2>
-
-<p><span class="man-ref">synctl<span class="s">(1)</span></span>, <span class="man-ref">synapse_port_db<span class="s">(1)</span></span>, <span class="man-ref">register_new_matrix_user<span class="s">(1)</span></span>, <span class="man-ref">synapse_review_recent_signups<span class="s">(1)</span></span></p>
-
-  <ol class='man-decor man-foot man foot'>
-    <li class='tl'></li>
-    <li class='tc'>August 2024</li>
-    <li class='tr'>hash_password(1)</li>
-  </ol>
-
-  </div>
-</body>
-</html>

debian/hash_password.ronn

@@ -29,8 +29,8 @@ A sample YAML file accepted by `hash_password` is described below:
 ## OPTIONS
 
   * `-p`, `--password`:
-    Read the password form the command line if [password] is supplied, or from `STDIN`.
-    If not, prompt the user and read the password from the tty prompt.
+    Read the password form the command line if [password] is supplied.
+    If not, prompt the user and read the password form the `STDIN`.
     It is not recommended to type the password on the command line
     directly. Use the STDIN instead.
 
@@ -45,14 +45,7 @@ Hash from the command line:
     $ hash_password -p "p@ssw0rd"
     $2b$12$VJNqWQYfsWTEwcELfoSi4Oa8eA17movHqqi8.X8fWFpum7SxZ9MFe
 
-Hash from the stdin:
-
-    $ cat password_file | hash_password
-    Password:
-    Confirm password:
-    $2b$12$AszlvfmJl2esnyhmn8m/kuR2tdXgROWtWxnX.rcuAbM8ErLoUhybG
-
-Hash from the prompt:
+Hash from the STDIN:
 
     $ hash_password
     Password:

debian/register_new_matrix_user.ronn

@@ -31,12 +31,8 @@ A sample YAML file accepted by `register_new_matrix_user` is described below:
     Local part of the new user. Will prompt if omitted.
 
   * `-p`, `--password`:
-    New password for user. Will prompt if this option and `--password-file` are omitted.
-    Supplying the password on the command line is not recommended.
-
-  * `--password-file`:
-    File containing the new password for user. If set, overrides `--password`.
-    This is a more secure alternative to specifying the password on the command line.
+    New password for user. Will prompt if omitted. Supplying the password
+    on the command line is not recommended. Use the STDIN instead.
 
   * `-a`, `--admin`:
     Register new user as an admin. Will prompt if omitted.
@@ -48,9 +44,6 @@ A sample YAML file accepted by `register_new_matrix_user` is described below:
     Shared secret as defined in server config file. This is an optional
     parameter as it can be also supplied via the YAML file.
 
-  * `--exists-ok`:
-    Do not fail if the user already exists. The user account will be not updated in this case.
-
   * `server_url`:
     URL of the home server. Defaults to 'https://localhost:8448'.
 

debian/templates

@@ -5,7 +5,7 @@ _Description: Name of the server:
  servers via federation. This is normally the public hostname of the
  server running synapse, but can be different if you set up delegation.
  Please refer to the delegation documentation in this case:
- https://element-hq.github.io/synapse/latest/delegate.html.
+ https://github.com/element-hq/synapse/blob/master/docs/delegate.md.
 
 Template: matrix-synapse/report-stats
 Type: boolean

dev-docs/Makefile

@@ -0,0 +1,20 @@
+# Minimal makefile for Sphinx documentation
+#
+
+# You can set these variables from the command line, and also
+# from the environment for the first two.
+SPHINXOPTS    ?=
+SPHINXBUILD   ?= sphinx-build
+SOURCEDIR     = .
+BUILDDIR      = _build
+
+# Put it first so that "make" without argument is like "make help".
+help:
+	@$(SPHINXBUILD) -M help "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)
+
+.PHONY: help Makefile
+
+# Catch-all target: route all unknown targets to Sphinx using the new
+# "make mode" option.  $(O) is meant as a shortcut for $(SPHINXOPTS).
+%: Makefile
+	@$(SPHINXBUILD) -M $@ "$(SOURCEDIR)" "$(BUILDDIR)" $(SPHINXOPTS) $(O)

dev-docs/conf.py

@@ -0,0 +1,50 @@
+# Configuration file for the Sphinx documentation builder.
+#
+# For the full list of built-in configuration values, see the documentation:
+# https://www.sphinx-doc.org/en/master/usage/configuration.html
+
+# -- Project information -----------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#project-information
+
+project = "Synapse development"
+copyright = "2023, The Matrix.org Foundation C.I.C."
+author = "The Synapse Maintainers and Community"
+
+# -- General configuration ---------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#general-configuration
+
+extensions = [
+    "autodoc2",
+    "myst_parser",
+]
+
+templates_path = ["_templates"]
+exclude_patterns = ["_build", "Thumbs.db", ".DS_Store"]
+
+
+# -- Options for Autodoc2 ----------------------------------------------------
+
+autodoc2_docstring_parser_regexes = [
+    # this will render all docstrings as 'MyST' Markdown
+    (r".*", "myst"),
+]
+
+autodoc2_packages = [
+    {
+        "path": "../synapse",
+        # Don't render documentation for everything as a matter of course
+        "auto_mode": False,
+    },
+]
+
+
+# -- Options for MyST (Markdown) ---------------------------------------------
+
+# myst_heading_anchors = 2
+
+
+# -- Options for HTML output -------------------------------------------------
+# https://www.sphinx-doc.org/en/master/usage/configuration.html#options-for-html-output
+
+html_theme = "furo"
+html_static_path = ["_static"]

dev-docs/index.rst

@@ -0,0 +1,22 @@
+.. Synapse Developer Documentation documentation master file, created by
+   sphinx-quickstart on Mon Mar 13 08:59:51 2023.
+   You can adapt this file completely to your liking, but it should at least
+   contain the root `toctree` directive.
+
+Welcome to the Synapse Developer Documentation!
+===========================================================
+
+.. toctree::
+   :maxdepth: 2
+   :caption: Contents:
+
+   modules/federation_sender
+
+
+
+Indices and tables
+==================
+
+* :ref:`genindex`
+* :ref:`modindex`
+* :ref:`search`

dev-docs/modules/federation_sender.md

@@ -0,0 +1,5 @@
+Federation Sender
+=================
+
+```{autodoc2-docstring} synapse.federation.sender
+```

docker/Dockerfile

@@ -27,7 +27,7 @@ ARG PYTHON_VERSION=3.11
 ###
 # We hardcode the use of Debian bookworm here because this could change upstream
 # and other Dockerfiles used for testing are expecting bookworm.
-FROM docker.io/library/python:${PYTHON_VERSION}-slim-bookworm AS requirements
+FROM docker.io/library/python:${PYTHON_VERSION}-slim-bookworm as requirements
 
 # RUN --mount is specific to buildkit and is documented at
 # https://github.com/moby/buildkit/blob/master/frontend/dockerfile/docs/syntax.md#build-mounts-run---mount.
@@ -87,7 +87,7 @@ RUN if [ -z "$TEST_ONLY_IGNORE_POETRY_LOCKFILE" ]; then \
 ###
 ### Stage 1: builder
 ###
-FROM docker.io/library/python:${PYTHON_VERSION}-slim-bookworm AS builder
+FROM docker.io/library/python:${PYTHON_VERSION}-slim-bookworm as builder
 
 # install the OS build deps
 RUN \
@@ -163,7 +163,7 @@ FROM docker.io/library/python:${PYTHON_VERSION}-slim-bookworm
 LABEL org.opencontainers.image.url='https://matrix.org/docs/projects/server/synapse'
 LABEL org.opencontainers.image.documentation='https://github.com/element-hq/synapse/blob/master/docker/README.md'
 LABEL org.opencontainers.image.source='https://github.com/element-hq/synapse.git'
-LABEL org.opencontainers.image.licenses='AGPL-3.0-or-later'
+LABEL org.opencontainers.image.licenses='Apache-2.0'
 
 RUN \
   --mount=type=cache,target=/var/cache/apt,sharing=locked \

docker/Dockerfile-dhvirtualenv

@@ -24,7 +24,7 @@ ARG distro=""
 # https://launchpad.net/~jyrki-pulliainen/+archive/ubuntu/dh-virtualenv, but
 # it's not obviously easier to use that than to build our own.)
 
-FROM docker.io/library/${distro} AS builder
+FROM docker.io/library/${distro} as builder
 
 RUN apt-get update -qq -o Acquire::Languages=none
 RUN env DEBIAN_FRONTEND=noninteractive apt-get install \
@@ -73,8 +73,6 @@ RUN apt-get update -qq -o Acquire::Languages=none \
     curl \
     debhelper \
     devscripts \
-    # Required for building cffi from source.
-    libffi-dev \
     libsystemd-dev \
     lsb-release \
     pkg-config \

docker/build_debian.sh

@@ -11,9 +11,6 @@ DIST=$(cut -d ':' -f2 <<< "${distro:?}")
 cp -aT /synapse/source /synapse/build
 cd /synapse/build
 
-# Delete any existing `.so` files to ensure a clean build.
-rm -f /synapse/build/synapse/*.so
-
 # if this is a prerelease, set the Section accordingly.
 #
 # When the package is later added to the package repo, reprepro will use the

docker/complement/README.md

@@ -30,14 +30,3 @@ Consult `scripts-dev/complement.sh` in the repository root for a real example.
 
 [complement]: https://github.com/matrix-org/complement
 [complementEnv]: https://github.com/matrix-org/complement/pull/382
-
-## How to modify homeserver.yaml for Complement tests
-
-It's common for MSCs to be gated behind a feature flag like this:
-```yaml
-experimental_features:
-  faster_joins: true
-```
-To modify this for the Complement image, modify `./conf/workers-shared-extra.yaml.j2`. Despite the name,
-this will affect non-worker mode as well. Remember to _rebuild_ the image (so don't use `-e` if using
-`complement.sh`).

docker/complement/conf/postgres.supervisord.conf

@@ -1,7 +1,7 @@
 [program:postgres]
 command=/usr/local/bin/prefix-log gosu postgres postgres
 
-# Only start if START_POSTGRES=true
+# Only start if START_POSTGRES=1
 autostart=%(ENV_START_POSTGRES)s
 
 # Lower priority number = starts first

docker/complement/conf/start_for_complement.sh

@@ -32,9 +32,8 @@ case "$SYNAPSE_COMPLEMENT_DATABASE" in
     ;;
 
   sqlite|"")
-    # Set START_POSTGRES to false unless it has already been set
-    # (i.e. by another container image inheriting our own).
-    export START_POSTGRES=${START_POSTGRES:-false}
+    # Configure supervisord not to start Postgres, as we don't need it
+    export START_POSTGRES=false
     ;;
 
   *)

docker/complement/conf/workers-shared-extra.yaml.j2

@@ -92,6 +92,8 @@ allow_device_name_lookup_over_federation: true
 ## Experimental Features ##
 
 experimental_features:
+  # client-side support for partial state in /send_join responses
+  faster_joins: true
   # Enable support for polls
   msc3381_polls_enabled: true
   # Enable deleting device-specific notification settings stored in account data
@@ -100,10 +102,6 @@ experimental_features:
   msc3391_enabled: true
   # Filtering /messages by relation type.
   msc3874_enabled: true
-  # no UIA for x-signing upload for the first time
-  msc3967_enabled: true
-  # Expose a room summary for public rooms
-  msc3266_enabled: true
 
 server_notices:
   system_mxid_localpart: _server

docker/conf/homeserver.yaml

@@ -176,6 +176,7 @@ app_service_config_files:
 {% endif %}
 
 macaroon_secret_key: "{{ SYNAPSE_MACAROON_SECRET_KEY }}"
+expire_access_token: False
 
 ## Signing Keys ##
 

docker/configure_workers_and_start.py

@@ -117,7 +117,7 @@ WORKERS_CONFIG: Dict[str, Dict[str, Any]] = {
     },
     "media_repository": {
         "app": "synapse.app.generic_worker",
-        "listener_resources": ["media", "client"],
+        "listener_resources": ["media"],
         "endpoint_patterns": [
             "^/_matrix/media/",
             "^/_synapse/admin/v1/purge_media_cache$",
@@ -125,8 +125,6 @@ WORKERS_CONFIG: Dict[str, Dict[str, Any]] = {
             "^/_synapse/admin/v1/user/.*/media.*$",
             "^/_synapse/admin/v1/media/.*$",
             "^/_synapse/admin/v1/quarantine_media/.*$",
-            "^/_matrix/client/v1/media/.*$",
-            "^/_matrix/federation/v1/media/.*$",
         ],
         # The first configured media worker will run the media background jobs
         "shared_extra_conf": {
@@ -213,8 +211,6 @@ WORKERS_CONFIG: Dict[str, Dict[str, Any]] = {
             "^/_matrix/federation/(v1|v2)/make_leave/",
             "^/_matrix/federation/(v1|v2)/send_join/",
             "^/_matrix/federation/(v1|v2)/send_leave/",
-            "^/_matrix/federation/v1/make_knock/",
-            "^/_matrix/federation/v1/send_knock/",
             "^/_matrix/federation/(v1|v2)/invite/",
             "^/_matrix/federation/(v1|v2)/query_auth/",
             "^/_matrix/federation/(v1|v2)/event_auth/",
@@ -314,13 +310,6 @@ WORKERS_CONFIG: Dict[str, Dict[str, Any]] = {
         "shared_extra_conf": {},
         "worker_extra_conf": "",
     },
-    "push_rules": {
-        "app": "synapse.app.generic_worker",
-        "listener_resources": ["client", "replication"],
-        "endpoint_patterns": ["^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/"],
-        "shared_extra_conf": {},
-        "worker_extra_conf": "",
-    },
 }
 
 # Templates for sections that may be inserted multiple times in config files
@@ -412,7 +401,6 @@ def add_worker_roles_to_shared_config(
         "receipts",
         "to_device",
         "typing",
-        "push_rules",
     ]
 
     # Worker-type specific sharding config. Now a single worker can fulfill multiple

docker/prefix-log

@@ -7,9 +7,6 @@
 #   prefix-log command [args...]
 #
 
-# '-W interactive' is a `mawk` extension which disables buffering on stdout and sets line-buffered reads on
-# stdin. The effect is that the output is flushed after each line, rather than being batched, which helps reduce
-# confusion due to to interleaving of the different processes.
-exec 1> >(awk -W interactive '{print "'"${SUPERVISOR_PROCESS_NAME}"' | "$0 }' >&1)
-exec 2> >(awk -W interactive '{print "'"${SUPERVISOR_PROCESS_NAME}"' | "$0 }' >&2)
+exec 1> >(awk '{print "'"${SUPERVISOR_PROCESS_NAME}"' | "$0}' >&1)
+exec 2> >(awk '{print "'"${SUPERVISOR_PROCESS_NAME}"' | "$0}' >&2)
 exec "$@"

docker/start.py

@@ -160,6 +160,11 @@ def run_generate_config(environ: Mapping[str, str], ownership: Optional[str]) ->
     config_path = environ.get("SYNAPSE_CONFIG_PATH", config_dir + "/homeserver.yaml")
     data_dir = environ.get("SYNAPSE_DATA_DIR", "/data")
 
+    if ownership is not None:
+        # make sure that synapse has perms to write to the data dir.
+        log(f"Setting ownership on {data_dir} to {ownership}")
+        subprocess.run(["chown", ownership, data_dir], check=True)
+
     # create a suitable log config from our template
     log_config_file = "%s/%s.log.config" % (config_dir, server_name)
     if not os.path.exists(log_config_file):
@@ -184,15 +189,9 @@ def run_generate_config(environ: Mapping[str, str], ownership: Optional[str]) ->
         "--generate-config",
         "--open-private-ports",
     ]
-
-    if ownership is not None:
-        # make sure that synapse has perms to write to the data dir.
-        log(f"Setting ownership on {data_dir} to {ownership}")
-        subprocess.run(["chown", ownership, data_dir], check=True)
-        args = ["gosu", ownership] + args
-
     # log("running %s" % (args, ))
-    subprocess.run(args, check=True)
+    flush_buffers()
+    os.execv(sys.executable, args)
 
 
 def main(args: List[str], environ: MutableMapping[str, str]) -> None:

docs/admin_api/experimental_features.md

@@ -1,17 +1,21 @@
 # Experimental Features API
 
 This API allows a server administrator to enable or disable some experimental features on a per-user
-basis. The currently supported features are:
-- [MSC3881](https://github.com/matrix-org/matrix-spec-proposals/pull/3881): enable remotely toggling push notifications
-for another client
-- [MSC3575](https://github.com/matrix-org/matrix-spec-proposals/pull/3575): enable experimental sliding sync support
+basis. The currently supported features are: 
+- [MSC3026](https://github.com/matrix-org/matrix-spec-proposals/pull/3026): busy 
+presence state enabled
+- [MSC3881](https://github.com/matrix-org/matrix-spec-proposals/pull/3881): enable remotely toggling push notifications 
+for another client 
+- [MSC3967](https://github.com/matrix-org/matrix-spec-proposals/pull/3967): do not require
+UIA when first uploading cross-signing keys. 
+
 
 To use it, you will need to authenticate by providing an `access_token`
 for a server admin: see [Admin API](../usage/administration/admin_api/).
 
 ## Enabling/Disabling Features
 
-This API allows a server administrator to enable experimental features for a given user. The request must
+This API allows a server administrator to enable experimental features for a given user. The request must 
 provide a body containing the user id and listing the features to enable/disable in the following format:
 ```json
 {
@@ -31,7 +35,7 @@ PUT /_synapse/admin/v1/experimental_features/<user_id>
 ```
 
 ## Listing Enabled Features
-
+ 
 To list which features are enabled/disabled for a given user send a request to the following API:
 
 ```
@@ -48,4 +52,4 @@ user like so:
       "msc3967": false
    }
 }
-```
+```

docs/admin_api/room_membership.md

@@ -1,6 +1,6 @@
 # Edit Room Membership API
 
-This API allows an administrator to join a user account with a given `user_id`
+This API allows an administrator to join an user account with a given `user_id`
 to a room with a given `room_id_or_alias`. You can only modify the membership of
 local users. The server administrator must be in the room and have permission to
 invite users.

docs/admin_api/rooms.md

@@ -36,10 +36,6 @@ The following query parameters are available:
   - the room's name,
   - the local part of the room's canonical alias, or
   - the complete (local and server part) room's id (case sensitive).
-* `public_rooms` - Optional flag to filter public rooms. If `true`, only public rooms are queried. If `false`, public rooms are excluded from
-  the query. When the flag is absent (the default), **both** public and non-public rooms are included in the search results.
-* `empty_rooms` - Optional flag to filter empty rooms. A room is empty if joined_members is zero. If `true`, only empty rooms are queried. If `false`, empty rooms are excluded from
-  the query. When the flag is absent (the default), **both** empty and non-empty rooms are included in the search results.
 
   Defaults to no filtering.
 
@@ -917,7 +913,7 @@ With all that being said, if you still want to try and recover the room:
    them handle rejoining themselves.
 
 4. If `new_room_user_id` was given, a 'Content Violation' will have been
-   created. Consider whether you want to delete that room.
+   created. Consider whether you want to delete that roomm.
 
 # Make Room Admin API
 

docs/admin_api/user_admin_api.md

@@ -141,8 +141,8 @@ Body parameters:
   provider for SSO (Single sign-on). More details are in the configuration manual under the
   sections [sso](../usage/configuration/config_documentation.md#sso) and [oidc_providers](../usage/configuration/config_documentation.md#oidc_providers).
   - `auth_provider` - **string**, required. The unique, internal ID of the external identity provider.
-    The same as `idp_id` from the homeserver configuration. If using OIDC, this value should be prefixed
-    with `oidc-`. Note that no error is raised if the provided value is not in the homeserver configuration.
+    The same as `idp_id` from the homeserver configuration. Note that no error is raised if the
+    provided value is not in the homeserver configuration.
   - `external_id` - **string**, required. An identifier for the user in the external identity provider.
     When the user logs in to the identity provider, this must be the unique ID that they map to.
 - `admin` - **bool**, optional, defaults to `false`. Whether the user is a homeserver administrator,
@@ -164,7 +164,6 @@ Body parameters:
   Other allowed options are: `bot` and `support`.
 
 ## List Accounts
-### List Accounts (V2)
 
 This API returns all local user accounts.
 By default, the response is ordered by ascending user ID.
@@ -288,19 +287,6 @@ The following fields are returned in the JSON response body:
 
 *Added in Synapse 1.93:* the `locked` query parameter and response field.
 
-### List Accounts (V3)
-
-This API returns all local user accounts (see v2). In contrast to v2, the query parameter `deactivated` is handled differently.
-
-```
-GET /_synapse/admin/v3/users
-```
-
-**Parameters**
-- `deactivated` - Optional flag to filter deactivated users. If `true`, only deactivated users are returned.
-  If `false`, deactivated users are excluded from the query. When the flag is absent (the default),
-  users are not filtered by deactivation status.
-
 ## Query current sessions for a user
 
 This API returns information about the active sessions for a specific user.

docs/code_style.md

@@ -8,7 +8,9 @@ errors in code.
 
 The necessary tools are:
 
-- [ruff](https://github.com/charliermarsh/ruff), which can spot common errors and enforce a consistent style; and
+- [black](https://black.readthedocs.io/en/stable/), a source code formatter;
+- [isort](https://pycqa.github.io/isort/), which organises each file's imports;
+- [ruff](https://github.com/charliermarsh/ruff), which can spot common errors; and
 - [mypy](https://mypy.readthedocs.io/en/stable/), a type checker.
 
 See [the contributing guide](development/contributing_guide.md#run-the-linters) for instructions

docs/development/contributing_guide.md

@@ -68,7 +68,7 @@ Of their installation methods, we recommend
 
 ```shell
 pip install --user pipx
-pipx install poetry
+pipx install poetry==1.5.1  # Problems with Poetry 1.6, see https://github.com/matrix-org/synapse/issues/16147
 ```
 
 but see poetry's [installation instructions](https://python-poetry.org/docs/#installation)
@@ -86,8 +86,6 @@ poetry install --extras all
 This will install the runtime and developer dependencies for the project.  Be sure to check
 that the `poetry install` step completed cleanly.
 
-For OSX users, be sure to set `PKG_CONFIG_PATH` to support `icu4c`. Run `brew info icu4c` for more details.
-
 ## Running Synapse via poetry
 
 To start a local instance of Synapse in the locked poetry environment, create a config file:
@@ -331,7 +329,7 @@ This configuration should generally cover your needs.
 - To run with Postgres, supply the `-e POSTGRES=1 -e MULTI_POSTGRES=1` environment flags.
 - To run with Synapse in worker mode, supply the `-e WORKERS=1 -e REDIS=1` environment flags (in addition to the Postgres flags).
 
-For more details about other configurations, see the [Docker-specific documentation in the SyTest repo](https://github.com/matrix-org/sytest/blob/develop/docker/README.md).
+For more details about other configurations, see the [Docker-specific documentation in the SyTest repo](https://github.com/vector-im/sytest/blob/develop/docker/README.md).
 
 
 ## Run the integration tests ([Complement](https://github.com/matrix-org/complement)).
@@ -449,9 +447,9 @@ For example, a fix in PR #1234 would have its changelog entry in
 > The security levels of Florbs are now validated when received
 > via the `/federation/florb` endpoint. Contributed by Jane Matrix.
 
-If there are multiple pull requests involved in a single bugfix/feature/etc, then the
-content for each `changelog.d` file and file extension should be the same. Towncrier
-will merge the matching files together into a single changelog entry when we come to
+If there are multiple pull requests involved in a single bugfix/feature/etc,
+then the content for each `changelog.d` file should be the same. Towncrier will
+merge the matching files together into a single changelog entry when we come to
 release.
 
 ### How do I know what to call the changelog file before I create the PR?

docs/development/room-dag-concepts.md

@@ -21,10 +21,8 @@ incrementing integer, but backfilled events start with `stream_ordering=-1` and
 
 ---
 
- - Incremental `/sync?since=xxx` returns things in the order they arrive at the server
-   (`stream_ordering`).
- - Initial `/sync`, `/messages` (and `/backfill` in the federation API) return them in
-   the order determined by the event graph `(topological_ordering, stream_ordering)`.
+ - `/sync` returns things in the order they arrive at the server (`stream_ordering`).
+ - `/messages` (and `/backfill` in the federation API) return them in the order determined by the event graph `(topological_ordering, stream_ordering)`.
 
 The general idea is that, if you're following a room in real-time (i.e.
 `/sync`), you probably want to see the messages as they arrive at your server,

docs/element_logo_white_bg.svg

@@ -1,94 +0,0 @@
-<?xml version="1.0" encoding="UTF-8" standalone="no"?>
-<!-- Created with Inkscape (http://www.inkscape.org/) -->
-
-<svg
-   width="41.440346mm"
-   height="10.383124mm"
-   viewBox="0 0 41.440346 10.383125"
-   version="1.1"
-   id="svg1"
-   xml:space="preserve"
-   sodipodi:docname="element_logo_white_bg.svg"
-   xmlns:inkscape="http://www.inkscape.org/namespaces/inkscape"
-   xmlns:sodipodi="http://sodipodi.sourceforge.net/DTD/sodipodi-0.dtd"
-   xmlns="http://www.w3.org/2000/svg"
-   xmlns:svg="http://www.w3.org/2000/svg"><sodipodi:namedview
-     id="namedview1"
-     pagecolor="#ffffff"
-     bordercolor="#000000"
-     borderopacity="0.25"
-     inkscape:showpageshadow="2"
-     inkscape:pageopacity="0.0"
-     inkscape:pagecheckerboard="0"
-     inkscape:deskcolor="#d1d1d1"
-     inkscape:document-units="mm"
-     showgrid="false"
-     inkscape:export-bgcolor="#ffffffff" /><defs
-     id="defs1" /><g
-     id="layer1"
-     transform="translate(-84.803844,-143.2075)"
-     inkscape:export-filename="element_logo_white_bg.svg"
-     inkscape:export-xdpi="96"
-     inkscape:export-ydpi="96"><g
-       style="fill:none"
-       id="g1"
-       transform="matrix(0.26458333,0,0,0.26458333,85.841658,144.26667)"><rect
-         style="display:inline;fill:#ffffff;fill-opacity:1;stroke:#ffffff;stroke-width:1.31041;stroke-dasharray:none;stroke-opacity:1"
-         id="rect20"
-         width="155.31451"
-         height="37.932892"
-         x="-3.2672384"
-         y="-3.3479743"
-         rx="3.3718522"
-         ry="3.7915266"
-         transform="translate(-2.1259843e-6)"
-         inkscape:label="rect20"
-         inkscape:export-filename="rect20.svg"
-         inkscape:export-xdpi="96"
-         inkscape:export-ydpi="96" /><path
-         fill-rule="evenodd"
-         clip-rule="evenodd"
-         d="M 16,32 C 24.8366,32 32,24.8366 32,16 32,7.16344 24.8366,0 16,0 7.16344,0 0,7.16344 0,16 0,24.8366 7.16344,32 16,32 Z"
-         fill="#0dbd8b"
-         id="path1" /><path
-         fill-rule="evenodd"
-         clip-rule="evenodd"
-         d="m 13.0756,7.455 c 0,-0.64584 0.5247,-1.1694 1.1719,-1.1694 4.3864,0 7.9423,3.54853 7.9423,7.9259 0,0.6458 -0.5246,1.1694 -1.1718,1.1694 -0.6472,0 -1.1719,-0.5236 -1.1719,-1.1694 0,-3.0857 -2.5066,-5.58711 -5.5986,-5.58711 -0.6472,0 -1.1719,-0.52355 -1.1719,-1.16939 z"
-         fill="#ffffff"
-         id="path2" /><path
-         fill-rule="evenodd"
-         clip-rule="evenodd"
-         d="m 24.5424,13.042 c 0.6472,0 1.1719,0.5235 1.1719,1.1694 0,4.3773 -3.5559,7.9258 -7.9424,7.9258 -0.6472,0 -1.1718,-0.5235 -1.1718,-1.1693 0,-0.6459 0.5246,-1.1694 1.1718,-1.1694 3.0921,0 5.5987,-2.5015 5.5987,-5.5871 0,-0.6459 0.5247,-1.1694 1.1718,-1.1694 z"
-         fill="#ffffff"
-         id="path3" /><path
-         fill-rule="evenodd"
-         clip-rule="evenodd"
-         d="m 18.9446,24.5446 c 0,0.6459 -0.5247,1.1694 -1.1718,1.1694 -4.3865,0 -7.94239,-3.5485 -7.94239,-7.9258 0,-0.6459 0.52469,-1.1694 1.17179,-1.1694 0.6472,0 1.1719,0.5235 1.1719,1.1694 0,3.0856 2.5066,5.587 5.5987,5.587 0.6471,0 1.1718,0.5236 1.1718,1.1694 z"
-         fill="#ffffff"
-         id="path4" /><path
-         fill-rule="evenodd"
-         clip-rule="evenodd"
-         d="m 7.45823,18.9576 c -0.64718,0 -1.17183,-0.5235 -1.17183,-1.1694 0,-4.3773 3.55591,-7.92581 7.9423,-7.92581 0.6472,0 1.1719,0.52351 1.1719,1.16941 0,0.6458 -0.5247,1.1694 -1.1719,1.1694 -3.092,0 -5.59864,2.5014 -5.59864,5.587 0,0.6459 -0.52465,1.1694 -1.17183,1.1694 z"
-         fill="#ffffff"
-         id="path5" /><path
-         d="M 56.2856,18.1428 H 44.9998 c 0.1334,1.181 0.5619,2.1238 1.2858,2.8286 0.7238,0.6857 1.6761,1.0286 2.8571,1.0286 0.7809,0 1.4857,-0.1905 2.1143,-0.5715 0.6286,-0.3809 1.0762,-0.8952 1.3428,-1.5428 h 3.4286 c -0.4571,1.5047 -1.3143,2.7238 -2.5714,3.6571 -1.2381,0.9143 -2.7048,1.3715 -4.4,1.3715 -2.2095,0 -4,-0.7334 -5.3714,-2.2 -1.3524,-1.4667 -2.0286,-3.3239 -2.0286,-5.5715 0,-2.1905 0.6857,-4.0285 2.0571,-5.5143 1.3715,-1.4857 3.1429,-2.22853 5.3143,-2.22853 2.1714,0 3.9238,0.73333 5.2572,2.20003 1.3523,1.4476 2.0285,3.2762 2.0285,5.4857 z m -7.2572,-5.9714 c -1.0667,0 -1.9524,0.3143 -2.6571,0.9429 -0.7048,0.6285 -1.1429,1.4666 -1.3143,2.5142 h 7.8857 c -0.1524,-1.0476 -0.5714,-1.8857 -1.2571,-2.5142 -0.6858,-0.6286 -1.5715,-0.9429 -2.6572,-0.9429 z"
-         fill="#000000"
-         id="path6" /><path
-         d="M 58.6539,20.1428 V 3.14282 h 3.4 V 20.2 c 0,0.7619 0.419,1.1428 1.2571,1.1428 l 0.6,-0.0285 v 3.2285 c -0.3238,0.0572 -0.6667,0.0857 -1.0286,0.0857 -1.4666,0 -2.5428,-0.3714 -3.2285,-1.1142 -0.6667,-0.7429 -1,-1.8667 -1,-3.3715 z"
-         fill="#000000"
-         id="path7" /><path
-         d="M 79.7454,18.1428 H 68.4597 c 0.1333,1.181 0.5619,2.1238 1.2857,2.8286 0.7238,0.6857 1.6762,1.0286 2.8571,1.0286 0.781,0 1.4857,-0.1905 2.1143,-0.5715 0.6286,-0.3809 1.0762,-0.8952 1.3429,-1.5428 h 3.4285 c -0.4571,1.5047 -1.3143,2.7238 -2.5714,3.6571 -1.2381,0.9143 -2.7048,1.3715 -4.4,1.3715 -2.2095,0 -4,-0.7334 -5.3714,-2.2 -1.3524,-1.4667 -2.0286,-3.3239 -2.0286,-5.5715 0,-2.1905 0.6857,-4.0285 2.0571,-5.5143 1.3715,-1.4857 3.1429,-2.22853 5.3143,-2.22853 2.1715,0 3.9238,0.73333 5.2572,2.20003 1.3524,1.4476 2.0285,3.2762 2.0285,5.4857 z m -7.2572,-5.9714 c -1.0666,0 -1.9524,0.3143 -2.6571,0.9429 -0.7048,0.6285 -1.1429,1.4666 -1.3143,2.5142 h 7.8857 c -0.1524,-1.0476 -0.5714,-1.8857 -1.2571,-2.5142 -0.6857,-0.6286 -1.5715,-0.9429 -2.6572,-0.9429 z"
-         fill="#000000"
-         id="path8" /><path
-         d="m 95.0851,16.0571 v 8.5143 h -3.4 v -8.8857 c 0,-2.2476 -0.9333,-3.3714 -2.8,-3.3714 -1.0095,0 -1.819,0.3238 -2.4286,0.9714 -0.5904,0.6476 -0.8857,1.5333 -0.8857,2.6571 v 8.6286 h -3.4 V 9.74282 h 3.1429 v 1.97148 c 0.3619,-0.6667 0.9143,-1.2191 1.6571,-1.6572 0.7429,-0.43809 1.6667,-0.65713 2.7714,-0.65713 2.0572,0 3.5429,0.78093 4.4572,2.34283 1.2571,-1.5619 2.9333,-2.34283 5.0286,-2.34283 1.733,0 3.067,0.54285 4,1.62853 0.933,1.0667 1.4,2.4762 1.4,4.2286 v 9.3143 h -3.4 v -8.8857 c 0,-2.2476 -0.933,-3.3714 -2.8,-3.3714 -1.0286,0 -1.8477,0.3333 -2.4572,1 -0.5905,0.6476 -0.8857,1.5619 -0.8857,2.7428 z"
-         fill="#000000"
-         id="path9" /><path
-         d="m 121.537,18.1428 h -11.286 c 0.133,1.181 0.562,2.1238 1.286,2.8286 0.723,0.6857 1.676,1.0286 2.857,1.0286 0.781,0 1.486,-0.1905 2.114,-0.5715 0.629,-0.3809 1.076,-0.8952 1.343,-1.5428 h 3.429 c -0.458,1.5047 -1.315,2.7238 -2.572,3.6571 -1.238,0.9143 -2.705,1.3715 -4.4,1.3715 -2.209,0 -4,-0.7334 -5.371,-2.2 -1.353,-1.4667 -2.029,-3.3239 -2.029,-5.5715 0,-2.1905 0.686,-4.0285 2.057,-5.5143 1.372,-1.4857 3.143,-2.22853 5.315,-2.22853 2.171,0 3.923,0.73333 5.257,2.20003 1.352,1.4476 2.028,3.2762 2.028,5.4857 z m -7.257,-5.9714 c -1.067,0 -1.953,0.3143 -2.658,0.9429 -0.704,0.6285 -1.142,1.4666 -1.314,2.5142 h 7.886 c -0.153,-1.0476 -0.572,-1.8857 -1.257,-2.5142 -0.686,-0.6286 -1.572,-0.9429 -2.657,-0.9429 z"
-         fill="#000000"
-         id="path10" /><path
-         d="m 127.105,9.74282 v 1.97148 c 0.343,-0.6477 0.905,-1.1905 1.686,-1.6286 0.8,-0.45716 1.762,-0.68573 2.885,-0.68573 1.753,0 3.105,0.53333 4.058,1.60003 0.971,1.0666 1.457,2.4857 1.457,4.2571 v 9.3143 h -3.4 v -8.8857 c 0,-1.0476 -0.248,-1.8667 -0.743,-2.4572 -0.476,-0.6095 -1.21,-0.9142 -2.2,-0.9142 -1.086,0 -1.943,0.3238 -2.572,0.9714 -0.609,0.6476 -0.914,1.5428 -0.914,2.6857 v 8.6 h -3.4 V 9.74282 Z"
-         fill="#000000"
-         id="path11" /><path
-         d="m 147.12,21.5428 v 2.9429 c -0.419,0.1143 -1.009,0.1714 -1.771,0.1714 -2.895,0 -4.343,-1.4571 -4.343,-4.3714 v -7.8286 h -2.257 V 9.74282 h 2.257 V 5.88568 h 3.4 v 3.85714 h 2.772 v 2.71428 h -2.772 v 7.4857 c 0,1.1619 0.552,1.7429 1.657,1.7429 z"
-         fill="#000000"
-         id="path12" /></g></g></svg>

docs/message_retention_policies.md

@@ -7,10 +7,8 @@ follow the semantics described in
 and allow server and room admins to configure how long messages should
 be kept in a homeserver's database before being purged from it.
 **Please note that, as this feature isn't part of the Matrix
-specification yet, the use of `m.room.retention` events for per-room
-retention policies is to be considered as experimental. However, the use
-of a default message retention policy is considered a stable feature
-in Synapse.**
+specification yet, this implementation is to be considered as
+experimental.**
 
 A message retention policy is mainly defined by its `max_lifetime`
 parameter, which defines how long a message can be kept around after
@@ -51,8 +49,8 @@ clients.
 
 ## Server configuration
 
-Support for this feature can be enabled and configured by adding the
-`retention` option in the Synapse configuration file (see
+Support for this feature can be enabled and configured by adding a the
+`retention` in the Synapse configuration file (see
 [configuration manual](usage/configuration/config_documentation.md#retention)).
 
 To enable support for message retention policies, set the setting
@@ -117,7 +115,7 @@ In this example, we define three jobs:
   policy's `max_lifetime` is greater than a week.
 
 Note that this example is tailored to show different configurations and
-features slightly more jobs than is probably necessary (in practice, a
+features slightly more jobs than it's probably necessary (in practice, a
 server admin would probably consider it better to replace the two last
 jobs with one that runs once a day and handles rooms which
 policy's `max_lifetime` is greater than 3 days).

docs/modules/third_party_rules_callbacks.md

@@ -142,10 +142,6 @@ Called after sending an event into a room. The module is passed the event, as we
 as the state of the room _after_ the event. This means that if the event is a state event,
 it will be included in this state.
 
-The state map may not be complete if Synapse hasn't yet loaded the full state
-of the room. This can happen for events in rooms that were just joined from
-a remote server.
-
 Note that this callback is called when the event has already been processed and stored
 into the room, which means this callback cannot be used to deny persisting the event. To
 deny an incoming event, see [`check_event_for_spam`](spam_checker_callbacks.md#check_event_for_spam) instead.

docs/openid.md

@@ -525,8 +525,6 @@ oidc_providers:
   (`Options > Security > ID Token signature algorithm` and `Options > Security >
   Access Token signature algorithm`)
 - Scopes: OpenID, Email and Profile
-- Force claims into `id_token`
-  (`Options > Advanced > Force claims to be returned in ID Token`)
 - Allowed redirection addresses for login (`Options > Basic > Allowed
   redirection addresses for login` ) :
   `[synapse public baseurl]/_synapse/client/oidc/callback`

docs/other/running_synapse_on_single_board_computers.md

@@ -12,7 +12,7 @@ This is the main reason people have a poor matrix experience on resource constra
 
 While synapse does have some performance issues with presence [#3971](https://github.com/matrix-org/synapse/issues/3971), the fundamental problem is that this is an easy feature to implement for a centralised service at nearly no overhead, but federation makes it combinatorial [#8055](https://github.com/matrix-org/synapse/issues/8055). There is also a client-side config option which disables the UI and idle tracking [enable_presence_by_hs_url] to blacklist the largest instances but I didn't notice much difference, so I recommend disabling the feature entirely at the server level as well.
 
-[enable_presence_by_hs_url]: https://github.com/element-hq/element-web/blob/v1.7.8/config.sample.json#L45
+[enable_presence_by_hs_url]: https://github.com/vector-im/element-web/blob/v1.7.8/config.sample.json#L45
 
 ### Joining
 

docs/postgres.md

@@ -128,7 +128,7 @@ can read more about that [here](https://www.postgresql.org/docs/10/kernel-resour
 ### Overview
 
 The script `synapse_port_db` allows porting an existing synapse server
-backed by SQLite to using PostgreSQL. This is done as a two phase
+backed by SQLite to using PostgreSQL. This is done in as a two phase
 process:
 
 1.  Copy the existing SQLite database to a separate location and run
@@ -182,7 +182,7 @@ synapse_port_db --sqlite-database homeserver.db.snapshot \
     --postgres-config homeserver-postgres.yaml
 ```
 
-The flag `--curses` displays a coloured curses progress UI. (NOTE: if your terminal is too small the script will error out)
+The flag `--curses` displays a coloured curses progress UI.
 
 If the script took a long time to complete, or time has otherwise passed
 since the original snapshot was taken, repeat the previous steps with a
@@ -242,11 +242,12 @@ host    all         all             ::1/128     ident
 
 ### Fixing incorrect `COLLATE` or `CTYPE`
 
-Synapse will refuse to start when using a database with incorrect values of
-`COLLATE` and `CTYPE` unless the config flag `allow_unsafe_locale`, found in the
-`database` section of the config, is set to true. Using different locales can
-cause issues if the locale library is updated from underneath the database, or
-if a different version of the locale is used on any replicas.
+Synapse will refuse to set up a new database if it has the wrong values of
+`COLLATE` and `CTYPE` set. Synapse will also refuse to start an existing database with incorrect values
+of `COLLATE` and `CTYPE` unless the config flag `allow_unsafe_locale`, found in the 
+`database` section of the config, is set to true. Using different locales can cause issues if the locale library is updated from
+underneath the database, or if a different version of the locale is used on any
+replicas.
 
 If you have a database with an unsafe locale, the safest way to fix the issue is to dump the database and recreate it with
 the correct locale parameter (as shown above). It is also possible to change the
@@ -255,3 +256,13 @@ however extreme care must be taken to avoid database corruption.
 
 Note that the above may fail with an error about duplicate rows if corruption
 has already occurred, and such duplicate rows will need to be manually removed.
+
+### Fixing inconsistent sequences error
+
+Synapse uses Postgres sequences to generate IDs for various tables. A sequence
+and associated table can get out of sync if, for example, Synapse has been
+downgraded and then upgraded again.
+
+To fix the issue shut down Synapse (including any and all workers) and run the
+SQL command included in the error message. Once done Synapse should start
+successfully.

docs/reverse_proxy.md

@@ -186,25 +186,6 @@ Example configuration, if using a UNIX socket. The configuration lines regarding
 backend matrix
   server matrix unix@/run/synapse/main_public.sock
 ```
-Example configuration when using a single port for both client and federation traffic.
-```
-frontend https
-  bind *:443,[::]:443 ssl crt /etc/ssl/haproxy/ strict-sni alpn h2,http/1.1
-  http-request set-header X-Forwarded-Proto https if { ssl_fc }
-  http-request set-header X-Forwarded-Proto http  if !{ ssl_fc }
-  http-request set-header X-Forwarded-For %[src]
-
-  acl matrix-host hdr(host) -i matrix.example.com matrix.example.com:443
-  acl matrix-sni  ssl_fc_sni   matrix.example.com
-  acl matrix-path path_beg     /_matrix
-  acl matrix-path path_beg     /_synapse/client
-
-  use_backend matrix if matrix-host matrix-path
-  use_backend matrix if matrix-sni
-
-backend matrix
-  server matrix 127.0.0.1:8008
-```
 
 [Delegation](delegate.md) example:
 ```

docs/setup/forward_proxy.md

@@ -67,7 +67,7 @@ in Synapse can be deactivated.
 **NOTE**: This has an impact on security and is for testing purposes only!
 
 To deactivate the certificate validation, the following setting must be added to
-your [homeserver.yaml](../usage/configuration/homeserver_sample_config.md).
+your [homserver.yaml](../usage/configuration/homeserver_sample_config.md).
 
 ```yaml
 use_insecure_ssl_client_just_for_testing_do_not_use: true

docs/setup/installation.md

@@ -26,7 +26,7 @@ for most users.
 #### Docker images and Ansible playbooks
 
 There is an official synapse image available at
-<https://hub.docker.com/r/matrixdotorg/synapse> or at [`ghcr.io/element-hq/synapse`](https://ghcr.io/element-hq/synapse)
+<https://hub.docker.com/r/vectorim/synapse> or at [`ghcr.io/element-hq/synapse`](https://ghcr.io/element-hq/synapse)
 which can be used with the docker-compose file available at
 [contrib/docker](https://github.com/element-hq/synapse/tree/develop/contrib/docker).
 Further information on this including configuration options is available in the README
@@ -259,9 +259,9 @@ users, etc.) to the developers via the `--report-stats` argument.
 
 This command will generate you a config file that you can then customise, but it will
 also generate a set of keys for you. These keys will allow your homeserver to
-identify itself to other homeservers, so don't lose or delete them. It would be
+identify itself to other homeserver, so don't lose or delete them. It would be
 wise to back them up somewhere safe. (If, for whatever reason, you do need to
-change your homeserver's keys, you may find that other homeservers have the
+change your homeserver's keys, you may find that other homeserver have the
 old key cached. If you update the signing key, you should change the name of the
 key in the `<server name>.signing.key` file (the second word) to something
 different. See the [spec](https://matrix.org/docs/spec/server_server/latest.html#retrieving-server-keys) for more information on key management).
@@ -309,62 +309,7 @@ sudo dnf install libtiff-devel libjpeg-devel libzip-devel freetype-devel \
                  libwebp-devel libxml2-devel libxslt-devel libpq-devel \
                  python3-virtualenv libffi-devel openssl-devel python3-devel \
                  libicu-devel
-sudo dnf group install "Development Tools"
-```
-
-##### Red Hat Enterprise Linux / Rocky Linux
-
-*Note: The term "RHEL" below refers to both Red Hat Enterprise Linux and Rocky Linux. The distributions are 1:1 binary compatible.*
-
-It's recommended to use the latest Python versions. 
-
-RHEL 8 in particular ships with Python 3.6 by default which is EOL and therefore no longer supported by Synapse. RHEL 9 ship with Python 3.9 which is still supported by the Python core team as of this writing. However, newer Python versions provide significant performance improvements and they're available in official distributions' repositories. Therefore it's recommended to use them.
-
-Python 3.11 and 3.12 are available for both RHEL 8 and 9.
-
-These commands should be run as root user.
-
-RHEL 8
-```bash
-# Enable PowerTools repository
-dnf config-manager --set-enabled powertools
-```
-RHEL 9
-```bash
-# Enable CodeReady Linux Builder repository
-crb enable
-```
-
-Install new version of Python. You only need one of these:
-```bash
-# Python 3.11
-dnf install python3.11 python3.11-devel
-```
-```bash
-# Python 3.12
-dnf install python3.12 python3.12-devel
-```
-Finally, install common prerequisites
-```bash
-dnf install libicu libicu-devel libpq5 libpq5-devel lz4 pkgconf 
-dnf group install "Development Tools"
-```
-###### Using venv module instead of virtualenv command
-
-It's recommended to use Python venv module directly rather than the virtualenv command.
-* On RHEL 9, virtualenv is only available on [EPEL](https://docs.fedoraproject.org/en-US/epel/).
-* On RHEL 8, virtualenv is based on Python 3.6. It does not support creating 3.11/3.12 virtual environments.
-
-Here's an example of creating Python 3.12 virtual environment and installing Synapse from PyPI. 
-
-```bash
-mkdir -p ~/synapse
-# To use Python 3.11, simply use the command "python3.11" instead.
-python3.12 -m venv ~/synapse/env
-source ~/synapse/env/bin/activate
-pip install --upgrade pip
-pip install --upgrade setuptools
-pip install matrix-synapse
+sudo dnf groupinstall "Development Tools"
 ```
 
 ##### macOS
@@ -381,17 +326,6 @@ Some extra dependencies may be needed. You can use Homebrew (https://brew.sh) fo
 You may need to install icu, and make the icu binaries and libraries accessible.
 Please follow [the official instructions of PyICU](https://pypi.org/project/PyICU/) to do so.
 
-If you're struggling to get icu discovered, and see:
-```
-  RuntimeError:
-  Please install pkg-config on your system or set the ICU_VERSION environment
-  variable to the version of ICU you have installed.
-```
-despite it being installed and having your `PATH` updated, you can omit this dependency by
-not specifying `--extras all` to `poetry`. If using postgres, you can install Synapse via
-`poetry install --extras saml2 --extras oidc --extras postgres --extras opentracing --extras redis --extras sentry`.
-ICU is not a hard dependency on getting a working installation.
-
 On ARM-based Macs you may also need to install libjpeg and libpq:
 ```sh
  brew install jpeg libpq

docs/setup/turn/coturn.md

@@ -136,8 +136,8 @@ This will install and start a systemd service called `coturn`.
     NB: If your TLS certificate was provided by Let's Encrypt, TLS/DTLS will
     not work with any Matrix client that uses Chromium's WebRTC library. This
     currently includes Element Android & iOS; for more details, see their
-    [respective](https://github.com/element-hq/element-android/issues/1533)
-    [issues](https://github.com/element-hq/element-ios/issues/2712) as well as the underlying
+    [respective](https://github.com/vector-im/element-android/issues/1533)
+    [issues](https://github.com/vector-im/element-ios/issues/2712) as well as the underlying
     [WebRTC issue](https://bugs.chromium.org/p/webrtc/issues/detail?id=11710).
     Consider using a ZeroSSL certificate for your TURN server as a working alternative.
 

docs/setup/turn/eturnal.md

@@ -137,8 +137,8 @@ must be edited:
     NB: If your TLS certificate was provided by Let's Encrypt, TLS/DTLS will
     not work with any Matrix client that uses Chromium's WebRTC library. This
     currently includes Element Android & iOS; for more details, see their
-    [respective](https://github.com/element-hq/element-android/issues/1533)
-    [issues](https://github.com/element-hq/element-ios/issues/2712) as well as the underlying
+    [respective](https://github.com/vector-im/element-android/issues/1533)
+    [issues](https://github.com/vector-im/element-ios/issues/2712) as well as the underlying
     [WebRTC issue](https://bugs.chromium.org/p/webrtc/issues/detail?id=11710).
     Consider using a ZeroSSL certificate for your TURN server as a working alternative.
 

docs/sso_mapping_providers.md

@@ -50,13 +50,11 @@ comment these options out and use those specified by the module instead.
 
 A custom mapping provider must specify the following methods:
 
-* `def __init__(self, parsed_config, module_api)`
+* `def __init__(self, parsed_config)`
    - Arguments:
      - `parsed_config` - A configuration object that is the return value of the
        `parse_config` method. You should set any configuration options needed by
        the module here.
-     - `module_api` - a `synapse.module_api.ModuleApi` object which provides the
-       stable API available for extension modules.
 * `def parse_config(config)`
     - This method should have the `@staticmethod` decoration.
     - Arguments:
@@ -98,7 +96,6 @@ A custom mapping provider must specify the following methods:
         either accept this localpart or pick their own username. Otherwise this
         option has no effect. If omitted, defaults to `False`.
       - `display_name`: An optional string, the display name for the user.
-      - `picture`: An optional string, the avatar url for the user.
       - `emails`: A list of strings, the email address(es) to associate with
         this user. If omitted, defaults to an empty list.
 * `async def get_extra_attributes(self, userinfo, token)`

docs/systemd-with-workers/system/matrix-synapse.service

@@ -9,7 +9,6 @@ ReloadPropagatedFrom=matrix-synapse.target
 Type=notify
 NotifyAccess=main
 User=matrix-synapse
-RuntimeDirectory=synapse
 WorkingDirectory=/var/lib/matrix-synapse
 EnvironmentFile=-/etc/default/matrix-synapse
 ExecStartPre=/opt/venvs/matrix-synapse/bin/python -m synapse.app.homeserver --config-path=/etc/matrix-synapse/homeserver.yaml --config-path=/etc/matrix-synapse/conf.d/ --generate-keys

docs/upgrade.md

@@ -88,57 +88,15 @@ process, for example:
     dpkg -i matrix-synapse-py3_1.3.0+stretch1_amd64.deb
     ```
 
-Generally Synapse database schemas are compatible across multiple versions, but once
-a version of Synapse is deployed you may not be able to roll back automatically.
+Generally Synapse database schemas are compatible across multiple versions, once
+a version of Synapse is deployed you may not be able to rollback automatically.
 The following table gives the version ranges and the earliest version they can
 be rolled back to. E.g. Synapse versions v1.58.0 through v1.61.1 can be rolled
-back safely to v1.57.0, but starting with v1.62.0 it is only safe to roll back to
+back safely to v1.57.0, but starting with v1.62.0 it is only safe to rollback to
 v1.61.0.
 
 <!-- REPLACE_WITH_SCHEMA_VERSIONS -->
 
-## Upgrading from a very old version
-
-You need to read all of the upgrade notes for each version between your current
-version and the latest so that you can update your dependencies, environment,
-config files, etc. if necessary. But you do not need to perform an
-upgrade to each individual version that was missed.
-
-We do not have a list of which versions must be installed. Instead, we recommend
-that you upgrade through each incompatible database schema version, which would
-give you the ability to roll back the maximum number of versions should anything
-go wrong. See [Rolling back to older versions](#rolling-back-to-older-versions)
-above.
-
-Additionally, new versions of Synapse will occasionally run database migrations
-and background updates to update the database. Synapse will not start until
-database migrations are complete. You should wait until background updates from
-each upgrade are complete before moving on to the next upgrade, to avoid
-stacking them up. You can monitor the currently running background updates with
-[the Admin API](usage/administration/admin_api/background_updates.html#status).
-
-# Upgrading to v1.111.0
-
-## New worker endpoints for authenticated client and federation media
-
-[Media repository workers](./workers.md#synapseappmedia_repository) handling
-Media APIs can now handle the following endpoint patterns:
-
-```
-^/_matrix/client/v1/media/.*$
-^/_matrix/federation/v1/media/.*$
-```
-
-Please update your reverse proxy configuration.
-
-# Upgrading to v1.106.0
-
-## Minimum supported Rust version
-The minimum supported Rust version has been increased from v1.65.0 to v1.66.0.
-Users building from source will need to ensure their `rustc` version is up to
-date.
-
-
 # Upgrading to v1.100.0
 
 ## Minimum supported Rust version

docs/usage/administration/admin_api/background_updates.md

@@ -44,7 +44,7 @@ For each update:
 
 ## Enabled
 
-This API allows pausing background updates.
+This API allow pausing background updates.
 
 Background updates should *not* be paused for significant periods of time, as
 this can affect the performance of Synapse.

docs/usage/administration/admin_faq.md

@@ -120,11 +120,6 @@ for file in $source_directory/*; do
 done
 ```
 
-How do I upgrade from a very old version of Synapse to the latest?
----
-See [this](../../upgrade.html#upgrading-from-a-very-old-version) section in the
-upgrade docs.
-
 Manually resetting passwords
 ---
 Users can reset their password through their client. Alternatively, a server admin
@@ -241,7 +236,7 @@ in memory constrained environments, or increased if performance starts to
 degrade.
 
 However, degraded performance due to a low cache factor, common on
-machines with slow disks, often leads to explosions in memory use due to
+machines with slow disks, often leads to explosions in memory use due
 backlogged requests. In this case, reducing the cache factor will make
 things worse. Instead, try increasing it drastically. 2.0 is a good
 starting value.
@@ -250,10 +245,10 @@ Using [libjemalloc](https://jemalloc.net) can also yield a significant
 improvement in overall memory use, and especially in terms of giving back
 RAM to the OS. To use it, the library must simply be put in the
 LD_PRELOAD environment variable when launching Synapse. On Debian, this
-can be done by installing the `libjemalloc2` package and adding this
+can be done by installing the `libjemalloc1` package and adding this
 line to `/etc/default/matrix-synapse`:
 
-    LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.2
+    LD_PRELOAD=/usr/lib/x86_64-linux-gnu/libjemalloc.so.1
 
 This made a significant difference on Python 2.7 - it's unclear how
 much of an improvement it provides on Python 3.x.

docs/usage/administration/useful_sql_for_admins.md

@@ -205,12 +205,3 @@ SELECT user_id, device_id, user_agent, TO_TIMESTAMP(last_seen / 1000) AS "last_s
   FROM devices
   WHERE last_seen < DATE_PART('epoch', NOW() - INTERVAL '3 month') * 1000;
 ```
-
-## Clear the cache of a remote user's device list
-
-Forces the resync of a remote user's device list - if you have somehow cached a bad state, and the remote server is
-will not send out a device list update.
-```sql
-INSERT INTO device_lists_remote_resync
-VALUES ('USER_ID', (EXTRACT(epoch FROM NOW()) * 1000)::BIGINT);
-```

docs/usage/configuration/config_documentation.md

@@ -246,7 +246,6 @@ Example configuration:
 ```yaml
 presence:
   enabled: false
-  include_offline_users_on_sync: false
 ```
 
 `enabled` can also be set to a special value of "untracked" which ignores updates
@@ -255,10 +254,6 @@ received via clients and federation, while still accepting updates from the
 
 *The "untracked" option was added in Synapse 1.96.0.*
 
-When clients perform an initial or `full_state` sync, presence results for offline users are
-not included by default. Setting `include_offline_users_on_sync` to `true` will always include
-offline users in the results. Defaults to false.
-
 ---
 ### `require_auth_for_profile_requests`
 
@@ -509,8 +504,7 @@ Unix socket support (_Added in Synapse 1.89.0_):
 
 Valid resource names are:
 
-* `client`: the client-server API (/_matrix/client). Also implies `media` and `static`.
-  If configuring the main process, the Synapse Admin API (/_synapse/admin) is also implied.
+* `client`: the client-server API (/_matrix/client), and the synapse admin API (/_synapse/admin). Also implies `media` and `static`.
 
 * `consent`: user consent forms (/_matrix/consent). See [here](../../consent_tracking.md) for more.
 
@@ -682,8 +676,8 @@ This setting has the following sub-options:
     trailing 's'.
 * `app_name`: `app_name` defines the default value for '%(app)s' in `notif_from` and email
    subjects. It defaults to 'Matrix'.
-* `enable_notifs`: Set to true to allow users to receive e-mail notifications. If this is not set,
-    users can configure e-mail notifications but will not receive them. Disabled by default.
+* `enable_notifs`: Set to true to enable sending emails for messages that the user
+   has missed. Disabled by default.
 * `notif_for_new_users`: Set to false to disable automatic subscription to email
    notifications for new users. Enabled by default.
 * `notif_delay_before_mail`: The time to wait before emailing about a notification.
@@ -1238,31 +1232,6 @@ federation_domain_whitelist:
   - syd.example.com
 ```
 ---
-### `federation_whitelist_endpoint_enabled`
-
-Enables an endpoint for fetching the federation whitelist config.
-
-The request method and path is `GET /_synapse/client/v1/config/federation_whitelist`, and the
-response format is:
-
-```json
-{
-    "whitelist_enabled": true,  // Whether the federation whitelist is being enforced
-    "whitelist": [  // Which server names are allowed by the whitelist
-        "example.com"
-    ]
-}
-```
-
-If `whitelist_enabled` is `false` then the server is permitted to federate with all others.
-
-The endpoint requires authentication.
-
-Example configuration:
-```yaml
-federation_whitelist_endpoint_enabled: true
-```
----
 ### `federation_metrics_domains`
 
 Report prometheus metrics on the age of PDUs being sent to and received from
@@ -1348,12 +1317,6 @@ Options related to caching.
 The number of events to cache in memory. Defaults to 10K. Like other caches,
 this is affected by `caches.global_factor` (see below).
 
-For example, the default is 10K and the global_factor default is 0.5.
-
-Since 10K * 0.5 is 5K then the event cache size will be 5K.
-
-The cache affected by this configuration is named as "*getEvent*".
-
 Note that this option is not part of the `caches` section.
 
 Example configuration:
@@ -1379,8 +1342,6 @@ number of entries that can be stored.
 
   Defaults to 0.5, which will halve the size of all caches.
 
-  Note that changing this value also affects the HTTP connection pool.
-
 * `per_cache_factors`: A dictionary of cache name to cache factor for that individual
    cache. Overrides the global cache factor for a given cache.
 
@@ -1765,9 +1726,8 @@ rc_3pid_validation:
 ### `rc_invites`
 
 This option sets ratelimiting how often invites can be sent in a room or to a
-specific user. `per_room` defaults to `per_second: 0.3`, `burst_count: 10`,
-`per_user` defaults to `per_second: 0.003`, `burst_count: 5`, and `per_issuer`
-defaults to `per_second: 0.3`, `burst_count: 10`.
+specific user. `per_room` defaults to `per_second: 0.3`, `burst_count: 10` and
+`per_user` defaults to `per_second: 0.003`, `burst_count: 5`.
 
 Client requests that invite user(s) when [creating a
 room](https://spec.matrix.org/v1.2/client-server-api/#post_matrixclientv3createroom)
@@ -1869,18 +1829,6 @@ federation_rr_transactions_per_room_per_second: 40
 ## Media Store
 Config options related to Synapse's media store.
 
----
-### `enable_authenticated_media`
-
-When set to true, all subsequent media uploads will be marked as authenticated, and will not be available over legacy
-unauthenticated media endpoints (`/_matrix/media/(r0|v3|v1)/download` and `/_matrix/media/(r0|v3|v1)/thumbnail`) - requests for authenticated media over these endpoints will result in a 404. All media, including authenticated media, will be available over the authenticated media endpoints `_matrix/client/v1/media/download` and `_matrix/client/v1/media/thumbnail`. Media uploaded prior to setting this option to true will still be available over the legacy endpoints. Note if the setting is switched to false
-after enabling, media marked as authenticated will be available over legacy endpoints. Defaults to false, but
-this will change to true in a future Synapse release.
-
-Example configuration:
-```yaml
-enable_authenticated_media: true
-```
 ---
 ### `enable_media_repo`
 
@@ -1965,24 +1913,6 @@ Example configuration:
 max_image_pixels: 35M
 ```
 ---
-### `remote_media_download_burst_count`
-
-Remote media downloads are ratelimited using a [leaky bucket algorithm](https://en.wikipedia.org/wiki/Leaky_bucket), where a given "bucket" is keyed to the IP address of the requester when requesting remote media downloads. This configuration option sets the size of the bucket against which the size in bytes of downloads are penalized - if the bucket is full, ie a given number of bytes have already been downloaded, further downloads will be denied until the bucket drains.  Defaults to 500MiB. See also `remote_media_download_per_second` which determines the rate at which the "bucket" is emptied and thus has available space to authorize new requests.
-
-Example configuration:
-```yaml
-remote_media_download_burst_count: 200M
-```
----
-### `remote_media_download_per_second`
-
-Works in conjunction with `remote_media_download_burst_count` to ratelimit remote media downloads - this configuration option determines the rate at which the "bucket" (see above) leaks in bytes per second. As requests are made to download remote media, the size of those requests in bytes is added to the bucket, and once the bucket has reached it's capacity, no more requests will be allowed until a number of bytes has "drained" from the bucket. This setting determines the rate at which bytes drain from the bucket, with the practical effect that the larger the number, the faster the bucket leaks, allowing for more bytes downloaded over a shorter period of time. Defaults to 87KiB per second. See also `remote_media_download_burst_count`.
-
-Example configuration:
-```yaml
-remote_media_download_per_second: 40K
-```
----
 ### `prevent_media_downloads_from`
 
 A list of domains to never download media from. Media from these
@@ -1994,10 +1924,9 @@ This will not prevent the listed domains from accessing media themselves.
 It simply prevents users on this server from downloading media originating
 from the listed servers.
 
-This will have no effect on media originating from the local server. This only
-affects media downloaded from other Matrix servers, to control URL previews see
-[`url_preview_ip_range_blacklist`](#url_preview_ip_range_blacklist) or
-[`url_preview_url_blacklist`](#url_preview_url_blacklist).
+This will have no effect on media originating from the local server.
+This only affects media downloaded from other Matrix servers, to
+block domains from URL previews see [`url_preview_url_blacklist`](#url_preview_url_blacklist).
 
 Defaults to an empty list (nothing blocked).
 
@@ -2149,14 +2078,12 @@ url_preview_ip_range_whitelist:
 ---
 ### `url_preview_url_blacklist`
 
-Optional list of URL matches that the URL preview spider is denied from
-accessing.  This is a usability feature, not a security one. You should use
-`url_preview_ip_range_blacklist` in preference to this, otherwise someone could
-define a public DNS entry that points to a private IP address and circumvent
-the blacklist. Applications that perform redirects or serve different content
-when detecting that Synapse is accessing them can also bypass the blacklist.
-This is more useful if you know there is an entire shape of URL that you know
-that you do not want Synapse to preview.
+Optional list of URL matches that the URL preview spider is
+denied from accessing.  You should use `url_preview_ip_range_blacklist`
+in preference to this, otherwise someone could define a public DNS
+entry that points to a private IP address and circumvent the blacklist.
+This is more useful if you know there is an entire shape of URL that
+you know that will never want synapse to try to spider.
 
 Each list entry is a dictionary of url component attributes as returned
 by urlparse.urlsplit as applied to the absolute form of the URL.  See
@@ -2387,7 +2314,7 @@ enable_registration_without_verification: true
 ---
 ### `registrations_require_3pid`
 
-If this is set, users must provide all of the specified types of [3PID](https://spec.matrix.org/latest/appendices/#3pid-types) when registering an account.
+If this is set, users must provide all of the specified types of 3PID when registering an account.
 
 Note that [`enable_registration`](#enable_registration) must also be set to allow account registration.
 
@@ -2412,9 +2339,6 @@ disable_msisdn_registration: true
 
 Mandate that users are only allowed to associate certain formats of
 3PIDs with accounts on this server, as specified by the `medium` and `pattern` sub-options.
-`pattern` is a [Perl-like regular expression](https://docs.python.org/3/library/re.html#module-re).
-
-More information about 3PIDs, allowed `medium` types and their `address` syntax can be found [in the Matrix spec](https://spec.matrix.org/latest/appendices/#3pid-types).
 
 Example configuration:
 ```yaml
@@ -2424,7 +2348,7 @@ allowed_local_3pids:
   - medium: email
     pattern: '^[^@]+@vector\.im$'
   - medium: msisdn
-    pattern: '^44\d{10}$'
+    pattern: '\+44'
 ```
 ---
 ### `enable_3pid_lookup`
@@ -2659,11 +2583,6 @@ Possible values for this option are:
 * "trusted_private_chat": an invitation is required to join this room and the invitee is
   assigned a power level of 100 upon joining the room.
 
-Each preset will set up a room in the same manner as if it were provided as the `preset` parameter when
-calling the
-[`POST /_matrix/client/v3/createRoom`](https://spec.matrix.org/latest/client-server-api/#post_matrixclientv3createroom)
-Client-Server API endpoint.
-
 If a value of "private_chat" or "trusted_private_chat" is used then
 `auto_join_mxid_localpart` must also be configured.
 
@@ -2743,7 +2662,7 @@ Example configuration:
 session_lifetime: 24h
 ```
 ---
-### `refreshable_access_token_lifetime`
+### `refresh_access_token_lifetime`
 
 Time that an access token remains valid for, if the session is using refresh tokens.
 
@@ -3303,8 +3222,8 @@ saml2_config:
     contact_person:
       - given_name: Bob
         sur_name: "the Sysadmin"
-        email_address: ["admin@example.com"]
-        contact_type: technical
+        email_address": ["admin@example.com"]
+        contact_type": technical
 
   saml_session_lifetime: 5m
 
@@ -3430,9 +3349,6 @@ Options for each entry include:
    not included in `scopes`. Set to `userinfo_endpoint` to always use the
    userinfo endpoint.
 
-* `additional_authorization_parameters`: String to string dictionary that will be passed as
-   additional parameters to the authorization grant URL.
-
 * `allow_existing_users`: set to true to allow a user logging in via OIDC to
    match a pre-existing account instead of failing. This could be used if
    switching from password logins to OIDC. Defaults to false.
@@ -3557,8 +3473,6 @@ oidc_providers:
     token_endpoint: "https://accounts.example.com/oauth2/token"
     userinfo_endpoint: "https://accounts.example.com/userinfo"
     jwks_uri: "https://accounts.example.com/.well-known/jwks.json"
-    additional_authorization_parameters:
-      acr_values: 2fa
     skip_verification: true
     enable_registration: true
     user_mapping_provider:
@@ -3601,15 +3515,6 @@ Has the following sub-options:
    users. This allows the CAS SSO flow to be limited to sign in only, rather than
    automatically registering users that have a valid SSO login but do not have
    a pre-registered account. Defaults to true.
-* `allow_numeric_ids`: set to 'true' allow numeric user IDs (default false).
-   This allows CAS SSO flow to provide user IDs composed of numbers only.
-   These identifiers will be prefixed by the letter "u" by default.
-   The prefix can be configured using the "numeric_ids_prefix" option.
-   Be careful to choose the prefix correctly to avoid any possible conflicts
-   (e.g. user 1234 becomes u1234 when a user u1234 already exists).
-* `numeric_ids_prefix`: the prefix you wish to add in front of a numeric user ID
-   when the "allow_numeric_ids" option is set to "true".
-   By default, the prefix is the letter "u" and only alphanumeric characters are allowed.
 
    *Added in Synapse 1.93.0.*
 
@@ -3624,8 +3529,6 @@ cas_config:
     userGroup: "staff"
     department: None
   enable_registration: true
-  allow_numeric_ids: true
-  numeric_ids_prefix: "numericuser"
 ```
 ---
 ### `sso`
@@ -3831,8 +3734,7 @@ This setting defines options related to the user directory.
 This option has the following sub-options:
 * `enabled`:  Defines whether users can search the user directory. If false then
    empty responses are returned to all queries. Defaults to true.
-* `search_all_users`: Defines whether to search all users visible to your homeserver at the time the search is performed.
-   If set to true, will return all users known to the homeserver matching the search query.
+* `search_all_users`: Defines whether to search all users visible to your HS at the time the search is performed. If set to true, will return all users who share a room with the user from the homeserver.
    If false, search results will only contain users
     visible in public rooms and users sharing a room with the requester.
     Defaults to false.
@@ -4155,38 +4057,6 @@ default_power_level_content_override:
    trusted_private_chat: null
    public_chat: null
 ```
-
-The default power levels for each preset are:
-```yaml
-"m.room.name": 50
-"m.room.power_levels": 100
-"m.room.history_visibility": 100
-"m.room.canonical_alias": 50
-"m.room.avatar": 50
-"m.room.tombstone": 100
-"m.room.server_acl": 100
-"m.room.encryption": 100
-```
-
-So a complete example where the default power-levels for a preset are maintained
-but the power level for a new key is set is:
-```yaml
-default_power_level_content_override:
-   private_chat:
-    events:
-      "com.example.foo": 0
-      "m.room.name": 50
-      "m.room.power_levels": 100
-      "m.room.history_visibility": 100
-      "m.room.canonical_alias": 50
-      "m.room.avatar": 50
-      "m.room.tombstone": 100
-      "m.room.server_acl": 100
-      "m.room.encryption": 100
-   trusted_private_chat: null
-   public_chat: null
-```
-
 ---
 ### `forget_rooms_on_leave`
 
@@ -4208,7 +4078,7 @@ By default, no room is excluded.
 Example configuration:
 ```yaml
 exclude_rooms_from_sync:
-    - "!foo:example.com"
+    - !foo:example.com
 ```
 
 ---
@@ -4671,34 +4541,3 @@ background_updates:
     min_batch_size: 10
     default_batch_size: 50
 ```
----
-## Auto Accept Invites
-Configuration settings related to automatically accepting invites.
-
----
-### `auto_accept_invites`
-
-Automatically accepting invites controls whether users are presented with an invite request or if they
-are instead automatically joined to a room when receiving an invite. Set the `enabled` sub-option to true to
-enable auto-accepting invites. Defaults to false.
-This setting has the following sub-options:
-* `enabled`: Whether to run the auto-accept invites logic. Defaults to false.
-* `only_for_direct_messages`: Whether invites should be automatically accepted for all room types, or only
-   for direct messages. Defaults to false.
-* `only_from_local_users`: Whether to only automatically accept invites from users on this homeserver. Defaults to false.
-* `worker_to_run_on`: Which worker to run this module on. This must match 
-  the "worker_name". If not set or `null`, invites will be accepted on the
-  main process.
-
-NOTE: Care should be taken not to enable this setting if the `synapse_auto_accept_invite` module is enabled and installed.
-The two modules will compete to perform the same task and may result in undesired behaviour. For example, multiple join
-events could be generated from a single invite.
-
-Example configuration:
-```yaml
-auto_accept_invites:
-    enabled: true
-    only_for_direct_messages: true
-    only_from_local_users: true
-    worker_to_run_on: "worker_1"
-```

docs/user_directory.md

@@ -86,9 +86,9 @@ The search term is then split into words:
 * If unavailable, then runs of ASCII characters, numbers, underscores, and hyphens
   are considered words.
 
-The queries for PostgreSQL and SQLite are detailed below, but their overall goal
+The queries for PostgreSQL and SQLite are detailed below, by their overall goal
 is to find matching users, preferring users who are "real" (e.g. not bots,
-not deactivated). It is assumed that real users will have a display name and
+not deactivated). It is assumed that real users will have an display name and
 avatar set.
 
 ### PostgreSQL

docs/website_files/version-picker.js

@@ -54,7 +54,7 @@ function fetchVersions(dropdown, dropdownMenu) {
     return new Promise((resolve, reject) => {
         window.addEventListener("load", () => {
 
-            fetch("https://api.github.com/repos/element-hq/synapse/git/trees/gh-pages", {
+            fetch("https://api.github.com/repos/matrix-org/synapse/git/trees/gh-pages", {
                 cache: "force-cache",
             }).then(res => 
                 res.json()
@@ -100,30 +100,10 @@ function sortVersions(a, b) {
     if (a === 'develop' || a === 'latest') return -1;
     if (b === 'develop' || b === 'latest') return 1;
 
-    // If any of the versions do not confrom to a semantic version string, they
-    // will be sorted behind a valid version.
-    const versionA = (a.match(/v(\d+(\.\d+)+)/) || [])[1]?.split('.') ?? '';
-    const versionB = (b.match(/v(\d+(\.\d+)+)/) || [])[1]?.split('.') ?? '';
+    const versionA = (a.match(/v\d+(\.\d+)+/) || [])[0];
+    const versionB = (b.match(/v\d+(\.\d+)+/) || [])[0];
 
-    for (let i = 0; i < Math.max(versionA.length, versionB.length); i++) {
-        if (versionB[i] === undefined) {
-            return -1;
-        }
-        if (versionA[i] === undefined) {
-            return 1;
-        }
-
-        const partA = parseInt(versionA[i], 10);
-        const partB = parseInt(versionB[i], 10);
-
-        if (partA > partB) {
-            return -1;
-        } else if (partB > partA) {
-            return 1;
-        }
-    }
-
-    return 0;
+    return versionB.localeCompare(versionA);
 }
 
 /**
@@ -144,4 +124,4 @@ function changeVersion(url, newVersion) {
     parsedURL.pathname = pathSegments.join('/');
   
     return parsedURL.href;
-}
+}

docs/welcome_and_overview.md

@@ -62,6 +62,6 @@ following documentation:
 
 ## Reporting a security vulnerability
 
-If you've found a security issue in Synapse or any other Element project,
-please report it to us in accordance with our [Security Disclosure
-Policy](https://element.io/security/security-disclosure-policy). Thank you!
+If you've found a security issue in Synapse or any other Matrix.org Foundation
+project, please report it to us in accordance with our [Security Disclosure
+Policy](https://www.matrix.org/security-disclosure-policy/). Thank you!

docs/workers.md

@@ -211,8 +211,6 @@ information.
     ^/_matrix/federation/v1/make_leave/
     ^/_matrix/federation/(v1|v2)/send_join/
     ^/_matrix/federation/(v1|v2)/send_leave/
-    ^/_matrix/federation/v1/make_knock/
-    ^/_matrix/federation/v1/send_knock/
     ^/_matrix/federation/(v1|v2)/invite/
     ^/_matrix/federation/v1/event_auth/
     ^/_matrix/federation/v1/timestamp_to_event/
@@ -234,7 +232,7 @@ information.
     ^/_matrix/client/v1/rooms/.*/hierarchy$
     ^/_matrix/client/(v1|unstable)/rooms/.*/relations/
     ^/_matrix/client/v1/rooms/.*/threads$
-    ^/_matrix/client/unstable/im.nheko.summary/summary/.*$
+    ^/_matrix/client/unstable/im.nheko.summary/rooms/.*/summary$
     ^/_matrix/client/(r0|v3|unstable)/account/3pid$
     ^/_matrix/client/(r0|v3|unstable)/account/whoami$
     ^/_matrix/client/(r0|v3|unstable)/devices$
@@ -534,13 +532,6 @@ the stream writer for the `presence` stream:
 
     ^/_matrix/client/(api/v1|r0|v3|unstable)/presence/
 
-##### The `push_rules` stream
-
-The following endpoints should be routed directly to the worker configured as
-the stream writer for the `push_rules` stream:
-
-    ^/_matrix/client/(api/v1|r0|v3|unstable)/pushrules/
-
 #### Restrict outbound federation traffic to a specific set of workers
 
 The
@@ -636,9 +627,9 @@ worker application type.
 
 #### Push Notifications
 
-You can designate generic workers to send push notifications to
+You can designate generic worker to sending push notifications to
 a [push gateway](https://spec.matrix.org/v1.5/push-gateway-api/) such as
-[sygnal](https://github.com/matrix-org/sygnal) and email.
+[sygnal](https://github.com/vector-im/sygnal) and email.
 
 This will stop the main process sending push notifications.
 
@@ -739,8 +730,6 @@ An example for a federation sender instance:
 Handles the media repository. It can handle all endpoints starting with:
 
     /_matrix/media/
-    /_matrix/client/v1/media/
-    /_matrix/federation/v1/media/
 
 ... and the following regular expressions matching media-specific administration APIs:
 

mypy.ini

@@ -96,6 +96,3 @@ ignore_missing_imports = True
 # https://github.com/twisted/treq/pull/366
 [mypy-treq.*]
 ignore_missing_imports = True
-
-[mypy-multipart.*]
-ignore_missing_imports = True

pylint.cfg

@@ -0,0 +1,280 @@
+[MASTER]
+
+# Specify a configuration file.
+#rcfile=
+
+# Python code to execute, usually for sys.path manipulation such as
+# pygtk.require().
+#init-hook=
+
+# Profiled execution.
+profile=no
+
+# Add files or directories to the blacklist. They should be base names, not
+# paths.
+ignore=CVS
+
+# Pickle collected data for later comparisons.
+persistent=yes
+
+# List of plugins (as comma separated values of python modules names) to load,
+# usually to register additional checkers.
+load-plugins=
+
+
+[MESSAGES CONTROL]
+
+# Enable the message, report, category or checker with the given id(s). You can
+# either give multiple identifier separated by comma (,) or put this option
+# multiple time. See also the "--disable" option for examples.
+#enable=
+
+# Disable the message, report, category or checker with the given id(s). You
+# can either give multiple identifiers separated by comma (,) or put this
+# option multiple times (only on the command line, not in the configuration
+# file where it should appear only once).You can also use "--disable=all" to
+# disable everything first and then reenable specific checks. For example, if
+# you want to run only the similarities checker, you can use "--disable=all
+# --enable=similarities". If you want to run only the classes checker, but have
+# no Warning level messages displayed, use"--disable=all --enable=classes
+# --disable=W"
+disable=missing-docstring
+
+
+[REPORTS]
+
+# Set the output format. Available formats are text, parseable, colorized, msvs
+# (visual studio) and html. You can also give a reporter class, eg
+# mypackage.mymodule.MyReporterClass.
+output-format=text
+
+# Put messages in a separate file for each module / package specified on the
+# command line instead of printing them on stdout. Reports (if any) will be
+# written in a file name "pylint_global.[txt|html]".
+files-output=no
+
+# Tells whether to display a full report or only the messages
+reports=yes
+
+# Python expression which should return a note less than 10 (10 is the highest
+# note). You have access to the variables errors warning, statement which
+# respectively contain the number of errors / warnings messages and the total
+# number of statements analyzed. This is used by the global evaluation report
+# (RP0004).
+evaluation=10.0 - ((float(5 * error + warning + refactor + convention) / statement) * 10)
+
+# Add a comment according to your evaluation note. This is used by the global
+# evaluation report (RP0004).
+comment=no
+
+# Template used to display messages. This is a python new-style format string
+# used to format the message information. See doc for all details
+#msg-template=
+
+
+[TYPECHECK]
+
+# Tells whether missing members accessed in mixin class should be ignored. A
+# mixin class is detected if its name ends with "mixin" (case insensitive).
+ignore-mixin-members=yes
+
+# List of classes names for which member attributes should not be checked
+# (useful for classes with attributes dynamically set).
+ignored-classes=SQLObject
+
+# When zope mode is activated, add a predefined set of Zope acquired attributes
+# to generated-members.
+zope=no
+
+# List of members which are set dynamically and missed by pylint inference
+# system, and so shouldn't trigger E0201 when accessed. Python regular
+# expressions are accepted.
+generated-members=REQUEST,acl_users,aq_parent
+
+
+[MISCELLANEOUS]
+
+# List of note tags to take in consideration, separated by a comma.
+notes=FIXME,XXX,TODO
+
+
+[SIMILARITIES]
+
+# Minimum lines number of a similarity.
+min-similarity-lines=4
+
+# Ignore comments when computing similarities.
+ignore-comments=yes
+
+# Ignore docstrings when computing similarities.
+ignore-docstrings=yes
+
+# Ignore imports when computing similarities.
+ignore-imports=no
+
+
+[VARIABLES]
+
+# Tells whether we should check for unused import in __init__ files.
+init-import=no
+
+# A regular expression matching the beginning of the name of dummy variables
+# (i.e. not used).
+dummy-variables-rgx=_$|dummy
+
+# List of additional names supposed to be defined in builtins. Remember that
+# you should avoid to define new builtins when possible.
+additional-builtins=
+
+
+[BASIC]
+
+# Required attributes for module, separated by a comma
+required-attributes=
+
+# List of builtins function names that should not be used, separated by a comma
+bad-functions=map,filter,apply,input
+
+# Regular expression which should only match correct module names
+module-rgx=(([a-z_][a-z0-9_]*)|([A-Z][a-zA-Z0-9]+))$
+
+# Regular expression which should only match correct module level names
+const-rgx=(([A-Z_][A-Z0-9_]*)|(__.*__))$
+
+# Regular expression which should only match correct class names
+class-rgx=[A-Z_][a-zA-Z0-9]+$
+
+# Regular expression which should only match correct function names
+function-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match correct method names
+method-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match correct instance attribute names
+attr-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match correct argument names
+argument-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match correct variable names
+variable-rgx=[a-z_][a-z0-9_]{2,30}$
+
+# Regular expression which should only match correct attribute names in class
+# bodies
+class-attribute-rgx=([A-Za-z_][A-Za-z0-9_]{2,30}|(__.*__))$
+
+# Regular expression which should only match correct list comprehension /
+# generator expression variable names
+inlinevar-rgx=[A-Za-z_][A-Za-z0-9_]*$
+
+# Good variable names which should always be accepted, separated by a comma
+good-names=i,j,k,ex,Run,_
+
+# Bad variable names which should always be refused, separated by a comma
+bad-names=foo,bar,baz,toto,tutu,tata
+
+# Regular expression which should only match function or class names that do
+# not require a docstring.
+no-docstring-rgx=__.*__
+
+# Minimum line length for functions/classes that require docstrings, shorter
+# ones are exempt.
+docstring-min-length=-1
+
+
+[FORMAT]
+
+# Maximum number of characters on a single line.
+max-line-length=80
+
+# Regexp for a line that is allowed to be longer than the limit.
+ignore-long-lines=^\s*(# )?<?https?://\S+>?$
+
+# Allow the body of an if to be on the same line as the test if there is no
+# else.
+single-line-if-stmt=no
+
+# List of optional constructs for which whitespace checking is disabled
+no-space-check=trailing-comma,dict-separator
+
+# Maximum number of lines in a module
+max-module-lines=1000
+
+# String used as indentation unit. This is usually " " (4 spaces) or "\t" (1
+# tab).
+indent-string='    '
+
+
+[DESIGN]
+
+# Maximum number of arguments for function / method
+max-args=5
+
+# Argument names that match this expression will be ignored. Default to name
+# with leading underscore
+ignored-argument-names=_.*
+
+# Maximum number of locals for function / method body
+max-locals=15
+
+# Maximum number of return / yield for function / method body
+max-returns=6
+
+# Maximum number of branch for function / method body
+max-branches=12
+
+# Maximum number of statements in function / method body
+max-statements=50
+
+# Maximum number of parents for a class (see R0901).
+max-parents=7
+
+# Maximum number of attributes for a class (see R0902).
+max-attributes=7
+
+# Minimum number of public methods for a class (see R0903).
+min-public-methods=2
+
+# Maximum number of public methods for a class (see R0904).
+max-public-methods=20
+
+
+[IMPORTS]
+
+# Deprecated modules which should not be used, separated by a comma
+deprecated-modules=regsub,TERMIOS,Bastion,rexec
+
+# Create a graph of every (i.e. internal and external) dependencies in the
+# given file (report RP0402 must not be disabled)
+import-graph=
+
+# Create a graph of external dependencies in the given file (report RP0402 must
+# not be disabled)
+ext-import-graph=
+
+# Create a graph of internal dependencies in the given file (report RP0402 must
+# not be disabled)
+int-import-graph=
+
+
+[CLASSES]
+
+# List of interface methods to ignore, separated by a comma. This is used for
+# instance to not check methods defines in Zope's Interface base class.
+ignore-iface-methods=isImplementedBy,deferred,extends,names,namesAndDescriptions,queryDescriptionFor,getBases,getDescriptionFor,getDoc,getName,getTaggedValue,getTaggedValueTags,isEqualOrExtendedBy,setTaggedValue,isImplementedByInstancesOf,adaptWith,is_implemented_by
+
+# List of method names used to declare (i.e. assign) instance attributes.
+defining-attr-methods=__init__,__new__,setUp
+
+# List of valid names for the first argument in a class method.
+valid-classmethod-first-arg=cls
+
+# List of valid names for the first argument in a metaclass class method.
+valid-metaclass-classmethod-first-arg=mcs
+
+
+[EXCEPTIONS]
+
+# Exceptions that will emit a warning when being caught. Defaults to
+# "Exception"
+overgeneral-exceptions=Exception

pyproject.toml

@@ -34,11 +34,15 @@
         name = "Internal Changes"
         showcontent = true
 
+[tool.black]
+target-version = ['py38', 'py39', 'py310', 'py311']
+# black ignores everything in .gitignore by default, see
+# https://black.readthedocs.io/en/stable/usage_and_configuration/file_collection_and_discovery.html#gitignore
+# Use `extend-exclude` if you want to exclude something in addition to this.
+
 [tool.ruff]
 line-length = 88
-target-version = "py38"
 
-[tool.ruff.lint]
 # See https://beta.ruff.rs/docs/rules/#error-e
 # for error codes. The ones we ignore are:
 #  E501: Line too long (black enforces this for us)
@@ -58,8 +62,6 @@ select = [
     "W",
     # pyflakes
     "F",
-    # isort
-    "I001",
     # flake8-bugbear
     "B0",
     # flake8-comprehensions
@@ -76,20 +78,17 @@ select = [
     "EXE",
 ]
 
-[tool.ruff.lint.isort]
-combine-as-imports = true
-section-order = ["future", "standard-library", "third-party", "twisted", "first-party", "testing", "local-folder"]
-known-first-party = ["synapse"]
-
-[tool.ruff.lint.isort.sections]
-twisted = ["twisted", "OpenSSL"]
-testing = ["tests"]
-
-[tool.ruff.format]
-quote-style = "double"
-indent-style = "space"
-skip-magic-trailing-comma = false
-line-ending = "auto"
+[tool.isort]
+line_length = 88
+sections = ["FUTURE", "STDLIB", "THIRDPARTY", "TWISTED", "FIRSTPARTY", "TESTS", "LOCALFOLDER"]
+default_section = "THIRDPARTY"
+known_first_party = ["synapse"]
+known_tests = ["tests"]
+known_twisted = ["twisted", "OpenSSL"]
+multi_line_output = 3
+include_trailing_comma = true
+combine_as_imports = true
+skip_gitignore = true
 
 [tool.maturin]
 manifest-path = "rust/Cargo.toml"
@@ -97,7 +96,7 @@ module-name = "synapse.synapse_rust"
 
 [tool.poetry]
 name = "matrix-synapse"
-version = "1.115.0rc1"
+version = "1.100.0rc3"
 description = "Homeserver for the Matrix decentralised comms protocol"
 authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "AGPL-3.0-or-later"
@@ -201,8 +200,10 @@ netaddr = ">=0.7.18"
 # add a lower bound to the Jinja2 dependency.
 Jinja2 = ">=3.0"
 bleach = ">=1.4.3"
-# We use `assert_never`, which were added in `typing-extensions` 4.1.
-typing-extensions = ">=4.1"
+# We use `ParamSpec` and `Concatenate`, which were added in `typing-extensions` 3.10.0.0.
+# Additionally we need https://github.com/python/typing/pull/817 to allow types to be
+# generic over ParamSpecs.
+typing-extensions = ">=3.10.0.1"
 # We enforce that we have a `cryptography` version that bundles an `openssl`
 # with the latest security patches.
 cryptography = ">=3.4.7"
@@ -225,8 +226,6 @@ pydantic = ">=1.7.4, <3"
 # needed.
 setuptools_rust = ">=1.3"
 
-# This is used for parsing multipart responses
-python-multipart = ">=0.0.9"
 
 # Optional Dependencies
 # ---------------------
@@ -320,7 +319,9 @@ all = [
 # failing on new releases. Keeping lower bounds loose here means that dependabot
 # can bump versions without having to update the content-hash in the lockfile.
 # This helps prevents merge conflicts when running a batch of dependabot updates.
-ruff = "0.6.4"
+isort = ">=5.10.1"
+black = ">=22.7.0"
+ruff = "0.1.14"
 # Type checking only works with the pydantic.v1 compat module from pydantic v2
 pydantic = "^2"
 
@@ -363,6 +364,17 @@ towncrier = ">=18.6.0rc1"
 tomli = ">=1.2.3"
 
 
+# Dependencies for building the development documentation
+[tool.poetry.group.dev-docs]
+optional = true
+
+[tool.poetry.group.dev-docs.dependencies]
+sphinx = {version = "^6.1", python = "^3.8"}
+sphinx-autodoc2 = {version = ">=0.4.2,<0.6.0", python = "^3.8"}
+myst-parser = {version = "^1.0.0", python = "^3.8"}
+furo = ">=2022.12.7,<2024.0.0"
+
+
 [build-system]
 # The upper bounds here are defensive, intended to prevent situations like
 # https://github.com/matrix-org/synapse/issues/13849 and
@@ -370,7 +382,7 @@ tomli = ">=1.2.3"
 # runtime errors caused by build system changes.
 # We are happy to raise these upper bounds upon request,
 # provided we check that it's safe to do so (i.e. that CI passes).
-requires = ["poetry-core>=1.1.0,<=1.9.0", "setuptools_rust>=1.3,<=1.8.1"]
+requires = ["poetry-core>=1.1.0,<=1.8.1", "setuptools_rust>=1.3,<=1.8.1"]
 build-backend = "poetry.core.masonry.api"
 
 

rust/Cargo.toml

@@ -7,7 +7,7 @@ name = "synapse"
 version = "0.1.0"
 
 edition = "2021"
-rust-version = "1.66.0"
+rust-version = "1.65.0"
 
 [lib]
 name = "synapse"
@@ -23,26 +23,19 @@ name = "synapse.synapse_rust"
 
 [dependencies]
 anyhow = "1.0.63"
-base64 = "0.21.7"
-bytes = "1.6.0"
-headers = "0.4.0"
-http = "1.1.0"
 lazy_static = "1.4.0"
 log = "0.4.17"
-mime = "0.3.17"
-pyo3 = { version = "0.21.0", features = [
+pyo3 = { version = "0.20.0", features = [
     "macros",
     "anyhow",
     "abi3",
     "abi3-py38",
 ] }
-pyo3-log = "0.10.0"
-pythonize = "0.21.0"
+pyo3-log = "0.9.0"
+pythonize = "0.20.0"
 regex = "1.6.0"
-sha2 = "0.10.8"
 serde = { version = "1.0.144", features = ["derive"] }
 serde_json = "1.0.85"
-ulid = "1.1.2"
 
 [features]
 extension-module = ["pyo3/extension-module"]

rust/src/acl/mod.rs

@@ -25,21 +25,21 @@ use std::net::Ipv4Addr;
 use std::str::FromStr;
 
 use anyhow::Error;
-use pyo3::{prelude::*, pybacked::PyBackedStr};
+use pyo3::prelude::*;
 use regex::Regex;
 
 use crate::push::utils::{glob_to_regex, GlobMatchType};
 
 /// Called when registering modules with python.
-pub fn register_module(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
-    let child_module = PyModule::new_bound(py, "acl")?;
+pub fn register_module(py: Python<'_>, m: &PyModule) -> PyResult<()> {
+    let child_module = PyModule::new(py, "acl")?;
     child_module.add_class::<ServerAclEvaluator>()?;
 
-    m.add_submodule(&child_module)?;
+    m.add_submodule(child_module)?;
 
     // We need to manually add the module to sys.modules to make `from
     // synapse.synapse_rust import acl` work.
-    py.import_bound("sys")?
+    py.import("sys")?
         .getattr("modules")?
         .set_item("synapse.synapse_rust.acl", child_module)?;
 
@@ -59,8 +59,8 @@ impl ServerAclEvaluator {
     #[new]
     pub fn py_new(
         allow_ip_literals: bool,
-        allow: Vec<PyBackedStr>,
-        deny: Vec<PyBackedStr>,
+        allow: Vec<&str>,
+        deny: Vec<&str>,
     ) -> Result<Self, Error> {
         let allow = allow
             .iter()

rust/src/errors.rs

@@ -1,60 +0,0 @@
-/*
- * This file is licensed under the Affero General Public License (AGPL) version 3.
- *
- * Copyright (C) 2024 New Vector, Ltd
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * See the GNU Affero General Public License for more details:
- * <https://www.gnu.org/licenses/agpl-3.0.html>.
- */
-
-#![allow(clippy::new_ret_no_self)]
-
-use std::collections::HashMap;
-
-use http::{HeaderMap, StatusCode};
-use pyo3::{exceptions::PyValueError, import_exception};
-
-import_exception!(synapse.api.errors, SynapseError);
-
-impl SynapseError {
-    pub fn new(
-        code: StatusCode,
-        message: String,
-        errcode: &'static str,
-        additional_fields: Option<HashMap<String, String>>,
-        headers: Option<HeaderMap>,
-    ) -> pyo3::PyErr {
-        // Transform the HeaderMap into a HashMap<String, String>
-        let headers = if let Some(headers) = headers {
-            let mut map = HashMap::with_capacity(headers.len());
-            for (key, value) in headers.iter() {
-                let Ok(value) = value.to_str() else {
-                    // This should never happen, but we don't want to panic in case it does
-                    return PyValueError::new_err(
-                        "Could not construct SynapseError: header value is not valid ASCII",
-                    );
-                };
-
-                map.insert(key.as_str().to_owned(), value.to_owned());
-            }
-            Some(map)
-        } else {
-            None
-        };
-
-        SynapseError::new_err((code.as_u16(), message, errcode, additional_fields, headers))
-    }
-}
-
-import_exception!(synapse.api.errors, NotFoundError);
-
-impl NotFoundError {
-    pub fn new() -> pyo3::PyErr {
-        NotFoundError::new_err(())
-    }
-}

rust/src/events/internal_metadata.rs

@@ -20,10 +20,8 @@
 
 //! Implements the internal metadata class attached to events.
 //!
-//! The internal metadata is a bit like a `TypedDict`, in that most of
-//! it is stored as a JSON dict in the DB (the exceptions being `outlier`
-//! and `stream_ordering` which have their own columns in the database).
-//! Most events have zero, or only a few, of these keys
+//! The internal metadata is a bit like a `TypedDict`, in that it is stored as a
+//! JSON dict in the DB. Most events have zero, or only a few, of these keys
 //! set. Therefore, since we care more about memory size than performance here,
 //! we store these fields in a mapping.
 //!
@@ -38,10 +36,9 @@ use anyhow::Context;
 use log::warn;
 use pyo3::{
     exceptions::PyAttributeError,
-    pybacked::PyBackedStr,
     pyclass, pymethods,
-    types::{PyAnyMethods, PyDict, PyDictMethods, PyString},
-    Bound, IntoPy, PyAny, PyObject, PyResult, Python,
+    types::{PyDict, PyString},
+    IntoPy, PyAny, PyObject, PyResult, Python,
 };
 
 /// Definitions of the various fields of the internal metadata.
@@ -60,7 +57,7 @@ enum EventInternalMetadataData {
 
 impl EventInternalMetadataData {
     /// Convert the field to its name and python object.
-    fn to_python_pair<'a>(&self, py: Python<'a>) -> (&'a Bound<'a, PyString>, PyObject) {
+    fn to_python_pair<'a>(&self, py: Python<'a>) -> (&'a PyString, PyObject) {
         match self {
             EventInternalMetadataData::OutOfBandMembership(o) => {
                 (pyo3::intern!(py, "out_of_band_membership"), o.into_py(py))
@@ -91,13 +88,10 @@ impl EventInternalMetadataData {
     /// Converts from python key/values to the field.
     ///
     /// Returns `None` if the key is a valid but unrecognized string.
-    fn from_python_pair(
-        key: &Bound<'_, PyAny>,
-        value: &Bound<'_, PyAny>,
-    ) -> PyResult<Option<Self>> {
-        let key_str: PyBackedStr = key.extract()?;
+    fn from_python_pair(key: &PyAny, value: &PyAny) -> PyResult<Option<Self>> {
+        let key_str: &str = key.extract()?;
 
-        let e = match &*key_str {
+        let e = match key_str {
             "out_of_band_membership" => EventInternalMetadataData::OutOfBandMembership(
                 value
                     .extract()
@@ -204,8 +198,6 @@ pub struct EventInternalMetadata {
     /// The stream ordering of this event. None, until it has been persisted.
     #[pyo3(get, set)]
     stream_ordering: Option<NonZeroI64>,
-    #[pyo3(get, set)]
-    instance_name: Option<String>,
 
     /// whether this event is an outlier (ie, whether we have the state at that
     /// point in the DAG)
@@ -216,11 +208,11 @@ pub struct EventInternalMetadata {
 #[pymethods]
 impl EventInternalMetadata {
     #[new]
-    fn new(dict: &Bound<'_, PyDict>) -> PyResult<Self> {
+    fn new(dict: &PyDict) -> PyResult<Self> {
         let mut data = Vec::with_capacity(dict.len());
 
         for (key, value) in dict.iter() {
-            match EventInternalMetadataData::from_python_pair(&key, &value) {
+            match EventInternalMetadataData::from_python_pair(key, value) {
                 Ok(Some(entry)) => data.push(entry),
                 Ok(None) => {}
                 Err(err) => {
@@ -234,7 +226,6 @@ impl EventInternalMetadata {
         Ok(EventInternalMetadata {
             data,
             stream_ordering: None,
-            instance_name: None,
             outlier: false,
         })
     }
@@ -243,11 +234,8 @@ impl EventInternalMetadata {
         self.clone()
     }
 
-    /// Get a dict holding the data stored in the `internal_metadata` column in the database.
-    ///
-    /// Note that `outlier` and `stream_ordering` are stored in separate columns so are not returned here.
     fn get_dict(&self, py: Python<'_>) -> PyResult<PyObject> {
-        let dict = PyDict::new_bound(py);
+        let dict = PyDict::new(py);
 
         for entry in &self.data {
             let (key, value) = entry.to_python_pair(py);

rust/src/events/mod.rs

@@ -20,23 +20,20 @@
 
 //! Classes for representing Events.
 
-use pyo3::{
-    types::{PyAnyMethods, PyModule, PyModuleMethods},
-    Bound, PyResult, Python,
-};
+use pyo3::{types::PyModule, PyResult, Python};
 
 mod internal_metadata;
 
 /// Called when registering modules with python.
-pub fn register_module(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
-    let child_module = PyModule::new_bound(py, "events")?;
+pub fn register_module(py: Python<'_>, m: &PyModule) -> PyResult<()> {
+    let child_module = PyModule::new(py, "events")?;
     child_module.add_class::<internal_metadata::EventInternalMetadata>()?;
 
-    m.add_submodule(&child_module)?;
+    m.add_submodule(child_module)?;
 
     // We need to manually add the module to sys.modules to make `from
     // synapse.synapse_rust import events` work.
-    py.import_bound("sys")?
+    py.import("sys")?
         .getattr("modules")?
         .set_item("synapse.synapse_rust.events", child_module)?;
 

rust/src/http.rs

@@ -1,174 +0,0 @@
-/*
- * This file is licensed under the Affero General Public License (AGPL) version 3.
- *
- * Copyright (C) 2024 New Vector, Ltd
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * See the GNU Affero General Public License for more details:
- * <https://www.gnu.org/licenses/agpl-3.0.html>.
- */
-
-use bytes::{Buf, BufMut, Bytes, BytesMut};
-use headers::{Header, HeaderMapExt};
-use http::{HeaderName, HeaderValue, Method, Request, Response, StatusCode, Uri};
-use pyo3::{
-    exceptions::PyValueError,
-    types::{PyAnyMethods, PyBytes, PyBytesMethods, PySequence, PyTuple},
-    Bound, PyAny, PyResult,
-};
-
-use crate::errors::SynapseError;
-
-/// Read a file-like Python object by chunks
-///
-/// # Errors
-///
-/// Returns an error if calling the `read` on the Python object failed
-fn read_io_body(body: &Bound<'_, PyAny>, chunk_size: usize) -> PyResult<Bytes> {
-    let mut buf = BytesMut::new();
-    loop {
-        let bound = &body.call_method1("read", (chunk_size,))?;
-        let bytes: &Bound<'_, PyBytes> = bound.downcast()?;
-        if bytes.as_bytes().is_empty() {
-            return Ok(buf.into());
-        }
-        buf.put(bytes.as_bytes());
-    }
-}
-
-/// Transform a Twisted `IRequest` to an [`http::Request`]
-///
-/// It uses the following members of `IRequest`:
-///   - `content`, which is expected to be a file-like object with a `read` method
-///   - `uri`, which is expected to be a valid URI as `bytes`
-///   - `method`, which is expected to be a valid HTTP method as `bytes`
-///   - `requestHeaders`, which is expected to have a `getAllRawHeaders` method
-///
-/// # Errors
-///
-/// Returns an error if the Python object doesn't properly implement `IRequest`
-pub fn http_request_from_twisted(request: &Bound<'_, PyAny>) -> PyResult<Request<Bytes>> {
-    let content = request.getattr("content")?;
-    let body = read_io_body(&content, 4096)?;
-
-    let mut req = Request::new(body);
-
-    let bound = &request.getattr("uri")?;
-    let uri: &Bound<'_, PyBytes> = bound.downcast()?;
-    *req.uri_mut() =
-        Uri::try_from(uri.as_bytes()).map_err(|_| PyValueError::new_err("invalid uri"))?;
-
-    let bound = &request.getattr("method")?;
-    let method: &Bound<'_, PyBytes> = bound.downcast()?;
-    *req.method_mut() = Method::from_bytes(method.as_bytes())
-        .map_err(|_| PyValueError::new_err("invalid method"))?;
-
-    let headers_iter = request
-        .getattr("requestHeaders")?
-        .call_method0("getAllRawHeaders")?
-        .iter()?;
-
-    for header in headers_iter {
-        let header = header?;
-        let header: &Bound<'_, PyTuple> = header.downcast()?;
-        let bound = &header.get_item(0)?;
-        let name: &Bound<'_, PyBytes> = bound.downcast()?;
-        let name = HeaderName::from_bytes(name.as_bytes())
-            .map_err(|_| PyValueError::new_err("invalid header name"))?;
-
-        let bound = &header.get_item(1)?;
-        let values: &Bound<'_, PySequence> = bound.downcast()?;
-        for index in 0..values.len()? {
-            let bound = &values.get_item(index)?;
-            let value: &Bound<'_, PyBytes> = bound.downcast()?;
-            let value = HeaderValue::from_bytes(value.as_bytes())
-                .map_err(|_| PyValueError::new_err("invalid header value"))?;
-            req.headers_mut().append(name.clone(), value);
-        }
-    }
-
-    Ok(req)
-}
-
-/// Send an [`http::Response`] through a Twisted `IRequest`
-///
-/// It uses the following members of `IRequest`:
-///
-///  - `responseHeaders`, which is expected to have a `addRawHeader(bytes, bytes)` method
-///  - `setResponseCode(int)` method
-///  - `write(bytes)` method
-///  - `finish()` method
-///
-///  # Errors
-///
-/// Returns an error if the Python object doesn't properly implement `IRequest`
-pub fn http_response_to_twisted<B>(
-    request: &Bound<'_, PyAny>,
-    response: Response<B>,
-) -> PyResult<()>
-where
-    B: Buf,
-{
-    let (parts, mut body) = response.into_parts();
-
-    request.call_method1("setResponseCode", (parts.status.as_u16(),))?;
-
-    let response_headers = request.getattr("responseHeaders")?;
-    for (name, value) in parts.headers.iter() {
-        response_headers.call_method1("addRawHeader", (name.as_str(), value.as_bytes()))?;
-    }
-
-    while body.remaining() != 0 {
-        let chunk = body.chunk();
-        request.call_method1("write", (chunk,))?;
-        body.advance(chunk.len());
-    }
-
-    request.call_method0("finish")?;
-
-    Ok(())
-}
-
-/// An extension trait for [`HeaderMap`] that provides typed access to headers, and throws the
-/// right python exceptions when the header is missing or fails to parse.
-///
-/// [`HeaderMap`]: headers::HeaderMap
-pub trait HeaderMapPyExt: HeaderMapExt {
-    /// Get a header from the map, returning an error if it is missing or invalid.
-    fn typed_get_required<H>(&self) -> PyResult<H>
-    where
-        H: Header,
-    {
-        self.typed_get_optional::<H>()?.ok_or_else(|| {
-            SynapseError::new(
-                StatusCode::BAD_REQUEST,
-                format!("Missing required header: {}", H::name()),
-                "M_MISSING_PARAM",
-                None,
-                None,
-            )
-        })
-    }
-
-    /// Get a header from the map, returning `None` if it is missing and an error if it is invalid.
-    fn typed_get_optional<H>(&self) -> PyResult<Option<H>>
-    where
-        H: Header,
-    {
-        self.typed_try_get::<H>().map_err(|_| {
-            SynapseError::new(
-                StatusCode::BAD_REQUEST,
-                format!("Invalid header: {}", H::name()),
-                "M_INVALID_PARAM",
-                None,
-                None,
-            )
-        })
-    }
-}
-
-impl<T: HeaderMapExt> HeaderMapPyExt for T {}

rust/src/lib.rs

@@ -3,11 +3,8 @@ use pyo3::prelude::*;
 use pyo3_log::ResetHandle;
 
 pub mod acl;
-pub mod errors;
 pub mod events;
-pub mod http;
 pub mod push;
-pub mod rendezvous;
 
 lazy_static! {
     static ref LOGGING_HANDLE: ResetHandle = pyo3_log::init();
@@ -38,7 +35,7 @@ fn reset_logging_config() {
 
 /// The entry point for defining the Python module.
 #[pymodule]
-fn synapse_rust(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
+fn synapse_rust(py: Python<'_>, m: &PyModule) -> PyResult<()> {
     m.add_function(wrap_pyfunction!(sum_as_string, m)?)?;
     m.add_function(wrap_pyfunction!(get_rust_file_digest, m)?)?;
     m.add_function(wrap_pyfunction!(reset_logging_config, m)?)?;
@@ -46,7 +43,6 @@ fn synapse_rust(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
     acl::register_module(py, m)?;
     push::register_module(py, m)?;
     events::register_module(py, m)?;
-    rendezvous::register_module(py, m)?;
 
     Ok(())
 }

rust/src/push/base_rules.rs

@@ -304,12 +304,12 @@ pub const BASE_APPEND_UNDERRIDE_RULES: &[PushRule] = &[
         default_enabled: true,
     },
     PushRule {
-        rule_id: Cow::Borrowed("global/underride/.m.rule.encrypted_room_one_to_one"),
+        rule_id: Cow::Borrowed("global/underride/.m.rule.room_one_to_one"),
         priority_class: 1,
         conditions: Cow::Borrowed(&[
             Condition::Known(KnownCondition::EventMatch(EventMatchCondition {
                 key: Cow::Borrowed("type"),
-                pattern: Cow::Borrowed("m.room.encrypted"),
+                pattern: Cow::Borrowed("m.room.message"),
             })),
             Condition::Known(KnownCondition::RoomMemberCount {
                 is: Some(Cow::Borrowed("2")),
@@ -320,12 +320,12 @@ pub const BASE_APPEND_UNDERRIDE_RULES: &[PushRule] = &[
         default_enabled: true,
     },
     PushRule {
-        rule_id: Cow::Borrowed("global/underride/.m.rule.room_one_to_one"),
+        rule_id: Cow::Borrowed("global/underride/.m.rule.encrypted_room_one_to_one"),
         priority_class: 1,
         conditions: Cow::Borrowed(&[
             Condition::Known(KnownCondition::EventMatch(EventMatchCondition {
                 key: Cow::Borrowed("type"),
-                pattern: Cow::Borrowed("m.room.message"),
+                pattern: Cow::Borrowed("m.room.encrypted"),
             })),
             Condition::Known(KnownCondition::RoomMemberCount {
                 is: Some(Cow::Borrowed("2")),

rust/src/push/mod.rs

@@ -66,7 +66,7 @@ use log::warn;
 use pyo3::exceptions::PyTypeError;
 use pyo3::prelude::*;
 use pyo3::types::{PyBool, PyList, PyLong, PyString};
-use pythonize::{depythonize_bound, pythonize};
+use pythonize::{depythonize, pythonize};
 use serde::de::Error as _;
 use serde::{Deserialize, Serialize};
 use serde_json::Value;
@@ -78,19 +78,19 @@ pub mod evaluator;
 pub mod utils;
 
 /// Called when registering modules with python.
-pub fn register_module(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
-    let child_module = PyModule::new_bound(py, "push")?;
+pub fn register_module(py: Python<'_>, m: &PyModule) -> PyResult<()> {
+    let child_module = PyModule::new(py, "push")?;
     child_module.add_class::<PushRule>()?;
     child_module.add_class::<PushRules>()?;
     child_module.add_class::<FilteredPushRules>()?;
     child_module.add_class::<PushRuleEvaluator>()?;
     child_module.add_function(wrap_pyfunction!(get_base_rule_ids, m)?)?;
 
-    m.add_submodule(&child_module)?;
+    m.add_submodule(child_module)?;
 
     // We need to manually add the module to sys.modules to make `from
     // synapse.synapse_rust import push` work.
-    py.import_bound("sys")?
+    py.import("sys")?
         .getattr("modules")?
         .set_item("synapse.synapse_rust.push", child_module)?;
 
@@ -271,12 +271,12 @@ pub enum SimpleJsonValue {
 
 impl<'source> FromPyObject<'source> for SimpleJsonValue {
     fn extract(ob: &'source PyAny) -> PyResult<Self> {
-        if let Ok(s) = ob.downcast::<PyString>() {
+        if let Ok(s) = <PyString as pyo3::PyTryFrom>::try_from(ob) {
             Ok(SimpleJsonValue::Str(Cow::Owned(s.to_string())))
         // A bool *is* an int, ensure we try bool first.
-        } else if let Ok(b) = ob.downcast::<PyBool>() {
+        } else if let Ok(b) = <PyBool as pyo3::PyTryFrom>::try_from(ob) {
             Ok(SimpleJsonValue::Bool(b.extract()?))
-        } else if let Ok(i) = ob.downcast::<PyLong>() {
+        } else if let Ok(i) = <PyLong as pyo3::PyTryFrom>::try_from(ob) {
             Ok(SimpleJsonValue::Int(i.extract()?))
         } else if ob.is_none() {
             Ok(SimpleJsonValue::Null)
@@ -299,7 +299,7 @@ pub enum JsonValue {
 
 impl<'source> FromPyObject<'source> for JsonValue {
     fn extract(ob: &'source PyAny) -> PyResult<Self> {
-        if let Ok(l) = ob.downcast::<PyList>() {
+        if let Ok(l) = <PyList as pyo3::PyTryFrom>::try_from(ob) {
             match l.iter().map(SimpleJsonValue::extract).collect() {
                 Ok(a) => Ok(JsonValue::Array(a)),
                 Err(e) => Err(PyTypeError::new_err(format!(
@@ -370,8 +370,8 @@ impl IntoPy<PyObject> for Condition {
 }
 
 impl<'source> FromPyObject<'source> for Condition {
-    fn extract_bound(ob: &Bound<'source, PyAny>) -> PyResult<Self> {
-        Ok(depythonize_bound(ob.clone())?)
+    fn extract(ob: &'source PyAny) -> PyResult<Self> {
+        Ok(depythonize(ob)?)
     }
 }
 

rust/src/rendezvous/mod.rs

@@ -1,327 +0,0 @@
-/*
- * This file is licensed under the Affero General Public License (AGPL) version 3.
- *
- * Copyright (C) 2024 New Vector, Ltd
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * See the GNU Affero General Public License for more details:
- * <https://www.gnu.org/licenses/agpl-3.0.html>.
- *
- */
-
-use std::{
-    collections::{BTreeMap, HashMap},
-    time::{Duration, SystemTime},
-};
-
-use bytes::Bytes;
-use headers::{
-    AccessControlAllowOrigin, AccessControlExposeHeaders, CacheControl, ContentLength, ContentType,
-    HeaderMapExt, IfMatch, IfNoneMatch, Pragma,
-};
-use http::{header::ETAG, HeaderMap, Response, StatusCode, Uri};
-use mime::Mime;
-use pyo3::{
-    exceptions::PyValueError,
-    pyclass, pymethods,
-    types::{PyAnyMethods, PyModule, PyModuleMethods},
-    Bound, Py, PyAny, PyObject, PyResult, Python, ToPyObject,
-};
-use ulid::Ulid;
-
-use self::session::Session;
-use crate::{
-    errors::{NotFoundError, SynapseError},
-    http::{http_request_from_twisted, http_response_to_twisted, HeaderMapPyExt},
-};
-
-mod session;
-
-// n.b. Because OPTIONS requests are handled by the Python code, we don't need to set Access-Control-Allow-Headers.
-fn prepare_headers(headers: &mut HeaderMap, session: &Session) {
-    headers.typed_insert(AccessControlAllowOrigin::ANY);
-    headers.typed_insert(AccessControlExposeHeaders::from_iter([ETAG]));
-    headers.typed_insert(Pragma::no_cache());
-    headers.typed_insert(CacheControl::new().with_no_store());
-    headers.typed_insert(session.etag());
-    headers.typed_insert(session.expires());
-    headers.typed_insert(session.last_modified());
-}
-
-#[pyclass]
-struct RendezvousHandler {
-    base: Uri,
-    clock: PyObject,
-    sessions: BTreeMap<Ulid, Session>,
-    capacity: usize,
-    max_content_length: u64,
-    ttl: Duration,
-}
-
-impl RendezvousHandler {
-    /// Check the input headers of a request which sets data for a session, and return the content type.
-    fn check_input_headers(&self, headers: &HeaderMap) -> PyResult<Mime> {
-        let ContentLength(content_length) = headers.typed_get_required()?;
-
-        if content_length > self.max_content_length {
-            return Err(SynapseError::new(
-                StatusCode::PAYLOAD_TOO_LARGE,
-                "Payload too large".to_owned(),
-                "M_TOO_LARGE",
-                None,
-                None,
-            ));
-        }
-
-        let content_type: ContentType = headers.typed_get_required()?;
-
-        // Content-Type must be text/plain
-        if content_type != ContentType::text() {
-            return Err(SynapseError::new(
-                StatusCode::BAD_REQUEST,
-                "Content-Type must be text/plain".to_owned(),
-                "M_INVALID_PARAM",
-                None,
-                None,
-            ));
-        }
-
-        Ok(content_type.into())
-    }
-
-    /// Evict expired sessions and remove the oldest sessions until we're under the capacity.
-    fn evict(&mut self, now: SystemTime) {
-        // First remove all the entries which expired
-        self.sessions.retain(|_, session| !session.expired(now));
-
-        // Then we remove the oldest entires until we're under the limit
-        while self.sessions.len() > self.capacity {
-            self.sessions.pop_first();
-        }
-    }
-}
-
-#[pymethods]
-impl RendezvousHandler {
-    #[new]
-    #[pyo3(signature = (homeserver, /, capacity=100, max_content_length=4*1024, eviction_interval=60*1000, ttl=60*1000))]
-    fn new(
-        py: Python<'_>,
-        homeserver: &Bound<'_, PyAny>,
-        capacity: usize,
-        max_content_length: u64,
-        eviction_interval: u64,
-        ttl: u64,
-    ) -> PyResult<Py<Self>> {
-        let base: String = homeserver
-            .getattr("config")?
-            .getattr("server")?
-            .getattr("public_baseurl")?
-            .extract()?;
-        let base = Uri::try_from(format!("{base}_synapse/client/rendezvous"))
-            .map_err(|_| PyValueError::new_err("Invalid base URI"))?;
-
-        let clock = homeserver.call_method0("get_clock")?.to_object(py);
-
-        // Construct a Python object so that we can get a reference to the
-        // evict method and schedule it to run.
-        let self_ = Py::new(
-            py,
-            Self {
-                base,
-                clock,
-                sessions: BTreeMap::new(),
-                capacity,
-                max_content_length,
-                ttl: Duration::from_millis(ttl),
-            },
-        )?;
-
-        let evict = self_.getattr(py, "_evict")?;
-        homeserver.call_method0("get_clock")?.call_method(
-            "looping_call",
-            (evict, eviction_interval),
-            None,
-        )?;
-
-        Ok(self_)
-    }
-
-    fn _evict(&mut self, py: Python<'_>) -> PyResult<()> {
-        let clock = self.clock.bind(py);
-        let now: u64 = clock.call_method0("time_msec")?.extract()?;
-        let now = SystemTime::UNIX_EPOCH + Duration::from_millis(now);
-        self.evict(now);
-
-        Ok(())
-    }
-
-    fn handle_post(&mut self, py: Python<'_>, twisted_request: &Bound<'_, PyAny>) -> PyResult<()> {
-        let request = http_request_from_twisted(twisted_request)?;
-
-        let content_type = self.check_input_headers(request.headers())?;
-
-        let clock = self.clock.bind(py);
-        let now: u64 = clock.call_method0("time_msec")?.extract()?;
-        let now = SystemTime::UNIX_EPOCH + Duration::from_millis(now);
-
-        // We trigger an immediate eviction if we're at 2x the capacity
-        if self.sessions.len() >= self.capacity * 2 {
-            self.evict(now);
-        }
-
-        // Generate a new ULID for the session from the current time.
-        let id = Ulid::from_datetime(now);
-
-        let uri = format!("{base}/{id}", base = self.base);
-
-        let body = request.into_body();
-
-        let session = Session::new(body, content_type, now, self.ttl);
-
-        let response = serde_json::json!({
-            "url": uri,
-        })
-        .to_string();
-
-        let mut response = Response::new(response.as_bytes());
-        *response.status_mut() = StatusCode::CREATED;
-        response.headers_mut().typed_insert(ContentType::json());
-        prepare_headers(response.headers_mut(), &session);
-        http_response_to_twisted(twisted_request, response)?;
-
-        self.sessions.insert(id, session);
-
-        Ok(())
-    }
-
-    fn handle_get(
-        &mut self,
-        py: Python<'_>,
-        twisted_request: &Bound<'_, PyAny>,
-        id: &str,
-    ) -> PyResult<()> {
-        let request = http_request_from_twisted(twisted_request)?;
-
-        let if_none_match: Option<IfNoneMatch> = request.headers().typed_get_optional()?;
-
-        let now: u64 = self.clock.call_method0(py, "time_msec")?.extract(py)?;
-        let now = SystemTime::UNIX_EPOCH + Duration::from_millis(now);
-
-        let id: Ulid = id.parse().map_err(|_| NotFoundError::new())?;
-        let session = self
-            .sessions
-            .get(&id)
-            .filter(|s| !s.expired(now))
-            .ok_or_else(NotFoundError::new)?;
-
-        if let Some(if_none_match) = if_none_match {
-            if !if_none_match.precondition_passes(&session.etag()) {
-                let mut response = Response::new(Bytes::new());
-                *response.status_mut() = StatusCode::NOT_MODIFIED;
-                prepare_headers(response.headers_mut(), session);
-                http_response_to_twisted(twisted_request, response)?;
-                return Ok(());
-            }
-        }
-
-        let mut response = Response::new(session.data());
-        *response.status_mut() = StatusCode::OK;
-        let headers = response.headers_mut();
-        prepare_headers(headers, session);
-        headers.typed_insert(session.content_type());
-        headers.typed_insert(session.content_length());
-        http_response_to_twisted(twisted_request, response)?;
-
-        Ok(())
-    }
-
-    fn handle_put(
-        &mut self,
-        py: Python<'_>,
-        twisted_request: &Bound<'_, PyAny>,
-        id: &str,
-    ) -> PyResult<()> {
-        let request = http_request_from_twisted(twisted_request)?;
-
-        let content_type = self.check_input_headers(request.headers())?;
-
-        let if_match: IfMatch = request.headers().typed_get_required()?;
-
-        let data = request.into_body();
-
-        let now: u64 = self.clock.call_method0(py, "time_msec")?.extract(py)?;
-        let now = SystemTime::UNIX_EPOCH + Duration::from_millis(now);
-
-        let id: Ulid = id.parse().map_err(|_| NotFoundError::new())?;
-        let session = self
-            .sessions
-            .get_mut(&id)
-            .filter(|s| !s.expired(now))
-            .ok_or_else(NotFoundError::new)?;
-
-        if !if_match.precondition_passes(&session.etag()) {
-            let mut headers = HeaderMap::new();
-            prepare_headers(&mut headers, session);
-
-            let mut additional_fields = HashMap::with_capacity(1);
-            additional_fields.insert(
-                String::from("org.matrix.msc4108.errcode"),
-                String::from("M_CONCURRENT_WRITE"),
-            );
-
-            return Err(SynapseError::new(
-                StatusCode::PRECONDITION_FAILED,
-                "ETag does not match".to_owned(),
-                "M_UNKNOWN", // Would be M_CONCURRENT_WRITE
-                Some(additional_fields),
-                Some(headers),
-            ));
-        }
-
-        session.update(data, content_type, now);
-
-        let mut response = Response::new(Bytes::new());
-        *response.status_mut() = StatusCode::ACCEPTED;
-        prepare_headers(response.headers_mut(), session);
-        http_response_to_twisted(twisted_request, response)?;
-
-        Ok(())
-    }
-
-    fn handle_delete(&mut self, twisted_request: &Bound<'_, PyAny>, id: &str) -> PyResult<()> {
-        let _request = http_request_from_twisted(twisted_request)?;
-
-        let id: Ulid = id.parse().map_err(|_| NotFoundError::new())?;
-        let _session = self.sessions.remove(&id).ok_or_else(NotFoundError::new)?;
-
-        let mut response = Response::new(Bytes::new());
-        *response.status_mut() = StatusCode::NO_CONTENT;
-        response
-            .headers_mut()
-            .typed_insert(AccessControlAllowOrigin::ANY);
-        http_response_to_twisted(twisted_request, response)?;
-
-        Ok(())
-    }
-}
-
-pub fn register_module(py: Python<'_>, m: &Bound<'_, PyModule>) -> PyResult<()> {
-    let child_module = PyModule::new_bound(py, "rendezvous")?;
-
-    child_module.add_class::<RendezvousHandler>()?;
-
-    m.add_submodule(&child_module)?;
-
-    // We need to manually add the module to sys.modules to make `from
-    // synapse.synapse_rust import rendezvous` work.
-    py.import_bound("sys")?
-        .getattr("modules")?
-        .set_item("synapse.synapse_rust.rendezvous", child_module)?;
-
-    Ok(())
-}

rust/src/rendezvous/session.rs

@@ -1,91 +0,0 @@
-/*
- * This file is licensed under the Affero General Public License (AGPL) version 3.
- *
- * Copyright (C) 2024 New Vector, Ltd
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * See the GNU Affero General Public License for more details:
- * <https://www.gnu.org/licenses/agpl-3.0.html>.
- */
-
-use std::time::{Duration, SystemTime};
-
-use base64::{engine::general_purpose::URL_SAFE_NO_PAD, Engine as _};
-use bytes::Bytes;
-use headers::{ContentLength, ContentType, ETag, Expires, LastModified};
-use mime::Mime;
-use sha2::{Digest, Sha256};
-
-/// A single session, containing data, metadata, and expiry information.
-pub struct Session {
-    hash: [u8; 32],
-    data: Bytes,
-    content_type: Mime,
-    last_modified: SystemTime,
-    expires: SystemTime,
-}
-
-impl Session {
-    /// Create a new session with the given data, content type, and time-to-live.
-    pub fn new(data: Bytes, content_type: Mime, now: SystemTime, ttl: Duration) -> Self {
-        let hash = Sha256::digest(&data).into();
-        Self {
-            hash,
-            data,
-            content_type,
-            expires: now + ttl,
-            last_modified: now,
-        }
-    }
-
-    /// Returns true if the session has expired at the given time.
-    pub fn expired(&self, now: SystemTime) -> bool {
-        self.expires <= now
-    }
-
-    /// Update the session with new data, content type, and last modified time.
-    pub fn update(&mut self, data: Bytes, content_type: Mime, now: SystemTime) {
-        self.hash = Sha256::digest(&data).into();
-        self.data = data;
-        self.content_type = content_type;
-        self.last_modified = now;
-    }
-
-    /// Returns the Content-Type header of the session.
-    pub fn content_type(&self) -> ContentType {
-        self.content_type.clone().into()
-    }
-
-    /// Returns the Content-Length header of the session.
-    pub fn content_length(&self) -> ContentLength {
-        ContentLength(self.data.len() as _)
-    }
-
-    /// Returns the ETag header of the session.
-    pub fn etag(&self) -> ETag {
-        let encoded = URL_SAFE_NO_PAD.encode(self.hash);
-        // SAFETY: Base64 encoding is URL-safe, so ETag-safe
-        format!("\"{encoded}\"")
-            .parse()
-            .expect("base64-encoded hash should be URL-safe")
-    }
-
-    /// Returns the Last-Modified header of the session.
-    pub fn last_modified(&self) -> LastModified {
-        self.last_modified.into()
-    }
-
-    /// Returns the Expires header of the session.
-    pub fn expires(&self) -> Expires {
-        self.expires.into()
-    }
-
-    /// Returns the current data stored in the session.
-    pub fn data(&self) -> Bytes {
-        self.data.clone()
-    }
-}

scripts-dev/check_pydantic_models.py

@@ -31,7 +31,6 @@ Pydantic does not yet offer a strict mode, but it is planned for pydantic v2. Se
 until then, this script is a best effort to stop us from introducing type coersion bugs
 (like the infamous stringy power levels fixed in room version 10).
 """
-
 import argparse
 import contextlib
 import functools

scripts-dev/complement.sh

@@ -214,16 +214,7 @@ fi
 
 extra_test_args=()
 
-test_packages=(
-    ./tests/csapi
-    ./tests
-    ./tests/msc3874
-    ./tests/msc3890
-    ./tests/msc3391
-    ./tests/msc3930
-    ./tests/msc3902
-    ./tests/msc3967
-)
+test_packages="./tests/csapi ./tests ./tests/msc3874 ./tests/msc3890 ./tests/msc3391 ./tests/msc3930 ./tests/msc3902"
 
 # Enable dirty runs, so tests will reuse the same container where possible.
 # This significantly speeds up tests, but increases the possibility of test pollution.
@@ -287,7 +278,7 @@ fi
 export PASS_SYNAPSE_LOG_TESTING=1
 
 # Run the tests!
-echo "Images built; running complement with ${extra_test_args[@]} $@ ${test_packages[@]}"
+echo "Images built; running complement with ${extra_test_args[@]} $@ $test_packages"
 cd "$COMPLEMENT_DIR"
 
-go test -v -tags "synapse_blacklist" -count=1 "${extra_test_args[@]}" "$@" "${test_packages[@]}"
+go test -v -tags "synapse_blacklist" -count=1 "${extra_test_args[@]}" "$@" $test_packages

scripts-dev/federation_client.py

@@ -43,7 +43,7 @@ import argparse
 import base64
 import json
 import sys
-from typing import Any, Dict, Mapping, Optional, Tuple, Union
+from typing import Any, Dict, Optional, Tuple
 from urllib import parse as urlparse
 
 import requests
@@ -75,7 +75,7 @@ def encode_canonical_json(value: object) -> bytes:
         value,
         # Encode code-points outside of ASCII as UTF-8 rather than \u escapes
         ensure_ascii=False,
-        # Remove unnecessary white space.
+        # Remove unecessary white space.
         separators=(",", ":"),
         # Sort the keys of dictionaries.
         sort_keys=True,
@@ -298,23 +298,12 @@ class MatrixConnectionAdapter(HTTPAdapter):
 
         return super().send(request, *args, **kwargs)
 
-    def get_connection_with_tls_context(
-        self,
-        request: PreparedRequest,
-        verify: Optional[Union[bool, str]],
-        proxies: Optional[Mapping[str, str]] = None,
-        cert: Optional[Union[Tuple[str, str], str]] = None,
+    def get_connection(
+        self, url: str, proxies: Optional[Dict[str, str]] = None
     ) -> HTTPConnectionPool:
-        # overrides the get_connection_with_tls_context() method in the base class
-        parsed = urlparse.urlsplit(request.url)
-
-        # Extract the server name from the request URL, and ensure it's a str.
-        hostname = parsed.netloc
-        if isinstance(hostname, bytes):
-            hostname = hostname.decode("utf-8")
-        assert isinstance(hostname, str)
-
-        (host, port, ssl_server_name) = self._lookup(hostname)
+        # overrides the get_connection() method in the base class
+        parsed = urlparse.urlsplit(url)
+        (host, port, ssl_server_name) = self._lookup(parsed.netloc)
         print(
             f"Connecting to {host}:{port} with SNI {ssl_server_name}", file=sys.stderr
         )

scripts-dev/lint.sh

@@ -1,9 +1,8 @@
 #!/usr/bin/env bash
 #
 # Runs linting scripts over the local Synapse checkout
+# black - opinionated code formatter
 # ruff - lints and finds mistakes
-# mypy - typechecks python code
-# cargo clippy - lints rust code
 
 set -e
 
@@ -92,6 +91,7 @@ else
           "synapse" "docker" "tests"
           "scripts-dev"
           "contrib" "synmark" "stubs" ".ci"
+          "dev-docs"
       )
   fi
 fi
@@ -102,15 +102,18 @@ echo
 # Print out the commands being run
 set -x
 
+# Ensure the sort order of imports.
+isort "${files[@]}"
+
+# Ensure Python code conforms to an opinionated style.
+python3 -m black "${files[@]}"
+
 # Ensure the sample configuration file conforms to style checks.
 ./scripts-dev/config-lint.sh
 
 # Catch any common programming mistakes in Python code.
 # --quiet suppresses the update check.
-ruff check --quiet --fix "${files[@]}"
-
-# Reformat Python code.
-ruff format --quiet "${files[@]}"
+ruff --quiet --fix "${files[@]}"
 
 # Catch any common programming mistakes in Rust code.
 #

scripts-dev/mypy_synapse_plugin.py

@@ -38,7 +38,6 @@ from mypy.types import (
     NoneType,
     TupleType,
     TypeAliasType,
-    TypeVarType,
     UninhabitedType,
     UnionType,
 )
@@ -234,7 +233,6 @@ IMMUTABLE_CUSTOM_TYPES = {
     "synapse.synapse_rust.push.FilteredPushRules",
     # This is technically not immutable, but close enough.
     "signedjson.types.VerifyKey",
-    "synapse.types.StrCollection",
 }
 
 # Immutable containers only if the values are also immutable.
@@ -300,7 +298,7 @@ def is_cacheable(
 
         elif rt.type.fullname in MUTABLE_CONTAINER_TYPES:
             # Mutable containers are mutable regardless of their underlying type.
-            return False, f"container {rt.type.fullname} is mutable"
+            return False, None
 
         elif "attrs" in rt.type.metadata:
             # attrs classes are only cachable iff it is frozen (immutable itself)
@@ -320,9 +318,6 @@ def is_cacheable(
             else:
                 return False, "non-frozen attrs class"
 
-        elif rt.type.is_enum:
-            # We assume Enum values are immutable
-            return True, None
         else:
             # Ensure we fail for unknown types, these generally means that the
             # above code is not complete.
@@ -331,18 +326,6 @@ def is_cacheable(
                 f"Don't know how to handle {rt.type.fullname} return type instance",
             )
 
-    elif isinstance(rt, TypeVarType):
-        # We consider TypeVars immutable if they are bound to a set of immutable
-        # types.
-        if rt.values:
-            for value in rt.values:
-                ok, note = is_cacheable(value, signature, verbose)
-                if not ok:
-                    return False, f"TypeVar bound not cacheable {value}"
-            return True, None
-
-        return False, "TypeVar is unbound"
-
     elif isinstance(rt, NoneType):
         # None is cachable.
         return True, None

scripts-dev/release.py

@@ -20,7 +20,8 @@
 #
 #
 
-"""An interactive script for doing a release. See `cli()` below."""
+"""An interactive script for doing a release. See `cli()` below.
+"""
 
 import glob
 import json
@@ -69,7 +70,6 @@ def cli() -> None:
             pip install -e .[dev]
 
       - A checkout of the sytest repository at ../sytest
-      - A checkout of the complement repository at ../complement
 
     Then to use:
 
@@ -112,12 +112,10 @@ def _prepare() -> None:
     # Make sure we're in a git repo.
     synapse_repo = get_repo_and_check_clean_checkout()
     sytest_repo = get_repo_and_check_clean_checkout("../sytest", "sytest")
-    complement_repo = get_repo_and_check_clean_checkout("../complement", "complement")
 
     click.secho("Updating Synapse and Sytest git repos...")
     synapse_repo.remote().fetch()
     sytest_repo.remote().fetch()
-    complement_repo.remote().fetch()
 
     # Get the current version and AST from root Synapse module.
     current_version = get_package_version()
@@ -210,15 +208,7 @@ def _prepare() -> None:
             "Which branch should the release be based on?", default=default
         )
 
-        for repo_name, repo in {
-            "synapse": synapse_repo,
-            "sytest": sytest_repo,
-            "complement": complement_repo,
-        }.items():
-            # Special case for Complement: `develop` maps to `main`
-            if repo_name == "complement" and branch_name == "develop":
-                branch_name = "main"
-
+        for repo_name, repo in {"synapse": synapse_repo, "sytest": sytest_repo}.items():
             base_branch = find_ref(repo, branch_name)
             if not base_branch:
                 print(f"Could not find base branch {branch_name} for {repo_name}!")
@@ -241,12 +231,6 @@ def _prepare() -> None:
         if click.confirm("Push new SyTest branch?", default=True):
             sytest_repo.git.push("-u", sytest_repo.remote().name, release_branch_name)
 
-        # Same for Complement
-        if click.confirm("Push new Complement branch?", default=True):
-            complement_repo.git.push(
-                "-u", complement_repo.remote().name, release_branch_name
-            )
-
     # Switch to the release branch and ensure it's up to date.
     synapse_repo.git.checkout(release_branch_name)
     update_branch(synapse_repo)
@@ -323,11 +307,6 @@ def tag(gh_token: Optional[str]) -> None:
 def _tag(gh_token: Optional[str]) -> None:
     """Tags the release and generates a draft GitHub release"""
 
-    if gh_token:
-        # Test that the GH Token is valid before continuing.
-        gh = Github(gh_token)
-        gh.get_user()
-
     # Make sure we're in a git repo.
     repo = get_repo_and_check_clean_checkout()
 
@@ -422,11 +401,6 @@ def publish(gh_token: str) -> None:
 def _publish(gh_token: str) -> None:
     """Publish release on GitHub."""
 
-    if gh_token:
-        # Test that the GH Token is valid before continuing.
-        gh = Github(gh_token)
-        gh.get_user()
-
     # Make sure we're in a git repo.
     get_repo_and_check_clean_checkout()
 
@@ -469,11 +443,6 @@ def upload(gh_token: Optional[str]) -> None:
 def _upload(gh_token: Optional[str]) -> None:
     """Upload release to pypi."""
 
-    if gh_token:
-        # Test that the GH Token is valid before continuing.
-        gh = Github(gh_token)
-        gh.get_user()
-
     current_version = get_package_version()
     tag_name = f"v{current_version}"
 
@@ -569,11 +538,6 @@ def wait_for_actions(gh_token: Optional[str]) -> None:
 
 
 def _wait_for_actions(gh_token: Optional[str]) -> None:
-    if gh_token:
-        # Test that the GH Token is valid before continuing.
-        gh = Github(gh_token)
-        gh.get_user()
-
     # Find out the version and tag name.
     current_version = get_package_version()
     tag_name = f"v{current_version}"
@@ -666,9 +630,6 @@ def _merge_back() -> None:
     else:
         # Full release
         sytest_repo = get_repo_and_check_clean_checkout("../sytest", "sytest")
-        complement_repo = get_repo_and_check_clean_checkout(
-            "../complement", "complement"
-        )
 
         if click.confirm(f"Merge {branch_name} → master?", default=True):
             _merge_into(synapse_repo, branch_name, "master")
@@ -682,9 +643,6 @@ def _merge_back() -> None:
         if click.confirm("On SyTest, merge master → develop?", default=True):
             _merge_into(sytest_repo, "master", "develop")
 
-        if click.confirm(f"On Complement, merge {branch_name} → main?", default=True):
-            _merge_into(complement_repo, branch_name, "main")
-
 
 @cli.command()
 def announce() -> None:
@@ -702,7 +660,7 @@ def _announce() -> None:
 Hi everyone. Synapse {current_version} has just been released.
 
 [notes](https://github.com/element-hq/synapse/releases/tag/{tag_name}) | \
-[docker](https://hub.docker.com/r/matrixdotorg/synapse/tags?name={tag_name}) | \
+[docker](https://hub.docker.com/r/vectorim/synapse/tags?name={tag_name}) | \
 [debs](https://packages.matrix.org/debian/) | \
 [pypi](https://pypi.org/project/matrix-synapse/{current_version}/)"""
     )
@@ -730,11 +688,6 @@ Ask the designated people to do the blog and tweets."""
 @cli.command()
 @click.option("--gh-token", envvar=["GH_TOKEN", "GITHUB_TOKEN"], required=True)
 def full(gh_token: str) -> None:
-    if gh_token:
-        # Test that the GH Token is valid before continuing.
-        gh = Github(gh_token)
-        gh.get_user()
-
     click.echo("1. If this is a security release, read the security wiki page.")
     click.echo("2. Check for any release blockers before proceeding.")
     click.echo("    https://github.com/element-hq/synapse/labels/X-Release-Blocker")

stubs/txredisapi.pyi

@@ -13,8 +13,8 @@
 # See the License for the specific language governing permissions and
 # limitations under the License.
 
-"""Contains *incomplete* type hints for txredisapi."""
-
+"""Contains *incomplete* type hints for txredisapi.
+"""
 from typing import Any, List, Optional, Type, Union
 
 from twisted.internet import protocol

synapse/__init__.py

@@ -20,7 +20,8 @@
 #
 #
 
-"""This is an implementation of a Matrix homeserver."""
+""" This is an implementation of a Matrix homeserver.
+"""
 
 import os
 import sys

synapse/_scripts/generate_workers_map.py

@@ -44,7 +44,7 @@ logger = logging.getLogger("generate_workers_map")
 
 
 class MockHomeserver(HomeServer):
-    DATASTORE_CLASS = DataStore
+    DATASTORE_CLASS = DataStore  # type: ignore
 
     def __init__(self, config: HomeServerConfig, worker_app: Optional[str]) -> None:
         super().__init__(config.server.server_name, config=config)
@@ -171,7 +171,7 @@ def elide_http_methods_if_unconflicting(
     """
 
     def paths_to_methods_dict(
-        methods_and_paths: Iterable[Tuple[str, str]],
+        methods_and_paths: Iterable[Tuple[str, str]]
     ) -> Dict[str, Set[str]]:
         """
         Given (method, path) pairs, produces a dict from path to set of methods
@@ -201,7 +201,7 @@ def elide_http_methods_if_unconflicting(
 
 
 def simplify_path_regexes(
-    registrations: Dict[Tuple[str, str], EndpointDescription],
+    registrations: Dict[Tuple[str, str], EndpointDescription]
 ) -> Dict[Tuple[str, str], EndpointDescription]:
     """
     Simplify all the path regexes for the dict of endpoint descriptions,

synapse/_scripts/hash_password.py

@@ -56,9 +56,7 @@ def main() -> None:
     password_pepper = password_config.get("pepper", password_pepper)
     password = args.password
 
-    if not password and not sys.stdin.isatty():
-        password = sys.stdin.readline().strip()
-    elif not password:
+    if not password:
         password = prompt_for_pass()
 
     # On Python 2, make sure we decode it to Unicode before we normalise it

synapse/_scripts/register_new_matrix_user.py

@@ -52,7 +52,6 @@ def request_registration(
     user_type: Optional[str] = None,
     _print: Callable[[str], None] = print,
     exit: Callable[[int], None] = sys.exit,
-    exists_ok: bool = False,
 ) -> None:
     url = "%s/_synapse/admin/v1/register" % (server_location.rstrip("/"),)
 
@@ -98,10 +97,6 @@ def request_registration(
     r = requests.post(url, json=data)
 
     if r.status_code != 200:
-        response = r.json()
-        if exists_ok and response["errcode"] == "M_USER_IN_USE":
-            _print("User already exists. Skipping.")
-            return
         _print("ERROR! Received %d %s" % (r.status_code, r.reason))
         if 400 <= r.status_code < 500:
             try:
@@ -120,7 +115,6 @@ def register_new_user(
     shared_secret: str,
     admin: Optional[bool],
     user_type: Optional[str],
-    exists_ok: bool = False,
 ) -> None:
     if not user:
         try:
@@ -160,13 +154,7 @@ def register_new_user(
             admin = False
 
     request_registration(
-        user,
-        password,
-        server_location,
-        shared_secret,
-        bool(admin),
-        user_type,
-        exists_ok=exists_ok,
+        user, password, server_location, shared_secret, bool(admin), user_type
     )
 
 
@@ -186,22 +174,10 @@ def main() -> None:
         help="Local part of the new user. Will prompt if omitted.",
     )
     parser.add_argument(
-        "--exists-ok",
-        action="store_true",
-        help="Do not fail if user already exists.",
-    )
-    password_group = parser.add_mutually_exclusive_group()
-    password_group.add_argument(
         "-p",
         "--password",
         default=None,
-        help="New password for user. Will prompt for a password if "
-        "this flag and `--password-file` are both omitted.",
-    )
-    password_group.add_argument(
-        "--password-file",
-        default=None,
-        help="File containing the new password for user. If set, will override `--password`.",
+        help="New password for user. Will prompt if omitted.",
     )
     parser.add_argument(
         "-t",
@@ -209,7 +185,6 @@ def main() -> None:
         default=None,
         help="User type as specified in synapse.api.constants.UserTypes",
     )
-
     admin_group = parser.add_mutually_exclusive_group()
     admin_group.add_argument(
         "-a",
@@ -272,11 +247,6 @@ def main() -> None:
             print(_NO_SHARED_SECRET_OPTS_ERROR, file=sys.stderr)
             sys.exit(1)
 
-    if args.password_file:
-        password = _read_file(args.password_file, "password-file").strip()
-    else:
-        password = args.password
-
     if args.server_url:
         server_url = args.server_url
     elif config is not None:
@@ -300,13 +270,7 @@ def main() -> None:
         admin = args.admin
 
     register_new_user(
-        args.user,
-        password,
-        server_url,
-        secret,
-        admin,
-        args.user_type,
-        exists_ok=args.exists_ok,
+        args.user, args.password, server_url, secret, admin, args.user_type
     )
 
 

synapse/_scripts/review_recent_signups.py

@@ -40,7 +40,6 @@ from synapse.storage.engines import create_engine
 
 class ReviewConfig(RootConfig):
     "A config class that just pulls out the database config"
-
     config_classes = [DatabaseConfig]
 
 
@@ -161,11 +160,7 @@ def main() -> None:
 
     with make_conn(database_config, engine, "review_recent_signups") as db_conn:
         # This generates a type of Cursor, not LoggingTransaction.
-        user_infos = get_recent_users(
-            db_conn.cursor(),
-            since_ms,  # type: ignore[arg-type]
-            exclude_users_with_appservice,
-        )
+        user_infos = get_recent_users(db_conn.cursor(), since_ms, exclude_users_with_appservice)  # type: ignore[arg-type]
 
     for user_info in user_infos:
         if exclude_users_with_email and user_info.emails:

synapse/_scripts/synapse_port_db.py

@@ -60,7 +60,7 @@ from synapse.logging.context import (
 )
 from synapse.notifier import ReplicationNotifier
 from synapse.storage.database import DatabasePool, LoggingTransaction, make_conn
-from synapse.storage.databases.main import FilteringWorkerStore
+from synapse.storage.databases.main import FilteringWorkerStore, PushRuleStore
 from synapse.storage.databases.main.account_data import AccountDataWorkerStore
 from synapse.storage.databases.main.client_ips import ClientIpBackgroundUpdateStore
 from synapse.storage.databases.main.deviceinbox import DeviceInboxBackgroundUpdateStore
@@ -77,8 +77,10 @@ from synapse.storage.databases.main.media_repository import (
 )
 from synapse.storage.databases.main.presence import PresenceBackgroundUpdateStore
 from synapse.storage.databases.main.profile import ProfileWorkerStore
-from synapse.storage.databases.main.push_rule import PusherWorkerStore
-from synapse.storage.databases.main.pusher import PusherBackgroundUpdatesStore
+from synapse.storage.databases.main.pusher import (
+    PusherBackgroundUpdatesStore,
+    PusherWorkerStore,
+)
 from synapse.storage.databases.main.receipts import ReceiptsBackgroundUpdateStore
 from synapse.storage.databases.main.registration import (
     RegistrationBackgroundUpdateStore,
@@ -119,24 +121,18 @@ BOOLEAN_COLUMNS = {
     "e2e_room_keys": ["is_verified"],
     "event_edges": ["is_state"],
     "events": ["processed", "outlier", "contains_url"],
-    "local_media_repository": ["safe_from_quarantine", "authenticated"],
-    "per_user_experimental_features": ["enabled"],
+    "local_media_repository": ["safe_from_quarantine"],
     "presence_list": ["accepted"],
     "presence_stream": ["currently_active"],
     "public_room_list_stream": ["visibility"],
     "pushers": ["enabled"],
     "redactions": ["have_censored"],
-    "remote_media_cache": ["authenticated"],
     "room_stats_state": ["is_federatable"],
     "rooms": ["is_public", "has_auth_chain_index"],
-    "sliding_sync_joined_rooms": ["is_encrypted"],
-    "sliding_sync_membership_snapshots": [
-        "has_known_state",
-        "is_encrypted",
-    ],
-    "users": ["shadow_banned", "approved", "locked", "suspended"],
+    "users": ["shadow_banned", "approved", "locked"],
     "un_partial_stated_event_stream": ["rejection_status_changed"],
     "users_who_share_rooms": ["share_private"],
+    "per_user_experimental_features": ["enabled"],
 }
 
 
@@ -249,6 +245,7 @@ class Store(
     AccountDataWorkerStore,
     FilteringWorkerStore,
     ProfileWorkerStore,
+    PushRuleStore,
     PusherWorkerStore,
     PusherBackgroundUpdatesStore,
     PresenceBackgroundUpdateStore,
@@ -717,7 +714,9 @@ class Porter:
                 return
 
             # Check if all background updates are done, abort if not.
-            updates_complete = await self.sqlite_store.db_pool.updates.has_completed_background_updates()
+            updates_complete = (
+                await self.sqlite_store.db_pool.updates.has_completed_background_updates()
+            )
             if not updates_complete:
                 end_error = (
                     "Pending background updates exist in the SQLite3 database."
@@ -781,74 +780,22 @@ class Porter:
             await self._setup_events_stream_seqs()
             await self._setup_sequence(
                 "un_partial_stated_event_stream_sequence",
-                [("un_partial_stated_event_stream", "stream_id")],
+                ("un_partial_stated_event_stream",),
             )
             await self._setup_sequence(
-                "device_inbox_sequence",
-                [
-                    ("device_inbox", "stream_id"),
-                    ("device_federation_outbox", "stream_id"),
-                ],
+                "device_inbox_sequence", ("device_inbox", "device_federation_outbox")
             )
             await self._setup_sequence(
                 "account_data_sequence",
-                [
-                    ("room_account_data", "stream_id"),
-                    ("room_tags_revisions", "stream_id"),
-                    ("account_data", "stream_id"),
-                ],
-            )
-            await self._setup_sequence(
-                "receipts_sequence",
-                [
-                    ("receipts_linearized", "stream_id"),
-                ],
-            )
-            await self._setup_sequence(
-                "presence_stream_sequence",
-                [
-                    ("presence_stream", "stream_id"),
-                ],
+                ("room_account_data", "room_tags_revisions", "account_data"),
             )
+            await self._setup_sequence("receipts_sequence", ("receipts_linearized",))
+            await self._setup_sequence("presence_stream_sequence", ("presence_stream",))
             await self._setup_auth_chain_sequence()
             await self._setup_sequence(
                 "application_services_txn_id_seq",
-                [
-                    (
-                        "application_services_txns",
-                        "txn_id",
-                    )
-                ],
-            )
-            await self._setup_sequence(
-                "device_lists_sequence",
-                [
-                    ("device_lists_stream", "stream_id"),
-                    ("user_signature_stream", "stream_id"),
-                    ("device_lists_outbound_pokes", "stream_id"),
-                    ("device_lists_changes_in_room", "stream_id"),
-                    ("device_lists_remote_pending", "stream_id"),
-                    ("device_lists_changes_converted_stream_position", "stream_id"),
-                ],
-            )
-            await self._setup_sequence(
-                "e2e_cross_signing_keys_sequence",
-                [
-                    ("e2e_cross_signing_keys", "stream_id"),
-                ],
-            )
-            await self._setup_sequence(
-                "push_rules_stream_sequence",
-                [
-                    ("push_rules_stream", "stream_id"),
-                ],
-            )
-            await self._setup_sequence(
-                "pushers_sequence",
-                [
-                    ("pushers", "id"),
-                    ("deleted_pushers", "stream_id"),
-                ],
+                ("application_services_txns",),
+                "txn_id",
             )
 
             # Step 3. Get tables.
@@ -1157,11 +1104,12 @@ class Porter:
     async def _setup_sequence(
         self,
         sequence_name: str,
-        stream_id_tables: Iterable[Tuple[str, str]],
+        stream_id_tables: Iterable[str],
+        column_name: str = "stream_id",
     ) -> None:
         """Set a sequence to the correct value."""
         current_stream_ids = []
-        for stream_id_table, column_name in stream_id_tables:
+        for stream_id_table in stream_id_tables:
             max_stream_id = cast(
                 int,
                 await self.sqlite_store.db_pool.simple_select_one_onecol(

synapse/_scripts/update_synapse_database.py

@@ -41,7 +41,7 @@ logger = logging.getLogger("update_database")
 
 
 class MockHomeserver(HomeServer):
-    DATASTORE_CLASS = DataStore
+    DATASTORE_CLASS = DataStore  # type: ignore [assignment]
 
     def __init__(self, config: HomeServerConfig):
         super().__init__(

synapse/api/auth/__init__.py

@@ -18,7 +18,7 @@
 # [This file includes modifications made by New Vector Limited]
 #
 #
-from typing import TYPE_CHECKING, Optional, Tuple
+from typing import Optional, Tuple
 
 from typing_extensions import Protocol
 
@@ -28,9 +28,6 @@ from synapse.appservice import ApplicationService
 from synapse.http.site import SynapseRequest
 from synapse.types import Requester
 
-if TYPE_CHECKING:
-    from synapse.rest.admin.experimental_features import ExperimentalFeature
-
 # guests always get this device id.
 GUEST_DEVICE_ID = "guest_device"
 
@@ -90,19 +87,6 @@ class Auth(Protocol):
             AuthError if access is denied for the user in the access token
         """
 
-    async def get_user_by_req_experimental_feature(
-        self,
-        request: SynapseRequest,
-        feature: "ExperimentalFeature",
-        allow_guest: bool = False,
-        allow_expired: bool = False,
-        allow_locked: bool = False,
-    ) -> Requester:
-        """Like `get_user_by_req`, except also checks if the user has access to
-        the experimental feature. If they don't returns a 404 unrecognized
-        request.
-        """
-
     async def validate_appservice_can_control_user_id(
         self, app_service: ApplicationService, user_id: str
     ) -> None:

synapse/api/auth/internal.py

@@ -28,7 +28,6 @@ from synapse.api.errors import (
     Codes,
     InvalidClientTokenError,
     MissingClientTokenError,
-    UnrecognizedRequestError,
 )
 from synapse.http.site import SynapseRequest
 from synapse.logging.opentracing import active_span, force_tracing, start_active_span
@@ -39,10 +38,8 @@ from . import GUEST_DEVICE_ID
 from .base import BaseAuth
 
 if TYPE_CHECKING:
-    from synapse.rest.admin.experimental_features import ExperimentalFeature
     from synapse.server import HomeServer
 
-
 logger = logging.getLogger(__name__)
 
 
@@ -109,32 +106,6 @@ class InternalAuth(BaseAuth):
                     parent_span.set_tag("appservice_id", requester.app_service.id)
             return requester
 
-    async def get_user_by_req_experimental_feature(
-        self,
-        request: SynapseRequest,
-        feature: "ExperimentalFeature",
-        allow_guest: bool = False,
-        allow_expired: bool = False,
-        allow_locked: bool = False,
-    ) -> Requester:
-        try:
-            requester = await self.get_user_by_req(
-                request,
-                allow_guest=allow_guest,
-                allow_expired=allow_expired,
-                allow_locked=allow_locked,
-            )
-            if await self.store.is_feature_enabled(requester.user.to_string(), feature):
-                return requester
-
-            raise UnrecognizedRequestError(code=404)
-        except (AuthError, InvalidClientTokenError):
-            if feature.is_globally_enabled(self.hs.config):
-                # If its globally enabled then return the auth error
-                raise
-
-            raise UnrecognizedRequestError(code=404)
-
     @cancellable
     async def _wrapped_get_user_by_req(
         self,

synapse/api/auth/msc3861_delegated.py

@@ -40,7 +40,6 @@ from synapse.api.errors import (
     OAuthInsufficientScopeError,
     StoreError,
     SynapseError,
-    UnrecognizedRequestError,
 )
 from synapse.http.site import SynapseRequest
 from synapse.logging.context import make_deferred_yieldable
@@ -49,7 +48,6 @@ from synapse.util import json_decoder
 from synapse.util.caches.cached_call import RetryOnExceptionCachedCall
 
 if TYPE_CHECKING:
-    from synapse.rest.admin.experimental_features import ExperimentalFeature
     from synapse.server import HomeServer
 
 logger = logging.getLogger(__name__)
@@ -121,9 +119,7 @@ class MSC3861DelegatedAuth(BaseAuth):
         self._hostname = hs.hostname
         self._admin_token = self._config.admin_token
 
-        self._issuer_metadata = RetryOnExceptionCachedCall[OpenIDProviderMetadata](
-            self._load_metadata
-        )
+        self._issuer_metadata = RetryOnExceptionCachedCall(self._load_metadata)
 
         if isinstance(auth_method, PrivateKeyJWTWithKid):
             # Use the JWK as the client secret when using the private_key_jwt method
@@ -147,45 +143,6 @@ class MSC3861DelegatedAuth(BaseAuth):
         # metadata.validate_introspection_endpoint()
         return metadata
 
-    async def issuer(self) -> str:
-        """
-        Get the configured issuer
-
-        This will use the issuer value set in the metadata,
-        falling back to the one set in the config if not set in the metadata
-        """
-        metadata = await self._issuer_metadata.get()
-        return metadata.issuer or self._config.issuer
-
-    async def account_management_url(self) -> Optional[str]:
-        """
-        Get the configured account management URL
-
-        This will discover the account management URL from the issuer if it's not set in the config
-        """
-        if self._config.account_management_url is not None:
-            return self._config.account_management_url
-
-        try:
-            metadata = await self._issuer_metadata.get()
-            return metadata.get("account_management_uri", None)
-        # We don't want to raise here if we can't load the metadata
-        except Exception:
-            logger.warning("Failed to load metadata:", exc_info=True)
-            return None
-
-    async def _introspection_endpoint(self) -> str:
-        """
-        Returns the introspection endpoint of the issuer
-
-        It uses the config option if set, otherwise it will use OIDC discovery to get it
-        """
-        if self._config.introspection_endpoint is not None:
-            return self._config.introspection_endpoint
-
-        metadata = await self._issuer_metadata.get()
-        return metadata.get("introspection_endpoint")
-
     async def _introspect_token(self, token: str) -> IntrospectionToken:
         """
         Send a token to the introspection endpoint and returns the introspection response
@@ -202,7 +159,8 @@ class MSC3861DelegatedAuth(BaseAuth):
         Returns:
             The introspection response
         """
-        introspection_endpoint = await self._introspection_endpoint()
+        metadata = await self._issuer_metadata.get()
+        introspection_endpoint = metadata.get("introspection_endpoint")
         raw_headers: Dict[str, str] = {
             "Content-Type": "application/x-www-form-urlencoded",
             "User-Agent": str(self._http_client.user_agent, "utf-8"),
@@ -287,32 +245,6 @@ class MSC3861DelegatedAuth(BaseAuth):
 
         return requester
 
-    async def get_user_by_req_experimental_feature(
-        self,
-        request: SynapseRequest,
-        feature: "ExperimentalFeature",
-        allow_guest: bool = False,
-        allow_expired: bool = False,
-        allow_locked: bool = False,
-    ) -> Requester:
-        try:
-            requester = await self.get_user_by_req(
-                request,
-                allow_guest=allow_guest,
-                allow_expired=allow_expired,
-                allow_locked=allow_locked,
-            )
-            if await self.store.is_feature_enabled(requester.user.to_string(), feature):
-                return requester
-
-            raise UnrecognizedRequestError(code=404)
-        except (AuthError, InvalidClientTokenError):
-            if feature.is_globally_enabled(self.hs.config):
-                # If its globally enabled then return the auth error
-                raise
-
-            raise UnrecognizedRequestError(code=404)
-
     async def get_user_by_access_token(
         self,
         token: str,

synapse/api/constants.py

@@ -43,6 +43,7 @@ MAIN_TIMELINE: Final = "main"
 
 
 class Membership:
+
     """Represents the membership states of a user in a room."""
 
     INVITE: Final = "invite"
@@ -50,7 +51,7 @@ class Membership:
     KNOCK: Final = "knock"
     LEAVE: Final = "leave"
     BAN: Final = "ban"
-    LIST: Final = frozenset((INVITE, JOIN, KNOCK, LEAVE, BAN))
+    LIST: Final = (INVITE, JOIN, KNOCK, LEAVE, BAN)
 
 
 class PresenceState:
@@ -128,12 +129,6 @@ class EventTypes:
     SpaceParent: Final = "m.space.parent"
 
     Reaction: Final = "m.reaction"
-    Sticker: Final = "m.sticker"
-    LiveLocationShareStart: Final = "m.beacon_info"
-
-    CallInvite: Final = "m.call.invite"
-
-    PollStart: Final = "m.poll.start"
 
 
 class ToDeviceEventTypes:
@@ -225,13 +220,6 @@ class EventContentFields:
     # This is deprecated in MSC2175.
     ROOM_CREATOR: Final = "creator"
 
-    # The version of the room for `m.room.create` events.
-    ROOM_VERSION: Final = "room_version"
-
-    ROOM_NAME: Final = "name"
-
-    MEMBERSHIP: Final = "membership"
-
     # Used in m.room.guest_access events.
     GUEST_ACCESS: Final = "guest_access"
 
@@ -244,18 +232,6 @@ class EventContentFields:
     # an unspecced field added to to-device messages to identify them uniquely-ish
     TO_DEVICE_MSGID: Final = "org.matrix.msgid"
 
-    # `m.room.encryption`` algorithm field
-    ENCRYPTION_ALGORITHM: Final = "algorithm"
-
-    TOMBSTONE_SUCCESSOR_ROOM: Final = "replacement_room"
-
-
-class EventUnsignedContentFields:
-    """Fields found inside the 'unsigned' data on events"""
-
-    # Requesting user's membership, per MSC4115
-    MEMBERSHIP: Final = "membership"
-
 
 class RoomTypes:
     """Understood values of the room_type field of m.room.create events."""

synapse/api/errors.py

@@ -128,10 +128,6 @@ class Codes(str, Enum):
     # MSC2677
     DUPLICATE_ANNOTATION = "M_DUPLICATE_ANNOTATION"
 
-    # MSC3575 we are telling the client they need to expire their sliding sync
-    # connection.
-    UNKNOWN_POS = "M_UNKNOWN_POS"
-
 
 class CodeMessageException(RuntimeError):
     """An exception with integer code, a message string attributes and optional headers.
@@ -521,6 +517,8 @@ class InvalidCaptchaError(SynapseError):
 class LimitExceededError(SynapseError):
     """A client has sent too many requests and is being throttled."""
 
+    include_retry_after_header = False
+
     def __init__(
         self,
         limiter_name: str,
@@ -528,10 +526,9 @@ class LimitExceededError(SynapseError):
         retry_after_ms: Optional[int] = None,
         errcode: str = Codes.LIMIT_EXCEEDED,
     ):
-        # Use HTTP header Retry-After to enable library-assisted retry handling.
         headers = (
             {"Retry-After": str(math.ceil(retry_after_ms / 1000))}
-            if retry_after_ms is not None
+            if self.include_retry_after_header and retry_after_ms is not None
             else None
         )
         super().__init__(code, "Too Many Requests", errcode, headers=headers)
@@ -851,17 +848,3 @@ class PartialStateConflictError(SynapseError):
             msg=PartialStateConflictError.message(),
             errcode=Codes.UNKNOWN,
         )
-
-
-class SlidingSyncUnknownPosition(SynapseError):
-    """An error that Synapse can return to signal to the client to expire their
-    sliding sync connection (i.e. send a new request without a `?since=`
-    param).
-    """
-
-    def __init__(self) -> None:
-        super().__init__(
-            HTTPStatus.BAD_REQUEST,
-            msg="Unknown position",
-            errcode=Codes.UNKNOWN_POS,
-        )