mirror of
https://github.com/element-hq/synapse.git
synced 2025-12-05 01:10:13 +00:00
427 lines
15 KiB
TOML
427 lines
15 KiB
TOML
[project]
|
|
name = "matrix-synapse"
|
|
version = "1.144.0rc1"
|
|
description = "Homeserver for the Matrix decentralised comms protocol"
|
|
readme = "README.rst"
|
|
authors = [
|
|
{ name = "Matrix.org Team and Contributors", email = "packages@matrix.org" }
|
|
]
|
|
requires-python = ">=3.10.0,<4.0.0"
|
|
license = "AGPL-3.0-or-later OR LicenseRef-Element-Commercial"
|
|
classifiers = [
|
|
"Development Status :: 5 - Production/Stable",
|
|
"Topic :: Communications :: Chat",
|
|
]
|
|
|
|
# Mandatory Dependencies
|
|
dependencies = [
|
|
# we use the TYPE_CHECKER.redefine method added in jsonschema 3.0.0
|
|
"jsonschema>=3.0.0",
|
|
# 0.25.0 is the first version to support Python 3.14.
|
|
# We can remove this once https://github.com/python-jsonschema/jsonschema/issues/1426 is fixed
|
|
# and included in a release.
|
|
"rpds-py>=0.25.0",
|
|
# We choose 2.0 as a lower bound: the most recent backwards incompatible release.
|
|
# It seems generally available, judging by https://pkgs.org/search/?q=immutabledict
|
|
"immutabledict>=2.0",
|
|
# We require 2.1.0 or higher for type hints. Previous guard was >= 1.1.0
|
|
"unpaddedbase64>=2.1.0",
|
|
# We require 2.0.0 for immutabledict support.
|
|
"canonicaljson>=2.0.0,<3.0.0",
|
|
# we use the type definitions added in signedjson 1.1.
|
|
"signedjson>=1.1.0,<2.0.0",
|
|
# validating SSL certs for IP addresses requires service_identity 18.1.
|
|
"service-identity>=18.1.0",
|
|
# Twisted 18.9 introduces some logger improvements that the structured
|
|
# logger utilises
|
|
# Twisted 19.7.0 moves test helpers to a new module and deprecates the old location.
|
|
# Twisted 21.2.0 introduces contextvar support.
|
|
# We could likely bump this to 22.1 without making distro packagers'
|
|
# lives hard (as of 2025-07, distro support is Ubuntu LTS: 22.1, Debian stable: 22.4,
|
|
# RHEL 9: 22.10)
|
|
"Twisted[tls]>=21.2.0",
|
|
"treq>=21.5.0",
|
|
# Twisted has required pyopenssl 16.0 since about Twisted 16.6.
|
|
"pyOpenSSL>=16.0.0",
|
|
"PyYAML>=5.3",
|
|
"pyasn1>=0.1.9",
|
|
"pyasn1-modules>=0.0.7",
|
|
"bcrypt>=3.1.7",
|
|
# 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863.
|
|
# Packagers that already took care of libwebp can lower that down to 5.4.0.
|
|
"Pillow>=10.0.1",
|
|
# We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2.
|
|
# 2.0.5 updates collections.abc imports to avoid Python 3.10 incompatibility.
|
|
"sortedcontainers>=2.0.5",
|
|
"pymacaroons>=0.13.0",
|
|
"msgpack>=0.5.2",
|
|
"phonenumbers>=8.2.0",
|
|
# we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
|
|
# `prometheus_client.metrics` was added in 0.5.0, so we require that too.
|
|
# We chose 0.6.0 as that is the current version in Debian Buster (oldstable).
|
|
"prometheus-client>=0.6.0",
|
|
# we use `order`, which arrived in attrs 19.2.0.
|
|
# Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936
|
|
"attrs>=19.2.0,!=21.1.0",
|
|
"netaddr>=0.7.18",
|
|
# Jinja 2.x is incompatible with MarkupSafe>=2.1. To ensure that admins do not
|
|
# end up with a broken installation, with recent MarkupSafe but old Jinja, we
|
|
# add a lower bound to the Jinja2 dependency.
|
|
"Jinja2>=3.0",
|
|
# 3.2.0 updates collections.abc imports to avoid Python 3.10 incompatibility.
|
|
"bleach>=3.2.0",
|
|
# pydantic 2.12 depends on typing-extensions>=4.14.1
|
|
"typing-extensions>=4.14.1",
|
|
# We enforce that we have a `cryptography` version that bundles an `openssl`
|
|
# with the latest security patches.
|
|
"cryptography>=3.4.7",
|
|
# ijson 3.1.4 fixes a bug with "." in property names
|
|
"ijson>=3.1.4",
|
|
"matrix-common>=1.3.0,<2.0.0",
|
|
# We need packaging.verison.Version(...).major added in 20.0.
|
|
"packaging>=20.0",
|
|
"pydantic>=2.8;python_version < '3.14'",
|
|
"pydantic>=2.12;python_version >= '3.14'",
|
|
|
|
# This is for building the rust components during "poetry install", which
|
|
# currently ignores the `build-system.requires` directive (c.f.
|
|
# https://github.com/python-poetry/poetry/issues/6154). Both `pip install` and
|
|
# `poetry build` do the right thing without this explicit dependency.
|
|
#
|
|
# This isn't really a dev-dependency, as `poetry install --without dev` will fail,
|
|
# but the alternative is to add it to the main list of deps where it isn't
|
|
# needed.
|
|
"setuptools_rust>=1.3",
|
|
|
|
# This is used for parsing multipart responses
|
|
"python-multipart>=0.0.9",
|
|
]
|
|
|
|
[project.optional-dependencies]
|
|
matrix-synapse-ldap3 = ["matrix-synapse-ldap3>=0.1"]
|
|
postgres = [
|
|
"psycopg2>=2.8;platform_python_implementation != 'PyPy'",
|
|
"psycopg2cffi>=2.8;platform_python_implementation == 'PyPy'",
|
|
"psycopg2cffi-compat==1.1;platform_python_implementation == 'PyPy'",
|
|
]
|
|
saml2 = ["pysaml2>=4.5.0"]
|
|
oidc = ["authlib>=0.15.1"]
|
|
# systemd-python is necessary for logging to the systemd journal via
|
|
# `systemd.journal.JournalHandler`, as is documented in
|
|
# `contrib/systemd/log_config.yaml`.
|
|
systemd = ["systemd-python>=231"]
|
|
url-preview = ["lxml>=4.6.3"]
|
|
sentry = ["sentry-sdk>=0.7.2"]
|
|
opentracing = ["jaeger-client>=4.2.0", "opentracing>=2.2.0"]
|
|
jwt = ["authlib"]
|
|
# hiredis is not a *strict* dependency, but it makes things much faster.
|
|
# (if it is not installed, we fall back to slow code.)
|
|
redis = ["txredisapi>=1.4.7", "hiredis"]
|
|
# Required to use experimental `caches.track_memory_usage` config option.
|
|
cache-memory = ["pympler"]
|
|
# If this is updated, don't forget to update the equivalent lines in
|
|
# tool.poetry.group.dev.dependencies.
|
|
test = ["parameterized>=0.9.0", "idna>=3.3"]
|
|
|
|
# The duplication here is awful.
|
|
#
|
|
# TODO: This can be resolved via PEP 735 dependency groups, which poetry supports
|
|
# since 2.2.0. However, switching to that would require updating the command
|
|
# developers use to install the `all` group. This would require some coordination.
|
|
#
|
|
# NB: the strings in this list must be *package* names, not extra names.
|
|
# Some of our extra names _are_ package names, which can lead to great confusion.
|
|
all = [
|
|
# matrix-synapse-ldap3
|
|
"matrix-synapse-ldap3>=0.1",
|
|
# postgres
|
|
"psycopg2>=2.8;platform_python_implementation != 'PyPy'",
|
|
"psycopg2cffi>=2.8;platform_python_implementation == 'PyPy'",
|
|
"psycopg2cffi-compat==1.1;platform_python_implementation == 'PyPy'",
|
|
# saml2
|
|
"pysaml2>=4.5.0",
|
|
# oidc and jwt
|
|
"authlib>=0.15.1",
|
|
# url-preview
|
|
"lxml>=4.6.3",
|
|
# sentry
|
|
"sentry-sdk>=0.7.2",
|
|
# opentracing
|
|
"jaeger-client>=4.2.0", "opentracing>=2.2.0",
|
|
# redis
|
|
"txredisapi>=1.4.7", "hiredis",
|
|
# cache-memory
|
|
"pympler",
|
|
# omitted:
|
|
# - test: it's useful to have this separate from dev deps in the olddeps job
|
|
# - systemd: this is a system-based requirement
|
|
]
|
|
|
|
[project.urls]
|
|
repository = "https://github.com/element-hq/synapse"
|
|
documentation = "https://element-hq.github.io/synapse/latest"
|
|
"Issue Tracker" = "https://github.com/element-hq/synapse/issues"
|
|
|
|
[project.scripts]
|
|
synapse_homeserver = "synapse.app.homeserver:main"
|
|
synapse_worker = "synapse.app.generic_worker:main"
|
|
synctl = "synapse._scripts.synctl:main"
|
|
|
|
export_signing_key = "synapse._scripts.export_signing_key:main"
|
|
generate_config = "synapse._scripts.generate_config:main"
|
|
generate_log_config = "synapse._scripts.generate_log_config:main"
|
|
generate_signing_key = "synapse._scripts.generate_signing_key:main"
|
|
hash_password = "synapse._scripts.hash_password:main"
|
|
register_new_matrix_user = "synapse._scripts.register_new_matrix_user:main"
|
|
synapse_port_db = "synapse._scripts.synapse_port_db:main"
|
|
synapse_review_recent_signups = "synapse._scripts.review_recent_signups:main"
|
|
update_synapse_database = "synapse._scripts.update_synapse_database:main"
|
|
|
|
|
|
[tool.towncrier]
|
|
package = "synapse"
|
|
filename = "CHANGES.md"
|
|
directory = "changelog.d"
|
|
issue_format = "[\\#{issue}](https://github.com/element-hq/synapse/issues/{issue})"
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "feature"
|
|
name = "Features"
|
|
showcontent = true
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "bugfix"
|
|
name = "Bugfixes"
|
|
showcontent = true
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "docker"
|
|
name = "Updates to the Docker image"
|
|
showcontent = true
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "doc"
|
|
name = "Improved Documentation"
|
|
showcontent = true
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "removal"
|
|
name = "Deprecations and Removals"
|
|
showcontent = true
|
|
|
|
[[tool.towncrier.type]]
|
|
directory = "misc"
|
|
name = "Internal Changes"
|
|
showcontent = true
|
|
|
|
[tool.ruff]
|
|
line-length = 88
|
|
target-version = "py310"
|
|
|
|
[tool.ruff.lint]
|
|
# See https://beta.ruff.rs/docs/rules/#error-e
|
|
# for error codes. The ones we ignore are:
|
|
# E501: Line too long (black enforces this for us)
|
|
# E731: do not assign a lambda expression, use a def
|
|
#
|
|
# flake8-bugbear compatible checks. Its error codes are described at
|
|
# https://beta.ruff.rs/docs/rules/#flake8-bugbear-b
|
|
# B023: Functions defined inside a loop must not use variables redefined in the loop
|
|
ignore = [
|
|
"B023",
|
|
"E501",
|
|
"E731",
|
|
]
|
|
select = [
|
|
# pycodestyle
|
|
"E",
|
|
"W",
|
|
# pyflakes
|
|
"F",
|
|
# isort
|
|
"I001",
|
|
# flake8-bugbear
|
|
"B0",
|
|
# flake8-comprehensions
|
|
"C4",
|
|
# flake8-2020
|
|
"YTT",
|
|
# flake8-slots
|
|
"SLOT",
|
|
# flake8-debugger
|
|
"T10",
|
|
# flake8-pie
|
|
"PIE",
|
|
# flake8-executable
|
|
"EXE",
|
|
# flake8-logging
|
|
"LOG",
|
|
# flake8-logging-format
|
|
"G",
|
|
# pyupgrade
|
|
"UP006",
|
|
"UP007",
|
|
"UP045",
|
|
]
|
|
extend-safe-fixes = [
|
|
# pyupgrade rules compatible with Python >= 3.9
|
|
"UP006",
|
|
"UP007",
|
|
# pyupgrade rules compatible with Python >= 3.10
|
|
"UP045",
|
|
# Allow ruff to automatically fix trailing spaces within a multi-line string/comment.
|
|
"W293"
|
|
]
|
|
|
|
[tool.ruff.lint.isort]
|
|
combine-as-imports = true
|
|
section-order = ["future", "standard-library", "third-party", "twisted", "first-party", "testing", "local-folder"]
|
|
known-first-party = ["synapse"]
|
|
|
|
[tool.ruff.lint.isort.sections]
|
|
twisted = ["twisted", "OpenSSL"]
|
|
testing = ["tests"]
|
|
|
|
[tool.ruff.format]
|
|
quote-style = "double"
|
|
indent-style = "space"
|
|
skip-magic-trailing-comma = false
|
|
line-ending = "auto"
|
|
|
|
[tool.maturin]
|
|
manifest-path = "rust/Cargo.toml"
|
|
module-name = "synapse.synapse_rust"
|
|
|
|
[tool.poetry]
|
|
packages = [
|
|
{ include = "synapse" },
|
|
]
|
|
include = [
|
|
{ path = "AUTHORS.rst", format = "sdist" },
|
|
{ path = "book.toml", format = "sdist" },
|
|
{ path = "changelog.d", format = "sdist" },
|
|
{ path = "CHANGES.md", format = "sdist" },
|
|
{ path = "CONTRIBUTING.md", format = "sdist" },
|
|
{ path = "demo", format = "sdist" },
|
|
{ path = "docs", format = "sdist" },
|
|
{ path = "INSTALL.md", format = "sdist" },
|
|
{ path = "mypy.ini", format = "sdist" },
|
|
{ path = "scripts-dev", format = "sdist" },
|
|
{ path = "synmark", format="sdist" },
|
|
{ path = "sytest-blacklist", format = "sdist" },
|
|
{ path = "tests", format = "sdist" },
|
|
{ path = "UPGRADE.rst", format = "sdist" },
|
|
{ path = "Cargo.toml", format = "sdist" },
|
|
{ path = "Cargo.lock", format = "sdist" },
|
|
{ path = "rust/Cargo.toml", format = "sdist" },
|
|
{ path = "rust/build.rs", format = "sdist" },
|
|
{ path = "rust/src/**", format = "sdist" },
|
|
]
|
|
exclude = [
|
|
{ path = "synapse/*.so", format = "sdist"}
|
|
]
|
|
|
|
[tool.poetry.build]
|
|
script = "build_rust.py"
|
|
generate-setup-file = true
|
|
|
|
[tool.poetry.group.dev.dependencies]
|
|
# We pin development dependencies in poetry.lock so that our tests don't start
|
|
# failing on new releases. Keeping lower bounds loose here means that dependabot
|
|
# can bump versions without having to update the content-hash in the lockfile.
|
|
# This helps prevents merge conflicts when running a batch of dependabot updates.
|
|
ruff = "0.14.5"
|
|
|
|
# Typechecking
|
|
lxml-stubs = ">=0.4.0"
|
|
mypy = "*"
|
|
mypy-zope = "*"
|
|
types-bleach = ">=4.1.0"
|
|
types-jsonschema = ">=3.2.0"
|
|
types-netaddr = ">=0.8.0.6"
|
|
types-opentracing = ">=2.4.2"
|
|
types-Pillow = ">=8.3.4"
|
|
types-psycopg2 = ">=2.9.9"
|
|
types-pyOpenSSL = ">=20.0.7"
|
|
types-PyYAML = ">=5.4.10"
|
|
types-requests = ">=2.26.0"
|
|
types-setuptools = ">=57.4.0"
|
|
|
|
# Dependencies which are exclusively required by unit test code. This is
|
|
# NOT a list of all modules that are necessary to run the unit tests.
|
|
# Tests assume that all optional dependencies are installed.
|
|
#
|
|
# If this is updated, don't forget to update the equivalent lines in
|
|
# project.optional-dependencies.test.
|
|
parameterized = ">=0.9.0"
|
|
idna = ">=3.3"
|
|
|
|
# The following are used by the release script
|
|
click = ">=8.1.3"
|
|
# GitPython was == 3.1.14; bumped to 3.1.20, the first release with type hints.
|
|
GitPython = ">=3.1.20"
|
|
markdown-it-py = ">=3.0.0"
|
|
pygithub = ">=1.59"
|
|
# The following are executed as commands by the release script.
|
|
twine = "*"
|
|
# Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear.
|
|
towncrier = ">=18.6.0rc1"
|
|
|
|
# Used for checking the Poetry lockfile
|
|
tomli = ">=1.2.3"
|
|
|
|
# Used for checking the schema delta files
|
|
sqlglot = ">=28.0.0"
|
|
|
|
|
|
[build-system]
|
|
# The upper bounds here are defensive, intended to prevent situations like
|
|
# https://github.com/matrix-org/synapse/issues/13849 and
|
|
# https://github.com/matrix-org/synapse/issues/14079 where we see buildtime or
|
|
# runtime errors caused by build system changes.
|
|
# We are happy to raise these upper bounds upon request,
|
|
# provided we check that it's safe to do so (i.e. that CI passes).
|
|
requires = ["poetry-core>=2.0.0,<=2.1.3", "setuptools_rust>=1.3,<=1.11.1"]
|
|
build-backend = "poetry.core.masonry.api"
|
|
|
|
|
|
[tool.cibuildwheel]
|
|
# Skip unsupported platforms (by us or by Rust).
|
|
#
|
|
# See https://cibuildwheel.readthedocs.io/en/stable/options/#build-skip for the
|
|
# list of supported build targets.
|
|
#
|
|
# Also see `.github/workflows/release-artifacts.yml` for the list of
|
|
# architectures we build for (based on the runner OS types we use), as well as
|
|
# the platforms we exclude from testing in CI.
|
|
#
|
|
# We skip:
|
|
# - free-threaded cpython builds: these are not currently supported.
|
|
# - i686: We don't support 32-bit platforms.
|
|
# - *macosx*: we don't support building wheels for MacOS.
|
|
skip = "cp3??t-* *i686* *macosx*"
|
|
# Enable non-default builds. See the list of available options:
|
|
# https://cibuildwheel.pypa.io/en/stable/options#enable
|
|
#
|
|
# "pypy" used to be included by default up until cibuildwheel 3.
|
|
enable = "pypy"
|
|
|
|
# We need a rust compiler.
|
|
#
|
|
# We temporarily pin Rust to 1.82.0 to work around
|
|
# https://github.com/element-hq/synapse/issues/17988
|
|
before-all = "sh .ci/before_build_wheel.sh"
|
|
environment= { PATH = "$PATH:$HOME/.cargo/bin" }
|
|
|
|
# For some reason if we don't manually clean the build directory we
|
|
# can end up polluting the next build with a .so that is for the wrong
|
|
# Python version.
|
|
before-build = "rm -rf {project}/build"
|
|
build-frontend = "build"
|
|
test-command = "python -c 'from synapse.synapse_rust import sum_as_string; print(sum_as_string(1, 2))'"
|
|
|
|
|
|
[tool.cibuildwheel.linux]
|
|
# Wrap the repair command to correctly rename the built cpython wheels as ABI3.
|
|
repair-wheel-command = "./.ci/scripts/auditwheel_wrapper.py -w {dest_dir} {wheel}"
|