Dendrite 0.10.7

NOTE: Docker users may need to change the ownership of the Dendrite files (config, JetStream, logs, media and fulltext index path) to the dendrite user (UID 1337) to complete this upgrade.

Features

• Dendrite will now use a native SQLite port when building with CGO_ENABLED=0
• A number of thirdparty endpoints have been added, improving support for appservices

Fixes

• The "state" section of the /sync response is no longer limited, so state events should not be dropped unexpectedly
• The deduplication of the "timeline" and "state" sections in /sync is now performed after applying history visibility, so state events should not be dropped unexpectedly
• The prev_batch token returned by /sync is now calculated after applying history visibility, so that the pagination boundaries are correct
• The room summary membership counts in /sync should now be calculated properly in more cases
• A false membership leave event should no longer be sent down /sync as a result of retiring an accepted invite (contributed by tak-hntlabs)
• Presence updates are now only sent to other servers for which the user shares rooms
• A bug which could cause a panic when converting events into the ClientEvent format has been fixed

Dendrite 0.10.6

Features

• History visibility checks have been optimised, which should speed up response times on a variety of endpoints (including /sync, /messages, /context and others) and reduce database load
• The built-in NATS Server has been updated to version 2.9.4
• Some other minor dependencies have been updated

Fixes

• A panic has been fixed in the sync API PDU stream which could cause requests to fail
• The /members response now contains the room_id field, which may fix some E2EE problems with clients using the JS SDK (contributed by ashkitten)
• The auth difference calculation in state resolution v2 has been tweaked for clarity (and moved into gomatrixserverlib with the rest of the state resolution code)

Dendrite 0.10.5

Features

• It is now possible to use hCaptcha instead of reCAPTCHA for protecting registration
• A new auto_join_rooms configuration option has been added for automatically joining new users to a set of rooms
• A new /_dendrite/admin/downloadState/{serverName}/{roomID} endpoint has been added, which allows a server administrator to attempt to repair a room with broken room state by downloading a state snapshot from another federated server in the room

Fixes

• Querying cross-signing keys for users should now be considerably faster
• A bug in state resolution where some events were not correctly selected for third-party invites has been fixed
• A bug in state resolution which could result in not in room event rejections has been fixed
• When accepting a DM invite, it should now be possible to see messages that were sent before the invite was accepted
• Claiming remote E2EE one-time keys has been refactored and should be more reliable now
• Various fixes have been made to the /members endpoint, which may help with E2EE reliability and clients rendering memberships
• A race condition in the federation API destination queues has been fixed when associating queued events with remote server destinations
• A bug in the sync API where too many events were selected resulting in high CPU usage has been fixed
• Configuring the avatar URL for the Server Notices user should work correctly now

Dendrite 0.10.4

Features

• Various tables belonging to the user API will be renamed so that they are namespaced with the userapi_ prefix
  • Note that, after upgrading to this version, you should not revert to an older version of Dendrite as the database changes will not be reverted automatically
• The backoff and retry behaviour in the federation API has been refactored and improved

Fixes

• Private read receipt support is now advertised in the client /versions endpoint
• Private read receipts will now clear notification counts properly
• A bug where a false leave membership transition was inserted into the timeline after accepting an invite has been fixed
• Some panics caused by concurrent map writes in the key server have been fixed
• The sync API now calculates membership transitions from state deltas more accurately
• Transaction IDs are now scoped to endpoints, which should fix some bugs where transaction ID reuse could cause nonsensical cached responses from some endpoints
• The length of the type, sender, state_key and room_id fields in events are now verified by number of bytes rather than codepoints after a spec clarification, reverting a change made in Dendrite 0.9.6

Dendrite 0.10.3

Features

• Event relations are now tracked and support for the /room/{roomID}/relations/... client API endpoints have been added
• Support has been added for private read receipts
• The built-in NATS Server has been updated to version 2.9.3

Fixes

• The unread_notifications are now always populated in joined room responses
• The /get_missing_events federation API endpoint should now work correctly for rooms with joined and invited visibility settings, returning redacted events for events that other servers are not allowed to see
• The /event client API endpoint now applies history visibility correctly
• Read markers should now be updated much more reliably
• A rare bug in the sync API which could cause some join memberships to be incorrectly overwritten by other memberships when working out which rooms to populate has been fixed
• The federation API now correctly updates the joined hosts table during a state rewrite

Dendrite 0.10.2

Features

• Dendrite will now fail to start if there is an obvious problem with the configured max_open_conns when using PostgreSQL database backends, since this can lead to instability and performance issues
  • More information on this is available in the documentation
• Unnecessary/empty fields will no longer be sent in /sync responses
• It is now possible to configure old_private_keys from previous Matrix installations on the same domain if only public key is known, to make it easier to expire old keys correctly
  • You can configure either just the private_key path, or you can supply both the public_key and key_id

Fixes

• The sync transaction behaviour has been modified further so that errors in one stream should not propagate to other streams unnecessarily
• Rooms should now be classified as DM rooms correctly by passing through is_direct and unsigned hints
• A bug which caused marking device lists as stale to consume lots of CPU has been fixed
• Users accepting invites should no longer cause unnecessary federated joins if there are already other local users in the room
• The sync API state range queries have been optimised by adding missing indexes
• It should now be possible to configure non-English languages for full-text search in search.language
• The roomserver will no longer attempt to perform federated requests to the local server when trying to fetch missing events
• The /keys/upload endpoint will now always return the one_time_keys_counts, which may help with E2EE reliability
• The sync API will now retrieve the latest stream position before processing each stream rather than at the beginning of the request, to hopefully reduce the number of round-trips to /sync

Dendrite 0.10.1

Features

• The built-in NATS Server has been updated to version 2.9.2

Fixes

• A regression introduced in 0.10.0 in /sync as a result of transaction errors has been fixed
• Account data updates will no longer send duplicate output events

Dendrite 0.10.0

Features

• High performance full-text searching has been added to Dendrite
  • Search must be enabled in the search section of the sync_api config before it can be used
  • The search index is stored on the filesystem rather than the sync API database, so a path to a suitable storage location on disk must be configured
• Sync requests should now complete faster and use considerably less database connections as a result of better transactional isolation
• The notifications code has been refactored to hopefully make notifications more reliable
• A new /_dendrite/admin/refreshDevices/{userID} admin endpoint has been added for forcing a refresh of a remote user's device lists without having to modify the database by hand
• A new /_dendrite/admin/fulltext/reindex admin endpoint has been added for rebuilding the search index (although this may take some time)

Fixes

• A number of bugs in the device list updater have been fixed, which should help considerably with federated device list synchronisation and E2EE reliability
• A state resolution bug has been fixed which should help to prevent unexpected state resets
• The deprecated "origin" field in events will now be correctly ignored in all cases
• Room versions 8 and 9 will now correctly evaluate "knock" join rules and membership states
• A database index has been added to speed up finding room memberships in the sync API (contributed by PiotrKozimor)
• The client API will now return an M_UNRECOGNIZED error for unknown endpoints/methods, which should help with client error handling
• A bug has been fixed when updating push rules which could result in database is locked on SQLite

Dendrite 0.9.9

Features

• Dendrite will now try to keep HTTP connections open to remote federated servers for a few minutes after a request and attempt to reuse those connections where possible
  • This should reduce the amount of time spent on TLS handshakes and often speed up requests to remote servers
  • This new behaviour can be disabled with the federation_api.disable_http_keepalives option if needed
• A number of dependencies have been updated

Fixes

• A bug where the roomserver did not correctly propagate rewritten room state to downstream components (like the federation API and sync API) has been fixed, which could cause issues when performing a federated join to a previously left room
• Event auth now correctly parses the join_authorised_via_users_server field in the membership event content
• Database migrations should no longer produce unique constraint errors at Dendrite startup
• The origin of device list updates should now be populated correctly
• Send-to-device messages will no longer be dropped if we fail to publish them to specific devices
• The roomserver query to find state after events will now always resolve state if there are multiple prev events
• The roomserver will now return no memberships if querying history visibility for an event which has no state snapshot
• The device list updater will now mark a device list as stale if a requesting device ID is not known
• Transactions sent to appservices should no longer have accidental duplicated transaction IDs (contributed by tak-hntlabs)

Dendrite 0.9.8

Important

• This is a security release to fix a vulnerability where missing events retrieved from other servers did not have their signatures verified in all cases, affecting all versions of Dendrite before 0.9.8. Upgrading to this version is highly recommended. For more information, see here.

Features

• The built-in NATS Server has been updated to the final 2.9.0 release version

Fixes

• Dendrite will now correctly verify the signatures of events retrieved using /get_missing_events