Releases: matrix-org/matrix-hookshot
4.1.0 2023-05-24
Features
- Add support for notifying when a GitLab MR has a single review (rather than completed review). (#736)
- Add support for Sentry tracing. (#754)
Bugfixes
- Fix feed message format when the item does not contain a title or link. (#737)
- Fix HTML appearing in its escaped form in feed item summaries. (#738)
- Fix Github comments not being rendered correctly as blockquotes. (#746)
- Fix setup issues when the bot has PL 0 and room default isn't 0. (#755)
Internal Changes
4.0.0 (2023-04-27)
Features
- Add support for specifying custom templates for feeds. (#702)
- Use SQLite for file-based crypto stores by default, instead of Sled. (#714)
- Notifications for RSS feed failures can now be toggled on and off. The feature is now off by default. (#716)
Bugfixes
- Fix mishandling of empty feed/item title tags. (#708)
- Add information about GitHub App Installs in 'update' state on the oauth status page. (#717)
- Fix cases of GitHub repos not being bridgable if the GitHub App had to be manually approved. (#718)
- Switch to using Rust for parsing RSS feeds. (#721)
Deprecations and Removals
- Add support for Node 20, and drop support for Node 16. (#724)
Internal Changes
- Ensure all Hookshot specific metrics have a
hookshot_
prefix. (#701) - Update dependency used in Generic Webhook JS functions to fix a security flaw. (#705)
- Switch to using Rust for parsing RSS feeds. (#709)
- Update the README with a prettier set of features. (#726)
- Update
yaml
dependency to2.2.2
(#728)
3.2.0 (2023-04-04)
Features
- Allow users to import other people's go-neb services. (#695)
- Add support for push events on Github repo connections. (#696)
- Add support for issue created notifications in Github Repo connections. (#697)
- Support using the
guid
field of an RSS feed entry as a link (#700)
Internal Changes
- Only run changelog checks when only the changelog changes in CI. (#692)
3.1.1 2023-03-28
3.1.0 (2023-03-28)
Bugfixes
- Ensure Hookshot shuts down faster when running feeds. (#671)
- Fix GitHub repo connections not always applying state updates. (#672)
- Don't hide Create Connection button in Migration component. (#675)
- Ensure the widget still works without needing to store local storage data. (#678)
- Fix a missing grant for a connection sometimes causing a crash. (#680)
- Don't check Content-Type of RSS feeds when adding a new connection, instead just check if the feed is valid. (#684)
- Make sure we're not treating garbage data in feed items as guids. (#687)
- Improve resiliency to invite/join races when Hookshot is added by an integration manager. (#691)
Internal Changes
- Add release.sh script and release.yml workflow to make the release process easier. (#667)
- Add a /ready and /live endpoint to each listener, so that it can be checked independently. (#676)
- Add
feed_failing
metric to track the number of feeds failing to be read or parsed. (#681) - Stagger RSS feed polling over the interval period, rather than attempting to poll all feeds at once. Should reduce memory / CPU spikes. (#685)
3.0.1 (2023-03-21)
3.0.0 (2023-03-17)
This release includes some new landmark improvements to support public Hookshots.
One key feature is the new Go-NEB migrator. If you run a Go-NEB instance currently and are looking for a way to migrate GitHub and RSS feeds
over to Hookshot, there is a nice fancy widget feature for this.
The other feature is we have now implemented a "Grant" system for authorising new connections in rooms. Simply put when you create a new connection
in a room to a remote service like GitHub, we now store the validity of that authorisation in the bridge. This is a new change where previously we
would not persist this authorization between sessions, so it was possible for users (who were permitted in the config to manageConnections
) to create
connections to anywhere Hookshot was already configured to talk to. This piece of extra security means we can now be more confident about allowing Hookshot
to be used in public spaces.
Upgrading to 3.0.0 is breaking, as the new grant system will run against any of your previous connections. It is imperative that where you have
created or edited a connection manually in the room state, that you are still authenticated to the service it is connected to. For instance, ensure
you are logged into GitHub if you have created manual GitHub connections. You can check the logs for any information on which connections have not
been granted.
For any users who are not able to immediately update, but are nontheless worried about the consequeneces for this change: Do not panic. You can always
update the permissions in your config to only allow manageConnections
to users you trust.
If you have any questions about this change, do not hesistate to reach out to #hookshot:half-shot.uk
.
Features
- Add support from migrating go-neb services to Hookshot (#647)
- Implement grant system to internally record all approved connections in hookshot. (#655)
- Add support for logging into GitHub via OAuth from bridge widgets. (#661)
Bugfixes
roomSetupWidget
in widget config does now allow an empty value (#657)- Fix service bots not being able to reject invites with a reason. (#659)
- Fix Hookshot presenting room connections as editable if the user has a default-or-greater power levels. This was only a presentation bug, power levels were and are proeprly checked at creation/edit time. (#660)
Improved Documentation
- Update docs and sample config for serviceBots. Thanks to @HarHarLinks. (#643)
Internal Changes
2.7.0 (2023-01-20)
Features
- The room configuration widget now features an improved project search component, which now shows project avatars and descriptions. (#624)
2.6.1 (2023-01-16)
2.6.0 (2023-01-13)
Features
- Add support for experimental end-to-bridge encryption via MSC3202. (#299)
- Add support for additional bot users called "service bots" which handle a particular connection type, so that different services can be used through different bot users. (#573)
- Add new GitHubRepo connection config setting
workflowRun.workflows
to filter run reports by workflow name. (#588) - The GitHub/GitLab connection state configuration has changed. The configuration option
ignoreHooks
is now deprecated, and new connections may not use this options.
Users should instead explicitly configure all the hooks they want to enable with theenableHooks
option. Existing connections will continue to work with both options. (#592) - A11y: Add alt tags to all images. (#602)
Bugfixes
- Parent projects are now taken into account when calculating a user's access level to a GitLab project. (#539)
- Ensure bridge treats published and drafted GitHub releases as different events. (#582)
- Fix a bug where unknown keys in a connections state would be clobbered when updated via widget UI. (#587)
- Improve webhook code editor performance. (#601)
- Correctly apply CSS for recent RSS feed changes. (#604)
- Improve startup stability by not loading all room state at once. (#614)
- You can now add multiple GitLab connections to the same room with the same project path, if they are under different instances. (#617)
Improved Documentation
- Clarify GitLab setup docs (#350)
- Change URL protocol in the ocumentation and sample configs to HTTPS. (#623)
Deprecations and Removals
- Remove support for Pantalaimon-based encryption. (#299)
Internal Changes
- RSS feed polling now uses cache headers sent by servers, which should mean we will be more conservative on resources. (#583)
- Only build ARM images when merging or releasing, due to slow ARM build times. (#589)
- Increase maximum size of incoming webhook payload from
100kb
to10mb
. (#606) - Mark encryption feature as experimental (config option is now
experimentalEncryption
). (#610) - Cache yarn dependencies during Docker build. (#615)