Synapse 0.99.1.1 Released!

Hey, everyone, today is the day we release Synapse 0.99.1.1

This release contains improved ACME support to make it even easier to get going with TLS certs on your federation end points, plus some tweaks to make the room version upgrade path easier.

Just as a reminder that the 0.99.x series is precursor for our 1.0 release (which will land in early March, exact date to be confirmed) - it is really important that all server admins are aware that self signed certificates on the Server to Server API will no longer be accepted by >= Synapse 1.0. If you have not already done so, now is the time to configure your certificate. For more info see our FAQ and if you get stuck come and join us in #Synapse.

As ever, you can get the new update here or any of the sources mentioned at https://github.com/matrix-org/synapse. Note, Synapse is now available from PyPI, pick it up here. Also, check out our new Synapse installation guide page.

Synapse 0.99.1.1 Changelog

Bugfixes

• Fix "TypeError: '>' not supported" when starting without an existing certificate. Fix a bug where an existing certificate would be reprovisoned every day. (#4648)

Synapse 0.99.1 Changelog

Features

• Include m.room.encryption on invites by default (#3902)
• Federation OpenID listener resource can now be activated even if federation is disabled (#4420)
• Synapse's ACME support will now correctly reprovision a certificate that approaches its expiry while Synapse is running. (#4522)
• Add ability to update backup versions (#4580)
• Allow the "unavailable" presence status for /sync. This change makes Synapse compliant with r0.4.0 of the Client-Server specification. (#4592)
• There is no longer any need to specify no_tls: it is inferred from the absence of TLS listeners (#4613, #4615, #4617, #4636)
• The default configuration no longer requires TLS certificates. (#4614)

Bugfixes

• Copy over room federation ability on room upgrade. (#4530)
• Fix noisy "twisted.internet.task.TaskStopped" errors in logs (#4546)
• Synapse is now tolerant of the tls_fingerprints option being None or not specified. (#4589)
• Fix 'no unique or exclusion constraint' error (#4591)
• Transfer Server ACLs on room upgrade. (#4608)
• Fix failure to start when not TLS certificate was given even if TLS was disabled. (#4618)
• Fix self-signed cert notice from generate-config. (#4625)
• Fix performance of user_ips table deduplication background update (#4626, #4627)

Internal Changes

• Change the user directory state query to use a filtered call to the db instead of a generic one. (#4462)
• Reject federation transactions if they include more than 50 PDUs or 100 EDUs. (#4513)
• Reduce duplication of synapse.app code. (#4567)
• Fix docker upload job to push -py2 images. (#4576)
• Add port configuration information to ACME instructions. (#4578)
• Update MSC1711 FAQ to clarify .well-known usage (#4584)
• Clean up default listener configuration (#4586)
• Clarifications for reverse proxy docs (#4607)
• Move ClientTLSOptionsFactory init out of refresh_certificates (#4611)
• Fail cleanly if listener config lacks a 'port' (#4616)
• Remove redundant entries from docker config (#4619)
• README updates (#4621)