We continue our push to improve performance across the board. Factoring out event persistence into a separate worker pointed the way to a host of small but collectively important improvements. Expect further changes in coming releases.
Aside from that the admin API continues to grow (this time device management) and we have improved device list syncing to aid e2ee reliability.
We are receiving an increasing number of high quality PRs from the community, please keep them coming. Special thanks to cg505, dklimpel, WGH, olof and ilmari
Get 1.15.0 from github or any of the sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md.
Changelog since v1.14.0
Synapse 1.15.0 (2020-06-11)
No significant changes.
Synapse 1.15.0rc1 (2020-06-09)
Features
Advertise support for Client-Server API r0.6.0 and remove related unstable feature flags. (#6585)
Add an option to disable autojoining rooms for guest accounts. (#6637)
For SAML authentication, add the ability to pass email addresses to be added to new users' accounts via SAML attributes. Contributed by Christopher Cooper. (#7385)
Add admin APIs to allow server admins to manage users' devices. Contributed by @dklimpel. (#7481)
Add support for generating thumbnails for WebP images. Previously, users would see an empty box instead of preview image. Contributed by @WGH-. (#7586)
Support the standardized m.login.sso user-interactive authentication flow. (#7630)
Bugfixes
Allow new users to be registered via the admin API even if the monthly active user limit has been reached. Contributed by @dklimpel. (#7263)
Fix email notifications not being enabled for new users when created via the Admin API. (#7267)
Fix str placeholders in an instance of PrepareDatabaseException. Introduced in Synapse v1.8.0. (#7575)
Fix a bug in automatic user creation during first time login with m.login.jwt. Regression in v1.6.0. Contributed by @olof. (#7585)
Fix a bug causing the cross-signing keys to be ignored when resyncing a device list. (#7594)
Fix metrics failing when there is a large number of active background processes. (#7597)
Fix bug where returning rooms for a group would fail if it included a room that the server was not in. (#7599)
Fix duplicate key violation when persisting read markers. (#7607)
Prevent an entire iteration of the device list resync loop from failing if one server responds with a malformed result. (#7609)
Fix exceptions when fetching events from a remote host fails. (#7622)
Make synctl restart start synapse if it wasn't running. (#7624)
Pass device information through to the login endpoint when using the login fallback. (#7629)
Advertise the m.login.token login flow when OpenID Connect is enabled. (#7631)
Fix bug in account data replication stream. (#7656)
Improved Documentation
Update the OpenBSD installation instructions. (#7587)
Clean up exception handling in SAML2ResponseResource. (#7614)
Check that all asynchronous tasks succeed and general cleanup of MonthlyActiveUsersTestCase and TestMauLimit. (#7619)
Convert get_user_id_by_threepid to async/await. (#7620)
Switch to upstream dh-virtualenv rather than our fork for Debian package builds. (#7621)
Update CI scripts to check the number in the newsfile fragment. (#7623)
Check if the localpart of a Matrix ID is reserved for guest users earlier in the registration flow, as well as when responding to requests to /register/available. (#7625)
Minor cleanups to OpenID Connect integration. (#7628)
Attempt to fix flaky test: PhoneHomeStatsTestCase.test_performance_100. (#7634)
Fix typos of m.olm.curve25519-aes-sha2 and m.megolm.v1.aes-sha2 in comments, test files. (#7637)
Convert user directory, state deltas, and stats handlers to async/await. (#7640)
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
In terms of Spec Core Team MSC focus for this week, we've still got MSC2366 (verification flows) on our plate, but we're removing MSC2399 (UISI messaging) as it just needs one more final tick. We're adding MSC2403 (knocking) in its place.
Mascarene is a quite new homeserver implementation project started a few months ago. Now it's time to introduce it.
Mascarene is written in Scala, runs on JVM and relies on Akka actor model. Out of the box it provides features like efficient streaming I/O, clustering and live data distribution. Data are backed in a PostgreSQL database.
The project is in early stage but already provides a few endpoints which make Mascarene able to talk to Riot.
You can test it at https://snapshot.mascarene.org. You should be able to register, login, create a room and talk to yourself.
Current work is focused on client API implementation; federation or e2ee will come later.
Welcome back! This week I went through the whole Client-Server API and wrote down everything that is still missing from Conduit. You can find issues for all of them in the milestone for Conduit 1.0. This should make it more easy for contributors to find something to work on and gives a lot more structure to the repo (maybe I also did it, because it's so satisfying to close issues and see the milestone percentage go up 😛).
Some of the issues I could already close this week include:
Implement redaction
Implement loading the message someone replied to (/context)
Fix bugs with notifications
Don't send typing events when nothing happened
Bundle typing events into one EDU
Don't send notification counts every /sync
Implement heroes
As you can tell, a lot of work is starting to go into smaller improvements, which is a good thing, because it means most of the core work is already done!
Thanks to my supporters on Liberapay (Take a look, I improved it 🙂).
This week in Synapse land we have been focusing on bug fixes especially SSO and soft logout.
We also spent some time thinking about how to further improve performance for large scale deployments (like matrix.org). In short this will mean sharding contested workers such as the media repo worker, the federation sender and the federation reader. We also want to remove some more functionality from the master process because it is still sitting at about 80% and we’d like some more head room. We'd also like to fix up the state compressor so it can easily be run as a background progress to save on disk space, this will benefit all installations big and small. Finally we want to speed up joins over federation. Exciting times.
Next week, more of the same and we should start on some of the perf items. Also look out for changes to notification defaults.
Dendrite / gomatrixserverlib
Dendrite is a next-generation homeserver written in Go
Server signing keys which have passed their validity period are now re-requested and updated properly, increasing reliability of federation substantially
Federated room joins have been significantly sped up by requesting missing auth events inline when verifying room state, rather than repeating the entire verification for each missing event
Local send-to-device support has been added (federated send-to-device coming soon)
A lot of code clean-up has taken place (with more to come), including cleaning up the internal APIs and the component bases
Decoding of room version 3 event IDs in request URLs has been improved
Inbound federation requests now interrupt backoff intervals on outbound sends
A new internal API exists now for interrupting backoff intervals on the federation sender
The federated /devices endpoint now returns in the correct format
Public rooms are now sorted by their member count
Only our own aliases are stored in the public rooms directory now
gomatrixserverlib is now responsible for marking room versions as supported/stable
Spec-compliant transactions are now sent to the appservice component
File URIs for SQLite databases are now set up using common functions
Handling registration for a user that already exists has been fixed (thanks S7evinK!)
Dendrite can now be configured to use a HTTP proxy server for outbound HTTP (thanks dr-bonez!)
Sytest compliance:
Client-server APIs: 36%
Server-server APIs: 35%
In other news, Kegan wrote a post on how p2p.riot.im works, including Dendrite's journey to SQLite and WebAssembly!
Additionally! You may have already read about v0.1.1 of the P2P Matrix demo - this is a big update, with local storage, room alias handling, federation improvements and more!
mautrix-facebook got support for backfilling history when creating portals and backfilling missed messages when connecting. There's also an option to periodically reconnect to potentially fix the bug where Facebook decides that you don't get messages anymore, but doesn't actually disconnect you.
I had apparently forgotten to implement bridge information in the whatsapp bridge when I implemented it in my other bridges, but that mistake is now corrected. I also fixed a bug with encryption where it would generate too many one-time keys and cause messages to be undecryptable. Finally, mautrix-whatsapp had its first release this week since it's working reasonably well now.
Eager to test the keytar feature (pickle key stored in OS secret storage) with Riot Web? Support landed in radical-native v0.1beta13, which uses Rust keytar bindings under the hood. Testing requires the latest and greatest of Riot Web, so riot.im/develop might be the place to see it in action
RiotX v0.21.0 has been released on May 28th. It adds support to identity server configuration and e-mail/phone binding and unbinding. It's also now possible to switch between languages inside the app and to display the list of attachments (media and file) of a room. A new setting has been also added to hide redacted (deleted) events in the timeline. As Riot-Android SAS v2 is also included in this release. Also formatted_body for m.notice and m.emote are now taken into account.
This week we were still working on implementing VoIP (audio and video call). Support for integration manager, widgets and sending stickers has been merged to develop.
Many new features are coming soon, stay tuned!
Riot-Android: Version 0.9.12 has been released on May 20th. I forgot to mention it the TWIM of last week. It contains a fix for favorite rooms vanishing and also the SAS v2 implementation (new key agreement method).
This week, we finalised our work around the iOS13 SDK. The coming public TestFlight (0.12.2) is the result of this work. It comes with a lot of changes including a full rewrite of the push handling codebase, trying to find solutions to make matrix e2ee compatible with iOS Notification Service Extension. Most of these changes are unfortunately invisible for end users. Please report any issues. Note this is safe to switch between this TF and 0.11.5.
In parallel, we started to implement the cross-signing bootstrap and the recovery management. The UX of this is going to be refined on Riot-Web and RiotX-Android. Riot-iOS will implement the refined UX directly.
Riot Web
A glossy Matrix collaboration client for the web. https://riot.im
For context, Safe Support Chat is an embeddable chatbox built on Matrix with cool features such as end-to-end encryption support to enable individuals to seek support with organisations that provide it. It was initially built for the OCRCC (Ontario Coalition of Rape Crisis Centres) in order to allow survivors of sexual violence to communicate and seek help safely with OCRCC facilitators.
A new version of the terminal-based federation tester has been released. The current version 1.11 should now cover the entire server discovery process including scenarios with a .well-known configuration without a port, but with a DNS SRV entry.
The script relies on bash, curl, jq and openssl. It has been tested on linux but should also work on *bsd and macos.
Hi, I've build FLAP to help other self-host multiple free software. FLAP can currently help you to easily setup Synapse, Riot, Nextcloud, SOGo and Jitsi all with SSO and low maintenance needs. Feel free to give it a try !
an imperial <--> metric unit converter for common conversational units
a configurable search and link for issues/pulls that responds to any message containing something in the format of jf#123 or jf #1234
a configurable general purpose URL linker that responds to messages containing things such as docs@hwa or link @troubleshooting (both sides of the @ are configurable)
There are plans to enable group pings, get a help command that can be limited to function only in a specific room, and more in the works so be sure to check back soon!
matrix-reminder-bot bot to remind you about things. Supports reminding an individual in a room or the whole room itself. Also supports setting alarms, which will continue to sound periodically until silenced.
Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.
This week I've been chatting with conference organisers making really
interesting virtual event plans, and I'm bursting to share some of the Matrix
integration plans, hopefully more details coming soon.
For those who Hubzilla or Zap or ActivityPub or Friendica or Diaspora, there is now a Hubzilla forum for all things Matrix: https://elsmussols.net/channel/matrix
That's all I know 🏁
See you next week, and be sure to stop by #twim:matrix.org with your updates!
TL;DR: we shipped a major update (v0.1.1) to https://p2p.riot.im - fire up a desktop Chrome or Firefox in not-private-browsing mode and give it a go!
Hi folks,
As many know by now, a few of us have been working away since mid-December on experimenting with running Matrix in a peer-to-peer architecture - one where every user has absolute total autonomy and ownership of their conversations, because the only place their conversations exist is on the devices they own.
In some ways this is the logical end goal of Matrix: our aim has always been to empower users to have full control over their communication rather than being beholden to any given service provider, and in a P2P world we completely return power over secure communication to the people.
Why P2P?
P2P Matrix is about more than just letting users store their own conversations: it can also avoid dependencies on the Internet itself by working over local networks, mesh networks, or situations where the Internet has been cut off. Even more interestingly, without homeservers, there is nowhere for metadata to accumulate about who is talking to who, and when - which is a legitimate complaint about today’s Matrix network, given the homeservers of all users in a given conversation necessarily have to store that conversation’s metadata. P2P also lets us radically simplify signup for new users if they don’t have to pick a server to get going - and we avoid the unintentional centralisation of users piling onto public servers.
P2P also forces us to solve many of the hardest remaining problems in Matrix: e.g multi-homed accounts, given multi-device P2P requires your account to exist in multiple places. This in turn unlocks high availability and geo-redundancy for accounts on today’s Matrix network (imagine having a primary and backup homeserver that magically did the right thing!), as well as account portability, and thus also vhosting and load-balancing accounts between servers, and even improved GDPR compliance (for if your user IDs are ephemeral they are no longer personally identifying information baked into your Matrix rooms). We’ll also need better safety mechanisms to avoid folks exploiting the anonymous nature of the network for abuse, accelerating the work we’re already doing for today’s Matrix network.
The way we’ve been approaching P2P is the “hamfisted but genius” approach of taking homeservers and running them on the client, alongside or within your Matrix client - meaning that there are literally no changes required for any Matrix client to talk P2P Matrix, and so P2P Matrix can instantly benefit from all the work which has gone into Riot and other apps. As a result, P2P is also a huge motivator towards developing much smaller homeservers which can run efficiently clientside (e.g. Dendrite!) - which is of course great news for Matrix as a whole. It also forces us to develop more scalable routing algorithms (as you don’t want your client to have to talk to every other device in a room every time it sends a message!) and also spurs development of low bandwidth Matrix transports (as you don’t want the additional chatter of talking to multiple peers to consume all your bandwidth). Finally, it forces us to really ruggedize federation, given nodes are constantly appearing and disappearing, giving the federation much more of a stress test than we see with today’s relatively static homeservers.
P2P in Practice
So, P2P has been acting as fuel for a lot of our longer term Matrix work over the last few months. There have been three main experiments so far: at FOSDEM we showed off running our next-gen Dendrite homeserver running clientside using HTTP over libp2p as the transport. We also highlighted Timothée Floure’s project at EPFL experimenting with Synapse talking P2P CoAP over yggdrasil as the transport via a proxy.
Most recently, however, we’ve been experimenting with compiling Dendrite down to Web Assembly and running it embedded in Riot Web as a Service Worker, using HTTP over libp2p’s websocket transport (coordinated via a websocket rendezvous server). Architecturally, it looks like this:
Today, we’re shipping a major new alpha (v0.1.1) of this P2P demo up at https://p2p.riot.im (requires desktop Chrome or Firefox in non-private-browsing mode) - which hopefully should give a really usable and concrete taste of the shape of things to come.
The main features are:
Your conversations are now persisted in your browser storage (via IndexedDB), meaning that as long as all the browsers participating in a given conversation don’t clear their local storage, rooms on the P2P network are here to stay!
Your room directory lists all the aliases for all the rooms published by active nodes on the network. Moreover, we now automatically publish a local room alias whenever you join a public room, so that others will be able to discover that room via you, even if the server who originally created the alias has disappeared.
Lots and lots of federation improvements between the nodes - for instance, when a node comes online, others should now automatically detect and send scrollback to it. Invites should work, and there should no longer be any unexpectedly redacted messages.
Finally, please understand that the demo is very likely not what the final version of P2P Matrix will look like - this is just one step in a series of experiments as we investigate the best paths forward :)
What’s next?
For the current demo, there’s still lots of stuff remaining, including:
More federation debugging (and hooking in tardis and writing up everything we’ve learned about implementing federation in Dendrite!)
Making the content repository work in-browser (gotta fill up those IndexedDBs with some GIFs!)
Hooking up E2E Encryption APIs in Dendrite (not that it buys us much in a pure P2P world)
WebRTC transports. Turns out that service workers aren’t allowed to speak WebRTC, so we’ll have to shim through to Riot to speak true peer-to-peer WebRTC data channels rather than relaying all the traffic through the websocket rendezvous server.
Decentralised accounts for multidevice support - reviewing MSC1228 and getting Dendrite supporting multihoming accounts!
Finishing all of Dendrite’s other remaining APIs.
Beyond this, there are some bigger picture questions left to be answered in future experiments.
Firstly: we do not yet have a solution for “store and forward” nodes which can relay messages on behalf of a room if all the participating devices are offline. A first cut will be to run a P2P-capable homeserver server-side for this, but then metadata will start to accumulate server-side for the conversations it hosts. A more interesting approach would be to use a store and forward system which obfuscates who is talking to who, such as a mixnet, and could even provide resistance to network traffic pattern analysis. This is very much an open area of research, but one we are getting into :D
Secondly: we want to experiment more with other transports, and find out which works best for Matrix. Libp2p has some really exciting new stuff in the form of Gossipsub v1.1 - a much smarter routing algorithm for pubsub traffic in libp2p, which David Dias gave us a VIP tour of at the first Open Tech Will Save Us meetup. So we’ll need to restructure our libp2p transport as pubsub to see how it works in practice. Separately, we also want to play with hooking up Yggdrasil (the encrypted overlay network) as a transport as a totally different approach - Yggdrasil will easily let us span different underlying network transports, but comes with different tradeoffs (e.g. no browser support yet). We also want to take a look at the DAT / hypercore / hyperswarm / Cabal ecosystem to see if there’s a match :)
Thirdly and finally: we obviously want to unify the new P2P Matrix network with today’s federated one. The ideal outcome here would be to have a hybrid model, where teams who want their users to have a dedicated homeserver (for availability, IT policies, etc) can continue to have one as they do today - but newbies who have just installed Riot would float around on P2P unless they decided to consciously put down roots on a server or two. Best of all, it would let us turn off the matrix.org homeserver: the best public homeserver is one you run yourself on your own phone ;) The approach we take for linking P2P and today’s Matrix will depend very much on the transport we select for P2P in the long run, but the likelihood is that today’s homeservers will sprout P2P gateways to link the networks.
Conclusion
So, there you have it. P2P Matrix exists, and is developing at an alarming speed - and pushing Dendrite development along with it. Most excitingly, there have been no changes yet to the Matrix spec for P2P at all; we’ve just swapped https for http-over-libp2p as the transport. So all of the work we’ve been doing making Dendrite work in a P2P world has directly translated into making Dendrite work on today’s Matrix too You can now stand up a Dendrite and have it federate pretty reliably with the wider Matrix network, although we’re still rushing through implementing APIs (we’re up to 35% passing sytest coverage - although that 35% does contain most of the important tests :)
Finally, in case you’re worried about why the Matrix core team is off chasing P2P dreams rather than improving Riot’s UX, or implementing Communities, or Extensible Profiles, or working through the MSC backlog etc... in practice only two people (ignoring Matthew) have been working on P2P - Neil Alexander (author of the original FOSDEM demo, Dendrite wrangler and Yggdrasil co-maintainer) and Kegan Dougal (of the original Matrix dev team, one of the original authors of Dendrite, and now wrangling the WASM P2P work too). Huge thanks to Kegan & Neil for pushing P2P forwards - and huge thanks to everyone else on the core team and the wider community for keeping today’s Matrix advancing too!
Hope this has given a tempting glimpse of the shape of things to come. Honestly we never thought we’d get as far as P2P when we started Matrix back in 2014, but it’s really fun to be finally catching up with the future :D
-- Matthew
P.S. You can read more about this from Neil Alexander’s point of view over at his blog (including more thoughts on the potential Yggdrasil demo!)
P.P.S You can read the gory details of the P2P and WASM implementation from Kegan's point of view over at the Dendrite wiki.
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
In terms of Spec Core Team MSC focus for this week, we've still got MSC2366 (verification flows) and MSC2399 (UISI messaging), however they are now joined by a third, secret MSC that we'll be working on internally for now :)
Spec releases: Room Version 6, Client-Server r0.6.1, and Federation r0.1.4
Says TravisR:
It's been a little while since we've done a round of spec releases, so we have a bunch of spec releases to share. If you're implementing something from the spec, please have a look at the news: https://matrix.org/blog/2020/05/27/room-version-6-client-server-r-0-6-1-and-federation-r-0-1-4-spec-releases/
As always, any questions about the spec itself can be answered in #matrix-spec:matrix.org, #matrix-dev:matrix.org, or in the various area-specific rooms floating around the federation.
Hello again! This week I worked on access control, which means that private rooms are private and invite-only rooms are invite-only. The public room directory only shows rooms marked as such now.
I also made a milestone to track progress on Conduit 1.0. This release marks the point where Conduit is fully usable as a non-federating homeserver. All features of the client server specification should be implemented, unless they can be seen as optional extensions (e.g. alternative registrations methods like email). Conduit should also be free of all known bugs with those features.
Adding federation on top of the 1.0 release will very likely require breaking changes. This means that the release which brings federation will be 2.0 or later and will require a partial or full database deletion.
The monolith now has a "hybrid" mode that uses the full HTTP APIs instead of short-circuiting
A number of the internal HTTP APIs are now tested fully and have been fixed as a result, which will also improve running a full polylith component deployment
Server keys are now managed by a separate server key API component
Batched sends in the federation sender are now working properly, improving send performance significantly
Error handling in the federation /send endpoint has been tweaked
/get_missing_events now returns events that don't fail signature checks
Federated room joins by room alias now attempt the server specified in the alias much more reliably
The correct room ID is now returned from the PerformJoin API
Much of the room server storage code has been deduplicated
Fixed some bugs in the device database storage code
Sync streams are now managed per-user-per-device, rather than just per-user
We no longer incorrectly default to federated joins in response to local invites
Spec compliance:
Client-Server APIs: 34% (228/672 tests)
Federation APIs: 34% (35/103 tests)
Synapse
Says Neil:
The main news this week is that we switched event persistence away from the matrix.org master process which has made a big difference to overall performance. The impact is best demonstrated by graphing message send times.
We also shipped 1.14.0 which includes OpenId Connect support and improved cache control granularity. It also contains rooms v6.
Next week will be having a think about what to do next for matrix.org performance. Watch this space.
TARDIS (Time Agnostic Room DAG Inspection Service)
I made a TARDIS (Time Agnostic Room DAG Inspection Service) - a simple time-travelling debugger for Room DAGs which plugs into Dendrite's internal APIs to visualise room DAGs. The intention is to provide it as a widget which Riot can use to visualise DAGs for debugging, particularly for P2P Matrix. The time-travel bit is simply that it could let you filter out the newer events to show how the DAG has evolved over time, although that isn't hooked up yet. https://github.com/matrix-org/tardis
With the release of synapse 1.14.0 the avhost image, including jemalloc, mjolnir and coturn has been updated as well, avhost/docker-matrix:v1.14.0, as always the release candidates were uploaded at mvgorcum/docker-matrix:v1.14.0rc1 and rc2
ruma-serde 0.2.2 (an internal dependency) fixed an incomplete part of querystring deserialization, so Conduit (and other future homeservers building on ruma-*-api) can properly handle querystrings in which parameters are repeated (like the server_name in /join/{roomIdOrAlias})
Option to only get notifications on finished builds was added.
buildbot-matrix is a small plugin for the Buildbot CI framework which sends notifications to matrix rooms.
It's available an GitHub and PyPi, take a look at https://github.com/HayWo/buildbot-matrix for more information.
I, Half-Shot, changed the status of the IRC Bridge on https://matrix.org/docs/projects/bridge/matrix-org-irc-bridge from "Early beta" to "Stable". This does not mean it's feature complete, or even all the way there, but it sure doesn't crash nearly as often as it did when I started, so that's good enough for me.
Hey folks, we've released the first RC for 1.4.0 of the slack bridge. This change includes a number of bug fixes around puppeting, but includes a few nice to haves like a /ready endpoint for kube/docker deployments and setting profile information on startup. Please test, and feedback in #matrix_appservice_slack:cadair.com :)
I've been working on improving the reliability of my bridges, primarily by making sure that the user knows if something went wrong. All my bridges now support delivery receipts (implemented as bridge bot read receipts) and can send delivery error messages if there was an error bridging a message. The Facebook and Hangouts bridges also now send connection status messages to a bridge notice room like WhatsApp already did before.
Minetrix
Certainly not from this week, but we haven't featured it before: Minetrix allows you to bridge a Minecraft server with a Matrix room.
A Matrix webclient written in (mostly) Rust using the official Matrix-Rust-SDK and Rusts WASM Support.
Daydream is the Idea of a Rust Matrix Client. It is still in a very early state and at the time of writing this supports basic displaying of text, image and bot messages as well as sending plain text and markdown.
Thanks devinr528 for sharing this
WIP Command line Matrix client using matrix-rust-sdk:
Display read receipts for the last few messages
Display membership status when updated
Join a room you have been invited to
Client sends read receipts to server
Display when messages have been read
Leave a room by pressing Delete key (this should probably be a Ctrl-some key deal...)
Specify homeserver to join on start up (before the login screen)
Simply run rumatui [HOMESERVER], defaults to "http://matrix.org"
Displays errors, albeit not very helpful or specific
Receive and display messages
formatted messages display as rendered markdown
Send messages
local echo is removed
Send textbox grows as more lines of text are added
Selectable rooms list
change rooms using the arrow keys, making this clickable may be difficult
Login widget is click/arrow key navigable
hides password
A new notification bar under the message window displays notifications such as membership changes, typing, and read notices.
I am hoping to have an actual release on crates.io by the end of the day. If you have any thoughts join #rumatui:matrix.org or check it out on github.
starting work on shifting the UX for the encryption upgrade towards using recovery keys in favor of passphrases.
starting early work on a redesigned matrix.to website
starting looking to integrate riot desktop with the native password manager of your platform of choice through keytar
fixing some issues with the (still experimental) IRC layout
iterating on the (also still experimental) new room list
looking into some issues that arose from the cross-signing release
Riot-iOS
Says Manu:
Riot-iOS (and MatrixSDK and MatrixKit) is now fully compatible with iOS13 SDK. A TestFlight 0.12.0 will be available soon.
The work is still on its branches (xcode11). It comes with the new notification service mechanism and we want to run a lot of tests next week before going to production.
Nheko
Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at
After explaining cross signing to others multiple times in the past and seeing the question again on mastodon, I decided to write a short blog post on the topic, explaining how the keys interact with each other and how Alice's devices then end up trusting Bob's devices. You can read it over on https://jcg.re/blog/quick-overview-matrix-cross-signing/
Cross-signing implementors guide
This one isn't quite merged yet as we're going to give a thorough review, but big thank you to sorunome for taking the time to put this together:
While implementing cross-signing for fluffychat soru decided to write a guide that would help other client developers to implement that, too. So far it is still WIP and doesn't cover too much, yet, but soru might have typed up more once this TWIM goes live. The PR (and thus the markdown of the guide) can be found here: https://github.com/matrix-org/matrix.org/pull/740
It's a bunch of people who are passively learning design for their matrix projects. You might pick up a few things if you join :p
Dept of Ping 🏓
Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.
This release contains OpenId Connect support, so that admins can configure a whole range of SSO options. We're really excited about what this means for helping users sign up and are considering it for matrix.org.
1.14.0 also contains finer grained cache configuration support, so that admins can tune caches in a more granular way. Our experience is that cache tuning can make a big difference to Synapse performance and over time we hope to continue improving cache tooling. Potentially we could even have caches auto-tune.
You'll also find support for rooms v6. v6 contains some small but important changes to improve the security of the room model. As with all room version upgrades we can't switch to v6 as the default version immediately since we need to build up a critical mass of servers that can support it. So upgrade and watch this space for when we switch over properly.
As an aside we continue to be very happy with using Redis for worker inter-communication and will likely recommend it for production use in the coming weeks.
Get 1.14.0 from github or any of the sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md.
Changelog since v1.13.0
Synapse 1.14.0 (2020-05-28)
No significant changes.
Synapse 1.14.0rc2 (2020-05-27)
Bugfixes
Fix cache config to not apply cache factor to event cache. Regression in v1.14.0rc1. (#7578)
Fix bug where ReplicationStreamer was not always started when replication was enabled. Bug introduced in v1.14.0rc1. (#7579)
Fix specifying individual cache factors for caches with special characters in their name. Regression in v1.14.0rc1. (#7580)
Improved Documentation
Fix the OIDC client_auth_method value in the sample config. (#7581)
Synapse 1.14.0rc1 (2020-05-26)
Features
Synapse's cache factor can now be configured in homeserver.yaml by the caches.global_factor setting. Additionally, caches.per_cache_factors controls the cache factors for individual caches. (#6391)
Add OpenID Connect login/registration support. Contributed by Quentin Gliech, on behalf of les Connecteurs. (#7256, #7457)
Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. (#7384)
Allow expired user accounts to log out their device sessions. (#7443)
Fix a bug that would cause Synapse not to resync out-of-sync device lists. (#7453)
Prevent rooms with 0 members or with invalid version strings from breaking group queries. (#7465)
Workaround for an upstream Twisted bug that caused Synapse to become unresponsive after startup. (#7473)
Fix Redis reconnection logic that can result in missed updates over replication if master reconnects to Redis without restarting. (#7482)
When sending m.room.member events, omit displayname and avatar_url if they aren't set instead of setting them to null. Contributed by Aaron Raimist. (#7497)
Fix incorrect method label on synapse_http_matrixfederationclient_{requests,responses} prometheus metrics. (#7503)
Ignore incoming presence events from other homeservers if presence is disabled locally. (#7508)
Fix a long-standing bug that broke the update remote profile background process. (#7511)
Hash passwords as early as possible during password reset. (#7538)
Fix bug where a local user leaving a room could fail under rare circumstances. (#7548)
Fix "Missing RelayState parameter" error when using user interactive authentication with SAML for some SAML providers. (#7552)
Fix exception 'GenericWorkerReplicationHandler' object has no attribute 'send_federation_ack', introduced in v1.13.0. (#7564)
synctl now warns if it was unable to stop Synapse and will not attempt to start Synapse if nothing was stopped. Contributed by Romain Bouyé. (#6590)
Updates to the Docker image
Update docker runtime image to Alpine v3.11. Contributed by @Starbix. (#7398)
Improved Documentation
Update information about mapping providers for SAML and OpenID. (#7458)
Add additional reverse proxy example for Caddy v2. Contributed by Jeff Peeler. (#7463)
Fix copy-paste error in ServerNoticesConfig docstring. Contributed by @ptman. (#7477)
Improve the formatting of reverse_proxy.md. (#7514)
Change the systemd worker service to check that the worker config file exists instead of silently failing. Contributed by David Vo. (#7528)
Fix typing annotations in tests.replication. (#7518)
Remove some redundant Python 2 support code. (#7519)
All endpoints now respond with a 200 OK for OPTIONS requests. (#7534, #7560)
Synapse now exports detailed allocator statistics and basic GC timings as Prometheus metrics (pypy_gc_time_seconds_total and pypy_memory_bytes) when run under PyPy. Contributed by Ivan Shapovalov. (#7536)
Remove Ubuntu Cosmic and Disco from the list of distributions which we provide .debs for, due to end-of-life. (#7539)
Make worker processes return a stubbed-out response to GET /presence requests. (#7545)
Room Version 6 (and the associated Federation r0.1.4 release) is largely something for implementations to worry about. It contains new event authorisation rules, changes to the redaction algorithm, and stricter compliance for JSON.
Client-Server r0.6.1 contains a number of clarifications as well as SSO support for authorisation, "soft logout" to avoid needlessly destroying e2e history, and new ways to publish aliases within rooms.
If you're wondering where all the E2E-by-default related MSCs are - we're doing final iterations based on the real-world feedback from the E2E-by-default launch a few weeks ago, and they are then expected to land in the upcoming Client-Server r0.7.
Here's all the MSCs that got merged since the last release:
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
In terms of Spec Core Team MSC focus for this week, the room v6 MSCs from last week's focus have all reached FCP 🎉 So we're continuing on with the E2E MSCs; MSC2366 (verification flows) and MSC2399 (UISI messaging).
We'll soon be releasing Federation API r0.1.3 and Client-Server API r0.6.1, which brings room v6.
This week I finished support for end to end encryption and also implemented media uploading, downloading and thumbnail generation! See it in action here:
If you want to see it with your own eyes, create an account via https://riot.conduit.rs. We hope to push our changes to Riot upstream soon, so you can use your own Riot to connect.
Finally, I want to thank my kind supporters on Liberapay.
P2P/Dendrite
Dendrite is a next-generation homeserver written in Go
Dendrite has seen a number of improvements this week, including:
Backfill will now backfill more messages than before, resulting in a snappier experience when scrolling back in a room.
Dendrite is now compliant with Synapse on backfill behaviour.
Inline CS API filters will now honour the timeline limit value.
Making more Sytests pass.
Modifications to how Dendrite tracks memberships.
Addition of an -api flag to expose internal HTTP APIs.
Clearer separation of internal/external HTTP APIs.
This has culminated in the following values for Are We Synapse Yet:
Client-Server APIs: 34% (227/672 tests) - up from 33%
Federation APIs: 34% (35/103 tests) - up from 27%
As for P2P....
p2p.riot.im v0.1.0 released!
This is a significant milestone because we now persist Dendrite databases to IndexedDB, greatly improving UX and giving users a consistent identity on the P2P network. In addition to this, the following changes have been made:
We now bake in the Dendrite commit SHA into the logs on startup.
Dendrite will now restart itself in case of panics/segfaults.
Known issues with this release:
Databases are only flushed to IndexedDB every 30 seconds, making it possible to lose the most recent messages. This has a variety of effects on the Dendrite instance, but in testing it has been able to mostly gracefully recover. Messages that you have sent will be backfilled but will be redacted. Rooms you have joined will be forgotten, and you need to be kicked/re-invited/re-join for communication to be re-established. We're looking into a better flushing mechanism going forwards.
If you have previously visited p2p.riot.im, you MUST manually clear your service worker via chrome:serviceworker-internals or about:debugging#/runtime/this-firefox or else you might get errors such as "LinkError: WebAssembly.instantiate(): memory import 37 has no maximum limit, expected at most 4294967295".
Please do not rely on p2p.riot.im to have any form of stability. Patch version bumps (0.1.0 -> 0.1.1) will not remove databases but minor version bumps will (0.1.1 -> 0.2.0) so we can continue to progress with Dendrite development at speed.
Synapse v1.13.0 has landed with SSO fixes and support in User-Interactive Authentication sessions, the ability to run in worker mode using redis as an experimental backend (which will soon be considered the default transport for Synapse workers), the ability for server admins to define password policies, some alias bugfixes, some cross-signing fixes as well as many more continuous improvements.
v1.14.0 in now in development, which will feature room v6 support.
The synapse 1.13.0 image including coturn and jemalloc is available as avhost/docker-matrix:v1.13.0, as always the RCs were (and are) available under mvgorcum/docker-matrix:v1.13.0rcX
I released a new matrix bridge called matrix-sms-bridge, which allows you to bridge matrix rooms to SMS with one telephone number only. It is build on top of matrix-spring-boot-sdk and written in kotlin. Currently, only modems via Gammu are supported, but new Providers (e.g. some REST API) can be added very easily.
mautrix-telegram v0.8.0-rc2 was released with some bugfixes and a basic implementation of Half-Shot's bridge information state event MSC. There will probably be at least one more RC with some more bugfixes in a week or two.
Last week I updated the messenger library mautrix-facebook uses to the latest upstream version, which might have made things work a bit better. This week mautrix-facebook got some more bugfixes and also a new feature to bridge animated stickers on Messenger into gifs on Matrix.
Major performance improvements. Although there is still work to be done, such has persisting client state between restarts to avoid initial syncs everytime, accounts will hundreds of rooms should now be able to finish loading and no longer take your entire RAM and CPU until everything freezes
Rooms with unread messages or mentions for your user (currently only those received while the client is running) will be highlighted and sorted first
New UI component allowing you to quickly jump between accounts in the room list, and always keep an eye how many total unread messages or mentions you have
Messages can now be replied to
Room members can now be kicked and banned
New keybinds for jumping between accounts, cycling through unread rooms, replying to messages and opening links in a message
Kinetic scrolling can now be disabled, this should fix scrolling for some trackpads incorrectly handled by Qt
The order in which accounts are shown in the side pane can now be customized
Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at
lkito has been contributing this week to Nheko as part of his homework for university or so? Anyway, he added an option to highlight whatever message you are currently hovering over, so that you have an easier time locating the proper timestamps and buttons for that specific message. He's now working through a few other issues to improve his coding skills, like optionally having big emojis in the timeline or showing tooltips to explain the settings Nheko has.
You can now set a /roomnick
You can now tag rooms using the room context menu. You can assign multiple tags and create new tags as you like. This helps organizing your rooms, since Nheko supported filtering you room list using tags for a few years already, but until now you couldn't assign them.
red_sky has been tying up the loose ends for reaction support. Once that is done, we'll release 0.7.2
The team is working on getting feature parity with old-riot
Identity server support has been merged to develop
Switch language
1:1 Voip calls, Widgets, and room attachment list screen (media, files) are work in progress, and coming next
Matrix Android SDK
v0.9.35 has been released
Fixes Favs bug (no more favs after update)
=> Riot android release coming soon with SDK update
Riot-iOS
From Manu:
This week, we released Riot-iOS 0.11.5 with the support of the new version of SAS (emoji) verification. This release contains also a fix for share and Siri extensions to make them compatible with cross-signing.
We continued to make progress on the full support of the iOS13 SDK. The new push extension is almost here but it is tricky to make it work as VoIP pushes we abused for years.
Just released version 2.1.0 of the Ruby SDK, headlines changes are the addition of request IDs (and timing) to the debug output to make request/response tracking easier, as well as finalized support for extending both the low-level and higher-level clients with MSCs - along with a much improved implementation for MSC2108 (Sync over SSE). Also included are some bug fixes, as usual, as well as many improvements to the provided example bot.
You can still find it on rubygems as matrix_sdk, and feel free to drop by #ruby-matrix-sdk:kittenface.studio for questions, comments, or just general discussion.
Ruma
Ruma is a Rust project to create a comprehensive set of APIs for Matrix. Previously there was a Ruma homeserver project.
Our website has been revamped! It has been ported from Middleman to Zola and has received some style improvements. RSS support has temporarily been removed, but you can expect it to be restored along with some content updates soon.
Since multiple people have asked me about it, I now have a GitHub sponsor thing where you can get a fancy flair in my rooms and access to a highly exclusive sponsor room.
I didn't have any public donation things earlier due to the Finnish money collection act, but I realized that I can bypass that by selling things (like access to a Matrix room) instead of it only being a donation.
Completely unrelated to that: Following the bridge info state event implementation in my bridges, I've made a PR to Riot web to fix some bugs related to showing the bridge info there: https://github.com/matrix-org/matrix-react-sdk/pull/4621
Dept of Ping 🏓
Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server. Join #ping:maunium.net to experience the fun live, and to find out how to add YOUR server to the game.
Rank
Hostname
Median MS
1
fairydust.space
329
2
envs.net
429
3
maunium.net
473.5
4
danielvinci.com
540
5
maescool.be
565
6
matrix.vgorcum.com
614
7
aragon.sh
774
8
dmnd.sh
1448
9
utzutzutz.net
1689.5
10
kittenface.studio
2009.5
Final thoughts 💭
Last week we featured some Sytest output and compared the results between homeservers, which was fun! We'll bring this back as an occasional feature.
We’re very excited indeed to announce that Automattic, the creators of WordPress.com, are jumping head first into the Matrix ecosystem with a strategic investment of almost $5M into New Vector (the company which makes Riot and Modular.im, founded by the core Matrix team in 2017). More importantly, Matt Mullenweg (co-founder of WordPress and founder of Automattic) and the Automattic gang are committing to make the most of Matrix in their work going forwards!
This is huge news, not least because WordPress literally runs over 36% of the websites on today’s web - and the potential of bringing Matrix to all those users is incredible. Imagine if every WP site automatically came with its own Matrix room or community? Imagine if all content in WP automatically was published into Matrix as well as the Web? (This isn’t so far fetched an idea - turns out that Automattic already runs a XMPP bridge for wordpress.com over at im.wordpress.com!). Imagine there was an excellent Matrix client available as a WordPress plugin for embedding realtime chat into your site? Imagine if Tumblr (which is part of Automattic these days) became decentralised!?
In fact, if you’re a developer in either the Matrix or WordPress communities, now might be a good time to think about how to cross the streams.... not least because Automattic just opened up a role for a Matrix.org/WordPress Integrations Engineer! Quite aside from the investment, this shows Automattic is serious about Matrix - and we’d like to thank them for opening up jobs in these challenging times to further accelerate Matrix. Perhaps some day Matrix Engineer will be as common a career choice as Web Developer ;)
That said, it’s super early days for integration work, and there isn’t a concrete project to announce yet beyond the investment in New Vector (which is effectively an extension of the funding NV raised in October) and Automattic’s Job opening - but these are the sort of ideas we’ve been kicking around. And at the very least, we should expect to see Automattic’s communities migrating over to Matrix in the coming months.
It’s been loads of fun working with Matt and the team on this: we see a huge overlap in terms of a genuine love for the open web, open source and open standards. It’s also no coincidence that Matt (independently of Automattic) donated substantially to Matrix via Patreon back in 2017 when we needed it the most. We’re also looking forward to benefiting from Automattic’s experience in sustainably and responsibly funding and growing open source projects in general - WordPress.com is an excellent example of how one can support development of a project like WordPress without compromising its open source nature.
So, we’d like to formally welcome WordPress and the rest of the Automattic family into Matrix. It’s incredibly exciting times, and we can’t wait to see what will come of the partnership! And meanwhile, if any other massive open source organisations want to join Automattic and Mozilla in leaping into Matrix, you know where to find us… :D
Huge thanks go to Matt for believing in Matrix - watch this space for updates.
Highlights include new support for User Interactive Authentication (UIA) for Single Sign-on (SSO) installations. This means that for the first time features that require the user to re-authenticate are available for servers that authenticate by SSO. Notably this means that these servers now support cross signing!
SSO admins should take a look at the SSO notes in the changelog.
We have been working hard on performance for large scale installations. Anyone supporting more than a few thousand users is probably running Synapse in worker mode. This means splitting out functionality from the master process and making use of multiple cores (or machines) to spread the load. Cross process communication was previously handled by a home grown TCP based replication protocol. As part of our ongoing efforts to improve performance we have replaced this replication system with Redis and have been running Redis in production on matrix.org for the past 2 weeks.
Redis itself does not provide a significant performance win directly but it means that it is much less expensive to add new workers to a cluster. The topology of the old system meant that every additional worker carried a small but not insignificant overhead to the master process. Since moving to Redis we have doubled the number of workers backing matrix.org.
We still consider Redis to be experimental and admins should not feel obliged to upgrade. However it looks very promising and we are likely to deprecate the old replication system in future. So watch this space - Redis is the future.
Finally we've seen lots of improvements to our documentation and many thanks for those in the community making contributions in this area.
It is also worth noting for those of you contributing to Synapse that the develop branch is now the default. More details in the changelog, so take a look.
Get 1.13.0 from github or any of the sources mentioned at https://github.com/matrix-org/synapse/blob/master/INSTALL.md.
Changelog since v1.12.4
Synapse 1.13.0 (2020-05-19)
This release brings some potential changes necessary for certain configurations of Synapse:
If your Synapse is configured to use SSO and have a custom sso_redirect_confirm_template_dir configuration option set, you will need to duplicate the new sso_auth_confirm.html, sso_auth_success.html and sso_account_deactivated.html templates into that directory.
Synapse plugins using the complete_sso_login method of synapse.module_api.ModuleApi should instead switch to the async/await version, complete_sso_login_async, which includes additional checks. The former version is now deprecated.
A bug was introduced in Synapse 1.4.0 which could cause the room directory to be incomplete or empty if Synapse was upgraded directly from v1.2.1 or earlier, to versions between v1.4.0 and v1.12.x.
Please review UPGRADE.rst for more details on these changes and for general upgrade guidance.
Notice of change to the default git branch for Synapse
With the release of Synapse 1.13.0, the default git branch for Synapse has changed to develop, which is the development tip. This is more consistent with common practice and modern git usage.
The master branch, which tracks the latest release, is still available. It is recommended that developers and distributors who have scripts which run builds using the default branch of Synapse should therefore consider pinning their scripts to master.
Features
Extend the web_client_location option to accept an absolute URL to use as a redirect. Adds a warning when running the web client on the same hostname as homeserver. Contributed by Martin Milata. (#7006)
Set Referrer-Policy header to no-referrer on media downloads. (#7009)
Admin API POST /_synapse/admin/v1/join/<roomIdOrAlias> to join users to a room like auto_join_rooms for creation of users. (#7051)
Add options to prevent users from changing their profile or associated 3PIDs. (#7096)
Support SSO in the user interactive authentication workflow. (#7102, #7186, #7279, #7343)
Allow server admins to define and enforce a password policy (MSC2000). (#7118)
Improve the support for SSO authentication on the login fallback page. (#7152, #7235)
Always whitelist the login fallback in the SSO configuration if public_baseurl is set. (#7153)
Admin users are no longer required to be in a room to create an alias for it. (#7191)
Require admin privileges to enable room encryption by default. This does not affect existing rooms. (#7230)
Add a config option for specifying the value of the Accept-Language HTTP header when generating URL previews. (#7265)
Allow /requestToken endpoints to hide the existence (or lack thereof) of 3PID associations on the homeserver. (#7315)
Add a configuration setting to tweak the threshold for dummy events. (#7422)
Bugfixes
Don't attempt to use an invalid sqlite config if no database configuration is provided. Contributed by @nekatak. (#6573)
Fix single-sign on with CAS systems: pass the same service URL when requesting the CAS ticket and when calling the proxyValidate URL. Contributed by @Naugrimm. (#6634)
Fix missing field default when fetching user-defined push rules. (#6639)
Improve error responses when accessing remote public room lists. (#6899, #7368)
Ensure that a user interactive authentication session is tied to a single request. (#7068, #7455)
Fix a bug in the federation API which could cause occasional "Failed to get PDU" errors. (#7089)
Return the proper error (M_BAD_ALIAS) when a non-existent canonical alias is provided. (#7109)
Fix a bug which meant that groups updates were not correctly replicated between workers. (#7117)
Fix starting workers when federation sending not split out. (#7133)
Ensure is_verified is a boolean in responses to GET /_matrix/client/r0/room_keys/keys. Also warn the user if they forgot the version query param. (#7150)
Fix error page being shown when a custom SAML handler attempted to redirect when processing an auth response. (#7151)
Avoid importing sqlite3 when using the postgres backend. Contributed by David Vo. (#7155)
Fix excessive CPU usage by prune_old_outbound_device_pokes job. (#7159)
Fix a bug which could cause outbound federation traffic to stop working if a client uploaded an incorrect e2e device signature. (#7177)
Fix a bug which could cause incorrect 'cyclic dependency' error. (#7178)
Fix a bug that could cause a user to be invited to a server notices (aka System Alerts) room without any notice being sent. (#7199)
Fix some worker-mode replication handling not being correctly recorded in CPU usage stats. (#7203)
Do not allow a deactivated user to login via SSO. (#7240, #7259)
Fix room publish permissions not being checked on room creation. (#7260)
Reject unknown session IDs during user interactive authentication instead of silently creating a new session. (#7268)
Fix a SQL query introduced in Synapse 1.12.0 which could cause large amounts of logging to the postgres slow-query log. (#7274)
Persist user interactive authentication sessions across workers and Synapse restarts. (#7302)
Fixed backwards compatibility logic of the first value of trusted_third_party_id_servers being used for account_threepid_delegates.email, which occurs when the former, deprecated option is set and the latter is not. (#7316)
Fix a bug where event updates might not be sent over replication to worker processes after the stream falls behind. (#7337, #7358)
Fix bad error handling that would cause Synapse to crash if it's provided with a YAML configuration file that's either empty or doesn't parse into a key-value map. (#7341)
Fix incorrect metrics reporting for renew_attestations background task. (#7344)
Prevent non-federating rooms from appearing in responses to federated POST /publicRoom requests when a filter was included. (#7367)
Fix a bug which would cause the room directory to be incorrectly populated if Synapse was upgraded directly from v1.2.1 or earlier to v1.4.0 or later. Note that this fix does not apply retrospectively; see the upgrade notes for more information. (#7387)
Fix a long-standing bug which could cause messages not to be sent over federation, when state events with state keys matching user IDs (such as custom user statuses) were received. (#7376)
Restore compatibility with non-compliant clients during the user interactive authentication process, fixing a problem introduced in v1.13.0rc1. (#7483)
Hash passwords as early as possible during registration. (#7523)
Improved Documentation
Update Debian installation instructions to recommend installing the virtualenv package instead of python3-virtualenv. (#6892)
Improve the documentation for database configuration. (#6988)
Improve the documentation of application service configuration files. (#7091)
Update pre-built package name for FreeBSD. (#7107)
Update postgres docs with login troubleshooting information. (#7119)
About a year after this tweet, four months after deployment of our open source @matrixdotorg instance, community participation in the Mozilla project has increased from 4x to 10x across all the projects that previously relied on IRC.https://t.co/E5HRsfHkzk
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
In terms of Spec Core Team MSC focus for this week, MSC2526 has entered FCP. We'd like to keep the E2E MSCs in flight in focus, but are also conscious that room v6 is coming up. We're sticking the MSCs for the latter alongside the existing E2E ones in the focus queue, for a total of 5. Those MSCs are: MSC2366 (verification flows), MSC2399 (UISI messaging), MSC2540 (canonical JSON validation), MSC2209 (notifications auth rules), and MSC2240 (room version 6).
Dept of Servers 🏢
Dendrite / gomatrixserverlib
Dendrite is a next-generation homeserver written in Go
This week I worked on presence and end to end encryption, but they are not working yet.
Meanwhile, Valkum got sytest integration working! This means each time a new commit is pushed to a branch, CI automatically picks up on that and lets a lot of tests run on the homeserver - the same tests that synapse uses. Currently we have 8% of all tests positive on Conduit.
Synapse v1.13.0rc2 shipped this week with the following notable improvements:
SSO support in User-Interactive Authentication sessions
Cross-signing device list bug fixes
The ability to run in worker mode using redis as a backend (which will soon be considered the default transport for Synapse workers)
Some admin api improvements and additions
...as well as all the usual bug fixes and especially performance improvements. See the changelog for the full details and please test if you can! A full release is expected early next week.
Speaking of next week: work will involve getting room version 6 ready to ship, alongside even more performance work - especially moving event processing off the master process (the code for which is already running successfully on Half-Shot's own homeserver)!
I've been working on a new puppet bridge for steam chat mx-puppet-steam, while I would still consider it to be in alpha state, most of the things needed for day to day chatting are functional.
It bridges both one on one and group messages, shows the proper name, avatar and online status of your frends and handles embedded images in one on one chats.
As promised last week, mautrix-whatsapp now has end-to-bridge encryption (currently on the e2be branch, will be merged to master soon™). It works mostly the same way as the other bridges.
Dept of Clients 📱
It's a big, big week for client news! We must take a deeper look at some of these projects soon!
I got really bored in lockdown, as we all have. I stared at my TV, and it stared back at me. While it's definitely a privacy nightmare to start developing apps for these things, I couldn't help myself. I got stuck in, and secured myself a LG Developer Account.
The LG set of smart TVs use WebOS, as like the name suggests, runs apps in it's special variant of Chromium. I was lucky to be running a recent OS and had access to Chromium 53! And NodeJS 0.12!! Sarcasm aside, there are some very troubling versions of WebOS with much older versions of the browser, so I was happy to be developing against something with strong ES6 support. Despite the absolutely awful onboarding experience, the WebOS SDK itself was pretty good. matrix-tv was written to be a general large screen matrix client, so it talks to the TV's own libraries through an abstraction layer :)
Anyway, this client is the culmination of a lazy Sunday afternoon's work. It features very basic support for viewing a room, but I hope to expand it at some point. It supports running in a web browser and the aforementioned OS, but support for more variants is easy to add. I'm looking into how to design for the large screen beyond making fonts bigger, because the unique constraints on memory and UI are fun challenge.
Nheko
Nheko is a desktop client using Qt, Boost.Asio and C++17. It supports E2EE (with the notable exception being device verification for now) and intends to be full featured and nice to look at
Nheko now supports SSO. If your server uses SSO, you may want to test that, if it works for you, but I did successfully sign into the Mozilla homeserver.
We improved hinting on the login and registration pages, so it should be easier to enter correct credentials.
Replies now have a max height by default. If you want to see the full reply, you need to click on it to navigate to the reply.
Nheko now has a red unlocked padlock, when an unencrypted message is sent in an encrypted room.
red_sky has been hacking along on reactions. Displaying them is now in master, for sending he is currently reworking the emoji picker, so that it can be attached to the timeline more easily and it is easier to search, etc.
We are making progress on Identity server feature implementation (PR in review). Also we are working to integrated call with WebRTC, integration manager (widget, Jitsi, sticker) and we are stabilizing the application, especially on the cross-signing part.
Expect a new corrective release at the end of the day!
I was able to solve a few annoying bugs like message history disappearing and switching rooms taking time (it turned out that read receipts were being sent synchronously), so I decided to release gomuks v0.1.0.
Riot-Android: Version 0.9.11 (with Matrix SDK 0.9.34) has been released on the PlayStore, and should be available for all during the week-end. It contains fixes on the identity server feature (the "missing token" thing), and also support Jitsi call with configured domain.
This SDK is now on maven central. I also introduced support for implementing Application Services. The project can be found here: https://github.com/benkuly/matrix-spring-boot-sdk . It will be used by Matrix-SMS-Bridge, which only needs one telephone number. The latter will be released next week, when everything works fine (https://github.com/benkuly/matrix-sms-bridge).
Add the ability to defer all processing to a different isolate
When you use isolated: true on Homeserver.login or MyUser.fromStore, everything will be handled for you and the SDK works the same.
This only works on platforms with the Dart VM (not web).
Updaters are now globally registered per MyUserid.
This means for now only one Updater per MyUser is allowed. Updaters are created when a MyUser instance is retrieved via Homeserver.login or MyUser.fromStore
Add ability to specify what rooms to load from store when retrieving user
The previousBatch param from Room.copyWith is removed (wasn't used)
Add ability to override context in MyUser.copyWith and MyUser.merge
Updater and Homeserver are less coupled now
When a Context is changed with copyWith, all child objects' contexts are also changed
Fix bug in read receipt parsing (thanks to MatMaul!)
Sync errors are now pushed to the updates stream
Fix access token not being passed to logout API
Add type to RequestUpdate, so you can see which type of call
The purpose of the bot is to provide a link with Jupyter kernels running either on your local computer or somewhere else on a server. You can access your kernels through the bot with the chat interface. The kernels will answer to your commands through the same interface.
Since this is still a proof of concepts, the number of features is limited (command line text, string and pictures are the only output formats supported. No widget, no funny javascript) and they are few safeguards against infinite loops and other entertaining bugs.
TODO
This is right now just a proof of concept. We want to see if such a bot can be useful for people and how. What features would be interesting, what can be integrated in the present clients,... Therefore, in the short term, we want to focus on the possibility of easy testing for users and easy contributions for people who want to add their ideas. On the mid- and long term, a lot of ideas can be realized; it will depend on the feedback. These are just some examples. Short term:
proper error catching
fallback for non supported Jupyter formats on riot.im (i.e. a lot)
testing on termux on a tablet or smartphone
solve the problem with nio-matrix and upload in chunks of images.
Dockerized version
Middle term:
use of opsdroid as a framework
Longer term:
local server integrated to locally command the bot service.
make full use of jupyter capabilities with a client suited for it (for instance a Jupyterlab plugin)
I made a little bot that scrapes https://news.blizzard.com/en-us , because they've disabled their RSS feeds for some time now. It regularly scrapes all posts of a configured category and sends messages for new articles to all rooms the bot is a member of. It works like a RSS bot, except the source is a website instead of a RSS feed.
In the readme there are also some public instances, which you can just invite instead of hosting your own bot.
I've added matrix support into a chat bot, you can see the chat bot in action at #midori-dev:hackerspaces.be and it's project page is here https://github.com/midoricorp/jabbot.
it's main highlight is anybody can add new commands to it in chat using its scripting language
any any existing bot command can be used as a function in new scripts you write
The scripting language to add new commands can be found here https://github.com/midoricorp/script
you can do things like !script print "HELLO world";
or make a new command !script sub hello { print "HELLO World"; }
that would result in a new command !hello being made
print also has 2 output stream, one for rich format and one for basic formatting !script print "Hello World!"; print HTML "Hello <b>World</b>";
The goal is to improve cohesion and collaboration for all things design (UI, UX, interaction...)
Over time, it should become a place for people to
ask design-specific questions
share cool stuff and be praised for all the good work you're doing
develop and document a common understanding of the semantics of matrix
make sure the user experience is amazing, even as we all figure out how to federate.
Probably most designers work on single clients right now, but there are important UX questions that can only be answered ecosystem-wide. Maybe we'll end up with a design guide for people to use alongside the spec.
Final Thoughts 💭
Let's test homeservers against sytest, then unfairly pit them against one another! This week we're comparing Conduit and Dendrite - let's see the results!
Name
Conduit
Dendrite
Federation APIs
1% (1/103 tests)
27% (28/103 tests)
State APIs
0% (0/13 tests)
46% (6/13 tests)
Key API
17% (1/6 tests)
33% (2/6 tests)
Query API
0% (0/5 tests)
80% (4/5 tests)
send_join API
0% (0/8 tests)
38% (3/8 tests)
make_join API
0% (0/2 tests)
50% (1/2 tests)
Auth
0% (0/19 tests)
5% (1/19 tests)
room versions
0% (0/7 tests)
29% (2/7 tests)
Federation API
0% (0/14 tests)
36% (5/14 tests)
get_missing_events API
0% (0/6 tests)
33% (2/6 tests)
Backfill API
0% (0/4 tests)
0% (0/4 tests)
Invite API
0% (0/10 tests)
10% (1/10 tests)
send_leave API
0% (0/1 tests)
0% (0/1 tests)
Public Room API
0% (0/1 tests)
100% (1/1 tests)
Device Key APIs
0% (0/7 tests)
0% (0/7 tests)
Non-Spec API
0% (0/50 tests)
0% (0/50 tests)
Client-Server APIs
8% (56/667 tests)
33% (225/672 tests)
Registration
53% (17/32 tests)
62% (20/32 tests)
Login
26% (5/19 tests)
32% (6/19 tests)
V1 CS APIs
10% (3/30 tests)
10% (3/30 tests)
Misc CS APIs
100% (1/1 tests)
100% (1/1 tests)
Profile
33% (2/6 tests)
100% (6/6 tests)
Devices
17% (2/12 tests)
17% (2/12 tests)
Presence
0% (0/10 tests)
0% (0/10 tests)
Create Room
31% (4/13 tests)
92% (12/13 tests)
Sync API
1% (1/85 tests)
40% (34/85 tests)
Room Membership
0% (0/15 tests)
47% (7/15 tests)
Room State APIs
0% (0/14 tests)
36% (5/14 tests)
Public Room APIs
0% (0/7 tests)
14% (1/7 tests)
Room Aliases
0% (0/15 tests)
67% (10/15 tests)
Joining Rooms
0% (0/8 tests)
75% (6/8 tests)
Leaving Rooms
0% (0/1 tests)
100% (1/1 tests)
Inviting users to Rooms
0% (0/14 tests)
7% (1/14 tests)
Banning users
0% (0/5 tests)
20% (1/5 tests)
Sending events
0% (0/3 tests)
100% (3/3 tests)
Getting events for Rooms
0% (0/10 tests)
60% (6/10 tests)
Typing API
0% (0/5 tests)
0% (0/5 tests)
Receipts
0% (0/4 tests)
0% (0/4 tests)
Read markers
0% (0/1 tests)
100% (1/1 tests)
Media APIs
10% (2/21 tests)
24% (5/21 tests)
Capabilities API
0% (0/2 tests)
50% (1/2 tests)
Logout
0% (0/4 tests)
75% (3/4 tests)
Push APIs
21% (12/58 tests)
8% (5/59 tests)
Account APIs
20% (2/10 tests)
40% (4/10 tests)
Ephemeral Events
0% (0/1 tests)
0% (0/1 tests)
Power Levels
0% (0/2 tests)
83% (5/6 tests)
Redaction
0% (0/5 tests)
0% (0/5 tests)
Third-Party ID APIs
16% (3/19 tests)
16% (3/19 tests)
Guest APIs
0% (0/35 tests)
49% (17/35 tests)
Room Auth
0% (0/25 tests)
52% (13/25 tests)
Forget APIs
0% (0/4 tests)
25% (1/4 tests)
Context APIs
0% (0/4 tests)
0% (0/4 tests)
Room Upgrade APIs
0% (0/21 tests)
0% (0/21 tests)
Room Versions
0% (0/40 tests)
75% (30/40 tests)
Device Keys
3% (1/37 tests)
3% (1/37 tests)
Tagging APIs
0% (0/8 tests)
75% (6/8 tests)
Search APIs
0% (0/6 tests)
0% (0/6 tests)
OpenID API
0% (0/3 tests)
0% (0/3 tests)
Send-to-Device APIs
0% (0/12 tests)
0% (0/12 tests)
Server Admin API
0% (0/1 tests)
0% (0/1 tests)
Ignore Users
0% (0/3 tests)
0% (0/3 tests)
User Directory APIs
0% (0/11 tests)
0% (0/11 tests)
Application Services API
4% (1/25 tests)
20% (5/25 tests)
That's all I know 🏁
See you next week, and be sure to stop by #twim:matrix.org with your updates!
