Registration tokens is a feature introduced in Synapse 1.42.0, which allows homeserver administrators to force their users to use specific tokens when registering. This is similar to Synapse's registration shared secret support, but with added features, such as the possibility to limit how users can be registered with the same token, or to make a token expire. See the admin API documentation for more information on how to manage registration tokens on your homeserver.
Registration tokens were initially proposed to the Matrix specification in MSC3231 by Callum Brown during their Google Summer of Code internship last summer. The MSC has since been accepted, and released in the stable Matrix specification as of Matrix v1.2. As a result, its Synapse implementation has been updated to remove support for unstable identifiers. Administrators of homeservers on which the reverse proxy rules explicitly allow the unstable route for this feature need to update their configuration. Same goes for developers of Matrix clients that support this feature. See the upgrade notes for more information.
πTime-based cache expiry now enabled by default
To avoid being overly intensive on resources by making too many queries to the database, Synapse maintains several in-memory caches to store data it needs to use frequently. However, this comes with the inconvenience that, if Synapse needs to store too much data, these caches can become fairly big and occupy too much space in the host's memory.
Historically, Synapse has dealt with this issue by having set sizes for each cache, either hardcoded or set in the configuration, and evicting the oldest items when exceeding this size. Synapse 1.38 introduced the possibility for homeserver administrators to configure Synapse to evict cache entries based on the time they were last accessed on. This mechanism acts on top of the aforementioned eviction policy, and allows automatically evicting entries that haven't been accessed for some time, leaving more room in the caches to store data that needs to be accessed more often.
Synapse 1.53 enables this behaviour by default. Without specific configuration, Synapse will automatically evict cache entries that haven't been accessed for more than 30 minutes. Server administrators that were already using this feature might need to update their configuration, as this change deprecates the expiry_time configuration setting, which will be removed in a future version of Synapse. See the upgrade notes for more information.
You might have heard that we're working on improving the time it takes to join big Matrix rooms with Synapse. If not, then you definitely want to have a look at the demos Matrix live that was published earlier this month and includes more details and a demo of the work we've been doing in this area.
This release of Synapse includes an implementation of MSC3706, which is part of this work. It's still very experimental and definitely not production-ready, but it's a huge stepping stone towards making room joins snappier than ever.
We've also been continuing our work towards enabling end-to-end encryption for application services (see the Synapse 1.50 release blogpost for more context on that). Synapse 1.53 includes support for sending to-device messages to application services. This is also still very experimental, watch this space for future updates.
See the full changelog for a complete list of changes in this release. Also please have a look at the upgrade notes for this version.
Synapse is a Free and Open Source Software project, and we'd like to extend our thanks to everyone who contributed to this release, including (in no particular order) Dirk Klimpel, Brad Jones, and Alexander Mnich.
Hello everyone! It's me, not-anoa, here with your weekly spec update. I finally got the scripts to run which means you get a proper update once again (yay).
The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
In terms of Spec Core Team MSC focus for this week, we've been looking at unblocking MSC3440: Threads so it can make a smooth journey into acceptance. This involves quite a lot of work to ensure that the features we're concerned about are addressed, but so far the FCP progress on it is looking good.
We're also spending a bunch of time working out what room version 10 looks like to try and fix some usability issues with join rules and general maintenance of things like power levels. The hope is that in time for Matrix 1.3 we'll have v10 out (but not made default) for folks to experiment with.
Your random MSC is MSC2974: Widgets: Capabilities re-exchange. I swear it was actually random and only after running the script exactly once. The MSC is interesting because it allows widgets (a feature working its way into the general spec, slowly) to ask for more permissions when they need them. This ensures the widget doesn't need to ask for everything at startup (which is more likely to mean that it gets rejected), and that it can maintain a clean security state during normal operation.
One day it'll probably make it into the spec as part of the larger widget movement, but first we need to get widgets into the spec properly.
If you look carefully at the OpenAPI viewer, you might notice a dropdown for not-client-server APIs π. There's still work to be done to bring on the missing APIs, but this is in a place where it can be experimented with. Thanks to Alexandre Franke for getting this over the line :)
This week we've released Synapse 1.53.0rc1, which includes a bunch of new features, improvements, and other niceties... But more on that next week when we release Synapse 1.53.0 π As usual, we're super grateful for anyone that helps us test release candidates by running them with their homeservers! Please report any breakage or feedback in #synapse:matrix.org
Apart from this we have been continuing our experimentations with Poetry to better manage our dependencies in our Python projects after we switched Sydent to it last week. We're already starting to see improvements off the back of this work, such as automated security PRs and an opportunity to centralise our automated workflows to better reuse them in our projects (see https://github.com/matrix-org/backend-meta). We look forward to bringing all this goodness to Synapse soon!
And my Helm Chart updates are still happening, also now listed on Artifact Hub for easier discovery. This week saw several element-web updates, finally ending on 1.10.4
Is using Nheko a bit of a pain on your PinePhone? Do you just want bubbles in your chat app, not raw lines of text? Does Nheko waste too much space on timestamps and other metadata for messages?
Well, I am assuming Malte was annoyed by that or similar reasons. But in the end, they did spend a lot of effort reorganizing the way Nheko layouts messages so that people can have bubbles. This should make Nheko feel much more at home on the PinePhone and it seems like they are doing even more to make Nheko a great experience on mobile devices! But just look at it yourself:
If you are scared now and you think: "This is not the Nheko I came to love!", don't worry, all of this is optional. You can play around with the different avatar sizes as well as the bubbles themselves. You can even make Nheko look like it always looked!
There will be some regressions though. If you want to contribute, it would help a lot if you test those changes and report issues that you find! <3
Apart from that, there were also a lot of other bugfixes and cleanups by various contributors. You can also hide events by type now. If you don't want to see stickers or when someone joins a room, just disable that in the room settings! Tastytea implemented that. Long usernames should now also no longer overflow the profile pages and you can reset the state for a single room using the /reset-state /command. This is helpful when updating Nheko to use widgets, but Nheko just threw those events away (or pinned messages or other state events).
Hello and welcome back to another week at Element!
Location Sharing
As of this week, Location Sharing is now available by default for users on all platforms, except desktop where you can receive but not send locations.
Weβre starting work on the next stage, which is to enable live location sharing, and βpin droppingβ where you can pick any location on a map to share.
Threads
Threads are now live in Labs on all Element platforms!
Please remember this feature is experimental; let us know your feedback and report any bugs as we continue to improve.
The teams on all platforms are working hard on improving the stability and performance of Threads.
The new search experience came out this week, you can enable it in Beta to try it out! We are collecting feedback from users to inform upcoming improvements.
Weβre working hard on smashing bugs and reducing the number of defects.
Along with closing bugs, weβre working hard on adding finesse to our app and removing some of those βpapercutβ issues that users experience.
Keep your eyes peeled for updates and let us know what you think!
Our first time user experience is being updated also. Weβve introduced new splash screens to help introduce Element. Donβt panic! You can skip straight to βsign-inβ if this isnβt for you.
A new spinner is hereβ¦ While we work on the speed and performance of the app weβve introduced a new spinner that does not get in your way while you work.
Bugs and Papercuts⦠Our app is getting some love from our developer team as we try to reduce confusion and simplify flows throughout the app.
Keep an eye out for any small changes and let us know what you think!
Creating a new account in Element can be intimidating for new users, especially those who arenβt familiar with Matrix. Weβre introducing new screens and simplifying our questions so that users can sign up with confidence!
If you have any feedback, or want to share your thoughts on our first time user experience, get in touch.
A new layout option hit our app this week: Message Bubbles! If youβre used to seeing inbound messages on the right, and outgoing messages on the left this might be for you. You can access the new appearance option from Settings.
I wrote a small web app thing that can download, decrypt and display Matrix media in a browser. The goal is to use it in the Android SMS bridge for sending attachments that are too big for MMS, but it might be useful for other things too.
Currently it consists of the web frontend, a maubot plugin to generate links, and a small server that stores file metadata (so the URLs just contain the decryption key and a short ID to find the metadata on the server). I'll probably continue working on the exact URL format to make it shorter and to encrypt the metadata, and maybe also add an alternative mode where all info is included in the URL to make the server component optional.
I worked on adapting the NixOS module for Synapse to support worker deployments. It's a great reproducible deployment method, and super easy to configure. My module is perhaps less quality than the rest of the chain, but it's pretty neat to define your whole Matrix deployment like this: https://git.pixie.town/f0x/nixos/src/branch/synapse-workers/nodes/cosmos/containers/synapse-workers.nix#L60 and have Nix figure out all the systemd units and nginx routes that have to be added
Full Nix code for the module is at https://git.pixie.town/f0x/nixos/src/branch/synapse-workers/common/modules/synapse
pictured is the ping stat for a little test deployment with 8 federation senders :P
matrix-docker-ansible-deploy now supports installing the matrix_encryption_disabler Synapse module (details here), which homeserver admins can use to prevent End-to-End-Encryption from being enabled by users on their homeserver. The popular opinion is that this is dangerous and shouldn't be done, but there are valid use cases for disabling encryption discussed in this Synapse issue.
Pushed 234 updates and enhancements to the automation framework used as the service core
Integrated 17 additional components to the matrix stack
Developed 5 bots and tools to extend matrix capabilities
Installed 92 new matrix servers
Helped 172 people and organizations to achieve their goals in the matrix
Posted 74 updates in the announcements room
Some history:
the project (not service yet) started on February 12, 2021
the first installed server was etke.cc itself (yes, etke.cc homeserver is a customer of etke.cc service from the day 1)
the second installed server was a chatbot, that uses matrix as a platform to interact with users across different chat networks (Telegram, WhatsApp, Signal, etc.) - one API to rule them all.
After a few years, matrix-room-directory-server has finally gotten an upgrade to modern times. Intended to eventually be a standalone directory server (making vanity aliases possible, but otherwise not functional as a homeserver), it currently only supports overriding the federation /publicRooms endpoint.
The changes made today are to replace the old, broken, appservice-backed approach with a space-backed approach. You can see this in action on t2bot.io: querying the room directory over federation will hit the room directory server, which is watching #directory:t2bot.io in the background to determine which rooms to serve.
Hay y'all. I created a blog post about how to host element and matrix .well-known files using cloudflare pages that I thought might be worth sharing. Have a few kinks to work out regarding CORS (might need to clean my browsers cache) though.
https://minecraftchest1.wordpress.com/2022/02/17/hosting-element-and-matrix-well-known-files-with-cloudflare-pages/
https://matrix.to/#/#minecraftchest1-blog-matrix-elemet-cloudflare:matrix.org
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
MSC3440 (threading) continues to move forward with a proposed final comment period this week. As a really useful feature in Matrix, it's great to see it getting closer to landing in the spec.
In a similar vein, MSC3613 (combinatorial join rules) had a proposed final comment period. The intention of this is to be a simple mechanism for resolving the "it's not possible to have both a restricted and knock room" situation - as both introduced mutually exclusive join rules. This MSC will likely serve as the basis of a new room version whenever it lands.
This MSC makes the case for allowing widgets to be created in private rooms by default. The actual spec for it is blocked behind having widgets in the spec (see this tracking PR if you're interested).
As noted in the PR though, this MSC could build on the existing im.vector.modular.widgets unstable prefix for widgets in order to create an implementation for this feature. It does not appear to have happened yet though.
Hello, TWIM! This week we released Synapse 1.52, which includes new Admin APIs for monitoring federation status and immediately retrying failed connections, as well as for reporting on rooms shared between two homeservers. We've also fixed / improved media previews for sites like Reddit. Plus lots more fixes / refactors / improvements under the hood.
This is a smaller release as it's coming off of our FOSDEM sprint, but we look forward to getting back to more regularly-sized and featureful Synapses this month.
Notably, we've been experimenting with Poetry to better manage Python dependencies in our applications (Synapse, Sygnal, and Sydent). We just switched Sydent over this week and are working out the kinks in our CI and build pipelines. We're looking forward to bringing this consistency to Synapse next month!
Yesterday we released Dendrite 0.6.3 which is a primarily bug fix release. It contains the following changes:
Initial support for m.login.token
A number of regressions from earlier v0.6.x versions should now be corrected
Missing state is now correctly retrieved in cases where a gap in the timeline was closed but some of those events were missing state snapshots, which should help to unstick slow or broken rooms
Fixed a transaction issue where inserting events into the database could deadlock, which should stop rooms from getting stuck
Fixed a problem where rejected events could result in rolled back database transactions
Avoided a potential race condition on fetching latest events by using the room updater instead
Processing events from /get_missing_events will no longer result in potential recursion
Federation events are now correctly generated for updated self-signing keys and signed devices
Rejected events can now be un-rejected if they are reprocessed and all of the correct conditions are met
Fetching missing auth events will no longer error as long as all needed events for auth were satisfied
Users can now correctly forget rooms if they were not a member of the room
As always, please feel free to join us in #dendrite:matrix.org for more Dendrite-related discussions!
NeoChat 22.02 is out with the possibility of sharing files directly from NeoChat to other apps and services (Nextcloud, Imgur, email, ...). We also added support for minimizing the application to the system tray on startup and you can now label accounts to better organize them if you are using the multi-account feature. Aside from that, we spend some time fixing many small bugs and paper cuts reducing the total amount of open bug reports by 20%.
We've release 0.2.26. You can now create rooms and direct messages with Hydrogen. There's also a bug fix in this release for replies not loading in e2ee rooms under certain conditions.
Welcome to another week of TWIM at Element! Hereβs our updates:
Polls and Location Sharing
Polls is now out of labs, and available in the composer for all users with the latest app versions.
Location sharing is available on the mobile apps. For now you will need to enable it in settings in order to see the composer icon and send your location. As of next weekβs releases it will be enabled by default on all platforms.
Threads
Threads aims to reduce cross-talk on the timeline by moving side-convoβs to the right panel. If you want to try it out, it's available in Labs on Web today and in Labs on Mobile from next week!
Weβve been working on improving the stability and speed of threads across platforms.
Community Testing
Join#element-community-testing:matrix.org to join us for future testing sessions!
Metaspaces have landed! Giving users a new way to display favourites, DMs and rooms outside of other spaces. Switch these on in Quick Settings at the bottom left of your app.
New and improved Search! Weβre pleased to move the new search experience into Beta. Head to Settings > Labs to access it.
Those of you using Nightly or Develop will see the new experience by default.
Provide feedback on your experience directly from the Search window.
On Web weβve also been chasing away some bugs, specifically desynced memberlist and stale display names.
In Labs (Enable labs features in settings on develop.element.io or Nightly)
Thanks to everyone who tested the maximised widgets feature which was recently added to Element Web. It received a sudden burst of attention as part of the FOSDEM conference. π This week we've been fine tuning the feature to ensure it works for more workflows, and we've also cleaned up various associated widget bugs. In particular, in the develop version of Element Web, the pin and maximise actions are more consistent accessible, so you can toggle between pinned and maximised if e.g. you're in a conference room and temporarily want the stream widget to be larger while still having access to the chat timeline.
Next week we'll be focusing more on our Matrix-native collaborative document plans.
The next update of iOS (1.8.0) will have improved emoji reactions and location sharing will be on by default!
We will also be releasing fixes to the incorrect scrolling on the timeline and home screen sorting.
Work on a Rust prototype is also underway. Weβre excited to learn about the opportunities and advantages of this approach as we start to learn and experiment.
In Labs
From next week Threads will be available in Labs on Mobile. Switch it on and try it out!
Beeper is a universal chat app built on top of Matrix. We've created 12+ open source Matrix bridges and integrated them into an easy to use all-in-one service which does not require setting up your own homeserver.
Weβre excited to announce that as of today we are now out of Beta! We have been hard at work and weβre now ready to be sharing Beeper with a lot more people, starting first with the people weβve built up on our waitlist.
For more details and demos on the current state of Beeper, including our recently rebuilt and relaunched iOS app, check out the update on our blog: https://blog.beeper.com/p/beeper-update-4-out-of-beta or watch the video below.
The new version contains two new features around the Synapse Admin API, making someone a room admin and listing all unencrypted media URLs.
I've had some good ideas on how to make Matrix Wrench cover more use cases while staying simple for both users and me as a developer. New components allow me to add new API endpoints in as little as 7 lines. So far this only applies to simple endpoints without parameters, like joining and leaving a room, but it can be expanded to more endpoints because of how similar all Matrix endpoints are. Props to the Spec! π
Trixnity is now on version 1.1.7. Since 1.1.0 we have fixed many bugs and added some improvements and features. Our reference client runs amazingly reliable and fast thanks to Trixnity π
Version 1.1.1 released
This was a quick bugfix release for a finding by jeffcasavant, in which joining a room with a predecessor, the bot could crash. Thanks Jeff!
If you missed it last week, I published a template / demo stock reporting bot you can find here: https://github.com/WesR/Halcyon-stock-bot . Short and sweet, this little bot should be a great starting point if your looking into making a bot. Make sure to also checkout the library itself for more examples, and usage information https://github.com/WesR/Halcyon.
I'm always looking for more feedback, and love to see what people are working on. Come hangout with us in the Halcyon room: https://matrix.to/#/#halcyon:blackline.xyz
We have been using Matrix as a chat solution for the attendees of our biannual conference (KIF) and for new students during the introduction week, as well as Pretix to register attendants. Up until now the process to invite attendees to the corresponding Matrix Rooms and Spaces involved some curl and jq magic as well as manual intervention to connect both.
We have now replaced said manual process with a Pretix plugin that invites registered attendees to a configurable Matrix Room or Space. This plugin is now available on the Pretix marketplace or directly from its repository.
I'm excited to share a side-project I've been working on for the last ~3 months: Gatho (http://gatho.party) - a web app for hosting small gatherings.
Gatho is perfect as a replacement for Facebook Events for small social gatherings. I'm a 24 year old Australian who recently deleted Facebook - I've used Gatho for a few parties now and the guests have loved it!
Gatho includes a Matrix bot which, when added to a room, can synchronise RSVP emoji reactions to a linked Gatho event! See gatho.party/getting-started to hear how the Matrix synchronization works.
You can also create one-click RSVP links to send to your friends - no matter which chat/social app they use!
It's fully GDPR compliant and multi-region with an EU server and database, and uses NextAuth.js for passwordless authentication.
The Gatho website and bot is open source (AGPL-3.0) on Github, PRs and Github issues are very welcome! It's built using Next.js in Typescript.
The ping room has been upgraded to room v9. During the 452 days the previous (v6) ping room was alive, it received a total of 735997 org.matrix.dummy_events and 604459 m.room.message events.
Here we reveal, rank, and applaud the homeservers with the lowest ping, as measured by pingbot, a maubot that you can host on your own server.
The team behind Twisted, which is the main framework Synapse uses under the hood, recently released Twisted 22.1. This version fixes a security vulnerability within the Twisted library.
While preparing the release of Synapse 1.52, we have investigated the impact of this vulnerability on Synapse. We came to the conclusion that it does not affect Synapse. We however advise server administrators to ensure they use an up-to-date version of the library as a matter of good practice.
For instances installed with pip, the library can be updated with pip install --upgrade Twisted treq. For instances installed with the matrixdotorg/synapse Docker image or Debian packages from packages.matrix.org, updating to Synapse 1.52.0 is sufficient, as these images and packages include up-to-date versions of all dependencies.
It is also worth noting that a release candidate for Twisted 22.2 has been published, with a fix for a potential denial of service vulnerability with SSH. Administrators of Synapse homeservers that have the manhole feature enabled (which is the only feature of Synapse using SSH) are encouraged to ensure access to the manhole is correctly restricted (e.g. by preventing access from external locations).
This release of Synapse introduces a few admin APIs to help server administrators monitor and handle how their Synapse homeserver interacts with other federated homeservers. One of these APIs offers server administrators a way to visualise which rooms are shared between the local homeserver and a given remote one.
Another API allows server administrators to reset federation timeouts. If Synapse fails to connect to a remote homeserver, it will make note of the failure and will not retry the connection after a certain amount of time. This can happen if the remote homeserver goes offline or experiences connectivity issues. Synapse has a few ways of figuring out whether a remote homeserver has come back online, but this new admin API adds a way for administrators to manually tell Synapse a destination should be available.
This release also improves Synapse's deactivation behaviour by deleting account data when deactivating a user. "Account data" refers to private arbitrary data that is specific to an account. It is used among other things for secure server-side storage (SSSS) which allows securely backing up end-to-end encryption keys.
Please see the Synapse release notes for a complete list of changes in this release.
Last year was the first time FOSDEM was hosted on Matrix, and it was generally a huge success - and so the FOSDEM team trusted us again this year and weβre happy to say that it seems to have gone really well! This yearβs FOSDEM was massive once again, featuring 654 speakers, 731 events, and 103 tracks.
This year hosting the event went smoother than last year, the only significant issue was some of the Q&A Jitsis not being broadcast to the devrooms on Saturday before 10:15 UTC, for which we offer our apologies to the speakers impacted. This turned out to be a problem with the Matrix<->Jitsi access control sync system which hadnβt showed up during earlier testing, but we patched around it rapidly on the day.
The most notable difference between this year and the previous year has been the usage of a βattendees.fosdem.orgβ instance in addition to the original βfosdem.orgβ one, specifically for attendees. The graphs speak for themselves: Synapse could handle the load of the 23K users (13K joined users and 10K lurkers) spread across a total number of 941 rooms. The real eye-opener however is that of the 13K joined users, only 4K came came from the FOSDEM attendee server, and 1K from Libera Chat, meaning that ~70% of the Matrix participants were already on Matrix and came in from existing servers! π€― That means the vast majority of people attended over federation. Decentralisation at work, people! It works! We didnβt host the conferenceβ¦ you did!!
But not only did the backend handle the load smoothly: the general user experience felt tightly integrated. People were welcomed by a tailor-made home page in Element to help them navigate through all the tracks and stands:.
One of the great things is it doesnβt require heavy modifications to Element: anyone who installs their own instance of Element can use a simple html file to display relevant information to their audience.
New this year, we also generated a space hierarchy for the whole conference at #fosdem2022:fosdem.org to help navigate the maze of rooms, making it even easier for users on their own servers to jump in:
Another greatly appreciated feature was the famous βmaximised widgetsβ I (Thib) keep telling you about in Matrix Live episodes. Attendees and speakers could give the conference the central attention it deserved while simultaneously keeping an eye on what was happening in the chat.
From the speaker's perspective, we tried to streamline the user journey as much as possible: a bot invited them to a backstage room, in which they joined a Jitsi widget while their talk was being played in the track or devroom. They could see the most upvoted questions by the audience in a dedicated widget. A few minutes before their pre-recorded talk was over, a countdown (new this year!) could be displayed to tell them and the host they were about to go live. At the end of the countdown, the backstage Jitsi was broadcasted to the track so the speaker could answer the questions.
If you want to have an in-depth look at the backendβs architecture, it didnβt change much from last year. You can have a look at last yearβs blog post for the details on the setup. Most of the heavy lifting was around the conference bot used to set rooms up, create the spaces, populate them with widgets, arrange layouts and trigger countdowns before going liveβ¦
Huge thanks to the FOSDEM team for trusting us, massive shout-out to Element Matrix Services and Elementβs Ops and infrastructure team for their fantastic job in setting everything up and making sure everything was ready in time, a sincere thank you to all the fantastic speakers who shared awesome content, and finally to all the attendees. What a weekend!
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://spec.matrix.org/unstable/proposals.
I'd also like to point out that v1.2 released on 2/2/2022 :)
Otherwise, thank you to aaronraimist and devonh from the community for their fixes to the spec's text that merged this week. They are highly appreciated!
This MSC proposes to pave a way to allowing relating an event to multiple other events, which unlocks some additional use cases. Go check it out if you're interested in extending Matrix's capabilities even further!
Synapse 1.52.0rc1 is out, but honestly, we're just all hands on deck for FOSDEM tomorrow! As a reminder, members of the Synapse team will be giving a couple of talks during at the event:
Today we've released Dendrite 0.6.1 which contains a number of fixes and improvements. This release includes the following changes:
Roomserver inputs now take place with full transactional isolation in PostgreSQL deployments
Pull consumers are now used instead of push consumers when retrieving messages from NATS to better guarantee ordering and to reduce redelivery of duplicate messages
Further logging tweaks, particularly when joining rooms
Improved calculation of servers in the room, when checking for missing auth/prev events or state
Dendrite will now skip dead servers more quickly when federating by reducing the TCP dial timeout
The key change consumers have now been converted to use native NATS code rather than a wrapper
Go 1.16 is now the minimum supported version for Dendrite
Local clients should now be notified correctly of invites
The roomserver input API now has more time to process events, particularly when fetching missing events or state, which should fix a number of errors from expired contexts
Fixed a panic that could happen due to a closed channel in the roomserver input API
Logging in with uppercase usernames from old installations is now supported again (contributed by hoernschen)
Federated room joins now have more time to complete and should not fail due to expired contexts
Events that were sent to the roomserver along with a complete state snapshot are now persisted with the correct state, even if they were rejected or soft-failed
Spec compliance, as measured by Sytest, currently sits at:
Client-server APIs: 65%
Server-server APIs: 94%
As always, you can join us in #dendrite:matrix.org for Dendrite discussion and announcements.
It's FOSDEM! Don't forget to checkout my 5 min ramble about custom stickers and emotes in Matrx: https://fosdem.org/2022/schedule/event/matrix_custom_stickers/
In preparation for FOSDEM, I've also been working on some goodies so that you can participate using Nheko in a limited manner:
Previews for rooms are now fetched for spaces using the hierarchy API
Widgets for the talks should be shown below the topic as links
While this isn't grand, it should be good enough for some to participate using Nheko. You will need the latest master (some commits aren't even pushed at the time of writing!), but if you are just watching, this should give you an easy way to fetch the talk link for each room. You will still have to watch the actual talk in your browser though.
LorenDB also added a big, fat, red offline indicator. If your server dies because of FOSDEM, now Nheko will tell you.
I hope you all will have a great time and I hope I see you around!
Very customizable, with ability to adjust any keybinding/functionality
A multi-account client
Adjusts to any screen size
After 6 months of inactivity on the Mirage project, Moment brings it back to life. We have fixed some important issues and will continue to maintain Moment!
πΊ We've released Hydrogen 0.2.24 and 0.2.25 with session backup writing and some bug fixes! From now on you shouldn't need to have another client running along hydrogen for keys to be written to the key backup!
Welcome to another week of TWIM at Element! Hereβs our updates:
Polls and Location Sharing
Polls is now out of labs, and available in the composer for all users with the latest app versions.
Location sharing is also now available on the mobile apps. For now you will need to enable it in settings in order to see the composer icon and send your location.
Threads
Threaded Messaging is making forward progress on all 3 platforms; weβre aiming to help clear up cross-talk on the timeline by moving side-convoβs to the right panel. If you want to try it out, it's available in Labs on Web. Weβll be pushing Threads into Labs on Mobile in the next release!
Bubbles are now available! Keeping your inbound messages on the left, and your outbound messages on the right your timeline should now be easier to skim read. This layout is off by default but to see it in action, update your Message Layout appearance preferences from Settings.
Metaspaces have landed! Giving users a new way to display favourites, DMs and rooms outside of other spaces. Switch these on in Quick Settings at the bottom left of your app.
In Labs (Enable labs features in settings on develop.element.io or Nightly)
New and improved Search!
Provide feedback on your experience directly from the Search window.
Threads, including design updates. The MSC is available hereMSC3440
Weβve been working hard on improving the startup and resume times, you should start to see these in your app in 1.7.0.
Work on a Rust prototype is underway. Weβre excited to learn about the opportunities and advantages of this approach as we start to learn and experiment.
Also, Xcode13 & iOS15 compatibility has been added for developers
Coming soon in 1.8.0! Bubbles and an improved Onboarding experience
Threads will also be hitting Labs on Mobile soon so let us know what you think.
A hotfix (1.3.18) on Android will fix some bugs we found in this weekβs release.
Bubbles will also be landing soon, you can find this new feature in Settings > Preferences > Timeline. The feature has been merged to develop if you want to give it a try!
Threads have also been merged on develop.
Weβve been making improvements to the Onboarding experience for new users too.
In Labs
Threads will soon be in Labs on Mobile. Switch it on and try it out!
Here's a big populus viewer update! Since last time, I've been mostly working on improving the user experience and onboarding for non-experts, as well as making my teaching-assistant bot a little smarter - this work is ongoing. But I have had time for a few new features π
I've reworked the sidebar for the PDF view, improving the aesthetics and allowing for a "fullscreen" view of PDF content.
I've added user-directory search and improved the usability of the invite modal.
The reason that MSC3574 is not a final draft is that I'm increasingly looking at the w3c's web annotation data model as a compelling foundation for annotations on Matrix. Stay tuned for a upcoming MSC, or come over to #opentower:matrix.org to talk about the future of annotation on Matrix!
I've also been working on a proof-of-concept for one Matrix use-case that I'm hoping Populus can help fill. Social annotation can be a good tool for getting feedback on works in progress, or for discussing new research with your team or lab. Wouldn't it be nice if you could just pop open a paper on a preprint archive and start commenting, or say "hey friends, I'm reading this paper, what do you think?" And wouldn't it be nicer if you could do that and host the discussion on your university or team's Matrix server?
Here's a first pass at that idea: https://opentower.github.io/populus-philarchive/
At the moment works by just pasting in paper codes from philarchive.org - it'll preview bibliographic information and give you a list of discussions taking place around a given paper, with the option to create a new one. Sessions are shared with populus-viewer, and pdfs continue to be hosted by the original archive. There are a number of clear upgrade paths, by integrating with a preprint archive that has an open search API, or even by adding an OAI-PMH metadata harvester to the backend, to combine the metadata from a bunch of open paper archives. I'm really excited to see where this work goes.
I have been working on a little project over the last week: nheko-krunner. nheko-krunner is a KRunner plugin that loads rooms from nheko, displays them to the user, and allows the user to activate said rooms. How does it do this? Well, I've also been creating a D-Bus API for nheko! This code has not been merged yet, but once it is, you will be able to create your own plugins that access nheko via D-Bus!
The current functionality of nheko-krunner is simply (1) search and switch to rooms that you are in (not unlike the Ctrl-K switcher), and (2) join rooms from their aliases.
If you want to try out nheko-krunner, you will need to build from the dbus branch in my personal fork of nheko and then install nheko-krunner from the above repo.
I hope that somebody finds this useful and I am excited to see what other D-Bus plugins may show up in the future!
The versions 0.4.x brought improvements to the network log, letting you spot and investigate HTTP errors, bad JSON and network errors.
Ideally, I want to focus as much on the Matrix Spec as possible, but for the v0.5.0 I might venture into the territory of the Synapse Admin API, e.g. for listing and deleting media in a room. Please contact me, if you have use cases around media moderation you'd like me to consider.
No new release this week. I've been working on the video sending functionality, and I am looking forward to seeing what that enables ya'll to do!
In the meantime, I've published a template / demo bot you can find here: https://github.com/WesR/Halcyon-stock-bot . In just 37 lines of (unminified) code, this little bot:
Sets a status message
Automatically joins rooms via invite
Searches messages for $stocks mentioned, then formats and replies the current price and daily percent change for all the tickers in the message
Screenshot below
I'm always looking for more feedback, and love to see what people are working on. Come hangout in the Halcyon room: https://matrix.to/#/#halcyon:blackline.xyz
Lastly, for more info at on the bot library visit https://github.com/WesR/Halcyon
Happy Hacking!
The Polyjuice Project has a new component: Polyjuice Client Test, a tool for testing Matrix clients. Each test has its own preconfigured homeserver environment, implemented using the Polyjuice Server library, and can be customized according to the needs of the test. Only a few tests are implemented so far, but many more are planned, initially focusing on testing functionality related to end-to-end encryption. You can see a demo of it in the Matrix Live video.
matrix-corporal (as of version 2.2.3) is now published to Docker Hub (see devture/matrix-corporal) as a multi-arch container image with support for all these platforms: linux/amd64, linux/arm64/v8 and linux/arm/v7. Users on these ARM architectures no longer need to build matrix-corporal manually.
New version comes with in-memory caching for thread relations. It significantly decreases amount of requests to homeserver during thread relations solving, both for MSC3440 threads and reply-to chain fallback
Fonts now get hosted on the page itself due to the legal issues in Germany with Google Fonts hosted fonts
Profile page has a rough UI to edit the profile page if logged in
Licence gets now correctly displayed according to the Creative Commons Licence requirements
Initial work on translations has started. A Weblate instance has been set up at https://trans.nordgedanken.dev for this.
German translation was added
Progress on the HS side to be able to use it as a public registration server for anyone who wants to post to Matrix Art. (yes, this really has a public registration HS)
MjΓΆlnir instance is set up which also is used to moderate Matrix Art in complete (Aka it is joining on creation.) This is used for being able to moderate the website.
ChatStat is an R package for making reports on Matrix rooms.
Ahead of my lightning talk on Sunday, ChatStat has been polished up and given it's first release. You can get it here. Huge thanks to @johrpan:johrpan.de for their contributions too.
The main highlight since my last TWIM is that we actually have report generation now! You can see an example here, or check the project wiki for an example of using the raw data with ggplot2 to make custom plots of your own.
The season 2 of Raising Dion (a Netflix TV show) featured shortly a video call with Riot/Element and a few other open source software (e.g. Karbon). Oh and you might recognize a few usernames in the sidebar π
Circles has made it into a small German speaking Apple News site/App called ifun.de.
βCircles-App: Neue alte Ideen fΓΌr private soziale Netzwerkeβ https://www.iphone-ticker.de/circles-app-neue-ideen-fuer-private-soziale-netzwerke-185764/
There wasnβt a mention of Matrix - which is kind of exciting really. This means it can just be the transparent layer of great apps :)
Today the European Parliament, the European Council and the European Commission will meet again for a discussion about the Digital Markets Act (DMA). This is the second of three of these meetings, appropriately called trilogues, where each party exposes their stance on a proposed law and the group tries to agree on the final version.
The DMA is a groundbreaking step forward in shaking the hold a few gatekeepers have on users and the market, in particular because it looks to (among others):
Require gatekeepers to allow other services to interoperate with their services
Prevent them to treat their own services and products more favourably (for example by ranking)
Require them to allow users to uninstall any pre-installed software or app
The interoperability obligation is obviously the one on which weβve kept a particularly close eye, as if it lands well it could take the success of Matrix to the next level completely overnight.
However, whilst in our mind interoperability automatically implies βopen standardβ, there are actually different ways of implementing it, depending on how far one wants to go. Typical debates here have been between whether to force gatekeepers to maintain open and well documented APIs, or whether to go full swing and mandate an open standard, and every shade in between.
Weβve been lucky to have had the opportunity to talk to policy advisors from different European member states, and it has been pretty fascinating to realise that it was always the same arguments which were being presented back at us, straight from the gatekeepers partyline.
Weβve ended up just listing them in a quick, high level, Myth Debunking exercise and thought it would be useful to actually publish them for everyone to access, so here they are!
MYTH #1 - "It is impossible to have a standard that is open, decentralized and secure at the same time"
β false: HTTPS did it, Matrix did it.
MYTH #3 - "Interoperability is incompatible with end-to-end encryption"
β false: services just have to speak the same language, email has proved this with S/MIME and PGP - where different vendors can and do interoperate with E2EE. Itβs even better when the protocol is E2EE by default.
MYTH #4 - "It may work for messaging, but less so for social networks"
β false: it's still about managing content and users. Even though social networks have more varied content, it is already well modelled for their own APIs, ready to be expressed in a common language. The key is in the fallback option on unsupported features, as well as the ability to have moderation tools (more on that later).
MYTH #5 - βInteroperability is not compatible with data privacyβ
β false: Interoperability gives the ability to users to choose who is hosting their data and as such choose providers they trust. Besides, the DMA doesnβt live in a vacuum: it will exist alongside horizontal regulations like the GDPR and the Data Act, which give people sufficient control over their data to rectify their choices if they are not happy. Because the possibility of interoperability is there, it does not mean it will become mandatory for users to use it: they will still have their own threat models and will make decisions accordingly, just as they do today. But enshrining interoperability in law will at least ensure gatekeepers need to provide recourse for people to have further control over their data, which will be an improvement from the landscape today.
MYTH #6 - "There is no user need"
β false: most haven't had a taste of interoperable chat/social media (but they know email), others are demanding bridges between services: 25% users of 2 communication apps lose contact with friends because they are using too many apps. And this figure doubles for people using more than 5 apps. There was no demand for cars when they were created: people only wanted faster horses.
MYTH #7 - "There is no demand from European companies"
β false: The fact it is so hard for European companies to remain competitive enough to stay alive means there are few of them to complain about what is killing them! However these companies are gathering to push for interoperability (like the Coalition for Competitive Digital Markets). It will enable them to be more innovative in the product they develop by benefiting from an existing open network rather than being slowed down by having to build one from scratch. Companies will compete on the value they add rather than the size of their network. An open standard also gives an open field for innovation from a business model perspective. The Web is an excellent example of how much an open network fuels innovation and growth.
MYTH #8 - "It is better to require providers to have open and stable APIs than define a single open standard"
β false: this is the best way to leave gatekeepers at the center of the ecosystem as it means that each player has to multiply its effort to interface with every single other player, but every player will only have the resources to interface with a few of its counterparts and will logically default to the bigger ones, effectively not solving the problem. In addition, if providers are not aligned on which encryption to use it will just break end-to-end encryption and create risk for the user in every bridge. In practice the DMA is about forcing the gatekeepers to interoperate only, but we strongly believe that everyone should be interoperating if we are about improving the userβs experience and control, and giving more space to companies to innovate. Limiting it to the gatekeepers is a first step, but only a defensive one.
MYTH #9 - βAn open standard limits innovation if it defines a lowest common denominatorβ
β false: the lowest common denominator should match what users consider as table stakes in a messaging or social media app. Providers can innovate on top by providing different features which go beyond table stakes, for example by targeting niche use cases, like messaging services focused on elderly and disabled users, or focused on healthcare, warehouse workers, or integrated in a CRM for call centers, or creativesβ¦ Providers also can implement a profile of the standard which is a subset of its full scope, ensuring the standard remains a highest common denominator..
MYTH #10 - βIt will be impossible to moderate social networks built on an open standardβ
β false: decentralised networks actually have driven the adoption of much more sophisticated moderation techniques than the coarse approaches of centralised silos. Appropriate moderation means have to be part of the open standard definition, and some are already used in Matrix. It would also empower victims who today have no choice but get in touch with providers one by one. Each provider will also have control over their own users, and users can select providers whose T&Cs are aligned with their ethics. The world is not black and white, unlike what Silicon Valley tries to make us believe.
MYTH #11 - βIt will take years before being able to define an open standardβ
β you donβt have to: You could leverage existing technologies which are being used by the industry. Matrix, XMPP and ActivityPub exist today. For instance, Matrix has been managed by its own standard body (The Matrix Foundation) and could be ratified by a more established one like IETF, ETSI or W3C if needed.
Obviously the devil will be in the details of the way the final text is formulated, as well as the limits, obligations and controls put in place, but overall it should be an improvement for all European users and companies and weβre looking forward to seeing how todayβs trilogue goes!
Welcome to the second installment of our quarterly spec releases. If it feels like it hasnβt been long since our last release, youβre not alone! Our last release was just 3 months ago, introducing the new platform and world we build within.
This improvement in speed might seem too fast, but fret not: implementations are not expected to update as soon as the new spec is published. Rather, it is more realistic to expect that the ecosystem gradually update over the course of the following few months/year. Particularly after the massive release that was v1.1.
So, whatβs new in v1.2? With 18 MSCs merged thereβs a lot to cover - weβve picked some notable highlights and recommend the full changelog at the bottom for a complete idea of whatβs been going on.
Spaces launched into beta last May, redefining how we can use rooms on Matrix to represent different data structures. Described mostly as MSC1772, Spaces are simply rooms with a specific type in their m.room.create event. With state events being used to define which other rooms (meaning Spaces too) are part of that Space, the possibilities for tree-like structured data become endless.
Thereβs still quite a lot of work to do in the Spaces space (hah), though weβre excited to see it all land. For instance, MSC3216 and MSC2962 target power level syncing, MSC3219 aims for flair, and MSC3089 looks at file structures using Spaces. We might even be able to replace the public room directory with a server-wide space, making writing clients a little bit easier.
Restricted rooms are new in this release from MSC3083. In these rooms (and therefore Spaces too!), the join rules can be configured such that a member of another room can join without needing an invite. In a typical setup, this means that a Space could be set as invite-only, but all the rooms and Spaces underneath that Space could allow joins for members of the parent Space. When someone wishes to explore the universe youβve laid out in your Space they can simply join the interesting rooms without having to ask for invites constantly.
This feature changes how membership events are authorized, so is only available in room versions 8 and 9 (both introduced in this release). Room version 9 fixes a relatively rare bug from version 8, so weβd recommend using v9 if youβre planning an upgrade for this functionality.
Further work in this area involves figuring out how to keep membership lists perfectly in sync between the rooms, which is currently done by external tooling. For example, evicting someone from the parent Space could (optionally) evict the user from all the subsequent rooms and Spaces too.
We also need to figure out how to support both knocking and restricted rooms at the same time (oops). MSC3613 and MSC3386 both tackle this problem in different ways and timescales.
A massive shoutout goes to kitsune and the whole community for working on MSC2312, giving us a URI we can pass around outside of Matrix to bring us back in. The early work on this dates all the way back to 2014, the very beginning of Matrixβs development, and has since been marked Provisional by the IANA.
MSCs are how the spec changes in the way it does - adding, fixing, and maintaining features for the whole ecosystem to use. The blog post canβt cover them all, but that doesnβt make them any less important! Check out the full changelog below, and the Spec Change Proposals page for more information on how these MSCs got merged (hint: they submitted a proposal, which anyone can do - take a look at the Matrix Live episode where Matthew covers the proposal process).
Explicitly mention RFC5870 in the definition of m.location events (#3492)
Add 403 M_FORBIDDEN error code to /profile/{userId} as per MSC3550. (#3530)
Clarify the description of the /sync API, including a fix to an ASCII art diagram. (#3543)
Clarify that base_url in client well_known may or may not include trailing slash. (#3562)
Clarify which signature to check when decrypting m.olm.v1.curve25519-aes-sha2 messages. (#3573)
Clarify what "Stripped State" is and what purpose it serves, as per MSC3173. (#3606)
Clarify how to interpret missing one-time key counts. (#3636)
Correct the schema for the responses for various API endpoints. (#3650)
Clarify that group mentions are no longer in the specification. (#3652)
Distinguish between "federation" event format as exchanged by the Federation API, and the "client" event formats as used in the client-server and AS APIs. (#3658)
Fix the rendering of the responses for various API endpoints. (#3674)
Distinguish between "federation" event format as exchanged by the Federation API, and the "client" event formats as used in the client-server and AS APIs. (#3658)
Fix the rendering of the responses for various API endpoints. (#3674)
Correct the documentation for the response value for GET /_matrix/app/v1/thirdparty/protocol/{protocol}. (#3675)
Element Desktop 1.9.6 and earlier depend on a vulnerable version of Electron, leading to a High severity vulnerability in Element Desktop, relating to its functionality for opening downloaded files. If successfully exploited, the vulnerability allows an attacker to open an arbitrary file path on the user's machine using the platform's standard mechanisms, but without the ability to pass additional arguments or data to the program being executed.
However in certain platform configurations, the same vulnerability could allow an attacker to open an arbitrary URL with an arbitrary scheme instead of a file path, again using the platform's standard mechanisms. There has been research demonstrating that the ability to open arbitrary URLs can sometimes lead to arbitrary code execution.
The attack requires user interaction and the exploit is complex. To the best of our knowledge, the vulnerability has never been exploited in the wild.
Patched in 1.9.7 with further hardening done in 1.9.9 to ensure it's harder to exploit even in light of new Electron vulnerabilities. Please upgrade to 1.9.9 as soon as possible. The vulnerability has been assigned CVE-2022-23597.
Kudos to Aaron for adding a GitHub action to matrix.org's repository to check for typos, and taking the time to fix them all! Worry not fellow proofreaders, our post-publication TWIM proofreading tradition is not extinct: some typos are not caught by the CI, such as misspelling of proper nouns (e.g. Devianart) or articles (e.g. "an proofreader" won't make the CI upset)
Here's your weekly spec update! The heart of Matrix is the specification - and this is modified by Matrix Spec Change (MSC) proposals. Learn more about how the process works at https://matrix.org/docs/spec/proposals.
The release of Matrix v1.2 is right around the corner, and is expected to go out on February 2nd. This is in line with our quarterly release cycle for the spec going forwards.
Please reach out to us in #sct-office:matrix.org if there are any last-minute MSCs that haven't started/finished Final Comment Period that you believe should be included!
A concept similar to robots.txt for the web, but for Matrix! Currently the way to inform room-crawling bots in Matrix today is by banning/kicking them from the room. However, this doesn't allow you to blanket prevent bots from joining - nor does it only inform bots that they should access some of the room's data. It's a binary switch.
Consider if you wanted your room to be crawled, but the room topic to not be indexed. This MSC could help with that! Give it a read/review if you're interested.
Have you ever pinged someone by accident, because you replied to a message with their name in it or maybe even a whole room mention? Or are you avoiding replies for that reason? Did the quote of a messages suddenly vanish when someone edited their message in a client? Or are you just in general unhappy with replies only showing what type of message was replied to, instead of showing the actual image being replied to (on mobile for example)? Were you annoyed, that you could only reply with a text message, but not an emote message, an image, a sticker or even a video?
I spent a bunch of time trying to remove the blocker for that in the Matrix specification, you can find the proposal here: https://github.com/matrix-org/matrix-doc/pull/2781
As it turns out, it is not quite as simple, because notifications for replies to your messages rely on a bunch of implicit interactions, which is why I also wrote another MSC to fix that: https://github.com/matrix-org/matrix-doc/pull/3664
I'm a bit unhappy with replies across the matrix ecosystem at the moment and I hope this is a small step towards improving things. It's certainly not as exciting as spaces, voip, threads or stickers, but it is something which affects me every day and I think those small papercuts need some attention too.
I hope some of you share my love for the less exciting stuff!
To add onto Nico's efforts, I think that mentions today are based on too many "false-positives" (ping on displayname or username mention), and i kinda wish for the "just mention them" UX of discord, telegram, whatsapp, and so many other messengers.
So I've also made a proposal that tries to bring some explicitness in that, a new push rule that'll fire on "mention"; https://github.com/matrix-org/matrix-doc/pull/3517
It'll look for any @-MXID mention in the plaintext, or look for an <a>-mention "pill" in the HTML. It is a hack, but it is the most correct way of determining if you've been pinged in matrix, at the moment.
In terms of reply fallbacks - the Spec Core Team gave an overwhelming thumbs up to removing reply fallbacks via MSC2781... but given practically this causes a cascade of other work (defining and implementing push_rules for replies, and defining and implementing push_rules for threads (MSC TBD)) and so as a temporary transitional measure we've instead made reply fallbacks best effort (MSC3676). This means that clients can now reply using non-textual events, and we can use replies as a fallback for threads for non-thread-capable-clients/ASes once MSC3440 lands. To be clear, the intention is still to incorporate all of Nico's excellent contributions on MSC2781 and MSC3664 however.
Hello TWIM! Last week we released Synapse 1.51. This is a great release which includes lots of performance work around sending aggregations down /sync. It also makes Spaces much more reliable: we tracked down a bug with caching which could cause some sub-spaces to randomly appear empty when queried over federation. We also removed the 50 result limit when listing the contents of a Space.
We're also starting to see some promising results experimenting with ways to make room joins faster (MSC2775). It's not quite ready to demo, but we should have something to show off before too long. π€
We know that it has been a while coming but today we have released Dendrite 0.6! This version contains a number of significant changes, including switching away from Kafka to NATS JetStream and refactoring a number of other components. We have been making architectural changes recently to help Dendrite scale better in the future and to fix a number of race conditions that were present before. Federation in particular is much smoother and better behaved in this release, with overall lower CPU and memory usage and less resource spikes.
NATS JetStream support, deprecating Kafka and Naffka
The roomserver now being responsible for fetching missing events and state instead of the federation API, which fixes some race conditions
Strict ordering and asynchronous input support in the roomserver input API, which smooths out incoming federation significantly
Consolidated federation API, including functionality from the now-deprecated federation sender and signing key server components
Database-backed device list synchronisation, which is now more reliable
Correct gap checking when fetching missing events and state
Better behaviour and lower resource usage by the /event_auth endpoint
Spec compliance, as measured by Sytest, currently sits at:
Client-server APIs: 65%
Server-server APIs: 94%
This is a highly recommended update so if you are running a Dendrite server, please upgrade! As always, you can join us in #dendrite:matrix.org for Dendrite discussion and announcements.
Hey folks, no releases this week but a general update on a little project of ours. I've been working through the problem of making bridges easier to use and supplimenting our command interfaces with pretty buttons and forms. To that effect, we've landed out first PR on adding widget communication support to the matrix-appservice-bridge library \o/.
You can see some of the details here https://github.com/matrix-org/matrix-appservice-bridge/pull/365
but that's not all. I'm doing a talk about this whole subject at FOSDEM which you can tune into! See the deets at https://fosdem.org/2022/schedule/event/matrix_next_gen_interfaces/
Next to spec work, progress on porting Nheko to 100% qml continues. This week I ported the login and registration pages. I also did some minor cleanups on them and prep work for future improvements (like buttons for each SSO provider or providing email address and registration token inline instead of in a separate popup, if the server requires it). Logging in or registering is often the first thing a user does on a client or maybe even the first thing they do on Matrix! As such I should really spend more effort optimizing that feature, that usually falls off the priority list because I don't use it often!
Once Nheko is 100% Qml we should also see lower memory usage again, here is a screenshot from a Nheko instance with over 100 rooms, that's been running for a few days of active use on Windows:
We also fixed an issue where Nheko could crash the notification service, because it sent images not following the Freedesktop notification specification and tasty spent some time further improving the man page.
Hello folks, it's been a while since we last spoke! We have been focused on the code, but we're long overdue for an update. A lot has happened since November. Fractal-Next is getting closer to feature parity with current Fractal, and even supports new things:
Timeline
Fractal-Next now allows you to open and save sent files
It also displays images, videos and stickers in the timeline
You can also get a better view of media send to the room thanks to the built-in media viewer
It (finally!) supports reactions (displaying them and sending new ones)
User verification
Fractal-Next now supports verification of other users by scanning their QR code, or via emoji
When a user is verified, an icon is displayed next to their username in the list of room members
Room details
The room details show now the members of the room including the power level
General UX
Fractal-Next is better integrated with GNOME's secret management service Seahorse
It supports room upgrades
It also supports inviting users to a room
Users can change the category of rooms in the sidebar via drag and drop or by using the context menu
All dates and times to be confirmed, follow our channel for updates
Decryption
You can help us fix decryption errors by enabling automated error reporting
On Android, enable βAuto Report Decryption Errorsβ in the settings
If you are using Nightly or develop.element.io, you can help us fix decryption errors by enabling βAutomatically send debug logs on decryption errorsβ
Release candidate was late as we have more regressions and release blockers than normal: last minute fixes include a couple of crashes when hanging up a call from the picture-in-picture view and in the appearance tab of settings, plus chasing a crashing bug on Linux.
Metaspaces has landed in the release candidate: it will give you a new way to group your favourites, DMs and rooms outside of spaces. You can switch these on in the Quick Settings menu at the bottom left from Monday.
Bubble layout for messages has landed for the upcoming release!
This release will update to Electron 15 which uses a newer Chromium, so if you host your own Jitsi, please make sure itβs up to date, or you may find calls start breaking.
Nightly testing went well on Tuesday, with 47 test cases showing up 15 new issues
In labs (you can enable labs in settings on develop.element.io or on Nightly)
New thread fallback using the reply chain
Better stability when home server supports threads API defined in MSC3440
We are intending to add the new and improved search to the next release candidate on 8th Feb, community testing planned for next week
Find more about Cinny at https://cinny.in/
Join our channel at: https://matrix.to/#/#cinny:matrix.org
Github: https://github.com/ajbura/cinny
Twitter: https://twitter.com/@cinnyapp
Matrix highlight got experimental support for Firefox! It's still a bit crashy, but it shouldn't be much harder to stabilize it, and get the tool working properly there, too. Firefox is my personal browser of choice, and others have requested it, so it's nice that it's on the horizon :)
Also, after the discussion in Matrix Live and with some minor tweaks, I was able to get the extension to play nice with conduit! So that's now a viable alternative if you want to use Matrix Highlight with your own, self-hosted server.
Circles is a project to build a secure, end-to-end encrypted social network using Matrix technology.
This week the primary focus was on updating Circles to work with the latest Matrix iOS SDK. I also successfully built and packaged the first beta release from an Apple M1 Mac.
The next step is to develop and integrate a new, more secure password-based login based on the BS-SPEKE protocol. This will replace Circles' current approach, which is described in MSC3265. Hopefully the new login flow will also be of interest to the broader Matrix community.
Our search continues for an Android developer to help us bring Circles to the world's largest mobile device platform. If you are excited about working with Matrix, Android Studio, and Jetpack Compose, send a resume and cover letter to jobs@futo.org.
Trixnity version 1.1.0 has been released! It adds support for room key backup, which makes developing a matrix client a lot more comfortable.
Here is the changelog:
Added key backup support!
RoomService::getAll() returns a reactive list of reactive rooms instead of a reactive list of rooms. This allows to implement huge room lists without performance losses in the UI.
Some reactive data can be accessed in a non reactive way. Note that you will then only get a snapshot of the data.
Prevent sending room keys as to device messages, when they cannot be encrypted (e.g. due to missing one time keys).
Hello again! Halcyon is a python Matrix bot library created with the intention of being easy to install and use.
With this release, we have reached our second release milestone! Check out the roadmap in notes.md (located in the repository), for what is planned for RC3!
I'm really happy about the performance and functionality gains for this release. If you have any questions or bug reports, come and chat with us over in https://matrix.to/#/#halcyon:blackline.xyz
More info at on the project at https://github.com/WesR/Halcyon
Added
Detailed room info is here! The bot will now cache and provide room info with each message, automatically refreshing in the background. Check out usage.md for info on what is provided
get room admin / moderators, topic, related groups and more
Better polling through long polling (Thanks @forden:matrix.org for pointing out this improvement)
send images with the new send_image() function. It includes simple toggles for blurhash and thumbnail generation
More examples in /examples
General roadmap and documentation updates
Fixed
A fix for the slow polling, which might have also caused issues on systems with frequent network drops (Thanks @octt:matrix.org)
Bubo is a friendly little owl (bot) that helps maintain your community. It's been over a year since cutting the last release, so the changelog contains a bunch of things, namely:
Added command to set power levels in rooms.
Added users command to list and create users in a configured Keycloak. Optionally send invites via keycloak-signup, a web app that allows self-registering with Keycloak via short lived tokens.
Add logging to a Matrix room.
Bubo admins and coordinators can now be set based on room memberships.
Add command to make Bubo unlink and part itself from a room.
Add command to list rooms Bubo maintains but is not admin in.
Add command to recreate a room. This follows the upgrade room functionality, but does it without needing admin permissions (basically almost everything except a tombstone event). Useful if for example you have accidentally lost admin in a hundred or so rooms in your community. Which may have happened π
The communities command is now deprecated (support for spaces coming in the next version).
Additionally some other changes and fixes, see changelog for full details.
Plans for next up features include syncing with Discourse to replicate spaces from Discourse groups and populate space members from Discourse group memberships (when Discourse shares the same Keycloak SSO provider with the homeserver).
πReaching another feature Milestone β Submitting images via Matrix Art.
Matrix Art now supports logging in with any account (well-known not supported yet. You need to provide the full server address) and submitting images through the interface.
You can now either just log in (No benefit though at this time as comments and follows are missing) or create a Matrix Art Profile.
An Account can also be created later. An Account would create a Profile room at #<mxid> on your server if it doesn't exist.
This currently is only possible by doing a logout and login in again with the box checked. A better way will be added soon.
Editing the Profile is not yet implemented at this time.
These 2 changes should allow some people to experiment with this. Mobile design is not tested at this time.
Submits should work. If you were previously logged in, you will need to log out and back in for some variables to get set correctly.
Registration is still WIP as there is some more moderation prep needed before the server accepts the registrations.
I hope people cheer in and post their images :)
(Also, please use the nsfw flag if required. This will make them hidden on the front page but shown in your profile page. I will block people that don't use it from the instance otherwise. Please be sensible.)
Apparently, a German school forked FluffyChat and is using it for homeschooling: https://www.golem.de/news/matrix-grundschule-forkt-messenger-2201-162562.html
(German only news article)
Sources: https://gitlab.com/hermanncoders/hermannpost
