Changelog:
Version 4.1.2 (2023-12-03)
Bug fixes
o core: fix value of buffer variable "num_history" when the value defined
in option weechat.history.max_commands is reached
o core: remove incorrect warning when binding keys F10 to F20 (issue #
2039)
o core: fix memory leak when config version is invalid or not supported
o core: fix crash when "config_version" is present in a configuration
file without a value
o core: display an error on startup if environment variable "HOME" is not
set
o irc: remove trailing "\r\n" in signals "irc_out" and "irc_outtags" when
messages are queued
o irc: fix target buffer of IRC message 337 (whois reply: "is hiding
their idle time")
o relay: close properly connection with the IRC client in case of server
disconnection (issue #2038)
o ruby: fix use of NULL variable when displaying exception
Twitch chat in the terminal. Feature list:
- Read/send/search messages
- Switch channels
- Create and toggle filters
- Command, channel, and mention suggestions
- Customize functionality and looks to your liking using a config file
This enables support for libsoup3.
Use libsoup3 instead of libsoup2
so that no libsoup2 dependency
exists, this fixes the crash on
startup described in pkg/57733 .
The committer has tested to start
dino and it starts up with this
update.
Closes PR pkg/57733
v0.20.3 (2023-11-10)
* *(client)* Deprecated MSC2716 methods and added new Beeper-specific batch
send methods, as upstream MSC2716 support has been abandoned.
* *(util.async_db)* Added `PRAGMA synchronous = NORMAL;` to default pragmas.
* *(types)* Fixed `guest_can_join` field name in room directory response
v0.20.2 (2023-09-09)
* *(crypto)* Changed `OlmMachine.share_keys` to make the OTK count parameter
optional. When omitted, the count is fetched from the server.
* *(appservice)* Added option to run appservice transaction event handlers
synchronously.
* *(appservice)* Added `log` and `hs_token` parameters to `AppServiceServerMixin`
to allow using it as a standalone class without extending.
* *(api)* Added support for setting appservice `user_id` and `device_id` query
parameters manually without using `AppServiceAPI`.
v0.20.1 (2023-08-29)
* *(util.program)* Removed `--base-config` flag in bridges, as there are no
valid use cases (package data should always work) and it's easy to cause
issues by pointing the flag at the wrong file.
* *(bridge)* Added support for the `com.devture.shared_secret_auth` login type
for automatic double puppeting.
* *(bridge)* Dropped support for syncing with double puppets. MSC2409 is now
the only way to receive ephemeral events.
* *(bridge)* Added support for double puppeting with arbitrary `as_token`s.
v0.20.0 (2023-06-25)
* Dropped Python 3.8 support.
* **Breaking change *(.state_store)*** Removed legacy SQLAlchemy state store
implementations.
* **Mildly breaking change *(util.async_db)*** Changed `SQLiteDatabase` to not
remove prefix slashes from database paths.
* Library users should use `sqlite:path.db` instead of `sqlite:///path.db`
for relative paths, and `sqlite:/path.db` instead of `sqlite:////path.db`
for absolute paths.
* Bridge configs do this migration automatically.
* *(util.async_db)* Added warning log if using SQLite database path that isn't
writable.
* *(util.program)* Fixed `manual_stop` not working if it's called during startup.
* *(client)* Stabilized support for asynchronous uploads.
* `unstable_create_msc` was renamed to `create_mxc`, and the `max_stall_ms`
parameters for downloading were renamed to `timeout_ms`.
* *(crypto)* Added option to not rotate keys when devices change.
* *(crypto)* Added option to remove all keys that were received before the
automatic ratcheting was implemented (in v0.19.10).
* *(types)* Improved reply fallback removal to have a smaller chance of false
positives for messages that don't use reply fallbacks.
The default DEPMETHOD for vala's bl3 is "build", so there's no point
duplicating that in each package. Given that it is only ever a build
dependency, completely remove the indirect dependencies as they should not
be made available. Also remove obsolete BUILDLINK_API_DEPENDS settings.
Tested with a few of the affected packages.
New features
- Add support for searching scrollback for specific posts/threads
- Allow ignoring Mattermost server version when checking if supported
- Support for mattermost version 9
Enhancement
- Include thread context for matterircd style hex numbers for replay and
scrollback
- Emphasize system and reaction messages
- Use static initialisation for regular expressions to optimize
- Convert Mattermost markdown formatting / emphasis to IRC
- Update scrollback to support @@msgthreadID and the MM postlist URL
Bugfix
- Fix incorrect msg/thread counters
Fixes build with python 3.11
Changes from changelog:
0.14.0 (2023-08-03)
===================
Changes:
- Introduce new `/privacy command (#1836, #1870)
`/os` -> `/privacy os`
`/privacy logging`
- Fix crash when using NetBSD curses implementation (#1769)
- Fix OMEMO autodetection in autotools (#1865)
- Add ability to completely turn logs off (#1857)
- Extend /pgp command to make key exchange procedure easier (#1850)
Used by PSI and Pidgin as well.
- Add ability to download and install plugins directly (#1842)
`/plugins install`
- Improvements for /executable and /avatar code (#1845)
- Add ability to disable avatar publishing (#1843)
- Fix /plugins update (#1840)
- Improve logging (#1835)
- Add feature that can warn you when another client logs in (#1827)
`/account set <account> session_alarm <max_sessions>`
- Don't add the same command twice to history (#1829)
- Improve manpage to inform users about encryption (#1823)
- Fix possible crash in PGP/OX (#1823)
- Add nickname support for /roster remove (#1826)
- Fix JID display in titlebar (#1816)
- Allow setting client identification (#1815)
`/account set <account> clientid`
- Add /statusbar tabmode actlist (#1813)
- Fix color name in batman theme (#1810)
- Fix empty window after reconnect (#1556)
- Support passing flags to editor (#1801)
- OTR and PGP fixes (#1802)
- Adapt to g_string_free glib 2.75.3 change (#1799)
- Improve OMEMO QR code (#1796)
- Improve OMEMO help (#1838)
- Fix duplicate download IDs (#1794)
- Add macro for possible NULL prints and use it on known sports
- Prevent setting invalid combination of libstrophe flags
- Fix libstrophe timer-callback usage
- Fix memory leaks (#1780, #1814, #1837)
- Code cleanup
- Add `now` option to `/reconnect` command (#1809)
- Add `/strophe` command to modify libstrophe-specific settings
- Fix xscreensaver detection (#1783)
- Make `/url save` autocomplete filenames after a url (#1783)
- Improve MAM support (#1724, #1791, #1868)
- Add vCard support (XEP-0054) (#1757)
- Fix autocompletion for lastactivity
- Improve /msg and /win autocompletion: autocomplete roster nickname
and actual barejid
- UI improvements (#1800, #1773, #1821)
0.13.1 (2022-10-12)
===================
Changes:
- Fix configure parameter detection (#1752, #1753)
- Improve plugins management (#1755)
- Fix build with plugins enabled for Python >= 3.11 (#1756)
- Add gruvbox_transparent theme optimized for enabled transparency
- Fix detection of first start used for welcome screen (#1767)
- Improve opening of URLs by spawning external program asynchronously
0.13.0 (2022-09-13)
===================
Changes:
- Print OMEMO verification QR code (#1320, #1568, #1718, #1720)
`/omemo qrcode`
- Add option to configure stamp (#1663)
- Allow bold for default colors (#1674)
- Add irssi theme (#1680)
- Include useful aliases in profrc example (#1683)
- Improve man pages (#1688, #1703)
- Show return symbol for embedded newlines in multiline messages
- Fix xscreensaver detection (#1696)
- Add support for offline MUC notifications (#1697)
`/notify room offline on|off`
- Fix SIGABRT when using wrong argument order for receiving ox key
- Use 3 digits for rotated log files (#1701)
- Fix autocomplete for /ox discover. (#1702)
- Fix segfault on /ox discover (#1713, #1715)
- Fix OX rpad generation (#1703)
- Don't forget encryption status for OX and PGP. (#733, #1694, #1722)
- Several OX improvements (#1703, #1705)
- Fix room name not updating. (#1710, #1711)
- Update capabilities of muc on available presence (#1347, #1712)
- Add /avatar set command to publish avatar (#1687, #1714)
- Respect silent nick change in mucs (#757, #1716)
- Fix duplicate messages in chat with oneself. (#1595, #1717)
- Improve cmd argument parser (#497, #1721)
- Make display of user mood optional (#1725)
- Switch log level while running (#1726)
- Split chatlog and log functions in separate files (#1727)
- Split pgp and ox into separate files (#1728)
- Various cleanups (#1729)
- Don't scroll if not needed (#1730)
- Retrieve encryption type from db (#1731)
- Be more resilient when receiving empty messages (#1734)
- Display a welcome message upon first start of Profanity (#1735)
Explain for new users how to connect/set up a new account
- Fix /autoaway command logic (#1736)
- Fix segfault when requesting an avatar (#1738, #1740)
- Integrate XEP-0198 Stream-Management (#698, #1745, #1746)
- Fix avatar opening executable (#1742, #1748)
- Let slashguard ignore quoted messages (#1732)
- Update DOAP
Behaviour changes:
- Use ISO8601 as date format in chat logs and log files (#1700)
- Increase default log file size to 10MB (#1701)
- Name rotated log files profanity.001.log instead of profnaity.log.001
- Log encrypted messages by default to chatlog (#1707)
- Dont show presence status changes by default (59b9b44)
profanity 0.14.0 needs this new version.
pkgsrc changes:
remove patch-configure.ac, applied in this version.
changes from changelog:
0.12.3
- Improve TCP-connection establishment (#221)
- Handle case where the server doesn't provide the `bind`
feature (#224)
- Fix configure script for non-bash shells (#218)
- Parse JID's according to RFC7622 (#219)
- Fix potential memory leak in internal DNS resolver (#219)
- Fix potential memory leaks in `xmpp_conn_set_cafile()` and
`xmpp_conn_set_capath()` (#219)
- Internal improvements (#219)
0.12.2
- Fix reconnect issues when Stream Management is enabled (#211)
- Fix resolver ... this time for real hopefully (fixup of #200) (#214)
- Fix clearing of password cache on resumed connection (#214)
- Improve detection&implementation of `va_copy` (#213)
- Fix Valgrind CI builds against LibreSSL (#212)
- Fix perf example on platforms where an `rdtsc()` equivalent
isn't implemented (#212)
0.12.1
- Fix compilation in buildroot (#207)
- Fixes regarding OpenSSL (#208)
- Fix some build steps when builddir != srcdir (#208)
- Allow the user to disable build of examples (#209)
- CI builds against OpenSSL 3 (#206)
- Change the call signature of the following API:
- xmpp_conn_set_client_cert() - the PKCS#12 file has now to
be passed via the `cert` parameter. Originally it
was via `key`. Currently both styles are supported,
but in a future release only passing via `cert` will be
accepted.
This follows the recommended bootstrap method (flit_core, build, installer).
However, installer installs different files than pip, so update PLISTs
for all packages using wheel.mk and bump their PKGREVISIONs.
Upstream NEWS content less bugfixes, minor improvements, improved
documentation, etc.
1.95.0:
none
1.94.0:
* Security
The following issue is fixed in 1.94.0 (and RC).
GHSA-5chr-wjw5-3gq4 / CVE-2023-45129 — Moderate Severity
A malicious server ACL event can impact performance temporarily or permanently leading to a persistent denial of service.
Homeservers running on a closed federation (which presumably do not need to use server ACLs) are not affected.
* Features
Render plain, CSS, CSV, JSON and common image formats in the browser (inline) when requested through the /download endpoint. (#15988)
Add experimental support for MSC4028 to push all encrypted events to clients. (#16361)
Minor performance improvement when sending presence to federated servers. (#16385)
Minor performance improvement by caching server ACL checking. (#16360)
1.93.0:
* Security
The following issues are fixed in 1.93.0 (and RCs).
GHSA-4f74-84v3-j9q5 / CVE-2023-41335 — Low Severity
Temporary storage of plaintext passwords during password changes.
GHSA-7565-cq32-vx2x / CVE-2023-42453 — Low Severity
Improper validation of receipts allows forged read receipts.
* Features
Add automatic purge after all users have forgotten a room. (#15488)
Restore room purge/shutdown after a Synapse restart. (#15488)
Support resolving homeservers using matrix-fed DNS SRV records from MSC4040. (#16137)
Add the ability to use G (GiB) and T (TiB) suffixes in configuration options that refer to numbers of bytes. (#16219)
Add span information to requests sent to appservices. Contributed by MTRNord. (#16227)
Add the ability to enable/disable registrations when using CAS. Contributed by Aurélien Grimpard. (#16262)
Allow the /notifications endpoint to be routed to workers. (#16265)
Enable users to easily unsubscribe to notifications emails via the List-Unsubscribe header. (#16274)
Report whether a user is locked in the List Accounts admin API, and exclude locked users by default. (#16328)
1.92.x:
* Security
Pillow requirement in 10.0.1, not because it's actually required,
but because other packaging systems don't handle updates correctly
(libwebp).
1.91.x:
Revert MSC3861 introspection cache, admin impersonation and
account lock. (Labeled bugfix, but written in a way that makes it
seem far more important.
* Features
Add configuration setting for CAS protocol version. Contributed by Aurélien Grimpard. (#15816)
Suppress notifications from message edits per MSC3958. (#16113)
Return a Retry-After with M_LIMIT_EXCEEDED error responses. (#16136)
Add last_seen_ts to the admin users API. (#16218)
Improve resource usage when sending data to a large number of remote hosts that are marked as "down". (#16223)
Instead of depending on one of the removed packages (that are now included
in the base Python packages), include batteries-included.mk to require
a Python version that supplies them.
Remove now included packages.
Bump PKGREVISION.
This a small point release that primarily improves the flow for in-band
registration. It removes a large number of the previously recommended servers
since they no longer support registration, and solves other issues related to
registration. This is the first release containing rudimentary support for a
global application stylesheet. This will later provide support for customized
styling by the end-user.
- pkgsrc
* Emacs 28 friendly by correcting make-obsolte function argument
(by patches)
- Upstream info:
* New features in jabber.el latest git
** Support for reading passwords from netrc/authinfo files
Use "machine example.com login username password s3cret port xmpp".
** Support for roster's groups roll state saving
** Full support for XEP-0012
Response of idle time.
** Support for XEP-0202
Entity Time for request/response time as main method.
** Support for automatic MUC nicks colorization
See "Customizing the chat buffer" in the manual.
** XML Console
Log all received/sending XML stanzas into special buffer. Also can be
used to send custom XML stanzas manually.
** Autoaway
Support for list of autoaway methods. Support for Xa. See section "Autoaway" in manual.
** MUC
MUC participants list format is now customizable: see
jabber-muc-print-names-format in manual. Also, participants sorted by
role.
** Treat XML namespace prefixes correctly
A change in the Google Talk server has brought to light the fact that
jabber.el didn't handle XML namespace prefixes correctly. This should
be fixed by the new jabber-xml-resolve-namespace-prefixes function.
packaging changes
- avoid pydantic 2, as upstream has not yet coped with pydantic upstream instability
- upstream dropped 3.7 after pkgsrc, so no action required
Upstream news
* 1.91.1
Features
Implements an admin API to lock an user without deactivating them. Based on MSC3939. (#15870)
Allow specifying client_secret_path as alternative to client_secret for OIDC providers. This avoids leaking the client secret in the homeserver config. Contributed by @Ma27. (#16030)
Allow customising the IdP display name, icon, and brand for SAML and CAS providers (in addition to OIDC provider). (#16094)
Add an admins query parameter to the List Accounts admin API, to include only admins or to exclude admins in user queries. (#16114)
Bugfixes
[most omitted but the next line is very serious]
Fix a bug introduced in 1.87 where synapse would send an excessive amount of federation requests to servers which have been offline for a long time. Contributed by Nico. (#16156, #16164)
* 1.90.0
Features
Scope transaction IDs to devices (implement MSC3970). (#15629)
Remove old rows from the cache_invalidation_stream_by_instance table automatically (this table is unused in SQLite). (#15868)
Deprecations and Removals
Remove support for legacy application service paths. (#15964)
Move support for application service query parameter authorization behind a configuration option. (#16017)
* 1.89.0
Features
Add Unix Socket support for HTTP Replication Listeners. Document and provide usage instructions for utilizing Unix sockets in Synapse. Contributed by Jason Little. (#15708, #15924)
Allow + in Matrix IDs, per MSC4009. (#15911)
Support room version 11 from MSC3820. (#15912)
Allow configuring the set of workers to proxy outbound federation traffic through via outbound_federation_restricted_to. (#15913, #15969)
Implement MSC3814, dehydrated devices v2/shrivelled sessions and move MSC2697 behind a config flag. Contributed by Nico from Famedly, H-Shay and poljar. (#15929)
Deprecations and Removals
Remove support for calling the /register endpoint with an unspecced user property for application services. (#15928)
* 1.88.0
Breaking Changes
raises the minimum supported version of Python to 3.8, as Python 3.7 is now end-of-life, and
removes deprecated config options related to worker deployment.
Features
Add not_user_type param to the list accounts admin API. (#15844)
Deprecations and Removals
Remove deprecated worker_replication_host, worker_replication_http_port and worker_replication_http_tls configuration options. See the upgrade notes for more details. (#15860)
Remove support for Python 3.7 and hence for Debian Buster. (#15851, #15892, #15893, #15917)
* 1.87.0
Features
Improve /messages response time by avoiding backfill when we already have messages to return. (#15737)
Add spam checker module API for logins. (#15838)
Deprecations and Removals
Remove experimental MSC2716 implementation to incrementally import history into existing rooms. (#15748)