* clarify otk and fallback key types in examples
- remove unsigned curve25519 keys from examples because we don't use those for
otks and fallback keys
- add missing `device_unused_fallback_key_types` property, which is required
* add changelog
* Clarify that the key backup MAC is implemented incorrectly
Due to a bug in libolm, all implementations of the
m.megolm_backup.v1.curve25519-aes-sha2 key backup algorithm incorrectly
pass an empty string through HMAC-SHA-256 to generate the `mac` property
of the `session_data`.
It was intended for the entire raw encrypted data to be passed through
HMAC-SHA-256, but the issue was caught too late in the process, and thus
we are stuck with this until a new key backup algorithm is introduced.
This commit clarifies the real-world behavior of all current
implementations.
Signed-off-by: Sumner Evans <sumner@beeper.com>
* Make clear the thread root is not in the thread
Signed-off-by: Andy Balaam <andy.balaam@matrix.org>
* Changlog entry for thread PR 1677 - thread roots not in thread
* Fix typo
* Add formatting for code values.
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
* Reword main timeline ID paragraph
* Use close to the original wording for the 'recurse' part of the 'in the thread' definition
* Remove note about thread roots being displayed in a thread
* Define the thread root
---------
Signed-off-by: Andy Balaam <andy.balaam@matrix.org>
Co-authored-by: Patrick Cloke <clokep@users.noreply.github.com>
This is already mentioned for /user/devices, but is not mentioned for /query/profile, /user/keys/claim, or /user/keys/query.
See GHSA-mp92-3jfm-3575 for an issue found with this in Synapse.
* Upgrade most github actions
Gets rid of warning in CI complaining about those actions
using node 12.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Upgrade node version used to run scripts
Use the latest LTS
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
... and other improvements
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update server-server-api.md
I have updated the list of Resolving server names in step 3 from unordered list to ordered list. Because we care about its order
* Create 1567.clarification
* Delete 1567.clarification
* Create 1623.clarification
* Update 1623.clarification
* Remove duplicate words.
* Add information on room version 11.
* Note some event changes.
* Newsfragment
* Fix-up event schema.
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix 'new in this version'.
* Clarify creator field.
* Fix-up event format & examples.
* Move the Redactions section to the client section.
* Reference the sender instead of the creator.
* More links
* Even more links.
* Fix order of headers.
* Fix typos.
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Clarify description of creator.
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Clean-up intro paragraphs for redactions.
* Clean-up examples and language.
* Review comments.
* FIx-up markup tags.
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add MSC2249 support
* changelog
* Add a line on verification
* Changes based on review feedback
* Apply suggestions from code review
Co-authored-by: Travis Ralston <travpc@gmail.com>
* move tags field to the bottom of report_content.yaml
* fix duplicated content
now how did that happen
* fix up the 404 response schema
it wasn't displaying correctly in the rendered spec otherwise
* remove erroneous schema reference
* 1.7 -> 1.8
Co-authored-by: Travis Ralston <travpc@gmail.com>
---------
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
* Specify our usage of ABNF for grammar
* Create 1582.clarification
* Update meta/documentation_style.rst
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Was previously using <a name="..."> elements which just
add another anchor rather than changing the existing one.
They also use a deprecated HTML attribute and in some cases
broke the header display.
Fixes#1572.
Signed-off-by: Midnight Veil <midnightveil@fea.st>
* Bump the version of jsonschema
OpenAPI 3.1 uses JSON Schema Draft 2020-12 so we need a version that
supports it.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Fix PR number
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add a spec release checklist issue template
because I'm tired of copy/paste
* Document a chunk of our release approach
This should probably go elsewhere, but here is fine for now as a SCT-referenced doc/content.
* changelog
* Brief clarifications
* Mark the appservice ping response duration_ms field as required
As intended in MSC2659.
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Add changelog
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
---------
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
* Change version field to a string
And add the notes on how the version field works.
* Add spec requiring tracks to be within streams.
* Put streams spec in its own section
* Add 'invitee' field
* Add party_id
* Remember how JSON works
* Add m.call.select_answer
* Update examples
* Add select_answer to call flow example diagram
* Add m.call.reject
* Make party_id required in other events
* Add possible ways for client to handle an invite
* Convert hangup & reject events to YAML
So we can have a bulleted list in the description for the values
of 'reason'.
* Add new reason codes to hangup & reject
* Add m.call.negotiate
* Add other sections
* Revert changes to package lock
* Typos
* Fix type of other version fields, fix anchor.
* Add newsfragment
* Fix reason in hangup/reject
* Change tense
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Tense, typos & grammar
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Linkify
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Remove unnecessary parts from link
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Capitalise
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Fix hangup reasons
* Clarify who can answer
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Linkify
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Remove reference to 'this MSC'.
* Move common VoIP fields into a call event type.
* Move common voip events to the content, not the actual event
* Remove reason from reject event
I confused myself, but it's not in the MSC and it shouldn't be.
* Failure to YAML
* Fix number of room members allowed when sending voip events.
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Add 'added in' version
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Another added-in
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* Add missing comma
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
Co-authored-by: Travis Ralston <travisr@matrix.org>
* Specify MSC3882: Using an existing session to log in another
MSC: https://github.com/matrix-org/matrix-spec-proposals/pull/3882
* Changelog entries
* Update data/api/client-server/login.yaml
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Link to endpoint
* Copy/paste `auth` dict definition
* Move get_token API to the correct version prefix (v1, not v3)
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add `allow_redirect` query parameter to relevant media endpoints
* Add added in version flag to `allow_redirect` params
* Add 307/308 responses to media endpoints
* Add changelogs
* Remove the `dont_notify` and `coalesce` push rule actions.
Per MSC3987, these should both be considered no-ops.
* Remove obsolete dont_notify from default rules.
* Remove obsolete dont_notify from examples.
* "MXC URI" -> "`mxc://` URI"
We're a bit inconsistent with this currently, and IMHO "`mxc://` URI" is more
explicit.
* Update content/client-server-api/modules/content_repo.md
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* more MXCs
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
There was substantial confusion around this, but I've done some archaeology.
Basically, this was changed back in r0.5.0 by MSC1304 and matrix-org/synapse#3397. Before that, it was indeed the case that state_default was 0 if there was no m.room.power_levels event, but that was confusing and a source of security holes, so we changed it.
matrix-org/matrix-spec-proposals#1656 changed the spec, but apparently overlooked the text in the description.
Reverts: #1478.
Fixes: #861.
* Add information on MSC3758: event_property_is.
* Add information on MSC3966: event_property_contains.
* Add information on MSC3873 dotted-path escape rules.
* Newsfragment
* Update sync filter with ref to appendix.
* Escape example key.
* Fix typos.
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Fix links.
* Clarify the appendix a bit.
* Clarify support values.
* Add MSC3980 to changelog.
---------
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
* Mention that `state_default` can be zero by default.
* Changelog
* Update data/event-schemas/schema/m.room.power_levels.yaml
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
I've done my best to remove the word "bundle", because I feel like it causes
more confusion than it provides. Instead I have favoured "aggregated child
events" which I think is clearer.
Some general clarification around these parts of the spec.
* `cross_signing_key.yaml`: the parameter documentation already restricts the number of properties
* `receipts.yaml`: use `maxProperties: 0` to say the object is empty (the comment is still there but is not really needed any more)
Signed-off-by: Alexey Rusakov <Kitsune.Ral@users.sf.net>
This strives to fix all remaining cases where additional attributes
(most often 'description' but not only) are provided next to $ref
by wrapping $ref in allOf; and also drops allOf in a couple of places
where $ref is the only element under it.
The syntax is incorrect and would require to use allOf
because a $ref can't have siblings.
However the only field not overwritten of that definition is room_id,
so we include it instead of the $ref
Signed-off-by: Kévin Commaille <zecakeh@tedomum.fr>
Originally the tags used to be bold, followed by a colon and separated
into two columns in a table. This at least restores the table aspect,
which makes it clear, that font is not an attribute (and similar).
This seems to have gotten lost in the transition to the new design.
Signed-off-by: Nicolas Werner <nicolas.werner@hotmail.de>
* replace "<content>" with "content"
This parameter that's part of the content-repo openapi spec causes generators to mess up
* added changelogs
* Update changelogs/internal/newsfragments/1370.clarification
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>
* Change default room version from 9 to 10 in accordance with MSC3904
* Add changelog entry with assumed PR number.
* Fix missing comma in changelog.
Co-authored-by: Travis Ralston <travpc@gmail.com>
Co-authored-by: Travis Ralston <travpc@gmail.com>