* Support for creator power level
Adds support for infinite power level specified by [MSC4289](https://github.com/matrix-org/matrix-spec-proposals/pull/4289).
* Update unit test
* Hardcode versions
as room versions strings aren't ordered
* Add test for v12 rooms
* Use more compact syntax
* Fix doc
* Fix additionalCreators from PR edit
* Split out hydra room version check
* Move power level logic into room state
Which already has knowledge of the room create event
* Add docs
* Fix unused bits
* Fix docs
* Fix lying docstring
* Reverse logic for hydra semantics
Assume unknown room versions do use hydra
* Use backticks
* Switch back to hardcoding just the two hydra versions
---------
(cherry picked from commit e119bf9040)
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: R Midhun Suresh <hi@midhun.dev>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* tests: Cross-signing keys support in `E2EKeyReceiver`
Have `E2EKeyReceiver` collect uploaded cross-signing keys, so that they can be
returned by `E2EKeyResponder`.
* tests: Signature upload support in `E2EKeyReceiver`
Have `E2EKeyReceiver` collect uploaded device signatures, so that they can be
returned by `E2EKeyResponder`.
* tests: Implement `E2EOTKClaimResponder` class
A new test helper, which intercepts `/keys/claim`, allowing clients under test
to claim OTKs uploaded by other devices.
* Expose experimental settings for encrypted history sharing
Add options to `MatrixClient.invite` and `MatrixClient.joinRoom` to share and
accept encrypted history on invite, per MSC4268.
* Clarify pre-join-membership logic
* Improve tests
* Update spec/integ/crypto/cross-signing.spec.ts
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
* test: add a flushPromises
this seems to be needed because `initRustCrypto` now ends up doing slightly
less awaiting
* Support new `ShieldStateCode.MismatchedSender`
* Update to matrix-sdk-crypto-wasm 15.1.0
* Add `waitFor` and use it instead of `flushPromises`
* minor lints and fixes
* another lint fix
* Factor out `BaseRequestOpts`
... to make it easier to find the docs from methods that use it.
* fetch api: add support for downloading raw response
I need to make an authenticated request to the media repo, and expect to get a
binary file back. AFAICT there is no easy way to do that right now.
* Clarify doc strings
* Various fixes
Currently, this is looking for a `json` property on `IHttpOpts`. There is no
such property, so that part of the declaration is completely redundant, and we
may as well remove it.
I looked into making it check `IRequestOpts`, which *does* have a `json`
property, but couldn't make it work.
Also add some docs, while we're there.
* add custom local timout + add delay to 0 for normal local timeout.
* consider retry limits for new custom error
* mock the AbortError so we can reuse `actionUpdateFromErrors`
* update comment
* RTCEncryptionManager: Joiner key rotation grace period
* Test to clarify useKeyDelay and keyRotationGracePeriodMs interference
* make test more configurable
* rename delayRolloutTimeMillis to useKeyDelay same as config option
* rename skipRotationGracePeriod to keyRotationGracePeriodMs
* clarify that oldMemberships is not used by RTCEncryptionManager
* improve doc
* cleanup test
* more comment in test
* comment additions
* cleanup runOnlyPendingTimers
---------
Co-authored-by: Timo <toger5@hotmail.de>
* Make it easier to mock call memberships for specific user IDs
* Allow sending notification events when starting a call
* rename notify -> notification
* replace `joining` concept with `ownMembership`
* introduce new `m.rtc.notification` event alongside `m.call.notify`
* send new notification event alongside the deprecated one
* Test for new notification event type
* update relation string to match msc
* review
* fix doc errors
* fix tests + format
* remove anything decline related
---------
Co-authored-by: Timo <toger5@hotmail.de>
* Add `DebugLogger` type for logging matrix-js-sdk to `debug`
* unit tests for DebugLogger
* Use `DebugLogger` in some tests
* Use `DebugLogger` in rust-crypto.spec
* test-utils: silence some logging
* refactor: New encryption manager BasicEncryptionManager for todevice
fixup: bad do not commit
* fix: ToDevice transport not setting the sent_ts
* test: BasicEncryptionManager add statistics tests
* code review
* feat: Encryption manager just reshare on new joiner
* refactor: Rename BasicEncryptionManger to RTCEncryptionManager
* fixup: RTC experimental todevice should use new encryption mgr
* fixup: use proper logger hierarchy
* fixup: RTC rollout first key asap even if no members to send to
* fixup: RTC add test for first key use
* fixup! emitting outbound key before anyone registered
* fix: quick patch for transport switch, need test
* test: RTC encryption manager, add test for transport switch
* post rebase fix
* Remove bad corepack commit
* review: cleaning, renaming
* review: cleaning and renaming
* stop using root logger in favor of a parent logger
* post merge fix broken test
* remove corepack again
* fix reverted changes after a merge
* review: Properly deprecate getEncryptionKeys
* review: rename ensureMediaKeyDistribution to ensureKeyDistribution
* review: use OutdatedKeyFilter instead of KeyBuffer
* Use client logger for `RustBackupManager`
* use client logger in `CrossSigningIdentity`
* use client logger in `OutgoingRequestProcessor`
* RoomEncryptor: use correct logger for logDuration
use the logger for this specific event, rather than the more general one for the room
* Use client logger in `RoomEncryptor`
* Use client logger for sync
Use the logger attached to the MatrixClient when writing log messages out of
the sync api. This helps figure out what's going on when multiple clients are
running in the same JS environment.
* Use client logger for to-device message queue
* Use client logger in `PushProcessor.rewriteDefaultRules`
* use client logger in `ServerCapabilities`
* Mark global `logger` as deprecated
* Test: stop loading Olm into global namespace
Now that the js-sdk no longer relies on libolm, there is no need to populate
`globalThis.Olm`. Remove the code that did so (or relied on it being done).
* fix lint
* crypto: Add new ClientEvent.ReceivedToDeviceMessage
refactor rename ProcessedToDeviceEvent to ReceivedToDeviceEvent
* fix: Restore legacy isEncrypted() for to-device messages
* Update test for new preprocessToDeviceMessages API
* quick fix on doc
* quick update docs and renaming
* review: Better doc and names for OlmEncryptionInfo
* review: Remove IToDeviceMessage alias and only keep IToDeviceEvent
* review: improve comments of processToDeviceMessages
* review: pass up encrypted event when no crypto callbacks
* review: use single payload for ReceivedToDeviceMessage
* fix linter
* review: minor comment update
This prevents tsc from picking up random types from parent directories
such as in situations like an element-web layered build, and generally
seems like good hygiene as we don't want to pick up random types from
whatever directory we happen to be checked out into.
* Remove `LegacyMemberhsipManager`
* remove tests from rtc session
Those tests were only run with the legacy membership manager and are redundant with the memberhsip manager test spec.
* fix tests
* dont use non existing TestManager anymore
* remove fails for legacy
* fix another test
* Allow customizing the IndexedDB database prefix used by Rust crypto.
Related to #3974
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* Rename argument
---------
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* First pass implementation
* fix naming/docs
* apply lint
* Add test for existing behaviour
* Add happy path tests
* Fix bug identified by tests
* ... and this is why we add negative tests too
* Add some sanity tests
* Apply linter
* Ensure we send spec-compliant filter strings by stripping out null values
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow the embedded client to work without UpdateState version
* Test that RoomWidgetClient can receive state without update_state
* add sliding sync test
* sliding sync receive test
* review
* add doc comment
---------
Co-authored-by: Timo <toger5@hotmail.de>
* Check for `unknown variant` on to-device sending and fallback to room event encryption.
* fix tests
* fix error js-sdk api type
* Change logger from debug to warn for unsupported to-device transport and improve error message comments
* also add case for not supported
This will be send by the driver in case we sent an encrypted to-device but do not have support of that.
---------
Co-authored-by: Robin <robin@robin.town>
* Remove redundant sendDelayedEventAction
We do already have the state `hasMemberEvent` that allows to distinguish the two cases. No need to create two dedicated actions.
* fix missing return
* Make membership manager an event emitter to inform about status updates.
- deprecate isJoined (replaced by isActivated)
- move Interface types to types.ts
* add tests for status updates.
* lint
* test "reschedules delayed leave event" in case the delayed event gets canceled
* review
* fix types
* prettier
* fix legacy membership manager
* remove deprecated jitter.
* use non deprecated config fields (keep deprecated fields as fallback)
* update tests to test non deprecated names
* make local NewMembershipManager variable names consistent with config
* make LegacyMembershipManger local variables consistent with config
* comments and rename `networkErrorLocalRetryMs` -> `networkErrorRetryMs`
* review
* Switch from defer to Promise.withResolvers
As supported by the outgoing LTS version (v22) which has 99% support of ES2024
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* delint
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Deprecate defer instead of killing it
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Knip
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate based on review
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate based on review
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate based on review
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve coverage
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
The condition was inverted here, but the tests were passing because
they didn't add enough expiry time for the token expiry to be over
the threshold.
Fix the condition and tests, add another test and generally add a
bunch of comments so hopefully this is less confusing for the next
person.
Fixes https://github.com/element-hq/element-web/issues/29858
(cherry picked from commit fea619d34c)
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
The condition was inverted here, but the tests were passing because
they didn't add enough expiry time for the token expiry to be over
the threshold.
Fix the condition and tests, add another test and generally add a
bunch of comments so hopefully this is less confusing for the next
person.
Fixes https://github.com/element-hq/element-web/issues/29858
* Refactor how token refreshing works to be more resilient
1. ensure we do use the new token if it is not explicitly inhibited by the caller
2. eagerly refresh token if we know it is expired
3. allow refreshing a token multiple times if e.g. on bad connection or the environment has been slept and sufficient time has passed since the last refresh attempt
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add exponential backoff
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Ensure no timing effects on `authedRequest` method call
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Stabilise MSC3765
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Remove unstable content and hardcode property name
---------
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* use methodFactory extensions from the rootLogger in child loggers.
* use simple method factory copy AND `childLogger.setLevel(childLogger.getLevel());`
This is the important part that actually registers the new methods.
* add comments and find a way to make it clearer that the types are correct.
* review
* additionally fix MatrixRTCSessionManager being initialized before the extension is in place.
* Add comment to clarify order of log extensions and creating childs.
* review
* Set "loglevel" min version to guarantee access to `logger.rebuild`
* Fix token refresh racing with other requests and not using new token
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* MatrixRTC: ToDevice distribution for media stream keys
* test: Add RTC to device transport test
* lint
* fix key indexing
* fix indexing take two
- use correct value for: `onEncryptionKeysChanged`
- only update `latestGeneratedKeyIndex` for "this user" key
* test: add test for join config `useExperimentalToDeviceTransport`
* update test to fail without the fixed encryption key index
* review
* review (dave)
---------
Co-authored-by: Timo <toger5@hotmail.de>
* refactor: extract RoomKeyTransport class for key distribution
* refact: Call key transport, pass the target recipients to sendKey
* update IKeyTransport interface to event emitter.
* fix not subscribing to KeyTransportEvents in the EncryptionManager + cleanup
* fix one test and broken bits needed for the test (mostly statistics wrangling)
* fix tests
* add back decryptEventIfNeeded
* move and fix room transport tests
* dedupe isMyMembership
* move type declarations around to be at more reasonable places
* remove deprecated `onMembershipUpdate`
* fix imports
* only start keytransport when session is joined
* use makeKey to reduce test loc
* fix todo comment -> note comment
---------
Co-authored-by: Timo <toger5@hotmail.de>
* Remove redundant sendDelayedEventAction
We do already have the state `hasMemberEvent` that allows to distinguish the two cases. No need to create two dedicated actions.
* fix missing return
* Make membership manager an event emitter to inform about status updates.
- deprecate isJoined (replaced by isActivated)
- move Interface types to types.ts
* add tests for status updates.
* lint
* test "reschedules delayed leave event" in case the delayed event gets canceled
* review
* fix types
* prettier
* fix legacy membership manager
* Abstract logout-causing error type from tokenRefreshFunction calls
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve PushProcessor::getPushRuleGlobRegex
Fix cache key not taking non-pattern parameters into account
Use lookarounds to ensure the word boundary isn't treated as part of the match
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Export push processor method for converting matrix glob to regexp
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Export pushProcessor from MatrixClient
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add capturing group around pattern match
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve comment
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Switch sliding sync support to simplified sliding sync
Experimental PR to test js-sdk with simlified sliding sync.
This does not maintain support for regulaer sliding sync.
* Remove txn_id handling, ensure we always resend when req params change
* Fix some tests
* Fix remaining tests
* Mark TODOs on tests which need to die
* Linting
* Make comments lie less
* void
* Always sent full extension request
* Fix test
* Remove usage of deprecated field
* Hopefully fix DM names
* Refactor how heroes are handled in Room
* Fix how heroes work
* Linting
* Ensure that when SSS omits heroes we don't forget we had heroes
Otherwise when the room next appears the name/avatar reset to
'Empty Room' with no avatar.
* Check the right flag when doing timeline trickling
* Also change when the backpagination token is set
* Remove list ops and server-provided sort positions
SSS doesn't have them.
* Linting
* Add Room.bumpStamp
* Update crypto wasm lib
For new functions
* Add performance logging
* Fix breaking change in crypto wasm v8
* Update crypto wasm for breaking changes
See https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm/releases/tag/v8.0.0
for how this was mapped from the previous API.
* Mark all tracked users as dirty on expired SSS connections
See https://github.com/matrix-org/matrix-rust-sdk/pull/3965 for
more information. Requires `Extension.onRequest` to be `async`.
* add ts extension
* Fix typedoc ref
* Add method to interface
* Don't force membership to invite
The membership was set correctly from the stripped state anyway so
this was redundant and was breaking rooms where we'd knocked.
* Missed merge
* Type import
* Make coverage happier
* More test coverage
* Grammar & formatting
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove markAllTrackedUsersAsDirty from crypto API
Not sure why this was in there, seems like it just needed to be in
crypto sync callbacks, which it already was.
* Remove I from interface
* API doc
* Move Hero definition to room-summary
* make comment more specific
* Move internal details into room.ts
and make the comment a proper tsdoc comment
* Use terser arrow function syntax
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Move comment to where we do the lookup
* Clarify comment
also prettier says hi
* Add comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add tsdoc
explaining that the summary event will be modified
* more comment
* Remove unrelated changes
* Add docs & make fields optional
* Type import
* Clarify sync versions
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Make tsdoc comment & add info on when it's used.
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Rephrase comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Prettier
* Only fetch member for hero in legacy sync mode
* Split out a separate method to set SSS room summary
Rather than trying to fudge up an object that looked enough like the
old one that we could pass it in.
* Type import
* Make link work
* Nope, linter treats it as an unused import
* Add link the other way
* Add more detail to doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove unnecessary cast
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Remove length > 0 check
as it wasn't really necessary and may cause heroes not to be cleared?
* Doc params
* Remove unnecessary undefined comparison
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Put the comparison back
as it's necessary to stop typescript complaining
* Fix comment
* Fix comment
---------
Co-authored-by: Kegan Dougal <7190048+kegsay@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update all non-major dependencies
* Hold back eslint-plugin-matrix-org
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix running != isJoined
EC expects isJoined to represent if we should be in joined state or not. It does not correlate to what our actual state of the scheduler is. We used the scheduler running state before but on leave the running state will stay true until we successfully updated the room state.
EC expects isJoined to immediately be false.
This introduces a member variable `activated` that represents if the MemberhsipManager is trying to connect or trying to disconnect independent on the current state.
* simplify catch finally blocks
* OIDC: only pass logo_uri, policy_uri, tos_uri if they conform to "common base"
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* WIP doodles on MembershipManager test cases
* .
* initial membership manager test setup.
* Updates from discussion
* revert renaming comments
* remove unused import
* fix leave delayed event resend test.
It was missing a flush.
* comment out and remove unused variables
* es lint
* use jsdom instead of node test environment
* remove unused variables
* remove unused export
* temp
* review
* fixup tests
* more review
* remove wait for expect dependency
* temp
* fix wrong mocked meberhsip template
* rename MembershipManager -> LegacyMembershipManager
And remove the IMembershipManager from it
* Add new memberhsip manager
* fix tests to be compatible with old and new membership manager
* Comment cleanup
* Allow join to throw
- Add tests for throwing cases
- Fixs based on tests
* introduce membershipExpiryTimeoutSlack
* more detailed comments and cleanup
* warn if slack is misconfigured and use default values instead
* fix action resets.
* flatten MembershipManager.spec.ts
* rename testEnvironment to memberManagerTestEnvironment
* allow configuring Legacy manager in the matrixRTC session
* deprecate LegacyMembershipManager
* remove usage of waitForExpect
* flatten tests and add comments
* clean up leave logic branch
* add more leave test cases
* use defer
* review ("Some minor tidying things for now.")
* add onError for join method and cleanup
* use pop instead of filter
* fixes
* simplify error handling and MembershipAction
Only use one membership action enum
* Add diagram
* fix new error api in rtc session
* fix up retry counter
* fix lints
* make unrecoverable errors more explicit
* fix tests
* Allow multiple retries on the rtc state event http requests.
* use then catch for startup
* no try catch 1
* update expire headroom logic
transition from try catch to .then .catch
* replace flushPromise with advanceTimersByTimeAsync
* fix leaving special cases
* more unrecoverable errors special cases
* move to MatrixRTCSessionManager logger
* add state reset and add another unhandleable error
The error occurs if we want to cancel the delayed event we still have an id for but get a non expected error.
* missed review fixes
* remove @jest/environment dependency
* Cleanup awaits and Make mock types more correct.
Make every mock return a Promise if the real implementation does return a pormise.
* remove flush promise dependency
* fix not recreating default state on reset
This broke all tests since we only created the state once and than passed by ref
* Use per action rate limit and retry counter
There can be multiple retries at once so we need to store counters per action
e.g. the send update membership and the restart delayed could be rate limited at the same time.
* add linting to matrixrtc tests
* Add fix async lints and use matrix rtc logger for test environment.
* prettier
* review step 1
* change to MatrixRTCSession logger
* review step 2
* make LoopHandler Private
* update config to use NewManager wording
* emit error on rtc session if the membership manager encounters one
* network error and throw refactor
* make accessing the full room deprecated
* remove deprecated usage of full room
* Clean up the deprecation
* add network error handler and cleanup
* better logging, another test, make maximumNetworkErrorRetryCount configurable
* more logging & refactor leave promise
* add ConnectionError as possible retry cause
* Make it work in embedded mode with a server that does not support delayed events
* review iteration 1
* review iteration 2
* first step in improving widget error handling
* make the embedded client throw ConnectionErrors where desired.
* fix tests
* delayed event sending widget mode stop gap fix.
* improve comment
* fix unrecoverable error joinState (and add JoinStateChanged) emission.
* check that we do not add multipe sendFirstDelayed Events
* also check insertions queue
* always log "Missing own membership: force re-join"
* Do not update the membership if we are in any (a later) state of sending our own state.
The scheduled states MembershipActionType.SendFirstDelayedEvent and MembershipActionType.SendJoinEvent both imply that we are already trying to send our own membership state event.
* make leave reset actually stop the manager.
The reset case was not covered properly. There are cases where it is not allowed to add additional events after a reset and cases where we want to add more events after the reset. We need to allow this as a reset property.
* fix tests (and implementation)
* Allow MembershipManger to be set at runtime via JoinConfig.membershipManagerFactory
* Map actions into status as a sanity check
* Log status change after applying actions
* Add todo
* Cleanup
* Log transition from earlier status
* remove redundant status implementation
also add TODO comment to not forget about this.
* More cleanup
* Consider insertions in status()
* Log duration for emitting MatrixRTCSessionEvent.MembershipsChanged
* add another valid condition for connected
* some TODO cleanup
* review add warning when using addAction while the scheduler is not running.
* es lint
* refactor to return based handler approach (remove insertions array)
* refactor: Move action scheduler
* refactor: move different handler cases into separate functions
* linter
* review: delayed events endpoint error
* review
* Suggestions from pair review
* resetState is actually only used internally
* Revert "resetState is actually only used internally"
This reverts commit 6af4730919ec07ce9aaad8de35c27ac6b98a3019.
* refactor: running is part of the scheduler (not state)
* refactor: move everything state related from schduler to manager.
* review
* Update src/matrixrtc/NewMembershipManager.ts
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* review
* public -> private + missed review fiexes (comment typos)
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Add disableKeyStorage() to crypto API
As an all-in-one method for deleting all server side key storage on
the user's account (as the doc hopefully explains).
* Add test
* const
* Can't be disabled here
* WIP doodles on MembershipManager test cases
* .
* initial membership manager test setup.
* Updates from discussion
* revert renaming comments
* remove unused import
* fix leave delayed event resend test.
It was missing a flush.
* comment out and remove unused variables
* es lint
* use jsdom instead of node test environment
* remove unused variables
* remove unused export
* temp
* review
* fixup tests
* more review
* remove wait for expect dependency
* flatten tests and add comments
* add more leave test cases
* use defer
* remove @jest/environment dependency
* Cleanup awaits and Make mock types more correct.
Make every mock return a Promise if the real implementation does return a pormise.
* remove flush promise dependency
* add linting to matrixrtc tests
* Add fix async lints and use matrix rtc logger for test environment.
* prettier
* change to MatrixRTCSession logger
* make accessing the full room deprecated
* remove deprecated usage of full room
* Clean up the deprecation
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
* Bump rust sdk to 14.0.0
* Remove duplicate type declarations
These now match the types in the underlying library, so can be removed.
* bump to 14.0.1
* Use new `OutgoingRequest` type from wasm library
* fix types
* update lockfile
* disable key backup when both trust via signatures and private key fail
* test for enabling backup with decryption key
* enable backup with decryption key in legacy crypto
* fix formmating
* fix typo
* add local variable for backup trust in legacy crypto
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update spec/integ/crypto/megolm-backup.spec.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix white space formatting
* remove redundant test
* fix trust check while receiving backup secret
* mock room key version request before storing backup key
* fix decryption key gossip test for untrusted backup info
* rename version to latestBackupVersion to match the doc comments
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove test to stop key gossip when signature mismatch
* remove misleading checkKeyBackupAndEnable doc return comment
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* use requestKeyBackupVersion to get latest version instead of checkKeyBackupAndEnable
* remove comment
* test for backup key gossip when no backup found
* test for backup key gossip when backup request error
* fix lint error
* fix test message typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* refactor repeated test logic into a single reusable function
* improve exceptBackup param and docs
* fix: expect private key inside test
* fix linting
* add return type for backup key retrieve function
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve doc for retrieveBackupPrivateKeyWithDelay
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* improve expectBackup param description
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix status code and formatting
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix typo in README
* Add proper contributing guide
This is based on the same in element-web repo but with the following
changes:
1. Uses sign-off instead of CLA
2. Removes react, app specific instructions eg: tests do not mention
playwright.
* Add code_style.md
Copied from element-web repo but react/css specific items have been
removed.
* Fix lint
* Simplify bootstrapSecretStorage logic
might as well just export the keys immediately, rather than having multiple
tests.
* Clean up typescript types related to rust crypto
A forthcoming release of matrix-rust-sdk-crypto-wasm tightens up a number of
typescript types. In preparation, we need to get our house in order too.
* Add some tests for `logger`
* Remove deprecated `PrefixedLogger` interface
`PrefixedLogger` has been deprecated for some time, so let's remove it now,
while we have a major version bump.
We can tidy up some of the other logic while we're here.
Unfortunately lots of the code still uses `logger.log` which isn't exposed by
the `Logger` interface, so we need to keep exposing that where it was before.
* Rewrite `deleteAccountData` test
use fetch-mock rather than whatever this was
* `MatrixClient.setAccountData`: await remote echo
Wait for the echo to come back from the server before we assume the account
data has been successfully set
* Update integration tests
Fix up the integ tests which call `setAccountData` and now need a sync
response.
* Address review comment
* Remove deprecated calls in `webrtc/call.ts`
* Throw error when legacy call was used
* Remove `MatrixClient.initLegacyCrypto` (#4620)
* Remove `MatrixClient.initLegacyCrypto`
* Remove `MatrixClient.initLegacyCrypto` in README.md
* Remove tests using `MatrixClient.initLegacyCrypto`
* Remove legacy crypto support in `sync` api (#4622)
* Remove deprecated `DeviceInfo` in `webrtc/call.ts` (#4654)
* chore(legacy call): Remove `DeviceInfo` usage
* refactor(legacy call): throw `GroupCallUnknownDeviceError` at the end of `initOpponentCrypto`
* Remove deprecated methods and attributes of `MatrixClient` (#4659)
* feat(legacy crypto)!: remove deprecated methods of `MatrixClient`
* test(legacy crypto): update existing tests to not use legacy crypto
- `Embedded.spec.ts`: casting since `encryptAndSendToDevices` is removed from `MatrixClient`.
- `room.spec.ts`: remove deprecated usage of `MatrixClient.crypto`
- `matrix-client.spec.ts` & `matrix-client-methods.spec.ts`: remove calls of deprecated methods of `MatrixClient`
* test(legacy crypto): remove test files using `MatrixClient` deprecated methods
* test(legacy crypto): update existing integ tests to run successfully
* feat(legacy crypto!): remove `ICreateClientOpts.deviceToImport`.
`ICreateClientOpts.deviceToImport` was used in the legacy cryto. The rust crypto doesn't support to import devices in this way.
* feat(legacy crypto!): remove `{get,set}GlobalErrorOnUnknownDevices`
`globalErrorOnUnknownDevices` is not used in the rust-crypto. The API is marked as unstable, we can remove it.
* Remove usage of legacy crypto in `event.ts` (#4666)
* feat(legacy crypto!): remove legacy crypto usage in `event.ts`
* test(legacy crypto): update event.spec.ts to not use legacy crypto types
* Remove legacy crypto export in `matrix.ts` (#4667)
* feat(legacy crypto!): remove legacy crypto export in `matrix.ts`
* test(legacy crypto): update `megolm-backup.spec.ts` to import directly `CryptoApi`
* Remove usage of legacy crypto in integ tests (#4669)
* Clean up legacy stores (#4663)
* feat(legacy crypto!): keep legacy methods used in lib olm migration
The rust cryto needs these legacy stores in order to do the migration from the legacy crypto to the rust crypto. We keep the following methods of the stores:
- Used in `libolm_migration.ts`.
- Needed in the legacy store tests.
- Needed in the rust crypto test migration.
* feat(legacy crypto): extract legacy crypto types in legacy stores
In order to be able to delete the legacy crypto, these stores shouldn't rely on the legacy crypto. We need to extract the used types.
* feat(crypto store): remove `CryptoStore` functions used only by tests
* test(crypto store): use legacy `MemoryStore` type
* Remove deprecated methods of `CryptoBackend` (#4671)
* feat(CryptoBackend)!: remove deprecated methods
* feat(rust-crypto)!: remove deprecated methods of `CryptoBackend`
* test(rust-crypto): remove tests of deprecated methods of `CryptoBackend`
* Remove usage of legacy crypto in `embedded.ts` (#4668)
The interface of `encryptAndSendToDevices` changes because `DeviceInfo` is from the legacy crypto. In fact `encryptAndSendToDevices` only need pairs of userId and deviceId.
* Remove legacy crypto files (#4672)
* fix(legacy store): fix legacy store typing
In https://github.com/matrix-org/matrix-js-sdk/pull/4663, the storeXXX methods were removed of the CryptoStore interface but they are used internally by IndexedDBCryptoStore.
* feat(legacy crypto)!: remove content of `crypto/*` except legacy stores
* test(legacy crypto): remove `spec/unit/crypto/*` except legacy store tests
* refactor: remove unused types
* doc: fix broken link
* doc: remove link tag when typedoc is unable to find the CryptoApi
* Clean up integ test after legacy crypto removal (#4682)
* test(crypto): remove `newBackendOnly` test closure
* test(crypto): fix duplicate test name
* test(crypto): remove `oldBackendOnly` test closure
* test(crypto): remove `rust-sdk` comparison
* test(crypto): remove iteration on `CRYPTO_BACKEND`
* test(crypto): remove old legacy comments and tests
* test(crypto): fix documentations and removed unused expect
* Restore broken link to `CryptoApi` (#4692)
* chore: fix linting and formatting due to merge
* Remove unused crypto type and missing doc (#4696)
* chore(crypto): remove unused types
* doc(crypto): add missing link
* test(call): add test when crypto is enabled
* fix(crypto): `resetEncryption` remove secrets in 4S
Remove the cross signing keys and the backup decryption key of the 4S when calling `resetEncryption`
* test(crypto): expect secrets to be deleted in 4S when `resetEncryption` is called
* test(secret storage): add test case when the secret is set at null
* fix(crypto): remove default key in 4S
* test(crypto): default key should be removed from 4S
* Define topic as optional.
* Change isProvided so that types work better.
* allow makeTopicContent and parseTopicContent to handle optional values for plain text
* linting
* Remove usage of optional
* Topic key may only contain legacy key.
* Add tests for other branches.
* feat(dehydrated): Use the dehydrated key cache API
* feat(dehydrated): Add signalling to device dehydration manager
* feat(dehydrated): fix unneeded call getCachedKey
* Upgrade to `matrix-sdk-crypto-wasm` v13.0.0
* review: quick fix and doc
* apply changes from review
* apply changes from review
* fix comment
* add some tests and emit an event on rehydration failure
* factor out event counter into a test util, since it may be useful elsewhere
* adjust test to cover a few more lines
* fix documentation
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix missing bracket
* add test for getting the dehydration key from SSSS
---------
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add an extra consistency check in `bootstrapCrossSigning`
check that `importCrossSigningKeys` has actually worked
* Update src/rust-crypto/CrossSigningIdentity.ts
* declare type in @types, instead of in source
`MatrixClient.login` has some very unintuitive behaviour where it
stashes the access token, but not the device id, refresh token, etc etc, which
led people to imagine that they had a functional `MatrixClient` when they
didn't. In practice, you have to create a *new* `MatrixClient` given the `LoginResponse`.
As the first step for sorting this out, this deprecates the broken method and
replaces it with one that has sensible behaviour.
* Fix documentation on `CryptoEvent`
`CryptoApi` itself does not emit events (or at least, its public type
information does not allow you to listen for events emitted by CryptoApi).
* fix link
...and renames them, removing the special lowercase and uppercase
versions and exporting the underlying function instead.
Any apps that use these will either need to take the speed hit from
secure random functions and use the new ones, or write their own
insecure versions.
The lowercase and uppercasde verisons were used exactly once each
in element-web and never in js-sdk itself. The underlying function
is very simple and exporting just this gives more flexibility with
fewer exports.
* Distinguish room state and timeline events in embedded clients
This change enables room widget clients to take advantage of the more reliable method of communicating room state over the widget API provided by a recent update to MSC2762.
* Add missing awaits
* Upgrade matrix-widget-api
* update join and leave internal api.
* rename onMembershipUpdate and triggerCallMembershipEventUpdate to onMembershipsUpdate
This makes it more clear that we do not talk about our own membership but all memberships in the session
* cleanup MembershipManager
- add comments and interface how to test this class.
- sort methods by public/private
- make triggerCallMembershipEventUpdate private
* docstrings for getFocusInUse and getActiveFocus
* simplify tests and make them only use MembershipManagerInterface methods.
This allows to exchange the membershipManager with a different implementation.
* convert interface to abstract class.
* review (implement interface, make interface internal, dont change public api.)
* Make the interface an actual interface.
The actual constructor of the class now contains the `Pick` to define what it needs from the client.
* move update condition into MembershipManager
* renaming public api
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* split joinConfig
- myMembership related properties get moved into its own interface
* Add MyMembershipManager
* Remove methods and functions that are from MatrixRTCSession (they now live in MyMembershipManager)
* Refactor MatrixRTCSession to use myMembershipManager
* fix tests
* review
* get rid of more memberhsip manager usage in tests
* review - fix tests using private membershipManager props
* fix circular import
* Fix issue with sentinels being incorrect on m.room.member events
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Simplify change
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* remove all legacy call related code and adjust tests.
We actually had a bit of tests just for legacy and not for session events. All those tests got ported over so we do not remove any tests.
* dont adjust tests but remove legacy tests
* Remove deprecated CallMembership.getLocalExpiry()
* Remove references to legacy in test case names
* Clean up SessionMembershipData tsdoc
* Remove CallMembership.expires
* Use correct expire duration.
* make expiration methods not return optional values and update docstring
* add docs to `SessionMembershipData`
* Add new tests for session type member events that before only existed for legacy member events.
This reverts commit 795a3cffb61d672941c49e8139eb1d7b15c87d73.
* remove code we do not need yet.
* Cleanup
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
* remove all legacy call related code and adjust tests.
We actually had a bit of tests just for legacy and not for session events. All those tests got ported over so we do not remove any tests.
* dont adjust tests but remove legacy tests
* Remove deprecated CallMembership.getLocalExpiry()
* Remove references to legacy in test case names
* Clean up SessionMembershipData tsdoc
* Remove CallMembership.expires
* Use correct expire duration.
* make expiration methods not return optional values and update docstring
* add docs to `SessionMembershipData`
* Use `MSC4143` (instaed of `non-legacy`) wording in comment
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Incorporate feedback from review
* Fix test name
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Don't retry on 4xx responses
I'm not sure why this was limited to a small set of 4xx responses.
Nominally, no 4xx request should be retried (in fact the comment
below says this, but then the code didn't quite match it).
This was causing key backup requests to be retried even when the
server responded 404 because the backup in question had been deleted,
meaning the client would retry uselessly and it would take longer for
the client to prompt the user for action.
* Exclude 429s
* Avoid key prompts when resetting crypto
Attempting to get the backup key out of secret storage can cause
the user to be prompted for their key, which is not helpful if this
is being done as part of a reset. This check was redundant anyway
and we can just overwrite the key with the same value.
Also fix docs and remove check for active backup.
* Fix doc
* Save the key backup key to secret storage
When setting up secret storage, if we have a key backup key in cache
(like we do for the cross signing secrets).
* Add test
* Get the key directly from the olmMachine
saves converting it needlessly into a buffer to turn it back into
a base64 string
* Overwrite backup keyin storage if different
* Fix test
* Add integ test
* Test failure case for sonar
* Unused import
* Missed return
* Also check active backup version
* Set retry counts of event updating to 1000 (from 1)
With it being set to one the following issue could occur:
```
// If sending state cancels your own delayed state, prepare another delayed state
// TODO: Remove this once MSC4140 is stable & doesn't cancel own delayed state
if (this.disconnectDelayId !== undefined) {
try {
const knownDisconnectDelayId = this.disconnectDelayId;
await resendIfRateLimited(
() =>
this.client._unstable_updateDelayedEvent(
knownDisconnectDelayId,
UpdateDelayedEventAction.Restart,
),
1000,
);
} catch (e) {
logger.warn("Failed to update delayed disconnection event, prepare it again:", e);
this.disconnectDelayId = undefined;
await prepareDelayedDisconnection();
}
}
```
This code looks like the `catch(e)` could never be triggered with 429 (rate limit) because they would be caught by `await resendIfRateLimited`. EXCEPT that this is only happening once: `resendIfRateLimited<T>(func: () => Promise<T>, numRetriesAllowed: number = 1)`. So as soon as the server sends two rate limits in a row we get the following:
- we get into the `catch(e)` because of the rate limit
- we forget about `this.disconnectDelayId = undefined`
- we start a new delayed event `await prepareDelayedDisconnection();`
- we do not anymore update the old delayed event which is still running!
- the running delay event will make us disconnect from the call (call member becomes `{}`)
- we get into our outher error catching mechanism that resends the new state event
- this cancels the newly created delay leave event (`await prepareDelayedDisconnection();`)
- and create another delay leave event.
- but if we are still reate limited (chances are really high due to the reconnect), this loop will REPEAT
* also check for M_NOT_FOUND
* Leave retry at current level
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
* WIP support for state_after
* Fix sliding sync sdk / embedded tests
* Allow both state & state_after to be undefined
Since it must have allowed state to be undefined previously: the test
had it as such.
* Fix limited sync handling
* Need to use state_after being undefined
if state can be undefined anyway
* Make sliding sync sdk tests pass
* Remove deprecated interfaces & backwards-compat code
* Remove useless assignment
* Use updates unstable prefix
* Clarify docs
* Remove additional semi-backwards compatible overload
* Update unstable prefixes
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add test for MSC4222 behaviour
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve coverage
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Tidy
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add comments to explain why things work as they are.
* Fix sync accumulator for state_after sync handling
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert "Fix room state being updated with old (now overwritten) state and emitting for those updates. (#4242)"
This reverts commit 957329b218.
* Fix Sync Accumulator toJSON putting start timeline state in state_after field
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update tests
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add test case
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Hugh Nimmo-Smith <hughns@matrix.org>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Timo <toger5@hotmail.de>
* Ensure we disambiguate display names which look like MXIDs
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Make tests clearer
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* First draft of moving out restoreKeyBackup out of MatrixClient
* Deprecate `restoreKeyBackup*` in `MatrixClient`
* Move types
* Handle only the room keys response
* Renaming and refactor `keysCountInBatch` & `getTotalKeyCount`
* Fix `importRoomKeysAsJson` tsdoc
* Fix typo
* Move `backupDecryptor.free()``
* Comment and simplify a bit `handleDecryptionOfAFullBackup`
* Fix decryption crash by moving`backupDecryptor.free`
* Use new api in `megolm-backup.spec.ts`
* Add tests to get recovery key from secret storage
* Add doc to `KeyBackupRestoreOpts` & `KeyBackupRestoreResult`
* Add doc to `restoreKeyBackupWithKey`
* Add doc to `backup.ts`
* Apply comment suggestions
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* - Decryption key is recovered from the cache in `RustCrypto.restoreKeyBackup`
- Add `CryptoApi.getSecretStorageBackupPrivateKey` to get the decryption key from the secret storage.
* Add `CryptoApi.restoreKeyBackup` to `ImportRoomKeyProgressData` doc.
* Add deprecated symbol to all the `restoreKeyBackup*` overrides.
* Update tests
* Move `RustBackupManager.getTotalKeyCount` to `backup#calculateKeyCountInKeyBackup`
* Fix `RustBackupManager.restoreKeyBackup` tsdoc
* Move `backupDecryptor.free` in rust crypto.
* Move `handleDecryptionOfAFullBackup` in `importKeyBackup`
* Rename `calculateKeyCountInKeyBackup` to `countKeystInBackup`
* Fix `passphrase` typo
* Rename `backupInfoVersion` to `backupVersion`
* Complete restoreKeyBackup* methods documentation
* Add `loadSessionBackupPrivateKeyFromSecretStorage`
* Remove useless intermediary result variable.
* Check that decryption key matchs key backup info in `loadSessionBackupPrivateKeyFromSecretStorage`
* Get backup info from a specific version
* Fix typo in `countKeysInBackup`
* Improve documentation and naming
* Use `RustSdkCryptoJs.BackupDecryptionKey` as `decryptionKeyMatchesKeyBackupInfo` parameter.
* Call directly `olmMachine.getBackupKeys` in `restoreKeyBackup`
* Last review changes
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update e2e doc in `README.md`
* Update `ICreateClientOpts.cryptoStore` doc
* Apply first batch of suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix `cryptoStore` tsdoc in `client.ts`
* Changes in Initialization chapter.
* Add doc about deprecated methods in `MatrixClient`.
* Update SecretStorage doc
* Fis typos
* Improve e2e docs
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Handle M_MAX_DELAY_EXCEEDED errors
Use a lower delay time if the server rejects a delay as too long.
* Add test
* Lint test
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Robin <robin@robin.town>
* Test computed expiry timeout value
---------
Co-authored-by: Robin <robin@robin.town>
* When state says you've left ongoing call, rejoin
When receiving a state change that says you are no longer a member of a
RTC session that you are actually still participating in, send another
state event to put yourself back in the session membership.
This can happen when an administrator overwrites your call membership
event (which is allowed even with MSC3757's restrictions on state), or
if your delayed disconnection event (via MSC4140) timed out before your
client could send a heartbeat to delay it further.
* Don't emit state changed on join recovery
* MatrixRTCSession: handle rate limit errors
* Lint
* Handle ratelimiting for non-legacy state setting
Each request must be retried, as the non-legacy flow involves a sequence
of requests that must resolve in order.
* Fix broken test
* Check for MSC3757 instead of the unmerged MSC3779
* Move helper out of beforeEach
* Test ratelimit errors
* Send/receive error details with widgets
* Fix embedded client tests
* Use all properties of error responses
* Lint
* Rewrite ternary expression as if statement
* Put typehints on overridden functions
* Lint
* Update matrix-widget-api
* Don't @link across packages
as gendoc fails when doing so.
* Add a missing docstring
* Set widget response error string to correct value
* Test conversion to/from widget error payloads
* Test processing errors thrown by widget transport
* Lint
* Test processing errors from transport.sendComplete
* Remove redundant `pre-release.sh` script
This is now a no-op (there are no `matrix_lib` fields in package.json), so we
may as well remove it.
* Remove redundant `post-merge-master` script
Just as pre-release is a no-op, so is this
* Remove redundant switch_package_to_release script
Once more: this script is a no-op.
* Make doc clearer on getCrossSigningKeyId
I was trying to work out why this was being used in a check. It
turns out it only returns the key ID if the private part is stored
locally, which seems very much non-obvious.
* Better doc
* Formatting & clarity
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src with globalThis
* Update spec with globalThis
* Replace in more spec/ places
* More changes to src/
* Add a linter rule for global
* Prettify
* lint
* Include HTTP response headers in MatrixError
* Lint
* Support MSC4041 / Retry-After header
* Fix tests
* Remove redundant MatrixError parameter properties
They are inherited from HTTPError, so there is no need to mark them as
parameter properties.
* Comment that retry_after_ms is deprecated
* Properly handle colons in XHR header values
Also remove the negation in the if-condition for better readability
* Improve Retry-After parsing and docstring
* Revert ternary operator to if statements
for readability
* Reuse resolved Headers for Content-Type parsing
* Treat empty Content-Type differently from null
* Add MatrixError#isRateLimitError
This is separate from MatrixError#getRetryAfterMs because it's possible
for a rate-limit error to have no Retry-After time, and having separate
methods to check each makes that more clear.
* Ignore HTTP status code when getting Retry-After
because status codes other than 429 may have Retry-After
* Catch Retry-After parsing errors
* Add test coverage for HTTP error headers
* Update license years
* Move safe Retry-After lookup to global function
so it can more conveniently check if an error is a MatrixError
* Lint
* Inline Retry-After header value parsing
as it is only used in one place and doesn't need to be exported
* Update docstrings
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Use bare catch
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Give HTTPError methods for rate-limit checks
and make MatrixError inherit them
* Cover undefined errcode in rate-limit check
* Update safeGetRetryAfterMs docstring
Be explicit that errors that don't look like rate-limiting errors will
not pull a retry delay value from the error.
* Use rate-limit helper functions in more places
* Group the header tests
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Add CryptoApi. encryptToDeviceMessages
Deprecate Crypto. encryptAndSendToDevices and MatrixClient. encryptAndSendToDevices
* Overload MatrixClient. encryptAndSendToDevices instead of deprecating
* Revert "Overload MatrixClient. encryptAndSendToDevices instead of deprecating"
This reverts commit 6a0d8e26385c34d40e8c2ed1e34cb5119c12456c.
* Feedback from code review
* Use temporary pre-release build of @matrix-org/matrix-sdk-crypto-wasm
* Deduplicate user IDs
* Test for RustCrypto implementation
* Use ensureSessionsForUsers()
* Encrypt to-device messages in parallel
* Use release version of matrix-sdk-crypto-wasm
* Upgrade matrix-sdk-crypto-wasm to v8
* Sync with develop
* Add test for olmlib CryptoApi
* Fix link
* Feedback from review
* Move libolm implementation to better place in file
* FIx doc
* Integration test
* Make sure test device is known to client
* Feedback from review
* Do not rotate MatrixRTC media encryption key when a new member joins a call
This change reverts https://github.com/matrix-org/matrix-js-sdk/pull/4422.
Instead, the rotation when a new member joins will be reintroduced as part of supporting to-device based MatrixRTC encryption key distribution.
* Improve function name
We used to use the notation `<sender key>|<megolm session id>` fairly widely in
log messages, but since the transition to rust crypto, it's unusual and now
somewhat confusing. Make the log messages more explicit.
* Refactor/simplify Promises in MatrixRTCSession
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Fix+document+test leaveRoomSession's return value
* Throw instead of using expect in teardown
because lint rules forbid using expect outside of test functions
---------
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
* Prepare delayed call leave events more reliably
- Try sending call join after preparing delayed leave
- On leave, send delayed leave instead of a new event
* Don't rely on errcodes for retry logic
because they are unavailable in widget mode
* Make arrow method readonly
SonarCloud rule typescript:S2933
* Test coverage for restarting delayed call leave
* Remove unneeded unstable_features mock
It's unneeded because all affected methods are mocked
* Fix DelayedEventInfo type
for MSC4140's GET /delayed_events
* Satisfy linter while avoiding unaligned indents
* Remove transaction_id from DelayedEventInfo
See matrix-org/matrix-spec-proposals@883e6b5d
* Move used Crypto event into crypto api
* Use new crypto events in rust crypto
* Remove `WillUpdateDevices` event from CryptoApi
* Use new crypto events in old crypto events
* Compute type of CryptoEvent enum
* Rename CryptoEvent and CryptoEventHandlerMap as legacy
* - Rename `RustCryptoEvent` as `CryptoEvent`
- Declare `CryptoEventHandlerMap` into the crypto api
* Add `WillUpdateDevices` back to new crypto events to avoid circular imports between old crypto and the cryto api
* Extends old crypto handler map with the new crypto map
* Review fixes
* Add more explicit documentations
Currently the crypto-api hierarchy is exposed only as a `Crypto` namespace
under the "matrix" entrypoint in the documentation.
This isn't really right: it's meant to be a separate entrypoint (in the same
way as `types`, `testing` and `utils` are). This PR fixes that problem.
* Move `SecretEncryptedPayload` in `src/utils/@types`
* Move `encryptAES` to a dedicated file. Moved in a utils folder.
* Move `deriveKeys` to a dedicated file in order to share it
* Move `decryptAES` to a dedicated file. Moved in a utils folder.
* Move `calculateKeyCheck` to a dedicated file. Moved in a utils folder.
* Remove AES functions in `aes.ts` and export new ones for backward compatibility
* Update import to use new functions
* Add `src/utils` entrypoint in `README.md`
* - Rename `SecretEncryptedPayload` to `AESEncryptedSecretStoragePayload`.
- Move into `src/@types`
* Move `calculateKeyCheck` into `secret-storage.ts`.
* Move `deriveKeys` into `src/utils/internal` folder.
* - Rename `encryptAES` on `encryptAESSecretStorageItem`
- Change named export by default export
* - Rename `decryptAES` on `decryptAESSecretStorageItem`
- Change named export by default export
* Update documentation
* Update `decryptAESSecretStorageItem` doc
* Add lnk to spec for `calculateKeyCheck`
* Fix downstream tests
* crypto: configure key sharing strategy based on deviceIsolationMode
fix eslint import error
cryptoMode was renamed to deviceIsolationMode
post rebase fix: Device Isolation mode name changes
* Fix outdated docs referring to old cryptomode
* code review: better comment for globalBlacklistUnverifiedDevices option
* RoomEncryptor: Use appropriate default for getBlacklistUnverifiedDevices
* do not provide a default value for DeviceIsolationMode for encryption
* Update src/rust-crypto/RoomEncryptor.ts
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
This method is impossible to use securely, and so is being removed. (It also
didn't work under Rust cryptography.)
In future, this functionality may be re-introduced in a safer way, but doing so
will probably require updates to the MSC.
* Update dependency typescript to v5.6.2
* Fix TS errors
* Update minimal version of TS to `5.4.2` since the code is not compliant with an older version.
* Review fixes
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Florian Duros <florian.duros@ormaz.fr>
Co-authored-by: Florian Duros <florianduros@element.io>
* Update OIDC registration types to match latest MSC2966 state
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add comment
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Implement `UserVerificationStatus.needsUserApproval`
Expose the `identityNeedsUserApproval` flag from the rust crypto crate.
* Add CryptoApi.pinCurrentUserIdentity
Expose `pinCurrentMasterKey` from the rust crypto api.
* Test data: add second cross-signing key for Bob
* Add tests for verification status
* Update typedoc
* Don't link a private method in tsdoc of a public method
---------
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Florian Duros <florian.duros@ormaz.fr>
* Don't share full key history for RTC per-participant encryption
Also record stats for how many keys have been sent/received and age of those received
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Robin <robin@robin.town>
* Add comment about why we track total age of events
---------
Co-authored-by: Robin <robin@robin.town>
This is in line with the other information we're already exposing, such as the event's sender and timestamp. We want this in order to play around with adding reactions to the membership event.
The scripts in here are used in the release, and from the develop
branch too (because it's the main branch and github actions does this)
so it's critical for the release process.
Currently, we replace the entrypoints in package.json during the release
cycle. I think. historically, this was done to make matrix-react-sdk and
element-web development easier, but neither of those projects actually use
these entrypoints (instead they import from `src`).
Accordingly, I think the switcheroo is unnecessary; furthermore it causes a
whole bunch of confusion by making the development environment different from
the release environment, and it complicates our CI and release process.
In short, the switcheroo has to die.
* Rename `switch_package_to_release.js` to `.cjs`
Slightly surprisingly, the symlink is enough to make `node
switch_package_to_release.js` work.
* Rename .eslintrc.js to .cjs
Again, declare this as commonjs
* Move `type:module` declaration into package.json.
matrix-js-sdk is built into ECMAScript modules, and we should declare it as
such. See https://nodejs.org/api/packages.html#type. Failure to do so causes
problems for javascript projects attempting to build against matrix-js-sdk: see https://github.com/matrix-org/matrix-js-sdk/issues/4347.
Previously, we did this as part of the package.json switcheroo, but that is
unnecessarily fragile.
matrix-react-sdk, element-web, etc are unaffected by this, because they use the
typescript files directly, by importing `matrix-js-sdk/src/...`.
* Rename `switch_package_to_release.js` to `.cjs`
Slightly surprisingly, the symlink is enough to make `node
switch_package_to_release.js` work.
* Rename .eslintrc.js to .cjs
Again, declare this as commonjs
* Move `type:module` declaration into package.json.
matrix-js-sdk is built into ECMAScript modules, and we should declare it as
such. See https://nodejs.org/api/packages.html#type. Failure to do so causes
problems for javascript projects attempting to build against matrix-js-sdk: see https://github.com/matrix-org/matrix-js-sdk/issues/4347.
Previously, we did this as part of the package.json switcheroo, but that is
unnecessarily fragile.
matrix-react-sdk, element-web, etc are unaffected by this, because they use the
typescript files directly, by importing `matrix-js-sdk/src/...`.
* Reapply "Add "type" = "module" to ensure it is present (#4350)" (#4352)
This reverts commit 8214fd7156.
* Mark prettier config file as CommonJS
I *think* this will fix a problem with the release process in which we saw an
error:
```
Error: Invalid configuration for file "/home/runner/work/matrix-js-sdk/matrix-js-sdk/package.json":
Error: module is not defined in ES module scope
Error: This file is being treated as an ES module because it has a '.js' file extension and '/home/runner/work/matrix-js-sdk/matrix-js-sdk/package.json' contains "type": "module". To treat it as a CommonJS script, rename it to use the '.cjs' file extension.
```
* Retry event decryption failures on first failure
* Suggestion from code review
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
---------
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
* Use origin server timestamp for calculating group call membership expiry
* Fix tests
* Docs
* Refactor comments to reflect that the logic hasn't changed
* Make comment maintainable
* Fix up merge
* Fix test
* Handle MatrixRTC encryption keys arriving out of order
* Apply suggestions from code review
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
* Suggestion from code review
---------
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
* Resend MatrixRTC encryption keys if a membership has changed
* JSDoc
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
* Add note about using Set. symmetricDifference() when available
* Always store latest fingerprints
Should reduce unnecessary retransmits
* Refactor
---------
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
Akin to how legacy call events should be sent in rooms where there is
any ongoing legacy call, send non-legacy events in rooms where there are
only non-legacy calls; else fall back to the config preference.
* Fix hashed ID server lookups with no Olm
It used the hash function from Olm (presumably to work cross-platform)
but subtle crypto is available on node nowadays so we can just use
that.
Refactor existing code that did this out to a common function, add
tests.
* Test the code when crypto is available
* Test case of no crypto available
* Move digest file to src to get it out of the way of the olm / e2e stuff
* Fix import
* Fix error string & doc
* subtle crypto, not webcrypto
* Extract the base64 part
* Fix test
* Move test file too
* Add more doc
* Fix imports
and use them for more reliable MatrixRTC session membership events.
Also implement "parent" delayed events, which were in a previous version
of the MSC and may be reintroduced or be part of a new MSC later.
NOTE: Still missing is support for sending encrypted delayed events.
* Restructure eventsPendingKey to remove sender key
For withheld notices, we don't necessarily receive the sender key, so we'll
jhave to do without it.
* Re-decrypt events when we receive a withheld notice
* Extend test to cover late-arriving withheld notices
* update unit tests
* Be specific about what is considered a MSC4143 call member event.
* review
* check for empty event first
* Optimize for new session type events
If its a session type event we do not want to run two "key in" checks. We expect legacy events to be the less comment type going forward.
* awkward but necessary key count optimization
* Update all non-major dependencies
* Prettier
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix types for widget API update
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove the compare function from utils
and change the one use of it to just intantiate a collator and use
it.
This was marked as internal module so this shouldn't be a breaking change.
Of course, react-sdk was using it.
Requires: https://github.com/matrix-org/matrix-react-sdk/pull/12782
* Add simple not-a-perf-test test
* recalculate repeatedly
otherwise we aren't testing anything different
* Use fewer members as it was making the test take a bit too long
* Inline subtlecrypto shim
The presence of this thing just makes code more confusing.
* Remove pre-node-20 webcrypto hack
Until node 20.0, the webcrypto API lived at `crypto.webCrypto`. It's now
available at the same place as in web -- `globalThis.crypto`.
See: https://nodejs.org/docs/latest-v20.x/api/webcrypto.html#web-crypto-api
* oidc auth test: Clean up mocking
THe previous reset code wasn't really resetting the right thing. Let's just
re-init `window.crypto` on each test.
* Remove `crypto` shim
This isn't very useful any more.
* Fix room state being updated with old (now overwritten) state and emitting for those updates.
* remove timestamp condition
Add configuration for toStartOfTimeline
* fix timeline tests
* only skip event adding if event_id and replaces_state is set.
* fix room tests
* test skipping insertion
* rename back to lastStateEvent
* store if a state is at the start of a timeline in the RoomState class
* make `isStartTimelineState` a `public readonly` and fix condition.
* Add ability to choose how many timeline events to sync when peeking.
* Add a test that covers the new method parameter.
* Formatting.
---------
Co-authored-by: Joel <joel.garplind+github@gmail.com>
We had both an `onIncomingKeyVerificationRequest` and an
`onKeyVerificationRequest` which did different, but related, things.
Improve the documentation and reduce the duplication.
I believe the only reason we had this was that, before Node v11.0,
`TextEncoder` wasn't available in the global object. Nowadays it is (see
https://nodejs.org/api/util.html#class-utiltextencoder), so let's get rid of
it.
This example seems to have been broken by the switch to Typescript. We can't
just symlink in `../..` because that gives us the typescript version of the
source, which, obviously, doesn't work in node.
Instead, make sure we use a prebuilt version of the js-sdk.
It's actually even more broken as of js-sdk 33.0.0, thanks to the switch to ES
modules (#4187), but we'll get to that later.
* Declare matrix-js-sdk as an ES module
* Rename `babel.config.js` to show it is a CommonJS module
... otherwise it gets broken by `scripts/switch_package_to_release.js`
* Add fetching the well known in embedded mode.
This is used to load the focus from the well known in elment-call.
* revert what we dont want in this PR.
* Update src/client.ts
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
---------
Co-authored-by: Andrew Ferrazzutti <andrewf@element.io>
* Fix ingest of release notes wiping out the parent notes
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove redundant reusable workflow input
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Prefix the user+device state key if needed
No need to prefix it for rooms that use MSC3779.
Otherwise, prefix it to bypass the auth rule for state events with keys
starting with @.
* Use RegExp.exec() method instead
Sonar typescript:S6594
* Split nested ternary operator into method
Sonar typescript:S3358
* Add test coverage
* Move `RustVerificationRequest.onChange` out to a method
The only reason it was an inner function in the first place was to avoid
storing a reference in the class to `outgoingRequestProcessor`. That changed
with d1dec4cd08.
* Fix reference cycles in rust verification code
* Bump ES target version to ES2022
I want to be able to use `WeakRef`, and per
https://github.com/element-hq/element-web/issues/24913#issuecomment-2182448007,
I believe this should be safe.
* room.ts: Fix initialisation order
It seems that ES2022 causes typescript to change the initialization order of
regular properties vs parameter properties
(https://github.com/microsoft/TypeScript/issues/45995), so we need to rearrange
the initializations to avoid an error.
In practice, it might be fine because we have enabled
`babel-plugin-transform-class-properties`, which moves the initialization back
after the parameter property, but we shoudn't rely on that, and anyway it
upsets the linter.
* Use legacy call membership if anyone else is
* Convert nullish to boolean
* Update tests
* Lint
* Use computed decision to use legacy events or not
* Check if discovered legacy sessions are ongoing
* Lint
* Lint again
* Increase test coverage
* Fetch capabilities in the background
& keep them up to date
* Add missed await
* Replace some more runAllTimers
and round down the wait time for sanity
* Remove double comment
* Typo
* Add a method back that will fetch capabilities if they're not already there
* Add tests
* Catch exception here too
* Add test for room version code
* Use server name instead of homeserver url to allow well-known lookups during QR OIDC reciprocation
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add via parameter for MSC4156
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Always include both parameters
* Fix tests
---------
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Refactor to preferred and active foci.
Signed-off-by: Timo K <toger5@hotmail.de>
* make the sdk compatible with MSC4143 but still be backwards compatible
* comment fixes
* also fallback to legacy if the current member event is legacy
* use XOR types
* use EitherAnd
* make livekit Foucs types simpler
* review
* fix tests
* test work
* more review + more tests
* remove unnecassary await that is in conflict with the comment
* make joinRoomSession sync
* Update src/matrixrtc/MatrixRTCSession.ts
Co-authored-by: Andrew Ferrazzutti <af_0_af@hotmail.com>
* review
* fix
* test
* review
* review
* comment clarification
* typo
---------
Signed-off-by: Timo K <toger5@hotmail.de>
Co-authored-by: Andrew Ferrazzutti <af_0_af@hotmail.com>
* Fix screen sharing in recent Chrome
Dreadful hack to work around a bug in recent chrome/electron's
WebRTC, as explained.
I'm not sure which is the least hideous out of this (ie. repeatedly
calling setCodecPreferences and seeing if it crashes each time) or
hardcoding the bad codec and skipping it. Opinions welcome.
* Unused import
* Remove commented line
* RustCrypto: Move CryptoBackend impl to CryptoBackend impl section
Given there is a `CryptoBackend implementation` section, the methods
implementing CryptoBackend should be there.
* RustCrypto: Fix documentation on dehydration methods
* RustCrypto: reunite `resetKeyBackup` with its helper
A couple of new methods had snuck into the middle.
* Add crypto methods for OIDC QR code login
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Improve test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert test due to hang inside Rust.
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update test name
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
https://github.com/dumbmatter/fakeIndexedDB/pull/93 causes a bunch
of tests to start failing because the fake timers need running in
order for fake indexeddb to work. It also seems to cause failures
to bleed between tests somehow if fake timers are enabled/disabled.
This keeps all the fake timer tests in one suite and all the others
in another, which appears to work.
This should allow https://github.com/matrix-org/matrix-js-sdk/pull/4224
to be merged.
* Add note about MSC3886, MSC3903 and MSC3906 being closed
* Move comments in to jsdoc
---------
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Don't run migration for Rust crypto if the legacy store is empty
Fixes https://github.com/element-hq/element-web/issues/27447
* Add copyright for the TypeScript files in legacy DB dumps
* Provide a type for the accountPickle we check for before migration
* Remove redundant backup response
This is unused
* Simplify keys response
* Downgrade log message.
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Slightly more involved than normal because it requires us to pass a backup version into OlmMachine.importBackedUpRoomKeys.
On the other hand we can now re-enable the test that was disabled in #4214 due to matrix-org/matrix-rust-sdk#3447Fixes: element-hq/element-web#27165
* `initRustCrypto`: allow app to pass in the store key directly
... instead of using the pickleKey. This allows us to avoid a slow PBKDF
operation.
* Fix link in doc-comment
* Maybe run complement-crypto
* Use existing checkout
* Test that things fail if crypto breaks
* Fix test; run only on merge queue
* Prettier
* Maybe get it working in a merge queue
* Add some comments to the release drafter workflows
* Rename component workflow so they have different names
* Fix comment
---------
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Force service worker-safe crypto when operating under a service worker
* Fix tests/unsafe execution
* Further fix tests?
* Docs would probably be good
* Define a type guard function
https://www.typescriptlang.org/docs/handbook/advanced-types.html#user-defined-type-guards
* Use `@types` repo
* Maybe don't modify tsconfig, I guess
* Revert "Use `@types` repo"
This reverts commit db46bcf1db4b94fbc7e0c97a20d5d800fcb2768b.
* Use a different type for Window
* Simplify the crypto accessors
* Fix fields of MSC 3266 summary object
Also remove redundant room_type field which is inherited from elsewhere
* Export the MSC 3266 summary type
* Use proper endpoint for MSC 3266 summary lookup
Use the endpoint recommended by the MSC
* Rename newly-exported symbol to not start with I
* Use "export type"
* Lint
* Fix type of "encryption" field
* Add TSDoc documentation
* Add basic integration test for getRoomSummary
* Lint
* Use fallback endpoint for MSC3266
* Improve test coverage
* Lint
* Refactor async catch to satisfy linter
* Increase test coverage
* Use encoded URI components when storing sessions in memory crypto store
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Add URI en-/decoding to missing methods
* Extract convenience functions
---------
Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
* Add `PerSessionKeyBackupDownloader.isKeyBackupDownloadConfigured()`
* Add new `RustBackupManager.getServerBackupInfo`
... and a convenience method in PerSessionKeyBackupDownloader to access it.
* Crypto.spec: move `useRealTimers` to global `afterEach`
... so that we don't need to remember to do it everywhere.
* Use fake timers for UTD error code tests
This doesn't have any effect on the tests, but *does* stop jest from hanging
when you run the tests in in-band mode. It shouldn't *really* be needed, but
using fake timers gives more reproducible tests, and I don't have the
time/patience to debug why it is needed.
* Use new error codes for UTDs from historical events
* Migrate own identity trust to rust crypto
* Fix gendoc not happy if msk of IDownloadKeyResult has a signature
* add missing mock
* code review
* Code review
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review move function down in file
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review gh suggestion
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Cleaning tests, renaming
* Review: better comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Comment paragraphs
* retry until initial key query is successfull
* Validate backup private key before migrating it
* post merge fix
* Fix test, missing mock
* Use crypto wasm instead of lib olm to check backup key
* typo
* code review
* quick lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* initial implementation of device dehydration
* add dehydrated flag for devices
* add missing dehydration.ts file, add test, add function to schedule dehydration
* add more dehydration utility functions
* stop scheduled dehydration when crypto stops
* bump matrix-crypto-sdk-wasm version, and fix tests
* adding dehydratedDevices member to mock OlmDevice isn't necessary any more
* fix yarn lock file
* more tests
* fix test
* more tests
* fix typo
* fix logic for checking if dehydration supported
* make changes from review
* add missing file
* move setup into another function
* apply changes from review
* implement simpler API
* fix type and move the code to the right spot
* apply suggestions from review
* make sure that cross-signing and secret storage are set up
* Add `device_authorization_endpoint` field to OIDC issuer well-known metadata
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow `validateIdToken` to skip handling nonce when none is present
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Tweak registerOidcClient to check OIDC grant_types_supported before registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Clean up decryption failure integ tests
* Fix the names
* Stop waiting as soon as the event is decrypted, even if code is wrong (so
tests fail rather than time out if the code is wrong)
* Bump timeouts on some tests
These tend to fail due to slow init of wasm artifacts
* Factor out `onDecryptionKeyMissingError` call
* Factor out `onMegolmDecryptionError`
* grammar fix
* IEncryptionResult -> EncryptionResult
These are the same thing; the former is the old name.
* Support setting event IDs
* Helper for decrypting existing decryption failures
* Clean up README a little
This just removes some of the most egregious lies and outdated stuff. There's a
*lot* more that can be done here.
* Add some test utils in a new entrypoint
* Fix comment
* Update src/testing.ts
* Fix highlights from threads disappearing on new messages
This changes interface of Room, so this is a BREAKING CHANGE.
Correctly mirrors the logic we use for room notifications for thread
notifications, ie. set only the total notifications count from the
server if it's zero.
I'm not delighted with this since it ends up with function on room
whose contract is to do something frankly, deeply weird and
unintuitive. However, this is the hack we use for room notifications
and it, empirically, works well enough. To do better, we'd need much
more complex logic to overlay notification counts for decrypted messages.
Fixes https://github.com/element-hq/element-web/issues/25523
* Add tests for the special notification behaviour in syncing
* Correctly copy the room logic for reseting notifications
We were always ignoring the highlight count, even for encrypted rooms,
which was broken because we don't do the local calculation for unencrypted
rooms.
* Move code for processing our own receipts to Room
This is some code to process our own receipts and recalculate our
notification counts.
There was no reason for this to be in client. Room is still rather
large, but at least it makes somewhat more sense there.
Moving as a refactor before I start work on it.
* Add test for the client-side e2e notifications code
* Extend logic for local notification processing to threads
There's collection of logic for for processing receipts and recomputing
notifications for encrypted rooms, but we didn't do the same for threads.
As a reasult, when I tried pulling some of the logic over in
https://github.com/matrix-org/matrix-js-sdk/pull/4106
clearing notifications on threads just broke.
This extends the logic of reprocessing local notifications when a receipt
arrives to threads.
Based on https://github.com/matrix-org/matrix-js-sdk/pull/4109
* simplify object literal
* Add tests & null guard
* Remove unused imports
* Add another skipped test
* Unused import
* enable tests
* Fix thread support nightmare
* Try this way
* Unused import
* Comment the bear trap
* expand comment
* Move code for processing our own receipts to Room
This is some code to process our own receipts and recalculate our
notification counts.
There was no reason for this to be in client. Room is still rather
large, but at least it makes somewhat more sense there.
Moving as a refactor before I start work on it.
* Add test for the client-side e2e notifications code
* simplify object literal
* WIP fix for bugs first-thread-reply bugs
* Add re-emitter before we start adding events, as per comment
* Add test for notification bug
* Test for the bug that caused the dot to be the wrong colour
* Add comment
* elaborate
* Fix outdated comment
* Also fix this comment
* Fix another comment
* Fix typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Clarify comment
* More comment
* so much comment
also reformat (the bit that's actually added is s/it/this.addEvents/)
* The comments
* Maybe make comment clearer.
* Add comment about potential race
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Introduce Membership TS type
* Adapt the Membership TS type to be an enum
* Add docstrings for KnownMembership and Membership
* Move Membership types into a separate file, exported from types.ts
---------
Co-authored-by: Stanislav Demydiuk <s.demydiuk@gmail.com>
* fix automatic DM avatar with functional members
* update comments
* lint
* add tests for functional members
* keep functional members out of the public API
- remove public API for functional members, reverting most of 0ce2d82, f9b41f6, e65fb24
- remove tests for functional members public API c114bf5
- add shared functional members getter for both room name and avatar fallback generation
* filter functional members from more candidates
- remove from hero(es)
- remove from previous members
* add tests for fallback avatars with functional members
* Add docstring for getFunctionalMembers
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* inline getInvitedAndJoinedFunctionalMemberCount
* update comments for getAvatarFallbackMember
* use correct list of heroes in getAvatarFallbackMember
* remove redundant type annotation
* optimize performance of invitedAndJoinedFunctionalMemberCount
* calculate nonFunctionalMemberCount in one step
instead of iterating redundantly
* clean up functional member tests with review feedback
* lint
* Update src/models/room.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* apply feedback about comments
* non-functional per review, lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Export types describing all specced media event formats
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate PR
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Move types to a dedicated export
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add readme entry
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
The root event of a thread used to arrive with the pagination request, but this was unspecced and so got changed to simply fetch the root event. In many (almost all) cases this shouldn't be necessary because the thread should already have its root event: re-use it if it's already there. This is only in pagination, so there's no reason to believe that the root event would have changed and needs to be re-fetched.
This removes a number of duplicate calls to the /event/ endpoint from the tests.
* When merging release notes, allow considering later versions in the same major.minor.patch set
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Tweak comments
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add basic retry for outgoing requests
* Update doc
* Remove 504 from retryable
* Retry all 5xx and clarify client timeouts
* code review cleaning
* do not retry rust request if M_TOO_LARGE
* refactor use common retry alg between scheduler and rust requests
* Code review, cleaning and doc
* Update dependency oidc-client-ts to v3
* Update jwt-decode so that oidc-client-ts doesn't run its own and thus we can mock
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Merge
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* delint
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Sort package.json
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Ensure oidc-client-ts 3.0.1 to drop crypto-js
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow specifying more OIDC client metadata for dynamic registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow specifying url_state for dynamic oidc client registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Export NonEmptyArray type
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Allow specifying more OIDC client metadata for dynamic registration
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Export NonEmptyArray type
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix test
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove allchange dependency
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove stale release scripts
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update pull request template to remove allchange behaviours
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update label check automation
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* mheap
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Re-add node-fetch which was previously transitive via allchange
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Use node-fetch@^2
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add unread marker event type
To support setting the 'marked unread' flag
* Await encrypted messages (#4063)
* await encrypted messages
+ fix comments
Signed-off-by: Timo K <toger5@hotmail.de>
* fix Tests
Signed-off-by: Timo K <toger5@hotmail.de>
* fix test
Signed-off-by: Timo K <toger5@hotmail.de>
* make sonar happy
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Ignore memberships of users that are not in the call (#4065)
* ignore memberships of users that are not in the call
Signed-off-by: Timo K <toger5@hotmail.de>
* recompute memberships on room member change.
Signed-off-by: Timo K <toger5@hotmail.de>
* fix Tests and add test for left member
Signed-off-by: Timo K <toger5@hotmail.de>
* fix event type
Signed-off-by: Timo K <toger5@hotmail.de>
* fix import desaster
Signed-off-by: Timo K <toger5@hotmail.de>
* fix mocks
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
Co-authored-by: Timo <16718859+toger5@users.noreply.github.com>
* ignore memberships of users that are not in the call
Signed-off-by: Timo K <toger5@hotmail.de>
* recompute memberships on room member change.
Signed-off-by: Timo K <toger5@hotmail.de>
* fix Tests and add test for left member
Signed-off-by: Timo K <toger5@hotmail.de>
* fix event type
Signed-off-by: Timo K <toger5@hotmail.de>
* fix import desaster
Signed-off-by: Timo K <toger5@hotmail.de>
* fix mocks
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Add utility to check for non migrated legacy db
* code review changes
* add unit tests for existsAndIsNotMigrated
* ensure indexeddb is clean for each state
(cherry picked from commit f94dbdec0f)
* Add utility to check for non migrated legacy db
* code review changes
* add unit tests for existsAndIsNotMigrated
* ensure indexeddb is clean for each state
* Rust crypto: handle the SAS verifier being replaced
* lint
* make changes from review
* apply changes from code review
* remove useless assertions
* wrap acceptance inside a try-catch, and factor out acceptance into a function
* fix bugs
* we don't actually need the .accept variable
* move setInner to inside SAS class, and rename to replaceInner
* use defer to avoid using a closure
* lint
* prettier
* use the right name
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* combine onChangeCallback with onChange
* apply changes from review
* add test for QR code verification, and try changing order in onChange
* lint
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Make MSC3906 implementation compatible with Rust Crypto
* Verify using CryptoApi but no cross-signing (yet)
* Use new crossSignDevice() function
* Mock crossSignDevice() function
* Fix type of parameter in mock
* review: cleaning
* review: Remove unneeded defensive coding
* review: fix outdated documentation
* QR login: review, cleaning
* QR login | review: use getSafeUserId
---------
Co-authored-by: Valere <bill.carson@valrsoft.com>
* add expire_ts compatibility to matrixRTC
Signed-off-by: Timo K <toger5@hotmail.de>
* add expire_ts
Signed-off-by: Timo K <toger5@hotmail.de>
* rename expire_ts -> expires_ts
Signed-off-by: Timo K <toger5@hotmail.de>
* allow events without `expires`
Signed-off-by: Timo K <toger5@hotmail.de>
* fix test for expires_ts
Signed-off-by: Timo K <toger5@hotmail.de>
* comment clarification
Signed-off-by: Timo K <toger5@hotmail.de>
* add comment where one needs to use the origin_server_ts
Signed-off-by: Timo K <toger5@hotmail.de>
* add additional expires_ts tests
Signed-off-by: Timo K <toger5@hotmail.de>
* fix fake timer
Signed-off-by: Timo K <toger5@hotmail.de>
* change priority order to favor expires
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* rust-crypto: allow reporting failures when restoring keys
* add test and catch more invalid keys
* remove checks for room_id and session_id as they are guaranteed to be set
* remove obsolete comment
* crypto.spec: make `keyResponder` a local var
it is never used between functions, so making it external was confusing
* Persist encryption state to the rust room list.
* `MatrixClient.shouldEncryptEventForRoom`: fix for rust crypto
Previously, we were not bothering to ask the Rust Crypto stack if it thought we
should be encrypting for a given room. This adds a new method to `CryptoApi`,
wires it up for legacy and Rust crypto, and calls it.
* Tests for persistent room list
* Replace `pendingEventEncryption` with a Set
We don't actually need the promise, so no need to save it.
This also fixes a resource leak, where we would leak a Promise and a HashMap
entry on each encrypted event.
* Convert `encryptEventIfNeeded` to async function
This means that it will always return a promise, so `encryptAndSendEvent` can't
tell if we are actually encrypting or not. Hence, also move the
`updatePendingEventStatus` into `encryptEventIfNeeded`.
* Simplify `encryptAndSendEvent`
Rewrite this as async.
* Factor out `MatrixClient.shouldEncryptEventForRoom`
* Inline a call to `isRoomEncrypted`
I want to deprecate this thing
* fix IndexedDBStore API documentation
changes the changelog entry to include since when this change is needed
fix#3986
Signed-off-by: Jan Jurzitza <gh@webfreak.org>
* retroactively add breaking change note to changelog entry
Signed-off-by: Jan Jurzitza <gh@webfreak.org>
---------
Signed-off-by: Jan Jurzitza <gh@webfreak.org>
... and replace a lot of calls to `MatrixClient.isRoomEncrypted` with it.
This is a lesser check (since it can be tricked by servers withholding the
state event), but for most cases it is sufficient. At the end of the day, if
the server witholds the state, the room is pretty much bricked anyway. The one
thing we *mustn't* do is allow users to send *unencrypted* events to the room.
* Support optional MSC3860 redirects
See `allow_redirect` across the media endpoints: https://spec.matrix.org/v1.9/client-server-api/#client-behaviour-7
* Update the tests
* Appease the linter
* Add test to appease SonarCloud
* Only add `allow_redirect` if the parameter is specified rather than defaulting to `false`
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* ElementR | backup: call expensive `roomKeyCounts` less often
* review: Improve doc
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review: Improve loop
* review: Add comment regarding slightly outdated remaining count
* Review: doc fix typo
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* review: refactor code order, count after doing the request
* review: Missing await on sleep for limit exceeded
* review: Comment | add a note for when performance drops
* Backup: add upload loop test for rust
* test: quick fix backup loop tests
* test: quick fix imports backup loop tests
* review: improve comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review improve comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Review: Clean and improve tests
* fix: wrong test name
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Decrypt and Import full backups in chunk with progress
* backup chunk decryption jsdoc
* Review: fix capitalization
* review: better var name
* review: fix better iterate on object
* review: extract utility function
* review: Improve test, ensure mock calls
* review: Add more test for decryption or import failures
* Review: fix typo
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
---------
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
This commit does two things:
* It puts the "minimum supported matrix version" from v1.5 back down to
v1.1. In other words, it is a partial revert of
https://github.com/matrix-org/matrix-js-sdk/pull/3970. (Partial, because we
don't need to update the tests.)
We're doing this largely because
https://github.com/matrix-org/matrix-js-sdk/pull/3970 was introduced without
a suitable announcement and deprecation policy. We haven't yet decided if
the js-sdk's spec support policy needs to change, or if we will re-introduce
this change in future in a more graceful manner.
* It increases the "maximum supported matrix version" from v1.5 up to
v1.9. Previously, the two concepts were tied together, but as discussed at
length in
https://github.com/matrix-org/matrix-js-sdk/issues/3915#issuecomment-1865221366,
this is incorrect.
Unfortunately, we have no real way of testing whether it is true that the
js-sdk actually works with a server which supports *only* v1.9, but as per
the comment above, we can't do much about that.
Fixes https://github.com/matrix-org/matrix-js-sdk/issues/3915.
* Fix new threads not appearing.
We try to update the thread roots when creating a thread, but a thread
can take some time to be ready after being created so we were calling it
too soon. Add a listener for the Update event to update the thread roots
once it's ready.
Fixes https://github.com/element-hq/element-web/issues/26799
* Don't recreate the event when we update
and also add a comment to the test
* Hopefully make sonarcloud happy
* Fix `CryptoStore.countEndToEndSessions`
This was apparently never tested, and was implemented incorrectly.
* Add `CryptoStore.countEndToEndInboundGroupSessions`
* Emit events to indicate migration progress
* Use a `StoreHandle` to init OlmMachine
This will be faster if we need to prepare the store.
* Include "needsBackup" flag in inbound group session batches
* On startup, import data from libolm cryptostore
* ISessionExtended -> SessionExtended
* #22606 Fix "Remove" button to users without "m.room.redaction" permission
This change makes the remove button NOT available to users without permissions
* Fix lint
Signed-off-by: Rashmit Pankhania <rashmitpankhania@gmail.com>
---------
Signed-off-by: Rashmit Pankhania <rashmitpankhania@gmail.com>
* `getOwnDeviceKeys`: use `olmMachine.identityKeys`
This is simpler, and doesn't rely on us having done a device query to work.
* Factor out `requestKeyBackupVersion` utility
* Factor out `makeMatrixHttpApi` function
* Convert `initRustCrypto` to take a params object
* Improve logging in startup
... to help figure out what is taking so long.
* Fix typo in jest CI
Caused versions to clobber each other's LCOV
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Move sonarcloud shard support into reusable workflow
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Send authenticated /versions request
Implements [MSC4026](https://github.com/matrix-org/matrix-spec-proposals/pull/4026).
I believe this probably is as simple as this: it will mean that the versions
response can obviously change after logging in, but since the client is
constructed again with an access token, this should just work (?)
A remaining question is whether this needs to be optional. Opening the PR
to prompt the discussion. Apps might not expect it, but it's just the same
auth that we're sending to other endpoints on the same server.
* Fix tests
* Clear /versions cache on access token set
* Remove m.thread filter from relations API call
We used MSC3981 to pass the recurse param to the /relations
endpoint so that we could get relations to events in a thread, but
we kept the rel_type filter on (as m.thread) so no second-order relations
would ever have been returned (a nested thread isn't a thing).
This removes the filter and does some filtering on the client side to
remove any events that shouldn't live in the threaded timeline (ie.
non-thread relations to the thread root event).
This should help fix stuck unreads because it will avoid the event that
the receipt refers to going missing (but only on HSes that support MSC3981).
For https://github.com/vector-im/element-web/issues/26718
* Fix import cycle
* Remove params from expected calls in tests to match
* Unused import
* Comment explaining the purpose of RoomList
* Fix incorrect return type declaration on RoomList.getRoomEncryption
* Move RoomList out of MatrixClient, into legacy Crypto
* Initialise RoomList inside Crypto.init to allow us to await it
* initial commit
* new interation test
* more comments
* fix test, quick refactor on request version
* cleaning and logs
* fix type
* cleaning
* remove delegate stuff
* remove events and use timer mocks
* fix import
* ts ignore in tests
* Quick cleaning
* code review
* Use Errors instead of Results
* cleaning
* review
* remove forceCheck as not useful
* bad naming
* inline pauseLoop
* mark as paused in finally
* code review
* post merge fix
* rename KeyDownloadRateLimit
* use same config in loop and pass along
A method that we use for fetching recursive related events on homeservers
without MSC3981 support injects events into the timeline in timestamp
order using a special method on event-timeline-set. Injecting events using
this method could cause on-screen notifications because it incorrectly set
the 'liveEvent' flag to true if the events were added tio the live timeline.
These events are never live though as the point is that we're fetching them.
* don't back up keys that we got from backup
* lint
* lint again
* remove key source struct and add function for importing from backup
* apply changes from review
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Test whether an event not in a room's timeline causes notification count increase
Commited separately to demonstrate test failing before.
* Don't fix up notification counts if event isn't in the room
As explained by the comment, hopefully.
* Fix other test
* Rust-crypto: fix `bootstrapCrossSigning` on second call
Currently, `bootstrapCrossSigning` raises an exception if it is called a second
time before secret storage is set up. It is easily fixed by checking that 4S is
set up before trying to export to 4S.
Also a few logging fixes while we're in the area.
* Factor out an `AccountDataAccumulator`
* Another test for bootstrapCrossSigning
* Bump `matrix-rust-sdk-crypto-wasm` to v3.2.0
* Reinstate timeout on `getUserDevices` call
Turns out that this used to have a timeout of 1 second in the wasm
bindings, which it no longer does. Reinstate it here.
MatrixClient API was exposing two methods that only worked for legacy crypto:
- getDeviceEd25519Key
- getDeviceCurve25519Key
=> These are used in the react-sdk for some functionality (rageshake, sentry, rendez-vous).
I have deprecated those calls from MatrixClient and created a new API in CryptoApi (where it belongs):
getOwnDeviceKeys(): Promise<OwnDeviceKeys>
If we call methods on `OlmMachine` after `MatrixClient.stopClient` is called,
we will end up with a "use of moved value" error. We can turn these into
something more useful with judicious use of `getOlmMachineOrThrow`.
Alternatively, we can sidestep the issue by bailing out sooner.
* Reduce console log spam
A couple of different things:
* Increase the `MaxListeners` setting on `MatrixClient` and `Thread`, so that
we don't get "possible EventEmitter leak" warnings
* Disable a couple of warnings/info lines that are just part of regular
operation and are logged in large volumes.
* another noisy log line
* Reinstate warning about receipts for missing events
Apparently this is being worked on
* Add CallNotifyEvent to support matrix rtc ringing
Signed-off-by: Timo K <toger5@hotmail.de>
* test SessionId
Signed-off-by: Timo K <toger5@hotmail.de>
* docs + sessionId->callId
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Tidy reusable release workflow
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add ability to include upstream changes
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add ability to upload assets and gpg sign them
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update relative composite actions
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Wire up validating release tarball signature
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Validate release has expected assets
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Paths
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Use gpg outputs for email instead of scraping it ourselves
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* v6
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Extract pre-release and post-merge-master scripts
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Reuse pre-release and post-merge-master scripts in gha
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Cull unused vars
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Revert
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Remove unused variables
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Simplify
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Simplify and fix merge-release-notes script
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Tidy release automation
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Update release.sh
* Move environment
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* s/includes/contains/
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Iterate uses syntax
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix action-repo calls
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix RELEASE_NOTES env
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix if check
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix gpg tag signing
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Cull stale params
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix sign-release-tarball paths being outside the workspace
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix gpg validation (of course wget uses `-O` and not `-o`)
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix expected asset assertion
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Fix release publish mode
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add support for ingest-changes to refer to a project without it being in node_modules
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Bump matrix-sdk-crypto-wasm to 3.0.0
... which changes the API of `bootstrapCrossSigning` a bit.
* Fix class names in test
* fix brokenness in bootstrapCrossSigning
* Bump to `matrix-sdk-crypto-wasm` 3.0.1
* WIP refactor for removing m.call events
* Always remember rtcsessions since we need to only have one instance
* Fix tests
* Fix import loop
* Fix more cyclic imports & tests
* Test session joining
* Attempt to make tests happy
* Always leave calls in the tests to clean up
* comment + desperate attempt to work out what's failing
* More test debugging
* Okay, so these ones are fine?
* Stop more timers and hopefully have happy tests
* Test no rejoin
* Test malformed m.call.member events
* Test event emitting
and also move some code to a more sensible place in the file
* Test getActiveFoci()
* Test event emitting (and also fix it)
* Test membership updating & pruning on join
* Test getOldestMembership()
* Test member event renewal
* Don't start the rtc manager until the client has synced
Then we can initialise from the state once it's completed.
* Fix type
* Remove listeners added in constructor
* Stop the client here too
* Stop the client here also also
* ARGH. Disable tests to work out which one is causing the exception
* Disable everything
* Re-jig to avoid setting listeners in the constructor
and re-enable tests
* No need to rename this anymore
* argh, remove the right listener
* Is it this test???
* Re-enable some tests
* Try mocking getRooms to return something valid
* Re-enable other tests
* Give up trying to get the tests to work sensibly and deal with getRooms() returning nothing
* Oops, don't enable the ones that were skipped before
* One more try at the sensible way
* Didn't work, go back to the hack way.
* Log when we manage to send the member event update
* Support `getOpenIdToken()` in embedded mode (#3676)
* Call `sendContentLoaded()` (#3677)
* Start MatrixRTC in embedded mode (#3679)
* Reschedule the membership event check
* Bump widget api version
* Add mock for sendContentLoaded()
* Embeded mode pre-requisites
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Embeded mode E2EE
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Encryption condition
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert "Embeded mode pre-requisites"
This reverts commit 8cd73702052609c995ad754e31f85d0da0be4aa9.
* Get back event type
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
fds
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Change embedded E2EE implementation
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* More log detail
* Fix tests
and also better assert because the tests were passing undefined which
was considered fine because we were only checking for null.
* Simplify updateCallMembershipEvent a bit
* Split up updateCallMembershipEvent some more
* Use `crypto.getRandomValues()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Rename to `membershipToUserAndDeviceId()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Better error
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Add log line
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Add comment
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Send call ID in enc events
(also a small refactor)
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert making `joinRoomSession()` async
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `client` `private` again
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Just use `toString()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix `callId` check
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix map
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix map compare
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix emitting
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Explicit logging
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Refactor
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `updateEncryptionKeyEvent()` public
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Only update keys based on others
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix call order
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Improve logging
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Avoid races
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert "Avoid races"
This reverts commit f65ed72d6e.
* Add try-catch
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `updateEncryptionKeyEvent()` private
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Handle indices and throttling
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix merge mistakes
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Mort post-merge fixes
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Split out key generation from key sending
And send all keys in a key event (changes the format of the key event)
rather than just the one we just generated.
* Remember and clear the timeout for the send key event
So we don't schedule more key updates if one is already pending.
Also don't update the last sent time when we didn't actually send the
keys.
* Make key event resends more robust
* Attempt to make tests pass
* crypto wasn't defined at all
* Hopefully get interface right
* Fix key format on the wire to base64
* Add comment
* More standard method order
* Rename encryptMedia
The js-sdk doesn't do media and therefore doesn't do media encryption
* Stop logging encryption keys now
* Use regular base64
It's not going in a URL, so no need
* Re-add base64url
randomstring was using it. Also give it a test.
* Add tests for randomstring
* Switch between either browser or node crypto
Let's see if this will work...
* Obviously crypto has already solved this
* Some tests for MatrixRTCSession key stuff
* Test keys object contents
* Change keys event format
To move away from m. keys
* Test key event retries
* Test onCallEncryption
* Test event sending & spam prevention
* Test event cancelation
* Test onCallEncryption called
* Better before/after member comparison
Only trigger for when members actually join, and just generally
make it a bit more understandable.
* Rotate per-participant keys when a member leaves
With a delay borth before making a new key, to try to batch up multiple
people leaving into a single key change, and a delay before actually
using the new key to allow time for it to arrive.
This increasingly feels like storing our own sender key in the same set
is suboptimal because we're starting to have to treat it more & more
specially.
* Some errors didn't have data
* Fix binary key comparison
& add log line
* Fix compare function with undefined values
* Test key rotation
* Test caught a merge bug!
* The missing word was, 'delay'
* More input validation
---------
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
Co-authored-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Age fallback using origin_server_ts instead of 0
Signed-off-by: Timo K <toger5@hotmail.de>
* use getMsUntilExpiry for isExpired
Signed-off-by: Timo K <toger5@hotmail.de>
* fix tests
tests now also rely on localTimestamp. So this need to be mocked as well
Signed-off-by: Timo K <toger5@hotmail.de>
* better fallback for unavailable unsigned
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Clean up unused envvar
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Make the gitflow workflow reusable
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Add support for resetting dependencies to develop after merge
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Rename workflow file
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
---------
Signed-off-by: Michael Telatynski <7t3chguy@gmail.com>
* Ignore receipts pointing at missing or invalid events
* Remove extra whitespace from log message
* Unit tests for ignoring invalid receipts
* Improve comments around getEventReadUpTo
* Re-instate second param to compareEventOrdering in test
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Further improve comments around getEventReadUpTo
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* fix members loaded on intitial sync
* Update test to use KeyResponder
* Use E2EKeyResponder
* code review
* better comment
* fix test
* post merge fix
* fix imports
* refactoring, better names
* code review
* clean tests
* Cleanups per review comments
* fix test
* Apply suggestions from code review
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Age fallback using origin_server_ts instead of 0
Signed-off-by: Timo K <toger5@hotmail.de>
* use getMsUntilExpiry for isExpired
Signed-off-by: Timo K <toger5@hotmail.de>
* fix tests
tests now also rely on localTimestamp. So this need to be mocked as well
Signed-off-by: Timo K <toger5@hotmail.de>
* fix another test that now also depends on localTimestamp
Signed-off-by: Timo K <toger5@hotmail.de>
* fix tests and cleanup
Signed-off-by: Timo K <toger5@hotmail.de>
* format
Signed-off-by: Timo K <toger5@hotmail.de>
* make things simpler by calculating localTimestamp
from getLocalAge
Signed-off-by: Timo K <toger5@hotmail.de>
* this test was not covered by the change to mockRTCEvent
Signed-off-by: Timo K <toger5@hotmail.de>
* format
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Support for stable MSC3882 get_login_token
* Make changes non-breaking by deprecation
* Remove deprecated exports from MSC3882 stabilisation
* Feat remove support for unstable MSC3882
* Remove bad line from rebase
* WIP refactor for removing m.call events
* Always remember rtcsessions since we need to only have one instance
* Fix tests
* Fix import loop
* Fix more cyclic imports & tests
* Test session joining
* Attempt to make tests happy
* Always leave calls in the tests to clean up
* comment + desperate attempt to work out what's failing
* More test debugging
* Okay, so these ones are fine?
* Stop more timers and hopefully have happy tests
* Test no rejoin
* Test malformed m.call.member events
* Test event emitting
and also move some code to a more sensible place in the file
* Test getActiveFoci()
* Test event emitting (and also fix it)
* Test membership updating & pruning on join
* Test getOldestMembership()
* Test member event renewal
* Don't start the rtc manager until the client has synced
Then we can initialise from the state once it's completed.
* Fix type
* Remove listeners added in constructor
* Stop the client here too
* Stop the client here also also
* ARGH. Disable tests to work out which one is causing the exception
* Disable everything
* Re-jig to avoid setting listeners in the constructor
and re-enable tests
* No need to rename this anymore
* argh, remove the right listener
* Is it this test???
* Re-enable some tests
* Try mocking getRooms to return something valid
* Re-enable other tests
* Give up trying to get the tests to work sensibly and deal with getRooms() returning nothing
* Oops, don't enable the ones that were skipped before
* One more try at the sensible way
* Didn't work, go back to the hack way.
* Log when we manage to send the member event update
* Support `getOpenIdToken()` in embedded mode (#3676)
* Call `sendContentLoaded()` (#3677)
* Start MatrixRTC in embedded mode (#3679)
* Reschedule the membership event check
* Bump widget api version
* Add mock for sendContentLoaded()
* Embeded mode pre-requisites
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Embeded mode E2EE
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Encryption condition
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert "Embeded mode pre-requisites"
This reverts commit 8cd73702052609c995ad754e31f85d0da0be4aa9.
* Get back event type
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
fds
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Change embedded E2EE implementation
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* More log detail
* Fix tests
and also better assert because the tests were passing undefined which
was considered fine because we were only checking for null.
* Simplify updateCallMembershipEvent a bit
* Split up updateCallMembershipEvent some more
* Use `crypto.getRandomValues()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Rename to `membershipToUserAndDeviceId()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Better error
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Add log line
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Add comment
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Send call ID in enc events
(also a small refactor)
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert making `joinRoomSession()` async
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `client` `private` again
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Just use `toString()`
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix `callId` check
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix map
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix map compare
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix emitting
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Explicit logging
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Refactor
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `updateEncryptionKeyEvent()` public
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Only update keys based on others
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix call order
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Improve logging
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Avoid races
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Revert "Avoid races"
This reverts commit f65ed72d6e.
* Add try-catch
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Make `updateEncryptionKeyEvent()` private
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Handle indices and throttling
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Fix merge mistakes
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Mort post-merge fixes
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Split out key generation from key sending
And send all keys in a key event (changes the format of the key event)
rather than just the one we just generated.
* Remember and clear the timeout for the send key event
So we don't schedule more key updates if one is already pending.
Also don't update the last sent time when we didn't actually send the
keys.
* Make key event resends more robust
* Attempt to make tests pass
* crypto wasn't defined at all
* Hopefully get interface right
* Fix key format on the wire to base64
* Add comment
* More standard method order
* Rename encryptMedia
The js-sdk doesn't do media and therefore doesn't do media encryption
* Stop logging encryption keys now
* Use regular base64
It's not going in a URL, so no need
* Re-add base64url
randomstring was using it. Also give it a test.
* Add tests for randomstring
* Switch between either browser or node crypto
Let's see if this will work...
* Obviously crypto has already solved this
* Some tests for MatrixRTCSession key stuff
* Test keys object contents
* Change keys event format
To move away from m. keys
* Test key event retries
* Test onCallEncryption
* Test event sending & spam prevention
* Test event cancelation
* Test onCallEncryption called
* Some errors didn't have data
* Fix binary key comparison
& add log line
* Fix compare function with undefined values
* Remove more key logging
* Check content.keys is an array
* Check key index & key
* Better function name
* Tests too
---------
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
Co-authored-by: David Baker <dave@matrix.org>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
* Fix issue
* Fix jest test
* Fix even more jest failures
* Fix formatting
* Add a test
* Write test for older code
* Fix lint
* Rename method
* Make ctor deprecated
* Element-R: reduce log spam when checking server key backup
Fixes a lot of spam in the logs about "uncaught in promise: No room_keys
found".
* Improve integ tests for backup query after UTD
* Yield in the backup decryption loop
* Fix another broken test
The current deprecation notice advises you to use a method which does something
completely different.
Fixing this "properly" is slightly challenging because we don't want to support
setting it to `true` in Rust Crypto; yet I don't really want to change the
default for legacy crypto.
Let's just document the behaviour for now.
* Add current version of the rust-sdk and vodozemac
* Return OlmVersion in `CryptoApi#getVersion` for old crypto
* Add `Olm` prefix
* Fix documentation
* Review changes
* Wire up history visibility in `RoomEncryptor.ts`
* Add more tests to history visibility conversion
* Factorize `expectSendMessage` and `expectSendMegolmMessage`
* Use correct import
* Fix overwriteRoutes
* Update comments
* Element-R: silence log errors when viewing a pending event
Fixes the second half of vector-im/element-web#26272
* Update spec/integ/crypto/crypto.spec.ts
* Change latest node ver to '*'
This uses the latest cached version rather than fetching the latest released version so we don't reply on (and hammer) node's download servers for the very latest version before the actions runners get updated. We'll still stay current, just not quite so aggressively current.
* Fix artifact uploading hopefully
* Hopefully make job name 'node latest'
We had two identical sets of base64 functions in the js-sdk, both
using Buffer which isn't really available in the browser unless you're
using an old webpack (ie. what element-web uses). This PR:
* Takes the crypto base64 file and moves it out of crypto (because
we use base64 for much more than just crypto)
* Makes them work in a browser without the Buffer global
* Removes the other base64 functions
* Changes everything to use the new common ones
* Adds a comment explaining why the function is kinda ugly and how
soul destroyingly awful the JS ecosystem is.
* Runs the tests with both impls
* Changes the test to not just test the decoder against the encoder
* Adds explicit support & tests for (decoding) base64Url (I'll add an
encode method later, no need for that to go in this PR too).
* Don't remove thread info from a thread root when it is redacted
* Move the redaction event to main at the same time we move redacted
Since the redacted event is moving to the main timeline, the redaction
belongs there too, since its relationship to the redacted event is the
only thing making it part of the thread.
* Handle backup secret gossip
* use getSecretsFromInbox
* add gossip test
* use delete secret API
* fix logger
* better comment and cleaning
* free the pkSigning
* fix typo
* add missing mocks
* improve coverage
* better var name
* quick refactoring
* add more tests
* Review, format and comments
* refactor move more logic to backup.ts
* poll secret inbox
* missing mock
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/backup.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/rust-crypto/rust-crypto.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* code review
* fix comment
* remove comment
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* quick factorise
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Move redaction event tests into their own describe block
* Factor out utils in redaction tests
* Factor out the code for moving an event to the main timeline
* Move all related messages into main timeline on redaction
* Deprecate `MatrixEvent.toJSON`
Per https://github.com/vector-im/element-web/issues/26380, this method is too
easy to use accidentally, and per the comments, it doesn't even return a
meaningful JSON-serialisation of the object.
* Update src/models/event.ts
https://github.com/matrix-org/matrix-js-sdk/pull/3756 changed
the membership update function to await on the next call, but this
meant it never returned and therefore never cleared
`updateCallMembershipRunning`. We therefore didn't send the updated
call member event when leaving, instead sending it whenever the next
poll interval arrived.
This changes it to only await if we are retrying, not if we're just
scheduling the next poll.
Fixes https://github.com/vector-im/element-call/issues/1763
* Extract threadIdForReceipt function from sendReceipt
* Tests for threadIdForReceipt
* Correct test of threadIdForReceipt to expect main for redaction of threaded
* Expand and comment implementation of threadIdForReceipt
* very messy poc
* iterate
* more types and use tokenRefreshFunction
* working refresh without persistence
* tidy
* add claims to completeauhtorizationcodegrant response
* export tokenrefresher from matrix
* add idtokenclaims
* add claims to completeauhtorizationcodegrant response
* only one token refresh attempt at a time
* tests
* comments
* add tokenRefresher class
* export generateScope
* export oidc from matrix
* test refreshtoken
* mark experimental
* add getRefreshToken to client
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove some vars in test
* make TokenRefresher un-abstract, comments and improvements
* remove invalid jsdoc
* Update src/oidc/tokenRefresher.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Code review improvements
* fix verification integ tests
* remove unused type from props
* fix incomplete mock fn in fetch.spec
* document TokenRefreshFunction
* comments
* tidying
* update for injected logger
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Don't use event.sender in CallMembership
I fell into another js-sdk trap: this is "only guaranteed to be set
for events that appear in a timeline" and not state events. It does
not say why. We only ever used it to get the sender user ID anyway,
so just use getSender().
* Fix test
* Element-R: Don't mark QR code verification as done too soon
The rust crypto sdk doesn't actually finish QR code verification until the
`m.key.verification.done` is received, so make sure we don't tell the
application it is done before that happens.
Fixes https://github.com/vector-im/element-web/issues/26293
* ignore fallback line
* Revert unnecessary changes
Can't get the coverage high enough on this and it's not needed.
* Support MatrixClient-specific loggers.
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* Use client-specific logger in client.ts.
Signed-off-by: Patrick Cloke <clokep@patrick.cloke.us>
* Log `fetch` requests to the per-client logger
* Use client-specific logger in rust-crypto
* add tokenRefresher class
* export generateScope
* export oidc from matrix
* mark experimental
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* remove some vars in test
* make TokenRefresher un-abstract, comments and improvements
* remove invalid jsdoc
* Update src/oidc/tokenRefresher.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Code review improvements
* document TokenRefreshFunction
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* rename loglevel import to loglevel
* Define new `Logger` interface to replace `PrefixedLogger`
* PrefixedLogger -> Logger in crypto store
* PrefixedLogger -> Logger in `src/crypto`
* PrefixedLogger -> Logger in rust-crypto
* make leaveRoomSession async.
This does not resolve the promise until the event is actually send.
No network connection would make awaiting on this blocking.
Signed-off-by: Timo K <toger5@hotmail.de>
* add timeout to leave
Signed-off-by: Timo K <toger5@hotmail.de>
* formatting
Signed-off-by: Timo K <toger5@hotmail.de>
---------
Signed-off-by: Timo K <toger5@hotmail.de>
* Avoid `VerificationRequest.generateQRCode` to crash when QRCode is unavailable
* Add tests `can try to generate a QR code when QR code is not supported`
* `RustBackupManager.getActiveBackupVersion`: check that backup is enabled
The previous check on `isBackupEnabled` was a no-op
* Fix log spam on shieldless events
* Reduce log spam about tracking users
* Reduce log spam about decrypting events
Logging the entire event is excessive
Switches use of `global` to `globalThis`, which is better supported when building with modern build tools like Vite.
Refs #2903
Signed-off-by: Damon Vestervand <damon@beyondwork.ai>
Signed-off-by: Damon <damon@vestervand.net>
When calling MatrixClient.joinRoom with a room alias, the method would create a new Room object, even if you were already present in that room. This changes its behavior to no-op, as the doc comment promises.
* Add membershipID to call memberships
This allows us to recognise easily when a membership is from some
previous sessions rather than our own and therefore ignore it
(see comment for more).
This was causing us to see existing, expired membership events and
bump the expiry on them rather than send a new membership. This might
have been okay if we bumped them enough to actually make them un-expired,
but it's a fresh session so semanticly we want to post a fresh membership
rather than resurrecting a previous, expired membership.
* Fix test types
* Fix tests
* Make test coverage happy
---------
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* Element-R: use the pickleKey to encrypt the crypto store
`pickleKey` is a passphrase set by the application for this express purpose.
* update tests
* fix tests, again
* Emit a `UserTrustStatusChanged` when user identity is updated
* Remove redundant `onCrossSigningKeysImport` callback
This now happens as a side-effect of importing the keys.
* bump to alpha release of matrix-rust-sdk-crypto-wasm
* fixup! Remove redundant `onCrossSigningKeysImport` callback
* Fix potential delay in sending out requests from the rust SDK
There was a potential race which could cause us to be very slow to send out
pending HTTP requests, particularly when handling a user verification. Add some
resiliece to make sure we handle it correctly.
* add comments
* Add a unit test
---------
Co-authored-by: Andy Balaam <andy.balaam@matrix.org>
* Refactor key backup recovery to prepare for rust
* rust backup restore support
* map decryption errors correctly from rust
* query backup on fail to decrypt
* Refactor key backup recovery to prepare for rust
* rust backup restore support
* map decryption errors correctly from rust
* Move export out of old crypto to api with re-export
* extract base64 utility
* add tests for base64 util
* more efficient regex
* fix typo
* use different vector for bob
* missing import
* Group tests for decryption errors
* Do not map unneeded rust error for now
* Refactor key backup recovery to prepare for rust
* rust backup restore support
* Move export out of old crypto to api with re-export
* extract base64 utility
* add tests for base64 util
* more efficient regex
* fix typo
* Add hacky option to disable the actual calling part of group calls.
So we can try using livekit instead.
* Put LiveKit info into the `m.call` state event (#3522)
* Put LK info into state
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Update to the new way the LK service works
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
---------
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
* Send 'contentLoaded' event
As per comment, so we can start digging ourselves out of the widget
API hole we're currently in.
* Add comment on updating the livekit service URL
* Appease CI on `livekit` branch (#3566)
* Update codeowners on `livekit` branch (#3567)
* add getOpenIdToken to embedded client backend
Signed-off-by: Timo K <toger5@hotmail.de>
* add test and update comment
Signed-off-by: Timo K <toger5@hotmail.de>
* Merge `develop` into `livekit` (#3569)
Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: RiotRobot <releases@riot.im>
Co-authored-by: Florian Duros <florianduros@element.io>
Co-authored-by: Kerry <kerrya@element.io>
Co-authored-by: David Baker <dbkr@users.noreply.github.com>
Co-authored-by: Erik Johnston <erik@matrix.org>
Co-authored-by: Valere <bill.carson@valrsoft.com>
Co-authored-by: Hubert Chathi <hubertc@matrix.org>
Close IDB database before deleting it to prevent spurious unexpected close errors (#3478)
Fix export type `GeneratedSecretStorageKey` (#3479)
Fix order of things in `crypto-api.ts` (#3491)
Fix bug where switching media caused media in subsequent calls to fail (#3489)
fixes (#3515)
fix the integ tests, where #3509 etc fix the unit tests.
fix breakage on node 16 (#3527)
Fix an instance of failed to decrypt error when an in flight `/keys/query` fails. (#3486)
Fix `TypedEventEmitter::removeAllListeners(void)` not working (#3561)
* Revert "Merge `develop` into `livekit`" (#3572)
* Don't update calls with no livekit URL & expose method to update it instead
and generally simplify a bit: change it to a single string rather than
an array of structs.
* Fix other instances of passing focusInfo / livekit url
* Add temporary setter
* WIP refactor for removing m.call events
* Always remember rtcsessions since we need to only have one instance
* Fix tests
* Fix import loop
* Fix more cyclic imports & tests
* Test session joining
* Attempt to make tests happy
* Always leave calls in the tests to clean up
* comment + desperate attempt to work out what's failing
* More test debugging
* Okay, so these ones are fine?
* Stop more timers and hopefully have happy tests
* Test no rejoin
* Test malformed m.call.member events
* Test event emitting
and also move some code to a more sensible place in the file
* Test getActiveFoci()
* Test event emitting (and also fix it)
* Test membership updating & pruning on join
* Test getOldestMembership()
* Test member event renewal
* Don't start the rtc manager until the client has synced
Then we can initialise from the state once it's completed.
* Fix type
* Remove listeners added in constructor
* Stop the client here too
* Stop the client here also also
* ARGH. Disable tests to work out which one is causing the exception
* Disable everything
* Re-jig to avoid setting listeners in the constructor
and re-enable tests
* No need to rename this anymore
* argh, remove the right listener
* Is it this test???
* Re-enable some tests
* Try mocking getRooms to return something valid
* Re-enable other tests
* Give up trying to get the tests to work sensibly and deal with getRooms() returning nothing
* Oops, don't enable the ones that were skipped before
* One more try at the sensible way
* Didn't work, go back to the hack way.
* Log when we manage to send the member event update
* Support `getOpenIdToken()` in embedded mode (#3676)
* Call `sendContentLoaded()` (#3677)
* Start MatrixRTC in embedded mode (#3679)
* Reschedule the membership event check
* Bump widget api version
* Add mock for sendContentLoaded()
* More log detail
* Fix tests
and also better assert because the tests were passing undefined which
was considered fine because we were only checking for null.
* Simplify updateCallMembershipEvent a bit
* Split up updateCallMembershipEvent some more
* Typo
Co-authored-by: Daniel Abramov <inetcrack2@gmail.com>
* Expand comment
* Add comment
* More comments
* Better comment
* Sesson
* Rename some variables
* Comment
* Remove unused method
* Wrap updatecallMembershipEvent so it only runs one at a time
* Do another update if another one is triggered while the update happens
* Make triggerCallMembershipEventUpdate async
* Fix test & some missed timer removals
* Mark session manager as unstable
---------
Signed-off-by: Šimon Brandner <simon.bra.ag@gmail.com>
Signed-off-by: Timo K <toger5@hotmail.de>
Co-authored-by: Šimon Brandner <simon.bra.ag@gmail.com>
Co-authored-by: Timo K <toger5@hotmail.de>
Co-authored-by: Timo <16718859+toger5@users.noreply.github.com>
Co-authored-by: Daniel Abramov <inetcrack2@gmail.com>
Reading the test "should fire stateUpdated callback with error when a
request fails" it looks like this would always cause an infinite loop
between doRequest and statusUpdated calls. I don't know why this wasn't
a problem until we updated Jest to v29.5.4, but after that point it was.
This change should fix the test failures for the Jest upgrade PR:
https://github.com/matrix-org/matrix-js-sdk/pull/3670 .
* Emit a `UserTrustStatusChanged` when user identity is updated
* Remove redundant `onCrossSigningKeysImport` callback
This now happens as a side-effect of importing the keys.
* bump to alpha release of matrix-rust-sdk-crypto-wasm
* fixup! Remove redundant `onCrossSigningKeysImport` callback
* `RustCrypto.getCrossSigningStatus`: check the client is not stopped
Better error handling for the case that a call to `MatrixClient.stop` happens
while the call to `getCrossSigningStatus` (or `isCrossSigningReady`) is in
flight.
* fix up tsdoc
* WIP `CryptoApi.getStoredCrossSigningForUser`
* Fix QRCode
* Add docs and rename
* Add tests for `RustCrossSigningInfo.ts`
* Do `/keys/query` instead of using `UserIdentity`
* Review changes
* Get rid of `CrossSigningInfo`
* Merge `hasCrossSigningKeysForUser` into `userHasCrossSigningKeys`
* Apply suggestions from code review
* More review comments
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <richard@matrix.org>
* Use sender instead of content.creator field on m.room.create events
* Restore room_version fields in fixtures
* Add test case for undefined sender scenario
* Add `CryptoApi.requestVerificationDM`
* Fix RoomMessageRequest url
* Review changes
* Merge fixes
* Add BOB test data
* `requestVerificationDM` test works against old crypto (encrypted verification request)
* Update test data
* Implement `CryptoApi.checkKeyBackup`
* Deprecate `MatrixClient.enableKeyBackup`.
* fix integ test
* more tests
* Implement keybackup loop
* cleaning
* update matrix-sdk-crypto-wasm to 1.2.1
* fix lint
* avoid real timer stuff
* Simplify test
* post merge lint fix
* revert change on yarn.lock
* code review
* Generate test data for exported keys
* code review cleaning
* cleanup legacy backup loop
* Update spec/test-utils/test-data/generate-test-data.py
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update spec/test-utils/test-data/generate-test-data.py
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* update yarn.lock for new wasm bindings
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Process all verification event
* Add test for `isVerificationEvent`
* Review changes
* Remove null comparison and add doc to remote echo
* review changes
* Revert "Ensure we don't overinflate the total notification count (#3634)"
This reverts commit fd0c4a7f56.
* Fix wrong handling of encrypted rooms when loading them from sync accumulator
* Tidy up code, removing sections which didn't make any difference
* Add test
* Ensure we don't overinflate the total notification count
By correctly comparing push rules before & after decryption
* DRY the code
* Testsssss
* Update tests
* stub backupmanager
* Implement `CryptoApi.getActiveSessionBackupVersion`
* Revert unnecessary change
we can do this later, once we have better test coverage
* more test coverage
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
* Add `CryptoApi.setDeviceVerified`
I need a way to mark devices as trusted for the backup tests.
* More tests
* Simplify E2EKeyResponder.addDeviceKeys
The user and device IDs are in the test data, so no need to pass them in
* Clean up key backup integration test
Make it use the CryptoApi rather than legacy `MatrixClient.crypto`, and use a
pre-signed backup instead of requiring a "blindlySignAnything" method.
* run megolm-backup tests on both crypto stacks
* avoid internal backupManager
* replace deprecated TestClient with fetchMock
* add stop() api to BackupManager for clean shutdown
* fix merge
* code review cleaning
* lint
* Address review comments
* Remove unused `TestClient.expectKeyBackupQuery`
* clean up imports
---------
Co-authored-by: Richard van der Hoff <richard@matrix.org>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
These tests have broken on Node.js 18.17.0.
This is due to Node.js adopting an updated version of the URL parser, in which
the internal `Symbol(query)` property is populated lazily.
We shouldn't be relying on the internal state of the URL object anyway. Let's
just compare the stringified copy.
* Ensure non-thread relations to a thread root are actually in both timelines
* Make thread in sendReceipt & sendReadReceipt explicit rather than guessing it
* Apply suggestions from code review
* Fix Room::eventShouldLiveIn to better match Synapse to diverging ideas of notifications
* Update read receipt sending behaviour to align with Synapse
* Fix tests
* Fix thread rel type
* Support for showing QR codes
* Emit `VerificationRequestEvent.Change` events when the verifier changes
* Minor integ test tweaks
* Handle transitions from QR code display to SAS
* Fix naming
* Add a test for `ShowQrCodeCallbacks.cancel`
* Fix type issue around `getSessionBackupPrivateKey`
* Fix sending auth: null due to broken types around UIA
* Discard changes to src/crypto/index.ts
* Add comment
* Fix types
* Fix types for MatrixClient::addThreePid
* Iterate
* Fix type issue around `getSessionBackupPrivateKey`
* Fix sending auth: null due to broken types around UIA
* Discard changes to src/crypto/index.ts
* Add comment
* Simple request logging with status and duration
* remove url params from logs
* superfluous toString()
* Add tests
* Apply suggestions from code review
* update snapshots
* update log format
* Apply suggestions from code review
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
* update snapshot
---------
Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
Co-authored-by: Richard van der Hoff <richard@matrix.org>
* Offer `m.qr_code.scan.v1` verification method by default
Normally, the application specifies the supported verification methods when
creating the MatrixClient (and matrix-react-sdk does so). If the application
leaves it unset, then the idea is that the js-sdk offers all known verification
methods.
However, by default, the rust-sdk doesn't specify `m.qr_code.scan.v1`. So
basically, we need to set our own list of supported methods, rather than
relying on the rust-sdk's defaults.
* Factor out base class from `RustSASVerifier`
* Implement QR code scanning
* Update src/rust-crypto/verification.ts
* Use `cryptoBackend` in `client.ts` for new rust-crypto implementation for backward compatibility
* Use `cryptoBackend` in `client.ts` for new rust-crypto implementation for backward compatibility
* Simplify `MatrixClient::setPowerLevel` API
While making it more resilient to causing issues like nuking room state
* Handle edge case
* Fix tests
* Add test coverage
* use oidc-client-ts during oidc discovery
* export new type for auth config
* deprecate generateAuthorizationUrl in favour of generateOidcAuthorizationUrl
* testing util for oidc configurations
* test generateOidcAuthorizationUrl
* lint
* test discovery
* dont pass whole client wellknown to oidc validation funcs
* add nonce
* use oidc-client-ts for oidc response
* validate user state and update tests
* use oidc-client-ts for code exchange
* use oidc-client-ts in completing auth grant
* use client userState for homeserver
* more comments
* use oidc-client-ts during oidc discovery
* export new type for auth config
* deprecate generateAuthorizationUrl in favour of generateOidcAuthorizationUrl
* testing util for oidc configurations
* test generateOidcAuthorizationUrl
* lint
* test discovery
* dont pass whole client wellknown to oidc validation funcs
* add nonce
* use client userState for homeserver
* Fix an instance of failed to decrypt error
Specifically, when checking the event sender matches who sent us the
session keys we skip waiting for pending device list updates if we
already know who owns the session key.
* Apply suggestions from code review
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Update src/crypto/algorithms/olm.ts
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* Fix line wrapping
* Update src/crypto/algorithms/olm.ts
* Fix null check
---------
Co-authored-by: Richard van der Hoff <1389908+richvdh@users.noreply.github.com>
* implement `VerificationRequest.pending`
* Implement `VerificationRequest.timeout`
* Rust crypto: allow using a memory store (#3536)
* Rust crypto: allow using a memory store
It turns out that, for some usecases (in particular, "bot users" for cypress
tests), we don't need persistent storage and an in-memory store will be fine.
* Rust crypto: use a memory store for the unit tests
* Pass `supportedVerificationMethods` into `VerificationRequest`
... so that the application can later call `accept()` and we know what to send.
* Implement `VerificationRequest.accept`
* Implement `VerificationRequest.declining`
* Update src/rust-crypto/verification.ts
Currently, the anchor emoji has a ["Variation
Selector-16"](https://codepoints.net/U+FE0F) (U+FE0F) character after it.
The unicode specs do define U+2694 U+FE0F as a valid sequence (with suggested
rendering https://www.unicode.org/cgi-bin/varglyph?24-2693-FE0F), but our spec
spec doesn't include the variation selector, and the difference means that my
cypress tests (which attempt a verification between Element-R and unrusty
Element Web) fail intermittently.
Something of a follow-up to
https://github.com/matrix-org/matrix-js-sdk/pull/3523, but hopefully this will
be the last, because I have regenerated the whole list from the spec data.
* integ tests: factor out some utility methods
* Add `VerificationRequest.startVerification` to replace `beginKeyVerification`
The rust SDK ties together creating the verifier and sending the
`m.key.verification.start` message, so we need to combine
`.beginKeyVerification` and `.verify`.
* add some unit tests
* More slow test fixes
* Create a new event type for verification requests
Previous PRs (https://github.com/matrix-org/matrix-js-sdk/pull/3449, etc) have
pulled out an interface from the `VerificationRequest` class, but applications
registering for the `CryptoEvent.VerificationRequest` event could still be
expecting a fully-fledged class rather than the interface.
To handle this without breaking backwards compat, add a new event type that
carries the interface, not the class.
close-pr-message:"This PR has been automatically closed because it has been stale for 180 days. If you wish to continue working on this PR, please ping a maintainer to reopen it."
This release supports new v12 Matrix rooms and consequently has a breaking change, removing powerLevelNorm from the RoomMember object as this can't be supported with infinite power levels. Apps should use the non-normalised `powerLevel` instead.
## 🚨 BREAKING CHANGES
* [Backport staging] Support for creator power level ([#4954](https://github.com/matrix-org/matrix-js-sdk/pull/4954)). Contributed by @RiotRobot.
## ✨ Features
* [Backport staging] Support v12 rooms in maySendEvent ([#4956](https://github.com/matrix-org/matrix-js-sdk/pull/4956)). Contributed by @RiotRobot.
* [Backport staging] Support for creator power level ([#4954](https://github.com/matrix-org/matrix-js-sdk/pull/4954)). Contributed by @RiotRobot.
* Experimental support for sharing encrypted history on invite ([#4920](https://github.com/matrix-org/matrix-js-sdk/pull/4920)). Contributed by @richvdh.
* Use the logger associated with MatrixClient in rust sdk ([#4918](https://github.com/matrix-org/matrix-js-sdk/pull/4918)). Contributed by @richvdh.
* Update to matrix-sdk-crypto-wasm 15.1.0, and add new `ShieldStateCode.MismatchedSender` ([#4916](https://github.com/matrix-org/matrix-js-sdk/pull/4916)). Contributed by @richvdh.
## 🐛 Bug Fixes
* Fix unknown/broken state in the RTC Membership Manager causing unnecassary error logging. ([#4944](https://github.com/matrix-org/matrix-js-sdk/pull/4944)). Contributed by @toger5.
Changes in [37.12.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.12.0) (2025-07-29)
* Deprecate non-functional `IJoinRoomOpts.syncRoom` ([#4913](https://github.com/matrix-org/matrix-js-sdk/pull/4913)). Contributed by @richvdh.
## ✨ Features
* Custom abort timeout logic for restarting delayed events that is compatible with the widget api ([#4927](https://github.com/matrix-org/matrix-js-sdk/pull/4927)). Contributed by @toger5.
* Allow sending notification events when starting a call ([#4826](https://github.com/matrix-org/matrix-js-sdk/pull/4826)). Contributed by @robintown.
## 🐛 Bug Fixes
* Fix deep import incompatibility (#4924) ([#4925](https://github.com/matrix-org/matrix-js-sdk/pull/4925)). Contributed by @toriningen.
* Fix more incorrect logger use ([#4904](https://github.com/matrix-org/matrix-js-sdk/pull/4904)). Contributed by @richvdh.
Changes in [37.11.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.11.0) (2025-07-15)
* Update README to make Element sponsorship explicit ([#4901](https://github.com/matrix-org/matrix-js-sdk/pull/4901)). Contributed by @neilisfragile.
* Use client logger in more places (crypto code) ([#4900](https://github.com/matrix-org/matrix-js-sdk/pull/4900)). Contributed by @richvdh.
* Use client logger in `MatrixRTCSessionManager` ([#4898](https://github.com/matrix-org/matrix-js-sdk/pull/4898)). Contributed by @richvdh.
* Use client logger in more places (core code) ([#4899](https://github.com/matrix-org/matrix-js-sdk/pull/4899)). Contributed by @richvdh.
* crypto: Add new `ClientEvent.ReceivedToDeviceMessage` with proper `OlmEncryptionInfo` support ([#4891](https://github.com/matrix-org/matrix-js-sdk/pull/4891)). Contributed by @BillCarsonFr.
Changes in [37.10.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.10.0) (2025-07-01)
* Update matrix-sdk-crypto-wasm to `15.0.0` ([#4882](https://github.com/matrix-org/matrix-js-sdk/pull/4882)). Contributed by @richvdh.
* Allow customizing the IndexedDB database prefix used by Rust crypto. ([#4878](https://github.com/matrix-org/matrix-js-sdk/pull/4878)). Contributed by @clokep.
* Remove `@matrix-org/olm` from dependency list ([#4876](https://github.com/matrix-org/matrix-js-sdk/pull/4876)). Contributed by @richvdh.
* Redact on ban: Client implementation ([#4867](https://github.com/matrix-org/matrix-js-sdk/pull/4867)). Contributed by @turt2live.
Changes in [37.9.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.9.0) (2025-06-17)
* Ensure we send spec-compliant filter strings by stripping out null values ([#4865](https://github.com/matrix-org/matrix-js-sdk/pull/4865)). Contributed by @t3chguy.
* Fix MatrixRTC membership manager failing to rejoin in a race condition (sync vs not found response) ([#4861](https://github.com/matrix-org/matrix-js-sdk/pull/4861)). Contributed by @toger5.
* Include extraParams in all HTTP requests ([#4860](https://github.com/matrix-org/matrix-js-sdk/pull/4860)). Contributed by @rsb-tbg.
Changes in [37.8.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.8.0) (2025-06-10)
* MatrixRTC: Rename `MembershipConfig` parameters ([#4714](https://github.com/matrix-org/matrix-js-sdk/pull/4714)). Contributed by @toger5.
## ✨ Features
* Allow the embedded client to work without update\_state support ([#4849](https://github.com/matrix-org/matrix-js-sdk/pull/4849)). Contributed by @robintown.
* Check for `unknown variant` on to-device sending and fall back to room event encryption. ([#4847](https://github.com/matrix-org/matrix-js-sdk/pull/4847)). Contributed by @toger5.
* Reapply "Distinguish room state and timeline events in embedded clients" ([#4790](https://github.com/matrix-org/matrix-js-sdk/pull/4790)). Contributed by @robintown.
Changes in [37.6.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.6.0) (2025-05-20)
* Deprecate utils function `defer` in favour of `Promise.withResolvers` ([#4829](https://github.com/matrix-org/matrix-js-sdk/pull/4829)). Contributed by @t3chguy.
## ✨ Features
* Update to Node 22 LTS ([#4832](https://github.com/matrix-org/matrix-js-sdk/pull/4832)). Contributed by @t3chguy.
## 🐛 Bug Fixes
* Fix autodiscovery handling of 2xx (non-200) codes ([#4833](https://github.com/matrix-org/matrix-js-sdk/pull/4833)). Contributed by @t3chguy.
Changes in [37.5.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.5.0) (2025-05-06)
* Stabilise MSC3765 ([#4767](https://github.com/matrix-org/matrix-js-sdk/pull/4767)). Contributed by @Johennes.
* Inherit `methodFactory` extensions from the parent to the child loggers. ([#4809](https://github.com/matrix-org/matrix-js-sdk/pull/4809)). Contributed by @toger5.
## 🐛 Bug Fixes
* [Backport staging] Fix token refresh behaviour for non-expired tokens ([#4827](https://github.com/matrix-org/matrix-js-sdk/pull/4827)). Contributed by @RiotRobot.
* Refactor how token refreshing works to be more resilient ([#4819](https://github.com/matrix-org/matrix-js-sdk/pull/4819)). Contributed by @t3chguy.
Changes in [37.4.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.4.0) (2025-04-22)
* MatrixRTC: Add combined `toDeviceAndRoomKeyTransport` ([#4792](https://github.com/matrix-org/matrix-js-sdk/pull/4792)). Contributed by @toger5.
* Make logging consistent for matrixRTC ([#4788](https://github.com/matrix-org/matrix-js-sdk/pull/4788)). Contributed by @toger5.
* MatrixRTC: ToDevice distribution for media stream keys ([#4785](https://github.com/matrix-org/matrix-js-sdk/pull/4785)). Contributed by @BillCarsonFr.
## 🐛 Bug Fixes
* Fix token refresh racing with other requests and not using new token ([#4798](https://github.com/matrix-org/matrix-js-sdk/pull/4798)). Contributed by @t3chguy.
* Fix fallback to MemoryCryptoStore when LocalStorage unavailable ([#4797](https://github.com/matrix-org/matrix-js-sdk/pull/4797)). Contributed by @t3chguy.
* Remove duplicate `deleteSecretStorage` in `RustCrypto.resetEncryption` ([#4789](https://github.com/matrix-org/matrix-js-sdk/pull/4789)). Contributed by @florianduros.
* Fix `RustCrypto.resetEncryption` failure ([#4772](https://github.com/matrix-org/matrix-js-sdk/pull/4772)). Contributed by @florianduros.
Changes in [37.3.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.3.0) (2025-04-08)
* MatrixRTC MembershipManger: remove redundant sendDelayedEventAction and expose status ([#4747](https://github.com/matrix-org/matrix-js-sdk/pull/4747)). Contributed by @toger5.
* Abstract logout-causing error type from tokenRefreshFunction calls ([#4765](https://github.com/matrix-org/matrix-js-sdk/pull/4765)). Contributed by @t3chguy.
* Improve PushProcessor::getPushRuleGlobRegex ([#4764](https://github.com/matrix-org/matrix-js-sdk/pull/4764)). Contributed by @t3chguy.
* Export push processor \& method for converting matrix glob to regexp ([#4763](https://github.com/matrix-org/matrix-js-sdk/pull/4763)). Contributed by @t3chguy.
* Add authenticated media parameter to getMediaConfig ([#4762](https://github.com/matrix-org/matrix-js-sdk/pull/4762)). Contributed by @m004.
* Rust crypto: set a timeout on outgoing HTTP requests ([#4761](https://github.com/matrix-org/matrix-js-sdk/pull/4761)). Contributed by @richvdh.
* Switch sliding sync support to simplified sliding sync ([#4400](https://github.com/matrix-org/matrix-js-sdk/pull/4400)). Contributed by @dbkr.
Changes in [37.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.2.0) (2025-03-25)
* Add reportRoom API ([#4753](https://github.com/matrix-org/matrix-js-sdk/pull/4753)). Contributed by @Half-Shot.
* MatrixRTC: New membership manager ([#4726](https://github.com/matrix-org/matrix-js-sdk/pull/4726)). Contributed by @toger5.
* Add disableKeyStorage() to crypto API ([#4742](https://github.com/matrix-org/matrix-js-sdk/pull/4742)). Contributed by @dbkr.
## 🐛 Bug Fixes
* Allow port differing in OIDC dynamic registration URIs ([#4749](https://github.com/matrix-org/matrix-js-sdk/pull/4749)). Contributed by @t3chguy.
* OIDC: only pass logo\_uri, policy\_uri, tos\_uri if they conform to "common base" ([#4748](https://github.com/matrix-org/matrix-js-sdk/pull/4748)). Contributed by @t3chguy.
Changes in [37.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.1.0) (2025-03-11)
* MatrixRTC: MembershipManager test cases and deprecation of MatrixRTCSession.room ([#4713](https://github.com/matrix-org/matrix-js-sdk/pull/4713)). Contributed by @toger5.
## ✨ Features
* Add `EventType.SecretRequest` and `EventType.SecretSend` ([#4728](https://github.com/matrix-org/matrix-js-sdk/pull/4728)). Contributed by @richvdh.
* Attest npm package provenance ([#4724](https://github.com/matrix-org/matrix-js-sdk/pull/4724)). Contributed by @t3chguy.
* Report backup key import progress on start and improve types ([#4711](https://github.com/matrix-org/matrix-js-sdk/pull/4711)). Contributed by @ajbura.
* Fix idempotency issue around token refresh ([#4730](https://github.com/matrix-org/matrix-js-sdk/pull/4730)). Contributed by @t3chguy.
* Delete the dehydrated device when resetEncryption is called ([#4727](https://github.com/matrix-org/matrix-js-sdk/pull/4727)). Contributed by @uhoreg.
Changes in [37.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v37.0.0) (2025-02-25)
* Remove deprecated `PrefixedLogger` interface ([#4705](https://github.com/matrix-org/matrix-js-sdk/pull/4705)). Contributed by @richvdh.
* Remove legacy crypto ([#4653](https://github.com/matrix-org/matrix-js-sdk/pull/4653)). Contributed by @florianduros.
## 🦖 Deprecations
* Improve types around User Interactive Auth ([#4709](https://github.com/matrix-org/matrix-js-sdk/pull/4709)). Contributed by @t3chguy.
## ✨ Features
* Fix typos in client.ts ([#4715](https://github.com/matrix-org/matrix-js-sdk/pull/4715)). Contributed by @toger5.
* Enable key upload to backups where we have the decryption key ([#4677](https://github.com/matrix-org/matrix-js-sdk/pull/4677)). Contributed by @ajbura.
* Remove deprecated `PrefixedLogger` interface ([#4705](https://github.com/matrix-org/matrix-js-sdk/pull/4705)). Contributed by @richvdh.
* `MatrixClient.setAccountData`: await remote echo. ([#4695](https://github.com/matrix-org/matrix-js-sdk/pull/4695)). Contributed by @richvdh.
## 🐛 Bug Fixes
* Improve types around User Interactive Auth ([#4709](https://github.com/matrix-org/matrix-js-sdk/pull/4709)). Contributed by @t3chguy.
* Fix `resetEncryption` to remove secrets in 4S ([#4683](https://github.com/matrix-org/matrix-js-sdk/pull/4683)). Contributed by @florianduros.
Changes in [36.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v36.2.0) (2025-02-11)
* [Backport staging] Deprecate parameter and functions using legacy crypto in `models/event.ts` ([#4700](https://github.com/matrix-org/matrix-js-sdk/pull/4700)). Contributed by @RiotRobot.
## ✨ Features
* Improve types around Terms ([#4674](https://github.com/matrix-org/matrix-js-sdk/pull/4674)). Contributed by @t3chguy.
* Provide more options for starting dehydration ([#4664](https://github.com/matrix-org/matrix-js-sdk/pull/4664)). Contributed by @uhoreg.
* Add unspecced backup disable flag ([#4661](https://github.com/matrix-org/matrix-js-sdk/pull/4661)). Contributed by @dbkr.
* Switch OIDC primarily to new `/auth_metadata` API ([#4626](https://github.com/matrix-org/matrix-js-sdk/pull/4626)). Contributed by @t3chguy.
* Add `CryptoApi.resetEncryption` ([#4614](https://github.com/matrix-org/matrix-js-sdk/pull/4614)). Contributed by @florianduros.
## 🐛 Bug Fixes
* Fix topic types ([#4678](https://github.com/matrix-org/matrix-js-sdk/pull/4678)). Contributed by @Half-Shot.
* Handle empty m.room.topic ([#4673](https://github.com/matrix-org/matrix-js-sdk/pull/4673)). Contributed by @Half-Shot.
* `CryptoApi.resetEncryption` should always create a new key backup ([#4648](https://github.com/matrix-org/matrix-js-sdk/pull/4648)). Contributed by @florianduros.
Changes in [36.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v36.1.0) (2025-01-28)
* Deprecate `MatrixClient.login` and replace with `loginRequest` ([#4632](https://github.com/matrix-org/matrix-js-sdk/pull/4632)). Contributed by @richvdh.
* Use `SyncCryptoCallback` api instead of legacy crypto in sliding sync ([#4624](https://github.com/matrix-org/matrix-js-sdk/pull/4624)). Contributed by @florianduros.
* Distinguish room state and timeline events in embedded clients ([#4574](https://github.com/matrix-org/matrix-js-sdk/pull/4574)). Contributed by @robintown.
* Allow setting default secret storage key id to null ([#4615](https://github.com/matrix-org/matrix-js-sdk/pull/4615)). Contributed by @florianduros.
* Add authenticated media to getAvatarUrl in room and room-member models ([#4616](https://github.com/matrix-org/matrix-js-sdk/pull/4616)). Contributed by @m004.
* Send MSC3981 'recurse' param on `/relations` endpoint on Matrix 1.10 servers ([#4023](https://github.com/matrix-org/matrix-js-sdk/pull/4023)). Contributed by @dbkr.
## 🐛 Bug Fixes
* [Backport staging] Revert "Distinguish room state and timeline events in embedded clients (#4574)" ([#4657](https://github.com/matrix-org/matrix-js-sdk/pull/4657)). Contributed by @RiotRobot.
* Change randomString et al to be secure ([#4621](https://github.com/matrix-org/matrix-js-sdk/pull/4621)). Contributed by @dbkr.
* Fix issue with sentinels being incorrect on m.room.member events ([#4609](https://github.com/matrix-org/matrix-js-sdk/pull/4609)). Contributed by @t3chguy.
Changes in [36.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v36.0.0) (2025-01-14)
* Remove support for "legacy" MSC3898 group calling in MatrixRTCSession and CallMembership ([#4583](https://github.com/matrix-org/matrix-js-sdk/pull/4583)). Contributed by @toger5.
## ✨ Features
* MatrixRTC: Implement expiry logic for CallMembership and additional test coverage ([#4587](https://github.com/matrix-org/matrix-js-sdk/pull/4587)). Contributed by @toger5.
## 🐛 Bug Fixes
* Don't retry on 4xx responses ([#4601](https://github.com/matrix-org/matrix-js-sdk/pull/4601)). Contributed by @dbkr.
* Upgrade matrix-sdk-crypto-wasm to 12.1.0 ([#4596](https://github.com/matrix-org/matrix-js-sdk/pull/4596)). Contributed by @andybalaam.
* Avoid key prompts when resetting crypto ([#4586](https://github.com/matrix-org/matrix-js-sdk/pull/4586)). Contributed by @dbkr.
* Handle when aud OIDC claim is an Array ([#4584](https://github.com/matrix-org/matrix-js-sdk/pull/4584)). Contributed by @liamdiprose.
* Save the key backup key to 4S during `bootstrapSecretStorage ` ([#4542](https://github.com/matrix-org/matrix-js-sdk/pull/4542)). Contributed by @dbkr.
* Only re-prepare MatrixrRTC delayed disconnection event on 404 ([#4575](https://github.com/matrix-org/matrix-js-sdk/pull/4575)). Contributed by @toger5.
Changes in [35.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v35.1.0) (2024-12-18)
This release contains several breaking changes which will need code changes in your app. Most notably, `initCrypto()`
no longer exists and has been moved to `initLegacyCrypto()` in preparation for the eventual removal of Olm. You can
continue to use legacy Olm crypto for now by calling `initLegacyCrypto()` instead.
You may also need to make further changes if you use more advanced APIs. See the individual PRs (listed in order of size of change) for specific APIs changed and how to migrate.
* Rename `MatrixClient.initCrypto` into `MatrixClient.initLegacyCrypto` ([#4567](https://github.com/matrix-org/matrix-js-sdk/pull/4567)). Contributed by @florianduros.
* Support MSC4222 `state_after` ([#4487](https://github.com/matrix-org/matrix-js-sdk/pull/4487)). Contributed by @dbkr.
* Avoid use of Buffer as it does not exist in the Web natively ([#4569](https://github.com/matrix-org/matrix-js-sdk/pull/4569)). Contributed by @t3chguy.
## 🦖 Deprecations
* Deprecate remaining legacy functions and move `CryptoEvent.LegacyCryptoStoreMigrationProgress` handler ([#4560](https://github.com/matrix-org/matrix-js-sdk/pull/4560)). Contributed by @florianduros.
## ✨ Features
* Rename `MatrixClient.initCrypto` into `MatrixClient.initLegacyCrypto` ([#4567](https://github.com/matrix-org/matrix-js-sdk/pull/4567)). Contributed by @florianduros.
* Avoid use of Buffer as it does not exist in the Web natively ([#4569](https://github.com/matrix-org/matrix-js-sdk/pull/4569)). Contributed by @t3chguy.
* Re-send MatrixRTC media encryption keys for a new joiner even if a rotation is in progress ([#4561](https://github.com/matrix-org/matrix-js-sdk/pull/4561)). Contributed by @hughns.
* Support MSC4222 `state_after` ([#4487](https://github.com/matrix-org/matrix-js-sdk/pull/4487)). Contributed by @dbkr.
* Revert "Fix room state being updated with old (now overwritten) state and emitting for those updates. (#4242)" ([#4532](https://github.com/matrix-org/matrix-js-sdk/pull/4532)). Contributed by @toger5.
## 🐛 Bug Fixes
* Fix age field check in event echo processing ([#3635](https://github.com/matrix-org/matrix-js-sdk/pull/3635)). Contributed by @stas-demydiuk.
Changes in [34.13.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.13.0) (2024-12-03)
* Deprecate `MatrixClient.isEventSenderVerified` ([#4527](https://github.com/matrix-org/matrix-js-sdk/pull/4527)). Contributed by @florianduros.
* Add `restoreKeybackup` to `CryptoApi`. ([#4476](https://github.com/matrix-org/matrix-js-sdk/pull/4476)). Contributed by @florianduros.
## ✨ Features
* Ensure we disambiguate display names which look like MXIDs ([#4540](https://github.com/matrix-org/matrix-js-sdk/pull/4540)). Contributed by @t3chguy.
* Add `CryptoApi.getBackupInfo` ([#4512](https://github.com/matrix-org/matrix-js-sdk/pull/4512)). Contributed by @florianduros.
* Fix local echo in embedded mode ([#4498](https://github.com/matrix-org/matrix-js-sdk/pull/4498)). Contributed by @toger5.
* Add `restoreKeybackup` to `CryptoApi`. ([#4476](https://github.com/matrix-org/matrix-js-sdk/pull/4476)). Contributed by @florianduros.
## 🐛 Bug Fixes
* Fix `RustBackupManager` remaining values after current backup removal ([#4537](https://github.com/matrix-org/matrix-js-sdk/pull/4537)). Contributed by @florianduros.
Changes in [34.12.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.12.0) (2024-11-19)
* Deprecate `MatrixClient.getKeyBackupVersion` ([#4505](https://github.com/matrix-org/matrix-js-sdk/pull/4505)). Contributed by @florianduros.
* Deprecate unused callbacks in `CryptoCallbacks` ([#4501](https://github.com/matrix-org/matrix-js-sdk/pull/4501)). Contributed by @florianduros.
## ✨ Features
* Handle M\_MAX\_DELAY\_EXCEEDED errors ([#4511](https://github.com/matrix-org/matrix-js-sdk/pull/4511)). Contributed by @AndrewFerr.
* Allow configuration of MatrixRTC timers when calling joinRoomSession() ([#4510](https://github.com/matrix-org/matrix-js-sdk/pull/4510)). Contributed by @hughns.
* When state says you've left ongoing call, rejoin ([#4342](https://github.com/matrix-org/matrix-js-sdk/pull/4342)). Contributed by @AndrewFerr.
* Remove redundant type arguments in function call ([#4507](https://github.com/matrix-org/matrix-js-sdk/pull/4507)). Contributed by @AndrewFerr.
* MatrixRTCSession: handle rate limit errors ([#4494](https://github.com/matrix-org/matrix-js-sdk/pull/4494)). Contributed by @AndrewFerr.
* Send/receive error details with widgets ([#4492](https://github.com/matrix-org/matrix-js-sdk/pull/4492)). Contributed by @AndrewFerr.
* Deprecate `CreateSecretStorageOpts.keyBackupInfo` used in `CryptoApi.bootstrapSecretStorage.` ([#4474](https://github.com/matrix-org/matrix-js-sdk/pull/4474)). Contributed by @florianduros.
* Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() ([#4380](https://github.com/matrix-org/matrix-js-sdk/pull/4380)). Contributed by @hughns.
* Deprecate `MatrixClient.getDehydratedDevice` ([#4467](https://github.com/matrix-org/matrix-js-sdk/pull/4467)). Contributed by @florianduros.
* Deprecate top level crypto events re-export ([#4444](https://github.com/matrix-org/matrix-js-sdk/pull/4444)). Contributed by @florianduros.
## ✨ Features
* Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() ([#4380](https://github.com/matrix-org/matrix-js-sdk/pull/4380)). Contributed by @hughns.
* Do not rotate MatrixRTC media encryption key when a new member joins a session ([#4472](https://github.com/matrix-org/matrix-js-sdk/pull/4472)). Contributed by @hughns.
* Avoid `<sender>|<session>` notation in log messages ([#4473](https://github.com/matrix-org/matrix-js-sdk/pull/4473)). Contributed by @richvdh.
* Refactor/simplify Promises in MatrixRTCSession ([#4466](https://github.com/matrix-org/matrix-js-sdk/pull/4466)). Contributed by @AndrewFerr.
* Prepare delayed call leave events more reliably ([#4447](https://github.com/matrix-org/matrix-js-sdk/pull/4447)). Contributed by @AndrewFerr.
## 🐛 Bug Fixes
* Fix DelayedEventInfo type ([#4446](https://github.com/matrix-org/matrix-js-sdk/pull/4446)). Contributed by @AndrewFerr.
Changes in [34.9.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.9.0) (2024-10-22)
* Deprecate the crypto events which are not used by the rust-crypto ([#4442](https://github.com/matrix-org/matrix-js-sdk/pull/4442)). Contributed by @florianduros.
## 🐛 Bug Fixes
* Fix the rust crypto import in esm environments. ([#4445](https://github.com/matrix-org/matrix-js-sdk/pull/4445)). Contributed by @saul-jb.
* Fix MatrixRTC sender key wrapping ([#4441](https://github.com/matrix-org/matrix-js-sdk/pull/4441)). Contributed by @hughns.
Changes in [34.8.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.8.0) (2024-10-15)
* RTCSession cleanup: deprecate getKeysForParticipant() and getEncryption(); add emitEncryptionKeys() ([#4427](https://github.com/matrix-org/matrix-js-sdk/pull/4427)). Contributed by @hughns.
## ✨ Features
* Bump matrix-rust-sdk to 9.1.0 ([#4435](https://github.com/matrix-org/matrix-js-sdk/pull/4435)). Contributed by @richvdh.
* Rotate Matrix RTC media encryption key when a new member joins a call for Post Compromise Security ([#4422](https://github.com/matrix-org/matrix-js-sdk/pull/4422)). Contributed by @hughns.
* Update media event content types to include captions ([#4403](https://github.com/matrix-org/matrix-js-sdk/pull/4403)). Contributed by @tulir.
* Update OIDC registration types to match latest MSC2966 state ([#4432](https://github.com/matrix-org/matrix-js-sdk/pull/4432)). Contributed by @t3chguy.
* Add `CryptoApi.pinCurrentUserIdentity` and `UserIdentity.needsUserApproval` ([#4415](https://github.com/matrix-org/matrix-js-sdk/pull/4415)). Contributed by @richvdh.
Changes in [34.6.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.6.0) (2024-09-24)
* Element-R: Mark unsupported MatrixClient methods as deprecated ([#4389](https://github.com/matrix-org/matrix-js-sdk/pull/4389)). Contributed by @richvdh.
## ✨ Features
* Add crypto mode setting for invisible crypto, and apply it to decrypting events ([#4407](https://github.com/matrix-org/matrix-js-sdk/pull/4407)). Contributed by @uhoreg.
* Don't share full key history for RTC per-participant encryption ([#4406](https://github.com/matrix-org/matrix-js-sdk/pull/4406)). Contributed by @hughns.
* Export membership types ([#4405](https://github.com/matrix-org/matrix-js-sdk/pull/4405)). Contributed by @Johennes.
* Fix sending redacts in embedded (widget) mode ([#4398](https://github.com/matrix-org/matrix-js-sdk/pull/4398)). Contributed by @toger5.
* Expose the event ID of a call membership ([#4395](https://github.com/matrix-org/matrix-js-sdk/pull/4395)). Contributed by @robintown.
* MSC4133 - Extended profiles ([#4391](https://github.com/matrix-org/matrix-js-sdk/pull/4391)). Contributed by @Half-Shot.
Changes in [34.5.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.5.0) (2024-09-10)
* Use non-legacy calls if any are found ([#4337](https://github.com/matrix-org/matrix-js-sdk/pull/4337)). Contributed by @AndrewFerr.
## 🐛 Bug Fixes
* Retry event decryption failures on first failure ([#4346](https://github.com/matrix-org/matrix-js-sdk/pull/4346)). Contributed by @hughns.
* Ensure "type" = "module" ES declaration in pre-release.sh ([#4350](https://github.com/matrix-org/matrix-js-sdk/pull/4350)). Contributed by @BLCK-B.
* Handle MatrixRTC encryption keys arriving out of order ([#4345](https://github.com/matrix-org/matrix-js-sdk/pull/4345)). Contributed by @hughns.
* Resend MatrixRTC encryption keys if a membership has changed ([#4343](https://github.com/matrix-org/matrix-js-sdk/pull/4343)). Contributed by @hughns.
Changes in [34.3.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.3.1) (2024-08-20)
* Bump matrix-widget-api ([#4336](https://github.com/matrix-org/matrix-js-sdk/pull/4336)). Contributed by @AndrewFerr.
* Also check for MSC3757 for session state keys ([#4334](https://github.com/matrix-org/matrix-js-sdk/pull/4334)). Contributed by @AndrewFerr.
* Support Futures via widgets ([#4311](https://github.com/matrix-org/matrix-js-sdk/pull/4311)). Contributed by @AndrewFerr.
* Support MSC4140: Delayed events (Futures) ([#4294](https://github.com/matrix-org/matrix-js-sdk/pull/4294)). Contributed by @AndrewFerr.
* Handle late-arriving `m.room_key.withheld` messages ([#4310](https://github.com/matrix-org/matrix-js-sdk/pull/4310)). Contributed by @richvdh.
* Be specific about what is considered a MSC4143 call member event. ([#4328](https://github.com/matrix-org/matrix-js-sdk/pull/4328)). Contributed by @toger5.
* Add index.ts for matrixrtc module ([#4314](https://github.com/matrix-org/matrix-js-sdk/pull/4314)). Contributed by @toger5.
## 🐛 Bug Fixes
* Fix hashed ID server lookups with no Olm ([#4333](https://github.com/matrix-org/matrix-js-sdk/pull/4333)). Contributed by @dbkr.
Changes in [34.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.2.0) (2024-07-30)
* Element-R: detect "withheld key" UTD errors, and mark them as such ([#4302](https://github.com/matrix-org/matrix-js-sdk/pull/4302)). Contributed by @richvdh.
Changes in [34.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.1.0) (2024-07-16)
* Add ability to choose how many timeline events to sync when peeking ([#4300](https://github.com/matrix-org/matrix-js-sdk/pull/4300)). Contributed by @jgarplind.
* Remove redundant hack for using the old pickle key in rust crypto ([#4282](https://github.com/matrix-org/matrix-js-sdk/pull/4282)). Contributed by @richvdh.
* Add fetching the well known in embedded mode. ([#4259](https://github.com/matrix-org/matrix-js-sdk/pull/4259)). Contributed by @toger5.
## 🐛 Bug Fixes
* Fix room state being updated with old (now overwritten) state and emitting for those updates. ([#4242](https://github.com/matrix-org/matrix-js-sdk/pull/4242)). Contributed by @toger5.
* Fix incorrect "Olm is not available" errors ([#4301](https://github.com/matrix-org/matrix-js-sdk/pull/4301)). Contributed by @richvdh.
* Fix build for example script ([#4286](https://github.com/matrix-org/matrix-js-sdk/pull/4286)). Contributed by @richvdh.
* Declare matrix-js-sdk as an ES module ([#4285](https://github.com/matrix-org/matrix-js-sdk/pull/4285)). Contributed by @richvdh.
Changes in [34.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v34.0.0) (2024-07-08)
* Fetch capabilities in the background ([#4246](https://github.com/matrix-org/matrix-js-sdk/pull/4246)). Contributed by @dbkr.
## ✨ Features
* Prefix the user+device state key if needed ([#4262](https://github.com/matrix-org/matrix-js-sdk/pull/4262)). Contributed by @AndrewFerr.
* Use legacy call membership if anyone else is ([#4260](https://github.com/matrix-org/matrix-js-sdk/pull/4260)). Contributed by @AndrewFerr.
* Fetch capabilities in the background ([#4246](https://github.com/matrix-org/matrix-js-sdk/pull/4246)). Contributed by @dbkr.
* Use server name instead of homeserver url to allow well-known lookups during QR OIDC reciprocation ([#4233](https://github.com/matrix-org/matrix-js-sdk/pull/4233)). Contributed by @t3chguy.
* Add via parameter for MSC4156 ([#4247](https://github.com/matrix-org/matrix-js-sdk/pull/4247)). Contributed by @Johennes.
* Make the js-sdk compatible with MSC preferred foci and active focus. ([#4195](https://github.com/matrix-org/matrix-js-sdk/pull/4195)). Contributed by @toger5.
* Replace usages of setImmediate with setTimeout for wider compatibility ([#4240](https://github.com/matrix-org/matrix-js-sdk/pull/4240)). Contributed by @t3chguy.
## 🐛 Bug Fixes
* [Backport staging] Fix "Unable to restore session" error ([#4299](https://github.com/matrix-org/matrix-js-sdk/pull/4299)). Contributed by @RiotRobot.
* [Backport staging] Fix error when sending encrypted messages in large rooms ([#4297](https://github.com/matrix-org/matrix-js-sdk/pull/4297)). Contributed by @RiotRobot.
* Element-R: Fix resource leaks in verification logic ([#4263](https://github.com/matrix-org/matrix-js-sdk/pull/4263)). Contributed by @richvdh.
* Upgrade Rust Crypto SDK to 6.1.0 ([#4261](https://github.com/matrix-org/matrix-js-sdk/pull/4261)). Contributed by @richvdh.
* Correctly transform base64 with multiple instances of + or / ([#4252](https://github.com/matrix-org/matrix-js-sdk/pull/4252)). Contributed by @robintown.
* Work around spec bug for m.room.avatar state event content type ([#4245](https://github.com/matrix-org/matrix-js-sdk/pull/4245)). Contributed by @t3chguy.
Changes in [33.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v33.1.0) (2024-06-18)
* MSC4108 support OIDC QR code login ([#4134](https://github.com/matrix-org/matrix-js-sdk/pull/4134)). Contributed by @t3chguy.
* Add crypto methods for export and import of secrets bundle ([#4227](https://github.com/matrix-org/matrix-js-sdk/pull/4227)). Contributed by @t3chguy.
## 🐛 Bug Fixes
* Fix screen sharing in recent Chrome ([#4243](https://github.com/matrix-org/matrix-js-sdk/pull/4243)). Contributed by @RiotRobot.
* Fix incorrect assumptions about required fields in /search response ([#4228](https://github.com/matrix-org/matrix-js-sdk/pull/4228)). Contributed by @t3chguy.
* Fix the queueToDevice tests for the new fakeindexeddb ([#4225](https://github.com/matrix-org/matrix-js-sdk/pull/4225)). Contributed by @dbkr.
Changes in [33.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v33.0.0) (2024-06-04)
* Remove more deprecated methods, fields, and exports ([#4217](https://github.com/matrix-org/matrix-js-sdk/pull/4217)). Contributed by @t3chguy.
* Remove deprecated methods and fields ([#4201](https://github.com/matrix-org/matrix-js-sdk/pull/4201)). Contributed by @t3chguy.
## 🦖 Deprecations
* Remove more deprecated methods, fields, and exports ([#4217](https://github.com/matrix-org/matrix-js-sdk/pull/4217)). Contributed by @t3chguy.
* Remove deprecated methods and fields ([#4201](https://github.com/matrix-org/matrix-js-sdk/pull/4201)). Contributed by @t3chguy.
## ✨ Features
* `initRustCrypto`: allow app to pass in the store key directly ([#4210](https://github.com/matrix-org/matrix-js-sdk/pull/4210)). Contributed by @richvdh.
* Preserve ESM for async imports to work correctly ([#4187](https://github.com/matrix-org/matrix-js-sdk/pull/4187)). Contributed by @ms-dosx86.
## 🐛 Bug Fixes
* Don't run migration for Rust crypto if the legacy store is empty ([#4218](https://github.com/matrix-org/matrix-js-sdk/pull/4218)). Contributed by @andybalaam.
* Bump matrix-sdk-crypto-wasm to 5.0.0 ([#4216](https://github.com/matrix-org/matrix-js-sdk/pull/4216)). Contributed by @richvdh.
* Wire up verification cancel \& mismatch for rust crypto ([#4202](https://github.com/matrix-org/matrix-js-sdk/pull/4202)). Contributed by @t3chguy.
* Only pass id\_server if we had one to begin with ([#4200](https://github.com/matrix-org/matrix-js-sdk/pull/4200)). Contributed by @t3chguy.
Changes in [32.4.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v32.4.0) (2024-05-22)
* Add helpers for authenticated media, and associated documentation ([#4185](https://github.com/matrix-org/matrix-js-sdk/pull/4185)). Contributed by @turt2live.
## 🐛 Bug Fixes
* Fix state\_events.ts types ([#4196](https://github.com/matrix-org/matrix-js-sdk/pull/4196)). Contributed by @t3chguy.
* Fix sendEventHttpRequest for `m.room.redaction` events without `redacts` ([#4192](https://github.com/matrix-org/matrix-js-sdk/pull/4192)). Contributed by @t3chguy.
Changes in [32.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v32.2.0) (2024-05-07)
* Use a different error code for UTDs when user was not in the room ([#4172](https://github.com/matrix-org/matrix-js-sdk/pull/4172)). Contributed by @uhoreg.
* Modernize window.crypto access constants ([#4169](https://github.com/matrix-org/matrix-js-sdk/pull/4169)). Contributed by @turt2live.
* Improve compliance with MSC3266 ([#4155](https://github.com/matrix-org/matrix-js-sdk/pull/4155)). Contributed by @AndrewFerr.
* Add comment to make clear that RoomStateEvent.Events does not update related objects in the js-sdk ([#4152](https://github.com/matrix-org/matrix-js-sdk/pull/4152)). Contributed by @toger5.
* Crypto: use a new error code for UTDs from device-relative historical events ([#4139](https://github.com/matrix-org/matrix-js-sdk/pull/4139)). Contributed by @richvdh.
## 🐛 Bug Fixes
* Element-R: Fix rust migration when ssss secret are stored not encryted in cache (old legacy behavior) ([#4168](https://github.com/matrix-org/matrix-js-sdk/pull/4168)). Contributed by @BillCarsonFr.
Changes in [32.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v32.1.0) (2024-04-23)
* Add support for device dehydration v2 (Element R) ([#4062](https://github.com/matrix-org/matrix-js-sdk/pull/4062)). Contributed by @uhoreg.
* OIDC improvements in prep of OIDC-QR reciprocation ([#4149](https://github.com/matrix-org/matrix-js-sdk/pull/4149)). Contributed by @t3chguy.
## 🐛 Bug Fixes
* Validate backup private key before migrating it ([#4114](https://github.com/matrix-org/matrix-js-sdk/pull/4114)). Contributed by @BillCarsonFr.
* ElementR| Retry query backup until it works during migration to avoid spurious correption error popup ([#4113](https://github.com/matrix-org/matrix-js-sdk/pull/4113)). Contributed by @BillCarsonFr.
Changes in [32.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v32.0.0) (2024-04-09)
* Remove various deprecated methods \& re-exports ([#4125](https://github.com/matrix-org/matrix-js-sdk/pull/4125)). Contributed by @t3chguy.
* Remove the logic that throws when the lazy loading options has changed. ([#4124](https://github.com/matrix-org/matrix-js-sdk/pull/4124)). Contributed by @langleyd.
* Fix highlights from threads disappearing on new messages ([#4106](https://github.com/matrix-org/matrix-js-sdk/pull/4106)). Contributed by @dbkr.
## ✨ Features
* Add new `decryptExistingEvent` test helper ([#4133](https://github.com/matrix-org/matrix-js-sdk/pull/4133)). Contributed by @richvdh.
* Improve types for `sendEvent` ([#4108](https://github.com/matrix-org/matrix-js-sdk/pull/4108)). Contributed by @t3chguy.
* Remove various deprecated methods \& re-exports ([#4125](https://github.com/matrix-org/matrix-js-sdk/pull/4125)). Contributed by @t3chguy.
* Add new enum for verification methods. ([#4129](https://github.com/matrix-org/matrix-js-sdk/pull/4129)). Contributed by @richvdh.
* Add some test utils in a new entrypoint ([#4127](https://github.com/matrix-org/matrix-js-sdk/pull/4127)). Contributed by @richvdh.
* Improve types for `sendStateEvent` ([#4105](https://github.com/matrix-org/matrix-js-sdk/pull/4105)). Contributed by @t3chguy.
## 🐛 Bug Fixes
* Improve types for `IPowerLevelsContent` and `hasSufficientPowerLevelFor` ([#4128](https://github.com/matrix-org/matrix-js-sdk/pull/4128)). Contributed by @galash13.
* Remove the logic that throws when the lazy loading options has changed. ([#4124](https://github.com/matrix-org/matrix-js-sdk/pull/4124)). Contributed by @langleyd.
* Fix highlights from threads disappearing on new messages ([#4106](https://github.com/matrix-org/matrix-js-sdk/pull/4106)). Contributed by @dbkr.
* Extend logic for local notification processing to threads ([#4111](https://github.com/matrix-org/matrix-js-sdk/pull/4111)). Contributed by @dbkr.
* Fix public rooms post request search params and body ([#4110](https://github.com/matrix-org/matrix-js-sdk/pull/4110)). Contributed by @ajbura.
* Fix bugs with the first reply to a thread ([#4104](https://github.com/matrix-org/matrix-js-sdk/pull/4104)). Contributed by @dbkr.
Changes in [31.6.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v31.6.1) (2024-03-28)
* Validate `account_management_uri` and `account_management_actions_supported` from OIDC Issuer well-known ([#4074](https://github.com/matrix-org/matrix-js-sdk/pull/4074)). Contributed by @t3chguy.
* Allow specifying OIDC url state parameter for passing data to callback ([#4068](https://github.com/matrix-org/matrix-js-sdk/pull/4068)). Contributed by @t3chguy.
* Add getAuthIssuer method for MSC2965 ([#4071](https://github.com/matrix-org/matrix-js-sdk/pull/4071)). Contributed by @t3chguy.
* Allow specifying more OIDC client metadata for dynamic registration ([#4070](https://github.com/matrix-org/matrix-js-sdk/pull/4070)). Contributed by @t3chguy.
* Add unread marker event type ([#4069](https://github.com/matrix-org/matrix-js-sdk/pull/4069)). Contributed by @dbkr.
* Add "AsJson" forms of the key import/export methods ([#4057](https://github.com/matrix-org/matrix-js-sdk/pull/4057)). Contributed by @andybalaam.
## 🐛 Bug Fixes
* Ignore memberships of users that are not in the call ([#4065](https://github.com/matrix-org/matrix-js-sdk/pull/4065)). Contributed by @toger5.
* Await encrypted messages ([#4063](https://github.com/matrix-org/matrix-js-sdk/pull/4063)). Contributed by @toger5.
* ElementR | Ensure own user and device trust are updated after migration before giving back control to the app. ([#4059](https://github.com/matrix-org/matrix-js-sdk/pull/4059)). Contributed by @BillCarsonFr.
* Bump matrix-sdk-crypto-wasm to 4.5.0 ([#4060](https://github.com/matrix-org/matrix-js-sdk/pull/4060)). Contributed by @andybalaam.
Changes in [31.3.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v31.3.0) (2024-02-13)
* Add expire\_ts compatibility to matrixRTC ([#4032](https://github.com/matrix-org/matrix-js-sdk/pull/4032)). Contributed by @toger5.
* Element-R: support for migration of the room list from legacy crypto ([#4036](https://github.com/matrix-org/matrix-js-sdk/pull/4036)). Contributed by @richvdh.
* Element-R: check persistent room list for encryption config ([#4035](https://github.com/matrix-org/matrix-js-sdk/pull/4035)). Contributed by @richvdh.
* Support optional MSC3860 redirects ([#4007](https://github.com/matrix-org/matrix-js-sdk/pull/4007)). Contributed by @turt2live.
## 🐛 Bug Fixes
* WebR: migrate the megolm session imported flag ([#4037](https://github.com/matrix-org/matrix-js-sdk/pull/4037)). Contributed by @BillCarsonFr.
* ElementR: fix emoji verification stalling when both ends hit start at the same time ([#4004](https://github.com/matrix-org/matrix-js-sdk/pull/4004)). Contributed by @uhoreg.
* Dependencies: Bump wasm bindings version to 4.3.0 ([#4042](https://github.com/matrix-org/matrix-js-sdk/pull/4042)). Contributed by @BillCarsonFr.
* Element R: emit events when devices have changed ([#4019](https://github.com/matrix-org/matrix-js-sdk/pull/4019)). Contributed by @uhoreg.
* ElementR: report invalid keys rather than failing to restore from backup ([#4006](https://github.com/matrix-org/matrix-js-sdk/pull/4006)). Contributed by @uhoreg.
* Make `timeline` a getter ([#4022](https://github.com/matrix-org/matrix-js-sdk/pull/4022)). Contributed by @florianduros.
* Implement getting verification cancellation info in Rust crypto ([#3947](https://github.com/matrix-org/matrix-js-sdk/pull/3947)). Contributed by @uhoreg.
* Fix crypto migration for megolm sessions with no sender key ([#4024](https://github.com/matrix-org/matrix-js-sdk/pull/4024)). Contributed by @richvdh.
Changes in [31.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v31.2.0) (2024-01-31)
* Emit events during migration from libolm ([#3982](https://github.com/matrix-org/matrix-js-sdk/pull/3982)). Contributed by @richvdh.
* Support for migration from from libolm ([#3978](https://github.com/matrix-org/matrix-js-sdk/pull/3978)). Contributed by @richvdh.
## 🐛 Bug Fixes
* ElementR | backup: call expensive `roomKeyCounts` less often ([#4015](https://github.com/matrix-org/matrix-js-sdk/pull/4015)). Contributed by @BillCarsonFr.
* Decrypt and Import full backups in chunk with progress ([#4005](https://github.com/matrix-org/matrix-js-sdk/pull/4005)). Contributed by @BillCarsonFr.
* Fix new threads not appearing. ([#4009](https://github.com/matrix-org/matrix-js-sdk/pull/4009)). Contributed by @dbkr.
Changes in [31.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v31.1.0) (2024-01-19)
* Bump minimum spec version to v1.5 ([#3970](https://github.com/matrix-org/matrix-js-sdk/pull/3970)). Contributed by @richvdh.
## ✨ Features
* Bump minimum spec version to v1.5 ([#3970](https://github.com/matrix-org/matrix-js-sdk/pull/3970)). Contributed by @richvdh.
* Send authenticated /versions request ([#3968](https://github.com/matrix-org/matrix-js-sdk/pull/3968)). Contributed by @dbkr.
## 🐛 Bug Fixes
* Revert "Bump matrix-sdk-crypto-wasm to 3.6.0" ([#3991](https://github.com/matrix-org/matrix-js-sdk/pull/3991)). Contributed by @andybalaam.
* #22606 Fix "Remove" button to users without "m.room.redaction" ([#3981](https://github.com/matrix-org/matrix-js-sdk/pull/3981)). Contributed by @rashmitpankhania.
* ElementR: Ensure Encryption order per room ([#3973](https://github.com/matrix-org/matrix-js-sdk/pull/3973)). Contributed by @BillCarsonFr.
* Element-R: fix `bootstrapSecretStorage` not resetting key backup when requested ([#3976](https://github.com/matrix-org/matrix-js-sdk/pull/3976)). Contributed by @uhoreg.
Changes in [30.3.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v30.3.0) (2023-12-19)
* Fix notifications appearing for old events ([#3946](https://github.com/matrix-org/matrix-js-sdk/pull/3946)). Contributed by @dbkr.
* Don't back up keys that we got from backup ([#3934](https://github.com/matrix-org/matrix-js-sdk/pull/3934)). Contributed by @uhoreg.
* Fix upload with empty Content-Type ([#3918](https://github.com/matrix-org/matrix-js-sdk/pull/3918)). Contributed by @JakubOnderka.
* Prevent phantom notifications from events not in a room's timeline ([#3942](https://github.com/matrix-org/matrix-js-sdk/pull/3942)). Contributed by @dbkr.
Changes in [30.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v30.2.0) (2023-12-05)
* Only await key query after lazy members resolved ([#3902](https://github.com/matrix-org/matrix-js-sdk/pull/3902)). Contributed by @BillCarsonFr.
## 🐛 Bug Fixes
* Rewrite receipt-handling code ([#3901](https://github.com/matrix-org/matrix-js-sdk/pull/3901)). Contributed by @andybalaam.
* Explicitly free some Rust-side objects ([#3911](https://github.com/matrix-org/matrix-js-sdk/pull/3911)). Contributed by @richvdh.
* Fix type for TimestampToEventResponse.origin\_server\_ts ([#3906](https://github.com/matrix-org/matrix-js-sdk/pull/3906)). Contributed by @Half-Shot.
Changes in [30.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v30.1.0) (2023-11-21)
* Rotate per-participant keys when a member leaves ([#3833](https://github.com/matrix-org/matrix-js-sdk/pull/3833)). Contributed by @dbkr.
* Add E2EE for embedded mode of Element Call ([#3667](https://github.com/matrix-org/matrix-js-sdk/pull/3667)). Contributed by @SimonBrandner.
## 🐛 Bug Fixes
* Shorten TimelineWindow when an event is removed ([#3862](https://github.com/matrix-org/matrix-js-sdk/pull/3862)). Contributed by @andybalaam.
* Ignore receipts pointing at missing or invalid events ([#3817](https://github.com/matrix-org/matrix-js-sdk/pull/3817)). Contributed by @andybalaam.
* Fix members being loaded from server on initial sync (defeating lazy loading) ([#3830](https://github.com/matrix-org/matrix-js-sdk/pull/3830)). Contributed by @BillCarsonFr.
Changes in [30.0.1](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v30.0.1) (2023-11-13)
* Ensure `setUserCreator` is called when a store is assigned ([\#3867](https://github.com/matrix-org/matrix-js-sdk/pull/3867)). Fixes vector-im/element-web#26520. Contributed by @MidhunSureshR.
Changes in [30.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v30.0.0) (2023-11-07)
* Element-R: Add the git sha of the binding crate to `CryptoApi#getVersion` ([\#3838](https://github.com/matrix-org/matrix-js-sdk/pull/3838)). Contributed by @florianduros.
* Element-R: Wire up `globalBlacklistUnverifiedDevices` field to rust crypto encryption settings ([\#3790](https://github.com/matrix-org/matrix-js-sdk/pull/3790)). Fixes vector-im/element-web#26315. Contributed by @florianduros.
* Element-R: Wire up room rotation ([\#3807](https://github.com/matrix-org/matrix-js-sdk/pull/3807)). Fixes vector-im/element-web#26318. Contributed by @florianduros.
* Element-R: Add current version of the rust-sdk and vodozemac ([\#3825](https://github.com/matrix-org/matrix-js-sdk/pull/3825)). Contributed by @florianduros.
* Element-R: Wire up room history visibility ([\#3805](https://github.com/matrix-org/matrix-js-sdk/pull/3805)). Fixes vector-im/element-web#26319. Contributed by @florianduros.
* Element-R: log when we send to-device messages ([\#3810](https://github.com/matrix-org/matrix-js-sdk/pull/3810)).
## 🐛 Bug Fixes
* Fix reemitter not being correctly wired on user objects created in storage classes ([\#3796](https://github.com/matrix-org/matrix-js-sdk/pull/3796)). Contributed by @MidhunSureshR.
* Element-R: silence log errors when viewing a pending event ([\#3824](https://github.com/matrix-org/matrix-js-sdk/pull/3824)).
* Don't emit a closed event if the indexeddb is closed by Element ([\#3832](https://github.com/matrix-org/matrix-js-sdk/pull/3832)). Fixes vector-im/element-web#25941. Contributed by @dhenneke.
* Element-R: silence log errors when viewing a decryption failure ([\#3821](https://github.com/matrix-org/matrix-js-sdk/pull/3821)).
Changes in [29.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v29.1.0) (2023-10-24)
* OIDC: refresh tokens ([\#3764](https://github.com/matrix-org/matrix-js-sdk/pull/3764)). Contributed by @kerryarchibald.
* OIDC: add `prompt` param to auth url creation ([\#3794](https://github.com/matrix-org/matrix-js-sdk/pull/3794)). Contributed by @kerryarchibald.
* Allow applications to specify their own logger instance ([\#3792](https://github.com/matrix-org/matrix-js-sdk/pull/3792)). Fixes #1899.
* Export AutoDiscoveryError and fix type of ALL_ERRORS ([\#3768](https://github.com/matrix-org/matrix-js-sdk/pull/3768)).
## 🐛 Bug Fixes
* Fix sending call member events on leave ([\#3799](https://github.com/matrix-org/matrix-js-sdk/pull/3799)). Fixes vector-im/element-call#1763.
* Don't use event.sender in CallMembership ([\#3793](https://github.com/matrix-org/matrix-js-sdk/pull/3793)).
* Element-R: Don't mark QR code verification as done until it's done ([\#3791](https://github.com/matrix-org/matrix-js-sdk/pull/3791)). Fixes vector-im/element-web#26293.
* Element-R: Connect device to key backup when crypto is created ([\#3784](https://github.com/matrix-org/matrix-js-sdk/pull/3784)). Fixes vector-im/element-web#26316. Contributed by @florianduros.
* Element-R: Avoid errors in `VerificationRequest.generateQRCode` when QR code is unavailable ([\#3779](https://github.com/matrix-org/matrix-js-sdk/pull/3779)). Fixes vector-im/element-web#26300. Contributed by @florianduros.
* ElementR: Check key backup when user identity changes ([\#3760](https://github.com/matrix-org/matrix-js-sdk/pull/3760)). Fixes vector-im/element-web#26244. Contributed by @florianduros.
* Element-R: emit `VerificationRequestReceived` on incoming request ([\#3762](https://github.com/matrix-org/matrix-js-sdk/pull/3762)). Fixes vector-im/element-web#26245.
Changes in [29.0.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v29.0.0) (2023-10-10)
* Export AutoDiscoveryError and fix type of ALL_ERRORS ([\#3768](https://github.com/matrix-org/matrix-js-sdk/pull/3768)).
* Support for stable MSC3882 get_login_token ([\#3416](https://github.com/matrix-org/matrix-js-sdk/pull/3416)). Contributed by @hughns.
* Remove IsUserMention and IsRoomMention from DEFAULT_OVERRIDE_RULES ([\#3752](https://github.com/matrix-org/matrix-js-sdk/pull/3752)). Contributed by @kerryarchibald.
## 🐛 Bug Fixes
* Fix a case where joinRoom creates a duplicate Room object ([\#3747](https://github.com/matrix-org/matrix-js-sdk/pull/3747)).
* Add membershipID to call memberships ([\#3745](https://github.com/matrix-org/matrix-js-sdk/pull/3745)).
* Fix the warning for messages from unsigned devices ([\#3743](https://github.com/matrix-org/matrix-js-sdk/pull/3743)).
* Stop keep alive, when sync was stoped ([\#3720](https://github.com/matrix-org/matrix-js-sdk/pull/3720)). Contributed by @finsterwalder.
Changes in [28.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v28.2.0) (2023-09-26)
* Deprecate `MatrixClient.{prepare,create}KeyBackupVersion` in favour of new `CryptoApi.resetKeyBackup` API ([\#3689](https://github.com/matrix-org/matrix-js-sdk/pull/3689)).
***The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (#3189)**
## ✨ Features
* Allow calls without ICE/TURN/STUN servers ([\#3695](https://github.com/matrix-org/matrix-js-sdk/pull/3695)).
* ElementR: Update `CryptoApi.userHasCrossSigningKeys` ([\#3646](https://github.com/matrix-org/matrix-js-sdk/pull/3646)). Contributed by @florianduros.
* Add `join_rule` field to /publicRooms response ([\#3673](https://github.com/matrix-org/matrix-js-sdk/pull/3673)). Contributed by @charlynguyen.
* Use sender instead of content.creator field on m.room.create events ([\#3675](https://github.com/matrix-org/matrix-js-sdk/pull/3675)).
## 🐛 Bug Fixes
* Provide better error for ICE Server SyntaxError ([\#3694](https://github.com/matrix-org/matrix-js-sdk/pull/3694)). Fixes vector-im/element-web#21804.
* Set minimum supported Matrix 1.1 version (drop legacy r0 versions) ([\#3007](https://github.com/matrix-org/matrix-js-sdk/pull/3007)). Fixes vector-im/element-web#16876.
## 🦖 Deprecations
***The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (#3189)**
## ✨ Features
* ElementR: Add `CryptoApi.requestVerificationDM` ([\#3643](https://github.com/matrix-org/matrix-js-sdk/pull/3643)). Contributed by @florianduros.
* Implement `CryptoApi.checkKeyBackupAndEnable` ([\#3633](https://github.com/matrix-org/matrix-js-sdk/pull/3633)). Fixes vector-im/crypto-internal#111 and vector-im/crypto-internal#112.
## 🐛 Bug Fixes
* ElementR: Process all verification events, not just requests ([\#3650](https://github.com/matrix-org/matrix-js-sdk/pull/3650)). Contributed by @florianduros.
Changes in [27.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v27.2.0) (2023-08-15)
***The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (#3189)**
## ✨ Features
* Allow knocking rooms ([\#3647](https://github.com/matrix-org/matrix-js-sdk/pull/3647)). Contributed by @charlynguyen.
* Bump pagination limit to account for threaded events ([\#3638](https://github.com/matrix-org/matrix-js-sdk/pull/3638)).
* ElementR: Add `CryptoApi.findVerificationRequestDMInProgress` ([\#3601](https://github.com/matrix-org/matrix-js-sdk/pull/3601)). Contributed by @florianduros.
* Export more into the public interface ([\#3614](https://github.com/matrix-org/matrix-js-sdk/pull/3614)).
## 🐛 Bug Fixes
* Fix wrong handling of encrypted rooms when loading them from sync accumulator ([\#3640](https://github.com/matrix-org/matrix-js-sdk/pull/3640)). Fixes vector-im/element-web#25803.
* Skip processing thread roots and fetching threads list when support is disabled ([\#3642](https://github.com/matrix-org/matrix-js-sdk/pull/3642)).
* Ensure we don't overinflate the total notification count ([\#3634](https://github.com/matrix-org/matrix-js-sdk/pull/3634)). Fixes vector-im/element-web#25803.
Changes in [27.1.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v27.1.0) (2023-08-01)
***The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (#3189)**
## ✨ Features
* ElementR: Add `CryptoApi.getCrossSigningKeyId` ([\#3619](https://github.com/matrix-org/matrix-js-sdk/pull/3619)). Contributed by @florianduros.
* ElementR: Stub `CheckOwnCrossSigningTrust`, import cross signing keys and verify local device in `bootstrapCrossSigning` ([\#3608](https://github.com/matrix-org/matrix-js-sdk/pull/3608)). Contributed by @florianduros.
* Specify /preview_url requests as low priority ([\#3609](https://github.com/matrix-org/matrix-js-sdk/pull/3609)). Fixes vector-im/element-web#7292.
* Element-R: support for displaying QR codes during verification ([\#3588](https://github.com/matrix-org/matrix-js-sdk/pull/3588)). Fixes vector-im/crypto-internal#124.
* Add support for scanning QR codes during verification, with Rust crypto ([\#3565](https://github.com/matrix-org/matrix-js-sdk/pull/3565)).
* Add methods to influence set_presence on /sync API calls ([\#3578](https://github.com/matrix-org/matrix-js-sdk/pull/3578)).
## 🐛 Bug Fixes
* Fix threads ending up with chunks of their timelines missing ([\#3618](https://github.com/matrix-org/matrix-js-sdk/pull/3618)). Fixes vector-im/element-web#24466.
* Ensure we do not clobber a newer RR with an older unthreaded one ([\#3617](https://github.com/matrix-org/matrix-js-sdk/pull/3617)). Fixes vector-im/element-web#25806.
* Fix registration check your emails stage regression ([\#3616](https://github.com/matrix-org/matrix-js-sdk/pull/3616)).
* Fix how `Room::eventShouldLiveIn` handles replies to unknown parents ([\#3615](https://github.com/matrix-org/matrix-js-sdk/pull/3615)). Fixes vector-im/element-web#22603.
* Only send threaded read receipts if threads support is enabled ([\#3612](https://github.com/matrix-org/matrix-js-sdk/pull/3612)).
* ElementR: Fix `userId` parameter usage in `CryptoApi#getVerificationRequestsToDeviceInProgress` ([\#3611](https://github.com/matrix-org/matrix-js-sdk/pull/3611)). Contributed by @florianduros.
* Fix edge cases around non-thread relations to thread roots and read receipts ([\#3607](https://github.com/matrix-org/matrix-js-sdk/pull/3607)).
* Fix read receipt sending behaviour around thread roots ([\#3600](https://github.com/matrix-org/matrix-js-sdk/pull/3600)).
* Drop support for Node 16 ([\#3533](https://github.com/matrix-org/matrix-js-sdk/pull/3533)).
* Improve types around login, registration, UIA and identity servers ([\#3537](https://github.com/matrix-org/matrix-js-sdk/pull/3537)).
## 🦖 Deprecations
***The Browserify artifact is being deprecated, scheduled for removal in the October 10th release cycle. (#3189)**
* Simplify `MatrixClient::setPowerLevel` API ([\#3570](https://github.com/matrix-org/matrix-js-sdk/pull/3570)). Fixes vector-im/element-web#13900 and #1844.
* Deprecate `VerificationRequest.getQRCodeBytes` and replace it with the asynchronous `generateQRCode`. ([\#3562](https://github.com/matrix-org/matrix-js-sdk/pull/3562)).
* Deprecate `VerificationRequest.beginKeyVerification()` in favour of `VerificationRequest.startVerification()`. ([\#3528](https://github.com/matrix-org/matrix-js-sdk/pull/3528)).
* Deprecate `Crypto.VerificationRequest` application event, replacing it with `Crypto.VerificationRequestReceived`. ([\#3514](https://github.com/matrix-org/matrix-js-sdk/pull/3514)).
## ✨ Features
* Throw saner error when peeking has its room pulled out from under it ([\#3577](https://github.com/matrix-org/matrix-js-sdk/pull/3577)). Fixes vector-im/element-web#18679.
* OIDC: Log in ([\#3554](https://github.com/matrix-org/matrix-js-sdk/pull/3554)). Contributed by @kerryarchibald.
* Prevent threads code from making identical simultaneous API hits ([\#3541](https://github.com/matrix-org/matrix-js-sdk/pull/3541)). Fixes vector-im/element-web#25395.
* Update IUnsigned type to be extensible ([\#3547](https://github.com/matrix-org/matrix-js-sdk/pull/3547)).
* add stop() api to BackupManager for clean shutdown ([\#3553](https://github.com/matrix-org/matrix-js-sdk/pull/3553)).
* Log the message ID of any undecryptable to-device messages ([\#3543](https://github.com/matrix-org/matrix-js-sdk/pull/3543)).
* Ignore thread relations on state events for consistency with edits ([\#3540](https://github.com/matrix-org/matrix-js-sdk/pull/3540)).
* OIDC: validate id token ([\#3531](https://github.com/matrix-org/matrix-js-sdk/pull/3531)). Contributed by @kerryarchibald.
## 🐛 Bug Fixes
* Fix read receipt sending behaviour around thread roots ([\#3600](https://github.com/matrix-org/matrix-js-sdk/pull/3600)).
* Fix `TypedEventEmitter::removeAllListeners(void)` not working ([\#3561](https://github.com/matrix-org/matrix-js-sdk/pull/3561)).
* Fix an instance of failed to decrypt error when an in flight `/keys/query` fails. ([\#3486](https://github.com/matrix-org/matrix-js-sdk/pull/3486)).
* Use the right anchor emoji for SAS verification ([\#3534](https://github.com/matrix-org/matrix-js-sdk/pull/3534)).
* fix a bug which caused the wrong emoji to be shown during SAS device verification. ([\#3523](https://github.com/matrix-org/matrix-js-sdk/pull/3523)).
Changes in [26.2.0](https://github.com/matrix-org/matrix-js-sdk/releases/tag/v26.2.0) (2023-07-04)
matrix-js-sdk follows the same pattern as https://github.com/vector-im/element-web/blob/develop/CONTRIBUTING.md
Everyone is welcome to contribute code to matrix-js-sdk, provided that they are
willing to license their contributions under the same license as the project
itself. We follow a simple 'inbound=outbound' model for contributions: the act
of submitting an 'inbound' contribution means that the contributor agrees to
license the code under the same terms as the project's overall 'outbound'
license - in this case, Apache Software License v2 (see
[LICENSE](LICENSE)).
## How to contribute
The preferred and easiest way to contribute changes to the project is to fork
it on github, and then create a pull request to ask us to pull your changes
into our repo (https://help.github.com/articles/using-pull-requests/)
We use GitHub's pull request workflow to review the contribution, and either
ask you to make any refinements needed or merge it and make them ourselves.
Your PR should have a title that describes what change is being made. This
is used for the text in the Changelog entry by default (see below), so a good
title will tell a user succinctly what change is being made. "Fix bug where
cows had five legs" and, "Add support for miniature horses" are examples of good
titles. Don't include an issue number here: that belongs in the description.
Definitely don't use the GitHub default of "Update file.ts".
As for your PR description, it should include these things:
- References to any bugs fixed by the change (in GitHub's `Fixes` notation)
- Describe the why and what is changing in the PR description so it's easy for
onlookers and reviewers to onboard and context switch. This information is
also helpful when we come back to look at this in 6 months and ask "why did
we do it like that?" we have a chance of finding out.
- Why didn't it work before? Why does it work now? What use cases does it
unlock?
- If you find yourself adding information on how the code works or why you
chose to do it the way you did, make sure this information is instead
written as comments in the code itself.
- Sometimes a PR can change considerably as it is developed. In this case,
the description should be updated to reflect the most recent state of
the PR. (It can be helpful to retain the old content under a suitable
heading, for additional context.)
- Include a step-by-step testing strategy so that a reviewer can check out the
code locally and easily get to the point of testing your change.
- Add comments to the diff for the reviewer that might help them to understand
why the change is necessary or how they might better understand and review it.
### Changelogs
There's no need to manually add Changelog entries: we use information in the
pull request to populate the information that goes into the changelogs our
users see, both for Element Web itself and other projects on which it is based.
This is picked up from both labels on the pull request and the `Notes:`
annotation in the description. By default, the PR title will be used for the
changelog entry, but you can specify more options, as follows.
To add a longer, more detailed description of the change for the changelog:
_Fix llama herding bug_
```
Notes: Fix a bug (https://github.com/matrix-org/notaproject/issues/123) where the 'Herd' button would not herd more than 8 Llamas if the moon was in the waxing gibbous phase
```
For some PRs, it's not useful to have an entry in the user-facing changelog (this is
the default for PRs labelled with `T-Task`):
_Remove outdated comment from `Ungulates.ts`_
```
Notes: none
```
Sometimes, you're fixing a bug in a downstream project, in which case you want
an entry in that project's changelog. You can do that too:
_Fix another herding bug_
```
Notes: Fix a bug where the `herd()` function would only work on Tuesdays
element-web notes: Fix a bug where the 'Herd' button only worked on Tuesdays
```
This example is for Element Web. You can specify:
- element-web
- element-desktop
If your PR introduces a breaking change, use the `Notes` section in the same
way, additionally adding the `X-Breaking-Change` label (see below). There's no need
to specify in the notes that it's a breaking change - this will be added
automatically based on the label - but remember to tell the developer how to
migrate:
_Remove legacy class_
```
Notes: Remove legacy `Camelopard` class. `Giraffe` should be used instead.
```
Other metadata can be added using labels.
-`X-Breaking-Change`: A breaking change - adding this label will mean the change causes a _major_ version bump.
-`T-Enhancement`: A new feature - adding this label will mean the change causes a _minor_ version bump.
-`T-Defect`: A bug fix (in either code or docs).
-`T-Task`: No user-facing changes, eg. code comments, CI fixes, refactors or tests. Won't have a changelog entry unless you specify one.
If you don't have permission to add labels, your PR reviewer(s) can work with you
to add them: ask in the PR description or comments.
We use continuous integration, and all pull requests get automatically tested:
if your change breaks the build, then the PR will show that there are failed
checks, so please check back after a few minutes.
## Tests
Your PR should include tests.
For new user facing features in `matrix-js-sdk`, you
must include comprehensive unit tests written in Jest.
The existing tests can be found under `spec/unit`
It's good practice to write tests alongside the code as it ensures the code is testable from
the start, and gives you a fast feedback loop while you're developing the
functionality. Unit tests are necessary even for bug fixes.
When writing unit tests, please aim for a high level of test coverage
for new code - 80% or greater. If you cannot achieve that, please document
why it's not possible in your PR.
Tests validate that your change works as intended and also document
concisely what is being changed. Ideally, your new tests fail
prior to your change, and succeed once it has been applied. You may
find this simpler to achieve if you write the tests first.
If you're spiking some code that's experimental and not being used to support
production features, exceptions can be made to requirements for tests.
Note that tests will still be required in order to ship the feature, and it's
strongly encouraged to think about tests early in the process, as adding
tests later will become progressively more difficult.
If you're not sure how to approach writing tests for your change, ask for help
in [#element-dev](https://matrix.to/#/#element-dev:matrix.org).
## Code style
Code style is documented in [code_style.md](./code_style.md).
Contributors are encouraged to it and follow the principles set out there.
Please ensure your changes match the cosmetic style of the existing project,
and **_never_** mix cosmetic and functional changes in the same commit, as it
makes it horribly hard to review otherwise.
## Sign off
In order to have a concrete record that your contribution is intentional
and you agree to license it under the same terms as the project's license, we've
adopted the same lightweight approach that the Linux Kernel
(https://github.com/docker/docker/blob/master/CONTRIBUTING.md), and many other
projects use: the DCO (Developer Certificate of Origin:
http://developercertificate.org/). This is a simple declaration that you wrote
the contribution or otherwise have the right to contribute it to Matrix:
```
Developer Certificate of Origin
Version 1.1
Copyright (C) 2004, 2006 The Linux Foundation and its contributors.
660 York Street, Suite 102,
San Francisco, CA 94110 USA
Everyone is permitted to copy and distribute verbatim copies of this
license document, but changing it is not allowed.
Developer's Certificate of Origin 1.1
By making a contribution to this project, I certify that:
(a) The contribution was created in whole or in part by me and I
have the right to submit it under the open source license
indicated in the file; or
(b) The contribution is based upon previous work that, to the best
of my knowledge, is covered under an appropriate open source
license and I have the right under that license to submit that
work with modifications, whether created in whole or in part
by me, under the same open source license (unless I am
permitted to submit under a different license), as indicated
in the file; or
(c) The contribution was provided directly to me by some other
person who certified (a), (b) or (c) and I have not modified
it.
(d) I understand and agree that this project and the contribution
are public and that a record of the contribution (including all
personal information I submit with it, including my sign-off) is
maintained indefinitely and may be redistributed consistent with
this project or the open source license(s) involved.
```
If you agree to this for your contribution, then all that's needed is to
include the line in your commit or pull request comment:
```
Signed-off-by: Your Name <your@email.example.org>
```
We accept contributions under a legally identifiable name, such as your name on
government documentation or common-law names (names claimed by legitimate usage
or repute). Unfortunately, we cannot accept anonymous contributions at this
time.
Git allows you to add this signoff automatically when using the `-s` flag to
`git commit`, which uses the name and email set in your `user.name` and
`user.email` git configs.
If you forgot to sign off your commits before making your pull request and are
on Git 2.17+ you can mass signoff using rebase:
```
git rebase --signoff origin/develop
```
# Review expectations
See https://github.com/vector-im/element-meta/wiki/Review-process
# Merge Strategy
The preferred method for merging pull requests is squash merging to keep the
commit history trim, but it is up to the discretion of the team member merging
the change. We do not support rebase merges due to `allchange` being unable to
handle them. When merging make sure to leave the default commit title, or
at least leave the PR number at the end in brackets like by default.
When stacking pull requests, you may wish to do the following:
1. Branch from develop to your branch (branch1), push commits onto it and open a pull request
2. Branch from your base branch (branch1) to your work branch (branch2), push commits and open a pull request configuring the base to be branch1, saying in the description that it is based on your other PR.
3. Merge the first PR using a merge commit otherwise your stacked PR will need a rebase. Github will automatically adjust the base branch of your other PR to be develop.
Development and maintenance is proudly sponsored by [Element](https://element.io). Element uses the SDK in their flagship [web](https://github.com/element-hq/element-web) and [desktop](https://github.com/element-hq/element-desktop) clients.
The SDK is also the basis for multiple Matrix projects and we welcome contributions from all.
---
#### Minimum Matrix server version: v1.1
The Matrix specification is constantly evolving - while this SDK aims for maximum backwards compatibility, it only
guarantees that a feature will be supported for at least 4 spec releases. For example, if a feature the js-sdk supports
is removed in v1.4 then the feature is _eligible_ for removal from the SDK when v1.8 is released. This SDK has no
@@ -19,25 +37,9 @@ endpoints from before Matrix 1.1, for example.
# Quickstart
## In a browser
Download the browser version from
https://github.com/matrix-org/matrix-js-sdk/releases/latest and add that as a
`<script>` to your page. There will be a global variable `matrixcs`
attached to `window` through which you can access the SDK. See below for how to
include libolm to enable end-to-end-encryption.
The browser bundle supports recent versions of browsers. Typically this is ES2015
or `> 0.5%, last 2 versions, Firefox ESR, not dead` if using
Servers supporting [MSC3916](https://github.com/matrix-org/matrix-spec-proposals/pull/3916) (Matrix 1.11) will require clients, like
yours, to include an `Authorization` header when `/download`ing or `/thumbnail`ing media. For NodeJS environments this
may be as easy as the following code snippet, though web browsers may need to use [Service Workers](https://developer.mozilla.org/en-US/docs/Web/API/Service_Worker_API)
to append the header when using the endpoints in `<img />` elements and similar.
```javascript
constdownloadUrl=client.mxcUrlToHttp(
/*mxcUrl=*/"mxc://example.org/abc123",// the MXC URI to download/thumbnail, typically from an event or profile
/*width=*/undefined,// part of the thumbnail API. Use as required.
/*height=*/undefined,// part of the thumbnail API. Use as required.
/*resizeMethod=*/undefined,// part of the thumbnail API. Use as required.
/*allowDirectLinks=*/false,// should generally be left `false`.
/*allowRedirects=*/true,// implied supported with authentication
/*useAuthentication=*/true,// the flag we're after in this example
@@ -302,7 +311,7 @@ host the API reference from the source files like this:
```
$ yarn gendoc
$ cd _docs
$ cd docs
$ python -m http.server 8005
```
@@ -310,41 +319,131 @@ Then visit `http://localhost:8005` to see the API docs.
# End-to-end encryption support
The SDK supports end-to-end encryption via the Olm and Megolm protocols, using
[libolm](https://gitlab.matrix.org/matrix-org/olm). It is left up to the
application to make libolm available, via the `Olm` global.
`matrix-js-sdk`'s end-to-end encryption support is based on the [WebAssembly bindings](https://github.com/matrix-org/matrix-rust-sdk-crypto-wasm) of the Rust [matrix-sdk-crypto](https://github.com/matrix-org/matrix-rust-sdk/tree/main/crates/matrix-sdk-crypto) library.
It is also necessary to call `await matrixClient.initCrypto()` after creating a new
`MatrixClient` (but **before** calling `matrixClient.startClient()`) to
initialise the crypto layer.
## Initialization
If the `Olm` global is not available, the SDK will show a warning, as shown
below; `initCrypto()` will also fail.
To initialize the end-to-end encryption support in the matrix client:
```
Unable to load crypto module: crypto will be disabled: Error: global.Olm is not defined
```javascript
// Create a new matrix client
constmatrixClient=sdk.createClient({
baseUrl:"http://localhost:8008",
accessToken:myAccessToken,
userId:myUserId,
});
// Initialize to enable end-to-end encryption support.
awaitmatrixClient.initRustCrypto();
```
If the crypto layer is not (successfully) initialised, the SDK will continue to
work for unencrypted rooms, but it will not support the E2E parts of the Matrix
specification.
Note that by default it will attempt to use the Indexed DB provided by the browser as a crypto store. If running outside the browser, you will need to pass [an options object](https://matrix-org.github.io/matrix-js-sdk/classes/matrix.MatrixClient.html#initrustcrypto) which includes `useIndexedDB: false`, to use an ephemeral in-memory store instead. Note that without a persistent store, you'll need to create a new device on the server side (with [`MatrixClient.loginRequest`](https://matrix-org.github.io/matrix-js-sdk/classes/matrix.MatrixClient.html#loginrequest)) each time your application starts.
To provide the Olm library in a browser application:
After calling `initRustCrypto`, you can obtain a reference to the [`CryptoApi`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoApi.html) interface, which is the main entry point for end-to-end encryption, by calling [`MatrixClient.getCrypto`](https://matrix-org.github.io/matrix-js-sdk/classes/matrix.MatrixClient.html#getCrypto).
- download the transpiled libolm (from https://packages.matrix.org/npm/olm/).
- load `olm.js` as a `<script>`_before_`browser-matrix.js`.
**WARNING**: the cryptography stack is not thread-safe. Having multiple `MatrixClient` instances connected to the same Indexed DB will cause data corruption and decryption failures. The application layer is responsible for ensuring that only one `MatrixClient` issue is instantiated at a time.
To provide the Olm library in a node.js application:
You should normally set up [secret storage](https://spec.matrix.org/v1.12/client-server-api/#secret-storage) before using the end-to-end encryption. To do this, call [`CryptoApi.bootstrapSecretStorage`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoApi.html#bootstrapSecretStorage).
`bootstrapSecretStorage` can be called unconditionally: it will only set up the secret storage if it is not already set up (unless you use the `setupNewSecretStorage` parameter).
If you want to package Olm as dependency for your node.js application, you can
use `yarn add https://packages.matrix.org/npm/olm/olm-3.1.4.tgz`. If your
application also works without e2e crypto enabled, add `--optional` to mark it
as an optional dependency.
```javascript
constmatrixClient=sdk.createClient({
...,
cryptoCallbacks:{
getSecretStorageKey:async(keys)=>{
// This function should prompt the user to enter their secret storage key.
returnmySecretStorageKeys;
},
},
});
matrixClient.getCrypto().bootstrapSecretStorage({
// This function will be called if a new secret storage key (aka recovery key) is needed.
// You should prompt the user to save the key somewhere, because they will need it to unlock secret storage in future.
createSecretStorageKey:async()=>{
returnmySecretStorageKey;
},
});
```
The example above will create a new secret storage key if secret storage was not previously set up.
The secret storage data will be encrypted using the secret storage key returned in [`createSecretStorageKey`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CreateSecretStorageOpts.html#createSecretStorageKey).
We recommend that you prompt the user to re-enter this key when [`CryptoCallbacks.getSecretStorageKey`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoCallbacks.html#getSecretStorageKey) is called (when the secret storage access is needed).
## Set up cross-signing
To set up cross-signing to verify devices and other users, call
The [`authUploadDeviceSigningKeys`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.BootstrapCrossSigningOpts.html#authUploadDeviceSigningKeys)
callback is required in order to upload newly-generated public cross-signing keys to the server.
## Key backup
If the user doesn't already have a [key backup](https://spec.matrix.org/v1.12/client-server-api/#server-side-key-backups) you should create one:
```javascript
// Check if we have a key backup.
// If checkKeyBackupAndEnable returns null, there is no key backup.
Once the cross-signing is set up on one of your devices, you can verify another device with two methods:
1. Use `CryptoApi.bootstrapCrossSigning`.
`bootstrapCrossSigning` will call the [CryptoCallbacks.getSecretStorageKey](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoCallbacks.html#getSecretStorageKey) callback. The device is verified with the private cross-signing keys fetched from the secret storage.
2. Request an interactive verification against existing devices, by calling [CryptoApi.requestOwnUserVerification](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoApi.html#requestOwnUserVerification).
## Migrating from the legacy crypto stack to Rust crypto
If your application previously used the legacy crypto stack, (i.e, it called `MatrixClient.initLegacyCrypto()`), you will
need to migrate existing devices to the Rust crypto stack.
This migration happens automatically when you call `initRustCrypto()` instead of `initLegacyCrypto()`,
but you need to provide the legacy [`cryptoStore`](https://matrix-org.github.io/matrix-js-sdk/interfaces/matrix.ICreateClientOpts.html#cryptoStore) and [`pickleKey`](https://matrix-org.github.io/matrix-js-sdk/interfaces/matrix.ICreateClientOpts.html#pickleKey) to [`createClient`](https://matrix-org.github.io/matrix-js-sdk/functions/matrix.createClient.html):
```javascript
// You should provide the legacy crypto store and the pickle key to the matrix client in order to migrate the data.
constmatrixClient=sdk.createClient({
cryptoStore:myCryptoStore,
pickleKey:myPickleKey,
baseUrl:"http://localhost:8008",
accessToken:myAccessToken,
userId:myUserId,
});
// The migration will be done automatically when you call `initRustCrypto`.
awaitmatrixClient.initRustCrypto();
```
To follow the migration progress, you can listen to the [`CryptoEvent.LegacyCryptoStoreMigrationProgress`](https://matrix-org.github.io/matrix-js-sdk/enums/crypto_api.CryptoEvent.html#LegacyCryptoStoreMigrationProgress) event:
```javascript
// When progress === total === -1, the migration is finished.
The Rust crypto stack is not supported in a lot of deprecated methods of [`MatrixClient`](https://matrix-org.github.io/matrix-js-sdk/classes/matrix.MatrixClient.html). If you use them, you should migrate to the [`CryptoApi`](https://matrix-org.github.io/matrix-js-sdk/interfaces/crypto_api.CryptoApi.html). Also, the legacy `MatrixClient.crypto` object is not available any more: you should use `MatrixClient.getCrypto()` instead.
# Contributing
@@ -359,7 +458,7 @@ First, you need to pull in the right build tools:
## Building
To build a browser version from scratch when developing::
To build a browser version from scratch when developing:
```
$ yarn build
@@ -371,9 +470,6 @@ To run tests (Jest):
$ yarn test
```
> **Note**
> The `sync-browserify.spec.ts` requires a browser build (`yarn build`) in order to pass
Random notes from Matthew on the two possible approaches for warning users about unexpected
unverified devices popping up in their rooms....
# Original idea...
Warn when an existing user adds an unknown device to a room.
Warn when a user joins the room with unverified or unknown devices.
Warn when you initial sync if the room has any unverified devices in it.
^ this is good enough if we're doing local storage.
OR, better:
Warn when you initial sync if the room has any new undefined devices since you were last there.
=> This means persisting the rooms that devices are in, across initial syncs.
# Updated idea...
Warn when the user tries to send a message:
- If the room has unverified devices which the user has not yet been told about in the context of this room
...or in the context of this user? currently all verification is per-user, not per-room.
...this should be good enough.
- so track whether we have warned the user or not about unverified devices - blocked, unverified, verified, unverified_warned.
throw an error when trying to encrypt if there are pure unverified devices there
app will have to search for the devices which are pure unverified to warn about them - have to do this from MembersList anyway?
- or megolm could warn which devices are causing the problems.
Why do we wait to establish outbound sessions? It just makes a horrible pause when we first try to send a message... but could otherwise unnecessarily consume resources?
Random notes from Matthew on the two possible approaches for warning users about unexpected
unverified devices popping up in their rooms....
Original idea...
================
Warn when an existing user adds an unknown device to a room.
Warn when a user joins the room with unverified or unknown devices.
Warn when you initial sync if the room has any unverified devices in it.
^ this is good enough if we're doing local storage.
OR, better:
Warn when you initial sync if the room has any new undefined devices since you were last there.
=> This means persisting the rooms that devices are in, across initial syncs.
Updated idea...
===============
Warn when the user tries to send a message:
- If the room has unverified devices which the user has not yet been told about in the context of this room
...or in the context of this user? currently all verification is per-user, not per-room.
...this should be good enough.
- so track whether we have warned the user or not about unverified devices - blocked, unverified, verified, unverified_warned.
throw an error when trying to encrypt if there are pure unverified devices there
app will have to search for the devices which are pure unverified to warn about them - have to do this from MembersList anyway?
- or megolm could warn which devices are causing the problems.
Why do we wait to establish outbound sessions? It just makes a horrible pause when we first try to send a message... but could otherwise unnecessarily consume resources?
Some files were not shown because too many files have changed in this diff
Show More
Reference in New Issue
Block a user
Blocking a user prevents them from interacting with repositories, such as opening or commenting on pull requests or issues. Learn more about blocking a user.