e1c54f4dec
fix: Don't allow UIAA stages to be completed if no flow includes them
2026-03-31 02:20:59 +00:00
0c9fa3b7e5
feat: Add a notice about email to the first-run banner
2026-03-31 02:20:59 +00:00
f32599e030
feat: Supply more informative error message if email is disabled
2026-03-31 02:20:59 +00:00
b6f0b41d3d
feat: Ratelimit sending threepid validation emails
2026-03-31 02:20:59 +00:00
d5675b85cf
fix: Release session lock before sending threepid validation email
2026-03-31 02:20:59 +00:00
951b5abe19
refactor: Remove UiaaStatus enum
2026-03-31 02:20:59 +00:00
3885e43b5d
feat: Add support for 3pid management
2026-03-31 02:20:59 +00:00
717d319708
feat: Add support for logging in with an email address
2026-03-31 02:20:59 +00:00
0b04757bef
feat: Add support for password resets via email
2026-03-31 02:20:59 +00:00
f2b7dd6519
feat: Add a webpage for threepid validation links
2026-03-31 02:20:59 +00:00
9d06208a7a
feat: Store threepid validation sessions in memory instead of the database
2026-03-31 02:20:59 +00:00
955da3a74f
feat: Add admin commands for managing users' email addresses
2026-03-31 02:20:59 +00:00
f5db4d17d6
feat: Refactor UIAA service, add support for email stage
2026-03-31 02:20:59 +00:00
54fd1d313f
feat: Implement threepid service
2026-03-31 02:20:59 +00:00
bb7fd9efc1
feat: Implement mailer service for sending emails
2026-03-31 02:20:59 +00:00
f0c3fdfe3a
fix: Well-known read errors no longer crash resolver flow
...
Reviewed-By: Jade Ellis <jade@ellis.link >
2026-03-27 00:54:17 +00:00
8e7846c644
fix(alias): preserve room alias enumeration on delete
2026-03-26 19:23:24 +00:00
67d5619ccb
fix: Fix password reset page appearance in light mode
2026-03-18 12:42:55 -04:00
ae2b87f03f
fix: Fix M_NOT_FOUND for users with no origin set
2026-03-18 12:42:55 -04:00
d13801e976
fix: Disallow issuing password reset tokens for deactivated users
2026-03-18 12:42:55 -04:00
5716c36b47
chore: Change password reset page path
2026-03-18 12:42:55 -04:00
ffa3c53847
feat: Implement a webpage for self-service password resets
2026-03-18 12:42:55 -04:00
da8833fca4
feat: Implement a command for issuing password reset links
2026-03-18 12:42:55 -04:00
267feb3c09
feat: Add a new service for handling password resets
2026-03-18 12:42:55 -04:00
acef746d26
fix(deps): Update rust crate recaptcha-verify to 0.2.0
2026-03-17 13:20:50 +00:00
ff85145ee8
fix: missing logic inversion for acquired keys (should speed up room joins)
2026-03-13 20:54:38 -04:00
906c3df953
style: Reduce migration warning verbosity to info
...
They aren't actually warning of anything
2026-03-09 13:30:24 +00:00
33e5fdc16f
style: Reduce verbosity of fix_corrupt_msc4133_fields
2026-03-09 13:30:24 +00:00
77ac17855a
fix: Don't fail on invalid stripped state entries during migration
2026-03-09 13:30:24 +00:00
65ffcd2884
perf: Insert missed migration markers into fresh databases
2026-03-09 13:30:24 +00:00
7ec88bdbfe
feat: Make noise about migrations and make errors more informative
2026-03-09 13:30:24 +00:00
da3fac8cb4
fix: Use more robust check for max_request_size
2026-03-09 13:27:39 +00:00
3366113939
fix: Retrieve content_type and video width/height
2026-03-09 13:27:39 +00:00
9039784f41
fix: Clippy lints
2026-03-09 13:27:39 +00:00
7f165e5bbe
fix: Refactor and block media downloads larger than max_request_size
2026-03-09 13:27:39 +00:00
e8746760fa
feat(url-preview): Optionally download audio/video files for url preview requests
2026-03-09 13:27:39 +00:00
94c5af40cf
fix: Automatically remove corrupted appservice registrations
2026-03-06 14:21:04 +00:00
5eb74bc1dd
feat: Readded support for reading registration tokens from a file
...
Co-authored-by: Ginger <ginger@gingershaped.computer >
2026-03-04 15:06:26 +00:00
80c9bb4796
fix(rooms): prevent removing admin room alias
...
Only the server user can now remove the #admins alias, matching the
existing check for setting the alias. This prevents users from
accidentally breaking the admin room functionality.
fixes #1408
2026-03-04 15:05:24 +00:00
83883a002c
fix(complement): Fix complement conflicting with first-run
...
- Disabled first-run mode when running Complement tests
- Updated logging config under complement to be a bit less verbose
- Changed test result and log output locations
2026-03-04 15:04:37 +00:00
8dd4b71e0e
fix: make dropped PDU warning less useless
2026-03-04 14:58:01 +00:00
754959e80d
fix: Don't process admin escape commands for local users from federation
...
Reviewed-By: timedout <git@nexy7574.co.uk >
2026-03-03 19:55:50 +00:00
37888fb670
fix: Limit body read size of remote requests (CWE-409)
...
Reviewed-By: Jade Ellis <jade@ellis.link >
2026-03-03 19:54:34 +00:00
1a7bda209b
feat: Implement Dehydrated Devices MSC3814
...
Co-authored-by: Jade Ellis <jade@ellis.link >
Signed-off-by: Jason Volk <jason@zemos.net >
2026-03-03 19:39:53 +00:00
b507898c62
fix: Bump ruwuma again
2026-03-03 18:10:28 +00:00
558262dd1f
chore: Refactor transaction_ids -> transactions
2026-02-23 17:44:35 +00:00
d311b87579
chore: Fix incorrect capitalisation
...
I didn't realise I agreed to take an English class with @ginger while
working on this server lol
2026-02-23 17:25:12 +00:00
8702f55cf5
fix: Don't panic if nobody's listening
2026-02-23 17:22:37 +00:00
92351df925
refactor: Make federation transaction handle errors correctly
...
We have a dedicated error type that's then matched.
Event sorting is now infallible.
Could probably be cleaned up in a bit.
2026-02-23 16:36:46 +00:00
47e2733ea1
refactor: Make stream utils generic over the error type
2026-02-23 16:36:46 +00:00
Ginger
timedout
Niklas Wojtkowiak
Renovate Bot
Shane Jaroch
Trash Panda
Ben Botwin
31a05b9c
Jade Ellis
Jason Volk