v2.0.0-beta.3

What's Changed

• Send a notice when protections have missing permissions in protected rooms.
• Reapply MemberBanSynchronisationProtection and ServerBanSynchronisationProtection once permission requirements have been met in newly protected rooms.
• Fixed typo in README.md by @avdb13 in #368
• documentation has been moved to https://the-draupnir-project.github.io/draupnir-documentation/docs/intro & https://github.com/the-draupnir-project/draupnir-documentation by @FSG-Cat.

Please see the notes for v2.0.0-beta.0 for a full list of changes.

Fixes for bugs introduced since v2.0.0-beta.0

• Fixed an issue with the unban command, reported by @guillaumechauvat & @Kladki.
• Fixed an issue with prompt-for-accept in all commands, reported by @FSG-Cat.
• Fixed an issue where policies removed by @jjj333-p's spam police stopped Draupnir from being able to watch the list, reported by @daedric7.

New Contributors

• @avdb13 made their first contribution in #368

Full Changelog: v2.0.0-beta.2...v2.0.0-beta.3

v2.0.0-beta.2

What's Changed

• Make Draupnir refer to it self in help output by @FSG-Cat in #358
• Stop MemberBanSynchronisationProtection reacting twice to some joins, reported by @mahdi1234
• Stop capability renderers from showing consequences as failed when they were really OK, reported by @mahdi1234

Full Changelog: v2.0.0-beta.1...v2.0.0-beta.2

v2.0.0-beta.1

This is just a simple patch update on the previous prerelease with a couple of changes:

• The startup complete message has returned and Draupnir will show the status command after starting.
• It's now clearer if protections have failed to apply a consequence without drilling down into the <details> elements.

Please see the notes for v2.0.0-beta.0 for a full list of changes.

v2.0.0-beta.0

Process

We've now merged our changes to depend on the MPS (matrix-protection-suite). We're in the process of beta
testing v2.0.0 and this is the first of those pre-releases.

This release notes page is likely incomplete and will be updated
as more changes are uncovered or summarised.

What's Changed

• Draupnir now uses MPS (matrix-protection-suite) to provide its core functionality.
• Draupnir no longer requests components of room state when applying various actions, which should lead to a huge noticeable difference to Draupnir's responsiveness.
• An optional RoomStateBackingStore has been added to improve startup time for instances that run against slow servers
  (e.g. matrix.org). Checkout the config description for it here.
• New protections MemberBanSynchronisationProtection, ServerBanSynchronisationProtection, RedactionSynchronisationProtection, and PolicyChangeNotification.
  • These replace the core functionality for applying policies related to users, servers and redactions.
  • They will be enabled by default when you upgrade.
• config.disableServerACL will disable the ServerBanSynchronisationProtection.
• The joins, since, default, sync, protections status commands have all been removed for now.
• The DetectFederationLag protection has been removed.
• We have new contributing documentation.

Upgrade steps

There are no manual upgrade steps, the new protections are automatically enabled.
The only thing you should note is that if you notice that Draupnir is slow to startup, then you should enable the room state backing store

⚠️ Some configuration options may no longer be functioning (alternatives are pending)

• config.noop will do nothing.
• config.protectedRooms will also do nothing, and protected rooms need to be configured using !draupnir rooms add/remove.

Development Changes Summary

• MPS now parses events sourced from /sync, appservice push, and
  other APIs for us, so no more any or unknown.
• MPS provides us with string types for StringRoomID, StringEventID,
  and StringUserID. So no more mixing those up.
• MPS provides us with an interface to immutable room state snapshots
  with the RoomStateRevisionIssuer and RoomStateRevision.
• MPS provides PolicyRoomRevisionIssuer, PolicyRoomRevision,
  RoomMembershipRevisionIssuer, and RoomMembershipRevision to
  provide a convenient interface for listening to changes to
  room membership and policy rules.
• MPS provides protections with new hooks:
  • handleTimelineEvent
  • handlePolicyChange
  • handleMembershipChange
  • handleStateChange
  • handleEventReport
  • handleProtectionDisable
• Capability providers are introduced:
  • Each capability has an interface.
  • A CapabilityProvider constructs an instance, a Capability,
    that matches the matching capability interface.
• Protections now carry out their effects through instances of
  Capability:
  • Each ProtectionDescription describes a capability set with
    their interfaces.
  • Each ProtectionDescription describes a default capability
    provider to use to fulfill the prior interface.
  • When a Protection is instantiated, capability providers can be
    swapped and replaced provided they match the same interface.
  • This means that you can extend or change the functionality
    of protections without changing the code of the protections.

Internal Changes

• moved MatrixEmitter to matrix-protection-suite-for-matrix-bot-sdk and replaced with the SafeMatrixEmitter
• moved ProtectedRoomsConfig to matrix-protection-suite and has been interfaced away from Mjolnir's account data.
• moved ProtectedRoomsSet has been moved to matrix-protection-suite and now provides the fundamental event source for protections.
• deleted RoomMembers and has not been completely replaced. In matrix-protection-suite there exists an alternative of SetMembership and RoomMembershipRevisions.
  • RoomMembers would only load members that had joined since Mjolnir had started, membership revisions have all members.
  • There is no API for finding when a member first joined the room, since this is a lot more complicated to do and I don't know yet if that
    is the right metric protections should use for finding if a user is new or not or participating.
• moved AccessControlUnit to matrix-protection-suite, it no longer acts as a cache for rules though, PolicyRoomRevisions handle that instead.
• moved ListRule to matrix-protections-suite as PolicyRule.
• deleted PolicyList. Has been replaced by distinct components
  • PolicyRoomRevision: An immutable snapshot of policies in a room.
  • PolicyRoomRevisionIssuer: Creates PolicyRoomRevisions as room state changes and emits events to notify listeners.
  • PolicyRoomEditor: Edits policies in a policy room.
  • PolicyRoomManager: Provides and builds the issuers and editors.
• deleted PolicyListManager. Has been replaced with PolicyListConfig in the matrix-protection-suite.
• moved ServerACL to matrix-protection-suite, now called the ServerACLBuilder.
• renamed Mjolnir to Draupnir.
  • Draupnir has far fewer responsibilities than Mjolnir, we have and are continuing to move as much functionality as possible to protections.
• deleted RuleServer this was never used in production and we do not have access to the Synapse module it was written for, so it is impossible to maintain.
• moved RoomUpdateError to the matrix-protection-suite.
• moved several interface manager components to MPS:
  • CommandError and CommandException are now ActionError and ActionException.
  • MatrixRoomReference types are now sourced from the matrix-protection-suite.
  • There are new string types for StringUserID, StringRoomID and StringEventID.
• deleted room directory commands
  • 76a58b6
  • It didn't seem like these ever worked with a Synapse admin API?
• deleted joins and since commands:
  • joins depended on the API RoomMembers provided and we do not have a replacement for finding the join time.
  • They did not work as intended because they could only provide information for joins that happened while Draupnir
    was running.
  • If necessary, we could bring back an equivalent API that shows anyone with a top level membership of join
    as a recent joiner.
• deleted default banlist command, as there is no place where we have a default list.
  • The implementation from Mjolnir stored this list as a "default shortcode" to find a list with, which is not great either.
• deleted sync command
  • As all functionality that the sync command effected has now been moved to protections,
    the concept doesn't move across very well. There might be a replacement in future if it makes sense.
• deleted DetectFederationLag this is a pretty huge protection 4b41541
  • It can be brought back in the future, there is not time to make it work and it never did work as intended.
  • It is a shame because it was a bold piece of work.
• deleted protections status <protection> command.
  • There needs to be some thought about how to give protections their own commands.
  • fc163ed
  • 4110b62
• ? verify permissions command may or may not be working?
  • 9b48a48
• moved all remaining commands to use the interface manager introduced in v1.80.0.
• deleted Mjolnir's ProtectionManager as it has been made redundant in MPS.
• replaced consequences. The same functionality is now provided by CapabilityProviders.
• deleted AppServiceBotEmitter. No code uses emitters anymore.
• added DraupnirFactory:
  • This uses matrix-protetion-suite's ClientsInRoomsMap and RoomStateManagerFactory to create Draupnir.
• delted MjolnirManager:
  • Now depends on a DraupnirManager and AppserviceDraupnirManager which have smaller and cleaner implementations.
• added <span> to DeadDocument
• enabled Member/ServerBanSynchronisation protections by default
• added RoomStateBackingStore.
• pass config.disableServerACL to ServerBanSynchronisationProtection
• added PolicyChangeNotificationProtection

Full Changelog: v1.87.0...v2.0.0-beta.0

v1.87.0

⚠️ Warning

To those running against gnuxie/draupnir:develop or the main branch, we are about to begin the process of merging Draupnir MPS. We advise you to pin against this release, gnuxie/draupnir:v1.87.0. Draupnir MPS is a rewrite of the entire core, and its release will be v2.0.0, we do however expect migration to be seamless (with no intervention required). However, the main branch is likely going to become unstable and the UX is temporarily going to be disrupted. More news to follow over the coming weeks.

What's Changed

• @FSG-Cat has drastically improved documentation for running the appservice mode of deployment, and has done the work to add a role to matrix-ansible-docker-deploy to help new admins. The appservice is still alpha quality and we recommend waiting for further QOL improvements to follow post Draupnir v2.0.0 before starting trying this out yourself.
• Some changes to the appservice mode of deployment have been made:
  • The appservice bot has been renamed to @draupnir-moderation by default
  • The default mxid for provisioned draupnir now include draupnir in their name rather than mjolnir, with thanks to @MTRNord. This is a backwards compatible change if your registration file contains both draupnir and mjolnir as namespaces within the appservice registration file.
  • The restart admin command for the appservice has been fixed

Full Changelog: v1.86.2...v1.87.0

v1.86.2

• @TheArcaneBrony contributed two new command line options for loading secrets from secret management systems, such as systemd's service credentials. The documentation is here.
  • The access token can be provided with the option --access-token-path.
  • The Pantalaimon password can be provided with the option --pantalaimon-password-path.

Miscellaneous

• Bump jsdom from 16.7.0 to 24.0.0 by dependabot in #215

New Contributors

• @TheArcaneBrony made their first contribution in #242

Full Changelog: v1.86.1...v1.86.2

v1.86.1

• Fixed a bug where a banned user's messages would not immediately be redacted if they were banned as a result of a newly issued policy from a watched list. #210. This bug was introduced in v1.85.0.

Full Changelog: v1.86.0...v1.86.1

v1.86.0

The main points

• The project is now licensed under AFL-3.0 which is an OSI approved license, previously Draupnir was licensed under the Cooperative Software License. Please see #176 for details and rationale. Organised by @Gnuxie.
• Docker images are now built with node 20, contributed by @MTRNord in #129.
• @Gnuxie says: You have probably noticed that it has been three months since the last release, and this is because I have been extracting and rearchitecting the core of Draupnir (and Mjolnir) into a TypeScript library which Draupnir will depend upon in an upcoming release. The decision to create the library was taken because it has always been very difficult to maintain protections or consider adding features which lay on a limiting and neglected foundation, and it is simpler to attempt to remedy that before addressing the bigger issues that Draupnir and Mjolnir have. Because by continuing to work with limiting structural problems, each change can (and often does) exacerbate or complicate existing issues. However I am going to remind you that these issues are mostly natural to software as it ages, especially for a project like Mjolnir/Draupnir, which has been a product of a complicated context and spontaneous solutions.
• @Gnuxie says a special thank you to everyone who has been providing support for others using Draupnir in https://matrix.to/#/#draupnir:matrix.org and elsewhere.

Developments in Development

• We have finally migrated away from tslint to eslint, contributed by @MTRNord in #88.

New Contributors

• @julianfoad made their first contribution in #133

Miscellaneous

• Decrease dependency update check to weekly by @Mikaela in #124
• Fix link to our own copy of moderators.md by @julianfoad in #133
• Add an example gif for prompt to ban command. by @Gnuxie in #100
• Bump the github-actions group with 4 updates by @dependabot in #125
• pre-commit autoupdate by @Mikaela in #143
• Add support for bot-sdk crypto as an experimental flag by @MTRNord in #145
• Fix markdown trailing whitespace & exlude .svg from trailing-whitespace checks by @Mikaela in #148
• Bump crypto-js from 4.1.1 to 4.2.0 by @dependabot in #159
• Bump postcss from 8.4.16 to 8.4.31 by @dependabot in #140
• Bump follow-redirects from 1.15.1 to 1.15.4 by @dependabot in #203
• Bump the github-actions group with 1 update by @dependabot in #162
• Bump body-parser from 1.20.1 to 1.20.2 by @dependabot in #119
• Bump express and @types/express by @dependabot in #121
• Change self references from Gnuxie/Draupnir to the-draupnir-project/Draupnir by @FSG-Cat in #208

Full Changelog: v1.85.1...v1.86.0

v1.85.1

• Fixed a nasty bug where any errors updating the room would crash the bot while trying to show the management room the error. Typically this would mean if you tried to add a room without giving the bot sufficient permissions, the bot would immediately crash. This was introduced in v1.85.0. by @Gnuxie in #123.
• Upgrade matrix-appservice bridge to ^9.0.1 by @MTRNord in #102. Versions of node above 18 can now be used without upsetting matrix-appservice-bridge's engine requirements.

Miscellaneous

• .github/dependabot.yml: explicitly configure dependabot by @Mikaela in #103
• .github/dependabot.yml: attempt to group updates by @Mikaela in #114
• Bump the development-dependencies group with 9 updates by @dependabot in #116
• Bump the everything group with 4 updates by @dependabot in #115
• Bump yaml from 2.2.2 to 2.3.2 by @dependabot in #111
• dependabot.yml: rename everything to github-actions by @Mikaela in #120
• Bump config and @types/config by @dependabot in #118

Full Changelog: v1.85.0...v1.85.1

v1.85.0

Changes of behaviour

• Server ACL can be disabled with the config option disableServerACL. Requested by @mahdi1234, @bones-was-here and @JokerGermany. by @Gnuxie in #85.
• config.verboseLogging has been deprecated and will be removed in a future version. by @Gnuxie in #98.
• Unbanning a user in a room from a client will create a prompt in the management room to unban the user from all lists and rooms. by @Gnuxie in #93.
• Errors from updating rooms now appear in collapsible <detail> elements. Requested by @Mikaela and @MTRNord . by @Gnuxie in #85.
• Multiple errors from updating the same protected room will now show, rather than just the first. This comes at a cost if you have a persistent error from a protected room (such as incorrect permissions). these errors might get shown multiple times at startup. by @Gnuxie in #85.

Other changes

• A bug has been fixed where the bot crashed when a list was selected in the ban propagation prompt that could not be written to. by @Gnuxie in #93.
• A command has been added that allows to easily set the display name of a bot. Requested by @Mikaela. by @MTRNord in #91.
• A bug has been fixed where Draupnir would stop processing member bans in a room when Draupnir was unable to ban just one member. Reported by @Mikaela. by @Gnuxie in #79.

Appservice specific changes

• The help command for admins follows a similar format to Draupnir's with expandable boxes. Use the new help style on the appservice commands and add missing descriptions for the arguments by @MTRNord in #69.
• A health endpoint has been added to the appservice and metrics via prometheus by @MTRNord in #70.
• D4A: Make Provisioned User get PL for management room at creation of management room. by @FSG-Cat in #73.

Development and Miscellaneous changes

• Bump semver from 5.7.1 to 5.7.2 by @dependabot in #66
• Bump word-wrap from 1.2.3 to 1.2.4 by @dependabot in #67
• Update to typescript 5 by @MTRNord in #68
• Add a missing dash to the docker command in the appservice documentation by @MTRNord in #61
• Add pre-commit configuration by @Mikaela in #34
• A simple script for testing room membership query. by @Gnuxie in #81
• .editorconfig: fix invalid value s/off/unset/g by @Mikaela in #86
• Bump matrix-appservice-bridge from 8.1.1 to 8.1.2 by @dependabot in #71
• package.json: refer to https clone url by @Mikaela in #90
• Revisit Mjolnir's ErrorCache. by @Gnuxie in #85
• Bring various documentation up to date with current events. by @Gnuxie in #94
• Use --forbid-only flag in integration test suite. by @Gnuxie in #97

Full Changelog: v1.84.0...v1.85.0