All notable changes to Draupnir will be kept in this file.
The format is based on Keep a Changelog, and this project adheres to Semantic Versioning.
-
config.protectAllJoinedRoomswas unimplemented in versionsv2.0.2and below. This went under the radar in the beta programme because it would have only been detectable for first time testers migrating over. Reported by @cremesk and @HReflex. -
Draupnir will now automatically unprotect rooms when the bot is kicked, and send an alert to the management room.
-
config.commands.allowNoPrefixwill include the full command arguments again. Reported by @JacksonChen666 and @heftig in #707. -
Fixed an issue where the
ProtectedRoomsSetwould not be disposed on entering safe mode via the!draupnir safe modecommand. This would cause duplicate protections to apply out of date policies to protected rooms. Reported by @TheArcaneBrony in #687. -
An issue where sometimes Draupnir would crash if it were unable to fetch its own profile from the homeserver. We just fallback to nothing if this was the case #703. Reported by @JokerGermany i think.
-
RoomSetBehaviourProtectionto add theconfig.protectAllJoinedRoomsFunctionality. This is also responsible for unprotecting rooms as the bot is removed from them. -
The
!draupnir roomscommand will now distinguish between joined and protected rooms, joined but unprotected rooms, and protected but parted rooms.
Thank you to everyone who has been promptly reporting bugs and making these fixes possible <3
- The unban command now has an
--inviteoption to re-invite any users that are unbanned by the command. By @nexy7574 in #666.
-
Draupnir will now refresh the room state cache in the background after startup when the backing store is in use. Fixed by @Gnuxie.
-
Fixed issues where the bot wouldn't respond to pings from some SchildiChat, Element Web, and Element X. Reported by @Cknight70 in #686. Fixed by @Gnuxie in #699
-
Fixed an issue where Draupnir would ignore the
Retry-Afterhttp header and so not rate limit Draupnir properly. Reported and fixed by @nexy7574 in #694. -
Draupnir will respond when the
allowNoPrefixconfig option is used. Reported by @JacksonChen666 in #678. Fixed by @Gnuxie in #699. -
Draupnir will now ignore newlines in secret files, previously Draupnir was appending the newline to the secrets. Reported and fixed by @TheArcaneBrony in #696.
-
Fixed an issue where the
!draupnir unbanand the unban prompt actually banned users again at the room level instead of unbanning them. Matching policy rules were still removed. This bug was introduced in v2.0.0-beta.5. Thanks to @nexy7574 for helping to debug the issue. -
Fixed an issue where default protections would be renabled on restart if disabled, thanks to @ll-SKY-ll and @mahdi1234 for helping with debugging this.
There are no manual upgrade steps, the new protections are automatically
enabled. The only thing you should note is that Draupnir now enables the new
roomStateBackingStore by default. This improves the startup time of Draupnir
considerably but if you need to disable it, see the config documentation
here.
There are also no upgrade steps to upgrading to v2.0.0 from Mjolnir.
Please see the documentation if you are installing Draupnir for the first time.
TL;DR everything is so much better.
-
Draupnir is now much less dependant on commands and will automatically send prompts to the management room. Prompts are sent for inviting Draupnir to protect rooms, watch policy lists, banning users, and unbanning users.
-
Draupnir is much more responsive. Draupnir now does not need to request any data from the homeserver before applying new bans or to ban new users.
-
Draupnir now uses a persistent revision system for room state, members, policies, and policy matches. By using revisions, Draupnir only has to process room state once in terms of simple deltas as room state is updated.
-
Draupnir offers a room state backing store, allowing Draupnir to startup quickly, even when deployed at distance from the homeserver.
-
Protection messages have been revised to present information more efficiently in the management room.
-
A safe mode has been introduced that can be used to recover Draupnir in situations where watched lists or protected rooms become unjoinable.
-
All commands now use the new command-oriented interface-manager.
-
Protection settings have been reworked. The
!draupnir protections showcommand now shows all configurable settings for a given protection and describes how they can be modified.
In addition to hundreds of other significant fixes, UX improvements, and other changes that would be too detailed to list in this changelog. For a full list of changes, please review the CHANGELOG.
Special thanks to all contributors who helped in the beta programme: @avdb13, @bluesomewhere, @daedric7, @deepbluev7, @FSG-Cat, @HarHarLinks, @guillaumechauvat, @jimmackenzie, @jjj333-p, @JokerGermany, @julianfoad, @Kladki, @ll-SKY-ll, @mahdi1234, @Mikaela, @morguildir, @MTRNord, @nexy7574, @Philantrop, @ShadowJonathan, @tcpipuk, @TheArcaneBrony
- Enable the room state backing store by default. This is configured with the
roomStateBackingStoresetting in config. by @FSG-Cat.
-
Fix the report poller so that it no longer repeatedly sends the same reports.
-
WordListProtection: No longer send the banned word in the banned reason, by @nexy7574 in #665. -
Fixed the reporter field in the abuse report UX displaying as the sender when the report came from the report poller. Reported by @HarHarLinks in #408.
-
Show invalid settings with red crosses in
!draupnir protections show.
-
The number of unique matrix users in the protected rooms set is now shown in the status command as "protected users" .
-
!draupnir protections config resetcommand to restore the default protection settings for a protection.
- Several unused config options have been removed from the template.
fasterMembershipChecksno longer does anything or is needed.confirmWildcardBanis not used.protectedRoomsconfig option is not used anymore because it has confusing semantics. by @FSG-Cat.
- Make the unban command's
--trueoption the default behaviour. Removing a policy will automatically matching unban users from protected rooms. Changed by @nexy7574 and reported in #648
-
Stop the kick command from removing members who had left or were banned, Fixed and reported by @nexy7574 in #649.
-
Stop room's being added as server policies. Fixed by @nexy7574 reported by @FSG-Cat in #458.
-
Stop Draupnir's
WordListandBasicFloodingprotections from reacting to itself in the management room. Fixed by @nexy7574 reported by @TheArcaneBrony in #579. -
Stop duplicate notice's that Draupnir is updating room ACL in #450.
-
Fixed serverACL's were not immediately updated after unwatching or watching a new policy list. #451.
-
Fixed an issue where remote aliases couldn't be resolved unless the homeserver was already present in the room. Reported by @TheArcaneBrony in #460.
-
Fixed an issue where it was not possible to unwatch a policy room. Reported by @JokerGermany in #431, and @nexy7574 in #647.
-
Fixed an issue where if Draupnir was protecting a very large number of users then CPU could be starved for as long as a minute while matching users against policies. Reported by @TheArcaneBrony in #498.
-
Handle invalid forwarded reports properly. Reported by @Philantrop in #643.
-
The
!draupnir protections config <protection> <set/add/remove> <value>commands are now working again. A tutorial has been written explaining how to use these commands https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections. Reviewed by @FSG-Cat. -
The
BanPropagationProtectionnow shows a prompt for all unbans, even when there is no matching rule. This is to make it easier to unban a user from all the rooms draupnir is protecting, and not just when removing policy rules. Reported by @mahdi1234 in #622. -
The
JoinWaveShortCircuitProtectionhas been improved:- The
JoinWaveShortCircuitProtectionnow uses a leaky bucket token algorithm, prior to this the entire bucket got dumped after a preconfigured time. - The status command for the protection has returned and will show how full each bucket is.
- The
-
A bug where providing a bad or missing argument could render the help hint poorly or crash draupnir has been fixed. #642.
-
A new
!draupnir protections show <protection>command that can display all of the settings and capability providers for a protection. -
A new command
!draupnir protections capability <capability name> <provider name>to configure a protection's active capabilitity providers. This is experimental and is intended to be used in conjunction with the!draupnir protections show <protection>command. It's not clear whether we will demonstrate protection capabilities before or after the upcoming2.0.0release.
Special thanks to @TheArcaneBrony, @ll-SKY-ll, @MTRNord, and @daedric7 for providing support to myself and others in #draupnir:matrix.org.
-
Breaking: The Node version required to run Draupnir has been updated from Node 18 to Node 20. If you are using Debian, please follow our documentation for using Debian and node source here, kindly contributed by @ll-SKY-ll. This is due to of the release policy of one of our major dependencies, matrix-appservice-bridge, by @MTRNord in #609. We did this as part of larger work to attempt to fix issues with Element's "invisible crypto" documented in #608.
-
The Dockerfile now uses a multi-stage build, so
docker buildwill just work again. Thanks to @ShadowJonathan for reporting. We also optimized the image size just slightly. Long term we've been blocked on for years on matrix-org/matrix-rust-sdk-crypto-nodejs#19 which would allow us to use the alpine image and take the size down to under 200MB again. So if anyone can help out there it'll make a massive difference and be greatly appreciated. -
Dockerfile: entry-point was renamed frommjolnir-entrypoint.shtodraupnir-entrypoint.sh. If you have built a Dockerfile based on ours, you may need to make some changes. -
Dockerfile: source code was moved from/mjolnirto/draupnir. If you have built a custom docker image based on our Dockerfile based on ours, you may need to make some changes. -
The appservice registration file generator no longer emits
mjolnir-registration.yamlas it has been renamed todraupnir-registration.yaml. This is only a concern if you have automated tooling that generates a registration file. -
The safe mode recovery command now prompts for confirmation.
-
Some references to
Mjolnirhave been changed toDraupnirthanks to @FSG-Cat in #591.
-
Enable
proseWrapin prettier, by @Mikaela in #605. We thought that this was enabled already but turns out we missed it. -
The
no-confirmkeyword argument now has special meaning, see the safe mode recover command and renderer description for an example.
-
Safe mode now shows a preview of the persistent configs, including the property or item that is causing Draupnir to fail to start. Special thanks for the feedback from @jimmackenzie and @TheArcaneBrony. Thanks to @julianfoad for documenting the use case for safe mode.
-
Draupnir now logs at startup the path used to load its configuration file, and which options are used for loading secrets. We also show any non-default configuration values if Draupnir crashes. This is to to try make it very clear to system administrators which configuration options are being used by Draupnir and help them diagnose startup issues.
- Starting Draupnir without the
--draupnir-configoption will cause a deprecation warning.
-
The spurious warnings about not being able to find a config file when the
--draupnir-configoption was used have been been removed. -
The documentation for the
WordListProtectionin the configuration file claimed that regexes where supported when this wasn't the case. Removed by @FSG-Cat in #600. We will rewrite this protection entirely at a later date.
- Fixed a bug where sometimes the help command wouldn't show if
--keywordor options were used in an unrecognized command.
Please see Releases for more information.