v1.6.2

Changelog

Year

• We are now in 2023. Happy New Year to all!

Bot

• Change of behavior The bot can now start even if it doesn't manage to resolve some policy rooms. Note that this situation is not ideal, because a broken policy room means that your protections are most likely broken, but at least users are now able to use Mjölnir to fix that list by @Yoric in 433ff7e.
• Change of behavior Setting autojoinOnlyIfManager is now true by default by @Gnuxie in 1d3da94.
• Performance improvement Changing the policy sync algorithm means that we need fewer communications with the homeserver whenever there are policy list changes by @Gnuxie in 704bb66.

Monitoring

• Mjölnir now supports sending events and alerts to a Sentry server by @Yoric in 2915757.

Dependencies

• Bump express 4.17.3 in dafbd20

v1.6.1

Changelog

Bot:

• Change of behaviour: Mjolnir now supports specifying the config file with the argument --mjolnir-config. It is highly recommended that you do this as opposed to relying on the environment variable NODE_ENV. The documentation for running with docker and from source have been updated accordingly.
• Change of behaviour: If you had run latest since v1.5.0 or v1.6.0, briefly mjolnir would have loaded default.yaml if NODE_ENV was unset, whereas previously it would have loaded development.yaml. This led to highly confusing behaviour as the documentation for running from source had instructed users to create development.yaml without setting NODE_ENV=development while running mjolnir, which was how mjolnir understood to load development.yaml in all previous versions. Silently loading the default was an undocumented new behaviour that has now been removed.
• Fixed a bug where if config.protectAllJoinedRooms was enabled mjolnir would temporarily start protecting all watched policy lists at startup. by @Gnuxie in #431. Thanks to @cremesk for reporting.

Full Changelog: v1.6.0...v1.6.1

v1.6.0

Changelog

Bot:

Changes of behaviour:

• Use stable prefixes for policy recommendations (m.ban instead of org.matrix.mjolnir.ban) by @deepbluev7 in #329
• Always echo policy list changes. List changes are now always enabled, whereas before they where only shown with config.verboseLogging. Mjolnir now no longer hides changes made by the same mjolnir account, providing the user with feedback for changes they have made to policy lists after using the ban/unban commands. by @Gnuxie in #401
• Replaced acceptInvitesFromGroup with acceptInvitesFromSpace. by @Gnuxie in #338
• Policy lists created by mjolnir will now be done so with support for MSC3784. by @Gnuxie in #386

Everything else:

• Fix the WordList protection which was matching every message. by @Gnuxie in #427
• Rework the banning and unbanning of entities in PolicyLists by @Gnuxie in #345:
  • Unbanning no longer searches for rules by state_key but by entity.
  • Users with longer mxids can now be banned.
  • Mjolnir no longer waits for the next client sync before applying server ACL and member bans after using the ban command
• Improve the clarity of the unban command. Users marked as banned by the Flooding and FirstMessageIsMedia protections can now be unbanned with the ban command. Using the unban command without true will now warn the user that room level bans will not be overridden. by @Gnuxie in #402
• Fix config.protectAllJoinedRooms leaking into explicitly protected rooms and mjolnir trying to protect watched lists in some circumstances. You would only have been impacted by this if you ran latest. by @Gnuxie in #385
• Add policy list shortcodes to status command output by @tanriol in #312
• Fix typo in config set command response by @sharp-tailed in #382
• Fixed a bug where Mjolnir would temporarily apply a stale m.room.server_acl event to rooms during batching by @Gnuxie in #33

Documentation:

• Add section on Trusted Reporters to docs/moderators.md by @jesopo in #332
• Fix example to have correct incantation by @erikjohnston in #358
• Fixed typo in docs/moderators.md by @mahdi1234 in #389
• Update docs/setup_selfbuild.md to explicitly provide a config and not rely on implicit behaviour from previous version. by @Gnuxie in #429

New Contributors

• @deepbluev7 made their first contribution in #329
• @Half-Shot made their first contribution in #337
• @erikjohnston made their first contribution in #358
• @tanriol made their first contribution in #312
• @sharp-tailed made their first contribution in #382
• @mahdi1234 made their first contribution in #389

Full Changelog: v1.5.0...v1.6.0

Minor changes impacting development

• Update tsconfig.json touse ES2021 by @Half-Shot in #337
• Towards opinions in PolicyLists. by @Yoric in #336
• Stop the config being global (in almost all contexts). by @Gnuxie in #334
• change report polling to read oldest first, so we paginate to end and wait by @jesopo in #353
• load config yaml manually, remove more references to static config by @jesopo in #347
• use requested path to configs by @jesopo in #357
• matrix.to urls for aliases don't need a via param by @jesopo in #348
• Missing awaits on floating promises in tests. by @Gnuxie in #359
• support compound consequences, switch WordList to consequences by @jesopo in #351
• Refactor protected rooms. by @Gnuxie in #371
• CI: Let's try and cache mx-tester installs by @Yoric in #383
• Update tests and instructions to intercept reports also with v3 endpoint by @Yoric in #388
• Access Control by @Gnuxie in #378
• Unbitrotting ruleserver tests by @Yoric in #418

v1.5.0

Changelog

Bot:

• Change of behaviour: The minimum supported node version is now node 16.
• Add the option for reports to be polled via the synapse admin API (rather than configuring proxy pass-through). by @jesopo in #259
• Add the option to disable the displaying new reports in moderation room (so that you can use the TrustedReporters protection without the abuse reports features) by @jesopo in #320
• Add a !mjolnir rules matching <entity> command to search watched lists. by @Gnuxie in #307
• Add Glob support to the kick command by @jae1911 in #291
• A background queue for kicking (to reduce the load of large glob kicks) by @Yoric in #296
• Improve the performance of the redact command. by @Gnuxie in #297
• Improve documentation (including dedicated setup documentation) by @ShadowJonathan in #277
• Add !mjolnir since 1day mute 100 command: adding the ability to mute by @Yoric in #272

New Contributors

• @jae1911 made their first contribution in #291

Full Changelog: v1.4.2...v1.5.0

v1.4.2

Changelog

Bot:

• Added new JoinWaveShortCircuit protection, thanks to @ShadowJonathan with #280. This protection can be used to detect a mass-join scenario and set the room to invite-only.
• Change of behaviour: Mjolnir will now apply server ACL and member bans to the most recently active rooms first (while syncing). The order was random before.
• The causes of errors at startup (e.g. via misconfiguration) have been made more clear.
• The image with the latest tag on dockerhub is now correctly in sync with the main branch.

Synapse Module:

• The python module version is now in sync with the current git tag.
• The Readme's example config has been fixed (thanks to @maranda ).

v1.4.1

Bot

• remove line leftover from debugging that caused BasicFloodingProtection to issue kicks by @jesopo in #254 (thanks @JokerGermany for reporting)
• show room ID when logging protection consequences by @jesopo in #255

Full Changelog: v1.4.0...v1.4.1

v1.4.0

Changelog

Antispam module:

• Fix incorrect type declaration in check_username_for_spam by @Gnuxie in #250 (thanks @squahtx for reporting)
• Fix block_usernames config option by @DMRobertson in #246 (issue #244)
• Move message_limit into antispam by @Gnuxie, a new protection for limiting the length of messages on your homeserver #243

Bot:

• A room Protection designed to measure & detect federation lag in a room as an early warning for mass spam by @Yoric in #217
• Reduce stackspam in logs from http errors by @Yoric in #237
• send whole channel shutdown reason, not just the first word by @jesopo in #242 (thanks @verymilan for reporting issue #239)
• Add command to elevate a user (or the bot) as room administrator using Synapse's make_room_admin by @maranda in #219
• A command to show when users in a given room have joined by @Yoric in #225
• standard protection consequences by @jesopo, making it easier to write new protections in #232
• New command !mjolnir since <date or duration> <kick | ban | show> <limit> [reason] [...rooms], to filter through recent joiners by @Yoric in #238

Full Changelog: v1.3.2...v1.4.0

v1.3.2

Changelog

Bot:

• Added experimental protection to take action on reports from trusted users.
• Fixed missing CORS headers for Report API responses (thanks to @maranda).
• Batch updates from watched lists together so that changes to server bans will result in less server ACL events being sent to protected rooms.
• Legacy rules will be checked for and removed when unbanning (thanks to @heftig for reporting #220)

v1.3.1

Changelog

Bot:

• Fixed a crash during startup because of missing configuration for an experimental feature (#206 thanks @cremesk)

v1.3.0

Changelog

Bot:

• Changed minimum supported node version to 14.
• Added reporting of external changes to watched policy lists to the management room.
• Changed labels in the abuse reporting UX to be smaller.
• Fix where abuse reporting would react to irrelevant reactions in the management room.
• Added configuration of protections through management room commands.
• Added initial capability for running Mjolnir with rate limiting (not recommended).
• Change of behaviour: Mjolnir will now use the MSC2313 m.policy.rule.* event type for policies (see #12).