-
Notifications
You must be signed in to change notification settings - Fork 385
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
MSC4069: Inhibit profile propagation #4069
base: main
Are you sure you want to change the base?
Conversation
be more readily possible. For example, a client *introducing* per-space memberships might use this | ||
new query parameter to make it easier to manually apply `m.room.member` event changes. | ||
|
||
## Alternatives |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Instead of propagating at /avatar_url
and /displayname
, it could be part of m.room.member
. A "locked": true
(or similar) in the content would cause the server to not update that member event.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
so, I've been thinking about this a lot. There's some potential privacy concerns with revealing the information. Specifically, it tells other members of the room that the user is definitely using a customized, non-default, profile in the room. On the other hand, any malicious party wanting to make use of that information could just GET the user's default profile to find their "real" profile anyways. A separate MSC would be good to add protections/guarantees around the user's [default] profile (who can access it, etc).
Eventually it'd also be good to move the profile out of the m.room.member
event, to give at minimum separation of concerns. Currently the membership event's primary purpose is to denote the user's, well, membership. Profile information is added on as a convenience. While scalable, it feels a bit overloaded to use the event for two things.
The third concern is mostly one of backwards compatibility. Clients may already have UX which says the user's profile changes everywhere. If we add locked: true
to the membership event, that client UX is now a lie. This is relatively minor, but worth noting as an incompatibility. By preventing propagation at the endpoint level, existing clients can maintain their UX and new clients can more obviously add a toggle or similar to "overwrite" the profile in all rooms, or otherwise tailor their UI for their specific use case.
Overall, I think I'm still in favour of using the endpoint-level control, though a counter MSC to discuss the m.room.member
flagging would be interesting.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
A possibly third option: m.profile_locked
as a per-room account data event. This state would not be visible to other users. I would prefer this to a locked
property in the membership event, but would prefer endpoint-level control over both.
Synapse 1.98.0 will be the last Synapse release in 2023; the regular release cadence will resume in January 2024. Synapse will soon be forked by Element under an AGPLv3.0 licence (with CLA, for proprietary dual licensing). You can read more about this here: - https://matrix.org/blog/2023/11/06/future-of-synapse-dendrite/ - https://element.io/blog/element-to-adopt-agplv3/ The Matrix.org Foundation copy of the project will be archived. Any changes needed by server administrators will be communicated via our usual announcements channels, but we are striving to make this as seamless as possible. No significant changes since 1.98.0rc1. - Synapse now declares support for Matrix v1.7, v1.8, and v1.9. ([\matrix-org#16707](matrix-org#16707)) - Add `on_user_login` [module API](https://matrix-org.github.io/synapse/latest/modules/writing_a_module.html) callback for when a user logs in. ([\matrix-org#15207](matrix-org#15207)) - Support [MSC4069: Inhibit profile propagation](matrix-org/matrix-spec-proposals#4069). ([\matrix-org#16636](matrix-org#16636)) - Restore tracking of requests and monthly active users when delegating authentication via [MSC3861](matrix-org#16672) to an OIDC provider. ([\matrix-org#16672](matrix-org#16672)) - Add an autojoin setting for server notices rooms, so users may be joined directly instead of receiving an invite. ([\matrix-org#16699](matrix-org#16699)) - Follow redirects when downloading media over federation (per [MSC3860](matrix-org/matrix-spec-proposals#3860)). ([\matrix-org#16701](matrix-org#16701)) - Enable refreshable tokens on the admin registration endpoint. ([\matrix-org#16642](matrix-org#16642)) - Consistently bypass rate limits when using the server notice admin API. ([\matrix-org#16670](matrix-org#16670)) - Fix a bug introduced in Synapse 1.7.2 where rooms whose power levels lacked an `events` field could not be upgraded. ([\matrix-org#16725](matrix-org#16725)) - Fix `GET /_synapse/admin/v1/federation/destinations` [admin API](https://matrix-org.github.io/synapse/latest/usage/administration/admin_api/index.html) returning null (instead of 0) for `retry_last_ts` and `retry_interval`. ([\matrix-org#16729](matrix-org#16729)) - Add schema rollback information to documentation. ([\matrix-org#16661](matrix-org#16661)) - Fix poetry version typo in the [contributors' guide](https://matrix-org.github.io/synapse/latest/development/contributing_guide.html). ([\matrix-org#16695](matrix-org#16695)) - Switch the example UNIX socket paths to `/run`. Add HAProxy example configuration for UNIX sockets. ([\matrix-org#16700](matrix-org#16700)) - Add documentation for how to validate the configuration file with `synapse.config` script. ([\matrix-org#16714](matrix-org#16714)) - Clean-up unused tables. ([\matrix-org#16522](matrix-org#16522)) - Reduce a little database load while processing state auth chains. ([\matrix-org#16552](matrix-org#16552)) - Reduce database load of pruning old `user_ips`. ([\matrix-org#16667](matrix-org#16667)) - Reduce DB load when forget on leave setting is disabled. ([\matrix-org#16668](matrix-org#16668)) - Ignore `encryption_enabled_by_default_for_room_type` setting when creating server notices room, since the notices will be send unencrypted anyway. ([\matrix-org#16677](matrix-org#16677)) - Correctly read the to-device stream ID on startup using SQLite. ([\matrix-org#16682](matrix-org#16682)) - Reoranganise test files. ([\matrix-org#16684](matrix-org#16684)) - Remove old full schema dumps which are no longer used. ([\matrix-org#16697](matrix-org#16697)) - Raise poetry-core upper bound to <=1.8.1. This allows contributors to import Synapse after `poetry install`ing with Poetry 1.6 and above. Contributed by Mo Balaa. ([\matrix-org#16702](matrix-org#16702)) - Add a workflow to try and automatically fixup linting in a PR. ([\matrix-org#16704](matrix-org#16704)) * Bump cryptography from 41.0.5 to 41.0.6. ([\matrix-org#16703](matrix-org#16703)) * Bump cryptography from 41.0.6 to 41.0.7. ([\matrix-org#16721](matrix-org#16721)) * Bump idna from 3.4 to 3.6. ([\matrix-org#16720](matrix-org#16720)) * Bump jsonschema from 4.19.1 to 4.20.0. ([\matrix-org#16692](matrix-org#16692)) * Bump matrix-org/netlify-pr-preview from 2 to 3. ([\matrix-org#16719](matrix-org#16719)) * Bump phonenumbers from 8.13.23 to 8.13.26. ([\matrix-org#16722](matrix-org#16722)) * Bump prometheus-client from 0.18.0 to 0.19.0. ([\matrix-org#16691](matrix-org#16691)) * Bump pyasn1 from 0.5.0 to 0.5.1. ([\matrix-org#16689](matrix-org#16689)) * Bump pydantic from 2.4.2 to 2.5.1. ([\matrix-org#16663](matrix-org#16663)) * Bump pyo3 (0.19.2→0.20.0), pythonize (0.19.0→0.20.0) and pyo3-log (0.8.1→0.9.0). ([\matrix-org#16673](matrix-org#16673)) * Bump pyopenssl from 23.2.0 to 23.3.0. ([\matrix-org#16662](matrix-org#16662)) * Bump ruff from 0.1.4 to 0.1.6. ([\matrix-org#16690](matrix-org#16690)) * Bump sentry-sdk from 1.32.0 to 1.35.0. ([\matrix-org#16666](matrix-org#16666)) * Bump serde from 1.0.192 to 1.0.193. ([\matrix-org#16693](matrix-org#16693)) * Bump sphinx-autodoc2 from 0.4.2 to 0.5.0. ([\matrix-org#16723](matrix-org#16723)) * Bump types-jsonschema from 4.19.0.4 to 4.20.0.0. ([\matrix-org#16724](matrix-org#16724)) * Bump types-pillow from 10.1.0.0 to 10.1.0.2. ([\matrix-org#16664](matrix-org#16664)) * Bump types-psycopg2 from 2.9.21.15 to 2.9.21.16. ([\matrix-org#16665](matrix-org#16665)) * Bump types-setuptools from 68.2.0.0 to 68.2.0.2. ([\matrix-org#16688](matrix-org#16688))
Rendered
Implementations: