* GHCR Separate Workflows
* GHCR Standalone Publishing Refinements
* Docker Hub Publishing Refinements
* Add Development Build Artefact Generation and Publishing
This only runs against non Excluded branches as to be practical.
* Fix GHCR Deployment due to Uppercase Names and Main Branch Exclusion
* Fix Github ignoring Branch filters for Develop Workflow
* Harmonise Development Artifact Workflows
* Improve Docker Hub Development Artefact Metadata
The keys on the capability provider set are arbritrary property names
set by the protection, not the interface names as there can be
multiple capabilities that share the same interface.
* fix spurious error log line regarding room takedowns when the room has already been taken down.
This is normal, and while generally the bot shouldn't attempt to take down the same rooms which succeeded in the past, there's no way of knowing that the room hasn't
been unblocked by the synapse admin API while draupnir was offline.
Because there's no endpoint to get only the blocked rooms, we have to attempt to block them all again, but what we can do is lower that from critical severity to debug, since it's not actually a fatal error at all.
* prettier
---------
Co-authored-by: esoteric_programmer <nomail@no.email>
https://github.com/the-draupnir-project/planning/issues/80
Lifetimes make it impossible to forget to link up various
destructor/finalizer methods, and makes it impossible to forget to run
them. It's a good structural solution to the problem we keep having.
We haven't updated protections to use them properly yet, ie allocate
things against the lifetime, but for now the protections themeselves
are allocated against the lifetime.
Part of https://github.com/the-draupnir-project/planning/issues/48
* Wire up prompt listener to prompt meow!
* Show differences in powered users and creators between rooms.
Upgraded policy rooms.
* Scan for replaced policy rooms on protection enable.
* Report errors with replacement process to management room.
* Comment clarity.
* Update MPS and MPS-for-interface-adaptor to support PR.
* Note about why we want to prompt on upgrade.
This just batches the redactions going on within a single room to the
same `/messages` request. And blocks the next request for that room
from happening until the current request has completed.
This is necessary because `/messages` pagination is really heavy on
homeservers as it can force them to backfill.
There is also some really strange bug in Synapse that is triggered by
Draupnir's behaviour
https://github.com/element-hq/synapse/issues/18829.
It turns out that we got confused and thought we'd fixed policy room creation when we fixed management room creation.
Even though the PR description never claimed that. In any case it looks like we were not in a very present state of mind while making the change and managed to somehow rely on string comparison for room versions...
Follow up from: https://github.com/the-draupnir-project/Draupnir/pull/924
* Fix subtle bug with management room creation.
I don't really understand why I did this in the first place it was
stupid. I think morbid curiosity won.
* Update MPS4bot-sdk for V12 policy room creation.
It turns out last time we fixed management room creation but not
policy room creation... and we didn't even do that properly.
Wait for the new takedown policy to come down `/sync` before testing
the protection can block the takendown user.
There doesn't seem to be a way conceptually to avoid this. I would not
be comfortable with injecting a fake event into the model and we'd
probably have a nightmare creating that concept.
See https://github.com/the-draupnir-project/Draupnir/pull/930#issuecomment-3179386744.
Discovery was happening asynchronously in the takedown command as a
background task that was triggered by the command. When a room is
used in the takedown command, we do inform Draupnir's room discovery,
but it happens as a background task. Maybe it should not be a
background task though, not to fail the command when the informing
fails, but to make sure the command is blocked on all side effects
happening and then we don't have to write timeouts in tests,
which are probably still flakey.
We have identified that the `RoomDiscovery` component of the `RoomTakedownProtection` and `BlockServersOnInviteProtection` doesn't cleanup properly once disabled. Because a deferred background task used to batch discovered rooms together wasn't being cancelled. We believe this is the cause for the issues described in #927 . Although it remains unclear why this violates the integrity of the hash store in subsequent test runs...
* Update to MPS 3.10.0 for cancellable batches.
* Cancel room discovery batch when protections are disabled.
Possible fix for https://github.com/the-draupnir-project/Draupnir/issues/927.
- Updated to matrix-basic-types 1.4.0 which changes
the regex validating room ids.
- Changed the package override so that all dependencies
use matrix-basic-types 1.4.0, including the matrix-protection-suite.
- Removed code that tries to store details about discovered rooms in
the room takdedown protection. These were unreliable for so many
reasons and also are now broken given the room origin cannot be
extracted from the room id. Details for why this is can be found in
the reviews of
matrix-org/matrix-spec-proposals#4291.
Catalan Lover