v2.0.2

[v2.0.2] 2025-01-24

⚠️ If you are upgrading from Mjolnir or a previous version of Draupnir, please not that the config option protectAllJoinedRooms is not working. See #706.

Added

• The unban command now has an --invite option to re-invite any users that are unbanned by the command. By @nexy7574 in #666.

Fixed

• Draupnir will now refresh the room state cache in the background after startup when the backing store is in use. Fixed by @Gnuxie.

• Fixed issues where the bot wouldn't respond to pings from some SchildiChat, Element Web, and Element X. Reported by @Cknight70 in #686. Fixed by @Gnuxie in #699

• Fixed an issue where Draupnir would ignore the Retry-After http header and so not rate limit Draupnir properly. Reported and fixed by @nexy7574 in #694.

• Draupnir will respond when the allowNoPrefix config option is used. Reported by @JacksonChen666 in #678. Fixed by @Gnuxie in #699.

• Draupnir will now ignore newlines in secret files, previously Draupnir was appending the newline to the secrets. Reported and fixed by @TheArcaneBrony in #696.

v2.0.1

[v2.0.1] 2025-01-18

⚠️ If you are upgrading from Mjolnir or a previous version of Draupnir, please not that the option protectAllJoinedRooms is not working. See #706.

Fixed

• Fixed an issue where the !draupnir unban and the unban prompt actually banned users again at the room level instead of unbanning them. Matching policy rules were still removed. This bug was introduced in v2.0.0-beta.5, and made more visible by v2.0.0-beta.10 when unban's --true option became the default behavior. Before then the default behavior of the unban command was to remove policies only. Thanks to @nexy7574 for helping to debug the issue.

• Fixed an issue where default protections would be renabled on restart if disabled, thanks to @ll-SKY-ll and @mahdi1234 for helping with debugging this.

v2.0.0

⚠️ If you are upgrading from Mjolnir or a previous version of Draupnir, please not that the option protectAllJoinedRooms is not working. See #706.

Upgrade Steps

There are no manual upgrade steps, the new protections are automatically
enabled. The only thing you should note is that Draupnir now enables the new
roomStateBackingStore by default. This improves the startup time of Draupnir
considerably but if you need to disable it, see the config documentation
here.

There are also no upgrade steps to upgrading to v2.0.0 from Mjolnir.

Please see the
documentation
if you are installing Draupnir for the first time.

What's changed

TL;DR everything is so much better.

• Draupnir is now much less dependant on commands and will automatically send
  prompts to the management room. Prompts are sent for inviting Draupnir to
  protect rooms, watch policy lists, banning users, and unbanning users.

• Draupnir is much more responsive. Draupnir now does not need to request any
  data from the homeserver before applying new bans or to ban new users.

• Draupnir now uses a persistent revision system for room state, members,
  policies, and policy matches. By using revisions, Draupnir only has to process
  room state once in terms of simple deltas as room state is updated.

• Draupnir offers a
  room state backing store,
  allowing Draupnir to startup quickly, even when deployed at distance from the
  homeserver.

• Protection messages have been revised to present information more efficiently
  in the management room.

• A safe mode has been introduced that can be used to recover Draupnir in
  situations where watched lists or protected rooms become unjoinable.

• All commands now use the new command-oriented
  interface-manager.

• Protection settings have been reworked. The !draupnir protections show
  command now shows all configurable settings for a given protection and
  describes how they can be modified.

In addition to hundreds of other significant fixes, UX improvements, and other
changes that would be too detailed to list in this changelog. For a full list of
changes, please review the
CHANGELOG.

Special thanks to all contributors who helped in the beta programme: @avdb13,
@bluesomewhere, @daedric7, @deepbluev7, @FSG-Cat, @HarHarLinks,
@guillaumechauvat, @jimmackenzie, @jjj333-p, @JokerGermany, @julianfoad,
@Kladki, @ll-SKY-ll, @mahdi1234, @Mikaela, @morguildir, @MTRNord, @nexy7574,
@Philantrop, @ShadowJonathan, @tcpipuk, @TheArcaneBrony

v2.0.0-beta.11

Changed

• Enable the room state backing store by default. This is configured with the
  roomStateBackingStore setting in config. by @FSG-Cat.

Fixed

• Fix the report poller so that it no longer repeatedly sends the same reports.

• WordListProtection: No longer send the banned word in the banned reason, by
  @nexy7574 in #665.

• Fixed the reporter field in the abuse report UX displaying as the sender when
  the report came from the report poller. Reported by @HarHarLinks in
  #408.

• Show invalid settings with red crosses in !draupnir protections show.

Added

• The number of unique matrix users in the protected rooms set is now shown in
  the status command as "protected users" .

• !draupnir protections config reset command to restore the default protection
  settings for a protection.

Removed

• Several unused config options have been removed from the template.
  fasterMembershipChecks no longer does anything or is needed.
  confirmWildcardBan is not used. protectedRooms config option is not used
  anymore because it has confusing semantics. by @FSG-Cat.

v2.0.0-beta.10

This will be the final beta release before v2.0.0.

Changed

• Make the unban command's --true option the default behaviour. Removing a policy will automatically matching unban users from protected rooms. Changed by @nexy7574 and reported in #648

Fixed

• Stop the kick command from removing members who had left or were banned, Fixed and reported by @nexy7574 in #649.

• Stop room's being added as server policies. Fixed by @nexy7574 reported by @FSG-Cat in #458.

• Stop Draupnir's WordList and BasicFlooding protections from reacting to itself in the management room. Fixed by @nexy7574 reported by @TheArcaneBrony in #579.

• Stop duplicate notice's that Draupnir is updating room ACL in #450.

• Fixed serverACL's were not immediately updated after unwatching or watching a new policy list. #451.

• Fixed an issue where remote aliases couldn't be resolved unless the homeserver was already present in the room. Reported by @TheArcaneBrony in #460.

• Fixed an issue where it was not possible to unwatch a policy room. Reported by @JokerGermany in #431, and @nexy7574 in #647.

• Fixed an issue where if Draupnir was protecting a very large number of users then CPU could be starved for as long as a minute while matching users against policies. Reported by @TheArcaneBrony in #498.

• Handle invalid forwarded reports properly. Reported by @Philantrop in #643.

[v2.0.0-beta.9] 2024-12-14

[v2.0.0-beta.9] 2024-12-14

Fixed

• The !draupnir protections config <protection> <set/add/remove> <value>
  commands are now working again. A tutorial has been written explaining how to
  use these commands
  https://the-draupnir-project.github.io/draupnir-documentation/protections/configuring-protections.
  Reviewed by @FSG-Cat.

• The BanPropagationProtection now shows a prompt for all unbans, even when
  there is no matching rule. This is to make it easier to unban a user from all
  the rooms draupnir is protecting, and not just when removing policy rules.
  Reported by @mahdi1234 in
  #622.

• The JoinWaveShortCircuitProtection has been improved:

  • The JoinWaveShortCircuitProtection now uses a leaky bucket token
    algorithm, prior to this the entire bucket got dumped after a preconfigured
    time.
  • The status command for the protection has returned and will show how full
    each bucket is.

• A bug where providing a bad or missing argument could render the help hint
  poorly or crash draupnir has been fixed.
  #642.

Added

• A new !draupnir protections show <protection> command that can display all
  of the settings and capability providers for a protection.

• A new command
  !draupnir protections capability <capability name> <provider name> to
  configure a protection's active capabilitity providers. This is experimental
  and is intended to be used in conjunction with the
  !draupnir protections show <protection> command. It's not clear whether we
  will demonstrate protection capabilities before or after the upcoming 2.0.0
  release.

Special thanks

Special thanks to @TheArcaneBrony, @ll-SKY-ll, @MTRNord, and @daedric7 for
providing support to myself and others in
#draupnir:matrix.org.

v2.0.0-beta.8

[v2.0.0-beta.8] - 2024-10-22

Changed

• Breaking: The Node version required to run Draupnir has been updated from Node 18 to Node 20. If you are using Debian, please follow our documentation for using Debian and node source here, kindly contributed by @ll-SKY-ll. This is due to of the release policy of one of our major dependencies, matrix-appservice-bridge, by @MTRNord in #609. We did this as part of larger work to attempt to fix issues with Element's "invisible crypto" documented in #608.

• The Dockerfile now uses a multi-stage build, so docker build will just work again. Thanks to @ShadowJonathan for reporting. We also optimized the image size just slightly. Long term we've been blocked on for years on matrix-org/matrix-rust-sdk-crypto-nodejs#19 which would allow us to use the alpine image and take the size down to under 200MB again. So if anyone can help out there it'll make a massive difference and be greatly appreciated.

• Dockerfile: entry-point was renamed from mjolnir-entrypoint.sh to draupnir-entrypoint.sh. If you have built a Dockerfile based on ours, you may need to make some changes.

• Dockerfile: source code was moved from /mjolnir to /draupnir. If you have built a custom docker image based on our Dockerfile based on ours, you may need to make some changes.

• The appservice registration file generator no longer emitsmjolnir-registration.yaml as it has been renamed to draupnir-registration.yaml. This is only a concern if you have automated tooling that generates a registration file.

• The safe mode recovery command now prompts for confirmation.

• Some references to Mjolnir have been changed to Draupnir thanks to @FSG-Cat in #591.

Development

• Enable proseWrap in prettier, by @Mikaela in #605. We thought that this was enabled already but turns out we missed it.

• The no-confirm keyword argument now has special meaning, see the safe mode recover command and renderer description for an example.

Added

• Safe mode now shows a preview of the persistent configs, including the property or item that is causing Draupnir to fail to start. Special thanks for the feedback from @jimmackenzie and @TheArcaneBrony. Thanks to @julianfoad for documenting the use case for safe mode.

• Draupnir now logs at startup the path used to load its configuration file, and which options are used for loading secrets. We also show any non-default configuration values if Draupnir crashes. This is to to try make it very clear to system administrators which configuration options are being used by Draupnir and help them diagnose startup issues.

Deprecated

• Starting Draupnir without the --draupnir-config option will cause a deprecation warning.

Removed

• The spurious warnings about not being able to find a config file when the --draupnir-config option was used have been been removed.

• The documentation for the WordListProtection in the configuration file claimed that regexes where supported when this wasn't the case. Removed by @FSG-Cat in #600. We will rewrite this protection entirely at a later date.

Fixed

• Fixed a bug where sometimes the help command wouldn't show if --keyword or options were used in an unrecognized command.

Screenshots

v2.0.0-beta.7

Added

• Draupnir will now enter "safe mode" by default when Draupnir fails to start up and the failure mode is recoverable.
  What this means is that you will get a prompt in the safe mode status message that gives you simple options for recovery.
  A screenshot is provided at the end to show what this currently looks like. Feedback is welcome.
  • Currently we can recover when one of the protected rooms or watched lists becomes un-joinable, or the account data
    becomes corrupted.
  • If you have a monitoring or a pager system you may wish to review the configuration here. As it is possible to disable this feature.
• Add a welcome flow to appservice mode by @MTRNord in #568

Changed

• Skip calling /join for rooms we already know we are joined to, thanks to @TheArcaneBrony for reporting.
• Start draupnir bots in batches when running in appservice mode by @MTRNord in #569

Fixed

• !draupnir protections command has now been added back, thanks to @ll-SKY-ll for reporting.
  • This sort of bug shouldn't happen again as we added some code to detect when commands get forgotten.
• Typos and broken links in the readme thanks to @ll-SKY-ll for reporting.
• Harden MentionLimitProtection after Mjolnir's introduction of the protection by @Gnuxie in #574
• Update the README with the status of the project. by @Gnuxie in #575

Screenshot

Full Changelog: v2.0.0-beta.6...v2.0.0-beta.7

v2.0.0-beta.6

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

• Draupnir now depends on a new library @the-draupnir-project/interface-manager for command parsing and rendering.
• The kick command is fully functional again.
• All other commands that were modified as a part of v2.0.0-beta.* should be a lot less buggy, please keep reporting bugs. We are in a much better position to be able to fix and unit test commands now.
  • The ban, unban, kick, watch and unwatch all have unit tests now in addition to existing integration tests.
• The ban command will prompt for the ban reason again, reported by @FSG-Cat in #441.

Development changes

• Replace dependabot with renovate by @Mikaela in #526
• Enable strictPropertyInitialization in tsconfig.json. by @Gnuxie in #541
• Update dependency express to v4.20.0 [SECURITY] by @renovatebot in #546
• Update dependency body-parser to v1.20.3 [SECURITY] by @renovatebot in #543
• Use @gnuxie/typescript-result's expect where applicable instead of throwing garbage. by @Gnuxie in #552

Full Changelog: v2.0.0-beta.5...v2.0.0-beta.6

v2.0.0-beta.5

Please see the notes for v2.0.0-beta.0 for a full list of changes.

What's Changed

• Added a new experimental NewJoinerProtection, find the documentation here.
• Added a new experimental MentionLimitProtection, find the documentation here.
• Fix a bug in experimentalRustCrypto where sometimes Draupnir would crash sending an encrypted message before the bot had fully started. by @MTRNord in #512
• Fix a bug where you couldn't create policy lists while signed in as the same user as the bot by @morguldir in #471.
• Fix a bug where any protection using the StandardEventConsequences capability, such as the BasicFloodingProtection, would crash when being enabled. by @Gnuxie in #517
• Add SBOM and Attestation to the Docker release process by @MTRNord in #477

Development changes

• Add eslint to pre-commit by @Mikaela in #87
• TypeCheck JSX expressions, children, and attributes ^-^ by @Gnuxie in #454
• [Yarn Classic] Enable corepack & fix pre-commit run --all-files by @Mikaela in #472
• Migrate to eslint-9 flat config, typescript 5, typescript-eslint strictTypeChecked by @Gnuxie in #476
• Add prettier by @Gnuxie in #484
• Update all headers to be reuse.software compliant by @Gnuxie in #486
• Move to @the-draupnir-project/basic-matrix-types. by @Gnuxie in #508

New Contributors

• @morguldir made their first contribution in #471

Full Changelog: v2.0.0-beta.4...v2.0.0-beta.5