Sygnal 0.10.0 (2021-08-09)

Database Removal

Sygnal is now stateless, and does not rely on a database of any kind.
You may remove your existing SQLite or PostgreSQL databases once you are satisfied that this release is working as intended.
Configuration changes are not necessary, as the database section will be ignored if present.

• Remove legacy database to ease horizontal scaling. Contributed by H. Shay. (#236)

Improved Documentation

• Update CONTRIBUTING.md to recommend installing libpq-dev. Contributed by Tawanda Moyo. (#197)

Internal Changes

• Improve static type checking. Contributed by Omar Mohamed. (#221, #223, #225, #227)
• Update towncrier CI check to run against the new default branch name. (#226)
• Update black to 21.6b0. (#233)
• Fix type hint errors from new upstream Twisted release. (#239)
• Fixup GitHub Actions pipeline to always run tests on PRs. (#240)
• Add CI testing for old dependencies. (#242)

Sygnal 0.9.3 (2021-04-22)

Features

• Prevent the push key from being rejected for temporary errors and oversized payloads, add TTL logging, and support events_only push data flag. (#212)
• WebPush: add support for Urgency and Topic header (#213)

Bugfixes

• Fix a long-standing bug where invalid JSON would be accepted over the HTTP interfaces. (#216)
• Limit the size of requests received from HTTP clients. (#220)

Updates to the Docker image

• Remove manually added GeoTrust Root CA certificate from docker image as Apple is no longer using it. (#208)

Improved Documentation

• Make CONTIBUTING.md more explicit about how to get tests passing. (#188)
• Update CONTRIBUTING.md to specify how to run code style and type checks with Tox, and add formatting to code block samples. (#193)
• Document how to work around pip installation timeout errors. Contributed by Omar Mohamed. (#215)

Internal Changes

• Update Tox to run in the installed version of Python (instead of specifying Python 3.7) and to consider specific paths and folders while running checks, instead of the whole repository (potentially including unwanted files and folders, e.g. the virtual environment). (#193)
• Make development dependencies available as extras. Contributed by Hillery Shay. (#194)
• Update setup.py to specify that a minimum version of Python greater or equal to 3.7 is required. Contributed by Tawanda Moyo. (#207)
• Port CI checks to Github Actions. (#210, #219)
• Upgrade development dependencies. Contributed by Omar Mohamed (#214)
• Set up coverage.py to run in tox environment, and add html reports (#217)

v0.9.2

Sygnal v0.9.2 (2021-03-29)

Features

• Add allowed_endpoints option as an understood config option for WebPush pushkins. (#184)
• Add ttl option as an understood config option for WebPush pushkins to make delivery more reliable (#185)

v0.9.1

Sygnal 0.9.1 (2021-03-23)

Features

• Add allowed_endpoints configuration option for limiting the endpoints that WebPush pushkins will contact. (#182)

Bugfixes

• Fix bug where the requests from different WebPush devices could bleed into each other. (#180)
• Fix bug when using a HTTP proxy where connections would sometimes fail to establish. (#181)

v0.9.0

Sygnal 0.9.0 (2021-03-19)

Features

• Add experimental support for WebPush pushkins. (#177)

Bugfixes

• Fix erroneous warning log line when setting the max_connections option in a GCM app config. (#157)
• Fix bug where the sygnal_inflight_request_limit_drop metric would not appear in prometheus until requests were actually dropped. (#172)
• Fix bug where Sygnal would not recover after losing connection to the database. (#179)

Improved Documentation

• Add preliminary documentation (Troubleshooting and Application Developers' Notes). (#150, #154, #158)
• Add a note to the releasing doc asking people to inform EMS and customers during the release process. (#155)

Internal Changes

• Remove a source of noisy (but otherwise harmless) exceptions in tests. (#149)
• Add tests for HTTP Proxy support. (#151, #152)
• Remove extraneous log line. (#174)
• Fix type hints due to Twisted upgrade. (#178)

Sygnal v0.8.2

Features

• Add the ability to configure custom FCM options, which is necessary for using iOS with Firebase. (#145)
• Add a Prometheus metric (sygnal_inflight_request_limit_drop) that shows the number of notifications dropped due to exceeding the in-flight concurrent request limit. (#146)

Sygnal v0.8.1

Updates to the Docker image

• Include GeoTrust Global CA's certificate in the Docker image as it is needed for APNs (and was removed by Debian). (#141)

Sygnal v0.7.2

Updates to the Docker image

• Include GeoTrust Global CA's certificate in the Docker image as it is needed for APNs (and was removed by Debian). (#141)

Sygnal v0.8.0

Features

• Add support for HTTP CONNECT proxies on outbound FCM and APNs traffic, with optional support for HTTP Proxy Basic Authentication. (#130)
• Add support for per-pushkin in-flight request limiting. (#132)

Internal Changes

• Fixed MyPy errors so it can be enabled in CI and gradually be increased in coverage. (#131)
• Attempt the same number of retries for both GCM and APNS. (#133)
• Use tox for tests and linting. (#134)
• Include libpq5 in the docker image. (#135)

Sygnal v0.7.1

Security advisory

This version of Sygnal updates the minimum version of the aioapns dependency
to version 1.10 which addresses a TLS hostname validation bug in aioapns.

Sygnal was vulnerable to a man-in-the-middle attack on APNs data if someone
could spoof your DNS or otherwise redirect your APNs traffic.

This issue affects any Sygnal deployments that make use of APNs certificate
authentication (i.e. those with certfile: something.pem in the configuration).

Administrators are encouraged to upgrade.

Bugfixes

• Update minimum version of aioapns dependency to 1.10, which has security fixes. (#139)