2022-05-04

Release notes

• Upgrade webapp version to 2022-05-04-production.0-v0.29.7-0-a6f2ded (#2302)

2022-04-25

Release notes

• Note for wire.com operators: deploy nginz (#2270)

• Wire cloud operators: Update brig's ES index mapping before deploying. After deploying, run a re-index (#2213, #2220)

• Upgrade webapp version to 2022-04-21-production.0 (#2302)

• Upgrade team-settings version to 4.7.0-v0.29.7-0-74b81b8 (#2180)

Features

• [helm-charts] Allow filtering cassandra nodes by datacenter (#2273)

• MLS implementation progress:

  • commit messages containing add proposals are now processed (#2247)
  • do initial validation and forwarding of all types of messages via POST /mls/messages (#2253)
  • fixed bug where users could not be added to MLS conversations if they had non-MLS clients (#2290)
  • MLS/Proteus mismatches (e.g. sending a proteus message to an MLS conversation) are now handled (#2278)
  • the POST /mls/key-packages/claim endpoint gained a skip_own query parameter, which can be used to avoid claiming a key package for the requesting client itself (#2287)

• The user profiles that are returned by a team admin search now contain the additional fields SAML NameID, IdP Issuer, and SCIM externalId (#2213), and unvalidated email address (#2220)

• • Avoid dropping messages when redis is down. (#2295)

Bug fixes and other updates

• Add missing helm chart mapping for inbound search visibility (#2265)

• Fix bug: User search endpoint hides exact handle results in SearchVisibilityNoNameOutsideTeam setting (#2280)

• backoffice app (aka stern):

  • Suspending a non-existing user now returns 404 and does not create an empty entry in the DB (#2267)
  • Support for deleting teams with more than one member (#2275)
  • Fix update of user email (#2281)

Documentation

• Import wire-docs to docs/ (see also #2258)

Internal changes

• Migrate API routes from wai-route to servant for better Swagger (#2284, #2277, #2266, #2286, #2294, #2244)

• Update nginx to latest stable: v1.20.2 (#2289)

• Allow additional origins at random ports in nginz Helm chart. This is useful for
  testing with an HTTP proxy. It should not be used in production. (#2283)

• makdeb and bonanza: remove stack-based Makefiles (#2311)

• Add skip_reauth param to internal API for creating clients. This is intended to be used in test. (#2260)

• Removes an unused function in Brig and relocates another one (#2305)

• Print more logs while migrating data in Elasticsearch (#2279)

• Replace the base monad in Brig with the Polysemy Sem monad (#2264, #2288)

• Move the Random effect from Spar to the polysemy-wire-zoo library (#2303)

• Move the Now effect from Spar to a library (#2292)

• Improve readability of user search test cases (#2276)

• Chart/gundeck's 'bulkpush' optimization is now activated by default (after using it in production for some time) (#2293)

• Add an alpha version of a Helm chart for coturn. (#2209)

• Document error handling and simplify error logging (#2274)

• Improve speed of reindexing by increasing the batch size of processing users. (#2200)

• Fix federator integration tests (#2298)

• Switch the Haskell driver used in Gundeck to connect to Redis from 'redis-io' to 'hedis', which now supports cluster mode. (#2151)

• Various Galley MLS test improvements and cleanups (#2278)

• Flag for sending a validation email when updating a user's email address via backoffice/stern (#2301)

• Remove stack from all builder docker images (#2312)

• Make internal search-visibility endpoint available to staging environments (#2282)

• Remove TemplateHaskell as a global default extension (#2291)

2022-04-04

Release notes

• Note for wire.com operators: deploy nginz (#2175)

• Deploy galley before brig (#2248)

• Wire cloud operators: Update brig's ES index mapping before deploying. After deploying run a reindex. (#2241)

• Upgrade webapp version to 2022-03-30-production.0-v0.29.2-0-d144552 (#2246)

API changes

• New endpoint to get the status of the guest links feature for a conversation that potentially has been created by someone from another team. (#2231)

Features

• Cross-team user search (#2208)

• restund chart: add dtls support (#2227)

• MLS implementation progress:

  • welcome messages are now being propagated (#2175)

• The bot API will be blocked if the 2nd factor authentication team feature is enabled. Please refer to /docs/reference/config-options.md#2nd-factor-password-challenge. (#2207)

• Translations for 2nd factor authentication email templates (#2235)

• Script for creating a team with owner via the public API (#2218)

Bug fixes and other updates

• Conversation rename endpoints now return 204 instead of 404 when the conversation name is unchanged (#2239)

• Revert temporary sftd bump (#2230)

Internal changes

• Remove the MonadMask instance for AppT in Brig (#2259)

• Remove the MonadUnliftIO instance for the app monad in Brig (#2233)

• Bump hsaml2 version (#2221)

• Fix: cabal-install-artefacts.sh fails if not run from root of wire-server (#2236)

• Fix: pushing to cachix not working (#2257)

• Cannon has been fully migrated to Servant (#2243)

• Refactor conversation record and conversation creation functions. This removes a lot of duplication and makes the types of protocol-specific data in a conversation tighter. (#2234)

  • Move conversation name size check to NewConv
  • Make the NewConversation record (used as input to the data
    function creating a conversation) contain a ConversationMetadata.
  • Implement all "special" conversation creation in terms of a general createConversation
  • Move protocol field from metadata to Conversation
  • Restructure MLS fields in Conversation record
  • Factor out metadata fields from Data.Conversation

• Fix Docs: real-world domain used in examples (#2238)

• The CanThrow combinator can now be used to set the corresponding error effects in polysemy handlers. (#2239)

• Most error effects in Galley are now defined at the granularity of single error values. For example, a handler throwing ConvNotFound will now directly declare ConvNotFound (as a promoted constructor) among its error effects, instead of the generic ConversationError that was used before. Correspondingly, all such fine-grained Galley errors have been moved to wire-api as constructors of a single enumerated type GalleyError, and similarly for Brig, Cannon and Cargohold. (#2239)

• Add a column for MLS clients to the Galley member table (#2245)

• Pin direnv version in nix-hls.sh script (#2232)

• nginx-ingress-services chart: allow for custom challenge solvers (#2222, #2229)

• Remove unused debian Makefile targets (#2237)

• Use local serial consistency for Cassandra lightweight transactions (#2251)

2022-03-30

Release notes

• Upgrade webapp version to 2022-03-30-production.0-v0.29.2-0-d144552 (#2246)

2022-03-18

Release notes

• Deploy Brig before Spar. (#2149)
• If you are in a federated network of backends, you need to update all participating instances at the same time. (#2173)

API changes

• The client JSON object now has an additional field mls_public_keys, containing an object mapping signature schemes to public keys, e.g.

  {
    ...
    "mls_public_keys": { "ed25519": "GY+t1EQu0Zsm0r/zrm6zz9UpjPcAPyT5i8L1iaY3ypM=" }
    ...
  }
  

  At the moment, ed25519 is the only supported signature scheme, corresponding to MLS ciphersuite 1.

  When creating a new client with POST /clients, the field mls_public_keys can be set, and the corresponding public keys are bound to the device identity on the backend, and will be used to verify uploaded key packages with a matching signature scheme.

  When updating a client with PUT /clients/:client, the field mls_public_keys can also be set, with a similar effect. If a given signature scheme already has a public key set for that device, the request will fail. (#2147)

• Introduce an endpoint for creating an MLS conversation (#2150)

• The /billing and /teams/.*/billing endpoints are now available on a versioned path (e.g. /v1/billing)

  (#2167)

Features

• MLS implementation progress:

  • key package refs are now mapped after being claimed (#2192)

• 2nd factor authentication via 6 digit code, sent by email:

  • for login, sent by email. The feature is disabled per default and can be enabled server or team wide. (#2142)
  • for "create SCIM token". The feature is disabled per default and can be enabled server or team wide. (#2149)
  • for "add new client" via 6 digit code, sent by email. This only happens inside the login flow (in particular, when logging in from a new device). The code obtained for logging in is used a second time for adding the device. (#2186)
  • 2nd factor authentication for "delete team" via 6 digit code, sent by email. (#2193)
  • The SndFactorPasswordChallenge team feature is locked by default. (#2205)
  • Details: /docs/reference/config-options.md#2nd-factor-password-challenge

Bug fixes and other updates

• Fix data consistency issue in import of users from TM invitation to SCIM-managed (#2201)

• Use the same context string as openmls for key package ref calculation (#2216)

• Ensure that only conversation admins can create invite links. (Until now we have relied on clients to enforce this.) (#2211)

Internal changes

• account-pages Helm chart: Add a "digest" image option (#2194)

• Add more test mappings (#2185)

• Internal endpoint for re-authentication (GET "/i/users/:uid/reauthenticate") in brig has changed in a backwards compatible way. Spar depends on this change for creating a SCIM token with 2nd password challenge. (#2149)

• Asset keys are now internally validated. (#2162)

• Spar debugging; better internal combinators (#2214)

• Remove the MonadClient instance of the Brig monad

  • Lots of functions were generalized to run in a monad constrained by
    MonadClient instead of running directly in Brig's AppIO r monad. (#2187)

Federation changes

• Refactor conversation actions to an existential type consisting of a singleton tag (identifying the action) and a dedicated type for the action itself. Previously, actions were represented by a big sum type. The new approach enables us to describe the needed effects of an action much more precisely. The existential type is initialized by the Servant endpoints in a way to mimic the previous behavior. However, the messages between services changed. Thus, all federated backends need to run the same (new) version. The deployment order itself does not matter. (#2173)

2022-03-09

[2022-03-09]

Release notes

• Upgrade team-settings version to 4.6.2-v0.29.7-0-4f43ee4 (#2180)

2022-03-07

Release notes

• For wire.com operators: make sure that nginz is deployed (#2166)

API changes

• Add qualified broadcast endpoint (#2166)

Bug fixes and other updates

• Always create spar credentials during SCIM provisioning when applicable (#2174)

Internal changes

• Add tests for additional information returned by GET /api-version (#2159)

• Clean up Base64ByteString implementation (#2170)

• The Event record type does not contain a type field anymore (#2160)

• Add MLS message types and corresponding deserialisers (#2145)

• Servantify POST /register and POST /i/users endpoints (#2121)

2022-03-01

Release notes

• Upgrade webapp version to 2022-02-22-production.0-v0.29.2-0-abb34f5 (#2148)

API changes

• The api-version endpoint now returns additional information about the backend:

  • whether federation is supported (field federation);
  • the federation domain (field domain).

  Note that the federation domain is always set, even if federation is disabled. (#2146)

• Add MLS key package API (#2102)

Internal changes

• Bump aeson to v2.0.3.0 and update amazonka fork from upstream repository. (#2153, #2157, #2163)

• Add schema-profunctor instances for QueuedNotification and QueuedNotificationList (#2161)

• Dockerfile.builder: Add cabal update (#2168)

Federation changes

• Make restrictions on federated user search configurable by domain: NoSearch, ExactHandleSearch and FullSearch.
  Details about the configuration are described in config-options.md.
  There are sane defaults (deny to find any users as long as there is no other configuration for the domain), so no measures have to be taken by on-premise customers (unless the default is not the desired behavior). (#2087)

2022-02-21

Release notes

• Upgrade team-settings version to 4.6.1-v0.29.3-0-28cbbd7 (#2106)
• Upgrade webapp version to 2022-02-08-production.0-v0.29.2-0-4d437bb (#2107)
• Change the default set of TLS ciphers (both for the client and the federation APIs) to be compliant to the recommendations of TR-02102-2. (#2112)
• For wire.com operators: make sure that nginz is deployed. (#2116, #2124)
• Optional team feature config validateSAMLEmails added to galley.yaml.
  The feature was disabled by default before this release and is now enabled by default. The server wide default can be changed in galley.yaml. Please refer to /docs/reference/config-options.md#validate-saml-emails (#2117)

API changes

• Added minimal API version support: a list of supported API versions can be found at the endpoint GET /api-version. Versions can be selected by adding a prefix of the form /vN to every route, where N is the desired version number (so for example /v1/conversations to access version 1 of the /conversations endpoint). (#2116)
• Delete GET /self/name endpoint (#2101)
• New endpoint (POST /verification-code/send) for generating and sending a verification code for 2nd factor authentication actions. (#2124)

Features

• Add freetext search results to "search-users" federation endpoint (#2085)

Bug fixes and other updates

• Ensure empty responses show up without a schema in swagger. They were shown as empty arrays before. (#2104)
• Require the guest links feature is enabled when someone joins by code. (#2084)
• Escape disallowed characters at the beginning of CSV cells to prevent CSV injection vulnerability. (#2096)
• The field icon in the body of the PUT /team/:tid endpoint is now typed to prevent potential injection attacks. (#2103)

Internal changes

• Enforce conversation access roles more tightly on the backend (was previously only enforce on client): if a guests or non-team-members are not allowed, block guest link creation (new behavior) as well as ephemeral users joining (old behavior). (#2076)
• Remove uses of servant-generics from brig (#2100, #2086)
• Migrate more API end-points to servant. (#2016, #2081, #2091)
• Introduce the row type variable in Brig monads (#2140)
• Build ubuntu20 docker images with cabal instead of stack (#2119, #2060)
• Drop managed conversations (#2125)
• To investigate issues related to push notifications, adjust Gundeck Debug leveled logs to not print the message itself. So, that it can safely be turned on in production environments. Add a log entry when a bulk notification is pushed to Cannon. (#2053)
• Add integration tests for scim/saml user creation (#2123)
• Wrap stack with NIX_BUILD_SHELL set to LD_LIBRARY_PATH compatible shell (#2105)
• Removed redundant setDefaultTemplateLocale config from the brig helm template. (#2099)
• [not done yet, please do not enable] Optional team feature config sndFactorPasswordChallenge added to galley.yaml.
  The feature is disabled by default. The server wide default can be changed in galley.yaml. Please refer to /docs/reference/config-options.md#2nd-factor-password-challenge (#2138)
• Prometheus: Ignore RawResponses (e.g. cannon's await responses) from metrics (#2108)
• Refactor internal handlers for Proteus conversation creation (#2125)
• Specify (in a test) how a message to a deleted legalhold device is refused to be sent. (#2131)

Federation changes

• Add setSftListAllServers config flag to brig (#2139)
• Revert restund to 0.4.17. (#2114)

2022-02-02

Release notes

• Upgrade webapp version to 2022-01-27-production.0-v0.28.29-0-42c9a1e (#2078)

Features

• Allow brig's additionalWriteIndex to be on a different ElasticSearch cluster.
  This allows migrating to a new ElasticSearch cluster. (#2063)

• The file sharing team feature now has a server wide configurable lock status. For more information please refer to /docs/reference/config-options.md#file-sharing. (#2059)

Internal changes

• Remove non-existing functions from module export lists (#2095)

• Rename Spar.Sem.IdP to Spar.Sem.IdPConfigStore (#2067)

• Endpoints based on MultiVerb can now be made to return content types not listed in the Accept header (#2074)

• The lock status of the file sharing team feature can be updated via the internal API (PUT /i/teams/:tid/features/fileSharing/(un)?locked). (#2059)

• Servantify Galley Teams API (GET /teams/:tid and DELETE /teams/:tid). (#2092)

• Add explicit export lists to all Spar.Sem modules (#2070)

• Separate some Spar.Sem utility functions into their own module (#2069)