Changelog
This is version v1.11 of the Matrix specification.
v1.11
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.11 |
---|---|
Release date | June 20, 2024 |
Client-Server API
Deprecations
- Authentication using a query string is now deprecated, as per MSC4126. The
Authorization
header should be used instead. (#1808) - Use of the
/_matrix/media/*
endpoints is now deprecated. New, authenticated, endpoints are available instead. (#1858)
New Endpoints
GET /_matrix/client/v1/media/config
(#1858)GET /_matrix/client/v1/media/download/{serverName}/{mediaId}
(#1858)GET /_matrix/client/v1/media/download/{serverName}/{mediaId}/{fileName}
(#1858)GET /_matrix/client/v1/media/preview_url
(#1858)GET /_matrix/client/v1/media/thumbnail/{serverName}/{mediaId}
(#1858)
Backwards Compatible Changes
- Add support for muting in VoIP calls, as per MSC3291. (#1755)
- Add optional
animated
query string option toGET /thumbnail
, as per MSC2705. (#1757) - Specify terms of services at registration, as per MSC1692. (#1812)
- Add support for mathematical messages, as per MSC2191. (#1816)
- Do not require UIA when first uploading cross-signing keys, as per MSC3967. (#1828)
- Add the new
unsigned.membership
property to events, as per MSC4115. (#1847) - Media downloads and thumbnails are now authenticated, as per MSC3916. (#1858)
- Some media endpoints are now consistently under
/_matrix/client/{version}/media/*
instead of/_matrix/media/*
, as per MSC3916. (#1858)
Spec Clarifications
- Add
/logout
and clarify the endpoints which do not take a JSON request body. (#1644) - Clarify that the
type
of thePOST /login
request must be one of the types returned by theGET /login
response. (#1776) - Link to existing grammar where possible in types. (#1813)
- Rename “recovery key” to “backup decryption key”. (#1819)
- Clarify that the device’s Ed25519 signing key should be used in QR code verification (as opposed to the device’s Curve25519 identity key). (#1829)
- Fix various typos throughout the specification. (#1832, #1841, #1852, #1853)
- Specify the encoding to be used when generating QR codes for device verification. (#1839)
- Clarify that an access token is optional on the
POST /account/password
andPOST /account/deactivate
endpoints. (#1843) - Use RFC 2119 keywords more consistently. (#1846, #1861)
- Move size limits for user, room and event IDs into the appendix and clarify that the length is to be measured in bytes. (#1850)
- Clarify that relations recursion should be capped at a certain depth. (#1854)
- Add missing secrets, third-party invites and room tagging modules to feature profiles table. (#1860)
- Clarify when server name is used and link to the definition. (#1862)
- Clarify where keys reside when checking an
m.room.encrypted
event. (#1863) - Clarify that
/media/v3/upload/{serverName}/{mediaId}
requires authentication. (#1872)
Server-Server API
Deprecations
- Use of the Client-Server API
/_matrix/media/*
endpoints is now deprecated. New, authenticated, endpoints are available instead. (#1858)
New Endpoints
GET /_matrix/federation/v1/media/download/{mediaId}
(#1858)GET /_matrix/federation/v1/media/thumbnail/{mediaId}
(#1858)
Backwards Compatible Changes
Spec Clarifications
- Link to existing grammar where possible in types. (#1813)
- Clarify that whitespace around commas is allowed in the
X-Matrix
Authorization
header value params list. (#1818) - Clarify that the
event
field of the/v2/send_join
response is only required when the event is signed by the resident server. (#1834, #1840) - Replace references to RFC 7235 and RFC 7230 that are obsoleted by RFC 9110. (#1844)
- Fix various typos throughout the specification. (#1877)
Application Service API
Spec Clarifications
- Clarify that appservices should be notified of events relating to the
sender_localpart
user. (#1810)
Identity Service API
Deprecations
- Authentication using a query string is now deprecated, as per MSC4126. The
Authorization
header should be used instead. (#1808)
Push Gateway API
No significant changes.
Room Versions
Spec Clarifications
- Clarify that redaction events are still subject to all applicable auth rules. (#1824)
- Fix various typos throughout the specification. (#1827, #1848)
- Fix the rendering of the event format for room versions 1 and 2. (#1883)
- Generate the Table of Contents with Hugo rather than JavaScript. (#1884)
Appendices
Deprecations
Spec Clarifications
- Define ‘Opaque Identifier Grammar’. (#1791)
- Define common cryptographic key representation. (#1819)
- Move size limits for user, room and event IDs into the appendix and clarify that the length is to be measured in bytes. (#1850)
Internal Changes/Tooling
Spec Clarifications
- Update the spec release process and related documentation. (#1759)
- Fix npm release script for
@matrix-org/spec
. (#1765) - Formatting fixes in
CONTRIBUTING.rst
. (#1769) - Improve rendering on mobile devices. (#1770, #1771)
- Fix the OpenAPI definition of the security schemes. (#1772)
- Simplify uses of
resolve-refs
partial. (#1773) - Fix Hugo warnings. (#1775, #1788)
- Fix
github-labels.rst
. (#1781) - Update dependencies. (#1786, #1803, #1804)
- Solve
allOf
recursively in OpenAPI and JSON Schemas. (#1787) - Fix property type resolution in
render-object-table
partial. (#1789) - Factor out common definition of
Tag
type. (#1793) - Update the version of Hugo used to render the spec to v0.124.1. (#1794)
- Add support for pattern formats for
patternProperties
. (#1796) - Clean up unnecessary
allOf
s in OpenAPI definitions. (#1797) - Show information about “Additional Properties” in object tables. (#1798)
- Fix anchors for schemas under
oneOf
. (#1799) - Use reference to
OneTimeKeys
schema in OpenAPI definitions. (#1800) - Do not use the
title
of objects containing onlyadditionalProperties
orpatternProperties
. (#1801) - Add anchors in
definition
shortcode. (#1802) - Set python version for the Towncrier CI job. (#1805)
- Replace
set-output
with environment files in CI. (#1806) - Render response headers. (#1809)
- Use
patternProperties
in more places with supported formats. (#1813) - Add support for rendering string formats. (#1814)
- Refactor the OpenAPI definitions of the content repository endpoints. (#1822)
- Clean up pull request template. (#1831)
- Do not add empty arrays to examples. (#1849)
- Generate the Table of Contents with Hugo rather than JavaScript. (#1851, #1885)
- Fix syntax errors in the spec release issue template. (#1856)
- Use environment variables for Netlify build job. (#1865)
- Render added/changed in info on request and response content types. (#1876)
- Fix validation errors in generated HTML. (#1880)
- Ensure most generated HTML IDs are unique. (#1881)
- Allow to specify a prefix for generated HTML IDs of API endpoints. (#1882)
v1.10
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.10 |
---|---|
Release date | March 22, 2024 |
Client-Server API
Backwards Compatible Changes
- Allow
/versions
to optionally accept authentication, as per MSC4026. (#1728) - Add local erasure requests, as per MSC4025. (#1730)
- Use the
body
field as optional media caption, as per MSC2530. (#1731) - Add server support discovery endpoint, as per MSC1929. (#1733)
- Add support for multi-stream VoIP, as per MSC3077. (#1735)
- Specify that the
Retry-After
header may be used to rate-limit a client, as per MSC4041. (#1737) - Add support for recursion on the
GET /relations
endpoints, as per MSC3981. (#1746)
Spec Clarifications
- The strike element is deprecated in the HTML spec. Clients should prefer s instead. (#1629)
- Clarify that read receipts should be batched by thread as well as by room. (#1685)
- Clarify that threads can be created based on replies. (#1687)
- Clarify in the reply fallbacks example that the prefix sequence should be repeated for each line. (#1690)
- Clarify the format of account data objects for secret storage. (#1695, #1734)
- Clarify that the key backup MAC is implemented incorrectly and does not pass the ciphertext through HMAC-SHA-256. (#1712)
- Clarify one-time key and fallback key types in examples. (#1715)
- Clarify that the HKDF calculation for SAS uses base64-encoded keys rather than the raw key bytes. (#1719)
- Clarify how to perform the ECDH exchange in step 12 of the SAS process. (#1720)
- Document the deprecation policy of HTML tags, as per MSC4077. (#1732)
- The font element is deprecated in the HTML spec. Clients should prefer span with the
data-mx-bg-color
anddata-mx-color
attributes instead. (#1739) - Disambiguate uses of
PublicRoomsChunk
in theGET /hierarchy
endpoint. (#1740) - Clarify that
sdpMid
andsdpMLineIndex
are not required inm.call.candidates
. (#1742) - Fix various typos throughout the specification. (#1748)
- Clearly indicate that each
Content-Type
may have distinct behaviour on non-JSON requests/responses. (#1756) - Clarify that the
m.push_rules
account data type cannot be set using the/account_data
API, as per MSC4010. (#1763)
Server-Server API
Spec Clarifications
- Clarify Server-Server API request signing example by using the
POST
HTTP method, asGET
requests don’t have request bodies. (#1721) - Disambiguate uses of
PublicRoomsChunk
in theGET /hierarchy
endpoint. (#1740) - Clarify that the
children_state
,room_type
andallowed_room_ids
properties in the items of thechildren
array of the response of theGET /hierarchy
endpoint are not required. (#1741)
Application Service API
Spec Clarifications
- Clarify that the
/login
and/register
endpoints should fail when using them.login.application_service
login type without a validas_token
. (#1744)
Identity Service API
No significant changes.
Push Gateway API
No significant changes.
Room Versions
Spec Clarifications
- For room versions 7 through 11: Clarify that
invite->knock
is not a legal transition. (#1717)
Appendices
No significant changes.
Internal Changes/Tooling
Spec Clarifications
- Update the spec release process. (#1680)
- Minor clarifications to the contributing guide. (#1697)
- Update Docsy to v0.8.0. (#1699, #1762)
- Fix npm release script for
@matrix-org/spec
. (#1713) - Add some clarifications around implementation requirements for MSCs. (#1718)
- Update HTML templates to include links to object schema definitions. (#1724)
- Factor out all the common parameters of the various
/relations
apis. (#1745) - Add support for
$ref
URIs containing fragments in OpenAPI definitions and JSON schemas. (#1751, #1754)
v1.9
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.9 |
---|---|
Release date | November 29, 2023 |
Client-Server API
Backwards Compatible Changes
Spec Clarifications
- Fix
m.call.negotiate
schema and example. (#1546) - Clarify that the
via
property is required form.space.parent
andm.space.child
as per MSC1772. Contributed by @PaarthShah. (#1618) - Add a note to the
/publicRooms
API that the server name is case sensitive. (#1638) - Clarify that an
m.room.name
event with an absentname
field is not expected behavior. (#1639) - Fix schemas used for account data and presence events in
GET /initialSync
. (#1647) - Fix various typos throughout the specification. (#1658, #1661, #1665)
- Fix
.m.rule.suppress_notices
push rule not being valid JSON. (#1671) - Add missing properties for
event_property_is
andevent_property_contains
push conditions toPushConditions
object. (#1673) - Indicate that fallback keys should have a
fallback
property set totrue
. (#1676) - Clarify that thread roots are not considered within the thread. (#1677)
Server-Server API
Spec Clarifications
- Fix schema of
m.receipt
EDU. (#1636) - Fix various typos throughout the specification. (#1661)
- Clarify that federation requests for non-local users are invalid. (#1672)
Application Service API
No significant changes.
Identity Service API
No significant changes.
Push Gateway API
No significant changes.
Room Versions
No significant changes.
Appendices
Spec Clarifications
- Clarify timestamp specification with respect to leap seconds. (#1627)
- Fix various typos throughout the specification. (#1652)
Internal Changes/Tooling
Backwards Compatible Changes
- Add more CI checks for OpenAPI definitions and JSON Schemas. (#1656)
- Generate server-server OpenAPI definition. (#1657)
Spec Clarifications
- Replace all mentions of Swagger by OpenAPI. (#1633)
- Fix enum types in JSON schemas. (#1634)
- Fix schema of
m.mentions
object. (#1635) - Fix rendering of
m.receipt
event in Client-Server API. (#1637) - Remove required
fieldname
in appservice Protocol definition. (#1646) - Fix github action workflow responsible for releasing of @matrix-org/spec package. (#1648)
- Upgrade GitHub actions. (#1660)
v1.8
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.8 |
---|---|
Release date | August 23, 2023 |
Client-Server API
Backwards Compatible Changes
Spec Clarifications
- Fix missing
type
property in the JSON schema definition of them.reaction
event. Contributed by @chebureki. (#1552) - Make sure examples types match schema in definitions. (#1563)
- Allow
null
inroom_types
inPOST /publicRooms
endpoints schemas. (#1564) - Fix broken header formatting. Contributed by @midnightveil. (#1578)
- Render binary request and response bodies. (#1579)
- Fix description of MAC calculation in SAS verification. (#1590)
- Update link to SAS emoji definition data. (#1593)
- Fix various typos throughout the specification. (#1597)
Server-Server API
Deprecations
Backwards Compatible Changes
Spec Clarifications
- Document why
/state_ids
can respond with a 404. (#1521) - Fix response definition for
POST /_matrix/federation/v1/user/keys/claim
. (#1559) - Fix examples in server keys definition. (#1560)
- Make sure examples types match schema in definitions. (#1563)
- Allow
null
inroom_types
inPOST /publicRooms
endpoints schemas. (#1564) - Fix broken header formatting. Contributed by @midnightveil. (#1578)
- Remove spurious mention of a “default port” with respect to SRV record lookup. (#1615)
- Switch to ordered list for server name resolution steps. (#1623)
Application Service API
Spec Clarifications
- Fix type of custom
fields
in thirdparty lookup queries. (#1584)
Identity Service API
Spec Clarifications
- Make sure examples types match schema in definitions. (#1563)
Push Gateway API
No significant changes.
Room Versions
Backwards Compatible Changes
- Add room version 11 as per MSC3820. (#1604)
- Move
redacts
from top level tocontent
onm.room.redaction
events in room version 11, as per MSC2174. (#1604) - Remove
creator
fromm.room.creator
events in room version 11, as per MSC2175. (#1604) - Remove remaining usage of
origin
from events in room version 11, as per MSC3989. (#1604) - Update the redaction rules in room version 11, as per MSC2176 and MSC3821. (#1604)
Appendices
Backwards Compatible Changes
Spec Clarifications
- Clarify spec re canonical JSON to handle negative-zero; also, give an example of negative-zero and a large power of ten. (#1573)
Internal Changes/Tooling
Backwards Compatible Changes
- Upgrade Swagger data to OpenAPI 3.1. (#1310)
- Create
@matrix-org/spec
npm package to ship the SAS Emoji data definitions & translations. (#1620)
Spec Clarifications
- Update the CI to validate the file extension of changelog entries. (#1542)
- Disclosure sections now only display their title when collapsed. (#1549)
- Fix the sidebar in recent versions of Hugo. (#1551)
- Bump jsonschema to validate JSON Schemas against Draft 2020-12. (#1556)
- Use Redocly CLI to validate OpenAPI definitions. (#1558)
- Use tag name as the OpenAPI definition version. (#1561)
- Make sure version in
x-changedInMatrixVersion
is a string. (#1562) - Clarify usage of ABNF for grammar in the documentation style guide. (#1582)
- Remove unnecessary
oneOf
s in JSON schemas. (#1585) - Update the version of Hugo used to render the spec to v0.113.0. (#1591)
- Fix rendered changelog with new version of towncrier. (#1598)
- Improve the layout of tables on desktop displays. Contributed by Martin Fischer. (#1601)
v1.7
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.7 |
---|---|
Release date | May 25, 2023 |
Client-Server API
New Endpoints
POST /_matrix/media/v1/create
(#1499)PUT /_matrix/media/v3/upload/{serverName}/{mediaId}
(#1499)POST /_matrix/client/v1/login/get_token
(#1530)
Backwards Compatible Changes
- Changes to the server-side aggregation of
m.replace
(edit) events, as per MSC3925. (#1440, #1525) - Add new push rule conditions
event_property_is
andevent_property_contains
, as per MSC3758 and MSC3966. (#1464) - Add
m.annotation
relations (reactions), as per MSC2677. (#1475, #1531) - Support asynchronous media uploads, as per MSC2246. (#1499, #1510)
- Document the
m.mentions
property; the.m.rule.is_user_mention
and.m.rule.is_room_mention
push rules; and other notification behaviour, as per MSC3952. (#1508) - Improve VoIP signaling, as per MSC2746. (#1511, #1540)
- Update the scope of transaction IDs, as per MSC3970. (#1526)
- Add an ability to redirect media downloads, as per MSC3860. (#1529)
- Add an ability to use an existing session to log in another, as per MSC3882. (#1530)
Spec Clarifications
- Clarify the sections of the specification concerning aggregation of child events. (#1424)
- Fix various typos throughout the specification. (#1432, #1442, #1447, #1455, #1465, #1500, #1509)
- Clarify that reply chain fallback for threads might not be present. (#1439)
- Clarify what event property the content-specific push rules match against. (#1441)
- Clarify the semantics that make requests idempotent. (#1449)
- Improve documentation of how clients use push rules. (#1461)
- Clarify that servers should enforce a default
limit
on a filter if one is not specified. (#1463) - Disambiguate using property names with dots in them during push rule processing, as per MSC3873 and MSC3980. (#1464)
- Fix phrasing & typography in the registration endpoint description. Contributed by @HarHarLinks. (#1474)
- Remove outdated text saying that
state_default
is 0 if there is nom.room.power_levels
event in a room. (#1479) - Remove fictitious
token
parameter on/keys/query
endpoint. (#1485) - Fix rendering of properties with a list of types. (#1487)
- Clarify parts of the cross-signing signature upload request. (#1495)
- Remove the
dont_notify
andcoalesce
push rule actions, as per MSC3987. (#1501) - Clarify
m.location
scheme by partially reverting f1f32d3. Contributed by @HarHarLinks. (#1507) - Add missing
knock_restricted
join rule to them.room.join_rules
schema. (#1535)
Server-Server API
Spec Clarifications
- Fix various typos throughout the specification. (#1431, #1447, #1466, #1518)
- Fix PDU examples by removing invalid OpenAPI reference to
examples/minimal_pdu.json
. (#1454) - Remove leftover
{key_id}
from/_matrix/key/v2/server/
. (#1473) - Remove extraneous
age_ts
field from the reference hash calculation section. (#1536)
Application Service API
New Endpoints
Backwards Compatible Changes
- Add homeserver->appservice ping mechanism, as per MSC2659. Contributed by @tulir at @beeper. (#1516, #1541)
Spec Clarifications
- Fix various typos throughout the specification. (#1447)
Identity Service API
Spec Clarifications
- Corrections to the response format of
/_matrix/identity/v2/store-invite
. (#1486)
Push Gateway API
No significant changes.
Room Versions
Spec Clarifications
- Clarifications of event ID formats in early room versions (#1484)
Appendices
Spec Clarifications
- Clarify that the term “Canonical JSON” is a specific thing within the Matrix specification. (#1468)
- Remove references to groups. (#1483)
- Clarifications of event ID formats in early room versions. (#1484)
Internal Changes/Tooling
Spec Clarifications
- Update references to Inter font. (#1444)
- Endpoint disclosures now hide everything but the URL. (#1446)
- Wrap $ref in allOf where other attributes are present, to improve OpenAPI compliance. (#1457)
- Minor cleanups to the GitHub Actions workflows (#1476)
- Fix generation of anchors for additional properties. (#1488)
- Fix various typos throughout the specification. (#1534)
- Document more of the spec release timeline/process. (#1538)
v1.6
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.6 |
---|---|
Release date | February 14, 2023 |
Client-Server API
Backwards Compatible Changes
- Add information on standard error responses for unknown endpoints/methods, as per MSC3743. (#1347)
- Add
/rooms/<roomID>/timestamp_to_event
endpoint, as per MSC3030. (#1366) - Define
hkdf-hmac-sha256.v2
MAC method for SAS verification, as per MSC3783. (#1412)
Spec Clarifications
- Clarify the power levels integer range. (#1169, #1355)
- Clarify that
/context
always returnsevent
even iflimit
is zero. Contributed by @sumnerevans at @beeper. (#1239) - Clarify what fields are required when deleting a pusher (#1321)
- Improve the presentation of push rule kinds and actions. (#1348)
- Add missing description to m.call.answer schema. (#1353)
- Fix various typos throughout the specification. (#1363)
- Clarify parts of the end-to-end encryption sections. (#1381)
- Move login API definitions to the right heading. Contributed by @HarHarLinks. (#1382)
- Clarify which events will be included in Stripped State. Contributed by @andybalaam. (#1409)
- Add links to the spec for the definition of 3PID
medium
. (#1417) - Correct the order of the default override pushrules in the spec. (#1421)
- Improve distinction between tags and their attributes in the rich text section. Contributed by Nico. (#1433)
Server-Server API
Breaking Changes
Backwards Compatible Changes
- Add information on standard error responses for unknown endpoints/methods, as per MSC3743. (#1347)
- Add
/timestamp_to_event/<roomID>
endpoint, as per MSC3030. (#1366) - Extend
/_matrix/federation/v2/send_join
to allow omitting membership events, per MSC3706. (#1393, #1398) - Note that
/_matrix/federation/v2/send_join
should include heroes for nameless rooms, even when allowed to omit membership events, per MSC3943. (#1425)
Spec Clarifications
- Include examples inline instead of using a reference for invite endpoint definitions. (#1349)
- Fix
POST _matrix/federation/v1/user/keys/claim
response schema. (#1351) - Correct the default invite level definition in the “Checks performed on receipt of a PDU” section. (#1371)
- Clarify that CNAMEs are permissible for server names. (#1376)
- Fix
edu_type
in EDU examples. (#1383)
Application Service API
Backwards Compatible Changes
Identity Service API
Backwards Compatible Changes
Push Gateway API
Backwards Compatible Changes
Room Versions
Backwards Compatible Changes
Spec Clarifications
- Clarify the grammar for room versions. (#1422)
- Fix various typos throughout the specification. (#1423)
Appendices
No significant changes.
Internal Changes/Tooling
Spec Clarifications
- Add link to the unstable spec to the README. (#1357)
- Improve safety of the proposals retrieval script in the event of failure. (#1368)
- Rename
<content>
tocontent
in the OpenAPI files for content uploads. (#1370) - Stop autogenerating examples where we already have an example. (#1384)
- Improve formatting of definitions in the Push Notifications section. (#1415)
v1.5
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.5 |
---|---|
Release date | November 17, 2022 |
Client-Server API
Backwards Compatible Changes
- Add
m.reference
relations, as per MSC3267. (#1206) - Add missing documentation for
m.key.verification.request
msgtype for in-room verification. (#1271)
Spec Clarifications
- Fix various typos throughout the specification. (#1260, #1265, #1276)
- Fix naming of
device_one_time_keys_count
in/sync
. (#1266) - Improve display of event subtypes. (#1283)
- Improve documentation about ephemeral events. (#1284)
- Define a 400 response from
/_matrix/client/v3/directory/rooms/{roomAlias}
. (#1286) - Clarify parts of the end-to-end encryption sections. (#1294, #1345)
- Various clarifications throughout the specification. (#1306)
- Replace
set_sound
push rule action byset_tweak
. (#1318) - Clarify the behavior of
PUT /_matrix/client/v3/pushrules/{scope}/{kind}/{ruleId}
. (#1319) - Clarify that
.m.rule.master
has a higher priority than any push rule. (#1320) - Require request field
refresh_token
at endpointPOST /_matrix/client/v3/refresh
. (#1323) - Fix a number of broken links in the specification. (#1330)
- Add example read receipt to
GET /_matrix/client/v3/sync
response example. (#1341)
Server-Server API
Spec Clarifications
- Fix a number of broken links in the specification. (#1330)
Application Service API
Spec Clarifications
- Clarify that application services can only register an interest in local users, as per MSC3905. (#1305)
Identity Service API
Spec Clarifications
- Fix a number of broken links in the specification. (#1330)
Push Gateway API
No significant changes.
Room Versions
Spec Clarifications
- Reword the event auth rules to clarify that users cannot demote other users with the same power level. (#1269)
- Various clarifications to the text on event authorisation rules. (#1270)
- Fix a number of broken links in the specification. (#1330)
Appendices
No significant changes.
Internal Changes/Tooling
Backwards Compatible Changes
- Update docsy theme to v0.5.0 + matrix.org modifications (https://github.com/matrix-org/docsy/commit/a0032f8db919a6c67ba6cdef2c455f105b6272a2). (#1295)
Spec Clarifications
- Improve error messages emitted by
resolve-additional-types
template. (#1303) - Fix link to API viewer. (#1308)
- Stop rendering the subsections of the Client-Server API and Room Versions specs as their own separate pages. (#1317)
- Use a link checker to ensure that we do not have broken links. (#1329, #1338)
- Update instructions to preview Swagger definitions. (#1331)
- Make definition anchors more unique. (#1339)
- Generate the unstable changelogs with towncrier, for consistency. (#1340)
- Update CONTRIBUTING.md to mention that non-content changes to this repo should have an “internal” changelog entry. (#1342)
- Update module summary table with new modules: Event Replacements, Threading and Reference Relations. (#1344)
- Disable RSS generation for the spec. (#1346)
v1.4
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.4 |
---|---|
Release date | September 29, 2022 |
Client-Server API
Removed Endpoints
Backwards Compatible Changes
- Add a
.m.rule.room.server_acl
push rule to matchm.room.server_acl
events, as per MSC3786. (#1190, #1201) - Add
Cross-Origin-Resource-Policy
(CORP) headers to media repository, as per MSC3828. (#1197) - Copy a room’s
type
when upgrading it, as per MSC3818. (#1198) - Add
room_types
filter androom_type
response to/publicRooms
, as per MSC3827. (#1199) - Add
m.replace
relations (event edits), as per MSC2676. (#1211) - Add
m.read.private
receipts, as per MSC2285. (#1216) - Make
m.fully_read
optional on/read_markers
, as per MSC2285. (#1216) - Allow
m.fully_read
markers to be set from/receipts
, as per MSC2285. (#1216) - Add threading via
m.thread
relations, as per MSC3440, MSC3816, MSC3856, and MSC3715. (#1254) - Add per-thread notifications and read receipts, as per MSC3771 and MSC3773. (#1255)
- Add
thread_id
to the/receipt
endpoint, as per MSC3771. (#1261)
Spec Clarifications
- Mention that the
/rooms/{roomId}/invite
endpoint will return a 200 response if the user is already invited to the room. (#1084) - Fix various typos throughout the specification. (#1135, #1161, #1164, #1170, #1180, #1215, #1238, #1243, #1263)
- Describe return codes for account data endpoints, and clarify that per-room data does not inherit from the global data. (#1155)
- Clarify that policy rule globs work like ACL globs. Contributed by Nico. (#1165)
- Clarify the format of some structures in the End-to-end encryption module. (#1166)
- Add HTML anchors for object definitions in the formatted specification. (#1174)
- Tweak the styling of
<code>
snippets in tables rendered from OpenAPI definitions. (#1179) - Update “API Standards” section to clarify how JSON is used. (#1185)
- Clarify that the “device_id”, “user_id” and “access_token” fields are required in the response body of
POST /_matrix/client/v3/login
. (#1210) - Reinforce the relationship of refreshed access tokens to transaction IDs. (#1236)
- Clarify enum values by separating possible values with commas. (#1240)
Server-Server API
Backwards Compatible Changes
Spec Clarifications
- Add HTML anchors for object definitions in the formatted specification. (#1174)
- Tweak the styling of
<code>
snippets in tables rendered from OpenAPI definitions. (#1179) - Update “API Standards” section to clarify how JSON is used. (#1185)
Application Service API
Breaking Changes
- Replace homeserver authorization approach with an
Authorization
header instead ofaccess_token
when talking to the application service, as per MSC2832. (#1200)
Spec Clarifications
- Add HTML anchors for object definitions in the formatted specification. (#1174)
Identity Service API
Spec Clarifications
- Add HTML anchors for object definitions in the formatted specification. (#1174)
- Update “API Standards” section to clarify how JSON is used. (#1185)
Push Gateway API
Spec Clarifications
- Add HTML anchors for object definitions in the formatted specification. (#1174)
Room Versions
Spec Clarifications
- For room versions 1 through 10, clarify that events with rejected
auth_events
must be rejected. (#1137) - For room versions 2–10: correct a mistaken clarification to the state resolution algorithm. (#1158)
- For room versions 7 through 10: Clarify that
invite->knock
is actually a legal transition. (#1175)
Appendices
No significant changes.
Internal Changes/Tooling
Backwards Compatible Changes
- Add internal changes changelog section. (#1194)
Spec Clarifications
- Render HTML anchors for object definition tables. (#1191)
- Give rendered-data sections a background and some padding. (#1195)
- Fix rendering of shortcodes within the client-server API. (#1205)
- Fix the spacing of mapping types generated from the OpenAPI spec. (#1230)
v1.3
Git commit | https://github.com/matrix-org/matrix-spec/tree/v1.3 |
---|---|
Release date | June 15, 2022 |
Client-Server API
Deprecations
- Deprecate the
sender_key
anddevice_id
onm.megolm.v1.aes-sha2
events, and thesender_key
onm.room_key_request
to-device messages, as per MSC3700. (#1101)
Backwards Compatible Changes
- Make
from
optional onGET /_matrix/client/v3/messages
to allow requesting events from the start or end of the room history, as per MSC3567. (#1002) - Add refresh tokens, per MSC2918. (#1056, #1113)
- Relax the restrictions on Rich Replies, as per MSC3676. (#1062)
- Describe a structured system for event relationships, as per MSC2674. (#1062)
- Describe how relationships between events can be “aggregated”, as per MSC2675 and MSC3666. (#1062)
- Add support for a new
knock_restricted
join rule in supported room versions, as per MSC3787. (#1099)
Spec Clarifications
- Clarify that the url field in
m.room.avatar
events is not required. (#987) - Clarify that the
type
in user-interactive authentication can be omitted. (#989) - Adjust the OpenAPI specification so that the type
Flow information
is explicitly defined when the client-server API is rendered. (#1003) - Correct the default value for
invite
where it is not specified in anm.room.power_levels
event. (#1021) - Update various links which pointed to the old
matrix-doc
github repository. (#1032) - Removed
m.room.message.feedback
per MSC3582. (#1035) - Fix various typos throughout the specification. (#1051, #1054, #1059, #1081, #1097, #1110, #1115, #1126, #1127, #1128, #1129, #3681, #3708)
- Clarify that state keys starting with
@
are in fact reserved. Regressed from #3658. (#1100) - Remove unenforced size limit on the
name
field ofm.room.name
events. (#3669) - Remove erroneous
room_id
field from examples ofm.read
,m.typing
in/sync
andm.fully_read
in room account data. (#3679) - Clarify the behaviour of
event_match
in push rule conditions. (#3690) - Fix incorrectly referenced
m.login.appservice
login identifier, instead usingm.login.application_service
. (#3711) - Fix membership state transitions to denote that
invite->knock
andexternal->leave
are valid transitions. (#3730)
Server-Server API
Backwards Compatible Changes
Spec Clarifications
- Remove largely unused
origin
field from PDUs. (#998) - Update various links which pointed to the old
matrix-doc
github repository. (#1032) - Clarify the format for the Authorization header. (#1038, #1067)
- Clarify what a “valid event” means when performing checks on a received PDU. (#1045)
- Clarify that
valid_until_ts
is in milliseconds, like other timestamps used in Matrix. (#1055) - Clarify that checks on PDUs should refer to the state before an event. (#1070)
- Clarify the historical handling of non-integer power levels. (#1099)
- Fix various typos throughout the specification. (#1110)
- Correct misleading text for
/send_join
response. (#3703) - Clarify that the
content
forX-Matrix
signature validation is the parsed JSON body. (#3727)
Application Service API
Backwards Compatible Changes
Identity Service API
No significant changes.
Push Gateway API
No significant changes.
Room Versions
Backwards Compatible Changes
- Add room version 10 as per MSC3604. (#1099)
- Enforce integer power levels in room version 10 as per MSC3667. (#1099)
- Add a
knock_restricted
join rule supported by room version 10 as per MSC3787. (#1099) - Update the default room version to 9 as per MSC3589. (#3739)
Spec Clarifications
- Improve readability and understanding of the state resolution algorithms. (#1037, #1042, #1043, #1120)
- Improve readability of the authorization rules. (#1050)
- For room versions 8, 9, and 10: clarify which homeserver is required to sign the join event. (#1093)
- Clarify that room versions 1 through 9 accept stringy power levels, as noted by MSC3667. (#1099)
- For all room versions: Add
m.federate
to the authorization rules, as originally intended. (#1103) - For room versions 2 through 10: More explicitly define the mainline of a power event and the mainline ordering of other events. (#1107)
- For room versions 7, 8, 9, and 10: fix join membership authorization rules when
join_rule
isknock
. (#3737)
Appendices
No significant changes.
v1.2
Git commit | https://github.com/matrix-org/matrix-doc/tree/v1.2 |
---|---|
Release date | February 02, 2022 |
Client-Server API
Breaking Changes
- The
prev_content
field is now returned inside theunsigned
property of events, rather than at the top level, as per MSC3442. (#3524) - The
aliases
property from the chunks returned by/publicRooms
, as per MSC2432. (#3624)
New Endpoints
- Add the Space Hierarchy API (
GET /_matrix/client/v1/rooms/{roomId}/hierarchy
) as per MSC2946. (#3610) - Add
/_matrix/client/v1/register/m.login.registration_token/validity
as per MSC3231. (#3616)
Backwards Compatible Changes
- Extend
/_matrix/client/r0/login
to accept am.login.appservice
, as per MSC2778. (#3324) - Add support for
restricted
rooms as per MSC3083, MSC3289, and MSC3375. (#3387) - Add
is_guest
to/account/whoami
as per MSC3069. (#3605) - Expand guest access to sending any room event and state event as per MSC3419. (#3605)
- Add Spaces and room types as per MSC1772 and MSC2946. (#3610)
- Add new
m.set_displayname
,m.set_avatar_url
, andm.3pid_changes
capabilities as per MSC3283. (#3614) - Add support for fallback keys (optional keys used once one-time keys run out), as per MSC2732. (#3615)
- Add token-authenticated registration support as per MSC3231. (#3616)
Spec Clarifications
- Make
AesHmacSha2KeyDescription
consistent withKeyDescription
in markingname
as optional. (#3481) - Fix various typos throughout the specification. (#3482, #3495, #3509, #3535, #3591, #3601, #3611, #3671, #3680)
- Explicitly mention RFC5870 in the definition of
m.location
events (#3492) - Add
403 M_FORBIDDEN
error code to/profile/{userId}
as per MSC3550. (#3530) - Clarify the description of the
/sync
API, including a fix to an ASCII art diagram. (#3543) - Clarify that
base_url
in clientwell_known
may or may not include trailing slash. (#3562) - Clarify which signature to check when decrypting
m.olm.v1.curve25519-aes-sha2
messages. (#3573) - Clarify what “Stripped State” is and what purpose it serves, as per MSC3173. (#3606)
- Clarify how to interpret missing one-time key counts. (#3636)
- Correct the schema for the responses for various API endpoints. (#3650)
- Clarify that group mentions are no longer in the specification. (#3652)
- Distinguish between “federation” event format as exchanged by the Federation API, and the “client” event formats as used in the client-server and AS APIs. (#3658)
- Fix the rendering of the responses for various API endpoints. (#3674)
Server-Server API
New Endpoints
- Add the Space Hierarchy API (
GET /_matrix/federation/v1/hierarchy/{roomId}
) as per MSC2946. (#3610, #3660)
Backwards Compatible Changes
Spec Clarifications
- Fix various typos throughout the specification. (#3527, #3528)
- Clarify that
GET /_matrix/federation/v1/event_auth/{roomId}/{eventId}
does not return the auth chain for the full state of the room. (#3583) - Fix the rendering of the responses for various API endpoints. (#3674)
Application Service API
Spec Clarifications
- Distinguish between “federation” event format as exchanged by the Federation API, and the “client” event formats as used in the client-server and AS APIs. (#3658)
- Fix the rendering of the responses for various API endpoints. (#3674)
- Correct the documentation for the response value for
GET /_matrix/app/v1/thirdparty/protocol/{protocol}
. (#3675)
Identity Service API
Backwards Compatible Changes
Spec Clarifications
- Fix the rendering of the responses for various API endpoints. (#3674)
Push Gateway API
Spec Clarifications
- Fix the rendering of the responses for various API endpoints. (#3674)
Room Versions
Backwards Compatible Changes
Spec Clarifications
- Fully specify room versions to indicate what exactly is carried over from parent versions. (#3432, #3661)
- Clarifications to sections on event IDs and event formats. (#3501)
- Remove a number of fields which were incorrectly shown to form part of the
unsigned
data of a Federation PDU. (#3522) - Fix heading order of room version specifications to be consistent. (#3683)
- Add missing “Signing key validity period” section to room version 6. (#3683)
- Fix auth rules to allow membership of
knock
->leave
in v7, v8, and v9. (#3694)
Appendices
Backwards Compatible Changes
- Describe “Common Namespaced Identifier Grammar” as per MSC2758. (#3171)
- Describe the
matrix:
URI scheme as per MSC2312. (#3608)
v1.1
Git commit | https://github.com/matrix-org/matrix-doc/tree/v1.1 |
---|---|
Release date | November 09, 2021 |
Client-Server API
Breaking Changes
- Document
curve25519-hkdf-sha256
key agreement method for SAS verification, and deprecate old method as per MSC2630. (#2687) - Add
m.key.verification.ready
andm.key.verification.done
to key verification framework as per MSC2366. (#3139)
Deprecations
- Deprecate starting verifications that don’t start with
m.key.verification.request
as per MSC3122. (#3199)
New Endpoints
- Add key backup (
/room_keys/*
) endpoints as per MSC1219. (#2387, #2639) - Add
POST /keys/device_signing/upload
andPOST /keys/signatures/upload
as per MSC1756. (#2536) - Add
/knock
endpoint as per MSC2403. (#3154) - Add
/login/sso/redirect/{idpId}
as per MSC2858. (#3163)
Removed Endpoints
- Remove unimplemented
m.login.oauth2
andm.login.token
user-interactive authentication mechanisms as per MSC2610 and MSC2611. (#2609)
Backwards Compatible Changes
- Document how clients can advise recipients that it is withholding decryption keys as per MSC2399. (#2399)
- Add cross-signing properties to the response of
POST /keys/query
as per MSC1756. (#2536) - Document Secure Secret Storage and Sharing as per MSC1946 and MSC2472. (#2597)
- Add a
device_id
parameter to login fallback as per MSC2604. (#2709) - Added a common set of translations for SAS Emoji. (#2728)
- Added support for
reason
on all membership events and related endpoints as per MSC2367. (#2795) - Add a 404
M_NOT_FOUND
error to push rule endpoints as per MSC2663. (#2796) - Make
reason
andscore
parameters optional in the content reporting API as per MSC2414. (#2807) - Allow guests to get the list of members for a room as per MSC2689. (#2808)
- Add support for spoilers as per MSC2010 and MSC2557, and
color
attribute as per MSC2422. (#3098) - Add
<details>
and<summary>
to the suggested HTML subset as per MSC2184. (#3100) - Add key verification using in-room messages as per MSC2241. (#3139, #3150)
- Add information about using SSSS for cross-signing and key backup. (#3147)
- Add key verification method using QR codes as per MSC1544. (#3149)
- Document how clients can simplify usage of Secure Secret Storage as per MSC2874. (#3151)
- Add support for knocking, as per MSC2403. (#3154, #3254)
- Multiple SSO providers are possible through
m.login.sso
as per MSC2858. (#3163) - Add
device_id
to/account/whoami
response as per MSC2033. (#3166) - Downgrade identity server discovery failures to
FAIL_PROMPT
as per MSC2284. (#3169) - Re-version all endpoints to be
v3
as a starting point instead ofr0
as per MSC2844. (#3421)
Spec Clarifications
- Fix issues with
age
andunsigned
being shown in the wrong places. (#2591) - Fix definitions for room version capabilities. (#2592)
- Fix various typos throughout the specification. (#2594, #2599, #2809, #2878, #2885, #2888, #3116, #3339)
- Clarify link to OpenID Connect specification. (#2605)
- Clarify the behaviour of SSO login and UI-Auth. (#2608)
- Remove spurious
room_id
from/sync
examples. (#2629) - Reorganize information in Push Notifications module for clarity. (#2634)
- Improve consistency and clarity of event schema
title
s. (#2647) - Fix schema issues in
m.key.verification.accept
and secret storage. (#2653) - Reword “UI Authorization” to “User-Interactive Authentication” to be more clear. (#2667)
- Fix schemas for push rule actions to represent their alternative object form. (#2669)
- Fix usage of
highlight
tweak for consistency. (#2670) - Clarify the behaviour of
state
for/sync
with lazy-loading. (#2754) - Clarify description of
m.room.redaction
event. (#2814) - Mark
messages
as a required JSON body field inPUT /_matrix/client/r0/sendToDevice/{eventType}/{txnId}
calls. (#2928) - Correct examples of
client_secret
request body parameters so that they do not include invalid characters. (#2985) - Fix example MXC URI for
m.presence
. (#3091) - Clarify that event bodies are untrusted, as per MSC2801. (#3099)
- Fix the maximum event size restriction (65535 bytes -> 65536). (#3127)
- Update
Access-Control-Allow-Headers
recommendation to fit CORS specification. (#3225) - Explicitly state that
replacement_room
is a room ID inm.room.tombstone
events. (#3233) - Clarify that all request bodies are required. (#3238, #3332)
- Add missing titles to some scheams. (#3330)
- Add User-Interactive Authentication fields to cross-signing APIs as per MSC1756. (#3331)
- Mention that a canonical alias event should be added when a room is created with an alias. (#3337)
- Add an ‘API conventions’ section to the Appendices. (#3350)
- Clarify the documentation around the pagination tokens used by
/sync
,/rooms/{room_id}/messages
,/initialSync
,/rooms/{room_id}/initialSync
, and/notifications
. (#3353) - Remove the inaccurate ‘Pagination’ section. (#3366)
- Clarify how
redacted_because
is meant to work. (#3411) - Remove extraneous
mimetype
fromEncryptedFile
examples, as per MSC2582. (#3412) - Describe how MSC2844 affects the
/versions
endpoint. (#3420) - Fix documentation errors around
threepid_creds
. (#3471)
Server-Server API
New Endpoints
Backwards Compatible Changes
- Add cross-signing information to
GET /user/keys
andGET /user/devices/{userId}
,m.device_list_update
EDU, and a newm.signing_key_update
EDU as per MSC1756. (#2536) - Add support for knocking, as per MSC2403. (#3154)
Spec Clarifications
- Specify that
GET /_matrix/federation/v1/make_join/{roomId}/{userId}
can return a 404 if the room is unknown. (#2688) - Fix various typos throughout the specification. (#2888, #3116, #3128, #3207)
- Correct the
/_matrix/federation/v1/user/devices/{userId}
response which actually returns"self_signing_key"
instead of"self_signing_keys"
. (#3312) - Explain the reasons why
<hostname>
TLS certificate is needed rather than<delegated_hostname>
for SRV delegation. (#3322) - Tweak the example PDU diagram to better demonstrate situations with multiple
prev_events
. (#3340)
Application Service API
Spec Clarifications
- Fix various typos throughout the specification. (#2888)
Identity Service API
New Endpoints
Removed Endpoints
Spec Clarifications
- Fix various typos throughout the specification. (#2888)
- Clarify that some identifiers must be case folded prior to processing, as per MSC2265. (#3167, #3176)
- Describe how MSC2844 affects the
/versions
endpoint. (#3459)
Push Gateway API
Spec Clarifications
- Clarify where to get information about the various parameter values for the notify endpoint. (#2763)
Historical versions
Before version 1.1, versioning was applied at the level of individual API specifications. This section includes links to these versions of the APIs.
-
Client-Server API
-
Server-Server API
-
Application Service API
-
Identity Service API
-
Push Gateway API