continuwuation/continuwuity
continuwuation/continuwuity
15
97
Fork 108
Code Issues 121 Pull requests 22 Releases 30 Packages 3 Activity Actions 9

feat: Update policy server implementation to match latest spec #1487

Merged
nex merged 17 commits from nex/feat/policy-servers-2-electric-boogaloo into main 2026-05-25 17:48:17 +00:00
Conversation 8 Commits 17 Files changed 10 +455 -312
nex commented 2026-03-04 05:39:46 +00:00
Owner
Copy link

This pull request updates the MSC4284 policy server implementation to better match the now stabilised MSC.

Related Synapse pull request: https://github.com/element-hq/synapse/pull/19503

  • Update m.room.policy schema
  • Update event type to support both stable and unstable types
  • Drop legacy check endpoint
  • Verify policy server signatures when checking
  • Fall back to fetching a fresh signature if one is not attached to an event

Will also add:

  • Support for advertising /.well-known/matrix/policy_server
  • Support for the stable and unstable endpoints, hopefully with some built-in checks (for example to enforce DAG "correctness") and/or the option to pass through to another service

Pull request checklist:

  • This pull request targets the main branch, and the branch is named something other than
    main.
  • I have written an appropriate pull request title and my description is clear.
  • I understand I am responsible for the contents of this pull request.
  • I have followed the contributing guidelines:
This pull request updates the [MSC4284](https://github.com/matrix-org/matrix-spec-proposals/pull/4284) policy server implementation to better match the now stabilised MSC. Related Synapse pull request: https://github.com/element-hq/synapse/pull/19503 - [x] Update `m.room.policy` schema - [x] Update event type to support both stable and unstable types - [x] Drop legacy check endpoint - [x] Verify policy server signatures when checking - [x] Fall back to fetching a fresh signature if one is not attached to an event Will also add: - [x] Support for advertising `/.well-known/matrix/policy_server` - ~~Support for the stable and unstable endpoints, hopefully with some built-in checks (for example to enforce DAG "correctness") and/or the option to pass through to another service~~ **Pull request checklist:** <!-- You need to complete these before your PR can be considered. If you aren't sure about some, feel free to ask for clarification in #dev:continuwuity.org. --> - [x] This pull request targets the `main` branch, and the branch is named something other than `main`. - [x] I have written an appropriate pull request title and my description is clear. - [x] I understand I am responsible for the contents of this pull request. - I have followed the [contributing guidelines][c1]: - [x] My contribution follows the [code style][c2], if applicable. - [x] I ran [pre-commit checks][c1pc] before opening/drafting this pull request. - [x] I have [tested my contribution][c1t] (or proof-read it for documentation-only changes) myself, if applicable. This includes ensuring code compiles. - [x] My commit messages follow the [commit message format][c1cm] and are descriptive. - [x] I have written a [news fragment][n1] for this PR, if applicable<!--(can be done after hitting open!)-->. <!-- Notes on these requirements: - While not required, we encourage you to sign your commits with GPG or SSH to attest the authenticity of your changes. - While we allow LLM-assisted contributions, we do not appreciate contributions that are low quality, which is typical of machine-generated contributions that have not had a lot of love and care from a human. Please do not open a PR if all you have done is asked ChatGPT to tidy up the codebase with a +-100,000 diff. - In the case of code style violations, reviewers may leave review comments/change requests indicating what the ideal change would look like. For example, a reviewer may suggest you lower a log level, or use `match` instead of `if/else` etc. - In the case of code style violations, pre-commit check failures, minor things like typos/spelling errors, and in some cases commit format violations, reviewers may modify your branch directly, typically by making changes and adding a commit. Particularly in the latter case, a reviewer may rebase your commits to squash "spammy" ones (like "fix", "fix", "actually fix"), and reword commit messages that don't satisfy the format. - Pull requests MUST pass the `Checks` CI workflows to be capable of being merged. This can only be bypassed in exceptional circumstances. If your CI flakes, let us know in matrix:r/dev:continuwuity.org. - Pull requests have to be based on the latest `main` commit before being merged. If the main branch changes while you're making your changes, you should make sure you rebase on main before opening a PR. Your branch will be rebased on main before it is merged if it has fallen behind. - We typically only do fast-forward merges, so your entire commit log will be included. Once in main, it's difficult to get out cleanly, so put on your best dress, smile for the cameras! --> [c1]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md [c2]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/docs/development/code_style.mdx [c1pc]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#pre-commit-checks [c1t]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#running-tests-locally [c1cm]: https://forgejo.ellis.link/continuwuation/continuwuity/src/branch/main/CONTRIBUTING.md#commit-messages [n1]: https://towncrier.readthedocs.io/en/stable/tutorial.html#creating-news-fragments
nex self-assigned this 2026-03-04 05:39:46 +00:00
feat: Update policy server implementation to be closer to stable MSC4284
Some checks failed
Update flake hashes / update-flake-hashes (pull_request) Waiting to run
Details
Documentation / Build and Deploy Documentation (pull_request) Has been cancelled
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Has been cancelled
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
6f103939df
 
Untested
chore: Add news fragment
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Successful in 4m5s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 45s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 7m25s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 1h0m0s
Details
6c96945b0a
nex changed title from feat: Update policy server implementation to be closer to stable MSC4284 to WIP: feat: Update policy server implementation to be closer to stable MSC4284 2026-03-04 05:43:47 +00:00
nex added the due date 2026-06-01 2026-03-04 05:47:21 +00:00
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 6c96945b0a
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Successful in 4m5s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 45s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 7m25s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 1h0m0s
Details
to 02ab2daa57
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m17s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m1s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 9m24s
Details
2026-03-21 17:15:26 +00:00 Compare
feat: Support stable policy servers
All checks were successful
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m17s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m8s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 26m12s
Details
9ebafaaabc
nex commented 2026-04-02 15:08:28 +00:00
Author
Owner
Copy link

Gonna drop the well-known and inline support from this PR to reduce the scope and get it merged sooner. Will probably add later.

Gonna drop the well-known and inline support from this PR to reduce the scope and get it merged sooner. Will probably add later.
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 9ebafaaabc
All checks were successful
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m17s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m8s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 26m12s
Details
to 77e769d3e1
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 10s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m18s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 3m2s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 57s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
2026-04-02 15:11:19 +00:00 Compare
chore: Remove config options related to policy servers
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 14s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m17s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m54s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 57s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
6d0f8fc4e2
 
Since they are signature based now they can't really be ignored
style: Use ok() instead of map_or()
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 14s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m19s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m56s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
fc21b0bab2
style: How is the formatter indecisive
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 21s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m20s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m58s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 35m4s
Details
af3fbc5562
style: Adjust log levels
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 9s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m19s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m3s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 57s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 37m10s
Details
4623119282
nex changed title from WIP: feat: Update policy server implementation to be closer to stable MSC4284 to feat: Update policy server implementation to be closer to stable MSC4284 2026-04-02 16:19:36 +00:00
nex requested review from Owners 2026-04-02 16:19:42 +00:00
style: Make verify_policy_signature less verbose
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 10s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m22s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m1s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 25m4s
Details
b4128b5813
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from b4128b5813
Some checks failed
Check Changelog / Check for changelog (pull_request_target) Successful in 10s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m22s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 3m1s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 25m4s
Details
to 6748645033
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 35s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m46s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m50s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 2m1s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 10m2s
Details
2026-04-28 02:19:43 +00:00 Compare
fix: Only check loopback via after attempting incoming verification
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 9s
Details
Checks / Prek / Check changed files (pull_request) Successful in 34s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m16s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m46s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
b43296d5b0
nex changed title from feat: Update policy server implementation to be closer to stable MSC4284 to feat: Update policy server implementation to match latest spec 2026-04-28 03:30:45 +00:00
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from b43296d5b0
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 9s
Details
Checks / Prek / Check changed files (pull_request) Successful in 34s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m16s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m46s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m56s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
to 38d8eb1a17
All checks were successful
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 30s
Details
Checks / Prek / Check changed files (pull_request) Successful in 31s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m16s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m45s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m51s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 8m23s
Details
2026-04-28 03:32:58 +00:00 Compare
fix: Verify policy server signatures on all events, not just timeline ones
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 33s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m16s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m47s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 2m42s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 6m14s
Details
4d13533cbb
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 4d13533cbb
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 33s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m16s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m47s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 2m42s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 6m14s
Details
to 88cf46822c
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m13s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 1m17s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 4m30s
Details
2026-04-29 13:49:12 +00:00 Compare
style: Clarifications
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m36s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 1m31s
Details
Checks / Prek / Check changed files (pull_request) Successful in 30s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
c77f65490e
style: Clippy
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m13s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 2m20s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 7m59s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 34s
Details
4a9a7b1314
nex commented 2026-05-04 00:42:48 +00:00
Author
Owner
Copy link

This PR is ready for merge, but is blocked pending some issues with the widely deployed policy server policyserv (currently some rooms, including all of the Matrix Foundation rooms, are unusable if they are using policyserv if this PR is applied). Will be merged by June 1st at the latest.

This PR is ready for merge, but is blocked pending some issues with the widely deployed policy server [policyserv](https://github.com/matrix-org/policyserv) (currently some rooms, including all of the Matrix Foundation rooms, are unusable if they are using policyserv if this PR is applied). Will be merged by June 1st at the latest.
nex reviewed 2026-05-04 00:50:04 +00:00
src/service/rooms/event_handler/policy_server.rs Outdated
@ -90,0 +108,4 @@
trace!("no policy server configured");
} else {
error!("failed to load policy server event: {e}");
// TODO: Should this fail closed?
nex commented 2026-05-04 00:50:04 +00:00
Author
Owner
Copy link

This TODO allows rooms with an invalid policy server to continue to be used if the event is invalid in some way (e.g. redacted). It might be necessary to create a "redacted" PS config struct so that we can explicitly check if the event actually has its fields present, since you disable the PS by removing the via (but doing so causes ruma to cry).

This TODO allows rooms with an invalid policy server to continue to be used if the event is invalid in some way (e.g. redacted). It might be necessary to create a "redacted" PS config struct so that we can explicitly check if the event actually has its fields present, since you disable the PS by removing the `via` (but doing so causes ruma to cry).
nex marked this conversation as resolved
nex commented 2026-05-05 16:43:16 +00:00
Author
Owner
Copy link

Blocked on https://github.com/matrix-org/matrix-spec/issues/2362 (see previous comment). Blocking any upcoming release as the current implementation still uses legacy checks, which policy servers are not going to keep around forever.

Blocked on https://github.com/matrix-org/matrix-spec/issues/2362 (see previous comment). Blocking any upcoming release as the current implementation still uses legacy checks, which policy servers are not going to keep around forever.
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 4a9a7b1314
Some checks failed
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m13s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Failing after 2m20s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 7m59s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 34s
Details
to 62fa4f2693
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 7s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Has been cancelled
Details
Documentation / Build and Deploy Documentation (pull_request) Has been cancelled
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
2026-05-18 02:49:01 +00:00 Compare
style: Reformat
All checks were successful
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m12s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 9m2s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m9s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 7s
Details
669433d7fd
nex commented 2026-05-18 03:29:18 +00:00
Author
Owner
Copy link

Unblocking this early as it's preventing further improvements to more critical parts of the codebase and we can't work around it much longer

Unblocking this early as it's preventing further improvements to more critical parts of the codebase and we can't work around it much longer
ginger reviewed 2026-05-18 14:22:21 +00:00
src/service/rooms/event_handler/policy_server.rs Outdated
@ -72,1 +92,3 @@
return Ok(true);
) -> Result<()> {
let ps = match pdu.event_type().with_state_key("").0 {
| StateEventType::RoomPolicy => return Ok(()),
ginger commented 2026-05-18 14:18:35 +00:00
Owner
Copy link

what's the purpose of this early return?

what's the purpose of this early return?
nex commented 2026-05-18 23:08:18 +00:00
Author
Owner
Copy link

(m.room.policy, "") events are excluded from policy server checks and thus are always permitted.

`(m.room.policy, "")` events are excluded from policy server checks and thus are always permitted.
ginger marked this conversation as resolved
src/service/rooms/event_handler/policy_server.rs Outdated
@ -90,0 +109,4 @@
trace!("no policy server configured");
} else {
error!("failed to load policy server event: {e}");
// TODO: Should this fail closed?
ginger commented 2026-05-18 14:19:17 +00:00
Owner
Copy link

this branch can only be hit if an internal database error occurred. generally I'm in favor of panicking when that happens because it indicates that something is very broken

this branch can only be hit if an internal database error occurred. generally I'm in favor of panicking when that happens because it indicates that something is very broken
nex commented 2026-05-18 23:07:41 +00:00
Author
Owner
Copy link

This branch can be hit if the policy server configuration is malformed (for example, a literal null value for via). The spec says that such events should be treated as if the policy server is disabled, but doing so means we can't distinguish from actual database errors: https://github.com/ruma/ruma/issues/2490

This branch can be hit if the policy server configuration is malformed (for example, a literal `null` value for `via`). The spec says that such events should be treated as if the policy server is disabled, but doing so means we can't distinguish from actual database errors: https://github.com/ruma/ruma/issues/2490
ginger commented 2026-05-21 16:36:33 +00:00
Owner
Copy link

Is it not possible to check if the error is a deserialization faulure?

Is it not possible to check if the error is a deserialization faulure?
nex commented 2026-05-21 16:39:04 +00:00
Author
Owner
Copy link

i forgot you can do that

i forgot you can do that
nex marked this conversation as resolved
src/service/rooms/event_handler/policy_server.rs Outdated
@ -156,0 +262,4 @@
);
// TODO: select between this sleep and shutdown signal
sleep(saturated).await;
if !self.services.server.running() {
ginger commented 2026-05-18 14:21:51 +00:00
Owner
Copy link

is this check necessary? I would assume that the executor threads for incoming requests would just be killed when the server exits

is this check necessary? I would assume that the executor threads for incoming requests would just be killed when the server exits
Jade commented 2026-05-18 14:34:07 +00:00
Owner
Copy link

Ongoing requests are allowed to complete while new requests are refused during a graceful shutdown

Ongoing requests are allowed to complete while new requests are refused during a graceful shutdown
nex commented 2026-05-18 23:09:16 +00:00
Author
Owner
Copy link

I believe the sleep does not get interrupted either, hence the desire to select between the shutdown signal and the sleep finishing, so that it can be interrupted. Otherwise a malicious policy server could serve us 429s with the max retry-after time and have us spinning for several minutes after a shutdown is signalled

I believe the sleep does not get interrupted either, hence the desire to select between the shutdown signal and the sleep finishing, so that it can be interrupted. Otherwise a malicious policy server could serve us 429s with the max retry-after time and have us spinning for several minutes after a shutdown is signalled
👍 1
ginger marked this conversation as resolved
fix: Treat malformed policy config events as missing
Some checks failed
Checks / Prek / Check changed files (pull_request) Successful in 7s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 36s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m8s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 2m16s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 10m54s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 32m7s
Details
2167891aed
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 2167891aed
Some checks failed
Checks / Prek / Check changed files (pull_request) Successful in 7s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 36s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 2m8s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 2m16s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 10m54s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 32m7s
Details
to 6c215bd350 2026-05-21 17:03:16 +00:00 Compare
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from 43d7eb2568 to 78ff1c5136
All checks were successful
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 28s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m13s
Details
Checks / Prek / Check changed files (pull_request) Successful in 6s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m28s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 8m51s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m8s
Details
2026-05-21 18:14:58 +00:00 Compare
style: Document functions
Some checks failed
Checks / Prek / Check changed files (pull_request) Successful in 7s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 35s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m45s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m45s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 10m58s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 32m23s
Details
bbdbf1c098
perf: Avoid cloning incoming PDUs to check them
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 32s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m17s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 2m13s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Has been cancelled
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
73a5e3a87f
 
Also allows us to store signatures on PDUs received over federation that we got a fresh signature for
style: Reformat
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 33s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m20s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m31s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 2m20s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
ef493e5fad
nex requested reviews from Jade, Aranjedeath, ginger and removed review requests for Owners 2026-05-21 20:34:48 +00:00
fix: Don't return early if the policy server does something stupid
All checks were successful
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 7s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m23s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 2m11s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 9m19s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m9s
Details
63cc4da9e5
 
Spec compliance is for nerds I guess
fix: Ensure event_id is correctly stripped before verifying policy server signature
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 31s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m25s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m37s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m11s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 32m20s
Details
fdb25f4aad
ginger approved these changes 2026-05-22 00:40:34 +00:00
nex force-pushed nex/feat/policy-servers-2-electric-boogaloo from fdb25f4aad
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 8s
Details
Checks / Prek / Check changed files (pull_request) Successful in 31s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m25s
Details
Update flake hashes / update-flake-hashes (pull_request) Successful in 1m37s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m11s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Failing after 32m20s
Details
to eb829c2951
Some checks failed
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 7s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 1m41s
Details
Checks / Prek / Check changed files (pull_request) Successful in 8s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Has been cancelled
Details
Documentation / Build and Deploy Documentation (pull_request) Has been cancelled
Details
2026-05-25 17:21:03 +00:00 Compare
style: Fix typo
Some checks failed
Checks / Prek / Check changed files (pull_request) Successful in 8s
Details
Documentation / Build and Deploy Documentation (pull_request) Successful in 1m20s
Details
Checks / Changelog / Check changelog is added (pull_request_target) Successful in 10s
Details
Checks / Prek / Clippy and Cargo Tests (pull_request) Successful in 8m59s
Details
Checks / Prek / Pre-commit & Formatting (pull_request) Successful in 21m14s
Details
Checks / Prek / Check changed files (push) Successful in 32s
Details
Documentation / Build and Deploy Documentation (push) Successful in 1m15s
Details
Checks / Prek / Pre-commit & Formatting (push) Successful in 1m31s
Details
Checks / Prek / Clippy and Cargo Tests (push) Successful in 8m36s
Details
Release Docker Image / Build linux-arm64 (release) (push) Successful in 56m31s
Details
Release Docker Image / Build linux-amd64 (release) (push) Successful in 57m29s
Details
Release Docker Image / Create Multi-arch Release Manifest (push) Successful in 10m0s
Details
Release Docker Image / Create Max-Perf Manifest (push) Has been cancelled
Details
Release Docker Image / Release Binaries (push) Has been cancelled
Details
Release Docker Image / Mirror Images (push) Has been cancelled
Details
Release Docker Image / Build linux-arm64 (max-perf) (push) Has been cancelled
Details
Release Docker Image / Build linux-amd64 (max-perf) (push) Has been cancelled
Details
b771b9d160
nex scheduled this pull request to auto merge when all checks succeed 2026-05-25 17:28:03 +00:00
nex merged commit b771b9d160 into main 2026-05-25 17:48:17 +00:00
nex deleted branch nex/feat/policy-servers-2-electric-boogaloo 2026-05-25 17:48:17 +00:00
Sign in to join this conversation.
Reviewers
No reviewers
Jade
ginger
Aranjedeath
Labels
Clear labels   
Blocked
This pull request or issue is currently blocked from being merged/closed

  
Bug
Something isn't working as intended

  
Changelog
Added
 Changelog entry added

  
Changelog
Missing
 No changelog when one is needed

  
Changelog
None
 Changelog is unnecesary for this change

  
Cherry-picking
Commits picked from other conduit projects

  
Database
This requires or includes changes to the database

  
Dependencies
Something dependency related

  
Dependencies/Renovate
Automatic dependency upgrades by Renovate

  
Difficulty
Easy
 Low difficulty to implement - touches few parts of the codebase, low complexity

  
Difficulty
Hard
 High difficulty to implement - touches many parts of the codebase, high complexity

  
Difficulty
Medium
 Medium difficulty to implement - touches more parts of the codebase, higher complexity

  
Documentation
Improvements or additions to documentation

  
Enhancement
New feature or request

  
Good first issue
Good for newcomers

  
Help wanted
Additional eyes and keyboards are required for this one

  
Inherited
Issues that have been inhereted from the project pre-fork

  
Matrix/Administration
Features pertaining to homeserver administration

  
Matrix/Appservices
Features pertaining to the appservice API

  
Matrix/Auth
Features pertaining to authentication

  
Matrix/Client
Features pertaining to client-to-server interactions

  
Matrix/Core
Issues relating to core matrix functionality, such as state resolution and PDU formats

  
Matrix/E2EE
Issues related to end to end encryption

  
Matrix/Federation
Features pertaining to server-to-server interactions

  
Matrix/Hydra
Issues related to room version 12 and related changes (temporary label)

  
Matrix/MSC
Features pertaining to unstable matrix features

  
Matrix/Media
Features pertaining to media interactions

  
Matrix/T&S
Changes or issues related to trust & safety tooling

  
Merge
This PR is ready to be merged

  
Merge/Manual
This PR should be manually merged

  
Merge/Squash
This PR should be squashed when it is merged

  
Meta
Related to housekeeping, maintenance, or other repo-meta.

  
Meta/CI
Issues related to CI changes

  
Meta/Packaging
Packaging

  
Priority
Blocking
 This issue is blocking the next release

  
Priority
High
 This issue is very important

  
Priority
Low
 This issue is of a rather low priority

  
Security
This item is related to general security

  
Status
Confirmed
 This issue has enough information and is confirmed

  
Status
Duplicate
 This issue or pull request already exists

  
Status
Invalid
 This issue doesn't seem right

  
Status
Needs Investigation
 This issue needs further investigation

  
Support
Questions or support requests

  
Wont fix
This will not be worked on

  
old/ci/cd
Ci/CD

Archived

  
old/rust
Pull requests that update Rust code

Archived

No labels
Blocked
Bug
Changelog
Added
Changelog
Missing
Changelog
None
Cherry-picking
Database
Dependencies
Dependencies/Renovate
Difficulty
Easy
Difficulty
Hard
Difficulty
Medium
Documentation
Enhancement
Good first issue
Help wanted
Inherited
Matrix/Administration
Matrix/Appservices
Matrix/Auth
Matrix/Client
Matrix/Core
Matrix/E2EE
Matrix/Federation
Matrix/Hydra
Matrix/MSC
Matrix/Media
Matrix/T&S
Merge
Merge/Manual
Merge/Squash
Meta
Meta/CI
Meta/Packaging
Priority
Blocking
Priority
High
Priority
Low
Security
Status
Confirmed
Status
Duplicate
Status
Invalid
Status
Needs Investigation
Support
Wont fix
old/ci/cd
old/rust
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
nex
5 participants
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

2026-06-01

Depends on
#1656 refactor: Switch to upstream Ruma
continuwuation/continuwuity
Reference
continuwuation/continuwuity!1487
No description provided.