chore(federation): accept and store encrypted messages #37191
Conversation
|
Looks like this PR is not ready to merge, because of the following issues:
Please fix the issues and try again If you have any trouble, please check the PR guidelines |
|
There was a problem hiding this comment.
Pull Request Overview
This pull request adds support for accepting and storing encrypted messages in the federation system. The changes enable handling of encrypted Matrix messages by introducing new parameters for encryption content and updating the message service interface.
- Added support for encrypted message content with algorithm and ciphertext fields
- Implemented encrypted message event handler in the Matrix federation module
- Updated message service interface to accept optional encrypted content alongside regular messages
Reviewed Changes
Copilot reviewed 3 out of 3 changed files in this pull request and generated 2 comments.
| File | Description |
|---|---|
| packages/core-services/src/types/IMessageService.ts | Updated interface to support optional encrypted content and made msg parameter optional |
| ee/packages/federation-matrix/src/events/message.ts | Added new event handler for processing encrypted Matrix messages with support for threads, replies, and edits |
| apps/meteor/server/services/messages/service.ts | Implemented encrypted content storage in the message service with proper message type assignment |
Tip: Customize your code reviews with copilot-instructions.md. Create the file or learn how to get started.
| algorithm: string, | ||
| ciphertext: string, | ||
| }, |
There was a problem hiding this comment.
Inconsistent indentation: the properties inside e2e_content should use tabs to match the surrounding code style.
| algorithm: string, | |
| ciphertext: string, | |
| }, | |
| algorithm: string, | |
| ciphertext: string, | |
| }, |
| algorithm: string, | ||
| ciphertext: string, | ||
| }, |
There was a problem hiding this comment.
Inconsistent indentation: the properties inside e2e_content should use tabs to match the surrounding code style.
| algorithm: string, | |
| ciphertext: string, | |
| }, | |
| algorithm: string, | |
| ciphertext: string, | |
| }, |
|
Note Other AI code review bot(s) detectedCodeRabbit has detected other AI code review bot(s) in this pull request and will avoid duplicating their findings in the review comments. This may lead to a less comprehensive review. WalkthroughAdds handling for homeserver.matrix.encrypted events: parses ciphertext and m.relates_to (threads/replies/quotes/edits), resolves user/room, updates or saves messages via MessageService.saveMessageFromFederation (now accepts optional Changes
Sequence Diagram(s)sequenceDiagram
autonumber
participant HS as Matrix Homeserver
participant FH as Federation Handler
participant MS as MessageService
participant DB as Database
HS->>FH: m.room.encrypted (event with ciphertext)
FH->>FH: validate ciphertext, resolve user & room
FH->>FH: parse m.relates_to (thread/reply/quote/edit)
alt edit of encrypted message
FH->>DB: find original by federation_event_id
alt original found & content changed
FH->>MS: updateMessage(..., e2e_content)
MS->>DB: update record
DB-->>MS: OK
MS-->>FH: OK
else skip / log
end
else new encrypted message
FH->>MS: saveMessageFromFederation({ fromId, rid, e2e_content, federation_event_id, thread? })
MS->>DB: insert record (payload includes t: 'e2e' and content)
DB-->>MS: OK
MS-->>FH: OK
end
Estimated code review effort🎯 3 (Moderate) | ⏱️ ~25 minutes Possibly related PRs
Suggested labels
Suggested reviewers
Poem
Pre-merge checks and finishing touches❌ Failed checks (1 warning)
✅ Passed checks (4 passed)
✨ Finishing touches
🧪 Generate unit tests (beta)
📜 Recent review detailsConfiguration used: CodeRabbit UI Review profile: CHILL Plan: Pro Disabled knowledge base sources:
📒 Files selected for processing (1)
🧰 Additional context used🧬 Code graph analysis (1)ee/packages/federation-matrix/src/api/_matrix/invite.ts (1)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (7)
🔇 Additional comments (1)
Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out. Comment |
![coderabbitai[bot]](https://avatars.githubusercontent.com/in/347564?s=60&v=4){kind=small}
There was a problem hiding this comment.
Actionable comments posted: 3
♻️ Duplicate comments (2)
packages/core-services/src/types/IMessageService.ts (1)
27-30: Fix indentation to use tabs.The properties inside
e2e_contentuse spaces for indentation instead of tabs, which is inconsistent with the rest of the file's code style.Apply this diff to fix the indentation:
e2e_content?: { - algorithm: string, - ciphertext: string, - }, + algorithm: string; + ciphertext: string; + };Note: Also changed trailing commas to semicolons to match the surrounding code style.
apps/meteor/server/services/messages/service.ts (1)
103-106: Fix indentation to use tabs.The properties inside
e2e_contentuse spaces for indentation instead of tabs, which is inconsistent with the rest of the file's code style.Apply this diff to fix the indentation:
e2e_content?: { - algorithm: string, - ciphertext: string, - }, + algorithm: string; + ciphertext: string; + };Note: Also changed trailing commas to semicolons to match the surrounding code style.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
📒 Files selected for processing (3)
apps/meteor/server/services/messages/service.ts(2 hunks)ee/packages/federation-matrix/src/events/message.ts(1 hunks)packages/core-services/src/types/IMessageService.ts(1 hunks)
🧰 Additional context used
🧬 Code graph analysis (1)
ee/packages/federation-matrix/src/events/message.ts (2)
ee/packages/federation-matrix/src/events/room.ts (1)
room(8-73)packages/core-typings/src/IMessage/IMessage.ts (2)
isThreadMessage(317-317)isEditedMessage(264-271)
⏰ Context from checks skipped due to timeout of 90000ms. You can increase the timeout in your CodeRabbit configuration to a maximum of 15 minutes (900000ms). (3)
- GitHub Check: 📦 Build Packages
- GitHub Check: CodeQL-Build
- GitHub Check: CodeQL-Build
🔇 Additional comments (3)
packages/core-services/src/types/IMessageService.ts (1)
12-35: Type definitions correctly support encrypted messages.The changes appropriately make
msgoptional and introducee2e_contentto support encrypted federation messages. The interface clearly defines the contract for handling both plaintext and encrypted messages.apps/meteor/server/services/messages/service.ts (1)
123-126: Encrypted content correctly propagated to federation payload.The implementation appropriately includes the
e2e_contentin the message payload with type'e2e'when encrypted content is provided. The conditional spreading ensures the field is only included when necessary.ee/packages/federation-matrix/src/events/message.ts (1)
316-329: Verify encrypted quoted message edits preserve quote metadata
The encrypted branch’supdateMessagecall (lines 316–329) only carries overalgorithmandciphertext, omitting the quote URL and metadata formatting applied in the plaintext handler. Confirm that encrypted quoted edits reconstruct and persist quote references as the plaintext path does.
| emitter.on('homeserver.matrix.encrypted', async (data) => { | ||
| try { | ||
| if (!data.content.ciphertext) { | ||
| logger.debug('No message content found in event'); | ||
| return; | ||
| } | ||
|
|
||
| // at this point we know for sure the user already exists | ||
| const user = await Users.findOneByUsername(data.sender); | ||
| if (!user) { | ||
| throw new Error(`User not found for sender: ${data.sender}`); | ||
| } | ||
|
|
||
| const room = await Rooms.findOne({ 'federation.mrid': data.room_id }); | ||
| if (!room) { | ||
| throw new Error(`No mapped room found for room_id: ${data.room_id}`); | ||
| } | ||
|
|
||
| const relation = data.content['m.relates_to']; | ||
|
|
||
| // SPEC: For example, an m.thread relationship type denotes that the event is part of a “thread” of messages and should be rendered as such. | ||
| const hasRelation = relation && 'rel_type' in relation; | ||
|
|
||
| const isThreadMessage = hasRelation && relation.rel_type === 'm.thread'; | ||
|
|
||
| const threadRootEventId = isThreadMessage && relation.event_id; | ||
|
|
||
| // SPEC: Though rich replies form a relationship to another event, they do not use rel_type to create this relationship. | ||
| // Instead, a subkey named m.in_reply_to is used to describe the reply’s relationship, | ||
| const isRichReply = relation && !('rel_type' in relation) && 'm.in_reply_to' in relation; | ||
|
|
||
| const quoteMessageEventId = isRichReply && relation['m.in_reply_to']?.event_id; | ||
|
|
||
| const thread = threadRootEventId ? await getThreadMessageId(threadRootEventId) : undefined; | ||
|
|
||
| const isEditedMessage = hasRelation && relation.rel_type === 'm.replace'; | ||
| if (isEditedMessage && relation.event_id) { | ||
| logger.debug('Received edited message from Matrix, updating existing message'); | ||
| const originalMessage = await Messages.findOneByFederationId(relation.event_id); | ||
| if (!originalMessage) { | ||
| logger.error('Original message not found for edit:', relation.event_id); | ||
| return; | ||
| } | ||
| if (originalMessage.federation?.eventId !== relation.event_id) { | ||
| return; | ||
| } | ||
| if (originalMessage.content?.ciphertext === data.content.ciphertext) { | ||
| logger.debug('No changes in message content, skipping update'); | ||
| return; | ||
| } | ||
|
|
||
| if (quoteMessageEventId) { | ||
| await Message.updateMessage( | ||
| { | ||
| ...originalMessage, | ||
| content: { | ||
| algorithm: data.content.algorithm, | ||
| ciphertext: data.content.ciphertext, | ||
| }, | ||
| }, | ||
| user, | ||
| originalMessage, | ||
| ); | ||
| return; | ||
| } | ||
|
|
||
| await Message.updateMessage( | ||
| { | ||
| ...originalMessage, | ||
| content: { | ||
| algorithm: data.content.algorithm, | ||
| ciphertext: data.content.ciphertext, | ||
| }, | ||
| }, | ||
| user, | ||
| originalMessage, | ||
| ); | ||
| return; | ||
| } | ||
|
|
||
| if (quoteMessageEventId) { | ||
| const originalMessage = await Messages.findOneByFederationId(quoteMessageEventId); | ||
| if (!originalMessage) { | ||
| logger.error('Original message not found for quote:', quoteMessageEventId); | ||
| return; | ||
| } | ||
| await Message.saveMessageFromFederation({ | ||
| fromId: user._id, | ||
| rid: room._id, | ||
| e2e_content: { | ||
| algorithm: data.content.algorithm, | ||
| ciphertext: data.content.ciphertext, | ||
| }, | ||
| federation_event_id: data.event_id, | ||
| thread, | ||
| }); | ||
| return; | ||
| } | ||
|
|
||
| await Message.saveMessageFromFederation({ | ||
| fromId: user._id, | ||
| rid: room._id, | ||
| e2e_content: { | ||
| algorithm: data.content.algorithm, | ||
| ciphertext: data.content.ciphertext, | ||
| }, | ||
| federation_event_id: data.event_id, | ||
| thread, | ||
| }); | ||
| } catch (error) { | ||
| logger.error(error, 'Error processing Matrix message:'); | ||
| } | ||
| }); |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
Refactor duplicated logic into shared helper functions.
The encrypted message handler (lines 265-377) duplicates ~110 lines of logic from the plaintext handler (lines 115-263), including user/room resolution, relation parsing, thread handling, and quote detection. This violates DRY principles and increases maintenance burden.
Consider extracting shared logic into helper functions:
- Message context resolution (user, room, relations, threads):
async function resolveMessageContext(data: { sender: string; room_id: string; content: any }) {
const user = await Users.findOneByUsername(data.sender);
if (!user) {
throw new Error(`User not found for sender: ${data.sender}`);
}
const room = await Rooms.findOne({ 'federation.mrid': data.room_id });
if (!room) {
throw new Error(`No mapped room found for room_id: ${data.room_id}`);
}
const relation = data.content['m.relates_to'];
const hasRelation = relation && 'rel_type' in relation;
const isThreadMessage = hasRelation && relation.rel_type === 'm.thread';
const threadRootEventId = isThreadMessage && relation.event_id;
const isRichReply = relation && !('rel_type' in relation) && 'm.in_reply_to' in relation;
const quoteMessageEventId = isRichReply && relation['m.in_reply_to']?.event_id;
const thread = threadRootEventId ? await getThreadMessageId(threadRootEventId) : undefined;
const isEditedMessage = hasRelation && relation.rel_type === 'm.replace';
return { user, room, relation, thread, quoteMessageEventId, isEditedMessage };
}-
Edit handling logic (extract common validation and update flow)
-
Quote handling logic (extract common quote message resolution)
This would reduce the handlers to ~30-40 lines each, focusing only on content-specific logic (plaintext formatting vs. encrypted content handling).
🤖 Prompt for AI Agents
ee/packages/federation-matrix/src/events/message.ts around lines 115-377: the
encrypted handler (265-377) duplicates the plaintext handler (115-263) — extract
shared responsibilities into helpers: 1) create resolveMessageContext(data) that
finds user and room, parses relation, computes
hasRelation/isEditedMessage/isThreadMessage/threadRootEventId/thread (via
getThreadMessageId) and quoteMessageEventId, and returns { user, room, relation,
thread, quoteMessageEventId, isEditedMessage }; 2) create
handleEdit(originalMessage, data, user) that encapsulates the edit validation
(existence, federation id match, content equality) and performs
Message.updateMessage when needed, returning a boolean indicating it handled the
event; 3) create saveOrQuoteMessage({ userId, roomId, thread,
federation_event_id, e2e_content, quote }) that resolves quoted original message
if quote provided and calls Message.saveMessageFromFederation; then replace the
duplicated blocks in both handlers to call resolveMessageContext, use handleEdit
when isEditedMessage, and use saveOrQuoteMessage for quote/plain saves, keeping
original logging and try/catch semantics.
| if (!data.content.ciphertext) { | ||
| logger.debug('No message content found in event'); | ||
| return; | ||
| } |
There was a problem hiding this comment.
Validate both algorithm and ciphertext fields.
The handler only validates ciphertext presence but not algorithm. Both fields are required for encrypted content according to the type definition in IMessageService.ts.
Apply this diff to validate both fields:
- if (!data.content.ciphertext) {
- logger.debug('No message content found in event');
+ if (!data.content.ciphertext || !data.content.algorithm) {
+ logger.debug('Missing required encrypted content fields (algorithm or ciphertext)');
return;
}📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| if (!data.content.ciphertext) { | |
| logger.debug('No message content found in event'); | |
| return; | |
| } | |
| if (!data.content.ciphertext || !data.content.algorithm) { | |
| logger.debug('Missing required encrypted content fields (algorithm or ciphertext)'); | |
| return; | |
| } |
🤖 Prompt for AI Agents
In ee/packages/federation-matrix/src/events/message.ts around lines 267 to 270,
the handler only checks for data.content.ciphertext but must validate both
data.content.ciphertext and data.content.algorithm; update the conditional to
verify both fields are present, log a clear debug message when either is missing
(e.g., "Missing encrypted message fields: algorithm or ciphertext") and return
early, ensuring encrypted content processing only proceeds when both algorithm
and ciphertext exist.
| const isEditedMessage = hasRelation && relation.rel_type === 'm.replace'; | ||
| if (isEditedMessage && relation.event_id) { | ||
| logger.debug('Received edited message from Matrix, updating existing message'); | ||
| const originalMessage = await Messages.findOneByFederationId(relation.event_id); | ||
| if (!originalMessage) { | ||
| logger.error('Original message not found for edit:', relation.event_id); | ||
| return; | ||
| } | ||
| if (originalMessage.federation?.eventId !== relation.event_id) { | ||
| return; | ||
| } | ||
| if (originalMessage.content?.ciphertext === data.content.ciphertext) { | ||
| logger.debug('No changes in message content, skipping update'); | ||
| return; | ||
| } |
There was a problem hiding this comment.
🛠️ Refactor suggestion | 🟠 Major
🧩 Analysis chain
Verify edit handling for encrypted messages matches Matrix spec.
The encrypted message edit handler doesn't check for m.new_content (line 301), unlike the plaintext handler (line 155). For encrypted messages, verify whether edited content is provided in data.content['m.new_content'] or directly in data.content.
If the Matrix specification requires m.new_content for encrypted message edits as well, apply this diff:
- if (isEditedMessage && relation.event_id) {
+ if (isEditedMessage && relation.event_id && data.content['m.new_content']) {
logger.debug('Received edited message from Matrix, updating existing message');Additionally, the content comparison (line 311) should potentially compare against m.new_content:
- if (originalMessage.content?.ciphertext === data.content.ciphertext) {
+ if (originalMessage.content?.ciphertext === data.content['m.new_content']?.ciphertext) {
logger.debug('No changes in message content, skipping update');🌐 Web query:
Does the Matrix specification require m.new_content for encrypted message edits (m.room.encrypted with m.replace relation)?
💡 Result:
Short answer: Yes — the spec requires the replacement (edit) to include m.new_content, and for encrypted edits that m.new_content be inside the decrypted payload of the m.room.encrypted event. [1][2]
Notes/refs:
- MSC2676 / message-editing: "The content of a message edit event must contain a m.new_content property..." and for encrypted replacements "m.new_content is placed in the content of the encrypted payload." [1]
- The Client‑Server API / related spec discussion and issues note the practical/server-side complications (servers can't read encrypted payloads), but that is an implementation/aggregation concern — it does not remove the requirement that decrypted edit payloads contain m.new_content. [2][3]
Require m.new_content for encrypted edits
Apply the following changes in ee/packages/federation-matrix/src/events/message.ts (around lines 300–314):
- if (isEditedMessage && relation.event_id) {
+ if (isEditedMessage && relation.event_id && data.content['m.new_content']) {
logger.debug('Received edited message from Matrix, updating existing message');
...
- if (originalMessage.content?.ciphertext === data.content.ciphertext) {
+ if (originalMessage.content?.ciphertext === data.content['m.new_content']?.ciphertext) {
logger.debug('No changes in message content, skipping update');📝 Committable suggestion
‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.
| const isEditedMessage = hasRelation && relation.rel_type === 'm.replace'; | |
| if (isEditedMessage && relation.event_id) { | |
| logger.debug('Received edited message from Matrix, updating existing message'); | |
| const originalMessage = await Messages.findOneByFederationId(relation.event_id); | |
| if (!originalMessage) { | |
| logger.error('Original message not found for edit:', relation.event_id); | |
| return; | |
| } | |
| if (originalMessage.federation?.eventId !== relation.event_id) { | |
| return; | |
| } | |
| if (originalMessage.content?.ciphertext === data.content.ciphertext) { | |
| logger.debug('No changes in message content, skipping update'); | |
| return; | |
| } | |
| const isEditedMessage = hasRelation && relation.rel_type === 'm.replace'; | |
| if (isEditedMessage && relation.event_id && data.content['m.new_content']) { | |
| logger.debug('Received edited message from Matrix, updating existing message'); | |
| const originalMessage = await Messages.findOneByFederationId(relation.event_id); | |
| if (!originalMessage) { | |
| logger.error('Original message not found for edit:', relation.event_id); | |
| return; | |
| } | |
| if (originalMessage.federation?.eventId !== relation.event_id) { | |
| return; | |
| } | |
| if (originalMessage.content?.ciphertext === data.content['m.new_content']?.ciphertext) { | |
| logger.debug('No changes in message content, skipping update'); | |
| return; | |
| } |
There was a problem hiding this comment.
Actionable comments posted: 1
♻️ Duplicate comments (1)
packages/core-services/package.json (1)
38-38: Version bump matches federation-matrix package.This dependency update to 0.1.23 maintains consistency with the change in ee/packages/federation-matrix/package.json. Verification of the version is covered in the previous review comment.
🧹 Nitpick comments (1)
ee/packages/federation-matrix/src/events/room.ts (1)
57-59: Early return for non-local users improves robustness.The guard correctly prevents processing role changes for non-local users, avoiding the "mapped user not found" error that would have occurred at line 61. This is a sensible improvement to the homeserver.matrix.room.role handler.
Optionally, consider adding a brief comment to document the intent:
+ // Skip role processing for non-local users if (!allegedUserLocalIsLocal) { return; }
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (4)
apps/meteor/server/services/messages/service.ts(2 hunks)ee/packages/federation-matrix/package.json(1 hunks)ee/packages/federation-matrix/src/events/room.ts(1 hunks)packages/core-services/package.json(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- apps/meteor/server/services/messages/service.ts
| "@rocket.chat/core-typings": "workspace:^", | ||
| "@rocket.chat/emitter": "^0.31.25", | ||
| "@rocket.chat/federation-sdk": "0.1.21", | ||
| "@rocket.chat/federation-sdk": "0.1.23", |
There was a problem hiding this comment.
🧩 Analysis chain
Verify the federation SDK version and check for security advisories.
The version bump from 0.1.21 to 0.1.23 aligns with the PR's dependency on homeserver PR #270. Ensure this version exists and has no known vulnerabilities.
Run the following script to verify the package version:
🏁 Script executed:
#!/bin/bash
# Description: Verify the @rocket.chat/federation-sdk version exists and check for security advisories
# Check if version 0.1.23 exists on npm
npm view @rocket.chat/[email protected] version 2>/dev/null
if [ $? -eq 0 ]; then
echo "✓ Version 0.1.23 exists"
else
echo "✗ Version 0.1.23 not found on npm"
fi
# Check for security advisories using GitHub CLI
gh api graphql -f query='
{
securityVulnerabilities(first: 5, ecosystem: NPM, package: "@rocket.chat/federation-sdk") {
nodes {
advisory {
summary
severity
publishedAt
}
vulnerableVersionRange
firstPatchedVersion {
identifier
}
}
}
}'Length of output: 83
Fix the missing federation-sdk version reference
ee/packages/federation-matrix/package.json references "@rocket.chat/federation-sdk": "0.1.23", but version 0.1.23 isn’t published on npm. Publish v0.1.23 or revert to a published version.
🤖 Prompt for AI Agents
In ee/packages/federation-matrix/package.json around line 41, the dependency
entry references "@rocket.chat/federation-sdk": "0.1.23", which is not published
to npm; update the package.json to point to a published version (e.g., revert to
the latest published tag) or ensure v0.1.23 is published, then run npm install /
yarn to validate; update any lockfiles and CI references accordingly.
There was a problem hiding this comment.
Actionable comments posted: 2
Caution
Some comments are outside the diff and can’t be posted inline due to platform limitations.
⚠️ Outside diff range comments (1)
ee/packages/federation-matrix/src/events/room.ts (1)
9-23: Add early-exit guard for non-local users in thehomeserver.matrix.room.namehandler
Before looking up the user, callconst [allegedUsernameLocal,, allegedUserLocalIsLocal] = getUsernameServername(userId, services.config.serverName); if (!allegedUserLocalIsLocal) { return; }then proceed with
Users.findOneByUsername(allegedUsernameLocal, …). This matches theroom.rolehandler and prevents errors when remote users send name events.
📜 Review details
Configuration used: CodeRabbit UI
Review profile: CHILL
Plan: Pro
Disabled knowledge base sources:
- Jira integration is disabled by default for public repositories
You can enable these sources in your CodeRabbit configuration.
⛔ Files ignored due to path filters (1)
yarn.lockis excluded by!**/yarn.lock,!**/*.lock
📒 Files selected for processing (4)
apps/meteor/server/services/messages/service.ts(2 hunks)ee/packages/federation-matrix/package.json(1 hunks)ee/packages/federation-matrix/src/events/room.ts(1 hunks)packages/core-services/package.json(1 hunks)
🚧 Files skipped from review as they are similar to previous changes (1)
- apps/meteor/server/services/messages/service.ts
🔇 Additional comments (1)
packages/core-services/package.json (1)
38-38: Dependency bump is consistent with federation-matrix package.The
@rocket.chat/federation-sdkupgrade to 0.1.23 mirrors the change inee/packages/federation-matrix/package.json. Please refer to the verification comment on that file to ensure version validity and security.
| "@rocket.chat/core-typings": "workspace:^", | ||
| "@rocket.chat/emitter": "^0.31.25", | ||
| "@rocket.chat/federation-sdk": "0.1.21", | ||
| "@rocket.chat/federation-sdk": "0.1.23", |
There was a problem hiding this comment.
🧩 Analysis chain
Verify the SDK version for validity and security.
Ensure the upgraded @rocket.chat/federation-sdk version 0.1.23 is valid and free from security vulnerabilities. This dependency bump is coordinated with packages/core-services/package.json to enable encrypted message handling.
🏁 Script executed:
#!/bin/bash
# Description: Verify the federation-sdk version and check for security advisories
# Check npm registry for version existence
echo "Checking if @rocket.chat/[email protected] exists..."
npm view @rocket.chat/[email protected] version 2>/dev/null || echo "Version not found or registry unavailable"
# Check for security advisories using GitHub CLI
echo -e "\nChecking for security advisories..."
gh api graphql -f query='
{
securityVulnerabilities(first: 10, ecosystem: NPM, package: "@rocket.chat/federation-sdk") {
nodes {
advisory {
summary
severity
publishedAt
}
vulnerableVersionRange
firstPatchedVersion {
identifier
}
}
}
}'Length of output: 185
Confirm @rocket.chat/[email protected] is published
The npm lookup failed—0.1.23 isn’t available. Publish the release or revert to a published version before merging.
🤖 Prompt for AI Agents
In ee/packages/federation-matrix/package.json around line 41, the dependency
entry for "@rocket.chat/federation-sdk": "0.1.23" points to a version that isn’t
published; verify publication (e.g., npm view
@rocket.chat/[email protected]) and either publish 0.1.23 or change the
package.json to a known-published version (e.g., the last released version),
then update lockfiles (npm/yarn) and run install to ensure resolution before
merging.
…package.json and yarn.lock
ggazzo
force-pushed
the
feat/federation-m.room.enecrypted
branch
from
4c37f1a to
50d1471
Compare
Codecov Report✅ All modified and coverable lines are covered by tests. Additional details and impacted files@@ Coverage Diff @@
## release-7.11.0 #37191 +/- ##
================================================
Coverage 66.36% 66.37%
================================================
Files 3386 3386
Lines 115659 115659
Branches 21507 21364 -143
================================================
+ Hits 76755 76766 +11
+ Misses 36295 36288 -7
+ Partials 2609 2605 -4
Flags with carried forward coverage won't be shown. Click here to find out more. 🚀 New features to boost your workflow:
|
ggazzo
force-pushed
the
feat/federation-m.room.enecrypted
branch
from
50d1471 to
23dcbd8
Compare
https://rocketchat.atlassian.net/browse/FDR-195
Depends on RocketChat/homeserver#270
Proposed changes (including videos or screenshots)
Issue(s)
Steps to test or reproduce
Further comments
Summary by CodeRabbit
New Features
Improvements
Chores