No description
- Python 99.6%
- Shell 0.4%
|
Some checks failed
Docker Integration / docker-integration (push) Failing after 2m22s
Tests and Coverage / test (3.11) (push) Failing after 7s
Tests and Coverage / test (3.12) (push) Failing after 7s
Tests and Coverage / test (3.13) (push) Failing after 7s
Tests and Coverage / test (3.14) (push) Failing after 7s
* feat: add Matrix E2EE key management to sync loop, E2EE diagnostics, operator runbook, and Docker encrypted room smoke tests Root cause: manual sync loop omitted keys_upload/query/claim/send_to_device operations that nio sync_forever performs. Without device key upload, key query, one-time key claim, and to-device message handling, Megolm room keys were never received and all encrypted events arrived undecryptable. - Add keys_upload/query/claim/send_to_device after each sync iteration - Add full_state=True on initial sync so nio learns encrypted room state - Add active key request on live undecryptable MegolmEvent (async) - Harden E2EE diagnostics: 7 new fields (olm_loaded, store_loaded, device_keys_uploaded, key_query_needed, device_id_in_use, store_path_exists, initial_sync_completed) - Fix crypto_store_loaded: was always True, now checks actual Olm/store - Gate client attribute checks behind _crypto_enabled for plaintext mode - Verify client.olm/store after restore_login, disable crypto if None - Update adapter.py diagnostics wiring for all new fields - Expand matrix-alpha-operation.md with encrypted room troubleshooting runbook (7-step procedure) and E2EE key chain debugging - Add diagnostics fields to contract 29 - Add Docker Synapse E2EE smoke test harness with encrypted room fixture, device_id capture, and 3 gated tests (encrypted room creation, message decryption, diagnostics verification) * fix: move initial_sync_done after successful response, correct E2EE helper docstring Oracle review nits: - _initial_sync_done now set only after successful sync response with next_batch, so a failed first sync retries with full_state=True. - send_encrypted_message_as_test_user docstring corrected: clarifies it sends plaintext (does NOT exercise Megolm decryption). * chore: fix duplicate section 13 numbering in matrix-alpha-operation.md Renumber 'E2EE Text Alpha' from ## 13 to ## 15 (and subsections 13.x to 15.x) so top-level sections are monotonic after ## 14. * feat(matrix): implement E2EE key management in sync loop and add integration tests Integrate end-to-end encryption (E2EE) lifecycle management into the Matrix sync loop and expand the test suite to support genuine client-side Megolm encryption validation. Key changes: - Implement automated key management (upload, query, claim, and device message processing) within the `MatrixSession` sync loop. - Ensure initial sync uses `full_state=True` to correctly discover encrypted room states. - Add `E2EETestEnvironment` to `conftest.py` to manage a secondary `nio.AsyncClient` for simulating real encrypted message traffic. - Introduce `send_client_side_encrypted_message` helper for integration testing. - Add smoke tests in `test_synapse_e2ee_smoke.py` to verify the full decryption pipeline against a Docker Synapse instance. - Add unit tests for `MatrixSession` to verify `full_state` retry semantics and sync loop robustness. - Update diagnostics contracts and operational runbooks to reflect new E2EE state fields and troubleshooting steps. * refactor(matrix): refine E2EE integration and test stability Improve the robustness of the E2EE lifecycle within the Matrix adapter and enhance the reliability of integration tests. Key changes: - Refine `MatrixSession` key request error handling with debug logging. - Enhance `E2EETestEnvironment` to include key claiming and to-device message processing to better simulate real client behavior. - Replace fixed sleeps in `test_synapse_e2ee_smoke.py` with diagnostic- driven polling for improved test speed and reliability. - Update documentation and installation instructions to use the `[matrix-e2e]` extra. - Adjust resource containment tests to allow legitimate E2EE diagnostic fields. - Fix minor docstring inaccuracies and section references in runbooks. * test(integration): update synapse e2ee test room visibility Change the test room preset from `private_chat` to `public_chat` in the `synapse_e2ee_env` fixture to ensure consistent behavior during integration testing. * docs: update matrix E2EE validation evidence and harden session security Update documentation to reflect successful Docker Synapse E2EE integration tests and implement security/stability improvements in the Matrix adapter. - docs: record 3/3 pass for Docker Synapse E2EE harness in STATUS.md, maturity contracts, and operational runbooks. - src: implement fail-closed logic in MatrixSession when `e2ee_required` is set but crypto subsystems fail to load. - src: prevent leaking raw Megolm session IDs in logs by using SHA-256 truncated tags. - test: add unit tests for E2EE fail-closed behavior and optional fallback logic. - test: improve exception safety and teardown robustness in `test_synapse_e2ee_smoke.py`. * fix(matrix): disambiguate E2EE initialization failures Improve error granularity during session startup by distinguishing between Olm subsystem failures and crypto store loading issues. Also updates logging to use session tags and refines test/documentation coverage. - src: implement specific error messages for Olm vs store failures - src: replace raw Megolm session IDs with session tags in debug logs - test: update E2EE fail-closed test assertions to match new error strings - docs: update live test harness notes with recent Synapse E2EE results |
||
|---|---|---|
| .github/workflows | ||
| .trunk | ||
| docs | ||
| examples | ||
| scripts | ||
| src/medre | ||
| tests | ||
| .bandit.yaml | ||
| .coderabbit.yml | ||
| .coveragerc | ||
| .gitignore | ||
| codecov.yml | ||
| docker-compose.integration.yaml | ||
| LICENSE | ||
| pyproject.toml | ||
| README.md | ||
| renovate.json | ||
MEDRE — Modular Event-driven Routing Engine
Pre-release. No stable public API. Not production-ready. Everything is subject to change without notice.
Routes events between transport adapters (Matrix, Meshtastic, MeshCore, LXMF) through a codec → renderer → session pipeline with an optional config-file-first runtime.
- Install / dev setup:
docs/runbooks/developer-environment.md - Transport maturity:
docs/STATUS.md - License:
LICENSE