github Skylar-Tech/node-red-contrib-matrix-chat v1.0.0-beta.1
on GitHub

pre-release6 hours ago

⚠️ This is a beta release of v1.0.0, published for testing ahead of the stable release.

Install it with: 

npm install node-red-contrib-matrix-chat@beta

This will not affect anyone on the current stable release (npm install node-red-contrib-matrix-chat still installs the latest stable).

Please test it and report any problems. Full pull request and discussion: #142

This is a huge release — the one we have been holding the 1.0.0 milestone
for. node-red-contrib-matrix-chat can now do device verification, cross-signing,
secure backup, and session management, all from the server config node. With
those finally in place, the module graduates to v1.0.0.

Encryption, Verification & Sessions

  • End-to-end encryption now runs on the Rust crypto stack. matrix-js-sdk
    removed the legacy libolm crypto upstream, so the module migrates to Rust
    crypto; existing crypto state is migrated automatically the first time a bot
    starts after upgrading. #122
  • Cross-signing & secure backup — a new Set up secure backup &
    cross-signing     button on the server config node. Unlock an existing secure
    backup with its recovery key, or create a fresh one; afterwards the bot's own
    device is cross-signed and shows as verified to others.
  • Device verification — verify devices two ways: #124 #87
    • the new Pending verification requests button on the server config node
      lists incoming requests and walks you through the SAS (emoji) check, no flow
      required;
    • or build your own flow with the new matrix-verification /
      matrix-verification-action nodes.
  • Session management — a new Manage sessions button on the server config
    node, modelled on Element's session manager: list the account's sessions with
    verified/unverified shields, verify them, rename them, or remove ones you
    don't recognize.

New Nodes

  • Verification (matrix-verification) — emits incoming device verification
    requests and phase changes, with on-node filters for phase, initiated-by,
    type, self-verification, a user allowlist, and room. #87
  • Verification Action (matrix-verification-action) — request, accept,
    start SAS, confirm, reject, or cancel a verification.

Improvements

  • Homeserver URLs are resolved via .well-known, so a delegating domain
    (e.g. example.org) works as the configured server URL.
  • Media is fetched from the authenticated media endpoints, with an automatic
    fallback between the v3 and v1 media endpoints.
  • Connection and auth errors are now surfaced in the Node-RED log instead of
    being silently swallowed.
  • The server config setup tools open as proper modal dialogs.
  • Added a device verification example flow and refreshed the README and node
    documentation.

Bug Fixes

  • Get User node now awaits the profile/presence lookups, so the server-side
    fallback works.
  • Invite Room node passes the invite reason correctly.

Breaking Changes

  • Node.js 22 or newer is now required — a requirement of the upgraded
    matrix-js-sdk.
  • E2EE moved to Rust crypto; legacy libolm crypto state is migrated
    automatically on first start.

Security & Dependency Updates

  • Upgraded matrix-js-sdk from 34.13.0 to 41.5.0.
  • Removed the olm dependency (legacy crypto only); added fake-indexeddb.

All Changes

  • Upgrade matrix-js-sdk 34.13.0 -> 41.5.0 and migrate E2EE to the Rust crypto stack
  • Require Node.js 22+; remove the olm dependency and add fake-indexeddb
  • Persist the Rust crypto store to disk so encryption state survives restarts
  • Migrate existing libolm crypto state to the Rust store on first run
  • Detect device ID changes and discard a stale crypto store
  • Resolve homeservers via .well-known discovery
  • New matrix-verification and matrix-verification-action nodes
  • Add cross-signing & secure backup setup (unlock or reset) on the server config node
  • Add a pending verification request list on the server config node
  • Add a session manager on the server config node (list / verify / rename / remove sessions)
  • Use the authenticated media endpoints with a v3/v1 fallback
  • Surface connection and auth errors in the log instead of suppressing them
  • Get User node: await getProfileInfo() / getPresence()
  • Invite Room node: pass the reason argument correctly
  • Add a device verification example flow; update the READMEs and node help

Closes #87, closes #122, closes #124

Check out latest releases or
releases around Skylar-Tech/node-red-contrib-matrix-chat v1.0.0-beta.1

Don't miss a new node-red-contrib-matrix-chat release

NewReleases is sending notifications on new releases.

Get notifications