Skip to content

Add rate limit conf to user directory endpoint#19291

Merged
MadLittleMods merged 3 commits into
element-hq:developfrom
tchapgouv:rc-search
Jan 5, 2026
Merged

Add rate limit conf to user directory endpoint#19291
MadLittleMods merged 3 commits into
element-hq:developfrom
tchapgouv:rc-search

Conversation

@MatMaul
Copy link
Copy Markdown
Contributor

@MatMaul MatMaul commented Dec 9, 2025
edited
Loading

The goal is to avoid that an user could scrape the user directory too quickly.

Pull Request Checklist

  • Pull request is based on the develop branch
  • Pull request includes a changelog file. The entry should:
    • Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from EventStore to EventWorkerStore.".
    • Use markdown where necessary, mostly for code blocks.
    • End with either a period (.) or an exclamation mark (!).
    • Start with a capital letter.
    • Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry.
  • Code style is correct (run the linters)

@MatMaul MatMaul force-pushed the rc-search branch 2 times, most recently from 67eac2f to 151b288 Compare December 9, 2025 13:57
@MatMaul MatMaul marked this pull request as ready for review December 9, 2025 14:32
@MatMaul MatMaul requested a review from a team as a code owner December 9, 2025 14:32
MadLittleMods
MadLittleMods approved these changes Dec 17, 2025
View reviewed changes
Copy link
Copy Markdown
Contributor

@MadLittleMods MadLittleMods left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Seems reasonable

Comment thread changelog.d/19291.misc
@@ -0,0 +1 @@
Add a config to be able to rate limit search in the user directory.
Copy link
Copy Markdown
Contributor

@MadLittleMods MadLittleMods Dec 17, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

What's spawning this change?

Copy link
Copy Markdown
Contributor Author

@MatMaul MatMaul Dec 23, 2025
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The goal is to avoid that an user could scrape the user directory too quickly.

Comment thread synapse/config/ratelimiting.py Outdated
Comment thread synapse/rest/client/user_directory.py
MadLittleMods
MadLittleMods reviewed Dec 23, 2025
View reviewed changes
Comment thread docs/usage/configuration/config_documentation.md
@MatMaul MatMaul requested a review from MadLittleMods January 5, 2026 17:59
@MadLittleMods MadLittleMods merged commit 444bc56 into element-hq:develop Jan 5, 2026
45 checks passed
@FrenchGithubUser FrenchGithubUser mentioned this pull request Jan 16, 2026
Merged
FrenchGithubUser added a commit to famedly/synapse that referenced this pull request Jan 19, 2026
@FrenchGithubUser
Famedly Release/v1.145 (#230)
a57d85d 
# Famedly Synapse Release v1.145.0_1

### Famedly Additions for v1.145.0_1
- fix: typo in changelog (FrenchGithubUser)
- chore: remove dependabot config as we use renovate instead
(FrenchGithubUser)
- chore: bump Github actions versions in Famedly workflows
([\#229](#229)) (jason-famedly)

Checklist:
- depends on: famedly/complement#9

### Notes for Famedly:

- **Add memberships endpoint to the admin API. This is useful for
forensics and T&S purposes.
(element-hq/synapse#19260
- **Server admins can bypass the quarantine media check when downloading
media by setting the admin_unsafely_bypass_quarantine query parameter to
true on Client-Server API media download requests.
(element-hq/synapse#19275
- **Admin API: add worker support to GET
/_synapse/admin/v2/users/<user_id>.
(element-hq/synapse#19281
- **Add rate limit conf to user directory endpoint
(element-hq/synapse#19291
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@MadLittleMods MadLittleMods MadLittleMods approved these changes

Assignees

No one assigned

Labels

A-Config A-Rate-Limit A-User-Directory

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@MatMaul @MadLittleMods