mirror of
https://github.com/matrix-org/matrix-js-sdk.git
synced 2025-06-08 15:21:53 +03:00
b1445d7457
* Update all non-major dependencies * Prettier Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> --------- Signed-off-by: Michael Telatynski <7t3chguy@gmail.com> Co-authored-by: renovate[bot] <29139614+renovate[bot]@users.noreply.github.com> Co-authored-by: Michael Telatynski <7t3chguy@gmail.com>
30 lines
1.4 KiB
Markdown
30 lines
1.4 KiB
Markdown
Random notes from Matthew on the two possible approaches for warning users about unexpected
|
|
unverified devices popping up in their rooms....
|
|
|
|
# Original idea...
|
|
|
|
Warn when an existing user adds an unknown device to a room.
|
|
|
|
Warn when a user joins the room with unverified or unknown devices.
|
|
|
|
Warn when you initial sync if the room has any unverified devices in it.
|
|
^ this is good enough if we're doing local storage.
|
|
OR, better:
|
|
Warn when you initial sync if the room has any new undefined devices since you were last there.
|
|
=> This means persisting the rooms that devices are in, across initial syncs.
|
|
|
|
# Updated idea...
|
|
|
|
Warn when the user tries to send a message:
|
|
|
|
- If the room has unverified devices which the user has not yet been told about in the context of this room
|
|
...or in the context of this user? currently all verification is per-user, not per-room.
|
|
...this should be good enough.
|
|
|
|
- so track whether we have warned the user or not about unverified devices - blocked, unverified, verified, unverified_warned.
|
|
throw an error when trying to encrypt if there are pure unverified devices there
|
|
app will have to search for the devices which are pure unverified to warn about them - have to do this from MembersList anyway?
|
|
- or megolm could warn which devices are causing the problems.
|
|
|
|
Why do we wait to establish outbound sessions? It just makes a horrible pause when we first try to send a message... but could otherwise unnecessarily consume resources?
|