diff --git a/pyproject.toml b/pyproject.toml
index 86e1537a6d..b22172291a 100644
--- a/pyproject.toml
+++ b/pyproject.toml
@@ -35,7 +35,7 @@
showcontent = true
[tool.black]
-target-version = ['py37', 'py38', 'py39', 'py310']
+target-version = ['py38', 'py39', 'py310', 'py311']
# black ignores everything in .gitignore by default, see
# https://black.readthedocs.io/en/stable/usage_and_configuration/file_collection_and_discovery.html#gitignore
# Use `extend-exclude` if you want to exclude something in addition to this.
@@ -43,33 +43,39 @@ target-version = ['py37', 'py38', 'py39', 'py310']
[tool.ruff]
line-length = 88
-# See https://github.com/charliermarsh/ruff/#pycodestyle
+# See https://beta.ruff.rs/docs/rules/#error-e
# for error codes. The ones we ignore are:
-# E731: do not assign a lambda expression, use a def
# E501: Line too long (black enforces this for us)
+# E731: do not assign a lambda expression, use a def
#
# flake8-bugbear compatible checks. Its error codes are described at
-# https://github.com/charliermarsh/ruff/#flake8-bugbear
-# B019: Use of functools.lru_cache or functools.cache on methods can lead to memory leaks
+# https://beta.ruff.rs/docs/rules/#flake8-bugbear-b
# B023: Functions defined inside a loop must not use variables redefined in the loop
-# B024: Abstract base class with no abstract method.
ignore = [
- "B019",
"B023",
- "B024",
"E501",
"E731",
]
select = [
- # pycodestyle checks.
+ # pycodestyle
"E",
"W",
- # pyflakes checks.
+ # pyflakes
"F",
- # flake8-bugbear checks.
+ # flake8-bugbear
"B0",
- # flake8-comprehensions checks.
+ # flake8-comprehensions
"C4",
+ # flake8-2020
+ "YTT",
+ # flake8-slots
+ "SLOT",
+ # flake8-debugger
+ "T10",
+ # flake8-pie
+ "PIE",
+ # flake8-executable
+ "EXE",
]
[tool.isort]
@@ -86,10 +92,11 @@ skip_gitignore = true
[tool.maturin]
manifest-path = "rust/Cargo.toml"
+module-name = "synapse.synapse_rust"
[tool.poetry]
name = "matrix-synapse"
-version = "1.84.0rc1"
+version = "1.94.0rc1"
description = "Homeserver for the Matrix decentralised comms protocol"
authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
license = "Apache-2.0"
@@ -147,7 +154,7 @@ synapse_review_recent_signups = "synapse._scripts.review_recent_signups:main"
update_synapse_database = "synapse._scripts.update_synapse_database:main"
[tool.poetry.dependencies]
-python = "^3.7.1"
+python = "^3.8.0"
# Mandatory Dependencies
# ----------------------
@@ -174,7 +181,9 @@ PyYAML = ">=3.13"
pyasn1 = ">=0.1.9"
pyasn1-modules = ">=0.0.7"
bcrypt = ">=3.1.7"
-Pillow = ">=5.4.0"
+# 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863.
+# Packagers that already took care of libwebp can lower that down to 5.4.0.
+Pillow = ">=10.0.1"
# We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2.
sortedcontainers = ">=1.5.2"
pymacaroons = ">=0.13.0"
@@ -201,13 +210,11 @@ cryptography = ">=3.4.7"
# ijson 3.1.4 fixes a bug with "." in property names
ijson = ">=3.1.4"
matrix-common = "^1.3.0"
-# We need packaging.requirements.Requirement, added in 16.1.
-packaging = ">=16.1"
-# At the time of writing, we only use functions from the version `importlib.metadata`
-# which shipped in Python 3.8. This corresponds to version 1.4 of the backport.
-importlib_metadata = { version = ">=1.4", python = "<3.8" }
-# This is the most recent version of Pydantic with available on common distros.
-pydantic = ">=1.7.4"
+# We need packaging.verison.Version(...).major added in 20.0.
+packaging = ">=20.0"
+# We support pydantic v1 and pydantic v2 via the pydantic.v1 compat module.
+# See https://github.com/matrix-org/synapse/issues/15858
+pydantic = ">=1.7.4, <3"
# This is for building the rust components during "poetry install", which
# currently ignores the `build-system.requires` directive (c.f.
@@ -308,12 +315,18 @@ all = [
]
[tool.poetry.dev-dependencies]
-# We pin black so that our tests don't start failing on new releases.
+# We pin development dependencies in poetry.lock so that our tests don't start
+# failing on new releases. Keeping lower bounds loose here means that dependabot
+# can bump versions without having to update the content-hash in the lockfile.
+# This helps prevents merge conflicts when running a batch of dependabot updates.
isort = ">=5.10.1"
-black = ">=22.3.0"
-ruff = "0.0.265"
+black = ">=22.7.0"
+ruff = "0.0.290"
+# Type checking only works with the pydantic.v1 compat module from pydantic v2
+pydantic = "^2"
# Typechecking
+lxml-stubs = ">=0.4.0"
mypy = "*"
mypy-zope = "*"
types-bleach = ">=4.1.0"
@@ -368,13 +381,21 @@ furo = ">=2022.12.7,<2024.0.0"
# system changes.
# We are happy to raise these upper bounds upon request,
# provided we check that it's safe to do so (i.e. that CI passes).
-requires = ["poetry-core>=1.1.0,<=1.6.0", "setuptools_rust>=1.3,<=1.6.0"]
+requires = ["poetry-core>=1.1.0,<=1.7.0", "setuptools_rust>=1.3,<=1.7.0"]
build-backend = "poetry.core.masonry.api"
[tool.cibuildwheel]
# Skip unsupported platforms (by us or by Rust).
-skip = "cp36* *-musllinux_i686 pp*aarch64 *-musllinux_aarch64"
+# See https://cibuildwheel.readthedocs.io/en/stable/options/#build-skip for the list of build targets.
+# We skip:
+# - CPython 3.6 and 3.7: EOLed
+# - PyPy 3.7: we only support Python 3.8+
+# - musllinux i686: excluded to reduce number of wheels we build.
+# c.f. https://github.com/matrix-org/synapse/pull/12595#discussion_r963107677
+# - PyPy on Aarch64 and musllinux on aarch64: too slow to build.
+# c.f. https://github.com/matrix-org/synapse/pull/14259
+skip = "cp36* cp37* pp37* *-musllinux_i686 pp*aarch64 *-musllinux_aarch64"
# We need a rust compiler
before-all = "curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain stable -y --profile minimal"
|
