summary refs log tree commit diff
path: root/changelog.d/16326.misc (unfollow)
Commit message (Collapse)AuthorFilesLines
2024-04-251.106.0rc1Olivier 'reivilibre18-16/+49
2024-04-25Redact membership events if the user requested erasure upon deactivating ↵Till4-1/+72
(#17076) Fixes #15355 by redacting all membership events before leaving rooms.
2024-04-25MSC4108 implementation (#17056)Quentin Gliech17-9/+1120
Co-authored-by: Hugh Nimmo-Smith <hughns@element.io> Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-04-25Add type annotation to `visited_chains` (#17125)Andrew Morgan2-1/+2
This should fix CI on `develop`. Broke in https://github.com/element-hq/synapse/commit/0fe9e1f7dafa80f3e02762f7ae75cefee5b3316c, presumably due to a `mypy` dependency upgrade.
2024-04-23Send an email if the address is already bound to an user account (#16819)mcalinghee7-2/+70
Co-authored-by: Mathieu Velten <mathieu.velten@beta.gouv.fr> Co-authored-by: Olivier D <odelcroi@gmail.com>
2024-04-231.105.1 v1.105.1 github/release-v1.105 release-v1.105Erik Johnston4-2/+21
2024-04-23Fix GHSA-3h7q-rfh9-xm4vErik Johnston4-104/+117
Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage. A remote Matrix user with malicious intent, sharing a room with Synapse instances before 1.104.1, can dispatch specially crafted events to exploit a weakness in how the auth chain cover index is calculated. This can induce high CPU consumption and accumulate excessive data in the database of such instances, resulting in a denial of service. Servers in private federations, or those that do not federate, are not affected.
2024-04-19Add an OSX prompt to manually configure icu4c. (#17069)Neil Johnson2-0/+3
Documentation fix.
2024-04-19Clarify what part of message retention is still experimental (#17099)devonh2-2/+5
### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [X] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [X] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-04-19Bump types-pillow from 10.2.0.20240406 to 10.2.0.20240415 (#17090)dependabot[bot]1-3/+3
Bumps [types-pillow](https://github.com/python/typeshed) from 10.2.0.20240406 to 10.2.0.20240415. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/python/typeshed/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-pillow&package-manager=pip&previous-version=10.2.0.20240406&new-version=10.2.0.20240415)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump peaceiris/actions-gh-pages from 3.9.3 to 4.0.0 (#17087)dependabot[bot]1-2/+2
Bumps [peaceiris/actions-gh-pages](https://github.com/peaceiris/actions-gh-pages) from 3.9.3 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peaceiris/actions-gh-pages/releases">peaceiris/actions-gh-pages's releases</a>.</em></p> <blockquote> <h2>actions-github-pages v4.0.0</h2> <p>See <a href="https://github.com/peaceiris/actions-gh-pages/blob/v4.0.0/CHANGELOG.md">CHANGELOG.md</a> for more details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/peaceiris/actions-gh-pages/blob/main/CHANGELOG.md">peaceiris/actions-gh-pages's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p> <h1><a href="https://github.com/peaceiris/actions-gh-pages/compare/v3.9.3...v4.0.0">4.0.0</a> (2024-04-08)</h1> <h3>build</h3> <ul> <li>node 20.11.1 (<a href="https://github.com/peaceiris/actions-gh-pages/commit/5049354438ced05ab8a5da89ef20fd8efff107c7">5049354</a>)</li> </ul> <h3>chore</h3> <ul> <li>bump node16 to node20 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1067">#1067</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/4eb285e828117bca26638192c3ed309c622e7bad">4eb285e</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1067">#1067</a></li> <li>downgrade engines.npm to 8.0.0 (<a href="https://github.com/peaceiris/actions-gh-pages/commit/87231bc03a428df52f90a00b3b9e6bef82f7daf9">87231bc</a>)</li> </ul> <h3>ci</h3> <ul> <li>pin node-version to 18 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/981">#981</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/65ebf11929c082120c54719c87069f0827d2084c">65ebf11</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/981">#981</a></li> </ul> <h3>docs</h3> <ul> <li>add Release Strategy (<a href="https://github.com/peaceiris/actions-gh-pages/commit/67f80d94a1668353e4733223685dcb84340c44b5">67f80d9</a>)</li> <li>fix link to Nuxt github-pages (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/980">#980</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/88b4d2aa927893f8976712406df9928468be3c88">88b4d2a</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/980">#980</a></li> <li>remove braces in if conditions (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/920">#920</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/0fbd12244217a1fa04396b8a52d911a436893771">0fbd122</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/920">#920</a></li> </ul> <h2><a href="https://github.com/peaceiris/actions-gh-pages/compare/v3.9.2...v3.9.3">3.9.3</a> (2023-03-30)</h2> <h3>docs</h3> <ul> <li>fix typo, bump hugo version (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/851">#851</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/884a0224fd48faeb3bde89519e9d612d0585a679">884a022</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/851">#851</a></li> </ul> <h3>fix</h3> <ul> <li>fix error handling (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/841">#841</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/32e33dcd3ae1d0cf56ac5a88267de6cbf0359353">32e33dc</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/841">#841</a></li> <li>update known_hosts (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/871">#871</a>) (<a href="https://github.com/peaceiris/actions-gh-pages/commit/31c15f03292ac100ae41a50fd3055e00d1b11a32">31c15f0</a>), closes <a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/871">#871</a></li> </ul> <h2><a href="https://github.com/peaceiris/actions-gh-pages/compare/v3.9.1...v3.9.2">3.9.2</a> (2023-01-17)</h2> <h3>chore</h3> <ul> <li>rename cicd (<a href="https://github.com/peaceiris/actions-gh-pages/commit/32c9288f553bbcbf66869cf553c82754431faf03">32c9288</a>)</li> <li>replace npm ci with install (<a href="https://github.com/peaceiris/actions-gh-pages/commit/983978086a87d25a1ff678aa1ef4c2acc413784a">9839780</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/4f9cc6602d3f66b9c108549d475ec49e8ef4d45e"><code>4f9cc66</code></a> chore(release): 4.0.0</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/9c75028a530dcac84f98f83ac112b3ecc5eec533"><code>9c75028</code></a> chore(release): Add build assets</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/5049354438ced05ab8a5da89ef20fd8efff107c7"><code>5049354</code></a> build: node 20.11.1</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/4eb285e828117bca26638192c3ed309c622e7bad"><code>4eb285e</code></a> chore: bump node16 to node20 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1067">#1067</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/cdc09a3baa7eac9b40de1dfa92172d75ca5bca5a"><code>cdc09a3</code></a> chore(deps): update dependency <code>@​types/node</code> to v16.18.77 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1065">#1065</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/d830378ec6ffd7f902a3427b78b7941511f64de3"><code>d830378</code></a> chore(deps): update dependency <code>@​types/node</code> to v16.18.76 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1063">#1063</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/80daa1d14446ef560c4b984b37ac7668a7db0ab4"><code>80daa1d</code></a> chore(deps): update dependency <code>@​types/node</code> to v16.18.75 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1061">#1061</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/108285e909b33bc551c67972cdbdbee53b17a112"><code>108285e</code></a> chore(deps): update dependency ts-jest to v29.1.2 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1060">#1060</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/99c95ff54e31aa8b98a1f45d98910a945931c89c"><code>99c95ff</code></a> chore(deps): update dependency <code>@​types/node</code> to v16.18.74 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1058">#1058</a>)</li> <li><a href="https://github.com/peaceiris/actions-gh-pages/commit/1f4653792dc64b25bbf4a3490ae085a487673e55"><code>1f46537</code></a> chore(deps): update dependency <code>@​types/node</code> to v16.18.73 (<a href="https://redirect.github.com/peaceiris/actions-gh-pages/issues/1057">#1057</a>)</li> <li>Additional commits viewable in <a href="https://github.com/peaceiris/actions-gh-pages/compare/373f7f263a76c20808c831209c920827a82a2847...4f9cc6602d3f66b9c108549d475ec49e8ef4d45e">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peaceiris/actions-gh-pages&package-manager=github_actions&previous-version=3.9.3&new-version=4.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump sigstore/cosign-installer from 3.4.0 to 3.5.0 (#17088)dependabot[bot]1-1/+1
Bumps [sigstore/cosign-installer](https://github.com/sigstore/cosign-installer) from 3.4.0 to 3.5.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/sigstore/cosign-installer/releases">sigstore/cosign-installer's releases</a>.</em></p> <blockquote> <h2>v3.5.0</h2> <h2>What's Changed</h2> <ul> <li>Bump actions/checkout from 4.1.1 to 4.1.2 by <a href="https://github.com/dependabot"><code>@​dependabot</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/157">sigstore/cosign-installer#157</a></li> <li>use go 1.22 now by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/160">sigstore/cosign-installer#160</a></li> <li>bump default version to v2.2.4, prep for v3.5.0 release by <a href="https://github.com/bobcallaway"><code>@​bobcallaway</code></a> in <a href="https://redirect.github.com/sigstore/cosign-installer/pull/159">sigstore/cosign-installer#159</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0">https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/sigstore/cosign-installer/commit/59acb6260d9c0ba8f4a2f9d9b48431a222b68e20"><code>59acb62</code></a> bump default version to v2.2.4, prep for v3.5.0 release (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/159">#159</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/22be4ce325f454c874ccf89af51803efd4e85129"><code>22be4ce</code></a> use go 1.22 now (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/160">#160</a>)</li> <li><a href="https://github.com/sigstore/cosign-installer/commit/162dfdf7b9ab8be88c95b4fc982792c4c273e27a"><code>162dfdf</code></a> Bump actions/checkout from 4.1.1 to 4.1.2 (<a href="https://redirect.github.com/sigstore/cosign-installer/issues/157">#157</a>)</li> <li>See full diff in <a href="https://github.com/sigstore/cosign-installer/compare/v3.4.0...v3.5.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sigstore/cosign-installer&package-manager=github_actions&previous-version=3.4.0&new-version=3.5.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump peaceiris/actions-mdbook from 1.2.0 to 2.0.0 (#17089)dependabot[bot]2-3/+3
Bumps [peaceiris/actions-mdbook](https://github.com/peaceiris/actions-mdbook) from 1.2.0 to 2.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/peaceiris/actions-mdbook/releases">peaceiris/actions-mdbook's releases</a>.</em></p> <blockquote> <h2>actions-mdbook v2.0.0</h2> <p>See <a href="https://github.com/peaceiris/actions-mdbook/blob/v2.0.0/CHANGELOG.md">CHANGELOG.md</a> for more details.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/peaceiris/actions-mdbook/blob/main/CHANGELOG.md">peaceiris/actions-mdbook's changelog</a>.</em></p> <blockquote> <h1>Changelog</h1> <p>All notable changes to this project will be documented in this file. See <a href="https://github.com/conventional-changelog/standard-version">standard-version</a> for commit guidelines.</p> <h1><a href="https://github.com/peaceiris/actions-mdbook/compare/v1.2.0...v2.0.0">2.0.0</a> (2024-04-08)</h1> <h3>build</h3> <ul> <li>bump node to 20.12.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/504">#504</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/cb4d902e118c7404c24c2a59b5a619e363e0eed9">cb4d902</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/504">#504</a></li> </ul> <h3>chore</h3> <ul> <li>revert build (<a href="https://github.com/peaceiris/actions-mdbook/commit/c95f05c7f61f6cc7b1abfc2aa4e2fb293c2e0bb7">c95f05c</a>)</li> </ul> <h3>ci</h3> <ul> <li>bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/487">#487</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/c0c1ffeeae553a80d23fe6c4d903f04c20d1efd4">c0c1ffe</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/487">#487</a></li> <li>bump actions/dependency-review-action from 2.5.0 to 2.5.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/470">#470</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/e8a2552a1a7d3b89458037a44425d39e11b3bbed">e8a2552</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/470">#470</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/290">#290</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/300">#300</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/299">#299</a></li> <li>bump actions/dependency-review-action from 2.5.1 to 3.0.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/472">#472</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/9a6ded1ce6570d9297f3dd08d97553ce8d75e819">9a6ded1</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/472">#472</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/327">#327</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/324">#324</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/325">#325</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/326">#326</a></li> <li>bump actions/dependency-review-action from 3.0.0 to 3.0.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/473">#473</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/939fe7600f5ad73a71889ae9ca327d9c349c1c18">939fe76</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/473">#473</a></li> <li>bump actions/dependency-review-action from 3.0.1 to 3.0.2 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/474">#474</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/404c95aeedbdb24218df5d3a02dd1d639ad7ff0c">404c95a</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/474">#474</a></li> <li>bump actions/dependency-review-action from 3.0.2 to 3.0.3 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/476">#476</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/665e827a09abcfcdfd28e990de96c279f3ba82ee">665e827</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/476">#476</a></li> <li>bump actions/dependency-review-action from 3.0.3 to 3.0.4 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/479">#479</a>)Co-authored-by: dependabot[bot] <!-- raw HTML omitted --> (<a href="https://github.com/peaceiris/actions-mdbook/commit/9d85c8a72133d66cedafb696236491618b032939">9d85c8a</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/479">#479</a></li> <li>bump actions/dependency-review-action from 3.0.4 to 3.0.6 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/480">#480</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/a1c0a098b8e4a05cb9b25c79af285b6d171dc347">a1c0a09</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/480">#480</a></li> <li>bump actions/dependency-review-action from 3.0.6 to 3.0.7 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/483">#483</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/2987c698ee6c43d5353d672c5768d315a5701d02">2987c69</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/483">#483</a></li> <li>bump actions/dependency-review-action from 3.0.7 to 3.0.8 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/485">#485</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/162a198ca6534c7c8ba31c16e3e14282ca751364">162a198</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/485">#485</a></li> <li>bump actions/dependency-review-action from 3.0.8 to 3.1.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/488">#488</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/60cc2ffbc1a8ee8273b736332bd9729fad7aeecd">60cc2ff</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/488">#488</a></li> <li>bump actions/setup-node from 3.5.1 to 3.6.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/475">#475</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/10da3f536471b3cbb0c31eeddbe3b692648b6db2">10da3f5</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/475">#475</a></li> <li>bump actions/setup-node from 3.6.0 to 3.7.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/481">#481</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/334df4e551c395d0298645134ebb34a0a5036b3b">334df4e</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/481">#481</a></li> <li>bump actions/setup-node from 3.7.0 to 3.8.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/484">#484</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/fe519205c007d9337f4c2d3d912636b398d6f32c">fe51920</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/484">#484</a></li> <li>bump actions/setup-node from 3.8.0 to 3.8.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/486">#486</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/c6c9e0f19326d4f3e7bbd16d49393d427fc06353">c6c9e0f</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/486">#486</a></li> <li>bump codecov/codecov-action from 3 to 4 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/490">#490</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/7b0c98f8f3651db1bc6fd2a3d32031214fe04bd6">7b0c98f</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/490">#490</a></li> <li>bump github/codeql-action from 1 to 2 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/440">#440</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/7ce6923a7b5ce037d560297e4c5a8a8c7216462d">7ce6923</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/440">#440</a></li> <li>bump peaceiris/actions-mdbook from 1.1.14 to 1.2.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/469">#469</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/59732c82f285d3a185e3bce974c59fac83c6be3e">59732c8</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/469">#469</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/397">#397</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/397">#397</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/385">#385</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/385">#385</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/407">#407</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/407">#407</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/409">#409</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/409">#409</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/424">#424</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/424">#424</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/463">#463</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/463">#463</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/393">#393</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/393">#393</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/395">#395</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/395">#395</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/399">#399</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/399">#399</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/400">#400</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/400">#400</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/405">#405</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/405">#405</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/411">#411</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/411">#411</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/412">#412</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/412">#412</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/416">#416</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/416">#416</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/435">#435</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/435">#435</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/438">#438</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/438">#438</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/456">#456</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/456">#456</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/460">#460</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/460">#460</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/462">#462</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/462">#462</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/371">#371</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/371">#371</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/437">#437</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/437">#437</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/392">#392</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/392">#392</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/394">#394</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/394">#394</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/396">#396</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/396">#396</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/402">#402</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/402">#402</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/404">#404</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/404">#404</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/436">#436</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/436">#436</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/373">#373</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/373">#373</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/374">#374</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/374">#374</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/377">#377</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/377">#377</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/380">#380</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/380">#380</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/381">#381</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/381">#381</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/383">#383</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/383">#383</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/384">#384</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/384">#384</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/382">#382</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/382">#382</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/466">#466</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/463">#463</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/462">#462</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/460">#460</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/456">#456</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/438">#438</a> <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/437">#437</a></li> </ul> <h3>feat</h3> <ul> <li>bump to node20 runtime (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/500">#500</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/46c97c2f70ec25e11d870c72c380aa25107c5189">46c97c2</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/500">#500</a></li> </ul> <h1><a href="https://github.com/peaceiris/actions-mdbook/compare/v1.1.14...v1.2.0">1.2.0</a> (2022-10-23)</h1> <h3>chore</h3> <ul> <li>Add postinstall for husky install (<a href="https://github.com/peaceiris/actions-mdbook/commit/0622767fb2eae5ab3498152162fd85a7714c64a4">0622767</a>)</li> <li>Convert templates to YAML issue forms (<a href="https://github.com/peaceiris/actions-mdbook/commit/12969d1763255c9381d8037359d9ccbc7f7a726c">12969d1</a>)</li> <li>Fix prettier (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/397">#397</a>) (<a href="https://github.com/peaceiris/actions-mdbook/commit/44ecb22db74f4d99ed3e5559a242dac1e8de130f">44ecb22</a>), closes <a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/397">#397</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/ee69d230fe19748b7abf22df32acaa93833fad08"><code>ee69d23</code></a> chore(release): 2.0.0</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/2d79d45dae1452d6e4c33d4e88f38db81a676774"><code>2d79d45</code></a> chore(release): Add build assets</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/c95f05c7f61f6cc7b1abfc2aa4e2fb293c2e0bb7"><code>c95f05c</code></a> chore: revert build</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/cb4d902e118c7404c24c2a59b5a619e363e0eed9"><code>cb4d902</code></a> build: bump node to 20.12.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/504">#504</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/46c97c2f70ec25e11d870c72c380aa25107c5189"><code>46c97c2</code></a> feat: bump to node20 runtime (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/500">#500</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/7b0c98f8f3651db1bc6fd2a3d32031214fe04bd6"><code>7b0c98f</code></a> ci: bump codecov/codecov-action from 3 to 4 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/490">#490</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/60cc2ffbc1a8ee8273b736332bd9729fad7aeecd"><code>60cc2ff</code></a> ci: bump actions/dependency-review-action from 3.0.8 to 3.1.0 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/488">#488</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/c0c1ffeeae553a80d23fe6c4d903f04c20d1efd4"><code>c0c1ffe</code></a> ci: bump actions/checkout from 3 to 4 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/487">#487</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/c6c9e0f19326d4f3e7bbd16d49393d427fc06353"><code>c6c9e0f</code></a> ci: bump actions/setup-node from 3.8.0 to 3.8.1 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/486">#486</a>)</li> <li><a href="https://github.com/peaceiris/actions-mdbook/commit/162a198ca6534c7c8ba31c16e3e14282ca751364"><code>162a198</code></a> ci: bump actions/dependency-review-action from 3.0.7 to 3.0.8 (<a href="https://redirect.github.com/peaceiris/actions-mdbook/issues/485">#485</a>)</li> <li>Additional commits viewable in <a href="https://github.com/peaceiris/actions-mdbook/compare/adeb05db28a0c0004681db83893d56c0388ea9ea...ee69d230fe19748b7abf22df32acaa93833fad08">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=peaceiris/actions-mdbook&package-manager=github_actions&previous-version=1.2.0&new-version=2.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump twine from 4.0.2 to 5.0.0 (#17091)dependabot[bot]1-4/+4
Bumps [twine](https://github.com/pypa/twine) from 4.0.2 to 5.0.0. <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pypa/twine/blob/main/docs/changelog.rst">twine's changelog</a>.</em></p> <blockquote> <h2>Twine 5.0.0 (2024-02-10)</h2> <p>Bugfixes ^^^^^^^^</p> <ul> <li>Use <code>email.message</code> instead of <code>cgi</code> as <code>cgi</code> has been deprecated (<code>[#969](https://github.com/pypa/twine/issues/969) &lt;https://github.com/pypa/twine/issues/969&gt;</code>_)</li> </ul> <p>Misc ^^^^</p> <ul> <li><code>[#931](https://github.com/pypa/twine/issues/931) &lt;https://github.com/pypa/twine/issues/931&gt;</code><em>, <code>[#991](https://github.com/pypa/twine/issues/991) &lt;https://github.com/pypa/twine/issues/991&gt;</code></em>, <code>[#1028](https://github.com/pypa/twine/issues/1028) &lt;https://github.com/pypa/twine/issues/1028&gt;</code><em>, <code>[#1040](https://github.com/pypa/twine/issues/1040) &lt;https://github.com/pypa/twine/issues/1040&gt;</code></em></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pypa/twine/commit/94f810c54c8bc9d418a9ed64890ca9fa4ec7b59f"><code>94f810c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1047">#1047</a> from pypa/new-release</li> <li><a href="https://github.com/pypa/twine/commit/09d993ad4de12f3d11ddf25ff4b4db54714f1969"><code>09d993a</code></a> Update linkcheck_ignore setting for docs</li> <li><a href="https://github.com/pypa/twine/commit/ab0ed199154f8ab341d88c313cf4c2e785d770ee"><code>ab0ed19</code></a> Apply 2024 black format</li> <li><a href="https://github.com/pypa/twine/commit/407e6cc0c42eb0dcbc679cb2ffbffcc5dcbc150b"><code>407e6cc</code></a> Build changelog for 5.0.0</li> <li><a href="https://github.com/pypa/twine/commit/6644b862bb4555ddcb375c794ec5161de4a248df"><code>6644b86</code></a> Add missing changelog entries</li> <li><a href="https://github.com/pypa/twine/commit/fe1885f2bf896c1852dedea7733a582c5718bbbc"><code>fe1885f</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1034">#1034</a> from DimitriPapadopoulos/codespell</li> <li><a href="https://github.com/pypa/twine/commit/694bdcf84686c2821ca3168fbc75c2fa5c901188"><code>694bdcf</code></a> Fix typos found by codespell</li> <li><a href="https://github.com/pypa/twine/commit/89ec78c6be4b4b1bb22514bcddef8f6014c1ba53"><code>89ec78c</code></a> Merge pull request <a href="https://redirect.github.com/pypa/twine/issues/1040">#1040</a> from woodruffw-forks/ww/pypi-mandatory-api-tokens</li> <li><a href="https://github.com/pypa/twine/commit/b3b363aae8cf83bfbdf9228f5e80d9bdb4765053"><code>b3b363a</code></a> tests: lintage</li> <li><a href="https://github.com/pypa/twine/commit/6e94d200e20f700fa2e905dd32afeb367d321b67"><code>6e94d20</code></a> tests: more non-PyPI tests</li> <li>Additional commits viewable in <a href="https://github.com/pypa/twine/compare/4.0.2...5.0.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twine&package-manager=pip&previous-version=4.0.2&new-version=5.0.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump pygithub from 2.2.0 to 2.3.0 (#17092)dependabot[bot]1-3/+3
Bumps [pygithub](https://github.com/pygithub/pygithub) from 2.2.0 to 2.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pygithub/pygithub/releases">pygithub's releases</a>.</em></p> <blockquote> <h2>v2.3.0</h2> <h2>New features</h2> <ul> <li>Support oauth for enterprise <a href="https://github.com/EnricoMi"><code>@​EnricoMi</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2780">#2780</a>)</li> <li>Support creation of Dependabot Organization and Repository Secrets <a href="https://github.com/thomascrowley"><code>@​thomascrowley</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2874">#2874</a>)</li> </ul> <h2>Improvements</h2> <ul> <li>Create release with optional <code>name</code> and <code>message</code> when <code>generate_release_notes</code> is true <a href="https://github.com/heitorpolidoro"><code>@​heitorpolidoro</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2868">#2868</a>)</li> <li>Add missing attributes to <code>WorkflowJob</code> <a href="https://github.com/xvega"><code>@​xvega</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2921">#2921</a>)</li> <li>Add <code>created</code> and <code>check_suite_id</code> filter for Repository Workflow runs <a href="https://github.com/treee111"><code>@​treee111</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2891">#2891</a>)</li> <li>Assert requester argument type in Auth <a href="https://github.com/EnricoMi"><code>@​EnricoMi</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2912">#2912</a>)</li> </ul> <h2>Bug Fixes</h2> <ul> <li>Revert having allowed values for <code>add_to_collaborators</code> <a href="https://github.com/jodelasur"><code>@​jodelasur</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2905">#2905</a>)</li> </ul> <h2>Maintenance</h2> <ul> <li>Fix imports in authentication docs <a href="https://github.com/wurstbrot"><code>@​wurstbrot</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2923">#2923</a>)</li> <li>CI: add docformatter to precommit <a href="https://github.com/Borda"><code>@​Borda</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2614">#2614</a>)</li> <li>Add <code>.swp</code> fils to <code>.gitignore</code> <a href="https://github.com/boomanaiden154"><code>@​boomanaiden154</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2903">#2903</a>)</li> <li>Fix instructions building docs in <code>CONTRIBUTING.md</code> <a href="https://github.com/wakamex"><code>@​wakamex</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2900">#2900</a>)</li> <li>Explicitly name the modules built in <code>pyproject.toml</code> <a href="https://github.com/treee111"><code>@​treee111</code></a> (<a href="https://redirect.github.com/pygithub/pygithub/issues/2894">#2894</a>)</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyGithub/PyGithub/blob/main/doc/changes.rst">pygithub's changelog</a>.</em></p> <blockquote> <h2>Version 2.3.0 (March 21, 2024)</h2> <p>New features ^^^^^^^^^^^^</p> <ul> <li>Support OAuth for enterprise (<a href="https://redirect.github.com/pygithub/pygithub/issues/2780">#2780</a>) (e4106e00)</li> <li>Support creation of Dependabot Organization and Repository Secrets (<a href="https://redirect.github.com/pygithub/pygithub/issues/2874">#2874</a>) (0784f835)</li> </ul> <p>Improvements ^^^^^^^^^^^^</p> <ul> <li>Create release with optional name and message when generate_release_notes is true (<a href="https://redirect.github.com/pygithub/pygithub/issues/2868">#2868</a>) (d65fc30d)</li> <li>Add missing attributes to WorkflowJob (<a href="https://redirect.github.com/pygithub/pygithub/issues/2921">#2921</a>) (9e092458)</li> <li>Add <code>created</code> and <code>check_suite_id</code> filter for Repository WorkflowRuns (<a href="https://redirect.github.com/pygithub/pygithub/issues/2891">#2891</a>) (c788985c)</li> <li>Assert requester argument type in Auth (<a href="https://redirect.github.com/pygithub/pygithub/issues/2912">#2912</a>) (0b8435fc)</li> </ul> <p>Bug Fixes ^^^^^^^^^</p> <ul> <li>Revert having allowed values for add_to_collaborators (<a href="https://redirect.github.com/pygithub/pygithub/issues/2905">#2905</a>) (b542438e)</li> </ul> <p>Maintenance ^^^^^^^^^^^</p> <ul> <li>Fix imports in authentication docs (<a href="https://redirect.github.com/pygithub/pygithub/issues/2923">#2923</a>) (e3d36535)</li> <li>CI: add docformatter to precommit (<a href="https://redirect.github.com/pygithub/pygithub/issues/2614">#2614</a>) (96ad19ae)</li> <li>Add .swp files to gitignore (<a href="https://redirect.github.com/pygithub/pygithub/issues/2903">#2903</a>) (af529abe)</li> <li>Fix instructions building docs in CONTRIBUTING.md (<a href="https://redirect.github.com/pygithub/pygithub/issues/2900">#2900</a>) (cd8e528d)</li> <li>Explicitly name the modules built in pyproject.toml (<a href="https://redirect.github.com/pygithub/pygithub/issues/2894">#2894</a>) (4d461734)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyGithub/PyGithub/commit/7266e812ed2976ea36a4303edecfe5d75522343f"><code>7266e81</code></a> Release v2.3.0 (<a href="https://redirect.github.com/pygithub/pygithub/issues/2926">#2926</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/e4106e00fc669cd89a8d9c68c6d977195041d80e"><code>e4106e0</code></a> Support oauth for enterprise (<a href="https://redirect.github.com/pygithub/pygithub/issues/2780">#2780</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/d65fc30d398fe329bb264f7e277ac371bb20c2f2"><code>d65fc30</code></a> Create release with optional name and message when generate_release_notes is ...</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/0784f8354d1421f26ad198e782f97584a523c462"><code>0784f83</code></a> Support creation of Dependabot Organization and Repository Secrets (<a href="https://redirect.github.com/pygithub/pygithub/issues/2874">#2874</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/9e092458a5d369525bb72a580b5b1068e5ab7332"><code>9e09245</code></a> Add missing attributes to WorkflowJob (<a href="https://redirect.github.com/pygithub/pygithub/issues/2921">#2921</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/e3d365358d7149ec1f57ffc4c083df1a0fa76279"><code>e3d3653</code></a> Fix imports in authentication docs (<a href="https://redirect.github.com/pygithub/pygithub/issues/2923">#2923</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/c788985c9ff190999543f10435131b8f51d1ddfe"><code>c788985</code></a> Add <code>created</code> and <code>check_suite_id</code> filter for Repository WorkflowRuns (<a href="https://redirect.github.com/pygithub/pygithub/issues/2891">#2891</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/0b8435fccbcc98404f08e146b6e259bd20065c98"><code>0b8435f</code></a> Assert requester argument type in Auth (<a href="https://redirect.github.com/pygithub/pygithub/issues/2912">#2912</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/96ad19aec782c879d72f2bea80fb8a3932761be9"><code>96ad19a</code></a> CI: add docformatter to precommit (<a href="https://redirect.github.com/pygithub/pygithub/issues/2614">#2614</a>)</li> <li><a href="https://github.com/PyGithub/PyGithub/commit/b542438e319fde3608469675f74e1eb87fc1c5cd"><code>b542438</code></a> Revert having allowed values for add_to_collaborators (<a href="https://redirect.github.com/pygithub/pygithub/issues/2905">#2905</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pygithub/pygithub/compare/v2.2.0...v2.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pygithub&package-manager=pip&previous-version=2.2.0&new-version=2.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump pyasn1-modules from 0.3.0 to 0.4.0 (#17093)dependabot[bot]1-5/+5
Bumps [pyasn1-modules](https://github.com/pyasn1/pyasn1-modules) from 0.3.0 to 0.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pyasn1/pyasn1-modules/releases">pyasn1-modules's releases</a>.</em></p> <blockquote> <h2>Release 0.4.0</h2> <p>It's a major release where we drop Python 2 support entirely. The most significant changes are:</p> <ul> <li>Added support for Python 3.11, 3.12</li> <li>Removed support for EOL Pythons 2.7, 3.6, 3.7</li> </ul> <p>A full list of changes can be seen in the <a href="https://github.com/pyasn1/pyasn1-modules/blob/main/CHANGES.txt">CHANGELOG</a>.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/pyasn1/pyasn1-modules/blob/main/CHANGES.txt">pyasn1-modules's changelog</a>.</em></p> <blockquote> <h2>Revision 0.4.0, released 26-03-2024</h2> <ul> <li>Added support for Python 3.11, 3.12</li> <li>Removed support for EOL Pythons 2.7, 3.6, 3.7</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyasn1/pyasn1-modules/commit/98b1e268a30be4b2d6efa5c69eae772edc442c7e"><code>98b1e26</code></a> Prepare release 0.4.0</li> <li><a href="https://github.com/pyasn1/pyasn1-modules/commit/0339532a082ef54b2ac2f4ae72dc6a3a129a4a19"><code>0339532</code></a> Drop support for EOL Python 3.6 and 3.7 (<a href="https://redirect.github.com/pyasn1/pyasn1-modules/issues/14">#14</a>)</li> <li><a href="https://github.com/pyasn1/pyasn1-modules/commit/9ec54091547330aaf994e82ba759cb1fe071e070"><code>9ec5409</code></a> Drop support for EOL Python 2.7 (<a href="https://redirect.github.com/pyasn1/pyasn1-modules/issues/12">#12</a>)</li> <li><a href="https://github.com/pyasn1/pyasn1-modules/commit/252ac00bf1e119a044cc579ffade30164e2cdfff"><code>252ac00</code></a> Add support for Python 3.12 (<a href="https://redirect.github.com/pyasn1/pyasn1-modules/issues/11">#11</a>)</li> <li>See full diff in <a href="https://github.com/pyasn1/pyasn1-modules/compare/v0.3.0...v0.4.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyasn1-modules&package-manager=pip&previous-version=0.3.0&new-version=0.4.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump ruff from 0.3.5 to 0.3.7 (#17094)dependabot[bot]2-20/+20
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.3.5 to 0.3.7. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>v0.3.7</h2> <h2>Changes</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-bugbear</code>] Implement <code>loop-iterator-mutation</code> (<code>B909</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/9578">#9578</a>)</li> <li>[<code>pylint</code>] Implement rule to prefer augmented assignment (<code>PLR6104</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/9932">#9932</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Avoid TOCTOU errors in cache initialization (<a href="https://redirect.github.com/astral-sh/ruff/pull/10884">#10884</a>)</li> <li>[<code>pylint</code>] Recode <code>nan-comparison</code> rule to <code>W0177</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10894">#10894</a>)</li> <li>[<code>pylint</code>] Reverse min-max logic in <code>if-stmt-min-max</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10890">#10890</a>)</li> </ul> <h2>Contributors</h2> <ul> <li><a href="https://github.com/carljm"><code>@​carljm</code></a></li> <li><a href="https://github.com/charliermarsh"><code>@​charliermarsh</code></a></li> <li><a href="https://github.com/lshi18"><code>@​lshi18</code></a></li> <li><a href="https://github.com/mimre25"><code>@​mimre25</code></a></li> </ul> <h2>v0.3.6</h2> <h2>Changes</h2> <h3>Preview features</h3> <ul> <li>[<code>pylint</code>] Implement <code>bad-staticmethod-argument</code> (<code>PLW0211</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10781">#10781</a>)</li> <li>[<code>pylint</code>] Implement <code>if-stmt-min-max</code> (<code>PLR1730</code>, <code>PLR1731</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10002">#10002</a>)</li> <li>[<code>pyupgrade</code>] Replace <code>str,Enum</code> multiple inheritance with <code>StrEnum</code> <code>UP042</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10713">#10713</a>)</li> <li>[<code>refurb</code>] Implement <code>if-expr-instead-of-or-operator</code> (<code>FURB110</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10687">#10687</a>)</li> <li>[<code>refurb</code>] Implement <code>int-on-sliced-str</code> (<code>FURB166</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10650">#10650</a>)</li> <li>[<code>refurb</code>] Implement <code>write-whole-file</code> (<code>FURB103</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10802">#10802</a>)</li> <li>[<code>refurb</code>] Support <code>itemgetter</code> in <code>reimplemented-operator</code> (<code>FURB118</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10526">#10526</a>)</li> <li>[<code>flake8_comprehensions</code>] Add <code>sum</code>/<code>min</code>/<code>max</code> to unnecessary comprehension check (<code>C419</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10759">#10759</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>pydocstyle</code>] Require capitalizing docstrings where the first sentence is a single word (<code>D403</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10776">#10776</a>)</li> <li>[<code>pycodestyle</code>] Ignore annotated lambdas in class scopes (<code>E731</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10720">#10720</a>)</li> <li>[<code>flake8-pyi</code>] Various improvements to PYI034 (<a href="https://redirect.github.com/astral-sh/ruff/pull/10807">#10807</a>)</li> <li>[<code>flake8-slots</code>] Flag subclasses of call-based <code>typing.NamedTuple</code>s as well as subclasses of <code>collections.namedtuple()</code> (<code>SLOT002</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10808">#10808</a>)</li> <li>[<code>pyflakes</code>] Allow forward references in class bases in stub files (<code>F821</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10779">#10779</a>)</li> <li>[<code>pygrep-hooks</code>] Improve <code>blanket-noqa</code> error message (<code>PGH004</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10851">#10851</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Support <code>FORCE_COLOR</code> env var (<a href="https://redirect.github.com/astral-sh/ruff/pull/10839">#10839</a>)</li> </ul> <h3>Configuration</h3> <ul> <li>Support negated patterns in <code>[extend-]per-file-ignores</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10852">#10852</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.3.7</h2> <h3>Preview features</h3> <ul> <li>[<code>flake8-bugbear</code>] Implement <code>loop-iterator-mutation</code> (<code>B909</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/9578">#9578</a>)</li> <li>[<code>pylint</code>] Implement rule to prefer augmented assignment (<code>PLR6104</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/9932">#9932</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Avoid TOCTOU errors in cache initialization (<a href="https://redirect.github.com/astral-sh/ruff/pull/10884">#10884</a>)</li> <li>[<code>pylint</code>] Recode <code>nan-comparison</code> rule to <code>W0177</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10894">#10894</a>)</li> <li>[<code>pylint</code>] Reverse min-max logic in <code>if-stmt-min-max</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10890">#10890</a>)</li> </ul> <h2>0.3.6</h2> <h3>Preview features</h3> <ul> <li>[<code>pylint</code>] Implement <code>bad-staticmethod-argument</code> (<code>PLW0211</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10781">#10781</a>)</li> <li>[<code>pylint</code>] Implement <code>if-stmt-min-max</code> (<code>PLR1730</code>, <code>PLR1731</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10002">#10002</a>)</li> <li>[<code>pyupgrade</code>] Replace <code>str,Enum</code> multiple inheritance with <code>StrEnum</code> <code>UP042</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10713">#10713</a>)</li> <li>[<code>refurb</code>] Implement <code>if-expr-instead-of-or-operator</code> (<code>FURB110</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10687">#10687</a>)</li> <li>[<code>refurb</code>] Implement <code>int-on-sliced-str</code> (<code>FURB166</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10650">#10650</a>)</li> <li>[<code>refurb</code>] Implement <code>write-whole-file</code> (<code>FURB103</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10802">#10802</a>)</li> <li>[<code>refurb</code>] Support <code>itemgetter</code> in <code>reimplemented-operator</code> (<code>FURB118</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10526">#10526</a>)</li> <li>[<code>flake8_comprehensions</code>] Add <code>sum</code>/<code>min</code>/<code>max</code> to unnecessary comprehension check (<code>C419</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10759">#10759</a>)</li> </ul> <h3>Rule changes</h3> <ul> <li>[<code>pydocstyle</code>] Require capitalizing docstrings where the first sentence is a single word (<code>D403</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10776">#10776</a>)</li> <li>[<code>pycodestyle</code>] Ignore annotated lambdas in class scopes (<code>E731</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10720">#10720</a>)</li> <li>[<code>flake8-pyi</code>] Various improvements to PYI034 (<a href="https://redirect.github.com/astral-sh/ruff/pull/10807">#10807</a>)</li> <li>[<code>flake8-slots</code>] Flag subclasses of call-based <code>typing.NamedTuple</code>s as well as subclasses of <code>collections.namedtuple()</code> (<code>SLOT002</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10808">#10808</a>)</li> <li>[<code>pyflakes</code>] Allow forward references in class bases in stub files (<code>F821</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10779">#10779</a>)</li> <li>[<code>pygrep-hooks</code>] Improve <code>blanket-noqa</code> error message (<code>PGH004</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10851">#10851</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Support <code>FORCE_COLOR</code> env var (<a href="https://redirect.github.com/astral-sh/ruff/pull/10839">#10839</a>)</li> </ul> <h3>Configuration</h3> <ul> <li>Support negated patterns in <code>[extend-]per-file-ignores</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/10852">#10852</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>[<code>flake8-import-conventions</code>] Accept non-aliased (but correct) import in <code>unconventional-import-alias</code> (<code>ICN001</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10729">#10729</a>)</li> <li>[<code>flake8-quotes</code>] Add semantic model flag when inside f-string replacement field (<a href="https://redirect.github.com/astral-sh/ruff/pull/10766">#10766</a>)</li> <li>[<code>pep8-naming</code>] Recursively resolve <code>TypeDicts</code> for N815 violations (<a href="https://redirect.github.com/astral-sh/ruff/pull/10719">#10719</a>)</li> <li>[<code>flake8-quotes</code>] Respect <code>Q00*</code> ignores in <code>flake8-quotes</code> rules (<a href="https://redirect.github.com/astral-sh/ruff/pull/10728">#10728</a>)</li> <li>[<code>flake8-simplify</code>] Show negated condition in <code>needless-bool</code> diagnostics (<code>SIM103</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/10854">#10854</a>)</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/astral-sh/ruff/commit/2e37cf6b3b4b873ad9ffe9728bccdf134862b768"><code>2e37cf6</code></a> Bump version to v0.3.7 (<a href="https://redirect.github.com/astral-sh/ruff/issues/10895">#10895</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/a9e43930086af3ae3c974e4ecec2ed1b328fa8e6"><code>a9e4393</code></a> [<code>pylint</code>] Implement rule to prefer augmented assignment (<code>PLR6104</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/9932">#9932</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/312f43475f14cc723c8935e4c909b17510382bb8"><code>312f434</code></a> [<code>pylint</code>] Recode <code>nan-comparison</code> rule to <code>W0177</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/10894">#10894</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/563daa8a86e5fe38dcdcfba5cc7a93a84bc2d550"><code>563daa8</code></a> Fix docs and add overlap test for negated per-file-ignores (<a href="https://redirect.github.com/astral-sh/ruff/issues/10863">#10863</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/7ae15c6e0a127ebc7c8fa899dbd821b546abeb41"><code>7ae15c6</code></a> Fix comment copy/paste typo in newtype_index (<a href="https://redirect.github.com/astral-sh/ruff/issues/10892">#10892</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/03899dcba37c7429084486600ed7f3b12bea20dc"><code>03899dc</code></a> [<code>flake8-bugbear</code>] Implement <code>loop-iterator-mutation</code> (<code>B909</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/9578">#9578</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/25f5a8b2019260eba3889d9800a60950a810a43e"><code>25f5a8b</code></a> Struct not tuple for compiled per-file ignores (<a href="https://redirect.github.com/astral-sh/ruff/issues/10864">#10864</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/e7d1d43f39ebb7258713edad9aae190c868d5ea2"><code>e7d1d43</code></a> [<code>pylint</code>] Reverse min-max logic in <code>if-stmt-min-max</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/10890">#10890</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/9b9098c3dca7475cbe10fd8d8f7152c392a25924"><code>9b9098c</code></a> Downgrade ESLint to v8 (<a href="https://redirect.github.com/astral-sh/ruff/issues/10888">#10888</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/0cc154c2a9ab08568a232f0c67b756c97976332d"><code>0cc154c</code></a> Avoid TOCTOU errors in cache initialization (<a href="https://redirect.github.com/astral-sh/ruff/issues/10884">#10884</a>)</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/v0.3.5...v0.3.7">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=ruff&package-manager=pip&previous-version=0.3.5&new-version=0.3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19Bump anyhow from 1.0.81 to 1.0.82 (#17095)dependabot[bot]1-2/+2
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.81 to 1.0.82. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.82</h2> <ul> <li>Documentation improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/074bdea1c7b419e4f1267ebb9eac4d6068870122"><code>074bdea</code></a> Release 1.0.82</li> <li><a href="https://github.com/dtolnay/anyhow/commit/47a4fbfa365050b293d9e3898aadb42a47a571e6"><code>47a4fbf</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/360">#360</a> from dtolnay/docensure</li> <li><a href="https://github.com/dtolnay/anyhow/commit/c5af1db020696716ab0de65b663d2370ac4de4d4"><code>c5af1db</code></a> Make ensure's doc comment apply to the cfg(not(doc)) macro too</li> <li><a href="https://github.com/dtolnay/anyhow/commit/bebc7a2fe4ced785da951332fc3b259a5a52d24f"><code>bebc7a2</code></a> Revert &quot;Temporarily disable miri on doctests&quot;</li> <li><a href="https://github.com/dtolnay/anyhow/commit/f2c4db9b47e37fdeef8dc0e1560b3d15f1208fbe"><code>f2c4db9</code></a> Update ui test suite to nightly-2024-03-31</li> <li><a href="https://github.com/dtolnay/anyhow/commit/028cbeedf5e94970c088eb14e325744086a7b768"><code>028cbee</code></a> Explicitly install a Rust toolchain for cargo-outdated job</li> <li><a href="https://github.com/dtolnay/anyhow/commit/7a4cac5192686ca47c40ba9a8dd81f201686375e"><code>7a4cac5</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/358">#358</a> from dtolnay/workspacewrapper</li> <li><a href="https://github.com/dtolnay/anyhow/commit/939db012c2294403db6a1be21b15c0f2750b8b15"><code>939db01</code></a> Apply RUSTC_WORKSPACE_WRAPPER</li> <li><a href="https://github.com/dtolnay/anyhow/commit/9f84a37551de7e7d67dc27a6e1c8518aa21f1d93"><code>9f84a37</code></a> Temporarily disable miri on doctests</li> <li><a href="https://github.com/dtolnay/anyhow/commit/45e5a589e9548d1045ce7518e78f890a83c33580"><code>45e5a58</code></a> Ignore dead code lint in test</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/anyhow/compare/1.0.81...1.0.82">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.81&new-version=1.0.82)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-18Parse json validation (#16923)Gordan Trevis6-47/+220
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-04-18Helpers to transform Twisted requests to Rust http Requests/Responses (#17081)Quentin Gliech6-2/+321
This adds functions to transform a Twisted request to the `http::Request`, and then to send back an `http::Response` through it. It also imports the SynapseError exception so that we can throw that from Rust code directly Example usage of this would be: ```rust use crate::http::{http_request_from_twisted, http_response_to_twisted, HeaderMapPyExt}; fn handler(twisted_request: &PyAny) -> PyResult<()> { let request = http_request_from_twisted(twisted_request)?; let ua: headers::UserAgent = request.headers().typed_get_required()?; if whatever { return Err((crate::errors::SynapseError::new( StatusCode::UNAUTHORIZED, "Whatever".to_owned "M_UNAUTHORIZED", None, None, ))); } let response = Response::new("hello".as_bytes()); http_response_to_twisted(twisted_request, response)?; Ok(()) } ```
2024-04-17Fix remote receipts for events we don't have (#17096)Erik Johnston2-1/+6
Introduced in #17032
2024-04-17Support for MSC4108 via delegation (#17086)Quentin Gliech6-8/+84
This adds support for MSC4108 via delegation, similar to what has been done for MSC3886 --------- Co-authored-by: Hugh Nimmo-Smith <hughns@element.io>
2024-04-17Bump minimum required Rust version to 1.66.0 (#17079)Quentin Gliech3-10/+11
2024-04-16Parse Integer negative value validation (#16920)Gordan Trevis9-158/+89
2024-04-161.105.0 v1.105.0Olivier Wilkinson (reivilibre)3-1/+14
2024-04-15bugfix: make msc3967 idempotent (#16943)Kegan Dougal6-3/+102
MSC3967 was updated recently to make it more robust to network failures: > there is an existing cross-signing master key and it exactly matches the cross-signing master key provided in the request body. If there are any additional keys provided in the request (self signing key, user signing key) they MUST also match the existing keys stored on the server. In other words, the request contains no new keys. If there are new keys, UIA MUST be performed. https://github.com/matrix-org/matrix-spec-proposals/blob/hughns/device-signing-upload-uia/proposals/3967-device-signing-upload-uia.md#proposal This covers the case where the 200 OK is lost in transit so the client retries the upload, only to then get UIA'd. Complement tests: https://github.com/matrix-org/complement/pull/713 - passing example https://github.com/element-hq/synapse/actions/runs/7976948122/job/21778795094?pr=16943#step:7:8820 ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --------- Co-authored-by: reivilibre <oliverw@matrix.org>
2024-04-12Use receipts `event_stream_ordering` instead of joins (#17032)Nick Mills-Barrett3-19/+12
Resurrecting https://github.com/matrix-org/synapse/pull/13918. This should reduce IOPs incurred by joining to the events table to lookup stream ordering, which happens in many receipt handling code paths. Like the previous PR I believe sufficient time has passed between the original migration in DB schema 72 and now to merge this as-is. It's highly unlikely that both the migration is still ongoing AND (active) users still have any receipts prior to that date. In the unlikely event there is a receipt without a populated `event_stream_ordering` synapse will behave just as it does now when receipts exist for events that don't (yet): for push action calculation the receipts are just ignored. I've removed the validation on event IDs as this is already covered here: https://github.com/element-hq/synapse/blob/59ceabcb9798793cd4312fdbcced4e612aeda84d/synapse/handlers/receipts.py#L189-L192
2024-04-11Fix mypy on latest Twisted release (#17036)Erik Johnston4-4/+7
`ITransport.abortConnection` isn't a thing, but `HTTPChannel.forceAbortClient` calls it, so lets just use that Fixes https://github.com/element-hq/synapse/issues/16728
2024-04-111.105.0rc1 v1.105.0rc1Andrew Morgan19-17/+39
2024-04-09Stabilize support for MSC4010: push rules & account data. (#17022)Patrick Cloke3-28/+7
See [MSC4010](https://github.com/matrix-org/matrix-spec-proposals/pull/4010), but this is pretty much just removing an experimental flag. Part of #17021
2024-04-09Stabliize support for MSC3981: recurse /relations (#17023)Patrick Cloke5-19/+9
See [MSC3981](https://github.com/matrix-org/matrix-spec-proposals/pull/3981), this pretty much just removes flags though. Part of #17021
2024-04-09Also check if first event matches the last in prev batch (#17066)Erik Johnston3-7/+109
Refinement of #17064 cc @richvdh
2024-04-09#17039 Issue: Update base_rules.rs (#17043)Sumiran Pokharel2-4/+5
Co-authored-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2024-04-09Fix PR #16677, a parameter was missing in a function call (#17033)Mathieu Velten2-0/+2
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-04-09Add forgotten schema delta (#17054)Erik Johnston3-7/+23
This should have been in #17045. Whoops.
2024-04-09Bump packaging from 23.2 to 24.0 (#17027)dependabot[bot]1-3/+3
2024-04-09Bump serde_json from 1.0.114 to 1.0.115 (#17041)dependabot[bot]1-2/+2
2024-04-08Bump regex from 1.10.3 to 1.10.4 (#17028)dependabot[bot]1-2/+2
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08Bump ruff from 0.3.2 to 0.3.5 (#17060)dependabot[bot]2-20/+20
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08Bump types-pillow from 10.2.0.20240125 to 10.2.0.20240406 (#17061)dependabot[bot]1-3/+3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08Bump typing-extensions from 4.9.0 to 4.11.0 (#17062)dependabot[bot]1-3/+3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08Bump types-requests from 2.31.0.20240125 to 2.31.0.20240406 (#17063)dependabot[bot]1-4/+4
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-08Fixups to #17064 (#17065)Erik Johnston2-0/+4
Forget a line, and an empty batch is trivially linear. c.f. #17064
2024-04-08Add back fast path for non-gappy syncs (#17064)Erik Johnston2-0/+37
PR #16942 removed an invalid optimisation that avoided pulling out state for non-gappy syncs. This causes a large increase in DB usage. c.f. #16941 for why that optimisation was wrong. However, we can still optimise in the simple case where the events in the timeline are a linear chain without any branching/merging of the DAG. cc. @richvdh
2024-04-05Pull out fewer receipts from DB when doing push (#17049)Erik Johnston2-22/+103
Before we were pulling out *all* read receipts for a user for every event we pushed. Instead let's only pull out the relevant receipts. This also pulled out the event rows for each receipt, causing load on the events table.
2024-04-04Fix bug in calculating state for non-gappy syncs (#16942)Richard van der Hoff5-56/+145
Unfortunately, the optimisation we applied here for non-gappy syncs is not actually valid. Fixes https://github.com/element-hq/synapse/issues/16941. ~~Based on https://github.com/element-hq/synapse/pull/16930.~~ Requires https://github.com/matrix-org/sytest/pull/1374.
2024-04-04`/sync`: fix bug in calculating `state` response (#16930)Richard van der Hoff3-41/+94
Fix a long-standing issue which could cause state to be omitted from the sync response if the last event was filtered out. Fixes: https://github.com/element-hq/synapse/issues/16928
2024-04-04Fix bug in `/sync` response for archived rooms (#16932)Richard van der Hoff4-34/+314
This PR fixes a very, very niche edge-case, but I've got some more work coming which will otherwise make the problem worse. The bug happens when the syncing user leaves a room, and has a sync filter which includes "left" rooms, but sets the timeline limit to 0. In that case, the state returned in the `state` section is calculated incorrectly. The fix is to pass a token corresponding to the point that the user leaves the room through to `compute_state_delta`.
2024-04-04Add missing index to `access_tokens` table (#17045)Erik Johnston2-0/+8
This was causing sequential scans when using refresh tokens.
2024-04-021.104.0 v1.104.0 github/release-v1.104 release-v1.104Erik Johnston4-2/+14
2024-04-02Refactor chain fetching (#17044)Erik Johnston2-96/+67
Since these queries are duplicated in two places.
2024-03-28Fixups to new push stream (#17038)Erik Johnston9-12/+27
Follow on from #17037
2024-03-28Add support for moving `/push_rules` off of main process (#17037)Erik Johnston10-40/+133
2024-03-26Fixup changelog v1.104.0rc1Erik Johnston1-3/+3
2024-03-26Fixup changelogErik Johnston1-1/+1
2024-03-26Fix OIDC login regression (#17031)Erik Johnston2-0/+8
Requests may require a User-Agent header, and the change in #16972 accidentally removed it, resulting in requests getting rejected causing login to fail.
2024-03-261.104.0rc1Erik Johnston25-24/+68
2024-03-22Ensure that pending to-device events are sent over federation at startup ↵Richard van der Hoff4-31/+127
(#16925) Fixes https://github.com/element-hq/synapse/issues/16680, as well as a related bug, where servers which we had *never* successfully sent an event to would not be retried. In order to fix the case of pending to-device messages, we hook into the existing `wake_destinations_needing_catchup` process, by extending it to look for destinations that have pending to-device messages. The federation transmission loop then attempts to send the pending to-device messages as normal.
2024-03-22Add OIDC config to add extra parameters to the authorize URL (#16971)Mathieu Velten4-6/+26
2024-03-21Do not refuse to set read_marker if previous event_id is in wrong room (#16990)SpiritCroc4-9/+12
2024-03-21Fix reject knocks on deactivating account (#17010)Hanadi4-12/+117
2024-03-21generate configuration with correct user in start.py for docker (#16978)Sam Wedgwood2-7/+9
2024-03-21Bump dawidd6/action-download-artifact from 3.1.2 to 3.1.4 (#17008)dependabot[bot]1-1/+1
2024-03-21OIDC: try to JWT decode userinfo response if JSON parsing failed (#16972)Mathieu Velten2-4/+29
2024-03-21Patch the db conn pool sooner in tests (#17017)Richard van der Hoff2-53/+60
When running unit tests, we patch the database connection pool so that it runs queries "synchronously". This is ok, except that if any queries are launched before we do the patching, those queries get left in limbo and never complete. To fix this, let's change the way we do the switcheroo, by patching out the method which creates the connection pool in the first place.
2024-03-21Bump netaddr from 0.9.0 to 1.2.1 (#17006)dependabot[bot]1-4/+7
2024-03-21Remove the hardcoded poetry version from contributing guide (#17002)Tadeusz Sośnierz2-1/+2
2024-03-21Add note to using --curses under sqlite porting (#17012)grahhnt1-1/+1
2024-03-21Update link, in installation guide, for docker hub synapse images (#17001)Eirik1-1/+1
2024-03-21Bump types-jsonschema from 4.21.0.20240118 to 4.21.0.20240311 (#17007)dependabot[bot]1-3/+3
2024-03-21Prevent `start_for_complement.sh` from setting `START_POSTGRES` to `false` ↵Andrew Morgan3-3/+5
when it's already set (#16985) I have a use case where I'd like the Synapse image to start up a postgres instance that I can use, but don't want to force Synapse to use postgres as well. This commit prevents postgres from being started when it has already been explicitly enabled elsewhere.
2024-03-19Update power level default for public rooms (#16907)Shay3-1/+20
2024-03-19Improve event validation (#16908)Shay6-3/+180
As the title states.
2024-03-19Bump pydantic from 2.6.0 to 2.6.4 (#17004)dependabot[bot]1-84/+84
2024-03-19Bump anyhow from 1.0.80 to 1.0.81 (#17009)dependabot[bot]1-2/+2
2024-03-19Bump jinja2 from 3.1.2 to 3.1.3 (#17005)dependabot[bot]1-3/+3
2024-03-19Bump types-pyopenssl from 23.3.0.0 to 24.0.0.20240311 (#17003)dependabot[bot]1-4/+4
2024-03-19Pass module API to OIDC mapping provider (#16974)Mathieu Velten3-4/+18
As done for SAML mapping provider, let's pass the module API to the OIDC one so the mapper can do more logic in its code.
2024-03-19Specify IP subnet literals in canonical form (#16953)V024602-2/+3
This is needed, because the netaddr package removed support for the implicit prefix form in version 1.0.0: https://github.com/netaddr/netaddr/pull/360
2024-03-19Clarify docs for some room state functions (#16950)Richard van der Hoff2-3/+6
State *before* an event is different to state *after* that event, and people tend to assume the wrong one.
2024-03-191.103.0 v1.103.0 github/release-v1.103 release-v1.103Olivier Wilkinson (reivilibre)3-1/+14
2024-03-14`/sync`: Fix edge-case in calculating the "device_lists" response (#16949)Richard van der Hoff2-2/+10
Fixes https://github.com/element-hq/synapse/issues/16948. If the `join` and the `leave` are in the same sync response, we need to count them as a "left" user.
2024-03-14Split up `SyncHandler.compute_state_delta` (#16929)Richard van der Hoff2-145/+238
This is a huge method, which melts my brain. This is a non-functional change which lays some groundwork for future work in this area.
2024-03-14Sort versions in the documentation version picker appropriately. (#16966)Will Hunt2-3/+24
Fixes #16964 This adds a proper sorter for versions which takes into account semantic versions, rather than just relying on localeCompare.
2024-03-14upgrade.md: fix grammatical errors (#16965)Richard van der Hoff2-3/+4
comma splice "rollback" is a noun
2024-03-14Add query to update local cache of a remote user's device list to docs (#16892)Andrew Morgan2-0/+10
2024-03-14Improve lock performance when a lot of locks are waiting (#16840)Mathieu Velten4-7/+74
When a lot of locks are waiting for a single lock, notifying all locks independently with `call_later` on each release is really costly and incurs some kind of async contention, where the CPU is spinning a lot for not much. The included test is taking around 30s before the change, and 0.5s after. It was found following failing tests with https://github.com/element-hq/synapse/pull/16827.
2024-03-14Bump types-psycopg2 from 2.9.21.16 to 2.9.21.20240311 (#16995)dependabot[bot]1-4/+4
2024-03-14Bump pyo3 from 0.20.2 to 0.20.3 (#16962)dependabot[bot]1-10/+18
2024-03-13Multi-worker-docker-container: disable log buffering (#16919)Richard van der Hoff2-2/+6
Background: we have a `matrixdotorg/synapse-workers` docker image, which is intended for running multiple workers within the same container. That image includes a `prefix-log` script which, for each line printed to stdout or stderr by one of the processes, prepends the name of the process. This commit disables buffering in that script, so that lines are logged quickly after they are printed. This makes it much easier to understand the output, since they then come out in a natural order.
2024-03-13Bump ruff from 0.1.14 to 0.3.2 (#16994)dependabot[bot]3-27/+20
2024-03-13Bump mypy from 1.5.1 to 1.8.0 (#16901)dependabot[bot]12-59/+49
2024-03-13Bump dawidd6/action-download-artifact from 3.1.1 to 3.1.2 (#16960)dependabot[bot]1-1/+1
2024-03-13Bump cryptography from 41.0.7 to 42.0.5 (#16958)dependabot[bot]1-31/+40
2024-03-13Bump serde_json from 1.0.113 to 1.0.114 (#16961)dependabot[bot]1-2/+2
2024-03-13Bump serde from 1.0.196 to 1.0.197 (#16963)dependabot[bot]1-4/+4
2024-03-13Bump log from 0.4.20 to 0.4.21 (#16977)dependabot[bot]1-2/+2
2024-03-13Bump black from 23.10.1 to 24.2.0 (#16936)dependabot[bot]74-509/+407
2024-03-13Raise poetry-core version cap to 1.9.0 (#16986)V024602-1/+2
A new poetry-core version was released. See if CI is happy. Required for the latest Fedora Synapse package.
2024-03-12Update changelog v1.103.0rc1Erik Johnston2-1/+1
2024-03-12Prevent locking up while processing batched_auth_events (#16968)Gerrit Gogel2-9/+35
This PR aims to fix #16895, caused by a regression in #7 and not fixed by #16903. The PR #16903 only fixes a starvation issue, where the CPU isn't released. There is a second issue, where the execution is blocked. This theory is supported by the flame graphs provided in #16895 and the fact that I see the CPU usage reducing and far below the limit. Since the changes in #7, the method `check_state_independent_auth_rules` is called with the additional parameter `batched_auth_events`: https://github.com/element-hq/synapse/blob/6fa13b4f927c10b5f4e9495be746ec28849f5cb6/synapse/handlers/federation_event.py#L1741-L1743 It makes the execution enter this if clause, introduced with #15195 https://github.com/element-hq/synapse/blob/6fa13b4f927c10b5f4e9495be746ec28849f5cb6/synapse/event_auth.py#L178-L189 There are two issues in the above code snippet. First, there is the blocking issue. I'm not entirely sure if this is a deadlock, starvation, or something different. In the beginning, I thought the copy operation was responsible. It wasn't. Then I investigated the nested `store.get_events` inside the function `update`. This was also not causing the blocking issue. Only when I replaced the set difference operation (`-` ) with a list comprehension, the blocking was resolved. Creating and comparing sets with a very large amount of events seems to be problematic. This is how the flamegraph looks now while persisting outliers. As you can see, the execution no longer locks up in the above function. ![output_2024-02-28_13-59-40](https://github.com/element-hq/synapse/assets/13143850/6db9c9ac-484f-47d0-bdde-70abfbd773ec) Second, the copying here doesn't serve any purpose, because only a shallow copy is created. This means the same objects from the original dict are referenced. This fails the intention of protecting these objects from mutation. The review of the original PR https://github.com/matrix-org/synapse/pull/15195 had an extensive discussion about this matter. Various approaches to copying the auth_events were attempted: 1) Implementing a deepcopy caused issues due to builtins.EventInternalMetadata not being pickleable. 2) Creating a dict with new objects akin to a deepcopy. 3) Creating a dict with new objects containing only necessary attributes. Concluding, there is no easy way to create an actual copy of the objects. Opting for a deepcopy can significantly strain memory and CPU resources, making it an inefficient choice. I don't see why the copy is necessary in the first place. Therefore I'm proposing to remove it altogether. After these changes, I was able to successfully join these rooms, without the main worker locking up: - #synapse:matrix.org - #element-android:matrix.org - #element-web:matrix.org - #ecips:matrix.org - #ipfs-chatter:ipfs.io - #python:matrix.org - #matrix:matrix.org
2024-03-121.103.0rc1Erik Johnston9-7/+35
2024-03-11deactivated flag refactored to filter deactivated users. (#16874)Alexander Fechler6-8/+95
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-03-08Stabilize support for Retry-After header (MSC4014) (#16947)Patrick Cloke5-21/+5
2024-03-06Fix joining remote rooms when a `on_new_event` callback is registered (#16973)Quentin Gliech4-16/+21
Since Synapse 1.76.0, any module which registers a `on_new_event` callback would brick the ability to join remote rooms. This is because this callback tried to get the full state of the room, which would end up in a deadlock. Related: https://github.com/matrix-org/synapse-auto-accept-invite/issues/18 The following module would brick the ability to join remote rooms: ```python from typing import Any, Dict, Literal, Union import logging from synapse.module_api import ModuleApi, EventBase logger = logging.getLogger(__name__) class MyModule: def __init__(self, config: None, api: ModuleApi): self._api = api self._config = config self._api.register_third_party_rules_callbacks( on_new_event=self.on_new_event, ) async def on_new_event(self, event: EventBase, _state_map: Any) -> None: logger.info(f"Received new event: {event}") @staticmethod def parse_config(_config: Dict[str, Any]) -> None: return None ``` This is technically a breaking change, as we are now passing partial state on the `on_new_event` callback. However, this callback was broken for federated rooms since 1.76.0, and local rooms have full state anyway, so it's unlikely that it would change anything.
2024-03-05Revert "Ignore notification counts from rooms you've left" (#16981)Andrew Morgan2-16/+3
2024-03-05Switch #16979 changelog type from internal change to bugfix v1.102.0 github/release-v1.102 release-v1.102Andrew Morgan1-1/+1
2024-03-051.102.0Andrew Morgan4-2/+14
2024-03-05Revert "Improve DB performance of calculating badge counts for push. ↵Andrew Morgan3-147/+115
(#16756)" (#16979)
2024-02-23Ignore notification counts from rooms you've left (#16954)Andrew Morgan2-3/+16
Co-authored-by: reivilibre <oliverw@matrix.org>
2024-02-22Add docs on upgrading from a very old version (#16951)Twilight Sparkle3-0/+26
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-02-21Bump anyhow from 1.0.79 to 1.0.80 (#16935)dependabot[bot]1-2/+2
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21Bump pyopenssl from 23.3.0 to 24.0.0 (#16937)dependabot[bot]1-4/+4
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21Bump JasonEtco/create-an-issue from 2.9.1 to 2.9.2 (#16934)dependabot[bot]2-2/+2
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21Bump types-netaddr from 0.10.0.20240106 to 1.2.0.20240219 (#16938)dependabot[bot]1-3/+3
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21Bump furo from 2023.9.10 to 2024.1.29 (#16939)dependabot[bot]2-5/+5
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21Bump dawidd6/action-download-artifact from 3.0.0 to 3.1.1 (#16933)dependabot[bot]1-1/+1
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-20Better complement docs (#16946)kegsay2-0/+12
2024-02-20Add HAProxy example for single port operation (#16768)Georg2-0/+20
2024-02-201.102.0rc1 v1.102.0rc1Andrew Morgan11-9/+38
2024-02-20Don't lock up when joining large rooms (#16903)Erik Johnston2-9/+18
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
2024-02-20bugfix: always prefer unthreaded receipt when >1 exist (MSC4102) (#16927)kegsay2-3/+19
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-02-20Fix incorrect docker hub link in release script (#16910)Erik Johnston2-1/+2
2024-02-20fix typo in admin_api/rooms.md (#16857)Rainer Zufall2-1/+2
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
2024-02-14Add metric for emails sent (#16881)Remi Rampin2-0/+24
This adds a counter `synapse_emails_sent_total` for emails sent. They are broken down by `type`, which are `password_reset`, `registration`, `add_threepid`, `notification` (matching the methods of `Mailer`).
2024-02-13Don't invalidate the entire event cache when we purge history (#16905)Erik Johnston5-7/+100
We do this by adding support to the LRU cache for "extra indices" based on the cached value. This allows us to efficiently map from room ID to the cached events and only invalidate those.
2024-02-13Add a config to not send out device list updates for specific users (#16909)Erik Johnston3-2/+20
List of users not to send out device list updates for when they register new devices. This is useful to handle bot accounts. This is undocumented as its mostly a hack to test on matrix.org. Note: This will still send out device list updates if the device is later updated, e.g. end to end keys are added.
2024-02-131.101.0 v1.101.0 github/release-v1.101 release-v1.101Erik Johnston4-2/+16
2024-02-12Bump pygithub from 2.1.1 to 2.2.0 (#16902)dependabot[bot]1-5/+4
2024-02-12Bump attrs from 23.1.0 to 23.2.0 (#16899)dependabot[bot]1-5/+6
2024-02-12Bump bcrypt from 4.0.1 to 4.1.2 (#16900)dependabot[bot]1-23/+29
Bumps [bcrypt](https://github.com/pyca/bcrypt) from 4.0.1 to 4.1.2. <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/pyca/bcrypt/commit/b9223e61e2aec6f2d4841e3fa1f8e5d1ab7e4b61"><code>b9223e6</code></a> Try building py39 wheels to see if that helps with reinitialization errors (#...</li> <li><a href="https://github.com/pyca/bcrypt/commit/504978344416eb7128142e0fa40cc2d472c194e5"><code>5049783</code></a> Bump syn from 2.0.40 to 2.0.41 in /src/_bcrypt (<a href="https://redirect.github.com/pyca/bcrypt/issues/696">#696</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/642d0709725fd1d376a72868042ff756e53e5ebf"><code>642d070</code></a> Bump syn from 2.0.39 to 2.0.40 in /src/_bcrypt (<a href="https://redirect.github.com/pyca/bcrypt/issues/693">#693</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/8b44a1046a23499f9f8e91a4b2c375fecb511fa2"><code>8b44a10</code></a> Bump libc from 0.2.150 to 0.2.151 in /src/_bcrypt (<a href="https://redirect.github.com/pyca/bcrypt/issues/692">#692</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/951cc64d0cb7df2345a6c1bf0c983645a8020e9f"><code>951cc64</code></a> Bump once_cell from 1.18.0 to 1.19.0 in /src/_bcrypt (<a href="https://redirect.github.com/pyca/bcrypt/issues/690">#690</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/7377c6db3a51ade1c330b27d7eccf3a02b2b9a90"><code>7377c6d</code></a> Bump actions/setup-python from 4.8.0 to 5.0.0 (<a href="https://redirect.github.com/pyca/bcrypt/issues/689">#689</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/61b32039d4cd657dd25d9f32bea15b066880e2a6"><code>61b3203</code></a> Bump actions/setup-python from 4.7.1 to 4.8.0 (<a href="https://redirect.github.com/pyca/bcrypt/issues/688">#688</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/1c3159a28a88a2755149e73dfd1334a2b571c3f5"><code>1c3159a</code></a> Fixed wheels for older versions of macOS (<a href="https://redirect.github.com/pyca/bcrypt/issues/687">#687</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/1a41437d3a38b856ed2d85161fecd28ffbc82fc6"><code>1a41437</code></a> Update README.rst (<a href="https://redirect.github.com/pyca/bcrypt/issues/682">#682</a>)</li> <li><a href="https://github.com/pyca/bcrypt/commit/7881c5beef0a8e00ecfd6a6decc3b5ba3a55db1c"><code>7881c5b</code></a> Fix building windows abi3 wheels (<a href="https://redirect.github.com/pyca/bcrypt/issues/681">#681</a>)</li> <li>Additional commits viewable in <a href="https://github.com/pyca/bcrypt/compare/4.0.1...4.1.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bcrypt&package-manager=pip&previous-version=4.0.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12Bump sentry-sdk from 1.40.0 to 1.40.3 (#16898)dependabot[bot]1-3/+3
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.40.0 to 1.40.3. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>1.40.3</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Turn off metrics for uWSGI (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Minor improvements (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.40.2</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>test: Fix <code>pytest</code> error (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> <h2>1.40.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix uWSGI workers hanging (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Make metrics work with <code>gevent</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Guard against <code>engine.url</code> being <code>None</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2708">#2708</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix performance regression in <code>sentry_sdk.utils._generate_installed_modules</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2703">#2703</a>) by <a href="https://github.com/GlenWalker"><code>@​GlenWalker</code></a></li> <li>Guard against Sentry initialization mid SQLAlchemy cursor (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2702">#2702</a>) by <a href="https://github.com/apmorton"><code>@​apmorton</code></a></li> <li>Fix yaml generation script (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2695">#2695</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix AWS Lambda workflow (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2710">#2710</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Bump <code>codecov/codecov-action</code> from 3 to 4 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2706">#2706</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/cache</code> from 3 to 4 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2661">#2661</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/checkout</code> from 3.1.0 to 4.1.1 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2561">#2561</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>github/codeql-action</code> from 2 to 3 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2603">#2603</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/setup-python</code> from 4 to 5 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2577">#2577</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>1.40.3</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Turn off metrics for uWSGI (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Minor improvements (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.40.2</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>test: Fix <code>pytest</code> error (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> <h2>1.40.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix uWSGI workers hanging (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Make metrics work with <code>gevent</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Guard against <code>engine.url</code> being <code>None</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2708">#2708</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix performance regression in <code>sentry_sdk.utils._generate_installed_modules</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2703">#2703</a>) by <a href="https://github.com/GlenWalker"><code>@​GlenWalker</code></a></li> <li>Guard against Sentry initialization mid SQLAlchemy cursor (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2702">#2702</a>) by <a href="https://github.com/apmorton"><code>@​apmorton</code></a></li> <li>Fix yaml generation script (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2695">#2695</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fix AWS Lambda workflow (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2710">#2710</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Bump <code>codecov/codecov-action</code> from 3 to 4 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2706">#2706</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/cache</code> from 3 to 4 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2661">#2661</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/checkout</code> from 3.1.0 to 4.1.1 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2561">#2561</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>github/codeql-action</code> from 2 to 3 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2603">#2603</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> <li>Bump <code>actions/setup-python</code> from 4 to 5 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2577">#2577</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-python/commit/84c4c127ffa53084b082bdb9630ac1d01e36b0d0"><code>84c4c12</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/getsentry/sentry-python/commit/f92b4f2247be23e21f4797f848fb0621bedb64df"><code>f92b4f2</code></a> release: 1.40.3</li> <li><a href="https://github.com/getsentry/sentry-python/commit/f23bdd32fef72ddc4590c574e9f14786e2aa0cf1"><code>f23bdd3</code></a> fix(metrics): Turn off metrics for uWSGI (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/c77a1235f4d4f4d88129c13fa9586840ede48ce4"><code>c77a123</code></a> Minor improvements (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/2186e227a5110ae71753e6cb8d83ffbbe683b72e"><code>2186e22</code></a> Merge branch 'release/1.40.2'</li> <li><a href="https://github.com/getsentry/sentry-python/commit/139469a01ff6e720c22200747750ad3e770b1367"><code>139469a</code></a> release: 1.40.2</li> <li><a href="https://github.com/getsentry/sentry-python/commit/d97e7d75f740942adfd61742372747b041a76228"><code>d97e7d7</code></a> test: Fix <code>pytest</code> error (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/60e644c8e322a13c5a31ff93d25608d24cb58d51"><code>60e644c</code></a> build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129 (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/d769becc925e0d25c4fd80e95c0a61a6751d04f5"><code>d769bec</code></a> Merge branch 'release/1.40.1'</li> <li><a href="https://github.com/getsentry/sentry-python/commit/ad25ed961bae0c6d93dfcd5bb0635c3325a33f05"><code>ad25ed9</code></a> Update CHANGELOG.md</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-python/compare/1.40.0...1.40.3">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=pip&previous-version=1.40.0&new-version=1.40.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-09Only do one concurrent fetch per server in keyring (#16894)Erik Johnston2-4/+6
Otherwise if we've stacked a bunch of requests for the keys of a server, we'll end up sending lots of concurrent requests for its keys, needlessly.
2024-02-09Increase batching when fetching auth chains (#16893)Erik Johnston2-2/+3
This basically reverts a change that was in https://github.com/element-hq/synapse/pull/16833, where we reduced the batching. The smaller batching can cause performance issues on busy servers and databases.
2024-02-061.101.0rc1 v1.101.0rc1Erik Johnston7-5/+39
2024-02-06Accept unprefixed form of MSC3981 recurse parameter (#16842)David Baker2-1/+2
Now that the MSC3981 has passed FCP
2024-02-06Bump lxml-stubs from 0.4.0 to 0.5.1 (#16885)dependabot[bot]3-9/+7
2024-02-06Bump dorny/paths-filter from 2 to 3 (#16869)dependabot[bot]1-1/+1
2024-02-06Update docs for MacOS installs (#16854)kegsay2-0/+12
ICU is an optional dependency and also a pain to install. Mention that you can just not install it and still get a working installation.
2024-02-06Fix broken links on docs (#16853)kegsay6-7/+8
Some links seemed to be incorrect (vector-im/sygnal and vector-im/sytest have never been A Thing iirc) so pointed them back to matrix-org/*).
2024-02-06Bump sigstore/cosign-installer from 3.3.0 to 3.4.0 (#16890)dependabot[bot]1-1/+1
2024-02-06Bump sentry-sdk from 1.39.1 to 1.40.0 (#16889)dependabot[bot]1-3/+3
2024-02-06Bump pydantic from 2.5.3 to 2.6.0 (#16888)dependabot[bot]1-112/+86
2024-02-06Bump jsonschema from 4.20.0 to 4.21.1 (#16887)dependabot[bot]1-3/+3
2024-02-06Bump types-requests from 2.31.0.10 to 2.31.0.20240125 (#16886)dependabot[bot]1-4/+4
2024-02-01Bump hiredis from 2.2.3 to 2.3.2 (#16862)dependabot[bot]1-90/+110
2024-02-01Bump mypy-zope from 1.0.1 to 1.0.3 (#16865)dependabot[bot]1-4/+4
2024-02-01Bump types-pillow from 10.1.0.2 to 10.2.0.20240125 (#16864)dependabot[bot]1-4/+4
2024-02-01Bump types-setuptools from 69.0.0.0 to 69.0.0.20240125 (#16863)dependabot[bot]1-4/+4
2024-02-01Bump phonenumbers from 8.13.26 to 8.13.29 (#16868)dependabot[bot]1-3/+3
2024-02-01Bump serde from 1.0.195 to 1.0.196 (#16867)dependabot[bot]1-4/+4
2024-02-01Bump serde_json from 1.0.111 to 1.0.113 (#16866)dependabot[bot]1-2/+2
2024-02-01Update version picker for element-hq (#16880)Will Hunt2-2/+3
2024-01-301.100.0 v1.100.0 github/release-v1.100 release-v1.100Olivier Wilkinson (reivilibre)3-1/+14
2024-01-24Bump gitpython from 3.1.40 to 3.1.41 (#16850)dependabot[bot]1-4/+4
2024-01-241.100.0rc3 v1.100.0rc3Olivier Wilkinson (reivilibre)4-2/+16
2024-01-24Run `ANALYZE` after fiddling with stats (#16849)Erik Johnston3-0/+19
Introduced in #16833 Fixes #16844
2024-01-24Tweak changelog v1.100.0rc2Olivier Wilkinson (reivilibre)1-0/+2
2024-01-241.100.0rc2Olivier Wilkinson (reivilibre)4-2/+16
2024-01-24Downgrade the `download-artifact` and `upload-artifact` actions to v3 due to ↵reivilibre2-4/+5
breaking changes. (#16847) Partially reverts #16796 This is causing errors of the form: ``` Error: Failed to CreateArtifact: Received non-retryable error: Failed request: (409) Conflict: an artifact with this name already exists on the workflow run ``` for the debs and wheels stages. There were breaking changes that weren't included in the dependabot changelog (:/): https://github.com/actions/upload-artifact#breaking-changes <!-- Fixes: # <!-- --> <!-- Supersedes: # <!-- --> <!-- Follows: # <!-- --> <!-- Part of: # <!-- --> Base: `release-v1.100` <!-- git-stack-base-branch:release-v1.100 --> <!-- This pull request is commit-by-commit review friendly. <!-- --> <!-- This pull request is intended for commit-by-commit review. <!-- --> Original commit schedule, with full messages: <ol> <li> Downgrade the `upload-artifact` and `download-artifact` actions to v3 </li> </ol> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2024-01-23Update changelog v1.100.0rc1Olivier Wilkinson (reivilibre)1-1/+1
2024-01-231.100.0rc1Olivier Wilkinson (reivilibre)24-23/+70
2024-01-23Speed up e2e device keys queries for bot accounts (#16841)Erik Johnston2-11/+19
This helps with bot accounts with lots of non-e2e devices. The change is basically to change the order of the join for the case of using `INNER JOIN`
2024-01-23Correctly mention previous copyright (#16820)Erik Johnston731-0/+846
During the migration the automated script to update the copyright headers accidentally got rid of some of the existing copyright lines. Reinstate them.
2024-01-23Preparatory work for tweaking performance of auth chain lookups (#16833)Erik Johnston5-27/+163
2024-01-22Add a `--generate-only` option to the Complement launcher. (#16828)reivilibre2-1/+15
Pulled out of #16803 since the drive-by cleanup was maybe not as drive-by as I had hoped. <!-- Fixes: # <!-- --> <!-- Supersedes: # <!-- --> <!-- Follows: # <!-- --> <!-- Part of: # <!-- --> Base: `develop` <!-- git-stack-base-branch:develop --> <!-- This pull request is commit-by-commit review friendly. <!-- --> <!-- This pull request is intended for commit-by-commit review. <!-- --> Original commit schedule, with full messages: <ol> <li> Add a --generate-only option </li> </ol> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2024-01-22listen http2 deprecated nginx (updating documentation) (#16831)Arnold2-4/+5
More info [here](https://www.nginx.com/blog/nginx-plus-r30-released/). Nginx threw error's at me when I used all the options of the doc
2024-01-22Allow room creation but not publishing to continue if room publication rules ↵Shay5-34/+65
are violated when creating a new room. (#16811) Prior to this PR, if a request to create a public (public as in published to the rooms directory) room violated the room list publication rules set in the [config](https://matrix-org.github.io/synapse/latest/usage/configuration/config_documentation.html#room_list_publication_rules), the request to create the room was denied and the room was not created. This PR changes the behavior such that when a request to create a room published to the directory violates room list publication rules, the room is still created but the room is not published to the directory.
2024-01-22Bump regex from 1.9.6 to 1.10.3 (#16837)dependabot[bot]1-6/+6
2024-01-22Bump minimum Rust version to 1.65.0 (#16818)Erik Johnston4-10/+19
The ecosystem e.g. regex crate, have bumped up their MSRV to 1.65.0, which was released Nov 2022. In line with our policy, let's bump to match.
2024-01-22Bump types-netaddr from 0.9.0.1 to 0.10.0.20240106 (#16839)dependabot[bot]1-4/+4
2024-01-22Bump ruff from 0.1.13 to 0.1.14 (#16838)dependabot[bot]2-20/+20
2024-01-22Bump pydantic from 2.5.2 to 2.5.3 (#16836)dependabot[bot]1-110/+110
2024-01-22Bump isort from 5.13.1 to 5.13.2 (#16835)dependabot[bot]1-3/+6
2024-01-22Bump types-jsonschema from 4.20.0.20240105 to 4.21.0.20240118 (#16834)dependabot[bot]1-3/+4
2024-01-22Handle wildcard type filters properly (#14984)Mo Balaa4-7/+47
2024-01-22Bump actions/cache from 3 to 4 (#16832)dependabot[bot]2-2/+2
Bumps [actions/cache](https://github.com/actions/cache) from 3 to 4. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/releases">actions/cache's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h2>What's Changed</h2> <ul> <li>Update action to node20 by <a href="https://github.com/takost"><code>@​takost</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li> <li>feat: save-always flag by <a href="https://github.com/to-s"><code>@​to-s</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/takost"><code>@​takost</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1284">actions/cache#1284</a></li> <li><a href="https://github.com/to-s"><code>@​to-s</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1242">actions/cache#1242</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v4.0.0">https://github.com/actions/cache/compare/v3...v4.0.0</a></p> <h2>v3.3.3</h2> <h2>What's Changed</h2> <ul> <li>Cache v3.3.3 by <a href="https://github.com/robherley"><code>@​robherley</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/robherley"><code>@​robherley</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1302">actions/cache#1302</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.3">https://github.com/actions/cache/compare/v3...v3.3.3</a></p> <h2>v3.3.2</h2> <h2>What's Changed</h2> <ul> <li>Fixed readme with new segment timeout values by <a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1133">actions/cache#1133</a></li> <li>Readme fixes by <a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1134">actions/cache#1134</a></li> <li>Updated description of the lookup-only input for main action by <a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1130">actions/cache#1130</a></li> <li>Change two new actions mention as quoted text by <a href="https://github.com/bishal-pdMSFT"><code>@​bishal-pdMSFT</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1131">actions/cache#1131</a></li> <li>Update Cross-OS Caching tips by <a href="https://github.com/pdotl"><code>@​pdotl</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1122">actions/cache#1122</a></li> <li>Bazel example (Take <a href="https://redirect.github.com/actions/cache/issues/2">#2</a>️⃣) by <a href="https://github.com/vorburger"><code>@​vorburger</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li> <li>Remove actions to add new PRs and issues to a project board by <a href="https://github.com/jorendorff"><code>@​jorendorff</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li> <li>Consume latest toolkit and fix dangling promise bug by <a href="https://github.com/chkimes"><code>@​chkimes</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li> <li>Bump action version to 3.3.2 by <a href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li> </ul> <h2>New Contributors</h2> <ul> <li><a href="https://github.com/vorburger"><code>@​vorburger</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1132">actions/cache#1132</a></li> <li><a href="https://github.com/jorendorff"><code>@​jorendorff</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1187">actions/cache#1187</a></li> <li><a href="https://github.com/chkimes"><code>@​chkimes</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1217">actions/cache#1217</a></li> <li><a href="https://github.com/bethanyj28"><code>@​bethanyj28</code></a> made their first contribution in <a href="https://redirect.github.com/actions/cache/pull/1236">actions/cache#1236</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.2">https://github.com/actions/cache/compare/v3...v3.3.2</a></p> <h2>v3.3.1</h2> <h2>What's Changed</h2> <ul> <li>Reduced download segment size to 128 MB and timeout to 10 minutes by <a href="https://github.com/kotewar"><code>@​kotewar</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1129">actions/cache#1129</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/cache/compare/v3...v3.3.1">https://github.com/actions/cache/compare/v3...v3.3.1</a></p> <h2>v3.3.0</h2> <h2>What's Changed</h2> <ul> <li>Bug: Permission is missing in cache delete example by <a href="https://github.com/kotokaze"><code>@​kotokaze</code></a> in <a href="https://redirect.github.com/actions/cache/pull/1123">actions/cache#1123</a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/actions/cache/blob/main/RELEASES.md">actions/cache's changelog</a>.</em></p> <blockquote> <h1>Releases</h1> <h3>3.0.0</h3> <ul> <li>Updated minimum runner version support from node 12 -&gt; node 16</li> </ul> <h3>3.0.1</h3> <ul> <li>Added support for caching from GHES 3.5.</li> <li>Fixed download issue for files &gt; 2GB during restore.</li> </ul> <h3>3.0.2</h3> <ul> <li>Added support for dynamic cache size cap on GHES.</li> </ul> <h3>3.0.3</h3> <ul> <li>Fixed avoiding empty cache save when no files are available for caching. (<a href="https://redirect.github.com/actions/cache/issues/624">issue</a>)</li> </ul> <h3>3.0.4</h3> <ul> <li>Fixed tar creation error while trying to create tar with path as <code>~/</code> home folder on <code>ubuntu-latest</code>. (<a href="https://redirect.github.com/actions/cache/issues/689">issue</a>)</li> </ul> <h3>3.0.5</h3> <ul> <li>Removed error handling by consuming actions/cache 3.0 toolkit, Now cache server error handling will be done by toolkit. (<a href="https://redirect.github.com/actions/cache/pull/834">PR</a>)</li> </ul> <h3>3.0.6</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/809">#809</a> - zstd -d: no such file or directory error</li> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/833">#833</a> - cache doesn't work with github workspace directory</li> </ul> <h3>3.0.7</h3> <ul> <li>Fixed <a href="https://redirect.github.com/actions/cache/issues/810">#810</a> - download stuck issue. A new timeout is introduced in the download process to abort the download if it gets stuck and doesn't finish within an hour.</li> </ul> <h3>3.0.8</h3> <ul> <li>Fix zstd not working for windows on gnu tar in issues <a href="https://redirect.github.com/actions/cache/issues/888">#888</a> and <a href="https://redirect.github.com/actions/cache/issues/891">#891</a>.</li> <li>Allowing users to provide a custom timeout as input for aborting download of a cache segment using an environment variable <code>SEGMENT_DOWNLOAD_TIMEOUT_MINS</code>. Default is 60 minutes.</li> </ul> <h3>3.0.9</h3> <ul> <li>Enhanced the warning message for cache unavailablity in case of GHES.</li> </ul> <h3>3.0.10</h3> <ul> <li>Fix a bug with sorting inputs.</li> <li>Update definition for restore-keys in README.md</li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/cache/commit/13aacd865c20de90d75de3b17ebe84f7a17d57d2"><code>13aacd8</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1242">#1242</a> from to-s/main</li> <li><a href="https://github.com/actions/cache/commit/53b35c543921fe2e8b288765ff817de9de8d906f"><code>53b35c5</code></a> Merge branch 'main' into main</li> <li><a href="https://github.com/actions/cache/commit/65b8989fab3bb394817bdb845a453dff480c2b51"><code>65b8989</code></a> Merge pull request <a href="https://redirect.github.com/actions/cache/issues/1284">#1284</a> from takost/update-to-node-20</li> <li><a href="https://github.com/actions/cache/commit/d0be34d54485f31ca2ccbe66e6ea3d96544a807b"><code>d0be34d</code></a> Fix dist</li> <li><a href="https://github.com/actions/cache/commit/66cf064d47313d2cccf392d01bd10925da2bd072"><code>66cf064</code></a> Merge branch 'main' into update-to-node-20</li> <li><a href="https://github.com/actions/cache/commit/1326563738ddb735c5f2ce85cba8c79f33b728cd"><code>1326563</code></a> Merge branch 'main' into main</li> <li><a href="https://github.com/actions/cache/commit/e71876755e268d6cc25a5d3e3c46ae447e35290a"><code>e718767</code></a> Fix format</li> <li><a href="https://github.com/actions/cache/commit/01229828ffa049a8dee4db27bcb23ed33f2b451f"><code>0122982</code></a> Apply workaround for earlyExit</li> <li><a href="https://github.com/actions/cache/commit/3185ecfd6135856ca6d904ae032cff4f39b8b365"><code>3185ecf</code></a> Update &quot;only-&quot; actions to node20</li> <li><a href="https://github.com/actions/cache/commit/25618a0a675e8447e5ffc8ed9b7ddb2aaf927f65"><code>25618a0</code></a> Bump version</li> <li>Additional commits viewable in <a href="https://github.com/actions/cache/compare/v3...v4">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=actions/cache&package-manager=github_actions&previous-version=3&new-version=4)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-17Fix broken links in issue template (#16810)Erik Johnston3-8/+9
This happened during the migration
2024-01-16feat: add msc4028 to versions api (#16787)Hanadi2-0/+3
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-01-16Fix text and add second link v1.99.0Andrew Morgan1-2/+3
2024-01-16Fix link and remove email from changelog.Andrew Morgan1-4/+1
2024-01-161.99.0Andrew Morgan3-3/+18
2024-01-16Bump ruff from 0.1.7 to 0.1.13 (#16814)dependabot[bot]2-20/+20
2024-01-16Update license in Debian metadata (#16807)Erik Johnston2-0/+10
2024-01-15Bump service-identity from 23.1.0 to 24.1.0 (#16816)dependabot[bot]1-4/+4
2024-01-15Bump typing-extensions from 4.8.0 to 4.9.0 (#16815)dependabot[bot]1-3/+3
2024-01-15Bump lxml from 4.9.3 to 5.1.0 (#16813)dependabot[bot]1-96/+82
2024-01-15Bump immutabledict from 4.0.0 to 4.1.0 (#16812)dependabot[bot]1-3/+3
2024-01-15Fix building of deps after bump of `pillow` version (#16817)Erik Johnston1-3/+4
Broke in https://github.com/element-hq/synapse/pull/16802
2024-01-11Update license in Debian metadata (#16807)Erik Johnston2-0/+10
2024-01-11Optimize query for fetching to-device messages in `/sync` (#16805)Erik Johnston2-77/+73
The current query supports passing in a list of users, which generates a query using `user_id = ANY(..)`. This is generates a less efficient query plan that is notably slower than a simple `user_id = ?` condition. Note: The new function is mostly a copy and paste and then a simplification of the existing function.
2024-01-11Improve DB performance of calculating badge counts for push. (#16756)Erik Johnston3-114/+148
The crux of the change is to try and make the queries simpler and pull out fewer rows. Before, there were quite a few joins against subqueries, which caused postgres to pull out more rows than necessary. Instead, let's simplify the query and do some of the filtering out in Python instead, letting Postgres do better optimizations now that it doesn't have to deal with joins against subqueries. Review note: this is a complete rewrite of the function, so not sure how useful the diff is. --------- Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-01-11Bump pillow from 10.1.0 to 10.2.0 (#16802)dependabot[bot]1-55/+73
2024-01-11Bump actions/upload-artifact from 3 to 4 (#16796)dependabot[bot]5-8/+8
2024-01-11Bump actions/download-artifact from 3 to 4 (#16795)dependabot[bot]1-1/+1
2024-01-11Bump dawidd6/action-download-artifact from 2.28.0 to 3.0.0 (#16794)dependabot[bot]1-1/+1
2024-01-10Correctly handle OIDC config with no `client_secret` set (#16806)Erik Johnston2-1/+15
In previous versions of authlib using `client_secret_basic` without a `client_secret` would result in an invalid auth header. Since authlib 1.3 it throws an exception. The configuration may be accepted in by very lax servers, so we don't want to deny it outright. Instead, let's default the `client_auth_method` to `none`, which does the right thing. If the config specifies `client_auth_method` and no `client_secret` then that is going to be bogus and we should reject it
2024-01-10Faster load recents for sync (#16783)Erik Johnston3-7/+25
This hopefully reduces the amount of state we need to keep in memory
2024-01-10Bump types-commonmark from 0.9.2.4 to 0.9.2.20240106 (#16797)dependabot[bot]1-4/+4
Bumps [types-commonmark](https://github.com/python/typeshed) from 0.9.2.4 to 0.9.2.20240106. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/python/typeshed/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-commonmark&package-manager=pip&previous-version=0.9.2.4&new-version=0.9.2.20240106)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Bump pyo3 from 0.20.0 to 0.20.2 (#16791)dependabot[bot]1-10/+10
Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.20.0 to 0.20.2. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/pyo3/pyo3/releases">pyo3's releases</a>.</em></p> <blockquote> <h2>PyO3 0.20.2</h2> <p>This release corrects a failure to compile of the <code>either</code> feature when the <code>experimental-inspect</code> feature is not enabled.</p> <p>It also adds backwards-compatibility for <code>pyo3</code> 0.20.0 to build against <code>pyo3-build-config</code> 0.20.2, as <code>pyo3</code> 0.20.0 was (unintentionally) not pinned against an exact patch version <code>pyo3-build-config</code>, and <code>pyo3</code> 0.20.0 could not build against <code>pyo3-build-config</code> 0.20.1 due to an internal API adjustment.</p> <p>Thank you to the following users for the improvements:</p> <p><a href="https://github.com/adamreichold"><code>@​adamreichold</code></a> <a href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a></p> <h2>PyO3 0.20.1</h2> <p>This release is a maintenance release to resolve <a href="https://redirect.github.com/rust-lang/rust-clippy/issues/12039">a clippy warning</a> which triggers on function arguments of <code>Py&lt;Self&gt;</code>.</p> <p>This release also contains a few minor API additions, including optional support for the <code>either</code> and <code>smallvec</code> crates.</p> <p>Thank you to the following users for the improvements:</p> <p><a href="https://github.com/adamreichold"><code>@​adamreichold</code></a> <a href="https://github.com/aldanor"><code>@​aldanor</code></a> <a href="https://github.com/alex"><code>@​alex</code></a> <a href="https://github.com/daemontus"><code>@​daemontus</code></a> <a href="https://github.com/davidhewitt"><code>@​davidhewitt</code></a> <a href="https://github.com/mejrs"><code>@​mejrs</code></a> <a href="https://github.com/messense"><code>@​messense</code></a> <a href="https://github.com/neachdainn"><code>@​neachdainn</code></a> <a href="https://github.com/orhun"><code>@​orhun</code></a> <a href="https://github.com/suriya-ganesh"><code>@​suriya-ganesh</code></a> <a href="https://github.com/wyfo"><code>@​wyfo</code></a></p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/PyO3/pyo3/blob/main/CHANGELOG.md">pyo3's changelog</a>.</em></p> <blockquote> <h2>[0.20.2] - 2024-01-04</h2> <h3>Packaging</h3> <ul> <li>Pin <code>pyo3</code> and <code>pyo3-ffi</code> dependencies on <code>pyo3-build-config</code> to require the same patch version, i.e. <code>pyo3</code> 0.20.2 requires <em>exactly</em> <code>pyo3-build-config</code> 0.20.2. <a href="https://redirect.github.com/PyO3/pyo3/pull/3721">#3721</a></li> </ul> <h3>Fixed</h3> <ul> <li>Fix compile failure when building <code>pyo3</code> 0.20.0 with latest <code>pyo3-build-config</code> 0.20.X. <a href="https://redirect.github.com/PyO3/pyo3/pull/3724">#3724</a></li> <li>Fix docs.rs build. <a href="https://redirect.github.com/PyO3/pyo3/pull/3722">#3722</a></li> </ul> <h2>[0.20.1] - 2023-12-30</h2> <h3>Added</h3> <ul> <li>Add optional <code>either</code> feature to add conversions for <code>either::Either&lt;L, R&gt;</code> sum type. <a href="https://redirect.github.com/PyO3/pyo3/pull/3456">#3456</a></li> <li>Add optional <code>smallvec</code> feature to add conversions for <code>smallvec::SmallVec</code>. <a href="https://redirect.github.com/PyO3/pyo3/pull/3507">#3507</a></li> <li>Add <code>take</code> and <code>into_inner</code> methods to <code>GILOnceCell</code> <a href="https://redirect.github.com/PyO3/pyo3/pull/3556">#3556</a></li> <li><code>#[classmethod]</code> methods can now also receive <code>Py&lt;PyType&gt;</code> as their first argument. <a href="https://redirect.github.com/PyO3/pyo3/pull/3587">#3587</a></li> <li><code>#[pyfunction(pass_module)]</code> can now also receive <code>Py&lt;PyModule&gt;</code> as their first argument. <a href="https://redirect.github.com/PyO3/pyo3/pull/3587">#3587</a></li> <li>Add <code>traverse</code> method to <code>GILProtected</code>. <a href="https://redirect.github.com/PyO3/pyo3/pull/3616">#3616</a></li> <li>Added <code>abi3-py312</code> feature <a href="https://redirect.github.com/PyO3/pyo3/pull/3687">#3687</a></li> </ul> <h3>Fixed</h3> <ul> <li>Fix minimum version specification for optional <code>chrono</code> dependency. <a href="https://redirect.github.com/PyO3/pyo3/pull/3512">#3512</a></li> <li>Silenced new <code>clippy::unnecessary_fallible_conversions</code> warning when using a <code>Py&lt;Self&gt;</code> <code>self</code> receiver. <a href="https://redirect.github.com/PyO3/pyo3/pull/3564">#3564</a></li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/PyO3/pyo3/commit/bcef18b988a519aca93c29039fa0894a310d2eaf"><code>bcef18b</code></a> release: 0.20.2</li> <li><a href="https://github.com/PyO3/pyo3/commit/fa6d60b77ec67654b7639beccd794874a8ddc9eb"><code>fa6d60b</code></a> Use a definite version specification when depending on pyo3-build-config.</li> <li><a href="https://github.com/PyO3/pyo3/commit/f9f0bdde702e794838ab521c8172c4744e663693"><code>f9f0bdd</code></a> Merge pull request <a href="https://redirect.github.com/pyo3/pyo3/issues/3724">#3724</a> from davidhewitt/fix-build-config-issue</li> <li><a href="https://github.com/PyO3/pyo3/commit/cf213252fa5c780503cb1772622a38d7b34cd874"><code>cf21325</code></a> re-add emit_pyo3_cfgs for pyo3 0.20.0 compatibility</li> <li><a href="https://github.com/PyO3/pyo3/commit/f7893858d2e01df03f2e711a811b95f08f8ca5e1"><code>f789385</code></a> Merge pull request <a href="https://redirect.github.com/pyo3/pyo3/issues/3722">#3722</a> from PyO3/fix-doc-build</li> <li><a href="https://github.com/PyO3/pyo3/commit/9120b35f3553c231797bf2dc357fcd4fe0bf5dec"><code>9120b35</code></a> Include the experimental-inspect feature for the docs.rs build thereby making...</li> <li><a href="https://github.com/PyO3/pyo3/commit/2e79c557ccc628d4081661a712463e22fc780c92"><code>2e79c55</code></a> Add CI job to test the equivalent of a docs.rs build.</li> <li><a href="https://github.com/PyO3/pyo3/commit/2564ca4e7558396f166837d8795f8e1bfd698007"><code>2564ca4</code></a> Fix missing feature flags in implementation of Either conversion.</li> <li><a href="https://github.com/PyO3/pyo3/commit/be4d5627a33bc3575e3811e68c3366a9e264db77"><code>be4d562</code></a> Merge pull request <a href="https://redirect.github.com/pyo3/pyo3/issues/3713">#3713</a> from PyO3/release-0.20.1</li> <li><a href="https://github.com/PyO3/pyo3/commit/d3f034a80f2973e4d21fc2fd49cd0af309f1ab4d"><code>d3f034a</code></a> release: 0.20.1</li> <li>Additional commits viewable in <a href="https://github.com/pyo3/pyo3/compare/v0.20.0...v0.20.2">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyo3&package-manager=cargo&previous-version=0.20.0&new-version=0.20.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Pull less state out if we fail to backfill (#16788)Erik Johnston2-9/+13
Sometimes we fail to fetch events during backfill due to missing state, and we often end up querying the same bad events periodically (as people backpaginate). In such cases its likely we will continue to fail to get the state, and therefore we should try *before* loading the state that we have from the DB (as otherwise it's wasted DB and memory). --------- Co-authored-by: reivilibre <oliverw@matrix.org>
2024-01-10Bump anyhow from 1.0.75 to 1.0.79 (#16789)dependabot[bot]1-2/+2
Bumps [anyhow](https://github.com/dtolnay/anyhow) from 1.0.75 to 1.0.79. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/dtolnay/anyhow/releases">anyhow's releases</a>.</em></p> <blockquote> <h2>1.0.79</h2> <ul> <li>Work around improperly cached build script result by sccache (<a href="https://redirect.github.com/dtolnay/anyhow/issues/340">#340</a>)</li> </ul> <h2>1.0.78</h2> <ul> <li>Reduce spurious rebuilds under RustRover IDE when using a nightly toolchain (<a href="https://redirect.github.com/dtolnay/anyhow/issues/337">#337</a>)</li> </ul> <h2>1.0.77</h2> <ul> <li>Make <code>anyhow::Error::backtrace</code> available on stable Rust compilers 1.65+ (<a href="https://redirect.github.com/dtolnay/anyhow/issues/293">#293</a>, thanks <a href="https://github.com/LukasKalbertodt"><code>@​LukasKalbertodt</code></a>)</li> </ul> <h2>1.0.76</h2> <ul> <li>Opt in to <code>unsafe_op_in_unsafe_fn</code> lint (<a href="https://redirect.github.com/dtolnay/anyhow/issues/329">#329</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/dtolnay/anyhow/commit/71ab53dd2e89ff816bebaa452ad5a968f4c4105d"><code>71ab53d</code></a> Release 1.0.79</li> <li><a href="https://github.com/dtolnay/anyhow/commit/60705a53cefdc387b72c20cbab88aa4ffcf4b38e"><code>60705a5</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/340">#340</a> from dtolnay/depinfo</li> <li><a href="https://github.com/dtolnay/anyhow/commit/17e252bfdf4f7a2dff8e788ef7deab326682bbba"><code>17e252b</code></a> Include env-dep:RUSTC_BOOTSTRAP in dep-info for sccache</li> <li><a href="https://github.com/dtolnay/anyhow/commit/04774c089409597e4859ed256ef68eeb60ba81a7"><code>04774c0</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/338">#338</a> from dtolnay/nightlyci</li> <li><a href="https://github.com/dtolnay/anyhow/commit/1fd290c222f28ade7f5ee6f049a47b93a51b1f97"><code>1fd290c</code></a> Make CI verify that error_generic_member_access works in latest nightly</li> <li><a href="https://github.com/dtolnay/anyhow/commit/ee414707be0d4b6f0f109d0a85e4d10651e4aa2c"><code>ee41470</code></a> RUSTC must be set by Cargo for build script</li> <li><a href="https://github.com/dtolnay/anyhow/commit/38c79ef242fdfb124e499a58d917286ed1d4cad5"><code>38c79ef</code></a> Release 1.0.78</li> <li><a href="https://github.com/dtolnay/anyhow/commit/ded2295ff5cd6e759b30b12cd127ffe0bc658f0f"><code>ded2295</code></a> Merge pull request <a href="https://redirect.github.com/dtolnay/anyhow/issues/337">#337</a> from dtolnay/bootstrap</li> <li><a href="https://github.com/dtolnay/anyhow/commit/ae45b672c944e87cec570cf29389cfe0c0c2599a"><code>ae45b67</code></a> Do not rebuild on RUSTC_BOOTSTRAP changes on nightly compiler</li> <li><a href="https://github.com/dtolnay/anyhow/commit/2d32366f581f82256208181fa2c02285888fd4df"><code>2d32366</code></a> Update crate name used for build script probe</li> <li>Additional commits viewable in <a href="https://github.com/dtolnay/anyhow/compare/1.0.75...1.0.79">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=anyhow&package-manager=cargo&previous-version=1.0.75&new-version=1.0.79)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Bump sentry-sdk from 1.35.0 to 1.39.1 (#16799)dependabot[bot]1-3/+3
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.35.0 to 1.39.1. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's releases</a>.</em></p> <blockquote> <h2>1.39.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix psycopg2 detection in the Django integration (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2593">#2593</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Filter out empty string releases (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2591">#2591</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fixed local var not present when there is an error in a user's <code>error_sampler</code> function (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2511">#2511</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Fixed typing in <code>aiohttp</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2590">#2590</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.39.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Add support for cluster clients from Redis SDK (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2394">#2394</a>) by <a href="https://github.com/md384"><code>@​md384</code></a></li> <li>Improve location reporting for timer metrics (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2552">#2552</a>) by <a href="https://github.com/mitsuhiko"><code>@​mitsuhiko</code></a></li> <li>Fix Celery <code>TypeError</code> with no-argument <code>apply_async</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2575">#2575</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>Fix Lambda integration with EventBridge source (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2546">#2546</a>) by <a href="https://github.com/davidcroda"><code>@​davidcroda</code></a></li> <li>Add max tries to Spotlight (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2571">#2571</a>) by <a href="https://github.com/hazAT"><code>@​hazAT</code></a></li> <li>Handle <code>os.path.devnull</code> access issues (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2579">#2579</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Change <code>code.filepath</code> frame picking logic (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2568">#2568</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Trigger AWS Lambda tests on label (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2538">#2538</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Run permissions step on pull_request_target but not push (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2548">#2548</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Hash AWS Lambda test functions based on current revision (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2557">#2557</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Update Django version in tests (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2562">#2562</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Make metrics tests non-flaky (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2572">#2572</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.38.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Only add trace context to checkins and do not run <code>event_processors</code> for checkins (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2536">#2536</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Metric span summaries (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2522">#2522</a>) by <a href="https://github.com/mitsuhiko"><code>@​mitsuhiko</code></a></li> <li>Add source context to code locations (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2539">#2539</a>) by <a href="https://github.com/jan-auer"><code>@​jan-auer</code></a></li> <li>Use in-app filepath instead of absolute path (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2541">#2541</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Switch to <code>jinja2</code> for generating CI yamls (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2534">#2534</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> </ul> <h2>1.37.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix <code>NameError</code> on <code>parse_version</code> with eventlet (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2532">#2532</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>build(deps): bump checkouts/data-schemas from <code>68def1e</code> to <code>e9f7d58</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2501">#2501</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> <h2>1.37.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li> <p>Move installed modules code to utils (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2429">#2429</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></p> <p>Note: We moved the internal function <code>_get_installed_modules</code> from <code>sentry_sdk.integrations.modules</code> to <code>sentry_sdk.utils</code>. So if you use this function you have to update your imports</p> </li> <li> <p>Add code locations for metrics (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2526">#2526</a>) by <a href="https://github.com/jan-auer"><code>@​jan-auer</code></a></p> </li> <li> <p>Add query source to DB spans (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2521">#2521</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></p> </li> <li> <p>Send events to Spotlight sidecar (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2524">#2524</a>) by <a href="https://github.com/HazAT"><code>@​HazAT</code></a></p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's changelog</a>.</em></p> <blockquote> <h2>1.39.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix psycopg2 detection in the Django integration (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2593">#2593</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Filter out empty string releases (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2591">#2591</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Fixed local var not present when there is an error in a user's <code>error_sampler</code> function (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2511">#2511</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Fixed typing in <code>aiohttp</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2590">#2590</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.39.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Add support for cluster clients from Redis SDK (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2394">#2394</a>) by <a href="https://github.com/md384"><code>@​md384</code></a></li> <li>Improve location reporting for timer metrics (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2552">#2552</a>) by <a href="https://github.com/mitsuhiko"><code>@​mitsuhiko</code></a></li> <li>Fix Celery <code>TypeError</code> with no-argument <code>apply_async</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2575">#2575</a>) by <a href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li> <li>Fix Lambda integration with EventBridge source (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2546">#2546</a>) by <a href="https://github.com/davidcroda"><code>@​davidcroda</code></a></li> <li>Add max tries to Spotlight (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2571">#2571</a>) by <a href="https://github.com/hazAT"><code>@​hazAT</code></a></li> <li>Handle <code>os.path.devnull</code> access issues (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2579">#2579</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Change <code>code.filepath</code> frame picking logic (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2568">#2568</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Trigger AWS Lambda tests on label (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2538">#2538</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Run permissions step on pull_request_target but not push (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2548">#2548</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Hash AWS Lambda test functions based on current revision (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2557">#2557</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Update Django version in tests (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2562">#2562</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>Make metrics tests non-flaky (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2572">#2572</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> </ul> <h2>1.38.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Only add trace context to checkins and do not run <code>event_processors</code> for checkins (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2536">#2536</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Metric span summaries (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2522">#2522</a>) by <a href="https://github.com/mitsuhiko"><code>@​mitsuhiko</code></a></li> <li>Add source context to code locations (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2539">#2539</a>) by <a href="https://github.com/jan-auer"><code>@​jan-auer</code></a></li> <li>Use in-app filepath instead of absolute path (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2541">#2541</a>) by <a href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li> <li>Switch to <code>jinja2</code> for generating CI yamls (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2534">#2534</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> </ul> <h2>1.37.1</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li>Fix <code>NameError</code> on <code>parse_version</code> with eventlet (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2532">#2532</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li> <li>build(deps): bump checkouts/data-schemas from <code>68def1e</code> to <code>e9f7d58</code> (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2501">#2501</a>) by <a href="https://github.com/dependabot"><code>@​dependabot</code></a></li> </ul> <h2>1.37.0</h2> <h3>Various fixes &amp; improvements</h3> <ul> <li> <p>Move installed modules code to utils (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2429">#2429</a>) by <a href="https://github.com/sentrivana"><code>@​sentrivana</code></a></p> <p>Note: We moved the internal function <code>_get_installed_modules</code> from <code>sentry_sdk.integrations.modules</code> to <code>sentry_sdk.utils</code>.</p> </li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/getsentry/sentry-python/commit/2b46ec3ba2bb7fd12faf0109ca0b371235fe8ab6"><code>2b46ec3</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/getsentry/sentry-python/commit/d634c059ea6085be19a941d518bd7ed3405c3a8d"><code>d634c05</code></a> release: 1.39.1</li> <li><a href="https://github.com/getsentry/sentry-python/commit/d76fa983329610314c9c105df2fc88278d149db0"><code>d76fa98</code></a> fix(django): Fix psycopg2 detection (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2593">#2593</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/64c42ca975b804b0277643a761df099717d10253"><code>64c42ca</code></a> fix(utils): Filter out empty string releases (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2591">#2591</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/47313123d8c9b1dadce5460168d2ed849ee5730a"><code>4731312</code></a> Fixed local var not present when error in users error_sampler function (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2511">#2511</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/4deaa384136b610579e891fcd7b1641917aa091c"><code>4deaa38</code></a> Fixed typing in aiohttp (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2590">#2590</a>)</li> <li><a href="https://github.com/getsentry/sentry-python/commit/507d4098fba1fde2a6db7121591d6f5a1d151b69"><code>507d409</code></a> Merge branch 'release/1.39.0'</li> <li><a href="https://github.com/getsentry/sentry-python/commit/c6cd6360d805673694b00474bd14ba4b9755bf99"><code>c6cd636</code></a> Update CHANGELOG.md</li> <li><a href="https://github.com/getsentry/sentry-python/commit/c3a60a60a2c72e7122f3a3faa3a552ceb39b1663"><code>c3a60a6</code></a> release: 1.39.0</li> <li><a href="https://github.com/getsentry/sentry-python/commit/7df152ba3d37024117b4235178c65f08bdeab21c"><code>7df152b</code></a> Change <code>code.filepath</code> frame picking logic (<a href="https://redirect.github.com/getsentry/sentry-python/issues/2568">#2568</a>)</li> <li>Additional commits viewable in <a href="https://github.com/getsentry/sentry-python/compare/1.35.0...1.39.1">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=pip&previous-version=1.35.0&new-version=1.39.1)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Bump serde_json from 1.0.108 to 1.0.111 (#16792)dependabot[bot]1-12/+12
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.108 to 1.0.111. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/serde-rs/json/releases">serde_json's releases</a>.</em></p> <blockquote> <h2>v1.0.111</h2> <ul> <li>Improve floating point parsing performance on loongarch64 (<a href="https://redirect.github.com/serde-rs/json/issues/1100">#1100</a>, thanks <a href="https://github.com/heiher"><code>@​heiher</code></a>)</li> </ul> <h2>v1.0.110</h2> <ul> <li>Update proc-macro2 to fix caching issue when using a rustc-wrapper such as sccache</li> </ul> <h2>v1.0.109</h2> <ul> <li>Documentation improvements</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/serde-rs/json/commit/0131ac68212e8094bd14ee618587d731b4f9a68b"><code>0131ac6</code></a> Release 1.0.111</li> <li><a href="https://github.com/serde-rs/json/commit/96ecfadd3f7dd6366a2d07a098e228d15df93cb4"><code>96ecfad</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1100">#1100</a> from heiher/limb-64-la64</li> <li><a href="https://github.com/serde-rs/json/commit/c80dbaf8ff5902ca670e0a48bbe495065b9314f5"><code>c80dbaf</code></a> Set limb width to 64 for loongarch64</li> <li><a href="https://github.com/serde-rs/json/commit/df5cf215b70fb6341b255e7c0a210c06f64c0669"><code>df5cf21</code></a> Release 1.0.110</li> <li><a href="https://github.com/serde-rs/json/commit/c35856a93c37b48b3d6efc4fec8e05554dd3f9d5"><code>c35856a</code></a> Pull in proc-macro2 sccache fix</li> <li><a href="https://github.com/serde-rs/json/commit/f88bf1fccb05aa4de129675de44eb6aaf3fec0a0"><code>f88bf1f</code></a> Release 1.0.109</li> <li><a href="https://github.com/serde-rs/json/commit/bb62c73ecef901e689b0a7a67ed613a32975520c"><code>bb62c73</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1097">#1097</a> from serde-rs/doccfg</li> <li><a href="https://github.com/serde-rs/json/commit/df36d109fd9f9cdd22a874c0177cafec12237f95"><code>df36d10</code></a> Restore doc cfg on re-exports</li> <li><a href="https://github.com/serde-rs/json/commit/c3670913423329c166add9d85ecdfc3e3da21e7a"><code>c367091</code></a> Merge pull request <a href="https://redirect.github.com/serde-rs/json/issues/1095">#1095</a> from dtolnay/hashtest</li> <li><a href="https://github.com/serde-rs/json/commit/b328ee7df4dd772922f084600aa7cea39218b694"><code>b328ee7</code></a> Eliminate hash closure in favor of calling hash_one directly</li> <li>Additional commits viewable in <a href="https://github.com/serde-rs/json/compare/v1.0.108...v1.0.111">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.108&new-version=1.0.111)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Reduce amount of state pulled out when querying federation hierachy (#16785)Erik Johnston4-3/+82
There are two changes here: 1. Only pull out the required state when handling the request. 2. Change the get filtered state return type to check that we're only querying state that was requested --------- Co-authored-by: reivilibre <oliverw@matrix.org>
2024-01-10Split up deleting devices into batches (#16766)Erik Johnston2-2/+7
Otherwise for users with large numbers of devices this can cause a lot of woe.
2024-01-10Fix auto-merge CI to correctly wait for linting. (#16781)Erik Johnston2-1/+19
Otherwise if you hit the `Enable auto-merge` button and the linting fails the PR is still aut-merged.
2024-01-10Remove CI check for sign off (#16776)Erik Johnston3-7/+2
Since we don't require one anymore.
2024-01-10Add a link to the Request log format page from Logging Sample Config (#16778)Andrew Morgan2-0/+4
2024-01-10Bump types-jsonschema from 4.20.0.0 to 4.20.0.20240105 (#16800)dependabot[bot]1-3/+3
Bumps [types-jsonschema](https://github.com/python/typeshed) from 4.20.0.0 to 4.20.0.20240105. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/python/typeshed/commits">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-jsonschema&package-manager=pip&previous-version=4.20.0.0&new-version=4.20.0.20240105)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-10Faster partial join to room with complex auth graph (#7)Erik Johnston2-49/+31
Instead of persisting outliers in a bunch of batches, let's just do them all at once. This is fine because all `_auth_and_persist_outliers_inner` is doing is checking the auth rules for each event, which requires the events to be topologically sorted by the auth graph.
2024-01-10Bump authlib from 1.2.1 to 1.3.0 (#16801)dependabot[bot]1-5/+5
Bumps [authlib](https://github.com/lepture/authlib) from 1.2.1 to 1.3.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lepture/authlib/releases">authlib's releases</a>.</em></p> <blockquote> <h2>Version 1.3.0</h2> <p><strong>Bug fixes</strong></p> <ul> <li>Restore AuthorizationServer.create_authorization_response behavior, via <a href="https://redirect.github.com/lepture/authlib/issues/558">#558</a> by <a href="https://github.com/TurnrDev"><code>@​TurnrDev</code></a></li> <li>Include leeway in validate_iat() for JWT, via <a href="https://redirect.github.com/lepture/authlib/issues/565">#565</a> by <a href="https://github.com/dhallam"><code>@​dhallam</code></a></li> <li>Fix encode_client_secret_basic, via <a href="https://redirect.github.com/lepture/authlib/issues/594">#594</a> by <a href="https://github.com/Prilkop"><code>@​Prilkop</code></a></li> <li>Use single key in JWK if JWS does not specify kid, via <a href="https://redirect.github.com/lepture/authlib/issues/596">#596</a> by <a href="https://github.com/dklimpel"><code>@​dklimpel</code></a></li> <li>Fix error when RFC9068 JWS has no scope field, via <a href="https://redirect.github.com/lepture/authlib/issues/598">#598</a> by <a href="https://github.com/tanguilp"><code>@​tanguilp</code></a></li> <li>Get werkzeug version using importlib, via <a href="https://redirect.github.com/lepture/authlib/issues/591">#591</a> by <a href="https://github.com/Sparrow0hawk"><code>@​Sparrow0hawk</code></a></li> </ul> <p><strong>Breaking changes</strong></p> <ul> <li>RFC9068 implementation, via <a href="https://redirect.github.com/lepture/authlib/issues/586">#586</a> by <a href="https://github.com/azmeuk"><code>@​azmeuk</code></a>.</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/lepture/authlib/blob/master/docs/changelog.rst">authlib's changelog</a>.</em></p> <blockquote> <h2>Version 1.3.0</h2> <p><strong>Released on Dec 17, 2023</strong></p> <ul> <li>Restore <code>AuthorizationServer.create_authorization_response</code> behavior, via :PR:<code>558</code></li> <li>Include <code>leeway</code> in <code>validate_iat()</code> for JWT, via :PR:<code>565</code></li> <li>Fix <code>encode_client_secret_basic</code>, via :PR:<code>594</code></li> <li>Use single key in JWK if JWS does not specify <code>kid</code>, via :PR:<code>596</code></li> <li>Fix error when RFC9068 JWS has no scope field, via :PR:<code>598</code></li> <li>Get werkzeug version using importlib, via :PR:<code>591</code></li> </ul> <p><strong>New features</strong>:</p> <ul> <li>RFC9068 implementation, via :PR:<code>586</code>, by <a href="https://github.com/azmeuk"><code>@​azmeuk</code></a>.</li> </ul> <p><strong>Breaking changes</strong>:</p> <ul> <li>End support for python 3.7</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lepture/authlib/commit/a7d68b4c3b8a3a7fe0b62943b5228669f2f3dfec"><code>a7d68b4</code></a> chore: release 1.3.0</li> <li><a href="https://github.com/lepture/authlib/commit/a26f1d099326aa53e39fd1df4fee27f3b8a519d9"><code>a26f1d0</code></a> Merge GitHub action for release</li> <li><a href="https://github.com/lepture/authlib/commit/2d66702dec486292231f378780c3e39f55dc91b8"><code>2d66702</code></a> Merge pull request <a href="https://redirect.github.com/lepture/authlib/issues/591">#591</a> from Sparrow0hawk/patch-2</li> <li><a href="https://github.com/lepture/authlib/commit/0f8e08738b597af27a21312f4e937c1366d14e6d"><code>0f8e087</code></a> docs: add changelog for 1.3.0</li> <li><a href="https://github.com/lepture/authlib/commit/3ffc950d5b7d3e85ca908c461a9e99d1adba54e6"><code>3ffc950</code></a> chore: fix pypi release action</li> <li><a href="https://github.com/lepture/authlib/commit/a2543b9ad0836b85e54f126124006f0f09df46fd"><code>a2543b9</code></a> chore: add pypi github action</li> <li><a href="https://github.com/lepture/authlib/commit/c7e1b2d41db58a48d3d3e2a7c39425be381ffc21"><code>c7e1b2d</code></a> chore: move configuration from setup.cfg to pyproject.toml</li> <li><a href="https://github.com/lepture/authlib/commit/04e83f60aeb4f5302edb831b46389df2c9342a16"><code>04e83f6</code></a> Merge pull request <a href="https://redirect.github.com/lepture/authlib/issues/598">#598</a> from tanguilp/fix-rfc9068-no-scope-in-jws</li> <li><a href="https://github.com/lepture/authlib/commit/092f688b0dd57021e41ba5bc4ceecf15de8bc84e"><code>092f688</code></a> Fix error when RFC9068 JWS has no scope field</li> <li><a href="https://github.com/lepture/authlib/commit/ac583226552551cef453b0dec8506ddb7df5bccc"><code>ac58322</code></a> Get werkzeug version using importlib</li> <li>Additional commits viewable in <a href="https://github.com/lepture/authlib/compare/v1.2.1...v1.3.0">compare view</a></li> </ul> </details> <br /> [![Dependabot compatibility score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=authlib&package-manager=pip&previous-version=1.2.1&new-version=1.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-01-09Fixup changelog links v1.99.0rc1Erik Johnston1-4/+4
2024-01-09Fix changelog linksErik Johnston1-15/+15
2024-01-091.99.0rc1Erik Johnston24-23/+54
2024-01-08Filter out rooms from the room directory being served to other homeservers ↵reivilibre4-52/+221
when those rooms block that homeserver by their Access Control Lists. (#16759) The idea here being that the directory server shouldn't advertise rooms to a requesting server is the requesting server would not be allowed to join or participate in the room. <!-- Fixes: # <!-- --> <!-- Supersedes: # <!-- --> <!-- Follows: # <!-- --> <!-- Part of: # <!-- --> Base: `develop` <!-- git-stack-base-branch:develop --> <!-- This pull request is commit-by-commit review friendly. <!-- --> <!-- This pull request is intended for commit-by-commit review. <!-- --> Original commit schedule, with full messages: <ol> <li> Pass `from_federation_origin` down into room list retrieval code </li> <li> Don't cache /publicRooms response for inbound federated requests </li> <li> fixup! Don't cache /publicRooms response for inbound federated requests </li> <li> Cap the number of /publicRooms entries to 100 </li> <li> Simplify code now that you can't request unlimited rooms </li> <li> Filter out rooms from federated requests that don't have the correct ACL </li> <li> Request a handful more when filtering ACLs so that we can try to avoid shortchanging the requester </li> </ol> --------- Signed-off-by: Olivier Wilkinson (reivilibre) <oliverw@matrix.org>
2024-01-08Port `EventInternalMetadata` class to Rust (#16782)Erik Johnston12-124/+600
There are a couple of things we need to be careful of here: 1. The current python code does no validation when loading from the DB, so we need to be careful to ignore such errors (at least on jki.re there are some old events with internal metadata fields of the wrong type). 2. We want to be memory efficient, as we often have many hundreds of thousands of events in the cache at a time. --------- Co-authored-by: Quentin Gliech <quenting@element.io>
2024-01-05Fix linting (#16780)Erik Johnston2-1/+12
Introduced in #16762
2024-01-05Simplify internal metadata class. (#16762)Erik Johnston6-46/+24
We remove these fields as they're just duplicating data the event already stores, and (for reasons :shushing_face:) I'd like to simplify the class to only store simple types. I'm not entirely convinced that we shouldn't instead add helper methods to the event class to generate stream tokens, but I don't really think that's where they belong either
2024-01-04Implement cosign on docker image (#16774)Gaël Goinvic2-1/+17
Signed-off-by: Gaël Goinvic <gaelg@element.io>
2024-01-04Add recursion_depth to /relations if recursing (#16775)David Baker2-0/+5
This is an extra response parameter just added to MSC3981. In the current impl, the recursion depth is always 3, so this just returns a static 3 if the recurse parameter is supplied.
2024-01-04Search non ASCII display names using Admin API (#16767)Adam Jędrzejewski3-1/+26
Closes #16370 Signed-off-by: Adam Jedrzejewski <adamjedrzejewski@icloud.com>
2024-01-03Update the contributing guide after reliecensing (#16772)Erik Johnston2-78/+16
2024-01-02Fix email verification redirection (#16761)FadhlanR4-5/+43
Previously, the response status of `HTMLResource` was hardcoded as `200`. However, for proper redirection after the user verifies their email, we require the status to be `302`. This PR addresses that issue by using `code` as response status.
2024-01-02Re-enable automatic triagingErik Johnston1-3/+2
2024-01-02Revert "Disable automatic traiging"Erik Johnston1-5/+5
This reverts commit 742bae3761b7b2c638975f853ab6161527629240.
2024-01-02Delete the add version picker GHA workflow (#9453)Andrew Morgan2-90/+1
Added in https://github.com/matrix-org/synapse/pull/16533, this workflow was intended to be run once to add the version picker to all historical versions of the https://matrix-org.github.io/synapse documentation website. Note that the latest version of the docs built from this repo now exist at https://element-hq.github.io/synapse/. The workflow has been run successfully and the version picker was added to the documentation. Thus we can now delete this workflow. --- Note: Do not confuse this PR with https://github.com/matrix-org/synapse/issues/9453. This PR was made while we were populating this repo with "Dummy issues" after the changeover from matrix-org/synapse to element-hq/synapse - therefore referencing this PR may cause some confusion.
2024-01-02Add another custom statistics collection server (#16769)Christian Lölkes2-0/+2
Signed-off-by: Christian Lölkes <christian.loelkes@gmail.com>
2024-01-02Enable user without password (#16770)Dirk Klimpel4-26/+34
Closes: - https://github.com/matrix-org/synapse/issues/10397 - #10397 An administrator should know whether he wants to set a password or not. There are many uses cases where a blank password is required. - Use of only some users with SSO. - Use of bots with password, users with SSO
2024-01-02Remove config value from header (#16763)Fredrik Lanker2-1/+2
Signed-off-by: Fredrik Lanker <fredrik@lanker.se>
2023-12-21Move the rust stubs inline for better IDE integration (#16757)Erik Johnston5-0/+1
At least for vscode this allows click through / type checking / syntax highlighting.
2023-12-21Fix sample config doc CI (#16758)Erik Johnston2-0/+2
I accidentally broke it during the move by removing a trailing new line.
2023-12-15Disable automatic traigingErik Johnston1-5/+5
2023-12-13Fix typoErik Johnston17-52/+50
2023-12-13Update book locationErik Johnston43-122/+120
2023-12-13More renamingErik Johnston24-126/+125
2023-12-13Update nightly jobs to run on element-hq/synapse.Erik Johnston2-5/+5
2023-12-13Update repo for release scripts.Patrick Cloke2-14/+16
2023-12-13Keep pointing at packages.matrix.org for nowErik Johnston2-4/+4
2023-12-13Fix debian linkErik Johnston1-1/+1
2023-12-13Update documentation to refer to element-hq.Patrick Cloke8-52/+36
2023-12-13Fix linksErik Johnston2-2/+2
2023-12-13Update debian build with AGPL changes.Patrick Cloke3-3/+3
2023-12-13Log the new license during start.Patrick Cloke1-0/+4
2023-12-13Revert changes to READMEErik Johnston2-25/+4
2023-12-13Revert changes to READMEErik Johnston2-25/+4
2023-12-13Update README.rstWill Lewis1-0/+2
(cherry picked from commit be65a8ec0195955c15fdb179c9158b187638e39a)
2023-12-13Update README.rstWill Lewis1-0/+2
2023-12-13Update README.rstWill Lewis1-1/+1
2023-12-13Update README.rstWill Lewis1-1/+1