Famedly release v1.131.0_1 #65
Merged
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Fix a couple type annotations in the `RootConfig`/`Config`. Discovered while cribbing this code for another project. It's really sucks that `mypy` type checking doesn't catch this. I assume this is because we also have a `synapse/config/_base.pyi` that overrides all of this. Still unclear to me why the `Iterable[str]` vs `StrSequence` issue wasn't caught as that's what `ConfigError` expects.
Spawning from using this code elsewhere and not knowing why it's there. Based on this article and @reivilibre's experience mentioning `PYTHONUNBUFFERED=1`, > #### programming languages where the default “print” statement buffers > > Also, here are a few programming language where the default print statement will buffer output when writing to a pipe, and some ways to disable buffering if you want: > > - Python (disable with `python -u`, or `PYTHONUNBUFFERED=1`, or `sys.stdout.reconfigure(line_buffering=False)`, or `print(x, flush=True)`) > > _-- https://jvns.ca/blog/2024/11/29/why-pipes-get-stuck-buffering/#programming-languages-where-the-default-print-statement-buffers_
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
…380) Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
Bumps [actions/setup-python](https://github.com/actions/setup-python) from 5.5.0 to 5.6.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/actions/setup-python/releases">actions/setup-python's releases</a>.</em></p> <blockquote> <h2>v5.6.0</h2> <h2>What's Changed</h2> <ul> <li>Workflow updates related to Ubuntu 20.04 by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1065">actions/setup-python#1065</a></li> <li>Fix for Candidate Not Iterable Error by <a href="https://github.com/aparnajyothi-y"><code>@aparnajyothi-y</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1082">actions/setup-python#1082</a></li> <li>Upgrade semver and <code>@types/semver</code> by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1091">actions/setup-python#1091</a></li> <li>Upgrade prettier from 2.8.8 to 3.5.3 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1046">actions/setup-python#1046</a></li> <li>Upgrade ts-jest from 29.1.2 to 29.3.2 by <a href="https://github.com/dependabot"><code>@dependabot</code></a> in <a href="https://redirect.github.com/actions/setup-python/pull/1081">actions/setup-python#1081</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/actions/setup-python/compare/v5...v5.6.0">https://github.com/actions/setup-python/compare/v5...v5.6.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/actions/setup-python/commit/a26af69be951a213d495a4c3e4e4022e16d87065"><code>a26af69</code></a> Bump ts-jest from 29.1.2 to 29.3.2 (<a href="https://redirect.github.com/actions/setup-python/issues/1081">#1081</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/30eafe95483bd95135b7eda0c66a0369af9afdf1"><code>30eafe9</code></a> Bump prettier from 2.8.8 to 3.5.3 (<a href="https://redirect.github.com/actions/setup-python/issues/1046">#1046</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/5d95bc16d4bc83bb56202da9630d84c6f8a2d8f5"><code>5d95bc1</code></a> Bump semver and <code>@types/semver</code> (<a href="https://redirect.github.com/actions/setup-python/issues/1091">#1091</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/6ed2c67c8abe7646815dbd50364eea862d396fd9"><code>6ed2c67</code></a> Fix for Candidate Not Iterable Error (<a href="https://redirect.github.com/actions/setup-python/issues/1082">#1082</a>)</li> <li><a href="https://github.com/actions/setup-python/commit/e348410e00f449ece8581cb8e88be8f0e7712da6"><code>e348410</code></a> Remove Ubuntu 20.04 from workflows due to deprecation from 2025-04-15 (<a href="https://redirect.github.com/actions/setup-python/issues/1065">#1065</a>)</li> <li>See full diff in <a href="https://github.com/actions/setup-python/compare/8d9ed9ac5c53483de85588cdf95a591a75ab9f55...a26af69be951a213d495a4c3e4e4022e16d87065">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [docker/build-push-action](https://github.com/docker/build-push-action) from 6.15.0 to 6.16.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/docker/build-push-action/releases">docker/build-push-action's releases</a>.</em></p> <blockquote> <h2>v6.16.0</h2> <ul> <li>Handle no default attestations env var by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1343">docker/build-push-action#1343</a></li> <li>Only print secret keys in build summary output by <a href="https://github.com/crazy-max"><code>@crazy-max</code></a> in <a href="https://redirect.github.com/docker/build-push-action/pull/1353">docker/build-push-action#1353</a></li> <li>Bump <code>@docker/actions-toolkit</code> from 0.56.0 to 0.59.0 in <a href="https://redirect.github.com/docker/build-push-action/pull/1352">docker/build-push-action#1352</a></li> </ul> <p><strong>Full Changelog</strong>: <a href="https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0">https://github.com/docker/build-push-action/compare/v6.15.0...v6.16.0</a></p> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/docker/build-push-action/commit/14487ce63c7a62a4a324b0bfb37086795e31c6c1"><code>14487ce</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1343">#1343</a> from crazy-max/fix-no-default-attest</li> <li><a href="https://github.com/docker/build-push-action/commit/0ec91264d895acf7dfe05d54d8a3cc28f95b6346"><code>0ec9126</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1366">#1366</a> from crazy-max/pr-assign-author</li> <li><a href="https://github.com/docker/build-push-action/commit/b749522b90af1b517f52d8c1e67b2a965cea5eae"><code>b749522</code></a> pr-assign-author workflow</li> <li><a href="https://github.com/docker/build-push-action/commit/c566248492c912e39910ac79e2f05a82260233a8"><code>c566248</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1363">#1363</a> from crazy-max/fix-codecov</li> <li><a href="https://github.com/docker/build-push-action/commit/13275dd76e44afdffdd61da8b8ae8e26ee11671f"><code>13275dd</code></a> ci: fix missing source for codecov</li> <li><a href="https://github.com/docker/build-push-action/commit/67dc78bbaf388b3265f7e1c880e681f4b90d5f48"><code>67dc78b</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1361">#1361</a> from mschoettle/patch-1</li> <li><a href="https://github.com/docker/build-push-action/commit/0760504437ba8d0d98e7d5b625560bdede11b3b5"><code>0760504</code></a> docs: add validating build configuration example</li> <li><a href="https://github.com/docker/build-push-action/commit/1c198f4467ce458288d816cabd773cd574f16977"><code>1c198f4</code></a> chore: update generated content</li> <li><a href="https://github.com/docker/build-push-action/commit/288d9e2e4a70c24711ba959b94c2209b9205347e"><code>288d9e2</code></a> handle no default attestations env var</li> <li><a href="https://github.com/docker/build-push-action/commit/88844b95d8cbbb41035fa9c94e5967a33b92db78"><code>88844b9</code></a> Merge pull request <a href="https://redirect.github.com/docker/build-push-action/issues/1353">#1353</a> from crazy-max/summary-secret-keys</li> <li>Additional commits viewable in <a href="https://github.com/docker/build-push-action/compare/471d1dc4e07e5cdedd4c2171150001c434f0b7a4...14487ce63c7a62a4a324b0bfb37086795e31c6c1">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
As these should be background updates.
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…an specifying a required value (#18454)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com> Co-authored-by: Andrew Morgan <andrew@amorgan.xyz> Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
When querying by `delete_id` it's handy to see which room the delete pertains to.
Roughly reviewable commit-by-commit. This is the first part of adding policy server support to Synapse. Other parts (unordered), which may or may not be bundled into fewer PRs, include: * Implementation of a bulk API * Supporting a moderation server config (the `fallback_*` options of https://github.com/element-hq/policyserv_spam_checker ) * Adding an "early event hook" for appservices to receive federation transactions *before* events are processed formally * Performance and stability improvements ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --------- Co-authored-by: turt2live <1190097+turt2live@users.noreply.github.com> Co-authored-by: Devon Hudson <devon.dmytro@gmail.com>
Also bump pythonize from 0.23.0 to 0.24.0, otherwise we couldn't compile as pythonize 0.23.0 required pyo3 "^0.23.0". Addresses [RUSTSEC-2025-0020](https://rustsec.org/advisories/RUSTSEC-2025-0020), although Synapse is not affected as we don't make use of `PyString::from_object`. [pyo3 0.24.x](https://github.com/PyO3/pyo3/releases/tag/v0.24.0) include some performance optimisations apparently, and no breaking changes. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
Bumps tornado 6.5.0 to mitigate [CVE-2025-47287](https://nvd.nist.gov/vuln/detail/CVE-2025-47287). This dependency is only used indirectly through our sentry dependency. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [ ] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
This is confusing to users who received unwanted invites.
…391) A race-condition may render concurrent retry loops. Use an actual `Lock` for guarding single access of device resyncing retrying. ### Pull Request Checklist * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
This PR addresses a test failure for `tests.handlers.test_worker_lock.WorkerLockTestCase.test_lock_contention` which consistently times out on the RISC-V (specifically `riscv64`) architecture. The test simulates high lock contention and has a default timeout of 5 seconds, which seems sufficient for architectures like x86_64 but proves too short for current RISC-V hardware/environment performance characteristics, leading to spurious `tests.utils.TestTimeout` failures. This fix introduces architecture detection using `platform.machine()`. If a RISC-V architecture is detected: * The timeout for this specific test is increased (e.g., to 15 seconds ). The original, stricter timeout (5 seconds) and lock count (500) are maintained for all other architectures to avoid masking potential performance regressions elsewhere. This change has been tested locally on RISC-V, where the test now passes reliably, and on x86_64, where it continues to pass with the original constraints. --- ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [X] Pull request is based on the develop branch *(Assuming you based it correctly)* * [X] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). *(See below)* * [X] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) *(Please run linters locally)*
… (#18180) This implements matrix-org/matrix-spec-proposals#4263. ### Pull Request Checklist <!-- Please read https://element-hq.github.io/synapse/latest/development/contributing_guide.html before submitting your pull request --> * [x] Pull request is based on the develop branch * [x] Pull request includes a [changelog file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog). The entry should: - Be a short description of your change which makes sense to users. "Fixed a bug that prevented receiving messages from other servers." instead of "Moved X method from `EventStore` to `EventWorkerStore`.". - Use markdown where necessary, mostly for `code blocks`. - End with either a period (.) or an exclamation mark (!). - Start with a capital letter. - Feel free to credit yourself, by adding a sentence "Contributed by @github_username." or "Contributed by [Your Name]." to the end of the entry. * [x] [Code style](https://element-hq.github.io/synapse/latest/code_style.html) is correct (run the [linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters)) --------- Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Bumps [types-jsonschema](https://github.com/typeshed-internal/stub_uploader) from 4.23.0.20241208 to 4.23.0.20250516. <details> <summary>Commits</summary> <ul> <li>See full diff in <a href="https://github.com/typeshed-internal/stub_uploader/commits">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [ruff](https://github.com/astral-sh/ruff) from 0.11.10 to 0.11.11. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/releases">ruff's releases</a>.</em></p> <blockquote> <h2>0.11.11</h2> <h2>Release Notes</h2> <h3>Preview features</h3> <ul> <li>[<code>airflow</code>] Add autofixes for <code>AIR302</code> and <code>AIR312</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/17942">#17942</a>)</li> <li>[<code>airflow</code>] Move rules from <code>AIR312</code> to <code>AIR302</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/17940">#17940</a>)</li> <li>[<code>airflow</code>] Update <code>AIR301</code> and <code>AIR311</code> with the latest Airflow implementations (<a href="https://redirect.github.com/astral-sh/ruff/pull/17985">#17985</a>)</li> <li>[<code>flake8-simplify</code>] Enable fix in preview mode (<code>SIM117</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18208">#18208</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Fix inconsistent formatting of match-case on <code>[]</code> and <code>_</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18147">#18147</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW1514</code> not recognizing the <code>encoding</code> positional argument of <code>codecs.open</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18109">#18109</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Add full option name in formatter warning (<a href="https://redirect.github.com/astral-sh/ruff/pull/18217">#18217</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Fix rendering of admonition in docs (<a href="https://redirect.github.com/astral-sh/ruff/pull/18163">#18163</a>)</li> <li>[<code>flake8-print</code>] Improve print/pprint docs for <code>T201</code> and <code>T203</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18130">#18130</a>)</li> <li>[<code>flake8-simplify</code>] Add fix safety section (<code>SIM110</code>,<code>SIM210</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18114">#18114</a>,<a href="https://redirect.github.com/astral-sh/ruff/pull/18100">#18100</a>)</li> <li>[<code>pylint</code>] Fix docs example that produced different output (<code>PLW0603</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18216">#18216</a>)</li> </ul> <h2>Contributors</h2> <ul> <li><a href="https://github.com/AlexWaygood"><code>@AlexWaygood</code></a></li> <li><a href="https://github.com/BradonZhang"><code>@BradonZhang</code></a></li> <li><a href="https://github.com/BurntSushi"><code>@BurntSushi</code></a></li> <li><a href="https://github.com/CodeMan62"><code>@CodeMan62</code></a></li> <li><a href="https://github.com/InSyncWithFoo"><code>@InSyncWithFoo</code></a></li> <li><a href="https://github.com/LaBatata101"><code>@LaBatata101</code></a></li> <li><a href="https://github.com/Lee-W"><code>@Lee-W</code></a></li> <li><a href="https://github.com/Mathemmagician"><code>@Mathemmagician</code></a></li> <li><a href="https://github.com/MatthewMckee4"><code>@MatthewMckee4</code></a></li> <li><a href="https://github.com/MichaReiser"><code>@MichaReiser</code></a></li> <li><a href="https://github.com/TomerBin"><code>@TomerBin</code></a></li> <li><a href="https://github.com/VascoSch92"><code>@VascoSch92</code></a></li> <li><a href="https://github.com/adamaaronson"><code>@adamaaronson</code></a></li> <li><a href="https://github.com/brainwane"><code>@brainwane</code></a></li> <li><a href="https://github.com/brandtbucher"><code>@brandtbucher</code></a></li> <li><a href="https://github.com/carljm"><code>@carljm</code></a></li> <li><a href="https://github.com/dcreager"><code>@dcreager</code></a></li> <li><a href="https://github.com/dhruvmanila"><code>@dhruvmanila</code></a></li> <li><a href="https://github.com/dragon-dxw"><code>@dragon-dxw</code></a></li> <li><a href="https://github.com/felixscherz"><code>@felixscherz</code></a></li> <li><a href="https://github.com/kiran-4444"><code>@kiran-4444</code></a></li> <li><a href="https://github.com/maxmynter"><code>@maxmynter</code></a></li> <li><a href="https://github.com/ntBre"><code>@ntBre</code></a></li> </ul> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/astral-sh/ruff/blob/main/CHANGELOG.md">ruff's changelog</a>.</em></p> <blockquote> <h2>0.11.11</h2> <h3>Preview features</h3> <ul> <li>[<code>airflow</code>] Add autofixes for <code>AIR302</code> and <code>AIR312</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/17942">#17942</a>)</li> <li>[<code>airflow</code>] Move rules from <code>AIR312</code> to <code>AIR302</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/17940">#17940</a>)</li> <li>[<code>airflow</code>] Update <code>AIR301</code> and <code>AIR311</code> with the latest Airflow implementations (<a href="https://redirect.github.com/astral-sh/ruff/pull/17985">#17985</a>)</li> <li>[<code>flake8-simplify</code>] Enable fix in preview mode (<code>SIM117</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18208">#18208</a>)</li> </ul> <h3>Bug fixes</h3> <ul> <li>Fix inconsistent formatting of match-case on <code>[]</code> and <code>_</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18147">#18147</a>)</li> <li>[<code>pylint</code>] Fix <code>PLW1514</code> not recognizing the <code>encoding</code> positional argument of <code>codecs.open</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18109">#18109</a>)</li> </ul> <h3>CLI</h3> <ul> <li>Add full option name in formatter warning (<a href="https://redirect.github.com/astral-sh/ruff/pull/18217">#18217</a>)</li> </ul> <h3>Documentation</h3> <ul> <li>Fix rendering of admonition in docs (<a href="https://redirect.github.com/astral-sh/ruff/pull/18163">#18163</a>)</li> <li>[<code>flake8-print</code>] Improve print/pprint docs for <code>T201</code> and <code>T203</code> (<a href="https://redirect.github.com/astral-sh/ruff/pull/18130">#18130</a>)</li> <li>[<code>flake8-simplify</code>] Add fix safety section (<code>SIM110</code>,<code>SIM210</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18114">#18114</a>,<a href="https://redirect.github.com/astral-sh/ruff/pull/18100">#18100</a>)</li> <li>[<code>pylint</code>] Fix docs example that produced different output (<code>PLW0603</code>) (<a href="https://redirect.github.com/astral-sh/ruff/pull/18216">#18216</a>)</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/astral-sh/ruff/commit/0397682f1f50c9c1cc29293ac870f7720b0eda33"><code>0397682</code></a> Bump 0.11.11 (<a href="https://redirect.github.com/astral-sh/ruff/issues/18259">#18259</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/bcefa459f4069970bc9776575e2f776b8d130dc9"><code>bcefa45</code></a> [ty] Rename <code>call-possibly-unbound-method</code> to `possibly-unbound-implicit-call...</li> <li><a href="https://github.com/astral-sh/ruff/commit/91b7a570c2bd1c9e1cab894ded866e885f28946a"><code>91b7a57</code></a> [ty] Implement Python's floor division semantics for <code>Literal</code> <code>int</code>s (<a href="https://redirect.github.com/astral-sh/ruff/issues/18249">#18249</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/98da200d45b040401bc5c1ff04fd678d37d3dd3e"><code>98da200</code></a> [ty] Fix server panic when calling <code>system_mut</code> (<a href="https://redirect.github.com/astral-sh/ruff/issues/18252">#18252</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/029085fa7239eb25f9b60b6aff56aa54945becaf"><code>029085f</code></a> [ty] Clarify <code>ty check</code> output default in documentation. (<a href="https://redirect.github.com/astral-sh/ruff/issues/18246">#18246</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/6df10c638e3afed4a3fd9145d0353861e29d6acc"><code>6df10c6</code></a> [<code>pylint</code>] Fix docs example that produced different output (<code>PLW0603</code>) (<a href="https://redirect.github.com/astral-sh/ruff/issues/18216">#18216</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/bdf488462a5a5c0d4e104eff4e299829019b657d"><code>bdf4884</code></a> Preserve tuple parentheses in case patterns (<a href="https://redirect.github.com/astral-sh/ruff/issues/18147">#18147</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/01eeb2f0d6894f413048ff8fc8980453bf17acab"><code>01eeb2f</code></a> [ty] Support frozen dataclasses (<a href="https://redirect.github.com/astral-sh/ruff/issues/17974">#17974</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/cb04343b3b5e7a8a0841c73537733fa5aac482a2"><code>cb04343</code></a> [ty] Split <code>invalid-base</code> error code into two error codes (<a href="https://redirect.github.com/astral-sh/ruff/issues/18245">#18245</a>)</li> <li><a href="https://github.com/astral-sh/ruff/commit/02394b8049b52836ae7daca7132fab93031d1162"><code>02394b8</code></a> [ty] Improve <code>invalid-type-form</code> diagnostic where a module-literal type is us...</li> <li>Additional commits viewable in <a href="https://github.com/astral-sh/ruff/compare/0.11.10...0.11.11">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [lxml](https://github.com/lxml/lxml) from 5.3.0 to 5.4.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/lxml/lxml/releases">lxml's releases</a>.</em></p> <blockquote> <h2>lxml-5.4.0</h2> <h1>5.4.0 (2025-04-22)</h1> <h2>Bugs fixed</h2> <ul> <li>LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs. (Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.) Issue found by Anatoly Katyushin, see <a href="https://bugs.launchpad.net/lxml/+bug/2107279">https://bugs.launchpad.net/lxml/+bug/2107279</a></li> </ul> <h2>lxml-5.3.2</h2> <p>No release notes provided.</p> <h2>lxml-5.3.1</h2> <p>No release notes provided.</p> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/lxml/lxml/blob/master/CHANGES.txt">lxml's changelog</a>.</em></p> <blockquote> <h1>5.4.0 (2025-04-22)</h1> <h2>Bugs fixed</h2> <ul> <li>LP#2107279: Binary wheels use libxml2 2.13.8 and libxslt 1.1.43 to resolve several CVEs. (Binary wheels for Windows continue to use a patched libxml2 2.11.9 and libxslt 1.1.39.) Issue found by Anatoly Katyushin.</li> </ul> <h1>5.3.2 (2025-04-05)</h1> <p>This release resolves CVE-2025-24928 as described in <a href="https://gitlab.gnome.org/GNOME/libxml2/-/issues/847">https://gitlab.gnome.org/GNOME/libxml2/-/issues/847</a></p> <h2>Bugs fixed</h2> <ul> <li> <p>Binary wheels use libxml2 2.12.10 and libxslt 1.1.42.</p> </li> <li> <p>Binary wheels for Windows use a patched libxml2 2.11.9 and libxslt 1.1.39.</p> </li> </ul> <h1>5.3.1 (2025-02-09)</h1> <h2>Bugs fixed</h2> <ul> <li> <p>GH#440: Some tests were adapted for libxml2 2.14.0. Patch by Nick Wellnhofer.</p> </li> <li> <p>LP#2097175: <code>DTD(external_id="…")</code> erroneously required a byte string as ID value.</p> </li> <li> <p>GH#450: <code>iterparse()</code> internally triggered the `DeprecationWarning`` added in lxml 5.3.0 when parsing HTML.</p> </li> </ul> <h2>Other changes</h2> <ul> <li>GH#442: Binary wheels for macOS no longer use the linker flag <code>-flat_namespace</code>.</li> </ul> </blockquote> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/lxml/lxml/commit/6e76d57af83d59d7a0456fd5889e392a7b366b43"><code>6e76d57</code></a> Build: Exclude slow Py3.9 wheel builds for s390/ppc and Py3.7 for ARM64.</li> <li><a href="https://github.com/lxml/lxml/commit/ee10c02bb771be22e6e3c36a90f3b66e5ce87752"><code>ee10c02</code></a> Prepare release of lxml 5.4.0.</li> <li><a href="https://github.com/lxml/lxml/commit/0e4f3c33723bb2b4d9565046a24a896c36fb5602"><code>0e4f3c3</code></a> Prepare release of lxml 5.3.3.</li> <li><a href="https://github.com/lxml/lxml/commit/b4703fc2e74296a1bcb44ba050d856ceab21d87f"><code>b4703fc</code></a> Update changelog.</li> <li><a href="https://github.com/lxml/lxml/commit/db723bb3b9140f9f313f4b638790a69e82eae2a3"><code>db723bb</code></a> Build: Use libxslt 1.1.43 instead of 1.1.42 to resolve some CVEs.</li> <li><a href="https://github.com/lxml/lxml/commit/a664877bde77d4d649fb8475e8bfb2bc2693ac26"><code>a664877</code></a> Build: Use libxml2 2.13.8 instead of 2.12.x to resolve some CVEs.</li> <li><a href="https://github.com/lxml/lxml/commit/df4633e7a919f0a4d42df310f17477b5ab51e403"><code>df4633e</code></a> Remove appveyor usage.</li> <li><a href="https://github.com/lxml/lxml/commit/820db896be83f72f1cb653981362c682c8fc0d1f"><code>820db89</code></a> CI: Allow Py3.14 jobs to fail.</li> <li><a href="https://github.com/lxml/lxml/commit/93ad02aad6caa1a7a4b2f595c2973644709cb5f9"><code>93ad02a</code></a> docs: Add a note about C compiler installation to error message (<a href="https://redirect.github.com/lxml/lxml/issues/454">GH-454</a>)</li> <li><a href="https://github.com/lxml/lxml/commit/16878dac7075903c7b6e412f5f770ce43e942509"><code>16878da</code></a> Add some hints to the documentation on how to build lxml (<a href="https://redirect.github.com/lxml/lxml/issues/453">GH-453</a>)</li> <li>Additional commits viewable in <a href="https://github.com/lxml/lxml/compare/lxml-5.3.0...lxml-5.4.0">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-Authored-By: Andrew Morgan <andrew@amorgan.xyz>
Contributor
Author
|
The Complement failure at: https://github.com/famedly/synapse/actions/runs/16355847794 appears to be because of a new feature being tested that will not appear in Synapse until |
itsoyou
approved these changes
Jul 21, 2025
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
New version of Synapse
v1.130.0_1->v1.131.0_1Upstream Changes
No Famedly additions in this release