forked from spantaleev/matrix-docker-ansible-deploy
-
Notifications
You must be signed in to change notification settings - Fork 0
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
chore(deps): update matrixdotorg/synapse docker tag to v1.117.0 #21
Open
renovate
wants to merge
1
commit into
master
Choose a base branch
from
renovate/matrixdotorg-synapse-1.x
base: master
Could not load branches
Branch not found: {{ refName }}
Loading
Could not load tags
Nothing to show
Loading
Are you sure you want to change the base?
Some commits from the old base branch may be removed from the timeline,
and old review comments may become outdated.
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
December 13, 2023 08:16
7454b17
to
f6a13da
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.97.0
chore(deps): update matrixdotorg/synapse docker tag to v1.98.0
Dec 13, 2023
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
January 16, 2024 23:33
f6a13da
to
d980635
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.98.0
chore(deps): update matrixdotorg/synapse docker tag to v1.99.0
Jan 16, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
January 31, 2024 02:45
d980635
to
5b5630a
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.99.0
chore(deps): update matrixdotorg/synapse docker tag to v1.100.0
Jan 31, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
February 14, 2024 02:30
5b5630a
to
487e063
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.100.0
chore(deps): update matrixdotorg/synapse docker tag to v1.101.0
Feb 14, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
March 6, 2024 02:59
487e063
to
76e6b89
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.101.0
chore(deps): update matrixdotorg/synapse docker tag to v1.102.0
Mar 6, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
March 20, 2024 08:40
76e6b89
to
68b8a11
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.102.0
chore(deps): update matrixdotorg/synapse docker tag to v1.103.0
Mar 20, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
April 3, 2024 03:00
68b8a11
to
9715486
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.103.0
chore(deps): update matrixdotorg/synapse docker tag to v1.104.0
Apr 3, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
April 16, 2024 20:39
9715486
to
a131562
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.104.0
chore(deps): update matrixdotorg/synapse docker tag to v1.105.0
Apr 16, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
April 25, 2024 05:33
a131562
to
7972e80
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.105.0
chore(deps): update matrixdotorg/synapse docker tag to v1.105.1
Apr 25, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
May 1, 2024 02:46
7972e80
to
7a79ae3
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.105.1
chore(deps): update matrixdotorg/synapse docker tag to v1.106.0
May 1, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
May 22, 2024 20:47
7a79ae3
to
7c3d9cd
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.106.0
chore(deps): update matrixdotorg/synapse docker tag to v1.107.0
May 22, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
May 29, 2024 11:49
7c3d9cd
to
dea2cee
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.107.0
chore(deps): update matrixdotorg/synapse docker tag to v1.108.0
May 29, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
June 19, 2024 17:59
dea2cee
to
0e9af24
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.108.0
chore(deps): update matrixdotorg/synapse docker tag to v1.109.0
Jun 19, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
July 4, 2024 05:21
0e9af24
to
72efc6e
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.109.0
chore(deps): update matrixdotorg/synapse docker tag to v1.110.0
Jul 4, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
July 19, 2024 05:40
72efc6e
to
a76c133
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.110.0
chore(deps): update matrixdotorg/synapse docker tag to v1.111.0
Jul 19, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
August 1, 2024 05:21
a76c133
to
985bd1f
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.111.0
chore(deps): update matrixdotorg/synapse docker tag to v1.112.0
Aug 1, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
August 14, 2024 02:45
985bd1f
to
39fc428
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.112.0
chore(deps): update matrixdotorg/synapse docker tag to v1.113.0
Aug 14, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
September 3, 2024 05:59
39fc428
to
8e419e9
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.113.0
chore(deps): update matrixdotorg/synapse docker tag to v1.114.0
Sep 3, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
September 17, 2024 23:27
8e419e9
to
f31112d
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.114.0
chore(deps): update matrixdotorg/synapse docker tag to v1.115.0
Sep 17, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
October 2, 2024 01:26
f31112d
to
2445638
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.115.0
chore(deps): update matrixdotorg/synapse docker tag to v1.116.0
Oct 2, 2024
renovate
bot
force-pushed
the
renovate/matrixdotorg-synapse-1.x
branch
from
October 18, 2024 02:42
2445638
to
2844393
Compare
renovate
bot
changed the title
chore(deps): update matrixdotorg/synapse docker tag to v1.116.0
chore(deps): update matrixdotorg/synapse docker tag to v1.117.0
Oct 18, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
None yet
0 participants
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This PR contains the following updates:
v1.96.1
->v1.117.0
Warning
Some dependencies could not be looked up. Check the Dependency Dashboard for more information.
Release Notes
element-hq/synapse (matrixdotorg/synapse)
v1.117.0
Compare Source
Synapse 1.117.0 (2024-10-15)
No significant changes since 1.117.0rc1.
Synapse 1.117.0rc1 (2024-10-08)
Features
redis.password_path
. (#17717)Bugfixes
GET /_matrix/client/versions
, set theunstable_features
flag for MSC4140 tofalse
when server configuration disables support for delayed events. (#17780)Improved Documentation
test_forget_when_not_left
. (#17628)federation_sender_instances
. (#17776)Internal Changes
Updates to locked dependencies
v1.116.0
Compare Source
Synapse 1.116.0 (2024-10-01)
No significant changes since 1.116.0rc2.
Synapse 1.116.0rc2 (2024-09-26)
Features
Synapse 1.116.0rc1 (2024-09-25)
Features
and an endpoint to check on the status of that redaction task. (#17506)
tags
andnot_tags
filters for MSC4186 Sliding Sync. (#17662)turn_shared_secret_path
. (#17690)Bugfixes
Internal Changes
_pydantic_compat
module.This allows
check_pydantic_models.py
to mock those pydantic objectsonly in the synapse module, and not interfere with pydantic objects in
external dependencies. (#17667)
event_stream_ordering
of rooms. (#17693)bump_stamp
s more efficiently in MSC4186 Sliding Sync. (#17723)_bulk_get_max_event_pos
being inefficient. (#17728)get_tags_for_room(...)
. (#17730)cgi
module, deprecated in Python 3.11 and removed in Python 3.13. (#17741)Unknown
anymore after updatingtreq
. (#17744)Updates to locked dependencies
v1.115.0
Compare Source
Synapse 1.115.0 (2024-09-17)
No significant changes since 1.115.0rc2.
Synapse 1.115.0rc2 (2024-09-12)
Internal Changes
/sync
endpoint for quick filtering/sorting. (#17652)Synapse 1.115.0rc1 (2024-09-10)
Features
Bugfixes
400 M_BAD_JSON
upon attempting to complete various room actions with a non-local user ID and unknown room ID, rather than an internal server error. (#17607)bump_stamp
for invites in sliding sync response, causing incorrect ordering of invites in the room list. (#17674)Improved Documentation
saml2_config
config example. (#17594)Deprecations and Removals
msc4156_enabled
config setting and defaulting it totrue
. (#17650)Internal Changes
/sync
endpoint for quick filtering/sorting. (#17512, #17632, #17633, #17634, #17635, #17636, #17641, #17654, #17673)PerConnectionState
class immutable. (#17600)isort
andblack
withruff
. (#17620, #17643)get_room_membership_for_user_at_to_token
. (#17629)bump_stamp
from new sliding sync tables which should be faster. (#17658)Updates to locked dependencies
v1.114.0
Compare Source
Synapse 1.114.0 (2024-09-02)
This release enables support for MSC4186 — Simplified Sliding Sync. This allows using the upcoming releases of the Element X mobile apps without having to run a Sliding Sync Proxy.
Features
Synapse 1.114.0rc3 (2024-08-30)
Bugfixes
Synapse 1.114.0rc2 (2024-08-30)
Features
hash_password
script accept password input from stdin. (#17608)Bugfixes
/thumbnail
responses. (#17532)Internal Changes
PerConnectionState
class immutable. (#17600)@tag_args
for standalone functions. (#17604)isort
andblack
withruff
. (#17620)Updates to locked dependencies
Synapse 1.114.0rc1 (2024-08-20)
Features
/versions
,org.matrix.simplified_msc3575
, to indicate whether experimental sliding sync support has been enabled. (#17571)timeline_limit
in experimental sliding sync. (#17579)Bugfixes
stream_ordering
instead of topological ordering) in experimental MSC3575 Sliding Sync/sync
endpoint. (#17510)/sync
endpoint. (#17538)_Mulitpart_Parser_Protocol
. (#17545)old_verify_keys
. Contributed by @tulir @ Beeper. (#17568)Improved Documentation
auto_accept_invites.worker_to_run_on
option. (#17515)
Internal Changes
/sync
endpoint. (#17514)HTTPAdapter.get_connection
withget_connection_with_tls_context
. (#17536)/key/changes
and sliding sync. (#17537, #17548)Updates to locked dependencies
v1.113.0
Compare Source
Synapse 1.113.0 (2024-08-13)
No significant changes since 1.113.0rc1.
Synapse 1.113.0rc1 (2024-08-06)
Features
/sync
endpoint. (#17447)/sync
endpoint. (#17477)/sync
endpoint. (#17489)/sync
endpoint. (#17505)Bugfixes
/sync
endpoint to handle invite/knock rooms when filtering. (#17450)/keys/query
to return incomplete results, leading to high network activity and CPU usage on Matrix clients. (#17499)Improved Documentation
allowed_local_3pids
config option's msisdn address to a working example. (#17476)Internal Changes
bump_stamp
in experimental sliding sync endpoint. (#17478)SlidingSyncBase
. (#17481, #17482)limited
field description in the Sliding Sync response to accurately describe what it actually represents. (#17507)timeline
assertions in Sliding Sync tests. (#17511)Updates to locked dependencies
v1.112.0
Compare Source
Synapse 1.112.0 (2024-07-30)
This security release is to update our locked dependency on Twisted to 24.7.0rc1, which includes a security fix for CVE-2024-41671 / GHSA-c8m8-j448-xjx7: Disordered HTTP pipeline response in twisted.web, again.
Note that this security fix is also available as Synapse 1.111.1, which does not include the rest of the changes in Synapse 1.112.0.
This issue means that, if multiple HTTP requests are pipelined in the same TCP connection, Synapse can send responses to the wrong HTTP request.
If a reverse proxy was configured to use HTTP pipelining, this could result in responses being sent to the wrong user, severely harming confidentiality.
With that said, despite being a high severity issue, we consider it unlikely that Synapse installations will be affected.
The use of HTTP pipelining in this fashion would cause worse performance for clients (request-response latencies would be increased as users' responses would be artificially blocked behind other users' slow requests). Further, Nginx and Haproxy, two common reverse proxies, do not appear to support configuring their upstreams to use HTTP pipelining and thus would not be affected. For both of these reasons, we consider it unlikely that a Synapse deployment would be set up in such a configuration.
Despite that, we cannot rule out that some installations may exist with this unusual setup and so we are releasing this security update today.
pip users: Note that by default, upgrading Synapse using pip will not automatically upgrade Twisted. Please manually install the new version of Twisted using
pip install Twisted==24.7.0rc1
. Note also that even the--upgrade-strategy=eager
flag topip install -U matrix-synapse
will not upgrade Twisted to a patched version because it is only a release candidate at this time.Internal Changes
Synapse 1.112.0rc1 (2024-07-23)
Please note that this release candidate does not include the security dependency update
included in version 1.111.1 as this version was released before 1.111.1.
The same security fix can be found in the full release of 1.112.0.
Features
/sync
endpoint. (#17416)name
/avatar
fields in experimental MSC3575 Sliding Sync/sync
endpoint. (#17418)heroes
and room summary fields (joined_count
,invited_count
) in experimental MSC3575 Sliding Sync/sync
endpoint. (#17419)is_dm
room field in experimental MSC3575 Sliding Sync/sync
endpoint. (#17429)/sync
endpoint. (#17432)/sync
endpoint. (#17454)Bugfixes
/sync
endpoint when using room type filters and the user has one or more remote invites. (#17434)heroes
bystream_ordering
as the Matrix specification states (applies to/sync
). (#17435)/sync
would break for a user when using workers with multiple stream writers. (#17438)Improved Documentation
default_power_level_content_override
config option. (#17451)Internal Changes
RateLimiter.record_action
. (#17426)/sync
endpoint to bump room when it is created. (#17453)get_rooms_for_local_user_where_membership_is
to speed up sliding sync. (#17460)$ME
as a state key in sliding sync. (#17469)Updates to locked dependencies
v1.111.1
Compare Source
Synapse 1.111.1 (2024-07-30)
This security release is to update our locked dependency on Twisted to 24.7.0rc1, which includes a security fix for CVE-2024-41671 / GHSA-c8m8-j448-xjx7: Disordered HTTP pipeline response in twisted.web, again.
This issue means that, if multiple HTTP requests are pipelined in the same TCP connection, Synapse can send responses to the wrong HTTP request.
If a reverse proxy was configured to use HTTP pipelining, this could result in responses being sent to the wrong user, severely harming confidentiality.
With that said, despite being a high severity issue, we consider it unlikely that Synapse installations will be affected.
The use of HTTP pipelining in this fashion would cause worse performance for clients (request-response latencies would be increased as users' responses would be artificially blocked behind other users' slow requests). Further, Nginx and Haproxy, two common reverse proxies, do not appear to support configuring their upstreams to use HTTP pipelining and thus would not be affected. For both of these reasons, we consider it unlikely that a Synapse deployment would be set up in such a configuration.
Despite that, we cannot rule out that some installations may exist with this unusual setup and so we are releasing this security update today.
pip users: Note that by default, upgrading Synapse using pip will not automatically upgrade Twisted. Please manually install the new version of Twisted using
pip install Twisted==24.7.0rc1
. Note also that even the--upgrade-strategy=eager
flag topip install -U matrix-synapse
will not upgrade Twisted to a patched version because it is only a release candidate at this time.Internal Changes
v1.111.0
Compare Source
Synapse 1.111.0 (2024-07-16)
No significant changes since 1.111.0rc2.
Synapse 1.111.0rc2 (2024-07-10)
Bugfixes
synapse.app.media_repository
worker configuration would break the new media endpoints. (#17420)Improved Documentation
Internal Changes
Synapse 1.111.0rc1 (2024-07-09)
Features
rooms
data to experimental MSC3575 Sliding Sync/sync
endpoint. (#17320)room_types
/not_room_types
filtering to experimental MSC3575 Sliding Sync/sync
endpoint. (#17337)/sync
endpoint. (#17342)_matrix/client/v1/media/download
endpoint. (#17365)by adding
_matrix/client/v1/media/thumbnail
,_matrix/federation/v1/media/thumbnail
endpoints and stabilizing theremaining
_matrix/client/v1/media
endpoints. (#17388)rooms.bump_stamp
for easier client-side sorting in experimental MSC3575 Sliding Sync/sync
endpoint. (#17395)Bugfixes
/sync
endpoint when using an old database. (#17398)Improved Documentation
url_preview_url_blacklist
is a usability feature. (#17356)Internal Changes
ruff
version. (#17381, #17411)Updates to locked dependencies
v1.110.0
Compare Source
Synapse 1.110.0 (2024-07-03)
No significant changes since 1.110.0rc3.
Synapse 1.110.0rc3 (2024-07-02)
Bugfixes
/sync
requests could get blocked indefinitely after an upgrade from Synapse versions before v1.109.0. (#17386, #17391)Internal Changes
Synapse 1.110.0rc2 (2024-06-26)
Internal Changes
Synapse 1.110.0rc1 (2024-06-26)
Features
/sync
endpoint. (#17187, #17301)is_dm
filtering to experimental MSC3575 Sliding Sync/sync
endpoint. (#17277)is_encrypted
filtering to experimental MSC3575 Sliding Sync/sync
endpoint. (#17281)stream_ordering
sort to experimental MSC3575 Sliding Sync/sync
endpoint. (#17293)register_new_matrix_user
now supports a --password-file flag, whichis useful for scripting. (#17294)
register_new_matrix_user
now supports a --exists-ok flag to allow registration of users that already exist in the database.This is useful for scripts that bootstrap user accounts with initial passwords. (#17304)
is_invite
filtering to experimental MSC3575 Sliding Sync/sync
endpoint. (#17335)Configuration
📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).
🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.
♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.
🔕 Ignore: Close this PR and you won't be reminded about this update again.
This PR was generated by Mend Renovate. View the repository job log.