Commit Graph

23613 Commits

Author SHA1 Message Date
dependabot[bot]
1cc1d6b655
Bump pyo3 from 0.20.2 to 0.20.3 (#16962) 2024-03-14 10:36:13 +00:00
Richard van der Hoff
92f2069627
Multi-worker-docker-container: disable log buffering (#16919)
Background: we have a `matrixdotorg/synapse-workers` docker image, which
is intended for running multiple workers within the same container. That
image includes a `prefix-log` script which, for each line printed to
stdout or stderr by one of the processes, prepends the name of the
process.

This commit disables buffering in that script, so that lines are logged
quickly after they are printed. This makes it much easier to understand
the output, since they then come out in a natural order.
2024-03-13 17:21:37 +00:00
dependabot[bot]
9b5eef95ad
Bump ruff from 0.1.14 to 0.3.2 (#16994) 2024-03-13 17:06:23 +00:00
dependabot[bot]
e161103b46
Bump mypy from 1.5.1 to 1.8.0 (#16901) 2024-03-13 17:05:57 +00:00
dependabot[bot]
f4e12ceb1f
Bump dawidd6/action-download-artifact from 3.1.1 to 3.1.2 (#16960) 2024-03-13 16:50:47 +00:00
dependabot[bot]
10e56b162f
Bump cryptography from 41.0.7 to 42.0.5 (#16958) 2024-03-13 16:50:11 +00:00
dependabot[bot]
74fb3e1996
Bump serde_json from 1.0.113 to 1.0.114 (#16961) 2024-03-13 16:49:54 +00:00
dependabot[bot]
a91fb6cc06
Bump serde from 1.0.196 to 1.0.197 (#16963) 2024-03-13 16:49:19 +00:00
dependabot[bot]
6cb8839f67
Bump log from 0.4.20 to 0.4.21 (#16977) 2024-03-13 16:49:06 +00:00
dependabot[bot]
1e68b56a62
Bump black from 23.10.1 to 24.2.0 (#16936) 2024-03-13 16:46:44 +00:00
V02460
2bdf6280f6
Raise poetry-core version cap to 1.9.0 (#16986)
A new poetry-core version was released. See if CI is happy. Required for
the latest Fedora Synapse package.
2024-03-13 16:40:08 +00:00
Erik Johnston
5c0b87ff95 Update changelog 2024-03-12 15:12:19 +00:00
Erik Johnston
0d44f64c4e Merge remote-tracking branch 'origin/develop' into release-v1.103 2024-03-12 15:11:03 +00:00
Gerrit Gogel
1f88790764
Prevent locking up while processing batched_auth_events (#16968)
This PR aims to fix #16895, caused by a regression in #7 and not fixed
by #16903. The PR #16903 only fixes a starvation issue, where the CPU
isn't released. There is a second issue, where the execution is blocked.
This theory is supported by the flame graphs provided in #16895 and the
fact that I see the CPU usage reducing and far below the limit.

Since the changes in #7, the method `check_state_independent_auth_rules`
is called with the additional parameter `batched_auth_events`:


6fa13b4f92/synapse/handlers/federation_event.py (L1741-L1743)


It makes the execution enter this if clause, introduced with #15195


6fa13b4f92/synapse/event_auth.py (L178-L189)

There are two issues in the above code snippet.

First, there is the blocking issue. I'm not entirely sure if this is a
deadlock, starvation, or something different. In the beginning, I
thought the copy operation was responsible. It wasn't. Then I
investigated the nested `store.get_events` inside the function `update`.
This was also not causing the blocking issue. Only when I replaced the
set difference operation (`-` ) with a list comprehension, the blocking
was resolved. Creating and comparing sets with a very large amount of
events seems to be problematic.

This is how the flamegraph looks now while persisting outliers. As you
can see, the execution no longer locks up in the above function.

![output_2024-02-28_13-59-40](https://github.com/element-hq/synapse/assets/13143850/6db9c9ac-484f-47d0-bdde-70abfbd773ec)

Second, the copying here doesn't serve any purpose, because only a
shallow copy is created. This means the same objects from the original
dict are referenced. This fails the intention of protecting these
objects from mutation. The review of the original PR
https://github.com/matrix-org/synapse/pull/15195 had an extensive
discussion about this matter.

Various approaches to copying the auth_events were attempted:
1) Implementing a deepcopy caused issues due to
builtins.EventInternalMetadata not being pickleable.
2) Creating a dict with new objects akin to a deepcopy.
3) Creating a dict with new objects containing only necessary
attributes.

Concluding, there is no easy way to create an actual copy of the
objects. Opting for a deepcopy can significantly strain memory and CPU
resources, making it an inefficient choice. I don't see why the copy is
necessary in the first place. Therefore I'm proposing to remove it
altogether.

After these changes, I was able to successfully join these rooms,
without the main worker locking up:
- #synapse:matrix.org
- #element-android:matrix.org
- #element-web:matrix.org
- #ecips:matrix.org
- #ipfs-chatter:ipfs.io
- #python:matrix.org
- #matrix:matrix.org
2024-03-12 15:07:36 +00:00
Erik Johnston
9d7880c0c6 1.103.0rc1 2024-03-12 15:03:45 +00:00
Alexander Fechler
48f59d3806
deactivated flag refactored to filter deactivated users. (#16874)
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-03-11 16:08:04 +00:00
Patrick Cloke
696cc9e802
Stabilize support for Retry-After header (MSC4014) (#16947) 2024-03-08 09:33:46 +00:00
Quentin Gliech
4af33015af
Fix joining remote rooms when a on_new_event callback is registered (#16973)
Since Synapse 1.76.0, any module which registers a `on_new_event`
callback would brick the ability to join remote rooms.
This is because this callback tried to get the full state of the room,
which would end up in a deadlock.

Related:
https://github.com/matrix-org/synapse-auto-accept-invite/issues/18

The following module would brick the ability to join remote rooms:

```python
from typing import Any, Dict, Literal, Union
import logging

from synapse.module_api import ModuleApi, EventBase

logger = logging.getLogger(__name__)

class MyModule:
    def __init__(self, config: None, api: ModuleApi):
        self._api = api
        self._config = config

        self._api.register_third_party_rules_callbacks(
            on_new_event=self.on_new_event,
        )

    async def on_new_event(self, event: EventBase, _state_map: Any) -> None:
        logger.info(f"Received new event: {event}")

    @staticmethod
    def parse_config(_config: Dict[str, Any]) -> None:
        return None
```

This is technically a breaking change, as we are now passing partial
state on the `on_new_event` callback.
However, this callback was broken for federated rooms since 1.76.0, and
local rooms have full state anyway, so it's unlikely that it would
change anything.
2024-03-06 16:00:20 +01:00
Andrew Morgan
2d1bb0b06b Merge remote-tracking branch 'origin/release-v1.102' into develop 2024-03-05 16:03:24 +00:00
Andrew Morgan
ab80b3412e
Revert "Ignore notification counts from rooms you've left" (#16981) 2024-03-05 16:02:54 +00:00
Andrew Morgan
1dee1b72ec Switch #16979 changelog type from internal change to bugfix 2024-03-05 15:13:32 +00:00
Andrew Morgan
571ca0c004 1.102.0 2024-03-05 14:47:35 +00:00
Andrew Morgan
8a05304222
Revert "Improve DB performance of calculating badge counts for push. (#16756)" (#16979) 2024-03-05 12:27:27 +00:00
Andrew Morgan
274f289a52
Ignore notification counts from rooms you've left (#16954)
Co-authored-by: reivilibre <oliverw@matrix.org>
2024-02-23 14:12:10 +00:00
Twilight Sparkle
8de3283ebe
Add docs on upgrading from a very old version (#16951)
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-02-22 17:36:41 +00:00
dependabot[bot]
4ad70f115b
Bump anyhow from 1.0.79 to 1.0.80 (#16935)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:40:34 +00:00
dependabot[bot]
3778cea776
Bump pyopenssl from 23.3.0 to 24.0.0 (#16937)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:38:38 +00:00
dependabot[bot]
5ce9498047
Bump JasonEtco/create-an-issue from 2.9.1 to 2.9.2 (#16934)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:37:32 +00:00
dependabot[bot]
f2c5f1564e
Bump types-netaddr from 0.10.0.20240106 to 1.2.0.20240219 (#16938)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:36:35 +00:00
dependabot[bot]
91694907da
Bump furo from 2023.9.10 to 2024.1.29 (#16939)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:35:05 +00:00
dependabot[bot]
e0b19a4777
Bump dawidd6/action-download-artifact from 3.0.0 to 3.1.1 (#16933)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-21 10:34:03 +00:00
kegsay
0c55c76da8
Better complement docs (#16946) 2024-02-20 17:14:50 +00:00
Andrew Morgan
3eb0a3b468 Merge branch 'release-v1.102' into develop 2024-02-20 16:57:37 +00:00
Georg
7c1c011942
Add HAProxy example for single port operation (#16768) 2024-02-20 16:15:58 +00:00
Andrew Morgan
7856ec96ef 1.102.0rc1 2024-02-20 15:51:17 +00:00
Erik Johnston
cdbbf3653d
Don't lock up when joining large rooms (#16903)
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
2024-02-20 14:29:18 +00:00
kegsay
c51a2240d1
bugfix: always prefer unthreaded receipt when >1 exist (MSC4102) (#16927)
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-02-20 14:12:06 +00:00
Erik Johnston
e5dfb6ecbf
Fix incorrect docker hub link in release script (#16910) 2024-02-20 12:20:31 +00:00
Rainer Zufall
1b7304c8b4
fix typo in admin_api/rooms.md (#16857)
Co-authored-by: Andrew Morgan <andrew@amorgan.xyz>
2024-02-20 12:20:23 +00:00
Remi Rampin
0621e8eb0e
Add metric for emails sent (#16881)
This adds a counter `synapse_emails_sent_total` for emails sent. They
are broken down by `type`, which are `password_reset`, `registration`,
`add_threepid`, `notification` (matching the methods of `Mailer`).
2024-02-14 15:30:03 +00:00
Erik Johnston
bc1db16086 Merge branch 'master' into develop 2024-02-13 13:24:29 +00:00
Erik Johnston
7b4d7429f8
Don't invalidate the entire event cache when we purge history (#16905)
We do this by adding support to the LRU cache for "extra indices" based
on the cached value. This allows us to efficiently map from room ID to
the cached events and only invalidate those.
2024-02-13 13:24:11 +00:00
Erik Johnston
01910b981f
Add a config to not send out device list updates for specific users (#16909)
List of users not to send out device list updates for when they register
new devices. This is useful to handle bot accounts.

This is undocumented as its mostly a hack to test on matrix.org.

Note: This will still send out device list updates if the device is
later updated, e.g. end to end keys are added.
2024-02-13 13:23:03 +00:00
Erik Johnston
2252bae3df 1.101.0 2024-02-13 10:45:40 +00:00
dependabot[bot]
79e31e8527
Bump pygithub from 2.1.1 to 2.2.0 (#16902) 2024-02-12 16:29:07 +00:00
dependabot[bot]
b07617fbe8
Bump attrs from 23.1.0 to 23.2.0 (#16899) 2024-02-12 16:27:51 +00:00
dependabot[bot]
e7cdf6152b
Bump bcrypt from 4.0.1 to 4.1.2 (#16900)
Bumps [bcrypt](https://github.com/pyca/bcrypt) from 4.0.1 to 4.1.2.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b9223e61e2"><code>b9223e6</code></a>
Try building py39 wheels to see if that helps with reinitialization
errors (#...</li>
<li><a
href="5049783444"><code>5049783</code></a>
Bump syn from 2.0.40 to 2.0.41 in /src/_bcrypt (<a
href="https://redirect.github.com/pyca/bcrypt/issues/696">#696</a>)</li>
<li><a
href="642d070972"><code>642d070</code></a>
Bump syn from 2.0.39 to 2.0.40 in /src/_bcrypt (<a
href="https://redirect.github.com/pyca/bcrypt/issues/693">#693</a>)</li>
<li><a
href="8b44a1046a"><code>8b44a10</code></a>
Bump libc from 0.2.150 to 0.2.151 in /src/_bcrypt (<a
href="https://redirect.github.com/pyca/bcrypt/issues/692">#692</a>)</li>
<li><a
href="951cc64d0c"><code>951cc64</code></a>
Bump once_cell from 1.18.0 to 1.19.0 in /src/_bcrypt (<a
href="https://redirect.github.com/pyca/bcrypt/issues/690">#690</a>)</li>
<li><a
href="7377c6db3a"><code>7377c6d</code></a>
Bump actions/setup-python from 4.8.0 to 5.0.0 (<a
href="https://redirect.github.com/pyca/bcrypt/issues/689">#689</a>)</li>
<li><a
href="61b32039d4"><code>61b3203</code></a>
Bump actions/setup-python from 4.7.1 to 4.8.0 (<a
href="https://redirect.github.com/pyca/bcrypt/issues/688">#688</a>)</li>
<li><a
href="1c3159a28a"><code>1c3159a</code></a>
Fixed wheels for older versions of macOS (<a
href="https://redirect.github.com/pyca/bcrypt/issues/687">#687</a>)</li>
<li><a
href="1a41437d3a"><code>1a41437</code></a>
Update README.rst (<a
href="https://redirect.github.com/pyca/bcrypt/issues/682">#682</a>)</li>
<li><a
href="7881c5beef"><code>7881c5b</code></a>
Fix building windows abi3 wheels (<a
href="https://redirect.github.com/pyca/bcrypt/issues/681">#681</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pyca/bcrypt/compare/4.0.1...4.1.2">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=bcrypt&package-manager=pip&previous-version=4.0.1&new-version=4.1.2)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 16:27:43 +00:00
dependabot[bot]
c415b7a412
Bump sentry-sdk from 1.40.0 to 1.40.3 (#16898)
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from
1.40.0 to 1.40.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/releases">sentry-sdk's
releases</a>.</em></p>
<blockquote>
<h2>1.40.3</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>Turn off metrics for uWSGI (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Minor improvements (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li>
</ul>
<h2>1.40.2</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>test: Fix <code>pytest</code> error (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>1.40.1</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>Fix uWSGI workers hanging (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Make metrics work with <code>gevent</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Guard against <code>engine.url</code> being <code>None</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2708">#2708</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix performance regression in
<code>sentry_sdk.utils._generate_installed_modules</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2703">#2703</a>)
by <a
href="https://github.com/GlenWalker"><code>@​GlenWalker</code></a></li>
<li>Guard against Sentry initialization mid SQLAlchemy cursor (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2702">#2702</a>)
by <a
href="https://github.com/apmorton"><code>@​apmorton</code></a></li>
<li>Fix yaml generation script (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2695">#2695</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix AWS Lambda workflow (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2710">#2710</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Bump <code>codecov/codecov-action</code> from 3 to 4 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2706">#2706</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/cache</code> from 3 to 4 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2661">#2661</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/checkout</code> from 3.1.0 to 4.1.1 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2561">#2561</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>github/codeql-action</code> from 2 to 3 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2603">#2603</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/setup-python</code> from 4 to 5 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2577">#2577</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md">sentry-sdk's
changelog</a>.</em></p>
<blockquote>
<h2>1.40.3</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>Turn off metrics for uWSGI (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Minor improvements (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>)
by <a
href="https://github.com/antonpirker"><code>@​antonpirker</code></a></li>
</ul>
<h2>1.40.2</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>test: Fix <code>pytest</code> error (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>)
by <a
href="https://github.com/szokeasaurusrex"><code>@​szokeasaurusrex</code></a></li>
<li>build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129
(<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
<h2>1.40.1</h2>
<h3>Various fixes &amp; improvements</h3>
<ul>
<li>Fix uWSGI workers hanging (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Make metrics work with <code>gevent</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2694">#2694</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Guard against <code>engine.url</code> being <code>None</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2708">#2708</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix performance regression in
<code>sentry_sdk.utils._generate_installed_modules</code> (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2703">#2703</a>)
by <a
href="https://github.com/GlenWalker"><code>@​GlenWalker</code></a></li>
<li>Guard against Sentry initialization mid SQLAlchemy cursor (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2702">#2702</a>)
by <a
href="https://github.com/apmorton"><code>@​apmorton</code></a></li>
<li>Fix yaml generation script (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2695">#2695</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Fix AWS Lambda workflow (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2710">#2710</a>)
by <a
href="https://github.com/sentrivana"><code>@​sentrivana</code></a></li>
<li>Bump <code>codecov/codecov-action</code> from 3 to 4 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2706">#2706</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/cache</code> from 3 to 4 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2661">#2661</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/checkout</code> from 3.1.0 to 4.1.1 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2561">#2561</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>github/codeql-action</code> from 2 to 3 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2603">#2603</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
<li>Bump <code>actions/setup-python</code> from 4 to 5 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2577">#2577</a>)
by <a
href="https://github.com/dependabot"><code>@​dependabot</code></a></li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="84c4c127ff"><code>84c4c12</code></a>
Update CHANGELOG.md</li>
<li><a
href="f92b4f2247"><code>f92b4f2</code></a>
release: 1.40.3</li>
<li><a
href="f23bdd32fe"><code>f23bdd3</code></a>
fix(metrics): Turn off metrics for uWSGI (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2720">#2720</a>)</li>
<li><a
href="c77a1235f4"><code>c77a123</code></a>
Minor improvements (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2714">#2714</a>)</li>
<li><a
href="2186e227a5"><code>2186e22</code></a>
Merge branch 'release/1.40.2'</li>
<li><a
href="139469a01f"><code>139469a</code></a>
release: 1.40.2</li>
<li><a
href="d97e7d75f7"><code>d97e7d7</code></a>
test: Fix <code>pytest</code> error (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2712">#2712</a>)</li>
<li><a
href="60e644c8e3"><code>60e644c</code></a>
build(deps): bump types-protobuf from 4.24.0.4 to 4.24.0.20240129 (<a
href="https://redirect.github.com/getsentry/sentry-python/issues/2691">#2691</a>)</li>
<li><a
href="d769becc92"><code>d769bec</code></a>
Merge branch 'release/1.40.1'</li>
<li><a
href="ad25ed961b"><code>ad25ed9</code></a>
Update CHANGELOG.md</li>
<li>Additional commits viewable in <a
href="https://github.com/getsentry/sentry-python/compare/1.40.0...1.40.3">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=sentry-sdk&package-manager=pip&previous-version=1.40.0&new-version=1.40.3)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-02-12 16:27:32 +00:00
Erik Johnston
ea1b30940e Merge remote-tracking branch 'origin/release-v1.101' into develop 2024-02-09 10:52:35 +00:00
Erik Johnston
bfa93d1d3b
Only do one concurrent fetch per server in keyring (#16894)
Otherwise if we've stacked a bunch of requests for the keys of a server,
we'll end up sending lots of concurrent requests for its keys,
needlessly.
2024-02-09 10:51:11 +00:00