Commit Graph

24023 Commits

Author SHA1 Message Date
Erik Johnston
7c9ac01eb5
Fix bug where StreamChangeCache would not respect cache factors (#17152)
Annoyingly mypy didn't pick up this typo.
2024-05-03 18:00:08 +01:00
Erik Johnston
3818597751
Fix lint.sh script (#17148)
Broke in #17073
2024-05-03 17:12:03 +01:00
Andrew Morgan
3aadf43122
Bump pillow from 10.2.0 to 10.3.0 (#17146) 2024-05-03 10:55:59 +01:00
jahway603
5b6a75935e
upgrade.md: Bump minimum Rust version to 1.66.0 (element-hq#17079) (#17140)
upgrade.md: Bump minimum Rust version to 1.66.0 (element-hq#17079)
2024-05-02 14:57:29 +01:00
Benjamin Bouvier
c0ea2bf800
synapse complement image: hardcode enabling msc3266 (#17105)
This is an alternative to
https://github.com/matrix-org/matrix-rust-sdk/issues/3340 where we don't
need to change our CI setup too much in the Rust SDK repository, and
still can test MSC3266.
2024-05-02 11:48:27 +01:00
Shay
37558d5e4c
Add support for MSC3823 - Account Suspension (#17051) 2024-05-01 17:45:17 +01:00
Erik Johnston
0b358f8643
Drop sphinx docs (#17073)
It is broken, and we only seemed to have been building it for the
federation sender.

Closes https://github.com/element-hq/synapse/issues/16804
2024-05-01 16:01:50 +00:00
Ben Banfield-Zanin
7254015665
Correct licensing metadata on the Docker image (#17141)
### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [x] Pull request is based on the develop branch
* [x] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [x] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-05-01 16:23:42 +01:00
Tulir Asokan
1e10f437cf Merge remote-tracking branch 'upstream/release-v1.106' 2024-05-01 16:26:29 +02:00
Andrew Morgan
e84a493f41 Merge branch 'master' into develop 2024-04-30 14:42:45 +01:00
Richard van der Hoff
07232e27a8
Enable complement tests for MSC4115 support (#17137)
Follow-up to #17137 and
https://github.com/matrix-org/complement/pull/722
2024-04-30 13:57:20 +01:00
Andrew Morgan
e26673fe97 1.106.0 2024-04-30 11:51:50 +01:00
devonh
7ab0f630da
Apply user email & picture during OIDC registration if present & selected (#17120)
This change will apply the `email` & `picture` provided by OIDC to the
new user account when registering a new user via OIDC. If the user is
directed to the account details form, this change makes sure they have
been selected before applying them, otherwise they are omitted. In
particular, this change ensures the values are carried through when
Synapse has consent configured, and the redirect to the consent form/s
are followed.

I have tested everything manually. Including: 
- with/without consent configured
- allowing/not allowing the use of email/avatar (via
`sso_auth_account_details.html`)
- with/without automatic account detail population (by un/commenting the
`localpart_template` option in synapse config).

### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [X] Pull request is based on the develop branch
* [X] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [X] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-04-29 15:23:05 +00:00
Richard van der Hoff
b548f7803a
Add support for MSC4115 (#17104)
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-04-29 15:22:13 +01:00
Andrew Morgan
758aec6b34
Update tornado 6.2 -> 6.4 (#17131) 2024-04-29 14:33:25 +01:00
Richard van der Hoff
c897ac63e9
Ensure that incoming to-device messages are not dropped (#17127)
... when workers are unreachable, etc.

Fixes https://github.com/element-hq/synapse/issues/17117.

The general principle is just to make sure that we propagate any
exceptions to the JsonResource, so that we return an error code to the
sending server. That means that the sending server no longer considers
the message safely sent, so it will retry later.

In the issue, Erik mentions that an alternative solution would be to
persist the to-device messages into a table so that they can be retried.
This might be an improvement for performance, but even if we did that,
we still need this mechanism, since we might be unable to reach the
database. So, if we want to do that, it can be a later follow-up.

---------

Co-authored-by: Erik Johnston <erik@matrix.org>
2024-04-29 14:11:00 +01:00
Patrick Cloke
38bc7a009d
Declare support for Matrix v1.10. (#17082)
Pretty straightforward. 😄 

Fixes #17021
2024-04-29 14:09:03 +01:00
dependabot[bot]
6a275828c8
Bump types-setuptools from 69.0.0.20240125 to 69.5.0.20240423 (#17134)
Bumps [types-setuptools](https://github.com/python/typeshed) from
69.0.0.20240125 to 69.5.0.20240423.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/python/typeshed/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-setuptools&package-manager=pip&previous-version=69.0.0.20240125&new-version=69.5.0.20240423)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:06:14 +01:00
dependabot[bot]
6e373468a4
Bump idna from 3.6 to 3.7 (#17136)
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/releases">idna's
releases</a>.</em></p>
<blockquote>
<h2>v3.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix issue where specially crafted inputs to encode() could take
exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's
changelog</a>.</em></p>
<blockquote>
<p>3.7 (2024-04-11)
++++++++++++++++</p>
<ul>
<li>Fix issue where specially crafted inputs to encode() could
take exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1d365e17e1"><code>1d365e1</code></a>
Release v3.7</li>
<li><a
href="c1b3154939"><code>c1b3154</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from
kjd/optimize-contextj</li>
<li><a
href="0394ec76ff"><code>0394ec7</code></a>
Merge branch 'master' into optimize-contextj</li>
<li><a
href="cd58a23173"><code>cd58a23</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from
elliotwutingfeng/dev</li>
<li><a
href="5beb28b9dd"><code>5beb28b</code></a>
More efficient resolution of joiner contexts</li>
<li><a
href="1b121483ed"><code>1b12148</code></a>
Update ossf/scorecard-action to v2.3.1</li>
<li><a
href="d516b874c3"><code>d516b87</code></a>
Update Github actions/checkout to v4</li>
<li><a
href="c095c75943"><code>c095c75</code></a>
Merge branch 'master' into dev</li>
<li><a
href="60a0a4cb61"><code>60a0a4c</code></a>
Fix typo in GitHub Actions workflow key</li>
<li><a
href="5918a0ef80"><code>5918a0e</code></a>
Merge branch 'master' into dev</li>
<li>Additional commits viewable in <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.6&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:06:02 +01:00
dependabot[bot]
48ee17dc79
Bump twisted from 23.10.0 to 24.3.0 (#17135)
Bumps [twisted](https://github.com/twisted/twisted) from 23.10.0 to
24.3.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/twisted/releases">twisted's
releases</a>.</em></p>
<blockquote>
<h1>Twisted 24.3.0 (2024-03-01)</h1>
<p>This release supports PyPy v7.3.14.</p>
<h2>Bugfixes</h2>
<ul>
<li>twisted.logger.formatEvent now honors dotted method names, not just
flat function names, in format strings, as it has long been
explicitly documented to do. So, you will now get the expected
result from [formatEvent(&quot;here's the result of calling a method at
log-format time: {obj.method()}&quot;, obj=...)]{.title-ref} (<a
href="https://redirect.github.com/twisted/twisted/issues/9347">#9347</a>)</li>
<li>twisted.web.http.HTTPChannel now ignores the trailer headers
provided in the last chunk of a chunked encoded response, rather
than raising an exception. (<a
href="https://redirect.github.com/twisted/twisted/issues/11997">#11997</a>)</li>
<li>twisted.protocols.tls.BufferingTLSTransport, used by default by
twisted.protocols.tls.TLSMemoryBIOFactory, was refactored for
improved performance when doing a high number of small writes.
(<a
href="https://redirect.github.com/twisted/twisted/issues/12011">#12011</a>)</li>
<li>twisted.python.failure.Failure now throws exception for generators
without triggering a deprecation warnings on Python 3.12. (<a
href="https://redirect.github.com/twisted/twisted/issues/12026">#12026</a>)</li>
<li>twisted.internet.process.Process, used by
<code>reactor.spawnProcess</code>,
now copies the parent environment when the [env=None]{.title-ref}
argument is passed on Posix systems and <code>os.posix_spawnp</code> is
used
internally. (<a
href="https://redirect.github.com/twisted/twisted/issues/12068">#12068</a>)</li>
<li>twisted.internet.defer.inlineCallbacks.returnValue's stack
introspection was adjusted for the latest PyPy 7.3.14 release,
allowing legacy <a
href="https://github.com/inlineCallbacks"><code>@​inlineCallbacks</code></a>
to run on new PyPY versions.
(<a
href="https://redirect.github.com/twisted/twisted/issues/12084">#12084</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>twisted.trial.reporter.TestRun.startTest() is no longer called for
tests with skip annotation or skip attribute for Python 3.12.1 or
newer. This is the result of upstream Python <a
href="https://redirect.github.com/twisted/twisted/issues/106584">gh-106584</a>
change. The
behavior is not change in 3.12.0 or older. (<a
href="https://redirect.github.com/twisted/twisted/issues/12052">#12052</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/twisted/twisted/issues/11902">#11902</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12018">#12018</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12023">#12023</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12031">#12031</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12032">#12032</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12052">#12052</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12056">#12056</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12067">#12067</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12076">#12076</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12078">#12078</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12087">#12087</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12095">#12095</a></li>
</ul>
<h2>Conch</h2>
<p>No significant changes.</p>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/twisted/twisted/blob/trunk/NEWS.rst">twisted's
changelog</a>.</em></p>
<blockquote>
<h1>Twisted 24.3.0 (2024-03-01)</h1>
<p>This release supports PyPy v7.3.14.</p>
<h2>Bugfixes</h2>
<ul>
<li>twisted.logger.formatEvent now honors dotted method names, not just
flat
function names, in format strings, as it has long been explicitly
documented to
do. So, you will now get the expected result from
<code>formatEvent(&quot;here's the result of calling a method at
log-format time: {obj.method()}&quot;, obj=...)</code> (<a
href="https://redirect.github.com/twisted/twisted/issues/9347">#9347</a>)</li>
<li>twisted.web.http.HTTPChannel now ignores the trailer headers
provided in the last chunk of a chunked encoded response, rather than
raising an exception. (<a
href="https://redirect.github.com/twisted/twisted/issues/11997">#11997</a>)</li>
<li>twisted.protocols.tls.BufferingTLSTransport, used by default by
twisted.protocols.tls.TLSMemoryBIOFactory, was refactored for improved
performance when doing a high number of small writes. (<a
href="https://redirect.github.com/twisted/twisted/issues/12011">#12011</a>)</li>
<li>twisted.python.failure.Failure now throws exception for generators
without triggering a deprecation warnings on Python 3.12. (<a
href="https://redirect.github.com/twisted/twisted/issues/12026">#12026</a>)</li>
<li>twisted.internet.process.Process, used by
<code>reactor.spawnProcess</code>, now copies the parent environment
when the <code>env=None</code> argument is passed on Posix systems and
<code>os.posix_spawnp</code> is used internally. (<a
href="https://redirect.github.com/twisted/twisted/issues/12068">#12068</a>)</li>
<li>twisted.internet.defer.inlineCallbacks.returnValue's stack
introspection was adjusted for the latest PyPy 7.3.14 release, allowing
legacy <a
href="https://github.com/inlineCallbacks"><code>@​inlineCallbacks</code></a>
to run on new PyPY versions. (<a
href="https://redirect.github.com/twisted/twisted/issues/12084">#12084</a>)</li>
</ul>
<h2>Deprecations and Removals</h2>
<ul>
<li>twisted.trial.reporter.TestRun.startTest() is no longer called for
tests
with skip annotation or skip attribute for Python 3.12.1 or newer.
This is the result of upstream Python <a
href="https://redirect.github.com/twisted/twisted/issues/106584">gh-106584</a>
change.
The behavior is not change in 3.12.0 or older. (<a
href="https://redirect.github.com/twisted/twisted/issues/12052">#12052</a>)</li>
</ul>
<h2>Misc</h2>
<ul>
<li><a
href="https://redirect.github.com/twisted/twisted/issues/11902">#11902</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12018">#12018</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12023">#12023</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12031">#12031</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12032">#12032</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12052">#12052</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12056">#12056</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12067">#12067</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12076">#12076</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12078">#12078</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12087">#12087</a>,
<a
href="https://redirect.github.com/twisted/twisted/issues/12095">#12095</a></li>
</ul>
<h2>Conch</h2>
<p>No significant changes.</p>
<h2>Web</h2>
<p>Bugfixes</p>
<pre><code>
- The documentation for twisted.web.client.CookieAgent no longer
references
long-deprecated ``cookielib`` and ``urllib2`` standard library modules.
([#12044](https://github.com/twisted/twisted/issues/12044))
<p>&lt;/tr&gt;&lt;/table&gt;
</code></pre></p>
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="2e59e1fb32"><code>2e59e1f</code></a>
Merge remote-tracking branch 'origin/release-24.2.0-12097' into
release-24.2....</li>
<li><a
href="64a18eb6d8"><code>64a18eb</code></a>
Prep for final release.</li>
<li><a
href="c33d114c83"><code>c33d114</code></a>
Update NEWS.rst</li>
<li><a
href="d7c9b3d886"><code>d7c9b3d</code></a>
Clarify and fix docs.</li>
<li><a
href="4ed1a5b8ad"><code>4ed1a5b</code></a>
Update copyright year.</li>
<li><a
href="a2ba6eb330"><code>a2ba6eb</code></a>
Changelog for 24.2.0.</li>
<li><a
href="f2f1bc5d54"><code>f2f1bc5</code></a>
New pre-release.</li>
<li><a
href="446ee13918"><code>446ee13</code></a>
Fix chat.py example (<a
href="https://redirect.github.com/twisted/twisted/issues/12070">#12070</a>)</li>
<li><a
href="d05599b21a"><code>d05599b</code></a>
Merge branch 'trunk' into fix-chat-example</li>
<li><a
href="234f3788b6"><code>234f378</code></a>
<a
href="https://redirect.github.com/twisted/twisted/issues/11902">#11902</a>
- Fix type for twisted.web.server.Request.defaultContentType (<a
href="https://redirect.github.com/twisted/twisted/issues/12101">#12101</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/twisted/twisted/compare/twisted-23.10.0...twisted-24.3.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=twisted&package-manager=pip&previous-version=23.10.0&new-version=24.3.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:05:53 +01:00
dependabot[bot]
f6437ca1c4
Bump serde from 1.0.198 to 1.0.199 (#17132)
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.198 to
1.0.199.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.199</h2>
<ul>
<li>Fix ambiguous associated item when
<code>forward_to_deserialize_any!</code> is used on an enum with
<code>Error</code> variant (<a
href="https://redirect.github.com/serde-rs/serde/issues/2732">#2732</a>,
thanks <a
href="https://github.com/aatifsyed"><code>@​aatifsyed</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1477028717"><code>1477028</code></a>
Release 1.0.199</li>
<li><a
href="789740be0d"><code>789740b</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2732">#2732</a>
from aatifsyed/master</li>
<li><a
href="8fe7539bb2"><code>8fe7539</code></a>
fix: ambiguous associated type in forward_to_deserialize_any!</li>
<li><a
href="f6623a3654"><code>f6623a3</code></a>
Ignore cast_precision_loss pedantic clippy lint</li>
<li>See full diff in <a
href="https://github.com/serde-rs/serde/compare/v1.0.198...v1.0.199">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde&package-manager=cargo&previous-version=1.0.198&new-version=1.0.199)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:05:30 +01:00
dependabot[bot]
02bda250f8
Bump furo from 2024.1.29 to 2024.4.27 (#17133)
Bumps [furo](https://github.com/pradyunsg/furo) from 2024.1.29 to
2024.4.27.
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pradyunsg/furo/blob/main/docs/changelog.md">furo's
changelog</a>.</em></p>
<blockquote>
<h1>Changelog</h1>
<!-- raw HTML omitted -->
<h2>2024.04.27 -- Bold Burgundy</h2>
<ul>
<li>Add a skip to content link.</li>
<li>Add <code>--font-stack--headings</code>.</li>
<li>Add <code>:visited</code> colour and enforce uniform contrast
between light/dark.</li>
<li>Add an offset of <code>:target</code> to reduce back-to-top
overlap.</li>
<li>Improve dark mode colours.</li>
<li>Fix outstanding colour contrast warnings on Firefox.</li>
<li>Fix bad indent in footnotes.</li>
<li>Tweak handling of default configuration options in a more resilient
manner.</li>
<li>Tweak length and sizing of API <code>source</code> links.</li>
<li>Stop search engine indexing on search page.</li>
</ul>
<h2>2024.01.29 -- Amazing Amethyst</h2>
<ul>
<li>Fix canonical url when building with <code>dirhtml</code>.</li>
<li>Relicense the demo module.</li>
</ul>
<h2>2023.09.10 -- Zesty Zaffre</h2>
<ul>
<li>Make asset hash injection idempotent, fixing Sphinx 6
compatibility.</li>
<li>Fix the check for HTML builders, fixing non-HTML Read the Docs
builds.</li>
</ul>
<h2>2023.08.19 -- Xenolithic Xanadu</h2>
<ul>
<li>Fix missing search context with Sphinx 7.2, for dirhtml builds.</li>
<li>Drop support for Python 3.7.</li>
<li>Present configuration errors in a better format -- thanks <a
href="https://github.com/AA-Turner"><code>@​AA-Turner</code></a>!</li>
<li>Bump <code>require_sphinx()</code> to Sphinx 6.0, in line with
dependency changes in Unassuming Ultramarine.</li>
</ul>
<h2>2023.08.17 -- Wonderous White</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.2.0 and 7.2.1.</li>
</ul>
<h2>2023.07.26 -- Vigilant Volt</h2>
<ul>
<li>Fix compatiblity with Sphinx 7.1.</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="750fcd77fd"><code>750fcd7</code></a>
Prepare release: 2024.04.27</li>
<li><a
href="c0cb0200f0"><code>c0cb020</code></a>
Update changelog</li>
<li><a
href="3787a7c1f2"><code>3787a7c</code></a>
Patch <code>app.config</code> in a more resilient manner (<a
href="https://redirect.github.com/pradyunsg/furo/issues/783">#783</a>)</li>
<li><a
href="6a3afaba38"><code>6a3afab</code></a>
Indent all children of aside.footnote (<a
href="https://redirect.github.com/pradyunsg/furo/issues/788">#788</a>)</li>
<li><a
href="035b276516"><code>035b276</code></a>
fix: no index content on search page (<a
href="https://redirect.github.com/pradyunsg/furo/issues/784">#784</a>)</li>
<li><a
href="151f523271"><code>151f523</code></a>
[pre-commit.ci] pre-commit autoupdate (<a
href="https://redirect.github.com/pradyunsg/furo/issues/771">#771</a>)</li>
<li><a
href="2eb75aa20e"><code>2eb75aa</code></a>
Bump the github-actions group with 1 update (<a
href="https://redirect.github.com/pradyunsg/furo/issues/777">#777</a>)</li>
<li><a
href="df6f65c819"><code>df6f65c</code></a>
Bump the npm group with 6 updates (<a
href="https://redirect.github.com/pradyunsg/furo/issues/778">#778</a>)</li>
<li><a
href="0b51a5eebd"><code>0b51a5e</code></a>
Add space after period in ToC warning (<a
href="https://redirect.github.com/pradyunsg/furo/issues/776">#776</a>)</li>
<li><a
href="0188705150"><code>0188705</code></a>
Bump the npm group with 5 updates (<a
href="https://redirect.github.com/pradyunsg/furo/issues/770">#770</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pradyunsg/furo/compare/2024.01.29...2024.04.27">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=furo&package-manager=pip&previous-version=2024.1.29&new-version=2024.4.27)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:05:24 +01:00
devonh
0fd6b269d3
Fix various typos in docs (#17114)
### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [X] Pull request is based on the develop branch
* [X] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [X] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-04-26 18:10:45 +00:00
Tulir Asokan
ef1db42843 Merge remote-tracking branch 'upstream/release-v1.106' 2024-04-26 17:46:42 +02:00
Andrew Morgan
89fc579329
Fix filtering of rooms when supplying the destination query parameter to /_synapse/admin/v1/federation/destinations/<destination>/rooms (#17077) 2024-04-26 10:52:24 +01:00
villepeh
9c91873922
Add RuntimeDirectory to matrix-synapse.service (#17084)
This makes it easy to store UNIX sockets with correct permissions. Those
would be located in /run/synapse which is the directory used in many
examples in Synapse configuration manual. Additionally, the directory
and sockets are deleted when Synapse is shut down.
2024-04-26 09:56:20 +01:00
Michael Telatynski
41fbe387d6
Improve error message for cross signing reset with MSC3861 enabled (#17121) 2024-04-26 09:54:30 +01:00
Amanda H. L. de Andrade Katz
90cc9e5b29
Rephrase enable_notifs configuration (#17116) 2024-04-26 09:52:58 +01:00
Andrew Ferrazzutti
516fd891ee
Use recommended endpoint for MSC3266 requests (#17078)
Keep the existing endpoint for backwards compatibility

Signed-off-by: Andrew Ferrazzutti <andrewf@element.io>
2024-04-26 09:46:42 +01:00
Amanda H. L. de Andrade Katz
0ef2315a99
Update event_cache_size and global_factor configurations documentation (#17071)
### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [x] Pull request is based on the develop branch
* [x] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [x] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-04-26 09:44:54 +01:00
Melvyn Laïly
59710437e4
Return the search terms as search highlights for SQLite instead of nothing (#17000)
Fixes https://github.com/element-hq/synapse/issues/16999 and
https://github.com/element-hq/element-android/pull/8729 by returning the
search terms as search highlights.
2024-04-26 09:43:52 +01:00
dependabot[bot]
9985aa6821
Bump serde_json from 1.0.115 to 1.0.116 (#17112)
Bumps [serde_json](https://github.com/serde-rs/json) from 1.0.115 to
1.0.116.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/json/releases">serde_json's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.116</h2>
<ul>
<li>Make module structure comprehensible to static analysis (<a
href="https://redirect.github.com/serde-rs/json/issues/1124">#1124</a>,
thanks <a
href="https://github.com/mleonhard"><code>@​mleonhard</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="a3f62bb10e"><code>a3f62bb</code></a>
Release 1.0.116</li>
<li><a
href="12c8ee0ce6"><code>12c8ee0</code></a>
Hide &quot;non-exhaustive patterns&quot; errors when crate fails to
compile</li>
<li><a
href="051ce970fe"><code>051ce97</code></a>
Merge pull request 1124 from mleonhard/master</li>
<li><a
href="25dc75050a"><code>25dc750</code></a>
Replace <code>features_check</code> mod with a call to
<code>std::compile_error!</code>. Fixes htt...</li>
<li><a
href="2e15e3d7d5"><code>2e15e3d</code></a>
Revert &quot;Temporarily disable miri on doctests&quot;</li>
<li><a
href="0baba28775"><code>0baba28</code></a>
Resolve legacy_numeric_constants clippy lints</li>
<li>See full diff in <a
href="https://github.com/serde-rs/json/compare/v1.0.115...v1.0.116">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde_json&package-manager=cargo&previous-version=1.0.115&new-version=1.0.116)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:39:57 +01:00
dependabot[bot]
31742149d4
Bump serde from 1.0.197 to 1.0.198 (#17111)
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.197 to
1.0.198.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/serde-rs/serde/releases">serde's
releases</a>.</em></p>
<blockquote>
<h2>v1.0.198</h2>
<ul>
<li>Support serializing and deserializing
<code>Saturating&lt;T&gt;</code> (<a
href="https://redirect.github.com/serde-rs/serde/issues/2709">#2709</a>,
thanks <a
href="https://github.com/jbethune"><code>@​jbethune</code></a>)</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="c4fb923335"><code>c4fb923</code></a>
Release 1.0.198</li>
<li><a
href="65b7eea775"><code>65b7eea</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2729">#2729</a>
from dtolnay/saturating</li>
<li><a
href="01cd696fd1"><code>01cd696</code></a>
Integrate Saturating&lt;T&gt; deserialization into impl_deserialize_num
macro</li>
<li><a
href="c13b3f7e68"><code>c13b3f7</code></a>
Format PR 2709</li>
<li><a
href="a6571ee0da"><code>a6571ee</code></a>
Merge pull request <a
href="https://redirect.github.com/serde-rs/serde/issues/2709">#2709</a>
from jbethune/master</li>
<li><a
href="6e38afff49"><code>6e38aff</code></a>
Revert &quot;Temporarily disable miri on doctests&quot;</li>
<li><a
href="3d1b19ed90"><code>3d1b19e</code></a>
Implement Ser+De for <code>Saturating\&lt;T&gt;</code></li>
<li><a
href="5b24f88e73"><code>5b24f88</code></a>
Resolve legacy_numeric_constants clippy lints</li>
<li><a
href="74d06708dd"><code>74d0670</code></a>
Explicitly install a Rust toolchain for cargo-outdated job</li>
<li><a
href="3bfab6ef7f"><code>3bfab6e</code></a>
Temporarily disable miri on doctests</li>
<li>Additional commits viewable in <a
href="https://github.com/serde-rs/serde/compare/v1.0.197...v1.0.198">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=serde&package-manager=cargo&previous-version=1.0.197&new-version=1.0.198)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:39:49 +01:00
dependabot[bot]
947e8a6cb0
Bump types-bleach from 6.1.0.1 to 6.1.0.20240331 (#17110)
Bumps [types-bleach](https://github.com/python/typeshed) from 6.1.0.1 to
6.1.0.20240331.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/python/typeshed/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-bleach&package-manager=pip&previous-version=6.1.0.1&new-version=6.1.0.20240331)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:39:36 +01:00
dependabot[bot]
0d4d00a07c
Bump pyicu from 2.12 to 2.13 (#17109)
[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pyicu&package-manager=pip&previous-version=2.12&new-version=2.13)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:39:30 +01:00
dependabot[bot]
3166445514
Bump pydantic from 2.6.4 to 2.7.0 (#17107)
Bumps [pydantic](https://github.com/pydantic/pydantic) from 2.6.4 to
2.7.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/releases">pydantic's
releases</a>.</em></p>
<blockquote>
<h1>v2.7.0 (2024-04-11)</h1>
<p>The code released in v2.7.0 is practically identical to that of
v2.7.0b1.</p>
<h3>What's Changed</h3>
<h4>Packaging</h4>
<ul>
<li>Reorganize <code>pyproject.toml</code> sections by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8899">#8899</a></li>
<li>Bump <code>pydantic-core</code> to <code>v2.18.1</code> by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9211">#9211</a></li>
<li>Adopt <code>jiter</code> <code>v0.2.0</code> by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1250">pydantic/pydantic-core#1250</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Extract attribute docstrings from <code>FieldInfo.description</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/6563">#6563</a></li>
<li>Add a <code>with_config</code> decorator to comply with typing spec
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8611">#8611</a></li>
<li>Allow an optional separator splitting the value and unit of the
result of <code>ByteSize.human_readable</code> by <a
href="https://github.com/jks15satoshi"><code>@​jks15satoshi</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8706">#8706</a></li>
<li>Add generic <code>Secret</code> base type by <a
href="https://github.com/conradogarciaberrotaran"><code>@​conradogarciaberrotaran</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8519">#8519</a></li>
<li>Make use of <code>Sphinx</code> inventories for cross references in
docs by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/8682">#8682</a></li>
<li>Add environment variable to disable plugins by <a
href="https://github.com/geospackle"><code>@​geospackle</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8767">#8767</a></li>
<li>Add support for <code>deprecated</code> fields by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8237">#8237</a></li>
<li>Allow <code>field_serializer('*')</code> by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9001">#9001</a></li>
<li>Handle a case when <code>model_config</code> is defined as a model
property by <a
href="https://github.com/alexeyt101"><code>@​alexeyt101</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9004">#9004</a></li>
<li>Update <code>create_model()</code> to support
<code>typing.Annotated</code> as input by <a
href="https://github.com/wannieman98"><code>@​wannieman98</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/8947">#8947</a></li>
<li>Add <code>ClickhouseDsn</code> support by <a
href="https://github.com/solidguy7"><code>@​solidguy7</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9062">#9062</a></li>
<li>Add support for <code>re.Pattern[str]</code> to <code>pattern</code>
field by <a href="https://github.com/jag-k"><code>@​jag-k</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9053">#9053</a></li>
<li>Support for <code>serialize_as_any</code> runtime setting by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8830">#8830</a></li>
<li>Add support for <code>typing.Self</code> by <a
href="https://github.com/Youssefares"><code>@​Youssefares</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9023">#9023</a></li>
<li>Ability to pass <code>context</code> to serialization by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8965">#8965</a></li>
<li>Add feedback widget to docs with flarelytics integration by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9129">#9129</a></li>
<li>Support for parsing partial JSON strings in Python by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/jiter/pull/66">pydantic/jiter#66</a></li>
</ul>
<p><strong>Finalized in v2.7.0, rather than v2.7.0b1:</strong></p>
<ul>
<li>Add support for field level number to str coercion option by <a
href="https://github.com/NeevCohen"><code>@​NeevCohen</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9137">#9137</a></li>
<li>Update <code>warnings</code> parameter for serialization utilities
to allow raising a warning by <a
href="https://github.com/Lance-Drane"><code>@​Lance-Drane</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9166">#9166</a></li>
</ul>
<h4>Changes</h4>
<ul>
<li>Correct docs, logic for <code>model_construct</code> behavior with
<code>extra</code> by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8807">#8807</a></li>
<li>Improve error message for improper <code>RootModel</code> subclasses
by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8857">#8857</a></li>
<li>Use <code>PEP570</code> syntax by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8940">#8940</a></li>
<li>Add <code>enum</code> and <code>type</code> to the JSON schema for
single item literals by <a
href="https://github.com/dmontagu"><code>@​dmontagu</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8944">#8944</a></li>
<li>Deprecate <code>update_json_schema</code> internal function by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9125">#9125</a></li>
<li>Serialize duration to hour minute second, instead of just seconds by
<a href="https://github.com/kakilangit"><code>@​kakilangit</code></a> in
<a
href="https://redirect.github.com/pydantic/speedate/pull/50">pydantic/speedate#50</a></li>
<li>Trimming str before parsing to int and float by <a
href="https://github.com/hungtsetse"><code>@​hungtsetse</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1203">pydantic/pydantic-core#1203</a></li>
</ul>
<h4>Performance</h4>
<ul>
<li><code>enum</code> validator improvements by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9045">#9045</a></li>
<li>Move <code>enum</code> validation and serialization to Rust by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9064">#9064</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/pydantic/pydantic/blob/main/HISTORY.md">pydantic's
changelog</a>.</em></p>
<blockquote>
<h2>v2.7.0 (2024-04-11)</h2>
<p><a
href="https://github.com/pydantic/pydantic/releases/tag/v2.7.0">GitHub
release</a></p>
<p>The code released in v2.7.0 is practically identical to that of
v2.7.0b1.</p>
<h3>What's Changed</h3>
<h4>Packaging</h4>
<ul>
<li>Reorganize <code>pyproject.toml</code> sections by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8899">#8899</a></li>
<li>Bump <code>pydantic-core</code> to <code>v2.18.1</code> by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9211">#9211</a></li>
<li>Adopt <code>jiter</code> <code>v0.2.0</code> by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1250">pydantic/pydantic-core#1250</a></li>
</ul>
<h4>New Features</h4>
<ul>
<li>Extract attribute docstrings from <code>FieldInfo.description</code>
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/6563">#6563</a></li>
<li>Add a <code>with_config</code> decorator to comply with typing spec
by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8611">#8611</a></li>
<li>Allow an optional separator splitting the value and unit of the
result of <code>ByteSize.human_readable</code> by <a
href="https://github.com/jks15satoshi"><code>@​jks15satoshi</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8706">#8706</a></li>
<li>Add generic <code>Secret</code> base type by <a
href="https://github.com/conradogarciaberrotaran"><code>@​conradogarciaberrotaran</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8519">#8519</a></li>
<li>Make use of <code>Sphinx</code> inventories for cross references in
docs by <a href="https://github.com/Viicos"><code>@​Viicos</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/8682">#8682</a></li>
<li>Add environment variable to disable plugins by <a
href="https://github.com/geospackle"><code>@​geospackle</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8767">#8767</a></li>
<li>Add support for <code>deprecated</code> fields by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8237">#8237</a></li>
<li>Allow <code>field_serializer('*')</code> by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9001">#9001</a></li>
<li>Handle a case when <code>model_config</code> is defined as a model
property by <a
href="https://github.com/alexeyt101"><code>@​alexeyt101</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9004">#9004</a></li>
<li>Update <code>create_model()</code> to support
<code>typing.Annotated</code> as input by <a
href="https://github.com/wannieman98"><code>@​wannieman98</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/8947">#8947</a></li>
<li>Add <code>ClickhouseDsn</code> support by <a
href="https://github.com/solidguy7"><code>@​solidguy7</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9062">#9062</a></li>
<li>Add support for <code>re.Pattern[str]</code> to <code>pattern</code>
field by <a href="https://github.com/jag-k"><code>@​jag-k</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9053">#9053</a></li>
<li>Support for <code>serialize_as_any</code> runtime setting by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8830">#8830</a></li>
<li>Add support for <code>typing.Self</code> by <a
href="https://github.com/Youssefares"><code>@​Youssefares</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9023">#9023</a></li>
<li>Ability to pass <code>context</code> to serialization by <a
href="https://github.com/ornariece"><code>@​ornariece</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8965">#8965</a></li>
<li>Add feedback widget to docs with flarelytics integration by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9129">#9129</a></li>
<li>Support for parsing partial JSON strings in Python by <a
href="https://github.com/samuelcolvin"><code>@​samuelcolvin</code></a>
in <a
href="https://redirect.github.com/pydantic/jiter/pull/66">pydantic/jiter#66</a></li>
</ul>
<p><strong>Finalized in v2.7.0, rather than v2.7.0b1:</strong></p>
<ul>
<li>Add support for field level number to str coercion option by <a
href="https://github.com/NeevCohen"><code>@​NeevCohen</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9137">#9137</a></li>
<li>Update <code>warnings</code> parameter for serialization utilities
to allow raising a warning by <a
href="https://github.com/Lance-Drane"><code>@​Lance-Drane</code></a> in
<a
href="https://redirect.github.com/pydantic/pydantic/pull/9166">#9166</a></li>
</ul>
<h4>Changes</h4>
<ul>
<li>Correct docs, logic for <code>model_construct</code> behavior with
<code>extra</code> by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8807">#8807</a></li>
<li>Improve error message for improper <code>RootModel</code> subclasses
by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8857">#8857</a></li>
<li>Use <code>PEP570</code> syntax by <a
href="https://github.com/Viicos"><code>@​Viicos</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8940">#8940</a></li>
<li>Add <code>enum</code> and <code>type</code> to the JSON schema for
single item literals by <a
href="https://github.com/dmontagu"><code>@​dmontagu</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic/pull/8944">#8944</a></li>
<li>Deprecate <code>update_json_schema</code> internal function by <a
href="https://github.com/sydney-runkle"><code>@​sydney-runkle</code></a>
in <a
href="https://redirect.github.com/pydantic/pydantic/pull/9125">#9125</a></li>
<li>Serialize duration to hour minute second, instead of just seconds by
<a href="https://github.com/kakilangit"><code>@​kakilangit</code></a> in
<a
href="https://redirect.github.com/pydantic/speedate/pull/50">pydantic/speedate#50</a></li>
<li>Trimming str before parsing to int and float by <a
href="https://github.com/hungtsetse"><code>@​hungtsetse</code></a> in <a
href="https://redirect.github.com/pydantic/pydantic-core/pull/1203">pydantic/pydantic-core#1203</a></li>
</ul>
<h4>Performance</h4>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="7af856a109"><code>7af856a</code></a>
Prep for 2.7 Release (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9212">#9212</a>)</li>
<li><a
href="60d77f02e7"><code>60d77f0</code></a>
Update <code>warnings</code> parameter for serialization utilities to
allow raising a wa...</li>
<li><a
href="99821e9532"><code>99821e9</code></a>
Add support for field level number to str coercion option (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9137">#9137</a>)</li>
<li><a
href="a01b9029e3"><code>a01b902</code></a>
Updating JSON docs, adding <code>cache_strings</code> to
<code>ConfigDict</code> (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9178">#9178</a>)</li>
<li><a
href="932b025f89"><code>932b025</code></a>
Bump core to 2.18.1 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9211">#9211</a>)</li>
<li><a
href="a7d3253477"><code>a7d3253</code></a>
Fix allow extra generic (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9193">#9193</a>)</li>
<li><a
href="8aeac1a4c6"><code>8aeac1a</code></a>
Update mkdocs_material (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9169">#9169</a>)</li>
<li><a
href="75012318fb"><code>7501231</code></a>
Add 1.10.15 section to HISTORY.md (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9161">#9161</a>)</li>
<li><a
href="d294244e2d"><code>d294244</code></a>
Prep for 2.7 beta release 🚀 (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9158">#9158</a>)</li>
<li><a
href="d77a940360"><code>d77a940</code></a>
Uprev <code>pydantic-core</code> (<a
href="https://redirect.github.com/pydantic/pydantic/issues/9153">#9153</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/pydantic/pydantic/compare/v2.6.4...v2.7.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=pydantic&package-manager=pip&previous-version=2.6.4&new-version=2.7.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:36:47 +01:00
dependabot[bot]
922656fc77
Bump phonenumbers from 8.13.29 to 8.13.35 (#17106)
Bumps
[phonenumbers](https://github.com/daviddrysdale/python-phonenumbers)
from 8.13.29 to 8.13.35.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9369ff4607"><code>9369ff4</code></a>
Prep for 8.13.35 release</li>
<li><a
href="2e1e133890"><code>2e1e133</code></a>
Generated files for metadata</li>
<li><a
href="25a306f670"><code>25a306f</code></a>
Merge metadata changes from upstream 8.13.35</li>
<li><a
href="710529234b"><code>7105292</code></a>
Prep for 8.13.34 release</li>
<li><a
href="e7b328d071"><code>e7b328d</code></a>
Generated files for metadata</li>
<li><a
href="315eb10e00"><code>315eb10</code></a>
Merge metadata changes from upstream 8.13.34</li>
<li><a
href="29dab756ac"><code>29dab75</code></a>
Prep for 8.13.33 release</li>
<li><a
href="f5b9401fdb"><code>f5b9401</code></a>
Generated files for metadata</li>
<li><a
href="aa21158f8d"><code>aa21158</code></a>
Merge metadata changes from upstream 8.13.33</li>
<li><a
href="92c242c2b4"><code>92c242c</code></a>
Prep for 8.13.32 release</li>
<li>Additional commits viewable in <a
href="https://github.com/daviddrysdale/python-phonenumbers/compare/v8.13.29...v8.13.35">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=phonenumbers&package-manager=pip&previous-version=8.13.29&new-version=8.13.35)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-26 09:36:21 +01:00
Olivier 'reivilibre
30c50e0240 Tweak changelog 2024-04-25 16:00:37 +01:00
Olivier 'reivilibre
48a90c697b 1.106.0rc1 2024-04-25 15:55:18 +01:00
Till
47773232b0
Redact membership events if the user requested erasure upon deactivating (#17076)
Fixes #15355 by redacting all membership events before leaving rooms.
2024-04-25 14:25:31 +01:00
Quentin Gliech
2e92b718d5
MSC4108 implementation (#17056)
Co-authored-by: Hugh Nimmo-Smith <hughns@element.io>
Co-authored-by: Hugh Nimmo-Smith <hughns@users.noreply.github.com>
Co-authored-by: Andrew Morgan <1342360+anoadragon453@users.noreply.github.com>
2024-04-25 12:50:12 +00:00
Andrew Morgan
646cb6ff24
Add type annotation to visited_chains (#17125)
This should fix CI on `develop`. Broke in
0fe9e1f7da,
presumably due to a `mypy` dependency upgrade.
2024-04-25 12:25:26 +00:00
Tulir Asokan
f85f2a0455 Merge remote-tracking branch 'upstream/release-v1.105' 2024-04-23 17:28:11 +01:00
Erik Johnston
0fe9e1f7da Merge branch 'master' into develop 2024-04-23 17:06:52 +01:00
mcalinghee
ae181233aa
Send an email if the address is already bound to an user account (#16819)
Co-authored-by: Mathieu Velten <mathieu.velten@beta.gouv.fr>
Co-authored-by: Olivier D <odelcroi@gmail.com>
2024-04-23 16:45:24 +01:00
Erik Johnston
20c9e19519 1.105.1 2024-04-23 15:57:13 +01:00
Erik Johnston
55b0aa847a Fix GHSA-3h7q-rfh9-xm4v
Weakness in auth chain indexing allows DoS from remote room members
through disk fill and high CPU usage.

A remote Matrix user with malicious intent, sharing a room with Synapse
instances before 1.104.1, can dispatch specially crafted events to
exploit a weakness in how the auth chain cover index is calculated. This
can induce high CPU consumption and accumulate excessive data in the
database of such instances, resulting in a denial of service.

Servers in private federations, or those that do not federate, are not
affected.
2024-04-23 15:25:49 +01:00
Neil Johnson
074ef4d75f
Add an OSX prompt to manually configure icu4c. (#17069)
Documentation fix.
2024-04-19 17:10:44 +01:00
devonh
301c9771c4
Clarify what part of message retention is still experimental (#17099)
### Pull Request Checklist

<!-- Please read
https://element-hq.github.io/synapse/latest/development/contributing_guide.html
before submitting your pull request -->

* [X] Pull request is based on the develop branch
* [x] Pull request includes a [changelog
file](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#changelog).
The entry should:
- Be a short description of your change which makes sense to users.
"Fixed a bug that prevented receiving messages from other servers."
instead of "Moved X method from `EventStore` to `EventWorkerStore`.".
  - Use markdown where necessary, mostly for `code blocks`.
  - End with either a period (.) or an exclamation mark (!).
  - Start with a capital letter.
- Feel free to credit yourself, by adding a sentence "Contributed by
@github_username." or "Contributed by [Your Name]." to the end of the
entry.
* [X] [Code
style](https://element-hq.github.io/synapse/latest/code_style.html) is
correct
(run the
[linters](https://element-hq.github.io/synapse/latest/development/contributing_guide.html#run-the-linters))
2024-04-19 15:26:28 +00:00
dependabot[bot]
800a5b6ef3
Bump types-pillow from 10.2.0.20240406 to 10.2.0.20240415 (#17090)
Bumps [types-pillow](https://github.com/python/typeshed) from
10.2.0.20240406 to 10.2.0.20240415.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/python/typeshed/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-pillow&package-manager=pip&previous-version=10.2.0.20240406&new-version=10.2.0.20240415)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-19 09:43:25 +01:00