0
0
Fork 1
mirror of https://mau.dev/maunium/synapse.git synced 2024-11-12 04:52:26 +01:00
Commit graph

511 commits

Author SHA1 Message Date
dependabot[bot]
1353fb3347
Bump ijson from 3.2.3 to 3.3.0 (#17413) 2024-07-09 09:31:57 +01:00
dependabot[bot]
b15e17ce6e
Bump pillow from 10.3.0 to 10.4.0 (#17412) 2024-07-09 09:31:42 +01:00
dependabot[bot]
4721177241
Bump mypy-zope from 1.0.4 to 1.0.5 (#17414) 2024-07-08 15:24:11 +01:00
dependabot[bot]
7879f288df
Bump pydantic from 2.7.1 to 2.8.2 (#17415) 2024-07-08 15:24:01 +01:00
dependabot[bot]
4d7e53707c
Bump certifi from 2023.7.22 to 2024.7.4 (#17404) 2024-07-08 10:32:09 +01:00
dependabot[bot]
20de685a4b
Bump ruff from 0.3.7 to 0.5.0 (#17381) 2024-07-05 12:35:57 +00:00
Shay
8f890447b0
Support MSC3916 by adding _matrix/client/v1/media/download endpoint (#17365) 2024-07-02 14:07:04 +01:00
dependabot[bot]
635e3927d2
Bump types-setuptools from 69.5.0.20240423 to 70.1.0.20240627 (#17380) 2024-07-01 17:46:58 +01:00
dependabot[bot]
1eccbfb82f
Bump cryptography from 42.0.7 to 42.0.8 (#17382) 2024-07-01 13:41:48 +01:00
dependabot[bot]
7c2d8f1f01
Bump typing-extensions from 4.11.0 to 4.12.2 (#17354) 2024-06-24 13:32:44 +01:00
dependabot[bot]
118b734081
Bump netaddr from 1.2.1 to 1.3.0 (#17353) 2024-06-24 13:32:14 +01:00
dependabot[bot]
7a6186b888
Bump packaging from 24.0 to 24.1 (#17352) 2024-06-24 13:32:05 +01:00
dependabot[bot]
452a59f887
Bump sentry-sdk from 2.3.1 to 2.6.0 (#17351) 2024-06-24 13:31:54 +01:00
dependabot[bot]
adeedb7b7c
Bump urllib3 from 2.0.7 to 2.2.2 (#17346) 2024-06-21 13:42:09 +01:00
dependabot[bot]
7c5fb13f7b
Bump requests from 2.31.0 to 2.32.2 (#17345) 2024-06-21 13:42:01 +01:00
dependabot[bot]
f8d57ce656
Bump tornado from 6.4 to 6.4.1 (#17344) 2024-06-21 13:41:53 +01:00
dependabot[bot]
13ed84c573
Bump authlib from 1.3.0 to 1.3.1 (#17343) 2024-06-21 13:41:44 +01:00
dependabot[bot]
088992a484
Bump types-pyyaml from 6.0.12.12 to 6.0.12.20240311 (#17316) 2024-06-18 10:01:34 +01:00
dependabot[bot]
d8e81f67eb
Bump types-netaddr from 1.2.0.20240219 to 1.3.0.20240530 (#17314) 2024-06-18 09:57:24 +01:00
dependabot[bot]
19a3d5b606
Bump phonenumbers from 8.13.37 to 8.13.39 (#17315) 2024-06-18 09:57:07 +01:00
dependabot[bot]
52813a8d94
Bump msgpack from 1.0.7 to 1.0.8 (#17317) 2024-06-18 09:56:56 +01:00
Andrew Morgan
c6eb99c878
Bump mypy from 1.8.0 to 1.9.0 (#17297)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-13 15:50:10 +01:00
dependabot[bot]
0edf1cacf7
Bump types-jsonschema from 4.21.0.20240311 to 4.22.0.20240610 (#17288) 2024-06-12 10:52:26 +01:00
dependabot[bot]
d0f90bd04e
Bump jinja2 from 3.1.3 to 3.1.4 (#17287) 2024-06-12 10:52:14 +01:00
dependabot[bot]
491365f199
Bump types-pillow from 10.2.0.20240423 to 10.2.0.20240520 (#17285) 2024-06-11 10:47:03 +01:00
dependabot[bot]
81cef38d4b
Bump sentry-sdk from 2.1.1 to 2.3.1 (#17263) 2024-06-04 11:58:27 +01:00
dependabot[bot]
8a3270075b
Bump types-pyopenssl from 24.0.0.20240311 to 24.1.0.20240425 (#17260)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 14:26:41 +01:00
dependabot[bot]
f458dff16d
Bump mypy-zope from 1.0.3 to 1.0.4 (#17262)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 14:23:29 +01:00
dependabot[bot]
6b709c512d
Bump lxml from 5.2.1 to 5.2.2 (#17261)
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-06-03 14:21:20 +01:00
dependabot[bot]
5147ce294a
Bump phonenumbers from 8.13.35 to 8.13.37 (#17235) 2024-05-28 13:26:37 +01:00
dependabot[bot]
f2616edb73
Bump pyicu from 2.13 to 2.13.1 (#17236) 2024-05-28 11:28:58 +01:00
dependabot[bot]
86a2a0258f
Bump pyopenssl from 24.0.0 to 24.1.0 (#17234) 2024-05-28 11:28:32 +01:00
dependabot[bot]
0893ee9af8
Bump prometheus-client from 0.19.0 to 0.20.0 (#17233) 2024-05-28 11:28:16 +01:00
dependabot[bot]
9956f35c6a
Bump twine from 5.0.0 to 5.1.0 (#17225) 2024-05-21 10:57:31 +01:00
dependabot[bot]
d464ee3602
Bump bcrypt from 4.1.2 to 4.1.3 (#17224) 2024-05-21 10:57:08 +01:00
dependabot[bot]
439a095edc
Bump pyasn1 from 0.5.1 to 0.6.0 (#17223) 2024-05-21 10:56:40 +01:00
dependabot[bot]
5d040f2066
Bump types-psycopg2 from 2.9.21.20240311 to 2.9.21.20240417 (#17222) 2024-05-21 10:56:24 +01:00
dependabot[bot]
f0c72d8e87
Bump gitpython from 3.1.41 to 3.1.43 (#17181) 2024-05-14 09:32:01 +01:00
dependabot[bot]
03a342b049
Bump cryptography from 42.0.5 to 42.0.7 (#17180) 2024-05-14 09:31:46 +01:00
dependabot[bot]
aa6345cb3b
Bump immutabledict from 4.1.0 to 4.2.0 (#17179) 2024-05-14 09:31:35 +01:00
dependabot[bot]
2b438df9b3
Bump sentry-sdk from 1.40.3 to 2.1.1 (#17178) 2024-05-14 09:31:25 +01:00
Andrew Morgan
ef7e040e54
Bump black from 24.2.0 to 24.4.2 (#17170) 2024-05-08 17:02:09 +01:00
dependabot[bot]
cf30cfe5d1
Bump pydantic from 2.7.0 to 2.7.1 (#17160) 2024-05-07 10:35:24 +01:00
dependabot[bot]
1726b49457
Bump types-pillow from 10.2.0.20240415 to 10.2.0.20240423 (#17159) 2024-05-07 10:34:56 +01:00
dependabot[bot]
792cfe7ba6
Bump lxml from 5.1.0 to 5.2.1 (#17158) 2024-05-07 10:34:46 +01:00
dependabot[bot]
c3682ff668
Bump jsonschema from 4.21.1 to 4.22.0 (#17157)
Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from
4.21.1 to 4.22.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/releases">jsonschema's
releases</a>.</em></p>
<blockquote>
<h2>v4.22.0</h2>
<!-- raw HTML omitted -->
<h2>What's Changed</h2>
<ul>
<li>Improve <code>best_match</code> (and thereby error messages from
<code>jsonschema.validate</code>) in cases where there are multiple
<em>sibling</em> errors from applying <code>anyOf</code> /
<code>allOf</code> -- i.e. when multiple elements of a JSON array have
errors, we now do prefer showing errors from earlier elements rather
than simply showing an error for the full array (<a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1250">#1250</a>).</li>
<li>(Micro-)optimize equality checks when comparing for JSON Schema
equality by first checking for object identity, as <code>==</code>
would.</li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/shinnar"><code>@​shinnar</code></a> made
their first contribution in <a
href="https://redirect.github.com/python-jsonschema/jsonschema/pull/1224">python-jsonschema/jsonschema#1224</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.21.1...v4.22.0">https://github.com/python-jsonschema/jsonschema/compare/v4.21.1...v4.22.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst">jsonschema's
changelog</a>.</em></p>
<blockquote>
<h1>v4.22.0</h1>
<ul>
<li>Improve <code>best_match</code> (and thereby error messages from
<code>jsonschema.validate</code>) in cases where there are multiple
<em>sibling</em> errors from applying <code>anyOf</code> /
<code>allOf</code> -- i.e. when multiple elements of a JSON array have
errors, we now do prefer showing errors from earlier elements rather
than simply showing an error for the full array (<a
href="https://redirect.github.com/python-jsonschema/jsonschema/issues/1250">#1250</a>).</li>
<li>(Micro-)optimize equality checks when comparing for JSON Schema
equality by first checking for object identity, as <code>==</code>
would.</li>
</ul>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="9882dbeb1a"><code>9882dbe</code></a>
Add / ignore the new specification test suite property.</li>
<li><a
href="ebc90bb2df"><code>ebc90bb</code></a>
Merge commit '8fcfc3a674a7188a4fcc822b7a91efb3e0422a20'</li>
<li><a
href="8fcfc3a674"><code>8fcfc3a</code></a>
Squashed 'json/' changes from b41167c74..54f3784a8</li>
<li><a
href="30b7537944"><code>30b7537</code></a>
Pin pyenchant to pre from below until <a
href="https://redirect.github.com/pyenchant/pyenchant/issues/302">pyenchant/pyenchant#302</a>
is released.</li>
<li><a
href="c3729db732"><code>c3729db</code></a>
Enable doctests for the rest of the referencing page.</li>
<li><a
href="70a994ceab"><code>70a994c</code></a>
Remove a now-unneeded noqa since apparently this is fixed in new
ruff.</li>
<li><a
href="e6d0ef1cff"><code>e6d0ef1</code></a>
Fix a minor typo in the referencing example docs.</li>
<li><a
href="bceaf41a7d"><code>bceaf41</code></a>
Another placeholder benchmark for future optimization.</li>
<li><a
href="b20234e86c"><code>b20234e</code></a>
Consider errors from earlier indices (in instances) to be better
matches</li>
<li><a
href="41b49c68e5"><code>41b49c6</code></a>
Minor improvement to test failure message when a best match test
fails.</li>
<li>Additional commits viewable in <a
href="https://github.com/python-jsonschema/jsonschema/compare/v4.21.1...v4.22.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=jsonschema&package-manager=pip&previous-version=4.21.1&new-version=4.22.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-05-07 10:34:30 +01:00
Andrew Morgan
3aadf43122
Bump pillow from 10.2.0 to 10.3.0 (#17146) 2024-05-03 10:55:59 +01:00
Andrew Morgan
758aec6b34
Update tornado 6.2 -> 6.4 (#17131) 2024-04-29 14:33:25 +01:00
dependabot[bot]
6a275828c8
Bump types-setuptools from 69.0.0.20240125 to 69.5.0.20240423 (#17134)
Bumps [types-setuptools](https://github.com/python/typeshed) from
69.0.0.20240125 to 69.5.0.20240423.
<details>
<summary>Commits</summary>
<ul>
<li>See full diff in <a
href="https://github.com/python/typeshed/commits">compare view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=types-setuptools&package-manager=pip&previous-version=69.0.0.20240125&new-version=69.5.0.20240423)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:06:14 +01:00
dependabot[bot]
6e373468a4
Bump idna from 3.6 to 3.7 (#17136)
Bumps [idna](https://github.com/kjd/idna) from 3.6 to 3.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/releases">idna's
releases</a>.</em></p>
<blockquote>
<h2>v3.7</h2>
<h2>What's Changed</h2>
<ul>
<li>Fix issue where specially crafted inputs to encode() could take
exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">https://github.com/kjd/idna/compare/v3.6...v3.7</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/kjd/idna/blob/master/HISTORY.rst">idna's
changelog</a>.</em></p>
<blockquote>
<p>3.7 (2024-04-11)
++++++++++++++++</p>
<ul>
<li>Fix issue where specially crafted inputs to encode() could
take exceptionally long amount of time to process. [CVE-2024-3651]</li>
</ul>
<p>Thanks to Guido Vranken for reporting the issue.</p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1d365e17e1"><code>1d365e1</code></a>
Release v3.7</li>
<li><a
href="c1b3154939"><code>c1b3154</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/172">#172</a> from
kjd/optimize-contextj</li>
<li><a
href="0394ec76ff"><code>0394ec7</code></a>
Merge branch 'master' into optimize-contextj</li>
<li><a
href="cd58a23173"><code>cd58a23</code></a>
Merge pull request <a
href="https://redirect.github.com/kjd/idna/issues/152">#152</a> from
elliotwutingfeng/dev</li>
<li><a
href="5beb28b9dd"><code>5beb28b</code></a>
More efficient resolution of joiner contexts</li>
<li><a
href="1b121483ed"><code>1b12148</code></a>
Update ossf/scorecard-action to v2.3.1</li>
<li><a
href="d516b874c3"><code>d516b87</code></a>
Update Github actions/checkout to v4</li>
<li><a
href="c095c75943"><code>c095c75</code></a>
Merge branch 'master' into dev</li>
<li><a
href="60a0a4cb61"><code>60a0a4c</code></a>
Fix typo in GitHub Actions workflow key</li>
<li><a
href="5918a0ef80"><code>5918a0e</code></a>
Merge branch 'master' into dev</li>
<li>Additional commits viewable in <a
href="https://github.com/kjd/idna/compare/v3.6...v3.7">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=idna&package-manager=pip&previous-version=3.6&new-version=3.7)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-04-29 14:06:02 +01:00