Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

build(deps): bump matrix-js-sdk from 24.1.0 to 34.11.1 #474

Open
wants to merge 1 commit into
base: develop
Choose a base branch
from
Open

build(deps): bump matrix-js-sdk from 24.1.0 to 34.11.1 #474

wants to merge 1 commit into from

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Nov 12, 2024
edited by sourcery-ai bot
Loading

Bumps matrix-js-sdk from 24.1.0 to 34.11.1.

Release notes

Sourced from matrix-js-sdk's releases.

v34.11.1

Security

v34.10.0

🦖 Deprecations

  • Deprecate CreateSecretStorageOpts.keyBackupInfo used in CryptoApi.bootstrapSecretStorage. (#4474). Contributed by @​florianduros.
  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Remove abandoned MSC3886, MSC3903, MSC3906 experimental implementations (#4469). Contributed by @​t3chguy.
  • Deprecate MatrixClient.getDehydratedDevice (#4467). Contributed by @​florianduros.
  • Deprecate top level crypto events re-export (#4444). Contributed by @​florianduros.

✨ Features

  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Do not rotate MatrixRTC media encryption key when a new member joins a session (#4472). Contributed by @​hughns.
  • Avoid <sender>|<session> notation in log messages (#4473). Contributed by @​richvdh.
  • Refactor/simplify Promises in MatrixRTCSession (#4466). Contributed by @​AndrewFerr.
  • Prepare delayed call leave events more reliably (#4447). Contributed by @​AndrewFerr.

🐛 Bug Fixes

v34.10.0-rc.0

🦖 Deprecations

  • Deprecate CreateSecretStorageOpts.keyBackupInfo used in CryptoApi.bootstrapSecretStorage. (#4474). Contributed by @​florianduros.
  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Remove abandoned MSC3886, MSC3903, MSC3906 experimental implementations (#4469). Contributed by @​t3chguy.
  • Deprecate MatrixClient.getDehydratedDevice (#4467). Contributed by @​florianduros.
  • Deprecate top level crypto events re-export (#4444). Contributed by @​florianduros.

✨ Features

  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Do not rotate MatrixRTC media encryption key when a new member joins a session (#4472). Contributed by @​hughns.
  • Avoid <sender>|<session> notation in log messages (#4473). Contributed by @​richvdh.
  • Refactor/simplify Promises in MatrixRTCSession (#4466). Contributed by @​AndrewFerr.
  • Prepare delayed call leave events more reliably (#4447). Contributed by @​AndrewFerr.

🐛 Bug Fixes

v34.9.0

🦖 Deprecations

  • Deprecate the crypto events which are not used by the rust-crypto (#4442). Contributed by @​florianduros.

... (truncated)

Changelog

Sourced from matrix-js-sdk's changelog.

Changes in 34.11.1 (2024-11-12)

Security

Changes in 34.11.0 (2024-11-12)

Security

Changes in 34.10.0 (2024-11-05)

🦖 Deprecations

  • Deprecate CreateSecretStorageOpts.keyBackupInfo used in CryptoApi.bootstrapSecretStorage. (#4474). Contributed by @​florianduros.
  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Remove abandoned MSC3886, MSC3903, MSC3906 experimental implementations (#4469). Contributed by @​t3chguy.
  • Deprecate MatrixClient.getDehydratedDevice (#4467). Contributed by @​florianduros.
  • Deprecate top level crypto events re-export (#4444). Contributed by @​florianduros.

✨ Features

  • Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendToDevices() (#4380). Contributed by @​hughns.
  • Do not rotate MatrixRTC media encryption key when a new member joins a session (#4472). Contributed by @​hughns.
  • Avoid <sender>|<session> notation in log messages (#4473). Contributed by @​richvdh.
  • Refactor/simplify Promises in MatrixRTCSession (#4466). Contributed by @​AndrewFerr.
  • Prepare delayed call leave events more reliably (#4447). Contributed by @​AndrewFerr.

🐛 Bug Fixes

Changes in 34.9.0 (2024-10-22)

🦖 Deprecations

  • Deprecate the crypto events which are not used by the rust-crypto (#4442). Contributed by @​florianduros.

🐛 Bug Fixes

  • Fix the rust crypto import in esm environments. (#4445). Contributed by @​saul-jb.
  • Fix MatrixRTC sender key wrapping (#4441). Contributed by @​hughns.

Changes in 34.8.0 (2024-10-15)

This release removes insecure functionality, resolving CVE-2024-47080 / GHSA-4jf8-g8wp-cx7c.

Changes in 34.7.0 (2024-10-08)

... (truncated)

Commits
  • b4c4355 v34.11.1
  • 4d4ff4c v34.11.0
  • 00aba74 Merge commit from fork
  • c4048d9 v34.10.0
  • a8f8a9c v34.10.0-rc.0
  • 0e2f73d Deprecate CreateSecretStorageOpts.keyBackupInfo used in `CryptoApi.bootstra...
  • 31aeb30 Add CryptoApi.encryptToDeviceMessages() and deprecate Crypto.encryptAndSendTo...
  • 0a29063 Do not rotate MatrixRTC media encryption key when a new member joins a sessio...
  • 3cc3bd0 Avoid <sender>|<session> notation in log messages (#4473)
  • f891fe4 Fix gitflow workflow not handling edge case (#4463)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

Summary by Sourcery

Build:

  • Bump matrix-js-sdk dependency from version 24.1.0 to 34.11.1 to address security vulnerabilities and incorporate new features and deprecations.

@dependabot
build(deps): bump matrix-js-sdk from 24.1.0 to 34.11.1
5fe63a2 
Bumps [matrix-js-sdk](https://github.com/matrix-org/matrix-js-sdk) from 24.1.0 to 34.11.1.
- [Release notes](https://github.com/matrix-org/matrix-js-sdk/releases)
- [Changelog](https://github.com/matrix-org/matrix-js-sdk/blob/develop/CHANGELOG.md)
- [Commits](matrix-org/matrix-js-sdk@v24.1.0...v34.11.1)

---
updated-dependencies:
- dependency-name: matrix-js-sdk
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <[email protected]>
@dependabot dependabot bot added the dependencies Pull requests that update a dependency file label Nov 12, 2024
sourcery-ai[bot]
sourcery-ai bot reviewed Nov 12, 2024
View reviewed changes
Copy link

@sourcery-ai sourcery-ai bot left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

We have skipped reviewing this pull request. It seems to have been created by a bot (hey, dependabot[bot]!). We assume it knows what it's doing!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@sourcery-ai sourcery-ai[bot] sourcery-ai[bot] left review comments

At least 1 approving review is required to merge this pull request.

Assignees
No one assigned
Labels
dependencies Pull requests that update a dependency file
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
0 participants