Skip to content
This repository has been archived by the owner on Mar 26, 2024. It is now read-only.

Merge 1.95 #84

Merged
merged 58 commits into from
Nov 13, 2023
Merged

Merge 1.95 #84

merged 58 commits into from
Nov 13, 2023

Conversation

Fizzadar
Copy link
Member

No description provided.

erikjohnston and others added 30 commits October 4, 2023 16:28
To slightly reduce the amount of memory each command takes.
This avoids calling cursor_to_dict and then immediately
unpacking the values in the dict for other users. By not
creating the intermediate dictionary we can avoid allocating
the dictionary and strings for the keys, which should generally
be more performant.

Additionally this improves type hints by avoid Dict[str, Any]
dictionaries coming out of the database layer.
This converts the media servlet URLs in the same way as
(most) of the rest of Synapse. This will give more flexibility
in the versions each endpoint exists under.
Synapse was incorrectly implemented with a knock_state_events
property on some APIs (instead of knock_room_state). This was
correct in Synapse 1.70.0, but *both* fields were sent to also be
compatible with Synapse versions expecting the wrong field.

Enough time has passed that only the correct field needs to be
included/handled.
…#16268)

Drop the event_txn_id table and the tables related to MSC2716,
which is no longer supported in Synapse.
Improves type hints by using concrete types instead of
dictionaries.
Bumps [types-bleach](https://github.com/python/typeshed) from 6.0.0.4 to 6.1.0.0.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-bleach
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [bleach](https://github.com/mozilla/bleach) from 6.0.0 to 6.1.0.
- [Changelog](https://github.com/mozilla/bleach/blob/main/CHANGES)
- [Commits](mozilla/bleach@v6.0.0...v6.1.0)

---
updated-dependencies:
- dependency-name: bleach
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [psycopg2](https://github.com/psycopg/psycopg2) from 2.9.8 to 2.9.9.
- [Changelog](https://github.com/psycopg/psycopg2/blob/master/NEWS)
- [Commits](psycopg/psycopg2@2.9.8...2.9.9)

---
updated-dependencies:
- dependency-name: psycopg2
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [netaddr](https://github.com/drkjam/netaddr) from 0.8.0 to 0.9.0.
- [Release notes](https://github.com/drkjam/netaddr/releases)
- [Changelog](https://github.com/netaddr/netaddr/blob/master/CHANGELOG)
- [Commits](netaddr/netaddr@0.8.0...0.9.0)

---
updated-dependencies:
- dependency-name: netaddr
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Bump ruff from 0.0.290 to 0.0.292

Bumps [ruff](https://github.com/astral-sh/ruff) from 0.0.290 to 0.0.292.
- [Release notes](https://github.com/astral-sh/ruff/releases)
- [Changelog](https://github.com/astral-sh/ruff/blob/main/BREAKING_CHANGES.md)
- [Commits](astral-sh/ruff@v0.0.290...v0.0.292)

---
updated-dependencies:
- dependency-name: ruff
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>

* Fix up lint

---------

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Erik Johnston <[email protected]>
As this doesn't work with the private sign off flow.
* Disable statement timeout whilst purging rooms

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <[email protected]>

* Note the introduction version

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <[email protected]>
This only has a single use and is over abstracted. Inline it so that
we can improve type hints.
clokep and others added 28 commits October 11, 2023 07:50
This improves type annotations by not having a dictionary of Any values.
* Update complement.sh to match new public API shape

Sister PR to matrix-org/complement#666

Context: matrix-org/complement#654 (comment)

* Changelog

* Pedantry

* Run complement plz
…trix-org#16268)" (matrix-org#16465)

This reverts commit cabd577.

There are additional usages of these tables
which need to be removed first.
Bumps [pyo3-log](https://github.com/vorner/pyo3-log) from 0.8.3 to 0.8.4.
- [Changelog](https://github.com/vorner/pyo3-log/blob/main/CHANGELOG.md)
- [Commits](vorner/pyo3-log@v0.8.3...v0.8.4)

---
updated-dependencies:
- dependency-name: pyo3-log
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [packaging](https://github.com/pypa/packaging) from 23.1 to 23.2.
- [Release notes](https://github.com/pypa/packaging/releases)
- [Changelog](https://github.com/pypa/packaging/blob/main/CHANGELOG.rst)
- [Commits](pypa/packaging@23.1...23.2)

---
updated-dependencies:
- dependency-name: packaging
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [types-jsonschema](https://github.com/python/typeshed) from 4.17.0.10 to 4.19.0.3.
- [Commits](https://github.com/python/typeshed/commits)

---
updated-dependencies:
- dependency-name: types-jsonschema
  dependency-type: direct:development
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [jsonschema](https://github.com/python-jsonschema/jsonschema) from 4.19.0 to 4.19.1.
- [Release notes](https://github.com/python-jsonschema/jsonschema/releases)
- [Changelog](https://github.com/python-jsonschema/jsonschema/blob/main/CHANGELOG.rst)
- [Commits](python-jsonschema/jsonschema@v4.19.0...v4.19.1)

---
updated-dependencies:
- dependency-name: jsonschema
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [sentry-sdk](https://github.com/getsentry/sentry-python) from 1.31.0 to 1.32.0.
- [Release notes](https://github.com/getsentry/sentry-python/releases)
- [Changelog](https://github.com/getsentry/sentry-python/blob/master/CHANGELOG.md)
- [Commits](getsentry/sentry-python@1.31.0...1.32.0)

---
updated-dependencies:
- dependency-name: sentry-sdk
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [serde](https://github.com/serde-rs/serde) from 1.0.188 to 1.0.189.
- [Release notes](https://github.com/serde-rs/serde/releases)
- [Commits](serde-rs/serde@v1.0.188...v1.0.189)

---
updated-dependencies:
- dependency-name: serde
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
…ease notes. (matrix-org#16461)

* Add reminder to check special release notes board in release script

* Newsfile

Signed-off-by: Olivier Wilkinson (reivilibre) <[email protected]>

* Update release.py

* Bah, black

---------

Signed-off-by: Olivier Wilkinson (reivilibre) <[email protected]>
…atrix-org#16506)

After this change a server will only be reported as back online
if they were previously having requests fail.
The following issue is fixed in 1.95.1.

- [GHSA-mp92-3jfm-3575](GHSA-mp92-3jfm-3575) / [CVE-2023-43796](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-43796) — Moderate Severity

  Cached device information of remote users can be queried from Synapse. This can be used to enumerate the remote users known to a homeserver.

See the advisory for more details. If you have any questions, email [email protected].

# -----BEGIN PGP SIGNATURE-----
#
# iQFEBAABCgAuFiEEBTGR3/RnAzBGUif3pULk7RsPrAkFAmVBCZMQHGVyaWtAbWF0
# cml4Lm9yZwAKCRClQuTtGw+sCVp+CACQ52RgyvLWMLMkP2Z1RlWJJmsEQsLO8HuJ
# gMNq7FU1lxKMImmEsP+u3TmTzbWJkbKJREyvThXTQoAswllX4WtU5HZYHXWiiwRh
# EkDIFbkHsZT9+OPrxnXPRX3dmls40mWa9fDry9zalak3VRR02lrERrYkcYuPVi4d
# C8IyKr5gYVBXGG/PPP65esR6PoKJPIfD0d7A97Nb5mUCLxNaSQaXYA6aVFn251xe
# s0tF1nQmiB5WWKNjrn4i4KX9DmtLPrzdmQEzhuXw1ATkHAOlbAmPQhUKIqb9l+u7
# wHBjQBJx4kSfreTItqWmx362RUZyuhwLV+3RL0pj+D8wHOVcpWtx
# =sXkV
# -----END PGP SIGNATURE-----
# gpg: Signature made Tue Oct 31 14:05:07 2023 GMT
# gpg:                using RSA key 053191DFF4670330465227F7A542E4ED1B0FAC09
# gpg:                issuer "[email protected]"
# gpg: Can't check signature: No public key

# Conflicts:
#	.github/workflows/tests.yml
This was an old issue that is now believed to be fixed in synapse.
@Fizzadar Fizzadar merged commit 350d582 into beeper Nov 13, 2023
6 checks passed
@Fizzadar Fizzadar deleted the merge-1.95 branch November 13, 2023 13:55
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Labels
None yet
Development

Successfully merging this pull request may close these issues.

10 participants