Commit graph

3017 commits

Author SHA1 Message Date
dependabot[bot]
19cc831fdd
Bump github.com/docker/docker from 26.1.0+incompatible to 26.1.5+incompatible (#3466)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
26.1.0+incompatible to 26.1.5+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v26.1.5</h2>
<h2>26.1.5</h2>
<h3>Security</h3>
<p>This release contains a fix for <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110">CVE-2024-41110</a>
/ <a
href="https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq">GHSA-v23v-6jw2-98fq</a>
that impacted setups using <a
href="https://docs.docker.com/engine/extend/plugins_authorization/">authorization
plugins (AuthZ)</a>
for access control. No other changes are included in this release, and
this
release is otherwise identical for users not using AuthZ plugins.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/moby/moby/compare/v26.1.4...v26.1.5">https://github.com/moby/moby/compare/v26.1.4...v26.1.5</a></p>
<h2>v26.1.4</h2>
<h2>26.1.4</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.1.4">docker/cli,
26.1.4 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.1.4">moby/moby,
26.1.4 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v26.1.4/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v26.1.4/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release updates the Go runtime to 1.21.11 which contains
security fixes for:</p>
<ul>
<li><a
href="https://redirect.github.com/golang/go/issues/66869">CVE-2024-24789</a></li>
<li><a
href="https://redirect.github.com/golang/go/issues/67680">CVE-2024-24790</a></li>
<li>A symlink time of check to time of use race condition during
directory removal reported by Addison Crump (<a
href="https://github.com/addisoncrump"><code>@​addisoncrump</code></a>).</li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Fixed an issue where promoting a node immediately after another node
was demoted could cause the promotion to fail. <a
href="https://redirect.github.com/moby/moby/pull/47870">moby/moby#47870</a></li>
<li>Prevent the daemon log from being spammed with <code>superfluous
response.WriteHeader call ...</code> messages.. <a
href="https://redirect.github.com/moby/moby/pull/47843">moby/moby#47843</a></li>
<li>Don't show empty hints when plugins return an empty hook message. <a
href="https://redirect.github.com/docker/cli/pull/5083">docker/cli#5083</a></li>
<li>Added <code>ContextType: &quot;moby&quot;</code> to the context
list/inspect output to address a compatibility issue with Visual Studio
Container Tools. <a
href="https://redirect.github.com/docker/cli/pull/5095">docker/cli#5095</a></li>
<li>Fix a compatibility issue with Visual Studio Container Tools. <a
href="https://redirect.github.com/docker/cli/pull/5095">docker/cli#5095</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Update containerd (static binaries only) to <a
href="https://github.com/containerd/containerd/releases/tag/v1.7.17">v1.7.17</a>.
<a
href="https://redirect.github.com/moby/moby/pull/47841">moby/moby#47841</a></li>
<li><a
href="https://redirect.github.com/golang/go/issues/66869">CVE-2024-24789</a>,
<a
href="https://redirect.github.com/golang/go/issues/67680">CVE-2024-24790</a>:
Update Go runtime to 1.21.11. <a
href="https://redirect.github.com/moby/moby/pull/47904">moby/moby#47904</a></li>
<li>Update Compose to <a
href="https://github.com/docker/compose/releases/tag/v2.27.1">v2.27.1</a>.
<a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/1022">docker/docker-ce-packages#1022</a></li>
<li>Update Buildx to <a
href="https://github.com/docker/buildx/releases/tag/v0.14.1">v0.14.1</a>.
<a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/1021">docker/docker-ce-packages#1021</a></li>
</ul>
<h2>v26.1.3</h2>
<h2>26.1.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="411e817ddf"><code>411e817</code></a>
Merge commit from fork</li>
<li><a
href="9cc85eaef1"><code>9cc85ea</code></a>
If url includes scheme, urlPath will drop hostname, which would not
match the...</li>
<li><a
href="820cab90bc"><code>820cab9</code></a>
Authz plugin security fixes for 0-length content and path
validation</li>
<li><a
href="6bc49067a6"><code>6bc4906</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48123">#48123</a>
from vvoland/v26.1-48120</li>
<li><a
href="6fbdce4b94"><code>6fbdce4</code></a>
update to go1.21.12</li>
<li><a
href="f5334644ec"><code>f533464</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47986">#47986</a>
from vvoland/v26.1-47985</li>
<li><a
href="c1d4587d76"><code>c1d4587</code></a>
builder/mobyexporter: Add missing nil check</li>
<li><a
href="d6428049a5"><code>d642804</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47940">#47940</a>
from thaJeztah/26.1_backport_api_remove_container_c...</li>
<li><a
href="daba2462f5"><code>daba246</code></a>
docs: api: image inspect: remove Container and ContainerConfig</li>
<li><a
href="de5c9cf0b9"><code>de5c9cf</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47912">#47912</a>
from thaJeztah/26.1_backport_vendor_containerd_1.7.18</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v26.1.0...v26.1.5">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=26.1.0+incompatible&new-version=26.1.5+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/element-hq/dendrite/network/alerts).

</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-17 21:42:08 +01:00
dependabot[bot]
f8ef6118c7
Bump github.com/docker/docker from 25.0.6+incompatible to 27.4.0+incompatible (#3458)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
25.0.6+incompatible to 27.4.0+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v27.4.0</h2>
<h2>27.4.0</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A27.4.0">docker/cli,
27.4.0 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A27.4.0">moby/moby,
27.4.0 milestone</a></li>
</ul>
<h3>API</h3>
<ul>
<li><code>GET /images/json</code> with the <code>manifests</code> option
enabled now preserves the original order in which manifests appeared in
the manifest-index. <a
href="https://redirect.github.com/moby/moby/pull/48712">moby/moby#48712</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>When reading logs with the <code>jsonfile</code> or
<code>local</code> log drivers, any errors while trying to read or parse
underlying log files will cause the rest of the file to be skipped and
move to the next log file (if one exists) rather than returning an error
to the client and closing the stream. The errors are viewable in the
Docker Daemon logs and exported to traces when tracing is configured. <a
href="https://redirect.github.com/moby/moby/pull/48842">moby/moby#48842</a></li>
<li>When reading log files, compressed log files are now only
decompressed when needed rather than decompressing all files before
starting the log stream. <a
href="https://redirect.github.com/moby/moby/pull/48842">moby/moby#48842</a></li>
<li>Fix an issue that meant published ports from one container on a
bridge network were not accessible from another container on the same
network with <code>userland-proxy</code> disabled, if the kernel's
<code>br_netfilter</code> module was not loaded and enabled. The daemon
will now attempt to load the module and enable
<code>bridge-nf-call-iptables</code> or
<code>bridge-nf-call-ip6tables</code> when creating a network with the
userland proxy disabled. <a
href="https://redirect.github.com/moby/moby/pull/48685">moby/moby#48685</a></li>
<li>Fix loading of <code>bridge</code> and <code>br_netfilter</code>
kernel modules. <a
href="https://redirect.github.com/moby/moby/pull/48966">moby/moby#48966</a></li>
<li>containerd image store: Fix Docker daemon failing to fully start
with a &quot;context deadline exceeded error&quot; with containerd
snapshotter and many builds/images. <a
href="https://redirect.github.com/moby/moby/pull/48954">moby/moby#48954</a></li>
<li>containerd image-store: Fix partially pulled images not being
garbage-collected. <a
href="https://redirect.github.com/moby/moby/pull/48910">moby#48910</a>,
<a
href="https://redirect.github.com/moby/moby/pull/48957">moby/moby#48957</a></li>
<li>containerd image store: Fix <code>docker image inspect</code>
outputting duplicate references in <code>RepoDigests</code>. <a
href="https://redirect.github.com/moby/moby/pull/48785">moby/moby#48785</a></li>
<li>containerd image store: Fix not being able to connect to some
insecure registries in cases where the HTTPS request failed due to a
non-TLS related error. <a
href="https://redirect.github.com/moby/moby/pull/48758">moby/moby#48758</a></li>
<li>containerd image store: Remove a confusing warning log when tagging
a non-dangling image. <a
href="https://redirect.github.com/moby/moby/pull/49010">moby/moby#49010</a></li>
<li>dockerd-rootless-setuptool.sh: let --force ignore smoke test errors
<a
href="https://redirect.github.com/moby/moby/pull/48695">moby/moby#48695</a></li>
<li>Disable IPv6 Duplicate Address Detection (DAD) for addresses
assigned to the bridges belonging to bridge networks. <a
href="https://redirect.github.com/moby/moby/pull/48684">moby/moby#48684</a></li>
<li>Remove BuildKit init timeout. <a
href="https://redirect.github.com/moby/moby/pull/48963">moby/moby#48963</a></li>
<li>Ignore &quot;dataset does not exist&quot; error when removing
dataset on ZFS. <a
href="https://redirect.github.com/moby/moby/pull/48968">moby/moby#48968</a></li>
<li>Client: Prevent idle connections leaking FDs. <a
href="https://redirect.github.com/moby/moby/pull/48764">moby/moby#48764</a></li>
<li>Fix anonymous volumes being created through the <code>--mount</code>
option not being marked as anonymous. <a
href="https://redirect.github.com/moby/moby/pull/48755">moby/moby#48755</a></li>
<li>After a daemon restart with live-restore, ensure an iptables jump to
the <code>DOCKER-USER</code> chain is placed before other rules. <a
href="https://redirect.github.com/moby/moby/pull/48714">moby/moby#48714</a></li>
<li>Fix a possible memory leak caused by OTel meters. <a
href="https://redirect.github.com/moby/moby/pull/48693">moby/moby#48693</a></li>
<li>Create distinct build history db for each store. <a
href="https://redirect.github.com/moby/moby/pull/48688">moby/moby#48688</a></li>
<li>Fix an issue that caused excessive memory usage when DNS resolution
was made in a tight loop. <a
href="https://redirect.github.com/moby/moby/pull/48840">moby/moby#48840</a></li>
<li>containerd image store: Do not underline names in <code>docker image
ls --tree</code>. <a
href="https://redirect.github.com/docker/cli/pull/5519">docker/cli#5519</a></li>
<li>containerd image store: Change name of <code>USED</code> column in
<code>docker image ls --tree</code> to <code>IN USE</code>. <a
href="https://redirect.github.com/docker/cli/pull/5518">docker/cli#5518</a></li>
<li>Fix a bug preventing image pulls from being cancelled during
<code>docker run</code>. <a
href="https://redirect.github.com/docker/cli/pull/5654">docker/cli#5654</a></li>
<li>Port some completions from the bash completion to the new cobra
based completion. <a
href="https://redirect.github.com/docker/cli/pull/5618">docker/cli#5618</a></li>
<li>The <code>docker login</code> and <code>docker logout</code> command
no longer update the configuration file if the credentials didn't
change. <a
href="https://redirect.github.com/docker/cli/pull/5569">docker/cli#5569</a></li>
<li>Optimise <code>docker stats</code> to reduce flickering issues. <a
href="https://redirect.github.com/docker/cli/pull/5588">docker/cli#5588</a>,
<a
href="https://redirect.github.com/docker/cli/pull/5635">docker/cli#5635</a></li>
<li>Fix inaccessible plugins paths preventing plugins from being
detected. <a
href="https://redirect.github.com/docker/cli/pull/5652">docker/cli#5652</a></li>
<li>Add support for <code>events --filter</code> in cobra generated
shell completions. <a
href="https://redirect.github.com/docker/cli/pull/5614">docker/cli#5614</a></li>
<li>Fix bash completion for <code>events --filter daemon=</code>. <a
href="https://redirect.github.com/docker/cli/pull/5563">docker/cli#5563</a></li>
<li>Improve shell-completion of containers for <code>docker rm</code>.
<a
href="https://redirect.github.com/docker/cli/pull/5540">docker/cli#5540</a></li>
<li>Add shell-completion for <code>--platform</code> flags. <a
href="https://redirect.github.com/docker/cli/pull/5540">docker/cli#5540</a></li>
<li>rootless: Make <code>/etc/cdi</code> and <code>/var/run/cdi</code>
accessible by the Container Device Interface (CDI) integration. <a
href="https://redirect.github.com/moby/moby/pull/49027">moby/moby#49027</a></li>
</ul>
<h3>Removed</h3>
<ul>
<li>Deprecate <code>Daemon.Exists()</code> and
<code>Daemon.IsPaused()</code>. These functions are no longer used and
will be removed in the next release. <a
href="https://redirect.github.com/moby/moby/pull/48719">moby/moby#48719</a></li>
<li>Deprecate <code>container.ErrNameReserved</code> and
<code>container.ErrNameNotReserved</code>. <a
href="https://redirect.github.com/moby/moby/pull/48697">moby/moby#48697</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="92a83937d0"><code>92a8393</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49027">#49027</a>
from thaJeztah/27.x_backport_cdi-rootless</li>
<li><a
href="9163aa379a"><code>9163aa3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49026">#49026</a>
from thaJeztah/27.x_update_go_1.22.10</li>
<li><a
href="4775621ab6"><code>4775621</code></a>
Dockerd rootless: make {/etc,/var/run}/cdi available</li>
<li><a
href="0176f4a5c3"><code>0176f4a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49024">#49024</a>
from thaJeztah/27.x_vendor_buildkit_0.17.3</li>
<li><a
href="0e34b3956b"><code>0e34b39</code></a>
update to go1.22.10</li>
<li><a
href="7919b806e7"><code>7919b80</code></a>
[27.x] vendor: github.com/moby/buildkit v0.17.3</li>
<li><a
href="a92d4c5a57"><code>a92d4c5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49013">#49013</a>
from vvoland/49006-27.x</li>
<li><a
href="1cc127466d"><code>1cc1274</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49010">#49010</a>
from vvoland/49009-27.x</li>
<li><a
href="525b929947"><code>525b929</code></a>
registry: deprecate RepositoryInfo.Class</li>
<li><a
href="d6d43b2912"><code>d6d43b2</code></a>
c8d/tag: Don't log a warning if the source image is not dangling</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v25.0.6...v27.4.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=25.0.6+incompatible&new-version=27.4.0+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
2024-12-17 20:39:04 +00:00
dependabot[bot]
bed4abf229
Bump github.com/dgraph-io/ristretto from 0.1.1 to 0.2.0 (#3457)
Bumps
[github.com/dgraph-io/ristretto](https://github.com/dgraph-io/ristretto)
from 0.1.1 to 0.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dgraph-io/ristretto/releases">github.com/dgraph-io/ristretto's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.0</h2>
<h2>What's Changed</h2>
<p>*`docs(readme): Use new Wait method by <a
href="https://github.com/angadn"><code>@​angadn</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/327">dgraph-io/ristretto#327</a></p>
<ul>
<li>docs: format example on readme by <a
href="https://github.com/rfyiamcool"><code>@​rfyiamcool</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/339">dgraph-io/ristretto#339</a></li>
<li>Fix flakes in TestDropUpdates by <a
href="https://github.com/evanj"><code>@​evanj</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/334">dgraph-io/ristretto#334</a></li>
<li>docs(Cache): document Wait, clarify Get by <a
href="https://github.com/evanj"><code>@​evanj</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/333">dgraph-io/ristretto#333</a></li>
<li>chore: fix typo error by <a
href="https://github.com/proost"><code>@​proost</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/341">dgraph-io/ristretto#341</a></li>
<li>fix: support compilation to wasip1 by <a
href="https://github.com/achille-roussel"><code>@​achille-roussel</code></a>
in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/344">dgraph-io/ristretto#344</a></li>
<li>remove glog dependency by <a
href="https://github.com/jhawk28"><code>@​jhawk28</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/350">dgraph-io/ristretto#350</a></li>
<li>add config for cleanup ticker duration by <a
href="https://github.com/singhvikash11"><code>@​singhvikash11</code></a>
in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/342">dgraph-io/ristretto#342</a></li>
<li>fix(OnEvict): Set missing Expiration field on evicted items by <a
href="https://github.com/0x1ee7"><code>@​0x1ee7</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/345">dgraph-io/ristretto#345</a></li>
<li>uint32 -&gt; uint64 in slice methods by <a
href="https://github.com/mocurin"><code>@​mocurin</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/323">dgraph-io/ristretto#323</a></li>
<li>fix: cleanupTicker not being stopped by <a
href="https://github.com/IlyaFloppy"><code>@​IlyaFloppy</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/343">dgraph-io/ristretto#343</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dgraph-io/ristretto/blob/main/CHANGELOG.md">github.com/dgraph-io/ristretto's
changelog</a>.</em></p>
<blockquote>
<h2>[v0.2.0] - 2024-10-06</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/344"><code>fix:
support compilation to wasip1 by @​achille-roussel</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/342"><code>add
config for cleanup ticker duration by @​singhvikash11</code></a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/327"><code>docs(readme):
Use new Wait method by @​angadn</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/339"><code>docs:
format example on readme by @​rfyiamcool</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/334"><code>Fix
flakes in TestDropUpdates by @​evanj</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/333"><code>docs(Cache):
document Wait, clarify Get by @​evanj</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/341"><code>chore:
fix typo error by @​proost</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/350"><code>remove
glog dependency by @​jhawk28</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/345"><code>fix(OnEvict):
Set missing Expiration field on evicted items by
@​0x1ee7</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/323"><code>uint32
-&gt; uint64 in slice methods by @​mocurin</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/343"><code>fix:
cleanupTicker not being stopped by @​IlyaFloppy</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="1854617567"><code>1854617</code></a>
minor repo cleanup (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/352">#352</a>)</li>
<li><a
href="91446626cc"><code>9144662</code></a>
stop cleanupTicker while closing cache (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/343">#343</a>)</li>
<li><a
href="c00b3525a6"><code>c00b352</code></a>
uint32 to uint64 in slice methods (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/323">#323</a>)</li>
<li><a
href="e6d62cbfa0"><code>e6d62cb</code></a>
chore(ci): separate out coverage report workflow (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/353">#353</a>)</li>
<li><a
href="f0e70276b9"><code>f0e7027</code></a>
set missing Expiration field on evicted items (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/345">#345</a>)</li>
<li><a
href="e8dc5b0073"><code>e8dc5b0</code></a>
add config for cleanup ticker duration (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/342">#342</a>)</li>
<li><a
href="c5789d66fd"><code>c5789d6</code></a>
update golangci config and cleanup repo (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/351">#351</a>)</li>
<li><a
href="bdcf5e99ac"><code>bdcf5e9</code></a>
remove glog dependency (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/350">#350</a>)</li>
<li><a
href="3f6b44a609"><code>3f6b44a</code></a>
fix: support compilation to wasip1 (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/344">#344</a>)</li>
<li><a
href="c73d585ee6"><code>c73d585</code></a>
chore: fix typo error (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/341">#341</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/dgraph-io/ristretto&package-manager=go_modules&previous-version=0.1.1&new-version=0.2.0)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)


</details>

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2024-12-17 21:02:03 +01:00
Till
00e7f848c8
Add GHA dependabot config, bump codecov action (#3459) 2024-12-17 19:19:35 +00:00
Till
f87464922f
Fetch oldest OTKs first (MSC4225) (#3452)
As per https://github.com/matrix-org/matrix-spec-proposals/pull/4225,
fetch the oldest OTKs first.
2024-12-17 19:19:35 +01:00
Neil
78dbf21c5f
Support for fallback keys (#3451)
Backports support for fallback keys from Harmony, which should make E2EE
more reliable in the face of OTK exhaustion.

Signed-off-by: Neil Alexander <git@neilalexander.dev>

Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>

[skip ci]
2024-12-17 19:19:15 +01:00
Till
c3d7a34c15
Add dependabot config (#3450)
[skip ci]
2024-12-17 19:18:28 +01:00
Till
e8b1a89ff6
Various fixes in fetchAuthEvents (#3447)
This might fix issues with state events gone missing.

---------

Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>

[skip ci]
2024-12-17 19:18:05 +01:00
Till
23e097c3f0
Add temporary repository flag (#3453)
As long as we don't have any releases in this organization, upgrade
tests are going to fail.
This adds a `repository` flag which allows overwriting the repository to
pull old version archives from.
2024-12-17 11:51:57 +01:00
Neil
72039f651e
Update dependencies (#3449)
Signed-off-by: Neil Alexander <git@neilalexander.dev>

---------

Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
2024-12-15 11:27:27 +01:00
Johannes Marbach
7acf32f24d
Add via parameter on join room requests as per MSC4156 (#3441)
This implements
[MSC4156](https://github.com/matrix-org/matrix-spec-proposals/pull/4156)
which will ship with Matrix 1.12 and is the continuation of
https://github.com/matrix-org/dendrite/pull/3438.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [ ] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>

Signed-off-by: Johannes Marbach <n0-0ne+github@mailbox.org>
Co-authored-by: Till <2353100+S7evinK@users.noreply.github.com>
2024-12-09 20:31:20 +01:00
Till Faelligen
7cc7ebb46f
Update GHCR_NAME space to element-hq 2024-11-14 17:02:10 +01:00
Till Faelligen
11b48749bf
Fix linting 2024-11-14 16:40:08 +01:00
Till Faelligen
3ca9dae95a
Fix missed matrix-org bits, run go mod tidy 2024-11-14 13:32:24 +01:00
Quentin Gliech
da92fd3f29
Update the CODEOWNERS to use @element-hq/dendrite-core 2024-10-18 16:14:40 +02:00
Quentin Gliech
075b236155
Update the license headers to mention the commercial license 2024-10-18 16:14:08 +02:00
Quentin Gliech
91186179d4
Add commercial license 2024-10-18 15:06:26 +02:00
Quentin Gliech
891950f7b6
Replace references to the repository 2024-10-17 17:34:12 +02:00
Quentin Gliech
6e6c3de0a6
Rename the go package
github.com/matrix-org/dendrite to github.com/element-hq/dendrite
2024-10-17 17:33:45 +02:00
Quentin Gliech
6d327dc73c
fixup! Update license in Docker image annotations 2024-10-17 17:32:29 +02:00
Quentin Gliech
8b769d2cc4
Fixup missed license headers 2024-10-17 17:21:25 +02:00
Quentin Gliech
b85bc28eec
Update license in Docker image annotations 2024-10-17 17:21:14 +02:00
Quentin Gliech
984b02434e
Update license file 2024-10-17 17:21:06 +02:00
Quentin Gliech
6bfe946bd2
Update the copyright headers in all files 2024-10-17 17:16:37 +02:00
idk
6cd1285ca0
Adds support for listening on and connecting to I2P and Onion services securely (#3293)
This PR adds 2 `dendrite-demo` main's, each designed expressly to serve
a Hidden Service/Overlay network.

The first, `dendrite-demo-i2p` add self-configuration for use of
dendrite as an I2P hidden service(eepsite) and to connect to I2P
services(federate) as an I2P client. It further disables the `dendrite`
server from communicating with non-anonymous servers by
federation(because I2P does not canonically have the ability to exit, we
rely on donors for exit traffic), and enables the use of self-signed TLS
certificates([because I2P services are self-authenticating but TLS is
still required for other aspects of the system to work
reliably](https://tor.stackexchange.com/questions/13887/registering-onion-with-certificate-authority)).
This demo turns the system into an "pseudonymous" homeserver which
people can connect to using an I2P-enabled Matrix client(I like `cinny`
and it's what I tested with).

The second, `dendrite-demo-tor` adds self-configuration for the use of
dendrite as an Onion service and to connect to other onion services and
non-anonymous web sites using Tor to obfuscate it's physical location
and providing, optionally, pseudonymity. It also enables the use of
self-signed TLS certificates, for the same reason as with I2P, because
onion services aren't typically eligible for TLS certificates. It has
also been tested with `cinny`.

These services are both pseudonymous like myself, not anonymous. I will
be meeting members of the element team at the CCC assembly shortly to
discuss contributing under my pseudonym.

As none of the other `dendrite-demo` have unit tests I did not add them
to these checkins.

* [*] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests

---------

Co-authored-by: eyedeekay <idk@mulder>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
2024-09-23 19:28:28 +02:00
arenekosreal
df770dae0a
Make OPTIONS method on MSC3916 endpoints available without auth (#3431)
OPTIONS method is usually sent by browser in preflight requests, most of
the time we cannot control preflight request to add auth header.

Synapse will return a 204 response directly without authentication for
those OPTIONS method.

According to firefox's documentation, both 200 and 204 are acceptable so
I think there is no need to change handler in dendrite.

This closes https://github.com/matrix-org/dendrite/issues/3424

No need to add a test because this is just a fix and I have tested on my
Cinny Web client personally.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `arenekosreal
<17194552+arenekosreal@users.noreply.github.com>`

Signed-off-by: arenekosreal <17194552+arenekosreal@users.noreply.github.com>
2024-09-22 10:33:54 +02:00
Rhea Danzey
07e59d0ba9
Helm Chart - Add configuration for node selector / tolerations / affi… (#3433)
For some experimentation I'm doing, I need to pin Dendrite to a specific
node pool. This should be available configuration within the chart
ideally, and this should do it in theory.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`

---------

Signed-off-by: Rhea Danzey <rdanzey@element.io>
2024-09-20 13:56:27 -05:00
Rhea Danzey
c914f062e6
Helm chart - Fix image pull secrets for signing-key job (#3430)
Forgotten in https://github.com/matrix-org/dendrite/pull/3428 - Pull
secrets need to be used for signing-key job since it uses Dendrite
container as well

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`

---------

Signed-off-by: Rhea Danzey <rdanzey@element.io>
2024-09-20 07:44:50 +02:00
Till Faelligen
f2db7cbcb8
Bump version to trigger CI 2024-09-18 21:46:33 +02:00
Rhea Danzey
40dd2c0400
Use chart-releaser-action tag v1.6.0 (#3429)
Context:
https://github.com/matrix-org/dendrite/pull/3427#issuecomment-2359139622

Try tagged version of chart-releaser-action now that mark_latest option
is available

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`
2024-09-18 21:41:22 +02:00
Rhea Danzey
152626c87e
Helm chart - Add configuration for image pull secrets (#3428)
This minor change should allow the use of private container images with
this chart by specifying image pull secrets.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`

---------

Signed-off-by: Rhea Danzey <rdanzey@element.io>
2024-09-18 20:22:18 +02:00
Rhea Danzey
3530d2997f
Ensure Helm packages generated end up in docs/ subpath that's hosted (#3427)
I've noticed that Chart Releaser is behaving improperly, and not
successfully putting the charts where gh-pages will hots them and
generating invalid index.

This change should ensure built charts end up in the `docs/` subpath,
which should ensure that `gh-pages` branch isn't getting an invalid
`index.yaml` and new charts should be automatically available.

### Pull Request Checklist

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`
2024-09-18 20:21:23 +02:00
Rhea Danzey
aa8d10a62d
Pinecone test image - Explicitly select Alpine golang image (#3426)
I've noticed when trying to build the Dendrite Pinecone test image, the
build fails due to `apk` not being available:

<img width="837" alt="image"
src="https://github.com/user-attachments/assets/8b483010-a037-4499-b925-a806ae8a82cb">

Checking out the [Docker Hub](https://hub.docker.com/_/golang/) repo for
the `golang` image it looks like this can resovle to `1.22-bookworm`, so
this should ensure we get an Alpine-based image for this build.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Rhea Danzey <rdanzey@element.io>`

Signed-off-by: Rhea Danzey <rdanzey@element.io>
2024-09-18 09:16:33 +02:00
Till
763c79f142
Version 0.13.8 (#3421) 2024-09-13 15:06:07 +02:00
Till
ed6d964e5d
Fix function signature, use default random boundary (#3422)
Fixes the function signature of `parseMultipartResponse` and uses the
default random boundary when creating a new multipart response.
2024-09-13 09:39:30 +02:00
Till
002fed3cb9
Bump GMSL (#3419)
Adds
https://github.com/matrix-org/gomatrixserverlib/pull/436
https://github.com/matrix-org/gomatrixserverlib/pull/438
https://github.com/matrix-org/gomatrixserverlib/pull/432
2024-09-10 19:45:31 +00:00
Paige Thompson
1e0e935699
add option for credentials file for NATS; more info: https://docs.nat… (#3415)
Not 100% on how you would want to test this; you would need a NATS
server configured with NKey:

https://docs.nats.io/using-nats/developer/connecting/creds

This was tested with Synadia's free NATS SaaS and it does appear to be
working, however there's an issue with how NATS is used in general:

```
time="2024-09-10T14:40:05.105105731Z" level=fatal msg="Unable to add in-memory stream" error="nats: account requires a stream config to have max bytes set" stream=DendriteInputRoomEvent subjects="[DendriteInputRoomEvent DendriteInputRoomEvent.>]"
```

I tried creating the topic manually, however dendrite insists on
deleting/recreating the topic, so getting this to work is an issue I'm
going ot have to deal with later unless somebody gets to it before then.

If you feel more competent than me and wanna draw from this PR as an
example (if you have another way you'd prefer to see this done) go ahead
feel free I just wanna see it get done and I'm not particularly good at
working with golang.

Signed-off-by: `Paige Thompson <paige@paige.bio>`
2024-09-10 21:28:04 +02:00
Neil
117ed66037
Update NATS to 2.10.20, use SyncAlways (#3418)
The internal NATS instance is definitely convenient but it does have one
problem: its lifecycle is tied to the Dendrite process. That means if
Dendrite panics or OOMs, it takes out NATS with it. I suspect this is
sometimes contributing to what people see with stuck streams, as some
operations or state might not be written to disk fully before it gets
interrupted.

Using `SyncAlways` means that NATS will effectively use `O_SYNC` and
block writes on flushes, which should improve resiliency against this
kind of failure considerably. It might affect performance a little but
shouldn't be significant.

Also updates NATS to 2.10.20 as there have been all sorts of fixes since
2.10.7, including better `SyncAlways` handling.

Signed-off-by: Neil Alexander <git@neilalexander.dev>

---------

Signed-off-by: Neil Alexander <git@neilalexander.dev>
Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
2024-09-10 20:54:38 +02:00
Till
3a2eadcc36
Speed up purging rooms (#3381)
[skip CI]
2024-09-10 20:43:50 +02:00
Werner
7bbec19a6a
cosmetics nginx sample config (#3385)
- fix typo
- fix spaces
- full sentence

Not tests required since no functional change happens

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Werner <werner@armbian.com>`

[skip CI]
2024-09-10 20:40:35 +02:00
Till
7a4ef240fc
Implement MSC3916 (#3397)
Needs https://github.com/matrix-org/gomatrixserverlib/pull/437
2024-08-16 12:37:59 +02:00
jjj333_p
8c6cf51b8f
Fixing Presence Conflicts (#3320)
This is meant to cache client presence for a moment so that it doesn't
oscillate.

Currently Dendrite just federates out whatever presence it gets from the
sync loop, which means if theres any clients attempting to sync without
setting the user online, and there is an online client, it will just
flip back and forth each time one of the clients polls /sync.

This pull request essentially stores in a map when the client last set
online ideally to allow the online client to sync again and set an
online presence before setting idle or offline.

I am not great at programming nor am I familiar with this codebase so if
this pr is just shitwater feel free to discard, just trying to fix an
issue that severely bothers me. If it is easier you can also steal the
code and write it in yourself. I ran the linter, not sure that it did
anything, the vscode go extension seems to format and lint anyways.

I tried to run unit tests but I have no idea any of this thing. it
errors on
`TestRequestPool_updatePresence/same_presence_is_not_published_dummy2
(10m0s)` which I think making this change broke. I am unsure how to
comply, if y'all point me in the right direction ill try to fix it. I
have tested it with all the situations I can think of on my personal
instance pain.agency, and this seems to stand up under all the
previously bugged situations.

~~My go also decided to update a bunch of the dependencies, I hate git
and github and have no idea how to fix that, it was not intentional.~~ i
just overwrote them with the ones from the main repo and committed it,
seems to have done what was needed.

### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [x] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [x] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Joseph Winkie <jjj333.p.1325@gmail.com>`

---------

Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
2024-08-03 22:03:39 +02:00
guoguangwu
5216e74b9a
fix: close resp body (#3364)
### Pull Request Checklist

<!-- Please read
https://matrix-org.github.io/dendrite/development/contributing before
submitting your pull request -->

* [ ] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
* [ ] Pull request includes a [sign off below using a legally
identifiable
name](https://matrix-org.github.io/dendrite/development/contributing#sign-off)
_or_ I have already signed off privately

Signed-off-by: `Your Name <your@email.example.org>`

Signed-off-by: guoguangwu <guoguangwug@gmail.com>
2024-08-03 21:20:43 +02:00
Till
4d116ff0db
Bump yggdrasil (#3407) 2024-08-03 20:26:28 +02:00
dependabot[bot]
c876790f08
Bump github.com/docker/docker from 24.0.9+incompatible to 25.0.6+incompatible (#3405)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
24.0.9+incompatible to 25.0.6+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v25.0.6</h2>
<h2>25.0.6</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.6">docker/cli,
25.0.6 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.6">moby/moby,
25.0.6 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v25.0.6/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v25.0.6/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release contains a fix for <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110">CVE-2024-41110</a>
/ <a
href="https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq">GHSA-v23v-6jw2-98fq</a>
that impacted setups using <a
href="https://docs.docker.com/engine/extend/plugins_authorization/">authorization
plugins (AuthZ)</a> for access control.</p>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>[25.0] remove erroneous <code>platform</code> from image
<code>config</code> OCI descriptor in <code>docker save</code> output.
<a
href="https://redirect.github.com/moby/moby/pull/47695">moby/moby#47695</a></li>
<li>[25.0 backport] Fix a nil dereference when getting image history for
images having layers without the <code>Created</code> value set. <a
href="https://redirect.github.com/moby/moby/pull/47759">moby/moby#47759</a></li>
<li>[25.0 backport] apparmor: Allow confined runc to kill containers. <a
href="https://redirect.github.com/moby/moby/pull/47830">moby/moby#47830</a></li>
<li>[25.0 backport] Fix an issue where rapidly promoting a Swarm node
after another node was demoted could cause the promoted node to fail its
promotion. <a
href="https://redirect.github.com/moby/moby/pull/47869">moby/moby#47869</a></li>
<li>[25.0 backport] don't depend on containerd platform.Parse to return
a typed error. <a
href="https://redirect.github.com/moby/moby/pull/47890">moby/moby#47890</a></li>
<li>[25.0 backport] builder/mobyexporter: Add missing nil check <a
href="https://redirect.github.com/moby/moby/pull/47987">moby/moby#47987</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Update AWS SDK Go v2 to v1.24.1 for AWS CloudWatch logging driver.
<a
href="https://redirect.github.com/moby/moby/pull/47724">moby/moby#47724</a></li>
<li>Update Go runtime to 1.21.12, which contains security fixes for <a
href="https://github.com/advisories/GHSA-hw49-2p59-3mhj">CVE-2024-24791</a>
<a
href="https://redirect.github.com/moby/moby/pull/48146">moby/moby#48146</a></li>
<li>Update Containerd (static binaries only) to <a
href="https://github.com/containerd/containerd/releases/tag/v1.7.20">v1.7.20</a>.
<a
href="https://redirect.github.com/moby/moby/pull/48199">moby/moby#48199</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/moby/moby/compare/v25.0.5...v25.0.6">https://github.com/moby/moby/compare/v25.0.5...v25.0.6</a></p>
<h2>v25.0.5</h2>
<h2>25.0.5</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.5">docker/cli,
25.0.5 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.5">moby/moby,
25.0.5 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v25.0.5/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v25.0.5/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release contains a security fix for <a
href="https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx">CVE-2024-29018</a>,
a potential data exfiltration from 'internal' networks via authoritative
DNS servers.</p>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>
<p><a
href="https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx">CVE-2024-29018</a>:
Do not forward requests to external DNS servers for a container that is
only connected to an 'internal' network. Previously, requests were
forwarded if the host's DNS server was running on a loopback address,
like systemd's 127.0.0.53. <a
href="https://redirect.github.com/moby/moby/pull/47589">moby/moby#47589</a></p>
</li>
<li>
<p>plugin: fix mounting /etc/hosts when running in UserNS. <a
href="https://redirect.github.com/moby/moby/pull/47588">moby/moby#47588</a></p>
</li>
<li>
<p>rootless: fix <code>open /etc/docker/plugins: permission
denied</code>. <a
href="https://redirect.github.com/moby/moby/pull/47587">moby/moby#47587</a></p>
</li>
<li>
<p>Fix multiple parallel <code>docker build</code> runs leaking disk
space. <a
href="https://redirect.github.com/moby/moby/pull/47527">moby/moby#47527</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="b08a51fe16"><code>b08a51f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48231">#48231</a>
from austinvazquez/backport-vendor-otel-v0.46.1-to-...</li>
<li><a
href="d151b0f87f"><code>d151b0f</code></a>
vendor: OTEL v0.46.1 / v1.21.0</li>
<li><a
href="c6ba9a5124"><code>c6ba9a5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48225">#48225</a>
from austinvazquez/backport-workflow-artifact-reten...</li>
<li><a
href="4673a3ca2c"><code>4673a3c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48227">#48227</a>
from austinvazquez/backport-backport-branch-check-t...</li>
<li><a
href="30f8908102"><code>30f8908</code></a>
github/ci: Check if backport is opened against the expected branch</li>
<li><a
href="7454d6a2e6"><code>7454d6a</code></a>
ci: update workflow artifacts retention</li>
<li><a
href="65cc597cea"><code>65cc597</code></a>
Merge commit from fork</li>
<li><a
href="b722836927"><code>b722836</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48199">#48199</a>
from austinvazquez/update-containerd-binary-to-1.7.20</li>
<li><a
href="e8ecb9c76d"><code>e8ecb9c</code></a>
update containerd binary to v1.7.20</li>
<li><a
href="e6cae1f237"><code>e6cae1f</code></a>
update containerd binary to v1.7.19</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v24.0.9...v25.0.6">compare
view</a></li>
</ul>
</details>
<br />


[![Dependabot compatibility
score](https://dependabot-badges.githubapp.com/badges/compatibility_score?dependency-name=github.com/docker/docker&package-manager=go_modules&previous-version=24.0.9+incompatible&new-version=25.0.6+incompatible)](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)

Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.

[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)

---

<details>
<summary>Dependabot commands and options</summary>
<br />

You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).

</details>

---------

Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
2024-08-02 08:56:24 +02:00
Till
a37d317958
Bump go to 1.21 (#3360) 2024-08-02 08:35:38 +02:00
Alex
9897959731
Fix: Edited messages appear twice in fulltext search (#3363)
As stated in https://github.com/matrix-org/dendrite/issues/3358 the
search response contains both original and edited message.
This PR fixes it by removing of the original message from the fulltext
index after indexing the edit message event.
I also made some cosmetic changes/fixes i found in the code

Signed-off-by: `Alexander Dubovikov <d.lexand@gmail.com>`
2024-07-27 22:30:17 +02:00
Till
affb6977e4
Fix nil pointer derefernce issues (#3379)
Discovered while running
https://gitlab.futo.org/load-testing/matrix-goose.

Dendrite locks up and runs into `context cancelled`, so the error is not
`sql.ErrNoRows` nor "default" (and definitely shouldn't return that the
account exists in this case)
2024-07-27 22:29:34 +02:00
Till
795c4a9453
Fix media DB possibly leaking connections (#3372)
Grafana Pyroscope unveiled that we are hitting
ad10fbd3c4/src/database/sql/sql.go (L2739-L2742)
for media DB queries.

Making the methods pointer receivers fixes this.

(Also some minor `error` cosmetic updates)
2024-07-27 22:29:19 +02:00
Till
a2e56dccb0
Don't bother hitting the DB if we got everything from cache (#3376)
Yet another finding where we hit the DB with a useless query. [skip ci]
2024-07-27 22:28:52 +02:00