| Age | Commit message (Collapse) | Author |
|---|
|
* Support configuring allow/deny networks
* Make the DNS cache aware of the allow/deny networks
* Allow all networks in CI
* Update GMSL
* Add missed file
---------
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
|
|
Bumps
[github.com/gorilla/websocket](https://github.com/gorilla/websocket)
from 1.5.0 to 1.5.3.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/gorilla/websocket/releases">github.com/gorilla/websocket's
releases</a>.</em></p>
<blockquote>
<h2>v1.5.3</h2>
<h2>Important change</h2>
<p>This reverts the websockets package back to <a
href="https://github.com/gorilla/websocket/commit/931041c5ee6de24fe9cba1aa16f1a0b910284d6d">https://github.com/gorilla/websocket/commit/931041c5ee6de24fe9cba1aa16f1a0b910284d6d</a></p>
<h2>What's Changed</h2>
<ul>
<li>Fixes subprotocol selection (aling with rfc6455) by <a
href="https://github.com/KSDaemon"><code>@KSDaemon</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/823">gorilla/websocket#823</a></li>
<li>Update README.md, replace master to main by <a
href="https://github.com/mstmdev"><code>@mstmdev</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/862">gorilla/websocket#862</a></li>
<li>Use status code constant by <a
href="https://github.com/mstmdev"><code>@mstmdev</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/864">gorilla/websocket#864</a></li>
<li>conn.go: default close handler should not return ErrCloseSent. by <a
href="https://github.com/pnx"><code>@pnx</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/865">gorilla/websocket#865</a></li>
<li>fix: replace ioutil.readfile with os.readfile by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/868">gorilla/websocket#868</a></li>
<li>fix: add comment for the readBufferSize and writeBufferSize by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/869">gorilla/websocket#869</a></li>
<li>Remove noisy printf in NextReader() and beginMessage() by <a
href="https://github.com/bcreane"><code>@bcreane</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/878">gorilla/websocket#878</a></li>
<li>docs(echoreadall): fix function echoReadAll comment by <a
href="https://github.com/XdpCs"><code>@XdpCs</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/881">gorilla/websocket#881</a></li>
<li>make tests parallel by <a
href="https://github.com/ninedraft"><code>@ninedraft</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/872">gorilla/websocket#872</a></li>
<li>Upgrader.Upgrade: use http.ResposnseController by <a
href="https://github.com/ninedraft"><code>@ninedraft</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/871">gorilla/websocket#871</a></li>
<li>Do not handle network error in <code>SetCloseHandler()</code> by <a
href="https://github.com/nak3"><code>@nak3</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/863">gorilla/websocket#863</a></li>
<li>perf: reduce timer in write_control by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/879">gorilla/websocket#879</a></li>
<li>fix: lint example code by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/890">gorilla/websocket#890</a></li>
<li>feat: format message type by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/889">gorilla/websocket#889</a></li>
<li>Remove hideTempErr to allow downstream users to check for errors
like net.ErrClosed by <a
href="https://github.com/UnAfraid"><code>@UnAfraid</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/894">gorilla/websocket#894</a></li>
<li>Do not timeout when WriteControl deadline is zero in <a
href="https://redirect.github.com/gorilla/websocket/pull/898">gorilla/websocket#898</a></li>
<li>Excludes errchecks linter by <a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
in <a
href="https://redirect.github.com/gorilla/websocket/pull/904">gorilla/websocket#904</a></li>
<li>Return errors instead of printing to logs by <a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
in <a
href="https://redirect.github.com/gorilla/websocket/pull/897">gorilla/websocket#897</a></li>
<li>Revert " Update go version & add verification/testing tools
(<a
href="https://redirect.github.com/gorilla/websocket/issues/840">#840</a>)"
by <a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
in <a
href="https://redirect.github.com/gorilla/websocket/pull/908">gorilla/websocket#908</a></li>
<li>Fixes broken random value generation by <a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
in <a
href="https://redirect.github.com/gorilla/websocket/pull/926">gorilla/websocket#926</a></li>
<li>Reverts back to v1.5.0 by <a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
in <a
href="https://redirect.github.com/gorilla/websocket/pull/929">gorilla/websocket#929</a></li>
</ul>
<h2>New Contributors</h2>
<ul>
<li><a href="https://github.com/KSDaemon"><code>@KSDaemon</code></a>
made their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/823">gorilla/websocket#823</a></li>
<li><a href="https://github.com/mstmdev"><code>@mstmdev</code></a> made
their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/862">gorilla/websocket#862</a></li>
<li><a href="https://github.com/pnx"><code>@pnx</code></a> made their
first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/865">gorilla/websocket#865</a></li>
<li><a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> made
their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/868">gorilla/websocket#868</a></li>
<li><a href="https://github.com/bcreane"><code>@bcreane</code></a> made
their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/878">gorilla/websocket#878</a></li>
<li><a href="https://github.com/XdpCs"><code>@XdpCs</code></a> made
their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/881">gorilla/websocket#881</a></li>
<li><a href="https://github.com/ninedraft"><code>@ninedraft</code></a>
made their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/872">gorilla/websocket#872</a></li>
<li><a href="https://github.com/nak3"><code>@nak3</code></a> made their
first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/863">gorilla/websocket#863</a></li>
<li><a href="https://github.com/UnAfraid"><code>@UnAfraid</code></a>
made their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/894">gorilla/websocket#894</a></li>
<li><a
href="https://github.com/apoorvajagtap"><code>@apoorvajagtap</code></a>
made their first contribution in <a
href="https://redirect.github.com/gorilla/websocket/pull/904">gorilla/websocket#904</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3">https://github.com/gorilla/websocket/compare/v1.5.1...v1.5.3</a></p>
<h2>v1.5.2</h2>
<h2>What's Changed</h2>
<ul>
<li>Fixes subprotocol selection (aling with rfc6455) by <a
href="https://github.com/KSDaemon"><code>@KSDaemon</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/823">gorilla/websocket#823</a></li>
<li>Update README.md, replace master to main by <a
href="https://github.com/mstmdev"><code>@mstmdev</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/862">gorilla/websocket#862</a></li>
<li>Use status code constant by <a
href="https://github.com/mstmdev"><code>@mstmdev</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/864">gorilla/websocket#864</a></li>
<li>conn.go: default close handler should not return ErrCloseSent. by <a
href="https://github.com/pnx"><code>@pnx</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/865">gorilla/websocket#865</a></li>
<li>fix: replace ioutil.readfile with os.readfile by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/868">gorilla/websocket#868</a></li>
<li>fix: add comment for the readBufferSize and writeBufferSize by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/869">gorilla/websocket#869</a></li>
<li>Remove noisy printf in NextReader() and beginMessage() by <a
href="https://github.com/bcreane"><code>@bcreane</code></a> in <a
href="https://redirect.github.com/gorilla/websocket/pull/878">gorilla/websocket#878</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/gorilla/websocket/commit/ce903f6d1d961af3a8602f2842c8b1c3fca58c4d"><code>ce903f6</code></a>
Reverts to v1.5.0</li>
<li><a
href="https://github.com/gorilla/websocket/commit/9ec25ca502ec881a7e873d3cdf35da60eab22037"><code>9ec25ca</code></a>
fixes broken random value generation</li>
<li><a
href="https://github.com/gorilla/websocket/commit/1bddf2e0dba6f35492b0f5614905b291cd0ab88d"><code>1bddf2e</code></a>
bumps go version & removes deprecated module usage</li>
<li><a
href="https://github.com/gorilla/websocket/commit/750bf92096b4cd4d75082948a4e143f303a65390"><code>750bf92</code></a>
adds GHA & Makefile configs</li>
<li><a
href="https://github.com/gorilla/websocket/commit/b2c246b2ec6f86b53889c79022fec8dabe0a20bb"><code>b2c246b</code></a>
Revert " Update go version & add verification/testing tools (<a
href="https://redirect.github.com/gorilla/websocket/issues/840">#840</a>)"</li>
<li><a
href="https://github.com/gorilla/websocket/commit/09a6bab4667fc302c7f23ad770ce48be6fc2d15f"><code>09a6bab</code></a>
removing error handling while closing connections</li>
<li><a
href="https://github.com/gorilla/websocket/commit/58af150309a40ad57463b8087fe33d59d5a490d3"><code>58af150</code></a>
return errors instead of printing to logs</li>
<li><a
href="https://github.com/gorilla/websocket/commit/e5f1a0aad0accdff7dc9131fdcce912e28d8f4d5"><code>e5f1a0a</code></a>
excludes errchecks linter</li>
<li><a
href="https://github.com/gorilla/websocket/commit/b2a86a174473e870c9fcc3eaba8957689090d2cc"><code>b2a86a1</code></a>
Do not timeout when WriteControl deadline is zero</li>
<li><a
href="https://github.com/gorilla/websocket/commit/695e9095ce8736ac99c83939ca6b0fe93768f680"><code>695e909</code></a>
Remove hideTempErr to allow downstream users to check for errors like
net.Err...</li>
<li>Additional commits viewable in <a
href="https://github.com/gorilla/websocket/compare/v1.5.0...v1.5.3">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps
[github.com/docker/go-connections](https://github.com/docker/go-connections)
from 0.4.0 to 0.5.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/docker/go-connections/commit/fa09c952e3eadbffaf8afc5b8a1667158ba38ace"><code>fa09c95</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/go-connections/issues/108">#108</a>
from thaJeztah/carry_6</li>
<li><a
href="https://github.com/docker/go-connections/commit/7a67a58690ec00e92abd9fedb3b1b99c95bbbd59"><code>7a67a58</code></a>
Swap CloseRead and CloseWrite</li>
<li><a
href="https://github.com/docker/go-connections/commit/481d3d26b3705da4932f3fb11d3b47a5b5abcb46"><code>481d3d2</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/go-connections/issues/107">#107</a>
from thaJeztah/drop_legacy_go</li>
<li><a
href="https://github.com/docker/go-connections/commit/9548f9f7bdd4e95eb9d3a20c430517f69f5c62cf"><code>9548f9f</code></a>
tlsconfig: remove deprecated io/ioutil</li>
<li><a
href="https://github.com/docker/go-connections/commit/c564c210e1404800194d27aad617dde3c4f4f831"><code>c564c21</code></a>
drop support for go1.17 and older</li>
<li><a
href="https://github.com/docker/go-connections/commit/7cbebcf931b3107a81a923ce6e1874380c65c436"><code>7cbebcf</code></a>
gha: update actions</li>
<li><a
href="https://github.com/docker/go-connections/commit/2cf423f0ad95e0e87577d9740c647015c00ed8fd"><code>2cf423f</code></a>
tlsconfig: move allTLSVersions var</li>
<li><a
href="https://github.com/docker/go-connections/commit/dca283b66503865dfa3869d7976a925105b82211"><code>dca283b</code></a>
tlsconfig: drop support for go1.12 and older</li>
<li><a
href="https://github.com/docker/go-connections/commit/21876c5afda7f3fe2b7505a72a04eb4a021b64f1"><code>21876c5</code></a>
tlsconfig: drop support for go1.6 and older</li>
<li><a
href="https://github.com/docker/go-connections/commit/4d174dba226cc3a556fa2f158b209f4d54c64281"><code>4d174db</code></a>
tlsconfig: drop support for go1.4 and older</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/go-connections/compare/v0.4.0...v0.5.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
26.1.5+incompatible (#3466)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
26.1.0+incompatible to 26.1.5+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v26.1.5</h2>
<h2>26.1.5</h2>
<h3>Security</h3>
<p>This release contains a fix for <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110">CVE-2024-41110</a>
/ <a
href="https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq">GHSA-v23v-6jw2-98fq</a>
that impacted setups using <a
href="https://docs.docker.com/engine/extend/plugins_authorization/">authorization
plugins (AuthZ)</a>
for access control. No other changes are included in this release, and
this
release is otherwise identical for users not using AuthZ plugins.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/moby/moby/compare/v26.1.4...v26.1.5">https://github.com/moby/moby/compare/v26.1.4...v26.1.5</a></p>
<h2>v26.1.4</h2>
<h2>26.1.4</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A26.1.4">docker/cli,
26.1.4 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A26.1.4">moby/moby,
26.1.4 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v26.1.4/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v26.1.4/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release updates the Go runtime to 1.21.11 which contains
security fixes for:</p>
<ul>
<li><a
href="https://redirect.github.com/golang/go/issues/66869">CVE-2024-24789</a></li>
<li><a
href="https://redirect.github.com/golang/go/issues/67680">CVE-2024-24790</a></li>
<li>A symlink time of check to time of use race condition during
directory removal reported by Addison Crump (<a
href="https://github.com/addisoncrump"><code>@addisoncrump</code></a>).</li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Fixed an issue where promoting a node immediately after another node
was demoted could cause the promotion to fail. <a
href="https://redirect.github.com/moby/moby/pull/47870">moby/moby#47870</a></li>
<li>Prevent the daemon log from being spammed with <code>superfluous
response.WriteHeader call ...</code> messages.. <a
href="https://redirect.github.com/moby/moby/pull/47843">moby/moby#47843</a></li>
<li>Don't show empty hints when plugins return an empty hook message. <a
href="https://redirect.github.com/docker/cli/pull/5083">docker/cli#5083</a></li>
<li>Added <code>ContextType: "moby"</code> to the context
list/inspect output to address a compatibility issue with Visual Studio
Container Tools. <a
href="https://redirect.github.com/docker/cli/pull/5095">docker/cli#5095</a></li>
<li>Fix a compatibility issue with Visual Studio Container Tools. <a
href="https://redirect.github.com/docker/cli/pull/5095">docker/cli#5095</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Update containerd (static binaries only) to <a
href="https://github.com/containerd/containerd/releases/tag/v1.7.17">v1.7.17</a>.
<a
href="https://redirect.github.com/moby/moby/pull/47841">moby/moby#47841</a></li>
<li><a
href="https://redirect.github.com/golang/go/issues/66869">CVE-2024-24789</a>,
<a
href="https://redirect.github.com/golang/go/issues/67680">CVE-2024-24790</a>:
Update Go runtime to 1.21.11. <a
href="https://redirect.github.com/moby/moby/pull/47904">moby/moby#47904</a></li>
<li>Update Compose to <a
href="https://github.com/docker/compose/releases/tag/v2.27.1">v2.27.1</a>.
<a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/1022">docker/docker-ce-packages#1022</a></li>
<li>Update Buildx to <a
href="https://github.com/docker/buildx/releases/tag/v0.14.1">v0.14.1</a>.
<a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/1021">docker/docker-ce-packages#1021</a></li>
</ul>
<h2>v26.1.3</h2>
<h2>26.1.3</h2>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/411e817ddf710ff8e08fa193da80cb78af708191"><code>411e817</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/moby/moby/commit/9cc85eaef15739234909e9c1d4b9915b37bac4ab"><code>9cc85ea</code></a>
If url includes scheme, urlPath will drop hostname, which would not
match the...</li>
<li><a
href="https://github.com/moby/moby/commit/820cab90bc2cfc6fadf9bf9f0f460e1f6d07434a"><code>820cab9</code></a>
Authz plugin security fixes for 0-length content and path
validation</li>
<li><a
href="https://github.com/moby/moby/commit/6bc49067a6c7647db245d77e0660778c8f61f314"><code>6bc4906</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48123">#48123</a>
from vvoland/v26.1-48120</li>
<li><a
href="https://github.com/moby/moby/commit/6fbdce4b94456b6aad2b83a661bbbbed4dafa583"><code>6fbdce4</code></a>
update to go1.21.12</li>
<li><a
href="https://github.com/moby/moby/commit/f5334644ecc787861fef75c7f6d08756ffe8bbd7"><code>f533464</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47986">#47986</a>
from vvoland/v26.1-47985</li>
<li><a
href="https://github.com/moby/moby/commit/c1d4587d769bae94305de974fcb97d614fa7b4ef"><code>c1d4587</code></a>
builder/mobyexporter: Add missing nil check</li>
<li><a
href="https://github.com/moby/moby/commit/d6428049a53212ee798fedd90b1328a381492d28"><code>d642804</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47940">#47940</a>
from thaJeztah/26.1_backport_api_remove_container_c...</li>
<li><a
href="https://github.com/moby/moby/commit/daba2462f545b155011e1f183a85f00a18926181"><code>daba246</code></a>
docs: api: image inspect: remove Container and ContainerConfig</li>
<li><a
href="https://github.com/moby/moby/commit/de5c9cf0b96e4e172b96db54abababa4a328462f"><code>de5c9cf</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47912">#47912</a>
from thaJeztah/26.1_backport_vendor_containerd_1.7.18</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v26.1.0...v26.1.5">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/element-hq/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
27.4.0+incompatible (#3458)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
25.0.6+incompatible to 27.4.0+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v27.4.0</h2>
<h2>27.4.0</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A27.4.0">docker/cli,
27.4.0 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A27.4.0">moby/moby,
27.4.0 milestone</a></li>
</ul>
<h3>API</h3>
<ul>
<li><code>GET /images/json</code> with the <code>manifests</code> option
enabled now preserves the original order in which manifests appeared in
the manifest-index. <a
href="https://redirect.github.com/moby/moby/pull/48712">moby/moby#48712</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>When reading logs with the <code>jsonfile</code> or
<code>local</code> log drivers, any errors while trying to read or parse
underlying log files will cause the rest of the file to be skipped and
move to the next log file (if one exists) rather than returning an error
to the client and closing the stream. The errors are viewable in the
Docker Daemon logs and exported to traces when tracing is configured. <a
href="https://redirect.github.com/moby/moby/pull/48842">moby/moby#48842</a></li>
<li>When reading log files, compressed log files are now only
decompressed when needed rather than decompressing all files before
starting the log stream. <a
href="https://redirect.github.com/moby/moby/pull/48842">moby/moby#48842</a></li>
<li>Fix an issue that meant published ports from one container on a
bridge network were not accessible from another container on the same
network with <code>userland-proxy</code> disabled, if the kernel's
<code>br_netfilter</code> module was not loaded and enabled. The daemon
will now attempt to load the module and enable
<code>bridge-nf-call-iptables</code> or
<code>bridge-nf-call-ip6tables</code> when creating a network with the
userland proxy disabled. <a
href="https://redirect.github.com/moby/moby/pull/48685">moby/moby#48685</a></li>
<li>Fix loading of <code>bridge</code> and <code>br_netfilter</code>
kernel modules. <a
href="https://redirect.github.com/moby/moby/pull/48966">moby/moby#48966</a></li>
<li>containerd image store: Fix Docker daemon failing to fully start
with a "context deadline exceeded error" with containerd
snapshotter and many builds/images. <a
href="https://redirect.github.com/moby/moby/pull/48954">moby/moby#48954</a></li>
<li>containerd image-store: Fix partially pulled images not being
garbage-collected. <a
href="https://redirect.github.com/moby/moby/pull/48910">moby#48910</a>,
<a
href="https://redirect.github.com/moby/moby/pull/48957">moby/moby#48957</a></li>
<li>containerd image store: Fix <code>docker image inspect</code>
outputting duplicate references in <code>RepoDigests</code>. <a
href="https://redirect.github.com/moby/moby/pull/48785">moby/moby#48785</a></li>
<li>containerd image store: Fix not being able to connect to some
insecure registries in cases where the HTTPS request failed due to a
non-TLS related error. <a
href="https://redirect.github.com/moby/moby/pull/48758">moby/moby#48758</a></li>
<li>containerd image store: Remove a confusing warning log when tagging
a non-dangling image. <a
href="https://redirect.github.com/moby/moby/pull/49010">moby/moby#49010</a></li>
<li>dockerd-rootless-setuptool.sh: let --force ignore smoke test errors
<a
href="https://redirect.github.com/moby/moby/pull/48695">moby/moby#48695</a></li>
<li>Disable IPv6 Duplicate Address Detection (DAD) for addresses
assigned to the bridges belonging to bridge networks. <a
href="https://redirect.github.com/moby/moby/pull/48684">moby/moby#48684</a></li>
<li>Remove BuildKit init timeout. <a
href="https://redirect.github.com/moby/moby/pull/48963">moby/moby#48963</a></li>
<li>Ignore "dataset does not exist" error when removing
dataset on ZFS. <a
href="https://redirect.github.com/moby/moby/pull/48968">moby/moby#48968</a></li>
<li>Client: Prevent idle connections leaking FDs. <a
href="https://redirect.github.com/moby/moby/pull/48764">moby/moby#48764</a></li>
<li>Fix anonymous volumes being created through the <code>--mount</code>
option not being marked as anonymous. <a
href="https://redirect.github.com/moby/moby/pull/48755">moby/moby#48755</a></li>
<li>After a daemon restart with live-restore, ensure an iptables jump to
the <code>DOCKER-USER</code> chain is placed before other rules. <a
href="https://redirect.github.com/moby/moby/pull/48714">moby/moby#48714</a></li>
<li>Fix a possible memory leak caused by OTel meters. <a
href="https://redirect.github.com/moby/moby/pull/48693">moby/moby#48693</a></li>
<li>Create distinct build history db for each store. <a
href="https://redirect.github.com/moby/moby/pull/48688">moby/moby#48688</a></li>
<li>Fix an issue that caused excessive memory usage when DNS resolution
was made in a tight loop. <a
href="https://redirect.github.com/moby/moby/pull/48840">moby/moby#48840</a></li>
<li>containerd image store: Do not underline names in <code>docker image
ls --tree</code>. <a
href="https://redirect.github.com/docker/cli/pull/5519">docker/cli#5519</a></li>
<li>containerd image store: Change name of <code>USED</code> column in
<code>docker image ls --tree</code> to <code>IN USE</code>. <a
href="https://redirect.github.com/docker/cli/pull/5518">docker/cli#5518</a></li>
<li>Fix a bug preventing image pulls from being cancelled during
<code>docker run</code>. <a
href="https://redirect.github.com/docker/cli/pull/5654">docker/cli#5654</a></li>
<li>Port some completions from the bash completion to the new cobra
based completion. <a
href="https://redirect.github.com/docker/cli/pull/5618">docker/cli#5618</a></li>
<li>The <code>docker login</code> and <code>docker logout</code> command
no longer update the configuration file if the credentials didn't
change. <a
href="https://redirect.github.com/docker/cli/pull/5569">docker/cli#5569</a></li>
<li>Optimise <code>docker stats</code> to reduce flickering issues. <a
href="https://redirect.github.com/docker/cli/pull/5588">docker/cli#5588</a>,
<a
href="https://redirect.github.com/docker/cli/pull/5635">docker/cli#5635</a></li>
<li>Fix inaccessible plugins paths preventing plugins from being
detected. <a
href="https://redirect.github.com/docker/cli/pull/5652">docker/cli#5652</a></li>
<li>Add support for <code>events --filter</code> in cobra generated
shell completions. <a
href="https://redirect.github.com/docker/cli/pull/5614">docker/cli#5614</a></li>
<li>Fix bash completion for <code>events --filter daemon=</code>. <a
href="https://redirect.github.com/docker/cli/pull/5563">docker/cli#5563</a></li>
<li>Improve shell-completion of containers for <code>docker rm</code>.
<a
href="https://redirect.github.com/docker/cli/pull/5540">docker/cli#5540</a></li>
<li>Add shell-completion for <code>--platform</code> flags. <a
href="https://redirect.github.com/docker/cli/pull/5540">docker/cli#5540</a></li>
<li>rootless: Make <code>/etc/cdi</code> and <code>/var/run/cdi</code>
accessible by the Container Device Interface (CDI) integration. <a
href="https://redirect.github.com/moby/moby/pull/49027">moby/moby#49027</a></li>
</ul>
<h3>Removed</h3>
<ul>
<li>Deprecate <code>Daemon.Exists()</code> and
<code>Daemon.IsPaused()</code>. These functions are no longer used and
will be removed in the next release. <a
href="https://redirect.github.com/moby/moby/pull/48719">moby/moby#48719</a></li>
<li>Deprecate <code>container.ErrNameReserved</code> and
<code>container.ErrNameNotReserved</code>. <a
href="https://redirect.github.com/moby/moby/pull/48697">moby/moby#48697</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/92a83937d0280dcbea92099b01e01aa4251c1777"><code>92a8393</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49027">#49027</a>
from thaJeztah/27.x_backport_cdi-rootless</li>
<li><a
href="https://github.com/moby/moby/commit/9163aa379a8212c08c14aeff45a25131faa3d47b"><code>9163aa3</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49026">#49026</a>
from thaJeztah/27.x_update_go_1.22.10</li>
<li><a
href="https://github.com/moby/moby/commit/4775621ab6ab5adb94450d8edfa7f85c790070f7"><code>4775621</code></a>
Dockerd rootless: make {/etc,/var/run}/cdi available</li>
<li><a
href="https://github.com/moby/moby/commit/0176f4a5c3b354fa2c7aa76f1249c1ef93d2d8a1"><code>0176f4a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49024">#49024</a>
from thaJeztah/27.x_vendor_buildkit_0.17.3</li>
<li><a
href="https://github.com/moby/moby/commit/0e34b3956b6e95324d67517305a3376d36896490"><code>0e34b39</code></a>
update to go1.22.10</li>
<li><a
href="https://github.com/moby/moby/commit/7919b806e7654c999656ff2288fed76542b2707e"><code>7919b80</code></a>
[27.x] vendor: github.com/moby/buildkit v0.17.3</li>
<li><a
href="https://github.com/moby/moby/commit/a92d4c5a575722f61bfe6f659360a17fb6a53f0d"><code>a92d4c5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49013">#49013</a>
from vvoland/49006-27.x</li>
<li><a
href="https://github.com/moby/moby/commit/1cc127466dcb3ad693b5285ff13ba3e24163277f"><code>1cc1274</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/49010">#49010</a>
from vvoland/49009-27.x</li>
<li><a
href="https://github.com/moby/moby/commit/525b929947e8cf02246ab53915d1ea89936a2181"><code>525b929</code></a>
registry: deprecate RepositoryInfo.Class</li>
<li><a
href="https://github.com/moby/moby/commit/d6d43b29126043b479ff967f20259a5491d58f0f"><code>d6d43b2</code></a>
c8d/tag: Don't log a warning if the source image is not dangling</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v25.0.6...v27.4.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
|
|
Bumps
[github.com/dgraph-io/ristretto](https://github.com/dgraph-io/ristretto)
from 0.1.1 to 0.2.0.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/dgraph-io/ristretto/releases">github.com/dgraph-io/ristretto's
releases</a>.</em></p>
<blockquote>
<h2>v0.2.0</h2>
<h2>What's Changed</h2>
<p>*`docs(readme): Use new Wait method by <a
href="https://github.com/angadn"><code>@angadn</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/327">dgraph-io/ristretto#327</a></p>
<ul>
<li>docs: format example on readme by <a
href="https://github.com/rfyiamcool"><code>@rfyiamcool</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/339">dgraph-io/ristretto#339</a></li>
<li>Fix flakes in TestDropUpdates by <a
href="https://github.com/evanj"><code>@evanj</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/334">dgraph-io/ristretto#334</a></li>
<li>docs(Cache): document Wait, clarify Get by <a
href="https://github.com/evanj"><code>@evanj</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/333">dgraph-io/ristretto#333</a></li>
<li>chore: fix typo error by <a
href="https://github.com/proost"><code>@proost</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/341">dgraph-io/ristretto#341</a></li>
<li>fix: support compilation to wasip1 by <a
href="https://github.com/achille-roussel"><code>@achille-roussel</code></a>
in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/344">dgraph-io/ristretto#344</a></li>
<li>remove glog dependency by <a
href="https://github.com/jhawk28"><code>@jhawk28</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/350">dgraph-io/ristretto#350</a></li>
<li>add config for cleanup ticker duration by <a
href="https://github.com/singhvikash11"><code>@singhvikash11</code></a>
in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/342">dgraph-io/ristretto#342</a></li>
<li>fix(OnEvict): Set missing Expiration field on evicted items by <a
href="https://github.com/0x1ee7"><code>@0x1ee7</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/345">dgraph-io/ristretto#345</a></li>
<li>uint32 -> uint64 in slice methods by <a
href="https://github.com/mocurin"><code>@mocurin</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/323">dgraph-io/ristretto#323</a></li>
<li>fix: cleanupTicker not being stopped by <a
href="https://github.com/IlyaFloppy"><code>@IlyaFloppy</code></a> in <a
href="https://redirect.github.com/dgraph-io/ristretto/pull/343">dgraph-io/ristretto#343</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Changelog</summary>
<p><em>Sourced from <a
href="https://github.com/dgraph-io/ristretto/blob/main/CHANGELOG.md">github.com/dgraph-io/ristretto's
changelog</a>.</em></p>
<blockquote>
<h2>[v0.2.0] - 2024-10-06</h2>
<h3>Added</h3>
<ul>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/344"><code>fix:
support compilation to wasip1 by @achille-roussel</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/342"><code>add
config for cleanup ticker duration by @singhvikash11</code></a></li>
</ul>
<h3>Fixed</h3>
<ul>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/327"><code>docs(readme):
Use new Wait method by @angadn</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/339"><code>docs:
format example on readme by @rfyiamcool</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/334"><code>Fix
flakes in TestDropUpdates by @evanj</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/333"><code>docs(Cache):
document Wait, clarify Get by @evanj</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/341"><code>chore:
fix typo error by @proost</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/350"><code>remove
glog dependency by @jhawk28</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/345"><code>fix(OnEvict):
Set missing Expiration field on evicted items by
@0x1ee7</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/323"><code>uint32
-> uint64 in slice methods by @mocurin</code></a></li>
<li><a
href="https://redirect.github.com/dgraph-io/ristretto/pull/343"><code>fix:
cleanupTicker not being stopped by @IlyaFloppy</code></a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/185461756714d72b458a7fb6cf9441a96db82dcb"><code>1854617</code></a>
minor repo cleanup (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/352">#352</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/91446626cc3b34a596a024bd711f786e74851aeb"><code>9144662</code></a>
stop cleanupTicker while closing cache (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/343">#343</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/c00b3525a6a1c4cead9cc26b8d453da4b0e85e52"><code>c00b352</code></a>
uint32 to uint64 in slice methods (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/323">#323</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/e6d62cbfa02d3bd4bfd1f50f8d86786dc668ec46"><code>e6d62cb</code></a>
chore(ci): separate out coverage report workflow (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/353">#353</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/f0e70276b93a49aa672dd247f4dddfc5f208d07f"><code>f0e7027</code></a>
set missing Expiration field on evicted items (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/345">#345</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/e8dc5b0073351c9bf2a0c4ca8567089da049da44"><code>e8dc5b0</code></a>
add config for cleanup ticker duration (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/342">#342</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/c5789d66fddc048e40318067bb60cf8395d8a3f8"><code>c5789d6</code></a>
update golangci config and cleanup repo (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/351">#351</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/bdcf5e99ac1dcfc086482e8041b79d01167c7590"><code>bdcf5e9</code></a>
remove glog dependency (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/350">#350</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/3f6b44a6092c4a0ad1f3ece5db1d54438ddcb39b"><code>3f6b44a</code></a>
fix: support compilation to wasip1 (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/344">#344</a>)</li>
<li><a
href="https://github.com/dgraph-io/ristretto/commit/c73d585ee67e15661e8148de2657f0939b0a63b4"><code>c73d585</code></a>
chore: fix typo error (<a
href="https://redirect.github.com/dgraph-io/ristretto/issues/341">#341</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/dgraph-io/ristretto/compare/v0.1.1...v0.2.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Signed-off-by: Neil Alexander <git@neilalexander.dev>
---------
Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
|
|
|
|
securely (#3293)
This PR adds 2 `dendrite-demo` main's, each designed expressly to serve
a Hidden Service/Overlay network.
The first, `dendrite-demo-i2p` add self-configuration for use of
dendrite as an I2P hidden service(eepsite) and to connect to I2P
services(federate) as an I2P client. It further disables the `dendrite`
server from communicating with non-anonymous servers by
federation(because I2P does not canonically have the ability to exit, we
rely on donors for exit traffic), and enables the use of self-signed TLS
certificates([because I2P services are self-authenticating but TLS is
still required for other aspects of the system to work
reliably](https://tor.stackexchange.com/questions/13887/registering-onion-with-certificate-authority)).
This demo turns the system into an "pseudonymous" homeserver which
people can connect to using an I2P-enabled Matrix client(I like `cinny`
and it's what I tested with).
The second, `dendrite-demo-tor` adds self-configuration for the use of
dendrite as an Onion service and to connect to other onion services and
non-anonymous web sites using Tor to obfuscate it's physical location
and providing, optionally, pseudonymity. It also enables the use of
self-signed TLS certificates, for the same reason as with I2P, because
onion services aren't typically eligible for TLS certificates. It has
also been tested with `cinny`.
These services are both pseudonymous like myself, not anonymous. I will
be meeting members of the element team at the CCC assembly shortly to
discuss contributing under my pseudonym.
As none of the other `dendrite-demo` have unit tests I did not add them
to these checkins.
* [*] I have added Go unit tests or [Complement integration
tests](https://github.com/matrix-org/complement) for this PR _or_ I have
justified why this PR doesn't need tests
---------
Co-authored-by: eyedeekay <idk@mulder>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
|
|
Adds
https://github.com/matrix-org/gomatrixserverlib/pull/436
https://github.com/matrix-org/gomatrixserverlib/pull/438
https://github.com/matrix-org/gomatrixserverlib/pull/432
|
|
The internal NATS instance is definitely convenient but it does have one
problem: its lifecycle is tied to the Dendrite process. That means if
Dendrite panics or OOMs, it takes out NATS with it. I suspect this is
sometimes contributing to what people see with stuck streams, as some
operations or state might not be written to disk fully before it gets
interrupted.
Using `SyncAlways` means that NATS will effectively use `O_SYNC` and
block writes on flushes, which should improve resiliency against this
kind of failure considerably. It might affect performance a little but
shouldn't be significant.
Also updates NATS to 2.10.20 as there have been all sorts of fixes since
2.10.7, including better `SyncAlways` handling.
Signed-off-by: Neil Alexander <git@neilalexander.dev>
---------
Signed-off-by: Neil Alexander <git@neilalexander.dev>
Co-authored-by: Neil Alexander <neilalexander@users.noreply.github.com>
|
|
Needs https://github.com/matrix-org/gomatrixserverlib/pull/437
|
|
|
|
25.0.6+incompatible (#3405)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
24.0.9+incompatible to 25.0.6+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v25.0.6</h2>
<h2>25.0.6</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.6">docker/cli,
25.0.6 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.6">moby/moby,
25.0.6 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v25.0.6/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v25.0.6/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release contains a fix for <a
href="https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-41110">CVE-2024-41110</a>
/ <a
href="https://github.com/moby/moby/security/advisories/GHSA-v23v-6jw2-98fq">GHSA-v23v-6jw2-98fq</a>
that impacted setups using <a
href="https://docs.docker.com/engine/extend/plugins_authorization/">authorization
plugins (AuthZ)</a> for access control.</p>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>[25.0] remove erroneous <code>platform</code> from image
<code>config</code> OCI descriptor in <code>docker save</code> output.
<a
href="https://redirect.github.com/moby/moby/pull/47695">moby/moby#47695</a></li>
<li>[25.0 backport] Fix a nil dereference when getting image history for
images having layers without the <code>Created</code> value set. <a
href="https://redirect.github.com/moby/moby/pull/47759">moby/moby#47759</a></li>
<li>[25.0 backport] apparmor: Allow confined runc to kill containers. <a
href="https://redirect.github.com/moby/moby/pull/47830">moby/moby#47830</a></li>
<li>[25.0 backport] Fix an issue where rapidly promoting a Swarm node
after another node was demoted could cause the promoted node to fail its
promotion. <a
href="https://redirect.github.com/moby/moby/pull/47869">moby/moby#47869</a></li>
<li>[25.0 backport] don't depend on containerd platform.Parse to return
a typed error. <a
href="https://redirect.github.com/moby/moby/pull/47890">moby/moby#47890</a></li>
<li>[25.0 backport] builder/mobyexporter: Add missing nil check <a
href="https://redirect.github.com/moby/moby/pull/47987">moby/moby#47987</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Update AWS SDK Go v2 to v1.24.1 for AWS CloudWatch logging driver.
<a
href="https://redirect.github.com/moby/moby/pull/47724">moby/moby#47724</a></li>
<li>Update Go runtime to 1.21.12, which contains security fixes for <a
href="https://github.com/advisories/GHSA-hw49-2p59-3mhj">CVE-2024-24791</a>
<a
href="https://redirect.github.com/moby/moby/pull/48146">moby/moby#48146</a></li>
<li>Update Containerd (static binaries only) to <a
href="https://github.com/containerd/containerd/releases/tag/v1.7.20">v1.7.20</a>.
<a
href="https://redirect.github.com/moby/moby/pull/48199">moby/moby#48199</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/moby/moby/compare/v25.0.5...v25.0.6">https://github.com/moby/moby/compare/v25.0.5...v25.0.6</a></p>
<h2>v25.0.5</h2>
<h2>25.0.5</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A25.0.5">docker/cli,
25.0.5 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A25.0.5">moby/moby,
25.0.5 milestone</a></li>
<li>Deprecated and removed features, see <a
href="https://github.com/docker/cli/blob/v25.0.5/docs/deprecated.md">Deprecated
Features</a>.</li>
<li>Changes to the Engine API, see <a
href="https://github.com/moby/moby/blob/v25.0.5/docs/api/version-history.md">API
version history</a>.</li>
</ul>
<h3>Security</h3>
<p>This release contains a security fix for <a
href="https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx">CVE-2024-29018</a>,
a potential data exfiltration from 'internal' networks via authoritative
DNS servers.</p>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>
<p><a
href="https://github.com/moby/moby/security/advisories/GHSA-mq39-4gv4-mvpx">CVE-2024-29018</a>:
Do not forward requests to external DNS servers for a container that is
only connected to an 'internal' network. Previously, requests were
forwarded if the host's DNS server was running on a loopback address,
like systemd's 127.0.0.53. <a
href="https://redirect.github.com/moby/moby/pull/47589">moby/moby#47589</a></p>
</li>
<li>
<p>plugin: fix mounting /etc/hosts when running in UserNS. <a
href="https://redirect.github.com/moby/moby/pull/47588">moby/moby#47588</a></p>
</li>
<li>
<p>rootless: fix <code>open /etc/docker/plugins: permission
denied</code>. <a
href="https://redirect.github.com/moby/moby/pull/47587">moby/moby#47587</a></p>
</li>
<li>
<p>Fix multiple parallel <code>docker build</code> runs leaking disk
space. <a
href="https://redirect.github.com/moby/moby/pull/47527">moby/moby#47527</a></p>
</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/b08a51fe16eed67de3861c03b363ba403643b12e"><code>b08a51f</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48231">#48231</a>
from austinvazquez/backport-vendor-otel-v0.46.1-to-...</li>
<li><a
href="https://github.com/moby/moby/commit/d151b0f87f9673f206b477c90db25956e1704ba5"><code>d151b0f</code></a>
vendor: OTEL v0.46.1 / v1.21.0</li>
<li><a
href="https://github.com/moby/moby/commit/c6ba9a5124603357bfc4a64971cbb9708180f06e"><code>c6ba9a5</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48225">#48225</a>
from austinvazquez/backport-workflow-artifact-reten...</li>
<li><a
href="https://github.com/moby/moby/commit/4673a3ca2c37ae30270a29c281ccd9477107dcee"><code>4673a3c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48227">#48227</a>
from austinvazquez/backport-backport-branch-check-t...</li>
<li><a
href="https://github.com/moby/moby/commit/30f89081028ce6fb1b49a71c02c156dacbe9aa62"><code>30f8908</code></a>
github/ci: Check if backport is opened against the expected branch</li>
<li><a
href="https://github.com/moby/moby/commit/7454d6a2e672b0b977aaa14463c9aeb53acd06af"><code>7454d6a</code></a>
ci: update workflow artifacts retention</li>
<li><a
href="https://github.com/moby/moby/commit/65cc597cea28cdc25bea3b8a86384b4251872919"><code>65cc597</code></a>
Merge commit from fork</li>
<li><a
href="https://github.com/moby/moby/commit/b722836927669b414569c42f096869cd800b59a6"><code>b722836</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/48199">#48199</a>
from austinvazquez/update-containerd-binary-to-1.7.20</li>
<li><a
href="https://github.com/moby/moby/commit/e8ecb9c76d97579ebbf3f9d3ef770d08ac303809"><code>e8ecb9c</code></a>
update containerd binary to v1.7.20</li>
<li><a
href="https://github.com/moby/moby/commit/e6cae1f2373d4ff37499570e67f23b2cebb7a043"><code>e6cae1f</code></a>
update containerd binary to v1.7.19</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v24.0.9...v25.0.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
---------
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Till Faelligen <2353100+S7evinK@users.noreply.github.com>
|
|
|
|
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.10.0
to 0.18.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/image/commit/3bbf4a659e56fde394e7214ddd17673223aca672"><code>3bbf4a6</code></a>
tiff: Validate palette indices when parsing palette-color images</li>
<li><a
href="https://github.com/golang/image/commit/6c5fa462eb87ac98bad9b09ea3b041dd770fa611"><code>6c5fa46</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/55c4ab6bd625a2e8433671ec9f9b6c46daddf2cf"><code>55c4ab6</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/0057a939a541e6068d04ccf947c61a708378101d"><code>0057a93</code></a>
tiff: fix function name in comment</li>
<li><a
href="https://github.com/golang/image/commit/9e190ae4a3c5edc736fd99ba38be1c9d08ea5320"><code>9e190ae</code></a>
webp: disallow multiple VP8X chunks</li>
<li><a
href="https://github.com/golang/image/commit/445ab0e75e6df9b6a4d3d5437bda2a7cac74eb72"><code>445ab0e</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/240a51ac9f088c1c81cad2cf80a37b99c52abcde"><code>240a51a</code></a>
font/sfnt: support early version 0 OS/2 tables</li>
<li><a
href="https://github.com/golang/image/commit/c20bbc37136f3a0b463478dd8e699c51139af48c"><code>c20bbc3</code></a>
draw: simplify some calls to fmt.Fprintf</li>
<li><a
href="https://github.com/golang/image/commit/491771c681427e82b9843267b24b32cf56743e83"><code>491771c</code></a>
draw: merge draw_go117.go into draw.go</li>
<li><a
href="https://github.com/golang/image/commit/4aa0222fac539f4a04a4378b75b70ad6e1820ecb"><code>4aa0222</code></a>
go.mod: update go directive to 1.18</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/image/compare/v0.10.0...v0.18.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.21.0 to
0.23.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/c48da131589f122489348be5dfbcb6457640046f"><code>c48da13</code></a>
http2: fix TestServerContinuationFlood flakes</li>
<li><a
href="https://github.com/golang/net/commit/762b58d1cf6e0779780decad89c6c1523386638d"><code>762b58d</code></a>
http2: fix tipos in comment</li>
<li><a
href="https://github.com/golang/net/commit/ba872109ef2dc8f1da778651bd1fd3792d0e4587"><code>ba87210</code></a>
http2: close connections when receiving too many headers</li>
<li><a
href="https://github.com/golang/net/commit/ebc8168ac8ac742194df729305175940790c55a2"><code>ebc8168</code></a>
all: fix some typos</li>
<li><a
href="https://github.com/golang/net/commit/3678185f8a652e52864c44049a9ea96b7bcc066a"><code>3678185</code></a>
http2: make TestCanonicalHeaderCacheGrowth faster</li>
<li><a
href="https://github.com/golang/net/commit/448c44f9287b6745f958d74aa2a17ec7761c2f13"><code>448c44f</code></a>
http2: remove clientTester</li>
<li><a
href="https://github.com/golang/net/commit/c7877ac4213b2f859831366f5a35b353e0dc9f66"><code>c7877ac</code></a>
http2: convert the remaining clientTester tests to testClientConn</li>
<li><a
href="https://github.com/golang/net/commit/d8870b0bf2f2426fc8d19a9332f652da5c25418f"><code>d8870b0</code></a>
http2: use synthetic time in TestIdleConnTimeout</li>
<li><a
href="https://github.com/golang/net/commit/d73acffdc9493532acb85777105bb4a351eea702"><code>d73acff</code></a>
http2: only set up deadline when Server.IdleTimeout is positive</li>
<li><a
href="https://github.com/golang/net/commit/89f602b7bbf237abe0467031a18b42fc742ced08"><code>89f602b</code></a>
http2: validate client/outgoing trailers</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/net/compare/v0.21.0...v0.23.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
|
|
Fixes #2504
A few issues with the previous iteration:
- We never returned `inaccessible_children`, which (if I read the code
correctly), made Synapse raise an error and thus not returning the
requested rooms
- For restricted rooms, we didn't return the list of allowed rooms
|
|
24.0.9+incompatible (#3341)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
24.0.7+incompatible to 24.0.9+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v24.0.9</h2>
<h2>24.0.9</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.9">docker/cli,
24.0.9 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.9">moby/moby,
24.0.9 milestone</a></li>
</ul>
<h2>Security</h2>
<p>This release contains security fixes for the following CVEs affecting
Docker Engine and its components.</p>
<table>
<thead>
<tr>
<th>CVE</th>
<th>Component</th>
<th>Fix version</th>
<th>Severity</th>
</tr>
</thead>
<tbody>
<tr>
<td><a
href="https://scout.docker.com/v/CVE-2024-21626">CVE-2024-21626</a></td>
<td>runc</td>
<td>1.1.12</td>
<td>High, CVSS 8.6</td>
</tr>
<tr>
<td><a
href="https://scout.docker.com/v/CVE-2024-24557">CVE-2024-24557</a></td>
<td>Docker Engine</td>
<td>24.0.9</td>
<td>Medium, CVSS 6.9</td>
</tr>
</tbody>
</table>
<blockquote>
<p><strong>Important</strong> ⚠️</p>
<p>Note that this release of Docker Engine doesn't include fixes for the
following known vulnerabilities in BuildKit:</p>
<ul>
<li><a
href="https://scout.docker.com/v/CVE-2024-23651">CVE-2024-23651</a></li>
<li><a
href="https://scout.docker.com/v/CVE-2024-23652">CVE-2024-23652</a></li>
<li><a
href="https://scout.docker.com/v/CVE-2024-23653">CVE-2024-23653</a></li>
<li><a
href="https://scout.docker.com/v/CVE-2024-23650">CVE-2024-23650</a></li>
</ul>
<p>To address these vulnerabilities, upgrade to <a
href="https://github.com/docker/docker/blob/HEAD/25.0.md#2502">Docker
Engine v25.0.2</a>.</p>
</blockquote>
<p>For more information about the security issues addressed in this
release, and the unaddressed vulnerabilities in BuildKit, refer to the
<a
href="https://www.docker.com/blog/docker-security-advisory-multiple-vulnerabilities-in-runc-buildkit-and-moby/">blog
post</a>. For details about each vulnerability, see the relevant
security advisory:</p>
<ul>
<li><a
href="https://github.com/opencontainers/runc/security/advisories/GHSA-xr7r-f8xq-vfvv">CVE-2024-21626</a></li>
<li><a
href="https://github.com/moby/moby/security/advisories/GHSA-xw73-rw38-6vjc">CVE-2024-24557</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Upgrade runc to <a
href="https://github.com/opencontainers/runc/releases/tag/v1.1.12">v1.1.12</a>.
<a
href="https://redirect.github.com/moby/moby/pull/47269">moby/moby#47269</a></li>
<li>Upgrade containerd to <a
href="https://github.com/containerd/containerd/releases/tag/v1.7.13">v1.7.13</a>
(static binaries only). <a
href="https://redirect.github.com/moby/moby/pull/47280">moby/moby#47280</a></li>
</ul>
<h2>v24.0.8</h2>
<h2>24.0.8</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.8">docker/cli,
24.0.8 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.8">moby/moby,
24.0.8 milestone</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Live restore: Containers with auto remove (<code>docker run
--rm</code>) are no longer forcibly removed on engine restart. <a
href="https://redirect.github.com/moby/moby/pull/46869">moby/moby#46857</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/fca702de7f71362c8d103073c7e4a1d0a467fadd"><code>fca702d</code></a>
Merge pull request from GHSA-xw73-rw38-6vjc</li>
<li><a
href="https://github.com/moby/moby/commit/f78a7726d747847e443a5a5a4b4ad8ab31d87d78"><code>f78a772</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47281">#47281</a>
from thaJeztah/24.0_backport_bump_containerd_binary...</li>
<li><a
href="https://github.com/moby/moby/commit/61afffeeb3d4264db7a697ca8bd3d25824bee182"><code>61afffe</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47270">#47270</a>
from thaJeztah/24.0_backport_bump_runc_binary_1.1.12</li>
<li><a
href="https://github.com/moby/moby/commit/b38e74c4e095d584e21576e9cc43a355446e5b71"><code>b38e74c</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47276">#47276</a>
from thaJeztah/24.0_backport_bump_runc_1.1.12</li>
<li><a
href="https://github.com/moby/moby/commit/dac56638adccd215bae6cc23146f29e4697e1e98"><code>dac5663</code></a>
update containerd binary to v1.7.13</li>
<li><a
href="https://github.com/moby/moby/commit/20e1af361628a31afd1af58d25cd6ea4e495669f"><code>20e1af3</code></a>
vendor: github.com/opencontainers/runc v1.1.12</li>
<li><a
href="https://github.com/moby/moby/commit/858919d39968c687de3afb0a0a3a212d60ef2a99"><code>858919d</code></a>
update runc binary to v1.1.12</li>
<li><a
href="https://github.com/moby/moby/commit/141ad39e38a9a44b7487933d74815863c2c588e6"><code>141ad39</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47266">#47266</a>
from vvoland/ci-fix-makeps1-templatefail-24</li>
<li><a
href="https://github.com/moby/moby/commit/db968c672bcd6eeed09a0ad35cac843a5ffe7e48"><code>db968c6</code></a>
hack/make.ps1: Fix go list pattern</li>
<li><a
href="https://github.com/moby/moby/commit/61c51fbb5aeb648eb5f97704b8c75be3ccf1c9a0"><code>61c51fb</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/47221">#47221</a>
from vvoland/pkg-pools-close-noop-24</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v24.0.7...v24.0.9">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps google.golang.org/protobuf from 1.30.0 to 1.33.0.
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
If I didn't miss anything, this should add fixes from:
https://github.com/matrix-org/gomatrixserverlib/pull/424
https://github.com/matrix-org/gomatrixserverlib/pull/426
https://github.com/matrix-org/gomatrixserverlib/pull/427
https://github.com/matrix-org/gomatrixserverlib/pull/428
https://github.com/matrix-org/gomatrixserverlib/pull/429
https://github.com/matrix-org/gomatrixserverlib/pull/430
|
|
Bumps [github.com/quic-go/quic-go](https://github.com/quic-go/quic-go)
from 0.37.4 to 0.37.7.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/quic-go/quic-go/releases">github.com/quic-go/quic-go's
releases</a>.</em></p>
<blockquote>
<h2>v0.37.7</h2>
<p>This release contains fixes for the Honeybadger vulnerability
(CVE-2023-49295):</p>
<ul>
<li>limit the number of queued PATH_RESPONSE frames to 256 (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4199">#4199</a>)</li>
<li>don't retransmit PATH_CHALLENGE and PATH_RESPONSE frames (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4200">#4200</a>)</li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/quic-go/quic-go/compare/v0.37.6...v0.37.7">https://github.com/quic-go/quic-go/compare/v0.37.6...v0.37.7</a></p>
<h2>v0.37.6</h2>
<p>This patch release contains a backport of <a
href="https://redirect.github.com/quic-go/quic-go/pull/4038">quic-go/quic-go#4038</a>.</p>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/quic-go/quic-go/compare/v0.37.5...v0.37.6">https://github.com/quic-go/quic-go/compare/v0.37.5...v0.37.6</a></p>
<h2>v0.37.5</h2>
<p>This patch release contains the backport of 3 fixes:</p>
<ul>
<li>fix handshake failure if <code>tls.Config.SessionTicketDisabled =
false</code>, but <code>tls.Config.GetConfigForClient</code> returns a
config that disables session tickets: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4030">#4030</a></li>
<li>use the correct hash function for TLS_AES_256_GCM_SHA384: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4031">#4031</a></li>
<li>automatically set the <code>tls.Config.ServerName</code>: <a
href="https://redirect.github.com/quic-go/quic-go/issues/4032">#4032</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/quic-go/quic-go/compare/v0.37.4...v0.37.5">https://github.com/quic-go/quic-go/compare/v0.37.4...v0.37.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/quic-go/quic-go/commit/21609ddfeff93668c7625a85eb09f1541fdad965"><code>21609dd</code></a>
don't retransmit PATH_CHALLENGE and PATH_RESPONSE frames (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4200">#4200</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/d7aa627ebde91cf799ada2a07443faa9b1e5abb8"><code>d7aa627</code></a>
limit the number of queued PATH_RESPONSE frames to 256 (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4199">#4199</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/e2c360ceec4689af76720ce79d3c2aeb1569694f"><code>e2c360c</code></a>
reassemble post-handshake TLS messages before passing them to crypto/tls
(<a
href="https://redirect.github.com/quic-go/quic-go/issues/4038">#4038</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/e9f7f460bc7941a4cee7e516098ba44d5a98471c"><code>e9f7f46</code></a>
automatically set the tls.Config.ServerName if unset (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4032">#4032</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/12d84c419609571bed143ca5174b23986efee1a4"><code>12d84c4</code></a>
handshake: use the correct hash function for TLS_AES_256_GCM_SHA384 (<a
href="https://redirect.github.com/quic-go/quic-go/issues/4031">#4031</a>)</li>
<li><a
href="https://github.com/quic-go/quic-go/commit/b1635df2f55e0b75548ba7a1a42ec7f181e0e14c"><code>b1635df</code></a>
ignore QUICConn.SendSessionTicket error if session tickets are disabled
(<a
href="https://redirect.github.com/quic-go/quic-go/issues/4030">#4030</a>)</li>
<li>See full diff in <a
href="https://github.com/quic-go/quic-go/compare/v0.37.4...v0.37.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [golang.org/x/crypto](https://github.com/golang/crypto) from
0.14.0 to 0.17.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/crypto/commit/9d2ee975ef9fe627bf0a6f01c1f69e8ef1d4f05d"><code>9d2ee97</code></a>
ssh: implement strict KEX protocol changes</li>
<li><a
href="https://github.com/golang/crypto/commit/4e5a26183ecb4f9a0f85c8f8dbe7982885435436"><code>4e5a261</code></a>
ssh: close net.Conn on all NewServerConn errors</li>
<li><a
href="https://github.com/golang/crypto/commit/152cdb1503ebc13bc0fbb68f92ee189ebf9e3d00"><code>152cdb1</code></a>
x509roots/fallback: update bundle</li>
<li><a
href="https://github.com/golang/crypto/commit/fdfe1f8531a1adcc300c8eba98cb372044826d62"><code>fdfe1f8</code></a>
ssh: defer channel window adjustment</li>
<li><a
href="https://github.com/golang/crypto/commit/b8ffc16e10063067bac0e15c6d7f7995937503ce"><code>b8ffc16</code></a>
blake2b: drop Go 1.6, Go 1.8 compatibility</li>
<li><a
href="https://github.com/golang/crypto/commit/7e6fbd82c804e1760feb603fe21caecb0af0a124"><code>7e6fbd8</code></a>
ssh: wrap errors from client handshake</li>
<li><a
href="https://github.com/golang/crypto/commit/bda2f3f5cfce3f27039acccd823693f6d67c2a74"><code>bda2f3f</code></a>
argon2: avoid clobbering BP</li>
<li><a
href="https://github.com/golang/crypto/commit/325b735346247f48971d2b37d24dd180a35f391f"><code>325b735</code></a>
ssh/test: skip TestSSHCLIAuth on Windows</li>
<li><a
href="https://github.com/golang/crypto/commit/1eadac50a566dfaa1b603ca15e8ad3cbd1c77b20"><code>1eadac5</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/crypto/commit/b2d7c26edb17864f117d8b0ee73c1843bcc6090f"><code>b2d7c26</code></a>
ssh: add (*Client).DialContext method</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/crypto/compare/v0.14.0...v0.17.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Fixes https://github.com/matrix-org/dendrite/issues/3240 and potentially
a root cause for state resets.
While testing, I've had added some more debug logging:
```
time="2023-12-16T18:13:11.319458084Z" level=warning msg="already processed event" event_id="$qFYMl_F2vb1N0yxmvlFAMhqhGhLKq4kA-o_YCQKH7tQ" kind=KindNew times=2
time="2023-12-16T18:13:14.537389126Z" level=warning msg="already processed event" event_id="$EU-LTsKErT6Mt1k12-p_3xOHfiLaK6gtwVDlZ35lSuo" kind=KindNew times=5
time="2023-12-16T18:13:16.789551206Z" level=warning msg="already processed event" event_id="$dIPuAfTL5x0VyG873LKPslQeljCSxFT1WKxUtjIMUGE" kind=KindNew times=5
time="2023-12-16T18:13:17.383838767Z" level=warning msg="already processed event" event_id="$7noSZiCkzerpkz_UBO3iatpRnaOiPx-3IXc0GPDQVGE" kind=KindNew times=2
time="2023-12-16T18:13:22.091946597Z" level=warning msg="already processed event" event_id="$3Lvo3Wbi2ol9-nNbQ93N-E2MuGQCJZo5397KkFH-W6E" kind=KindNew times=1
time="2023-12-16T18:13:23.026417446Z" level=warning msg="already processed event" event_id="$lj1xS46zsLBCChhKOLJEG-bu7z-_pq9i_Y2DUIjzGy4" kind=KindNew times=4
```
So we did receive the same event over and over again. Given they are
`KindNew`, we don't short circuit if we already processed them, which
potentially caused the state to be calculated with a now wrong state
snapshot.
Also fixes the back pressure metric. We now correctly increment the
counter once we sent the message to NATS and decrement it once we
actually processed an event.
|
|
|
|
|
|
Bumps [golang.org/x/image](https://github.com/golang/image) from 0.5.0
to 0.10.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/image/commit/cb227cd2c919b27c6206fe0c1041a8bcc677949d"><code>cb227cd</code></a>
tiff: limit work when decoding malicious images</li>
<li><a
href="https://github.com/golang/image/commit/a5392f068b20c5126e356d1987f3eb74fffe1af2"><code>a5392f0</code></a>
bmp: support to decode 8-bit format with up to 256 color palette</li>
<li><a
href="https://github.com/golang/image/commit/f9550b04a5344792f1e5e5f9fbe8f5e87423f19e"><code>f9550b0</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/81c166c49c1d18a6e9a5f659b646eb300013ccd0"><code>81c166c</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/ed5dba0ea28f9438e4dac0320f7d9bb2fddd9737"><code>ed5dba0</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/08ca817286cef4a50486ff2dc212ec148ff956ae"><code>08ca817</code></a>
font: have Glyph return !ok for U+FFFD substitute</li>
<li><a
href="https://github.com/golang/image/commit/b6ac75bc5918c3a0a2200faa20aedebc76d5b349"><code>b6ac75b</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/image/commit/1b7441254c9a43adda43ffcf12d7add0f1df0191"><code>1b74412</code></a>
font/sfnt: set type for all NameID constants</li>
<li><a
href="https://github.com/golang/image/commit/f632f7f87ca2653b091bcaab6d048f5799b841c9"><code>f632f7f</code></a>
tiff, tiff/lzw, vector: use single space in comments</li>
<li>See full diff in <a
href="https://github.com/golang/image/compare/v0.5.0...v0.10.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Bumps [github.com/nats-io/nkeys](https://github.com/nats-io/nkeys) from
0.4.4 to 0.4.6.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nats-io/nkeys/releases">github.com/nats-io/nkeys's
releases</a>.</em></p>
<blockquote>
<h2>v0.4.5</h2>
<h2>What's Changed</h2>
<ul>
<li>[CI] bump staticcheck GHAction by <a
href="https://github.com/philpennock"><code>@philpennock</code></a> in
<a
href="https://redirect.github.com/nats-io/nkeys/pull/49">nats-io/nkeys#49</a></li>
<li>[FIX] added windows binary by <a
href="https://github.com/aricart"><code>@aricart</code></a> in <a
href="https://redirect.github.com/nats-io/nkeys/pull/51">nats-io/nkeys#51</a></li>
<li>[FIX] YAML Enginering: quote go-version string by <a
href="https://github.com/philpennock"><code>@philpennock</code></a> in
<a
href="https://redirect.github.com/nats-io/nkeys/pull/53">nats-io/nkeys#53</a></li>
<li>[FEAT] Use readKeyFile to read both seed file and public key file by
<a href="https://github.com/nanjj"><code>@nanjj</code></a> in <a
href="https://redirect.github.com/nats-io/nkeys/pull/54">nats-io/nkeys#54</a></li>
<li>[FEAT] Made <code>decode</code> a little fast by <a
href="https://github.com/nanjj"><code>@nanjj</code></a> in <a
href="https://redirect.github.com/nats-io/nkeys/pull/55">nats-io/nkeys#55</a></li>
<li>[REPO] Add issue forms by <a
href="https://github.com/bruth"><code>@bruth</code></a> in <a
href="https://redirect.github.com/nats-io/nkeys/pull/56">nats-io/nkeys#56</a></li>
<li>[FIX] added binaries to match nats-server by <a
href="https://github.com/aricart"><code>@aricart</code></a> in <a
href="https://redirect.github.com/nats-io/nkeys/pull/58">nats-io/nkeys#58</a></li>
</ul>
<p><strong>Full Changelog</strong>: <a
href="https://github.com/nats-io/nkeys/compare/v0.4.4...v0.4.5">https://github.com/nats-io/nkeys/compare/v0.4.4...v0.4.5</a></p>
</blockquote>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nats-io/nkeys/commit/62e5d8c7c4af84283b6535bcbf1300ab25b45e2d"><code>62e5d8c</code></a>
Merge pull request <a
href="https://redirect.github.com/nats-io/nkeys/issues/60">#60</a> from
nats-io/0_4_6</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/f63761b84d5972c999c240c4326a13fac17f0249"><code>f63761b</code></a>
[BUMP] release version and dependencies</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/d2e442ebad85f339de307598dab4f461e0eb1603"><code>d2e442e</code></a>
Merge pull request <a
href="https://redirect.github.com/nats-io/nkeys/issues/59">#59</a> from
nats-io/empty</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/58fb9d69f42ea73fffad1d14e5914dc666f3daa1"><code>58fb9d6</code></a>
Make sure to use byte slice to receive proper copy, otherwise empty
public ke...</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/3e454c8ca12e8e8a15d4c058d380e1ec31399597"><code>3e454c8</code></a>
Merge pull request <a
href="https://redirect.github.com/nats-io/nkeys/issues/58">#58</a> from
nats-io/arch-bins</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/53c07776673181060a391c9c7571a59f9c9412ac"><code>53c0777</code></a>
bump go to 1.21.x</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/d9358349661a09625246f07ba1c740fc41b63335"><code>d935834</code></a>
bump version number</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/6b488b30789ff698e14eee0c6e3d1ab9c33638ec"><code>6b488b3</code></a>
[FIX] added binaries to match nats-server</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/9fb41511a902119995e7bc5df543d8091133be68"><code>9fb4151</code></a>
Merge pull request <a
href="https://redirect.github.com/nats-io/nkeys/issues/56">#56</a> from
nats-io/add-issue-forms</li>
<li><a
href="https://github.com/nats-io/nkeys/commit/4647ec0912596d816de574fdf641f94b576601e0"><code>4647ec0</code></a>
Fix issue config discussions link</li>
<li>Additional commits viewable in <a
href="https://github.com/nats-io/nkeys/compare/v0.4.4...v0.4.6">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
24.0.7+incompatible (#3250)
Bumps [github.com/docker/docker](https://github.com/docker/docker) from
24.0.5+incompatible to 24.0.7+incompatible.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/docker/docker/releases">github.com/docker/docker's
releases</a>.</em></p>
<blockquote>
<h2>v24.0.7</h2>
<h2>24.0.7</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.7">docker/cli,
24.0.7 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.7">moby/moby,
24.0.7 milestone</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>Write overlay2 layer metadata atomically. <a
href="https://redirect.github.com/moby/moby/pull/46703">moby/moby#46703</a></li>
<li>Fix "Rootful-in-Rootless" Docker-in-Docker on systemd
version 250 and later. <a
href="https://redirect.github.com/moby/moby/pull/46626">moby/moby#46626</a></li>
<li>Fix <code>dockerd-rootless-setuptools.sh</code> when username
contains a backslash. <a
href="https://redirect.github.com/moby/moby/pull/46407">moby/moby#46407</a></li>
<li>Fix a bug that would prevent network sandboxes to be fully deleted
when stopping containers with no network attachments and when
<code>dockerd --bridge=none</code> is used. <a
href="https://redirect.github.com/moby/moby/pull/46702">moby/moby#46702</a></li>
<li>Fix a bug where cancelling an API request could interrupt container
restart. <a
href="https://redirect.github.com/moby/moby/pull/46697">moby/moby#46697</a></li>
<li>Fix an issue where containers would fail to start when providing
<code>--ip-range</code> with a range larger than the subnet. <a
href="https://redirect.github.com/docker/for-mac/issues/6870">docker/for-mac#6870</a></li>
<li>Fix data corruption with zstd output. <a
href="https://redirect.github.com/moby/moby/pull/46709">moby/moby#46709</a></li>
<li>Fix the conditions under which the container's MAC address is
applied. <a
href="https://redirect.github.com/moby/moby/pull/46478">moby/moby#46478</a></li>
<li>Improve the performance of the stats collector. <a
href="https://redirect.github.com/moby/moby/pull/46448">moby/moby#46448</a></li>
<li>Fix an issue with source policy rules ending up in the wrong order.
<a
href="https://redirect.github.com/moby/moby/pull/46441">moby/moby#46441</a></li>
</ul>
<h3>Packaging updates</h3>
<ul>
<li>Add support for Fedora 39 and Ubuntu 23.10. <a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/940">docker/docker-ce-packaging#940</a>,
<a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/955">docker/docker-ce-packaging#955</a></li>
<li>Fix <code>docker.socket</code> not getting disabled when
uninstalling the <code>docker-ce</code> RPM package. <a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/852">docker/docker-ce-packaging#852</a></li>
<li>Upgrade Go to <code>go1.20.10</code>. <a
href="https://redirect.github.com/docker/docker-ce-packaging/pull/951">docker/docker-ce-packaging#951</a></li>
<li>Upgrade containerd to <code>v1.7.6</code> (static binaries only). <a
href="https://redirect.github.com/moby/moby/pull/46103">moby/moby#46103</a></li>
<li>Upgrade the <code>containerd.io</code> package to <a
href="https://github.com/containerd/containerd/releases/tag/v1.6.24"><code>v1.6.24</code></a>.</li>
</ul>
<h3>Security</h3>
<ul>
<li>Deny containers access to <code>/sys/devices/virtual/powercap</code>
by default. This change hardens against <a
href="https://scout.docker.com/v/CVE-2020-8694">CVE-2020-8694</a>, <a
href="https://scout.docker.com/v/CVE-2020-8695">CVE-2020-8695</a>, and
<a href="https://scout.docker.com/v/CVE-2020-12912">CVE-2020-12912</a>,
and an attack known as <a href="https://platypusattack.com/">the
PLATYPUS attack</a>. For more details, see <a
href="https://github.com/moby/moby/security/advisories/GHSA-jq35-85cj-fj4p">advisory</a>,
<a
href="https://github.com/moby/moby/commit/c9ccbfad11a60e703e91b6cca4f48927828c7e35">commit</a>.</li>
</ul>
<h2>v24.0.6</h2>
<h2>24.0.6</h2>
<p>For a full list of pull requests and changes in this release, refer
to the relevant GitHub milestones:</p>
<ul>
<li><a
href="https://github.com/docker/cli/issues?q=is%3Aclosed+milestone%3A24.0.6">docker/cli,
24.0.6 milestone</a></li>
<li><a
href="https://github.com/moby/moby/issues?q=is%3Aclosed+milestone%3A24.0.6">moby/moby,
24.0.6 milestone</a></li>
</ul>
<h3>Bug fixes and enhancements</h3>
<ul>
<li>containerd storage backend: Fix <code>docker ps</code> failing when
a container image is no longer present in the content store. <a
href="https://redirect.github.com/moby/moby/pull/46095">moby/moby#46095</a></li>
<li>containerd storage backend: Fix <code>docker ps -s -a</code> and
<code>docker container prune</code> failing when a container image
config is no longer present in the content store. <a
href="https://redirect.github.com/moby/moby/pull/46097">moby/moby#46097</a></li>
<li>containerd storage backend: Fix <code>docker inspect</code> failing
when a container image config is no longer (or was never) present in the
content store. <a
href="https://redirect.github.com/moby/moby/pull/46244">moby/moby#46244</a></li>
<li>containerd storage backend: Fix diff and export with the
<code>overlayfs</code> snapshotter by using reference-counted rootfs
mounts. <a
href="https://redirect.github.com/moby/moby/pull/46266">moby/moby#46266</a></li>
<li>containerd storage backend: Fix a misleading error message when the
image platforms available locally do not match the desired platform. <a
href="https://redirect.github.com/moby/moby/pull/46300">moby/moby#46300</a></li>
<li>containerd storage backend: Fix the <code>FROM scratch</code>
Dockerfile instruction with the classic builder. <a
href="https://redirect.github.com/moby/moby/pull/46302">moby/moby#46302</a></li>
<li>containerd storage backend: Fix <code>mismatched image rootfs and
manifest layers</code> errors with the classic builder. <a
href="https://redirect.github.com/moby/moby/pull/46310">moby/moby#46310</a></li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/moby/moby/commit/311b9ff0aa93aa55880e1e5f8871c4fb69583426"><code>311b9ff</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/46697">#46697</a>
from thaJeztah/24.0_backport_restart_nocancel</li>
<li><a
href="https://github.com/moby/moby/commit/af608045eef0b87f31a24d21fb7af80de76134aa"><code>af60804</code></a>
Merge pull request from GHSA-jq35-85cj-fj4p</li>
<li><a
href="https://github.com/moby/moby/commit/3cf363e1ee33fe00dbedfdb7d6caf299990d5568"><code>3cf363e</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/46709">#46709</a>
from thaJeztah/24.0_backport_bump_compress</li>
<li><a
href="https://github.com/moby/moby/commit/05d7386665793b7f8398eb80b4e85adff5486035"><code>05d7386</code></a>
daemon: daemon.containerRestart: don't cancel restart on context
cancel</li>
<li><a
href="https://github.com/moby/moby/commit/649c9440f28c7334ee5c9f17889448a81dcc8729"><code>649c944</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/46703">#46703</a>
from thaJeztah/24.0_backport_atomic-layer-data-write</li>
<li><a
href="https://github.com/moby/moby/commit/9b20b1a5fe0919a79cc15f6a3f331f2cdae0a37a"><code>9b20b1a</code></a>
Merge pull request <a
href="https://redirect.github.com/docker/docker/issues/46702">#46702</a>
from thaJeztah/24.0_backport_releaseNetwork_Network...</li>
<li><a
href="https://github.com/moby/moby/commit/dd37b0b960ec4d3da0ca2efe78fa47484d4c6380"><code>dd37b0b</code></a>
vendor: github.com/klauspost/compress v1.17.2</li>
<li><a
href="https://github.com/moby/moby/commit/7058c0d24da8ac9267e52224b6a3beaa24ce5e9f"><code>7058c0d</code></a>
vendor: github.com/klauspost/compress v1.16.5</li>
<li><a
href="https://github.com/moby/moby/commit/57bd38858262922b86ceea37770536ff535fa2af"><code>57bd388</code></a>
daemon: overlay2: Write layer metadata atomically</li>
<li><a
href="https://github.com/moby/moby/commit/05d95fd5038a8a56ff69294a3bdd33b2d2769ba3"><code>05d95fd</code></a>
daemon: release sandbox even when NetworkDisabled</li>
<li>Additional commits viewable in <a
href="https://github.com/docker/docker/compare/v24.0.5...v24.0.7">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Companion PR to https://github.com/matrix-org/gomatrixserverlib/pull/421
|
|
Bumps
[github.com/nats-io/nats-server/v2](https://github.com/nats-io/nats-server)
from 2.9.19 to 2.9.23.
<details>
<summary>Release notes</summary>
<p><em>Sourced from <a
href="https://github.com/nats-io/nats-server/releases">github.com/nats-io/nats-server/v2's
releases</a>.</em></p>
<blockquote>
<h2>Release v2.9.23</h2>
<h2>Changelog</h2>
<h3>Go Version</h3>
<ul>
<li>1.20.10</li>
</ul>
<h3>Fixed</h3>
<p>Accounts</p>
<ul>
<li>Prevent bypassing authorization block when enabling system account
access in accounts block (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4605">#4605</a>).
Backport from v2.10.2</li>
</ul>
<p>Leafnodes</p>
<ul>
<li>Prevent a leafnode cluster from receiving a message multiple times
in a queue subscription (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4578">#4578</a>).
Backport from v2.10.2</li>
</ul>
<p>JetStream</p>
<ul>
<li>Hold lock when calculating the first message for subject in a
message block (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4531">#4531</a>).
Backport from v2.10.0</li>
<li>Add self-healing mechanism to detect and delete orphaned Raft groups
(<a
href="https://redirect.github.com/nats-io/nats-server/issues/4647">#4647</a>).
Backport from v2.10.0</li>
<li>Prevent forward proposals in consumers after scaling down a stream
(<a
href="https://redirect.github.com/nats-io/nats-server/issues/4647">#4647</a>).
Backport from v2.10.0</li>
<li>Fix race condition during leader failover scenarios resulting in
potential duplicate messages being sourced (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4592">#4592</a>).
Backport from v2.10.2</li>
</ul>
<h3>Complete Changes</h3>
<p><a
href="https://github.com/nats-io/nats-server/compare/v2.9.22...v2.9.23">https://github.com/nats-io/nats-server/compare/v2.9.22...v2.9.23</a></p>
<h2>Release v2.9.22</h2>
<h2>Changelog</h2>
<h3>Go Version</h3>
<ul>
<li>1.20.8 (updated out-of-cycle since Go 1.19 is now EOL)</li>
</ul>
<h3>Dependencies</h3>
<ul>
<li>github.com/nats-io/jwt/v2 v2.5.0</li>
<li>golang.org/x/crypto v0.12.0</li>
<li>golang.org/x/sys v0.11.0</li>
</ul>
<h3>Improved</h3>
<p>Monitoring</p>
<ul>
<li>CORS Allow-Origin passthrough for monitoring server (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4423">#4423</a>)
Thanks to <a href="https://github.com/mdawar"><code>@mdawar</code></a>
for the contribution!</li>
</ul>
<p>JetStream</p>
<ul>
<li>Improve consumer scaling reliability with filters and cluster
restart (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4404">#4404</a>)</li>
<li>Send event on lame duck mode (LDM) to avoid placing assets on
shutting down nodes (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4405">#4405</a>)</li>
<li>Skip filestore tombstones if downgrade from 2.10 occurs (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4452">#4452</a>)</li>
<li>Adjust delivered and waiting count when consumer message delivery
fails (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4472">#4472</a>)</li>
</ul>
<h3>Fixed</h3>
<p>Config</p>
<ul>
<li>Allow empty configs and fix JSON compatibility (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4394">#4394</a>,
<a
href="https://redirect.github.com/nats-io/nats-server/issues/4418">#4418</a>)</li>
<li>Remove TLS OCSP debug log on reload (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4453">#4453</a>)</li>
</ul>
<!-- raw HTML omitted -->
</blockquote>
<p>... (truncated)</p>
</details>
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/nats-io/nats-server/commit/45436e1e5021106cebc9d76e6af0779c908b0f7a"><code>45436e1</code></a>
Release v2.9.23 (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4652">#4652</a>)</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/72ffa38b05811e13228dcac3b9cc16e7ca420321"><code>72ffa38</code></a>
Release v2.9.23</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/05fe77fd083936392534c81f609ca9ad7e39011a"><code>05fe77f</code></a>
Backport <a
href="https://redirect.github.com/nats-io/nats-server/issues/4592">#4592</a>
to 2.9 (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4651">#4651</a>)</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/6a73e6824a4cfbc187727cad522879d7464878e4"><code>6a73e68</code></a>
[2.9.x] Bump Travis Go version to 1.20.10 (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4650">#4650</a>)</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/8b981a26216eb0d8b06fdc65e3012d668510d547"><code>8b981a2</code></a>
Backports from v2.10 for v2.9.23 release (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4647">#4647</a>)</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/28eb7c0ac2fec792c9223001445f3befc5de55c3"><code>28eb7c0</code></a>
Only setup auto no-auth for $G account iff no authorization block was
defined.</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/9f16edd4314c5f469791929cb3949c4a81ef24d3"><code>9f16edd</code></a>
Make sure to not forward a message across a route for dq sub when we are
a sp...</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/0ac7895b983a4dbb12f28bd680abbc028a643439"><code>0ac7895</code></a>
Add in utility to detect and delete any NRG orphans.</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/50722e9ec10de8d3cdafda12c8aadd724ff8e23b"><code>50722e9</code></a>
When scaling a consumer down make sure to pop the
loopAndForwardProposals go ...</li>
<li><a
href="https://github.com/nats-io/nats-server/commit/770cf2edd6b82877f98becdf4324b93f051fe136"><code>770cf2e</code></a>
Backport JetStream benchmarks improvements to 2.9.x (<a
href="https://redirect.github.com/nats-io/nats-server/issues/4644">#4644</a>)</li>
<li>Additional commits viewable in <a
href="https://github.com/nats-io/nats-server/compare/v2.9.19...v2.9.23">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: Till <2353100+S7evinK@users.noreply.github.com>
|
|
Needs https://github.com/matrix-org/gomatrixserverlib/pull/419
May fix: https://github.com/matrix-org/dendrite/issues/2508,
https://github.com/matrix-org/dendrite/issues/1760
|
|
Bumps [golang.org/x/net](https://github.com/golang/net) from 0.14.0 to
0.17.0.
<details>
<summary>Commits</summary>
<ul>
<li><a
href="https://github.com/golang/net/commit/b225e7ca6dde1ef5a5ae5ce922861bda011cfabd"><code>b225e7c</code></a>
http2: limit maximum handler goroutines to MaxConcurrentStreams</li>
<li><a
href="https://github.com/golang/net/commit/88194ad8ab44a02ea952c169883c3f57db6cf9f4"><code>88194ad</code></a>
go.mod: update golang.org/x dependencies</li>
<li><a
href="https://github.com/golang/net/commit/2b60a61f1e4cf3a5ecded0bd7e77ea168289e6de"><code>2b60a61</code></a>
quic: fix several bugs in flow control accounting</li>
<li><a
href="https://github.com/golang/net/commit/73d82efb96cacc0c378bc150b56675fc191894b9"><code>73d82ef</code></a>
quic: handle DATA_BLOCKED frames</li>
<li><a
href="https://github.com/golang/net/commit/5d5a036a503f8accd748f7453c0162115187be13"><code>5d5a036</code></a>
quic: handle streams moving from the data queue to the meta queue</li>
<li><a
href="https://github.com/golang/net/commit/350aad2603e57013fafb1a9e2089a382fe67dc80"><code>350aad2</code></a>
quic: correctly extend peer's flow control window after MAX_DATA</li>
<li><a
href="https://github.com/golang/net/commit/21814e71db756f39b69fb1a3e06350fa555a79b1"><code>21814e7</code></a>
quic: validate connection id transport parameters</li>
<li><a
href="https://github.com/golang/net/commit/a600b3518eed7a9a4e24380b4b249cb986d9b64d"><code>a600b35</code></a>
quic: avoid redundant MAX_DATA updates</li>
<li><a
href="https://github.com/golang/net/commit/ea633599b58dc6a50d33c7f5438edfaa8bc313df"><code>ea63359</code></a>
http2: check stream body is present on read timeout</li>
<li><a
href="https://github.com/golang/net/commit/ddd8598e5694aa5e966e44573a53e895f6fa5eb2"><code>ddd8598</code></a>
quic: version negotiation</li>
<li>Additional commits viewable in <a
href="https://github.com/golang/net/compare/v0.14.0...v0.17.0">compare
view</a></li>
</ul>
</details>
<br />
[](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores)
Dependabot will resolve any conflicts with this PR as long as you don't
alter it yourself. You can also trigger a rebase manually by commenting
`@dependabot rebase`.
[//]: # (dependabot-automerge-start)
[//]: # (dependabot-automerge-end)
---
<details>
<summary>Dependabot commands and options</summary>
<br />
You can trigger Dependabot actions by commenting on this PR:
- `@dependabot rebase` will rebase this PR
- `@dependabot recreate` will recreate this PR, overwriting any edits
that have been made to it
- `@dependabot merge` will merge this PR after your CI passes on it
- `@dependabot squash and merge` will squash and merge this PR after
your CI passes on it
- `@dependabot cancel merge` will cancel a previously requested merge
and block automerging
- `@dependabot reopen` will reopen this PR if it is closed
- `@dependabot close` will close this PR and stop Dependabot recreating
it. You can achieve the same result by closing it manually
- `@dependabot show <dependency name> ignore conditions` will show all
of the ignore conditions of the specified dependency
- `@dependabot ignore this major version` will close this PR and stop
Dependabot creating any more for this major version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this minor version` will close this PR and stop
Dependabot creating any more for this minor version (unless you reopen
the PR or upgrade to it yourself)
- `@dependabot ignore this dependency` will close this PR and stop
Dependabot creating any more for this dependency (unless you reopen the
PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the
[Security Alerts
page](https://github.com/matrix-org/dendrite/network/alerts).
</details>
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
|
|
Fixes #3203
|
|
|
|
GMSL returns a `spec.RoomID` when calling `PDU.RoomID()`
|
|
In a [previous PR](https://github.com/matrix-org/dendrite/pull/3181) I
accidentally left GMSL on a dev branch, this PR fixes it by bringing it
back to the main branch of GMSL
Signed-off-by: `Sam Wedgwood <sam@wedgwood.dev>`
|
|
|
|
Fixes include:
- Translating state keys that contain user IDs to their respective room
keys for both querying and sending state events
- **NOTE**: there may be design discussion needed on what should happen
when sender keys cannot be found for users
- A simple fix for kicking guests from rooms properly
- Logic for boundary history visibilities was slightly off (I'm
surprised this only manifested in pseudo ID room versions)
Signed-off-by: `Sam Wedgwood <sam@wedgwood.dev>`
|
|
|
|
This PR adds a config key `room_server.default_config_key` to set the
default room version for the room server.
Signed-off-by: `Sam Wedgwood <sam@wedgwood.dev>`
|
|
There are cases where a dendrite instance is unaware of a pseudo ID for
a user, the user is not a member of that room. To represent this case,
we currently use the 'zero' value, which is often not checked and so
causes errors later down the line. To make this case more explict, and
to be consistent with `QueryUserIDForSender`, this PR changes this to
use a pointer (and `nil` to mean no sender ID).
Signed-off-by: `Sam Wedgwood <sam@wedgwood.dev>`
|
|
|
|
- This PR moves and refactors the
[code](https://github.com/matrix-org/dendrite/blob/main/setup/mscs/msc2946/msc2946.go)
for
[MSC2946](https://github.com/matrix-org/matrix-spec-proposals/pull/2946)
('Space Summaries') to integrate it into the rest of the codebase.
- Means space summaries are no longer hidden behind an MSC flag
- Solves #3096
Signed-off-by: Sam Wedgwood <sam@wedgwood.dev>
|
|
|
|
|
|
|
|
This should fix a few issues reported by Sentry
|
|
Companion to https://github.com/matrix-org/gomatrixserverlib/pull/400
This tries to mimic the logic found in Synapse, as dropping events can
break rooms (and we may end up in endless loops..)
|
