Update package version to 1.108.1

| datasource      | package            | from    | to      |
| --------------- | ------------------ | ------- | ------- |
| github-releases | element-hq/synapse | 1.127.0 | 1.127.1 |

CHANGELOG.md

@@ -1372,3 +1372,17 @@
 [1.107.0]
 * Update base image to 5.0.0
 
+[1.108.0]
+* Update synapse to 1.127.0
+* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.127.0)
+* Update MSC4140 implementation to no longer cancel a user's own delayed state events with an event type & state key that match a more recent state event sent by that user. (#17810)
+* Fixed a minor typo in the Synapse documentation. Contributed by @karuto12. (#18224)
+* Remove undocumented SYNAPSE_USE_FROZEN_DICTS environment variable. (#18123)
+* Fix detection of workflow failures in the release script. (#18211)
+* Add caching support to media endpoints. (#18235)
+
+[1.108.1]
+* Update synapse to 1.127.1
+* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.127.1)
+* Fix CVE-2025-30355 / GHSA-v56r-hwv5-mxg6. High severity vulnerability affecting federation. The vulnerability has been exploited in the wild.
+

CloudronManifest.json

@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.107.0",
+  "version": "1.108.1",
-  "upstreamVersion": "1.126.0",
+  "upstreamVersion": "1.127.1",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,

Dockerfile

@@ -8,7 +8,7 @@ WORKDIR /app/code
 RUN python3 -m venv /app/code/env
 
 # renovate: datasource=github-releases depName=element-hq/synapse versioning=semver extractVersion=^v(?<version>.+)$
-ARG SYNAPSE_VERSION=1.126.0
+ARG SYNAPSE_VERSION=1.127.1
 
 # renovate: datasource=github-releases depName=matrix-org/synapse-s3-storage-provider versioning=semver extractVersion=^v(?<version>.+)$
 ARG S3PROVIDER_VERSION=1.5.0

test/package-lock.json

@@ -9,10 +9,10 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "chromedriver": "^134.0.2",
+        "chromedriver": "^134.0.5",
         "expect.js": "^0.3.1",
         "mocha": "^11.1.0",
-        "selenium-webdriver": "^4.29.0"
+        "selenium-webdriver": "^4.30.0"
       }
     },
     "node_modules/@bazel/runfiles": {
@@ -301,9 +301,9 @@
       }
     },
     "node_modules/chromedriver": {
-      "version": "134.0.2",
+      "version": "134.0.5",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-134.0.2.tgz",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-134.0.5.tgz",
-      "integrity": "sha512-r1yIHP0Lo61CdFGjZXITSY2ZGYBS5B/qwOs8NMm0r31qnyS4MAuSmMiIiZKhu+ThxfcT8zPrGPGT6RmM0LWljQ==",
+      "integrity": "sha512-edXbiuShAvH6Elx8Hobl4NQkgNRMIozcW7ZlEiE8TBynZHRazrepO9hfftQzZgztPvjMQiSWeWjZaDV3SecYaw==",
       "hasInstallScript": true,
       "license": "Apache-2.0",
       "dependencies": {
@@ -1451,9 +1451,9 @@
       "license": "MIT"
     },
     "node_modules/selenium-webdriver": {
-      "version": "4.29.0",
+      "version": "4.30.0",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.29.0.tgz",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.30.0.tgz",
-      "integrity": "sha512-8XPGtDoji5xk7ZUCzFT1rqHmCp67DCzESsttId7DzmrJmlTRmRLF6X918rbwclcH89amcBNM4zB3lVPj404I0g==",
+      "integrity": "sha512-3DGtQI/xyAg05SrqzzpFaXRWYL+Kku3fsikCoBaxApKzhBMUX5UiHdPb2je2qKMf2PjJiEFaj0L5xELHYRbYMA==",
       "funding": [
         {
           "type": "github",

test/package.json

@@ -9,9 +9,9 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^134.0.2",
+    "chromedriver": "^134.0.5",
     "expect.js": "^0.3.1",
     "mocha": "^11.1.0",
-    "selenium-webdriver": "^4.29.0"
+    "selenium-webdriver": "^4.30.0"
   }
 }