Update package version to 1.109.0

chore(deps): update dependency element-hq/synapse to v1.128.0
| datasource | package | from | to | | --------------- | ------------------ | ------- | ------- | | github-releases | element-hq/synapse | 1.127.1 | 1.128.0 |
2025-04-09 08:35:30 +00:00 · 2025-04-08 14:32:22 +00:00 · 2025-04-08 10:07:36 +02:00 · 2025-03-27 09:14:49 +00:00 · 2025-03-27 07:19:44 +00:00
6 changed files with 27 additions and 15 deletions
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1381,3 +1381,15 @@
 * Fix detection of workflow failures in the release script. (#18211)
 * Add caching support to media endpoints. (#18235)

+[1.108.1]
+* Update synapse to 1.127.1
+* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.127.1)
+* Fix CVE-2025-30355 / GHSA-v56r-hwv5-mxg6. High severity vulnerability affecting federation. The vulnerability has been exploited in the wild.
+
+[1.109.0]
+* Update synapse to 1.128.0
+* [Full Changelog](https://github.com/element-hq/synapse/releases/tag/v1.128.0)
+* Add an access token introspection cache to make Matrix Authentication Service integration (MSC3861) more efficient. (#18231)
+* Add background job to clear unreferenced state groups. (#18254)
+* Hashes of media files are now tracked by Synapse. Media quarantines will now apply to all files with the same hash. (#18277, #18302, #18296)
+
--- a/CloudronManifest.json
+++ b/CloudronManifest.json
@@ -5,8 +5,8 @@
  "description": "file://DESCRIPTION.md",
  "changelog": "file://CHANGELOG.md",
  "tagline": "Secure & decentralized communication",
-  "version": "1.108.0",
-  "upstreamVersion": "1.127.0",
+  "version": "1.109.0",
+  "upstreamVersion": "1.128.0",
  "healthCheckPath": "/",
  "httpPort": 8008,
  "memoryLimit": 536870912,
--- a/4
+++ b/4
@@ -8,7 +8,7 @@ WORKDIR /app/code
 RUN python3 -m venv /app/code/env

 # renovate: datasource=github-releases depName=element-hq/synapse versioning=semver extractVersion=^v(?<version>.+)$
-ARG SYNAPSE_VERSION=1.127.0
+ARG SYNAPSE_VERSION=1.128.0

 # renovate: datasource=github-releases depName=matrix-org/synapse-s3-storage-provider versioning=semver extractVersion=^v(?<version>.+)$
 ARG S3PROVIDER_VERSION=1.5.0
@@ -23,7 +23,7 @@ RUN curl -L https://publicsuffix.org/list/public_suffix_list.dat -o /app/code/en

 RUN ln -sf /app/data/index.html /app/code/env/lib/python3.12/site-packages/synapse/static/index.html

-RUN chown -R cloudron.cloudron /app/code
+RUN chown -R cloudron:cloudron /app/code

 ADD index.html homeserver.yaml.template start.sh /app/pkg/

--- a/start.sh
+++ b/start.sh
@@ -102,7 +102,7 @@ fi

 # fix permissions
 echo "==> Fixing permissions"
-chown -R cloudron.cloudron /app/data /run/synapse
+chown -R cloudron:cloudron /app/data /run/synapse

 echo "==> Starting synapse"
 exec gosu cloudron:cloudron python3 -m synapse.app.homeserver --config-path /app/data/configs/homeserver.yaml -n
--- a/test/package-lock.json
+++ b/test/package-lock.json
@@ -9,10 +9,10 @@
      "version": "1.0.0",
      "license": "ISC",
      "dependencies": {
-        "chromedriver": "^134.0.5",
+        "chromedriver": "^135.0.0",
        "expect.js": "^0.3.1",
        "mocha": "^11.1.0",
-        "selenium-webdriver": "^4.30.0"
+        "selenium-webdriver": "^4.31.0"
      }
    },
    "node_modules/@bazel/runfiles": {
@@ -301,9 +301,9 @@
      }
    },
    "node_modules/chromedriver": {
-      "version": "134.0.5",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-134.0.5.tgz",
-      "integrity": "sha512-edXbiuShAvH6Elx8Hobl4NQkgNRMIozcW7ZlEiE8TBynZHRazrepO9hfftQzZgztPvjMQiSWeWjZaDV3SecYaw==",
+      "version": "135.0.0",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-135.0.0.tgz",
+      "integrity": "sha512-ilE3cIrIieiRU/a6MNpt0CL0UZs2tu0lQAes+el5SV03MB1zYIEXy+dDeueid/g8AmT1loy7TB2fjWwcHLY8lg==",
      "hasInstallScript": true,
      "license": "Apache-2.0",
      "dependencies": {
@@ -1451,9 +1451,9 @@
      "license": "MIT"
    },
    "node_modules/selenium-webdriver": {
-      "version": "4.30.0",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.30.0.tgz",
-      "integrity": "sha512-3DGtQI/xyAg05SrqzzpFaXRWYL+Kku3fsikCoBaxApKzhBMUX5UiHdPb2je2qKMf2PjJiEFaj0L5xELHYRbYMA==",
+      "version": "4.31.0",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.31.0.tgz",
+      "integrity": "sha512-0MWEwypM0+c1NnZ87UEMxZdwphKoaK2UJ2qXzKWrJiM0gazFjgNVimxlHTOO90G2cOhphZqwpqSCJy62NTEzyA==",
      "funding": [
        {
          "type": "github",
--- a/test/package.json
+++ b/test/package.json
@@ -9,9 +9,9 @@
  "author": "",
  "license": "ISC",
  "dependencies": {
-    "chromedriver": "^134.0.5",
+    "chromedriver": "^135.0.0",
    "expect.js": "^0.3.1",
    "mocha": "^11.1.0",
-    "selenium-webdriver": "^4.30.0"
+    "selenium-webdriver": "^4.31.0"
  }
 }
Author	SHA1	Message	Date
Package Updates	6cfdea8b6d	Update package version to 1.109.0	2025-04-09 08:35:30 +00:00
Renovate Bot	25f398eda9	chore(deps): update dependency element-hq/synapse to v1.128.0 \| datasource \| package \| from \| to \| \| --------------- \| ------------------ \| ------- \| ------- \| \| github-releases \| element-hq/synapse \| 1.127.1 \| 1.128.0 \|	2025-04-08 14:32:22 +00:00
Girish Ramakrishnan	c6be4b9e11	Fix chown usage	2025-04-08 10:07:36 +02:00
Package Updates	f2efa0ace4	Update package version to 1.108.1	2025-03-27 09:14:49 +00:00
Renovate Bot	3efa89f92b	chore(deps): update dependency element-hq/synapse to v1.127.1 \| datasource \| package \| from \| to \| \| --------------- \| ------------------ \| ------- \| ------- \| \| github-releases \| element-hq/synapse \| 1.127.0 \| 1.127.1 \|	2025-03-27 07:19:44 +00:00