Bump version

CHANGELOG.md

@@ -1218,3 +1218,36 @@
 * Fix server notice rooms not always being created as unencrypted rooms, even when encryption_enabled_by_default_for_room_type is in use (server notices are always unencrypted). (#17033)
 * Fix the .m.rule.encrypted_room_one_to_one and .m.rule.room_one_to_one default underride push rules being in the wrong order. Contributed by @Sumpy1. (#17043)
 
+[1.91.2]
+* Update Synapse to 1.105.1
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.105.1)
+* GHSA-3h7q-rfh9-xm4v / CVE-2024-31208 — High Severity . Weakness in auth chain indexing allows DoS from remote room members through disk fill and high CPU usage.
+
+[1.92.0]
+* Update Synapse to 1.106.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.106.0)
+* Send an email if the address is already bound to an user account. (#16819)
+* Implement the rendezvous mechanism described by MSC4108. (#17056)
+* Support delegating the rendezvous mechanism described MSC4108 to an external implementation. (#17086)
+* Add validation to ensure that the limit parameter on /publicRooms is non-negative. (#16920)
+* Return 400 M_NOT_JSON upon receiving invalid JSON in query parameters across various client and admin endpoints, rather than an internal server error. (#16923)
+* Make the CSAPI endpoint /keys/device_signing/upload idempotent. (#16943)
+* Redact membership events if the user requested erasure upon deactivating. (#17076)
+
+[1.93.0]
+* Update Synapse to 1.107.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.107.0)
+
+[1.94.0]
+* Update Synapse to 1.108.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.108.0)
+* Add a feature that allows clients to query the configured federation whitelist. Disabled by default. (#16848, #17199)
+* Add the ability to allow numeric user IDs with a specific prefix when in the CAS flow. Contributed by Aurélien Grimpard. (#17098)
+* Fix bug where push rules would be empty in /sync for some accounts. Introduced in v1.93.0. (#17142)
+* Add support for optional whitespace around the Federation API's Authorization header's parameter commas. (#17145)
+* Fix bug where disabling room publication prevented public rooms being created on workers. (#17177, #17184)
+
+[1.95.0]
+* Update Synapse to 1.109.0
+* [Full changelog](https://github.com/element-hq/synapse/releases/tag/v1.109.0)
+

CloudronManifest.json

@@ -5,8 +5,8 @@
   "description": "file://DESCRIPTION.md",
   "changelog": "file://CHANGELOG.md",
   "tagline": "Secure & decentralized communication",
-  "version": "1.91.1",
+  "version": "1.95.0",
-  "upstreamVersion": "1.105.0",
+  "upstreamVersion": "1.109.0",
   "healthCheckPath": "/",
   "httpPort": 8008,
   "memoryLimit": 536870912,

Dockerfile

@@ -9,7 +9,7 @@ RUN virtualenv -p python3 /app/code/env
 ENV VIRTUAL_ENV=/app/code/env
 ENV PATH="$VIRTUAL_ENV/bin:$PATH"
 
-ARG VERSION=1.105.0
+ARG VERSION=1.109.0
 
 # https://github.com/matrix-org/synapse-s3-storage-provider
 ARG STORAGE_PROVIDER_VERSION=1beb6af95e1f5caedb8e6e7e1cc176cdb2106d37

test/package-lock.json

@@ -9,10 +9,10 @@
       "version": "1.0.0",
       "license": "ISC",
       "dependencies": {
-        "chromedriver": "^123.0.3",
+        "chromedriver": "^126.0.1",
         "expect.js": "^0.3.1",
         "mocha": "^10.4.0",
-        "selenium-webdriver": "^4.19.0"
+        "selenium-webdriver": "^4.21.0"
       }
     },
     "node_modules/@testim/chrome-version": {
@@ -233,9 +233,9 @@
       }
     },
     "node_modules/chromedriver": {
-      "version": "123.0.3",
+      "version": "126.0.1",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-126.0.1.tgz",
-      "integrity": "sha512-35IeTqDLcVR0htF9nD/Lh+g24EG088WHVKXBXiFyWq+2lelnoM0B3tKTBiUEjLng0GnELI4QyQPFK7i97Fz1fQ==",
+      "integrity": "sha512-uV4xIvpPimKmV1/Hn9oX0C57tjsBbVtOeKFX9JzzPYpsu8xiSUAdqa3A8mgZE5DMJKDDoDyDIrA656QncVWRzg==",
       "hasInstallScript": true,
       "dependencies": {
         "@testim/chrome-version": "^1.1.4",
@@ -1175,16 +1175,16 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "node_modules/selenium-webdriver": {
-      "version": "4.19.0",
+      "version": "4.21.0",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.19.0.tgz",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.21.0.tgz",
-      "integrity": "sha512-8XHW8m9V2XN2/SC1kr4bWzMtGvjmKUEZ6S0UBoDBqonhmwEIzKOLbzhanBd08HCOg1s1O0XrDWCD71NnA8Zt0g==",
+      "integrity": "sha512-WaEJHZjOWNth1QG5FEpxpREER0qptZBMonFU6GtAqdCNLJVxbtC3E7oS/I/+Q1sf1W032Wg0Ebk+m46lANOXyQ==",
       "dependencies": {
         "jszip": "^3.10.1",
         "tmp": "^0.2.3",
         "ws": ">=8.16.0"
       },
       "engines": {
-        "node": ">= 14.20.0"
+        "node": ">= 14.21.0"
       }
     },
     "node_modules/serialize-javascript": {
@@ -1644,9 +1644,9 @@
       }
     },
     "chromedriver": {
-      "version": "123.0.3",
+      "version": "126.0.1",
-      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-123.0.3.tgz",
+      "resolved": "https://registry.npmjs.org/chromedriver/-/chromedriver-126.0.1.tgz",
-      "integrity": "sha512-35IeTqDLcVR0htF9nD/Lh+g24EG088WHVKXBXiFyWq+2lelnoM0B3tKTBiUEjLng0GnELI4QyQPFK7i97Fz1fQ==",
+      "integrity": "sha512-uV4xIvpPimKmV1/Hn9oX0C57tjsBbVtOeKFX9JzzPYpsu8xiSUAdqa3A8mgZE5DMJKDDoDyDIrA656QncVWRzg==",
       "requires": {
         "@testim/chrome-version": "^1.1.4",
         "axios": "^1.6.7",
@@ -2327,9 +2327,9 @@
       "integrity": "sha512-Gd2UZBJDkXlY7GbJxfsE8/nvKkUEU1G38c1siN6QP6a9PT9MmHB8GnpscSmMJSoF8LOIrt8ud/wPtojys4G6+g=="
     },
     "selenium-webdriver": {
-      "version": "4.19.0",
+      "version": "4.21.0",
-      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.19.0.tgz",
+      "resolved": "https://registry.npmjs.org/selenium-webdriver/-/selenium-webdriver-4.21.0.tgz",
-      "integrity": "sha512-8XHW8m9V2XN2/SC1kr4bWzMtGvjmKUEZ6S0UBoDBqonhmwEIzKOLbzhanBd08HCOg1s1O0XrDWCD71NnA8Zt0g==",
+      "integrity": "sha512-WaEJHZjOWNth1QG5FEpxpREER0qptZBMonFU6GtAqdCNLJVxbtC3E7oS/I/+Q1sf1W032Wg0Ebk+m46lANOXyQ==",
       "requires": {
         "jszip": "^3.10.1",
         "tmp": "^0.2.3",

test/package.json

@@ -9,9 +9,9 @@
   "author": "",
   "license": "ISC",
   "dependencies": {
-    "chromedriver": "^123.0.3",
+    "chromedriver": "^126.0.1",
     "expect.js": "^0.3.1",
     "mocha": "^10.4.0",
-    "selenium-webdriver": "^4.19.0"
+    "selenium-webdriver": "^4.21.0"
   }
 }

test/test.js

@@ -130,9 +130,9 @@ describe('Application life cycle test', function () {
         await browser.findElement(By.xpath('//a[contains(., "Continue")]')).click();
         await browser.sleep(2000);
 
-        if (await browser.findElements(By.xpath('//div[@aria-label="Skip verification for now"]')).then(found => !!found.length)) {
+        //if (await browser.findElements(By.xpath('//div[@aria-label="Skip verification for now"]')).then(found => !!found.length)) {
-            await skipVerification();
+//            await skipVerification();
-        }
+        //}
 
         await browser.sleep(3000);
         await waitForElement(By.xpath(`//h1[contains(., "Welcome")]`));
@@ -166,18 +166,18 @@ describe('Application life cycle test', function () {
     async function logout() {
         await browser.get('https://' + app.fqdn + '/#/home');
         await browser.sleep(5000);
-        await waitForElement(By.xpath('//div[@role="button" and @title="User menu"]'));
+        await waitForElement(By.xpath('//div[@role="button" and @aria-label="User menu"]'));
 
-        await browser.findElement(By.xpath('//div[@role="button" and @title="User menu"]')).click();
+        await browser.findElement(By.xpath('//div[@role="button" and @aria-label="User menu"]')).click();
         await browser.sleep(2000);
 
         await browser.findElement(By.xpath('//li[@role="menuitem" and @aria-label="Sign out"]')).click();
         await browser.sleep(2000);
 
-        if (await browser.findElements(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).then(found => !!found.length)) {
+//        if (await browser.findElements(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).then(found => !!found.length)) {
             await browser.findElement(By.xpath('//button[contains(text(), "I don\'t want my encrypted messages")]')).click();
             await browser.sleep(3000);
-        }
+//        }
 
         await waitForElement(By.xpath('//h1[text()="Sign in"]'));
     }
@@ -233,7 +233,7 @@ describe('Application life cycle test', function () {
     it('can get app information', getAppInfo);
     it('check landing page', checkLandingPage);
 
-    it('can install element-web app', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
+    it('can install element-web app (no sso)', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
     it('update element-app config', updateSynapseConfig);
 
     it('can get Element app info', getElementAppInfo);
@@ -256,10 +256,10 @@ describe('Application life cycle test', function () {
     it('uninstall app', function () { execSync('cloudron uninstall --app ' + app.id, EXEC_ARGS); });
 
     // SSO
-    it('install app', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
+    it('install app (sso)', function () { execSync('cloudron install --location ' + LOCATION, EXEC_ARGS); });
     it('can get app info', getAppInfo);
 
-    it('can install element-web app', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
+    it('can install element-web app (sso)', function () { execSync('cloudron install --appstore-id im.riot.cloudronapp --location ' + ELEMENT_LOCATION, EXEC_ARGS); });
     it('update element-app config', updateSynapseConfig);
 
     it('can get Element app info', getElementAppInfo);