dandri/matrix-authentication-service
1
0
Fork 0
mirror of https://github.com/element-hq/matrix-authentication-service.git synced 2026-06-06 17:42:17 +00:00
Code Issues Packages Projects Releases Wiki Activity
7,144 Commits 96 Branches 90 Tags
e65237b8f9ddfcd0f13ed32142102e34b4d7bb2c
Commit Graph

7144 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Eric Eastwood e65237b8f9 Merge branch 'main' into madlittlemods/soft-limit-account-session-management 2026-05-20 15:06:24 -05:00
Eric Eastwood 7d37e02fc0 Check whether policy evaluation result is valid() when we process_violations_for_compat_login(...) (#5681) 
This regressed in
https://github.com/element-hq/matrix-authentication-service/pull/5607 but
because the policy is only being used for session limiting
(https://github.com/element-hq/matrix-authentication-service/pull/5287), no
behavior has actually regressed. This is just important if we start enforcing
other logic in these policies.

Part of
https://github.com/element-hq/matrix-authentication-service/issues/4339 /
https://github.com/element-hq/backend-internal/issues/199 tracking work to
limit number of devices.
 2026-05-20 14:07:51 -05:00
Eric Eastwood bd995f18ef Merge branch 'main' into madlittlemods/check-valid 
Conflicts:
	crates/handlers/src/compat/login.rs
 2026-05-20 12:28:18 -05:00
Eric Eastwood 186b54f241 Schedule SyncDevicesJob after dangerous_hard_limit_eviction so the homeserver stays up to date (#5679) 
Follow-up to https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3189451555
 2026-05-20 12:26:07 -05:00
Eric Eastwood b73e06aded Update comment langauge and add it to other login spots 2026-05-20 11:58:36 -05:00
Eric Eastwood 7764e9e296 Formatting 2026-05-20 11:48:37 -05:00
Eric Eastwood 2aba54c4ba Update reason for why synchronous device creation 
See https://github.com/element-hq/matrix-authentication-service/pull/5679#discussion_r3237767718
 2026-05-20 11:47:18 -05:00
Eric Eastwood 502cf66024 Merge branch 'main' into madlittlemods/sync-devices-after-hard-limit-eviction 2026-05-20 11:45:02 -05:00
Quentin Gliech 89080983c4 Split multi-arch Docker build into parallel jobs (#5474) 2026-05-20 15:47:00 +02:00
Quentin Gliech eeea952b55 Add a comment about the artefact collection 2026-05-20 15:24:19 +02:00
Quentin Gliech 7834229784 Re-add DOCKER_METADATA_ANNOTATIONS_LEVELS to narrow annotations to the index 
`docker buildx imagetools create --annotation manifest:KEY=VALUE` errors
out with "manifest annotations are not supported yet". metadata-action
defaults to emitting `manifest:` prefixed entries, so without an explicit
`DOCKER_METADATA_ANNOTATIONS_LEVELS: index` the finalize step blows up
the first time it sees a non-empty annotations list.
 2026-05-20 15:22:56 +02:00
Quentin Gliech 63deb0b1fd Don't specify DOCKER_METADATA_ANNOTATIONS_LEVELS 
We're injecting annotations manually anyway
 2026-05-20 14:42:17 +02:00
Quentin Gliech d88db7deff Simplify the injection of annotations in the final manifest 2026-05-20 14:41:53 +02:00
Quentin Gliech c2dc7c11a9 Split multi-arch Docker build into parallel jobs 
- Modify Dockerfile to build single architecture based on TARGETARCH instead of cross-compiling both targets in one run
- Replace single build-image job with matrix job (amd64, arm64)
- Add finalize-image job that creates multi-arch manifests using `docker buildx imagetools create` and signs the final images
- Each architecture gets its own build cache

This enables parallel builds of each architecture, reducing total build time by running both simultaneously rather than sequentially.
 2026-05-20 12:57:22 +02:00
Quentin Gliech 750de33486 Push MAS docker images to Element OCI Registry (#5459) 2026-05-20 11:58:11 +02:00
Quentin Gliech 6946e57ffd Fix the release notes reference to the image 2026-05-20 10:58:01 +02:00
Quentin Gliech b9cddc84b6 Remove unused apalis dependabot config (#5685) 2026-05-20 10:57:12 +02:00
Quentin Gliech 2d6176308d Merge branch 'main' into hughns/apalis-dependabot 2026-05-20 10:45:24 +02:00
Quentin Gliech efb878e0a3 Increase dependabot interval from daily to monthly (#5686) 2026-05-20 10:44:51 +02:00
Quentin Gliech e833483070 Bump OCI login action to v4.1.0 to match the GHCR login 2026-05-20 10:44:20 +02:00
Quentin Gliech c52161d420 Merge remote-tracking branch 'origin/main' into devon/element-docker 2026-05-20 10:14:18 +02:00
Quentin Gliech bb6efd95b8 Fix the transformation of the Docker build metadata in CI (#5683) 2026-05-20 10:12:00 +02:00
Quentin Gliech 815e9ef19a Skip oci.element.io push on PR-labelled builds 
Tailscale + Vault JWT auth needs a `push`-event OIDC token, so gate the
oci-push registry image and its login steps on `github.event_name == 'push'`.
PR-labelled builds (`Z-Build-Workflow`) push only to ghcr.io.
 2026-05-20 09:50:18 +02:00
Quentin Gliech f0100c4fa8 Disable provenance in the metadata output 2026-05-20 09:34:26 +02:00
matrixbot 4e99e36f87 Automatic merge back to main (#5690) 2026-05-19 16:30:37 +02:00
github-actions[bot] 3ab421191e 1.17.0 v1.17.0 2026-05-19 14:19:56 +00:00
Olivier 'reivilibre de3de3b169 Translations updates for v1.17 (#5689) 2026-05-19 15:17:15 +01:00
Olivier 'reivilibre 53557cb6cd Merge branch 'release/v1.17' into actions/localazy-download/v1.17 2026-05-19 15:08:03 +01:00
Quentin Gliech e2771abd55 Bump lettre to mitigate RUSTSEC-2026-0141 
This also bumps rustls-platform-verifier to avoid duplicated dependencies in the tree
 2026-05-19 14:57:56 +01:00
github-actions[bot] eb58397b05 Translations updates 2026-05-19 13:46:32 +00:00
Eric Eastwood 796ab7c6d1 Merge branch 'main' into madlittlemods/check-valid 2026-05-15 18:08:14 -05:00
Eric Eastwood efd17f742b Merge branch 'main' into madlittlemods/soft-limit-account-session-management 2026-05-15 18:07:48 -05:00
Hugh Nimmo-Smith 676e2fc75f Increase dependabot interval from daily to monthly 2026-05-15 14:04:43 +01:00
Hugh Nimmo-Smith 5976430070 Remove unused apalis dependabot config 2026-05-15 14:00:53 +01:00
Quentin Gliech f6195402b1 Merge branch 'main' into quenting/fix-ci-bake-metadata 2026-05-15 13:51:35 +02:00
Quentin Gliech 0b52a8573a Bump lettre to appease cargo-deny on RUSTSEC-2026-0141 (#5684) 2026-05-15 13:51:16 +02:00
Quentin Gliech be444b5f1a Bump lettre to mitigate RUSTSEC-2026-0141 
This also bumps rustls-platform-verifier to avoid duplicated dependencies in the tree
 2026-05-15 13:36:08 +02:00
Quentin Gliech f99f4f5fba Fix the transformation of the Docker build metadata in CI 
This broke in #5664 due to STEPS_BAKE_OUTPUTS_METADATA being too large
to be passed as an argument to a shell script.

This replaces the `jq` call with a javascript action which transforms
the output.
 2026-05-15 13:29:55 +02:00
Eric Eastwood 941f3e50d5 Fix lints 2026-05-14 16:50:55 -05:00
Eric Eastwood 4437b3b8d0 Check whether policy evaluation result is valid 2026-05-14 16:42:10 -05:00
Eric Eastwood a2ed694f28 Merge branch 'main' into madlittlemods/soft-limit-account-session-management 2026-05-14 14:47:59 -05:00
Eric Eastwood 1cf0243d07 Fix TestState.reset() to retain mock homeserver in-memory state (#5678) 
Spawning from https://github.com/element-hq/matrix-authentication-service/pull/5670#discussion_r3222243619

---------

Co-authored-by: Quentin Gliech <quenting@element.io>
 2026-05-14 12:25:58 -05:00
Eric Eastwood 3afca38251 Merge branch 'main' into madlittlemods/soft-limit-account-session-management 2026-05-13 17:43:11 -05:00
Eric Eastwood f21e59b50d Explain as opposed to 2026-05-13 17:27:07 -05:00
Eric Eastwood 5eadefa729 Fix lints 2026-05-13 17:15:38 -05:00
Eric Eastwood 09139721c0 Add logout reasoning 2026-05-13 17:10:02 -05:00
Eric Eastwood 25f6b21990 Schedule SyncDevicesJob after dangerous_hard_limit_eviction 2026-05-13 16:54:44 -05:00
Eric Eastwood 9290c46ea8 Add reasoning for why upsert device immediately when logging in 
From https://github.com/element-hq/matrix-authentication-service/pull/5607#discussion_r3232971115
 2026-05-13 16:39:33 -05:00
Eric Eastwood 1e84c6962a Merge branch 'main' into madlittlemods/fix-test-state-reset 2026-05-13 15:56:14 -05:00
Eric Eastwood 2fea1fee7c Fix TestState.reset() to retain mock homeserver im-memory state 2026-05-13 15:43:27 -05:00