mirror of
https://github.com/element-hq/synapse.git
synced 2026-06-03 23:31:27 +00:00
dependabot[bot]
71e07d4c75
Bumps [hashicorp/vault-action](https://github.com/hashicorp/vault-action) from 3.4.0 to 4.0.0. <details> <summary>Release notes</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/vault-action/releases">hashicorp/vault-action's releases</a>.</em></p> <blockquote> <h2>v4.0.0</h2> <h2>4.0.0 (May 12, 2026)</h2> <p>Improvements:</p> <ul> <li>Bump node runtime from node20 to node24 <a href="https://redirect.github.com/hashicorp/vault-action/pull/604">GH-604</a></li> <li>Fix leading slash in secret paths causing HTTP 400 errors (e.g. <code>/cubbyhole/test</code> → <code>v1/cubbyhole/test</code> instead of <code>v1//cubbyhole/test</code>)</li> <li>bump jsrsasign from 11.1.0 to 11.1.3</li> <li>bump body-parser from 1.20.3 to 1.20.5</li> <li>bump qs from 6.13.0 to 6.15.1</li> <li>bump http-errors from 2.0.0 to 2.0.1</li> <li>bump minimatch from 3.1.2 to 3.1.5</li> <li>bump underscore from 1.13.4 to 1.13.8</li> </ul> </blockquote> </details> <details> <summary>Changelog</summary> <p><em>Sourced from <a href="https://github.com/hashicorp/vault-action/blob/main/CHANGELOG.md">hashicorp/vault-action's changelog</a>.</em></p> <blockquote> <h2>4.0.0 (May 12, 2026)</h2> <p>Improvements:</p> <ul> <li>Bump node runtime from node20 to node24 <a href="https://redirect.github.com/hashicorp/vault-action/pull/604">GH-604</a></li> <li>Fix leading slash in secret paths causing HTTP 400 errors (e.g. <code>/cubbyhole/test</code> → <code>v1/cubbyhole/test</code> instead of <code>v1//cubbyhole/test</code>)</li> <li>bump jsrsasign from 11.1.0 to 11.1.3</li> <li>bump body-parser from 1.20.3 to 1.20.5</li> <li>bump qs from 6.13.0 to 6.15.1</li> <li>bump http-errors from 2.0.0 to 2.0.1</li> <li>bump minimatch from 3.1.2 to 3.1.5</li> <li>bump underscore from 1.13.4 to 1.13.8</li> </ul> <h2>3.4.0 (June 13, 2025)</h2> <p>Bugs:</p> <ul> <li>replace all dot chars during normalization (<a href="https://redirect.github.com/hashicorp/vault-action/pull/580">hashicorp/vault-action#580</a>)</li> </ul> <p>Improvements:</p> <ul> <li>Prevent possible DoS via polynomial regex (<a href="https://redirect.github.com/hashicorp/vault-action/pull/583">hashicorp/vault-action#583</a>)</li> </ul> <h2>3.3.0 (March 3, 2025)</h2> <p>Features:</p> <ul> <li>Wildcard secret imports can use <code>**</code> to retain case of exported env keys <a href="https://redirect.github.com/hashicorp/vault-action/pull/545">GH-545</a></li> </ul> <h2>3.2.0 (March 3, 2025)</h2> <p>Improvements:</p> <ul> <li>Add retry for jwt auth login to fix intermittent login failures <a href="https://redirect.github.com/hashicorp/vault-action/pull/574">GH-574</a></li> </ul> <h2>3.1.0 (January 9, 2025)</h2> <p>Improvements:</p> <ul> <li>fix wildcard handling when field contains dot <a href="https://redirect.github.com/hashicorp/vault-action/pull/542">GH-542</a></li> <li>bump body-parser from 1.20.0 to 1.20.3</li> <li>bump braces from 3.0.2 to 3.0.3</li> <li>bump cross-spawn from 7.0.3 to 7.0.6</li> <li>bump micromatch from 4.0.5 to 4.0.8</li> </ul> <p>Features:</p> <ul> <li><code>secretId</code> is no longer required for approle to support advanced use cases like machine login when <code>bind_secret_id</code> is false. <a href="https://redirect.github.com/hashicorp/vault-action/pull/522">GH-522</a></li> <li>Use <code>pki</code> configuration to generate certificates from Vault <a href="https://redirect.github.com/hashicorp/vault-action/pull/564">GH-564</a></li> </ul> <h2>3.0.0 (February 15, 2024)</h2> <!-- raw HTML omitted --> </blockquote> <p>... (truncated)</p> </details> <details> <summary>Commits</summary> <ul> <li><a href="https://github.com/hashicorp/vault-action/commit/892a26828f195e65540a40b4768ae4571f51ebfc"><code>892a268</code></a> Update copywrite headers for v.4.0.0 release (<a href="https://redirect.github.com/hashicorp/vault-action/issues/607">#607</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/a7ffa26e2e6ede175ca2e4f7dec54e78425d6936"><code>a7ffa26</code></a> Prepare for release v4.0.0 (<a href="https://redirect.github.com/hashicorp/vault-action/issues/606">#606</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/a049f0183861f1dbbd996f64b48335487cc968db"><code>a049f01</code></a> [COMPLIANCE] Add/Update Copyright Headers (<a href="https://redirect.github.com/hashicorp/vault-action/issues/605">#605</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/95977a3e2387e93244aaae1232de66fc47b379a3"><code>95977a3</code></a> Adding team-vault-consumption as CODEOWNERS (<a href="https://redirect.github.com/hashicorp/vault-action/issues/600">#600</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/7e48e563b6a9b4b0ba8b028c5ee89c41a8ae2671"><code>7e48e56</code></a> Upgrade Node.js to 24 and update dependencies (<a href="https://redirect.github.com/hashicorp/vault-action/issues/604">#604</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/79632e33d6953d190b940ffa440bf97821cabd80"><code>79632e3</code></a> [COMPLIANCE] Add Copyright and License Headers (Batch 1 of 1) (<a href="https://redirect.github.com/hashicorp/vault-action/issues/589">#589</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/734c523c4fbdb289cdf26dd2dc177f3627d1e140"><code>734c523</code></a> README.md: Removing jwtGithubAudience default (<a href="https://redirect.github.com/hashicorp/vault-action/issues/590">#590</a>)</li> <li><a href="https://github.com/hashicorp/vault-action/commit/2c5827061f1ad91ca97897d6257ebe638e033699"><code>2c58270</code></a> [Compliance] - PR Template Changes Required (<a href="https://redirect.github.com/hashicorp/vault-action/issues/586">#586</a>)</li> <li>See full diff in <a href="https://github.com/hashicorp/vault-action/compare/4c06c5ccf5c0761b6029f56cfb1dcf5565918a3b...892a26828f195e65540a40b4768ae4571f51ebfc">compare view</a></li> </ul> </details> <br /> [](https://docs.github.com/en/github/managing-security-vulnerabilities/about-dependabot-security-updates#about-compatibility-scores) Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting `@dependabot rebase`. [//]: # (dependabot-automerge-start) [//]: # (dependabot-automerge-end) --- <details> <summary>Dependabot commands and options</summary> <br /> You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot show <dependency name> ignore conditions` will show all of the ignore conditions of the specified dependency - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself) </details> Signed-off-by: dependabot[bot] <support@github.com> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
.. image:: https://github.com/element-hq/synapse/raw/develop/docs/element_logo_white_bg.svg :height: 60px **Element Synapse - Matrix homeserver implementation** |support| |development| |documentation| |license| |pypi| |python| Synapse is an open source `Matrix <https://matrix.org>`__ homeserver implementation, written and maintained by `Element <https://element.io>`_. `Matrix <https://github.com/matrix-org>`__ is the open standard for secure and interoperable real-time communications. You can directly run and manage the source code in this repository, available under an AGPL license (or alternatively under a commercial license from Element). There is no support provided by Element unless you have a subscription from Element. 🚀 Getting started ================== This component is developed and maintained by `Element <https://element.io>`_. It gets shipped as part of the **Element Server Suite (ESS)** which provides the official means of deployment. ESS is a Matrix distribution from Element with focus on quality and ease of use. It ships a full Matrix stack tailored to the respective use case. There are three editions of ESS: - `ESS Community <https://github.com/element-hq/ess-helm>`_ - the free Matrix distribution from Element tailored to small-/mid-scale, non-commercial community use cases - `ESS Pro <https://element.io/server-suite>`_ - the commercial Matrix distribution from Element for professional use - `ESS TI-M <https://element.io/server-suite/ti-messenger>`_ - a special version of ESS Pro focused on the requirements of TI-Messenger Pro and ePA as specified by the German National Digital Health Agency Gematik 🛠️ Standalone installation and configuration ============================================ The Synapse documentation describes `options for installing Synapse standalone <https://element-hq.github.io/synapse/latest/setup/installation.html>`_. See below for more useful documentation links. - `Synapse configuration options <https://element-hq.github.io/synapse/latest/usage/configuration/config_documentation.html>`_ - `Synapse configuration for federation <https://element-hq.github.io/synapse/latest/federate.html>`_ - `Using a reverse proxy with Synapse <https://element-hq.github.io/synapse/latest/reverse_proxy.html>`_ - `Upgrading Synapse <https://element-hq.github.io/synapse/develop/upgrade.html>`_ 🎯 Troubleshooting and support ============================== 🚀 Professional support ----------------------- Enterprise quality support for Synapse including SLAs is available as part of an `Element Server Suite (ESS) <https://element.io/pricing>`_ subscription. If you are an existing ESS subscriber then you can raise a `support request <https://ems.element.io/support>`_ and access the `Element product documentation <https://docs.element.io>`_. 🤝 Community support -------------------- The `Admin FAQ <https://element-hq.github.io/synapse/latest/usage/administration/admin_faq.html>`_ includes tips on dealing with some common problems. For more details, see `Synapse's wider documentation <https://element-hq.github.io/synapse/latest/>`_. For additional support installing or managing Synapse, please ask in the community support room |room|_ (from a matrix.org account if necessary). We do not use GitHub issues for support requests, only for bug reports and feature requests. .. |room| replace:: ``#synapse:matrix.org`` .. _room: https://matrix.to/#/#synapse:matrix.org .. |docs| replace:: ``docs`` .. _docs: docs 🛠️ Development ============== We welcome contributions to Synapse from the community! The best place to get started is our `guide for contributors <https://element-hq.github.io/synapse/latest/development/contributing_guide.html>`_. This is part of our broader `documentation <https://element-hq.github.io/synapse/latest>`_, which includes information for Synapse developers as well as Synapse administrators. Developers might be particularly interested in: * `Synapse's database schema <https://element-hq.github.io/synapse/latest/development/database_schema.html>`_, * `notes on Synapse's implementation details <https://element-hq.github.io/synapse/latest/development/internal_documentation/index.html>`_, and * `how we use git <https://element-hq.github.io/synapse/latest/development/git.html>`_. Alongside all that, join our developer community on Matrix: `#synapse-dev:matrix.org <https://matrix.to/#/#synapse-dev:matrix.org>`_, featuring real humans! Copyright and Licensing ======================= | Copyright 2014–2017 OpenMarket Ltd | Copyright 2017 Vector Creations Ltd | Copyright 2017–2025 New Vector Ltd | Copyright 2025 Element Creations Ltd This software is dual-licensed by Element Creations Ltd (Element). It can be used either: (1) for free under the terms of the GNU Affero General Public License (as published by the Free Software Foundation, either version 3 of the License, or (at your option) any later version); OR (2) under the terms of a paid-for Element Commercial License agreement between you and Element (the terms of which may vary depending on what you and Element have agreed to). Unless required by applicable law or agreed to in writing, software distributed under the Licenses is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the Licenses for the specific language governing permissions and limitations under the Licenses. Please contact `licensing@element.io <mailto:licensing@element.io>`_ to purchase an Element commercial license for this software. .. |support| image:: https://img.shields.io/badge/matrix-community%20support-success :alt: (get community support in #synapse:matrix.org) :target: https://matrix.to/#/#synapse:matrix.org .. |development| image:: https://img.shields.io/matrix/synapse-dev:matrix.org?label=development&logo=matrix :alt: (discuss development on #synapse-dev:matrix.org) :target: https://matrix.to/#/#synapse-dev:matrix.org .. |documentation| image:: https://img.shields.io/badge/documentation-%E2%9C%93-success :alt: (Rendered documentation on GitHub Pages) :target: https://element-hq.github.io/synapse/latest/ .. |license| image:: https://img.shields.io/github/license/element-hq/synapse :alt: (check license in LICENSE file) :target: LICENSE .. |pypi| image:: https://img.shields.io/pypi/v/matrix-synapse :alt: (latest version released on PyPi) :target: https://pypi.org/project/matrix-synapse .. |python| image:: https://img.shields.io/pypi/pyversions/matrix-synapse :alt: (supported python versions) :target: https://pypi.org/project/matrix-synapse