Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Bump pyo3 from 0.23.2 to 0.23.3 #18001

Merged
merged 1 commit into from
Dec 9, 2024
Merged

Bump pyo3 from 0.23.2 to 0.23.3 #18001

merged 1 commit into from
Dec 9, 2024

Conversation

dependabot[bot]
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 5, 2024

Bumps pyo3 from 0.23.2 to 0.23.3.

Release notes

Sourced from pyo3's releases.

PyO3 0.23.3

This release is a soundness fix for PyO3 0.23.0 through 0.23.2.

In PyO3 0.23.0 the PYO3_CONFIG_FILE environment variable used to configure builds regressed such that changing the environment variable would no longer trigger PyO3 to reconfigure and recompile. In combination with workflows using tools such as maturin to build for multiple versions in a single build, this leads to Python wheels being compiled against the wrong Python API version.

All users who distribute artefacts for multiple Python versions are encouraged to update and rebuild with PyO3 0.23.3. Affected wheels produced from PyO3 0.23.0 through 0.23.2 are highly unstable and will crash the Python interpreter in unpredictable ways.

Aside from this fix, PyO3 0.23.3 contains some fixes to link configuration for Python 3.13t on Windows.

Thank you to the following contributors for the improvements:

@​davidhewitt @​Icxolu @​kemingy

Changelog

Sourced from pyo3's changelog.

[0.23.3] - 2024-12-03

Packaging

  • Bump optional python3-dll-a dependency to 0.2.11. #4749

Fixed

  • Fix unresolved symbol link failures on Windows when compiling for Python 3.13t with abi3 features enabled. #4733
  • Fix unresolved symbol link failures on Windows when compiling for Python 3.13t using the generate-import-lib feature. #4749
  • Fix compile-time regression in PyO3 0.23.0 where changing PYO3_CONFIG_FILE would not reconfigure PyO3 for the new interpreter. #4758
Commits

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump pyo3 from 0.23.2 to 0.23.3
8c8b1e7 
Bumps [pyo3](https://github.com/pyo3/pyo3) from 0.23.2 to 0.23.3.
- [Release notes](https://github.com/pyo3/pyo3/releases)
- [Changelog](https://github.com/PyO3/pyo3/blob/main/CHANGELOG.md)
- [Commits](PyO3/pyo3@v0.23.2...v0.23.3)

---
updated-dependencies:
- dependency-name: pyo3
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot requested a review from a team as a code owner December 5, 2024 19:07
anoadragon453
anoadragon453 approved these changes Dec 9, 2024
View reviewed changes
Copy link
Member

@anoadragon453 anoadragon453 left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Given we don't use PYO3_CONFIG_FILE, looks safe to upgrade.

@anoadragon453 anoadragon453 merged commit 790ce14 into develop Dec 9, 2024
39 checks passed
@anoadragon453 anoadragon453 deleted the dependabot/cargo/pyo3-0.23.3 branch December 9, 2024 10:54
yingziwu added a commit to yingziwu/synapse that referenced this pull request Jan 16, 2025
@yingziwu
Merge tag 'v1.122.0' into develop
4bba1ea 
Please note that this version of Synapse drops support for PostgreSQL 11 and 12. The minimum version of PostgreSQL supported is now version 13.

No significant changes since 1.122.0rc1.

- Remove support for PostgreSQL 11 and 12. Contributed by @clokep. ([\#18034](element-hq/synapse#18034))

- Added the `email.tlsname` config option.  This allows specifying the domain name used to validate the SMTP server's TLS certificate separately from the `email.smtp_host` to connect to. ([\#17849](element-hq/synapse#17849))
- Module developers will have access to the user ID of the requester when adding `check_username_for_spam` callbacks to `spam_checker_module_callbacks`. Contributed by Wilson@Pangea.chat. ([\#17916](element-hq/synapse#17916))
- Add endpoints to the Admin API to fetch the number of invites the provided user has sent after a given timestamp,
  fetch the number of rooms the provided user has joined after a given timestamp, and get report IDs of event
  reports against a provided user (i.e. where the user was the sender of the reported event). ([\#17948](element-hq/synapse#17948))
- Support stable account suspension from [MSC3823](matrix-org/matrix-spec-proposals#3823). ([\#17964](element-hq/synapse#17964))
- Add `macaroon_secret_key_path` config option. ([\#17983](element-hq/synapse#17983))

- Fix bug when rejecting withdrew invite with a `third_party_rules` module, where the invite would be stuck for the client. ([\#17930](element-hq/synapse#17930))
- Properly purge state groups tables when purging a room with the Admin API. ([\#18024](element-hq/synapse#18024))
- Fix a bug preventing the admin redaction endpoint from working on messages from remote users. ([\#18029](element-hq/synapse#18029), [\#18043](element-hq/synapse#18043))

- Update `synapse.app.generic_worker` documentation to only recommend `GET` requests for stream writer routes by default, unless the worker is also configured as a stream writer. Contributed by @evoL. ([\#17954](element-hq/synapse#17954))
- Add documentation for the previously-undocumented `last_seen_ts` query parameter to the query user Admin API. ([\#17976](element-hq/synapse#17976))
- Improve documentation for the `TaskScheduler` class. ([\#17992](element-hq/synapse#17992))
- Fix example in reverse proxy docs to include server port. ([\#17994](element-hq/synapse#17994))
- Update Alpine Linux Synapse Package Maintainer within the installation instructions. ([\#17846](element-hq/synapse#17846))

- Add `RoomID` & `EventID` rust types. ([\#17996](element-hq/synapse#17996))
- Fix various type errors across the codebase. ([\#17998](element-hq/synapse#17998))
- Disable DB statement timeout when doing a room purge since it can be quite long. ([\#18017](element-hq/synapse#18017))
- Remove some remaining uses of `twisted.internet.defer.returnValue`. Contributed by Colin Watson. ([\#18020](element-hq/synapse#18020))
- Refactor `get_profile` to no longer include fields with a value of `None`. ([\#18063](element-hq/synapse#18063))

* Bump anyhow from 1.0.93 to 1.0.95. ([\#18012](element-hq/synapse#18012), [\#18045](element-hq/synapse#18045))
* Bump authlib from 1.3.2 to 1.4.0. ([\#18048](element-hq/synapse#18048))
* Bump dawidd6/action-download-artifact from 6 to 7. ([\#17981](element-hq/synapse#17981))
* Bump http from 1.1.0 to 1.2.0. ([\#18013](element-hq/synapse#18013))
- Bump mypy from 1.11.2 to 1.12.1. ([\#17999](element-hq/synapse#17999))
* Bump mypy-zope from 1.0.8 to 1.0.9. ([\#18047](element-hq/synapse#18047))
* Bump pillow from 10.4.0 to 11.0.0. ([\#18015](element-hq/synapse#18015))
* Bump pydantic from 2.9.2 to 2.10.3. ([\#18014](element-hq/synapse#18014))
* Bump pyicu from 2.13.1 to 2.14. ([\#18060](element-hq/synapse#18060))
* Bump pyo3 from 0.23.2 to 0.23.3. ([\#18001](element-hq/synapse#18001))
* Bump python-multipart from 0.0.16 to 0.0.18. ([\#17985](element-hq/synapse#17985))
* Bump sentry-sdk from 2.17.0 to 2.19.2. ([\#18061](element-hq/synapse#18061))
* Bump serde from 1.0.215 to 1.0.217. ([\#18031](element-hq/synapse#18031), [\#18059](element-hq/synapse#18059))
* Bump serde_json from 1.0.133 to 1.0.134. ([\#18044](element-hq/synapse#18044))
* Bump twine from 5.1.1 to 6.0.1. ([\#18049](element-hq/synapse#18049))

**Changelogs for older versions can be found [here](docs/changelogs/).**
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@anoadragon453 anoadragon453 anoadragon453 approved these changes

Assignees
No one assigned
Labels
dependencies rust
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@anoadragon453