Bump maunium.net/go/mautrix from 0.12.0 to 0.18.1

[dependabot[bot]]

Bumps maunium.net/go/mautrix from 0.12.0 to 0.18.1.

Release notes

Sourced from maunium.net/go/mautrix's releases.

v0.18.1

• (format) Added a context.Context field to HTMLParser's Context struct.
• (bridge) Added support for handling join rules, knocks, invites and bans (thanks to @​maltee1 in #193 and #204).
• (crypto) Changed forwarded room key handling to only accept keys with a lower first known index than the existing session if there is one.
• (crypto) Changed key backup restore to assume own device list is up to date to avoid re-requesting device list for every deleted device that has signed key backup.
• (crypto) Fixed memory cache not being invalidated when storing own cross-signing keys

v0.18.0

• Breaking change (client, bridge, appservice) Dropped support for maulogger. Only zerolog loggers are now provided by default.
• (bridge) Fixed upload size limit not having a default if the server returned no value.
• (synapseadmin) Added wrappers for some room and user admin APIs. (thanks to @​grvn-ht in #181).
• (crypto/verificationhelper) Fixed bugs.
• (crypto) Fixed key backup uploading doing too much base64.
• (crypto) Changed EncryptMegolmEvent to return an error if persisting the megolm session fails. This ensures that database errors won't cause messages to be sent with duplicate indexes.
• (crypto) Changed GetOrRequestSecret to use a callback instead of returning the value directly. This allows validating the value in order to ignore invalid secrets.
• (id) Added ParseCommonIdentifier function to parse any Matrix identifier in the Common Identifier Format.
• (federation) Added simple key server that passes the federation tester.

v0.18.0-beta.1

• Bumped minimum Go version to 1.21.
• (bridge) Bumped minimum Matrix spec version to v1.4.
• Breaking change (crypto) Deleted old half-broken interactive verification code and replaced it with a new verificationhelper.
  • The new verification helper is still experimental.
  • Both QR and emoji verification are supported (in theory).
• (crypto) Added support for server-side key backup.
• (crypto) Added support for receiving and sending secrets like cross-signing private keys via secret sharing.
• (crypto) Added support for tracking which devices megolm sessions were initially shared to, and allowing re-sharing the keys to those sessions.
• (client) Changed cross-signing key upload method to accept a callback for user-interactive auth instead of only hardcoding password support.
• (appservice) Dropped support for legacy non-prefixed appservice paths (e.g. /transactions instead of /_matrix/app/v1/transactions).
• (appservice) Dropped support for legacy access_token authorization in appservice endpoints.
• (bridge) Fixed RawArgs field in command events of command state callbacks.
• (appservice) Added CreateFull helper function for creating an AppService instance with all the mandatory fields set.

v0.17.0

• Breaking change (bridge) Added raw event to portal membership handling functions.
• Breaking change (everything) Added context parameters to all functions (started by @​recht in #144).
• Breaking change (client) Moved event source from sync event handler function parameters to the Mautrix.EventSource field inside the event struct.
• Breaking change (client) Moved EventSource to event.Source.
• (client) Removed deprecated OldEventIgnorer. The non-deprecated version (Client.DontProcessOldEvents) is still available.
• (crypto) Added experimental pure Go Olm implementation to replace libolm (thanks to @​DerLukas15 in #106).
  • You can use the goolm build tag to the new implementation.
• (bridge) Added context parameter for bridge command events.
• (bridge) Added method to allow custom validation for the entire config.
• (client) Changed default syncer to not drop unknown events.
  • The syncer will still drop known events if parsing the content fails.
  • The behavior can be changed by changing the ParseErrorHandler function.
• (crypto) Fixed some places using math/rand instead of crypto/rand.

... (truncated)

Changelog

Sourced from maunium.net/go/mautrix's changelog.

v0.18.1 (2024-04-16)

• (format) Added a context.Context field to HTMLParser's Context struct.
• (bridge) Added support for handling join rules, knocks, invites and bans (thanks to @​maltee1 in #193 and #204).
• (crypto) Changed forwarded room key handling to only accept keys with a lower first known index than the existing session if there is one.
• (crypto) Changed key backup restore to assume own device list is up to date to avoid re-requesting device list for every deleted device that has signed key backup.
• (crypto) Fixed memory cache not being invalidated when storing own cross-signing keys

#193: mautrix/go#193 #204: mautrix/go#204

v0.18.0 (2024-03-16)

• Breaking change (client, bridge, appservice) Dropped support for maulogger. Only zerolog loggers are now provided by default.
• (bridge) Fixed upload size limit not having a default if the server returned no value.
• (synapseadmin) Added wrappers for some room and user admin APIs. (thanks to @​grvn-ht in #181).
• (crypto/verificationhelper) Fixed bugs.
• (crypto) Fixed key backup uploading doing too much base64.
• (crypto) Changed EncryptMegolmEvent to return an error if persisting the megolm session fails. This ensures that database errors won't cause messages to be sent with duplicate indexes.
• (crypto) Changed GetOrRequestSecret to use a callback instead of returning the value directly. This allows validating the value in order to ignore invalid secrets.
• (id) Added ParseCommonIdentifier function to parse any Matrix identifier in the [Common Identifier Format].
• (federation) Added simple key server that passes the federation tester.

#181: mautrix/go#181 [Common Identifier Format]: https://spec.matrix.org/v1.9/appendices/#common-identifier-format

beta.1 (2024-02-16)

• Bumped minimum Go version to 1.21.
• (bridge) Bumped minimum Matrix spec version to v1.4.
• Breaking change (crypto) Deleted old half-broken interactive verification code and replaced it with a new verificationhelper.
  • The new verification helper is still experimental.
  • Both QR and emoji verification are supported (in theory).
• (crypto) Added support for server-side key backup.

... (truncated)

Commits

• a19dab1 Bump version to v0.18.1
• 423d32d Add real context to HTML parser context struct
• 640086d Fix default prevContent in bridge membership event handler (#204)
• 898b235 Allow overriding http.Client with FullRequest
• 64cc843 Invalidate memory cache when storing own cross-signing keys
• 0095e1f Assume the device list is up-to-date on key backup restore
• ade00e8 Merge pull request #193 from maltee1/join_rule
• 9fe6658 Check that shared IGS has higher index than stored
• 4dd7adc Merge pull request #200 from beeper/adam/hsorder
• 8ba307b Fix Unsigned.IsEmpty() when all we have is HSOrder
• Additional commits viewable in compare view

You can trigger a rebase of this PR by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Note Automatic rebases have been disabled on this pull request as it has been open for over 30 days.