Bump maunium.net/go/mautrix from 0.12.0 to 0.18.1

[dependabot]

Bumps maunium.net/go/mautrix from 0.12.0 to 0.18.1.

Release notes

Sourced from maunium.net/go/mautrix's releases.

v0.18.1

• (format) Added a context.Context field to HTMLParser's Context struct.
• (bridge) Added support for handling join rules, knocks, invites and bans (thanks to @​maltee1 in #193 and #204).
• (crypto) Changed forwarded room key handling to only accept keys with a lower first known index than the existing session if there is one.
• (crypto) Changed key backup restore to assume own device list is up to date to avoid re-requesting device list for every deleted device that has signed key backup.
• (crypto) Fixed memory cache not being invalidated when storing own cross-signing keys

v0.18.0

• Breaking change (client, bridge, appservice) Dropped support for maulogger. Only zerolog loggers are now provided by default.
• (bridge) Fixed upload size limit not having a default if the server returned no value.
• (synapseadmin) Added wrappers for some room and user admin APIs. (thanks to @​grvn-ht in #181).
• (crypto/verificationhelper) Fixed bugs.
• (crypto) Fixed key backup uploading doing too much base64.
• (crypto) Changed EncryptMegolmEvent to return an error if persisting the megolm session fails. This ensures that database errors won't cause messages to be sent with duplicate indexes.
• (crypto) Changed GetOrRequestSecret to use a callback instead of returning the value directly. This allows validating the value in order to ignore invalid secrets.
• (id) Added ParseCommonIdentifier function to parse any Matrix identifier in the Common Identifier Format.
• (federation) Added simple key server that passes the federation tester.

v0.18.0-beta.1

• Bumped minimum Go version to 1.21.
• (bridge) Bumped minimum Matrix spec version to v1.4.
• Breaking change (crypto) Deleted old half-broken interactive verification code and replaced it with a new verificationhelper.
  • The new verification helper is still experimental.
  • Both QR and emoji verification are supported (in theory).
• (crypto) Added support for server-side key backup.
• (crypto) Added support for receiving and sending secrets like cross-signing private keys via secret sharing.
• (crypto) Added support for tracking which devices megolm sessions were initially shared to, and allowing re-sharing the keys to those sessions.
• (client) Changed cross-signing key upload method to accept a callback for user-interactive auth instead of only hardcoding password support.
• (appservice) Dropped support for legacy non-prefixed appservice paths (e.g. /transactions instead of /_matrix/app/v1/transactions).
• (appservice) Dropped support for legacy access_token authorization in appservice endpoints.
• (bridge) Fixed RawArgs field in command events of command state callbacks.
• (appservice) Added CreateFull helper function for creating an AppService instance with all the mandatory fields set.

v0.17.0

• Breaking change (bridge) Added raw event to portal membership handling functions.
• Breaking change (everything) Added context parameters to all functions (started by @​recht in #144).
• Breaking change (client) Moved event source from sync event handler function parameters to the Mautrix.EventSource field inside the event struct.
• Breaking change (client) Moved EventSource to event.Source.
• (client) Removed deprecated OldEventIgnorer. The non-deprecated version (Client.DontProcessOldEvents) is still available.
• (crypto) Added experimental pure Go Olm implementation to replace libolm (thanks to @​DerLukas15 in #106).
  • You can use the goolm build tag to the new implementation.
• (bridge) Added context parameter for bridge command events.
• (bridge) Added method to allow custom validation for the entire config.
• (client) Changed default syncer to not drop unknown events.
  • The syncer will still drop known events if parsing the content fails.
  • The behavior can be changed by changing the ParseErrorHandler function.
• (crypto) Fixed some places using math/rand instead of crypto/rand.

... (truncated)

Changelog

Sourced from maunium.net/go/mautrix's changelog.

v0.18.1 (2024-04-16)

• (format) Added a context.Context field to HTMLParser's Context struct.
• (bridge) Added support for handling join rules, knocks, invites and bans (thanks to @​maltee1 in #193 and #204).
• (crypto) Changed forwarded room key handling to only accept keys with a lower first known index than the existing session if there is one.
• (crypto) Changed key backup restore to assume own device list is up to date to avoid re-requesting device list for every deleted device that has signed key backup.
• (crypto) Fixed memory cache not being invalidated when storing own cross-signing keys

#193: mautrix/go#193 #204: mautrix/go#204

v0.18.0 (2024-03-16)

• Breaking change (client, bridge, appservice) Dropped support for maulogger. Only zerolog loggers are now provided by default.
• (bridge) Fixed upload size limit not having a default if the server returned no value.
• (synapseadmin) Added wrappers for some room and user admin APIs. (thanks to @​grvn-ht in #181).
• (crypto/verificationhelper) Fixed bugs.
• (crypto) Fixed key backup uploading doing too much base64.
• (crypto) Changed EncryptMegolmEvent to return an error if persisting the megolm session fails. This ensures that database errors won't cause messages to be sent with duplicate indexes.
• (crypto) Changed GetOrRequestSecret to use a callback instead of returning the value directly. This allows validating the value in order to ignore invalid secrets.
• (id) Added ParseCommonIdentifier function to parse any Matrix identifier in the [Common Identifier Format].
• (federation) Added simple key server that passes the federation tester.

#181: mautrix/go#181 [Common Identifier Format]: https://spec.matrix.org/v1.9/appendices/#common-identifier-format

beta.1 (2024-02-16)

• Bumped minimum Go version to 1.21.
• (bridge) Bumped minimum Matrix spec version to v1.4.
• Breaking change (crypto) Deleted old half-broken interactive verification code and replaced it with a new verificationhelper.
  • The new verification helper is still experimental.
  • Both QR and emoji verification are supported (in theory).
• (crypto) Added support for server-side key backup.

... (truncated)

Commits

• a19dab1 Bump version to v0.18.1
• 423d32d Add real context to HTML parser context struct
• 640086d Fix default prevContent in bridge membership event handler (#204)
• 898b235 Allow overriding http.Client with FullRequest
• 64cc843 Invalidate memory cache when storing own cross-signing keys
• 0095e1f Assume the device list is up-to-date on key backup restore
• ade00e8 Merge pull request #193 from maltee1/join_rule
• 9fe6658 Check that shared IGS has higher index than stored
• 4dd7adc Merge pull request #200 from beeper/adam/hsorder
• 8ba307b Fix Unsigned.IsEmpty() when all we have is HSOrder
• Additional commits viewable in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)