Update all dependencies

[missingcharacter]

ℹ️ Note

This PR body was truncated due to platform limits.

This PR contains the following updates:

Package	Update	Change
ghcr.io/element-hq/synapse	minor	v1.149.1 → v1.152.1
ghcr.io/umami-software/umami	minor	3.0.3 → 3.1.0
traefik	minor	v3.6.11 → v3.7.1
vaultwarden/server	minor	1.35.4-alpine → 1.36.0-alpine

---

Release Notes

element-hq/synapse (ghcr.io/element-hq/synapse)

v1.152.1

Compare Source

Synapse 1.152.1 (2026-05-07)

Security Fixes

• Prevent CPU starvation (Denial of Service) under worker lock contention, additionally capping the WorkerLock time out interval to a maximum of 60 seconds. Contributed by Famedly. (#​19394, ELEMENTSEC-2026-1706, GHSA-8q93-326v-3m7g, CVE pending)
• Prevent pagination ending when a page is full of rejected events. (ELEMENTSEC-2025-1636, GHSA-6qf2-7x63-mm6v, CVE pending)

v1.152.0

Compare Source

Synapse 1.152.0 (2026-04-28)

No significant changes since 1.152.0rc1.

Configuration changes needed for deployments using workers

For deployments using workers, please note that this version introduces a new quarantined_media_changes stream writer, which may require configuration changes.
Please see the the relevant section in the upgrade notes for details.

Without configuring this new stream writer, only the main process will be able to handle the /media/quarantine admin API endpoints for quarantining media.

Synapse 1.152.0rc1 (2026-04-22)

Features

• Add a "Listing quarantined media changes" Admin API for retrieving a paginated record of when media became (un)quarantined. (#​19558, #​19677, #​19694)
• Advertise MSC4445 sync timeline order in unstable_features. (#​19642)
• Report the Rust compiler version used in the Prometheus metrics. Contributed by Noah Markert. (#​19643)
• Passthrough 'article' and 'profile' OpenGraph metadata on URL preview requests. (#​19659)
• Add a way to re-sign local events with a new signing key. (#​19668)
• Support MSC4450: Identity Provider selection for User-Interactive Authentication with Legacy Single Sign-On. (#​19693)
• Add experimental support for MSC4242: State DAGs. Excludes federation support. (#​19424)
• Adds Admin API endpoints to
  list, fetch and delete user reports. (#​19657)
• Reduce database disk space usage by pruning old rows from device_lists_changes_in_room. (#​19473, #​19709)

Bugfixes

• Reject device_keys: null in the request to POST /_matrix/client/v3/keys/upload, as per the spec. This was temporarily allowed as a workaround for misbehaving clients. (#​19637)
• Fix database migrations failing on platforms where SQLite is configured with SQLITE_DBCONFIG_DEFENSIVE by default, such as macOS. (#​19690)
• Fix a bug introduced in v1.145 where a non-admin could bypass admin checks for downloading remote quarantined media. This relied on the media already being previously present on the homeserver. (#​19639)

Improved Documentation

• Include a workaround for running the unit tests with SQLite under recent versions of MacOS. (#​19615)
• Fix Docker image link typo in worker docs. (#​19645)
• Update the developer stream docs for creating a new stream to point out _setup_sequence(...) in portdb. (#​19675)
• Update the developer stream docs for creating a new stream to highlight places that require documentation updates. (#​19696)

Internal Changes

• Update CI to use re-usable Complement GitHub CI workflow. (#​19533)
• Fix docstring for limit argument in _maybe_backfill_inner(...). (#​19630)
• Document context for why increase timeout for policy server requests. (#​19633)
• Run lint script to format Complement tests introduced in #​19509. (#​19636)
• Small simplifications to the events class. (#​19680, #​19712)
• Introduce spam_checker_spammy internal event metadata. (#​19453)
• Add a FilteredEvent class that saves us copying events. (#​19640)
• Convert EventInternalMetadata to use Arc<RwLock<_>>. (#​19669)

v1.151.0

Compare Source

Synapse 1.151.0 (2026-04-07)

Bugfixes

• Fix KNOWN_ROOM_VERSIONS.__contains__ raising TypeError for non-string keys, which could cause /sync to fail for rooms with a NULL room version in the database. Bug introduced in #​19589 as part of v1.151.0rc1. (#​19649)

Synapse 1.151.0rc1 (2026-03-31)

Features

• Add stable support for MSC4284 Policy Servers. (#​19503)
• Update and stabilize support for MSC2666: Get rooms in common with another user. Contributed by @​tulir @​ Beeper. (#​19511)
• Updated experimental support for MSC4388: Secure out-of-band channel for sign in with QR. (#​19573)
• Stabilize room_version and encryption fields in the space/room /hierarchy API (part of MSC3266). (#​19576)
• Introduce a configuration option to allow using HTTP/2 over plaintext when Synapse connects to Matrix Authentication Service. (#​19586)

Bugfixes

• Fix MSC4284 Policy Servers implementation to skip signing org.matrix.msc4284.policy and m.room.policy state events. (#​19503)
• Correctly apply MSC4284 Policy Server signatures to events when the sender and policy server have the same server name. (#​19503)
• Allow Synapse to start up even when discovery fails for an OpenID Connect provider. (#​19509)
• Fix quarantine media admin APIs sometimes returning inaccurate counts for remote media. (#​19559)
• Fix Build and push complement image CI job not having poetry available for the Complement runner script. (#​19578)
• Increase timeout for policy server requests to avoid repeated requests for checking media. (#​19629)

Deprecations and Removals

• Remove support for MSC3852: Expose user agent information on Device as the MSC was closed. (#​19430)

Internal Changes

• Fix small comment typo in config output from the demo/start.sh script. (#​19538)
• Add MSC3820 comment context to RoomVersion attributes. (#​19577)
• Remove redacted_because from internal unsigned. (#​19581)
• Prevent sending registration emails if registration is disabled. (#​19585)
• Port RoomVersion to Rust. (#​19589)
• Only show failing Complement tests in the formatted output in CI. (#​19590)
• Ensure old Complement test files are removed when downloading a Complement checkout via ./scripts-dev/complement.sh. (#​19592)
• Update HomeserverTestCase.pump() docstring to demystify behavior (Twisted reactor/clock). (#​19602)
• Deprecate HomeserverTestCase.pump() in favor of more direct HomeserverTestCase.reactor.advance(...) usage. (#​19602)
• Lower the Postgres database statement_timeout to 10m (previously 1h). (#​19604)

v1.150.0

Compare Source

Synapse 1.150.0 (2026-03-24)

No significant changes since 1.150.0rc1.

Upgrade notes

Please read the upgrade notes as this release includes a few changes that may affect your deployment.

Synapse 1.150.0rc1 (2026-03-17)

Features

• Add experimental support for the MSC4370 Federation API GET /extremities endpoint. (#​19314)
• MSC4140: Cancellable delayed events: When persisting a delayed event to the timeline, include its delay_id in the event's unsigned section in /sync responses to the event sender. (#​19479)
• Expose MSC4354 Sticky Events over the legacy (v3) /sync API. (#​19487)
• When Matrix Authentication Service (MAS) integration is enabled, allow MAS to set the user locked status in Synapse. (#​19554)

Bugfixes

• Fix Build and push complement image CI job pointing to non-existent image. (#​19523)
• Fix a bug introduced in v1.26.0 that caused deactivated, erased users to not be removed from the user directory. (#​19542)

Improved Documentation

• In the Admin API documentation, always express path parameters as /<param> instead of as /$param. (#​19307)
• Update docs to clarify outbound_federation_restricted_to can also be used with the Secure Border Gateway (SBG). (#​19517)
• Unify Complement developer docs. (#​19518)

Internal Changes

• Put membership updates in a background resumable task when changing the avatar or the display name. (#​19311)
• Add in-repo Complement test to sanity check Synapse version matches git checkout (testing what we think we are). (#​19476)
• Migrate dev dependencies to PEP 735 dependency groups. (#​19490)
• Remove the optional systemd-python dependency and the systemd extra on the synapse package. (#​19491)
• Avoid re-computing the event ID when cloning events. (#​19527)
• Allow caching of the /versions and /auth_metadata public endpoints. (#​19530)
• Add a few labels to the number groupings in the Processed request logs. (#​19548)

containous/traefik (traefik)

v3.7.1

Compare Source

Important: Please read the migration guide.

CVE fixed:

• CVE-2026-44774 (Advisory GHSA-96qj-4jj5-wcjc)

Bug fixes:

• [k8s/ingress, k8s/crd, k8s/gatewayapi] Add CrossProviderNamespaces option (#​13094 @​rtribotte)
• [k8s/crd] Fix cross-provider ref check for Kubernetes CRD provider (#​13121 @​rtribotte)

v3.7.1

Compare Source

Important: Please read the migration guide.

CVE fixed:

• CVE-2026-44774 (Advisory GHSA-96qj-4jj5-wcjc)

Bug fixes:

• [k8s/ingress, k8s/crd, k8s/gatewayapi] Add CrossProviderNamespaces option (#​13094 @​rtribotte)
• [k8s/crd] Fix cross-provider ref check for Kubernetes CRD provider (#​13121 @​rtribotte)

v3.7.0

Compare Source

All Commits

Bug fixes:

• [acme] Bump github.com/go-acme/lego/v4 to v4.22.2 (#​11537 by ldez)
• [cli] Bump github.com/traefik/paerser to v0.2.2 (#​11530 by kevinpollet)
• [middleware] Enable the retry middleware in the proxy (#​11536 by kevinpollet)
• [middleware] Retry should send headers on Write (#​11534 by kevinpollet)

v3.3.3 (2025-01-31)

All Commits

Bug fixes:

• [api] Do not create observability model by default (#​11476 by rtribotte)
• [fastproxy] Fix content-length header assertion (#​11498 by kevinpollet)
• [fastproxy] Handle responses without content length header (#​11458 by rtribotte)
• [k8s/crd,k8s] Add missing headerField in Middleware CRD (#​11499 by jspdown)
• [tracing,accesslogs] Bring back TraceID and SpanID fields in access logs (#​11450 by rtribotte)

Misc:

• Merge branch v2.11 into v3.3 (#​11502 by rtribotte)
• Merge branch v2.11 into v3.3 (#​11491 by rtribotte)

v2.11.20 (2025-01-31)

All Commits

Bug fixes:

• [acme] Graceful shutdown for ACME JSON write operation (#​11497 by juliens)

Documentation:

• Change docker-compose to docker compose (#​11496 by khai-pi)

v2.11.19 (2025-01-29)

All Commits

Bug fixes:

• [middleware] Changing log message when client cert is not available to debug (#​11453 by Nelwhix)
• [service] Do not create a logger instance for each proxy (#​11487 by kevinpollet)
• [webui] Fix auto refresh not clearing on component unmount (#​11477 by DoubleREW)

Documentation:

• Remove awesome.traefik.io reference in documentation section (#​11435 by kevinpollet)

v3.3.2 (2025-01-14)

All Commits

Bug fixes:

• [fastproxy] Do not read response body for HEAD requests (#​11442 by kevinpollet)
• [metrics,tracing,accesslogs] Fix observability configuration on EntryPoints (#​11446 by rtribotte)
• [webui] Set content-type when serving webui index (#​11428 by kevinpollet)

Documentation:

• [acme] Fix deprecated dnsChallenge propagation logging and documentation (#​11433 by thomscode)
• [acme] Add missing trailing s to propagation.delayBeforeCheck option (#​11417 by jspiers)

Misc:

• Merge branch v2.11 into v3.3 (#​11419 by kevinpollet)

v3.3.1 (2025-01-07)

All Commits

Bug fixes:

• [websocket,server] Disable http2 connect setting for websocket by default (#​11408 by rtribotte)

v3.2.5 (2025-01-07)

All Commits

Bug fixes:

• [websocket,server] Disable http2 connect setting for websocket by default (#​11408 by rtribotte)

v2.11.18 (2025-01-07)

All Commits

Bug fixes:

• [websocket,server] Disable http2 connect setting for websocket by default (#​11412 by rtribotte)

v3.3.0 (2025-01-06)

All Commits

Enhancements:

• [acme] Add options to control ACME propagation checks (#​11241 by ldez)
• [api] Add support dump API endpoint (#​11328 by mmatur)
• [http] Set Host header in HTTP provider request (#​11237 by nikonhub)
• [k8s/crd,k8s] Make the IngressRoute kind optional (#​11177 by skirtan1)
• [k8s/ingress,sticky-session,k8s/crd,k8s] Support serving endpoints (#​11121 by BZValoche)
• [logs,accesslogs] OpenTelemetry Logs and Access Logs (#​11319 by rtribotte)
• [logs,accesslogs] Add experimental flag for OTLP logs integration (#​11335 by kevinpollet)
• [metrics,tracing,accesslogs] Manage observability at entrypoint and router level (#​11308 by rtribotte)
• [middleware,authentication] Add an option to preserve the ForwardAuth Server Location header (#​11318 by Nelwhix)
• [middleware,authentication] Only calculate basic auth hashes once for concurrent requests (#​11143 by michelheusschen)
• [middleware,authentication] Send request body to authorization server for forward auth (#​11097 by kyo-ke)
• [plugins] Add AbortOnPluginFailure option to abort startup on plugin load failure (#​11228 by bmagic)
• [sticky-session] Configurable path for sticky cookies (#​11166 by IIpragmaII)
• [webui,api] Configurable API & Dashboard base path (#​11250 by rtribotte)

Bug fixes:

• [k8s/ingress,k8s/crd] Fix fenced server status computation (#​11361 by kevinpollet)

Documentation:

• Prepare release v3.3.0-rc2 (#​11362 by rtribotte)
• Prepare Release v3.3.0-rc1 (#​11349 by rtribotte)

Misc:

• Merge branch v3.2 into v3.3 (#​11402 by kevinpollet)
• Merge branch v3.2 into v3.3 (#​11393 by mmatur)
• Merge branch v3.2 into v3.3 (#​11389 by mmatur)
• Merge branch v3.2 into v3.3 (#​11367 by kevinpollet)
• Merge branch v3.2 into master (#​11340 by kevinpollet)
• Merge branch v3.2 into master (#​11293 by kevinpollet)
• Merge branch v3.2 into master (#​11239 by kevinpollet)
• Merge branch v3.2 into master (#​11187 by kevinpollet)

v3.2.4 (2025-01-06)

All Commits

Bug fixes:

• [k8s/gatewayapi] Support empty value for core Kubernetes API group (#​11386 by rtribotte)
• [tcp,k8s/crd] Pass TLS bool from IngressRouteTCP to TCPService (#​11343 by lipmem)
• [tls] Upgrade github.com/spiffe/go-spiffe/v2 to v2.4.0 (#​11385 by mmatur)
• Remove duplicate github.com/coreos/go-systemd dependency (#​11354 by Juneezee)

Documentation:

• [k8s/gatewayapi] Update Gateway API version support to v1.2.1 (#​11357 by kevinpollet)
• Add @​jnoordsij to maintainers (#​11352 by emilevauge)

Misc:

• Merge branch v2.11 into v3.2 (#​11400 by kevinpollet)
• Merge branch v2.11 into v3.2 (#​11392 by rtribotte)
• Merge branch v2.11 into v3.2 (#​11388 by mmatur)
• Merge branch v2.11 into v3.2 (#​11366 by kevinpollet)

v2.11.17 (2025-01-06)

All Commits

Bug fixes:

• [acme] Update go-acme/lego to v4.21.0 (#​11368 by ldez)
• [middleware] Fix typo in basicauth note (#​11397 by tieje)
• [service] Configure ErrorLog in httputil.ReverseProxy (#​11344 by peacewalker122)
• Bump golang.org/x/net to v0.33.0 (#​11365 by kevinpollet)

Documentation:

• [acme] Fix allowACMEByPass TOML example (#​11370 by hannesbraun)
• [k8s/crd] Update copyright for 2025 (#​11383 by kevinpollet)

v3.3.0-rc2 (2024-12-20)

All Commits

Bug fixes:

• [k8s/ingress,k8s/crd] Fix fenced server status computation (#​11361 by kevinpollet)

v3.3.0-rc1 (2024-12-16)

All Commits

Enhancements:

• [acme] Add options to control ACME propagation checks (#​11241 by ldez)
• [api] Add support dump API endpoint (#​11328 by mmatur)
• [http] Set Host header in HTTP provider request (#​11237 by nikonhub)
• [k8s/crd,k8s] Make the IngressRoute kind optional (#​11177 by skirtan1)
• [logs,accesslogs] OpenTelemetry Logs and Access Logs (#​11319 by rtribotte)
• [logs,accesslogs] Add experimental flag for OTLP logs integration (#​11335 by kevinpollet)
• [metrics,tracing,accesslogs] Manage observability at entrypoint and router level (#​11308 by rtribotte)
• [middleware,authentication] Add an option to preserve the ForwardAuth Server Location header (#​11318 by Nelwhix)
• [middleware,authentication] Only calculate basic auth hashes once for concurrent requests (#​11143 by michelheusschen)
• [middleware,authentication] Send request body to authorization server for forward auth (#​11097 by kyo-ke)
• [plugins] Add AbortOnPluginFailure option to abort startup on plugin load failure (#​11228 by bmagic)
• [sticky-session] Configurable path for sticky cookies (#​11166 by IIpragmaII)
• [sticky-session,k8s/ingress,k8s/crd,k8s] Support serving endpoints (#​11121 by BZValoche)
• [webui,api] Configurable API & Dashboard base path (#​11250 by rtribotte)

Misc:

• Merge branch v3.2 into master (#​11340 by kevinpollet)
• Merge branch v3.2 into master (#​11293 by kevinpollet)
• Merge branch v3.2 into master (#​11239 by kevinpollet)
• Merge branch v3.2 into master (#​11187 by kevinpollet)

v3.2.3 (2024-12-16)

All Commits

Documentation:

• Update reference install documentation with current chart default (#​11332 by mloiseleur)

Misc:

• Merge branch v2.11 into v3.2 (#​11346 by kevinpollet)
• Merge branch v2.11 into v3.2 (#​11337 by kevinpollet)

v2.11.16 (2024-12-16)

All Commits

Bug fixes:

• [server] Update golang.org/x dependencies (#​11336 by rtribotte)

v3.2.2 (2024-12-10)

All Commits

Bug fixes:

• [docker,docker/swarm] Rename traefik.docker.* labels for Docker Swarm to traefik.swarm.* (#​11247 by anchal00)
• [k8s/gatewayapi] Update sigs.k8s.io/gateway-api to v1.2.1 (#​11314 by kevinpollet)
• [plugins] Fix WASM settings (#​11321 by juliens)
• [rules] Fix models mechanism for default rule syntax (#​11300 by rtribotte)

Documentation:

• Move callout to the entrypoint page footer (#​11305 by kevinpollet)
• Fix incorrect links in v3 migration sections (#​11297 by kevinpollet)
• New Install Reference Documentation (#​11213 by sheddy-traefik)

v2.11.15 (2024-12-06)

All Commits

Bug fixes:

• [acme] Update go-acme/lego to v4.20.4 (#​11295 by ldez)
• [http3] Update github.com/quic-go/quic-go to v0.48.2 (#​11320 by kevinpollet)

v3.2.1 (2024-11-20)

All Commits

Bug fixes:

• [k8s/ingress,k8s] Fix HostRegexp config for rule syntax v2 (#​11288 by kevinpollet)
• [logs] Change level of peeking first byte error log to DEBUG for Postgres (#​11270 by rtribotte)
• [service,fastproxy] Fix case problem for websocket upgrade (#​11246 by juliens)

Documentation:

• [acme,tls] Document how to use Certificates of cert-manager (#​11053 by mloiseleur)
• [docker/swarm] Add tips about the use of docker in dynamic configuration for swarm provider (#​11207 by webash)
• [middleware] Add Compress middleware to migration guide (#​11229 by logica0419)

Misc:

• Merge branch v2.11 into v3.2 (#​11290 by kevinpollet)
• Merge branch v2.11 into v3.2 (#​11287 by rtribotte)
• Merge branch v2.11 into v3.2 (#​11285 by juliens)
• Merge branch v2.11 into v3.2 (#​11268 by kevinpollet)

v2.11.14 (2024-11-20)

All Commits

Bug fixes:

• [acme] Update go-acme/lego to v4.20.2 (#​11263 by ldez)
• [logs,server] Change level of peeking first byte error log to DEBUG (#​11254 by rtribotte)
• [middleware,server] Drop untrusted X-Forwarded-Prefix header (#​11253 by rtribotte)
• [server] Apply keepalive config to h2c entrypoints (#​11276 by davefu113)
• [service] Fix internal handlers ServiceBuilder composition (#​11281 by juliens)

Documentation:

• [accesslogs] Update access-logs.md, add examples for accesslog.format (#​11275 by bluepuma77)
• Fix the defaultRule CLI examples (#​11282 by kevinpollet)
• Fix spelling, grammar, and rephrase sections for clarity in some documentation pages (#​11280 by AntoineDeveloper)
• Fix absolute link in the migration guide (#​11269 by kevinpollet)
• Add X-Forwarded-Prefix to the migration guide (#​11267 by kevinpollet)
• Fix a small typo in entrypoints documentation (#​11261 by quiode)
• Add a warning about environment variables casing for static configuration (#​11226 by anchal00)
• Improve documentation on dashboard (#​11220 by mloiseleur)

v3.2.0 (2024-10-28)

All Commits

Enhancements:

• [acme] Remove same email requirement for certresolvers (#​11019 by Emrio)
• [acme] Add support for custom CA certificates by certificate resolver (#​10816 by ldez)
• [acme] Add 30 day certificatesDuration step (#​10970 by luker983)
• [docker] Support HTTP BasicAuth for docker and swarm endpoint (#​10776 by 985492783)
• [k8s,k8s/gatewayapi] Add supported features to the Gateway API GatewayClass status (#​11056 by rtribotte)
• [k8s,k8s/gatewayapi] Update sigs.k8s.io/gateway-api to v1.2.0-rc1 (#​11124 by rtribotte)
• [k8s,k8s/gatewayapi] Add support for backend protocol selection in HTTP and GRPC routes (#​11051 by rtribotte)
• [k8s,k8s/gatewayapi] Improve Kubernetes GatewayAPI TCPRoute and TLSRoute support (#​11042 by rtribotte)
• [k8s,k8s/gatewayapi] Support HTTPRoute destination port matching (#​11134 by kevinpollet)
• [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0-rc2 (#​11131 by kevinpollet)
• [k8s,k8s/gatewayapi] Add support for Gateway API BackendTLSPolicies (#​11009 by rtribotte)
• [k8s,k8s/gatewayapi] Support NativeLB option in GatewayAPI provider (#​11147 by rtribotte)
• [k8s,k8s/gatewayapi] Support ResponseHeaderModifier filter (#​10987 by kevinpollet)
• [k8s,k8s/gatewayapi] Support GRPC routes (#​10975 by kevinpollet)
• [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0 (#​11167 by rtribotte)
• [metrics,otel] Allow setting service.name for OTLP metrics (#​10917 by cmartell-at-ocp)
• [middleware,accesslogs] Record trace id and EntryPoint span id into access log (#​10921 by weijiany)
• [middleware,authentication] Support LogUserHeader with forwardAuth middleware (#​10833 by GaleHuang)
• [middleware] Add encodings option to the compression middleware (#​10943 by wollomatic)
• [middleware] Add support for ipv6 subnet in ipStrategy (#​9747 by michal-kralik)
• [nomad] Support for watching instead of polling Nomad (#​10997 by deverton-godaddy)
• [server,performance] Introduce a fast proxy mode to improve HTTP/1.1 performances with backends (#​11122 by kevinpollet)
• [server] Configurable max request header size (#​10995 by lucasrod16)
• [service] Add mirrorBody option to HTTP mirroring (#​11032 by MatteoPaier)
• [service] Add an option to preserve server path (#​11193 by mmatur)

Bug fixes:

• [k8s,k8s/gatewayapi] Ensuring Gateway API reflected Traefik resource name unicity (#​11222 by rtribotte)
• [k8s,k8s/gatewayapi] Preserve GRPCRoute filters order (#​11199 by kevinpollet)
• [k8s,k8s/gatewayapi] Support http and https appProtocol for Kubernetes Service (#​11176 by WillDaSilva)
• [k8s,k8s/gatewayapi] Avoid updating Accepted status for routes matching no Gateways (#​11170 by rtribotte)
• [k8s,k8s/gatewayapi] Do not update gateway status when not selected by a gateway class (#​11169 by kevinpollet)
• [service] Detect and drop broken conns in the fastproxy pool (#​11212 by kevinpollet)

Documentation:

• [k8s,k8s/gatewayapi] Document nativeLBByDefault annotation on Kubernetes Gateway provider (#​11209 by mloiseleur)
• [k8s/crd,k8s] Detail CRD update with v3.2 in the migration guide (#​11164 by mloiseleur)
• [k8s/gatewayapi] Add missing RBAC in the migration guide (#​11189 by mloiseleur)
• [k8s] Fix instructions for downloading CRDs of Gateway API v1.2 (#​11191 by mloiseleur)
• Prepare release v3.2.0-rc2 (#​11182 by kevinpollet)
• Prepare Release v3.2.0-rc1 (#​11154 by rtribotte)

Misc:

• Merge branch v3.1 into v3.2 (#​11219 by kevinpollet)
• Merge branch v3.1 into v3.2 (#​11181 by kevinpollet)
• Merge branch v3.1 into master (#​11153 by kevinpollet)
• Merge branch v3.1 into master (#​11110 by kevinpollet)
• Merge branch v3.1 into master (#​11066 by mmatur)
• Merge branch v3.1 into master (#​11047 by mmatur)
• Merge branch v3.1 into master (#​10980 by kevinpollet)
• Merge branch v3.1 into master (#​10952 by mmatur)
• Merge branch v3.1 into master (#​10906 by rtribotte)

v3.1.7 (2024-10-28)

All Commits

Bug fixes:

• [k8s,k8s/gatewayapi] Preserve HTTPRoute filters order (#​11198 by kevinpollet)

Documentation:

• [k8s,k8s/gatewayapi] Fix broken links in Kubernetes Gateway provider page (#​11188 by mloiseleur)

Misc:

• Merge branch v2.11 into v3.1 (#​11232 by kevinpollet)
• Merge branch v2.11 into v3.1 (#​11218 by kevinpollet)

v2.11.13 (2024-10-28)

All Commits

Bug fixes:

• [middleware,service] Panic on aborted requests to properly close the connection (#​11129 by tonybart1337)

Documentation:

• Update business callouts (#​11217 by tomatokoolaid)

v3.2.0-rc2 (2024-10-09)

All Commits

Enhancements:

• [k8s,k8s/gatewayapi] Bump sigs.k8s.io/gateway-api to v1.2.0 (#​11167 by rtribotte)

Bug fixes:

• [k8s,k8s/gatewayapi] Support http and https appProtocol for Kubernetes Service (#​11176 by WillDaSilva)
• [k8s,k8s/gatewayapi] Avoid updating Accepted status for routes matching no Gateways (#​11170 by rtribotte)
• [k8s,k8s/gatewayapi] Do not update gateway status when not selected by a gateway class (#​11169 by kevinpollet)

Documentation:

• Detail CRD update with v3.2 in the migration guide (#​11164 by mloiseleur)

Misc:

• Merge branch v3.1 into v3.2 (#​11181 by kevinpollet)

v3.1.6 (2024-10-09)

All Commits

Bug fixes:

• [middleware] Reuse compress

✂ Note

PR body was truncated to here.

---

Configuration

📅 Schedule: (UTC)

• Branch creation
  • Between 12:00 AM and 03:59 AM (* 0-3 * * *)
• Automerge
  • At any time (no schedule defined)

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

👻 Immortal: This PR will be recreated if closed unmerged. Get config help if that's undesired.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Mend Renovate.