chore: Configure Renovate

[renovate]

Welcome to Renovate! This is an onboarding PR to help you understand and configure settings before regular Pull Requests begin.

🚦 To activate Renovate, merge this Pull Request. To disable Renovate, simply close this Pull Request unmerged.

---

Detected Package Files

• rust/Cargo.toml (cargo)
• contrib/vertobot/cpanfile (cpanfile)
• contrib/docker/docker-compose.yml (docker-compose)
• contrib/docker_compose_workers/docker-compose.yaml (docker-compose)
• otlp-test/docker-compose.yaml (docker-compose)
• docker/Dockerfile (dockerfile)
• docker/Dockerfile-dhvirtualenv (dockerfile)
• docker/Dockerfile-famedly (dockerfile)
• docker/Dockerfile-workers (dockerfile)
• docker/complement/Dockerfile (dockerfile)
• docker/editable.Dockerfile (dockerfile)
• .github/workflows/docker-famedly.yml (github-actions)
• .github/workflows/docker-pr-dev.yml (github-actions)
• .github/workflows/docker.yml (github-actions)
• .github/workflows/docs-pr.yaml (github-actions)
• .github/workflows/docs.yaml (github-actions)
• .github/workflows/famedly-tests.yml (github-actions)
• .github/workflows/fix_lint.yaml (github-actions)
• .github/workflows/latest_deps.yml (github-actions)
• .github/workflows/poetry_lockfile.yaml (github-actions)
• .github/workflows/push_complement_image.yml (github-actions)
• .github/workflows/release-artifacts.yml (github-actions)
• .github/workflows/schema.yaml (github-actions)
• .github/workflows/tests.yml (github-actions)
• .github/workflows/triage-incoming.yml (github-actions)
• .github/workflows/triage_labelled.yml (github-actions)
• .github/workflows/twisted_trunk.yml (github-actions)
• .gitlab-ci.yml (gitlabci)
• complement/go.mod (gomod)
• pyproject.toml (poetry)

Configuration Summary

Based on the default config's presets, Renovate will:

• Start dependency updates only once this onboarding PR is merged
• Hopefully safe environment variables to allow users to configure.
• Show all Merge Confidence badges for pull requests.
• Enable Renovate Dependency Dashboard creation.
• Use semantic commit type fix for dependencies and chore for all others if semantic commits are in use.
• Ignore node_modules, bower_components, vendor and various test/tests (except for nuget) directories.
• Group known monorepo packages together.
• Use curated list of recommended non-monorepo package groupings.
• Show only the Age and Confidence Merge Confidence badges for pull requests.
• Apply crowd-sourced package replacement rules.
• Apply crowd-sourced workarounds for known problems with packages.
• Ensure that every dependency pinned by digest and sourced from GitHub.com contains a link to the commit-to-commit diff
• Correctly link to the source code for golang.org/x packages
• Link to pkg.go.dev/... for golang.org/x packages' title

🔡 Do you want to change how Renovate upgrades your dependencies? Add your custom config to renovate.json in this branch. Renovate will update the Pull Request description the next time it runs.

---

What to Expect

With your current configuration, Renovate will create 56 Pull Requests:

chore(deps): update dependency pyasn1 to v0.6.3 [security]

• Branch name: renovate/pypi-pyasn1-vulnerability
• Merge into: master
• Upgrade pyasn1 to 0.6.3

chore(deps): update dependency tornado to v6.5.5 [security]

• Branch name: renovate/pypi-tornado-vulnerability
• Merge into: master
• Upgrade tornado to 6.5.5

chore(deps): update dependency pyopenssl to v26 [security]

• Branch name: renovate/pypi-pyopenssl-vulnerability
• Merge into: master
• Upgrade pyOpenSSL to 26.0.0

chore(deps): update dtolnay/rust-toolchain digest to efa25f7

• Schedule: ["at any time"]
• Branch name: renovate/dtolnay-rust-toolchain-digest
• Merge into: master
• Upgrade dtolnay/rust-toolchain to efa25f7f19611383d5b0ccf2d1c8914531636bf9

fix(deps): update github.com/matrix-org/complement digest to 12210e3

• Schedule: ["at any time"]
• Branch name: renovate/github.com-matrix-org-complement-digest
• Merge into: master
• Upgrade github.com/matrix-org/complement to 12210e3e418b

fix(deps): update github.com/matrix-org/gomatrixserverlib digest to 20c9de3

• Schedule: ["at any time"]
• Branch name: renovate/github.com-matrix-org-gomatrixserverlib-digest
• Merge into: master
• Upgrade github.com/matrix-org/gomatrixserverlib to 20c9de33969e

chore(deps): update dependency hiredis to v3.3.1

• Schedule: ["at any time"]
• Branch name: renovate/hiredis-3.x-lockfile
• Merge into: master
• Upgrade hiredis to 3.3.1

chore(deps): update dependency phonenumbers to v9.0.26

• Schedule: ["at any time"]
• Branch name: renovate/phonenumbers-9.x-lockfile
• Merge into: master
• Upgrade phonenumbers to 9.0.26

chore(deps): update dependency pysaml2 to v7.5.4

• Schedule: ["at any time"]
• Branch name: renovate/pysaml2-7.x-lockfile
• Merge into: master
• Upgrade pysaml2 to 7.5.4

chore(deps): update dorny/paths-filter action to v3.0.3

• Schedule: ["at any time"]
• Branch name: renovate/dorny-paths-filter-3.x
• Merge into: master
• Upgrade dorny/paths-filter to d1c1ffe0248fe513906c8e24db8ea791d46f8590

chore(deps): update rust crate anyhow to v1.0.102

• Schedule: ["at any time"]
• Branch name: renovate/anyhow-1.x-lockfile
• Merge into: master
• Upgrade anyhow to 1.0.102

chore(deps): update rust crate once_cell to v1.21.4

• Schedule: ["at any time"]
• Branch name: renovate/once_cell-1.x-lockfile
• Merge into: master
• Upgrade once_cell to 1.21.4

chore(deps): update rust crate pyo3-log to v0.13.3

• Schedule: ["at any time"]
• Branch name: renovate/pyo3-log-0.x-lockfile
• Merge into: master
• Upgrade pyo3-log to 0.13.3

chore(deps): update tailscale/github-action action to v4.1.2

• Schedule: ["at any time"]
• Branch name: renovate/tailscale-github-action-4.x
• Merge into: master
• Upgrade tailscale/github-action to 306e68a486fd2350f2bfc3b19fcd143891a4a2d8

chore(deps): update actions/setup-python action to v6.2.0

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-python-6.x
• Merge into: master
• Upgrade actions/setup-python to a309ff8b426b58ec0e2a45f0f869d46889d02405

chore(deps): update dependency future to v0.52

• Schedule: ["at any time"]
• Branch name: renovate/future-0.x
• Merge into: master
• Upgrade Future to 0.52

chore(deps): update dependency go to v1.26.1

• Schedule: ["at any time"]
• Branch name: renovate/go-1.x
• Merge into: master
• Upgrade go to 1.26.1

chore(deps): update dependency io::async to v0.805

• Schedule: ["at any time"]
• Branch name: renovate/io-async-0.x
• Merge into: master
• Upgrade IO::Async to 0.805

chore(deps): update dependency io::async::ssl to v0.25

• Schedule: ["at any time"]
• Branch name: renovate/io-async-ssl-0.x
• Merge into: master
• Upgrade IO::Async::SSL to 0.25

chore(deps): update dependency net::async::matrix to v0.19

• Schedule: ["at any time"]
• Branch name: renovate/net-async-matrix-0.x
• Merge into: master
• Upgrade Net::Async::Matrix to 0.19

chore(deps): update dependency net::async::websocket::protocol to v0.14

• Schedule: ["at any time"]
• Branch name: renovate/net-async-websocket-protocol-0.x
• Merge into: master
• Upgrade Net::Async::WebSocket::Protocol to 0.14

chore(deps): update dependency parent to v0.244

• Schedule: ["at any time"]
• Branch name: renovate/parent-0.x
• Merge into: master
• Upgrade parent to 0.244

chore(deps): update dependency pympler to v1.1

• Schedule: ["at any time"]
• Branch name: renovate/pympler-1.x-lockfile
• Merge into: master
• Upgrade pympler to 1.1

chore(deps): update dependency python to 3.14

• Schedule: ["at any time"]
• Branch name: renovate/python-3.x
• Merge into: master
• Upgrade python to 3.14

chore(deps): update dependency ruff to v0.15.6

• Schedule: ["at any time"]
• Branch name: renovate/ruff-0.x
• Merge into: master
• Upgrade ruff to 0.15.6

chore(deps): update dependency sentry-sdk to v2.55.0

• Schedule: ["at any time"]
• Branch name: renovate/sentry-sdk-2.x-lockfile
• Merge into: master
• Upgrade sentry-sdk to 2.55.0

chore(deps): update docker.io/library/python docker tag to v3.14

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-library-python-3.x
• Merge into: master
• Upgrade docker.io/library/python to 3.14-slim-trixie

chore(deps): update docker.io/python docker tag to v3.14

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-python-3.x
• Merge into: master
• Upgrade docker.io/python to 3.14-slim

chore(deps): update docker/build-push-action action to v6.19.2

• Schedule: ["at any time"]
• Branch name: renovate/docker-build-push-action-6.x
• Merge into: master
• Upgrade docker/build-push-action to 10e90e3645eae34f1e60eeb005ba3a3d33f178e8

chore(deps): update otel/opentelemetry-collector docker tag to v0.147.0

• Schedule: ["at any time"]
• Branch name: renovate/otel-opentelemetry-collector-0.x
• Merge into: master
• Upgrade otel/opentelemetry-collector to 0.147.0

chore(deps): update rust crate icu_segmenter to v2.1.2

• Schedule: ["at any time"]
• Branch name: renovate/icu_segmenter-2.x-lockfile
• Merge into: master
• Upgrade icu_segmenter to 2.1.2

chore(deps): update rust crate tokio to v1.50.0

• Schedule: ["at any time"]
• Branch name: renovate/tokio-1.x-lockfile
• Merge into: master
• Upgrade tokio to 1.50.0

chore(deps): update sigstore/cosign-installer action to v4.1.0

• Schedule: ["at any time"]
• Branch name: renovate/sigstore-cosign-installer-4.x
• Merge into: master
• Upgrade sigstore/cosign-installer to ba7bc0a3fef59531c69a25acd34668d6d3fe6f22

chore(deps): update swatinem/rust-cache action to v2.9.1

• Schedule: ["at any time"]
• Branch name: renovate/swatinem-rust-cache-2.x
• Merge into: master
• Upgrade Swatinem/rust-cache to c19371144df3bb44fab255c43d04cbc2ab54d1c4

fix(deps): update rust crate pyo3 to 0.28.0

• Schedule: ["at any time"]
• Branch name: renovate/pyo3-0.x
• Merge into: master
• Upgrade pyo3 to 0.28.0

fix(deps): update rust crate pythonize to 0.28.0

• Schedule: ["at any time"]
• Branch name: renovate/pythonize-0.x
• Merge into: master
• Upgrade pythonize to 0.28.0

fix(deps): update rust crate reqwest to 0.13.0

• Schedule: ["at any time"]
• Branch name: renovate/reqwest-0.x
• Merge into: master
• Upgrade reqwest to 0.13.0

chore(deps): update actions/cache action to v5

• Schedule: ["at any time"]
• Branch name: renovate/actions-cache-5.x
• Merge into: master
• Upgrade actions/cache to v5

chore(deps): update actions/checkout action to v6

• Schedule: ["at any time"]
• Branch name: renovate/actions-checkout-6.x
• Merge into: master
• Upgrade actions/checkout to v6

chore(deps): update actions/setup-go action

• Schedule: ["at any time"]
• Branch name: renovate/actions-setup-go-6.x
• Merge into: master
• Upgrade actions/setup-go to 4b73464bb391d4059bd26b0524d20df3927bd417
• Upgrade actions/setup-go to v6

chore(deps): update actions/upload-pages-artifact action to v4

• Schedule: ["at any time"]
• Branch name: renovate/actions-upload-pages-artifact-4.x
• Merge into: master
• Upgrade actions/upload-pages-artifact to v4

chore(deps): update dependency data::uuid to v1

• Schedule: ["at any time"]
• Branch name: renovate/data-uuid-1.x
• Merge into: master
• Upgrade Data::UUID to 1.227

chore(deps): update dependency getopt::long to v2

• Schedule: ["at any time"]
• Branch name: renovate/getopt-long-2.x
• Merge into: master
• Upgrade Getopt::Long to 2.58

chore(deps): update dependency io::socket::ssl to v2

• Schedule: ["at any time"]
• Branch name: renovate/io-socket-ssl-2.x
• Merge into: master
• Upgrade IO::Socket::SSL to 2.098

chore(deps): update dependency json to v4

• Schedule: ["at any time"]
• Branch name: renovate/json-4.x
• Merge into: master
• Upgrade JSON to 4.10

chore(deps): update dependency sqlglot to v30

• Schedule: ["at any time"]
• Branch name: renovate/sqlglot-30.x-lockfile
• Merge into: master
• Upgrade sqlglot to 30.0.1

chore(deps): update dependency ubuntu to v24

• Schedule: ["at any time"]
• Branch name: renovate/ubuntu-24.x
• Merge into: master
• Upgrade ubuntu to 24.04

chore(deps): update dependency yaml to v1

• Schedule: ["at any time"]
• Branch name: renovate/yaml-1.x
• Merge into: master
• Upgrade YAML to 1.31

chore(deps): update docker.io/library/postgres docker tag to v18

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-library-postgres-18.x
• Merge into: master
• Upgrade docker.io/library/postgres to 18-trixie

chore(deps): update docker.io/postgres docker tag to v18

• Schedule: ["at any time"]
• Branch name: renovate/docker.io-postgres-18.x
• Merge into: master
• Upgrade docker.io/postgres to 18-alpine

chore(deps): update docker/build-push-action action to v7

• Schedule: ["at any time"]
• Branch name: renovate/docker-build-push-action-7.x
• Merge into: master
• Upgrade docker/build-push-action to d08e5c354a6adb9ed34480a06d141179aa583294
• Upgrade docker/build-push-action to v7

chore(deps): update docker/login-action action to v4

• Schedule: ["at any time"]
• Branch name: renovate/docker-login-action-4.x
• Merge into: master
• Upgrade docker/login-action to b45d80f862d83dbcd57f89517bcf500b2ab88fb2
• Upgrade docker/login-action to v4

chore(deps): update docker/metadata-action action to v6

• Schedule: ["at any time"]
• Branch name: renovate/docker-metadata-action-6.x
• Merge into: master
• Upgrade docker/metadata-action to 030e881283bb7a6894de51c315a6bfe6a94e05cf
• Upgrade docker/metadata-action to v6

chore(deps): update docker/setup-buildx-action action to v4

• Schedule: ["at any time"]
• Branch name: renovate/docker-setup-buildx-action-4.x
• Merge into: master
• Upgrade docker/setup-buildx-action to 4d04d5d9486b7bd6fa91e7baf45bbb4f8b9deedd
• Upgrade docker/setup-buildx-action to v4

chore(deps): update dorny/paths-filter action to v4

• Schedule: ["at any time"]
• Branch name: renovate/dorny-paths-filter-4.x
• Merge into: master
• Upgrade dorny/paths-filter to fbd0ab8f3e69293af611ebaee6363fc25e6d187d

chore(deps): update github artifact actions (major)

• Schedule: ["at any time"]
• Branch name: renovate/major-github-artifact-actions
• Merge into: master
• Upgrade actions/download-artifact to 3e5f45b2cfb9172054b4087a40e8e0b5a5461e7c
• Upgrade actions/upload-artifact to bbbca2ddaa5d8feaa63e36b76fdaad77386f024f
• Upgrade actions/upload-artifact to v7

🚸 PR creation will be limited to maximum 2 per hour, so it doesn't swamp any CI resources or overwhelm the project. See docs for prHourlyLimit for details.

---

❓ Got questions? Check out Renovate's Docs, particularly the Getting Started section.
If you need any further assistance then you can also request help here.

---

This PR was generated by Mend Renovate. View the repository job log.

[Copilot]

Pull request overview

This PR adds Renovate configuration to enable automated dependency updates for the Synapse project. The configuration uses the recommended preset and will create 49 pull requests to update various dependencies across multiple package managers including Python, Rust, Docker, and GitHub Actions.

Changes:

• Adds renovate.json with basic Renovate configuration using the config:recommended preset

---

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

[Copilot]

The repository already has Dependabot configured in .github/dependabot.yml for pip, docker, github-actions, and cargo ecosystems. Running both Renovate and Dependabot simultaneously can lead to duplicate dependency update PRs and conflicts. Consider either disabling Dependabot or configuring Renovate to ignore the ecosystems already managed by Dependabot. If you intend to migrate from Dependabot to Renovate, the .github/dependabot.yml file should be removed or disabled.

Suggested change

	"config:recommended"
	"config:recommended"
	],
	"packageRules": [
	{
	"matchManagers": [
	"pip_requirements",
	"pip_setup",
	"pipenv",
	"poetry",
	"pip-compile",
	"dockerfile",
	"github-actions",
	"cargo"
	],
	"enabled": false
	}