Bump gitpython from 3.1.43 to 3.1.44

Bumps [gitpython](https://github.com/gitpython-developers/GitPython) from 3.1.43 to 3.1.44.
- [Release notes](https://github.com/gitpython-developers/GitPython/releases)
- [Changelog](https://github.com/gitpython-developers/GitPython/blob/main/CHANGES)
- [Commits](https://github.com/gitpython-developers/GitPython/compare/3.1.43...3.1.44)

---
updated-dependencies:
- dependency-name: gitpython
  dependency-type: direct:development
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>

.gitignore

@@ -16,7 +16,6 @@ _trial_temp*/
 __pycache__/
 
 # We do want poetry, cargo and flake lockfiles.
-!uv.lock
 !poetry.lock
 !Cargo.lock
 !flake.lock
@@ -27,6 +26,7 @@ __pycache__/
 /*.log.*
 /*.log.config
 /*.pid
+/.python-version
 /*.signing.key
 /env/
 /.venv*/

.python-version

@@ -1 +0,0 @@
-3.13

changelog.d/18119.bugfix

@@ -0,0 +1 @@
+Fix a bug where the [Delete Room Admin API](https://element-hq.github.io/synapse/latest/admin_api/rooms.html#version-2-new-version) would fail if the `block` parameter was set to `true` and a worker other than the main process was configured to handle background tasks.

poetry.lock

@@ -472,20 +472,20 @@ smmap = ">=3.0.1,<6"
 
 [[package]]
 name = "gitpython"
-version = "3.1.43"
+version = "3.1.44"
 description = "GitPython is a Python library used to interact with Git repositories"
 optional = false
 python-versions = ">=3.7"
 files = [
-    {file = "GitPython-3.1.43-py3-none-any.whl", hash = "sha256:eec7ec56b92aad751f9912a73404bc02ba212a23adb2c7098ee668417051a1ff"},
-    {file = "GitPython-3.1.43.tar.gz", hash = "sha256:35f314a9f878467f5453cc1fee295c3e18e52f1b99f10f6cf5b1682e968a9e7c"},
+    {file = "GitPython-3.1.44-py3-none-any.whl", hash = "sha256:9e0e10cda9bed1ee64bc9a6de50e7e38a9c9943241cd7f585f6df3ed28011110"},
+    {file = "gitpython-3.1.44.tar.gz", hash = "sha256:c87e30b26253bf5418b01b0660f818967f3c503193838337fe5e573331249269"},
 ]
 
 [package.dependencies]
 gitdb = ">=4.0.1,<5"
 
 [package.extras]
-doc = ["sphinx (==4.3.2)", "sphinx-autodoc-typehints", "sphinx-rtd-theme", "sphinxcontrib-applehelp (>=1.0.2,<=1.0.4)", "sphinxcontrib-devhelp (==1.0.2)", "sphinxcontrib-htmlhelp (>=2.0.0,<=2.0.1)", "sphinxcontrib-qthelp (==1.0.3)", "sphinxcontrib-serializinghtml (==1.1.5)"]
+doc = ["sphinx (>=7.1.2,<7.2)", "sphinx-autodoc-typehints", "sphinx_rtd_theme"]
 test = ["coverage[toml]", "ddt (>=1.1.1,!=1.4.3)", "mock", "mypy", "pre-commit", "pytest (>=7.3.1)", "pytest-cov", "pytest-instafail", "pytest-mock", "pytest-sugar", "typing-extensions"]
 
 [[package]]

pyproject.toml

@@ -1,38 +1,38 @@
 [tool.towncrier]
-package = "synapse"
-filename = "CHANGES.md"
-directory = "changelog.d"
-issue_format = "[\\#{issue}](https://github.com/element-hq/synapse/issues/{issue})"
+    package = "synapse"
+    filename = "CHANGES.md"
+    directory = "changelog.d"
+    issue_format = "[\\#{issue}](https://github.com/element-hq/synapse/issues/{issue})"
 
-[[tool.towncrier.type]]
-directory = "feature"
-name = "Features"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "feature"
+        name = "Features"
+        showcontent = true
 
-[[tool.towncrier.type]]
-directory = "bugfix"
-name = "Bugfixes"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "bugfix"
+        name = "Bugfixes"
+        showcontent = true
 
-[[tool.towncrier.type]]
-directory = "docker"
-name = "Updates to the Docker image"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "docker"
+        name = "Updates to the Docker image"
+        showcontent = true
 
-[[tool.towncrier.type]]
-directory = "doc"
-name = "Improved Documentation"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "doc"
+        name = "Improved Documentation"
+        showcontent = true
 
-[[tool.towncrier.type]]
-directory = "removal"
-name = "Deprecations and Removals"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "removal"
+        name = "Deprecations and Removals"
+        showcontent = true
 
-[[tool.towncrier.type]]
-directory = "misc"
-name = "Internal Changes"
-showcontent = true
+    [[tool.towncrier.type]]
+        directory = "misc"
+        name = "Internal Changes"
+        showcontent = true
 
 [tool.ruff]
 line-length = 88
@@ -47,7 +47,11 @@ target-version = "py39"
 # flake8-bugbear compatible checks. Its error codes are described at
 # https://beta.ruff.rs/docs/rules/#flake8-bugbear-b
 #  B023: Functions defined inside a loop must not use variables redefined in the loop
-ignore = ["B023", "E501", "E731"]
+ignore = [
+    "B023",
+    "E501",
+    "E731",
+]
 select = [
     # pycodestyle
     "E",
@@ -74,15 +78,7 @@ select = [
 
 [tool.ruff.lint.isort]
 combine-as-imports = true
-section-order = [
-    "future",
-    "standard-library",
-    "third-party",
-    "twisted",
-    "first-party",
-    "testing",
-    "local-folder",
-]
+section-order = ["future", "standard-library", "third-party", "twisted", "first-party", "testing", "local-folder"]
 known-first-party = ["synapse"]
 
 [tool.ruff.lint.isort.sections]
@@ -99,152 +95,51 @@ line-ending = "auto"
 manifest-path = "rust/Cargo.toml"
 module-name = "synapse.synapse_rust"
 
-[project]
+[tool.poetry]
 name = "matrix-synapse"
 version = "1.123.0"
 description = "Homeserver for the Matrix decentralised comms protocol"
-authors = [
-    { name = "Matrix.org Team and Contributors", email = "packages@matrix.org" },
-]
+authors = ["Matrix.org Team and Contributors <packages@matrix.org>"]
 license = "AGPL-3.0-or-later"
 readme = "README.rst"
 repository = "https://github.com/element-hq/synapse"
-packages = [{ include = "synapse" }]
-requires-python = ">=3.9"
+packages = [
+    { include = "synapse" },
+]
 classifiers = [
     "Development Status :: 5 - Production/Stable",
     "Topic :: Communications :: Chat",
 ]
-
-dependencies = [
-    # we use the TYPE_CHECKER.redefine method added in jsonschema 3.0.0
-    "jsonschema>=3.0.0",
-    # We choose 2.0 as a lower bound: the most recent backwards incompatible release.
-    # It seems generally available, judging by https://pkgs.org/search/?q=immutabledict
-    "immutabledict>=2.0",
-    # We require 2.1.0 or higher for type hints. Previous guard was >= 1.1.0
-    "unpaddedbase64>=2.1.0",
-    # We require 2.0.0 for immutabledict support.
-    "canonicaljson>=2.0.0",
-    # we use the type definitions added in signedjson 1.1.
-    "signedjson>=1.1.0",
-    # validating SSL certs for IP addresses requires service_identity 18.1.
-    "service-identity>=18.1.0",
-    # Twisted 18.9 introduces some logger improvements that the structured
-    # logger utilises
-    "Twisted[tls]>=18.9.0",
-    "treq>=15.1",
-    # Twisted has required pyopenssl 16.0 since about Twisted 16.6.
-    "pyOpenSSL>=16.0.0",
-    "PyYAML>=5.3",
-    "pyasn1>=0.1.9",
-    "pyasn1-modules>=0.0.7",
-    "bcrypt>=3.1.7",
-    # 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863.
-    "Pillow>=10.0.1",
-    # We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2.
-    "sortedcontainers>=1.5.2",
-    "pymacaroons>=0.13.0",
-    "msgpack>=0.5.2",
-    "phonenumbers>=8.2.0",
-    # we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
-    "prometheus-client>=0.4.0",
-    # we use `order`, which arrived in attrs 19.2.0.
-    # Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936
-    "attrs>=19.2.0,!=21.1.0",
-    "netaddr>=0.7.18",
-    # Jinja 2.x is incompatible with MarkupSafe>=2.1. To ensure that admins do not
-    # end up with a broken installation, with recent MarkupSafe but old Jinja, we
-    # add a lower bound to the Jinja2 dependency.
-    "Jinja2>=3.0",
-    "bleach>=1.4.3",
-    # We use `assert_never`, which were added in `typing-extensions` 4.1.
-    "typing-extensions>=4.1",
-    # We enforce that we have a `cryptography` version that bundles an `openssl`
-    # with the latest security patches.
-    "cryptography>=3.4.7",
-    # ijson 3.1.4 fixes a bug with "." in property names
-    "ijson>=3.1.4",
-    "matrix-common>=1.3.0",
-    # We need packaging.verison.Version(...).major added in 20.0.
-    "packaging>=20.0",
-    # We support pydantic v1 and pydantic v2 via the pydantic.v1 compat module.
-    # See https://github.com/matrix-org/synapse/issues/15858
-    "pydantic>=1.7.4,<3",
-    # This is for building the rust components during "poetry install", which
-    # currently ignores the `build-system.requires` directive (c.f.
-    # https://github.com/python-poetry/poetry/issues/6154). Both `pip install` and
-    # `poetry build` do the right thing without this explicit dependency.
-    #
-    # This isn't really a dev-dependency, as `poetry install --no-dev` will fail,
-    # but the alternative is to add it to the main list of deps where it isn't
-    # needed.
-    "setuptools_rust>=1.3",
-    # This is used for parsing multipart responses
-    "python-multipart>=0.0.9",
+include = [
+    { path = "AUTHORS.rst", format = "sdist" },
+    { path = "book.toml", format = "sdist" },
+    { path = "changelog.d", format = "sdist" },
+    { path = "CHANGES.md", format = "sdist" },
+    { path = "CONTRIBUTING.md", format = "sdist" },
+    { path = "demo", format = "sdist" },
+    { path = "docs", format = "sdist" },
+    { path = "INSTALL.md", format = "sdist" },
+    { path = "mypy.ini", format = "sdist" },
+    { path = "scripts-dev", format = "sdist" },
+    { path = "synmark", format="sdist" },
+    { path = "sytest-blacklist", format = "sdist" },
+    { path = "tests", format = "sdist" },
+    { path = "UPGRADE.rst", format = "sdist" },
+    { path = "Cargo.toml", format = "sdist" },
+    { path = "Cargo.lock", format = "sdist" },
+    { path = "rust/Cargo.toml", format = "sdist" },
+    { path = "rust/build.rs", format = "sdist" },
+    { path = "rust/src/**", format = "sdist" },
+]
+exclude = [
+    { path = "synapse/*.so", format = "sdist"}
 ]
 
-[project.optional-dependencies]
-matrix-synapse-ldap3 = ["matrix-synapse-ldap3>=0.1"]
-postgres = [
-    "psycopg2>=2.8; platform_python_implementation != 'PyPy'",
-    "psycopg2cffi>=2.8; platform_python_implementation == 'PyPy'",
-    "psycopg2cffi-compat>=1.1; platform_python_implementation == 'PyPy'",
-]
-saml2 = ["pysaml2>=4.5.0"]
-oidc = ["authlib>=0.15.1"]
-#systemd = ["systemd-python>=231; platform_system == 'Linux'"]
-url-preview = ["lxml>=4.5.2"]
-sentry = ["sentry-sdk>=0.7.2"]
-opentracing = ["jaeger-client>=4.0.0", "opentracing>=2.2.0"]
-jwt = ["authlib>=0.15.1"]
-# hiredis is not a *strict* dependency, but it makes things much faster.
-# (if it is not installed, we fall back to slow code.)
-redis = ["txredisapi>=1.4.7", "hiredis>=0.1.0"]
-# Required to use experimental `caches.track_memory
-cache-memory = ["pympler>=0.9.2"]
-test = ["parameterized>=0.7.4", "idna>=2.5"]
-user-search = ["pyicu>=2.10.2"]
+[tool.poetry.build]
+script = "build_rust.py"
+generate-setup-file = true
 
-# The duplication here is awful. I hate hate hate hate hate it. However, for now I want
-# to ensure you can still `pip install matrix-synapse[all]` like today. Two motivations:
-# 1) for new installations, I want instructions in existing documentation and tutorials
-#    out there to still work.
-# 2) I don't want to hard-code a list of extras into CI if I can help it. The ideal
-#    solution here would be something like https://github.com/python-poetry/poetry/issues/3413
-# Poetry 1.2's dependency groups might make this easier. But I'm not trying that out
-# until there's a stable release of 1.2.
-#
-# NB: the strings in this list must be *package* names, not extra names.
-# Some of our extra names _are_ package names, which can lead to great confusion.
-all = [
-    # matrix-synapse-ldap3
-    "matrix-synapse-ldap3>=0.1",
-    # postgres
-    "psycopg2>=2.8; platform_python_implementation != 'PyPy'",
-    "psycopg2cffi>=2.8; platform_python_implementation == 'PyPy'",
-    "psycopg2cffi-compat>=1.1; platform_python_implementation == 'PyPy'",
-    # saml2
-    "pysaml2>=4.5.0",
-    # oidc and jwt
-    "authlib>=0.15.1",
-    # url-preview
-    "lxml>=4.5.2",
-    # sentry
-    "sentry-sdk>=0.7.2",
-    # opentracing
-    "jaeger-client>=4.0.0",
-    "opentracing>=2.2.0",
-    # redis
-    "txredisapi>=1.4.7",
-    "hiredis>=0.1.0",
-    # cache-memory
-    "pympler>=0.9.2",
-    # improved user search
-    "pyicu>=2.10.2",
-]
-
-[project.scripts]
+[tool.poetry.scripts]
 synapse_homeserver = "synapse.app.homeserver:main"
 synapse_worker = "synapse.app.generic_worker:main"
 synctl = "synapse._scripts.synctl:main"
@@ -259,72 +154,224 @@ synapse_port_db = "synapse._scripts.synapse_port_db:main"
 synapse_review_recent_signups = "synapse._scripts.review_recent_signups:main"
 update_synapse_database = "synapse._scripts.update_synapse_database:main"
 
-[dependency-groups]
-dev = [
-    "ruff==0.7.3",
-    "mypy",
-    "mypy-zope",
-    "types-bleach>=4.1.0",
-    "types-commonmark>=0.9.2",
-    "types-jsonschema>=3.2.0",
-    "types-netaddr>=0.8.0.6",
-    "types-opentracing>=2.4.2",
-    "types-Pillow>=8.3.4",
-    "types-psycopg2>=2.9.9",
-    "types-pyOpenSSL>=20.0.7",
-    "types-PyYAML>=5.4.10",
-    "types-requests>=2.26.0",
-    "types-setuptools>=57.4.0",
-    "parameterized>=0.7.4",
-    "idna>=2.5",
-    "pyicu>=2.10.2",
+[tool.poetry.dependencies]
+python = "^3.9.0"
+
+# Mandatory Dependencies
+# ----------------------
+# we use the TYPE_CHECKER.redefine method added in jsonschema 3.0.0
+jsonschema = ">=3.0.0"
+# We choose 2.0 as a lower bound: the most recent backwards incompatible release.
+# It seems generally available, judging by https://pkgs.org/search/?q=immutabledict
+immutabledict = ">=2.0"
+# We require 2.1.0 or higher for type hints. Previous guard was >= 1.1.0
+unpaddedbase64 = ">=2.1.0"
+# We require 2.0.0 for immutabledict support.
+canonicaljson = "^2.0.0"
+# we use the type definitions added in signedjson 1.1.
+signedjson = "^1.1.0"
+# validating SSL certs for IP addresses requires service_identity 18.1.
+service-identity = ">=18.1.0"
+# Twisted 18.9 introduces some logger improvements that the structured
+# logger utilises
+Twisted = {extras = ["tls"], version = ">=18.9.0"}
+treq = ">=15.1"
+# Twisted has required pyopenssl 16.0 since about Twisted 16.6.
+pyOpenSSL = ">=16.0.0"
+PyYAML = ">=5.3"
+pyasn1 = ">=0.1.9"
+pyasn1-modules = ">=0.0.7"
+bcrypt = ">=3.1.7"
+# 10.0.1 minimum is mandatory here because of libwebp CVE-2023-4863.
+# Packagers that already took care of libwebp can lower that down to 5.4.0.
+Pillow = ">=10.0.1"
+# We use SortedDict.peekitem(), which was added in sortedcontainers 1.5.2.
+sortedcontainers = ">=1.5.2"
+pymacaroons = ">=0.13.0"
+msgpack = ">=0.5.2"
+phonenumbers = ">=8.2.0"
+# we use GaugeHistogramMetric, which was added in prom-client 0.4.0.
+prometheus-client = ">=0.4.0"
+# we use `order`, which arrived in attrs 19.2.0.
+# Note: 21.1.0 broke `/sync`, see https://github.com/matrix-org/synapse/issues/9936
+attrs = ">=19.2.0,!=21.1.0"
+netaddr = ">=0.7.18"
+# Jinja 2.x is incompatible with MarkupSafe>=2.1. To ensure that admins do not
+# end up with a broken installation, with recent MarkupSafe but old Jinja, we
+# add a lower bound to the Jinja2 dependency.
+Jinja2 = ">=3.0"
+bleach = ">=1.4.3"
+# We use `assert_never`, which were added in `typing-extensions` 4.1.
+typing-extensions = ">=4.1"
+# We enforce that we have a `cryptography` version that bundles an `openssl`
+# with the latest security patches.
+cryptography = ">=3.4.7"
+# ijson 3.1.4 fixes a bug with "." in property names
+ijson = ">=3.1.4"
+matrix-common = "^1.3.0"
+# We need packaging.verison.Version(...).major added in 20.0.
+packaging = ">=20.0"
+# We support pydantic v1 and pydantic v2 via the pydantic.v1 compat module.
+# See https://github.com/matrix-org/synapse/issues/15858
+pydantic = ">=1.7.4, <3"
+
+# This is for building the rust components during "poetry install", which
+# currently ignores the `build-system.requires` directive (c.f.
+# https://github.com/python-poetry/poetry/issues/6154). Both `pip install` and
+# `poetry build` do the right thing without this explicit dependency.
+#
+# This isn't really a dev-dependency, as `poetry install --no-dev` will fail,
+# but the alternative is to add it to the main list of deps where it isn't
+# needed.
+setuptools_rust = ">=1.3"
+
+# This is used for parsing multipart responses
+python-multipart = ">=0.0.9"
+
+# Optional Dependencies
+# ---------------------
+matrix-synapse-ldap3 = { version = ">=0.1", optional = true }
+psycopg2 = { version = ">=2.8", markers = "platform_python_implementation != 'PyPy'", optional = true }
+psycopg2cffi = { version = ">=2.8", markers = "platform_python_implementation == 'PyPy'", optional = true }
+psycopg2cffi-compat = { version = "==1.1", markers = "platform_python_implementation == 'PyPy'", optional = true }
+pysaml2 = { version = ">=4.5.0", optional = true }
+authlib = { version = ">=0.15.1", optional = true }
+# systemd-python is necessary for logging to the systemd journal via
+# `systemd.journal.JournalHandler`, as is documented in
+# `contrib/systemd/log_config.yaml`.
+# Note: systemd-python 231 appears to have been yanked from pypi
+systemd-python = { version = ">=231", optional = true }
+lxml = { version = ">=4.5.2", optional = true }
+sentry-sdk = { version = ">=0.7.2", optional = true }
+opentracing = { version = ">=2.2.0", optional = true }
+jaeger-client = { version = ">=4.0.0", optional = true }
+txredisapi = { version = ">=1.4.7", optional = true }
+hiredis = { version = "*", optional = true }
+Pympler = { version = "*", optional = true }
+parameterized = { version = ">=0.7.4", optional = true }
+idna = { version = ">=2.5", optional = true }
+pyicu = { version = ">=2.10.2", optional = true }
+
+[tool.poetry.extras]
+# NB: Packages that should be part of `pip install matrix-synapse[all]` need to be specified
+# twice: once here, and once in the `all` extra.
+matrix-synapse-ldap3 = ["matrix-synapse-ldap3"]
+postgres = ["psycopg2", "psycopg2cffi", "psycopg2cffi-compat"]
+saml2 = ["pysaml2"]
+oidc = ["authlib"]
+# systemd-python is necessary for logging to the systemd journal via
+# `systemd.journal.JournalHandler`, as is documented in
+# `contrib/systemd/log_config.yaml`.
+systemd = ["systemd-python"]
+url-preview = ["lxml"]
+sentry = ["sentry-sdk"]
+opentracing = ["jaeger-client", "opentracing"]
+jwt = ["authlib"]
+# hiredis is not a *strict* dependency, but it makes things much faster.
+# (if it is not installed, we fall back to slow code.)
+redis = ["txredisapi", "hiredis"]
+# Required to use experimental `caches.track_memory_usage` config option.
+cache-memory = ["pympler"]
+test = ["parameterized", "idna"]
+# Allows for better search for international characters in the user directory. This
+# requires libicu's development headers installed on the system (e.g. libicu-dev on
+# Debian-based distributions).
+user-search = ["pyicu"]
+
+# The duplication here is awful. I hate hate hate hate hate it. However, for now I want
+# to ensure you can still `pip install matrix-synapse[all]` like today. Two motivations:
+# 1) for new installations, I want instructions in existing documentation and tutorials
+#    out there to still work.
+# 2) I don't want to hard-code a list of extras into CI if I can help it. The ideal
+#    solution here would be something like https://github.com/python-poetry/poetry/issues/3413
+# Poetry 1.2's dependency groups might make this easier. But I'm not trying that out
+# until there's a stable release of 1.2.
+#
+# NB: the strings in this list must be *package* names, not extra names.
+# Some of our extra names _are_ package names, which can lead to great confusion.
+all = [
+    # matrix-synapse-ldap3
+    "matrix-synapse-ldap3",
+    # postgres
+    "psycopg2", "psycopg2cffi", "psycopg2cffi-compat",
+    # saml2
+    "pysaml2",
+    # oidc and jwt
+    "authlib",
+    # url-preview
+    "lxml",
+    # sentry
+    "sentry-sdk",
+    # opentracing
+    "jaeger-client", "opentracing",
+    # redis
+    "txredisapi", "hiredis",
+    # cache-memory
+    "pympler",
+    # improved user search
+    "pyicu",
+    # omitted:
+    #   - test: it's useful to have this separate from dev deps in the olddeps job
+    #   - systemd: this is a system-based requirement
 ]
 
-release = [
-    "click>=8.1.3",
-    "GitPython>=3.1.20",
-    "commonmark>=0.9.1",
-    "pygithub>=1.55",
-    "twine",
-    # Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear.
-    "towncrier>=18.6.0rc1",
-    # Used for checking the Poetry lockfile
-    "tomli>=1.2.3",
-]
+[tool.poetry.dev-dependencies]
+# We pin development dependencies in poetry.lock so that our tests don't start
+# failing on new releases. Keeping lower bounds loose here means that dependabot
+# can bump versions without having to update the content-hash in the lockfile.
+# This helps prevents merge conflicts when running a batch of dependabot updates.
+ruff = "0.7.3"
+# Type checking only works with the pydantic.v1 compat module from pydantic v2
+pydantic = "^2"
+
+# Typechecking
+lxml-stubs = ">=0.4.0"
+mypy = "*"
+mypy-zope = "*"
+types-bleach = ">=4.1.0"
+types-commonmark = ">=0.9.2"
+types-jsonschema = ">=3.2.0"
+types-netaddr = ">=0.8.0.6"
+types-opentracing = ">=2.4.2"
+types-Pillow = ">=8.3.4"
+types-psycopg2 = ">=2.9.9"
+types-pyOpenSSL = ">=20.0.7"
+types-PyYAML = ">=5.4.10"
+types-requests = ">=2.26.0"
+types-setuptools = ">=57.4.0"
+
+# Dependencies which are exclusively required by unit test code. This is
+# NOT a list of all modules that are necessary to run the unit tests.
+# Tests assume that all optional dependencies are installed.
+# parameterized<0.7.4 can create classes with names that would normally be invalid
+# identifiers. trial really does not like this when running with multiple workers.
+parameterized = ">=0.7.4"
+idna = ">=2.5"
+
+# The following are used by the release script
+click = ">=8.1.3"
+# GitPython was == 3.1.14; bumped to 3.1.20, the first release with type hints.
+GitPython = ">=3.1.20"
+commonmark = ">=0.9.1"
+pygithub = ">=1.55"
+# The following are executed as commands by the release script.
+twine = "*"
+# Towncrier min version comes from https://github.com/matrix-org/synapse/pull/3425. Rationale unclear.
+towncrier = ">=18.6.0rc1"
+
+# Used for checking the Poetry lockfile
+tomli = ">=1.2.3"
+
 
 [build-system]
-requires = ["hatchling"]
-build-backend = "hatchling.build"
-
-[tool.uv]
-default-groups = ["dev", "release"]
-
-[tool.hatch.build.targets.wheel]
-packages = ["synapse"]
-
-[tool.hatch.build.targets.sdist]
-include = [
-    { path = "AUTHORS.rst", format = "sdist" },
-    { path = "book.toml", format = "sdist" },
-    { path = "changelog.d", format = "sdist" },
-    { path = "CHANGES.md", format = "sdist" },
-    { path = "CONTRIBUTING.md", format = "sdist" },
-    { path = "demo", format = "sdist" },
-    { path = "docs", format = "sdist" },
-    { path = "INSTALL.md", format = "sdist" },
-    { path = "mypy.ini", format = "sdist" },
-    { path = "scripts-dev", format = "sdist" },
-    { path = "synmark", format = "sdist" },
-    { path = "sytest-blacklist", format = "sdist" },
-    { path = "tests", format = "sdist" },
-    { path = "UPGRADE.rst", format = "sdist" },
-    { path = "Cargo.toml", format = "sdist" },
-    { path = "Cargo.lock", format = "sdist" },
-    { path = "rust/Cargo.toml", format = "sdist" },
-    { path = "rust/build.rs", format = "sdist" },
-    { path = "rust/src/**", format = "sdist" },
-]
-exclude = [{ path = "synapse/*.so", format = "sdist" }]
+# The upper bounds here are defensive, intended to prevent situations like
+# https://github.com/matrix-org/synapse/issues/13849 and
+# https://github.com/matrix-org/synapse/issues/14079 where we see buildtime or
+# runtime errors caused by build system changes.
+# We are happy to raise these upper bounds upon request,
+# provided we check that it's safe to do so (i.e. that CI passes).
+requires = ["poetry-core>=1.1.0,<=1.9.1", "setuptools_rust>=1.3,<=1.10.2"]
+build-backend = "poetry.core.masonry.api"
 
 
 [tool.cibuildwheel]
@@ -343,8 +390,8 @@ skip = "cp36* cp37* cp38* pp37* pp38* *-musllinux_i686 pp*aarch64 *-musllinux_aa
 #
 # We temporarily pin Rust to 1.82.0 to work around
 # https://github.com/element-hq/synapse/issues/17988
-before-all = "curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.82.0 -y --profile minimal"
-environment = { PATH = "$PATH:$HOME/.cargo/bin" }
+before-all =  "curl https://sh.rustup.rs -sSf | sh -s -- --default-toolchain 1.82.0 -y --profile minimal"
+environment= { PATH = "$PATH:$HOME/.cargo/bin" }
 
 # For some reason if we don't manually clean the build directory we
 # can end up polluting the next build with a .so that is for the wrong

synapse/storage/databases/main/room.py

@@ -1181,6 +1181,50 @@ class RoomWorkerStore(CacheInvalidationWorkerStore):
 
         return total_media_quarantined
 
+    async def block_room(self, room_id: str, user_id: str) -> None:
+        """Marks the room as blocked.
+
+        Can be called multiple times (though we'll only track the last user to
+        block this room).
+
+        Can be called on a room unknown to this homeserver.
+
+        Args:
+            room_id: Room to block
+            user_id: Who blocked it
+        """
+        await self.db_pool.simple_upsert(
+            table="blocked_rooms",
+            keyvalues={"room_id": room_id},
+            values={},
+            insertion_values={"user_id": user_id},
+            desc="block_room",
+        )
+        await self.db_pool.runInteraction(
+            "block_room_invalidation",
+            self._invalidate_cache_and_stream,
+            self.is_room_blocked,
+            (room_id,),
+        )
+
+    async def unblock_room(self, room_id: str) -> None:
+        """Remove the room from blocking list.
+
+        Args:
+            room_id: Room to unblock
+        """
+        await self.db_pool.simple_delete(
+            table="blocked_rooms",
+            keyvalues={"room_id": room_id},
+            desc="unblock_room",
+        )
+        await self.db_pool.runInteraction(
+            "block_room_invalidation",
+            self._invalidate_cache_and_stream,
+            self.is_room_blocked,
+            (room_id,),
+        )
+
     async def get_rooms_for_retention_period_in_range(
         self, min_ms: Optional[int], max_ms: Optional[int], include_null: bool = False
     ) -> Dict[str, RetentionPolicy]:
@@ -2500,50 +2544,6 @@ class RoomStore(RoomBackgroundUpdateStore, RoomWorkerStore):
         )
         return next_id
 
-    async def block_room(self, room_id: str, user_id: str) -> None:
-        """Marks the room as blocked.
-
-        Can be called multiple times (though we'll only track the last user to
-        block this room).
-
-        Can be called on a room unknown to this homeserver.
-
-        Args:
-            room_id: Room to block
-            user_id: Who blocked it
-        """
-        await self.db_pool.simple_upsert(
-            table="blocked_rooms",
-            keyvalues={"room_id": room_id},
-            values={},
-            insertion_values={"user_id": user_id},
-            desc="block_room",
-        )
-        await self.db_pool.runInteraction(
-            "block_room_invalidation",
-            self._invalidate_cache_and_stream,
-            self.is_room_blocked,
-            (room_id,),
-        )
-
-    async def unblock_room(self, room_id: str) -> None:
-        """Remove the room from blocking list.
-
-        Args:
-            room_id: Room to unblock
-        """
-        await self.db_pool.simple_delete(
-            table="blocked_rooms",
-            keyvalues={"room_id": room_id},
-            desc="unblock_room",
-        )
-        await self.db_pool.runInteraction(
-            "block_room_invalidation",
-            self._invalidate_cache_and_stream,
-            self.is_room_blocked,
-            (room_id,),
-        )
-
     async def clear_partial_state_room(self, room_id: str) -> Optional[int]:
         """Clears the partial state flag for a room.