build(deps): bump maunium.net/go/mautrix from 0.24.2-0.20250630223442-4f6d4d7c63f3 to 0.25.2

[dependabot]

Bumps maunium.net/go/mautrix from 0.24.2-0.20250630223442-4f6d4d7c63f3 to 0.25.2.

Release notes

Sourced from maunium.net/go/mautrix's releases.

v0.25.2

• Breaking change (id) Split UserID.ParseAndValidate into ParseAndValidateRelaxed and ParseAndValidateStrict. Strict is the old behavior, but most users likely want the relaxed version, as there are real users whose user IDs aren't valid under the strict rules.
• (crypto) Added helper methods for generating and verifying with recovery keys.
• (bridgev2/matrix) Added config option to automatically generate a recovery key for the bridge bot and self-sign the bridge's device.
• (bridgev2/matrix) Added initial support for using appservice/MSC3202 mode for encryption with standard servers like Synapse.
• (bridgev2) Added optional support for implicit read receipts.
• (bridgev2) Added interface for deleting chats on remote network.
• (bridgev2) Added local enforcement of media duration and size limits.
• (bridgev2) Extended event duration logging to log any event taking too long.
• (bridgev2) Improved validation in group creation provisioning API.
• (event) Added event type constant for poll end events.
• (client) Added wrapper for searching user directory.
• (client) Improved support for managing MSC4140 delayed events.
• (crypto/helper) Changed default sync handling to not block on waiting for decryption keys. On initial sync, keys won't be requested at all by default.
• (crypto) Fixed olm unwedging not working (regressed in v0.25.1).
• (bridgev2) Fixed various bugs with migrating to split portals.
• (event) Fixed poll start events having incorrect null m.relates_to.
• (client) Fixed RespUserProfile losing standard fields when re-marshaling.
• (federation) Fixed various bugs in event auth.

v0.25.1

• (client) Fixed HTTP method of delete devices API call (thanks to @​fmseals in #393).
• (client) Added wrappers for MSC4323: User suspension & locking endpoints (thanks to @​nexy7574 in #407).
• (client) Stabilized support for extensible profiles.
• (client) Stabilized support for state_after in sync.
• (client) Removed deprecated MSC2716 requests.
• (crypto) Added fallback to ensure m.relates_to is always copied even if the content struct doesn't implement Relatable.
• (crypto) Changed olm unwedging to ignore newly created sessions if they haven't been used successfully in either direction.
• (federation) Added utilities for generating, parsing, validating and authorizing PDUs.
  • Note: the new PDU code depends on GOEXPERIMENT=jsonv2
• (event) Added is_animated flag from MSC4230 to file info.
• (event) Added types for MSC4332: In-room bot commands.
• (event) Added missing poll end event type for MSC3381.
• (appservice) Fixed URLs not being escaped properly when using unix socket for homeserver connections.
• (format) Added more helpers for forming markdown links.
• (event,bridgev2) Added support for Beeper's disappearing message state event.
• (bridgev2) Redesigned group creation interface and added support in commands and provisioning API.
• (bridgev2) Added GetEvent to Matrix interface to allow network connectors to get an old event. The method is best effort only, as some configurations don't allow fetching old events.
• (bridgev2) Added shared logic for provisioning that can be reused by the API, commands and other sources.
• (bridgev2) Fixed mentions and URL previews not being copied over when caption and media are merged.
• (bridgev2) Removed config option to change provisioning API prefix, which had already broken in the previous release.

v0.25.0

• Bumped minimum Go version to 1.24.
• Breaking change (appservice,bridgev2,federation) Replaced gorilla/mux with standard library ServeMux.

... (truncated)

Changelog

Sourced from maunium.net/go/mautrix's changelog.

v0.25.2 (2025-10-16)

• Breaking change (id) Split UserID.ParseAndValidate into ParseAndValidateRelaxed and ParseAndValidateStrict. Strict is the old behavior, but most users likely want the relaxed version, as there are real users whose user IDs aren't valid under the strict rules.
• (crypto) Added helper methods for generating and verifying with recovery keys.
• (bridgev2/matrix) Added config option to automatically generate a recovery key for the bridge bot and self-sign the bridge's device.
• (bridgev2/matrix) Added initial support for using appservice/MSC3202 mode for encryption with standard servers like Synapse.
• (bridgev2) Added optional support for implicit read receipts.
• (bridgev2) Added interface for deleting chats on remote network.
• (bridgev2) Added local enforcement of media duration and size limits.
• (bridgev2) Extended event duration logging to log any event taking too long.
• (bridgev2) Improved validation in group creation provisioning API.
• (event) Added event type constant for poll end events.
• (client) Added wrapper for searching user directory.
• (client) Improved support for managing [MSC4140] delayed events.
• (crypto/helper) Changed default sync handling to not block on waiting for decryption keys. On initial sync, keys won't be requested at all by default.
• (crypto) Fixed olm unwedging not working (regressed in v0.25.1).
• (bridgev2) Fixed various bugs with migrating to split portals.
• (event) Fixed poll start events having incorrect null m.relates_to.
• (client) Fixed RespUserProfile losing standard fields when re-marshaling.
• (federation) Fixed various bugs in event auth.

v0.25.1 (2025-09-16)

• (client) Fixed HTTP method of delete devices API call (thanks to [@​fmseals] in #393).
• (client) Added wrappers for [MSC4323]: User suspension & locking endpoints (thanks to [@​nexy7574] in #407).
• (client) Stabilized support for extensible profiles.
• (client) Stabilized support for state_after in sync.
• (client) Removed deprecated MSC2716 requests.
• (crypto) Added fallback to ensure m.relates_to is always copied even if the content struct doesn't implement Relatable.
• (crypto) Changed olm unwedging to ignore newly created sessions if they haven't been used successfully in either direction.
• (federation) Added utilities for generating, parsing, validating and authorizing PDUs.
  • Note: the new PDU code depends on GOEXPERIMENT=jsonv2
• (event) Added is_animated flag from [MSC4230] to file info.
• (event) Added types for [MSC4332]: In-room bot commands.
• (event) Added missing poll end event type for [MSC3381].
• (appservice) Fixed URLs not being escaped properly when using unix socket for homeserver connections.
• (format) Added more helpers for forming markdown links.

... (truncated)

Commits

• See full diff in compare view

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

---

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

• @dependabot rebase will rebase this PR
• @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
• @dependabot merge will merge this PR after your CI passes on it
• @dependabot squash and merge will squash and merge this PR after your CI passes on it
• @dependabot cancel merge will cancel a previously requested merge and block automerging
• @dependabot reopen will reopen this PR if it is closed
• @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
• @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
• @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
• @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

[coderabbitai]

Important

Review skipped

Bot user detected.

To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

---

_{Comment @coderabbitai help to get the list of available commands and usage tips.}