Update halfshot/matrix-hookshot Docker tag to v7

[small-hack-renovate]

This PR contains the following updates:

Package	Update	Change
halfshot/matrix-hookshot	major	6.0.1 -> 7.0.0

---

Release Notes

matrix-org/matrix-hookshot (halfshot/matrix-hookshot)

v7.0.0

Compare Source

Breaking change: JIRA Cloud webhooks now require a secret to configured to ensure secure handling of webhook information. This is a change from previously accepting a query string. See [https://matrix-org.github.io/matrix-hookshot/latest/setup/jira.html#cloud]\(the documentation) for more information.

Features

• Add support for JIRA cloud secure webhooks. See the documentation for more information. (#​1044)
• Add support for OpenProject. (#​1050, #​1056)
• Add new mentions field to generic hook transformation functions, to intentionally mention users. (#​1051)

Bugfixes

• Fix JIRA integration config not updating when applying changes via the widget. (#c01d13b)
• GitHub repository listings / room configuation will now work correctly if your organization or username contains uppercase characters. (#​1033)
• Hookshot will now attempt to join permission rooms on startup. (#​1041)

Deprecations and Removals

• The legacy provisioning API has been removed (used by services such as Dimension). Developers should seek to update
  to use the widget API, which supports more features and is regularly updated. (#​931)

Internal Changes

• Update Ubuntu version in docs CI. (#​1043)
• Don't login to Docker when running CI against dependabot PRs (#​1046)
• Replace homerunner with testcontainers for (stable) E2E testing. (#​1047)
• Apply prettier formatting, and use a consistent file naming scheme. (#​1055), (#​1058)

v6.0.3

Compare Source

Bugfixes

• Fixed Helm chart templates missing namespace: in resource metadata, causing some resources to appear in different namespaces under certain circumstances, specifically deployment scenarios using ArgoCD-deployed Helmfile with a release namespace set for Hookshot differently than the ArgoCD Application's namespace. Most other Helm deployment methods should continue to work as expected with your existing configuration, as the inferred namespace would have resulted in proper resource placement without this change. (#​1013)
• Fix hookshot failing to handle incoming webhooks when it is unable to change a user's displayname. (#​1019)
• GitLab merge request comments are now correctly filtered based on label include / exclude configuration. (#​1756)

Improved Documentation

• Explain how to edit room state for GitLab projects from within Element. (#​1016)

Internal Changes

• Update dependencies with security advisories. (#​1024)

v6.0.2

Compare Source

Security release: It is strongly recommended that you upgrade to this release, as it contains security fixes.

Internal Changes

• Switch to using GitHub Actions native arm runners for Docker builds, which will reduce build times. (#​1008)

Security

Fixes for CVE-2025-23197 / GHSA-cr4q-jf47-3645.

---

Configuration

📅 Schedule: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined).

🚦 Automerge: Disabled by config. Please merge this manually once you are satisfied.

♻ Rebasing: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.

---

• If you want to rebase/retry this PR, check this box

---

This PR has been generated by Renovate Bot.