Releases: wneessen/js-mailer
v0.3.4: Dependency/Security update
This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.22.2, which fixes a security vulnerbility in net/http.
What's Changed
- build(deps): bump github.com/labstack/echo/v4 from 4.11.2 to 4.11.3 by @dependabot in #62
- build(deps): bump github.com/labstack/gommon from 0.4.0 to 0.4.1 by @dependabot in #63
- build(deps): bump github.com/kkyr/fig from 0.3.2 to 0.4.0 by @dependabot in #64
- build(deps): bump github.com/labstack/gommon from 0.4.1 to 0.4.2 by @dependabot in #65
- build(deps): bump github.com/labstack/echo/v4 from 4.11.3 to 4.11.4 by @dependabot in #66
- build(deps): bump github.com/wneessen/go-mail from 0.4.0 to 0.4.1 by @dependabot in #67
- [StepSecurity] Apply security best practices by @step-security-bot in #68
- build(deps): bump actions/setup-go from 3.5.0 to 5.0.0 by @dependabot in #72
- build(deps): bump docker/build-push-action from 5.0.0 to 5.3.0 by @dependabot in #71
- build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #73
- build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.4.0 by @dependabot in #69
- build(deps): bump github/codeql-action from 1.1.39 to 3.24.8 by @dependabot in #70
- Remove cosign version specification in Docker workflow by @wneessen in #74
- Remove .idea from VCS by @wneessen in #75
- Update scorecards.yml configuration and action versions by @wneessen in #76
- [StepSecurity] Apply security best practices by @step-security-bot in #77
- Update codeql-analysis.yml configuration and runner conditions by @wneessen in #78
- Improve Swift and Go conditions in codeql-analysis.yml by @wneessen in #79
- Create codeql.yml by @wneessen in #80
- [StepSecurity] ci: Harden GitHub Actions by @step-security-bot in #81
- Fix sec findings by @wneessen in #82
- Add read-only permissions to SonarQube workflow file by @wneessen in #83
- build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.2.0 by @dependabot in #88
- build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #87
- build(deps): bump actions/dependency-review-action from 2.5.1 to 4.2.3 by @dependabot in #86
- build(deps): bump docker/metadata-action from 5.0.0 to 5.5.1 by @dependabot in #85
- build(deps): bump actions/checkout from 2.7.0 to 4.1.2 by @dependabot in #84
- build(deps): bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #89
- build(deps): bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #90
- build(deps): bump actions/dependency-review-action from 4.2.4 to 4.2.5 by @dependabot in #91
- build(deps): bump sonarsource/sonarqube-scan-action from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0 by @dependabot in #92
- Update server.go by @wneessen in #93
- build(deps): bump golang from
0b55ab8
toc4fb952
by @dependabot in #94
New Contributors
- @step-security-bot made their first contribution in #68
Full Changelog: v0.3.3...v0.3.4
v0.3.3: Dependency/Security update
This is another dependency update that addresses the HTTP/2 Rapid Reset Attack.
It is advised to update to v0.3.3.
What's Changed
- build(deps): bump github.com/labstack/echo/v4 from 4.11.1 to 4.11.2 by @dependabot in #60
- Update server.go by @wneessen in #61
Full Changelog: v0.3.2...v0.3.3
v0.3.2: Maintenance/security release
This is a maintenance release mainly updating depencies.
Security note
For users of the Docker version provided here, this also updates the Go version js-mailer is compiled with to Go 1.21.3 which fixes a critical security flaw in the net/http package. It's highly advised to update to the latest Docker build.
What's Changed
- build(deps): bump github.com/labstack/echo/v4 from 4.10.1 to 4.10.2 by @dependabot in #53
- build(deps): bump github.com/wneessen/go-mail from 0.3.8 to 0.3.9 by @dependabot in #54
- build(deps): bump github.com/wneessen/go-mail from 0.3.9 to 0.4.0 by @dependabot in #55
- build(deps): bump github.com/labstack/echo/v4 from 4.10.2 to 4.11.1 by @dependabot in #56
- build(deps): bump github.com/kkyr/fig from 0.3.1 to 0.3.2 by @dependabot in #57
- build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 by @dependabot in #58
- Bump version to 0.3.2 by @wneessen in #59
Full Changelog: v0.3.1...v0.3.2
v0.3.1 Dependency updates
This is mainly a dependency update. In particular updaing Labstack Echo, which fixed a security vulnerabity in one of its dependencies. Read me: https://pkg.go.dev/vuln/GO-2023-1571
What's Changed
- Fix #44 code-smell by @wneessen in #45
- Bump github.com/wneessen/go-mail from 0.3.5 to 0.3.6 by @dependabot in #46
- Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.0 by @dependabot in #47
- Bump github.com/wneessen/go-mail from 0.3.6 to 0.3.7 by @dependabot in #48
- build(deps): bump github.com/wneessen/go-mail from 0.3.7 to 0.3.8 by @dependabot in #49
- build(deps): bump github.com/kkyr/fig from 0.3.0 to 0.3.1 by @dependabot in #50
- build(deps): bump github.com/labstack/echo/v4 from 4.10.0 to 4.10.1 by @dependabot in #51
- Dependency updates by @wneessen in #52
Full Changelog: v0.3.0...v0.3.1
v0.3.0: Cloudflare Turnstile support
This release adds support for the Cloudflare Turnstile captchas.
What's Changed
- Bump github.com/wneessen/go-mail from 0.3.4 to 0.3.5 by @dependabot in #40
- v0.3.0: Implement Cloudflare Turnstile as supported captcha feature by @wneessen in #42
Full Changelog: v0.2.9...v0.3.0
v0.2.9
What's Changed
- Bump github.com/wneessen/go-mail from 0.3.1 to 0.3.2 by @dependabot in #35
- Bump github.com/wneessen/go-mail from 0.3.2 to 0.3.3 by @dependabot in #36
- Bump github.com/wneessen/go-mail from 0.3.3 to 0.3.4 by @dependabot in #37
- v0.2.9: Update dependencies and introduce golangci-lint by @wneessen in #38
Dependencies updated
- github.com/ReneKroon/ttlcache/v2 v2.11.0 => github.com/jellydator/ttlcache/v2 v2.11.1
- github.com/mattn/go-colorable v0.1.13
- github.com/mitchellh/mapstructure v1.5.0
- github.com/pelletier/go-toml v1.9.5
- github.com/valyala/fasttemplate v1.2.2
- golang.org/x/crypto v0.2.0
- golang.org/x/sync
Full Changelog: v0.2.8...v0.2.9
v0.2.7: Dependecy updates
This is a maintenance release. No new features have been introduced but two dependencies have been updated:
- go-mail has been bumped to v0.2.7
- echo has been bumped to v4.9.0
v0.2.6: Maintenance release
v0.2.4: Go mail library replacement
This release replaces the legacy and unmaintained https://github.com/go-mail/mail library with my own go-mail implementation, which is maintained and follows modern and idomatic Go patterns.
v0.2.3: Reply-To header
17df8f1 adds the functionality to have the form mail automatically set a "Reply-To" header based on the mail address of a configurable form field, so the receiver of the form mail can press the "Reply" button to reach the sender.