Skip to content

Bump nodemailer and mailparser #201

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
dependabot wants to merge 1 commit into
base: main
Choose a base branch
from
Open

Bump nodemailer and mailparser #201

dependabot wants to merge 1 commit into from

Conversation

@dependabot
Copy link
Contributor

@dependabot dependabot bot commented on behalf of github Dec 19, 2025

Bumps nodemailer to 7.0.11 and updates ancestor dependency mailparser. These dependencies need to be updated together.

Updates nodemailer from 7.0.3 to 7.0.11

Release notes

Sourced from nodemailer's releases.

v7.0.11

7.0.11 (2025-11-26)

Bug Fixes

  • prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)

v7.0.10

7.0.10 (2025-10-23)

Bug Fixes

  • Increase data URI size limit from 100KB to 50MB and preserve content type (28dbf3f)

v7.0.9

7.0.9 (2025-10-07)

Bug Fixes

  • release: Trying to fix release proecess by upgrading Node version in runner (579fce4)

v7.0.8

7.0.8 (2025-10-07)

Bug Fixes

  • addressparser: flatten nested groups per RFC 5322 (8f8a77c)

v7.0.7

7.0.7 (2025-10-05)

Bug Fixes

  • addressparser: Fixed addressparser handling of quoted nested email addresses (1150d99)
  • dns: add memory leak prevention for DNS cache (0240d67)
  • linter: Updated eslint and created prettier formatting task (df13b74)
  • refresh expired DNS cache on error (#1759) (ea0fc5a)
  • resolve linter errors in DNS cache tests (3b8982c)

v7.0.6

7.0.6 (2025-08-27)

Bug Fixes

... (truncated)

Changelog

Sourced from nodemailer's changelog.

7.0.11 (2025-11-26)

Bug Fixes

  • prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)

7.0.10 (2025-10-23)

Bug Fixes

  • Increase data URI size limit from 100KB to 50MB and preserve content type (28dbf3f)

7.0.9 (2025-10-07)

Bug Fixes

  • release: Trying to fix release proecess by upgrading Node version in runner (579fce4)

7.0.8 (2025-10-07)

Bug Fixes

  • addressparser: flatten nested groups per RFC 5322 (8f8a77c)

7.0.7 (2025-10-05)

Bug Fixes

  • addressparser: Fixed addressparser handling of quoted nested email addresses (1150d99)
  • dns: add memory leak prevention for DNS cache (0240d67)
  • linter: Updated eslint and created prettier formatting task (df13b74)
  • refresh expired DNS cache on error (#1759) (ea0fc5a)
  • resolve linter errors in DNS cache tests (3b8982c)

7.0.6 (2025-08-27)

Bug Fixes

  • encoder: avoid silent data loss by properly flushing trailing base64 (#1747) (01ae76f)
  • handle multiple XOAUTH2 token requests correctly (#1754) (dbe0028)
  • ReDoS vulnerability in parseDataURI and _processDataUrl (#1755) (90b3e24)

7.0.5 (2025-07-07)

Bug Fixes

... (truncated)

Commits
  • 3d17dbe chore(master): release 7.0.11 (#1783)
  • 15879f8 Bumped dev dependencies
  • b61b9c0 fix: prevent stack overflow DoS in addressparser with deeply nested groups
  • 4175e4b chore(master): release 7.0.10 (#1776)
  • d882ccf Merge branch 'master' of github.com:nodemailer/nodemailer
  • 1d7e4f7 Bumped deps
  • 10bd871 chore: correct typo in variable name (#1773)
  • 28dbf3f fix: Increase data URI size limit from 100KB to 50MB and preserve content type
  • 92ae1c4 chore(master): release 7.0.9 (#1769)
  • c675d9e Merge branch 'master' of github.com:nodemailer/nodemailer
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nodemailer since your current version.


Updates mailparser from 3.7.3 to 3.9.1

Release notes

Sourced from mailparser's releases.

mailparser: v3.8.1

3.8.1 (2025-11-05)

Bug Fixes

mailparser: v3.8.0

3.8.0 (2025-11-04)

Bug Fixes

  • deps: Bumped Nodemailer to fix issue with long data URI's (d24f96e)
Changelog

Sourced from mailparser's changelog.

3.9.1 (2025-12-11)

Bug Fixes

3.9.0 (2025-11-05)

Features

  • events: Emit a new headerLines event to gain access the raw headers (#364) (d33d7ec)

Bug Fixes

  • ⬆️ update nodemailer dependency to resolve security issue GHSA-9h6g-pr28-7cqp (#357) (8bc4225)
  • 150 (919f69a)
  • 272: Throw TypeError for invalid input. (abd7e43)
  • 34, bump version (09aa0bd)
  • bumped deps (9a13f4e)
  • Bumped deps (bb9c014)
  • Bumped deps (9e084f9)
  • Bumped mailsplit to fix flowed parser (da753e4)
  • capture decoder end event to use on cleanup (4e367f7)
  • deploy: added auto-deployment (d6eb56f)
  • deps: Bumped deps (db842ad)
  • deps: Bumped deps to fix issue with missing whitespace (92884d0)
  • deps: Bumped Nodemailer to fix issue with long data URI's (d24f96e)
  • deps: Replaced 'punycode' with 'punycode.js' module (4a15157)
  • error on ks_c_5601-1987 (89572e0)
  • Fix produced text address list string according to rfc 2822 (#340) (6bae600)
  • handle simpleParser input stream error (faf9fc5)
  • punycode: Fixes #355 Deprecation warning of the punycode module (#356) (0f35330)
  • simple-parser: Buffer.from(string) default encode is utf-8,when input string‘s encode is gbk,result has some garbled (633e436)
  • test: updated test matrix (18, 20, 21) (a2ba9c2)
  • trigger new build (3cf6241)
  • trigger new build (7f2eb78)

3.8.1 (2025-11-05)

Bug Fixes

3.8.0 (2025-11-04)

... (truncated)

Commits
  • 2205e48 chore(master): release 3.9.1 [skip-ci]
  • 6879d1b fix: update dependencies
  • 3e1e029 chore(master): release 3.9.0 [skip-ci]
  • b831000 Merge branch 'master' of github.com:nodemailer/mailparser
  • 3cf6241 fix: trigger new build
  • f80910c chore(master): release 3.8.1 [skip-ci]
  • 7f2eb78 fix: trigger new build
  • 9c32d09 chore: Rename release workflow file from .yml to .yaml
  • 0b96c7d chore(master): release 3.8.0 [skip-ci]
  • 0aa4c3a chore(deps): Renamed mailsplit to @​zone-eu/mailsplit
  • Additional commits viewable in compare view
Maintainer changes

This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for mailparser since your current version.


Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot merge will merge this PR after your CI passes on it
  • @dependabot squash and merge will squash and merge this PR after your CI passes on it
  • @dependabot cancel merge will cancel a previously requested merge and block automerging
  • @dependabot reopen will reopen this PR if it is closed
  • @dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
    You can disable automated security fix PRs for this repo from the Security Alerts page.

@dependabot
Bump nodemailer and mailparser
1913af0 
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) to 7.0.11 and updates ancestor dependency [mailparser](https://github.com/nodemailer/mailparser). These dependencies need to be updated together.


Updates `nodemailer` from 7.0.3 to 7.0.11
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v7.0.3...v7.0.11)

Updates `mailparser` from 3.7.3 to 3.9.1
- [Release notes](https://github.com/nodemailer/mailparser/releases)
- [Changelog](https://github.com/nodemailer/mailparser/blob/master/CHANGELOG.md)
- [Commits](nodemailer/mailparser@v3.7.3...v3.9.1)

---
updated-dependencies:
- dependency-name: nodemailer
  dependency-version: 7.0.11
  dependency-type: indirect
- dependency-name: mailparser
  dependency-version: 3.9.1
  dependency-type: direct:production
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels Dec 19, 2025
@sonarqubecloud
Copy link

sonarqubecloud bot commented Dec 19, 2025

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant