emailengine-app 2.69.0 → 2.70.0

package/translations/messages.pot

@@ -1,10 +1,10 @@
 msgid ""
 msgstr ""
 "Content-Type: text/plain; charset=ascii\n"
-"POT-Creation-Date: 2026-06-09 18:01+0000\n"
+"POT-Creation-Date: 2026-06-11 10:37+0000\n"
 
 #: views/error.hbs:4
-#: workers/api.js:2959
+#: workers/api.js:2940
 msgid "Something went wrong"
 msgstr ""
 
@@ -21,7 +21,7 @@ msgid "Dashboard"
 msgstr ""
 
 #: views/config/license.hbs:45
-#: lib/ui-routes/oauth-config-routes.js:219
+#: lib/ui-routes/oauth-config-routes.js:217
 msgid "%d day"
 msgid_plural "%d days"
 msgstr[0] ""
@@ -31,48 +31,63 @@ msgstr[1] ""
 msgid "Click <a href=\"%s\">here</a> to continue&mldr;"
 msgstr ""
 
-#: views/oauth-scope-error.hbs:2
-msgid "Insufficient Permissions"
+#: views/unsubscribe.hbs:3
+#: views/unsubscribe.hbs:62
+#: views/unsubscribe.hbs:85
+msgid "Unsubscribe"
 msgstr ""
 
-#: views/oauth-scope-error.hbs:8
-msgid ""
-"All requested permissions are required for this service to function "
-"properly. Some required permissions were not granted during sign-in."
+#: views/unsubscribe.hbs:5
+msgid "Your email address was unsubscribed."
 msgstr ""
 
-#: views/oauth-scope-error.hbs:12
-msgid "The following permissions were not granted:"
+#: views/unsubscribe.hbs:7
+msgid "Was this a mistake? Click <a%s>here</a> to re-subscribe."
 msgstr ""
 
-#: views/oauth-scope-error.hbs:21
-msgid ""
-"Please try again and make sure all permission checkboxes are selected on "
-"the Google consent screen."
+#: views/unsubscribe.hbs:15
+msgid "Re-subscribe"
 msgstr ""
 
-#: views/oauth-scope-error.hbs:27
-msgid "Try Again"
+#: views/unsubscribe.hbs:21
+msgid "Are you sure you want to re-subscribe your email address <em>%s</em>?"
 msgstr ""
 
-#: views/accounts/register/imap.hbs:11
-msgid "Your name"
+#: views/unsubscribe.hbs:32
+#: views/accounts/register/imap-server.hbs:251
+msgid "Close"
 msgstr ""
 
-#: views/accounts/register/imap.hbs:17
-msgid "Enter your full name"
+#: views/unsubscribe.hbs:34
+msgid "Subscribe"
+msgstr ""
+
+#: views/unsubscribe.hbs:56
+msgid "Subscription resumed"
+msgstr ""
+
+#: views/unsubscribe.hbs:58
+msgid "Your email address <em>%s</em> was re-subscribed."
 msgstr ""
 
-#: views/accounts/register/imap.hbs:21
 #: views/unsubscribe.hbs:75
+#: views/accounts/register/imap.hbs:21
 msgid "Email address"
 msgstr ""
 
-#: views/accounts/register/imap.hbs:27
 #: views/unsubscribe.hbs:81
+#: views/accounts/register/imap.hbs:27
 msgid "Enter your email address"
 msgstr ""
 
+#: views/accounts/register/imap.hbs:11
+msgid "Your name"
+msgstr ""
+
+#: views/accounts/register/imap.hbs:17
+msgid "Enter your full name"
+msgstr ""
+
 #: views/accounts/register/imap.hbs:31
 #: views/accounts/register/imap-server.hbs:36
 #: views/accounts/register/imap-server.hbs:128
@@ -87,51 +102,28 @@ msgstr ""
 msgid "Continue"
 msgstr ""
 
-#: views/accounts/register/index.hbs:2
-msgid "Choose your email account provider"
-msgstr ""
-
-#: views/accounts/register/index.hbs:15
-msgid "Standard IMAP"
-msgstr ""
-
-#: views/unsubscribe.hbs:3
-#: views/unsubscribe.hbs:62
-#: views/unsubscribe.hbs:85
-msgid "Unsubscribe"
-msgstr ""
-
-#: views/unsubscribe.hbs:5
-msgid "Your email address was unsubscribed."
-msgstr ""
-
-#: views/unsubscribe.hbs:7
-msgid "Was this a mistake? Click <a%s>here</a> to re-subscribe."
-msgstr ""
-
-#: views/unsubscribe.hbs:15
-msgid "Re-subscribe"
-msgstr ""
-
-#: views/unsubscribe.hbs:21
-msgid "Are you sure you want to re-subscribe your email address <em>%s</em>?"
+#: views/oauth-scope-error.hbs:2
+msgid "Insufficient Permissions"
 msgstr ""
 
-#: views/unsubscribe.hbs:32
-#: views/accounts/register/imap-server.hbs:251
-msgid "Close"
+#: views/oauth-scope-error.hbs:8
+msgid ""
+"All requested permissions are required for this service to function "
+"properly. Some required permissions were not granted during sign-in."
 msgstr ""
 
-#: views/unsubscribe.hbs:34
-msgid "Subscribe"
+#: views/oauth-scope-error.hbs:12
+msgid "The following permissions were not granted:"
 msgstr ""
 
-#: views/unsubscribe.hbs:56
-msgid "Subscription resumed"
+#: views/oauth-scope-error.hbs:21
+msgid ""
+"Please try again and make sure all permission checkboxes are selected on "
+"the Google consent screen."
 msgstr ""
 
-#: views/unsubscribe.hbs:58
-msgid "Your email address <em>%s</em> was re-subscribed."
+#: views/oauth-scope-error.hbs:27
+msgid "Try Again"
 msgstr ""
 
 #: views/accounts/register/imap-server.hbs:19
@@ -249,149 +241,157 @@ msgstr ""
 msgid "Request failed."
 msgstr ""
 
-#: workers/api.js:2178
-#: workers/api.js:2506
-#: lib/ui-routes/account-routes.js:399
-#: lib/ui-routes/account-routes.js:434
-#: lib/ui-routes/account-routes.js:549
-#: lib/ui-routes/account-routes.js:596
-#: lib/ui-routes/account-routes.js:843
-#: lib/ui-routes/account-routes.js:879
-msgid "Email Account Setup"
+#: views/accounts/register/index.hbs:2
+msgid "Choose your email account provider"
 msgstr ""
 
-#: workers/api.js:2958
-#: workers/api.js:3075
-msgid "Requested page not found"
+#: views/accounts/register/index.hbs:15
+msgid "Standard IMAP"
 msgstr ""
 
-#: lib/tools.js:958
-#: lib/ui-routes/unsubscribe-routes.js:30
+#: lib/autodetect-imap-settings.js:80
+msgid ""
+"Microsoft has disabled password-based sign-ins (including app passwords) "
+"for Outlook.com, Hotmail.com, and Microsoft 365 email accounts. To "
+"continue, please use the \"Sign in with Microsoft\" button to securely "
+"connect your account."
+msgstr ""
+
+#: lib/tools.js:956
+#: lib/ui-routes/unsubscribe-routes.js:28
 msgid "Invalid input"
 msgstr ""
 
-#: lib/tools.js:1725
+#: lib/tools.js:1723
 msgid "Signature validation failed"
 msgstr ""
 
-#: lib/tools.js:1734
-#: lib/tools.js:1739
+#: lib/tools.js:1732
+#: lib/tools.js:1737
 msgid "Invalid or expired account setup URL"
 msgstr ""
 
-#: lib/autodetect-imap-settings.js:80
-msgid ""
-"Microsoft has disabled password-based sign-ins (including app passwords) "
-"for Outlook.com, Hotmail.com, and Microsoft 365 email accounts. To "
-"continue, please use the \"Sign in with Microsoft\" button to securely "
-"connect your account."
+#: lib/ui-routes/account-routes.js:402
+#: lib/ui-routes/account-routes.js:437
+#: lib/ui-routes/account-routes.js:552
+#: lib/ui-routes/account-routes.js:599
+#: lib/ui-routes/account-routes.js:846
+#: lib/ui-routes/account-routes.js:882
+#: workers/api.js:2158
+#: workers/api.js:2486
+msgid "Email Account Setup"
+msgstr ""
+
+#: lib/ui-routes/account-routes.js:462
+#: lib/ui-routes/account-routes.js:495
+#: lib/ui-routes/unsubscribe-routes.js:65
+msgid "Invalid request. Check your input and try again."
+msgstr ""
+
+#: lib/ui-routes/account-routes.js:592
+#: lib/ui-routes/account-routes.js:875
+msgid "Couldn't set up account. Try again."
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:655
+#: lib/ui-routes/account-routes.js:666
 #: lib/ui-routes/admin-entities-routes.js:2020
-#: lib/ui-routes/account-routes.js:652
-#: lib/ui-routes/account-routes.js:663
 msgid "Server hostname was not found"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:658
+#: lib/ui-routes/account-routes.js:669
 #: lib/ui-routes/admin-entities-routes.js:2023
-#: lib/ui-routes/account-routes.js:655
-#: lib/ui-routes/account-routes.js:666
 msgid "Invalid username or password"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:672
 #: lib/ui-routes/admin-entities-routes.js:2026
-#: lib/ui-routes/account-routes.js:669
 msgid "Authentication credentials were not provided"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:675
 #: lib/ui-routes/admin-entities-routes.js:2029
-#: lib/ui-routes/account-routes.js:672
 msgid "OAuth2 authentication failed"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:678
+#: lib/ui-routes/account-routes.js:682
 #: lib/ui-routes/admin-entities-routes.js:2032
 #: lib/ui-routes/admin-entities-routes.js:2036
-#: lib/ui-routes/account-routes.js:675
-#: lib/ui-routes/account-routes.js:679
 msgid "TLS protocol error"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:686
 #: lib/ui-routes/admin-entities-routes.js:2040
-#: lib/ui-routes/account-routes.js:683
 msgid "Connection timed out"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:689
 #: lib/ui-routes/admin-entities-routes.js:2043
-#: lib/ui-routes/account-routes.js:686
 msgid "Could not connect to server"
 msgstr ""
 
+#: lib/ui-routes/account-routes.js:692
 #: lib/ui-routes/admin-entities-routes.js:2046
-#: lib/ui-routes/account-routes.js:689
 msgid "Unexpected server response"
 msgstr ""
 
-#: lib/ui-routes/account-routes.js:459
-#: lib/ui-routes/account-routes.js:492
-#: lib/ui-routes/unsubscribe-routes.js:67
-msgid "Invalid request. Check your input and try again."
-msgstr ""
-
-#: lib/ui-routes/account-routes.js:589
-#: lib/ui-routes/account-routes.js:872
-msgid "Couldn't set up account. Try again."
+#: lib/ui-routes/admin-config-routes.js:144
+msgid "Invalid API key for OpenAI"
 msgstr ""
 
-#: lib/ui-routes/oauth-config-routes.js:212
+#: lib/ui-routes/oauth-config-routes.js:210
 msgid "Unknown"
 msgstr ""
 
-#: lib/ui-routes/oauth-config-routes.js:221
+#: lib/ui-routes/oauth-config-routes.js:219
 msgid "Indefinite"
 msgstr ""
 
-#: lib/ui-routes/admin-config-routes.js:144
-msgid "Invalid API key for OpenAI"
-msgstr ""
-
-#: lib/ui-routes/route-helpers.js:83
+#: lib/ui-routes/route-helpers.js:81
 msgid "Delegated"
 msgstr ""
 
-#: lib/ui-routes/route-helpers.js:84
+#: lib/ui-routes/route-helpers.js:82
 msgid "Using credentials from \"%s\""
 msgstr ""
 
-#: lib/ui-routes/route-helpers.js:134
+#: lib/ui-routes/route-helpers.js:132
 msgid ""
 "Connection timed out. This usually occurs if you are behind a firewall or "
 "connecting to the wrong port."
 msgstr ""
 
-#: lib/ui-routes/route-helpers.js:137
+#: lib/ui-routes/route-helpers.js:135
 msgid "The server unexpectedly closed the connection."
 msgstr ""
 
-#: lib/ui-routes/route-helpers.js:140
+#: lib/ui-routes/route-helpers.js:138
 msgid ""
 "The server unexpectedly closed the connection. This usually happens when "
 "attempting to connect to a TLS port without TLS enabled."
 msgstr ""
 
-#: lib/ui-routes/route-helpers.js:145
+#: lib/ui-routes/route-helpers.js:143
 msgid ""
 "The server refused the connection. This typically occurs if the server is "
 "not running, is overloaded, or you are connecting to the wrong host or port."
 msgstr ""
 
-#: lib/ui-routes/unsubscribe-routes.js:40
-#: lib/ui-routes/unsubscribe-routes.js:158
-#: lib/ui-routes/unsubscribe-routes.js:175
-#: lib/ui-routes/unsubscribe-routes.js:211
+#: lib/ui-routes/unsubscribe-routes.js:38
+#: lib/ui-routes/unsubscribe-routes.js:156
+#: lib/ui-routes/unsubscribe-routes.js:173
+#: lib/ui-routes/unsubscribe-routes.js:209
 msgid "Subscription Management"
 msgstr ""
 
-#: lib/ui-routes/unsubscribe-routes.js:169
-#: lib/ui-routes/unsubscribe-routes.js:204
+#: lib/ui-routes/unsubscribe-routes.js:167
+#: lib/ui-routes/unsubscribe-routes.js:202
 msgid "Couldn't process request. Try again."
-msgstr ""
+msgstr ""
+
+#: workers/api.js:2939
+#: workers/api.js:3054
+msgid "Requested page not found"
+msgstr ""

package/update-info.sh

@@ -1,6 +1,24 @@
 #!/bin/sh
 
-COMMIT_HASH=$(cat .git/refs/heads/master)
+# Resolve the commit hash for version-info.json:
+#  1. EE_COMMIT_HASH is the explicit override, set by the deploy workflow and
+#     by release builds that run from a git export without a .git directory
+#  2. git rev-parse works in any normal checkout, also when refs are packed;
+#     the toplevel check makes sure the hash comes from this repository and
+#     not from an unrelated parent repository when this directory is not a
+#     git repository itself
+#  3. the plain ref file is the fallback for the Docker image build, which
+#     only copies .git/refs/heads/master into the build context
+if [ -n "$EE_COMMIT_HASH" ]; then
+    COMMIT_HASH="$EE_COMMIT_HASH"
+elif [ "$(git rev-parse --show-toplevel 2>/dev/null)" = "$(pwd -P)" ] && git rev-parse HEAD >/dev/null 2>&1; then
+    COMMIT_HASH=$(git rev-parse HEAD)
+elif [ -f .git/refs/heads/master ]; then
+    COMMIT_HASH=$(cat .git/refs/heads/master)
+else
+    COMMIT_HASH=""
+fi
+
 TIMESTAMP=$(node -e 'console.log(Date.now())')
 cat >version-info.json <<EOL
 {

package/views/config/logging.hbs

@@ -49,6 +49,54 @@
         </div>
     </div>
 
+    <div class="card mb-4">
+        <div class="card-header py-3">
+            <h6 class="m-0 font-weight-bold text-primary">Error Reporting</h6>
+        </div>
+        <div class="card-body">
+
+            {{#if sentryEnvManaged}}
+            <div class="alert alert-info">Error reporting is currently managed by the <code>SENTRY_DSN</code>
+                environment variable. The settings below are ignored until that variable is removed.</div>
+            {{/if}}
+
+            <div class="form-group form-check">
+
+                <div class="text-muted float-right code-link">[<a href="/admin/swagger#/Settings/postV1Settings"
+                        target="_blank" rel="noopener noreferrer">sentryEnabled</a>]</div>
+
+                <input type="checkbox" class="form-check-input {{#if errors.sentryEnabled}}is-invalid{{/if}}"
+                    id="settingsSentryEnabled" name="sentryEnabled" {{#if values.sentryEnabled}}checked{{/if}}
+                    {{#if sentryEnvManaged}}disabled{{/if}} />
+                <label class="form-check-label" for="settingsSentryEnabled">Report Unhandled Errors to Sentry</label>
+                {{#if errors.sentryEnabled}}
+                <span class="invalid-feedback">{{errors.sentryEnabled}}</span>
+                {{/if}}
+                <small class="form-text text-muted">Send unhandled errors to a Sentry server. Reports include stack
+                    traces, account IDs, and error details, but never credentials or message content. Changes apply
+                    within a minute - no restart needed.</small>
+            </div>
+
+            <div class="form-group">
+
+                <div class="text-muted float-right code-link">[<a href="/admin/swagger#/Settings/postV1Settings"
+                        target="_blank" rel="noopener noreferrer">sentryDsn</a>]</div>
+
+                <label for="settingsSentryDsn">Sentry DSN</label>
+                <input type="text" class="form-control {{#if errors.sentryDsn}}is-invalid{{/if}}"
+                    id="settingsSentryDsn" name="sentryDsn" placeholder="https://public-key@sentry.example.com/1"
+                    value="{{values.sentryDsn}}" {{#if sentryEnvManaged}}disabled{{/if}} />
+                {{#if errors.sentryDsn}}
+                <span class="invalid-feedback">{{errors.sentryDsn}}</span>
+                {{/if}}
+                <small class="form-text text-muted">Leave empty to send reports to the Sentry instance run by the
+                    EmailEngine developers (sentry.emailengine.dev). Enabling this temporarily during a support case
+                    helps to debug problems with your installation. Set your own DSN to keep reports
+                    in-house.</small>
+            </div>
+        </div>
+    </div>
+
     <div class="mb-4">
         <button type="submit" class="btn btn-primary btn-icon-split">
             <span class="icon text-white-50">

package/workers/api.js

@@ -1,7 +1,5 @@
 'use strict';
 
-// NB! This file is processed by gettext parser and can not use newer syntax like ?.
-
 const { parentPort, workerData } = require('worker_threads');
 
 const packageData = require('../package.json');
@@ -40,28 +38,8 @@ const {
 } = require('../lib/tools');
 const { matchIp, detectAutomatedRequest } = require('../lib/utils/network');
 
-const Bugsnag = require('@bugsnag/js');
-if (readEnvValue('BUGSNAG_API_KEY')) {
-    Bugsnag.start({
-        apiKey: readEnvValue('BUGSNAG_API_KEY'),
-        appVersion: packageData.version,
-        logger: {
-            debug(...args) {
-                logger.debug({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            info(...args) {
-                logger.debug({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            warn(...args) {
-                logger.warn({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            error(...args) {
-                logger.error({ msg: args.shift(), worker: 'api', source: 'bugsnag', args: args.length ? args : undefined });
-            }
-        }
-    });
-    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
-}
+const { initSentry } = require('../lib/sentry');
+initSentry('api');
 
 const Hapi = require('@hapi/hapi');
 const Boom = require('@hapi/boom');
@@ -135,7 +113,7 @@ const deliveryTestRoutes = require('../lib/api-routes/delivery-test-routes');
 const blocklistRoutes = require('../lib/api-routes/blocklist-routes');
 const submitRoutes = require('../lib/api-routes/submit-routes');
 
-const { imapSchema, smtpSchema, oauth2Schema, accountIdSchema, headerTimeoutSchema } = require('../lib/schemas');
+const { imapSchema, smtpSchema, oauth2Schema, accountIdSchema, headerTimeoutSchema, errorResponses } = require('../lib/schemas');
 
 const OAuth2ProviderSchema = Joi.string()
     .valid(...Object.keys(OAUTH_PROVIDERS))
@@ -145,9 +123,11 @@ const OAuth2ProviderSchema = Joi.string()
     .label('OAuth2Provider');
 
 const AccountTypeSchema = Joi.string()
-    .valid(...['imap'].concat(Object.keys(OAUTH_PROVIDERS)).concat('oauth2'))
+    .valid(...['imap'].concat(Object.keys(OAUTH_PROVIDERS)).concat(['oauth2', 'delegated', 'sending', 'invalid']))
     .example('outlook')
-    .description('Account type')
+    .description(
+        'Account type: "imap" for IMAP accounts, an OAuth2 provider name for OAuth2 accounts, "oauth2" when the OAuth2 application is missing, "delegated" for delegated accounts, "sending" for send-only accounts, "invalid" when delegation cannot be resolved'
+    )
     .required()
     .label('AccountType');
 
@@ -2659,7 +2639,8 @@ Include your token in requests using one of these methods:
 
             plugins: {
                 'hapi-swagger': {
-                    produces: ['text/event-stream']
+                    produces: ['text/event-stream'],
+                    responses: errorResponses(401, 403, 429, 500)
                 }
             },
 
@@ -2684,7 +2665,7 @@ Include your token in requests using one of these methods:
             skip: (request /*, h*/) => {
                 let tags = (request.route && request.route.settings && request.route.settings.tags) || [];
 
-                if (tags.includes('api') || tags.includes('metrics') || tags.includes('external')) {
+                if (tags.includes('api') || tags.includes('scope:metrics') || tags.includes('static') || tags.includes('external')) {
                     return true;
                 }
 
@@ -3055,9 +3036,7 @@ Include your token in requests using one of these methods:
 
         async handler(request, h) {
             const renderedMetrics = await call({ cmd: 'metrics', timeout: request.headers['x-ee-timeout'] });
-            const response = h.response('success');
-            response.type('text/plain');
-            return renderedMetrics;
+            return h.response(renderedMetrics).type('text/plain');
         },
         options: {
             tags: ['scope:metrics'],

package/workers/documents.js

@@ -14,28 +14,8 @@ const GB_COLLECT_DELAY = 6 * 3600 * 1000; // 6h
 const GB_FAILURE_DELAY = 3 * 1000;
 const GB_EMPTY_DELAY = 10 * 1000;
 
-const Bugsnag = require('@bugsnag/js');
-if (readEnvValue('BUGSNAG_API_KEY')) {
-    Bugsnag.start({
-        apiKey: readEnvValue('BUGSNAG_API_KEY'),
-        appVersion: packageData.version,
-        logger: {
-            debug(...args) {
-                logger.debug({ msg: args.shift(), worker: 'documents', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            info(...args) {
-                logger.debug({ msg: args.shift(), worker: 'documents', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            warn(...args) {
-                logger.warn({ msg: args.shift(), worker: 'documents', source: 'bugsnag', args: args.length ? args : undefined });
-            },
-            error(...args) {
-                logger.error({ msg: args.shift(), worker: 'documents', source: 'bugsnag', args: args.length ? args : undefined });
-            }
-        }
-    });
-    logger.notifyError = Bugsnag.notify.bind(Bugsnag);
-}
+const { initSentry } = require('../lib/sentry');
+initSentry('documents');
 
 const { redis, queueConf } = require('../lib/db');
 const { Worker } = require('bullmq');