mailauth 4.8.2 → 4.8.3
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/.ncurc.js +3 -4
- package/CHANGELOG.md +7 -0
- package/assets/mailauth.ico +0 -0
- package/lib/bimi/index.js +3 -1
- package/lib/parse-dkim-headers.js +8 -6
- package/man/mailauth.1 +1 -1
- package/package.json +11 -9
- package/winconf.js +70 -0
package/.ncurc.js
CHANGED
package/CHANGELOG.md
CHANGED
|
@@ -1,5 +1,12 @@
|
|
|
1
1
|
# Changelog
|
|
2
2
|
|
|
3
|
+
## [4.8.3](https://github.com/postalsys/mailauth/compare/v4.8.2...v4.8.3) (2025-04-20)
|
|
4
|
+
|
|
5
|
+
|
|
6
|
+
### Bug Fixes
|
|
7
|
+
|
|
8
|
+
* protect against prototype pollution ([3b7515d](https://github.com/postalsys/mailauth/commit/3b7515df768ce1d2e4e02858fdfca8efca6243fb))
|
|
9
|
+
|
|
3
10
|
## [4.8.2](https://github.com/postalsys/mailauth/compare/v4.8.1...v4.8.2) (2024-12-19)
|
|
4
11
|
|
|
5
12
|
|
|
Binary file
|
package/lib/bimi/index.js
CHANGED
|
@@ -13,7 +13,9 @@ const httpsSchema = Joi.string().uri({
|
|
|
13
13
|
const FETCH_TIMEOUT = 5 * 1000;
|
|
14
14
|
|
|
15
15
|
const { fetch: fetchCmd, Agent } = require('undici');
|
|
16
|
-
const fetchAgent = new Agent({
|
|
16
|
+
const fetchAgent = new Agent({
|
|
17
|
+
connect: { timeout: FETCH_TIMEOUT }
|
|
18
|
+
});
|
|
17
19
|
|
|
18
20
|
const { vmc } = require('@postalsys/vmc');
|
|
19
21
|
const { validateSvg } = require('./validate-svg');
|
|
@@ -279,13 +279,15 @@ const headerParser = buf => {
|
|
|
279
279
|
entry.comment = part.comment;
|
|
280
280
|
}
|
|
281
281
|
|
|
282
|
-
if (['
|
|
283
|
-
if (
|
|
284
|
-
result[part.key]
|
|
282
|
+
if (part.key && !['__proto__', 'constructor'].includes(part.key)) {
|
|
283
|
+
if (['arc-authentication-results', 'authentication-results'].includes(headerKey) && part.key === 'dkim') {
|
|
284
|
+
if (!result[part.key]) {
|
|
285
|
+
result[part.key] = [];
|
|
286
|
+
}
|
|
287
|
+
result[part.key].push(entry);
|
|
288
|
+
} else {
|
|
289
|
+
result[part.key] = entry;
|
|
285
290
|
}
|
|
286
|
-
result[part.key].push(entry);
|
|
287
|
-
} else {
|
|
288
|
-
result[part.key] = entry;
|
|
289
291
|
}
|
|
290
292
|
});
|
|
291
293
|
|
package/man/mailauth.1
CHANGED
package/package.json
CHANGED
|
@@ -1,6 +1,6 @@
|
|
|
1
1
|
{
|
|
2
2
|
"name": "mailauth",
|
|
3
|
-
"version": "4.8.
|
|
3
|
+
"version": "4.8.3",
|
|
4
4
|
"description": "Email authentication library for Node.js",
|
|
5
5
|
"main": "lib/mailauth.js",
|
|
6
6
|
"scripts": {
|
|
@@ -8,7 +8,8 @@
|
|
|
8
8
|
"prepublish": "npm run man || true",
|
|
9
9
|
"man": "cd man && marked-man --version `node -e \"console.log('v'+require('../package.json').version)\"` --manual 'Mailauth Help' --section 1 man.md > mailauth.1",
|
|
10
10
|
"build-source": "rm -rf node_modules package-lock.json && npm install && npm run man && npm run licenses && rm -rf node_modules package-lock.json && npm install --production && rm -rf package-lock.json",
|
|
11
|
-
"build-dist": "npx pkg --compress Brotli package.json && rm -rf package-lock.json && npm install",
|
|
11
|
+
"build-dist": "npx pkg --compress Brotli package.json && rm -rf package-lock.json && npm install && node winconf.js",
|
|
12
|
+
"build-dist-fast": "pkg --debug package.json && npm install && node winconf.js",
|
|
12
13
|
"licenses": "license-report --only=prod --output=table --config license-report-config.json > licenses.txt",
|
|
13
14
|
"update": "rm -rf node_modules package-lock.json && npx ncu -u && npm install"
|
|
14
15
|
},
|
|
@@ -38,26 +39,27 @@
|
|
|
38
39
|
"eslint-config-nodemailer": "1.2.0",
|
|
39
40
|
"eslint-config-prettier": "9.1.0",
|
|
40
41
|
"js-yaml": "4.1.0",
|
|
41
|
-
"license-report": "6.7.
|
|
42
|
+
"license-report": "6.7.2",
|
|
42
43
|
"marked": "0.7.0",
|
|
43
44
|
"marked-man": "0.7.0",
|
|
44
45
|
"mbox-reader": "1.2.0",
|
|
45
|
-
"mocha": "11.0
|
|
46
|
+
"mocha": "11.1.0",
|
|
47
|
+
"resedit": "^2.0.3"
|
|
46
48
|
},
|
|
47
49
|
"dependencies": {
|
|
48
50
|
"@postalsys/vmc": "1.1.0",
|
|
49
|
-
"fast-xml-parser": "4.5.
|
|
51
|
+
"fast-xml-parser": "4.5.2",
|
|
50
52
|
"ipaddr.js": "2.2.0",
|
|
51
53
|
"joi": "17.13.3",
|
|
52
54
|
"libmime": "5.3.6",
|
|
53
|
-
"nodemailer": "6.
|
|
55
|
+
"nodemailer": "6.10.1",
|
|
54
56
|
"punycode.js": "2.3.1",
|
|
55
|
-
"tldts": "
|
|
56
|
-
"undici": "
|
|
57
|
+
"tldts": "7.0.1",
|
|
58
|
+
"undici": "7.8.0",
|
|
57
59
|
"yargs": "17.7.2"
|
|
58
60
|
},
|
|
59
61
|
"engines": {
|
|
60
|
-
"node": ">=
|
|
62
|
+
"node": ">=18.0.0"
|
|
61
63
|
},
|
|
62
64
|
"bin": {
|
|
63
65
|
"mailauth": "bin/mailauth.js"
|
package/winconf.js
ADDED
|
@@ -0,0 +1,70 @@
|
|
|
1
|
+
'use strict';
|
|
2
|
+
|
|
3
|
+
const { load } = require('resedit/cjs');
|
|
4
|
+
const PackageData = require('./package.json');
|
|
5
|
+
|
|
6
|
+
const { readFileSync, writeFileSync } = require('fs');
|
|
7
|
+
|
|
8
|
+
const options = {
|
|
9
|
+
in: './ee-dist/mailauth-win-x64.exe',
|
|
10
|
+
out: './ee-dist/mailauth-win-x64.exe',
|
|
11
|
+
version: PackageData.version,
|
|
12
|
+
properties: {
|
|
13
|
+
LegalCopyright: 'Postal Systems OÜ',
|
|
14
|
+
FileDescription: 'mailauth provides a command-line utility for email authentication',
|
|
15
|
+
ProductName: 'mailauth'
|
|
16
|
+
},
|
|
17
|
+
icon: 'assets/mailauth.ico'
|
|
18
|
+
};
|
|
19
|
+
|
|
20
|
+
const language = {
|
|
21
|
+
lang: 1033,
|
|
22
|
+
codepage: 1200
|
|
23
|
+
};
|
|
24
|
+
|
|
25
|
+
load().then(ResEdit => {
|
|
26
|
+
// Modify .exe w/ ResEdit
|
|
27
|
+
const data = readFileSync(options.in);
|
|
28
|
+
const executable = ResEdit.NtExecutable.from(data);
|
|
29
|
+
const res = ResEdit.NtExecutableResource.from(executable);
|
|
30
|
+
const vi = ResEdit.Resource.VersionInfo.fromEntries(res.entries)[0];
|
|
31
|
+
|
|
32
|
+
// Remove original filename
|
|
33
|
+
vi.removeStringValue(language, 'OriginalFilename');
|
|
34
|
+
vi.removeStringValue(language, 'InternalName');
|
|
35
|
+
|
|
36
|
+
// Product version
|
|
37
|
+
if (options.version) {
|
|
38
|
+
// Convert version to tuple of 3 numbers
|
|
39
|
+
const version = options.version
|
|
40
|
+
.split('.')
|
|
41
|
+
.map(v => Number(v) || 0)
|
|
42
|
+
.slice(0, 3);
|
|
43
|
+
|
|
44
|
+
// Update versions
|
|
45
|
+
vi.setProductVersion(...version, 0, language.lang);
|
|
46
|
+
vi.setFileVersion(...version, 0, language.lang);
|
|
47
|
+
}
|
|
48
|
+
|
|
49
|
+
// Add additional user specified properties
|
|
50
|
+
if (options.properties) {
|
|
51
|
+
vi.setStringValues(language, options.properties);
|
|
52
|
+
}
|
|
53
|
+
|
|
54
|
+
vi.outputToResourceEntries(res.entries);
|
|
55
|
+
|
|
56
|
+
// Add icon
|
|
57
|
+
if (options.icon) {
|
|
58
|
+
const iconFile = ResEdit.Data.IconFile.from(readFileSync(options.icon));
|
|
59
|
+
ResEdit.Resource.IconGroupEntry.replaceIconsForResource(
|
|
60
|
+
res.entries,
|
|
61
|
+
1,
|
|
62
|
+
language.lang,
|
|
63
|
+
iconFile.icons.map(item => item.data)
|
|
64
|
+
);
|
|
65
|
+
}
|
|
66
|
+
|
|
67
|
+
// Regenerate and write to .exe
|
|
68
|
+
res.outputResource(executable);
|
|
69
|
+
writeFileSync(options.out, Buffer.from(executable.generate()));
|
|
70
|
+
});
|