mailauth 4.8.3 → 4.8.5

package/.ncurc.js

@@ -1,8 +1,6 @@
 module.exports = {
     upgrade: true,
     reject: [
-        'marked',
-        'marked-man',
         // only works as ESM
         'chai',
         'fast-xml-parser',

package/CHANGELOG.md

@@ -1,5 +1,19 @@
 # Changelog
 
+## [4.8.5](https://github.com/postalsys/mailauth/compare/v4.8.4...v4.8.5) (2025-05-11)
+
+
+### Bug Fixes
+
+* **deps:** Bumped deps to get updated vmc root store ([5ad7464](https://github.com/postalsys/mailauth/commit/5ad746450f97d348217607802e83445e08737faf))
+
+## [4.8.4](https://github.com/postalsys/mailauth/compare/v4.8.3...v4.8.4) (2025-04-21)
+
+
+### Bug Fixes
+
+* **bimi:** Bumped VMC module to add support for GLobalSign VMC root ([d0e9ecf](https://github.com/postalsys/mailauth/commit/d0e9ecf89b699aae8ad9953445f052b558250f5a))
+
 ## [4.8.3](https://github.com/postalsys/mailauth/compare/v4.8.2...v4.8.3) (2025-04-20)
 
 

package/package.json

@@ -1,13 +1,11 @@
 {
     "name": "mailauth",
-    "version": "4.8.3",
+    "version": "4.8.5",
     "description": "Email authentication library for Node.js",
     "main": "lib/mailauth.js",
     "scripts": {
         "test": "eslint \"lib/**/*.js\" \"test/**/*.js\" && mocha --recursive \"./test/**/*.js\" --reporter spec",
-        "prepublish": "npm run man || true",
-        "man": "cd man && marked-man --version `node -e \"console.log('v'+require('../package.json').version)\"` --manual 'Mailauth Help' --section 1 man.md > mailauth.1",
-        "build-source": "rm -rf node_modules package-lock.json && npm install && npm run man && npm run licenses && rm -rf node_modules package-lock.json && npm install --production && rm -rf package-lock.json",
+        "build-source": "rm -rf node_modules package-lock.json && npm install && npm run licenses && rm -rf node_modules package-lock.json && npm install --production && rm -rf package-lock.json",
         "build-dist": "npx pkg --compress Brotli package.json && rm -rf package-lock.json && npm install && node winconf.js",
         "build-dist-fast": "pkg --debug package.json && npm install && node winconf.js",
         "licenses": "license-report --only=prod --output=table --config license-report-config.json > licenses.txt",
@@ -40,22 +38,20 @@
         "eslint-config-prettier": "9.1.0",
         "js-yaml": "4.1.0",
         "license-report": "6.7.2",
-        "marked": "0.7.0",
-        "marked-man": "0.7.0",
         "mbox-reader": "1.2.0",
-        "mocha": "11.1.0",
+        "mocha": "11.2.2",
         "resedit": "^2.0.3"
     },
     "dependencies": {
-        "@postalsys/vmc": "1.1.0",
+        "@postalsys/vmc": "1.1.2",
         "fast-xml-parser": "4.5.2",
         "ipaddr.js": "2.2.0",
         "joi": "17.13.3",
         "libmime": "5.3.6",
-        "nodemailer": "6.10.1",
+        "nodemailer": "7.0.3",
         "punycode.js": "2.3.1",
-        "tldts": "7.0.1",
-        "undici": "7.8.0",
+        "tldts": "7.0.7",
+        "undici": "7.9.0",
         "yargs": "17.7.2"
     },
     "engines": {
@@ -64,12 +60,8 @@
     "bin": {
         "mailauth": "bin/mailauth.js"
     },
-    "man": [
-        "man/mailauth.1"
-    ],
     "pkg": {
         "assets": [
-            "man/**/*",
             "licenses.txt",
             "LICENSE.txt"
         ],

package/man/mailauth.1

@@ -1,145 +0,0 @@
-.TH "MAILAUTH" "1" "April 2025" "v4.8.3" "Mailauth Help"
-.SH "NAME"
-\fBmailauth\fR
-.QP
-.P
-mailauth \- authenticate, sign and seal emails
-
-.
-.SH SYNOPSIS
-.P
-\fBmailauth\fP \fIcommand\fR [ \fIcommand_opts\fR ] [ \fIemail\fR ]
-.P
-\fBmailauth help\fP
-.P
-\fBmailauth\fP \fIcommand\fR \fBhelp\fP
-.SH DESCRIPTION
-.P
-Mailauth is an email authentication application to validate SPF, DKIM, DMARC, and ARC\. You can also sign emails with DKIM digital signatures and seal messages with ARC\.
-.SH COMMANDS
-.P
-\fBreport\fR
-.br
-Validate an email message and return a report in JSON format
-.P
-\fBsign\fR
-.br
-Sign an email with a DKIM digital signature
-.P
-\fBseal\fR
-.br
-Authenticates an email and seals it with an ARC digital signature
-.P
-\fBspf\fR
-.br
-Authenticates SPF for an IP address and email address
-.P
-\fBlicense\fR
-.br
-Display licenses for mailauth and included modules
-.SH Website
-.P
-\fIhttps://github\.com/postalsys/mailauth\fR
-.SH EXAMPLES
-.P
-\fBnpm install mailauth \-g\fP
-.P
-\fBmailauth report /path/to/email\.eml\fP
-.P
-\fBcat /path/to/email\.eml | mailauth report\fP
-.P
-\fBmailauth sign /path/to/email\.eml \-d kreata\.ee \-s test \-k /path/to/key\fP
-.P
-\fBmailauth spf \-f andris@wildduck\.email \-i 217\.146\.76\.20\fP
-.SH EMAIL ARGUMENT
-.P
-Email argument defines the path to the email message file in EML format\. If not specified, then
-content is read from standard input\.
-.SH OPTIONS
-.RS 0
-.IP \(bu 2
-\fB\-\-verbose\fP, \fB\-v\fP
-Enable silly verbose mode
-.IP \(bu 2
-\fB\-\-version\fP
-Print application version
-.IP \(bu 2
-\fB\-\-client\-ip\fP, \fB\-i <ip>\fP
-Client IP used for SPF checks\. If not set, then parsed from the latest Received header\. (\fBreport\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-mta\fP, \fB\-m <hostname>\fP
-The hostname of this machine, used in the \fBAuthentication\-Results\fP header\. (\fBreport\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-helo\fP, \fB\-e <hostname>\fP
-Client hostname from the EHLO/HELO command, used in some specific SPF checks\. (\fBreport\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-sender\fP, \fB\-f <address>\fP
-The email address from the \fBMAIL FROM\fP command\. If not set, the address from the latest \fIReturn\-Path\fR header is used instead\. (\fBreport\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-dns\-cache\fP, \fB\-n <file>\fP
-Path to a JSON file with cached DNS responses\. If this file is given, then no actual DNS requests are performed\. Anything that is not listed returns an \fBENOTFOUND\fP error\. (\fBreport\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-private\-key\fP, \fB\-k <file>\fP
-Path to a private key for signing\. Allowed key types are RSA and Ed25519 (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-domain\fP, \fB\-d <domain>\fP
-Domain name for signing\. (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-selector\fP, \fB\-s <selector>\fP
-Key selector for signing\. (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-algo\fP, \fB\-a <algo>\fP
-Signing algorithm\. Defaults either to \fIrsa\-sha256\fR or \fIed25519\-sha256\fR depending on the private key format\. (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-canonicalization\fP, \fB\-c <algo>\fP
-Canonicalization algorithm\. Defaults to \fIrelaxed/relaxed\fR\|\. (\fBsign\fP)
-.IP \(bu 2
-\fB\-\-body\-length\fP, \fB\-l <number>\fP
-The maximum length of the canonicalized body to sign\. (\fBsign\fP)
-.IP \(bu 2
-\fB\-\-time\fP, \fB\-t <number>\fP
-Signing time as a Unix timestamp\. (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-header\-fields\fP, \fB\-h <list>\fP
-Colon separated list of header field names to sign\. (\fBsign\fP, \fBseal\fP)
-.IP \(bu 2
-\fB\-\-headers\-only\fP, \fB\-o\fP
-Return signing headers only\. By default, the entire message is printed to the console\. (\fBsign\fP, \fBseal\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-max\-lookups\fP, \fB\-x\fP
-How many DNS lookups allowed for SPF validation\. Defaults to 10\. (\fBreport\fP, \fBspf\fP)
-.IP \(bu 2
-\fB\-\-max\-void\-lookups\fP, \fB\-z\fP
-How many empty DNS lookups allowed for SPF validation\. Defaults to 2\. (\fBreport\fP, \fBspf\fP)
-
-.RE
-.SH DNS CACHE
-.P
-For cached DNS requests, use the following JSON object structure: primary keys are domain names, and subkeys are resource record types\.
-.P
-.RS 2
-.nf
-{
-    "selector\._domainkey\.example\.com": {
-        "TXT": [
-            [
-                "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ\.\.\.",
-                "\.\.\.sOLccRAmVAOmacHmayjDROTw/XilzErJj+uVAicGYfs10Nz+EUuwIDAQAB"
-            ]
-        ]
-    }
-}
-.fi
-.RE
-.P
-You can split longer TXT strings into multiple strings\. There is no length limit, unlike in actual DNS so you can put the entire public key into a single string\.
-.SH BUGS
-.P
-Please report any bugs to https://github\.com/postalsys/mailauth/issues\.
-.SH LICENSE
-.P
-Copyright (c) 2020\-2024, Postal Systems (MIT)\.
-.SH SEE ALSO
-.P
-node\.js(1)
-

package/man/man.md

@@ -1,140 +0,0 @@
-# mailauth(1)
-
-> mailauth - authenticate, sign and seal emails
-
-## SYNOPSIS
-
-`mailauth` _command_ [ _command_opts_ ] [ _email_ ]
-
-`mailauth help`
-
-`mailauth` _command_ `help`
-
-## DESCRIPTION
-
-Mailauth is an email authentication application to validate SPF, DKIM, DMARC, and ARC. You can also sign emails with DKIM digital signatures and seal messages with ARC.
-
-## COMMANDS
-
-**report**\
-Validate an email message and return a report in JSON format
-
-**sign**\
-Sign an email with a DKIM digital signature
-
-**seal**\
-Authenticates an email and seals it with an ARC digital signature
-
-**spf**\
-Authenticates SPF for an IP address and email address
-
-**license**\
-Display licenses for mailauth and included modules
-
-## Website
-
-[](https://github.com/postalsys/mailauth)
-
-## EXAMPLES
-
-`npm install mailauth -g`
-
-`mailauth report /path/to/email.eml`
-
-`cat /path/to/email.eml | mailauth report`
-
-`mailauth sign /path/to/email.eml -d kreata.ee -s test -k /path/to/key`
-
-`mailauth spf -f andris@wildduck.email -i 217.146.76.20`
-
-## EMAIL ARGUMENT
-
-Email argument defines the path to the email message file in EML format. If not specified, then
-content is read from standard input.
-
-## OPTIONS
-
--   `--verbose`, `-v`
-    Enable silly verbose mode
-
--   `--version`
-    Print application version
-
--   `--client-ip`, `-i <ip>`
-    Client IP used for SPF checks. If not set, then parsed from the latest Received header. (`report`, `seal`, `spf`)
-
--   `--mta`, `-m <hostname>`
-    The hostname of this machine, used in the `Authentication-Results` header. (`report`, `seal`, `spf`)
-
--   `--helo`, `-e <hostname>`
-    Client hostname from the EHLO/HELO command, used in some specific SPF checks. (`report`, `seal`, `spf`)
-
--   `--sender`, `-f <address>`
-    The email address from the `MAIL FROM` command. If not set, the address from the latest _Return-Path_ header is used instead. (`report`, `seal`, `spf`)
-
--   `--dns-cache`, `-n <file>`
-    Path to a JSON file with cached DNS responses. If this file is given, then no actual DNS requests are performed. Anything that is not listed returns an `ENOTFOUND` error. (`report`, `seal`, `spf`)
-
--   `--private-key`, `-k <file>`
-    Path to a private key for signing. Allowed key types are RSA and Ed25519 (`sign`, `seal`)
-
--   `--domain`, `-d <domain>`
-    Domain name for signing. (`sign`, `seal`)
-
--   `--selector`, `-s <selector>`
-    Key selector for signing. (`sign`, `seal`)
-
--   `--algo`, `-a <algo>`
-    Signing algorithm. Defaults either to _rsa-sha256_ or _ed25519-sha256_ depending on the private key format. (`sign`, `seal`)
-
--   `--canonicalization`, `-c <algo>`
-    Canonicalization algorithm. Defaults to _relaxed/relaxed_. (`sign`)
-
--   `--body-length`, `-l <number>`
-    The maximum length of the canonicalized body to sign. (`sign`)
-
--   `--time`, `-t <number>`
-    Signing time as a Unix timestamp. (`sign`, `seal`)
-
--   `--header-fields`, `-h <list>`
-    Colon separated list of header field names to sign. (`sign`, `seal`)
-
--   `--headers-only`, `-o`
-    Return signing headers only. By default, the entire message is printed to the console. (`sign`, `seal`, `spf`)
-
--   `--max-lookups`, `-x`
-    How many DNS lookups allowed for SPF validation. Defaults to 10. (`report`, `spf`)
-
--   `--max-void-lookups`, `-z`
-    How many empty DNS lookups allowed for SPF validation. Defaults to 2. (`report`, `spf`)
-
-## DNS CACHE
-
-For cached DNS requests, use the following JSON object structure: primary keys are domain names, and subkeys are resource record types.
-
-```
-{
-    "selector._domainkey.example.com": {
-        "TXT": [
-            [
-                "v=DKIM1;k=rsa;p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQ...",
-                "...sOLccRAmVAOmacHmayjDROTw/XilzErJj+uVAicGYfs10Nz+EUuwIDAQAB"
-            ]
-        ]
-    }
-}
-```
-
-You can split longer TXT strings into multiple strings. There is no length limit, unlike in actual DNS so you can put the entire public key into a single string.
-
-## BUGS
-
-Please report any bugs to https://github.com/postalsys/mailauth/issues.
-
-## LICENSE
-
-Copyright (c) 2020-2024, Postal Systems (MIT).
-
-## SEE ALSO
-
-node.js(1)