Skip to content

upgrade go mail to 0.7.2 and fix the bug #35833

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 1 commit into from
Nov 3, 2025
Merged

upgrade go mail to 0.7.2 and fix the bug #35833

merged 1 commit into from
Nov 3, 2025
+4 −4

Conversation

@lunny
Copy link
Member

@lunny lunny commented Nov 3, 2025

@lunny lunny added backport/v1.24 This PR should be backported to Gitea 1.24 backport/v1.25 labels Nov 3, 2025
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 3, 2025
@github-actions github-actions bot added modifies/go Pull requests that update Go code modifies/dependencies labels Nov 3, 2025
@silverwind
Copy link
Member

silverwind commented Nov 3, 2025
edited
Loading

That's just a workaround, not the proper fix. The proper fix must be to not import go-mail/smtp and obtain the smtp client from mail.NewClient instead:

https://github.com/wneessen/go-mail/wiki/Simple-Mailer-Example

@lunny
Copy link
Member Author

lunny commented Nov 3, 2025

That's just a workaround, not the proper fix. The proper fix must be to not import go-mail/smtp and obtain the smtp client from mail.NewClient instead:

Wiki: Simple Mailer Example (wneessen/go-mail)

Yes, I just need that to avoid the vul ASAP. I will send another PR to follow the suggestion to use a high level API.

@lunny lunny mentioned this pull request Nov 3, 2025
Merged
silverwind
silverwind approved these changes Nov 3, 2025
View reviewed changes
Copy link
Member

@silverwind silverwind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok as temporary workaround.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 3, 2025
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 3, 2025
@lunny lunny merged commit 17a6a2b into go-gitea:main Nov 3, 2025
25 checks passed
@GiteaBot GiteaBot added this to the 1.26.0 milestone Nov 3, 2025
@lunny lunny deleted the lunny/upgrade_gomail branch November 3, 2025 19:32
lunny added a commit that referenced this pull request Nov 3, 2025
@lunny
Fix send mail bug (#35834)
5ffd1e0 
backport #35833
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request Nov 3, 2025
@lunny @GiteaBot
upgrade go mail to 0.7.2 and fix the bug (go-gitea#35833)
c95ca89 
patch from
wneessen/go-mail#504 (comment).
Thanks to @wneessen
@GiteaBot GiteaBot mentioned this pull request Nov 3, 2025
Merged
@lunny lunny added the backport/done All backports for this PR have been created label Nov 3, 2025
lunny added a commit that referenced this pull request Nov 3, 2025
@GiteaBot @lunny
upgrade go mail to 0.7.2 and fix the bug (#35833) (#35837)
0a9cbf3 
Backport #35833 by @lunny

patch from
wneessen/go-mail#504 (comment).
Thanks to @wneessen

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@silverwind silverwind silverwind approved these changes

+1 more reviewer

@Zettat123 Zettat123 Zettat123 approved these changes

Reviewers whose approvals may not affect merge requirements

Assignees

No one assigned

Labels

backport/done All backports for this PR have been created backport/v1.24 This PR should be backported to Gitea 1.24 backport/v1.25 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/dependencies modifies/go Pull requests that update Go code

Projects

None yet

Milestone

1.26.0

Development

Successfully merging this pull request may close these issues.

4 participants

@lunny @silverwind @Zettat123 @GiteaBot