Skip to content

Comments

upgrade go mail to 0.7.2 and fix the bug#35833

Merged
lunny merged 1 commit intogo-gitea:mainfrom
lunny:lunny/upgrade_gomail
Nov 3, 2025
Merged

upgrade go mail to 0.7.2 and fix the bug#35833
lunny merged 1 commit intogo-gitea:mainfrom
lunny:lunny/upgrade_gomail

Conversation

@lunny
Copy link
Member

@lunny lunny commented Nov 3, 2025

@lunny lunny added backport/v1.24 This PR should be backported to Gitea 1.24 backport/v1.25 labels Nov 3, 2025
@GiteaBot GiteaBot added the lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. label Nov 3, 2025
@github-actions github-actions bot added modifies/go Pull requests that update Go code modifies/dependencies labels Nov 3, 2025
@silverwind
Copy link
Member

silverwind commented Nov 3, 2025

That's just a workaround, not the proper fix. The proper fix must be to not import go-mail/smtp and obtain the smtp client from mail.NewClient instead:

https://github.com/wneessen/go-mail/wiki/Simple-Mailer-Example

@lunny
Copy link
Member Author

lunny commented Nov 3, 2025

That's just a workaround, not the proper fix. The proper fix must be to not import go-mail/smtp and obtain the smtp client from mail.NewClient instead:

Wiki: Simple Mailer Example (wneessen/go-mail)

Yes, I just need that to avoid the vul ASAP. I will send another PR to follow the suggestion to use a high level API.

@lunny lunny mentioned this pull request Nov 3, 2025
Copy link
Member

@silverwind silverwind left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

ok as temporary workaround.

@GiteaBot GiteaBot added lgtm/need 1 This PR needs approval from one additional maintainer to be merged. and removed lgtm/need 2 This PR needs two approvals by maintainers to be considered for merging. labels Nov 3, 2025
@GiteaBot GiteaBot added lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. and removed lgtm/need 1 This PR needs approval from one additional maintainer to be merged. labels Nov 3, 2025
@lunny lunny merged commit 17a6a2b into go-gitea:main Nov 3, 2025
25 checks passed
@GiteaBot GiteaBot added this to the 1.26.0 milestone Nov 3, 2025
@lunny lunny deleted the lunny/upgrade_gomail branch November 3, 2025 19:32
lunny added a commit that referenced this pull request Nov 3, 2025
GiteaBot pushed a commit to GiteaBot/gitea that referenced this pull request Nov 3, 2025
@lunny lunny added the backport/done All backports for this PR have been created label Nov 3, 2025
lunny added a commit that referenced this pull request Nov 3, 2025
Backport #35833 by @lunny

patch from
wneessen/go-mail#504 (comment).
Thanks to @wneessen

Co-authored-by: Lunny Xiao <xiaolunwen@gmail.com>
project-mirrors-bot-tu bot pushed a commit to project-mirrors/gitea-helm-chart that referenced this pull request Nov 5, 2025
This PR contains the following updates:

| Package | Update | Change |
|---|---|---|
| [go-gitea/gitea](https://github.com/go-gitea/gitea) | patch | `1.25.0` -> `1.25.1` |

---

### Release Notes

<details>
<summary>go-gitea/gitea (go-gitea/gitea)</summary>

### [`v1.25.1`](https://github.com/go-gitea/gitea/releases/tag/v1.25.1)

[Compare Source](go-gitea/gitea@v1.25.0...v1.25.1)

- BUGFIXES
  - Make ACME email optional ([#&#8203;35849](go-gitea/gitea#35849)) [#&#8203;35857](go-gitea/gitea#35857)
  - Add a doctor command to fix inconsistent run status ([#&#8203;35840](go-gitea/gitea#35840)) ([#&#8203;35845](go-gitea/gitea#35845))
  - Remove wrong code ([#&#8203;35846](go-gitea/gitea#35846))
  - Fix viewed files number is not right if not all files loaded ([#&#8203;35821](go-gitea/gitea#35821)) ([#&#8203;35844](go-gitea/gitea#35844))
  - Fix incorrect pull request counter ([#&#8203;35819](go-gitea/gitea#35819)) ([#&#8203;35841](go-gitea/gitea#35841))
  - Upgrade go mail to 0.7.2 and fix the bug ([#&#8203;35833](go-gitea/gitea#35833)) ([#&#8203;35837](go-gitea/gitea#35837))
  - Revert gomail to v0.7.0 to fix sending mail failed ([#&#8203;35816](go-gitea/gitea#35816)) ([#&#8203;35824](go-gitea/gitea#35824))
  - Fix clone mixed bug ([#&#8203;35810](go-gitea/gitea#35810)) ([#&#8203;35822](go-gitea/gitea#35822))
  - Fix cli "Before" handling ([#&#8203;35797](go-gitea/gitea#35797)) ([#&#8203;35808](go-gitea/gitea#35808))
  - Improve and fix markup code preview rendering ([#&#8203;35777](go-gitea/gitea#35777)) ([#&#8203;35787](go-gitea/gitea#35787))
  - Fix actions rerun bug ([#&#8203;35783](go-gitea/gitea#35783)) ([#&#8203;35784](go-gitea/gitea#35784))
  - Fix actions schedule update issue ([#&#8203;35767](go-gitea/gitea#35767)) ([#&#8203;35774](go-gitea/gitea#35774))
  - Fix circular spin animation direction ([#&#8203;35785](go-gitea/gitea#35785)) ([#&#8203;35823](go-gitea/gitea#35823))
  - Fix file extension on gogs.png ([#&#8203;35793](go-gitea/gitea#35793)) ([#&#8203;35799](go-gitea/gitea#35799))
  - Add pnpm to Snapcraft ([#&#8203;35778](go-gitea/gitea#35778))

Instances on **[Gitea Cloud](https://cloud.gitea.com)** will be automatically upgraded to this version during the specified maintenance window.

</details>

---

### Configuration

📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - Between 12:00 AM and 03:59 AM ( * 0-3 * * * ) (UTC).

🚦 **Automerge**: Enabled.

♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 **Ignore**: Close this PR and you won't be reminded about this update again.

---

 - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box

---

This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate).
<!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0MS4xOC4xIiwidXBkYXRlZEluVmVyIjoiNDEuMTguMSIsInRhcmdldEJyYW5jaCI6Im1haW4iLCJsYWJlbHMiOlsia2luZC9kZXBlbmRlbmN5Il19-->

Reviewed-on: https://gitea.com/gitea/helm-gitea/pulls/981
Reviewed-by: Markus Pesch <volker.raschek@noreply.gitea.com>
Co-authored-by: Renovate Bot <renovate-bot@gitea.com>
Co-committed-by: Renovate Bot <renovate-bot@gitea.com>
zjjhot added a commit to zjjhot/gitea that referenced this pull request Nov 6, 2025
* giteaofficial/main:
  Remove padding override on `.ui .sha.label` (go-gitea#35864)
  fix(api/repo/contents): set the dates to now when not specified by the caller (go-gitea#35861)
  Remove `fix` Make targets (go-gitea#35868)
  Refactor ls-tree and git path related problems (go-gitea#35858)
  Fix pull description code label background (go-gitea#35865)
  Make ACME email optional (go-gitea#35849)
  Remove wrong code (go-gitea#35846)
  Fix Arch repo pacman.conf snippet (go-gitea#35825)
  Port away from `flake-utils` (go-gitea#35675)
  Update golangci-lint to v2.6.0 (go-gitea#35801)
  Add a doctor command to fix inconsistent run status (go-gitea#35840)
  Fix viewed files number is not right if not all files loaded (go-gitea#35821)
  Fix incorrect pull request counter (go-gitea#35819)
  Fix a number of `strictNullChecks`-related issues (go-gitea#35795)
  ignore .worktrees as a "special folder" (go-gitea#35835)
  upgrade go mail to 0.7.2 and fix the bug (go-gitea#35833)
@xnox xnox mentioned this pull request Dec 7, 2025
@go-gitea go-gitea locked as resolved and limited conversation to collaborators Feb 2, 2026
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.

Labels

backport/done All backports for this PR have been created backport/v1.24 This PR should be backported to Gitea 1.24 backport/v1.25 lgtm/done This PR has enough approvals to get merged. There are no important open reservations anymore. modifies/dependencies modifies/go Pull requests that update Go code

Projects

None yet

Development

Successfully merging this pull request may close these issues.

4 participants