search

Plume-org / Plume

Federated blogging application, thanks to ActivityPub (now on https://git.joinplu.me/ — this is just a mirror)
https://joinplu.me
GNU Affero General Public License v3.0
2.1k stars 133 forks source link

Bump lettre from 0.9.6 to 0.10.1 #1045

Closed dependabot[bot] closed 1 year ago

dependabot[bot] commented 1 year ago

Bumps lettre from 0.9.6 to 0.10.1.

Release notes

Sourced from lettre's releases.

0.10.1

Features

  • Add boring-tls support for SmtpTransport and AsyncSmtpTransport. The latter is only supported with the tokio runtime. (#797) (#798)
  • Make the minimum TLS version configurable. (#799) (#800)

Bug Fixes

  • Ensure connections are closed on abort. (#801)
  • Fix SMTP dot stuffing. (#803)

#797: lettre/lettre#797 #798: lettre/lettre#798 #799: lettre/lettre#799 #800: lettre/lettre#800 #801: lettre/lettre#801 #803: lettre/lettre#803

0.10.0

https://lettre.rs/post/lettre-0-10/

0.10.0-rc.1

After more than two years since 0.9 release, we're close to 0.10! 0.10 branch is already widely used and is thought to be more reliable than 0.9, so it should generally be used for new projects.

We'd love to hear your feedback about 0.10 design and APIs before final release!

Start a discussion in the repository, whether for feedback or if you need help or advice using or upgrading lettre 0.10.

v0.10.0-alpha.1

First dev release of the 0.10 branch. Async support is still missing, as well as support for streaming email content.

Changelog

Sourced from lettre's changelog.

v0.10.1 (2022-07-20)

Features

  • Add boring-tls support for SmtpTransport and AsyncSmtpTransport. The latter is only supported with the tokio runtime. (#797) (#798)
  • Make the minimum TLS version configurable. (#799) (#800)

Bug Fixes

  • Ensure connections are closed on abort. (#801)
  • Fix SMTP dot stuffing. (#803)

#797: lettre/lettre#797 #798: lettre/lettre#798 #799: lettre/lettre#799 #800: lettre/lettre#800 #801: lettre/lettre#801 #803: lettre/lettre#803

v0.10.0 (2022-06-29)

Upgrade notes

Several breaking changes were made between 0.9 and 0.10, but changes should be straightforward:

  • MSRV is now 1.56.0
  • The lettre_email crate has been merged into lettre. To migrate, replace lettre_email with lettre::message and make sure to enable the builder feature (it's enabled by default).
  • SendableEmail has been renamed to Email and EmailBuilder::build() produces it directly. To migrate, rename SendableEmail to Email.
  • The serde-impls feature has been renamed to serde. To migrate, rename the feature.

Features

  • Add tokio 1 support
  • Add rustls support
  • Add async-std support. NOTE: native-tls isn't supported when using async-std for the smtp transport.
  • Allow enabling multiple SMTP authentication mechanisms
  • Allow providing a custom message id
  • Allow sending raw emails

Breaking Changes

  • Merge lettre_email into lettre
  • Merge Email and SendableEmail into lettre::message::Email
  • SmtpTransport is now an high level SMTP client. It provides connection pooling and shortcuts for building clients using commonly desired values
  • Refactor TlsParameters implementation to not expose the internal TLS library
  • FileTransport writes emails into .eml instead of .json
  • When the hostname feature is disabled or hostname cannot be fetched, 127.0.0.1 is used instead of localhost as EHLO parameter (for better RFC compliance and mail server compatibility)

... (truncated)

Commits


Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR: - `@dependabot rebase` will rebase this PR - `@dependabot recreate` will recreate this PR, overwriting any edits that have been made to it - `@dependabot merge` will merge this PR after your CI passes on it - `@dependabot squash and merge` will squash and merge this PR after your CI passes on it - `@dependabot cancel merge` will cancel a previously requested merge and block automerging - `@dependabot reopen` will reopen this PR if it is closed - `@dependabot close` will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually - `@dependabot ignore this major version` will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this minor version` will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself) - `@dependabot ignore this dependency` will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
dependabot[bot] commented 1 year ago

OK, I won't notify you again about this release, but will get in touch when a new version is available. If you'd rather skip all updates until the next major or minor version, let me know by commenting @dependabot ignore this major version or @dependabot ignore this minor version. You can also ignore all major, minor, or patch releases for a dependency by adding an ignore condition with the desired update_types to your config file.

If you change your mind, just re-open this PR and I'll resolve any conflicts on it.