Merge branch 'main' into main

.cirrus.yml

@@ -14,12 +14,10 @@ freebsd_task:
         image_family: freebsd-14-0
 
   env:
-    TEST_ALLOW_SEND: 0
     TEST_SKIP_SENDMAIL: 1
 
   pkginstall_script:
-    - pkg update -f
     - pkg install -y go
 
   test_script:
-    - go test -v -race -cover -shuffle=on ./...
+    - go test -race -cover -shuffle=on ./...

.github/workflows/codecov.yml

@@ -10,15 +10,15 @@ on:
     paths:
       - '**.go'
       - 'go.*'
-      - '.github/**'
+      - '.github/workflows/codecov.yml'
       - 'codecov.yml'
   pull_request:
     branches:
       - main
     paths:
       - '**.go'
       - 'go.*'
-      - '.github/**'
+      - '.github/workflows/codecov.yml'
       - 'codecov.yml'
 env:
   TEST_HOST: ${{ secrets.TEST_HOST }}
@@ -27,6 +27,10 @@ env:
   TEST_SMTPAUTH_USER: ${{ secrets.TEST_USER }}
   TEST_SMTPAUTH_PASS: ${{ secrets.TEST_PASS }}
   TEST_SMTPAUTH_TYPE: "LOGIN"
+  TEST_ONLINE_SCRAM: "1"
+  TEST_HOST_SCRAM: ${{ secrets.TEST_HOST_SCRAM }}
+  TEST_USER_SCRAM: ${{ secrets.TEST_USER_SCRAM }}
+  TEST_PASS_SCRAM: ${{ secrets.TEST_PASS_SCRAM }}
 permissions:
   contents: read
 
@@ -36,10 +40,10 @@ jobs:
     strategy:
       matrix:
         os: [ubuntu-latest, macos-latest, windows-latest]
-        go: ['1.20', '1.21', '1.22', '1.23']
+        go: ['1.23']
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
@@ -55,9 +59,9 @@ jobs:
         sudo apt-get -y install sendmail; which sendmail
     - name: Run Tests
       run: |
-        go test -v -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
+        go test -race --coverprofile=coverage.coverprofile --covermode=atomic ./...
     - name: Upload coverage to Codecov
       if: success() && matrix.go == '1.23' && matrix.os == 'ubuntu-latest'
-      uses: codecov/codecov-action@e28ff129e5465c2c0dcc6f003fc735cb6ae0c673 # v4.5.0
+      uses: codecov/codecov-action@b9fd7d16f6d7d1b5d2bec1a2887e65ceed900238 # v4.6.0
       with:
         token: ${{ secrets.CODECOV_TOKEN }} # not required for public repos

.github/workflows/codeql-analysis.yml

@@ -45,7 +45,7 @@ jobs:
 
     steps:
     - name: Harden Runner
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 
@@ -54,7 +54,7 @@ jobs:
 
     # Initializes the CodeQL tools for scanning.
     - name: Initialize CodeQL
-      uses: github/codeql-action/init@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+      uses: github/codeql-action/init@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
       with:
         languages: ${{ matrix.language }}
         # If you wish to specify custom queries, you can do so here or in a config file.
@@ -65,7 +65,7 @@ jobs:
     # Autobuild attempts to build any compiled languages  (C/C++, C#, or Java).
     # If this step fails, then you should remove it and run the build manually (see below)
     - name: Autobuild
-      uses: github/codeql-action/autobuild@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+      uses: github/codeql-action/autobuild@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
 
     # ℹ️ Command-line programs to run using the OS shell.
     # 📚 https://git.io/JvXDl
@@ -79,4 +79,4 @@ jobs:
     #   make release
 
     - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+      uses: github/codeql-action/analyze@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12

.github/workflows/dependency-review.yml

@@ -21,7 +21,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 

.github/workflows/golangci-lint.yml

@@ -20,7 +20,7 @@ jobs:
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -29,7 +29,7 @@ jobs:
           go-version: '1.23'
       - uses: actions/checkout@f43a0e5ff2bd294095638e18286ca9a3d1956744 # v3.6.0
       - name: golangci-lint
-        uses: golangci/golangci-lint-action@aaa42aa0628b4ae2578232a66b541047968fac86 # v6.1.0
+        uses: golangci/golangci-lint-action@971e284b6050e8a5849b72094c50ab08da042db8 # v6.1.1
         with:
           # Optional: version of golangci-lint to use in form of v1.2 or v1.2.3 or `latest` to use the latest version
           version: latest

.github/workflows/govulncheck.yml

@@ -14,8 +14,8 @@ jobs:
     runs-on: ubuntu-latest
     steps: 
     - name: Harden Runner
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
     - name: Run govulncheck
-      uses: golang/govulncheck-action@dd0578b371c987f96d1185abb54344b44352bd58 # v1.0.3
+      uses: golang/govulncheck-action@b625fbe08f3bccbe446d94fbf87fcc875a4f50ee # v1.0.4

.github/workflows/offline-tests.yml

@@ -0,0 +1,45 @@
+# SPDX-FileCopyrightText: 2022 Winni Neessen <[email protected]>
+#
+# SPDX-License-Identifier: CC0-1.0
+
+name: Offline tests workflow
+on:
+  push:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.github/workflows/offline-tests.yml'
+  pull_request:
+    branches:
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.github/workflows/offline-tests.yml'
+permissions:
+  contents: read
+
+jobs:
+  run:
+    runs-on: ${{ matrix.os }}
+    strategy:
+      matrix:
+        os: [ubuntu-latest, macos-latest, windows-latest]
+        go: ['1.19', '1.20', '1.21', '1.22', '1.23']
+    steps:
+    - name: Harden Runner
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
+      with:
+        egress-policy: audit
+
+    - name: Checkout Code
+      uses: actions/checkout@61b9e3751b92087fd0b06925ba6dd6314e06f089 # master
+    - name: Setup go
+      uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
+      with:
+        go-version: ${{ matrix.go }}
+    - name: Run Tests
+      run: |
+        go test -race -shuffle=on ./...

.github/workflows/reuse.yml

@@ -14,7 +14,7 @@ jobs:
     runs-on: ubuntu-latest
     steps: 
     - name: Harden Runner
-      uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+      uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
       with:
         egress-policy: audit
 

.github/workflows/scorecards.yml

@@ -35,7 +35,7 @@ jobs:
 
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -67,14 +67,14 @@ jobs:
       # Upload the results as artifacts (optional). Commenting out will disable uploads of run results in SARIF
       # format to the repository Actions tab.
       - name: "Upload artifact"
-        uses: actions/upload-artifact@50769540e7f4bd5e21e526ee35c689e35e0d6874 # v4.4.0
+        uses: actions/upload-artifact@604373da6381bf24206979c74d06a550515601b9 # v4.4.1
         with:
           name: SARIF file
           path: results.sarif
           retention-days: 5
 
       # Upload the results to GitHub's code scanning dashboard.
       - name: "Upload to code-scanning"
-        uses: github/codeql-action/upload-sarif@4dd16135b69a43b6c8efb853346f8437d92d3c93 # v3.26.6
+        uses: github/codeql-action/upload-sarif@c36620d31ac7c881962c3d9dd939c40ec9434f2b # v3.26.12
         with:
           sarif_file: results.sarif

.github/workflows/sonarqube.yml

@@ -10,24 +10,25 @@ permissions:
 on:
   push:
     branches:
-      - main # or the name of your main branch
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.github/workflows/sonarqube.yml'
   pull_request:
     branches:
-      - main # or the name of your main branch
-env:
-  TEST_HOST: ${{ secrets.TEST_HOST }}
-  TEST_FROM: ${{ secrets.TEST_USER }}
-  TEST_ALLOW_SEND: "1"
-  TEST_SMTPAUTH_USER: ${{ secrets.TEST_USER }}
-  TEST_SMTPAUTH_PASS: ${{ secrets.TEST_PASS }}
-  TEST_SMTPAUTH_TYPE: "LOGIN"
+      - main
+    paths:
+      - '**.go'
+      - 'go.*'
+      - '.github/workflows/sonarqube.yml'
 jobs:
   build:
     name: Build
     runs-on: ubuntu-latest
     steps:
       - name: Harden Runner
-        uses: step-security/harden-runner@5c7944e73c4c2a096b17a9cb74d65b6c2bbafbde # v2.9.1
+        uses: step-security/harden-runner@91182cccc01eb5e619899d80e4e971d6181294a7 # v2.10.1
         with:
           egress-policy: audit
 
@@ -38,13 +39,13 @@ jobs:
       - name: Setup Go
         uses: actions/setup-go@0a12ed9d6a96ab950c8f026ed9f722fe0da7ef32 # v5.0.2
         with:
-          go-version: '1.23.x'
+          go-version: '1.23'
 
       - name: Run unit Tests
         run: |
-          go test -v -race --coverprofile=./cov.out ./...
+          go test -shuffle=on -race --coverprofile=./cov.out ./...
 
-      - uses: sonarsource/sonarqube-scan-action@0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 # master
+      - uses: sonarsource/sonarqube-scan-action@884b79409bbd464b2a59edc326a4b77dc56b2195 # master
         env:
           SONAR_TOKEN: ${{ secrets.SONAR_TOKEN }}
           SONAR_HOST_URL: ${{ secrets.SONAR_HOST_URL }}

README.md

@@ -18,40 +18,41 @@ SPDX-License-Identifier: CC0-1.0
 
 <p align="center"><img src="./assets/gopher2.svg" width="250" alt="go-mail logo"/></p>
 
-The main idea of this library was to provide a simple interface to sending mails for
+The main idea of this library was to provide a simple interface for sending mails to
 my [JS-Mailer](https://github.com/wneessen/js-mailer) project. It quickly evolved into a full-fledged mail library.
 
-go-mail follows idiomatic Go style and best practice. It's only dependency is the Go Standard Library. It combines a lot
-of functionality from the standard library to give easy and convenient access to mail and SMTP related tasks.
+go-mail follows idiomatic Go style and best practice. It has a small dependency footprint by mainly relying on the
+Go Standard Library and the Go extended packages. It combines a lot of functionality from the standard library to 
+give easy and convenient access to mail and SMTP related tasks.
 
-Parts of this library (especially some parts of [msgwriter.go](msgwriter.go)) have been forked/ported from the
-[go-mail/mail](https://github.com/go-mail/mail) respectively [go-gomail/gomail](https://github.com/go-gomail/gomail)
-which both seems to not be maintained anymore.
+In the early days, parts of this library (especially some parts of [msgwriter.go](msgwriter.go)) had been 
+forked/ported from [go-mail/mail](https://github.com/go-mail/mail) and respectively [go-gomail/gomail](https://github.com/go-gomail/gomail). Today
+most of the ported code has been refactored.
 
-The smtp package of go-mail is forked from the original Go stdlib's `net/smtp` and then extended by the go-mail
-team.
+The `smtp` package of go-mail has been forked from the original Go stdlib's `net/smtp` package and has then been extended 
+by the go-mail team to fit the packages needs (more SMTP Auth methods, logging, concurrency-safety, etc.).
 
 ## Features
 
-Some of the features of this library:
+Here are some highlights of go-mail's featureset:
 
-* [X] Only Standard Library dependant
+* [X] Very small dependency footprint (mainly Go Stdlib and Go extended packages)
 * [X] Modern, idiomatic Go
 * [X] Sane and secure defaults
 * [X] Explicit SSL/TLS support
 * [X] Implicit StartTLS support with different policies
 * [X] Makes use of contexts for a better control flow and timeout/cancelation handling
-* [X] SMTP Auth support (LOGIN, PLAIN, CRAM-MD, XOAUTH2)
+* [X] SMTP Auth support (LOGIN, PLAIN, CRAM-MD, XOAUTH2, SCRAM-SHA-1(-PLUS), SCRAM-SHA-256(-PLUS))
 * [X] RFC5322 compliant mail address validation
 * [X] Support for common mail header field generation (Message-ID, Date, Bulk-Precedence, Priority, etc.)
-* [X] Reusing the same SMTP connection to send multiple mails
+* [X] Concurrency-safe reusing the same SMTP connection to send multiple mails
 * [X] Support for attachments and inline embeds (from file system, `io.Reader` or `embed.FS`)
 * [X] Support for different encodings
 * [X] Middleware support for 3rd-party libraries to alter mail messages
 * [X] Support sending mails via a local sendmail command
 * [X] Support for requestng MDNs (RFC 8098) and DSNs (RFC 1891)
 * [X] DKIM signature support via [go-mail-middlware](https://github.com/wneessen/go-mail-middleware)
-* [X] Message object satisfies `io.WriteTo` and `io.Reader` interfaces
+* [X] Message object satisfies `io.WriterTo` and `io.Reader` interfaces
 * [X] Support for Go's `html/template` and `text/template` (as message body, alternative part or attachment/emebed)
 * [X] Output to file support which allows storing mail messages as e. g. `.eml` files to disk to open them in a MUA
 * [X] Debug logging of SMTP traffic
@@ -76,7 +77,8 @@ We guarantee that go-mail will always support the last four releases of Go. With
 the user a timeframe of two years to update to the next or even the latest version of Go.
 
 ## Support
-We have a support and general discussion channel on Discord. Find us at: [#go-mail](https://discord.gg/dbfQyC4s)
+We have a support and general discussion channel on Discord. Find us at: [#go-mail](https://discord.gg/dbfQyC4s) alternatively find us
+on the [Gophers Slack](https://gophers.slack.com) in #go-mail
 
 ## Middleware
 The goal of go-mail is to keep it free from 3rd party dependencies and only focus on things a mail library should
@@ -99,15 +101,18 @@ We provide example code in both our GoDocs as well as on our official Website (s
 check out our [Getting started](https://go-mail.dev/getting-started/introduction/) guide.
 
 ## Authors/Contributors
-go-mail was initially authored and developed by [Winni Neessen](https://github.com/wneessen/).
-
-Big thanks to the following people, for contributing to the go-mail project (either in form of code or by 
-reviewing code, writing documenation or helping to translate the website):
-* [Christian Vette](https://github.com/cvette)
-* [Dhia Gharsallaoui](https://github.com/dhia-gharsallaoui)
-* [inliquid](https://github.com/inliquid) 
-* [iwittkau](https://github.com/iwittkau)
-* [James Elliott](https://github.com/james-d-elliott)
-* [Maria Letta](https://github.com/MariaLetta) (designed the go-mail logo)
-* [Nicola Murino](https://github.com/drakkan)
-* [sters](https://github.com/sters)
+go-mail was initially created and developed by [Winni Neessen](https://github.com/wneessen/), but over time a lot of amazing people 
+contributed ot the project. Big thanks to all of them for improving the go-mail project (be it writing code, testing
+code, reviewing code, writing documenation or helping to translate the website):
+
+<a href="https://github.com/wneessen/go-mail/graphs/contributors">
+  <img src="https://contrib.rocks/image?repo=wneessen/go-mail" />
+</a>
+
+A huge thank you also goes to [Maria Letta](https://github.com/MariaLetta) for designing our super cool go-mail logo!
+
+## Sponsors
+We sincerely thank our amazing sponsors for their generous support! Your contributions do not go unnoticed and helps
+keeping up the project!
+
+* [kolaente](https://github.com/kolaente)

REUSE.toml

@@ -0,0 +1,9 @@
+# SPDX-FileCopyrightText: Copyright (c) 2022-2024 The go-mail Authors
+#
+# SPDX-License-Identifier: MIT
+
+version = 1
+SPDX-PackageName = "go-mail"
+SPDX-PackageSupplier = "Winni Neessen <[email protected]>"
+SPDX-PackageDownloadLocation = "https://github.com/wneessen/go-mail"
+annotations = []