v0.3.6: Dependency/Security release

This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.23.2.

What's Changed

• Bump docker/setup-buildx-action from 3.3.0 to 3.4.0 by @dependabot in #161
• Bump golang from e4292ae to fcae9e0 by @dependabot in #160
• Bump actions/upload-artifact from 4.3.3 to 4.3.4 by @dependabot in #162
• Bump golang from fcae9e0 to 829eff9 by @dependabot in #164
• Bump actions/setup-go from 5.0.1 to 5.0.2 by @dependabot in #163
• Bump actions/dependency-review-action from 4.3.3 to 4.3.4 by @dependabot in #166
• Bump github.com/cyphar/filepath-securejoin from 0.2.5 to 0.3.0 by @dependabot in #165
• Bump github/codeql-action from 3.25.11 to 3.25.12 by @dependabot in #167
• Bump docker/build-push-action from 6.3.0 to 6.4.0 by @dependabot in #168
• Bump docker/build-push-action from 6.4.0 to 6.4.1 by @dependabot in #169
• Bump step-security/harden-runner from 2.8.1 to 2.9.0 by @dependabot in #170
• Bump github/codeql-action from 3.25.12 to 3.25.13 by @dependabot in #171
• Bump docker/build-push-action from 6.4.1 to 6.5.0 by @dependabot in #174
• Bump docker/login-action from 3.2.0 to 3.3.0 by @dependabot in #173
• Bump docker/setup-buildx-action from 3.4.0 to 3.5.0 by @dependabot in #172
• Bump github.com/cyphar/filepath-securejoin from 0.3.0 to 0.3.1 by @dependabot in #176
• Bump golang from 829eff9 to 1b70fa8 by @dependabot in #175
• Bump golang from 1b70fa8 to 86a3c48 by @dependabot in #177
• Bump github/codeql-action from 3.25.13 to 3.25.14 by @dependabot in #178
• Bump ossf/scorecard-action from 2.3.3 to 2.4.0 by @dependabot in #180
• Bump github/codeql-action from 3.25.14 to 3.25.15 by @dependabot in #179
• Bump golangci/golangci-lint-action from 6.0.1 to 6.1.0 by @dependabot in #182
• Bump docker/setup-buildx-action from 3.5.0 to 3.6.1 by @dependabot in #181
• Bump actions/upload-artifact from 4.3.4 to 4.3.5 by @dependabot in #183
• Bump step-security/harden-runner from 2.9.0 to 2.9.1 by @dependabot in #184
• Bump actions/upload-artifact from 4.3.5 to 4.3.6 by @dependabot in #186
• Bump github/codeql-action from 3.25.15 to 3.26.0 by @dependabot in #185
• Bump docker/build-push-action from 6.5.0 to 6.6.1 by @dependabot in #189
• Bump sigstore/cosign-installer from 3.5.0 to 3.6.0 by @dependabot in #188
• Bump golang from 86a3c48 to 2bd56f0 by @dependabot in #187
• Bump docker/build-push-action from 6.6.1 to 6.7.0 by @dependabot in #193
• Bump sonarsource/sonarqube-scan-action from 2.3.0 to 3.0.0 by @dependabot in #192
• Bump github/codeql-action from 3.26.0 to 3.26.1 by @dependabot in #191
• Bump golang from 2bd56f0 to 4058df8 by @dependabot in #190
• Bump github/codeql-action from 3.26.1 to 3.26.2 by @dependabot in #195
• Bump golang from 4058df8 to c4be4de by @dependabot in #194
• Bump golang from c4be4de to 613a108 by @dependabot in #196
• Bump github.com/wneessen/go-mail from 0.4.2 to 0.4.3 by @dependabot in #197
• Bump github/codeql-action from 3.26.2 to 3.26.3 by @dependabot in #198
• Bump github/codeql-action from 3.26.3 to 3.26.4 by @dependabot in #199
• Bump github/codeql-action from 3.26.4 to 3.26.5 by @dependabot in #200
• Bump github/codeql-action from 3.26.5 to 3.26.6 by @dependabot in #201
• Bump sonarsource/sonarqube-quality-gate-action from 72f24ebf1f81eda168a979ce14b8203273b7c3ad to dc2f7b0dd95544cd550de3028f89193576e958b9 by @dependabot in #203
• Bump actions/upload-artifact from 4.3.6 to 4.4.0 by @dependabot in #202
• Bump github.com/wneessen/go-mail from 0.4.3 to 0.4.4 by @dependabot in #204
• Bump golang from 613a108 to a36ef96 by @dependabot in #205
• Bump golang from a36ef96 to 4a3c2bc by @dependabot in #206
• Bump step-security/harden-runner from 2.9.1 to 2.10.0 by @dependabot in #207
• Bump golang from 4a3c2bc to 2fe82a3 by @dependabot in #209
• Bump step-security/harden-runner from 2.10.0 to 2.10.1 by @dependabot in #208
• Bump github/codeql-action from 3.26.6 to 3.26.7 by @dependabot in #211
• Bump github.com/cyphar/filepath-securejoin from 0.3.1 to 0.3.2 by @dependabot in #210
• Bump github/codeql-action from 3.26.7 to 3.26.8 by @dependabot in #212
• Bump sonarsource/sonarqube-scan-action from 0c0f3958d90fc466625f1d1af1f47bddd4cc6bd1 to 884b79409bbd464b2a59edc326a4b77dc56b2195 by @dependabot in #214
• Bump github/codeql-action from 3.26.8 to 3.26.9 by @dependabot in #213
• Bump actions/checkout from 4.1.7 to 4.2.0 by @dependabot in #215
• Bump docker/build-push-action from 6.7.0 to 6.8.0 by @dependabot in #217
• Bump golang from 2fe82a3 to 4f063a2 by @dependabot in #216
• Bump github/codeql-action from 3.26.9 to 3.26.10 by @dependabot in #220
• Bump docker/build-push-action from 6.8.0 to 6.9.0 by @dependabot in #219
• Bump github.com/cyphar/filepath-securejoin from 0.3.2 to 0.3.3 by @dependabot in #218
• Bump golang from 4f063a2 to adee809 by @dependabot in #221
• Bump docker/setup-buildx-action from 3.6.1 to 3.7.0 by @dependabot in #224
• Bump golangci/golangci-lint-action from 6.1.0 to 6.1.1 by @dependabot in #223
• Bump github/codeql-action from 3.26.10 to 3.26.11 by @dependabot in #222
• Bump github.com/wneessen/go-mail from 0.4.4 to 0.5.0 by @dependabot in #227
• Bump sigstore/cosign-installer from 3.6.0 to 3.7.0 by @dependabot in #226

Full Changelog: v0.3.5...v0.3.6

v0.3.5: Dependency/security update

This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.22.5, which fixes a security vulnerbility in net/http.

What's Changed

• build(deps): bump sonarsource/sonarqube-quality-gate-action from f9fe214a5be5769c40619de2fff2726c36d2d5eb to 72f24ebf1f81eda168a979ce14b8203273b7c3ad by @dependabot in #95
• build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in #96
• build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #97
• build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #99
• build(deps): bump golang from c4fb952 to 83d3f5d by @dependabot in #98
• build(deps): bump golang from 83d3f5d to 450e382 by @dependabot in #100
• build(deps): bump github.com/labstack/echo/v4 from 4.11.4 to 4.12.0 by @dependabot in #102
• build(deps): bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in #101
• build(deps): bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #103
• build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #104
• build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #105
• build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #107
• build(deps): bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #106
• build(deps): bump golang from 450e382 to d5302d4 by @dependabot in #109
• build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #108
• build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #111
• build(deps): bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #110
• build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #114
• build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.1 by @dependabot in #113
• build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 by @dependabot in #112
• build(deps): bump actions/dependency-review-action from 4.3.1 to 4.3.2 by @dependabot in #115
• build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #116
• build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.4 to 0.2.5 by @dependabot in #118
• build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #117
• build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #120
• build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #119
• build(deps): bump golang from d5302d4 to b1e05e2 by @dependabot in #121
• build(deps): bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot in #123
• build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in #122
• build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #124
• build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in #125
• build(deps): bump golang from b1e05e2 to 7eac856 by @dependabot in #126
• build(deps): bump golang from 7eac856 to 91ad6f9 by @dependabot in #127
• build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #129
• build(deps): bump golang from 91ad6f9 to f43c6f0 by @dependabot in #128
• build(deps): bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in #130
• Bump step-security/harden-runner from 2.7.1 to 2.8.0 by @dependabot in #131
• Bump sonarsource/sonarqube-scan-action from 2.0.2 to 2.1.0 by @dependabot in #132
• Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #133
• Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #134
• Bump golang from f43c6f0 to 969349b by @dependabot in #136
• Bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #135
• Bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @dependabot in #137
• Bump step-security/harden-runner from 2.8.0 to 2.8.1 by @dependabot in #138
• Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #139
• Bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in #142
• Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #141
• Bump golang from 969349b to 0f76912 by @dependabot in #140
• Bump golang from 0f76912 to 2303a02 by @dependabot in #143
• Bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #144
• Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2 by @dependabot in #145
• Bump golang from 2303a02 to c2010b9 by @dependabot in #146
• Bump docker/build-push-action from 5.4.0 to 6.0.0 by @dependabot in #147
• Bump docker/build-push-action from 6.0.0 to 6.0.1 by @dependabot in #148
• Bump docker/build-push-action from 6.0.1 to 6.0.2 by @dependabot in #149
• Bump golang from c2010b9 to a66eda6 by @dependabot in #151
• Bump docker/build-push-action from 6.0.2 to 6.1.0 by @dependabot in #150
• Bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #152
• Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #154
• Bump github.com/wneessen/go-mail from 0.4.1 to 0.4.2 by @dependabot in #153
• Bump golang from a66eda6 to 74cd6cd by @dependabot in #156
• Bump sonarsource/sonarqube-scan-action from 2.2.0 to 2.3.0 by @dependabot in #155
• Bump golang from 74cd6cd to e4292ae by @dependabot in #157
• Bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #158
• Update server.go by @wneessen in #159

Full Changelog: v0.3.4...v0.3.5

v0.3.4: Dependency/Security update

This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.22.2, which fixes a security vulnerbility in net/http.

What's Changed

• build(deps): bump github.com/labstack/echo/v4 from 4.11.2 to 4.11.3 by @dependabot in #62
• build(deps): bump github.com/labstack/gommon from 0.4.0 to 0.4.1 by @dependabot in #63
• build(deps): bump github.com/kkyr/fig from 0.3.2 to 0.4.0 by @dependabot in #64
• build(deps): bump github.com/labstack/gommon from 0.4.1 to 0.4.2 by @dependabot in #65
• build(deps): bump github.com/labstack/echo/v4 from 4.11.3 to 4.11.4 by @dependabot in #66
• build(deps): bump github.com/wneessen/go-mail from 0.4.0 to 0.4.1 by @dependabot in #67
• [StepSecurity] Apply security best practices by @step-security-bot in #68
• build(deps): bump actions/setup-go from 3.5.0 to 5.0.0 by @dependabot in #72
• build(deps): bump docker/build-push-action from 5.0.0 to 5.3.0 by @dependabot in #71
• build(deps): bump docker/login-action from 3.0.0 to 3.1.0 by @dependabot in #73
• build(deps): bump sigstore/cosign-installer from 3.1.1 to 3.4.0 by @dependabot in #69
• build(deps): bump github/codeql-action from 1.1.39 to 3.24.8 by @dependabot in #70
• Remove cosign version specification in Docker workflow by @wneessen in #74
• Remove .idea from VCS by @wneessen in #75
• Update scorecards.yml configuration and action versions by @wneessen in #76
• [StepSecurity] Apply security best practices by @step-security-bot in #77
• Update codeql-analysis.yml configuration and runner conditions by @wneessen in #78
• Improve Swift and Go conditions in codeql-analysis.yml by @wneessen in #79
• Create codeql.yml by @wneessen in #80
• [StepSecurity] ci: Harden GitHub Actions by @step-security-bot in #81
• Fix sec findings by @wneessen in #82
• Add read-only permissions to SonarQube workflow file by @wneessen in #83
• build(deps): bump docker/setup-buildx-action from 3.0.0 to 3.2.0 by @dependabot in #88
• build(deps): bump golangci/golangci-lint-action from 3.7.0 to 4.0.0 by @dependabot in #87
• build(deps): bump actions/dependency-review-action from 2.5.1 to 4.2.3 by @dependabot in #86
• build(deps): bump docker/metadata-action from 5.0.0 to 5.5.1 by @dependabot in #85
• build(deps): bump actions/checkout from 2.7.0 to 4.1.2 by @dependabot in #84
• build(deps): bump actions/dependency-review-action from 4.2.3 to 4.2.4 by @dependabot in #89
• build(deps): bump github/codeql-action from 3.24.8 to 3.24.9 by @dependabot in #90
• build(deps): bump actions/dependency-review-action from 4.2.4 to 4.2.5 by @dependabot in #91
• build(deps): bump sonarsource/sonarqube-scan-action from 9ad16418d1dd6d28912bc0047ee387e90181ce1c to 53c3e3207fe4b8d52e2f1ac9d6eb1d2506f626c0 by @dependabot in #92
• Update server.go by @wneessen in #93
• build(deps): bump golang from 0b55ab8 to c4fb952 by @dependabot in #94

New Contributors

• @step-security-bot made their first contribution in #68

Full Changelog: v0.3.3...v0.3.4

v0.3.3: Dependency/Security update

This is another dependency update that addresses the HTTP/2 Rapid Reset Attack.
It is advised to update to v0.3.3.

What's Changed

• build(deps): bump github.com/labstack/echo/v4 from 4.11.1 to 4.11.2 by @dependabot in #60
• Update server.go by @wneessen in #61

Full Changelog: v0.3.2...v0.3.3

v0.3.2: Maintenance/security release

This is a maintenance release mainly updating depencies.

Security note

For users of the Docker version provided here, this also updates the Go version js-mailer is compiled with to Go 1.21.3 which fixes a critical security flaw in the net/http package. It's highly advised to update to the latest Docker build.

What's Changed

• build(deps): bump github.com/labstack/echo/v4 from 4.10.1 to 4.10.2 by @dependabot in #53
• build(deps): bump github.com/wneessen/go-mail from 0.3.8 to 0.3.9 by @dependabot in #54
• build(deps): bump github.com/wneessen/go-mail from 0.3.9 to 0.4.0 by @dependabot in #55
• build(deps): bump github.com/labstack/echo/v4 from 4.10.2 to 4.11.1 by @dependabot in #56
• build(deps): bump github.com/kkyr/fig from 0.3.1 to 0.3.2 by @dependabot in #57
• build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.3 to 0.2.4 by @dependabot in #58
• Bump version to 0.3.2 by @wneessen in #59

Full Changelog: v0.3.1...v0.3.2

v0.3.1 Dependency updates

This is mainly a dependency update. In particular updaing Labstack Echo, which fixed a security vulnerabity in one of its dependencies. Read me: https://pkg.go.dev/vuln/GO-2023-1571

What's Changed

• Fix #44 code-smell by @wneessen in #45
• Bump github.com/wneessen/go-mail from 0.3.5 to 0.3.6 by @dependabot in #46
• Bump github.com/labstack/echo/v4 from 4.9.1 to 4.10.0 by @dependabot in #47
• Bump github.com/wneessen/go-mail from 0.3.6 to 0.3.7 by @dependabot in #48
• build(deps): bump github.com/wneessen/go-mail from 0.3.7 to 0.3.8 by @dependabot in #49
• build(deps): bump github.com/kkyr/fig from 0.3.0 to 0.3.1 by @dependabot in #50
• build(deps): bump github.com/labstack/echo/v4 from 4.10.0 to 4.10.1 by @dependabot in #51
• Dependency updates by @wneessen in #52

Full Changelog: v0.3.0...v0.3.1

v0.3.0: Cloudflare Turnstile support

This release adds support for the Cloudflare Turnstile captchas.

What's Changed

• Bump github.com/wneessen/go-mail from 0.3.4 to 0.3.5 by @dependabot in #40
• v0.3.0: Implement Cloudflare Turnstile as supported captcha feature by @wneessen in #42

Full Changelog: v0.2.9...v0.3.0

v0.2.9

What's Changed

• Bump github.com/wneessen/go-mail from 0.3.1 to 0.3.2 by @dependabot in #35
• Bump github.com/wneessen/go-mail from 0.3.2 to 0.3.3 by @dependabot in #36
• Bump github.com/wneessen/go-mail from 0.3.3 to 0.3.4 by @dependabot in #37
• v0.2.9: Update dependencies and introduce golangci-lint by @wneessen in #38

Dependencies updated

• github.com/ReneKroon/ttlcache/v2 v2.11.0 => github.com/jellydator/ttlcache/v2 v2.11.1
• github.com/mattn/go-colorable v0.1.13
• github.com/mitchellh/mapstructure v1.5.0
• github.com/pelletier/go-toml v1.9.5
• github.com/valyala/fasttemplate v1.2.2
• golang.org/x/crypto v0.2.0
• golang.org/x/sync

Full Changelog: v0.2.8...v0.2.9

v0.2.7: Dependecy updates

This is a maintenance release. No new features have been introduced but two dependencies have been updated:

• go-mail has been bumped to v0.2.7
• echo has been bumped to v4.9.0

v0.2.6: Maintenance release

This is a maintenance release. No new features have been introduced

Changes

• 574c52d Fixes some code smells that were identified by SonarQube
• 062adb5 Updates go-mail to v0.2.1 and updates yaml.v3 to v3.0.1 which fixes a vulnerability