Bumps nodemailer from 6.9.13 to 7.0.11.
Release notes
Sourced from nodemailer's releases.
v7.0.11
7.0.11 (2025年11月26日)
Bug Fixes
- prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)
v7.0.10
7.0.10 (2025年10月23日)
Bug Fixes
- Increase data URI size limit from 100KB to 50MB and preserve content type (28dbf3f)
v7.0.9
7.0.9 (2025年10月07日)
Bug Fixes
- release: Trying to fix release proecess by upgrading Node version in runner (579fce4)
v7.0.8
7.0.8 (2025年10月07日)
Bug Fixes
- addressparser: flatten nested groups per RFC 5322 (8f8a77c)
v7.0.7
7.0.7 (2025年10月05日)
Bug Fixes
- addressparser: Fixed addressparser handling of quoted nested email addresses (1150d99)
- dns: add memory leak prevention for DNS cache (0240d67)
- linter: Updated eslint and created prettier formatting task (df13b74)
- refresh expired DNS cache on error (#1759) (ea0fc5a)
- resolve linter errors in DNS cache tests (3b8982c)
v7.0.6
7.0.6 (2025年08月27日)
Bug Fixes
... (truncated)
Changelog
Sourced from nodemailer's changelog.
7.0.11 (2025年11月26日)
Bug Fixes
- prevent stack overflow DoS in addressparser with deeply nested groups (b61b9c0)
7.0.10 (2025年10月23日)
Bug Fixes
- Increase data URI size limit from 100KB to 50MB and preserve content type (28dbf3f)
7.0.9 (2025年10月07日)
Bug Fixes
- release: Trying to fix release proecess by upgrading Node version in runner (579fce4)
7.0.8 (2025年10月07日)
Bug Fixes
- addressparser: flatten nested groups per RFC 5322 (8f8a77c)
7.0.7 (2025年10月05日)
Bug Fixes
- addressparser: Fixed addressparser handling of quoted nested email addresses (1150d99)
- dns: add memory leak prevention for DNS cache (0240d67)
- linter: Updated eslint and created prettier formatting task (df13b74)
- refresh expired DNS cache on error (#1759) (ea0fc5a)
- resolve linter errors in DNS cache tests (3b8982c)
7.0.6 (2025年08月27日)
Bug Fixes
- encoder: avoid silent data loss by properly flushing trailing base64 (#1747) (01ae76f)
- handle multiple XOAUTH2 token requests correctly (#1754) (dbe0028)
- ReDoS vulnerability in parseDataURI and _processDataUrl (#1755) (90b3e24)
7.0.5 (2025年07月07日)
Bug Fixes
... (truncated)
Commits
3d17dbe chore(master): release 7.0.11 (#1783)15879f8 Bumped dev dependenciesb61b9c0 fix: prevent stack overflow DoS in addressparser with deeply nested groups4175e4b chore(master): release 7.0.10 (#1776)d882ccf Merge branch 'master' of github.com:nodemailer/nodemailer1d7e4f7 Bumped deps10bd871 chore: correct typo in variable name (#1773)28dbf3f fix: Increase data URI size limit from 100KB to 50MB and preserve content type92ae1c4 chore(master): release 7.0.9 (#1769)c675d9e Merge branch 'master' of github.com:nodemailer/nodemailer- Additional commits viewable in compare view
Maintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nodemailer since your current version.
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.
Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebase will rebase this PR@dependabot recreate will recreate this PR, overwriting any edits that have been made to it@dependabot merge will merge this PR after your CI passes on it@dependabot squash and merge will squash and merge this PR after your CI passes on it@dependabot cancel merge will cancel a previously requested merge and block automerging@dependabot reopen will reopen this PR if it is closed@dependabot close will close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency@dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)
You can disable automated security fix PRs for this repo from the Security Alerts page.
Bumps nodemailer from 6.9.13 to 7.0.11.
Release notes
Sourced from nodemailer's releases.
... (truncated)
Changelog
Sourced from nodemailer's changelog.
... (truncated)
Commits
3d17dbechore(master): release 7.0.11 (#1783)15879f8Bumped dev dependenciesb61b9c0fix: prevent stack overflow DoS in addressparser with deeply nested groups4175e4bchore(master): release 7.0.10 (#1776)d882ccfMerge branch 'master' of github.com:nodemailer/nodemailer1d7e4f7Bumped deps10bd871chore: correct typo in variable name (#1773)28dbf3ffix: Increase data URI size limit from 100KB to 50MB and preserve content type92ae1c4chore(master): release 7.0.9 (#1769)c675d9eMerge branch 'master' of github.com:nodemailer/nodemailerMaintainer changes
This version was pushed to npm by [GitHub Actions](https://www.npmjs.com/~GitHub Actions), a new releaser for nodemailer since your current version.
Dependabot compatibility score
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot mergewill merge this PR after your CI passes on it@dependabot squash and mergewill squash and merge this PR after your CI passes on it@dependabot cancel mergewill cancel a previously requested merge and block automerging@dependabot reopenwill reopen this PR if it is closed@dependabot closewill close this PR and stop Dependabot recreating it. You can achieve the same result by closing it manually@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore this major versionwill close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this minor versionwill close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)@dependabot ignore this dependencywill close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)You can disable automated security fix PRs for this repo from the Security Alerts page.