Skip to content

Releases: wneessen/js-mailer

v1.1.0

03 Jan 21:21
@wneessen wneessen
v1.1.0
349f9d3
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.1.0 Latest
Latest

Welcome to js-mailer v1.1.0 🥳

This release adds a couple of new features and enhancements to js-mailer.

CSV support

You are now able to enable CSV support per form using the attach_csv form config setting. If set to true, the form mail will have an attached CSV file with the submitted form data. This makes it easy to import such data into a spreadsheet or some other kind of database.

Anti-Bot: Submission speed

With js-mailer v1.1.0, a form submission will check the submission speed. Since it is more than unusual for a human to submit a form faster than 3 seconds after token creation, any submission that is faster will fail unless the disable_submission_speed_check setting is set to true in the validation section of a form.

Anti-SPAM: Random anti-spam field

In the validation section of a form configuration, you can now set the random_anti_spam_field setting to true. If this setting is activated, it will provide the HTML for a random hidden form field in the token response like this:

{
  "success": true,
  "status_code": 201,
  "status": "Created",
  "message": "sender token successfully created",
  "timestamp": "2026-01-03T21:07:15.603445304Z",
  "request_id": "example/ss6MGDoBpN-000001",
  "data": {
    "token": "57501b6462adc394626ee6541b96b9966d815ce5b469e494580e0ac1fada51cd",
    "form_id": "test_form",
    "create_time": 1767474435,
    "expire_time": 1767475035,
    "url": "https://jsmailer.example.com/send/test_form/57501b6462adc394626ee6541b96b9966d815ce5b469e494580e0ac1fada51cd",
    "encoding": "multipart/form-data",
    "request_method": "POST",
    "random_field": "<input type=\"hidden\" name=\"_w5ocvr74ao4xhddm326h5qbx4c\" value=\"ihf3hojegcilx7ryh6burgxw7x\">"
  }
}

The random_field value holds the corresponding HTML of the input field. You are expected to inject this HTML into your form code pre-submission, so that it will be part of the submission data. If the random field is not part of the submission data, the submission request will be denied.

Cache interface introduction

The in-memory cache has been converted into an interface type, allowing for future non in-memory implementations for the cache. This could i. e. be a SQLite database or a simple file. Contributions are welcome.

Request ID in logs and responses

A request id field has been added into JSON responses and the logs of js-mailer. This makes it easier for failed requests to find the corresponding log entries by referencing the request ID that was provided with the JSON response.

Privacy: IP masking

The log section of the server configuration now supports the dont_log_ip setting, that will, if set to true, mask the incoming IPs in the logs. IPv4 addresses will masked down to the /16 network of the address and IPv6 addresses down to the /48.

What's Changed

  • Added support for CSV attachment in form submissions by @wneessen in #364
  • Sorted CSV headers alphabetically before writing by @wneessen in #365
  • Added submission speed validation for forms by @wneessen in #366
  • Added random anti-spam field validation for form submissions by @wneessen in #367
  • Improved random anti-spam field handling in form submissions by @wneessen in #368
  • Added version information to server instances and enforced server header middleware by @wneessen in #369
  • Fix several typos by @wneessen in #370
  • Refactored configuration loading logic in js-mailer main.go by @wneessen in #371
  • Refactored cache to be an interface by @wneessen in #372
  • Bump golang from 36b4f45 to 31c1e53 by @dependabot[bot] in #374
  • Added request ID propagation and improved request logging by @wneessen in #373
  • (feat) Don't log IP if requested by @wneessen in #375

Full Changelog: v1.0.0...v1.1.0

Contributors

wneessen and dependabot
Assets 14

v1.0.0

21 Dec 18:14
@wneessen wneessen
v1.0.0
34d519d
This commit was signed with the committer’s verified signature.
wneessen Winni Neessen
GPG key ID: 65BC7C821BBFF677
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v1.0.0

Welcome to js-mailer v1.0.0 🥳

Important

This release changes the schema of the URLs as well as the requests/responses JSON. Please check the README.md before you upgrade.

This release is a complete rewrite of the js-mailer service. The service has been fundamentally optimized and enhanced. The echo framework has been replaced with the much sleaker Go-CHI framework. Minor bugs and misconceptions that were identified during the re-implementation have been fixed and the code structure has been optimize of readability. Almost all rewritten code now has corresponding unit tests (with a code coverage of >85%). The CI/CD pipeline has also been optimized with an automatic binary and docker image release. Finally support for the Private Captcha service has been added as validation.

What's Changed

  • Added Private Captcha support for form validation middleware by @wneessen in #348
  • js-mailer v2 by @wneessen in #350
  • Add unit tests to the new v2 version by @wneessen in #361
  • Added unit tests for failsRequiredFields server validation function by @wneessen in #362
  • Implement unit tests for captcha validations by @wneessen in #363

CI/CD changes

Full Changelog: v0.4.2...v1.0.0

Contributors

wneessen and dependabot
Loading

v0.4.2: Update go-mail (Regression fix)

29 Sep 15:27
@wneessen wneessen
v0.4.2
4f4fef0
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.2: Update go-mail (Regression fix)

What's Changed

Full Changelog: v0.4.1...v0.4.2

Contributors

wneessen
Loading

v0.4.1: Security update

27 Sep 08:49
@wneessen wneessen
v0.4.1
2dccedc
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.1: Security update

This release is a maintenance release that updates the go-mail package to v0.7.1, due to a potential security vulnerability in the mail address handling. See the security advisory for details.

Users are encouraged to update to this release.

What's Changed

Full Changelog: v0.4.0...v0.4.1

Contributors

wneessen and dependabot
Loading

v0.4.0: Dependencies update

12 Sep 13:35
@wneessen wneessen
v0.4.0
677bca8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.4.0: Dependencies update

What's Changed

Full Changelog: v0.3.9...v0.4.0

Contributors

wneessen and dependabot
Loading

v0.3.9: Dependencies update

22 Apr 10:47
@wneessen wneessen
v0.3.9
d2642e4
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.3.9: Dependencies update

What's Changed

  • Bump golang from fa145a3 to af0bb30 by @dependabot in #297
  • Bump golang from af0bb30 to 52ff1b3 by @dependabot in #298
  • Bump golang from 52ff1b3 to 991aa6a by @dependabot in #299
  • Bump golang from 991aa6a to 18a1f2d by @dependabot in #300
  • Bump golang from 18a1f2d to 1ecc479 by @dependabot in #301
  • Bump golang from latest@sha256:1ecc479bc712a6bdb56df3e346e33edcc141f469f82840bab9f4bc2bc41bf91d to sha256:d9db32125db0c3a680cfb7a1afcaefb89c898a075ec148fdc2f0f646cc2ed509 by @dependabot in #302
  • Update deps by @wneessen in #303

Full Changelog: v0.3.8...v0.3.9

Contributors

wneessen and dependabot
Loading

v0.3.8: Dependencies update

18 Mar 15:28
@wneessen wneessen
v0.3.8
af73af8
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.3.8: Dependencies update

What's Changed

Full Changelog: v0.3.7...v0.3.8

Contributors

wneessen and dependabot
Loading

v0.3.7: Dependency update

09 Jan 20:50
@wneessen wneessen
v0.3.7
8c2814a
This commit was signed with the committer’s verified signature.
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.3.7: Dependency update

What's Changed

Full Changelog: v0.3.6...v0.3.7

Contributors

dependabot
Loading

v0.3.6: Dependency/Security release

07 Oct 07:43
@wneessen wneessen
v0.3.6
42a8944
This commit was signed with the committer’s verified signature.
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.3.6: Dependency/Security release

This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.23.2.

What's Changed

Full Changelog: v0.3.5...v0.3.6

Contributors

dependabot
Loading

v0.3.5: Dependency/security update

04 Jul 08:26
@wneessen wneessen
v0.3.5
7539d30
This commit was created on GitHub.com and signed with GitHub’s verified signature.
GPG key ID: B5690EEEBB952194
Verified
Learn about vigilant mode.

Choose a tag to compare

View all tags
v0.3.5: Dependency/security update

This is a maintenance release to update dependencies and to release the packages with the latest Go version 1.22.5, which fixes a security vulnerbility in net/http.

What's Changed

  • build(deps): bump sonarsource/sonarqube-quality-gate-action from f9fe214a5be5769c40619de2fff2726c36d2d5eb to 72f24ebf1f81eda168a979ce14b8203273b7c3ad by @dependabot in #95
  • build(deps): bump github/codeql-action from 3.24.9 to 3.24.10 by @dependabot in #96
  • build(deps): bump docker/setup-buildx-action from 3.2.0 to 3.3.0 by @dependabot in #97
  • build(deps): bump sigstore/cosign-installer from 3.4.0 to 3.5.0 by @dependabot in #99
  • build(deps): bump golang from c4fb952 to 83d3f5d by @dependabot in #98
  • build(deps): bump golang from 83d3f5d to 450e382 by @dependabot in #100
  • build(deps): bump github.com/labstack/echo/v4 from 4.11.4 to 4.12.0 by @dependabot in #102
  • build(deps): bump github/codeql-action from 3.24.10 to 3.25.0 by @dependabot in #101
  • build(deps): bump github/codeql-action from 3.25.0 to 3.25.1 by @dependabot in #103
  • build(deps): bump actions/upload-artifact from 4.3.1 to 4.3.2 by @dependabot in #104
  • build(deps): bump actions/checkout from 4.1.2 to 4.1.3 by @dependabot in #105
  • build(deps): bump actions/upload-artifact from 4.3.2 to 4.3.3 by @dependabot in #107
  • build(deps): bump github/codeql-action from 3.25.1 to 3.25.2 by @dependabot in #106
  • build(deps): bump golang from 450e382 to d5302d4 by @dependabot in #109
  • build(deps): bump actions/checkout from 4.1.3 to 4.1.4 by @dependabot in #108
  • build(deps): bump golangci/golangci-lint-action from 4.0.0 to 5.0.0 by @dependabot in #111
  • build(deps): bump github/codeql-action from 3.25.2 to 3.25.3 by @dependabot in #110
  • build(deps): bump golangci/golangci-lint-action from 5.0.0 to 5.1.0 by @dependabot in #114
  • build(deps): bump actions/dependency-review-action from 4.2.5 to 4.3.1 by @dependabot in #113
  • build(deps): bump step-security/harden-runner from 2.7.0 to 2.7.1 by @dependabot in #112
  • build(deps): bump actions/dependency-review-action from 4.3.1 to 4.3.2 by @dependabot in #115
  • build(deps): bump actions/setup-go from 5.0.0 to 5.0.1 by @dependabot in #116
  • build(deps): bump github.com/cyphar/filepath-securejoin from 0.2.4 to 0.2.5 by @dependabot in #118
  • build(deps): bump golangci/golangci-lint-action from 5.1.0 to 5.3.0 by @dependabot in #117
  • build(deps): bump actions/checkout from 4.1.4 to 4.1.5 by @dependabot in #120
  • build(deps): bump golangci/golangci-lint-action from 5.3.0 to 6.0.0 by @dependabot in #119
  • build(deps): bump golang from d5302d4 to b1e05e2 by @dependabot in #121
  • build(deps): bump golangci/golangci-lint-action from 6.0.0 to 6.0.1 by @dependabot in #123
  • build(deps): bump github/codeql-action from 3.25.3 to 3.25.4 by @dependabot in #122
  • build(deps): bump ossf/scorecard-action from 2.3.1 to 2.3.3 by @dependabot in #124
  • build(deps): bump github/codeql-action from 3.25.4 to 3.25.5 by @dependabot in #125
  • build(deps): bump golang from b1e05e2 to 7eac856 by @dependabot in #126
  • build(deps): bump golang from 7eac856 to 91ad6f9 by @dependabot in #127
  • build(deps): bump actions/checkout from 4.1.5 to 4.1.6 by @dependabot in #129
  • build(deps): bump golang from 91ad6f9 to f43c6f0 by @dependabot in #128
  • build(deps): bump github/codeql-action from 3.25.5 to 3.25.6 by @dependabot in #130
  • Bump step-security/harden-runner from 2.7.1 to 2.8.0 by @dependabot in #131
  • Bump sonarsource/sonarqube-scan-action from 2.0.2 to 2.1.0 by @dependabot in #132
  • Bump docker/login-action from 3.1.0 to 3.2.0 by @dependabot in #133
  • Bump github/codeql-action from 3.25.6 to 3.25.7 by @dependabot in #134
  • Bump golang from f43c6f0 to 969349b by @dependabot in #136
  • Bump github/codeql-action from 3.25.7 to 3.25.8 by @dependabot in #135
  • Bump actions/dependency-review-action from 4.3.2 to 4.3.3 by @dependabot in #137
  • Bump step-security/harden-runner from 2.8.0 to 2.8.1 by @dependabot in #138
  • Bump docker/build-push-action from 5.3.0 to 5.4.0 by @dependabot in #139
  • Bump github/codeql-action from 3.25.8 to 3.25.9 by @dependabot in #142
  • Bump actions/checkout from 4.1.6 to 4.1.7 by @dependabot in #141
  • Bump golang from 969349b to 0f76912 by @dependabot in #140
  • Bump golang from 0f76912 to 2303a02 by @dependabot in #143
  • Bump github/codeql-action from 3.25.9 to 3.25.10 by @dependabot in #144
  • Bump sonarsource/sonarqube-scan-action from 2.1.0 to 2.2 by @dependabot in #145
  • Bump golang from 2303a02 to c2010b9 by @dependabot in #146
  • Bump docker/build-push-action from 5.4.0 to 6.0.0 by @dependabot in #147
  • Bump docker/build-push-action from 6.0.0 to 6.0.1 by @dependabot in #148
  • Bump docker/build-push-action from 6.0.1 to 6.0.2 by @dependabot in #149
  • Bump golang from c2010b9 to a66eda6 by @dependabot in #151
  • Bump docker/build-push-action from 6.0.2 to 6.1.0 by @dependabot in #150
  • Bump docker/build-push-action from 6.1.0 to 6.2.0 by @dependabot in #152
  • Bump github/codeql-action from 3.25.10 to 3.25.11 by @dependabot in #154
  • Bump github.com/wneessen/go-mail from 0.4.1 to 0.4.2 by @dependabot in #153
  • Bump golang from a66eda6 to 74cd6cd by @dependabot in #156
  • Bump sonarsource/sonarqube-scan-action from 2.2.0 to 2.3.0 by @dependabot in #155
  • Bump golang from 74cd6cd to e4292ae by @dependabot in #157
  • Bump docker/build-push-action from 6.2.0 to 6.3.0 by @dependabot in #158
  • Update server.go by @wneessen in #159

Full Changelog: v0.3.4...v0.3.5

Contributors

wneessen and dependabot
Loading