Skip to content

build(deps): bump nodemailer from 8.0.5 to 8.0.9#956

Merged
jona159 merged 2 commits into
devfrom
dependabot/npm_and_yarn/nodemailer-8.0.9
May 27, 2026
Merged

build(deps): bump nodemailer from 8.0.5 to 8.0.9#956
jona159 merged 2 commits into
devfrom
dependabot/npm_and_yarn/nodemailer-8.0.9

Conversation

@dependabot
Copy link
Copy Markdown
Contributor

@dependabot dependabot Bot commented on behalf of github May 27, 2026

Bumps nodemailer from 8.0.5 to 8.0.9.

Release notes

Sourced from nodemailer's releases.

v8.0.9

8.0.9 (2026-05-26)

Bug Fixes

  • two pending security advisories (jsonTransport access bypass, List-* CRLF injection) (#1820) (5f69497)

v8.0.8

8.0.8 (2026-05-23)

Bug Fixes

  • enforce strict TLS for OAuth2 and Ethereal credential requests (#1818) (833d6e5)
  • four listener/stream leaks in SMTP transport, connection, pool (#1817) (850bb91)

v8.0.7

8.0.7 (2026-04-27)

Bug Fixes

  • keep domain as UTF-8 when local part is non-ASCII (#1814) (66d4ecb)

v8.0.6

8.0.6 (2026-04-24)

Bug Fixes

  • restore base64 wrap() trim behavior to prevent trailing CRLF (#1810) (#1811) (b1ae6c1)
Changelog

Sourced from nodemailer's changelog.

8.0.9 (2026-05-26)

Bug Fixes

  • two pending security advisories (jsonTransport access bypass, List-* CRLF injection) (#1820) (5f69497)

8.0.8 (2026-05-23)

Bug Fixes

  • enforce strict TLS for OAuth2 and Ethereal credential requests (#1818) (833d6e5)
  • four listener/stream leaks in SMTP transport, connection, pool (#1817) (850bb91)

8.0.7 (2026-04-27)

Bug Fixes

  • keep domain as UTF-8 when local part is non-ASCII (#1814) (66d4ecb)

8.0.6 (2026-04-24)

Bug Fixes

  • restore base64 wrap() trim behavior to prevent trailing CRLF (#1810) (#1811) (b1ae6c1)
Commits
  • 07303cb chore(master): release 8.0.9 (#1821)
  • 5f69497 fix: two pending security advisories (jsonTransport access bypass, List-* CRL...
  • 15138a8 chore(master): release 8.0.8 (#1819)
  • 850bb91 fix: four listener/stream leaks in SMTP transport, connection, pool (#1817)
  • 833d6e5 fix: enforce strict TLS for OAuth2 and Ethereal credential requests (#1818)
  • 1997040 chore(master): release 8.0.7 (#1815)
  • 9b9c545 chore: drop nodemailer-ntlm-auth devDependency (#1816)
  • 22bf90c Bumped dev deps
  • 66d4ecb fix: keep domain as UTF-8 when local part is non-ASCII (#1814)
  • 6a4a01e Fix/base64 wrap trailing crlf (#1813)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.

Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

@dependabot
build(deps): bump nodemailer from 8.0.5 to 8.0.9
a6b9dcf 
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 8.0.5 to 8.0.9.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v8.0.5...v8.0.9)

---
updated-dependencies:
- dependency-name: nodemailer
  dependency-version: 8.0.9
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot added dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code labels May 27, 2026
@github-actions
Copy link
Copy Markdown

github-actions Bot commented May 27, 2026
edited
Loading

Coverage Report

Status Category Percentage Covered / Total
🔵 Lines 69.06% 1775 / 2570
🔵 Statements 67.37% 1844 / 2737
🔵 Functions 69.24% 367 / 530
🔵 Branches 56.13% 947 / 1687
File CoverageNo changed files found.
Generated in workflow #2585 for commit 3014769 by the Vitest Coverage Report Action

@jona159 jona159 enabled auto-merge (squash) May 27, 2026 06:40
@jona159 jona159 merged commit b4a4e3e into dev May 27, 2026
6 checks passed
@jona159 jona159 deleted the dependabot/npm_and_yarn/nodemailer-8.0.9 branch May 27, 2026 06:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jona159 jona159 jona159 approved these changes

Assignees

No one assigned

Labels

dependencies Pull requests that update a dependency file javascript Pull requests that update javascript code

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@jona159