Skip to content

chore(deps): bump nodemailer from 8.0.11 to 9.0.1#2319

Merged
Tony133 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/nodemailer-9.0.1
Jun 23, 2026
Merged

chore(deps): bump nodemailer from 8.0.11 to 9.0.1#2319
Tony133 merged 1 commit into
mainfrom
dependabot/npm_and_yarn/nodemailer-9.0.1

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jun 17, 2026
edited
Loading

Copy link
Copy Markdown
Contributor

Bumps nodemailer from 8.0.11 to 9.0.1.

Release notes

Sourced from nodemailer's releases.

v9.0.1

9.0.1 (2026-06-17)

Bug Fixes

  • enforce disableFileAccess/disableUrlAccess for raw message option (a82e060)

v9.0.0

9.0.0 (2026-06-14)

⚠ BREAKING CHANGES

  • HTTPS requests made while fetching remote content (attachment href/path URLs, OAuth2 token endpoints, HTTP/HTTPS proxy CONNECT) now validate the server's TLS certificate by default. Requests to hosts with self-signed, expired, or hostname-mismatched certificates that previously succeeded will now fail. Opt back out per request with tls.rejectUnauthorized=false (transport options, or a per-attachment tls option).

Bug Fixes

  • replace deprecated url.parse with a WHATWG URL wrapper (0c080fb)
  • validate TLS certificates by default when fetching remote content (6a947ac)
Changelog

Sourced from nodemailer's changelog.

9.0.1 (2026-06-17)

Bug Fixes

  • enforce disableFileAccess/disableUrlAccess for raw message option (a82e060)

9.0.0 (2026-06-14)

⚠ BREAKING CHANGES

  • HTTPS requests made while fetching remote content (attachment href/path URLs, OAuth2 token endpoints, HTTP/HTTPS proxy CONNECT) now validate the server's TLS certificate by default. Requests to hosts with self-signed, expired, or hostname-mismatched certificates that previously succeeded will now fail. Opt back out per request with tls.rejectUnauthorized=false (transport options, or a per-attachment tls option).

Bug Fixes

  • replace deprecated url.parse with a WHATWG URL wrapper (0c080fb)
  • validate TLS certificates by default when fetching remote content (6a947ac)
Commits
  • 69cf625 chore(master): release 9.0.1 (#1828)
  • a82e060 fix: enforce disableFileAccess/disableUrlAccess for raw message option
  • 4e58450 chore: update dev dependencies
  • 541f5fd chore(master): release 9.0.0 (#1827)
  • 0c080fb fix: replace deprecated url.parse with a WHATWG URL wrapper
  • 6a947ac fix!: validate TLS certificates by default when fetching remote content
  • See full diff in compare view

@dependabot dependabot Bot added auto-merge auto-merge dependabot dependabot labels Jun 17, 2026
@dependabot dependabot Bot mentioned this pull request Jun 17, 2026
Closed
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/nodemailer-9.0.1 branch 3 times, most recently from ffab221 to c5ca816 Compare June 22, 2026 13:05
@dependabot
chore(deps): bump nodemailer from 8.0.11 to 9.0.1
71dc277 
Bumps [nodemailer](https://github.com/nodemailer/nodemailer) from 8.0.11 to 9.0.1.
- [Release notes](https://github.com/nodemailer/nodemailer/releases)
- [Changelog](https://github.com/nodemailer/nodemailer/blob/master/CHANGELOG.md)
- [Commits](nodemailer/nodemailer@v8.0.11...v9.0.1)

---
updated-dependencies:
- dependency-name: nodemailer
  dependency-version: 9.0.1
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot dependabot Bot force-pushed the dependabot/npm_and_yarn/nodemailer-9.0.1 branch from c5ca816 to 71dc277 Compare June 22, 2026 13:07
@Tony133 Tony133 merged commit 912ffe0 into main Jun 23, 2026
5 checks passed
@dependabot dependabot Bot deleted the dependabot/npm_and_yarn/nodemailer-9.0.1 branch June 23, 2026 13:45
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

auto-merge auto-merge dependabot dependabot

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@Tony133