self-hosted/Mailu
1
0
Fork 0
mirror of https://github.com/Mailu/Mailu.git synced 2024-12-04 10:24:41 +02:00
Code Issues Releases Activity

Update all dependencies

Browse Source
This commit is contained in:
Florent Daigniere 2024-05-06 10:21:15 +02:00
parent d84c73a9d4
commit a55a9d89ba
8 changed files with 60 additions and 57 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
core/base/requirements-build.txt
View File

@ -1,3 +1,3 @@
pip==23.3.1
setuptools==68.2.2
wheel==0.41.3
pip==24.0
setuptools==69.5.1
wheel==0.43.0

84
core/base/requirements-prod.txt
View File

@ -1,87 +1,87 @@
aiodns==3.1.1
aiohttp==3.9.3
aiodns==3.2.0
aiohttp==3.9.5
aiosignal==1.3.1
alembic==1.13.1
aniso8601==9.0.1
attrs==23.2.0
Babel==2.14.0
bcrypt==4.1.2
blinker==1.7.0
certifi==2023.11.17
Babel==2.15.0
bcrypt==4.1.3
blinker==1.8.1
certifi==2024.2.2
cffi==1.16.0
charset-normalizer==3.3.2
click==8.1.7
colorclass==2.2.2
cryptography==42.0.5
cryptography==42.0.6
defusedxml==0.7.1
Deprecated==1.2.14
dnspython==2.5.0
dnspython==2.6.1
dominate==2.9.1
easygui==0.98.3
email-validator==2.1.0.post1
Flask==3.0.1
email-validator==2.1.1
Flask==3.0.3
flask-babel==4.0.0
Flask-Bootstrap==3.3.7.1
Flask-DebugToolbar==0.14.1
Flask-DebugToolbar==0.15.1
Flask-Login==0.6.3
flask-marshmallow==1.1.0
Flask-Migrate==4.0.5
flask-marshmallow==1.2.1
Flask-Migrate==4.0.7
flask-restx==1.3.0
Flask-SQLAlchemy==3.1.1
Flask-WTF==1.2.1
frozenlist==1.4.1
greenlet==3.0.3
gunicorn==22.0.0
idna==3.6
importlib-resources==6.1.1
idna==3.7
importlib-resources==6.4.0
infinity==1.5
intervals==0.9.2
itsdangerous==2.1.2
Jinja2==3.1.3
jsonschema==4.21.1
itsdangerous==2.2.0
Jinja2==3.1.4
jsonschema==4.22.0
jsonschema-specifications==2023.12.1
limits==3.7.0
Mako==1.3.0
MarkupSafe==2.1.4
marshmallow==3.20.2
marshmallow-sqlalchemy==0.30.0
msoffcrypto-tool==5.3.1
multidict==6.0.4
mysql-connector-python==8.3.0
limits==3.11.0
Mako==1.3.3
MarkupSafe==2.1.5
marshmallow==3.21.2
marshmallow-sqlalchemy==1.0.0
msoffcrypto-tool==5.4.0
multidict==6.0.5
mysql-connector-python==8.4.0
olefile==0.47
oletools==0.60.1
packaging==23.2
packaging==24.0
passlib==1.7.4
pcodedmp==1.2.6
podop @ file:///app/libs/podop
postfix-mta-sts-resolver==1.4.0
psycopg2-binary==2.9.9
pycares==4.4.0
pycparser==2.21
Pygments==2.17.2
pycparser==2.22
Pygments==2.18.0
pyparsing==2.4.7
python-dateutil==2.8.2
python-dateutil==2.9.0.post0
python-magic==0.4.27
pytz==2023.3.post1
pytz==2024.1
PyYAML==6.0.1
Radicale==3.1.8
redis==5.0.1
referencing==0.32.1
Radicale==3.1.9
redis==5.0.4
referencing==0.35.1
requests==2.31.0
rpds-py==0.17.1
rpds-py==0.18.0
six==1.16.0
socrate @ file:///app/libs/socrate
SQLAlchemy==2.0.25
SQLAlchemy==2.0.30
srslib==0.1.4
tabulate==0.9.0
tenacity==8.2.3
typing_extensions==4.9.0
urllib3==2.1.0
validators==0.22.0
typing_extensions==4.11.0
urllib3==2.2.1
validators==0.28.1
visitor==0.1.3
vobject==0.9.6.1
watchdog==3.0.0
Werkzeug==3.0.1
vobject==0.9.7
watchdog==4.0.0
Werkzeug==3.0.3
wrapt==1.16.0
WTForms==3.1.2
WTForms-Components==0.10.5

6
docs/Dockerfile
View File

@ -1,5 +1,5 @@
# Convert .rst files to .html in temporary build container
FROM python:3.12.0-alpine3.18 AS build
FROM python:3.12.3-alpine3.19 AS build
ARG version=master
ENV VERSION=$version
@ -16,7 +16,7 @@ RUN apk add --no-cache --virtual .build-deps \
# Build nginx deployment image including generated html
FROM nginx:1.25.3-alpine
FROM nginx:1.25.5-alpine
ARG version=master
ARG pinned_version=master
@ -30,4 +30,4 @@ COPY --from=build /build/$VERSION /build/$VERSION
EXPOSE 80/tcp
CMD nginx -g "daemon off;"
RUN echo $pinned_version >> /version
RUN echo $pinned_version >> /version

8
docs/requirements.txt
View File

@ -1,5 +1,5 @@
recommonmark==0.7.1
Sphinx==7.2.6
sphinx-autobuild==2021.3.14
sphinx-rtd-theme==1.3.0
docutils==0.18.1
Sphinx==7.3.7
sphinx-autobuild==2024.4.16
sphinx-rtd-theme==2.0.0
docutils==0.20.1

6
tests/requirements.txt
View File

@ -1,3 +1,3 @@
docker==4.2.2
colorama==0.4.3
managesieve==0.7.1
docker==7.0.0
colorama==0.4.6
managesieve==0.8

1
towncrier/newsfragments/3032.misc
View File

@ -1 +1,2 @@
Update all python dependencies in preparation of next Mailu release.
Update snappymail to 2.36.1

2
webmails/Dockerfile
View File

@ -55,7 +55,7 @@ COPY roundcube/config/config.inc.carddav.php /var/www/roundcube/plugins/carddav/
# snappymail
ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.31.0/snappymail-2.31.0.tar.gz
ENV SNAPPYMAIL_URL https://github.com/the-djmaze/snappymail/releases/download/v2.36.1/snappymail-2.36.1.tar.gz
RUN set -euxo pipefail \
; mkdir /var/www/snappymail \

4
webmails/snuffleupagus.rules
View File

@ -71,6 +71,7 @@ sp.disable_function.function("include").drop()
# Prevent `system`-related injections
sp.disable_function.function("system").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
sp.disable_function.function("exec_shell").filename_r("/var/www/snappymail/snappymail/v/[0-9]+\.[0-9]+\.[0-9]+/app/libraries/snappymail/gpg/base.php").allow();
sp.disable_function.function("shell_exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
sp.disable_function.function("exec").param("command").value_r("[$|;&`\\n\\(\\)\\\\]").drop();
# This is **very** broad but doing better is non-straightforward
@ -91,17 +92,18 @@ sp.disable_function.function("ini_get").filename("/var/www/roundcube/plugins/man
sp.disable_function.function("ini_get").param("option").value("allow_url_fopen").drop();
sp.disable_function.function("ini_get").param("option").value("open_basedir").drop();
sp.disable_function.function("ini_get").param("option").value_r("suhosin").drop();
sp.disable_function.function("function_exists").filename_r("/var/www/snappymail/snappymail/v/[0-9]+\.[0-9]+\.[0-9]+/app/libraries/snappymail/gpg/base.php").allow();
sp.disable_function.function("function_exists").param("function").value("eval").drop();
sp.disable_function.function("function_exists").param("function").value("exec").drop();
sp.disable_function.function("function_exists").param("function").value("system").drop();
sp.disable_function.function("function_exists").param("function").value("shell_exec").drop();
sp.disable_function.function("function_exists").param("function").value("proc_open").drop();
sp.disable_function.function("function_exists").param("function").value("passthru").drop();
sp.disable_function.function("is_callable").filename_r("/var/www/snappymail/snappymail/v/[0-9]+\.[0-9]+\.[0-9]+/app/libraries/snappymail/gpg/base.php").allow();
sp.disable_function.function("is_callable").param("value").value("eval").drop();
sp.disable_function.function("is_callable").param("value").value("exec").drop();
sp.disable_function.function("is_callable").param("value").value("system").drop();
sp.disable_function.function("is_callable").param("value").value("shell_exec").drop();
sp.disable_function.function("is_callable").filename_r("^/var/www/snappymail/snappymail/v/[0-9]+\.[0-9]+\.[0-9]+/app/libraries/snappymail/pgp/gpg\.php$").param("value").value("proc_open").allow();
sp.disable_function.function("is_callable").param("value").value("proc_open").drop();
sp.disable_function.function("is_callable").param("value").value("passthru").drop();