2531: run_dev.sh: Use FLASK_DEBUG, fix assets, show startup errors. r=mergify[bot] a=ghostwheel42
## What type of PR?
bug-fix
## What does this PR do?
fixes bug in run_dev.sh
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2514: Update deps r=mergify[bot] a=ghostwheel42
## What type of PR?
update python dependencies
## What does this PR do?
Update python deps in base image
Co-authored-by: Alexander Graf <ghostwheel42@users.noreply.github.com>
2524: Update the webmail images r=mergify[bot] a=Diman0
Update the webmail images.
Roundcube
- Switch to base image (alpine)
- Switch to php-fpm
SnappyMail
- Switch to base image
- Upgrade php7 to php8.
## What type of PR?
Feature
## What does this PR do?
Update the webmail images.
Roundcube
- Switch to base image (alpine)
- Switch to php-fpm
SnappyMail
- Switch to base image
- Upgrade php7 to php8.
### Related issue(s)
- closes#1521
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Dimitri Huisman <diman@huisman.xyz>
-e immediately exit when a command fails. No further commands are processed.
-o pipefail, if a series of piped commands fail, do NOt return the last commands returncode, but DO return the return code of the failing command in the pipeline series
-u, raise an error when an unset variable is used. Not using this results in an empty value being used and the script being executed differently without you knowing why.
-x, print each command before executing it. Actual arguments are expanded. So you see the command with the actual parameter values. This is printed in red in the buildx log output.
2523: fix JS error r=mergify[bot] a=nextgens
## What type of PR?
bug-fix
## What does this PR do?
It fixes a bug whereby one may have to click twice on the submit button depending on timing.
e.trigger() will error out on most browsers.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>
2479: Rework the anti-spoofing rule r=mergify[bot] a=nextgens
## What type of PR?
Feature
## What does this PR do?
We shouldn't assume that Mailu is the only MTA allowed to send emails on behalf of the domains it hosts.
We should also ensure that it's non-trivial for email-spoofing of hosted domains to happen
Previously we were preventing any spoofing of the envelope from; Now we are preventing spoofing of both the envelope from and the header from unless some form of authentication passes (is a RELAYHOST, SPF, DKIM, ARC)
### Related issue(s)
- close#2475
## Prerequisites
Before we can consider review and merge, please make sure the following list is done and checked.
If an entry in not applicable, you can check it or remove it from the list.
- [x] In case of feature or enhancement: documentation updated accordingly
- [x] Unless it's docs or a minor change: add [changelog](https://mailu.io/master/contributors/workflow.html#changelog) entry file.
Co-authored-by: Florent Daigniere <nextgens@freenetproject.org>