Bump the nuget group with 9 updates#4
Closed
dependabot[bot] wants to merge 298 commits into
Closed
Conversation
- Build: ubuntu-latest with a mcr.microsoft.com/mssql/server:2022 service container (the Data test fixture's 90s readiness wait covers startup); release job on ubuntu-latest too. - Installers: windows-latest builds the MSI + bundle; ubuntu-latest lints install.sh. GitHub-hosted runners are free for public repos and always available, unlike the offline self-hosted runner. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…olving to incompatible v7)
…l name for Bal); opt actions into Node 24 - WiX v6 ships the Bal/bundle extension dll as WixToolset.BootstrapperApplications.wixext, so the bundle build must reference that name, not WixToolset.Bal.wixext (which failed with WIX0144 'could not be found'). - Set FORCE_JAVASCRIPT_ACTIONS_TO_NODE24 to clear the Node.js 20 deprecation warning on the actions/* @v4.
…bundle payload resolves (WIX0103)
… (CI /dev/tty error)
…has no signed-by)
…nosing (retry /health, dump logs)
…2022 unsupported on 24.04)
…orts Ubuntu 24.04; Windows fwlink already 2025) - Linux install.sh: mssql-server-2025 repo (Ubuntu 24.04 supported), key at /usr/share/keyrings to match the 2025 list's signed-by. Reverts the ubuntu-22.04 CI pin back to ubuntu-latest. - Windows: the SSEI fwlink already resolves to SQL 2025 Express; noted in the bootstrap.
…MTP presets; fix Linux installer spool layout Providers (spec §8): native Amazon SES (AWS SDK, raw MIME), Postmark/Resend/SMTP2GO (HTTP JSON), SparkPost (raw MIME via email_rfc822). Enum + RelayProviderSchema + factory wiring + UI fields; SMTP-preset dropdown in the relay editor fills host/port/TLS for ~10 common providers (SES/Brevo/Gmail/M365/Postmark/Resend/ SendGrid/SMTP2GO/SparkPost/Mailjet) so any of them works via the generic SMTP provider. Factory tests cover all five new types. Installer fixes (found via the full-install CI smoke): - Resolve a relative spool dir against the content root, not the process CWD (Windows services run in system32; the systemd unit's CWD was a read-only /etc) — fixes 'Access to ./.dispatch-spool denied'. - Linux: single data dir (/var/lib/dispatch) holds appsettings + spool (mirrors Windows ProgramData); systemd WorkingDirectory + ReadWritePaths updated. 150 tests green; UI builds.
…install smoke failure
…iness to the service manager The Windows MSI install failed (1603): the service started but never signalled 'running' to the SCM, so the MSI's ServiceControl start timed out and rolled back (app log showed 'Hosting environment: Production' logged repeatedly as SCM retried). .NET hosts must call UseWindowsService() for SCM integration; added UseSystemd() too and set the unit to Type=notify (also closes the §16.3 drift). Both are no-ops when run interactively. Linux full-install already passed; this fixes the Windows end-to-end.
…s installer Signs Dispatch.msi + the DispatchSetup.exe Burn bundle via SignPath Foundation (free for OSS). Skipped until repo vars SIGNPATH_ORGANIZATION_ID/PROJECT_SLUG/ POLICY_SLUG + secret SIGNPATH_API_TOKEN are set, so the unsigned artifact stands in the meantime. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Add release.yml: on a v* tag, build the version-stamped Windows installer (DispatchSetup.exe + Dispatch.msi) and a self-contained linux-x64 tarball, then publish a GitHub Release with SHA256SUMS and auto-generated notes. Windows artifacts are Authenticode-signed via Azure Artifact Signing when the repo is provisioned (AZURE_SIGNING_* vars/secrets); the Burn bundle engine is detached, signed, reattached, then the bundle is signed. Skipped (unsigned) until then. - installer wxs: Version is now overridable via -d Version=<tag> (defaults 1.0.0) - install.sh: --prebuilt <dir> installs the self-contained tarball without the .NET SDK/Node; systemd unit resolved next to the script for tarball layout - installers.yml: drop the dormant SignPath step (CI installer builds stay unsigned; signing happens only at release time) - build.yml: remove the partial tag release job (superseded by release.yml) - docs/RELEASING.md: how to cut a release + provision Azure signing Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Adds a linux-tarball job that publishes the self-contained linux-x64 build and uploads it as a downloadable artifact on every push — no tag/release needed to grab a tarball for testing install.sh --prebuilt. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…DR defaults Add a multi-stage Dockerfile (multi-arch amd64/arm64) and a docker-compose.yml that runs Dispatch + Azure SQL Edge together (arm64-native on Apple Silicon): `docker compose up --build` → dashboard on :8420, API :8421, SMTP :2525. Fix the seeded source-IP allow-list defaults, which were loopback-only and made the dashboard unreachable on every real deployment shape (headless servers have no local browser; containers NAT every request to the bridge gateway): - webui.allowed_cidrs / api.allowed_cidrs -> empty (allow all); these are gated by the dashboard password and API keys, with CIDR as optional hardening - listener.allowed_cidrs -> loopback + RFC1918 + IPv6 ULA, so same-host/LAN/ Docker apps can submit mail without shipping an open internet relay Verified end-to-end on Apple Silicon: /health 200, SQL connected, SMTP intake 250 OK + spooled. Core 55 + Web 53 tests green. Spec §1.1 deltas updated. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…st coverage The deeper cause of the unreachable-dashboard bug: ListenerOptions/ApiOptions EffectiveAllowedCidrs silently rewrote an empty list back to loopback-only, so the seeded allow-all defaults (and any operator who cleared the list) were overridden — the ingestion API was loopback-only too. Both middlewares already treat empty as allow-all, so make EffectiveAllowedCidrs a pass-through and default the ConfigCache keys to empty; the safe baseline now lives solely in the seeded ConfigDefaults (listener = loopback + private ranges). Add the test coverage that would have caught this: - CidrMailboxFilter: private/loopback allowed, public denied, empty = allow-all - WebAuthMiddleware: outside-list 403, inside allowed, empty-list regression guard - ConfigDefaults: seed-defaults guard (webui/api allow-all, listener private-only) Also add a container HEALTHCHECK (curl /health) to the Dockerfile. Verified in the running container: /health 200, ingestion API 401 (not 403), HEALTHCHECK healthy. Core 65 + Web 57 tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…kstart release.yml: add a docker job that builds + pushes a multi-arch (amd64+arm64) image to ghcr.io/<owner>/dispatch-smtp-relay on a v* tag (semver + latest tags, buildx + QEMU, GHA layer cache); skipped on dry-run dispatch. Grants packages:write. README: add a Docker section (docker compose for local testing; docker run from GHCR with env config) covering the multi-arch image and the container-aware allow-list defaults. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- release.yml: version the Windows assets (DispatchSetup-<ver>-x64.exe,
Dispatch-<ver>-x64.msi) so each release's downloads are distinguishable
- README install docs corrected to match reality:
- Windows: real bundle behavior (DISPATCHSQL instance, skipped if present),
DispatchLog DB (was "DispatchQueue"), silent install via /quiet, existing-SQL
via the MSI + SQLCONN (dropped fabricated --silent/--server/--auth flags)
- Linux: install from the self-contained tarball with --prebuilt (dropped the
nonexistent `curl | bash install.sh` asset); note arm64 -> external SQL/Docker
- Quick Start: default dashboard is http://localhost:8420 (https only with a
cert), default SMTP port 2525 (not 25/587)
- appsettings holds connection string + Web UI TLS cert (not "only the
connection string")
- RELEASING.md: versioned asset names + GHCR image row
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Reconcile remaining drift found by auditing claims against the code: - Providers: add Amazon SES, Postmark, Resend, SparkPost, SMTP2GO everywhere (features, relay table with real required fields, supported-providers, structure) - Remove the "CSV export" claim (feature was dropped, spec §1.1) - SMTP listener defaults: ports 2525 (not 25/587), allow-list = loopback+private ranges (not 127.0.0.1/32), max message size 0/no-limit (not 25 MB) - Security: dashboard is HTTPS-when-cert-configured (not "HTTPS-only" with auto self-signed); API keys + admin password are bcrypt-hashed, provider/SMTP secrets AES-256-GCM (Linux/macOS) or DPAPI (Windows) - Upgrading: in-place MSI MajorUpgrade + additive migrations + manual drain endpoint (the old auto version-detect/drain/rollback flow isn't implemented) - Requirements: SQL Server 2025 Express bundled; arm64 -> Docker/external SQL - Project structure: WiX MSI + Burn bundle (not "WiX v5"), Dockerfile added - Hero line: SMTP default 2525 (25/587 for production) Verified against code via audit: all referenced files/links exist; routing rules + /api/routing/simulate and the drain endpoint do exist; provider field names match RelaySettings schema. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Fix the settings location: the UI sections are "Retention" + "Storage maintenance" (not "Storage & Retention") - Don't overstate configurability: the 6-hour purge schedule and the retrying/test-message retention are fixed defaults; the rest are editable - Add the facts the section omitted: 6h schedule, captured (Local) 7-day retention, on-demand purge (POST /api/purge/run), size target 9.0 GB, and the separate disk-pressure protection (throttle -> 4xx refuse -> recover) Audited licence-faq.md and CONTRIBUTING.md against the code — both accurate (MailgunProviderTests / RelayProviderFactory / RelayProviderSchema all exist), left unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Inline factual fixes: - WiX Toolset v5 -> v6 (build pins 6.0.2) - DispatchQueue -> DispatchLog everywhere except the rename note - Linux install examples: SQL Server 2025 / Ubuntu 24.04 (were 2022/22.04) - Solution structure: real test projects (no Dispatch.Integration.Tests) New §1.1 deltas (authoritative) for structural drift found by auditing §3-18: - Full provider set (adds Amazon SES, Postmark, Resend, SparkPost, SMTP2GO; Appendix A "future" ones are shipped; default relay provider is Unconfigured) - Windows install is a WiX Burn bundle chain (InstallSqlExpress launcher + MSI), not a WinForms wizard; cert generation is Linux-only - Ingestion API is HTTP-only (no api.tls_* keys); webui TLS keys live in appsettings not the config table; no webui.require_auth; config table also has listener.server_name + purge.captured_retention_days - §10.7/§11.5 pseudocode signatures are illustrative (actual signatures differ) - SMTP source-IP denial occurs at MAIL FROM, not the greeting banner - Documents two not-yet-implemented items vs spec: SMTP AUTH brute-force lockout (§17.10) and instant API-key revocation (§17.4 — honored up to the 30s cache TTL) Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…ckout
Close the two gaps the spec audit surfaced (§17.4, §17.10):
- ApiKeyCache.Invalidate(keyId): the DELETE /api/keys/{id} revoke endpoint now
evicts the key from the verification cache, so it stops working immediately
instead of lingering for up to the 30s TTL.
- SmtpAuthThrottle: per-source-IP SMTP AUTH lockout (5 failures -> 60s), refusing
AUTH without hitting the credential store while locked; mirrors LoginThrottle.
Wired into ConfiguredUserAuthenticator (records success/failure by source IP).
Tests: ApiKeyCache invalidation (evicts only the matching id), SmtpAuthThrottle
(lockout after 5, success resets, per-IP), and ConfiguredUserAuthenticator (a
locked IP is refused without a store call). Core 70 + Web 59 green.
Updates the §1.1 deltas: both are now implemented (were documented as gaps).
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- SECURITY.md: private disclosure via GitHub Security Advisories, what to include, scope (open-relay/allow-list bypass, credential/spool exposure, auth bypass, etc.), and a map of where security controls live for reviewers. - RELEASING.md: a one-time "first release" step to flip the GHCR package to public (packages are private by default) so anonymous docker pull works. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…g key Live end-to-end testing showed the single-message status endpoint resolved a message by spool id for ANY valid key, leaking another key's status/provider/ timing if the (random) id was known. Only the list endpoint was key-scoped. Now scoped per key (spec §7.4): the spool fast-path checks the .meta's ApiKeyId, and GetBySpoolIdAsync filters relay_log by api_key_id. A non-owning key gets 404. A null key id keeps the unscoped lookup for internal callers. Test: GetBySpoolId_is_scoped_to_the_calling_key (Data, live SQL). Validated live in the container: owner 200, other key 404. Data 25 + Web 59 green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Close the coverage gap surfaced by the audit — previously only "the factory builds them" was tested. Add request-building + error-mapping tests (stubbed HttpMessageHandler, no live calls): - Postmark: endpoint + X-Postmark-Server-Token, default MessageStream, and the important non-zero-ErrorCode-on-HTTP-200 -> permanent failure path - Resend: Bearer auth, id parse, 429 transient, 401 permanent - SparkPost: raw-MIME (email_rfc822) to US/EU endpoints, api-key header, 5xx transient - SMTP2GO: api_key in body, email_id parse, 5xx transient, missing key permanent - Amazon SES: required-setting validation (can't wire the AWS SDK client in a unit test) Shared StubHttpHandler + message helper in ProviderTestSupport. Providers 34 green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…fety Edge-case coverage from the adversarial pass: - Ingestion multipart with TWO attachments (csv + binary png): asserts both are preserved in the spooled .eml with filenames + exact bytes intact, alongside the text body. - Malformed 'from' address -> 400 (not 500): pins the handler's parse-exception guard so bad envelope input can't 500. - MessageLog_all_filter_fields_are_injection_safe: complements the existing FromDomain [Theory] by exercising ToDomain/RelayName/IngestSource and the LIKE-based Subject/Tag filters with DROP/DELETE payloads — literal, no match, table intact. Note: spool crash-recovery (RecoverOrphans) and corrupt-.meta quarantine are already covered in SpoolWorkerPoolTests, so not duplicated. Web 61 + Data 26 green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
When the service restarts to a new version mid-upgrade, the version- stamped session cookie is invalidated, so polling starts returning 401. Previously the dashboard sat on "reconnecting..." until a manual refresh. Add a global 401 handler (registered by AuthGate) so any unauthenticated API response drops straight to the login screen. Guarded to only fire while signed in, and auth-flow calls use fetch directly, so no loop. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Root Linux applier (installer/linux/dispatch-update.sh):
- Take the version from the SIGNED manifest, not the unsigned apply.request.
- Constrain stagedDir to strictly under <updates>/staged/ (realpath prefix
check) so a compromised service account can't aim the root applier
elsewhere (traversal/symlink escape).
- Validate the version token before it lands in fs paths / rm -rf / T-SQL.
- Read JSON via python ARGV/env instead of interpolating untrusted paths
into `python3 -c "..."` (removes a root code-injection primitive); also
for the connection-string parse. Validate the db name token.
- Harden tar extraction (--no-same-owner --no-overwrite-dir).
Downgrade protection (UpdateService.HandleUploadAsync):
- Refuse a package older than the installed version with a friendly
message (rollback attack / reintroducing fixed vulns). Same version is
allowed (repair); unparseable pairs pass (signature already vouches).
- Add CompareVersions that normalizes a 3-part release tag ("0.2.1")
against the 4-part assembly version ("0.2.1.0") so an identical release
isn't misread as a downgrade. Tests added (downgrade + comparison).
Addresses audit findings #1, #2, #3.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
#4: Pin all third-party GitHub Actions in release.yml (the job that holds DISPATCH_UPDATE_SIGNING_KEY + Azure OIDC + the release token) to full commit SHAs with a version comment: azure/trusted-signing-action, azure/login, softprops/action-gh-release, docker/*. A hijacked mutable tag can no longer run in the signing/publish job. Add .github/dependabot.yml (github-actions + npm + nuget, grouped) so pinned SHAs still get bumped. #5: Verify the appliance's inputs before baking them in (build-appliance.sh): - Ubuntu cloud image: verify SHA256SUMS's detached GPG signature against the pinned Ubuntu Cloud Image signing key, then verify the image hash against it. Fail-closed. - packages-microsoft-prod.deb: pin its SHA256 so a swapped bootstrap .deb can't install a rogue repo/key. (Individual packages are already apt signature-verified; this closes the bootstrap gap.) Addresses audit findings #4, #5. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…w change #6 Decompression bomb: the 2GiB cap was on the compressed upload only. Add CopyCappedAsync (3GiB ceiling) and use it when extracting the payload and when unwrapping a GitHub-wrapped .zip, so a gzip/zip bomb can't fill the disk before the hash check. Reported as a friendly rejection. #7 Session invalidation on password change: a changed admin password now bumps a monotonic credential epoch (webui.session_epoch); the auth cookie carries the epoch it was issued under, and OnValidatePrincipal rejects cookies with an older epoch (cached, lag-tolerant strict-older check). The acting admin's own cookie is re-issued so they stay signed in while every other session is dropped. First-run setup doesn't bump (no prior sessions). Addresses audit findings #6, #7. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
#10 Windows updater: replace Expand-Archive with a manual extraction that validates every zip entry resolves strictly under the install dir before writing (Expand-Archive/older .NET don't reject '..' entries), guarding the SYSTEM-level apply against a zip-slip in a malicious release archive. #9 Ingestion API: set the per-request MaxRequestBodySize to MaxMessageBytes (+ framing overhead) before reading, so an upload without Content-Length (chunked) is aborted while streaming instead of being buffered into several in-memory copies; return 413 on BadHttpRequestException. Addresses audit findings #9, #10. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- release.yml: fail the build if DISPATCH_UPDATE_SIGNING_KEY is unset instead of publishing an unsigned (always-rejected) upgrade package. - Ingestion: reject a subject containing control chars up front (CRLF header-injection defense-in-depth over MimeKit's encoding). - SecurityHeaders: add Permissions-Policy disabling camera/mic/geo/usb/payment. - auth.tsx: password placeholder now says min 12 (matches server policy). - api.ts sendJson: tolerate a non-JSON error body so the HTTP status surfaces instead of a parse error. - install.sh: correct the stale UMask=0177 comment to 0077. Addresses audit low/info items (M1, F2, placeholder, Permissions-Policy, robustness, comment drift). Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
SQL Server Express install can run 15-20 minutes with a progress bar that appears frozen, which looks stuck. Give the ExePackage a DisplayName the bootstrapper shows as the current progress item, reassuring the user it's normal and to wait. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Step 1 of in-product licensing. Add Dispatch.Core/Licensing: a LicenseVerifier that authenticates license keys entirely offline (no call-home), mirroring the FluxDeploy scheme - a 6-byte payload + 64-byte ECDSA P-256 (SHA-256, IEEE-P1363) signature, Crockford-Base32 encoded as a typeable XXXXX-XXXXX-... key, verified against an embedded SPKI public key. Binary licensed/not (no editions); edu is just a free-issued valid key. Payload: seqId | expiryMonth (0=perpetual) | reserved | flags. LicenseStatus.Licensed = signature valid AND not expired; fails closed. The embedded dispatch-license-public.pem is a DEV key; the production keypair will be generated in the issuer tool and its public half embedded here (private key never committed). 9 tests. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Verify() now checks the signature over payload||machineId, so a key issued for one install fails on any other (reinstall gets a fresh GUID; a leaked key won't verify elsewhere) - all still offline, no call-home. Adds an embedded seqId revocation list (dispatch-revoked-licenses.txt) shipped with each release, and a Revoked flag on LicenseStatus (Licensed = valid && !expired && !revoked). Embeds the real P-256 license public key (DEV key replaced). 13 tests green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- MachineIdentity: mints a stable per-install GUID (SQL config) that keys are
node-locked to; surfaced for the dashboard.
- LicenseService: evaluates the stored key against this machine + a 30-day
first-run grace into a LicenseSnapshot (Operational / EnforcementActive);
validates + stores pasted keys.
- LicenseGate + LicenseWorker: worker re-evaluates on a timer (and on demand)
and flips the gate; SMTP intake, HTTP ingestion, and the relay worker refuse/
pause new mail when enforced. Spool + dashboard stay up so a key recovers it.
- Config keys license.{key,machine_id,first_run_utc}; DI in AddDispatchWeb.
- 6 new license-service tests + gate enforcement test; full suite green.
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- GET/POST /api/license: status (machineId, state, expiry, grace, revoked) and key entry; POST refreshes the enforcement gate immediately + audits. - UI: System -> License page (shows Machine ID to send at purchase, license state + banner, paste-key box); nav + route wired. - Messaging: retire the "SMTP relay" tagline for "self-hosted email relay", drop "open-source"/"no license check" framing, keep "no call home/offline". Homepage GitHub links removed. Docs product-name normalized to "Dispatch". Note: binding LICENSE file, license.md/contributing/SPEC legal wording, and the remaining docs GitHub links (downloads/issues/security) are left for a deliberate licensing + distribution-channel decision - not fabricated here. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Remove the AGPL-3.0 + Commons Clause LICENSE file and licence-faq.md; the product is proprietary, licensed per install via an offline node-locked key, so no open-source license applies. Reconcile the references that claimed AGPL or linked to the removed file: README badge + Licence section, the docs License page, SPEC.md license lines, and the RELEASING signing note. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
…nal PRs) Delete CONTRIBUTING.md and the docs Contributing page; drop the contribution rows from SPEC.md and the "more providers welcome" invite from the providers overview. README's provider-adding steps are kept under a neutral "Adding a provider" dev note. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Replace the GitHub Releases download links (private repo - not public) with https://dispatchrelay.app/download across the deployment docs, and route security reports to security@dispatchrelay.app in the README to match the docs. No github.com links remain in the docs site. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Remove website/ (Astro landing + Starlight docs) and the GitHub Pages workflow from this private repo - the docs now live in the public-facing dispatch-docs repo (docs.dispatchrelay.app) and the marketing landing in dispatch-website (dispatchrelay.app), both on Cloudflare Pages. Keeping a public site's build out of the private commercial repo is the point. README doc links repointed to docs.dispatchrelay.app; repo URLs updated to CinderHillsDev/dispatch-relay. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The previous commit accidentally staged the Astro build cache (website/.gitignore was removed with the split). Remove it - website/ is fully gone now. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
The product repo (relay service + dashboard + appliance + installers) gets a more descriptive name. GitHub repo + remote renamed; README clone/badge URLs and clone dir updated. Assemblies/service names (Dispatch.*, dispatch.service) are unchanged. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Node 22 is now in Maintenance LTS (critical fixes only); 24 is the current Active LTS. Updates the UI-build Node in all workflows and the Dockerfile. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
- Dashboard: a global LicenseBanner (in the Layout, every page) - amber during the first-run grace with a day countdown, red once enforcement is active or the key is expired/revoked; hidden when licensed; polls so a pasted key clears it without a reload. - Tests: LicenseWorker (gate open during grace, closes past grace, reopens after a valid key) + a CidrMailboxFilter enforcement test (MAIL FROM refused when the gate is active). Core 129 / Web 98 green. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Dispatch is now free and open source under the Apache License 2.0. Removed the entire offline license-key system: - Delete src/Dispatch.Core/Licensing/ (verifier, service, worker, gate, machine-identity, embedded public key + revocation list), the /api/license endpoint, the dashboard License page/banner, and the 3 license test files. - Remove the three runtime enforcement points that paused/refused mail when "unlicensed past grace": SMTP intake (CidrMailboxFilter), HTTP API intake (ApiMessageHandler), and the relay worker (SpoolWorkerPool). - Drop DI registrations, the LicenseWorker hosted service, the license.* config keys, and the csproj embedded-resource entries. - Add Apache-2.0 LICENSE; update README, docs/SPEC.md, docs/RELEASING.md. Build clean, all 312 tests pass. Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Bumps AWSSDK.SimpleEmailV2 from 4.0.14.5 to 4.0.100.3 Bumps coverlet.collector from 6.0.4 to 10.0.1 Bumps Microsoft.Data.SqlClient from 7.0.1 to 7.0.2 Bumps Microsoft.Extensions.Hosting.Systemd from 10.0.0 to 10.0.9 Bumps Microsoft.Extensions.Hosting.WindowsServices from 10.0.0 to 10.0.9 Bumps Microsoft.NET.Test.Sdk from 17.14.1 to 18.7.0 Bumps Serilog.AspNetCore from 9.0.0 to 10.0.0 Bumps System.Security.Cryptography.ProtectedData from 9.0.13 to 10.0.9 Bumps xunit.runner.visualstudio from 3.1.4 to 3.1.5 --- updated-dependencies: - dependency-name: AWSSDK.SimpleEmailV2 dependency-version: 4.0.100.3 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: coverlet.collector dependency-version: 10.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: coverlet.collector dependency-version: 10.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: coverlet.collector dependency-version: 10.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: coverlet.collector dependency-version: 10.0.1 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: Microsoft.Data.SqlClient dependency-version: 7.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: Microsoft.Data.SqlClient dependency-version: 7.0.2 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: Microsoft.Extensions.Hosting.Systemd dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: Microsoft.Extensions.Hosting.WindowsServices dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: Microsoft.NET.Test.Sdk dependency-version: 18.7.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: Serilog.AspNetCore dependency-version: 10.0.0 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: System.Security.Cryptography.ProtectedData dependency-version: 10.0.9 dependency-type: direct:production update-type: version-update:semver-major dependency-group: nuget - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget - dependency-name: xunit.runner.visualstudio dependency-version: 3.1.5 dependency-type: direct:production update-type: version-update:semver-patch dependency-group: nuget ... Signed-off-by: dependabot[bot] <support@github.com>
Author
|
This pull request was built based on a group rule. Closing it will not ignore any of these versions in future pull requests. To ignore these dependencies, configure ignore rules in dependabot.yml |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Rebasing might not happen immediately, so don't worry if this takes some time.
Note: if you make any changes to this PR yourself, they will take precedence over the rebase.
Updated AWSSDK.SimpleEmailV2 from 4.0.14.5 to 4.0.100.3.
Release notes
Sourced from AWSSDK.SimpleEmailV2's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated coverlet.collector from 6.0.4 to 10.0.1.
Release notes
Sourced from coverlet.collector's releases.
10.0.1
Improvements
Fixed
Maintenance
Diff between 10.0.0 and 10.0.1
10.0.0
Improvements
--coverlet-file-prefixoption for unique report files #1869Fixed
Maintenance
Diff between 8.0.1 and 10.0.0
8.0.1
Fixed
Improvements
Diff between 8.0.0 and 8.0.1
8.0.0
Special Thanks: A huge thank you to @Bertk for driving the majority of the work in this release! 🎉
Fixed
Improvements
Diff between 6.0.4 and 8.0.0
Commits viewable in compare view.
Updated Microsoft.Data.SqlClient from 7.0.1 to 7.0.2.
Release notes
Sourced from Microsoft.Data.SqlClient's releases.
7.0.2
This update brings the following changes since the 7.0.1 release:
Companion package release notes
The following companion packages ship aligned as
7.0.2. See their individual release notes for package-specific changes (including theMicrosoft.Data.SqlClient.Extensions.AzureWAM broker support):Fixed
Fixed a
NullReferenceExceptioninSqlCommand.Cancel(). The diagnostic message built during cancellation dereferenced the active connection directly; it now uses a null-conditional access so cancellation no longer throws when the connection has already been torn down.(#4372,#4373)
Fixed a
NullReferenceExceptioninSqlDataReaderwhen callingGetBytes/GetCharswith anulldestination buffer. The argument-validation path that constructs theInvalidDestinationBufferIndexexception now guards against the null buffer so the correctArgumentExceptionis surfaced instead of an NRE.(#4159,#4206)
Fixed Always Encrypted column master key signature verification incorrectly reusing cached results. The
SignatureVerificationCachelookup logic was corrected so signature verification outcomes are cached and retrieved against the correct key, preventing stale or mismatched verification results.(#4339,#4343)
Changed
Hardened TDS token parsing with data-length bounds checks
What Changed:
(#4340,#4358)
Who Benefits:
Impact:
... (truncated)
Commits viewable in compare view.
Updated Microsoft.Extensions.Hosting.Systemd from 10.0.0 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Hosting.Systemd's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.Extensions.Hosting.WindowsServices from 10.0.0 to 10.0.9.
Release notes
Sourced from Microsoft.Extensions.Hosting.WindowsServices's releases.
No release notes found for this version range.
Commits viewable in compare view.
Updated Microsoft.NET.Test.Sdk from 17.14.1 to 18.7.0.
Release notes
Sourced from Microsoft.NET.Test.Sdk's releases.
18.7.0
What's Changed
New Contributors
Full Changelog: microsoft/vstest@v18.6.0...v18.7.0
18.6.0
What's Changed
Changes to tests and infra
... (truncated)
18.5.1
What's Changed
Full Changelog: microsoft/vstest@v18.5.0...v18.5.1
18.5.0
What's Changed
Full Changelog: microsoft/vstest@v18.4.0...v18.5.0
18.4.0
What's Changed
Add LoongArch64 support by @stdmnpkg in Add LoongArch64 support microsoft/vstest#15359
Refactor Condition evaluation by @Youssef1313 in Refactor Condition evaluation microsoft/vstest#15357
Adding info on extensions points part 1 by @nohwnd in Adding info on extensions points part 1 microsoft/vstest#15360
Add option to ask for uploading code QL before the standard window ends by @nohwnd in Add option to ask for uploading code QL before the standard window ends microsoft/vstest#15373
Update runtime versions by @nohwnd in Update runtime versions microsoft/vstest#15372
Fix .NET 10 regression for traits by @Youssef1313 in Fix .NET 10 regression for traits microsoft/vstest#15370
Update target frameworks to net10.0 and net11.0 by @dotnet-maestro[bot] in Update target frameworks to net10.0 and net11.0 microsoft/vstest#15349
Fix names in pipeline matrix so we don't have to align them by @nohwnd in Fix names in pipeline matrix so we don't have to align them microsoft/vstest#15365
Update SECURITY.md by @Youssef1313 in Update SECURITY.md microsoft/vstest#15342
New Contributors
Full Changelog: microsoft/vstest@v18.3.0...v18.4.0
18.3.0
What's Changed
Internal fixes and updates
New Contributors
18.0.1
What's Changed
Fixing an issue with loading covrun64.dll on systems that have .NET 10 SDK installed: https://learn.microsoft.com/en-us/dotnet/core/compatibility/sdk/10.0/code-coverage-dynamic-native-instrumentation
Internal changes
Full Changelog: microsoft/vstest@v18.0.0...v18.0.1
18.0.0
What's Changed
Internal fixes and updates
... (truncated)
Commits viewable in compare view.
Updated Serilog.AspNetCore from 9.0.0 to 10.0.0.
Release notes
Sourced from Serilog.AspNetCore's releases.
10.0.0
What's Changed
New Contributors
Full Changelog: serilog/serilog-aspnetcore@v9.0.0...v10.0.0
Commits viewable in compare view.
Updated System.Security.Cryptography.ProtectedData from 9.0.13 to 10.0.9.
Release notes
Sourced from System.Security.Cryptography.ProtectedData's releases.
10.0.0-preview.6.25358.103
You can build .NET 10.0 Preview 6 from the repository by cloning the release tag
v10.0.0-preview.6.25358.103and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
10.0.0-preview.5.25277.114
You can build .NET 10.0 Preview 5 from the repository by cloning the release tag
v10.0.0-preview.5.25277.114and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
10.0.0-preview.4.25258.110
You can build .NET 10.0 Preview 4 from the repository by cloning the release tag
v10.0.0-preview.4.25258.110and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
10.0.0-preview.3.25171.5
You can build .NET 10.0 Preview 3 from the repository by cloning the release tag
v10.0.0-preview.3.25171.5and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
10.0.0-preview.2.25163.2
You can build .NET 10.0 Preview 2 from the repository by cloning the release tag
v10.0.0-preview.2.25163.2and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
10.0.0-preview.1.25080.5
You can build .NET 10.0 Preview 1 from the repository by cloning the release tag
v10.0.0-preview.1.25080.5and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.118
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.118and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached is a PGP signature for the GitHub generated tarball. You can find the public key at https://dot.net/release-key-2023
9.0.117
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.117and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.116
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.116and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.115
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.115and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.114
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.114and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached is the PGP signature for the GitHub generated tarball. You can find the public key at https://dot.net/release-key-2023
9.0.113
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.113and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.112
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.112and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.111
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.111and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.110
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.110and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.109
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.109and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
9.0.101
You can build .NET 9.0 from the repository by cloning the release tag
v9.0.101and following the build instructions in the main README.md.Alternatively, you can build from the sources attached to this release directly.
More information on this process can be found in the dotnet/dotnet repository.
Attached are PGP signatures for the GitHub generated tarball and zipball. You can find the public key at https://dot.net/release-key-2023
Commits viewable in compare view.
Updated xunit.runner.visualstudio from 3.1.4 to 3.1.5.
Release notes
Sourced from xunit.runner.visualstudio's releases.
3.1.5
Release notes: https://xunit.net/releases/visualstudio/3.1.5
Commits viewable in compare view.
Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting
@dependabot rebase.Dependabot commands and options
You can trigger Dependabot actions by commenting on this PR:
@dependabot rebasewill rebase this PR@dependabot recreatewill recreate this PR, overwriting any edits that have been made to it@dependabot show <dependency name> ignore conditionswill show all of the ignore conditions of the specified dependency@dependabot ignore <dependency name> major versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's major version (unless you unignore this specific dependency's major version or upgrade to it yourself)@dependabot ignore <dependency name> minor versionwill close this group update PR and stop Dependabot creating any more for the specific dependency's minor version (unless you unignore this specific dependency's minor version or upgrade to it yourself)@dependabot ignore <dependency name>will close this group update PR and stop Dependabot creating any more for the specific dependency (unless you unignore this specific dependency or upgrade to it yourself)@dependabot unignore <dependency name>will remove all of the ignore conditions of the specified dependency@dependabot unignore <dependency name> <ignore condition>will remove the ignore condition of the specified dependency and ignore conditions