Sourced from net-imap's releases.
v0.4.20
What's Changed
This release backports two features to prevent unbounded memory use: the
response_handlerskeyword argument toNet::IMAP.newso response handlers can be added before the server can send any responses (ruby/net-imap#427), and themax_response_sizeconfig attribute (ruby/net-imap#445).[!NOTE] The default
max_response_sizeisnil(unlimited), to avoid backward compatibility issues with secure connections to trusted servers that are well-behaved. It can be configured more conservatively to guard against untrusted servers (for example, connecting to user-provided hostnames). It is the responsibility ofnet-imapusers to configure their client appropriately for the server they are connecting to.Added
- ✨ Add
response_handlerskwarg toNet::IMAP.newby@nevansin ruby/net-imap#427
- Backports #419
- ✨ Limit max_response_size by
@nevansin ruby/net-imap#445
- Backports #444
Documentation
- 📚 Backport documentation to v0.4 by
@nevansin ruby/net-imap#426Other Changes
- ♻️ Update versioned default configs by
@nevansin ruby/net-imap#413
- Backports #412
- ♻️ Refactor
get_responseby@nevansin ruby/net-imap#431
- Backports #422
- ♻️ Rational config versions by
@nevansin ruby/net-imap#430
- Backports #429
- ♻️ Extract ResponseReader from get_response by
@nevansin ruby/net-imap#434
- Backports #433
- ♻️ Refactoring by
@nevansin ruby/net-imap#436Miscellaneous
- ✅ Various test improvements to v0.4 by
@nevansin ruby/net-imap#425Full Changelog: https://github.com/ruby/net-imap/compare/v0.4.19...v0.4.20
5b8f9ae
🔖 Bump version to 0.4.208222a36
🔀 Merge pull request #445
from ruby/backport/v0.4-max_response_size641c4c4
✅ Fix backport compatibility with ruby 2.719bea63
✨ Make max_response_size configurableddcaabd
✨ Limit max response size to 512MiB (hard-coded)2ca4dbc
🔀 Merge pull request #436
from ruby/backport/v0.4-refactor-config-and-respons...9279f8a
✅ Fix backport compatibility with ruby 2.70e27fc1
♻️ Save ResponseReader ivars: @buff & @literal_size17064cd
✅ Fix backport compatibility with ruby 2.7e4bb734
✨ Fix Config::AttrTypeCoercion for Ractor sharing