Update stalwartlabs/stalwart Docker tag to v0.16.12 #834

Merged
renovate merged 1 commit from renovate/stalwartlabs-stalwart-0.16.x into master 2026-07-06 16:22:02 +00:00
Collaborator

This PR contains the following updates:

Package Update Change
stalwartlabs/stalwart patch v0.16.11v0.16.12

Release Notes

stalwartlabs/stalwart (stalwartlabs/stalwart)

v0.16.12

Compare Source

[0.16.12] - 2026-07-06

If you are upgrading from v0.16.x, replace the binary (or run docker pull). If you are upgrading from v0.15.x and below, please read the upgrading documentation for more information on how to upgrade from previous versions.

Added

Changed

Fixed

  • DANE: Treat DNSSEC bogus as a temporary failures to prevent downgrade attacks.
  • OIDC provider:
    • ECDSA private key support for SEC1 format.
    • Allow ports in redirect_uri for loopback addresses.
  • OIDC directory:
    • Removing a user from all groups does not sync the changes correctly.
    • Fetch name and group claims from userinfo endpoint when missing from the JWT token.
  • PostgreSQL: Include error chain in error messages.
  • Prometheus: event counters are exported with incorrect metric names.
  • Registry: Changing the type of an existing account from user to group panics.
  • Masked emails: Return UnknownRecipient only for disabled or expired masked emails.
  • IDN: sanitize_email rejects valid Punycode domains.
  • Auto-ban: IP block expiration ignores per-reason ban durations.
  • Meilisearch: Limit the text search scope using attributesToSearchOn.
  • CalDAV: calendar-query REPORT returns invalid HTTP 404 when no events match the query.
  • Snowflake past id generation fails when the provided duration is longer than 4 years.
  • Calendar scheduling: Wrong RSVP base URL is used.
  • Network listener: Accept loop spins all CPU cores with no back-off when the process hits EMFILE (too many open files).
  • Cluster: Broadcast MTA queue refresh events to all nodes.

Check binary attestation here

Configuration

📅 Schedule: (UTC)

  • Branch creation
    • At any time (no schedule defined)
  • Automerge
    • At any time (no schedule defined)

🚦 Automerge: Enabled.

Rebasing: Whenever PR is behind base branch, or you tick the rebase/retry checkbox.

🔕 Ignore: Close this PR and you won't be reminded about this update again.


  • If you want to rebase/retry this PR, check this box

This PR has been generated by Mend Renovate.

This PR contains the following updates: | Package | Update | Change | |---|---|---| | [stalwartlabs/stalwart](https://github.com/stalwartlabs/stalwart) | patch | `v0.16.11` → `v0.16.12` | --- ### Release Notes <details> <summary>stalwartlabs/stalwart (stalwartlabs/stalwart)</summary> ### [`v0.16.12`](https://github.com/stalwartlabs/stalwart/releases/tag/v0.16.12) [Compare Source](https://github.com/stalwartlabs/stalwart/compare/v0.16.11...v0.16.12) #### \[0.16.12] - 2026-07-06 If you are upgrading from v0.16.x, replace the binary (or run `docker pull`). If you are upgrading from v0.15.x and below, please read the [upgrading documentation](https://github.com/stalwartlabs/stalwart/blob/main/UPGRADING/v0_16.md) for more information on how to upgrade from previous versions. #### Added - DKIM2 implementation ([draft-ietf-dkim-dkim2-spec-03](https://datatracker.ietf.org/doc/draft-ietf-dkim-dkim2-spec/)). - DMARCbis implementation: - Domain-based Message Authentication, Reporting, and Conformance (DMARC) ([RFC 9989](https://datatracker.ietf.org/doc/html/rfc9989)) - DMARC Aggregate Reporting ([RFC 9990](https://datatracker.ietf.org/doc/html/rfc9990)) - DMARC Failure Reporting ([RFC 9991](https://datatracker.ietf.org/doc/html/rfc9991)) #### Changed #### Fixed - DANE: Treat DNSSEC `bogus` as a temporary failures to prevent downgrade attacks. - OIDC provider: - `ECDSA` private key support for `SEC1` format. - Allow ports in `redirect_uri` for loopback addresses. - OIDC directory: - Removing a user from all groups does not sync the changes correctly. - Fetch `name` and `group` claims from userinfo endpoint when missing from the JWT token. - PostgreSQL: Include error chain in error messages. - Prometheus: event counters are exported with incorrect metric names. - Registry: Changing the type of an existing account from `user` to `group` panics. - Masked emails: Return `UnknownRecipient` only for disabled or expired masked emails. - IDN: `sanitize_email` rejects valid Punycode domains. - Auto-ban: IP block expiration ignores per-reason ban durations. - Meilisearch: Limit the text search scope using `attributesToSearchOn`. - CalDAV: `calendar-query` REPORT returns invalid HTTP `404` when no events match the query. - Snowflake past id generation fails when the provided duration is longer than 4 years. - Calendar scheduling: Wrong RSVP base URL is used. - Network listener: Accept loop spins all CPU cores with no back-off when the process hits `EMFILE` (too many open files). - Cluster: Broadcast MTA queue refresh events to all nodes. <hr /> ##### Check binary attestation [here](https://github.com/stalwartlabs/stalwart/attestations/34033385) </details> --- ### Configuration 📅 **Schedule**: (UTC) - Branch creation - At any time (no schedule defined) - Automerge - At any time (no schedule defined) 🚦 **Automerge**: Enabled. ♻ **Rebasing**: Whenever PR is behind base branch, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Mend Renovate](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiI0My4yNTIuMiIsInVwZGF0ZWRJblZlciI6IjQzLjI1Mi4yIiwidGFyZ2V0QnJhbmNoIjoibWFzdGVyIiwibGFiZWxzIjpbIm1haW50ZW5hbmNlIl19-->
renovate scheduled this pull request to auto merge when all checks succeed 2026-07-06 16:22:01 +00:00
renovate merged commit 768be6f85a into master 2026-07-06 16:22:02 +00:00
Sign in to join this conversation.
No reviewers
No labels
No milestone
No project
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
simon.beck/talos!834
No description provided.