Skip to content

mix(deps): bump swoosh from 1.24.0 to 1.26.3#212

Open
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/hex/swoosh-1.26.3
Open

mix(deps): bump swoosh from 1.24.0 to 1.26.3#212
dependabot[bot] wants to merge 1 commit into
mainfrom
dependabot/hex/swoosh-1.26.3

Conversation

@dependabot

@dependabot dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown

Bumps swoosh from 1.24.0 to 1.26.3.

Release notes

Sourced from swoosh's releases.

v1.26.3

🔒 Security

  • Fix URL path injection via unencoded sender address in MsGraph adapter (GHSA-754j-98wh-57rf / CVE-2026-54893)

v1.26.2 🚀

🐛 Bug Fixes

  • Fix Postmark adapter not adding the Recipient's name to the Reply-To header @​vickz84259 (#1166)

🧰 Maintenance

  • Replace deprecated xref: [exclude:] with elixirc_options: [no_warn_undefined:] @​princemaple (#1165)

⛓️ Dependency

v1.26.1 🚀

🐛 Bug Fixes

  • fix fat-fingering content_id instead of cid, added tests, fixed outdated expected response in mua_test.exs @​waseigo (#1155)

🧰 Maintenance

v1.26.0 🚀

✨ Features

⛓️ Dependency

New Contributors

Full Changelog: swoosh/swoosh@1.25.3...v1.26.0

v1.25.3 🚀

📝 Documentation

... (truncated)

Changelog

Sourced from swoosh's changelog.

1.26.3

🔒 Security

  • Fix URL path injection via unencoded sender address in MsGraph adapter (GHSA-754j-98wh-57rf / CVE-2026-54893)

1.26.2

🐛 Bug Fixes

  • Fix Postmark adapter not adding the recipient name to the Reply-To header @​vickz84259 (#1166)

1.26.1

🐛 Bug Fixes

1.26.0

✨ Features

📝 Documentation

  • Document the new Mailpit adapter in the README

1.25.3

📝 Documentation

🧰 Maintenance

1.25.2

🐛 Bug Fixes

1.25.1

🐛 Bug Fixes

... (truncated)

Commits
  • 72a874f Prepare 1.26.3 patch release files
  • e382354 Merge commit from fork
  • 6bfb8ff chore: bump version to 1.26.2 (#1167)
  • a9b559e Merge pull request #1166 from vickz84259/fix-postmark-reply-to
  • 044ea15 bumps
  • 7cbcb3c bumps
  • 6de8cf1 Merge pull request #1157 from swoosh/dependabot/hex/bandit-1.12.0
  • 8d88c57 Bump bandit from 1.11.1 to 1.12.0
  • 86b8b70 Replace deprecated xref: [exclude:] with elixirc_options: [no_warn_undefined:...
  • 813b758 Bump req from 0.5.18 to 0.6.1 (#1158)
  • Additional commits viewable in compare view

Dependabot compatibility score

Dependabot will resolve any conflicts with this PR as long as you don't alter it yourself. You can also trigger a rebase manually by commenting @dependabot rebase.


Dependabot commands and options

You can trigger Dependabot actions by commenting on this PR:

  • @dependabot rebase will rebase this PR
  • @dependabot recreate will recreate this PR, overwriting any edits that have been made to it
  • @dependabot show <dependency name> ignore conditions will show all of the ignore conditions of the specified dependency
  • @dependabot ignore this major version will close this PR and stop Dependabot creating any more for this major version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this minor version will close this PR and stop Dependabot creating any more for this minor version (unless you reopen the PR or upgrade to it yourself)
  • @dependabot ignore this dependency will close this PR and stop Dependabot creating any more for this dependency (unless you reopen the PR or upgrade to it yourself)

Bumps [swoosh](https://github.com/swoosh/swoosh) from 1.24.0 to 1.26.3.
- [Release notes](https://github.com/swoosh/swoosh/releases)
- [Changelog](https://github.com/swoosh/swoosh/blob/main/CHANGELOG.md)
- [Commits](swoosh/swoosh@v1.24.0...v1.26.3)

---
updated-dependencies:
- dependency-name: swoosh
  dependency-version: 1.26.3
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
@dependabot @github

dependabot Bot commented on behalf of github Jul 11, 2026

Copy link
Copy Markdown
Author

Labels

The following labels could not be found: elixir. Please create it before Dependabot can add it to a pull request.

Please fix the above issues or remove invalid values from dependabot.yml.

@dependabot dependabot Bot added the dependencies Dependency updates label Jul 11, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

dependencies Dependency updates

Projects

None yet

Development

Successfully merging this pull request may close these issues.

0 participants