fix: use safe Unicode string truncation to prevent panics (CWE-119)

Merge pull request #117 from theonlyhennygod/fix/unicode-truncation-panic
2026-02-15 06:49:48 -05:00
parent 5cc02c5813
commit 7b5e77f03c
12 changed files with 1689 additions and 143 deletions
--- a/Cargo.toml
+++ b/Cargo.toml
@@ -64,6 +64,11 @@ console = "0.15"
 tokio-tungstenite = { version = "0.24", features = ["rustls-tls-webpki-roots"] }
 futures-util = { version = "0.3", default-features = false, features = ["sink"] }
 hostname = "0.4.2"
+lettre = { version = "0.11.19", features = ["smtp-transport", "rustls-tls"] }
+mail-parser = "0.11.2"
+rustls-pki-types = "1.14.0"
+tokio-rustls = "0.26.4"
+webpki-roots = "1.0.6"

 # HTTP server (gateway) — replaces raw TCP for proper HTTP/1.1 compliance
 axum = { version = "0.7", default-features = false, features = ["http1", "json", "tokio", "query"] }