fix(api-mailer): smtp usage#5253
Merged
Merged
Conversation
brunozoric
force-pushed
the
bruno/fix/api-mailer-smtp
branch
from
e490b68 to
f9a8408
Compare
Add `secure` field to TransportSettings so nodemailer can negotiate TLS correctly. Change default port from 25 (blocked by most cloud providers) to 587 (STARTTLS). Wrap transport factory creation in try-catch to prevent unhandled exceptions from crashing the request. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Introduce a distinct TransportCreateError for factory failures instead of reusing TransportSendError (wrong shape and misleading error code). Add tests for port-465 auto-detection of secure: true and explicit override. Clean up redundant EventPublisher alias import. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
The test handler in @webiny/testing registered createBackgroundTaskContext but not createBackgroundTaskGraphQL, causing tests in api-scheduler and api-workflows to fail with "Unknown type WebinyBackgroundTaskError" after the background task settings feature was added. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
… chain Remove ActiveTransport in favor of iterating registered transports from last to first, using each factory's canUse() method to determine if it has the settings it needs. SMTP is tried first (registered last); if no settings exist, DummyTransport takes over (canUse always returns true). This makes DummyTransport the natural dev/testing fallback and removes the hard NoSettingsConfiguredError when SMTP isn't configured. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
Include a .yarnrc.yml in scaffolded projects with enableScripts: false, npmMinimalAgeGate: 3d, preapproved @webiny/* and wts-client packages, and the approved webiny-upgrades-v6 git repository. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
brunozoric
force-pushed
the
bruno/fix/api-mailer-smtp
branch
from
3f4b52f to
1126faf
Compare
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
1 participant
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
The SMTP transport in
@webiny/api-mailercould not negotiate TLS/SSL connections because nodemailer'ssecureoption was never set. This made it impossible to connect to modern SMTP providers (Gmail, AWS SES, etc.) that require explicit TLS configuration.Changes
securefield toTransportSettings— threaded through the full stack: types, GraphQL schema (input + response), validation, save/get repositories, andSmtpConfigmapping to nodemailer.secureis not explicitly set, it defaults totruefor port 465 (implicit TLS) andfalseotherwise.TransportCreateError— transport factory failures now return a distinct error type with the codeMailer/MailerService/TransportCreateError, instead of reusingTransportSendErrorwhich has a different shape and misleading semantics.nodemailer.createTransport()throws during construction (e.g., config validation), the error is caught and returned as aResult.failinstead of propagating as an unhandled exception.