Removed nodemailer-direct-transport, had critical vulnerability and w…

…asn't being maintained

  - Can no longer use direct transport in nodemailer
Updated vite, oidc-client-ts to fix vulnerabilities

client/package.json

@@ -31,9 +31,9 @@
     "jquery-ui-bundle": "^1.12.1",
     "less": "^4.1.1",
     "lodash": "^4.17.21",
-    "oidc-client-ts": "^2.2.4",
+    "oidc-client-ts": "^2.4.0",
     "pinia": "^2.1.4",
-    "vite": "^4.2.0",
+    "vite": "^4.5.3",
     "vite-plugin-vuetify": "^1.0.0"
   },
   "eslintConfig": {

package.json

@@ -1,6 +1,6 @@
 {
   "name": "notify-bc",
-  "version": "4.1.12",
+  "version": "4.2.0",
   "dbSchemaVersion": "0.8.0",
   "description": "A versatile notification API server",
   "keywords": [
@@ -87,7 +87,6 @@
     "morgan": "^1.10.0",
     "node-rsa": "^0.4.1",
     "nodemailer": "^6.7.3",
-    "nodemailer-direct-transport": "^3.3.2",
     "pluralize": "^7.0.0",
     "randexp": "^0.4.3",
     "semver": "^5.3.0",

src/config.ts

@@ -42,8 +42,8 @@ const config: AnyObject = {
   siteMinderReverseProxyIps: ['127.0.0.1'],
   email: {
     defaultSmtp: {
-      direct: true,
-      name: 'localhost',
+      host: 'localhost',
+      port: 25,
     },
     inboundSmtpServer: {
       enabled: true,

src/controllers/base.controller.ts

@@ -105,20 +105,13 @@ export class BaseController {
   }
 
   nodemailer = require('nodemailer');
-  directTransport = require('nodemailer-direct-transport');
   transport: any;
   static emailLimiter: Bottleneck;
   async sendEmail(mailOptions: any) {
     const smtpCfg =
       this.appConfig.email.smtp || this.appConfig.email.defaultSmtp;
     if (!this.transport) {
-      if (smtpCfg.direct) {
-        this.transport = this.nodemailer.createTransport(
-          this.directTransport(smtpCfg),
-        );
-      } else {
-        this.transport = this.nodemailer.createTransport(smtpCfg);
-      }
+      this.transport = this.nodemailer.createTransport(smtpCfg);
     }
     if (
       !BaseController.emailLimiter &&