All notable changes to RMS Mail will be documented in this file.
emails_fts virtual table and PostgreSQL tsvector with integrated GIN indexing (Unified Edition).last_sync_uid updates immediately after each successful batch completion, allowing sync routines to safely resume after network drops or container restarts.--appendonly yes) with Docker bind-mounts to guarantee active JWT sessions and rate-limit counters survive standard docker compose down operations.gmail.readonly + gmail.modify scopes with the root https://mail.google.com/ scope, strictly required for native SASL XOAUTH2 authentication over IMAP port 993.LIKE/ILIKE fallback mechanisms with native database FTS lookups as the primary execution path.PORT=3000 with explicit HOST=0.0.0.0 environment declarations, resolving Connection reset by peer routing loops.strings.ToValidUTF8() sanitization to ALL string attributes entering database INSERT/UPDATE mutations (Subject, SenderName, SenderAddress, RecipientAddress, CcAddress, InReplyTo, Snippet, FromAddr, MsgID). Resolves runtime SQLSTATE 22021errors on corrupt headers or broken Cyrillic (Windows-1251) byte sequences.PurchaseLicense billing logic to process coupon verification inside active transactions using explicit row-level locking (FOR UPDATE), completely eliminating TOCTOU vulnerabilities. Wrapped independent SQLite FTS queries into atomic transactions to prevent index desynchronization.emails_msg_id_account_keymatching the ON CONFLICT (msg_id, account_id) specification across partitioned layouts, preventing SQLSTATE 42P10 insert crashes.SQLSTATE 42P08 type deduction errors in PostgreSQL by pre-computing full-text text vectors directly in Go string fields prior to calling to_tsvector.c.Context() with isolated context.Background() inside all deferred tx.Rollback() handlers, preventing connection pool exhaustion during client-side timeouts.CheckAccountAccess validation against IDOR parameter-spoofing attacks. Restricted shared system infrastructure routes behind requireAdmin().adduser -S -u 1000 appuser), eliminating host-to-container write blockades on /app/storage/.UpdateAccountTokens by implementing explicit redirection parameters (?oauth=error&error=...) for fatal OAuth worker conditions.bluge_index.go (293 lines), structural dependencies (bluge v0.2.2, bluge_segment_api, ice, ice/v2), language detection hooks, and the storage/index/ runtime directory. Reduced core binary size by 4MB.mail-sidebar.tsx, shortcuts-modal.tsx, attachment-preview.tsx, quick-preview.tsx) and leftover developer logs.