Haraka

v3.2.0 Breaking

This release includes 1 breaking change for platform teams planning a safe upgrade.

Published 10d Communication & Email

✓ No known CVEs patched

✓ No known CVEs patched in this version

Topics

dkim haraka javascript mta nodejs smtp

+1 more

spf

Affected surfaces

deps breaking_upgrade

ReleasePort's take

Light signal

editorial:auto 10d

Version v3.2.0 replaces the address‑rfc2821 and address‑rfc2822 plugins with @haraka/email-address.

Why it matters: Affects dependency graph; operators must update import statements before upgrading to avoid runtime errors.

AI summary

Breaking change: address-rfc2821 and address-rfc2822 plugins replaced with @haraka/email-address.

Type	Severity	Summary	CVE
Breaking	Medium	Replaces address-rfc2821 and address-rfc2822 dependencies with @haraka/email-address. Replaces address-rfc2821 and address-rfc2822 dependencies with @haraka/email-address. Source: llm_adapter@2026-05-24 Confidence: low	—
Bugfix	Medium	Merges worker status into summary output. Merges worker status into summary output. Source: llm_adapter@2026-05-24 Confidence: high	—

Full changelog

dep: replace address-rfc282{1,2} with @haraka/email-address #3566
- change(BREAKING for some plugins), see https://github.com/haraka/Haraka/issues/3564
fix(status): merge worker status into summary #3574

Removed plugins address-rfc2821 and address-rfc2822; replaced with @haraka/email-address.

Weekly OSS security release digest.

The CVE patches and breaking changes that affected production tools this week. One email, every Sunday.

No spam, unsubscribe anytime.

Share this release

Track Haraka

Get notified when new releases ship.

About Haraka

Fast, highly extensible, and event driven SMTP server.