nodemailer 9.0.0
v9.0.0

on Node.js NPM

8 hours ago

9.0.0 (2026-06-14)

⚠ BREAKING CHANGES

HTTPS requests made while fetching remote content (attachment href/path URLs, OAuth2 token endpoints, HTTP/HTTPS proxy CONNECT) now validate the server's TLS certificate by default. Requests to hosts with self-signed, expired, or hostname-mismatched certificates that previously succeeded will now fail. Opt back out per request with tls.rejectUnauthorized=false (transport options, or a per-attachment tls option).

Bug Fixes

replace deprecated url.parse with a WHATWG URL wrapper (0c080fb)
validate TLS certificates by default when fetching remote content (6a947ac)

Check out latest releases or
releases around nodemailer 9.0.0

Don't miss a new nodemailer release

NewReleases is sending notifications on new releases.

Get notifications