chore(deps): update module github.com/getkin/kin-openapi to v0.134.0

2026-03-25 06:07:26 +00:00
18 changed files with 64 additions and 6875 deletions
--- a/3
+++ b/3
@ -175,8 +175,7 @@ ENV HAPPYDELIVER_DATABASE_TYPE=sqlite \
    HAPPYDELIVER_DOMAIN=happydeliver.local \
    HAPPYDELIVER_ADDRESS_PREFIX=test- \
    HAPPYDELIVER_DNS_TIMEOUT=5s \
-    HAPPYDELIVER_HTTP_TIMEOUT=10s \
+    HAPPYDELIVER_HTTP_TIMEOUT=10s
    HAPPYDELIVER_RSPAMD_API_URL=http://127.0.0.1:11334
 # Volume for persistent data
 VOLUME ["/var/lib/happydeliver", "/var/log/happydeliver"]
--- a/api/openapi.yaml
+++ b/api/openapi.yaml
@ -926,10 +926,6 @@ components:
          format: float
          description: Score contribution of this test
          example: -1.9
        params:
          type: string
          description: Symbol parameters or options
          example: "0.02"
        description:
          type: string
          description: Human-readable description of what this test checks
@ -979,7 +975,7 @@ components:
        symbols:
          type: object
          additionalProperties:
-            $ref: '#/components/schemas/SpamTestDetail'
+            $ref: '#/components/schemas/RspamdSymbol'
          description: Map of triggered rspamd symbols to their details
          example:
            BAYES_HAM:
@ -990,6 +986,25 @@ components:
          type: string
          description: Full rspamd report (raw X-Spamd-Result header)
    RspamdSymbol:
      type: object
      required:
        - name
        - score
      properties:
        name:
          type: string
          description: Symbol name
          example: "BAYES_HAM"
        score:
          type: number
          format: float
          description: Score contribution of this symbol
          example: -1.9
        params:
          type: string
          description: Symbol parameters or options
          example: "0.02"
    DNSResults:
      type: object
--- a/internal/config/cli.go
+++ b/internal/config/cli.go
@ -39,7 +39,6 @@ func declareFlags(o *Config) {
 	flag.DurationVar(&o.Analysis.HTTPTimeout, "http-timeout", o.Analysis.HTTPTimeout, "Timeout when performing HTTP query")
 	flag.Var(&StringArray{&o.Analysis.RBLs}, "rbl", "Append a RBL (use this option multiple time to append multiple RBLs)")
 	flag.BoolVar(&o.Analysis.CheckAllIPs, "check-all-ips", o.Analysis.CheckAllIPs, "Check all IPs found in email headers against RBLs (not just the first one)")
 	flag.StringVar(&o.Analysis.RspamdAPIURL, "rspamd-api-url", o.Analysis.RspamdAPIURL, "rspamd API URL for symbol descriptions (default: use embedded list)")
 	flag.DurationVar(&o.ReportRetention, "report-retention", o.ReportRetention, "How long to keep reports (e.g., 720h, 30d). 0 = keep forever")
 	flag.UintVar(&o.RateLimit, "rate-limit", o.RateLimit, "API rate limit (requests per second per IP)")
 	flag.Var(&URL{&o.SurveyURL}, "survey-url", "URL for user feedback survey")
--- a/internal/config/config.go
+++ b/internal/config/config.go
@ -72,8 +72,7 @@ type AnalysisConfig struct {
 	HTTPTimeout  time.Duration
 	RBLs         []string
 	DNSWLs       []string
-	CheckAllIPs  bool   // Check all IPs found in headers, not just the first one
+	CheckAllIPs  bool // Check all IPs found in headers, not just the first one
 	RspamdAPIURL string // rspamd API URL for fetching symbol descriptions (empty = use embedded list)
 }
 // DefaultConfig returns a configuration with sensible defaults
--- a/pkg/analyzer/analyzer.go
+++ b/pkg/analyzer/analyzer.go
@ -47,7 +47,6 @@ func NewEmailAnalyzer(cfg *config.Config) *EmailAnalyzer {
 		cfg.Analysis.RBLs,
 		cfg.Analysis.DNSWLs,
 		cfg.Analysis.CheckAllIPs,
 		cfg.Analysis.RspamdAPIURL,
 	)
 	return &EmailAnalyzer{
@ -138,7 +137,7 @@ func (a *APIAdapter) CheckBlacklistIP(ip string) ([]api.BlacklistCheck, []api.Bl
 		IPsChecked:  []string{ip},
 		ListedCount: listedCount,
 	}
-	score, grade := a.analyzer.generator.rblChecker.CalculateScore(results, false)
+	score, grade := a.analyzer.generator.rblChecker.CalculateScore(results)
 	// Check the IP against all configured DNSWLs (informational only)
 	whitelists, _, err := a.analyzer.generator.dnswlChecker.CheckIP(ip)
--- a/pkg/analyzer/authentication.go
+++ b/pkg/analyzer/authentication.go
@ -152,32 +152,27 @@ func (a *AuthenticationAnalyzer) CalculateAuthenticationScore(results *api.Authe
 	score := 0
-	// Core authentication (90 points total)
+	// IPRev (15 points)
-	// SPF (30 points)
+	score += 15 * a.calculateIPRevScore(results) / 100
 	score += 30 * a.calculateSPFScore(results) / 100
-	// DKIM (30 points)
+	// SPF (25 points)
-	score += 30 * a.calculateDKIMScore(results) / 100
+	score += 25 * a.calculateSPFScore(results) / 100
-	// DMARC (30 points)
+	// DKIM (23 points)
-	score += 30 * a.calculateDMARCScore(results) / 100
+	score += 23 * a.calculateDKIMScore(results) / 100
 	// X-Google-DKIM (optional) - penalty if failed
 	score += 12 * a.calculateXGoogleDKIMScore(results) / 100
 	// X-Aligned-From
 	score += 2 * a.calculateXAlignedFromScore(results) / 100
 	// DMARC (25 points)
 	score += 25 * a.calculateDMARCScore(results) / 100
 	// BIMI (10 points)
 	score += 10 * a.calculateBIMIScore(results) / 100
 	// Penalty-only: IPRev (up to -7 points on failure)
 	if iprevScore := a.calculateIPRevScore(results); iprevScore < 100 {
 		score += 7 * (iprevScore - 100) / 100
 	}
 	// Penalty-only: X-Google-DKIM (up to -12 points on failure)
 	score += 12 * a.calculateXGoogleDKIMScore(results) / 100
 	// Penalty-only: X-Aligned-From (up to -5 points on failure)
 	if xAlignedScore := a.calculateXAlignedFromScore(results); xAlignedScore < 100 {
 		score += 5 * (xAlignedScore - 100) / 100
 	}
 	// Ensure score doesn't exceed 100
 	if score > 100 {
 		score = 100
--- a/pkg/analyzer/authentication_spf.go
+++ b/pkg/analyzer/authentication_spf.go
@ -63,16 +63,6 @@ func (a *AuthenticationAnalyzer) parseLegacySPF(email *EmailMessage) *api.AuthRe
 		return nil
 	}
 	// Verify receiver matches our hostname
 	if a.receiverHostname != "" {
 		receiverRe := regexp.MustCompile(`receiver=([^\s;]+)`)
 		if matches := receiverRe.FindStringSubmatch(receivedSPF); len(matches) > 1 {
 			if matches[1] != a.receiverHostname {
 				return nil
 			}
 		}
 	}
 	result := &api.AuthResult{}
 	// Extract result (first word)
--- a/pkg/analyzer/dns.go
+++ b/pkg/analyzer/dns.go
@ -105,7 +105,7 @@ func (d *DNSAnalyzer) AnalyzeDNS(email *EmailMessage, headersResults *api.Header
 	results.SpfRecords = d.checkSPFRecords(spfDomain)
 	// Check DKIM records by parsing DKIM-Signature headers directly
-	for _, sig := range parseDKIMSignatures(email.Header["Dkim-Signature"]) {
+	for _, sig := range parseDKIMSignatures(email.Header["DKIM-Signature"]) {
 		dkimRecord := d.checkDKIMRecord(sig.Domain, sig.Selector)
 		if dkimRecord != nil {
 			if results.DkimRecords == nil {
--- a/pkg/analyzer/rbl.go
+++ b/pkg/analyzer/rbl.go
@ -300,24 +300,13 @@ func (r *DNSListChecker) reverseIP(ipStr string) string {
 // CalculateScore calculates the list contribution to deliverability.
 // Informational lists are not counted in the score.
-func (r *DNSListChecker) CalculateScore(results *DNSListResults, forWhitelist bool) (int, string) {
+func (r *DNSListChecker) CalculateScore(results *DNSListResults) (int, string) {
 	scoringListCount := len(r.Lists) - len(r.informationalSet)
 	if forWhitelist {
 		if results.ListedCount >= scoringListCount {
 			return 100, "A++"
 		} else if results.ListedCount > 0 {
 			return 100, "A+"
 		} else {
 			return 95, "A"
 		}
 	}
 	if results == nil || len(results.IPsChecked) == 0 {
 		return 100, ""
 	}
-	if results.ListedCount <= 0 {
+	scoringListCount := len(r.Lists) - len(r.informationalSet)
 	if scoringListCount <= 0 {
 		return 100, "A+"
 	}
--- a/pkg/analyzer/report.go
+++ b/pkg/analyzer/report.go
@ -49,12 +49,11 @@ func NewReportGenerator(
 	rbls []string,
 	dnswls []string,
 	checkAllIPs bool,
 	rspamdAPIURL string,
 ) *ReportGenerator {
 	return &ReportGenerator{
 		authAnalyzer:    NewAuthenticationAnalyzer(receiverHostname),
 		spamAnalyzer:    NewSpamAssassinAnalyzer(),
-		rspamdAnalyzer:  NewRspamdAnalyzer(LoadRspamdSymbols(rspamdAPIURL)),
+		rspamdAnalyzer:  NewRspamdAnalyzer(),
 		dnsAnalyzer:     NewDNSAnalyzer(dnsTimeout),
 		rblChecker:      NewRBLChecker(dnsTimeout, rbls, checkAllIPs),
 		dnswlChecker:    NewDNSWLChecker(dnsTimeout, dnswls, checkAllIPs),
@ -141,10 +140,8 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 	blacklistScore := 0
 	var blacklistGrade string
 	var whitelistGrade string
 	if results.RBL != nil {
-		blacklistScore, blacklistGrade = r.rblChecker.CalculateScore(results.RBL, false)
+		blacklistScore, blacklistGrade = r.rblChecker.CalculateScore(results.RBL)
 		_, whitelistGrade = r.dnswlChecker.CalculateScore(results.DNSWL, true)
 	}
 	saScore, saGrade := r.spamAnalyzer.CalculateSpamAssassinScore(results.SpamAssassin)
@ -175,7 +172,7 @@ func (r *ReportGenerator) GenerateReport(testID uuid.UUID, results *AnalysisResu
 		AuthenticationScore: authScore,
 		AuthenticationGrade: api.ScoreSummaryAuthenticationGrade(authGrade),
 		BlacklistScore:      blacklistScore,
-		BlacklistGrade:      api.ScoreSummaryBlacklistGrade(MinGrade(blacklistGrade, whitelistGrade)),
+		BlacklistGrade:      api.ScoreSummaryBlacklistGrade(blacklistGrade),
 		ContentScore:        contentScore,
 		ContentGrade:        api.ScoreSummaryContentGrade(contentGrade),
 		HeaderScore:         headerScore,
--- a/pkg/analyzer/report_test.go
+++ b/pkg/analyzer/report_test.go
@ -32,7 +32,7 @@ import (
 )
 func TestNewReportGenerator(t *testing.T) {
-	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false, "")
+	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	if gen == nil {
 		t.Fatal("Expected report generator, got nil")
 	}
@ -55,7 +55,7 @@ func TestNewReportGenerator(t *testing.T) {
 }
 func TestAnalyzeEmail(t *testing.T) {
-	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false, "")
+	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	email := createTestEmail()
@ -75,7 +75,7 @@ func TestAnalyzeEmail(t *testing.T) {
 }
 func TestGenerateReport(t *testing.T) {
-	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false, "")
+	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	testID := uuid.New()
 	email := createTestEmail()
@ -130,7 +130,7 @@ func TestGenerateReport(t *testing.T) {
 }
 func TestGenerateReportWithSpamAssassin(t *testing.T) {
-	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false, "")
+	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	testID := uuid.New()
 	email := createTestEmailWithSpamAssassin()
@ -150,7 +150,7 @@ func TestGenerateReportWithSpamAssassin(t *testing.T) {
 }
 func TestGenerateRawEmail(t *testing.T) {
-	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false, "")
+	gen := NewReportGenerator("", 10*time.Second, 10*time.Second, DefaultRBLs, DefaultDNSWLs, false)
 	tests := []struct {
 		name     string
--- a/pkg/analyzer/rspamd-symbols-README.md
+++ b/pkg/analyzer/rspamd-symbols-README.md
@ -1,21 +0,0 @@
 # rspamd-symbols.json
 This file contains rspamd symbol descriptions, embedded into the binary at compile time as a fallback when no rspamd API URL is configured.
 ## How to update
 Fetch the latest symbols from a running rspamd instance:
 ```sh
 curl http://127.0.0.1:11334/symbols > rspamd-symbols.json
 ```
 Or with docker:
 ```sh
 docker run --rm --name rspamd --pull always rspamd/rspamd
 docker exec -u 0 rspamd apt install -y curl
 docker exec rspamd curl http://127.0.0.1:11334/symbols > rspamd-symbols.json
 ```
 Then rebuild the project.
--- a/pkg/analyzer/rspamd-symbols.json
+++ b/pkg/analyzer/rspamd-symbols.json
--- a/pkg/analyzer/rspamd.go
+++ b/pkg/analyzer/rspamd.go
@ -37,13 +37,11 @@ const (
 )
 // RspamdAnalyzer analyzes rspamd results from email headers
-type RspamdAnalyzer struct {
+type RspamdAnalyzer struct{}
 	symbols map[string]string
 }
-// NewRspamdAnalyzer creates a new rspamd analyzer with optional symbol descriptions
+// NewRspamdAnalyzer creates a new rspamd analyzer
-func NewRspamdAnalyzer(symbols map[string]string) *RspamdAnalyzer {
+func NewRspamdAnalyzer() *RspamdAnalyzer {
-	return &RspamdAnalyzer{symbols: symbols}
+	return &RspamdAnalyzer{}
 }
 // AnalyzeRspamd extracts and analyzes rspamd results from email headers
@ -61,7 +59,7 @@ func (a *RspamdAnalyzer) AnalyzeRspamd(email *EmailMessage) *api.RspamdResult {
 	}
 	result := &api.RspamdResult{
-		Symbols: make(map[string]api.SpamTestDetail),
+		Symbols: make(map[string]api.RspamdSymbol),
 	}
 	// Parse X-Spamd-Result header (primary source for score, threshold, and symbols)
@ -85,16 +83,6 @@ func (a *RspamdAnalyzer) AnalyzeRspamd(email *EmailMessage) *api.RspamdResult {
 		result.Server = &server
 	}
 	// Populate symbol descriptions from the lookup map
 	if a.symbols != nil {
 		for name, sym := range result.Symbols {
 			if desc, ok := a.symbols[name]; ok {
 				sym.Description = &desc
 				result.Symbols[name] = sym
 			}
 		}
 	}
 	// Derive IsSpam from score vs reject threshold.
 	if result.Threshold > 0 {
 		result.IsSpam = result.Score >= result.Threshold
@ -141,7 +129,7 @@ func (a *RspamdAnalyzer) parseSpamdResult(header string, result *api.RspamdResul
 		if len(matches) > 2 {
 			name := matches[1]
 			score, _ := strconv.ParseFloat(matches[2], 64)
-			sym := api.SpamTestDetail{
+			sym := api.RspamdSymbol{
 				Name:  name,
 				Score: float32(score),
 			}
--- a/pkg/analyzer/rspamd_symbols.go
+++ b/pkg/analyzer/rspamd_symbols.go
@ -1,105 +0,0 @@
 // This file is part of the happyDeliver (R) project.
 // Copyright (c) 2026 happyDomain
 // Authors: Pierre-Olivier Mercier, et al.
 //
 // This program is offered under a commercial and under the AGPL license.
 // For commercial licensing, contact us at <contact@happydomain.org>.
 //
 // For AGPL licensing:
 // This program is free software: you can redistribute it and/or modify
 // it under the terms of the GNU Affero General Public License as published by
 // the Free Software Foundation, either version 3 of the License, or
 // (at your option) any later version.
 //
 // This program is distributed in the hope that it will be useful,
 // but WITHOUT ANY WARRANTY; without even the implied warranty of
 // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 // GNU Affero General Public License for more details.
 //
 // You should have received a copy of the GNU Affero General Public License
 // along with this program.  If not, see <https://www.gnu.org/licenses/>.
 package analyzer
 import (
 	_ "embed"
 	"encoding/json"
 	"io"
 	"log"
 	"net/http"
 	"strings"
 	"time"
 )
 //go:embed rspamd-symbols.json
 var embeddedRspamdSymbols []byte
 // rspamdSymbolGroup represents a group of rspamd symbols from the API/embedded JSON.
 type rspamdSymbolGroup struct {
 	Group string              `json:"group"`
 	Rules []rspamdSymbolEntry `json:"rules"`
 }
 // rspamdSymbolEntry represents a single rspamd symbol entry.
 type rspamdSymbolEntry struct {
 	Symbol      string  `json:"symbol"`
 	Description string  `json:"description"`
 	Weight      float64 `json:"weight"`
 }
 // parseRspamdSymbolsJSON parses the rspamd symbols JSON into a name->description map.
 func parseRspamdSymbolsJSON(data []byte) map[string]string {
 	var groups []rspamdSymbolGroup
 	if err := json.Unmarshal(data, &groups); err != nil {
 		log.Printf("Failed to parse rspamd symbols JSON: %v", err)
 		return nil
 	}
 	symbols := make(map[string]string, len(groups)*10)
 	for _, g := range groups {
 		for _, r := range g.Rules {
 			if r.Description != "" {
 				symbols[r.Symbol] = r.Description
 			}
 		}
 	}
 	return symbols
 }
 // LoadRspamdSymbols loads rspamd symbol descriptions.
 // If apiURL is non-empty, it fetches from the rspamd API first, falling back to the embedded list on error.
 func LoadRspamdSymbols(apiURL string) map[string]string {
 	if apiURL != "" {
 		if symbols := fetchRspamdSymbols(apiURL); symbols != nil {
 			return symbols
 		}
 		log.Printf("Failed to fetch rspamd symbols from %s, using embedded list", apiURL)
 	}
 	return parseRspamdSymbolsJSON(embeddedRspamdSymbols)
 }
 // fetchRspamdSymbols fetches symbol descriptions from the rspamd API.
 func fetchRspamdSymbols(apiURL string) map[string]string {
 	url := strings.TrimRight(apiURL, "/") + "/symbols"
 	client := &http.Client{Timeout: 10 * time.Second}
 	resp, err := client.Get(url)
 	if err != nil {
 		log.Printf("Error fetching rspamd symbols: %v", err)
 		return nil
 	}
 	defer resp.Body.Close()
 	if resp.StatusCode != http.StatusOK {
 		log.Printf("rspamd API returned status %d", resp.StatusCode)
 		return nil
 	}
 	body, err := io.ReadAll(resp.Body)
 	if err != nil {
 		log.Printf("Error reading rspamd symbols response: %v", err)
 		return nil
 	}
 	return parseRspamdSymbolsJSON(body)
 }
--- a/pkg/analyzer/rspamd_test.go
+++ b/pkg/analyzer/rspamd_test.go
@ -30,7 +30,7 @@ import (
 )
 func TestAnalyzeRspamdNoHeaders(t *testing.T) {
-	analyzer := NewRspamdAnalyzer(nil)
+	analyzer := NewRspamdAnalyzer()
 	email := &EmailMessage{Header: make(mail.Header)}
 	result := analyzer.AnalyzeRspamd(email)
@ -126,12 +126,12 @@ func TestParseSpamdResult(t *testing.T) {
 		},
 	}
-	analyzer := NewRspamdAnalyzer(nil)
+	analyzer := NewRspamdAnalyzer()
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
 			result := &api.RspamdResult{
-				Symbols: make(map[string]api.SpamTestDetail),
+				Symbols: make(map[string]api.RspamdSymbol),
 			}
 			analyzer.parseSpamdResult(tt.header, result)
@ -241,7 +241,7 @@ func TestAnalyzeRspamd(t *testing.T) {
 		},
 	}
-	analyzer := NewRspamdAnalyzer(nil)
+	analyzer := NewRspamdAnalyzer()
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@ -340,7 +340,7 @@ func TestCalculateRspamdScore(t *testing.T) {
 		},
 	}
-	analyzer := NewRspamdAnalyzer(nil)
+	analyzer := NewRspamdAnalyzer()
 	for _, tt := range tests {
 		t.Run(tt.name, func(t *testing.T) {
@ -380,7 +380,7 @@ func TestAnalyzeRspamdRealEmail(t *testing.T) {
 		t.Fatalf("Failed to parse email: %v", err)
 	}
-	analyzer := NewRspamdAnalyzer(nil)
+	analyzer := NewRspamdAnalyzer()
 	result := analyzer.AnalyzeRspamd(email)
 	if result == nil {
--- a/pkg/analyzer/scoring.go
+++ b/pkg/analyzer/scoring.go
@ -73,8 +73,6 @@ func ScoreToReportGrade(score int) api.ReportGrade {
 // gradeRank returns a numeric rank for a grade (lower = worse)
 func gradeRank(grade string) int {
 	switch grade {
 	case "A++":
 		return 7
 	case "A+":
 		return 6
 	case "A":
--- a/web/src/lib/components/RspamdCard.svelte
+++ b/web/src/lib/components/RspamdCard.svelte
@ -75,7 +75,7 @@
                            <tr>
                                <th>Symbol</th>
                                <th class="text-end">Score</th>
-                                <th>Description</th>
+                                <th>Parameters</th>
                            </tr>
                        </thead>
                        <tbody>
@ -87,14 +87,7 @@
                                          ? "table-success"
                                          : ""}
                                >
-                                    <td>
+                                    <td class="font-monospace">{symbolName}</td>
                                        <span class="font-monospace">{symbolName}</span>
                                        {#if symbol.params}
                                            <small class="d-block text-muted">
                                                {symbol.params}
                                            </small>
                                        {/if}
                                    </td>
                                    <td class="text-end">
                                        <span
                                            class={symbol.score > 0
@ -106,7 +99,7 @@
                                            {symbol.score > 0 ? "+" : ""}{symbol.score.toFixed(2)}
                                        </span>
                                    </td>
-                                    <td class="small text-muted">{symbol.description ?? ""}</td>
+                                    <td class="small text-muted">{symbol.params ?? ""}</td>
                                </tr>
                            {/each}
                        </tbody>