Merge pull request #4733 from mailcow/staging

Amoogus Update 2022 - Nightly Switch
fix tfa modal trigger from dav/eas login
2022-09-01 14:59:34 +02:00 · 2022-09-01 09:53:08 +02:00 · 2022-08-31 11:37:45 +02:00 · 2022-08-31 11:31:59 +02:00 · 2022-08-31 11:31:55 +02:00 · 2022-08-31 10:40:35 +02:00
1043 changed files with 13484 additions and 16158 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,120 +0,0 @@
---
-kind: pipeline
-name: integration-testing
-
-platform:
-  os: linux
-  arch: amd64
-
-clone:
-  disable: true
-
-steps:
- name: prepare-tests
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - git clone https://github.com/mailcow/mailcow-integration-tests.git --branch $(curl -sL https://api.github.com/repos/mailcow/mailcow-integration-tests/releases/latest | jq -r '.tag_name') --single-branch .
-  - chmod +x ci.sh
-  - chmod +x ci-ssh.sh
-  - chmod +x ci-piprequierments.sh
-  - ./ci.sh
-  - wget -O group_vars/all/secrets.yml $SECRETS_DOWNLOAD_URL --quiet
-  environment:
-    SECRETS_DOWNLOAD_URL:
-      from_secret: SECRETS_DOWNLOAD_URL
-    VAULT_PW:
-      from_secret: VAULT_PW
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: lint
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ansible-lint ./
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: create-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-start-server.yml --diff
-  - ./ci-ssh.sh
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: setup-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - sleep 120
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-setup-server.yml --private-key /drone/src/id_ssh_rsa --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: run-tests
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-integration-tests.yml --private-key /drone/src/id_ssh_rsa --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: delete-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-delete-server.yml --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-    status:
-    - failure
-    - success
-
---
-kind: signature
-hmac: f6619243fe2a27563291c9f2a46d93ffbc3b6dced9a05f23e64b555ce03a31e5
-
-...
--- a/.github/ISSUE_TEMPLATE/Bug_report.md
+++ b/.github/ISSUE_TEMPLATE/Bug_report.md
@@ -1,60 +0,0 @@
---
-name: 🐞 Bug Report
-about: Report a reproducible bug for mailcow. (NOT to be used for support questions.)
-labels: bug
---
-
-<!--
-  Please DO NOT delete this template or use it for support questions.
-  You are welcome to visit us on our community channels listed at https://mailcow.github.io/mailcow-dockerized-docs/#community-support
-  For official support, please check https://mailcow.github.io/mailcow-dockerized-docs/#commercial-support
-->
-
-**Prior to placing the issue, please check following:** *(fill out each checkbox with an `X` once done)*
- [ ] I understand that not following or deleting the below instructions will result in immediate closure and/or deletion of my issue.
- [ ] I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
- [ ] I have understood that answers are voluntary and community-driven, and not commercial support.
- [ ] I have verified that my issue has not been already answered in the past. I also checked previous [issues](https://github.com/mailcow/mailcow-dockerized/issues).
-
-## Summary
-<!--
-  This should be a clear and concise description of what the bug is. What EXACTLY does happen?
-  If applicable, add screenshots to help explain your problem. Very useful for bugs in mailcow UI.
-  Write your detailed description below.
-
-  Also mention on which commit/date your mailcow instance was last updated.
-->
-
-## Logs
-<!--
-  Please take a look at the [official documentation](https://mailcow.github.io/mailcow-dockerized-docs/debug-logs/) and post the last
-  few lines of logs, when the error occurs. For example, docker container logs of affected containers.
-->
-
-## Reproduction
-<!--
-  It is really helpful to know how exactly you are able to reproduce the reported issue.
-  Have you tried to fix the issue? What did you try?
-  What are the exact steps to get the above described behavior?
-  Screenshots can be added, if helpful. Add the text below.
-->
-
-## System information
-<!--
-  In this stage we would kindly ask you to attach general system information about your setup.
-  Please carefully read the questions and instructions below.
-->
-
-| Question | Answer |
-| --- | --- |
-| My operating system | I_DO_REPLY_HERE |
-| Is Apparmor, SELinux or similar active? | I_DO_REPLY_HERE |
-| Virtualization technlogy (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
-| Server/VM specifications (Memory, CPU Cores) | I_DO_REPLY_HERE |
-| Docker Version (`docker version`) | I_DO_REPLY_HERE |
-| Docker-Compose Version (`docker-compose version`) | I_DO_REPLY_HERE |
-| Reverse proxy (custom solution) | I_DO_REPLY_HERE |
-
- Output of `git diff origin/master`, any other changes to the code? If so, **please post them**.
- All third-party firewalls and custom iptables rules are unsupported. *Please check the Docker docs about how to use Docker with your own ruleset*. Nevertheless, iptabels output can help us to help you: `iptables -L -vn`, `ip6tables -L -vn`, `iptables -L -vn -t nat` and `ip6tables -L -vn -t nat`.
- DNS problems? Please run `docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254` (set the IP accordingly, if you changed the internal mailcow network) and post the output.
--- a/.github/ISSUE_TEMPLATE/Bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/Bug_report.yml
@@ -0,0 +1,95 @@
+name: 🐞 Bug Report
+description: Report a reproducible bug for mailcow. (NOT to be used for support questions.)
+labels: ["bug"]
+body:
+  - type: checkboxes
+    attributes:
+      label: Contribution guidelines
+      description: Please read the contribution guidelines before proceeding.
+      options:
+        - label: I've read the [contribution guidelines](https://github.com/mailcow/mailcow-dockerized/blob/master/CONTRIBUTING.md) and wholeheartedly agree
+          required: true
+  - type: checkboxes
+    attributes:
+      label: I've found a bug and checked that ...
+      description: Prior to placing the issue, please check following:** *(fill out each checkbox with an `X` once done)*
+      options:
+      - label: ... I understand that not following the below instructions will result in immediate closure and/or deletion of my issue.
+        required: true
+      - label: ... I have understood that this bug report is dedicated for bugs, and not for support-related inquiries.
+        required: true
+      - label: ... I have understood that answers are voluntary and community-driven, and not commercial support.
+        required: true
+      - label: ... I have verified that my issue has not been already answered in the past. I also checked previous [issues](https://github.com/mailcow/mailcow-dockerized/issues).
+        required: true
+  - type: textarea
+    attributes:
+      label: Description
+      description: Please provide a brief description of the bug in 1-2 sentences. If applicable, add screenshots to help explain your problem. Very useful for bugs in mailcow UI.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Logs
+      description: Please take a look at the [official documentation](https://mailcow.github.io/mailcow-dockerized-docs/debug-logs/) and post the last few lines of logs, when the error occurs. For example, docker container logs of affected containers. This will be automatically formatted into code, so no need for backticks.
+      render: bash
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Steps to reproduce
+      description: Please describe the steps to reproduce the bug. Screenshots can be added, if helpful.
+      placeholder: |-
+        1. ...
+        2. ...
+        3. ...
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: System information
+      description: In this stage we would kindly ask you to attach general system information about your setup.
+      value: |-
+             | Question | Answer |
+             | --- | --- |
+             | My operating system | I_DO_REPLY_HERE |
+             | Is Apparmor, SELinux or similar active? | I_DO_REPLY_HERE |
+             | Virtualization technology (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
+             | Server/VM specifications (Memory, CPU Cores) | I_DO_REPLY_HERE |
+             | Docker version (`docker version`) | I_DO_REPLY_HERE |
+             | docker-compose version (`docker-compose version`) | I_DO_REPLY_HERE |
+             | mailcow version (```git describe --tags `git rev-list --tags --max-count=1` ```) | I_DO_REPLY_HERE |
+             | Reverse proxy (custom solution) | I_DO_REPLY_HERE |
+
+             Output of `git diff origin/master`, any other changes to the code? If so, **please post them**:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+
+             All third-party firewalls and custom iptables rules are unsupported. **Please check the Docker docs about how to use Docker with your own ruleset**. Nevertheless, iptabels output can help us to help you:
+             iptables -L -vn:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+
+             ip6tables -L -vn:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+
+             iptables -L -vn -t nat:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+
+             ip6tables -L -vn -t nat:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+
+             DNS problems? Please run `docker exec -it $(docker ps -qf name=acme-mailcow) dig +short stackoverflow.com @172.22.1.254` (set the IP accordingly, if you changed the internal mailcow network) and post the output:
+             ```
+             YOUR OUTPUT GOES HERE
+             ```
+    validations:
+      required: true
--- a/.github/ISSUE_TEMPLATE/Feature_request.md
+++ b/.github/ISSUE_TEMPLATE/Feature_request.md
@@ -1,29 +0,0 @@
---
-name: 💡 Feature Request
-about: Suggest an idea for mailcow.
-labels: enhancement
---
-
-<!--
-  Please note that the mailcow team and its contributors do have finite
-  resources and that we can not work on all filed feature requests.
-
-  However making us aware about certain ideas can help us improving
-  mailcow together.
-  
-  We're also happy to help you getting a specific  feature implemented.
-->
-
-## Summary
-
-A clear and concise description of what the problem is.
-For example: I'm always frustrated when [...]
-
-## Motivation
-
-What are you about to solve or improve with this idea?
-What would be the benefit for most users?
-
-## Additional context
-
-Add any other context or screenshots about the feature request.
--- a/.github/ISSUE_TEMPLATE/Feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/Feature_request.yml
@@ -0,0 +1,20 @@
+name: 💡 Feature Request
+description: Suggest an idea for mailcow.
+labels: ["enhancement"]
+body:
+  - type: textarea
+    attributes:
+      label: Summary
+      description: Please describe your idea in a reasonable amount of detail.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Motivation
+      description: Please describe how your idea would benefit you and other users.
+    validations:
+      required: true
+  - type: textarea
+    attributes:
+      label: Additional context
+      description: Add any other context or screenshots about the feature request.
--- a/.github/workflows/close_old_issues_and_prs.yml
+++ b/.github/workflows/close_old_issues_and_prs.yml
@@ -14,7 +14,7 @@ jobs:
      pull-requests: write
    steps:
      - name: Mark/Close Stale Issues and Pull Requests 🗑️
-        uses: actions/stale@v4
+        uses: actions/stale@v5.1.1
        with:
          repo-token: ${{ secrets.STALE_ACTION_PAT }}
          days-before-stale: 60
@@ -30,6 +30,7 @@ jobs:
          stale-issue-label: "stale"
          stale-pr-label: "stale"
          exempt-draft-pr: "true"
+          close-issue-reason: "not_planned"
          operations-per-run: "250"
          ascending: "true"
          #DRY-RUN
--- a/.github/workflows/image_builds.yml
+++ b/.github/workflows/image_builds.yml
@@ -0,0 +1,42 @@
+name: Build mailcow Docker Images
+
+on:
+  push:
+    branches: [ "master", "staging" ]
+  workflow_dispatch:
+
+jobs:
+  docker_image_builds:
+    strategy:
+      matrix:
+        images:
+          - "acme-mailcow"
+          - "clamd-mailcow"
+          - "dockerapi-mailcow"
+          - "dovecot-mailcow"
+          - "netfilter-mailcow"
+          - "olefy-mailcow"
+          - "php-fpm-mailcow"
+          - "postfix-mailcow"
+          - "rspamd-mailcow"
+          - "sogo-mailcow"
+          - "solr-mailcow"
+          - "unbound-mailcow"
+          - "watchdog-mailcow"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Docker
+        run: |
+          curl -sSL https://get.docker.com/ | CHANNEL=stable sudo sh
+          sudo service docker start
+          sudo curl -L https://github.com/docker/compose/releases/download/v$(curl -Ls https://www.servercow.de/docker-compose/latest.php)/docker-compose-$(uname -s)-$(uname -m) > /usr/local/bin/docker-compose
+          sudo chmod +x /usr/local/bin/docker-compose
+      - name: Prepair Image Builds
+        run: |
+          cp helper-scripts/docker-compose.override.yml.d/BUILD_FLAGS/docker-compose.override.yml docker-compose.override.yml
+      - name: Build Docker Images
+        run: |
+          docker-compose build ${image}
+        env:
+          image: ${{ matrix.images }}
--- a/.github/workflows/integration_tests.yml
+++ b/.github/workflows/integration_tests.yml
@@ -0,0 +1,60 @@
+name: mailcow Integration Tests
+
+on:
+  push:
+    branches: [ "master", "staging" ]
+  workflow_dispatch:
+
+jobs:
+  integration_tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup Ansible
+        run: |
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          sudo apt-get install python3 python3-pip git
+          sudo pip3 install ansible
+      - name: Prepair Test Environment
+        run: |
+          git clone https://github.com/mailcow/mailcow-integration-tests.git --branch $(curl -sL https://api.github.com/repos/mailcow/mailcow-integration-tests/releases/latest | jq -r '.tag_name') --single-branch .
+          ./fork_check.sh
+          ./ci.sh
+          ./ci-pip-requirements.sh
+        env:
+          VAULT_PW: ${{ secrets.MAILCOW_TESTS_VAULT_PW }}
+          VAULT_FILE: ${{ secrets.MAILCOW_TESTS_VAULT_FILE }}
+      - name: Start Integration Test Server
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-start-server.yml --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Setup Integration Test Server
+        run: |
+          ./fork_check.sh
+          sleep 30
+          ansible-playbook mailcow-setup-server.yml --private-key id_ssh_rsa --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Run Integration Tests
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-integration-tests.yml --private-key id_ssh_rsa --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Delete Integration Test Server
+        if: always()
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-delete-server.yml --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
--- a/.github/workflows/tweet-trigger-publish-release.yml
+++ b/.github/workflows/tweet-trigger-publish-release.yml
@@ -0,0 +1,17 @@
+name: "Tweet trigger release"
+on:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Tweet-trigger-publish-release
+        uses: mugi111/tweet-trigger-release@v1.1
+        with:
+          consumer_key: ${{ secrets.CONSUMER_KEY }}
+          consumer_secret: ${{ secrets.CONSUMER_SECRET }}
+          access_token_key: ${{ secrets.ACCESS_TOKEN_KEY }}
+          access_token_secret: ${{ secrets.ACCESS_TOKEN_SECRET }}
+          tweet_body: 'A new mailcow-dockerized Release has been Released on GitHub! Checkout our GitHub Page for the latest Release: github.com/mailcow/mailcow-dockerized/releases/latest'
--- a/.gitignore
+++ b/.gitignore
@@ -56,6 +56,7 @@ data/web/templates/cache/*
 data/web/.well-known/acme-challenge
 data/web/css/build/0081-custom-mailcow.css
 data/web/inc/vars.local.inc.php
+data/web/inc/app_info.inc.php
 data/web/nextcloud*/
 data/web/rc*/
 docker-compose.override.yml
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,16 +0,0 @@
-sudo: required
-services:
- docker
-script:
- echo 'Europe/Berlin' | MAILCOW_HOSTNAME=build.mailcow ./generate_config.sh
- docker-compose pull --ignore-pull-failures --parallel
- docker-compose build
- docker login --username=$DOCKER_HUB_USERNAME --password=$DOCKER_HUB_PASSWORD
- docker-compose push
-branches:
-  only:
-  - master_disabled
-env:
-  global:
-  - secure: MpxpTwD7f0CNEVLitSpVmocK7O9r+BwFE1deEHK4AlQo/oc9cOlhGe1EL3mx9zbglPmjlDg/8kMUGv6vSirIabfBo9Szjps76bHckFr9lr2Ykkg0e29oC8pgPpSXD1eY/1ZIN/FvIkxpUFLETo1okS/j9q/A0DCGFmti0n3EoMORsgRz9CpNAiEh0zpSd6+euPAGHuczuCrDuO84my9bIOCjA/+aPunHNeXiuM8yIM2SxCSyGtIKT0+jvquIvLF58VxivysXBlRfhDn8fhB09nXA2Ru/derYQACfcmNSn9Pd4bDpebPJW5B9H/XA8xjb58uKinUlncbAMB/QnxoT75j9YRWJZRSQ+34XNYP6ZgK9soZ2TC6djQyEKTUu45Kp/1s+poSn42m9jytJJTmmK0KxsZTRcC8JD5nrjIMZWPUNNTwC5L4+I7ZRWg2WooK3LNyq1Ng8Hn6W77wSgsvAJw2HD3Lx58AprGUhHuBeaIZRuSN9aKwZrl9vKQJLqPnOp/nF2EC6kot5HYYtcotGtETXPUDih21gWD5ZM2BqVqYfQQnJnNMgeYmMdj6QQuTFqhuNJf7hXRIRkTnD3j1gDOLKQZazW0+N2JE8XWDFwi6fKScDsxT85lJti9HmzHa7+k4RVHmUYuDgRoPuzUgjWHvPsiz3/Z8WQ9JYpH84S8w=
-  - secure: fWzZisT6nGDNL4lf6tXB07eFG2drgBakHxzdF/NFVvzuP861RFR6omuL+ED0PgXrEHDJBxaBLv52je8irmUXrAH1CNr7T8DWiZo/h5h609Uzr+38T1NnIu4krL0Wo6/CDwlLKnzqTq9yBIZLQSHVJmo8AOpo1JPIi2ajodqj9ZfmAxDQTQl+G6zvQjtqIkYHsHY7A44Rto0f14ykn7w2S82Jn6Ry89VNI5V1WEO3sMpM/XekNP/HokNcRIuntL/0+kuLvTJ5akGoTjBQxSnSW95opzPeGky74HRU2obExJYqKvF0VfVJRNAqejwjIiFIbbjqV0Sk5391kFuhuBErQQDM1bOHGdxZ41HsJH29qNWIl7C33Yl10qERoqecgsJ1N/bS2ZEmWqm/zQh5GClCXPvYmzEqMYsMGM3vjbKdjDlc1Wh2w/eFclsXN9LSXh1mc35rtj46frcT6e5Kof87AIfC9hTgDvk9kAsyjaHMkSHSZthbZXCIcsD8qriNm5UqfFBYD79mPIP1S2YMQ2jscCsjHOZgYVrcm0kzDF21J1w6H0Lo7d1jw37LYlegBdtLQ9gYgqY2D5m+nxWuVoD5FZmpR+5JGtK+ootyLFF8aiFoHXd4op1JCxRLjgkmnZKXzw3kTQSpE7oa7CgzchtQmK2nqcqla1b5Qk7ilVcjooo=
--- a/README.md
+++ b/README.md
@@ -1,5 +1,9 @@
 # mailcow: dockerized - 🐮 + 🐋 = 💕
-[![master build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/master?label=master%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![staging build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/staging?label=staging%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![Translation status](https://translate.mailcow.email/widgets/mailcow-dockerized/-/translation/svg-badge.svg)](https://translate.mailcow.email/engage/mailcow-dockerized/)
+
+## We stand with 🇺🇦
+
+[![Mailcow Integration Tests](https://github.com/mailcow/mailcow-dockerized/actions/workflows/integration_tests.yml/badge.svg?branch=master)](https://github.com/mailcow/mailcow-dockerized/actions/workflows/integration_tests.yml)
+[![Translation status](https://translate.mailcow.email/widgets/mailcow-dockerized/-/translation/svg-badge.svg)](https://translate.mailcow.email/engage/mailcow-dockerized/)
 [![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/mailcow_email.svg?style=social&label=Follow%20%40mailcow_email)](https://twitter.com/mailcow_email)

 ## Want to support mailcow?
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,42 @@
+# Security Policies and Procedures
+
+This document outlines security procedures and general policies for the _mailcow: dockerized_ project as found on [mailcow-dockerized](https://github.com/mailcow/mailcow-dockerized).
+
+  * [Reporting a Vulnerability](#reporting-a-vulnerability)
+  * [Disclosure Policy](#disclosure-policy)
+  * [Comments on this Policy](#comments-on-this-policy)
+
+## Reporting a Vulnerability 
+
+The mailcow team and community take all security vulnerabilities
+seriously. Thank you for improving the security of our open source 
+software. We appreciate your efforts and responsible disclosure and will
+make every effort to acknowledge your contributions.
+
+Report security vulnerabilities by emailing the mailcow team at:
+    
+    info at servercow.de
+
+mailcow team will acknowledge your email as soon as possible, and will
+send a more detailed response afterwards indicating the next steps in 
+handling your report. After the initial reply to your report, the mailcow
+team will endeavor to keep you informed of the progress towards a fix and
+full announcement, and may ask for additional information or guidance.
+
+Report security vulnerabilities in third-party modules to the person or 
+team maintaining the module.
+
+## Disclosure Policy
+
+When the mailcow team receives a security bug report, they will assign it
+to a primary handler. This person will coordinate the fix and release
+process, involving the following steps:
+
+  * Confirm the problem and determine the affected versions.
+  * Audit code to find any potential similar problems.
+  * Prepare fixes for all releases still under maintenance.
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved please submit a
+pull request.
--- a/create_cold_standby.sh
+++ b/create_cold_standby.sh
--- a/data/Dockerfiles/acme/Dockerfile
+++ b/data/Dockerfiles/acme/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -1,60 +1,21 @@
-FROM debian:bullseye-slim
+FROM clamav/clamav:0.105.1_base

 LABEL maintainer "André Peters <andre.peters@servercow.de>"

-ARG CLAMAV=0.103.5
-RUN apt-get update && apt-get install -y --no-install-recommends \
-  ca-certificates \
-  zlib1g-dev \
-  libcurl4-openssl-dev \
-  libncurses5-dev \
-  libzip-dev \
-  libpcre2-dev \
-  libxml2-dev \
-  libssl-dev \
-  build-essential \
-  libjson-c-dev \
-  curl \
-  bash \
-  wget \
-  tzdata \
-  dnsutils \
+RUN apk upgrade --no-cache \
+  && apk add --update --no-cache \
  rsync \
-  dos2unix \
-  netcat \
-  && rm -rf /var/lib/apt/lists/* \
-  && wget -O - https://www.clamav.net/downloads/production/clamav-${CLAMAV}.tar.gz | tar xfvz - \
-  && cd clamav-${CLAMAV} \
-  && ./configure \
-  --prefix=/usr \
-  --libdir=/usr/lib \
-  --sysconfdir=/etc/clamav \
-  --mandir=/usr/share/man \
-  --infodir=/usr/share/info \
-  --disable-llvm \
-  --with-user=clamav \
-  --with-group=clamav \
-  --with-dbdir=/var/lib/clamav \
-  --enable-clamdtop \
-  --enable-bigstack \
-  --with-pcre \
-  && make -j4 \
-  && make install \
-  && make clean \
-  && cd .. && rm -rf clamav-${CLAMAV} \
-  && apt-get -y --auto-remove purge build-essential \
-  && apt-get -y purge zlib1g-dev \
-  libncurses5-dev \
-  libzip-dev \
-  libpcre2-dev \
-  libxml2-dev \
-  libssl-dev \
-  libjson-c-dev \
-  && addgroup --system --gid 700 clamav \
-  && adduser --system --no-create-home --home /var/lib/clamav --uid 700 --gid 700 --disabled-login clamav \
-  && rm -rf /tmp/* /var/tmp/*
+  bind-tools \
+  bash 

-COPY clamd.sh ./
-COPY tini /sbin/tini
+# init
+COPY clamd.sh /clamd.sh
+RUN chmod +x /sbin/tini

+# healthcheck
+COPY healthcheck.sh /healthcheck.sh
+RUN chmod +x /healthcheck.sh
+HEALTHCHECK --start-period=6m CMD "/healthcheck.sh"
+
+ENTRYPOINT []
 CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]
--- a/data/Dockerfiles/clamd/healthcheck.sh
+++ b/data/Dockerfiles/clamd/healthcheck.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+  echo "SKIP_CLAMD=y, skipping ClamAV..."
+  exit 0
+fi
+
+# run clamd healthcheck
+/usr/local/bin/clamdcheck.sh
--- a/data/Dockerfiles/clamd/tini
+++ b/data/Dockerfiles/clamd/tini
--- a/data/Dockerfiles/dockerapi/Dockerfile
+++ b/data/Dockerfiles/dockerapi/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -1,10 +1,10 @@
-FROM debian:buster-slim
+FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
-ARG DOVECOT=2.3.17.1
+ARG DOVECOT=2.3.19.1
 ENV LC_ALL C
-ENV GOSU_VERSION 1.12
+ENV GOSU_VERSION 1.14

 # Add groups and users before installing Dovecot to not break compatibility
 RUN groupadd -g 5000 vmail \
@@ -89,7 +89,7 @@ RUN groupadd -g 5000 vmail \
  && chmod +x /usr/local/bin/gosu \
  && gosu nobody true \
  && apt-key adv --fetch-keys https://repo.dovecot.org/DOVECOT-REPO-GPG \
-  && echo "deb https://repo.dovecot.org/ce-${DOVECOT}/debian/buster buster main" > /etc/apt/sources.list.d/dovecot.list \
+  && echo "deb https://repo.dovecot.org/ce-${DOVECOT}/debian/bullseye bullseye main" > /etc/apt/sources.list.d/dovecot.list \
  && apt-get update \
  && apt-get -y --no-install-recommends install \
  dovecot-lua \
--- a/data/Dockerfiles/dovecot/docker-entrypoint.sh
+++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh
@@ -307,12 +307,29 @@ namespace {
 }
 EOF

+# Get SOGo IPv6 from Dig
+SOGO_V6=$(dig +answer sogo AAAA +short)
+
+if [ $SOGO_V6 ]; then
+cat <<EOF > /etc/dovecot/sogo_trusted_ip.conf
+# Autogenerated by mailcow
+remote ${IPV4_NETWORK}.248 {
+  disable_plaintext_auth = no
+}
+
+remote ${SOGO_V6} {
+  disable_plaintext_auth = no
+}
+EOF
+
+else
 cat <<EOF > /etc/dovecot/sogo_trusted_ip.conf
 # Autogenerated by mailcow
 remote ${IPV4_NETWORK}.248 {
  disable_plaintext_auth = no
 }
 EOF
+fi

 # Create random master Password for SOGo SSO
 RAND_PASS=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 32 | head -n 1)
@@ -349,6 +366,14 @@ sievec /var/vmail/sieve/global_sieve_after.sieve
 sievec /usr/lib/dovecot/sieve/report-spam.sieve
 sievec /usr/lib/dovecot/sieve/report-ham.sieve

+for file in /var/vmail/*/*/sieve/*.sieve ; do
+  if [[ "$file" == "/var/vmail/*/*/sieve/*.sieve" ]]; then
+    continue
+  fi
+  sievec "$file" "$(dirname "$file")/../.dovecot.svbin"
+  chown vmail:vmail "$(dirname "$file")/../.dovecot.svbin"
+done
+
 # Fix permissions
 chown root:root /etc/dovecot/sql/*.conf
 chown root:dovecot /etc/dovecot/sql/dovecot-dict-sql-sieve* /etc/dovecot/sql/dovecot-dict-sql-quota* /etc/dovecot/lua/passwd-verify.lua
--- a/data/Dockerfiles/dovecot/imapsync
+++ b/data/Dockerfiles/dovecot/imapsync
--- a/data/Dockerfiles/dovecot/imapsync_runner.pl
+++ b/data/Dockerfiles/dovecot/imapsync_runner.pl
@@ -166,11 +166,17 @@ while ($row = $sth->fetchrow_arrayref()) {
      $success = 1;
    }

-    $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ? WHERE id = ?");
+    $keep_job_active = 1;
+    if (defined $exit_status && $exit_status eq "EXIT_AUTHENTICATION_FAILURE_USER1") {
+      $keep_job_active = 0;
+    }
+
+    $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ?, active = ? WHERE id = ?");
    $update->bind_param( 1, ${stdout} );
    $update->bind_param( 2, ${success} );
    $update->bind_param( 3, ${exit_status} );
-    $update->bind_param( 4, ${id} );
+    $update->bind_param( 4, ${keep_job_active} );
+    $update->bind_param( 5, ${id} );
    $update->execute();
  } catch {
    $update = $dbh->prepare("UPDATE imapsync SET returned_text = 'Could not start or finish imapsync', success = 0 WHERE id = ?");
--- a/data/Dockerfiles/dovecot/quarantine_notify.py
+++ b/data/Dockerfiles/dovecot/quarantine_notify.py
@@ -161,7 +161,7 @@ try:
      attrs = json.loads(attrs.decode('utf-8'))
    if attrs['quarantine_notification'] not in ('hourly', 'daily', 'weekly'):
      continue
-    if last_notification == 0 or (last_notification + time_trans[attrs['quarantine_notification']]) < time_now:
+    if last_notification == 0 or (last_notification + time_trans[attrs['quarantine_notification']]) <= time_now:
      print("Notifying %s: Considering %d new items in quarantine (policy: %s)" % (record['rcpt'], record['counter'], attrs['quarantine_notification']))
      notify_rcpt(record['rcpt'], record['counter'], record['quarantine_acl'], attrs['quarantine_category'])

--- a/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/dovecot/syslog-ng.conf
+++ b/data/Dockerfiles/dovecot/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/netfilter/Dockerfile
+++ b/data/Dockerfiles/netfilter/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ENV XTABLES_LIBDIR /usr/lib/xtables
--- a/data/Dockerfiles/netfilter/server.py
+++ b/data/Dockerfiles/netfilter/server.py
@@ -94,7 +94,7 @@ def refreshF2bregex():
    f2bregex = {}
    f2bregex[1] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)'
    f2bregex[2] = 'Rspamd UI: Invalid password by ([0-9a-f\.:]+)'
-    f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed'
+    f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed: (?!.*Connection lost to authentication server).+'
    f2bregex[4] = 'warning: non-SMTP command from .*\[([0-9a-f\.:]+)]:.+'
    f2bregex[5] = 'NOQUEUE: reject: RCPT from \[([0-9a-f\.:]+)].+Protocol error.+'
    f2bregex[6] = '-login: Disconnected \(auth failed, .+\): user=.*, method=.+, rip=([0-9a-f\.:]+),'
--- a/data/Dockerfiles/olefy/Dockerfile
+++ b/data/Dockerfiles/olefy/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 WORKDIR /app
@@ -8,9 +8,9 @@ RUN apk add --virtual .build-deps gcc musl-dev python3-dev libffi-dev openssl-de
  && apk add --update --no-cache python3 py3-pip openssl tzdata libmagic \
  && pip3 install --upgrade pip \
  && pip3 install --upgrade asyncio python-magic \
-  && pip3 install --upgrade https://github.com/HeinleinSupport/oletools/archive/master.zip \
+  && pip3 install --upgrade https://github.com/decalage2/oletools/archive/master.zip \
  && apk del .build-deps
-#  && sed -i 's/decompress_stream(bytearray(compressed_code))/bytes2str(decompress_stream(bytearray(compressed_code)))/g' /usr/lib/python3.8/site-packages/oletools/olevba.py
+#  && sed -i 's/template_injection_detected = True/template_injection_detected = False/g' /usr/lib/python3.9/site-packages/oletools/olevba.py

 ADD olefy.py /app/

--- a/data/Dockerfiles/phpfpm/Dockerfile
+++ b/data/Dockerfiles/phpfpm/Dockerfile
@@ -1,12 +1,12 @@
-FROM php:8.0-fpm-alpine3.14
+FROM php:8.0-fpm-alpine3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

-ENV APCU_PECL 5.1.20
-ENV IMAGICK_PECL 3.5.1
+ENV APCU_PECL 5.1.21
+ENV IMAGICK_PECL 3.7.0
 # Mailparse is pulled from master branch
 #ENV MAILPARSE_PECL 3.0.2
-ENV MEMCACHED_PECL 3.1.5
-ENV REDIS_PECL 5.3.4
+ENV MEMCACHED_PECL 3.2.0
+ENV REDIS_PECL 5.3.7

 RUN apk add -U --no-cache autoconf \
  aspell-dev \
--- a/data/Dockerfiles/postfix/Dockerfile
+++ b/data/Dockerfiles/postfix/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:buster-slim
+FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
--- a/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/postfix/syslog-ng.conf
+++ b/data/Dockerfiles/postfix/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/rspamd/Dockerfile
+++ b/data/Dockerfiles/rspamd/Dockerfile
@@ -21,7 +21,8 @@ RUN apt-get update && apt-get install -y \
  && apt-get clean \
  && mkdir -p /run/rspamd \
  && chown _rspamd:_rspamd /run/rspamd \
-  && echo 'alias ll="ls -la --color"' >> ~/.bashrc
+  && echo 'alias ll="ls -la --color"' >> ~/.bashrc \
+  && sed -i 's/#analysis_keyword_table > 0/analysis_cat_table.macro_exist == "M"/g' /usr/share/rspamd/lualib/lua_scanners/oletools.lua

 COPY settings.conf /etc/rspamd/settings.conf
 COPY metadata_exporter.lua /usr/share/rspamd/plugins/metadata_exporter.lua
--- a/data/Dockerfiles/sogo/Dockerfile
+++ b/data/Dockerfiles/sogo/Dockerfile
@@ -2,7 +2,7 @@ FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
-ARG SOGO_DEBIAN_REPOSITORY=http://packages.inverse.ca/SOGo/nightly/5/debian/
+ARG SOGO_DEBIAN_REPOSITORY=http://packages.sogo.nu/nightly/5/debian/
 ENV LC_ALL C
 ENV GOSU_VERSION 1.14

@@ -30,7 +30,7 @@ RUN echo "Building from repository $SOGO_DEBIAN_REPOSITORY" \
  && gosu nobody true \
  && mkdir /usr/share/doc/sogo \
  && touch /usr/share/doc/sogo/empty.sh \
-  && apt-key adv --keyserver keyserver.ubuntu.com --recv-key 0x810273C4 \
+  && apt-key adv --keyserver keys.openpgp.org --recv-key 74FFC6D72B925A34B5D356BDF8A27B36A6E2EAE9 \
  && echo "deb ${SOGO_DEBIAN_REPOSITORY} bullseye bullseye" > /etc/apt/sources.list.d/sogo.list \
  && apt-get update && apt-get install -y --no-install-recommends \
    sogo \
--- a/data/Dockerfiles/unbound/Dockerfile
+++ b/data/Dockerfiles/unbound/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/watchdog/Dockerfile
+++ b/data/Dockerfiles/watchdog/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "André Peters <andre.peters@servercow.de>"

 # Installation
--- a/data/assets/nextcloud/nextcloud.conf
+++ b/data/assets/nextcloud/nextcloud.conf
@@ -47,6 +47,14 @@ server {
    return 301 $client_req_scheme_nc://$host/remote.php/dav;
  }

+  location = /.well-known/webfinger {
+    return 301 $client_req_scheme_nc://$host/index.php/.well-known/webfinger;
+  }
+
+  location = /.well-known/nodeinfo {
+    return 301 $client_req_scheme_nc://$host/index.php/.well-known/nodeinfo;
+  }
+
  location ^~ /.well-known/acme-challenge/ {
    default_type "text/plain";
    root /web;
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@@ -194,7 +194,6 @@ plugin {
  fts_solr = url=http://solr:8983/solr/dovecot-fts/
  quota = dict:Userquota::proxy::sqlquota
  quota_rule2 = Trash:storage=+100%%
-  sieve = /var/vmail/sieve/%u.sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_vacation_send_from_recipient = yes
  sieve_redirect_envelope_from = recipient
--- a/data/conf/nginx/includes/site-defaults.conf
+++ b/data/conf/nginx/includes/site-defaults.conf
@@ -65,7 +65,7 @@
  }

  location ~ ^/api/v1/(.*)$ {
-    try_files $uri $uri/ /json_api.php?query=$1;
+    try_files $uri $uri/ /json_api.php?query=$1&$args;
  }

  location ^~ /.well-known/acme-challenge/ {
@@ -163,7 +163,9 @@
    proxy_connect_timeout 75;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;
-    proxy_buffers 64 256k;
+    proxy_buffer_size 128k;
+    proxy_buffers 64 512k;
+    proxy_busy_buffers_size 512k;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
@@ -197,6 +199,9 @@
    proxy_set_header x-webobjects-server-name $server_name;
    proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
    proxy_set_header x-webobjects-server-port $server_port;
+    proxy_buffer_size 128k;
+    proxy_buffers 64 512k;
+    proxy_busy_buffers_size 512k;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;
    client_body_buffer_size 128k;
--- a/data/conf/phpfpm/php-conf.d/opcache-recommended.ini
+++ b/data/conf/phpfpm/php-conf.d/opcache-recommended.ini
@@ -1,6 +1,6 @@
 opcache.enable=1
 opcache.enable_cli=1
-opcache.interned_strings_buffer=8
+opcache.interned_strings_buffer=16
 opcache.max_accelerated_files=10000
 opcache.memory_consumption=128
 opcache.save_comments=1
--- a/data/conf/postfix/postscreen_access.cidr
+++ b/data/conf/postfix/postscreen_access.cidr
@@ -1,53 +1,63 @@
-# Whitelist generated by Postwhite v3.4 on Sun Dec 15 21:16:19 CET 2019
+# Whitelist generated by Postwhite v3.4 on Mon 21 Mar 2022 06:50:26 PM CET
 # https://github.com/stevejenkins/postwhite/
-# 1928 total rules
+# 1898 total rules
 2a00:1450:4000::/36	permit
 2a01:111:f400::/48	permit
 2a01:111:f403::/48	permit
+2a01:4180:4050:0400::/64	permit
+2a01:4180:4050:0800::/64	permit
+2a01:4180:4051:0400::/64	permit
+2a01:4180:4051:0800::/64	permit
 2a02:a60:0:5::/64	permit
 2c0f:fb50:4000::/36	permit
-3.93.157.0/24	permit
 8.20.114.31	permit
 8.25.194.0/23	permit
 8.25.196.0/23	permit
 8.39.54.0/23	permit
 8.40.222.0/23	permit
-8.45.169.0/24	permit
 12.130.86.238	permit
+13.70.32.43	permit
+13.72.50.45	permit
+13.74.143.28	permit
 13.77.161.179	permit
+13.78.233.182	permit
+13.92.31.129	permit
+13.110.208.0/21	permit
+13.110.216.0/22	permit
+13.110.224.0/20	permit
 13.111.0.0/16	permit
-13.111.0.0/22	permit
-13.111.52.0/22	permit
-13.111.63.0/24	permit
-13.111.68.0/24	permit
-13.111.72.0/22	permit
-13.111.92.0/24	permit
-13.111.111.0/24	permit
-17.36.0.0/16	permit
 17.41.0.0/16	permit
+17.57.155.0/24	permit
+17.57.156.0/24	permit
 17.58.0.0/16	permit
 17.110.0.0/15	permit
-17.111.110.0/23	permit
-17.120.0.0/16	permit
-17.133.0.0/16	permit
-17.139.0.0/16	permit
 17.142.0.0/15	permit
-17.151.1.0/24	permit
-17.158.0.0/15	permit
 17.162.0.0/15	permit
 17.164.0.0/16	permit
 17.171.37.0/24	permit
 17.172.0.0/16	permit
 17.179.168.0/23	permit
 18.194.95.56	permit
-18.208.124.128/25	permit
+18.198.96.88	permit
+20.47.149.138	permit
+20.48.0.0/12	permit
+20.52.52.2	permit
+20.52.128.133	permit
+20.63.210.192/28	permit
+20.64.0.0/10	permit
+20.94.180.64/28	permit
+20.185.213.160/27	permit
+20.185.213.224/27	permit
 20.185.214.0/27	permit
 20.185.214.2	permit
 20.185.214.32/27	permit
 20.185.214.64/27	permit
-23.23.237.213	permit
-23.103.131.7	permit
+20.192.0.0/10	permit
+23.100.85.1	permit
 23.103.224.0/19	permit
+23.249.208.0/20	permit
+23.251.224.0/19	permit
+23.253.141.0/24	permit
 23.253.182.0/23	permit
 23.253.182.103	permit
 23.253.183.145	permit
@@ -68,11 +78,11 @@
 27.123.206.56/29	permit
 27.123.206.76/30	permit
 27.123.206.80/28	permit
-27.126.146.0/24	permit
-34.200.123.20	permit
+34.194.25.167	permit
+34.194.144.120	permit
 34.212.163.75	permit
-34.213.104.127	permit
 34.225.212.172	permit
+34.247.168.44	permit
 35.176.132.251	permit
 35.190.247.0/24	permit
 35.191.0.0/16	permit
@@ -80,7 +90,10 @@
 37.218.248.47	permit
 37.218.249.47	permit
 37.218.251.62	permit
+39.156.163.64/29	permit
+40.71.187.0/24	permit
 40.76.4.15	permit
+40.77.102.222	permit
 40.92.0.0/15	permit
 40.97.116.82	permit
 40.97.128.194	permit
@@ -91,18 +104,20 @@
 40.97.161.50	permit
 40.97.164.146	permit
 40.107.0.0/16	permit
+40.112.65.63	permit
 40.112.72.205	permit
 40.113.200.201	permit
+40.117.80.0/24	permit
+40.121.71.46	permit
 41.74.192.0/22	permit
 41.74.196.0/22	permit
 41.74.200.0/23	permit
-41.74.201.0/24	permit
 41.74.204.0/23	permit
-41.74.205.0/24	permit
+41.74.206.0/24	permit
 42.159.163.81	permit
 42.159.163.82	permit
 42.159.163.83	permit
-46.19.168.0/23	permit
+43.228.184.0/22	permit
 46.226.48.0/21	permit
 46.228.36.37	permit
 46.228.36.38/31	permit
@@ -160,26 +175,19 @@
 50.18.125.97	permit
 50.18.125.237	permit
 50.18.126.162	permit
-50.23.218.192/27	permit
 50.31.32.0/19	permit
-50.31.36.197	permit
-50.31.36.199	permit
-50.31.36.205	permit
-50.31.36.208	permit
-50.31.36.213	permit
-50.31.44.111	permit
-50.31.57.54/31	permit
-50.31.57.60	permit
-50.31.57.61	permit
-50.31.57.62	permit
-50.31.60.1	permit
 50.31.156.96/27	permit
 50.31.205.0/24	permit
-50.207.218.237	permit
 51.4.71.62	permit
+51.4.72.0/24	permit
+51.4.80.0/27	permit
+51.5.72.0/24	permit
+51.5.80.0/27	permit
+51.137.58.21	permit
+51.140.75.55	permit
+51.144.100.179	permit
 51.163.158.0/24	permit
-51.163.159.0/24	permit
-52.0.20.102	permit
+51.163.159.21	permit
 52.5.230.59	permit
 52.27.5.72	permit
 52.27.28.47	permit
@@ -190,10 +198,15 @@
 52.41.64.145	permit
 52.60.41.5	permit
 52.60.115.116	permit
+52.82.172.0/22	permit
+52.94.124.0/28	permit
 52.95.48.152/29	permit
 52.95.49.88/29	permit
 52.100.0.0/14	permit
-52.128.40.0/21	permit
+52.119.213.144/28	permit
+52.160.39.140	permit
+52.165.175.144	permit
+52.185.106.240/28	permit
 52.200.59.0/24	permit
 52.205.61.79	permit
 52.207.191.216	permit
@@ -201,26 +214,30 @@
 52.222.73.83	permit
 52.222.73.120	permit
 52.222.75.85	permit
+52.234.172.96/28	permit
+52.236.28.240/28	permit
+52.237.141.173	permit
+52.244.206.214	permit
+52.247.53.144	permit
+52.250.107.196	permit
+52.250.126.174	permit
+52.251.55.143	permit
 54.90.148.255	permit
 54.156.255.69	permit
 54.172.97.247	permit
-54.173.229.38	permit
-54.174.52.0/24	permit
-54.174.53.128/30	permit
-54.174.57.0/24	permit
-54.174.59.0/24	permit
-54.174.60.0/23	permit
-54.174.63.0/24	permit
 54.186.193.102	permit
+54.191.223.5	permit
+54.194.61.95	permit
+54.195.113.45	permit
 54.214.39.184	permit
+54.216.77.168	permit
 54.240.0.0/18	permit
-54.240.40.0/25	permit
-54.240.56.128/26	permit
-54.240.63.0/25	permit
+54.240.64.0/19	permit
+54.240.96.0/19	permit
 54.241.16.209	permit
-54.243.205.80	permit
 54.244.54.130	permit
 54.244.242.0/24	permit
+54.246.232.180	permit
 62.13.128.0/24	permit
 62.13.129.128/25	permit
 62.13.136.0/22	permit
@@ -231,9 +248,9 @@
 62.13.152.0/23	permit
 62.17.146.128/26	permit
 62.140.7.0/24	permit
-62.140.10.0/24	permit
+62.140.10.21	permit
+63.32.13.159	permit
 63.80.14.0/23	permit
-63.111.28.137	permit
 63.128.21.0/24	permit
 63.143.57.128/25	permit
 63.143.59.128/25	permit
@@ -241,9 +258,11 @@
 64.20.241.45	permit
 64.34.47.128/27	permit
 64.34.57.192/26	permit
+64.71.149.160/28	permit
 64.79.155.0/24	permit
-64.79.155.192	permit
-64.89.45.192/30	permit
+64.89.44.85	permit
+64.89.45.80	permit
+64.89.45.194	permit
 64.89.45.196	permit
 64.95.144.196	permit
 64.127.115.252	permit
@@ -265,21 +284,21 @@
 64.207.219.7	permit
 64.207.219.8	permit
 64.207.219.9	permit
-64.207.219.10	permit
-64.207.219.11	permit
-64.207.219.12	permit
+64.207.219.13	permit
+64.207.219.14	permit
+64.207.219.15	permit
 64.207.219.71	permit
 64.207.219.72	permit
 64.207.219.73	permit
-64.207.219.74	permit
-64.207.219.75	permit
-64.207.219.76	permit
+64.207.219.77	permit
+64.207.219.78	permit
+64.207.219.79	permit
 64.207.219.135	permit
 64.207.219.136	permit
 64.207.219.137	permit
-64.207.219.138	permit
-64.207.219.139	permit
-64.207.219.140	permit
+64.207.219.141	permit
+64.207.219.142	permit
+64.207.219.143	permit
 64.233.160.0/19	permit
 65.38.115.76	permit
 65.38.115.84	permit
@@ -288,7 +307,6 @@
 65.54.51.64/26	permit
 65.54.61.64/26	permit
 65.54.121.120/29	permit
-65.54.121.124/31	permit
 65.54.190.0/24	permit
 65.54.241.0/24	permit
 65.55.29.77	permit
@@ -298,7 +316,6 @@
 65.55.52.224/27	permit
 65.55.78.128/25	permit
 65.55.81.48/28	permit
-65.55.81.54/31	permit
 65.55.90.0/24	permit
 65.55.94.0/25	permit
 65.55.111.0/24	permit
@@ -325,9 +342,6 @@
 66.111.4.225	permit
 66.111.4.229	permit
 66.111.4.230	permit
-66.135.202.0/27	permit
-66.135.215.0/24	permit
-66.135.222.1	permit
 66.162.193.226/31	permit
 66.163.184.0/21	permit
 66.163.184.0/24	permit
@@ -358,7 +372,8 @@
 66.196.81.232/31	permit
 66.196.81.234	permit
 66.211.168.230/31	permit
-66.211.184.0/23	permit
+66.211.170.86/31	permit
+66.211.170.88/30	permit
 66.218.74.64/30	permit
 66.218.74.68/31	permit
 66.218.75.112/30	permit
@@ -420,9 +435,7 @@
 67.221.168.65	permit
 67.228.2.24/30	permit
 67.228.21.184/29	permit
-67.228.34.32/27	permit
 67.228.37.4/30	permit
-67.228.50.54/31	permit
 67.231.145.42	permit
 67.231.153.30	permit
 68.142.230.0/24	permit
@@ -432,17 +445,6 @@
 68.142.230.72/30	permit
 68.142.230.76/31	permit
 68.142.230.78	permit
-68.232.131.164	permit
-68.232.131.172	permit
-68.232.131.183	permit
-68.232.131.185	permit
-68.232.143.44	permit
-68.232.145.216	permit
-68.232.148.56	permit
-68.232.148.128	permit
-68.232.148.138	permit
-68.232.157.60	permit
-68.232.157.143	permit
 68.232.192.0/20	permit
 69.63.178.128/25	permit
 69.63.181.0/24	permit
@@ -456,9 +458,9 @@
 69.171.232.0/24	permit
 69.171.244.0/23	permit
 70.37.151.128/25	permit
+70.42.149.0/24	permit
 70.42.149.35	permit
 72.3.185.0/24	permit
-72.3.237.64/28	permit
 72.14.192.0/18	permit
 72.21.192.0/19	permit
 72.21.217.142	permit
@@ -523,8 +525,10 @@
 72.32.154.0/24	permit
 72.32.217.0/24	permit
 72.32.243.0/24	permit
-72.34.168.75	permit
 72.34.168.76	permit
+72.34.168.80	permit
+72.34.168.85	permit
+72.34.168.86	permit
 72.52.72.32/28	permit
 72.52.72.36	permit
 74.6.128.0/21	permit
@@ -536,9 +540,6 @@
 74.6.133.0/24	permit
 74.6.134.0/24	permit
 74.6.135.0/24	permit
-74.63.63.115	permit
-74.63.63.121	permit
-74.63.194.126	permit
 74.63.212.0/24	permit
 74.63.234.75	permit
 74.63.236.0/24	permit
@@ -557,17 +558,9 @@
 74.112.67.243	permit
 74.125.0.0/16	permit
 74.202.227.40	permit
-74.208.4.192/26	permit
-74.208.5.64/26	permit
-74.208.122.0/26	permit
 74.209.250.0/24	permit
 74.209.250.12	permit
-75.126.253.48	permit
-76.223.176.0/24	permit
-76.223.180.0/23	permit
-76.223.188.0/24	permit
-76.223.189.0/24	permit
-76.223.190.0/24	permit
+76.223.176.0/20	permit
 77.238.176.0/22	permit
 77.238.176.0/24	permit
 77.238.177.0/24	permit
@@ -590,13 +583,11 @@
 77.238.189.146/31	permit
 77.238.189.148/30	permit
 81.223.46.0/27	permit
-82.165.159.0/24	permit
-82.165.159.0/26	permit
-82.165.229.130	permit
-82.165.230.22	permit
 84.16.77.1	permit
 85.158.136.0/21	permit
 86.61.88.25	permit
+87.198.219.130	permit
+87.198.219.153	permit
 87.238.80.0/21	permit
 87.248.103.12	permit
 87.248.103.21	permit
@@ -633,11 +624,9 @@
 87.248.117.201	permit
 87.248.117.202	permit
 87.248.117.205	permit
+87.252.219.254	permit
 87.253.232.0/21	permit
 89.22.108.0/24	permit
-91.194.248.0/23	permit
-91.211.240.0/22	permit
-91.211.243.0/24	permit
 91.220.42.0/24	permit
 94.236.119.0/26	permit
 94.245.112.0/27	permit
@@ -649,7 +638,6 @@
 96.43.148.64/28	permit
 96.43.148.64/31	permit
 96.43.151.64/28	permit
-96.46.150.192/27	permit
 98.136.44.181	permit
 98.136.44.182/31	permit
 98.136.44.184	permit
@@ -1152,20 +1140,25 @@
 98.139.245.180/31	permit
 98.139.245.208/30	permit
 98.139.245.212/31	permit
+99.78.197.208/28	permit
+103.2.140.0/22	permit
 103.9.8.121	permit
 103.9.8.122	permit
 103.9.8.123	permit
 103.9.96.0/22	permit
 103.13.69.0/24	permit
-103.28.42.0/24	permit
-103.96.20.0/24	permit
-103.96.22.0/24	permit
+103.47.204.0/22	permit
+103.96.21.0/24	permit
+103.96.23.0/24	permit
+103.151.192.0/23	permit
 103.237.104.0/22	permit
 104.43.243.237	permit
 104.47.0.0/17	permit
 104.130.96.0/28	permit
 104.130.122.0/23	permit
+104.214.25.77	permit
 104.215.148.63	permit
+104.215.186.3	permit
 104.245.209.192/26	permit
 106.10.144.64/27	permit
 106.10.144.100/31	permit
@@ -1291,6 +1284,7 @@
 106.10.242.0/24	permit
 106.10.243.0/24	permit
 106.10.244.0/24	permit
+106.39.212.64/29	permit
 106.50.16.0/28	permit
 108.174.0.0/24	permit
 108.174.0.215	permit
@@ -1302,13 +1296,14 @@
 108.175.30.45	permit
 108.177.8.0/21	permit
 108.177.96.0/19	permit
-108.178.6.0/24	permit
 109.237.142.0/24	permit
 111.221.23.128/25	permit
 111.221.26.0/27	permit
 111.221.66.0/25	permit
 111.221.69.128/25	permit
 111.221.112.0/21	permit
+112.19.199.64/29	permit
+112.19.242.64/29	permit
 116.214.12.0/24	permit
 116.214.12.47	permit
 116.214.12.48/31	permit
@@ -1325,6 +1320,7 @@
 117.120.16.0/21	permit
 119.42.242.52/31	permit
 119.42.242.156	permit
+123.126.78.64/29	permit
 124.47.150.0/24	permit
 124.47.189.0/24	permit
 124.108.96.0/24	permit
@@ -1332,11 +1328,19 @@
 124.108.96.28/31	permit
 124.108.96.70/31	permit
 124.108.96.72/31	permit
+128.17.0.0/20	permit
+128.17.64.0/20	permit
+128.17.128.0/20	permit
+128.17.192.0/20	permit
 128.127.70.0/26	permit
+128.245.0.0/20	permit
+128.245.64.0/20	permit
 129.41.77.70	permit
 129.41.169.249	permit
+129.146.236.58	permit
+129.153.194.228	permit
+129.159.87.137	permit
 130.61.9.72	permit
-130.61.68.235	permit
 130.211.0.0/22	permit
 130.248.172.0/24	permit
 130.248.173.0/24	permit
@@ -1345,8 +1349,10 @@
 131.253.121.0/26	permit
 131.253.121.20	permit
 131.253.121.52	permit
-132.145.11.129	permit
 132.145.13.209	permit
+132.226.26.225	permit
+132.226.49.32	permit
+132.226.56.24	permit
 134.170.27.8	permit
 134.170.113.0/26	permit
 134.170.141.64/26	permit
@@ -1356,21 +1362,27 @@
 135.84.82.0/24	permit
 135.84.216.0/22	permit
 136.143.182.0/23	permit
-136.143.188.0/23	permit
+136.143.184.0/24	permit
+136.143.188.0/24	permit
 136.147.128.0/20	permit
 136.147.135.0/24	permit
 136.147.176.0/20	permit
 136.147.176.0/24	permit
 136.147.182.0/24	permit
+138.91.172.26	permit
 139.60.152.0/22	permit
 139.178.64.159	permit
 139.178.64.195	permit
-139.180.17.0/24	permit
 141.193.32.0/23	permit
+143.55.224.0/21	permit
+143.55.232.0/22	permit
+143.55.236.0/22	permit
+144.178.36.0/24	permit
+144.178.38.0/24	permit
 146.20.112.0/26	permit
 146.20.113.0/24	permit
 146.20.191.0/24	permit
-146.88.28.0/24	permit
+146.20.215.0/24	permit
 146.101.78.0/24	permit
 147.75.65.173	permit
 147.75.65.174	permit
@@ -1384,10 +1396,7 @@
 148.105.0.14	permit
 148.105.8.0/21	permit
 149.72.0.0/16	permit
-151.101.1.140	permit
-151.101.65.140	permit
-151.101.129.140	permit
-151.101.193.140	permit
+152.67.105.195	permit
 157.55.0.192/26	permit
 157.55.1.128/26	permit
 157.55.2.0/25	permit
@@ -1397,6 +1406,7 @@
 157.55.61.0/24	permit
 157.55.157.128/25	permit
 157.55.225.0/25	permit
+157.55.254.216	permit
 157.56.24.0/25	permit
 157.56.120.128/26	permit
 157.56.232.0/21	permit
@@ -1405,21 +1415,26 @@
 157.58.196.96/29	permit
 157.58.249.3	permit
 157.151.208.65	permit
-158.247.16.0/20	permit
+157.255.1.64/29	permit
+159.92.157.0/24	permit
+159.92.158.0/24	permit
+159.92.159.0/24	permit
+159.92.160.0/24	permit
+159.92.161.0/24	permit
+159.92.162.0/24	permit
+159.135.132.128/25	permit
+159.135.140.80/29	permit
 159.135.224.0/20	permit
-161.38.192.0/22	permit
-161.38.196.0/22	permit
-161.71.32.0/21	permit
+159.183.0.0/16	permit
+161.38.192.0/20	permit
+161.38.204.0/22	permit
+161.71.32.0/19	permit
+161.71.64.0/20	permit
 162.208.119.181	permit
 162.247.216.0/22	permit
-162.248.184.121	permit
-162.248.184.122	permit
-162.248.185.121	permit
-162.248.185.122	permit
-162.248.186.121	permit
-162.248.186.122	permit
-163.47.180.0/22	permit
+163.47.180.0/23	permit
 163.114.130.16	permit
+163.114.132.120	permit
 166.78.68.0/22	permit
 166.78.68.221	permit
 166.78.69.146	permit
@@ -1427,16 +1442,7 @@
 166.78.69.170	permit
 166.78.71.131	permit
 167.89.0.0/17	permit
-167.89.2.4	permit
-167.89.22.44	permit
-167.89.25.84	permit
-167.89.31.192/29	permit
-167.89.32.5	permit
-167.89.32.50	permit
 167.89.46.159	permit
-167.89.46.185	permit
-167.89.60.95	permit
-167.89.62.118	permit
 167.89.64.9	permit
 167.89.65.0	permit
 167.89.65.53	permit
@@ -1448,22 +1454,15 @@
 167.89.75.164	permit
 167.89.101.2	permit
 167.89.101.192/28	permit
-167.89.107.125	permit
-167.89.107.127	permit
-167.89.107.129	permit
-167.89.107.136	permit
-167.216.129.170	permit
-167.216.129.182/31	permit
-167.216.129.184/29	permit
-167.216.129.192/29	permit
-167.216.129.200	permit
-167.216.129.205	permit
-167.216.129.206/31	permit
-167.216.129.208/31	permit
 167.216.129.210	permit
+167.216.131.180	permit
 167.220.67.232/29	permit
 167.220.67.238	permit
+168.138.5.36	permit
 168.245.0.0/17	permit
+170.10.68.0/22	permit
+170.10.129.0/24	permit
+170.10.133.0/24	permit
 172.217.0.0/19	permit
 172.217.32.0/20	permit
 172.217.128.0/19	permit
@@ -1473,8 +1472,6 @@
 172.253.112.0/20	permit
 173.0.84.224/27	permit
 173.0.94.244/30	permit
-173.193.132.134/31	permit
-173.193.210.32/27	permit
 173.194.0.0/16	permit
 173.203.79.182	permit
 173.203.81.39	permit
@@ -1482,7 +1479,6 @@
 173.224.160.188	permit
 173.224.161.128/25	permit
 173.228.155.0/24	permit
-173.236.20.0/24	permit
 174.36.84.8/29	permit
 174.36.84.16/29	permit
 174.36.84.32/29	permit
@@ -1494,30 +1490,25 @@
 174.36.114.148/30	permit
 174.36.114.152/29	permit
 174.37.67.28/30	permit
-174.37.226.64/27	permit
-174.129.194.241	permit
 174.129.203.189	permit
-174.137.46.0/24	permit
 176.32.105.0/24	permit
 176.32.127.0/24	permit
 178.236.10.128/26	permit
 180.189.28.0/24	permit
 182.50.76.0/22	permit
 182.50.78.64/28	permit
-184.173.105.0/24	permit
-184.173.153.0/24	permit
-185.4.120.0/24	permit
-185.4.122.0/24	permit
+183.240.219.64/29	permit
 185.12.80.0/22	permit
 185.28.196.0/22	permit
-185.58.84.0/24	permit
-185.58.87.0/24	permit
+185.58.84.93	permit
+185.58.85.0/24	permit
+185.58.86.0/24	permit
 185.72.128.75	permit
 185.72.128.76	permit
+185.72.128.80	permit
 185.80.93.204	permit
 185.80.93.227	permit
 185.80.95.31	permit
-185.90.20.0/22	permit
 185.189.236.0/22	permit
 185.211.120.0/22	permit
 185.250.236.0/22	permit
@@ -1577,7 +1568,6 @@
 192.64.236.0/24	permit
 192.64.237.0/24	permit
 192.64.238.0/24	permit
-192.92.97.0/24	permit
 192.161.144.0/20	permit
 192.162.87.0/24	permit
 192.237.158.0/23	permit
@@ -1589,37 +1579,34 @@
 192.254.113.10	permit
 192.254.113.101	permit
 192.254.114.176	permit
-192.254.115.72	permit
 192.254.118.63	permit
-192.254.127.96/27	permit
+193.7.206.0/25	permit
+193.7.207.0/25	permit
 193.109.254.0/23	permit
-194.64.234.128/27	permit
+193.122.128.100	permit
 194.64.234.129	permit
+194.104.109.0/24	permit
+194.104.111.0/24	permit
 194.106.220.0/23	permit
-194.113.24.0/22	permit
 194.154.193.192/27	permit
-195.54.172.0/23	permit
 195.130.217.0/24	permit
+195.234.109.226	permit
 195.245.230.0/23	permit
 198.2.128.0/18	permit
 198.2.128.0/24	permit
 198.2.132.0/22	permit
 198.2.136.0/23	permit
+198.2.145.0/24	permit
 198.2.177.0/24	permit
-198.2.178.0/24	permit
-198.2.179.0/24	permit
+198.2.178.0/23	permit
 198.2.180.0/24	permit
 198.2.186.0/23	permit
 198.21.0.0/21	permit
-198.21.3.166	permit
-198.21.4.224	permit
 198.37.144.0/20	permit
-198.37.145.250	permit
-198.37.146.118/31	permit
-198.37.149.128	permit
-198.37.151.26	permit
+198.37.152.186	permit
 198.61.254.0/23	permit
 198.61.254.231	permit
+198.74.56.28	permit
 198.178.234.57	permit
 198.245.80.0/20	permit
 198.245.81.0/24	permit
@@ -1636,18 +1623,15 @@
 199.122.120.0/21	permit
 199.122.123.0/24	permit
 199.127.232.0/22	permit
-199.201.64.23	permit
-199.201.65.23	permit
 199.255.192.0/22	permit
 202.129.242.0/23	permit
 202.165.102.47	permit
 202.177.148.100	permit
 202.177.148.110	permit
+203.31.36.0/22	permit
 203.32.4.25	permit
-203.55.21.0/24	permit
 203.81.17.0/24	permit
 203.122.32.250	permit
-203.145.57.160/27	permit
 203.188.194.32	permit
 203.188.194.151	permit
 203.188.194.203	permit
@@ -1680,32 +1664,30 @@
 203.188.201.12/30	permit
 203.209.230.75	permit
 203.209.230.76/31	permit
-204.2.193.0/29	permit
 204.11.168.0/21	permit
 204.13.11.48/29	permit
-204.13.11.48/30	permit
 204.14.232.0/21	permit
 204.14.232.64/28	permit
 204.14.234.64/28	permit
 204.29.186.0/23	permit
-204.75.142.0/24	permit
 204.79.197.212	permit
 204.92.114.187	permit
 204.92.114.203	permit
 204.92.114.204/31	permit
 204.141.32.0/23	permit
 204.141.42.0/23	permit
-204.153.120.0/23	permit
+204.153.121.0/24	permit
+204.232.168.0/24	permit
 205.139.110.0/24	permit
-205.139.111.0/24	permit
 205.201.128.0/20	permit
 205.201.131.128/25	permit
 205.201.134.128/25	permit
 205.201.136.0/23	permit
-205.201.137.229	permit
 205.201.139.0/24	permit
 205.207.104.0/22	permit
 205.207.104.108	permit
+205.220.167.17	permit
+205.220.179.17	permit
 205.251.233.32	permit
 205.251.233.36	permit
 206.25.247.143	permit
@@ -1727,6 +1709,8 @@
 207.46.132.128/27	permit
 207.46.198.0/25	permit
 207.46.200.0/27	permit
+207.46.225.107	permit
+207.58.147.64/28	permit
 207.67.38.0/24	permit
 207.67.98.192/27	permit
 207.68.176.0/26	permit
@@ -1734,7 +1718,8 @@
 207.82.80.0/24	permit
 207.126.144.0/20	permit
 207.171.160.0/19	permit
-207.211.30.0/24	permit
+207.211.30.64/26	permit
+207.211.30.128/25	permit
 207.211.31.0/25	permit
 207.211.41.113	permit
 207.218.90.0/24	permit
@@ -1743,7 +1728,7 @@
 208.43.21.28/30	permit
 208.43.21.64/29	permit
 208.43.21.72/30	permit
-208.43.239.136/30	permit
+208.46.212.80	permit
 208.46.212.208/31	permit
 208.46.212.210	permit
 208.64.132.0/22	permit
@@ -1773,13 +1758,13 @@
 208.71.42.212/31	permit
 208.71.42.214	permit
 208.72.249.240/29	permit
-208.74.204.0/22	permit
 208.74.204.9	permit
 208.75.120.0/22	permit
 208.75.122.246	permit
-208.82.236.96/28	permit
-208.82.237.96/28	permit
-208.82.238.96/28	permit
+208.82.237.96/29	permit
+208.82.237.104/31	permit
+208.82.238.96/29	permit
+208.82.238.104/31	permit
 208.85.50.137	permit
 208.117.48.0/20	permit
 208.185.229.45	permit
@@ -1792,10 +1777,10 @@
 209.67.98.59	permit
 209.85.128.0/17	permit
 212.4.136.0/26	permit
-212.25.240.75	permit
-212.25.240.76	permit
+212.25.240.80	permit
 212.25.240.83	permit
-212.25.240.84	permit
+212.25.240.84/31	permit
+212.25.240.88	permit
 212.82.96.0/24	permit
 212.82.96.32/27	permit
 212.82.96.64/29	permit
@@ -1836,13 +1821,8 @@
 212.82.111.228/31	permit
 212.82.111.230	permit
 212.123.28.40	permit
-212.227.15.0/24	permit
-212.227.15.0/25	permit
-212.227.17.0/27	permit
-212.227.126.128/25	permit
-213.165.64.0/23	permit
-213.167.75.0/24	permit
-213.167.81.0/24	permit
+213.167.75.0/25	permit
+213.167.81.0/25	permit
 213.199.128.139	permit
 213.199.128.145	permit
 213.199.138.181	permit
@@ -1851,6 +1831,7 @@
 213.199.177.0/26	permit
 216.17.150.242	permit
 216.17.150.251	permit
+216.22.15.224/27	permit
 216.24.224.0/20	permit
 216.39.60.0/23	permit
 216.39.60.154/31	permit
@@ -1877,17 +1858,9 @@
 216.39.62.60/31	permit
 216.39.62.136/29	permit
 216.39.62.144/31	permit
-216.46.168.197	permit
-216.46.168.222	permit
-216.52.185.88/29	permit
+216.46.168.0/24	permit
 216.58.192.0/19	permit
 216.66.217.240/29	permit
-216.71.96.0/22	permit
-216.71.152.175	permit
-216.71.152.207	permit
-216.71.154.29	permit
-216.71.155.88	permit
-216.71.155.89	permit
 216.74.162.13	permit
 216.74.162.14	permit
 216.82.240.0/20	permit
@@ -1897,9 +1870,6 @@
 216.109.114.0/24	permit
 216.109.114.32/27	permit
 216.109.114.64/29	permit
-216.113.160.0/24	permit
-216.113.172.0/25	permit
-216.113.175.0/24	permit
 216.128.126.97	permit
 216.136.162.65	permit
 216.136.162.120/29	permit
@@ -1909,14 +1879,13 @@
 216.203.33.178/31	permit
 216.205.24.0/24	permit
 216.239.32.0/19	permit
-217.72.192.64/26	permit
-217.72.192.248/29	permit
-217.72.207.0/27	permit
 217.77.141.52	permit
 217.77.141.59	permit
-217.175.193.0/24	permit
-217.175.194.0/23	permit
-217.175.196.0/24	permit
+222.73.195.64/29	permit
+223.165.113.0/24	permit
+223.165.115.0/24	permit
+223.165.118.0/23	permit
+223.165.120.0/23	permit
 2001:4860:4000::/36	permit
 2404:6800:4000::/36	permit
 2607:f8b0:4000::/36	permit
@@ -1925,6 +1894,7 @@
 2620:109:c006:104::215	permit
 2620:109:c006:104::/64	permit
 2620:109:c00d:104::/64	permit
+2620:10d:c090:450::120	permit
 2620:10d:c091:450::16	permit
 2620:119:50c0:207::215	permit
 2620:119:50c0:207::/64	permit
--- a/data/conf/rspamd/local.d/groups.conf
+++ b/data/conf/rspamd/local.d/groups.conf
@@ -18,6 +18,9 @@ symbols {
  "ENCRYPTED_CHAT" {
    score = -20.0;
  }
+  "SOGO_CONTACT" {
+    score = -99.0;
+  }
 }

 group "MX" {
--- a/data/conf/rspamd/local.d/neural.conf
+++ b/data/conf/rspamd/local.d/neural.conf
@@ -1,24 +0,0 @@
-rules {
-  "LONG" {
-    train {
-      max_trains = 200;
-      max_usages = 20;
-      max_iterations = 25;
-      learning_rate = 0.01,
-    }
-    symbol_spam = "NEURAL_SPAM_LONG";
-    symbol_ham = "NEURAL_HAM_LONG";
-    ann_expire = 45d;
-  }
-  "SHORT" {
-    train {
-      max_trains = 100;
-      max_usages = 10;
-      max_iterations = 15;
-      learning_rate = 0.01,
-    }
-    symbol_spam = "NEURAL_SPAM_SHORT";
-    symbol_ham = "NEURAL_HAM_SHORT";
-    ann_expire = 7d;
-  }
-}
--- a/data/conf/rspamd/local.d/neural_group.conf
+++ b/data/conf/rspamd/local.d/neural_group.conf
@@ -1,18 +0,0 @@
-symbols = {
-  "NEURAL_SPAM_LONG" {
-    weight = 3.7; # sample weight
-    description = "Neural network spam (long)";
-  }
-  "NEURAL_HAM_LONG" {
-    weight = -4.0; # sample weight
-    description = "Neural network ham (long)";
-  }
-  "NEURAL_SPAM_SHORT" {
-    weight = 2.5; # sample weight
-    description = "Neural network spam (short)";
-  }
-  "NEURAL_HAM_SHORT" {
-    weight = -2.0; # sample weight
-    description = "Neural network ham (short)";
-  }
-}
--- a/data/conf/rspamd/lua/ivm-sg.lua
+++ b/data/conf/rspamd/lua/ivm-sg.lua
@@ -1,61 +0,0 @@
-- Thanks to https://raw.githubusercontent.com/fatalbanana
-
-local lua_maps = require 'lua_maps'
-local rspamd_regexp = require 'rspamd_regexp'
-local rspamd_util = require 'rspamd_util'
-
-local ivm_sendgrid_ids = lua_maps.map_add_from_ucl(
-  'https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt',
-  'set',
-  'Invaluement Service Provider DNSBL: Sendgrid IDs'
-)
-
-local ivm_sendgrid_envfromdomains = lua_maps.map_add_from_ucl(
-  'https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt',
-  'set',
-  'Invaluement Service Provider DNSBL: Sendgrid envelope domains'
-)
-
-local cb_id = rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID',
-  callback = function(task)
-    -- Is it Sendgrid?
-    local sg_hdr = task:get_header('X-SG-EID')
-    if not sg_hdr then return end
-
-    -- Get original envelope from
-    local env_from = task:get_from{'smtp', 'orig'}
-    if not env_from then return end
-
-    -- Check normalised domain in domains list
-    if ivm_sendgrid_envfromdomains and ivm_sendgrid_envfromdomains:get_key(rspamd_util.get_tld(env_from[1].domain)) then
-      task:insert_result('IVM_SENDGRID_DOMAIN', 1.0)
-    end
-
-    -- Check ID in ID list
-    local lp_re = rspamd_regexp.create_cached([[^bounces\+(\d+)-]])
-    local res = lp_re:search(env_from[1].user, true, true)
-    if not res then return end
-    if ivm_sendgrid_ids and ivm_sendgrid_ids:get_key(res[1][2]) then
-      task:insert_result('IVM_SENDGRID_ID', 1.0)
-    end
-  end,
-  description = 'Invaluement Service Provider DNSBL: Sendgrid',
-  type = 'callback',
-})
-
-rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID_DOMAIN',
-  parent = cb_id,
-  group = 'ivmspdnsbl',
-  score = 8.0,
-  type = 'virtual',
-})
-
-rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID_ID',
-  parent = cb_id,
-  group = 'ivmspdnsbl',
-  score = 8.0,
-  type = 'virtual',
-})
--- a/data/web/api/index.html
+++ b/data/web/api/index.html
@@ -39,7 +39,7 @@
    window.onload = function() {
      // Begin Swagger UI call region
      const ui = SwaggerUIBundle({
-        url: "/api/openapi.yaml",
+        urls: [{url: "/api/openapi.yaml", name: "mailcow API"}],
        dom_id: '#swagger-ui',
        deepLinking: true,
        presets: [
--- a/data/web/api/openapi.yaml
+++ b/data/web/api/openapi.yaml
@@ -209,10 +209,17 @@ paths:
                        - app_passwd
                        - add
                        - active: "1"
-                          app_name: emclient
+                          username: info@domain.tld
+                          app_name: wordpress
                          app_passwd: keyleudecticidechothistishownsan31
                          app_passwd2: keyleudecticidechothistishownsan31
-                          username: hello@mailcow.email
+                          protocols:
+                            - imap_access
+                            - dav_access
+                            - smtp_access
+                            - eas_access
+                            - pop3_access
+                            - sieve_access
                      msg: app_passwd_added
                      type: success
              schema:
@@ -249,6 +256,13 @@ paths:
                app_name: wordpress
                app_passwd: keyleudecticidechothistishownsan31
                app_passwd2: keyleudecticidechothistishownsan31
+                protocols:
+                  - imap_access
+                  - dav_access
+                  - smtp_access
+                  - eas_access
+                  - pop3_access
+                  - sieve_access
              properties:
                active:
                  description: is alias active or not
@@ -497,27 +511,30 @@ paths:
                          relay_all_recipients: "0"
                          rl_frame: s
                          rl_value: "10"
+                          tags: ["tag1", "tag2"]
                        - null
                      msg:
                        - domain_added
                        - domain.tld
                      type: success
              schema:
-                properties:
-                  log:
-                    description: contains request object
-                    items: {}
-                    type: array
-                  msg:
-                    items: {}
-                    type: array
-                  type:
-                    enum:
-                      - success
-                      - danger
-                      - error
-                    type: string
-                type: object
+                type: array
+                items:
+                  type: object
+                  properties:
+                    log:
+                      description: contains request object
+                      items: {}
+                      type: array
+                    msg:
+                      items: {}
+                      type: array
+                    type:
+                      enum:
+                        - success
+                        - danger
+                        - error
+                      type: string
          description: OK
          headers: {}
      tags:
@@ -544,6 +561,7 @@ paths:
                rl_frame: s
                rl_value: "10"
                restart_sogo: "10"
+                tags: ["tag1", "tag2"]
              properties:
                active:
                  description: is domain active or not
@@ -563,6 +581,11 @@ paths:
                domain:
                  description: Fully qualified domain name
                  type: string
+                gal:
+                  description: >-
+                    is domain global address list active or not, it enables
+                    shared contacts accross domain in SOGo webmail
+                  type: boolean
                mailboxes:
                  description: limit count of mailboxes associated with this domain
                  type: number
@@ -580,6 +603,9 @@ paths:
                    if not, them you have to create "dummy" mailbox for each
                    address to relay
                  type: boolean
+                relay_unknown_only:
+                  description: Relay non-existing mailboxes only. Existing mailboxes will be delivered locally.
+                  type: boolean
                rl_frame:
                  enum:
                    - s
@@ -590,6 +616,11 @@ paths:
                rl_value:
                  description: rate limit value
                  type: number
+                tags:
+                  description: tags for this Domain
+                  type: array
+                  items:
+                    type: string
              type: object
      summary: Create domain
  /api/v1/add/domain-admin:
@@ -1010,6 +1041,7 @@ paths:
                          force_pw_update: "1"
                          tls_enforce_in: "1"
                          tls_enforce_out: "1"
+                          tags: ["tag1", "tag2"]
                        - null
                      msg:
                        - mailbox_added
@@ -1054,6 +1086,7 @@ paths:
                force_pw_update: "1"
                tls_enforce_in: "1"
                tls_enforce_out: "1"
+                tags: ["tag1", "tag2"]
              properties:
                active:
                  description: is mailbox active or not
@@ -1934,21 +1967,23 @@ paths:
                        - domain2.tld
                      type: success
              schema:
-                properties:
-                  log:
-                    description: contains request object
-                    items: {}
-                    type: array
-                  msg:
-                    items: {}
-                    type: array
-                  type:
-                    enum:
-                      - success
-                      - danger
-                      - error
-                    type: string
-                type: object
+                type: array
+                items:
+                  type: object
+                  properties:
+                    log:
+                      description: contains request object
+                      items: {}
+                      type: array
+                    msg:
+                      items: {}
+                      type: array
+                    type:
+                      enum:
+                        - success
+                        - danger
+                        - error
+                      type: string
          description: OK
          headers: {}
      tags:
@@ -1959,14 +1994,15 @@ paths:
        content:
          application/json:
            schema:
+              type: object
              example:
                - domain.tld
                - domain2.tld
              properties:
                items: 
-                  description: contains list of domains you want to delete
-                  type: object
-              type: object
+                  type: array
+                  items:
+                    type: string
      summary: Delete domain
  /api/v1/delete/domain-admin:
    post:
@@ -2716,6 +2752,140 @@ paths:
                  type: object
              type: object
      summary: Delete Transport Maps
+  "/api/v1/delete/mailbox/tag/{mailbox}":
+    post:
+      parameters:
+        - description: name of mailbox
+          in: path
+          name: mailbox
+          example: info@domain.tld
+          required: true
+          schema:
+            type: string
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    - log:
+                        - mailbox
+                        - delete
+                        - tags_mailbox
+                        - tags:
+                          - tag1
+                          - tag2
+                          mailbox: info@domain.tld
+                        - null
+                      msg:
+                        - mailbox_modified
+                        - info@domain.tld
+                      type: success
+              schema:
+                properties:
+                  log:
+                    description: contains request object
+                    items: {}
+                    type: array
+                  msg:
+                    items: {}
+                    type: array
+                  type:
+                    enum:
+                      - success
+                      - danger
+                      - error
+                    type: string
+                type: object
+          description: OK
+          headers: {}
+      tags:
+        - Mailboxes
+      description: You can delete one or more mailbox tags.
+      operationId: Delete mailbox tags
+      requestBody:
+        content:
+          application/json:
+            schema:
+              example:
+                - tag1
+                - tag2
+              properties:
+                items:
+                  description: contains list of mailboxes you want to delete
+                  type: object
+              type: object
+      summary: Delete mailbox tags
+  "/api/v1/delete/domain/tag/{domain}":
+    post:
+      parameters:
+        - description: name of domain
+          in: path
+          name: domain
+          example: domain.tld
+          required: true
+          schema:
+            type: string
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    - log:
+                        - mailbox
+                        - delete
+                        - tags_domain
+                        - tags:
+                          - tag1
+                          - tag2
+                          domain: domain.tld
+                        - null
+                      msg:
+                        - domain_modified
+                        - domain.tld
+                      type: success
+              schema:
+                properties:
+                  log:
+                    description: contains request object
+                    items: {}
+                    type: array
+                  msg:
+                    items: {}
+                    type: array
+                  type:
+                    enum:
+                      - success
+                      - danger
+                      - error
+                    type: string
+                type: object
+          description: OK
+          headers: {}
+      tags:
+        - Domains
+      description: You can delete one or more domain tags.
+      operationId: Delete domain tags
+      requestBody:
+        content:
+          application/json:
+            schema:
+              example:
+                - tag1
+                - tag2
+              properties:
+                items:
+                  description: contains list of domains you want to delete
+                  type: object
+              type: object
+      summary: Delete domain tags
  /api/v1/edit/alias:
    post:
      responses:
@@ -2820,23 +2990,25 @@ paths:
          $ref: "#/components/responses/Unauthorized"
        "200":
          content:
-            "*/*":
+            application/json:
              schema:
-                properties:
-                  log:
-                    description: contains request object
-                    items: {}
-                    type: array
-                  msg:
-                    items: {}
-                    type: array
-                  type:
-                    enum:
-                      - success
-                      - danger
-                      - error
-                    type: string
-                type: object
+                type: array
+                items: 
+                  type: object
+                  properties:
+                    log:
+                      type: array
+                      description: contains request object
+                      items: {}
+                    msg:
+                      type: array
+                      items: {}
+                    type:
+                      enum:
+                        - success
+                        - danger
+                        - error
+                      type: string
          description: OK
          headers: {}
      tags:
@@ -2865,6 +3037,7 @@ paths:
                  quota: "10240"
                  relay_all_recipients: "0"
                  relayhost: "2"
+                  tags: ["tag3", "tag4"]
                items: domain.tld
              properties:
                attr:
@@ -2903,13 +3076,33 @@ paths:
                        if not, them you have to create "dummy" mailbox for each
                        address to relay
                      type: boolean
+                    relay_unknown_only:
+                      description: Relay non-existing mailboxes only. Existing mailboxes will be delivered locally.
+                      type: boolean
                    relayhost:
                      description: id of relayhost
                      type: number
+                    rl_frame:
+                      enum:
+                        - s
+                        - m
+                        - h
+                        - d
+                      type: string
+                    rl_value:
+                      description: rate limit value
+                      type: number
+                    tags:
+                      description: tags for this Domain
+                      type: array
+                      items:
+                        type: string
                  type: object
                items:
                  description: contains list of domain names you want update
-                  type: object
+                  type: array
+                  items:
+                    type: string
              type: object
      summary: Update domain
  /api/v1/edit/fail2ban:
@@ -3019,6 +3212,7 @@ paths:
                          sogo_access: "1"
                          username:
                            - info@domain.tld
+                          tags: ["tag3", "tag4"]
                        - null
                      msg:
                        - mailbox_modified
@@ -3066,6 +3260,7 @@ paths:
                    - domain3.tld
                    - "*"
                  sogo_access: "1"
+                  tags: ["tag3", "tag4"]
                items:
                  - info@domain.tld
              properties:
@@ -3793,6 +3988,13 @@ paths:
              - all
              - mailcow.tld
            type: string
+        - description: comma seperated list of tags to filter by
+          example: "tag1,tag2"
+          in: query
+          name: tags
+          required: false
+          schema:
+            type: string
        - description: e.g. api-key-string
          example: api-key-string
          in: header
@@ -3831,6 +4033,7 @@ paths:
                      relay_all_recipients: "0"
                      relayhost: "0"
                      rl: false
+                      tags: ["tag1", "tag2"]
                    - active: "1"
                      aliases_in_domain: 0
                      aliases_left: 400
@@ -3853,6 +4056,7 @@ paths:
                      relay_all_recipients: "0"
                      relayhost: "0"
                      rl: false
+                      tags: ["tag3", "tag4"]
          description: OK
          headers: {}
      tags:
@@ -4345,6 +4549,13 @@ paths:
              - all
              - user@domain.tld
            type: string
+        - description: comma seperated list of tags to filter by
+          example: "tag1,tag2"
+          in: query
+          name: tags
+          required: false
+          schema:
+            type: string
        - description: e.g. api-key-string
          example: api-key-string
          in: header
@@ -4382,6 +4593,7 @@ paths:
                      rl: false
                      spam_aliases: 0
                      username: info@doman3.tld
+                      tags: ["tag1", "tag2"]
          description: OK
          headers: {}
      tags:
@@ -4805,7 +5017,7 @@ paths:
            schema:
              example:
                attr:
-                  rl_vlaue: "10"
+                  rl_value: "10"
                  rl_frame: "h"
                items:
                  - info@domain.tld
@@ -4815,7 +5027,7 @@ paths:
                    rl_frame:
                      description: contains the frame for the ratelimit h,s,m
                      type: string
-                    rl_vlaue:
+                    rl_value:
                      description: contains the rate for the ratelimit 10,20,50,1
                      type: number
                  type: object
@@ -4876,7 +5088,7 @@ paths:
            schema:
              example:
                attr:
-                  rl_vlaue: "10"
+                  rl_value: "10"
                  rl_frame: "h"
                items:
                  - domain.tld
@@ -4886,7 +5098,7 @@ paths:
                    rl_frame:
                      description: contains the frame for the ratelimit h,s,m
                      type: string
-                    rl_vlaue:
+                    rl_value:
                      description: contains the rate for the ratelimit 10,20,50,1
                      type: number
                  type: object
@@ -5072,6 +5284,27 @@ paths:
        of used storage.
      operationId: Get vmail status
      summary: Get vmail status
+  /api/v1/get/status/version:
+    get:
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    version: "2022-04"
+          description: OK
+          headers: {}
+      tags:
+        - Status
+      description: >-
+        Using this endpoint you can get the current running release of this
+        instance.
+      operationId: Get version status
+      summary: Get version status
  /api/v1/get/syncjobs/all/no_log:
    get:
      responses:
--- a/data/web/autodiscover.php
+++ b/data/web/autodiscover.php
@@ -68,7 +68,7 @@ if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
  exit(0);
 }

-$login_role = check_login($login_user, $login_pass, true);
+$login_role = check_login($login_user, $login_pass, array('eas' => TRUE));

 if ($login_role === "user") {
  header("Content-Type: application/xml");
--- a/data/web/css/build/008-mailcow.css
+++ b/data/web/css/build/008-mailcow.css
@@ -202,6 +202,12 @@ legend {
  margin-top: 27px;
  margin-bottom: 20px;
  color: #959595;
+  display: flex;
+  flex-direction: column;
+}
+.footer .version {
+    margin-left: auto;
+	margin-top: 20px;
 }
 .slave-info {
  padding: 15px 0px 15px 15px;
@@ -226,6 +232,9 @@ table.footable>tbody>tr.footable-empty>td {
  font-style:italic;
  font-size: 1rem;
 }
+table>tbody>tr>td>span.footable-toggle {
+  opacity: 0.75;
+}
 .navbar-nav > li {
  font-size: 1rem !important;
 }
@@ -250,3 +259,52 @@ code {
 .flag-icon {
  margin-right: 5px;
 }
+
+.list-group-item.webauthn-authenticator-selection,
+.list-group-item.totp-authenticator-selection,
+.list-group-item.yubi_otp-authenticator-selection {
+  border-radius: 0px !important;
+}
+.pending-tfa-collapse {
+  padding: 10px;
+  background: #fbfbfb;
+  border: 1px solid #ededed;
+  min-height: 110px;
+}
+
+.tag-box {
+  display: flex;
+  flex-wrap: wrap;
+  height: auto;
+}
+.tag-badge {
+  transition: 200ms linear;
+  margin-top: 5px;
+  margin-bottom: 5px;
+  margin-left: 2px;
+  margin-right: 2px;
+}
+.tag-badge.btn-badge {
+  cursor: pointer;
+}
+.tag-badge .bi {
+  font-size: 12px;
+}
+.tag-badge.btn-badge:hover {
+  filter: brightness(0.9);
+}
+.tag-input {
+  margin-left: 10px;
+  border: 0;
+  flex: 1;
+  height: 24px;
+  min-width: 150px;
+}
+.tag-input:focus {
+  outline: none;
+}
+.tag-add {
+  padding: 0 5px 0 5px;
+  align-items: center;
+  display: inline-flex;
+}
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -54,6 +54,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
          'rl' => $rl,
          'rlyhosts' => $rlyhosts,
          'dkim' => dkim('details', $domain),
+          'domain_details' => $result,
        ];
    }
    elseif (isset($_GET['oauth2client']) &&
@@ -99,6 +100,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
        'rlyhosts' => $rlyhosts,
        'sender_acl_handles' => mailbox('get', 'sender_acl_handles', $mailbox),
        'user_acls' => acl('get', 'user', $mailbox),
+        'mailbox_details' => $result
      ];
    }
    elseif (isset($_GET['relayhost']) && is_numeric($_GET["relayhost"]) && !empty($_GET["relayhost"])) {
--- a/data/web/inc/ajax/destroy_tfa_auth.php
+++ b/data/web/inc/ajax/destroy_tfa_auth.php
@@ -2,5 +2,5 @@
 session_start();
 unset($_SESSION['pending_mailcow_cc_username']);
 unset($_SESSION['pending_mailcow_cc_role']);
-unset($_SESSION['pending_tfa_method']);
+unset($_SESSION['pending_tfa_methods']);
 ?>
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -23,9 +23,43 @@ if (is_array($alertbox_log_parser)) {
  unset($_SESSION['return']);
 }

+// map tfa details for twig
+$pending_tfa_authmechs = [];
+foreach($_SESSION['pending_tfa_methods'] as $authdata){
+  $pending_tfa_authmechs[$authdata['authmech']] = false;
+}
+if (isset($pending_tfa_authmechs['webauthn'])) {
+  $pending_tfa_authmechs['webauthn'] = true;
+}
+if (!isset($pending_tfa_authmechs['webauthn']) 
+    && isset($pending_tfa_authmechs['yubi_otp'])) {
+  $pending_tfa_authmechs['yubi_otp'] = true;
+}
+if (!isset($pending_tfa_authmechs['webauthn']) 
+    && !isset($pending_tfa_authmechs['yubi_otp'])
+    && isset($pending_tfa_authmechs['totp'])) {
+  $pending_tfa_authmechs['totp'] = true;
+}
+if (isset($pending_tfa_authmechs['u2f'])) {
+  $pending_tfa_authmechs['u2f'] = true;
+}
+
+// globals
 $globalVariables = [
+  'mailcow_info' => array(
+    'version_tag' => $GLOBALS['MAILCOW_GIT_VERSION'],
+    'last_version_tag' => $GLOBALS['MAILCOW_LAST_GIT_VERSION'],
+    'git_owner' => $GLOBALS['MAILCOW_GIT_OWNER'],
+    'git_repo' => $GLOBALS['MAILCOW_GIT_REPO'],
+    'git_project_url' => $GLOBALS['MAILCOW_GIT_URL'],
+    'git_commit' => $GLOBALS['MAILCOW_GIT_COMMIT'],
+    'git_commit_date' => $GLOBALS['MAILCOW_GIT_COMMIT_DATE'],
+    'mailcow_branch' => $GLOBALS['MAILCOW_BRANCH'],
+    'updated_at' => $GLOBALS['MAILCOW_UPDATEDAT']
+  ),
  'js_path' => '/cache/'.basename($JSPath),
-  'pending_tfa_method' => @$_SESSION['pending_tfa_method'],
+  'pending_tfa_methods' => @$_SESSION['pending_tfa_methods'],
+  'pending_tfa_authmechs' => $pending_tfa_authmechs,
  'pending_mailcow_cc_username' => @$_SESSION['pending_mailcow_cc_username'],
  'lang_footer' => json_encode($lang['footer']),
  'lang_acl' => json_encode($lang['acl']),
--- a/data/web/inc/functions.dkim.inc.php
+++ b/data/web/inc/functions.dkim.inc.php
@@ -197,7 +197,7 @@ function dkim($_action, $_data = null, $privkey = false) {
        return false;
      }
      try {
-        dkim('delete', (array)$domain);
+        dkim('delete', array('domains' => $domain));
        $redis->hSet('DKIM_PUB_KEYS', $domain, $pem_public_key);
        $redis->hSet('DKIM_SELECTORS', $domain, $dkim_selector);
        $redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, $private_key_normalized);
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -830,11 +830,15 @@ function check_login($user, $pass, $app_passwd_data = false) {
  $stmt->execute(array(':user' => $user));
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
+    // verify password
    if (verify_hash($row['password'], $pass)) {
-      if (get_tfa($user)['name'] != "none") {
+      // check for tfa authenticators
+      $authenticators = get_tfa($user);
+      if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0) {
+        // active tfa authenticators found, set pending user login
        $_SESSION['pending_mailcow_cc_username'] = $user;
        $_SESSION['pending_mailcow_cc_role'] = "admin";
-        $_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
+        $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
        unset($_SESSION['ldelay']);
        $_SESSION['return'][] =  array(
          'type' => 'info',
@@ -842,8 +846,7 @@ function check_login($user, $pass, $app_passwd_data = false) {
          'msg' => 'awaiting_tfa_confirmation'
        );
        return "pending";
-      }
-      else {
+      } else {
        unset($_SESSION['ldelay']);
        // Reactivate TFA if it was set to "deactivate TFA for next login"
        $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
@@ -866,11 +869,14 @@ function check_login($user, $pass, $app_passwd_data = false) {
  $stmt->execute(array(':user' => $user));
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
+    // verify password
    if (verify_hash($row['password'], $pass) !== false) {
-      if (get_tfa($user)['name'] != "none") {
+      // check for tfa authenticators
+      $authenticators = get_tfa($user);
+      if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0) {
        $_SESSION['pending_mailcow_cc_username'] = $user;
        $_SESSION['pending_mailcow_cc_role'] = "domainadmin";
-        $_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
+        $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
        unset($_SESSION['ldelay']);
        $_SESSION['return'][] =  array(
          'type' => 'info',
@@ -930,14 +936,36 @@ function check_login($user, $pass, $app_passwd_data = false) {
    $rows = array_merge($rows, $stmt->fetchAll(PDO::FETCH_ASSOC));
  }
  foreach ($rows as $row) { 
+    // verify password
    if (verify_hash($row['password'], $pass) !== false) {
-      unset($_SESSION['ldelay']);
-      $_SESSION['return'][] =  array(
-        'type' => 'success',
-        'log' => array(__FUNCTION__, $user, '*'),
-        'msg' => array('logged_in_as', $user)
-      );
-      if ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) {
+      if (!array_key_exists("app_passwd_id", $row)){ 
+        // password is not a app password
+        // check for tfa authenticators
+        $authenticators = get_tfa($user);
+        if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 &&
+            $app_passwd_data['eas'] !== true && $app_passwd_data['dav'] !== true) {
+          // authenticators found, init TFA flow
+          $_SESSION['pending_mailcow_cc_username'] = $user;
+          $_SESSION['pending_mailcow_cc_role'] = "user";
+          $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
+          unset($_SESSION['ldelay']);
+          $_SESSION['return'][] =  array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $user, '*'),
+            'msg' => array('logged_in_as', $user)
+          );
+          return "pending";
+        } else if (!isset($authenticators['additional']) || !is_array($authenticators['additional']) || count($authenticators['additional']) == 0) {
+          // no authenticators found, login successfull
+          // Reactivate TFA if it was set to "deactivate TFA for next login"
+          $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
+          $stmt->execute(array(':user' => $user));
+
+          unset($_SESSION['ldelay']);
+          return "user";
+        }
+      } elseif ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) {
+        // password is a app password
        $service = ($app_passwd_data['eas'] === true) ? 'EAS' : 'DAV';
        $stmt = $pdo->prepare("REPLACE INTO sasl_log (`service`, `app_password`, `username`, `real_rip`) VALUES (:service, :app_id, :username, :remote_addr)");
        $stmt->execute(array(
@@ -946,8 +974,10 @@ function check_login($user, $pass, $app_passwd_data = false) {
          ':username' => $user,
          ':remote_addr' => ($_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR'])
        ));
+
+        unset($_SESSION['ldelay']);
+        return "user";
      }
-      return "user";
    }
  }

@@ -1142,47 +1172,46 @@ function set_tfa($_data) {
  global $yubi;
  global $tfa;
  $_data_log = $_data;
+  $access_denied = null;
  !isset($_data_log['confirm_password']) ?: $_data_log['confirm_password'] = '*';
  $username = $_SESSION['mailcow_cc_username'];
-  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) {
-      $_SESSION['return'][] =  array(
-        'type' => 'danger',
-        'log' => array(__FUNCTION__, $_data_log),
-        'msg' => 'access_denied'
-      );
-      return false;
-  }
-  $stmt = $pdo->prepare("SELECT `password` FROM `admin`
-      WHERE `username` = :username");
-  $stmt->execute(array(':username' => $username));
-  $row = $stmt->fetch(PDO::FETCH_ASSOC);
-  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-  if (!empty($num_results)) {
-    if (!verify_hash($row['password'], $_data["confirm_password"])) {
-      $_SESSION['return'][] =  array(
-        'type' => 'danger',
-        'log' => array(__FUNCTION__, $_data_log),
-        'msg' => 'access_denied'
-      );
-      return false;
-    }
-  }
-  $stmt = $pdo->prepare("SELECT `password` FROM `mailbox`
-      WHERE `username` = :username");
-  $stmt->execute(array(':username' => $username));
-  $row = $stmt->fetch(PDO::FETCH_ASSOC);
-  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-  if (!empty($num_results)) {
-    if (!verify_hash($row['password'], $_data["confirm_password"])) {
-      $_SESSION['return'][] =  array(
-        'type' => 'danger',
-        'log' => array(__FUNCTION__, $_data_log),
-        'msg' => 'access_denied'
-      );
-      return false;
+
+  // check for empty user and role
+  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) $access_denied = true;
+
+  // check admin confirm password
+  if ($access_denied === null) {
+    $stmt = $pdo->prepare("SELECT `password` FROM `admin`
+        WHERE `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+    if ($row) {
+      if (!verify_hash($row['password'], $_data["confirm_password"])) $access_denied = true;
+      else $access_denied = false;
    }
  }

+  // check mailbox confirm password
+  if ($access_denied === null) {
+    $stmt = $pdo->prepare("SELECT `password` FROM `mailbox`
+        WHERE `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+    if ($row) {
+      if (!verify_hash($row['password'], $_data["confirm_password"])) $access_denied = true;
+      else $access_denied = false;
+    }
+  }
+
+  // set access_denied error
+  if ($access_denied){
+    $_SESSION['return'][] =  array(
+      'type' => 'danger',
+      'log' => array(__FUNCTION__, $_data_log),
+      'msg' => 'access_denied'
+    );
+    return false;
+  }

  switch ($_data["tfa_method"]) {
    case "yubi_otp":
@@ -1220,8 +1249,7 @@ function set_tfa($_data) {
        $yubico_modhex_id = substr($_data["otp_token"], 0, 12);
        $stmt = $pdo->prepare("DELETE FROM `tfa`
          WHERE `username` = :username
-            AND (`authmech` != 'yubi_otp')
-            OR (`authmech` = 'yubi_otp' AND `secret` LIKE :modhex)");
+            AND (`authmech` = 'yubi_otp' AND `secret` LIKE :modhex)");
        $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id));
        $stmt = $pdo->prepare("INSERT INTO `tfa` (`key_id`, `username`, `authmech`, `active`, `secret`) VALUES
          (:key_id, :username, 'yubi_otp', '1', :secret)");
@@ -1265,9 +1293,6 @@ function set_tfa($_data) {
    case "webauthn":
        $key_id = (!isset($_data["key_id"])) ? 'unidentified' : $_data["key_id"];

-        $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username AND `authmech` != 'webauthn'");
-        $stmt->execute(array(':username' => $username));
-
        $stmt = $pdo->prepare("INSERT INTO `tfa` (`username`, `key_id`, `authmech`, `keyHandle`, `publicKey`, `certificate`, `counter`, `active`)
        VALUES (?, ?, 'webauthn', ?, ?, ?, ?, '1')");
        $stmt->execute(array(
@@ -1439,25 +1464,27 @@ function unset_tfa_key($_data) {
  global $pdo;
  global $lang;
  $_data_log = $_data;
+  $access_denied = null;
  $id = intval($_data['unset_tfa_key']);
  $username = $_SESSION['mailcow_cc_username'];
-  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) {
-    $_SESSION['return'][] =  array(
-      'type' => 'danger',
-      'log' => array(__FUNCTION__, $_data_log),
-      'msg' => 'access_denied'
-    );
-    return false;
-  }
+
+  // check for empty user and role
+  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) $access_denied = true;
+
  try {
-    if (!is_numeric($id)) {
-      $_SESSION['return'][] =  array(
+    if (!is_numeric($id)) $access_denied = true;
+    
+    // set access_denied error
+    if ($access_denied){
+      $_SESSION['return'][] = array(
        'type' => 'danger',
        'log' => array(__FUNCTION__, $_data_log),
        'msg' => 'access_denied'
      );
      return false;
    } 
+
+    // check if it's last key
    $stmt = $pdo->prepare("SELECT COUNT(*) AS `keys` FROM `tfa`
      WHERE `username` = :username AND `active` = '1'");
    $stmt->execute(array(':username' => $username));
@@ -1470,6 +1497,8 @@ function unset_tfa_key($_data) {
      );
      return false;
    }
+
+    // delete key
    $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username AND `id` = :id");
    $stmt->execute(array(':username' => $username, ':id' => $id));
    $_SESSION['return'][] =  array(
@@ -1487,7 +1516,7 @@ function unset_tfa_key($_data) {
    return false;
  }
 }
-function get_tfa($username = null) {
+function get_tfa($username = null, $id = null) {
  global $pdo;
  if (isset($_SESSION['mailcow_cc_username'])) {
    $username = $_SESSION['mailcow_cc_username'];
@@ -1495,95 +1524,119 @@ function get_tfa($username = null) {
  elseif (empty($username)) {
    return false;
  }
-  $stmt = $pdo->prepare("SELECT * FROM `tfa`
-      WHERE `username` = :username AND `active` = '1'");
-  $stmt->execute(array(':username' => $username));
-  $row = $stmt->fetch(PDO::FETCH_ASSOC);

-  if (isset($row["authmech"])) {
-    switch ($row["authmech"]) {
-      case "yubi_otp":
-        $data['name'] = "yubi_otp";
-        $data['pretty'] = "Yubico OTP";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id`, RIGHT(`secret`, 12) AS 'modhex' FROM `tfa` WHERE `authmech` = 'yubi_otp' AND `username` = :username");
-        $stmt->execute(array(
-          ':username' => $username,
-        ));
-        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-        while($row = array_shift($rows)) {
-          $data['additional'][] = $row;
+  if (!isset($id)){
+    // fetch all tfa methods - just get information about possible authenticators
+    $stmt = $pdo->prepare("SELECT `id`, `key_id`, `authmech` FROM `tfa`
+        WHERE `username` = :username AND `active` = '1'");
+    $stmt->execute(array(':username' => $username));
+    $results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ 
+    // no tfa methods found
+    if (count($results) == 0) {
+        $data['name'] = 'none';
+        $data['pretty'] = "-";
+        $data['additional'] = array();
+        return $data;
+    }
+
+    $data['additional'] = $results;
+    return $data;
+  } else {
+    // fetch specific authenticator details by id
+    $stmt = $pdo->prepare("SELECT * FROM `tfa`
+    WHERE `username` = :username AND `id` = :id AND `active` = '1'");
+    $stmt->execute(array(':username' => $username, ':id' => $id));
+    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+
+    if (isset($row["authmech"])) {
+        switch ($row["authmech"]) {
+          case "yubi_otp":
+            $data['name'] = "yubi_otp";
+            $data['pretty'] = "Yubico OTP";
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, RIGHT(`secret`, 12) AS 'modhex' FROM `tfa` WHERE `authmech` = 'yubi_otp' AND `username` = :username AND `id` = :id");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':id' => $id
+            ));
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              $data['additional'][] = $row;
+            }
+            return $data;
+          break;
+          // u2f - deprecated, should be removed
+          case "u2f":
+            $data['name'] = "u2f";
+            $data['pretty'] = "Fido U2F";
+            $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username AND `id` = :id");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':id' => $id
+            ));
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              $data['additional'][] = $row;
+            }
+            return $data;
+          break;
+          case "hotp":
+            $data['name'] = "hotp";
+            $data['pretty'] = "HMAC-based OTP";
+            return $data;
+          break;
+          case "totp":
+            $data['name'] = "totp";
+            $data['pretty'] = "Time-based OTP";
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, `secret` FROM `tfa` WHERE `authmech` = 'totp' AND `username` = :username AND `id` = :id");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':id' => $id
+            ));
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              $data['additional'][] = $row;
+            }
+            return $data;
+          break;
+          case "webauthn":
+            $data['name'] = "webauthn";
+            $data['pretty'] = "WebAuthn";
+            $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'webauthn' AND `username` = :username AND `id` = :id");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':id' => $id
+            ));
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              $data['additional'][] = $row;
+            }
+            return $data;
+          break;
+          default:
+            $data['name'] = 'none';
+            $data['pretty'] = "-";
+            return $data;
+          break;
        }
-        return $data;
-      break;
-      // u2f - deprecated, should be removed
-      case "u2f":
-        $data['name'] = "u2f";
-        $data['pretty'] = "Fido U2F";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
-        $stmt->execute(array(
-          ':username' => $username,
-        ));
-        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-        while($row = array_shift($rows)) {
-          $data['additional'][] = $row;
-        }
-        return $data;
-      break;
-      case "hotp":
-        $data['name'] = "hotp";
-        $data['pretty'] = "HMAC-based OTP";
-        return $data;
-      break;
-      case "totp":
-        $data['name'] = "totp";
-        $data['pretty'] = "Time-based OTP";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id`, `secret` FROM `tfa` WHERE `authmech` = 'totp' AND `username` = :username");
-        $stmt->execute(array(
-          ':username' => $username,
-        ));
-        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-        while($row = array_shift($rows)) {
-          $data['additional'][] = $row;
-        }
-        return $data;
-      break;
-      case "webauthn":
-        $data['name'] = "webauthn";
-        $data['pretty'] = "WebAuthn";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'webauthn' AND `username` = :username");
-        $stmt->execute(array(
-          ':username' => $username,
-        ));
-        $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-        while($row = array_shift($rows)) {
-          $data['additional'][] = $row;
-        }
-        return $data;
-      break;
-      default:
+      }
+      else {
        $data['name'] = 'none';
        $data['pretty'] = "-";
        return $data;
-      break;
+      }
    }
-  }
-  else {
-    $data['name'] = 'none';
-    $data['pretty'] = "-";
-    return $data;
-  }
 }
-function verify_tfa_login($username, $_data, $WebAuthn) {
-    global $pdo;
-    global $yubi;
-    global $u2f;
-    global $tfa;
-    $stmt = $pdo->prepare("SELECT `authmech` FROM `tfa`
-        WHERE `username` = :username AND `active` = '1'");
-    $stmt->execute(array(':username' => $username));
-    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+function verify_tfa_login($username, $_data) {
+  global $pdo;
+  global $yubi;
+  global $u2f;
+  global $tfa;
+  global $WebAuthn;

-    switch ($row["authmech"]) {
+  if ($_data['tfa_method'] != 'u2f'){
+
+    switch ($_data["tfa_method"]) {
        case "yubi_otp":
            if (!ctype_alnum($_data['token']) || strlen($_data['token']) != 44) {
                $_SESSION['return'][] =  array(
@@ -1597,7 +1650,7 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            $stmt = $pdo->prepare("SELECT `id`, `secret` FROM `tfa`
                WHERE `username` = :username
                AND `authmech` = 'yubi_otp'
-                AND `active`='1'
+                AND `active` = '1'
                AND `secret` LIKE :modhex");
            $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id));
            $row = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -1632,15 +1685,16 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            return false;
        break;
        case "totp":
-            try {
+          try {
            $stmt = $pdo->prepare("SELECT `id`, `secret` FROM `tfa`
                WHERE `username` = :username
                AND `authmech` = 'totp'
+                AND `id` = :id
                AND `active`='1'");
-            $stmt->execute(array(':username' => $username));
+            $stmt->execute(array(':username' => $username, ':id' => $_data['id']));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            foreach ($rows as $row) {
-                if ($tfa->verifyCode($row['secret'], $_data['token']) === true) {
+              if ($tfa->verifyCode($row['secret'], $_data['token']) === true) {
                $_SESSION['tfa_id'] = $row['id'];
                $_SESSION['return'][] =  array(
                    'type' => 'success',
@@ -1648,7 +1702,7 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                    'msg' => 'verified_totp_login'
                );
                return true;
-                }
+              }
            }
            $_SESSION['return'][] =  array(
                'type' => 'danger',
@@ -1656,23 +1710,16 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                'msg' => 'totp_verification_failed'
            );
            return false;
-            }
-            catch (PDOException $e) {
+          }
+          catch (PDOException $e) {
            $_SESSION['return'][] =  array(
                'type' => 'danger',
                'log' => array(__FUNCTION__, $username, '*'),
                'msg' => array('mysql_error', $e)
            );
            return false;
-            }
+          }
        break;
-        // u2f - deprecated, should be removed
-        case "u2f":
-            // delete old keys that used u2f
-            $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `authmech` = :authmech AND `username` = :username");
-            $stmt->execute(array(':authmech' => 'u2f', ':username' => $username));
-
-            return true;
        case "webauthn":
            $tokenData = json_decode($_data['token']);
            $clientDataJSON = base64_decode($tokenData->clientDataJSON);
@@ -1681,13 +1728,20 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            $id = base64_decode($tokenData->id);
            $challenge = $_SESSION['challenge'];

-            $stmt = $pdo->prepare("SELECT `key_id`, `keyHandle`, `username`, `publicKey` FROM `tfa` WHERE `keyHandle` = :tokenId");
-            $stmt->execute(array(':tokenId' => $tokenData->id));
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, `keyHandle`, `username`, `publicKey` FROM `tfa` WHERE `id` = :id AND `active`='1'");
+            $stmt->execute(array(':id' => $_data['id']));
            $process_webauthn = $stmt->fetch(PDO::FETCH_ASSOC);

-            if (empty($process_webauthn) || empty($process_webauthn['publicKey']) || empty($process_webauthn['username'])) return false;
+            if (empty($process_webauthn)){
+              $_SESSION['return'][] =  array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $username, '*'),
+                  'msg' => array('webauthn_verification_failed', 'authenticator not found')
+              );
+              return false;
+            } 
            
-            if ($process_webauthn['publicKey'] === false) {
+            if (empty($process_webauthn['publicKey']) || $process_webauthn['publicKey'] === false) {
                $_SESSION['return'][] =  array(
                    'type' => 'danger',
                    'log' => array(__FUNCTION__, $username, '*'),
@@ -1695,6 +1749,7 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                );
                return false;
            }
+
            try {
                $WebAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $process_webauthn['publicKey'], $challenge, null, $GLOBALS['WEBAUTHN_UV_FLAG_LOGIN'], $GLOBALS['WEBAUTHN_USER_PRESENT_FLAG']);
            }
@@ -1707,26 +1762,31 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                return false;
            }

-            
            $stmt = $pdo->prepare("SELECT `superadmin` FROM `admin` WHERE `username` = :username");
            $stmt->execute(array(':username' => $process_webauthn['username']));
            $obj_props = $stmt->fetch(PDO::FETCH_ASSOC);
            if ($obj_props['superadmin'] === 1) {
-                $_SESSION["mailcow_cc_role"] = "admin";
+              $_SESSION["mailcow_cc_role"] = "admin";
            }
            elseif ($obj_props['superadmin'] === 0) {
-                $_SESSION["mailcow_cc_role"] = "domainadmin";
+              $_SESSION["mailcow_cc_role"] = "domainadmin";
            }
            else {
-                $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :username");
-                $stmt->execute(array(':username' => $process_webauthn['username']));
-                $row = $stmt->fetch(PDO::FETCH_ASSOC);
-                if ($row['username'] == $process_webauthn['username']) {
+              $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :username");
+              $stmt->execute(array(':username' => $process_webauthn['username']));
+              $row = $stmt->fetch(PDO::FETCH_ASSOC);
+              if (!empty($row['username'])) {
                $_SESSION["mailcow_cc_role"] = "user";
-                }
+              } else {
+                $_SESSION['return'][] =  array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $username, '*'),
+                  'msg' => array('webauthn_verification_failed', 'could not determine user role')
+                );
+                return false;
+              }
            }

-        
            if ($process_webauthn['username'] != $_SESSION['pending_mailcow_cc_username']){
                $_SESSION['return'][] =  array(
                    'type' => 'danger',
@@ -1736,9 +1796,8 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                return false;
            }

-
            $_SESSION["mailcow_cc_username"] = $process_webauthn['username'];
-            $_SESSION['tfa_id'] = $process_webauthn['key_id'];
+            $_SESSION['tfa_id'] = $process_webauthn['id'];
            $_SESSION['authReq'] = null;
            unset($_SESSION["challenge"]);
            $_SESSION['return'][] =  array(
@@ -1759,6 +1818,17 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
    }

    return false;
+  } else {
+    // delete old keys that used u2f
+    $stmt = $pdo->prepare("SELECT * FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+    if (count($rows) == 0) return false;
+
+    $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    return true;
+  }
 }
 function admin_api($access, $action, $data = null) {
  global $pdo;
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -336,9 +336,37 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $mins_interval        = $_data['mins_interval'];
          $enc1                 = $_data['enc1'];
          $custom_params        = (empty(trim($_data['custom_params']))) ? '' : trim($_data['custom_params']);
-          // Workaround, fixme
-          if (strpos($custom_params, 'pipemess')) {
-            $custom_params = '';
+
+          // validate custom params
+          foreach (explode('-', $custom_params) as $param){
+            if(empty($param)) continue;
+
+            // extract option
+            if (str_contains($param, '=')) $param = explode('=', $param)[0];
+            else $param = rtrim($param, ' ');
+            // remove first char if first char is -
+            if ($param[0] == '-') $param = ltrim($param, $param[0]);
+
+            if (str_contains($param, ' ')) {
+              // bad char
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'bad character SPACE'
+              );
+              return false;
+            }
+
+            // check if param is whitelisted
+            if (!in_array(strtolower($param), $GLOBALS["IMAPSYNC_OPTIONS"]["whitelist"])){
+              // bad option
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'bad option '. $param
+              );
+              return false;
+            }
          }
          if (empty($subfolder2)) {
            $subfolder2 = "";
@@ -443,16 +471,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          if ($_SESSION['mailcow_cc_role'] != "admin") {
            $_SESSION['return'][] = array(
              'type' => 'danger',
-              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_extra),
              'msg' => 'access_denied'
            );
            return false;
          }
          $domain       = idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46);
          $description  = $_data['description'];
-          if (empty($description)) {
-            $description = $domain;
-          }
+          if (empty($description)) $description = $domain;
+          $tags         = (array)$_data['tags'];
          $aliases      = (int)$_data['aliases'];
          $mailboxes    = (int)$_data['mailboxes'];
          $defquota     = (int)$_data['defquota'];
@@ -545,10 +572,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            );
            return false;
          }
+
          $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `external` = 1 AND `send_as` LIKE :domain");
          $stmt->execute(array(
            ':domain' => '%@' . $domain
          ));
+          // save domain
          $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `active`, `relay_unknown_only`, `relay_all_recipients`)
            VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :active, :relay_unknown_only, :relay_all_recipients)");
          $stmt->execute(array(
@@ -565,6 +594,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            ':relay_unknown_only' => $relay_unknown_only,
            ':relay_all_recipients' => $relay_all_recipients
          ));
+          // save tags
+          foreach($tags as $index => $tag){
+            if (empty($tag)) continue;
+            if ($index > $GLOBALS['TAGGING_LIMIT']) {
+              $_SESSION['return'][] = array(
+                'type' => 'warning',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+              );
+              break;
+            }
+            $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+            $stmt->execute(array(
+              ':domain' => $domain,
+              ':tag_name' => $tag,
+            ));
+          }
+
          try {
            $redis->hSet('DOMAIN_MAP', $domain, 1);
          }
@@ -580,7 +627,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            ratelimit('edit', 'domain', array('rl_value' => $_data['rl_value'], 'rl_frame' => $_data['rl_frame'], 'object' => $domain));
          }
          if (!empty($_data['key_size']) && !empty($_data['dkim_selector'])) {
-            dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $domain));
+            if (!empty($redis->hGet('DKIM_SELECTORS', $domain))) {
+              $_SESSION['return'][] = array(
+                'type' => 'success',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'domain_add_dkim_available'
+              );
+            }
+            else {
+              dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $domain));
+            }
          }
          if (!empty($restart_sogo)) {
            $restart_response = json_decode(docker('post', 'sogo-mailcow', 'restart'), true);
@@ -910,7 +966,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              ratelimit('edit', 'domain', array('rl_value' => $_data['rl_value'], 'rl_frame' => $_data['rl_frame'], 'object' => $alias_domain));
            }
            if (!empty($_data['key_size']) && !empty($_data['dkim_selector'])) {
-              dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $alias_domain));
+              if (!empty($redis->hGet('DKIM_SELECTORS', $alias_domain))) {
+                $_SESSION['return'][] = array(
+                  'type' => 'success',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'domain_add_dkim_available'
+                );
+              }
+              else {
+                dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $alias_domain));
+              }
            }
            $_SESSION['return'][] = array(
              'type' => 'success',
@@ -942,6 +1007,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $password     = $_data['password'];
          $password2    = $_data['password2'];
          $name         = ltrim(rtrim($_data['name'], '>'), '<');
+          $tags         = $_data['tags'];
          $quota_m      = intval($_data['quota']);
          if ((!isset($_SESSION['acl']['unlimited_quota']) || $_SESSION['acl']['unlimited_quota'] != "1") && $quota_m === 0) {
            $_SESSION['return'][] = array(
@@ -1103,6 +1169,23 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $stmt->execute(array(
            ':username' => $username
          ));
+          // save tags
+          foreach($tags as $index => $tag){
+            if (empty($tag)) continue;
+            if ($index > $GLOBALS['TAGGING_LIMIT']) {
+              $_SESSION['return'][] = array(
+                'type' => 'warning',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+              );
+              break;
+            }
+            $stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':tag_name' => $tag,
+            ));
+          }
          $stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
            VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
          $stmt->execute(array(':username' => $username));
@@ -1709,8 +1792,37 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              );
              continue;
            }
-            if (strpos($custom_params, 'pipemess')) {
-              $custom_params = '';
+
+            // validate custom params
+            foreach (explode('-', $custom_params) as $param){
+              if(empty($param)) continue;
+
+              // extract option
+              if (str_contains($param, '=')) $param = explode('=', $param)[0];
+              else $param = rtrim($param, ' ');
+              // remove first char if first char is -
+              if ($param[0] == '-') $param = ltrim($param, $param[0]);
+
+              if (str_contains($param, ' ')) {
+                // bad char
+                $_SESSION['return'][] = array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'bad character SPACE'
+                );
+                return false;
+              }
+  
+              // check if param is whitelisted
+              if (!in_array(strtolower($param), $GLOBALS["IMAPSYNC_OPTIONS"]["whitelist"])){
+                // bad option
+                $_SESSION['return'][] = array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'bad option '. $param
+                );
+                return false;
+              }
            }
            if (empty($subfolder2)) {
              $subfolder2 = "";
@@ -2146,6 +2258,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                $gal                  = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
                $description          = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
                (int)$relayhost       = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']);
+                $tags                 = (is_array($_data['tags']) ? $_data['tags'] : array());
              }
              else {
                $_SESSION['return'][] = array(
@@ -2155,6 +2268,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                );
                continue;
              }
+
              $stmt = $pdo->prepare("UPDATE `domain` SET
              `description` = :description,
              `gal` = :gal
@@ -2164,6 +2278,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                ':gal' => $gal,
                ':domain' => $domain
              ));
+              // save tags
+              foreach($tags as $index => $tag){
+                if (empty($tag)) continue;
+                if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                  $_SESSION['return'][] = array(
+                    'type' => 'warning',
+                    'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                    'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                  );
+                  break;
+                }
+                $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+                $stmt->execute(array(
+                  ':domain' => $domain,
+                  ':tag_name' => $tag,
+                ));
+              }
+
              $_SESSION['return'][] = array(
                'type' => 'success',
                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2185,6 +2317,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                $maxquota             = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576);
                $quota                = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576);
                $description          = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
+                $tags                 = (is_array($_data['tags']) ? $_data['tags'] : array());
                if ($relay_all_recipients == '1') {
                  $backupmx = '1';
                }
@@ -2283,6 +2416,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                );
                continue;
              }
+
              $stmt = $pdo->prepare("UPDATE `domain` SET
              `relay_all_recipients` = :relay_all_recipients,
              `relay_unknown_only` = :relay_unknown_only,
@@ -2312,6 +2446,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                ':description' => $description,
                ':domain' => $domain
              ));
+              // save tags
+              foreach($tags as $index => $tag){
+                if (empty($tag)) continue;
+                if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                  $_SESSION['return'][] = array(
+                    'type' => 'warning',
+                    'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                    'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                  );
+                  break;
+                }
+                $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+                $stmt->execute(array(
+                  ':domain' => $domain,
+                  ':tag_name' => $tag,
+                ));
+              }
+
              $_SESSION['return'][] = array(
                'type' => 'success',
                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2360,6 +2512,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              $quota_b    = $quota_m * 1048576;
              $password   = (!empty($_data['password'])) ? $_data['password'] : null;
              $password2  = (!empty($_data['password2'])) ? $_data['password2'] : null;
+              $tags       = (is_array($_data['tags']) ? $_data['tags'] : array());
            }
            else {
              $_SESSION['return'][] = array(
@@ -2636,6 +2789,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              ':relayhost' => $relayhost,
              ':username' => $username
            ));
+            // save tags
+            foreach($tags as $index => $tag){
+              if (empty($tag)) continue;
+              if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                $_SESSION['return'][] = array(
+                  'type' => 'warning',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                );
+                break;
+              }
+              $stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
+              $stmt->execute(array(
+                ':username' => $username,
+                ':tag_name' => $tag,
+              ));
+            }
+            
            $_SESSION['return'][] = array(
              'type' => 'success',
              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2851,10 +3022,34 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
        break;
        case 'mailboxes':
          $mailboxes = array();
-          if (isset($_data) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
-            return false;
+          if (isset($_extra) && is_array($_extra) && isset($_data)) {
+            // get by domain and tags
+            $tags = is_array($_extra) ? $_extra : array();
+
+            $sql = "";
+            foreach ($tags as $key => $tag) {
+              $sql = $sql."SELECT DISTINCT `username` FROM `tags_mailbox` WHERE `username` LIKE ? AND `tag_name` LIKE ?"; // distinct, avoid duplicates
+              if ($key === array_key_last($tags)) break;
+              $sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
+            }
+
+            // prepend domain to array
+            $params = array();
+            foreach ($tags as $key => $val){ 
+              array_push($params, '%'.$_data.'%');
+              array_push($params, '%'.$val.'%');
+            }
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute($params);
+
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], explode('@', $row['username'])[1])) 
+                $mailboxes[] = $row['username'];
+            }
          }
          elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
+            // get by domain
            $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE (`kind` = '' OR `kind` = NULL) AND `domain` = :domain");
            $stmt->execute(array(
              ':domain' => $_data,
@@ -3348,20 +3543,46 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
            return false;
          }
-          $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
-            WHERE (`domain` IN (
-              SELECT `domain` from `domain_admins`
-                WHERE (`active`='1' AND `username` = :username))
-              )
-              OR 'admin'= :role");
-          $stmt->execute(array(
-            ':username' => $_SESSION['mailcow_cc_username'],
-            ':role' => $_SESSION['mailcow_cc_role'],
-          ));
-          $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
-          while($row = array_shift($rows)) {
-            $domains[] = $row['domain'];
+
+          if (isset($_extra) && is_array($_extra)){
+            // get by tags
+            $tags = is_array($_extra) ? $_extra : array();
+            // add % as prefix and suffix to every element for relative searching
+            $tags = array_map(function($x){ return '%'.$x.'%'; }, $tags);
+            $sql = "";
+            foreach ($tags as $key => $tag) {
+              $sql = $sql."SELECT DISTINCT `domain` FROM `tags_domain` WHERE `tag_name` LIKE ?"; // distinct, avoid duplicates
+              if ($key === array_key_last($tags)) break;
+              $sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
+            }
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute($tags);
+
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              if ($_SESSION['mailcow_cc_role'] == "admin")
+                $domains[] = $row['domain'];
+              elseif (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['domain'])) 
+                $domains[] = $row['domain'];
+            }
+          } else {
+            // get all
+            $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
+              WHERE (`domain` IN (
+                SELECT `domain` from `domain_admins`
+                  WHERE (`active`='1' AND `username` = :username))
+                )
+                OR 'admin'= :role");
+            $stmt->execute(array(
+              ':username' => $_SESSION['mailcow_cc_username'],
+              ':role' => $_SESSION['mailcow_cc_role'],
+            ));
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              $domains[] = $row['domain'];
+            }
          }
+
          return $domains;
        break;
        case 'domain_details':
@@ -3478,6 +3699,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              $domain_admins = $stmt->fetch(PDO::FETCH_ASSOC);
              (isset($domain_admins['domain_admins'])) ? $domaindata['domain_admins'] = $domain_admins['domain_admins'] : $domaindata['domain_admins'] = "-";
          }
+          $stmt = $pdo->prepare("SELECT `tag_name`
+            FROM `tags_domain` WHERE `domain`= :domain");
+          $stmt->execute(array(
+            ':domain' => $_data
+          ));
+          $tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
+          while ($tag = array_shift($tags)) {
+            $domaindata['tags'][] = $tag['tag_name'];
+          }
+
          return $domaindata;
        break;
        case 'mailbox_details':
@@ -3613,6 +3844,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            }
            $mailboxdata['is_relayed'] = $row['backupmx'];
          }
+          $stmt = $pdo->prepare("SELECT `tag_name`
+            FROM `tags_mailbox` WHERE `username`= :username");
+          $stmt->execute(array(
+            ':username' => $_data
+          ));
+          $tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
+          while ($tag = array_shift($tags)) {
+            $mailboxdata['tags'][] = $tag['tag_name'];
+          }

          return $mailboxdata;
        break;
@@ -4054,6 +4294,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            $stmt->execute(array(
              ':alias_domain' => $alias_domain,
            ));
+            $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `address` LIKE :domain");
+            $stmt->execute(array(
+              ':domain' => '%@'.$alias_domain,
+            ));
            $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :alias_domain");
            $stmt->execute(array(
              ':alias_domain' => $alias_domain,
@@ -4338,6 +4582,108 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            );
          }
        break;
+        case 'tags_domain':    
+          if (!is_array($_data['domain'])) {
+            $domains = array();
+            $domains[] = $_data['domain'];
+          }
+          else {
+            $domains = $_data['domain'];
+          }
+          $tags = $_data['tags'];
+          if (!is_array($tags)) $tags = array();
+
+          
+          if ($_SESSION['mailcow_cc_role'] != "admin") {
+            $_SESSION['return'][] = array(
+              'type' => 'danger',
+              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+              'msg' => 'access_denied'
+            );
+            return false;
+          }
+
+          $wasModified = false;
+          foreach ($domains as $domain) {            
+            if (!is_valid_domain_name($domain)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'domain_invalid'
+              );
+              continue;
+            }
+
+            foreach($tags as $tag){
+              // delete tag
+              $wasModified = true;
+              $stmt = $pdo->prepare("DELETE FROM `tags_domain` WHERE `domain` = :domain AND `tag_name` = :tag_name");
+              $stmt->execute(array(
+                ':domain' => $domain,
+                ':tag_name' => $tag,
+              ));
+            }
+          }
+
+          if (!$wasModified) return false;
+          $_SESSION['return'][] = array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+            'msg' => array('domain_modified', $domain)
+          );
+        break;
+        case 'tags_mailbox':
+          if (!is_array($_data['username'])) {
+            $usernames = array();
+            $usernames[] = $_data['username'];
+          }
+          else {
+            $usernames = $_data['username'];
+          }
+          $tags = $_data['tags'];
+          if (!is_array($tags)) $tags = array();
+
+          $wasModified = false;
+          foreach ($usernames as $username) {
+            if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'email invalid'
+              );
+              continue;
+            }
+
+            $is_now = mailbox('get', 'mailbox_details', $username);
+            $domain     = $is_now['domain'];
+            if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'access_denied'
+              );
+              continue;
+            }
+
+            // delete tags
+            foreach($tags as $tag){
+              $wasModified = true;
+              
+              $stmt = $pdo->prepare("DELETE FROM `tags_mailbox` WHERE `username` = :username AND `tag_name` = :tag_name");
+              $stmt->execute(array(
+                ':username' => $username,
+                ':tag_name' => $tag,
+              ));
+            }
+          }
+
+          if (!$wasModified) return false;
+          $_SESSION['return'][] = array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+            'msg' => array('mailbox_modified', $username)
+          );
+        break;
      }
    break;
  }
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
  try {
    global $pdo;

-    $db_version = "18012022_1020";
+    $db_version = "25072022_2300";

    $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
    $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -23,35 +23,35 @@ function init_db_schema() {
    }

    $views = array(
-    "grouped_mail_aliases" => "CREATE VIEW grouped_mail_aliases (username, aliases) AS
-      SELECT goto, IFNULL(GROUP_CONCAT(address ORDER BY address SEPARATOR ' '), '') AS address FROM alias
-      WHERE address!=goto
-      AND active = '1'
-      AND sogo_visible = '1'
-      AND address NOT LIKE '@%'
-      GROUP BY goto;",
-    // START
-    // Unused at the moment - we cannot allow to show a foreign mailbox as sender address in SOGo, as SOGo does not like this
-    // We need to create delegation in SOGo AND set a sender_acl in mailcow to allow to send as user X
-    "grouped_sender_acl" => "CREATE VIEW grouped_sender_acl (username, send_as_acl) AS
-      SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
-      WHERE send_as NOT LIKE '@%'
-      GROUP BY logged_in_as;",
-    // END 
-    "grouped_sender_acl_external" => "CREATE VIEW grouped_sender_acl_external (username, send_as_acl) AS
-      SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
-      WHERE send_as NOT LIKE '@%' AND external = '1'
-      GROUP BY logged_in_as;",
-    "grouped_domain_alias_address" => "CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
-      SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
-      LEFT OUTER JOIN alias_domain ON target_domain=domain
-      GROUP BY username;",
-    "sieve_before" => "CREATE VIEW sieve_before (id, username, script_name, script_data) AS
-      SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
-      WHERE filter_type = 'prefilter';",
-    "sieve_after" => "CREATE VIEW sieve_after (id, username, script_name, script_data) AS
-      SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
-      WHERE filter_type = 'postfilter';"
+      "grouped_mail_aliases" => "CREATE VIEW grouped_mail_aliases (username, aliases) AS
+        SELECT goto, IFNULL(GROUP_CONCAT(address ORDER BY address SEPARATOR ' '), '') AS address FROM alias
+        WHERE address!=goto
+        AND active = '1'
+        AND sogo_visible = '1'
+        AND address NOT LIKE '@%'
+        GROUP BY goto;",
+      // START
+      // Unused at the moment - we cannot allow to show a foreign mailbox as sender address in SOGo, as SOGo does not like this
+      // We need to create delegation in SOGo AND set a sender_acl in mailcow to allow to send as user X
+      "grouped_sender_acl" => "CREATE VIEW grouped_sender_acl (username, send_as_acl) AS
+        SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
+        WHERE send_as NOT LIKE '@%'
+        GROUP BY logged_in_as;",
+      // END 
+      "grouped_sender_acl_external" => "CREATE VIEW grouped_sender_acl_external (username, send_as_acl) AS
+        SELECT logged_in_as, IFNULL(GROUP_CONCAT(send_as SEPARATOR ' '), '') AS send_as_acl FROM sender_acl
+        WHERE send_as NOT LIKE '@%' AND external = '1'
+        GROUP BY logged_in_as;",
+      "grouped_domain_alias_address" => "CREATE VIEW grouped_domain_alias_address (username, ad_alias) AS
+        SELECT username, IFNULL(GROUP_CONCAT(local_part, '@', alias_domain SEPARATOR ' '), '') AS ad_alias FROM mailbox
+        LEFT OUTER JOIN alias_domain ON target_domain=domain
+        GROUP BY username;",
+      "sieve_before" => "CREATE VIEW sieve_before (id, username, script_name, script_data) AS
+        SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
+        WHERE filter_type = 'prefilter';",
+      "sieve_after" => "CREATE VIEW sieve_after (id, username, script_name, script_data) AS
+        SELECT md5(script_data), username, script_name, script_data FROM sieve_filters
+        WHERE filter_type = 'postfilter';"
    );

    $tables = array(
@@ -251,6 +251,26 @@ function init_db_schema() {
        ),
        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
      ),
+      "tags_domain" => array(
+        "cols" => array(
+          "tag_name" => "VARCHAR(255) NOT NULL",
+          "domain" => "VARCHAR(255) NOT NULL"
+        ),
+        "keys" => array(
+          "fkey" => array(
+            "fk_tags_domain" => array(
+              "col" => "domain",
+              "ref" => "domain.domain",
+              "delete" => "CASCADE",
+              "update" => "NO ACTION"
+            )
+          ),
+          "unique" => array(
+            "tag_name" => array("tag_name", "domain")
+          )
+        ),
+        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
+      ),
      "tls_policy_override" => array(
        "cols" => array(
          "id" => "INT NOT NULL AUTO_INCREMENT",
@@ -325,6 +345,26 @@ function init_db_schema() {
        ),
        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
      ),
+      "tags_mailbox" => array(
+        "cols" => array(
+          "tag_name" => "VARCHAR(255) NOT NULL",
+          "username" => "VARCHAR(255) NOT NULL"
+        ),
+        "keys" => array(
+          "fkey" => array(
+            "fk_tags_mailbox" => array(
+              "col" => "username",
+              "ref" => "mailbox.username",
+              "delete" => "CASCADE",
+              "update" => "NO ACTION"
+            )
+          ),
+          "unique" => array(
+            "tag_name" => array("tag_name", "username")
+          )
+        ),
+        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
+      ),
      "sieve_filters" => array(
        "cols" => array(
          "id" => "INT NOT NULL AUTO_INCREMENT",
@@ -400,7 +440,7 @@ function init_db_schema() {
          "spam_score" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "spam_policy" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "delimiter_action" => "TINYINT(1) NOT NULL DEFAULT '1'",
-          "syncjobs" => "TINYINT(1) NOT NULL DEFAULT '1'",
+          "syncjobs" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "sogo_profile_reset" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "pushover" => "TINYINT(1) NOT NULL DEFAULT '1'",
@@ -698,8 +738,8 @@ function init_db_schema() {
          "username" => "VARCHAR(255) NOT NULL",
          "authmech" => "ENUM('yubi_otp', 'u2f', 'hotp', 'totp', 'webauthn')",
          "secret" => "VARCHAR(255) DEFAULT NULL",
-          "keyHandle" => "VARCHAR(255) DEFAULT NULL",
-          "publicKey" => "VARCHAR(255) DEFAULT NULL",
+          "keyHandle" => "VARCHAR(1023) DEFAULT NULL",
+          "publicKey" => "VARCHAR(4096) DEFAULT NULL",
          "counter" => "INT NOT NULL DEFAULT '0'",
          "certificate" => "TEXT",
          "active" => "TINYINT(1) NOT NULL DEFAULT '0'"
@@ -864,7 +904,7 @@ function init_db_schema() {
      "sogo_sessions_folder" => array(
        "cols" => array(
          "c_id" => "VARCHAR(255) NOT NULL",
-          "c_value" => "VARCHAR(255) NOT NULL",
+          "c_value" => "VARCHAR(4096) NOT NULL",
          "c_creationdate" => "INT(11) NOT NULL",
          "c_lastseen" => "INT(11) NOT NULL"
        ),
@@ -1187,8 +1227,16 @@ function init_db_schema() {
      $pdo->query($create);
    }
    
-    // Mitigate imapsync pipemess issue
-    $pdo->query("UPDATE `imapsync` SET `custom_params` = '' WHERE `custom_params` LIKE '%pipemess%';");
+    // Mitigate imapsync argument injection issue
+    $pdo->query("UPDATE `imapsync` SET `custom_params` = '' 
+      WHERE `custom_params` LIKE '%pipemess%' 
+        OR custom_params LIKE '%skipmess%' 
+        OR custom_params LIKE '%delete2foldersonly%' 
+        OR custom_params LIKE '%delete2foldersbutnot%' 
+        OR custom_params LIKE '%regexflag%' 
+        OR custom_params LIKE '%pipemess%' 
+        OR custom_params LIKE '%regextrans2%' 
+        OR custom_params LIKE '%maxlinelengthcmd%';");
    
    // Migrate webauthn tfa
    $stmt = $pdo->query("ALTER TABLE `tfa` MODIFY COLUMN `authmech` ENUM('yubi_otp', 'u2f', 'hotp', 'totp', 'webauthn')");
--- a/data/web/inc/lib/composer.lock
+++ b/data/web/inc/lib/composer.lock
@@ -62,35 +62,40 @@
                "oauth",
                "oauth2"
            ],
+            "support": {
+                "issues": "https://github.com/bshaffer/oauth2-server-php/issues",
+                "source": "https://github.com/bshaffer/oauth2-server-php/tree/master"
+            },
            "time": "2018-12-04T00:29:32+00:00"
        },
        {
            "name": "ddeboer/imap",
-            "version": "1.12.1",
+            "version": "1.13.1",
            "source": {
                "type": "git",
                "url": "https://github.com/ddeboer/imap.git",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb"
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/ddeboer/imap/zipball/dbed05ca67b93509345a820b2859de10c48948fb",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb",
+                "url": "https://api.github.com/repos/ddeboer/imap/zipball/8b772d04b1deadb5df13782fb78c4b648f77496e",
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e",
                "shasum": ""
            },
            "require": {
                "ext-iconv": "*",
                "ext-imap": "*",
                "ext-mbstring": "*",
-                "php": "^7.4 || ^8.0"
+                "php": "^8.0.1"
            },
            "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.18.6",
-                "laminas/laminas-mail": "^2.14.0",
-                "phpstan/phpstan": "^0.12.84",
-                "phpstan/phpstan-phpunit": "^0.12.18",
-                "phpstan/phpstan-strict-rules": "^0.12.9",
-                "phpunit/phpunit": "^9.5.4"
+                "friendsofphp/php-cs-fixer": "^v3.4.0",
+                "laminas/laminas-mail": "^2.15.1",
+                "malukenho/mcbumpface": "^1.1.5",
+                "phpstan/phpstan": "^1.3.3",
+                "phpstan/phpstan-phpunit": "^1.0.0",
+                "phpstan/phpstan-strict-rules": "^1.1.0",
+                "phpunit/phpunit": "^9.5.11"
            },
            "type": "library",
            "autoload": {
@@ -124,7 +129,7 @@
            ],
            "support": {
                "issues": "https://github.com/ddeboer/imap/issues",
-                "source": "https://github.com/ddeboer/imap/tree/1.12.1"
+                "source": "https://github.com/ddeboer/imap/tree/1.13.1"
            },
            "funding": [
                {
@@ -136,35 +141,35 @@
                    "type": "github"
                }
            ],
-            "time": "2021-04-27T08:38:46+00:00"
+            "time": "2022-01-10T10:53:05+00:00"
        },
        {
            "name": "directorytree/ldaprecord",
-            "version": "v2.6.3",
+            "version": "v2.10.1",
            "source": {
                "type": "git",
                "url": "https://github.com/DirectoryTree/LdapRecord.git",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a"
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
+                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "ext-ldap": "*",
-                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
+                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0",
                "nesbot/carbon": "^1.0|^2.0",
                "php": ">=7.3",
-                "psr/log": "^1.0",
-                "psr/simple-cache": "^1.0",
+                "psr/log": "*",
+                "psr/simple-cache": "^1.0|^2.0",
                "tightenco/collect": "^5.6|^6.0|^7.0|^8.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
-                "phpunit/phpunit": "^8.0",
+                "phpunit/phpunit": "^9.0",
                "spatie/ray": "^1.24"
            },
            "type": "library",
@@ -209,31 +214,31 @@
                    "type": "github"
                }
            ],
-            "time": "2021-08-05T21:52:43+00:00"
+            "time": "2022-02-25T16:00:51+00:00"
        },
        {
            "name": "illuminate/contracts",
-            "version": "v8.53.1",
+            "version": "v9.3.0",
            "source": {
                "type": "git",
                "url": "https://github.com/illuminate/contracts.git",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb"
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/illuminate/contracts/zipball/504a34286a1b4c5421c43087d6bd4e176138f6fb",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb",
+                "url": "https://api.github.com/repos/illuminate/contracts/zipball/bf4b3c254c49d28157645d01e4883b5951b1e1d0",
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0",
                "shasum": ""
            },
            "require": {
-                "php": "^7.3|^8.0",
-                "psr/container": "^1.0",
-                "psr/simple-cache": "^1.0"
+                "php": "^8.0.2",
+                "psr/container": "^1.1.1|^2.0.1",
+                "psr/simple-cache": "^1.0|^2.0|^3.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "8.x-dev"
+                    "dev-master": "9.x-dev"
                }
            },
            "autoload": {
@@ -257,7 +262,7 @@
                "issues": "https://github.com/laravel/framework/issues",
                "source": "https://github.com/laravel/framework"
            },
-            "time": "2021-08-03T14:03:47+00:00"
+            "time": "2022-02-22T14:45:39+00:00"
        },
        {
            "name": "matthiasmullie/minify",
@@ -384,6 +389,10 @@
                "paths",
                "relative"
            ],
+            "support": {
+                "issues": "https://github.com/matthiasmullie/path-converter/issues",
+                "source": "https://github.com/matthiasmullie/path-converter/tree/1.1.3"
+            },
            "time": "2019-02-05T23:41:09+00:00"
        },
        {
@@ -438,16 +447,16 @@
        },
        {
            "name": "nesbot/carbon",
-            "version": "2.51.1",
+            "version": "2.57.0",
            "source": {
                "type": "git",
                "url": "https://github.com/briannesbitt/Carbon.git",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922"
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
+                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/4a54375c21eea4811dbd1149fe6b246517554e78",
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78",
                "shasum": ""
            },
            "require": {
@@ -455,15 +464,16 @@
                "php": "^7.1.8 || ^8.0",
                "symfony/polyfill-mbstring": "^1.0",
                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation": "^3.4 || ^4.0 || ^5.0"
+                "symfony/translation": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
+                "doctrine/dbal": "^2.0 || ^3.0",
                "doctrine/orm": "^2.7",
-                "friendsofphp/php-cs-fixer": "^2.14 || ^3.0",
+                "friendsofphp/php-cs-fixer": "^3.0",
                "kylekatarnls/multi-tester": "^2.0",
                "phpmd/phpmd": "^2.9",
                "phpstan/extension-installer": "^1.0",
-                "phpstan/phpstan": "^0.12.54",
+                "phpstan/phpstan": "^0.12.54 || ^1.0",
                "phpunit/phpunit": "^7.5.20 || ^8.5.14",
                "squizlabs/php_codesniffer": "^3.4"
            },
@@ -515,6 +525,7 @@
                "time"
            ],
            "support": {
+                "docs": "https://carbon.nesbot.com/docs",
                "issues": "https://github.com/briannesbitt/Carbon/issues",
                "source": "https://github.com/briannesbitt/Carbon"
            },
@@ -528,7 +539,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-28T13:16:28+00:00"
+            "time": "2022-02-13T18:13:33+00:00"
        },
        {
            "name": "paragonie/random_compat",
@@ -673,16 +684,16 @@
        },
        {
            "name": "phpmailer/phpmailer",
-            "version": "v6.5.0",
+            "version": "v6.6.0",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c"
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e43bac82edc26ca04b36143a48bde1c051cfd5b1",
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1",
                "shasum": ""
            },
            "require": {
@@ -694,10 +705,12 @@
            "require-dev": {
                "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
                "doctrine/annotations": "^1.2",
+                "php-parallel-lint/php-console-highlighter": "^0.5.0",
+                "php-parallel-lint/php-parallel-lint": "^1.3.1",
                "phpcompatibility/php-compatibility": "^9.3.5",
                "roave/security-advisories": "dev-latest",
-                "squizlabs/php_codesniffer": "^3.5.6",
-                "yoast/phpunit-polyfills": "^0.2.0"
+                "squizlabs/php_codesniffer": "^3.6.2",
+                "yoast/phpunit-polyfills": "^1.0.0"
            },
            "suggest": {
                "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
@@ -737,7 +750,7 @@
            "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
            "support": {
                "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.6.0"
            },
            "funding": [
                {
@@ -745,26 +758,31 @@
                    "type": "github"
                }
            ],
-            "time": "2021-06-16T14:33:43+00:00"
+            "time": "2022-02-28T15:31:21+00:00"
        },
        {
            "name": "psr/container",
-            "version": "1.1.1",
+            "version": "2.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/container.git",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf"
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/container/zipball/8622567409010282b7aeebe4bb841fe98b58dcaf",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf",
+                "url": "https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963",
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.0"
+                "php": ">=7.4.0"
            },
            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
            "autoload": {
                "psr-4": {
                    "Psr\\Container\\": "src/"
@@ -791,36 +809,36 @@
            ],
            "support": {
                "issues": "https://github.com/php-fig/container/issues",
-                "source": "https://github.com/php-fig/container/tree/1.1.1"
+                "source": "https://github.com/php-fig/container/tree/2.0.2"
            },
-            "time": "2021-03-05T17:36:06+00:00"
+            "time": "2021-11-05T16:47:00+00:00"
        },
        {
            "name": "psr/log",
-            "version": "1.1.4",
+            "version": "3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/log.git",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
+                "url": "https://api.github.com/repos/php-fig/log/zipball/fe5ea303b0887d5caefd3d431c3e61ad47037001",
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.1.x-dev"
+                    "dev-master": "3.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
-                    "Psr\\Log\\": "Psr/Log/"
+                    "Psr\\Log\\": "src"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
@@ -841,31 +859,31 @@
                "psr-3"
            ],
            "support": {
-                "source": "https://github.com/php-fig/log/tree/1.1.4"
+                "source": "https://github.com/php-fig/log/tree/3.0.0"
            },
-            "time": "2021-05-03T11:20:27+00:00"
+            "time": "2021-07-14T16:46:02+00:00"
        },
        {
            "name": "psr/simple-cache",
-            "version": "1.0.1",
+            "version": "2.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/simple-cache.git",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b"
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
+                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/8707bf3cea6f710bf6ef05491234e3ab06f6432a",
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                }
            },
            "autoload": {
@@ -880,7 +898,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interfaces for simple caching",
@@ -892,22 +910,22 @@
                "simple-cache"
            ],
            "support": {
-                "source": "https://github.com/php-fig/simple-cache/tree/master"
+                "source": "https://github.com/php-fig/simple-cache/tree/2.0.0"
            },
-            "time": "2017-10-23T01:57:42+00:00"
+            "time": "2021-10-29T13:22:09+00:00"
        },
        {
            "name": "robthree/twofactorauth",
-            "version": "1.8.0",
+            "version": "1.8.1",
            "source": {
                "type": "git",
                "url": "https://github.com/RobThree/TwoFactorAuth.git",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c"
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/30a38627ae1e7c9399dae67e265063cd6ec5276c",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c",
+                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/5afcb45282f1c75562a48d479ecd1732c9bdb11b",
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b",
                "shasum": ""
            },
            "require": {
@@ -964,7 +982,7 @@
                    "type": "github"
                }
            ],
-            "time": "2021-03-09T18:24:05+00:00"
+            "time": "2021-10-20T12:19:55+00:00"
        },
        {
            "name": "soundasleep/html2text",
@@ -1014,92 +1032,33 @@
                "php",
                "text"
            ],
+            "support": {
+                "email": "support@jevon.org",
+                "issues": "https://github.com/soundasleep/html2text/issues",
+                "source": "https://github.com/soundasleep/html2text/tree/master"
+            },
            "time": "2017-04-19T22:01:50+00:00"
        },
-        {
-            "name": "symfony/deprecation-contracts",
-            "version": "v2.4.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=7.1"
-            },
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-main": "2.4-dev"
-                },
-                "thanks": {
-                    "name": "symfony/contracts",
-                    "url": "https://github.com/symfony/contracts"
-                }
-            },
-            "autoload": {
-                "files": [
-                    "function.php"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "A generic function and convention to trigger deprecation notices",
-            "homepage": "https://symfony.com",
-            "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v2.4.0"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2021-03-23T23:28:01+00:00"
-        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce"
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/46cd95797e9df938fdd2b03693b5fca5e64b01ce",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-ctype": "*"
+            },
            "suggest": {
                "ext-ctype": "For best performance"
            },
@@ -1114,12 +1073,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Ctype\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Ctype\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1144,7 +1103,7 @@
                "portable"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1160,25 +1119,28 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-02-19T12:13:01+00:00"
+            "time": "2021-10-20T20:35:02+00:00"
        },
        {
            "name": "symfony/polyfill-mbstring",
-            "version": "v1.23.1",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6"
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9174a3d80210dca8daa7f31fec659150bbeabfc6",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825",
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-mbstring": "*"
+            },
            "suggest": {
                "ext-mbstring": "For best performance"
            },
@@ -1193,12 +1155,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Mbstring\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Mbstring\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1224,7 +1186,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1240,20 +1202,20 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-05-27T12:26:48+00:00"
+            "time": "2021-11-30T18:21:41+00:00"
        },
        {
            "name": "symfony/polyfill-php80",
-            "version": "v1.23.1",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-php80.git",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be"
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/1100343ed1a92e3a38f9ae122fc0eb21602547be",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be",
+                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/57b712b08eddb97c762a8caa32c84e037892d2e9",
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9",
                "shasum": ""
            },
            "require": {
@@ -1270,12 +1232,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Php80\\": ""
-                },
                "files": [
                    "bootstrap.php"
                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Php80\\": ""
+                },
                "classmap": [
                    "Resources/stubs"
                ]
@@ -1307,7 +1269,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-php80/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-php80/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1323,50 +1285,50 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-28T13:41:28+00:00"
+            "time": "2021-09-13T13:58:33+00:00"
        },
        {
            "name": "symfony/translation",
-            "version": "v5.3.4",
+            "version": "v6.0.5",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation.git",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1"
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation/zipball/d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
+                "url": "https://api.github.com/repos/symfony/translation/zipball/e69501c71107cc3146b32aaa45f4edd0c3427875",
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/deprecation-contracts": "^2.1",
+                "php": ">=8.0.2",
                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation-contracts": "^2.3"
+                "symfony/translation-contracts": "^2.3|^3.0"
            },
            "conflict": {
-                "symfony/config": "<4.4",
-                "symfony/dependency-injection": "<5.0",
-                "symfony/http-kernel": "<5.0",
-                "symfony/twig-bundle": "<5.0",
-                "symfony/yaml": "<4.4"
+                "symfony/config": "<5.4",
+                "symfony/console": "<5.4",
+                "symfony/dependency-injection": "<5.4",
+                "symfony/http-kernel": "<5.4",
+                "symfony/twig-bundle": "<5.4",
+                "symfony/yaml": "<5.4"
            },
            "provide": {
-                "symfony/translation-implementation": "2.3"
+                "symfony/translation-implementation": "2.3|3.0"
            },
            "require-dev": {
                "psr/log": "^1|^2|^3",
-                "symfony/config": "^4.4|^5.0",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/dependency-injection": "^5.0",
-                "symfony/finder": "^4.4|^5.0",
-                "symfony/http-kernel": "^5.0",
-                "symfony/intl": "^4.4|^5.0",
+                "symfony/config": "^5.4|^6.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/dependency-injection": "^5.4|^6.0",
+                "symfony/finder": "^5.4|^6.0",
+                "symfony/http-client-contracts": "^1.1|^2.0|^3.0",
+                "symfony/http-kernel": "^5.4|^6.0",
+                "symfony/intl": "^5.4|^6.0",
                "symfony/polyfill-intl-icu": "^1.21",
-                "symfony/service-contracts": "^1.1.2|^2",
-                "symfony/yaml": "^4.4|^5.0"
+                "symfony/service-contracts": "^1.1.2|^2|^3",
+                "symfony/yaml": "^5.4|^6.0"
            },
            "suggest": {
                "psr/log-implementation": "To use logging capability in translator",
@@ -1402,7 +1364,7 @@
            "description": "Provides tools to internationalize your application",
            "homepage": "https://symfony.com",
            "support": {
-                "source": "https://github.com/symfony/translation/tree/v5.3.4"
+                "source": "https://github.com/symfony/translation/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1418,24 +1380,24 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-25T09:39:16+00:00"
+            "time": "2022-02-09T15:52:48+00:00"
        },
        {
            "name": "symfony/translation-contracts",
-            "version": "v2.4.0",
+            "version": "v3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation-contracts.git",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95"
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/95c812666f3e91db75385749fe219c5e494c7f95",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95",
+                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5"
+                "php": ">=8.0.2"
            },
            "suggest": {
                "symfony/translation-implementation": ""
@@ -1443,7 +1405,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-main": "2.4-dev"
+                    "dev-main": "3.0-dev"
                },
                "thanks": {
                    "name": "symfony/contracts",
@@ -1480,7 +1442,7 @@
                "standards"
            ],
            "support": {
-                "source": "https://github.com/symfony/translation-contracts/tree/v2.4.0"
+                "source": "https://github.com/symfony/translation-contracts/tree/v3.0.0"
            },
            "funding": [
                {
@@ -1496,35 +1458,35 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-03-23T23:28:01+00:00"
+            "time": "2021-09-07T12:43:40+00:00"
        },
        {
            "name": "symfony/var-dumper",
-            "version": "v5.3.6",
+            "version": "v6.0.5",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/var-dumper.git",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0"
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
+                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/60d6a756d5f485df5e6e40b337334848f79f61ce",
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16"
+                "php": ">=8.0.2",
+                "symfony/polyfill-mbstring": "~1.0"
            },
            "conflict": {
                "phpunit/phpunit": "<5.4.3",
-                "symfony/console": "<4.4"
+                "symfony/console": "<5.4"
            },
            "require-dev": {
                "ext-iconv": "*",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/process": "^4.4|^5.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/process": "^5.4|^6.0",
+                "symfony/uid": "^5.4|^6.0",
                "twig/twig": "^2.13|^3.0.4"
            },
            "suggest": {
@@ -1568,7 +1530,7 @@
                "dump"
            ],
            "support": {
-                "source": "https://github.com/symfony/var-dumper/tree/v5.3.6"
+                "source": "https://github.com/symfony/var-dumper/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1584,25 +1546,25 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-27T01:56:02+00:00"
+            "time": "2022-02-21T17:15:17+00:00"
        },
        {
            "name": "tightenco/collect",
-            "version": "v8.34.0",
+            "version": "v8.83.2",
            "source": {
                "type": "git",
                "url": "https://github.com/tighten/collect.git",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2"
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/tighten/collect/zipball/b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
+                "url": "https://api.github.com/repos/tighten/collect/zipball/d9c66d586ec2d216d8a31283d73f8df1400cc722",
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722",
                "shasum": ""
            },
            "require": {
-                "php": "^7.2|^8.0",
-                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0"
+                "php": "^7.3|^8.0",
+                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
@@ -1636,22 +1598,22 @@
            ],
            "support": {
                "issues": "https://github.com/tighten/collect/issues",
-                "source": "https://github.com/tighten/collect/tree/v8.34.0"
+                "source": "https://github.com/tighten/collect/tree/v8.83.2"
            },
-            "time": "2021-03-29T21:29:00+00:00"
+            "time": "2022-02-16T16:15:54+00:00"
        },
        {
            "name": "twig/twig",
-            "version": "v3.3.2",
+            "version": "v3.3.8",
            "source": {
                "type": "git",
                "url": "https://github.com/twigphp/Twig.git",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790"
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/21578f00e83d4a82ecfa3d50752b609f13de6790",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/972d8604a92b7054828b539f2febb0211dd5945c",
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c",
                "shasum": ""
            },
            "require": {
@@ -1661,7 +1623,7 @@
            },
            "require-dev": {
                "psr/container": "^1.0",
-                "symfony/phpunit-bridge": "^4.4.9|^5.0.9"
+                "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
            },
            "type": "library",
            "extra": {
@@ -1702,7 +1664,7 @@
            ],
            "support": {
                "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.3.2"
+                "source": "https://github.com/twigphp/Twig/tree/v3.3.8"
            },
            "funding": [
                {
@@ -1714,7 +1676,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-05-16T12:14:13+00:00"
+            "time": "2022-02-04T06:59:48+00:00"
        },
        {
            "name": "yubico/u2flib-server",
@@ -1751,6 +1713,10 @@
            ],
            "description": "Library for U2F implementation",
            "homepage": "https://developers.yubico.com/php-u2flib-server",
+            "support": {
+                "issues": "https://github.com/Yubico/php-u2flib-server/issues",
+                "source": "https://github.com/Yubico/php-u2flib-server/tree/1.0.2"
+            },
            "time": "2018-09-07T08:16:44+00:00"
        }
    ],
@@ -1762,5 +1728,5 @@
    "prefer-lowest": false,
    "platform": [],
    "platform-dev": [],
-    "plugin-api-version": "2.1.0"
+    "plugin-api-version": "2.2.0"
 }
--- a/data/web/inc/lib/vendor/bin/carbon
+++ b/data/web/inc/lib/vendor/bin/carbon
@@ -1 +0,0 @@
-../nesbot/carbon/bin/carbon
--- a/data/web/inc/lib/vendor/bin/carbon
+++ b/data/web/inc/lib/vendor/bin/carbon
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../nesbot/carbon/bin/carbon)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/nesbot/carbon/bin/carbon');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/nesbot/carbon/bin/carbon';
--- a/data/web/inc/lib/vendor/bin/minifycss
+++ b/data/web/inc/lib/vendor/bin/minifycss
@@ -1 +0,0 @@
-../matthiasmullie/minify/bin/minifycss
--- a/data/web/inc/lib/vendor/bin/minifycss
+++ b/data/web/inc/lib/vendor/bin/minifycss
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../matthiasmullie/minify/bin/minifycss)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifycss');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifycss';
--- a/data/web/inc/lib/vendor/bin/minifyjs
+++ b/data/web/inc/lib/vendor/bin/minifyjs
@@ -1 +0,0 @@
-../matthiasmullie/minify/bin/minifyjs
--- a/data/web/inc/lib/vendor/bin/minifyjs
+++ b/data/web/inc/lib/vendor/bin/minifyjs
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../matthiasmullie/minify/bin/minifyjs)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifyjs');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifyjs';
--- a/data/web/inc/lib/vendor/bin/var-dump-server
+++ b/data/web/inc/lib/vendor/bin/var-dump-server
@@ -1 +0,0 @@
-../symfony/var-dumper/Resources/bin/var-dump-server
--- a/data/web/inc/lib/vendor/bin/var-dump-server
+++ b/data/web/inc/lib/vendor/bin/var-dump-server
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../symfony/var-dumper/Resources/bin/var-dump-server)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/symfony/var-dumper/Resources/bin/var-dump-server');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/symfony/var-dumper/Resources/bin/var-dump-server';
--- a/data/web/inc/lib/vendor/composer/ClassLoader.php
+++ b/data/web/inc/lib/vendor/composer/ClassLoader.php
@@ -42,30 +42,75 @@ namespace Composer\Autoload;
 */
 class ClassLoader
 {
+    /** @var ?string */
    private $vendorDir;

    // PSR-4
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<string, int>>
+     */
    private $prefixLengthsPsr4 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<int, string>>
+     */
    private $prefixDirsPsr4 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, string>
+     */
    private $fallbackDirsPsr4 = array();

    // PSR-0
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<string, string[]>>
+     */
    private $prefixesPsr0 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, string>
+     */
    private $fallbackDirsPsr0 = array();

+    /** @var bool */
    private $useIncludePath = false;
+
+    /**
+     * @var string[]
+     * @psalm-var array<string, string>
+     */
    private $classMap = array();
+
+    /** @var bool */
    private $classMapAuthoritative = false;
+
+    /**
+     * @var bool[]
+     * @psalm-var array<string, bool>
+     */
    private $missingClasses = array();
+
+    /** @var ?string */
    private $apcuPrefix;

+    /**
+     * @var self[]
+     */
    private static $registeredLoaders = array();

+    /**
+     * @param ?string $vendorDir
+     */
    public function __construct($vendorDir = null)
    {
        $this->vendorDir = $vendorDir;
    }

+    /**
+     * @return string[]
+     */
    public function getPrefixes()
    {
        if (!empty($this->prefixesPsr0)) {
@@ -75,28 +120,47 @@ class ClassLoader
        return array();
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, array<int, string>>
+     */
    public function getPrefixesPsr4()
    {
        return $this->prefixDirsPsr4;
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, string>
+     */
    public function getFallbackDirs()
    {
        return $this->fallbackDirsPsr0;
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, string>
+     */
    public function getFallbackDirsPsr4()
    {
        return $this->fallbackDirsPsr4;
    }

+    /**
+     * @return string[] Array of classname => path
+     * @psalm-return array<string, string>
+     */
    public function getClassMap()
    {
        return $this->classMap;
    }

    /**
-     * @param array $classMap Class to filename map
+     * @param string[] $classMap Class to filename map
+     * @psalm-param array<string, string> $classMap
+     *
+     * @return void
     */
    public function addClassMap(array $classMap)
    {
@@ -111,9 +175,11 @@ class ClassLoader
     * Registers a set of PSR-0 directories for a given prefix, either
     * appending or prepending to the ones previously set for this prefix.
     *
-     * @param string       $prefix  The prefix
-     * @param array|string $paths   The PSR-0 root directories
-     * @param bool         $prepend Whether to prepend the directories
+     * @param string          $prefix  The prefix
+     * @param string[]|string $paths   The PSR-0 root directories
+     * @param bool            $prepend Whether to prepend the directories
+     *
+     * @return void
     */
    public function add($prefix, $paths, $prepend = false)
    {
@@ -156,11 +222,13 @@ class ClassLoader
     * Registers a set of PSR-4 directories for a given namespace, either
     * appending or prepending to the ones previously set for this namespace.
     *
-     * @param string       $prefix  The prefix/namespace, with trailing '\\'
-     * @param array|string $paths   The PSR-4 base directories
-     * @param bool         $prepend Whether to prepend the directories
+     * @param string          $prefix  The prefix/namespace, with trailing '\\'
+     * @param string[]|string $paths   The PSR-4 base directories
+     * @param bool            $prepend Whether to prepend the directories
     *
     * @throws \InvalidArgumentException
+     *
+     * @return void
     */
    public function addPsr4($prefix, $paths, $prepend = false)
    {
@@ -204,8 +272,10 @@ class ClassLoader
     * Registers a set of PSR-0 directories for a given prefix,
     * replacing any others previously set for this prefix.
     *
-     * @param string       $prefix The prefix
-     * @param array|string $paths  The PSR-0 base directories
+     * @param string          $prefix The prefix
+     * @param string[]|string $paths  The PSR-0 base directories
+     *
+     * @return void
     */
    public function set($prefix, $paths)
    {
@@ -220,10 +290,12 @@ class ClassLoader
     * Registers a set of PSR-4 directories for a given namespace,
     * replacing any others previously set for this namespace.
     *
-     * @param string       $prefix The prefix/namespace, with trailing '\\'
-     * @param array|string $paths  The PSR-4 base directories
+     * @param string          $prefix The prefix/namespace, with trailing '\\'
+     * @param string[]|string $paths  The PSR-4 base directories
     *
     * @throws \InvalidArgumentException
+     *
+     * @return void
     */
    public function setPsr4($prefix, $paths)
    {
@@ -243,6 +315,8 @@ class ClassLoader
     * Turns on searching the include path for class files.
     *
     * @param bool $useIncludePath
+     *
+     * @return void
     */
    public function setUseIncludePath($useIncludePath)
    {
@@ -265,6 +339,8 @@ class ClassLoader
     * that have not been registered with the class map.
     *
     * @param bool $classMapAuthoritative
+     *
+     * @return void
     */
    public function setClassMapAuthoritative($classMapAuthoritative)
    {
@@ -285,6 +361,8 @@ class ClassLoader
     * APCu prefix to use to cache found/not-found classes, if the extension is enabled.
     *
     * @param string|null $apcuPrefix
+     *
+     * @return void
     */
    public function setApcuPrefix($apcuPrefix)
    {
@@ -305,6 +383,8 @@ class ClassLoader
     * Registers this instance as an autoloader.
     *
     * @param bool $prepend Whether to prepend the autoloader or not
+     *
+     * @return void
     */
    public function register($prepend = false)
    {
@@ -324,6 +404,8 @@ class ClassLoader

    /**
     * Unregisters this instance as an autoloader.
+     *
+     * @return void
     */
    public function unregister()
    {
@@ -403,6 +485,11 @@ class ClassLoader
        return self::$registeredLoaders;
    }

+    /**
+     * @param  string       $class
+     * @param  string       $ext
+     * @return string|false
+     */
    private function findFileWithExtension($class, $ext)
    {
        // PSR-4 lookup
@@ -474,6 +561,10 @@ class ClassLoader
 * Scope isolated include.
 *
 * Prevents access to $this/self from included files.
+ *
+ * @param  string $file
+ * @return void
+ * @private
 */
 function includeFile($file)
 {
--- a/data/web/inc/lib/vendor/composer/InstalledVersions.php
+++ b/data/web/inc/lib/vendor/composer/InstalledVersions.php
@@ -20,12 +20,25 @@ use Composer\Semver\VersionParser;
 *
 * See also https://getcomposer.org/doc/07-runtime.md#installed-versions
 *
- * To require it's presence, you can require `composer-runtime-api ^2.0`
+ * To require its presence, you can require `composer-runtime-api ^2.0`
 */
 class InstalledVersions
 {
+    /**
+     * @var mixed[]|null
+     * @psalm-var array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}|array{}|null
+     */
    private static $installed;
+
+    /**
+     * @var bool|null
+     */
    private static $canGetVendors;
+
+    /**
+     * @var array[]
+     * @psalm-var array<string, array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
+     */
    private static $installedByVendor = array();

    /**
@@ -228,7 +241,7 @@ class InstalledVersions

    /**
     * @return array
-     * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}
+     * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}
     */
    public static function getRootPackage()
    {
@@ -242,7 +255,7 @@ class InstalledVersions
     *
     * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect.
     * @return array[]
-     * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}
+     * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}
     */
    public static function getRawData()
    {
@@ -265,7 +278,7 @@ class InstalledVersions
     * Returns the raw data of all installed.php which are currently loaded for custom implementations
     *
     * @return array[]
-     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}>
+     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
     */
    public static function getAllRawData()
    {
@@ -288,7 +301,7 @@ class InstalledVersions
     * @param  array[] $data A vendor/composer/installed.php data set
     * @return void
     *
-     * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>} $data
+     * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>} $data
     */
    public static function reload($data)
    {
@@ -298,7 +311,7 @@ class InstalledVersions

    /**
     * @return array[]
-     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}>
+     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
     */
    private static function getInstalled()
    {
--- a/data/web/inc/lib/vendor/composer/autoload_files.php
+++ b/data/web/inc/lib/vendor/composer/autoload_files.php
@@ -7,10 +7,9 @@ $baseDir = dirname($vendorDir);

 return array(
    '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php',
-    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
-    '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php',
-    'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php',
    '320cde22f66dd4f5d3fd621d3e88b98f' => $vendorDir . '/symfony/polyfill-ctype/bootstrap.php',
+    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
+    'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php',
    '667aeda72477189d0494fecd327c3641' => $vendorDir . '/symfony/var-dumper/Resources/functions/dump.php',
    'fe62ba7e10580d903cc46d808b5961a4' => $vendorDir . '/tightenco/collect/src/Collect/Support/helpers.php',
    'caf31cc6ec7cf2241cb6f12c226c3846' => $vendorDir . '/tightenco/collect/src/Collect/Support/alias.php',
--- a/data/web/inc/lib/vendor/composer/autoload_psr4.php
+++ b/data/web/inc/lib/vendor/composer/autoload_psr4.php
@@ -16,7 +16,7 @@ return array(
    'Symfony\\Component\\Translation\\' => array($vendorDir . '/symfony/translation'),
    'RobThree\\Auth\\' => array($vendorDir . '/robthree/twofactorauth/lib'),
    'Psr\\SimpleCache\\' => array($vendorDir . '/psr/simple-cache/src'),
-    'Psr\\Log\\' => array($vendorDir . '/psr/log/Psr/Log'),
+    'Psr\\Log\\' => array($vendorDir . '/psr/log/src'),
    'Psr\\Container\\' => array($vendorDir . '/psr/container/src'),
    'PhpMimeMailParser\\' => array($vendorDir . '/php-mime-mail-parser/php-mime-mail-parser/src'),
    'PHPMailer\\PHPMailer\\' => array($vendorDir . '/phpmailer/phpmailer/src'),
--- a/data/web/inc/lib/vendor/composer/autoload_real.php
+++ b/data/web/inc/lib/vendor/composer/autoload_real.php
@@ -65,11 +65,16 @@ class ComposerAutoloaderInit873464e4bd965a3168f133248b1b218b
    }
 }

+/**
+ * @param string $fileIdentifier
+ * @param string $file
+ * @return void
+ */
 function composerRequire873464e4bd965a3168f133248b1b218b($fileIdentifier, $file)
 {
    if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
-        require $file;
-
        $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+
+        require $file;
    }
 }
--- a/data/web/inc/lib/vendor/composer/autoload_static.php
+++ b/data/web/inc/lib/vendor/composer/autoload_static.php
@@ -8,10 +8,9 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b
 {
    public static $files = array (
        '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php',
-        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
-        '6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php',
-        'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php',
        '320cde22f66dd4f5d3fd621d3e88b98f' => __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php',
+        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
+        'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php',
        '667aeda72477189d0494fecd327c3641' => __DIR__ . '/..' . '/symfony/var-dumper/Resources/functions/dump.php',
        'fe62ba7e10580d903cc46d808b5961a4' => __DIR__ . '/..' . '/tightenco/collect/src/Collect/Support/helpers.php',
        'caf31cc6ec7cf2241cb6f12c226c3846' => __DIR__ . '/..' . '/tightenco/collect/src/Collect/Support/alias.php',
@@ -115,7 +114,7 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b
        ),
        'Psr\\Log\\' => 
        array (
-            0 => __DIR__ . '/..' . '/psr/log/Psr/Log',
+            0 => __DIR__ . '/..' . '/psr/log/src',
        ),
        'Psr\\Container\\' => 
        array (
--- a/data/web/inc/lib/vendor/composer/installed.json
+++ b/data/web/inc/lib/vendor/composer/installed.json
@@ -63,34 +63,35 @@
        },
        {
            "name": "ddeboer/imap",
-            "version": "1.12.1",
-            "version_normalized": "1.12.1.0",
+            "version": "1.13.1",
+            "version_normalized": "1.13.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/ddeboer/imap.git",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb"
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/ddeboer/imap/zipball/dbed05ca67b93509345a820b2859de10c48948fb",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb",
+                "url": "https://api.github.com/repos/ddeboer/imap/zipball/8b772d04b1deadb5df13782fb78c4b648f77496e",
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e",
                "shasum": ""
            },
            "require": {
                "ext-iconv": "*",
                "ext-imap": "*",
                "ext-mbstring": "*",
-                "php": "^7.4 || ^8.0"
+                "php": "^8.0.1"
            },
            "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.18.6",
-                "laminas/laminas-mail": "^2.14.0",
-                "phpstan/phpstan": "^0.12.84",
-                "phpstan/phpstan-phpunit": "^0.12.18",
-                "phpstan/phpstan-strict-rules": "^0.12.9",
-                "phpunit/phpunit": "^9.5.4"
+                "friendsofphp/php-cs-fixer": "^v3.4.0",
+                "laminas/laminas-mail": "^2.15.1",
+                "malukenho/mcbumpface": "^1.1.5",
+                "phpstan/phpstan": "^1.3.3",
+                "phpstan/phpstan-phpunit": "^1.0.0",
+                "phpstan/phpstan-strict-rules": "^1.1.0",
+                "phpunit/phpunit": "^9.5.11"
            },
-            "time": "2021-04-27T08:38:46+00:00",
+            "time": "2022-01-10T10:53:05+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -124,7 +125,7 @@
            ],
            "support": {
                "issues": "https://github.com/ddeboer/imap/issues",
-                "source": "https://github.com/ddeboer/imap/tree/1.12.1"
+                "source": "https://github.com/ddeboer/imap/tree/1.13.1"
            },
            "funding": [
                {
@@ -140,35 +141,35 @@
        },
        {
            "name": "directorytree/ldaprecord",
-            "version": "v2.6.3",
-            "version_normalized": "2.6.3.0",
+            "version": "v2.10.1",
+            "version_normalized": "2.10.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/DirectoryTree/LdapRecord.git",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a"
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
+                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "ext-ldap": "*",
-                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
+                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0",
                "nesbot/carbon": "^1.0|^2.0",
                "php": ">=7.3",
-                "psr/log": "^1.0",
-                "psr/simple-cache": "^1.0",
+                "psr/log": "*",
+                "psr/simple-cache": "^1.0|^2.0",
                "tightenco/collect": "^5.6|^6.0|^7.0|^8.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
-                "phpunit/phpunit": "^8.0",
+                "phpunit/phpunit": "^9.0",
                "spatie/ray": "^1.24"
            },
-            "time": "2021-08-05T21:52:43+00:00",
+            "time": "2022-02-25T16:00:51+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -216,29 +217,29 @@
        },
        {
            "name": "illuminate/contracts",
-            "version": "v8.53.1",
-            "version_normalized": "8.53.1.0",
+            "version": "v9.3.0",
+            "version_normalized": "9.3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/illuminate/contracts.git",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb"
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/illuminate/contracts/zipball/504a34286a1b4c5421c43087d6bd4e176138f6fb",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb",
+                "url": "https://api.github.com/repos/illuminate/contracts/zipball/bf4b3c254c49d28157645d01e4883b5951b1e1d0",
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0",
                "shasum": ""
            },
            "require": {
-                "php": "^7.3|^8.0",
-                "psr/container": "^1.0",
-                "psr/simple-cache": "^1.0"
+                "php": "^8.0.2",
+                "psr/container": "^1.1.1|^2.0.1",
+                "psr/simple-cache": "^1.0|^2.0|^3.0"
            },
-            "time": "2021-08-03T14:03:47+00:00",
+            "time": "2022-02-22T14:45:39+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "8.x-dev"
+                    "dev-master": "9.x-dev"
                }
            },
            "installation-source": "dist",
@@ -453,17 +454,17 @@
        },
        {
            "name": "nesbot/carbon",
-            "version": "2.51.1",
-            "version_normalized": "2.51.1.0",
+            "version": "2.57.0",
+            "version_normalized": "2.57.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/briannesbitt/Carbon.git",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922"
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
+                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/4a54375c21eea4811dbd1149fe6b246517554e78",
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78",
                "shasum": ""
            },
            "require": {
@@ -471,19 +472,20 @@
                "php": "^7.1.8 || ^8.0",
                "symfony/polyfill-mbstring": "^1.0",
                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation": "^3.4 || ^4.0 || ^5.0"
+                "symfony/translation": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
+                "doctrine/dbal": "^2.0 || ^3.0",
                "doctrine/orm": "^2.7",
-                "friendsofphp/php-cs-fixer": "^2.14 || ^3.0",
+                "friendsofphp/php-cs-fixer": "^3.0",
                "kylekatarnls/multi-tester": "^2.0",
                "phpmd/phpmd": "^2.9",
                "phpstan/extension-installer": "^1.0",
-                "phpstan/phpstan": "^0.12.54",
+                "phpstan/phpstan": "^0.12.54 || ^1.0",
                "phpunit/phpunit": "^7.5.20 || ^8.5.14",
                "squizlabs/php_codesniffer": "^3.4"
            },
-            "time": "2021-07-28T13:16:28+00:00",
+            "time": "2022-02-13T18:13:33+00:00",
            "bin": [
                "bin/carbon"
            ],
@@ -533,6 +535,7 @@
                "time"
            ],
            "support": {
+                "docs": "https://carbon.nesbot.com/docs",
                "issues": "https://github.com/briannesbitt/Carbon/issues",
                "source": "https://github.com/briannesbitt/Carbon"
            },
@@ -697,17 +700,17 @@
        },
        {
            "name": "phpmailer/phpmailer",
-            "version": "v6.5.0",
-            "version_normalized": "6.5.0.0",
+            "version": "v6.6.0",
+            "version_normalized": "6.6.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c"
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e43bac82edc26ca04b36143a48bde1c051cfd5b1",
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1",
                "shasum": ""
            },
            "require": {
@@ -719,10 +722,12 @@
            "require-dev": {
                "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
                "doctrine/annotations": "^1.2",
+                "php-parallel-lint/php-console-highlighter": "^0.5.0",
+                "php-parallel-lint/php-parallel-lint": "^1.3.1",
                "phpcompatibility/php-compatibility": "^9.3.5",
                "roave/security-advisories": "dev-latest",
-                "squizlabs/php_codesniffer": "^3.5.6",
-                "yoast/phpunit-polyfills": "^0.2.0"
+                "squizlabs/php_codesniffer": "^3.6.2",
+                "yoast/phpunit-polyfills": "^1.0.0"
            },
            "suggest": {
                "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
@@ -732,7 +737,7 @@
                "stevenmaguire/oauth2-microsoft": "Needed for Microsoft XOAUTH2 authentication",
                "symfony/polyfill-mbstring": "To support UTF-8 if the Mbstring PHP extension is not enabled (^1.2)"
            },
-            "time": "2021-06-16T14:33:43+00:00",
+            "time": "2022-02-28T15:31:21+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -764,7 +769,7 @@
            "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
            "support": {
                "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.6.0"
            },
            "funding": [
                {
@@ -776,24 +781,29 @@
        },
        {
            "name": "psr/container",
-            "version": "1.1.1",
-            "version_normalized": "1.1.1.0",
+            "version": "2.0.2",
+            "version_normalized": "2.0.2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/container.git",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf"
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/container/zipball/8622567409010282b7aeebe4bb841fe98b58dcaf",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf",
+                "url": "https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963",
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.0"
+                "php": ">=7.4.0"
            },
-            "time": "2021-03-05T17:36:06+00:00",
+            "time": "2021-11-05T16:47:00+00:00",
            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
            "installation-source": "dist",
            "autoload": {
                "psr-4": {
@@ -821,39 +831,39 @@
            ],
            "support": {
                "issues": "https://github.com/php-fig/container/issues",
-                "source": "https://github.com/php-fig/container/tree/1.1.1"
+                "source": "https://github.com/php-fig/container/tree/2.0.2"
            },
            "install-path": "../psr/container"
        },
        {
            "name": "psr/log",
-            "version": "1.1.4",
-            "version_normalized": "1.1.4.0",
+            "version": "3.0.0",
+            "version_normalized": "3.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/log.git",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
+                "url": "https://api.github.com/repos/php-fig/log/zipball/fe5ea303b0887d5caefd3d431c3e61ad47037001",
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
-            "time": "2021-05-03T11:20:27+00:00",
+            "time": "2021-07-14T16:46:02+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.1.x-dev"
+                    "dev-master": "3.x-dev"
                }
            },
            "installation-source": "dist",
            "autoload": {
                "psr-4": {
-                    "Psr\\Log\\": "Psr/Log/"
+                    "Psr\\Log\\": "src"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
@@ -874,33 +884,33 @@
                "psr-3"
            ],
            "support": {
-                "source": "https://github.com/php-fig/log/tree/1.1.4"
+                "source": "https://github.com/php-fig/log/tree/3.0.0"
            },
            "install-path": "../psr/log"
        },
        {
            "name": "psr/simple-cache",
-            "version": "1.0.1",
-            "version_normalized": "1.0.1.0",
+            "version": "2.0.0",
+            "version_normalized": "2.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/simple-cache.git",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b"
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
+                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/8707bf3cea6f710bf6ef05491234e3ab06f6432a",
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
-            "time": "2017-10-23T01:57:42+00:00",
+            "time": "2021-10-29T13:22:09+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                }
            },
            "installation-source": "dist",
@@ -916,7 +926,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interfaces for simple caching",
@@ -928,23 +938,23 @@
                "simple-cache"
            ],
            "support": {
-                "source": "https://github.com/php-fig/simple-cache/tree/master"
+                "source": "https://github.com/php-fig/simple-cache/tree/2.0.0"
            },
            "install-path": "../psr/simple-cache"
        },
        {
            "name": "robthree/twofactorauth",
-            "version": "1.8.0",
-            "version_normalized": "1.8.0.0",
+            "version": "1.8.1",
+            "version_normalized": "1.8.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/RobThree/TwoFactorAuth.git",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c"
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/30a38627ae1e7c9399dae67e265063cd6ec5276c",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c",
+                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/5afcb45282f1c75562a48d479ecd1732c9bdb11b",
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b",
                "shasum": ""
            },
            "require": {
@@ -958,7 +968,7 @@
                "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider",
                "endroid/qr-code": "Needed for EndroidQrCodeProvider"
            },
-            "time": "2021-03-09T18:24:05+00:00",
+            "time": "2021-10-20T12:19:55+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1058,98 +1068,31 @@
            ],
            "install-path": "../soundasleep/html2text"
        },
-        {
-            "name": "symfony/deprecation-contracts",
-            "version": "v2.4.0",
-            "version_normalized": "2.4.0.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=7.1"
-            },
-            "time": "2021-03-23T23:28:01+00:00",
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-main": "2.4-dev"
-                },
-                "thanks": {
-                    "name": "symfony/contracts",
-                    "url": "https://github.com/symfony/contracts"
-                }
-            },
-            "installation-source": "dist",
-            "autoload": {
-                "files": [
-                    "function.php"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "A generic function and convention to trigger deprecation notices",
-            "homepage": "https://symfony.com",
-            "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v2.4.0"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "install-path": "../symfony/deprecation-contracts"
-        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.23.0",
-            "version_normalized": "1.23.0.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce"
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/46cd95797e9df938fdd2b03693b5fca5e64b01ce",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-ctype": "*"
+            },
            "suggest": {
                "ext-ctype": "For best performance"
            },
-            "time": "2021-02-19T12:13:01+00:00",
+            "time": "2021-10-20T20:35:02+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1162,12 +1105,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Ctype\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Ctype\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1192,7 +1135,7 @@
                "portable"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1212,26 +1155,29 @@
        },
        {
            "name": "symfony/polyfill-mbstring",
-            "version": "v1.23.1",
-            "version_normalized": "1.23.1.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6"
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9174a3d80210dca8daa7f31fec659150bbeabfc6",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825",
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-mbstring": "*"
+            },
            "suggest": {
                "ext-mbstring": "For best performance"
            },
-            "time": "2021-05-27T12:26:48+00:00",
+            "time": "2021-11-30T18:21:41+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1244,12 +1190,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Mbstring\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Mbstring\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1275,7 +1221,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1295,23 +1241,23 @@
        },
        {
            "name": "symfony/polyfill-php80",
-            "version": "v1.23.1",
-            "version_normalized": "1.23.1.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-php80.git",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be"
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/1100343ed1a92e3a38f9ae122fc0eb21602547be",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be",
+                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/57b712b08eddb97c762a8caa32c84e037892d2e9",
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
-            "time": "2021-07-28T13:41:28+00:00",
+            "time": "2021-09-13T13:58:33+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1324,12 +1270,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Php80\\": ""
-                },
                "files": [
                    "bootstrap.php"
                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Php80\\": ""
+                },
                "classmap": [
                    "Resources/stubs"
                ]
@@ -1361,7 +1307,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-php80/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-php80/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1381,54 +1327,54 @@
        },
        {
            "name": "symfony/translation",
-            "version": "v5.3.4",
-            "version_normalized": "5.3.4.0",
+            "version": "v6.0.5",
+            "version_normalized": "6.0.5.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation.git",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1"
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation/zipball/d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
+                "url": "https://api.github.com/repos/symfony/translation/zipball/e69501c71107cc3146b32aaa45f4edd0c3427875",
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/deprecation-contracts": "^2.1",
+                "php": ">=8.0.2",
                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation-contracts": "^2.3"
+                "symfony/translation-contracts": "^2.3|^3.0"
            },
            "conflict": {
-                "symfony/config": "<4.4",
-                "symfony/dependency-injection": "<5.0",
-                "symfony/http-kernel": "<5.0",
-                "symfony/twig-bundle": "<5.0",
-                "symfony/yaml": "<4.4"
+                "symfony/config": "<5.4",
+                "symfony/console": "<5.4",
+                "symfony/dependency-injection": "<5.4",
+                "symfony/http-kernel": "<5.4",
+                "symfony/twig-bundle": "<5.4",
+                "symfony/yaml": "<5.4"
            },
            "provide": {
-                "symfony/translation-implementation": "2.3"
+                "symfony/translation-implementation": "2.3|3.0"
            },
            "require-dev": {
                "psr/log": "^1|^2|^3",
-                "symfony/config": "^4.4|^5.0",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/dependency-injection": "^5.0",
-                "symfony/finder": "^4.4|^5.0",
-                "symfony/http-kernel": "^5.0",
-                "symfony/intl": "^4.4|^5.0",
+                "symfony/config": "^5.4|^6.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/dependency-injection": "^5.4|^6.0",
+                "symfony/finder": "^5.4|^6.0",
+                "symfony/http-client-contracts": "^1.1|^2.0|^3.0",
+                "symfony/http-kernel": "^5.4|^6.0",
+                "symfony/intl": "^5.4|^6.0",
                "symfony/polyfill-intl-icu": "^1.21",
-                "symfony/service-contracts": "^1.1.2|^2",
-                "symfony/yaml": "^4.4|^5.0"
+                "symfony/service-contracts": "^1.1.2|^2|^3",
+                "symfony/yaml": "^5.4|^6.0"
            },
            "suggest": {
                "psr/log-implementation": "To use logging capability in translator",
                "symfony/config": "",
                "symfony/yaml": ""
            },
-            "time": "2021-07-25T09:39:16+00:00",
+            "time": "2022-02-09T15:52:48+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1459,7 +1405,7 @@
            "description": "Provides tools to internationalize your application",
            "homepage": "https://symfony.com",
            "support": {
-                "source": "https://github.com/symfony/translation/tree/v5.3.4"
+                "source": "https://github.com/symfony/translation/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1479,30 +1425,30 @@
        },
        {
            "name": "symfony/translation-contracts",
-            "version": "v2.4.0",
-            "version_normalized": "2.4.0.0",
+            "version": "v3.0.0",
+            "version_normalized": "3.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation-contracts.git",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95"
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/95c812666f3e91db75385749fe219c5e494c7f95",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95",
+                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5"
+                "php": ">=8.0.2"
            },
            "suggest": {
                "symfony/translation-implementation": ""
            },
-            "time": "2021-03-23T23:28:01+00:00",
+            "time": "2021-09-07T12:43:40+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-main": "2.4-dev"
+                    "dev-main": "3.0-dev"
                },
                "thanks": {
                    "name": "symfony/contracts",
@@ -1540,7 +1486,7 @@
                "standards"
            ],
            "support": {
-                "source": "https://github.com/symfony/translation-contracts/tree/v2.4.0"
+                "source": "https://github.com/symfony/translation-contracts/tree/v3.0.0"
            },
            "funding": [
                {
@@ -1560,32 +1506,32 @@
        },
        {
            "name": "symfony/var-dumper",
-            "version": "v5.3.6",
-            "version_normalized": "5.3.6.0",
+            "version": "v6.0.5",
+            "version_normalized": "6.0.5.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/var-dumper.git",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0"
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
+                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/60d6a756d5f485df5e6e40b337334848f79f61ce",
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16"
+                "php": ">=8.0.2",
+                "symfony/polyfill-mbstring": "~1.0"
            },
            "conflict": {
                "phpunit/phpunit": "<5.4.3",
-                "symfony/console": "<4.4"
+                "symfony/console": "<5.4"
            },
            "require-dev": {
                "ext-iconv": "*",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/process": "^4.4|^5.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/process": "^5.4|^6.0",
+                "symfony/uid": "^5.4|^6.0",
                "twig/twig": "^2.13|^3.0.4"
            },
            "suggest": {
@@ -1593,7 +1539,7 @@
                "ext-intl": "To show region name in time zone dump",
                "symfony/console": "To use the ServerDumpCommand and/or the bin/var-dump-server script"
            },
-            "time": "2021-07-27T01:56:02+00:00",
+            "time": "2022-02-21T17:15:17+00:00",
            "bin": [
                "Resources/bin/var-dump-server"
            ],
@@ -1631,7 +1577,7 @@
                "dump"
            ],
            "support": {
-                "source": "https://github.com/symfony/var-dumper/tree/v5.3.6"
+                "source": "https://github.com/symfony/var-dumper/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1651,29 +1597,29 @@
        },
        {
            "name": "tightenco/collect",
-            "version": "v8.34.0",
-            "version_normalized": "8.34.0.0",
+            "version": "v8.83.2",
+            "version_normalized": "8.83.2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/tighten/collect.git",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2"
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/tighten/collect/zipball/b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
+                "url": "https://api.github.com/repos/tighten/collect/zipball/d9c66d586ec2d216d8a31283d73f8df1400cc722",
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722",
                "shasum": ""
            },
            "require": {
-                "php": "^7.2|^8.0",
-                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0"
+                "php": "^7.3|^8.0",
+                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
                "nesbot/carbon": "^2.23.0",
                "phpunit/phpunit": "^8.3"
            },
-            "time": "2021-03-29T21:29:00+00:00",
+            "time": "2022-02-16T16:15:54+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1702,23 +1648,23 @@
            ],
            "support": {
                "issues": "https://github.com/tighten/collect/issues",
-                "source": "https://github.com/tighten/collect/tree/v8.34.0"
+                "source": "https://github.com/tighten/collect/tree/v8.83.2"
            },
            "install-path": "../tightenco/collect"
        },
        {
            "name": "twig/twig",
-            "version": "v3.3.2",
-            "version_normalized": "3.3.2.0",
+            "version": "v3.3.8",
+            "version_normalized": "3.3.8.0",
            "source": {
                "type": "git",
                "url": "https://github.com/twigphp/Twig.git",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790"
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/21578f00e83d4a82ecfa3d50752b609f13de6790",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/972d8604a92b7054828b539f2febb0211dd5945c",
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c",
                "shasum": ""
            },
            "require": {
@@ -1728,9 +1674,9 @@
            },
            "require-dev": {
                "psr/container": "^1.0",
-                "symfony/phpunit-bridge": "^4.4.9|^5.0.9"
+                "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
            },
-            "time": "2021-05-16T12:14:13+00:00",
+            "time": "2022-02-04T06:59:48+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1771,7 +1717,7 @@
            ],
            "support": {
                "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.3.2"
+                "source": "https://github.com/twigphp/Twig/tree/v3.3.8"
            },
            "funding": [
                {
--- a/data/web/inc/lib/vendor/composer/installed.php
+++ b/data/web/inc/lib/vendor/composer/installed.php
@@ -1,22 +1,22 @@
 <?php return array(
    'root' => array(
-        'pretty_version' => 'dev-master',
-        'version' => 'dev-master',
+        'pretty_version' => '1.0.0+no-version-set',
+        'version' => '1.0.0.0',
        'type' => 'library',
        'install_path' => __DIR__ . '/../../',
        'aliases' => array(),
-        'reference' => '1c2923a4ddd7f89b3cf38c9594db289b7dd756d3',
+        'reference' => NULL,
        'name' => '__root__',
        'dev' => true,
    ),
    'versions' => array(
        '__root__' => array(
-            'pretty_version' => 'dev-master',
-            'version' => 'dev-master',
+            'pretty_version' => '1.0.0+no-version-set',
+            'version' => '1.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../../',
            'aliases' => array(),
-            'reference' => '1c2923a4ddd7f89b3cf38c9594db289b7dd756d3',
+            'reference' => NULL,
            'dev_requirement' => false,
        ),
        'bshaffer/oauth2-server-php' => array(
@@ -29,21 +29,21 @@
            'dev_requirement' => false,
        ),
        'ddeboer/imap' => array(
-            'pretty_version' => '1.12.1',
-            'version' => '1.12.1.0',
+            'pretty_version' => '1.13.1',
+            'version' => '1.13.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../ddeboer/imap',
            'aliases' => array(),
-            'reference' => 'dbed05ca67b93509345a820b2859de10c48948fb',
+            'reference' => '8b772d04b1deadb5df13782fb78c4b648f77496e',
            'dev_requirement' => false,
        ),
        'directorytree/ldaprecord' => array(
-            'pretty_version' => 'v2.6.3',
-            'version' => '2.6.3.0',
+            'pretty_version' => 'v2.10.1',
+            'version' => '2.10.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../directorytree/ldaprecord',
            'aliases' => array(),
-            'reference' => '5c93ec6d1ef458290825a8b0a148946dce7c1e7a',
+            'reference' => 'bf512d9af7a7b0e2ed7a666ab29cefdd027bee88',
            'dev_requirement' => false,
        ),
        'exorus/php-mime-mail-parser' => array(
@@ -53,12 +53,12 @@
            ),
        ),
        'illuminate/contracts' => array(
-            'pretty_version' => 'v8.53.1',
-            'version' => '8.53.1.0',
+            'pretty_version' => 'v9.3.0',
+            'version' => '9.3.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../illuminate/contracts',
            'aliases' => array(),
-            'reference' => '504a34286a1b4c5421c43087d6bd4e176138f6fb',
+            'reference' => 'bf4b3c254c49d28157645d01e4883b5951b1e1d0',
            'dev_requirement' => false,
        ),
        'matthiasmullie/minify' => array(
@@ -95,12 +95,12 @@
            'dev_requirement' => false,
        ),
        'nesbot/carbon' => array(
-            'pretty_version' => '2.51.1',
-            'version' => '2.51.1.0',
+            'pretty_version' => '2.57.0',
+            'version' => '2.57.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../nesbot/carbon',
            'aliases' => array(),
-            'reference' => '8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922',
+            'reference' => '4a54375c21eea4811dbd1149fe6b246517554e78',
            'dev_requirement' => false,
        ),
        'paragonie/random_compat' => array(
@@ -122,48 +122,48 @@
            'dev_requirement' => false,
        ),
        'phpmailer/phpmailer' => array(
-            'pretty_version' => 'v6.5.0',
-            'version' => '6.5.0.0',
+            'pretty_version' => 'v6.6.0',
+            'version' => '6.6.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../phpmailer/phpmailer',
            'aliases' => array(),
-            'reference' => 'a5b5c43e50b7fba655f793ad27303cd74c57363c',
+            'reference' => 'e43bac82edc26ca04b36143a48bde1c051cfd5b1',
            'dev_requirement' => false,
        ),
        'psr/container' => array(
-            'pretty_version' => '1.1.1',
-            'version' => '1.1.1.0',
+            'pretty_version' => '2.0.2',
+            'version' => '2.0.2.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/container',
            'aliases' => array(),
-            'reference' => '8622567409010282b7aeebe4bb841fe98b58dcaf',
+            'reference' => 'c71ecc56dfe541dbd90c5360474fbc405f8d5963',
            'dev_requirement' => false,
        ),
        'psr/log' => array(
-            'pretty_version' => '1.1.4',
-            'version' => '1.1.4.0',
+            'pretty_version' => '3.0.0',
+            'version' => '3.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/log',
            'aliases' => array(),
-            'reference' => 'd49695b909c3b7628b6289db5479a1c204601f11',
+            'reference' => 'fe5ea303b0887d5caefd3d431c3e61ad47037001',
            'dev_requirement' => false,
        ),
        'psr/simple-cache' => array(
-            'pretty_version' => '1.0.1',
-            'version' => '1.0.1.0',
+            'pretty_version' => '2.0.0',
+            'version' => '2.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/simple-cache',
            'aliases' => array(),
-            'reference' => '408d5eafb83c57f6365a3ca330ff23aa4a5fa39b',
+            'reference' => '8707bf3cea6f710bf6ef05491234e3ab06f6432a',
            'dev_requirement' => false,
        ),
        'robthree/twofactorauth' => array(
-            'pretty_version' => '1.8.0',
-            'version' => '1.8.0.0',
+            'pretty_version' => '1.8.1',
+            'version' => '1.8.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../robthree/twofactorauth',
            'aliases' => array(),
-            'reference' => '30a38627ae1e7c9399dae67e265063cd6ec5276c',
+            'reference' => '5afcb45282f1c75562a48d479ecd1732c9bdb11b',
            'dev_requirement' => false,
        ),
        'soundasleep/html2text' => array(
@@ -175,91 +175,82 @@
            'reference' => 'cdb89f6ffa2c4cc78f8ed9ea6ee0594a9133ccad',
            'dev_requirement' => false,
        ),
-        'symfony/deprecation-contracts' => array(
-            'pretty_version' => 'v2.4.0',
-            'version' => '2.4.0.0',
-            'type' => 'library',
-            'install_path' => __DIR__ . '/../symfony/deprecation-contracts',
-            'aliases' => array(),
-            'reference' => '5f38c8804a9e97d23e0c8d63341088cd8a22d627',
-            'dev_requirement' => false,
-        ),
        'symfony/polyfill-ctype' => array(
-            'pretty_version' => 'v1.23.0',
-            'version' => '1.23.0.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-ctype',
            'aliases' => array(),
-            'reference' => '46cd95797e9df938fdd2b03693b5fca5e64b01ce',
+            'reference' => '30885182c981ab175d4d034db0f6f469898070ab',
            'dev_requirement' => false,
        ),
        'symfony/polyfill-mbstring' => array(
-            'pretty_version' => 'v1.23.1',
-            'version' => '1.23.1.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-mbstring',
            'aliases' => array(),
-            'reference' => '9174a3d80210dca8daa7f31fec659150bbeabfc6',
+            'reference' => '0abb51d2f102e00a4eefcf46ba7fec406d245825',
            'dev_requirement' => false,
        ),
        'symfony/polyfill-php80' => array(
-            'pretty_version' => 'v1.23.1',
-            'version' => '1.23.1.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-php80',
            'aliases' => array(),
-            'reference' => '1100343ed1a92e3a38f9ae122fc0eb21602547be',
+            'reference' => '57b712b08eddb97c762a8caa32c84e037892d2e9',
            'dev_requirement' => false,
        ),
        'symfony/translation' => array(
-            'pretty_version' => 'v5.3.4',
-            'version' => '5.3.4.0',
+            'pretty_version' => 'v6.0.5',
+            'version' => '6.0.5.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/translation',
            'aliases' => array(),
-            'reference' => 'd89ad7292932c2699cbe4af98d72c5c6bbc504c1',
+            'reference' => 'e69501c71107cc3146b32aaa45f4edd0c3427875',
            'dev_requirement' => false,
        ),
        'symfony/translation-contracts' => array(
-            'pretty_version' => 'v2.4.0',
-            'version' => '2.4.0.0',
+            'pretty_version' => 'v3.0.0',
+            'version' => '3.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/translation-contracts',
            'aliases' => array(),
-            'reference' => '95c812666f3e91db75385749fe219c5e494c7f95',
+            'reference' => '1b6ea5a7442af5a12dba3dbd6d71034b5b234e77',
            'dev_requirement' => false,
        ),
        'symfony/translation-implementation' => array(
            'dev_requirement' => false,
            'provided' => array(
-                0 => '2.3',
+                0 => '2.3|3.0',
            ),
        ),
        'symfony/var-dumper' => array(
-            'pretty_version' => 'v5.3.6',
-            'version' => '5.3.6.0',
+            'pretty_version' => 'v6.0.5',
+            'version' => '6.0.5.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/var-dumper',
            'aliases' => array(),
-            'reference' => '3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0',
+            'reference' => '60d6a756d5f485df5e6e40b337334848f79f61ce',
            'dev_requirement' => false,
        ),
        'tightenco/collect' => array(
-            'pretty_version' => 'v8.34.0',
-            'version' => '8.34.0.0',
+            'pretty_version' => 'v8.83.2',
+            'version' => '8.83.2.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../tightenco/collect',
            'aliases' => array(),
-            'reference' => 'b069783ab0c547bb894ebcf8e7f6024bb401f9d2',
+            'reference' => 'd9c66d586ec2d216d8a31283d73f8df1400cc722',
            'dev_requirement' => false,
        ),
        'twig/twig' => array(
-            'pretty_version' => 'v3.3.2',
-            'version' => '3.3.2.0',
+            'pretty_version' => 'v3.3.8',
+            'version' => '3.3.8.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../twig/twig',
            'aliases' => array(),
-            'reference' => '21578f00e83d4a82ecfa3d50752b609f13de6790',
+            'reference' => '972d8604a92b7054828b539f2febb0211dd5945c',
            'dev_requirement' => false,
        ),
        'yubico/u2flib-server' => array(
--- a/data/web/inc/lib/vendor/composer/platform_check.php
+++ b/data/web/inc/lib/vendor/composer/platform_check.php
@@ -4,8 +4,8 @@

 $issues = array();

-if (!(PHP_VERSION_ID >= 70400)) {
-    $issues[] = 'Your Composer dependencies require a PHP version ">= 7.4.0". You are running ' . PHP_VERSION . '.';
+if (!(PHP_VERSION_ID >= 80002)) {
+    $issues[] = 'Your Composer dependencies require a PHP version ">= 8.0.2". You are running ' . PHP_VERSION . '.';
 }

 if ($issues) {
--- a/data/web/inc/lib/vendor/ddeboer/imap/.php-cs-fixer.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/.php-cs-fixer.php
@@ -0,0 +1,73 @@
+<?php
+
+declare(strict_types=1);
+
+return (new PhpCsFixer\Config())
+    ->setRiskyAllowed(true)
+    ->setRules([
+        '@DoctrineAnnotation'                       => true,
+        '@Symfony'                                  => true,
+        '@Symfony:risky'                            => true,
+        '@PHPUnit75Migration:risky'                 => true,
+        '@PHP71Migration'                           => true,
+        '@PHP70Migration:risky'                     => true, // @TODO with next major version
+        'align_multiline_comment'                   => ['comment_type' => 'all_multiline'],
+        'array_indentation'                         => true,
+        'array_syntax'                              => ['syntax' => 'short'],
+        'binary_operator_spaces'                    => ['default' => 'align_single_space'],
+        'blank_line_before_statement'               => true,
+        'class_definition'                          => ['single_item_single_line' => true],
+        'compact_nullable_typehint'                 => true,
+        'concat_space'                              => ['spacing' => 'one'],
+        'echo_tag_syntax'                           => ['format' => 'long'],
+        'error_suppression'                         => false,
+        'escape_implicit_backslashes'               => true,
+        'explicit_indirect_variable'                => true,
+        'explicit_string_variable'                  => true,
+        'fully_qualified_strict_types'              => true,
+        'heredoc_to_nowdoc'                         => true,
+        'list_syntax'                               => ['syntax' => 'long'],
+        'method_argument_space'                     => ['on_multiline' => 'ensure_fully_multiline'],
+        'method_chaining_indentation'               => true,
+        'multiline_comment_opening_closing'         => true,
+        'multiline_whitespace_before_semicolons'    => ['strategy' => 'new_line_for_chained_calls'],
+        'native_constant_invocation'                => true,
+        'native_function_invocation'                => ['include' => ['@internal']],
+        'no_alternative_syntax'                     => true,
+        'no_break_comment'                          => true,
+        'no_extra_blank_lines'                      => ['tokens' => ['break', 'continue', 'extra', 'return', 'throw', 'use', 'parenthesis_brace_block', 'square_brace_block', 'curly_brace_block']],
+        'no_null_property_initialization'           => true,
+        'no_php4_constructor'                       => true,
+        'no_superfluous_elseif'                     => true,
+        'no_unneeded_curly_braces'                  => true,
+        'no_unneeded_final_method'                  => true,
+        'no_unreachable_default_argument_value'     => true,
+        'no_useless_else'                           => true,
+        'no_useless_return'                         => true,
+        'ordered_imports'                           => true,
+        'php_unit_method_casing'                    => true,
+        'php_unit_set_up_tear_down_visibility'      => true,
+        'php_unit_strict'                           => true,
+        'php_unit_test_annotation'                  => true,
+        'php_unit_test_case_static_method_calls'    => true,
+        'php_unit_test_class_requires_covers'       => false,
+        'phpdoc_add_missing_param_annotation'       => true,
+        'phpdoc_order'                              => true,
+        'phpdoc_order_by_value'                     => true,
+        'phpdoc_types_order'                        => true,
+        'random_api_migration'                      => true,
+        'semicolon_after_instruction'               => true,
+        'simplified_null_return'                    => true,
+        'single_line_comment_style'                 => true,
+        'single_line_throw'                         => false,
+        'space_after_semicolon'                     => true,
+        'static_lambda'                             => true,
+        'strict_comparison'                         => true,
+        'string_line_ending'                        => true,
+    ])
+    ->setFinder(
+        PhpCsFixer\Finder::create()
+            ->in(__DIR__ . '/src')
+            ->in(__DIR__ . '/tests')
+    )
+;
--- a/data/web/inc/lib/vendor/ddeboer/imap/composer.json
+++ b/data/web/inc/lib/vendor/ddeboer/imap/composer.json
@@ -1,12 +1,12 @@
 {
    "name": "ddeboer/imap",
    "description": "Object-oriented IMAP for PHP",
+    "license": "MIT",
    "keywords": [
        "email",
        "mail",
        "imap"
    ],
-    "license": "MIT",
    "authors": [
        {
            "name": "David de Boer",
@@ -22,18 +22,19 @@
        }
    ],
    "require": {
-        "php": "^7.4 || ^8.0",
+        "php": "^8.0.1",
        "ext-iconv": "*",
        "ext-imap": "*",
        "ext-mbstring": "*"
    },
    "require-dev": {
-        "friendsofphp/php-cs-fixer": "^2.18.6",
-        "laminas/laminas-mail": "^2.14.0",
-        "phpstan/phpstan": "^0.12.84",
-        "phpstan/phpstan-phpunit": "^0.12.18",
-        "phpstan/phpstan-strict-rules": "^0.12.9",
-        "phpunit/phpunit": "^9.5.4"
+        "friendsofphp/php-cs-fixer": "^v3.4.0",
+        "laminas/laminas-mail": "^2.15.1",
+        "malukenho/mcbumpface": "^1.1.5",
+        "phpstan/phpstan": "^1.3.3",
+        "phpstan/phpstan-phpunit": "^1.0.0",
+        "phpstan/phpstan-strict-rules": "^1.1.0",
+        "phpunit/phpunit": "^9.5.11"
    },
    "autoload": {
        "psr-4": {
@@ -44,5 +45,10 @@
        "psr-4": {
            "Ddeboer\\Imap\\Tests\\": "tests/"
        }
+    },
+    "config": {
+        "allow-plugins": {
+            "malukenho/mcbumpface": true
+        }
    }
 }
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Connection.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Connection.php
@@ -117,6 +117,7 @@ final class Connection implements ConnectionInterface
        return new Mailbox($this->resource, $name, $this->mailboxNames[$name]);
    }

+    #[\ReturnTypeWillChange]
    public function count()
    {
        $return = \imap_num_msg($this->resource->getStream());
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/ImapResource.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/ImapResource.php
@@ -6,6 +6,7 @@ namespace Ddeboer\Imap;

 use Ddeboer\Imap\Exception\InvalidResourceException;
 use Ddeboer\Imap\Exception\ReopenMailboxException;
+use IMAP\Connection;

 /**
 * An imap resource stream.
@@ -22,7 +23,7 @@ final class ImapResource implements ImapResourceInterface
    /**
     * Constructor.
     *
-     * @param resource $resource
+     * @param Connection|resource $resource
     */
    public function __construct($resource, MailboxInterface $mailbox = null)
    {
@@ -32,7 +33,10 @@ final class ImapResource implements ImapResourceInterface

    public function getStream()
    {
-        if (false === \is_resource($this->resource) || 'imap' !== \get_resource_type($this->resource)) {
+        if (
+            !$this->resource instanceof Connection
+            && (false === \is_resource($this->resource) || 'imap' !== \get_resource_type($this->resource))
+        ) {
            throw new InvalidResourceException('Supplied resource is not a valid imap resource');
        }

@@ -55,8 +59,14 @@ final class ImapResource implements ImapResourceInterface
            return;
        }

+        \set_error_handler(static function (): bool {
+            return true;
+        });
+
        \imap_reopen($this->resource, $this->mailbox->getFullEncodedName());

+        \restore_error_handler();
+
        if (self::isMailboxOpen($this->mailbox, $this->resource)) {
            return;
        }
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Mailbox.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Mailbox.php
@@ -64,6 +64,7 @@ final class Mailbox implements MailboxInterface
        return $this->info->delimiter;
    }

+    #[\ReturnTypeWillChange]
    public function count()
    {
        $return = \imap_num_msg($this->resource->getStream());
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Message/AbstractPart.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Message/AbstractPart.php
@@ -268,6 +268,7 @@ abstract class AbstractPart implements PartInterface
     *
     * @return mixed
     */
+    #[\ReturnTypeWillChange]
    final public function current()
    {
        $this->lazyParseStructure();
@@ -275,11 +276,13 @@ abstract class AbstractPart implements PartInterface
        return $this->parts[$this->key];
    }

+    #[\ReturnTypeWillChange]
    final public function getChildren()
    {
        return $this->current();
    }

+    #[\ReturnTypeWillChange]
    final public function hasChildren()
    {
        $this->lazyParseStructure();
@@ -290,21 +293,25 @@ abstract class AbstractPart implements PartInterface
    /**
     * @return int
     */
+    #[\ReturnTypeWillChange]
    final public function key()
    {
        return $this->key;
    }

+    #[\ReturnTypeWillChange]
    final public function next()
    {
        ++$this->key;
    }

+    #[\ReturnTypeWillChange]
    final public function rewind()
    {
        $this->key = 0;
    }

+    #[\ReturnTypeWillChange]
    final public function valid()
    {
        $this->lazyParseStructure();
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Message/EmailAddress.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Message/EmailAddress.php
@@ -19,6 +19,7 @@ final class EmailAddress
        $this->mailbox  = $mailbox;
        $this->hostname = $hostname;
        $this->name     = $name;
+        $this->address  = null;

        if (null !== $hostname) {
            $this->address = $mailbox . '@' . $hostname;
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/MessageIteratorInterface.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/MessageIteratorInterface.php
@@ -9,7 +9,7 @@ use Ddeboer\Imap\Message\PartInterface;
 /**
 * @extends \Iterator<MessageInterface>
 */
-interface MessageIteratorInterface extends \Iterator
+interface MessageIteratorInterface extends \Iterator, \Countable
 {
    /**
     * Get current message.
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.github/workflows/run-tests.yml
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.github/workflows/run-tests.yml
@@ -13,7 +13,7 @@ jobs:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, windows-latest]
-        php: [8.0, 7.4, 7.3]
+        php: [8.1, 8.0, 7.4, 7.3]

    name: ${{ matrix.os }} - P${{ matrix.php }}

@@ -39,3 +39,40 @@ jobs:

      - name: Execute tests
        run: vendor/bin/phpunit
+
+  run-analysis:
+    runs-on: ${{ matrix.os }}
+    name: Static code analysis (PHP ${{ matrix.php }})
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        php: [8.0]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Cache dependencies
+        uses: actions/cache@v2
+        with:
+          path: ~/.composer/cache/files
+          key: dependencies-php-${{ matrix.php }}-composer-${{ hashFiles('composer.json') }}
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: ldap, json
+          coverage: none
+          tools: psalm
+
+      - name: Validate composer.json
+        run: composer validate
+
+      - name: Install dependencies
+        run: composer update --prefer-dist --no-interaction
+
+      - name: Run Psalm
+        run: psalm
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.gitignore
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.gitignore
@@ -1,5 +1,6 @@
 vendor
 composer.lock
+psalm.phar
 .php_cs.cache
 .phpunit.result.cache
 .php-cs-fixer.cache
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.styleci.yml
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.styleci.yml
@@ -1,4 +1,8 @@
 preset: laravel
 enabled:
  - phpdoc_align
+  - phpdoc_separation
  - unalign_double_arrow
+disabled:
+  - laravel_phpdoc_alignment
+  - laravel_phpdoc_separation
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/composer.json
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/composer.json
@@ -32,19 +32,21 @@
        "php": ">=7.3",
        "ext-ldap": "*",
        "ext-json": "*",
-        "psr/log": "^1.0",
-        "psr/simple-cache": "^1.0",
+        "psr/log": "*",
+        "psr/simple-cache": "^1.0|^2.0",
        "nesbot/carbon": "^1.0|^2.0",
        "tightenco/collect": "^5.6|^6.0|^7.0|^8.0",
-        "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0"
+        "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0"
    },
    "require-dev": {
-        "phpunit/phpunit": "^8.0",
+        "phpunit/phpunit": "^9.0",
        "mockery/mockery": "^1.0",
        "spatie/ray": "^1.24"
    },
    "archive": {
-        "exclude": ["/tests"]
+        "exclude": [
+            "/tests"
+        ]
    },
    "autoload": {
        "psr-4": {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/readme.md
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/readme.md
@@ -92,3 +92,13 @@ We've all been there -- accidentally deleting a user or group in Active Director
 <p align="center">If you discover a security vulnerability within LdapRecord, please send an e-mail to Steve Bauman via <a href="mailto:steven_bauman@outlook.com">steven_bauman@outlook.com</a>.</p>

 <p align="center">All security vulnerabilities will be promptly addressed.</p>
+
+---
+
+<h3 align="center">Credits</h3>
+
+<p align="center">This package is directly inspired from <a href="https://laravel.com/docs/eloquent">Laravel's Eloquent</a>, and most features are direct ports to an LDAP equivalent.</p>
+
+<p align="center">I am forever grateful for the work <a href="https://github.com/taylorotwell">Taylor Otwell</a> has produced.</p>
+
+<p align="center">If you can, support his work by purchasing a <a href="https://github.com/sponsors/taylorotwell">sponsorship</a>, or one of his many Laravel based services.</p>
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Auth/Guard.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Auth/Guard.php
@@ -54,10 +54,10 @@ class Guard
     * @param string $password
     * @param bool   $stayBound
     *
+     * @return bool
+     *
     * @throws UsernameRequiredException
     * @throws PasswordRequiredException
-     *
-     * @return bool
     */
    public function attempt($username, $password, $stayBound = false)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/DomainConfiguration.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/DomainConfiguration.php
@@ -124,9 +124,9 @@ class DomainConfiguration
     *
     * @param string $key
     *
-     * @throws ConfigurationException When the option specified does not exist.
-     *
     * @return mixed
+     *
+     * @throws ConfigurationException When the option specified does not exist.
     */
    public function get($key)
    {
@@ -155,9 +155,9 @@ class DomainConfiguration
     * @param string $key
     * @param mixed  $value
     *
-     * @throws ConfigurationException When an option value given is an invalid type.
-     *
     * @return bool
+     *
+     * @throws ConfigurationException When an option value given is an invalid type.
     */
    protected function validate($key, $value)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/Validators/Validator.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/Validators/Validator.php
@@ -49,9 +49,9 @@ abstract class Validator
    /**
     * Validate the configuration value.
     *
-     * @throws ConfigurationException
-     *
     * @return bool
+     *
+     * @throws ConfigurationException
     */
    public function validate()
    {
@@ -65,9 +65,9 @@ abstract class Validator
    /**
     * Throw a configuration exception.
     *
-     * @throws ConfigurationException
-     *
     * @return void
+     *
+     * @throws ConfigurationException
     */
    protected function fail()
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Connection.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Connection.php
@@ -111,9 +111,9 @@ class Connection
     *
     * @param array $config
     *
-     * @throws Configuration\ConfigurationException
-     *
     * @return $this
+     *
+     * @throws Configuration\ConfigurationException
     */
    public function setConfiguration($config = [])
    {
@@ -241,10 +241,10 @@ class Connection
     * @param string|null $username
     * @param string|null $password
     *
+     * @return Connection
+     *
     * @throws Auth\BindException
     * @throws LdapRecordException
-     *
-     * @return Connection
     */
    public function connect($username = null, $password = null)
    {
@@ -274,10 +274,10 @@ class Connection
    /**
     * Reconnect to the LDAP server.
     *
+     * @return void
+     *
     * @throws Auth\BindException
     * @throws ConnectionException
-     *
-     * @return void
     */
    public function reconnect()
    {
@@ -385,9 +385,9 @@ class Connection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function runOperationCallback(Closure $operation)
    {
@@ -442,9 +442,9 @@ class Connection
     * @param LdapRecordException $e
     * @param Closure             $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function tryAgainIfCausedByLostConnection(LdapRecordException $e, Closure $operation)
    {
@@ -463,9 +463,9 @@ class Connection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function retry(Closure $operation)
    {
@@ -486,9 +486,9 @@ class Connection
     * @param LdapRecordException $e
     * @param Closure             $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function retryOnNextHost(LdapRecordException $e, Closure $operation)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/ConnectionManager.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/ConnectionManager.php
@@ -149,9 +149,9 @@ class ConnectionManager
     *
     * @param string|null $name
     *
-     * @throws ContainerException If the given connection does not exist.
-     *
     * @return Connection
+     *
+     * @throws ContainerException If the given connection does not exist.
     */
    public function get($name = null)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/Logger.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/Logger.php
@@ -39,11 +39,14 @@ class Logger
    {
        switch (true) {
            case $event instanceof AuthEvent:
-                return $this->auth($event);
+                $this->auth($event);
+                break;
            case $event instanceof ModelEvent:
-                return $this->model($event);
+                $this->model($event);
+                break;
            case $event instanceof QueryEvent:
-                return $this->query($event);
+                $this->query($event);
+                break;
        }
    }

--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/NullDispatcher.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/NullDispatcher.php
@@ -0,0 +1,113 @@
+<?php
+
+namespace LdapRecord\Events;
+
+class NullDispatcher implements DispatcherInterface
+{
+    /**
+     * The underlying dispatcher instance.
+     *
+     * @var DispatcherInterface
+     */
+    protected $dispatcher;
+
+    /**
+     * Constructor.
+     *
+     * @param DispatcherInterface $dispatcher
+     */
+    public function __construct(DispatcherInterface $dispatcher)
+    {
+        $this->dispatcher = $dispatcher;
+    }
+
+    /**
+     * Register an event listener with the dispatcher.
+     *
+     * @param string|array $events
+     * @param mixed        $listener
+     *
+     * @return void
+     */
+    public function listen($events, $listener)
+    {
+        $this->dispatcher->listen($events, $listener);
+    }
+
+    /**
+     * Determine if a given event has listeners.
+     *
+     * @param string $eventName
+     *
+     * @return bool
+     */
+    public function hasListeners($eventName)
+    {
+        return $this->dispatcher->hasListeners($eventName);
+    }
+
+    /**
+     * Fire an event until the first non-null response is returned.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     *
+     * @return null
+     */
+    public function until($event, $payload = [])
+    {
+        return null;
+    }
+
+    /**
+     * Fire an event and call the listeners.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     * @param bool          $halt
+     *
+     * @return null
+     */
+    public function fire($event, $payload = [], $halt = false)
+    {
+        return null;
+    }
+
+    /**
+     * Fire an event and call the listeners.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     * @param bool          $halt
+     *
+     * @return null
+     */
+    public function dispatch($event, $payload = [], $halt = false)
+    {
+        return null;
+    }
+
+    /**
+     * Get all of the listeners for a given event name.
+     *
+     * @param string $eventName
+     *
+     * @return array
+     */
+    public function getListeners($eventName)
+    {
+        return $this->dispatcher->getListeners($eventName);
+    }
+
+    /**
+     * Remove a set of listeners from the dispatcher.
+     *
+     * @param string $event
+     *
+     * @return void
+     */
+    public function forget($event)
+    {
+        $this->dispatcher->forget($event);
+    }
+}
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/HandlesConnection.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/HandlesConnection.php
@@ -150,19 +150,21 @@ trait HandlesConnection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function executeFailableOperation(Closure $operation)
    {
        // If some older versions of PHP, errors are reported instead of throwing
-        // exceptions, which could be a signifcant detriment to our application.
+        // exceptions, which could be a significant detriment to our application.
        // Here, we will enforce these operations to throw exceptions instead.
-        set_error_handler(function ($severity, $message, $file, $line) {
+        set_error_handler(function (int $severity, string $message, string $file, int $line): bool {
            if (! $this->shouldBypassError($message)) {
                throw new ErrorException($message, $severity, $severity, $file, $line);
            }
+
+            return true;
        });

        try {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Ldap.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Ldap.php
@@ -2,6 +2,9 @@

 namespace LdapRecord;

+use LDAP\Connection as RawLdapConnection;
+
+/** @psalm-suppress UndefinedClass */
 class Ldap implements LdapInterface
 {
    use HandlesConnection, DetectsErrors;
@@ -104,7 +107,7 @@ class Ldap implements LdapInterface
    public function getLastError()
    {
        if (! $this->connection) {
-            return;
+            return null;
        }

        return ldap_error($this->connection);
@@ -116,7 +119,7 @@ class Ldap implements LdapInterface
    public function getDetailedError()
    {
        if (! $number = $this->errNo()) {
-            return;
+            return null;
        }

        $this->getOption(LDAP_OPT_DIAGNOSTIC_MESSAGE, $message);
@@ -202,7 +205,9 @@ class Ldap implements LdapInterface
     */
    public function close()
    {
-        $result = is_resource($this->connection) ? @ldap_close($this->connection) : false;
+        $result = (is_resource($this->connection) || $this->connection instanceof RawLdapConnection)
+            ? @ldap_close($this->connection)
+            : false;

        $this->connection = null;
        $this->bound = false;
@@ -214,7 +219,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
@@ -235,7 +240,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
@@ -256,7 +261,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/LdapInterface.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/LdapInterface.php
@@ -156,7 +156,7 @@ interface LdapInterface
    /**
     * Return detailed information about an error.
     *
-     * Returns false when there was a successful last request.
+     * Returns null when there was a successful last request.
     *
     * Returns DetailedError when there was an error.
     *
@@ -202,9 +202,9 @@ interface LdapInterface
     *
     * @see http://php.net/manual/en/function.ldap-start-tls.php
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function startTLS();

@@ -247,7 +247,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Performs a single level search on the current connection.
@@ -265,7 +265,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Reads an entry on the current connection.
@@ -283,7 +283,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Extract information from an LDAP result.
@@ -292,10 +292,10 @@ interface LdapInterface
     *
     * @param resource $result
     * @param int      $errorCode
-     * @param string   $dn
-     * @param string   $errorMessage
-     * @param array    $referrals
-     * @param array    $serverControls
+     * @param ?string  $dn
+     * @param ?string  $errorMessage
+     * @param ?array   $referrals
+     * @param ?array   $serverControls
     *
     * @return bool
     */
@@ -310,9 +310,9 @@ interface LdapInterface
     * @param string $username
     * @param string $password
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function bind($username, $password);

@@ -324,9 +324,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function add($dn, array $entry);

@@ -337,9 +337,9 @@ interface LdapInterface
     *
     * @param string $dn
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function delete($dn);

@@ -353,9 +353,9 @@ interface LdapInterface
     * @param string $newParent
     * @param bool   $deleteOldRdn
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function rename($dn, $newRdn, $newParent, $deleteOldRdn = false);

@@ -367,9 +367,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modify($dn, array $entry);

@@ -381,9 +381,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $values
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modifyBatch($dn, array $values);

@@ -395,9 +395,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modAdd($dn, array $entry);

@@ -409,9 +409,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modReplace($dn, array $entry);

@@ -423,9 +423,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modDelete($dn, array $entry);

--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Entry.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Entry.php
@@ -78,7 +78,7 @@ class Entry extends BaseEntry implements ActiveDirectory
     */
    public function isDeleted()
    {
-        return strtoupper($this->getFirstAttribute('isDeleted')) === 'TRUE';
+        return strtoupper((string) $this->getFirstAttribute('isDeleted')) === 'TRUE';
    }

    /**
@@ -86,9 +86,9 @@ class Entry extends BaseEntry implements ActiveDirectory
     *
     * @param string|null $newParentDn
     *
-     * @throws \LdapRecord\LdapRecordException
-     *
     * @return bool
+     *
+     * @throws \LdapRecord\LdapRecordException
     */
    public function restore($newParentDn = null)
    {
@@ -109,10 +109,9 @@ class Entry extends BaseEntry implements ActiveDirectory
            }
        });

-        $this->save([
-            'isDeleted' => null,
-            'distinguishedName' => $newDn,
-        ]);
+        $this->setRawAttribute('distinguishedname', $newDn);
+
+        $this->save(['isDeleted' => null]);
    }

    /**
@@ -120,9 +119,9 @@ class Entry extends BaseEntry implements ActiveDirectory
     *
     * @param string|null $connection
     *
-     * @throws \LdapRecord\Models\ModelNotFoundException
-     *
     * @return static
+     *
+     * @throws \LdapRecord\Models\ModelNotFoundException
     */
    public static function getRootDse($connection = null)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Group.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Group.php
@@ -63,7 +63,7 @@ class Group extends Entry
     */
    public function getRidAttribute()
    {
-        $objectSidComponents = explode('-', $this->getConvertedSid());
+        $objectSidComponents = explode('-', (string) $this->getConvertedSid());

        return [end($objectSidComponents)];
    }
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`../symfony/var-dumper/Resources/bin/var-dump-server`