Merge pull request #4733 from mailcow/staging

Amoogus Update 2022 - Nightly Switch
fix tfa modal trigger from dav/eas login
2022-09-01 14:59:34 +02:00 · 2022-09-01 09:53:08 +02:00 · 2022-08-31 11:37:45 +02:00 · 2022-08-31 11:31:59 +02:00 · 2022-08-31 11:31:55 +02:00 · 2022-08-31 10:40:35 +02:00
1027 changed files with 11896 additions and 15531 deletions
--- a/.drone.yml
+++ b/.drone.yml
@@ -1,120 +0,0 @@
---
-kind: pipeline
-name: integration-testing
-
-platform:
-  os: linux
-  arch: amd64
-
-clone:
-  disable: true
-
-steps:
- name: prepare-tests
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - git clone https://github.com/mailcow/mailcow-integration-tests.git --branch $(curl -sL https://api.github.com/repos/mailcow/mailcow-integration-tests/releases/latest | jq -r '.tag_name') --single-branch .
-  - chmod +x ci.sh
-  - chmod +x ci-ssh.sh
-  - chmod +x ci-piprequierments.sh
-  - ./ci.sh
-  - wget -O group_vars/all/secrets.yml $SECRETS_DOWNLOAD_URL --quiet
-  environment:
-    SECRETS_DOWNLOAD_URL:
-      from_secret: SECRETS_DOWNLOAD_URL
-    VAULT_PW:
-      from_secret: VAULT_PW
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: lint
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ansible-lint ./
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: create-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-start-server.yml --diff
-  - ./ci-ssh.sh
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: setup-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - sleep 120
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-setup-server.yml --private-key /drone/src/id_ssh_rsa --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: run-tests
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-integration-tests.yml --private-key /drone/src/id_ssh_rsa --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-
- name: delete-server
-  pull: default
-  image: timovibritannia/ansible
-  commands:
-  - ./ci-piprequierments.sh
-  - ansible-playbook mailcow-delete-server.yml --diff
-  environment:
-    ANSIBLE_HOST_KEY_CHECKING: false
-    ANSIBLE_FORCE_COLOR: true
-  when:
-    branch:
-    - master
-    - staging
-    event:
-    - push
-    status:
-    - failure
-    - success
-
---
-kind: signature
-hmac: f6619243fe2a27563291c9f2a46d93ffbc3b6dced9a05f23e64b555ce03a31e5
-
-...
--- a/.github/ISSUE_TEMPLATE/Bug_report.yml
+++ b/.github/ISSUE_TEMPLATE/Bug_report.yml
@@ -54,10 +54,11 @@ body:
             | --- | --- |
             | My operating system | I_DO_REPLY_HERE |
             | Is Apparmor, SELinux or similar active? | I_DO_REPLY_HERE |
-             | Virtualization technlogy (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
+             | Virtualization technology (KVM, VMware, Xen, etc - **LXC and OpenVZ are not supported** | I_DO_REPLY_HERE |
             | Server/VM specifications (Memory, CPU Cores) | I_DO_REPLY_HERE |
-             | Docker Version (`docker version`) | I_DO_REPLY_HERE |
-             | Docker-Compose Version (`docker-compose version`) | I_DO_REPLY_HERE |
+             | Docker version (`docker version`) | I_DO_REPLY_HERE |
+             | docker-compose version (`docker-compose version`) | I_DO_REPLY_HERE |
+             | mailcow version (```git describe --tags `git rev-list --tags --max-count=1` ```) | I_DO_REPLY_HERE |
             | Reverse proxy (custom solution) | I_DO_REPLY_HERE |

             Output of `git diff origin/master`, any other changes to the code? If so, **please post them**:
--- a/.github/ISSUE_TEMPLATE/Feature_request.yml
+++ b/.github/ISSUE_TEMPLATE/Feature_request.yml
--- a/.github/workflows/close_old_issues_and_prs.yml
+++ b/.github/workflows/close_old_issues_and_prs.yml
@@ -14,7 +14,7 @@ jobs:
      pull-requests: write
    steps:
      - name: Mark/Close Stale Issues and Pull Requests 🗑️
-        uses: actions/stale@v4
+        uses: actions/stale@v5.1.1
        with:
          repo-token: ${{ secrets.STALE_ACTION_PAT }}
          days-before-stale: 60
@@ -30,6 +30,7 @@ jobs:
          stale-issue-label: "stale"
          stale-pr-label: "stale"
          exempt-draft-pr: "true"
+          close-issue-reason: "not_planned"
          operations-per-run: "250"
          ascending: "true"
          #DRY-RUN
--- a/.github/workflows/image_builds.yml
+++ b/.github/workflows/image_builds.yml
@@ -0,0 +1,42 @@
+name: Build mailcow Docker Images
+
+on:
+  push:
+    branches: [ "master", "staging" ]
+  workflow_dispatch:
+
+jobs:
+  docker_image_builds:
+    strategy:
+      matrix:
+        images:
+          - "acme-mailcow"
+          - "clamd-mailcow"
+          - "dockerapi-mailcow"
+          - "dovecot-mailcow"
+          - "netfilter-mailcow"
+          - "olefy-mailcow"
+          - "php-fpm-mailcow"
+          - "postfix-mailcow"
+          - "rspamd-mailcow"
+          - "sogo-mailcow"
+          - "solr-mailcow"
+          - "unbound-mailcow"
+          - "watchdog-mailcow"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v3
+      - name: Setup Docker
+        run: |
+          curl -sSL https://get.docker.com/ | CHANNEL=stable sudo sh
+          sudo service docker start
+          sudo curl -L https://github.com/docker/compose/releases/download/v$(curl -Ls https://www.servercow.de/docker-compose/latest.php)/docker-compose-$(uname -s)-$(uname -m) > /usr/local/bin/docker-compose
+          sudo chmod +x /usr/local/bin/docker-compose
+      - name: Prepair Image Builds
+        run: |
+          cp helper-scripts/docker-compose.override.yml.d/BUILD_FLAGS/docker-compose.override.yml docker-compose.override.yml
+      - name: Build Docker Images
+        run: |
+          docker-compose build ${image}
+        env:
+          image: ${{ matrix.images }}
--- a/.github/workflows/integration_tests.yml
+++ b/.github/workflows/integration_tests.yml
@@ -0,0 +1,60 @@
+name: mailcow Integration Tests
+
+on:
+  push:
+    branches: [ "master", "staging" ]
+  workflow_dispatch:
+
+jobs:
+  integration_tests:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Setup Ansible
+        run: |
+          export DEBIAN_FRONTEND=noninteractive
+          sudo apt-get update
+          sudo apt-get install python3 python3-pip git
+          sudo pip3 install ansible
+      - name: Prepair Test Environment
+        run: |
+          git clone https://github.com/mailcow/mailcow-integration-tests.git --branch $(curl -sL https://api.github.com/repos/mailcow/mailcow-integration-tests/releases/latest | jq -r '.tag_name') --single-branch .
+          ./fork_check.sh
+          ./ci.sh
+          ./ci-pip-requirements.sh
+        env:
+          VAULT_PW: ${{ secrets.MAILCOW_TESTS_VAULT_PW }}
+          VAULT_FILE: ${{ secrets.MAILCOW_TESTS_VAULT_FILE }}
+      - name: Start Integration Test Server
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-start-server.yml --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Setup Integration Test Server
+        run: |
+          ./fork_check.sh
+          sleep 30
+          ansible-playbook mailcow-setup-server.yml --private-key id_ssh_rsa --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Run Integration Tests
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-integration-tests.yml --private-key id_ssh_rsa --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
+      - name: Delete Integration Test Server
+        if: always()
+        run: |
+          ./fork_check.sh
+          ansible-playbook mailcow-delete-server.yml --diff
+        env:
+          PY_COLORS: '1'
+          ANSIBLE_FORCE_COLOR: '1'
+          ANSIBLE_HOST_KEY_CHECKING: 'false'
--- a/.github/workflows/tweet-trigger-publish-release.yml
+++ b/.github/workflows/tweet-trigger-publish-release.yml
@@ -0,0 +1,17 @@
+name: "Tweet trigger release"
+on:
+  release:
+    types: [published]
+
+jobs:
+  build:
+    runs-on: ubuntu-latest
+    steps:
+      - name: Tweet-trigger-publish-release
+        uses: mugi111/tweet-trigger-release@v1.1
+        with:
+          consumer_key: ${{ secrets.CONSUMER_KEY }}
+          consumer_secret: ${{ secrets.CONSUMER_SECRET }}
+          access_token_key: ${{ secrets.ACCESS_TOKEN_KEY }}
+          access_token_secret: ${{ secrets.ACCESS_TOKEN_SECRET }}
+          tweet_body: 'A new mailcow-dockerized Release has been Released on GitHub! Checkout our GitHub Page for the latest Release: github.com/mailcow/mailcow-dockerized/releases/latest'
--- a/.travis.yml
+++ b/.travis.yml
@@ -1,16 +0,0 @@
-sudo: required
-services:
- docker
-script:
- echo 'Europe/Berlin' | MAILCOW_HOSTNAME=build.mailcow ./generate_config.sh
- docker-compose pull --ignore-pull-failures --parallel
- docker-compose build
- docker login --username=$DOCKER_HUB_USERNAME --password=$DOCKER_HUB_PASSWORD
- docker-compose push
-branches:
-  only:
-  - master_disabled
-env:
-  global:
-  - secure: MpxpTwD7f0CNEVLitSpVmocK7O9r+BwFE1deEHK4AlQo/oc9cOlhGe1EL3mx9zbglPmjlDg/8kMUGv6vSirIabfBo9Szjps76bHckFr9lr2Ykkg0e29oC8pgPpSXD1eY/1ZIN/FvIkxpUFLETo1okS/j9q/A0DCGFmti0n3EoMORsgRz9CpNAiEh0zpSd6+euPAGHuczuCrDuO84my9bIOCjA/+aPunHNeXiuM8yIM2SxCSyGtIKT0+jvquIvLF58VxivysXBlRfhDn8fhB09nXA2Ru/derYQACfcmNSn9Pd4bDpebPJW5B9H/XA8xjb58uKinUlncbAMB/QnxoT75j9YRWJZRSQ+34XNYP6ZgK9soZ2TC6djQyEKTUu45Kp/1s+poSn42m9jytJJTmmK0KxsZTRcC8JD5nrjIMZWPUNNTwC5L4+I7ZRWg2WooK3LNyq1Ng8Hn6W77wSgsvAJw2HD3Lx58AprGUhHuBeaIZRuSN9aKwZrl9vKQJLqPnOp/nF2EC6kot5HYYtcotGtETXPUDih21gWD5ZM2BqVqYfQQnJnNMgeYmMdj6QQuTFqhuNJf7hXRIRkTnD3j1gDOLKQZazW0+N2JE8XWDFwi6fKScDsxT85lJti9HmzHa7+k4RVHmUYuDgRoPuzUgjWHvPsiz3/Z8WQ9JYpH84S8w=
-  - secure: fWzZisT6nGDNL4lf6tXB07eFG2drgBakHxzdF/NFVvzuP861RFR6omuL+ED0PgXrEHDJBxaBLv52je8irmUXrAH1CNr7T8DWiZo/h5h609Uzr+38T1NnIu4krL0Wo6/CDwlLKnzqTq9yBIZLQSHVJmo8AOpo1JPIi2ajodqj9ZfmAxDQTQl+G6zvQjtqIkYHsHY7A44Rto0f14ykn7w2S82Jn6Ry89VNI5V1WEO3sMpM/XekNP/HokNcRIuntL/0+kuLvTJ5akGoTjBQxSnSW95opzPeGky74HRU2obExJYqKvF0VfVJRNAqejwjIiFIbbjqV0Sk5391kFuhuBErQQDM1bOHGdxZ41HsJH29qNWIl7C33Yl10qERoqecgsJ1N/bS2ZEmWqm/zQh5GClCXPvYmzEqMYsMGM3vjbKdjDlc1Wh2w/eFclsXN9LSXh1mc35rtj46frcT6e5Kof87AIfC9hTgDvk9kAsyjaHMkSHSZthbZXCIcsD8qriNm5UqfFBYD79mPIP1S2YMQ2jscCsjHOZgYVrcm0kzDF21J1w6H0Lo7d1jw37LYlegBdtLQ9gYgqY2D5m+nxWuVoD5FZmpR+5JGtK+ootyLFF8aiFoHXd4op1JCxRLjgkmnZKXzw3kTQSpE7oa7CgzchtQmK2nqcqla1b5Qk7ilVcjooo=
--- a/README.md
+++ b/README.md
@@ -2,7 +2,8 @@

 ## We stand with 🇺🇦

-[![master build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/master?label=master%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![staging build status](https://img.shields.io/drone/build/mailcow/mailcow-dockerized/staging?label=staging%20build&server=https%3A%2F%2Fdrone.mailcow.email)](https://drone.mailcow.email/mailcow/mailcow-dockerized) [![Translation status](https://translate.mailcow.email/widgets/mailcow-dockerized/-/translation/svg-badge.svg)](https://translate.mailcow.email/engage/mailcow-dockerized/)
+[![Mailcow Integration Tests](https://github.com/mailcow/mailcow-dockerized/actions/workflows/integration_tests.yml/badge.svg?branch=master)](https://github.com/mailcow/mailcow-dockerized/actions/workflows/integration_tests.yml)
+[![Translation status](https://translate.mailcow.email/widgets/mailcow-dockerized/-/translation/svg-badge.svg)](https://translate.mailcow.email/engage/mailcow-dockerized/)
 [![Twitter URL](https://img.shields.io/twitter/url/https/twitter.com/mailcow_email.svg?style=social&label=Follow%20%40mailcow_email)](https://twitter.com/mailcow_email)

 ## Want to support mailcow?
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,42 @@
+# Security Policies and Procedures
+
+This document outlines security procedures and general policies for the _mailcow: dockerized_ project as found on [mailcow-dockerized](https://github.com/mailcow/mailcow-dockerized).
+
+  * [Reporting a Vulnerability](#reporting-a-vulnerability)
+  * [Disclosure Policy](#disclosure-policy)
+  * [Comments on this Policy](#comments-on-this-policy)
+
+## Reporting a Vulnerability 
+
+The mailcow team and community take all security vulnerabilities
+seriously. Thank you for improving the security of our open source 
+software. We appreciate your efforts and responsible disclosure and will
+make every effort to acknowledge your contributions.
+
+Report security vulnerabilities by emailing the mailcow team at:
+    
+    info at servercow.de
+
+mailcow team will acknowledge your email as soon as possible, and will
+send a more detailed response afterwards indicating the next steps in 
+handling your report. After the initial reply to your report, the mailcow
+team will endeavor to keep you informed of the progress towards a fix and
+full announcement, and may ask for additional information or guidance.
+
+Report security vulnerabilities in third-party modules to the person or 
+team maintaining the module.
+
+## Disclosure Policy
+
+When the mailcow team receives a security bug report, they will assign it
+to a primary handler. This person will coordinate the fix and release
+process, involving the following steps:
+
+  * Confirm the problem and determine the affected versions.
+  * Audit code to find any potential similar problems.
+  * Prepare fixes for all releases still under maintenance.
+
+## Comments on this Policy
+
+If you have suggestions on how this process could be improved please submit a
+pull request.
--- a/create_cold_standby.sh
+++ b/create_cold_standby.sh
--- a/data/Dockerfiles/acme/Dockerfile
+++ b/data/Dockerfiles/acme/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/clamd/Dockerfile
+++ b/data/Dockerfiles/clamd/Dockerfile
@@ -1,76 +1,21 @@
-FROM debian:bullseye-slim
+FROM clamav/clamav:0.105.1_base

 LABEL maintainer "André Peters <andre.peters@servercow.de>"

-ARG CLAMAV=0.104.2
-ARG TINI_VERSION=v0.19.0
-
-RUN apt-get update && apt-get install -y --no-install-recommends \
-  ca-certificates \
-  build-essential \
-  pkg-config \
-  python3 \
-  python3-pip \
-  valgrind \
-  check \
-  libbz2-dev \
-  libcurl4-openssl-dev \
-  libjson-c-dev \
-  libmilter-dev \
-  libncurses5-dev \
-  libpcre2-dev \
-  libssl-dev \
-  libxml2-dev \
-  zlib1g-dev \
-  curl \
-  bash \
-  wget \
-  tzdata \
-  dnsutils \
+RUN apk upgrade --no-cache \
+  && apk add --update --no-cache \
  rsync \
-  dos2unix \
-  netcat \
-  && python3 -m pip install cmake \
-  && rm -rf /var/lib/apt/lists/* \
-  && wget -O - https://www.clamav.net/downloads/production/clamav-${CLAMAV}.tar.gz | tar xfvz - \
-  && cd clamav-${CLAMAV} \
-  && cmake . \
-      -D CMAKE_INSTALL_PREFIX=/usr \
-      -D CMAKE_INSTALL_LIBDIR=/usr/lib \
-      -D APP_CONFIG_DIRECTORY=/etc/clamav \
-      -D CMAKE_INSTALL_MANDIR=/usr/share/man \
-      -D CMAKE_INSTALL_INFODIR=/usr/share/info \
-      -D CLAMAV_USER=clamav \
-      -D CLAMAV_GROUP=clamav \
-      -D DATABASE_DIRECTORY=/var/lib/clamav \
-      -D ENABLE_APP=ON \
-      -D ENABLE_JSON_SHARED=OFF \
-      -D CMAKE_BUILD_TYPE=MinSizeRel \
-  && cmake --build . -j4 \
-  && cmake --build . --target install \
-  && cd .. && rm -rf clamav-${CLAMAV} \
-  && apt-get -y --auto-remove purge build-essential \
-  && apt-get -y purge pkg-config \
-  python3 \
-  python3-pip \
-  valgrind \
-  check \
-  libbz2-dev \
-  libcurl4-openssl-dev \
-  libjson-c-dev \
-  libmilter-dev \
-  libncurses5-dev \
-  libpcre2-dev \
-  libssl-dev \
-  libxml2-dev \
-  zlib1g-dev \
+  bind-tools \
+  bash 

-  && addgroup --system --gid 700 clamav \
-  && adduser --system --no-create-home --home /var/lib/clamav --uid 700 --gid 700 --disabled-login clamav \
-  && rm -rf /tmp/* /var/tmp/*
-
-COPY clamd.sh ./
-ADD https://github.com/krallin/tini/releases/download/${TINI_VERSION}/tini /sbin/tini
+# init
+COPY clamd.sh /clamd.sh
 RUN chmod +x /sbin/tini

+# healthcheck
+COPY healthcheck.sh /healthcheck.sh
+RUN chmod +x /healthcheck.sh
+HEALTHCHECK --start-period=6m CMD "/healthcheck.sh"
+
+ENTRYPOINT []
 CMD ["/sbin/tini", "-g", "--", "/clamd.sh"]
--- a/data/Dockerfiles/clamd/healthcheck.sh
+++ b/data/Dockerfiles/clamd/healthcheck.sh
@@ -0,0 +1,9 @@
+#!/bin/bash
+
+if [[ "${SKIP_CLAMD}" =~ ^([yY][eE][sS]|[yY])+$ ]]; then
+  echo "SKIP_CLAMD=y, skipping ClamAV..."
+  exit 0
+fi
+
+# run clamd healthcheck
+/usr/local/bin/clamdcheck.sh
--- a/data/Dockerfiles/dockerapi/Dockerfile
+++ b/data/Dockerfiles/dockerapi/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/dovecot/Dockerfile
+++ b/data/Dockerfiles/dovecot/Dockerfile
@@ -2,7 +2,7 @@ FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
-ARG DOVECOT=2.3.18
+ARG DOVECOT=2.3.19.1
 ENV LC_ALL C
 ENV GOSU_VERSION 1.14

--- a/data/Dockerfiles/dovecot/docker-entrypoint.sh
+++ b/data/Dockerfiles/dovecot/docker-entrypoint.sh
@@ -307,12 +307,29 @@ namespace {
 }
 EOF

+# Get SOGo IPv6 from Dig
+SOGO_V6=$(dig +answer sogo AAAA +short)
+
+if [ $SOGO_V6 ]; then
+cat <<EOF > /etc/dovecot/sogo_trusted_ip.conf
+# Autogenerated by mailcow
+remote ${IPV4_NETWORK}.248 {
+  disable_plaintext_auth = no
+}
+
+remote ${SOGO_V6} {
+  disable_plaintext_auth = no
+}
+EOF
+
+else
 cat <<EOF > /etc/dovecot/sogo_trusted_ip.conf
 # Autogenerated by mailcow
 remote ${IPV4_NETWORK}.248 {
  disable_plaintext_auth = no
 }
 EOF
+fi

 # Create random master Password for SOGo SSO
 RAND_PASS=$(cat /dev/urandom | tr -dc 'a-z0-9' | fold -w 32 | head -n 1)
@@ -349,6 +366,14 @@ sievec /var/vmail/sieve/global_sieve_after.sieve
 sievec /usr/lib/dovecot/sieve/report-spam.sieve
 sievec /usr/lib/dovecot/sieve/report-ham.sieve

+for file in /var/vmail/*/*/sieve/*.sieve ; do
+  if [[ "$file" == "/var/vmail/*/*/sieve/*.sieve" ]]; then
+    continue
+  fi
+  sievec "$file" "$(dirname "$file")/../.dovecot.svbin"
+  chown vmail:vmail "$(dirname "$file")/../.dovecot.svbin"
+done
+
 # Fix permissions
 chown root:root /etc/dovecot/sql/*.conf
 chown root:dovecot /etc/dovecot/sql/dovecot-dict-sql-sieve* /etc/dovecot/sql/dovecot-dict-sql-quota* /etc/dovecot/lua/passwd-verify.lua
--- a/data/Dockerfiles/dovecot/imapsync_runner.pl
+++ b/data/Dockerfiles/dovecot/imapsync_runner.pl
@@ -166,11 +166,17 @@ while ($row = $sth->fetchrow_arrayref()) {
      $success = 1;
    }

-    $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ? WHERE id = ?");
+    $keep_job_active = 1;
+    if (defined $exit_status && $exit_status eq "EXIT_AUTHENTICATION_FAILURE_USER1") {
+      $keep_job_active = 0;
+    }
+
+    $update = $dbh->prepare("UPDATE imapsync SET returned_text = ?, success = ?, exit_status = ?, active = ? WHERE id = ?");
    $update->bind_param( 1, ${stdout} );
    $update->bind_param( 2, ${success} );
    $update->bind_param( 3, ${exit_status} );
-    $update->bind_param( 4, ${id} );
+    $update->bind_param( 4, ${keep_job_active} );
+    $update->bind_param( 5, ${id} );
    $update->execute();
  } catch {
    $update = $dbh->prepare("UPDATE imapsync SET returned_text = 'Could not start or finish imapsync', success = 0 WHERE id = ?");
--- a/data/Dockerfiles/netfilter/Dockerfile
+++ b/data/Dockerfiles/netfilter/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ENV XTABLES_LIBDIR /usr/lib/xtables
--- a/data/Dockerfiles/netfilter/server.py
+++ b/data/Dockerfiles/netfilter/server.py
@@ -94,7 +94,7 @@ def refreshF2bregex():
    f2bregex = {}
    f2bregex[1] = 'mailcow UI: Invalid password for .+ by ([0-9a-f\.:]+)'
    f2bregex[2] = 'Rspamd UI: Invalid password by ([0-9a-f\.:]+)'
-    f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed'
+    f2bregex[3] = 'warning: .*\[([0-9a-f\.:]+)\]: SASL .+ authentication failed: (?!.*Connection lost to authentication server).+'
    f2bregex[4] = 'warning: non-SMTP command from .*\[([0-9a-f\.:]+)]:.+'
    f2bregex[5] = 'NOQUEUE: reject: RCPT from \[([0-9a-f\.:]+)].+Protocol error.+'
    f2bregex[6] = '-login: Disconnected \(auth failed, .+\): user=.*, method=.+, rip=([0-9a-f\.:]+),'
--- a/data/Dockerfiles/olefy/Dockerfile
+++ b/data/Dockerfiles/olefy/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 WORKDIR /app
--- a/data/Dockerfiles/phpfpm/Dockerfile
+++ b/data/Dockerfiles/phpfpm/Dockerfile
@@ -1,12 +1,12 @@
-FROM php:8.0-fpm-alpine3.14
+FROM php:8.0-fpm-alpine3.16
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

-ENV APCU_PECL 5.1.20
-ENV IMAGICK_PECL 3.5.1
+ENV APCU_PECL 5.1.21
+ENV IMAGICK_PECL 3.7.0
 # Mailparse is pulled from master branch
 #ENV MAILPARSE_PECL 3.0.2
-ENV MEMCACHED_PECL 3.1.5
-ENV REDIS_PECL 5.3.4
+ENV MEMCACHED_PECL 3.2.0
+ENV REDIS_PECL 5.3.7

 RUN apk add -U --no-cache autoconf \
  aspell-dev \
--- a/data/Dockerfiles/postfix/Dockerfile
+++ b/data/Dockerfiles/postfix/Dockerfile
@@ -1,4 +1,4 @@
-FROM debian:buster-slim
+FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
--- a/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
+++ b/data/Dockerfiles/postfix/syslog-ng-redis_slave.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/postfix/syslog-ng.conf
+++ b/data/Dockerfiles/postfix/syslog-ng.conf
@@ -1,4 +1,4 @@
-@version: 3.19
+@version: 3.28
@include "scl.conf"
 options {
  chain_hostnames(off);
--- a/data/Dockerfiles/sogo/Dockerfile
+++ b/data/Dockerfiles/sogo/Dockerfile
@@ -2,7 +2,7 @@ FROM debian:bullseye-slim
 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

 ARG DEBIAN_FRONTEND=noninteractive
-ARG SOGO_DEBIAN_REPOSITORY=http://packages.inverse.ca/SOGo/nightly/5/debian/
+ARG SOGO_DEBIAN_REPOSITORY=http://packages.sogo.nu/nightly/5/debian/
 ENV LC_ALL C
 ENV GOSU_VERSION 1.14

@@ -30,7 +30,7 @@ RUN echo "Building from repository $SOGO_DEBIAN_REPOSITORY" \
  && gosu nobody true \
  && mkdir /usr/share/doc/sogo \
  && touch /usr/share/doc/sogo/empty.sh \
-  && apt-key adv --keyserver keyserver.ubuntu.com --recv-key 0x810273C4 \
+  && apt-key adv --keyserver keys.openpgp.org --recv-key 74FFC6D72B925A34B5D356BDF8A27B36A6E2EAE9 \
  && echo "deb ${SOGO_DEBIAN_REPOSITORY} bullseye bullseye" > /etc/apt/sources.list.d/sogo.list \
  && apt-get update && apt-get install -y --no-install-recommends \
    sogo \
--- a/data/Dockerfiles/unbound/Dockerfile
+++ b/data/Dockerfiles/unbound/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16

 LABEL maintainer "Andre Peters <andre.peters@servercow.de>"

--- a/data/Dockerfiles/watchdog/Dockerfile
+++ b/data/Dockerfiles/watchdog/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.15
+FROM alpine:3.16
 LABEL maintainer "André Peters <andre.peters@servercow.de>"

 # Installation
--- a/data/conf/dovecot/dovecot.conf
+++ b/data/conf/dovecot/dovecot.conf
@@ -194,7 +194,6 @@ plugin {
  fts_solr = url=http://solr:8983/solr/dovecot-fts/
  quota = dict:Userquota::proxy::sqlquota
  quota_rule2 = Trash:storage=+100%%
-  sieve = /var/vmail/sieve/%u.sieve
  sieve_plugins = sieve_imapsieve sieve_extprograms
  sieve_vacation_send_from_recipient = yes
  sieve_redirect_envelope_from = recipient
--- a/data/conf/nginx/includes/site-defaults.conf
+++ b/data/conf/nginx/includes/site-defaults.conf
@@ -65,7 +65,7 @@
  }

  location ~ ^/api/v1/(.*)$ {
-    try_files $uri $uri/ /json_api.php?query=$1;
+    try_files $uri $uri/ /json_api.php?query=$1&$args;
  }

  location ^~ /.well-known/acme-challenge/ {
@@ -163,7 +163,9 @@
    proxy_connect_timeout 75;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;
-    proxy_buffers 64 256k;
+    proxy_buffer_size 128k;
+    proxy_buffers 64 512k;
+    proxy_busy_buffers_size 512k;
    proxy_set_header X-Real-IP $remote_addr;
    proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
    proxy_set_header Host $http_host;
@@ -197,6 +199,9 @@
    proxy_set_header x-webobjects-server-name $server_name;
    proxy_set_header x-webobjects-server-url $client_req_scheme://$http_host;
    proxy_set_header x-webobjects-server-port $server_port;
+    proxy_buffer_size 128k;
+    proxy_buffers 64 512k;
+    proxy_busy_buffers_size 512k;
    proxy_send_timeout 3600;
    proxy_read_timeout 3600;
    client_body_buffer_size 128k;
--- a/data/conf/postfix/postscreen_access.cidr
+++ b/data/conf/postfix/postscreen_access.cidr
@@ -1,53 +1,63 @@
-# Whitelist generated by Postwhite v3.4 on Sun Dec 15 21:16:19 CET 2019
+# Whitelist generated by Postwhite v3.4 on Mon 21 Mar 2022 06:50:26 PM CET
 # https://github.com/stevejenkins/postwhite/
-# 1928 total rules
+# 1898 total rules
 2a00:1450:4000::/36	permit
 2a01:111:f400::/48	permit
 2a01:111:f403::/48	permit
+2a01:4180:4050:0400::/64	permit
+2a01:4180:4050:0800::/64	permit
+2a01:4180:4051:0400::/64	permit
+2a01:4180:4051:0800::/64	permit
 2a02:a60:0:5::/64	permit
 2c0f:fb50:4000::/36	permit
-3.93.157.0/24	permit
 8.20.114.31	permit
 8.25.194.0/23	permit
 8.25.196.0/23	permit
 8.39.54.0/23	permit
 8.40.222.0/23	permit
-8.45.169.0/24	permit
 12.130.86.238	permit
+13.70.32.43	permit
+13.72.50.45	permit
+13.74.143.28	permit
 13.77.161.179	permit
+13.78.233.182	permit
+13.92.31.129	permit
+13.110.208.0/21	permit
+13.110.216.0/22	permit
+13.110.224.0/20	permit
 13.111.0.0/16	permit
-13.111.0.0/22	permit
-13.111.52.0/22	permit
-13.111.63.0/24	permit
-13.111.68.0/24	permit
-13.111.72.0/22	permit
-13.111.92.0/24	permit
-13.111.111.0/24	permit
-17.36.0.0/16	permit
 17.41.0.0/16	permit
+17.57.155.0/24	permit
+17.57.156.0/24	permit
 17.58.0.0/16	permit
 17.110.0.0/15	permit
-17.111.110.0/23	permit
-17.120.0.0/16	permit
-17.133.0.0/16	permit
-17.139.0.0/16	permit
 17.142.0.0/15	permit
-17.151.1.0/24	permit
-17.158.0.0/15	permit
 17.162.0.0/15	permit
 17.164.0.0/16	permit
 17.171.37.0/24	permit
 17.172.0.0/16	permit
 17.179.168.0/23	permit
 18.194.95.56	permit
-18.208.124.128/25	permit
+18.198.96.88	permit
+20.47.149.138	permit
+20.48.0.0/12	permit
+20.52.52.2	permit
+20.52.128.133	permit
+20.63.210.192/28	permit
+20.64.0.0/10	permit
+20.94.180.64/28	permit
+20.185.213.160/27	permit
+20.185.213.224/27	permit
 20.185.214.0/27	permit
 20.185.214.2	permit
 20.185.214.32/27	permit
 20.185.214.64/27	permit
-23.23.237.213	permit
-23.103.131.7	permit
+20.192.0.0/10	permit
+23.100.85.1	permit
 23.103.224.0/19	permit
+23.249.208.0/20	permit
+23.251.224.0/19	permit
+23.253.141.0/24	permit
 23.253.182.0/23	permit
 23.253.182.103	permit
 23.253.183.145	permit
@@ -68,11 +78,11 @@
 27.123.206.56/29	permit
 27.123.206.76/30	permit
 27.123.206.80/28	permit
-27.126.146.0/24	permit
-34.200.123.20	permit
+34.194.25.167	permit
+34.194.144.120	permit
 34.212.163.75	permit
-34.213.104.127	permit
 34.225.212.172	permit
+34.247.168.44	permit
 35.176.132.251	permit
 35.190.247.0/24	permit
 35.191.0.0/16	permit
@@ -80,7 +90,10 @@
 37.218.248.47	permit
 37.218.249.47	permit
 37.218.251.62	permit
+39.156.163.64/29	permit
+40.71.187.0/24	permit
 40.76.4.15	permit
+40.77.102.222	permit
 40.92.0.0/15	permit
 40.97.116.82	permit
 40.97.128.194	permit
@@ -91,18 +104,20 @@
 40.97.161.50	permit
 40.97.164.146	permit
 40.107.0.0/16	permit
+40.112.65.63	permit
 40.112.72.205	permit
 40.113.200.201	permit
+40.117.80.0/24	permit
+40.121.71.46	permit
 41.74.192.0/22	permit
 41.74.196.0/22	permit
 41.74.200.0/23	permit
-41.74.201.0/24	permit
 41.74.204.0/23	permit
-41.74.205.0/24	permit
+41.74.206.0/24	permit
 42.159.163.81	permit
 42.159.163.82	permit
 42.159.163.83	permit
-46.19.168.0/23	permit
+43.228.184.0/22	permit
 46.226.48.0/21	permit
 46.228.36.37	permit
 46.228.36.38/31	permit
@@ -160,26 +175,19 @@
 50.18.125.97	permit
 50.18.125.237	permit
 50.18.126.162	permit
-50.23.218.192/27	permit
 50.31.32.0/19	permit
-50.31.36.197	permit
-50.31.36.199	permit
-50.31.36.205	permit
-50.31.36.208	permit
-50.31.36.213	permit
-50.31.44.111	permit
-50.31.57.54/31	permit
-50.31.57.60	permit
-50.31.57.61	permit
-50.31.57.62	permit
-50.31.60.1	permit
 50.31.156.96/27	permit
 50.31.205.0/24	permit
-50.207.218.237	permit
 51.4.71.62	permit
+51.4.72.0/24	permit
+51.4.80.0/27	permit
+51.5.72.0/24	permit
+51.5.80.0/27	permit
+51.137.58.21	permit
+51.140.75.55	permit
+51.144.100.179	permit
 51.163.158.0/24	permit
-51.163.159.0/24	permit
-52.0.20.102	permit
+51.163.159.21	permit
 52.5.230.59	permit
 52.27.5.72	permit
 52.27.28.47	permit
@@ -190,10 +198,15 @@
 52.41.64.145	permit
 52.60.41.5	permit
 52.60.115.116	permit
+52.82.172.0/22	permit
+52.94.124.0/28	permit
 52.95.48.152/29	permit
 52.95.49.88/29	permit
 52.100.0.0/14	permit
-52.128.40.0/21	permit
+52.119.213.144/28	permit
+52.160.39.140	permit
+52.165.175.144	permit
+52.185.106.240/28	permit
 52.200.59.0/24	permit
 52.205.61.79	permit
 52.207.191.216	permit
@@ -201,26 +214,30 @@
 52.222.73.83	permit
 52.222.73.120	permit
 52.222.75.85	permit
+52.234.172.96/28	permit
+52.236.28.240/28	permit
+52.237.141.173	permit
+52.244.206.214	permit
+52.247.53.144	permit
+52.250.107.196	permit
+52.250.126.174	permit
+52.251.55.143	permit
 54.90.148.255	permit
 54.156.255.69	permit
 54.172.97.247	permit
-54.173.229.38	permit
-54.174.52.0/24	permit
-54.174.53.128/30	permit
-54.174.57.0/24	permit
-54.174.59.0/24	permit
-54.174.60.0/23	permit
-54.174.63.0/24	permit
 54.186.193.102	permit
+54.191.223.5	permit
+54.194.61.95	permit
+54.195.113.45	permit
 54.214.39.184	permit
+54.216.77.168	permit
 54.240.0.0/18	permit
-54.240.40.0/25	permit
-54.240.56.128/26	permit
-54.240.63.0/25	permit
+54.240.64.0/19	permit
+54.240.96.0/19	permit
 54.241.16.209	permit
-54.243.205.80	permit
 54.244.54.130	permit
 54.244.242.0/24	permit
+54.246.232.180	permit
 62.13.128.0/24	permit
 62.13.129.128/25	permit
 62.13.136.0/22	permit
@@ -231,9 +248,9 @@
 62.13.152.0/23	permit
 62.17.146.128/26	permit
 62.140.7.0/24	permit
-62.140.10.0/24	permit
+62.140.10.21	permit
+63.32.13.159	permit
 63.80.14.0/23	permit
-63.111.28.137	permit
 63.128.21.0/24	permit
 63.143.57.128/25	permit
 63.143.59.128/25	permit
@@ -241,9 +258,11 @@
 64.20.241.45	permit
 64.34.47.128/27	permit
 64.34.57.192/26	permit
+64.71.149.160/28	permit
 64.79.155.0/24	permit
-64.79.155.192	permit
-64.89.45.192/30	permit
+64.89.44.85	permit
+64.89.45.80	permit
+64.89.45.194	permit
 64.89.45.196	permit
 64.95.144.196	permit
 64.127.115.252	permit
@@ -265,21 +284,21 @@
 64.207.219.7	permit
 64.207.219.8	permit
 64.207.219.9	permit
-64.207.219.10	permit
-64.207.219.11	permit
-64.207.219.12	permit
+64.207.219.13	permit
+64.207.219.14	permit
+64.207.219.15	permit
 64.207.219.71	permit
 64.207.219.72	permit
 64.207.219.73	permit
-64.207.219.74	permit
-64.207.219.75	permit
-64.207.219.76	permit
+64.207.219.77	permit
+64.207.219.78	permit
+64.207.219.79	permit
 64.207.219.135	permit
 64.207.219.136	permit
 64.207.219.137	permit
-64.207.219.138	permit
-64.207.219.139	permit
-64.207.219.140	permit
+64.207.219.141	permit
+64.207.219.142	permit
+64.207.219.143	permit
 64.233.160.0/19	permit
 65.38.115.76	permit
 65.38.115.84	permit
@@ -288,7 +307,6 @@
 65.54.51.64/26	permit
 65.54.61.64/26	permit
 65.54.121.120/29	permit
-65.54.121.124/31	permit
 65.54.190.0/24	permit
 65.54.241.0/24	permit
 65.55.29.77	permit
@@ -298,7 +316,6 @@
 65.55.52.224/27	permit
 65.55.78.128/25	permit
 65.55.81.48/28	permit
-65.55.81.54/31	permit
 65.55.90.0/24	permit
 65.55.94.0/25	permit
 65.55.111.0/24	permit
@@ -325,9 +342,6 @@
 66.111.4.225	permit
 66.111.4.229	permit
 66.111.4.230	permit
-66.135.202.0/27	permit
-66.135.215.0/24	permit
-66.135.222.1	permit
 66.162.193.226/31	permit
 66.163.184.0/21	permit
 66.163.184.0/24	permit
@@ -358,7 +372,8 @@
 66.196.81.232/31	permit
 66.196.81.234	permit
 66.211.168.230/31	permit
-66.211.184.0/23	permit
+66.211.170.86/31	permit
+66.211.170.88/30	permit
 66.218.74.64/30	permit
 66.218.74.68/31	permit
 66.218.75.112/30	permit
@@ -420,9 +435,7 @@
 67.221.168.65	permit
 67.228.2.24/30	permit
 67.228.21.184/29	permit
-67.228.34.32/27	permit
 67.228.37.4/30	permit
-67.228.50.54/31	permit
 67.231.145.42	permit
 67.231.153.30	permit
 68.142.230.0/24	permit
@@ -432,17 +445,6 @@
 68.142.230.72/30	permit
 68.142.230.76/31	permit
 68.142.230.78	permit
-68.232.131.164	permit
-68.232.131.172	permit
-68.232.131.183	permit
-68.232.131.185	permit
-68.232.143.44	permit
-68.232.145.216	permit
-68.232.148.56	permit
-68.232.148.128	permit
-68.232.148.138	permit
-68.232.157.60	permit
-68.232.157.143	permit
 68.232.192.0/20	permit
 69.63.178.128/25	permit
 69.63.181.0/24	permit
@@ -456,9 +458,9 @@
 69.171.232.0/24	permit
 69.171.244.0/23	permit
 70.37.151.128/25	permit
+70.42.149.0/24	permit
 70.42.149.35	permit
 72.3.185.0/24	permit
-72.3.237.64/28	permit
 72.14.192.0/18	permit
 72.21.192.0/19	permit
 72.21.217.142	permit
@@ -523,8 +525,10 @@
 72.32.154.0/24	permit
 72.32.217.0/24	permit
 72.32.243.0/24	permit
-72.34.168.75	permit
 72.34.168.76	permit
+72.34.168.80	permit
+72.34.168.85	permit
+72.34.168.86	permit
 72.52.72.32/28	permit
 72.52.72.36	permit
 74.6.128.0/21	permit
@@ -536,9 +540,6 @@
 74.6.133.0/24	permit
 74.6.134.0/24	permit
 74.6.135.0/24	permit
-74.63.63.115	permit
-74.63.63.121	permit
-74.63.194.126	permit
 74.63.212.0/24	permit
 74.63.234.75	permit
 74.63.236.0/24	permit
@@ -557,17 +558,9 @@
 74.112.67.243	permit
 74.125.0.0/16	permit
 74.202.227.40	permit
-74.208.4.192/26	permit
-74.208.5.64/26	permit
-74.208.122.0/26	permit
 74.209.250.0/24	permit
 74.209.250.12	permit
-75.126.253.48	permit
-76.223.176.0/24	permit
-76.223.180.0/23	permit
-76.223.188.0/24	permit
-76.223.189.0/24	permit
-76.223.190.0/24	permit
+76.223.176.0/20	permit
 77.238.176.0/22	permit
 77.238.176.0/24	permit
 77.238.177.0/24	permit
@@ -590,13 +583,11 @@
 77.238.189.146/31	permit
 77.238.189.148/30	permit
 81.223.46.0/27	permit
-82.165.159.0/24	permit
-82.165.159.0/26	permit
-82.165.229.130	permit
-82.165.230.22	permit
 84.16.77.1	permit
 85.158.136.0/21	permit
 86.61.88.25	permit
+87.198.219.130	permit
+87.198.219.153	permit
 87.238.80.0/21	permit
 87.248.103.12	permit
 87.248.103.21	permit
@@ -633,11 +624,9 @@
 87.248.117.201	permit
 87.248.117.202	permit
 87.248.117.205	permit
+87.252.219.254	permit
 87.253.232.0/21	permit
 89.22.108.0/24	permit
-91.194.248.0/23	permit
-91.211.240.0/22	permit
-91.211.243.0/24	permit
 91.220.42.0/24	permit
 94.236.119.0/26	permit
 94.245.112.0/27	permit
@@ -649,7 +638,6 @@
 96.43.148.64/28	permit
 96.43.148.64/31	permit
 96.43.151.64/28	permit
-96.46.150.192/27	permit
 98.136.44.181	permit
 98.136.44.182/31	permit
 98.136.44.184	permit
@@ -1152,20 +1140,25 @@
 98.139.245.180/31	permit
 98.139.245.208/30	permit
 98.139.245.212/31	permit
+99.78.197.208/28	permit
+103.2.140.0/22	permit
 103.9.8.121	permit
 103.9.8.122	permit
 103.9.8.123	permit
 103.9.96.0/22	permit
 103.13.69.0/24	permit
-103.28.42.0/24	permit
-103.96.20.0/24	permit
-103.96.22.0/24	permit
+103.47.204.0/22	permit
+103.96.21.0/24	permit
+103.96.23.0/24	permit
+103.151.192.0/23	permit
 103.237.104.0/22	permit
 104.43.243.237	permit
 104.47.0.0/17	permit
 104.130.96.0/28	permit
 104.130.122.0/23	permit
+104.214.25.77	permit
 104.215.148.63	permit
+104.215.186.3	permit
 104.245.209.192/26	permit
 106.10.144.64/27	permit
 106.10.144.100/31	permit
@@ -1291,6 +1284,7 @@
 106.10.242.0/24	permit
 106.10.243.0/24	permit
 106.10.244.0/24	permit
+106.39.212.64/29	permit
 106.50.16.0/28	permit
 108.174.0.0/24	permit
 108.174.0.215	permit
@@ -1302,13 +1296,14 @@
 108.175.30.45	permit
 108.177.8.0/21	permit
 108.177.96.0/19	permit
-108.178.6.0/24	permit
 109.237.142.0/24	permit
 111.221.23.128/25	permit
 111.221.26.0/27	permit
 111.221.66.0/25	permit
 111.221.69.128/25	permit
 111.221.112.0/21	permit
+112.19.199.64/29	permit
+112.19.242.64/29	permit
 116.214.12.0/24	permit
 116.214.12.47	permit
 116.214.12.48/31	permit
@@ -1325,6 +1320,7 @@
 117.120.16.0/21	permit
 119.42.242.52/31	permit
 119.42.242.156	permit
+123.126.78.64/29	permit
 124.47.150.0/24	permit
 124.47.189.0/24	permit
 124.108.96.0/24	permit
@@ -1332,11 +1328,19 @@
 124.108.96.28/31	permit
 124.108.96.70/31	permit
 124.108.96.72/31	permit
+128.17.0.0/20	permit
+128.17.64.0/20	permit
+128.17.128.0/20	permit
+128.17.192.0/20	permit
 128.127.70.0/26	permit
+128.245.0.0/20	permit
+128.245.64.0/20	permit
 129.41.77.70	permit
 129.41.169.249	permit
+129.146.236.58	permit
+129.153.194.228	permit
+129.159.87.137	permit
 130.61.9.72	permit
-130.61.68.235	permit
 130.211.0.0/22	permit
 130.248.172.0/24	permit
 130.248.173.0/24	permit
@@ -1345,8 +1349,10 @@
 131.253.121.0/26	permit
 131.253.121.20	permit
 131.253.121.52	permit
-132.145.11.129	permit
 132.145.13.209	permit
+132.226.26.225	permit
+132.226.49.32	permit
+132.226.56.24	permit
 134.170.27.8	permit
 134.170.113.0/26	permit
 134.170.141.64/26	permit
@@ -1356,21 +1362,27 @@
 135.84.82.0/24	permit
 135.84.216.0/22	permit
 136.143.182.0/23	permit
-136.143.188.0/23	permit
+136.143.184.0/24	permit
+136.143.188.0/24	permit
 136.147.128.0/20	permit
 136.147.135.0/24	permit
 136.147.176.0/20	permit
 136.147.176.0/24	permit
 136.147.182.0/24	permit
+138.91.172.26	permit
 139.60.152.0/22	permit
 139.178.64.159	permit
 139.178.64.195	permit
-139.180.17.0/24	permit
 141.193.32.0/23	permit
+143.55.224.0/21	permit
+143.55.232.0/22	permit
+143.55.236.0/22	permit
+144.178.36.0/24	permit
+144.178.38.0/24	permit
 146.20.112.0/26	permit
 146.20.113.0/24	permit
 146.20.191.0/24	permit
-146.88.28.0/24	permit
+146.20.215.0/24	permit
 146.101.78.0/24	permit
 147.75.65.173	permit
 147.75.65.174	permit
@@ -1384,10 +1396,7 @@
 148.105.0.14	permit
 148.105.8.0/21	permit
 149.72.0.0/16	permit
-151.101.1.140	permit
-151.101.65.140	permit
-151.101.129.140	permit
-151.101.193.140	permit
+152.67.105.195	permit
 157.55.0.192/26	permit
 157.55.1.128/26	permit
 157.55.2.0/25	permit
@@ -1397,6 +1406,7 @@
 157.55.61.0/24	permit
 157.55.157.128/25	permit
 157.55.225.0/25	permit
+157.55.254.216	permit
 157.56.24.0/25	permit
 157.56.120.128/26	permit
 157.56.232.0/21	permit
@@ -1405,21 +1415,26 @@
 157.58.196.96/29	permit
 157.58.249.3	permit
 157.151.208.65	permit
-158.247.16.0/20	permit
+157.255.1.64/29	permit
+159.92.157.0/24	permit
+159.92.158.0/24	permit
+159.92.159.0/24	permit
+159.92.160.0/24	permit
+159.92.161.0/24	permit
+159.92.162.0/24	permit
+159.135.132.128/25	permit
+159.135.140.80/29	permit
 159.135.224.0/20	permit
-161.38.192.0/22	permit
-161.38.196.0/22	permit
-161.71.32.0/21	permit
+159.183.0.0/16	permit
+161.38.192.0/20	permit
+161.38.204.0/22	permit
+161.71.32.0/19	permit
+161.71.64.0/20	permit
 162.208.119.181	permit
 162.247.216.0/22	permit
-162.248.184.121	permit
-162.248.184.122	permit
-162.248.185.121	permit
-162.248.185.122	permit
-162.248.186.121	permit
-162.248.186.122	permit
-163.47.180.0/22	permit
+163.47.180.0/23	permit
 163.114.130.16	permit
+163.114.132.120	permit
 166.78.68.0/22	permit
 166.78.68.221	permit
 166.78.69.146	permit
@@ -1427,16 +1442,7 @@
 166.78.69.170	permit
 166.78.71.131	permit
 167.89.0.0/17	permit
-167.89.2.4	permit
-167.89.22.44	permit
-167.89.25.84	permit
-167.89.31.192/29	permit
-167.89.32.5	permit
-167.89.32.50	permit
 167.89.46.159	permit
-167.89.46.185	permit
-167.89.60.95	permit
-167.89.62.118	permit
 167.89.64.9	permit
 167.89.65.0	permit
 167.89.65.53	permit
@@ -1448,22 +1454,15 @@
 167.89.75.164	permit
 167.89.101.2	permit
 167.89.101.192/28	permit
-167.89.107.125	permit
-167.89.107.127	permit
-167.89.107.129	permit
-167.89.107.136	permit
-167.216.129.170	permit
-167.216.129.182/31	permit
-167.216.129.184/29	permit
-167.216.129.192/29	permit
-167.216.129.200	permit
-167.216.129.205	permit
-167.216.129.206/31	permit
-167.216.129.208/31	permit
 167.216.129.210	permit
+167.216.131.180	permit
 167.220.67.232/29	permit
 167.220.67.238	permit
+168.138.5.36	permit
 168.245.0.0/17	permit
+170.10.68.0/22	permit
+170.10.129.0/24	permit
+170.10.133.0/24	permit
 172.217.0.0/19	permit
 172.217.32.0/20	permit
 172.217.128.0/19	permit
@@ -1473,8 +1472,6 @@
 172.253.112.0/20	permit
 173.0.84.224/27	permit
 173.0.94.244/30	permit
-173.193.132.134/31	permit
-173.193.210.32/27	permit
 173.194.0.0/16	permit
 173.203.79.182	permit
 173.203.81.39	permit
@@ -1482,7 +1479,6 @@
 173.224.160.188	permit
 173.224.161.128/25	permit
 173.228.155.0/24	permit
-173.236.20.0/24	permit
 174.36.84.8/29	permit
 174.36.84.16/29	permit
 174.36.84.32/29	permit
@@ -1494,30 +1490,25 @@
 174.36.114.148/30	permit
 174.36.114.152/29	permit
 174.37.67.28/30	permit
-174.37.226.64/27	permit
-174.129.194.241	permit
 174.129.203.189	permit
-174.137.46.0/24	permit
 176.32.105.0/24	permit
 176.32.127.0/24	permit
 178.236.10.128/26	permit
 180.189.28.0/24	permit
 182.50.76.0/22	permit
 182.50.78.64/28	permit
-184.173.105.0/24	permit
-184.173.153.0/24	permit
-185.4.120.0/24	permit
-185.4.122.0/24	permit
+183.240.219.64/29	permit
 185.12.80.0/22	permit
 185.28.196.0/22	permit
-185.58.84.0/24	permit
-185.58.87.0/24	permit
+185.58.84.93	permit
+185.58.85.0/24	permit
+185.58.86.0/24	permit
 185.72.128.75	permit
 185.72.128.76	permit
+185.72.128.80	permit
 185.80.93.204	permit
 185.80.93.227	permit
 185.80.95.31	permit
-185.90.20.0/22	permit
 185.189.236.0/22	permit
 185.211.120.0/22	permit
 185.250.236.0/22	permit
@@ -1577,7 +1568,6 @@
 192.64.236.0/24	permit
 192.64.237.0/24	permit
 192.64.238.0/24	permit
-192.92.97.0/24	permit
 192.161.144.0/20	permit
 192.162.87.0/24	permit
 192.237.158.0/23	permit
@@ -1589,37 +1579,34 @@
 192.254.113.10	permit
 192.254.113.101	permit
 192.254.114.176	permit
-192.254.115.72	permit
 192.254.118.63	permit
-192.254.127.96/27	permit
+193.7.206.0/25	permit
+193.7.207.0/25	permit
 193.109.254.0/23	permit
-194.64.234.128/27	permit
+193.122.128.100	permit
 194.64.234.129	permit
+194.104.109.0/24	permit
+194.104.111.0/24	permit
 194.106.220.0/23	permit
-194.113.24.0/22	permit
 194.154.193.192/27	permit
-195.54.172.0/23	permit
 195.130.217.0/24	permit
+195.234.109.226	permit
 195.245.230.0/23	permit
 198.2.128.0/18	permit
 198.2.128.0/24	permit
 198.2.132.0/22	permit
 198.2.136.0/23	permit
+198.2.145.0/24	permit
 198.2.177.0/24	permit
-198.2.178.0/24	permit
-198.2.179.0/24	permit
+198.2.178.0/23	permit
 198.2.180.0/24	permit
 198.2.186.0/23	permit
 198.21.0.0/21	permit
-198.21.3.166	permit
-198.21.4.224	permit
 198.37.144.0/20	permit
-198.37.145.250	permit
-198.37.146.118/31	permit
-198.37.149.128	permit
-198.37.151.26	permit
+198.37.152.186	permit
 198.61.254.0/23	permit
 198.61.254.231	permit
+198.74.56.28	permit
 198.178.234.57	permit
 198.245.80.0/20	permit
 198.245.81.0/24	permit
@@ -1636,18 +1623,15 @@
 199.122.120.0/21	permit
 199.122.123.0/24	permit
 199.127.232.0/22	permit
-199.201.64.23	permit
-199.201.65.23	permit
 199.255.192.0/22	permit
 202.129.242.0/23	permit
 202.165.102.47	permit
 202.177.148.100	permit
 202.177.148.110	permit
+203.31.36.0/22	permit
 203.32.4.25	permit
-203.55.21.0/24	permit
 203.81.17.0/24	permit
 203.122.32.250	permit
-203.145.57.160/27	permit
 203.188.194.32	permit
 203.188.194.151	permit
 203.188.194.203	permit
@@ -1680,32 +1664,30 @@
 203.188.201.12/30	permit
 203.209.230.75	permit
 203.209.230.76/31	permit
-204.2.193.0/29	permit
 204.11.168.0/21	permit
 204.13.11.48/29	permit
-204.13.11.48/30	permit
 204.14.232.0/21	permit
 204.14.232.64/28	permit
 204.14.234.64/28	permit
 204.29.186.0/23	permit
-204.75.142.0/24	permit
 204.79.197.212	permit
 204.92.114.187	permit
 204.92.114.203	permit
 204.92.114.204/31	permit
 204.141.32.0/23	permit
 204.141.42.0/23	permit
-204.153.120.0/23	permit
+204.153.121.0/24	permit
+204.232.168.0/24	permit
 205.139.110.0/24	permit
-205.139.111.0/24	permit
 205.201.128.0/20	permit
 205.201.131.128/25	permit
 205.201.134.128/25	permit
 205.201.136.0/23	permit
-205.201.137.229	permit
 205.201.139.0/24	permit
 205.207.104.0/22	permit
 205.207.104.108	permit
+205.220.167.17	permit
+205.220.179.17	permit
 205.251.233.32	permit
 205.251.233.36	permit
 206.25.247.143	permit
@@ -1727,6 +1709,8 @@
 207.46.132.128/27	permit
 207.46.198.0/25	permit
 207.46.200.0/27	permit
+207.46.225.107	permit
+207.58.147.64/28	permit
 207.67.38.0/24	permit
 207.67.98.192/27	permit
 207.68.176.0/26	permit
@@ -1734,7 +1718,8 @@
 207.82.80.0/24	permit
 207.126.144.0/20	permit
 207.171.160.0/19	permit
-207.211.30.0/24	permit
+207.211.30.64/26	permit
+207.211.30.128/25	permit
 207.211.31.0/25	permit
 207.211.41.113	permit
 207.218.90.0/24	permit
@@ -1743,7 +1728,7 @@
 208.43.21.28/30	permit
 208.43.21.64/29	permit
 208.43.21.72/30	permit
-208.43.239.136/30	permit
+208.46.212.80	permit
 208.46.212.208/31	permit
 208.46.212.210	permit
 208.64.132.0/22	permit
@@ -1773,13 +1758,13 @@
 208.71.42.212/31	permit
 208.71.42.214	permit
 208.72.249.240/29	permit
-208.74.204.0/22	permit
 208.74.204.9	permit
 208.75.120.0/22	permit
 208.75.122.246	permit
-208.82.236.96/28	permit
-208.82.237.96/28	permit
-208.82.238.96/28	permit
+208.82.237.96/29	permit
+208.82.237.104/31	permit
+208.82.238.96/29	permit
+208.82.238.104/31	permit
 208.85.50.137	permit
 208.117.48.0/20	permit
 208.185.229.45	permit
@@ -1792,10 +1777,10 @@
 209.67.98.59	permit
 209.85.128.0/17	permit
 212.4.136.0/26	permit
-212.25.240.75	permit
-212.25.240.76	permit
+212.25.240.80	permit
 212.25.240.83	permit
-212.25.240.84	permit
+212.25.240.84/31	permit
+212.25.240.88	permit
 212.82.96.0/24	permit
 212.82.96.32/27	permit
 212.82.96.64/29	permit
@@ -1836,13 +1821,8 @@
 212.82.111.228/31	permit
 212.82.111.230	permit
 212.123.28.40	permit
-212.227.15.0/24	permit
-212.227.15.0/25	permit
-212.227.17.0/27	permit
-212.227.126.128/25	permit
-213.165.64.0/23	permit
-213.167.75.0/24	permit
-213.167.81.0/24	permit
+213.167.75.0/25	permit
+213.167.81.0/25	permit
 213.199.128.139	permit
 213.199.128.145	permit
 213.199.138.181	permit
@@ -1851,6 +1831,7 @@
 213.199.177.0/26	permit
 216.17.150.242	permit
 216.17.150.251	permit
+216.22.15.224/27	permit
 216.24.224.0/20	permit
 216.39.60.0/23	permit
 216.39.60.154/31	permit
@@ -1877,17 +1858,9 @@
 216.39.62.60/31	permit
 216.39.62.136/29	permit
 216.39.62.144/31	permit
-216.46.168.197	permit
-216.46.168.222	permit
-216.52.185.88/29	permit
+216.46.168.0/24	permit
 216.58.192.0/19	permit
 216.66.217.240/29	permit
-216.71.96.0/22	permit
-216.71.152.175	permit
-216.71.152.207	permit
-216.71.154.29	permit
-216.71.155.88	permit
-216.71.155.89	permit
 216.74.162.13	permit
 216.74.162.14	permit
 216.82.240.0/20	permit
@@ -1897,9 +1870,6 @@
 216.109.114.0/24	permit
 216.109.114.32/27	permit
 216.109.114.64/29	permit
-216.113.160.0/24	permit
-216.113.172.0/25	permit
-216.113.175.0/24	permit
 216.128.126.97	permit
 216.136.162.65	permit
 216.136.162.120/29	permit
@@ -1909,14 +1879,13 @@
 216.203.33.178/31	permit
 216.205.24.0/24	permit
 216.239.32.0/19	permit
-217.72.192.64/26	permit
-217.72.192.248/29	permit
-217.72.207.0/27	permit
 217.77.141.52	permit
 217.77.141.59	permit
-217.175.193.0/24	permit
-217.175.194.0/23	permit
-217.175.196.0/24	permit
+222.73.195.64/29	permit
+223.165.113.0/24	permit
+223.165.115.0/24	permit
+223.165.118.0/23	permit
+223.165.120.0/23	permit
 2001:4860:4000::/36	permit
 2404:6800:4000::/36	permit
 2607:f8b0:4000::/36	permit
@@ -1925,6 +1894,7 @@
 2620:109:c006:104::215	permit
 2620:109:c006:104::/64	permit
 2620:109:c00d:104::/64	permit
+2620:10d:c090:450::120	permit
 2620:10d:c091:450::16	permit
 2620:119:50c0:207::215	permit
 2620:119:50c0:207::/64	permit
--- a/data/conf/rspamd/local.d/groups.conf
+++ b/data/conf/rspamd/local.d/groups.conf
@@ -18,6 +18,9 @@ symbols {
  "ENCRYPTED_CHAT" {
    score = -20.0;
  }
+  "SOGO_CONTACT" {
+    score = -99.0;
+  }
 }

 group "MX" {
--- a/data/conf/rspamd/local.d/neural.conf
+++ b/data/conf/rspamd/local.d/neural.conf
@@ -1,24 +0,0 @@
-rules {
-  "LONG" {
-    train {
-      max_trains = 200;
-      max_usages = 20;
-      max_iterations = 25;
-      learning_rate = 0.01,
-    }
-    symbol_spam = "NEURAL_SPAM_LONG";
-    symbol_ham = "NEURAL_HAM_LONG";
-    ann_expire = 45d;
-  }
-  "SHORT" {
-    train {
-      max_trains = 100;
-      max_usages = 10;
-      max_iterations = 15;
-      learning_rate = 0.01,
-    }
-    symbol_spam = "NEURAL_SPAM_SHORT";
-    symbol_ham = "NEURAL_HAM_SHORT";
-    ann_expire = 7d;
-  }
-}
--- a/data/conf/rspamd/local.d/neural_group.conf
+++ b/data/conf/rspamd/local.d/neural_group.conf
@@ -1,18 +0,0 @@
-symbols = {
-  "NEURAL_SPAM_LONG" {
-    weight = 3.7; # sample weight
-    description = "Neural network spam (long)";
-  }
-  "NEURAL_HAM_LONG" {
-    weight = -4.0; # sample weight
-    description = "Neural network ham (long)";
-  }
-  "NEURAL_SPAM_SHORT" {
-    weight = 2.5; # sample weight
-    description = "Neural network spam (short)";
-  }
-  "NEURAL_HAM_SHORT" {
-    weight = -2.0; # sample weight
-    description = "Neural network ham (short)";
-  }
-}
--- a/data/conf/rspamd/lua/ivm-sg.lua
+++ b/data/conf/rspamd/lua/ivm-sg.lua
@@ -1,61 +0,0 @@
-- Thanks to https://raw.githubusercontent.com/fatalbanana
-
-local lua_maps = require 'lua_maps'
-local rspamd_regexp = require 'rspamd_regexp'
-local rspamd_util = require 'rspamd_util'
-
-local ivm_sendgrid_ids = lua_maps.map_add_from_ucl(
-  'https://www.invaluement.com/spdata/sendgrid-id-dnsbl.txt',
-  'set',
-  'Invaluement Service Provider DNSBL: Sendgrid IDs'
-)
-
-local ivm_sendgrid_envfromdomains = lua_maps.map_add_from_ucl(
-  'https://www.invaluement.com/spdata/sendgrid-envelopefromdomain-dnsbl.txt',
-  'set',
-  'Invaluement Service Provider DNSBL: Sendgrid envelope domains'
-)
-
-local cb_id = rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID',
-  callback = function(task)
-    -- Is it Sendgrid?
-    local sg_hdr = task:get_header('X-SG-EID')
-    if not sg_hdr then return end
-
-    -- Get original envelope from
-    local env_from = task:get_from{'smtp', 'orig'}
-    if not env_from then return end
-
-    -- Check normalised domain in domains list
-    if ivm_sendgrid_envfromdomains and ivm_sendgrid_envfromdomains:get_key(rspamd_util.get_tld(env_from[1].domain)) then
-      task:insert_result('IVM_SENDGRID_DOMAIN', 1.0)
-    end
-
-    -- Check ID in ID list
-    local lp_re = rspamd_regexp.create_cached([[^bounces\+(\d+)-]])
-    local res = lp_re:search(env_from[1].user, true, true)
-    if not res then return end
-    if ivm_sendgrid_ids and ivm_sendgrid_ids:get_key(res[1][2]) then
-      task:insert_result('IVM_SENDGRID_ID', 1.0)
-    end
-  end,
-  description = 'Invaluement Service Provider DNSBL: Sendgrid',
-  type = 'callback',
-})
-
-rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID_DOMAIN',
-  parent = cb_id,
-  group = 'ivmspdnsbl',
-  score = 8.0,
-  type = 'virtual',
-})
-
-rspamd_config:register_symbol({
-  name = 'IVM_SENDGRID_ID',
-  parent = cb_id,
-  group = 'ivmspdnsbl',
-  score = 8.0,
-  type = 'virtual',
-})
--- a/data/web/api/index.html
+++ b/data/web/api/index.html
@@ -39,7 +39,7 @@
    window.onload = function() {
      // Begin Swagger UI call region
      const ui = SwaggerUIBundle({
-        url: "/api/openapi.yaml",
+        urls: [{url: "/api/openapi.yaml", name: "mailcow API"}],
        dom_id: '#swagger-ui',
        deepLinking: true,
        presets: [
--- a/data/web/api/openapi.yaml
+++ b/data/web/api/openapi.yaml
@@ -209,10 +209,17 @@ paths:
                        - app_passwd
                        - add
                        - active: "1"
-                          app_name: emclient
+                          username: info@domain.tld
+                          app_name: wordpress
                          app_passwd: keyleudecticidechothistishownsan31
                          app_passwd2: keyleudecticidechothistishownsan31
-                          username: hello@mailcow.email
+                          protocols:
+                            - imap_access
+                            - dav_access
+                            - smtp_access
+                            - eas_access
+                            - pop3_access
+                            - sieve_access
                      msg: app_passwd_added
                      type: success
              schema:
@@ -249,6 +256,13 @@ paths:
                app_name: wordpress
                app_passwd: keyleudecticidechothistishownsan31
                app_passwd2: keyleudecticidechothistishownsan31
+                protocols:
+                  - imap_access
+                  - dav_access
+                  - smtp_access
+                  - eas_access
+                  - pop3_access
+                  - sieve_access
              properties:
                active:
                  description: is alias active or not
@@ -497,12 +511,16 @@ paths:
                          relay_all_recipients: "0"
                          rl_frame: s
                          rl_value: "10"
+                          tags: ["tag1", "tag2"]
                        - null
                      msg:
                        - domain_added
                        - domain.tld
                      type: success
              schema:
+                type: array
+                items:
+                  type: object
                  properties:
                    log:
                      description: contains request object
@@ -517,7 +535,6 @@ paths:
                        - danger
                        - error
                      type: string
-                type: object
          description: OK
          headers: {}
      tags:
@@ -544,6 +561,7 @@ paths:
                rl_frame: s
                rl_value: "10"
                restart_sogo: "10"
+                tags: ["tag1", "tag2"]
              properties:
                active:
                  description: is domain active or not
@@ -563,6 +581,11 @@ paths:
                domain:
                  description: Fully qualified domain name
                  type: string
+                gal:
+                  description: >-
+                    is domain global address list active or not, it enables
+                    shared contacts accross domain in SOGo webmail
+                  type: boolean
                mailboxes:
                  description: limit count of mailboxes associated with this domain
                  type: number
@@ -580,6 +603,9 @@ paths:
                    if not, them you have to create "dummy" mailbox for each
                    address to relay
                  type: boolean
+                relay_unknown_only:
+                  description: Relay non-existing mailboxes only. Existing mailboxes will be delivered locally.
+                  type: boolean
                rl_frame:
                  enum:
                    - s
@@ -590,6 +616,11 @@ paths:
                rl_value:
                  description: rate limit value
                  type: number
+                tags:
+                  description: tags for this Domain
+                  type: array
+                  items:
+                    type: string
              type: object
      summary: Create domain
  /api/v1/add/domain-admin:
@@ -1010,6 +1041,7 @@ paths:
                          force_pw_update: "1"
                          tls_enforce_in: "1"
                          tls_enforce_out: "1"
+                          tags: ["tag1", "tag2"]
                        - null
                      msg:
                        - mailbox_added
@@ -1054,6 +1086,7 @@ paths:
                force_pw_update: "1"
                tls_enforce_in: "1"
                tls_enforce_out: "1"
+                tags: ["tag1", "tag2"]
              properties:
                active:
                  description: is mailbox active or not
@@ -1934,6 +1967,9 @@ paths:
                        - domain2.tld
                      type: success
              schema:
+                type: array
+                items:
+                  type: object
                  properties:
                    log:
                      description: contains request object
@@ -1948,7 +1984,6 @@ paths:
                        - danger
                        - error
                      type: string
-                type: object
          description: OK
          headers: {}
      tags:
@@ -1959,14 +1994,15 @@ paths:
        content:
          application/json:
            schema:
+              type: object
              example:
                - domain.tld
                - domain2.tld
              properties:
                items: 
-                  description: contains list of domains you want to delete
-                  type: object
-              type: object
+                  type: array
+                  items:
+                    type: string
      summary: Delete domain
  /api/v1/delete/domain-admin:
    post:
@@ -2716,6 +2752,140 @@ paths:
                  type: object
              type: object
      summary: Delete Transport Maps
+  "/api/v1/delete/mailbox/tag/{mailbox}":
+    post:
+      parameters:
+        - description: name of mailbox
+          in: path
+          name: mailbox
+          example: info@domain.tld
+          required: true
+          schema:
+            type: string
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    - log:
+                        - mailbox
+                        - delete
+                        - tags_mailbox
+                        - tags:
+                          - tag1
+                          - tag2
+                          mailbox: info@domain.tld
+                        - null
+                      msg:
+                        - mailbox_modified
+                        - info@domain.tld
+                      type: success
+              schema:
+                properties:
+                  log:
+                    description: contains request object
+                    items: {}
+                    type: array
+                  msg:
+                    items: {}
+                    type: array
+                  type:
+                    enum:
+                      - success
+                      - danger
+                      - error
+                    type: string
+                type: object
+          description: OK
+          headers: {}
+      tags:
+        - Mailboxes
+      description: You can delete one or more mailbox tags.
+      operationId: Delete mailbox tags
+      requestBody:
+        content:
+          application/json:
+            schema:
+              example:
+                - tag1
+                - tag2
+              properties:
+                items:
+                  description: contains list of mailboxes you want to delete
+                  type: object
+              type: object
+      summary: Delete mailbox tags
+  "/api/v1/delete/domain/tag/{domain}":
+    post:
+      parameters:
+        - description: name of domain
+          in: path
+          name: domain
+          example: domain.tld
+          required: true
+          schema:
+            type: string
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    - log:
+                        - mailbox
+                        - delete
+                        - tags_domain
+                        - tags:
+                          - tag1
+                          - tag2
+                          domain: domain.tld
+                        - null
+                      msg:
+                        - domain_modified
+                        - domain.tld
+                      type: success
+              schema:
+                properties:
+                  log:
+                    description: contains request object
+                    items: {}
+                    type: array
+                  msg:
+                    items: {}
+                    type: array
+                  type:
+                    enum:
+                      - success
+                      - danger
+                      - error
+                    type: string
+                type: object
+          description: OK
+          headers: {}
+      tags:
+        - Domains
+      description: You can delete one or more domain tags.
+      operationId: Delete domain tags
+      requestBody:
+        content:
+          application/json:
+            schema:
+              example:
+                - tag1
+                - tag2
+              properties:
+                items:
+                  description: contains list of domains you want to delete
+                  type: object
+              type: object
+      summary: Delete domain tags
  /api/v1/edit/alias:
    post:
      responses:
@@ -2820,23 +2990,25 @@ paths:
          $ref: "#/components/responses/Unauthorized"
        "200":
          content:
-            "*/*":
+            application/json:
              schema:
+                type: array
+                items: 
+                  type: object
                  properties:
                    log:
+                      type: array
                      description: contains request object
                      items: {}
-                    type: array
                    msg:
-                    items: {}
                      type: array
+                      items: {}
                    type:
                      enum:
                        - success
                        - danger
                        - error
                      type: string
-                type: object
          description: OK
          headers: {}
      tags:
@@ -2865,6 +3037,7 @@ paths:
                  quota: "10240"
                  relay_all_recipients: "0"
                  relayhost: "2"
+                  tags: ["tag3", "tag4"]
                items: domain.tld
              properties:
                attr:
@@ -2903,13 +3076,33 @@ paths:
                        if not, them you have to create "dummy" mailbox for each
                        address to relay
                      type: boolean
+                    relay_unknown_only:
+                      description: Relay non-existing mailboxes only. Existing mailboxes will be delivered locally.
+                      type: boolean
                    relayhost:
                      description: id of relayhost
                      type: number
+                    rl_frame:
+                      enum:
+                        - s
+                        - m
+                        - h
+                        - d
+                      type: string
+                    rl_value:
+                      description: rate limit value
+                      type: number
+                    tags:
+                      description: tags for this Domain
+                      type: array
+                      items:
+                        type: string
                  type: object
                items:
                  description: contains list of domain names you want update
-                  type: object
+                  type: array
+                  items:
+                    type: string
              type: object
      summary: Update domain
  /api/v1/edit/fail2ban:
@@ -3019,6 +3212,7 @@ paths:
                          sogo_access: "1"
                          username:
                            - info@domain.tld
+                          tags: ["tag3", "tag4"]
                        - null
                      msg:
                        - mailbox_modified
@@ -3066,6 +3260,7 @@ paths:
                    - domain3.tld
                    - "*"
                  sogo_access: "1"
+                  tags: ["tag3", "tag4"]
                items:
                  - info@domain.tld
              properties:
@@ -3793,6 +3988,13 @@ paths:
              - all
              - mailcow.tld
            type: string
+        - description: comma seperated list of tags to filter by
+          example: "tag1,tag2"
+          in: query
+          name: tags
+          required: false
+          schema:
+            type: string
        - description: e.g. api-key-string
          example: api-key-string
          in: header
@@ -3831,6 +4033,7 @@ paths:
                      relay_all_recipients: "0"
                      relayhost: "0"
                      rl: false
+                      tags: ["tag1", "tag2"]
                    - active: "1"
                      aliases_in_domain: 0
                      aliases_left: 400
@@ -3853,6 +4056,7 @@ paths:
                      relay_all_recipients: "0"
                      relayhost: "0"
                      rl: false
+                      tags: ["tag3", "tag4"]
          description: OK
          headers: {}
      tags:
@@ -4345,6 +4549,13 @@ paths:
              - all
              - user@domain.tld
            type: string
+        - description: comma seperated list of tags to filter by
+          example: "tag1,tag2"
+          in: query
+          name: tags
+          required: false
+          schema:
+            type: string
        - description: e.g. api-key-string
          example: api-key-string
          in: header
@@ -4382,6 +4593,7 @@ paths:
                      rl: false
                      spam_aliases: 0
                      username: info@doman3.tld
+                      tags: ["tag1", "tag2"]
          description: OK
          headers: {}
      tags:
@@ -5072,6 +5284,27 @@ paths:
        of used storage.
      operationId: Get vmail status
      summary: Get vmail status
+  /api/v1/get/status/version:
+    get:
+      responses:
+        "401":
+          $ref: "#/components/responses/Unauthorized"
+        "200":
+          content:
+            application/json:
+              examples:
+                response:
+                  value:
+                    version: "2022-04"
+          description: OK
+          headers: {}
+      tags:
+        - Status
+      description: >-
+        Using this endpoint you can get the current running release of this
+        instance.
+      operationId: Get version status
+      summary: Get version status
  /api/v1/get/syncjobs/all/no_log:
    get:
      responses:
--- a/data/web/autodiscover.php
+++ b/data/web/autodiscover.php
@@ -68,7 +68,7 @@ if (empty($_SERVER['PHP_AUTH_USER']) || empty($_SERVER['PHP_AUTH_PW'])) {
  exit(0);
 }

-$login_role = check_login($login_user, $login_pass, true);
+$login_role = check_login($login_user, $login_pass, array('eas' => TRUE));

 if ($login_role === "user") {
  header("Content-Type: application/xml");
--- a/data/web/css/build/008-mailcow.css
+++ b/data/web/css/build/008-mailcow.css
@@ -207,6 +207,7 @@ legend {
 }
 .footer .version {
    margin-left: auto;
+	margin-top: 20px;
 }
 .slave-info {
  padding: 15px 0px 15px 15px;
@@ -231,6 +232,9 @@ table.footable>tbody>tr.footable-empty>td {
  font-style:italic;
  font-size: 1rem;
 }
+table>tbody>tr>td>span.footable-toggle {
+  opacity: 0.75;
+}
 .navbar-nav > li {
  font-size: 1rem !important;
 }
@@ -255,3 +259,52 @@ code {
 .flag-icon {
  margin-right: 5px;
 }
+
+.list-group-item.webauthn-authenticator-selection,
+.list-group-item.totp-authenticator-selection,
+.list-group-item.yubi_otp-authenticator-selection {
+  border-radius: 0px !important;
+}
+.pending-tfa-collapse {
+  padding: 10px;
+  background: #fbfbfb;
+  border: 1px solid #ededed;
+  min-height: 110px;
+}
+
+.tag-box {
+  display: flex;
+  flex-wrap: wrap;
+  height: auto;
+}
+.tag-badge {
+  transition: 200ms linear;
+  margin-top: 5px;
+  margin-bottom: 5px;
+  margin-left: 2px;
+  margin-right: 2px;
+}
+.tag-badge.btn-badge {
+  cursor: pointer;
+}
+.tag-badge .bi {
+  font-size: 12px;
+}
+.tag-badge.btn-badge:hover {
+  filter: brightness(0.9);
+}
+.tag-input {
+  margin-left: 10px;
+  border: 0;
+  flex: 1;
+  height: 24px;
+  min-width: 150px;
+}
+.tag-input:focus {
+  outline: none;
+}
+.tag-add {
+  padding: 0 5px 0 5px;
+  align-items: center;
+  display: inline-flex;
+}
--- a/data/web/edit.php
+++ b/data/web/edit.php
@@ -54,6 +54,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
          'rl' => $rl,
          'rlyhosts' => $rlyhosts,
          'dkim' => dkim('details', $domain),
+          'domain_details' => $result,
        ];
    }
    elseif (isset($_GET['oauth2client']) &&
@@ -99,6 +100,7 @@ if (isset($_SESSION['mailcow_cc_role'])) {
        'rlyhosts' => $rlyhosts,
        'sender_acl_handles' => mailbox('get', 'sender_acl_handles', $mailbox),
        'user_acls' => acl('get', 'user', $mailbox),
+        'mailbox_details' => $result
      ];
    }
    elseif (isset($_GET['relayhost']) && is_numeric($_GET["relayhost"]) && !empty($_GET["relayhost"])) {
--- a/data/web/inc/ajax/destroy_tfa_auth.php
+++ b/data/web/inc/ajax/destroy_tfa_auth.php
@@ -2,5 +2,5 @@
 session_start();
 unset($_SESSION['pending_mailcow_cc_username']);
 unset($_SESSION['pending_mailcow_cc_role']);
-unset($_SESSION['pending_tfa_method']);
+unset($_SESSION['pending_tfa_methods']);
 ?>
--- a/data/web/inc/footer.inc.php
+++ b/data/web/inc/footer.inc.php
@@ -23,14 +23,43 @@ if (is_array($alertbox_log_parser)) {
  unset($_SESSION['return']);
 }

+// map tfa details for twig
+$pending_tfa_authmechs = [];
+foreach($_SESSION['pending_tfa_methods'] as $authdata){
+  $pending_tfa_authmechs[$authdata['authmech']] = false;
+}
+if (isset($pending_tfa_authmechs['webauthn'])) {
+  $pending_tfa_authmechs['webauthn'] = true;
+}
+if (!isset($pending_tfa_authmechs['webauthn']) 
+    && isset($pending_tfa_authmechs['yubi_otp'])) {
+  $pending_tfa_authmechs['yubi_otp'] = true;
+}
+if (!isset($pending_tfa_authmechs['webauthn']) 
+    && !isset($pending_tfa_authmechs['yubi_otp'])
+    && isset($pending_tfa_authmechs['totp'])) {
+  $pending_tfa_authmechs['totp'] = true;
+}
+if (isset($pending_tfa_authmechs['u2f'])) {
+  $pending_tfa_authmechs['u2f'] = true;
+}
+
 // globals
 $globalVariables = [
  'mailcow_info' => array(
    'version_tag' => $GLOBALS['MAILCOW_GIT_VERSION'],
-    'git_project_url' => $GLOBALS['MAILCOW_GIT_URL']
+    'last_version_tag' => $GLOBALS['MAILCOW_LAST_GIT_VERSION'],
+    'git_owner' => $GLOBALS['MAILCOW_GIT_OWNER'],
+    'git_repo' => $GLOBALS['MAILCOW_GIT_REPO'],
+    'git_project_url' => $GLOBALS['MAILCOW_GIT_URL'],
+    'git_commit' => $GLOBALS['MAILCOW_GIT_COMMIT'],
+    'git_commit_date' => $GLOBALS['MAILCOW_GIT_COMMIT_DATE'],
+    'mailcow_branch' => $GLOBALS['MAILCOW_BRANCH'],
+    'updated_at' => $GLOBALS['MAILCOW_UPDATEDAT']
  ),
  'js_path' => '/cache/'.basename($JSPath),
-  'pending_tfa_method' => @$_SESSION['pending_tfa_method'],
+  'pending_tfa_methods' => @$_SESSION['pending_tfa_methods'],
+  'pending_tfa_authmechs' => $pending_tfa_authmechs,
  'pending_mailcow_cc_username' => @$_SESSION['pending_mailcow_cc_username'],
  'lang_footer' => json_encode($lang['footer']),
  'lang_acl' => json_encode($lang['acl']),
--- a/data/web/inc/functions.dkim.inc.php
+++ b/data/web/inc/functions.dkim.inc.php
@@ -197,7 +197,7 @@ function dkim($_action, $_data = null, $privkey = false) {
        return false;
      }
      try {
-        dkim('delete', (array)$domain);
+        dkim('delete', array('domains' => $domain));
        $redis->hSet('DKIM_PUB_KEYS', $domain, $pem_public_key);
        $redis->hSet('DKIM_SELECTORS', $domain, $dkim_selector);
        $redis->hSet('DKIM_PRIV_KEYS', $dkim_selector . '.' . $domain, $private_key_normalized);
--- a/data/web/inc/functions.inc.php
+++ b/data/web/inc/functions.inc.php
@@ -830,11 +830,15 @@ function check_login($user, $pass, $app_passwd_data = false) {
  $stmt->execute(array(':user' => $user));
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
+    // verify password
    if (verify_hash($row['password'], $pass)) {
-      if (get_tfa($user)['name'] != "none") {
+      // check for tfa authenticators
+      $authenticators = get_tfa($user);
+      if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0) {
+        // active tfa authenticators found, set pending user login
        $_SESSION['pending_mailcow_cc_username'] = $user;
        $_SESSION['pending_mailcow_cc_role'] = "admin";
-        $_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
+        $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
        unset($_SESSION['ldelay']);
        $_SESSION['return'][] =  array(
          'type' => 'info',
@@ -842,8 +846,7 @@ function check_login($user, $pass, $app_passwd_data = false) {
          'msg' => 'awaiting_tfa_confirmation'
        );
        return "pending";
-      }
-      else {
+      } else {
        unset($_SESSION['ldelay']);
        // Reactivate TFA if it was set to "deactivate TFA for next login"
        $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
@@ -866,11 +869,14 @@ function check_login($user, $pass, $app_passwd_data = false) {
  $stmt->execute(array(':user' => $user));
  $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
  foreach ($rows as $row) {
+    // verify password
    if (verify_hash($row['password'], $pass) !== false) {
-      if (get_tfa($user)['name'] != "none") {
+      // check for tfa authenticators
+      $authenticators = get_tfa($user);
+      if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0) {
        $_SESSION['pending_mailcow_cc_username'] = $user;
        $_SESSION['pending_mailcow_cc_role'] = "domainadmin";
-        $_SESSION['pending_tfa_method'] = get_tfa($user)['name'];
+        $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
        unset($_SESSION['ldelay']);
        $_SESSION['return'][] =  array(
          'type' => 'info',
@@ -930,14 +936,36 @@ function check_login($user, $pass, $app_passwd_data = false) {
    $rows = array_merge($rows, $stmt->fetchAll(PDO::FETCH_ASSOC));
  }
  foreach ($rows as $row) { 
+    // verify password
    if (verify_hash($row['password'], $pass) !== false) {
+      if (!array_key_exists("app_passwd_id", $row)){ 
+        // password is not a app password
+        // check for tfa authenticators
+        $authenticators = get_tfa($user);
+        if (isset($authenticators['additional']) && is_array($authenticators['additional']) && count($authenticators['additional']) > 0 &&
+            $app_passwd_data['eas'] !== true && $app_passwd_data['dav'] !== true) {
+          // authenticators found, init TFA flow
+          $_SESSION['pending_mailcow_cc_username'] = $user;
+          $_SESSION['pending_mailcow_cc_role'] = "user";
+          $_SESSION['pending_tfa_methods'] = $authenticators['additional'];
          unset($_SESSION['ldelay']);
          $_SESSION['return'][] =  array(
            'type' => 'success',
            'log' => array(__FUNCTION__, $user, '*'),
            'msg' => array('logged_in_as', $user)
          );
-      if ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) {
+          return "pending";
+        } else if (!isset($authenticators['additional']) || !is_array($authenticators['additional']) || count($authenticators['additional']) == 0) {
+          // no authenticators found, login successfull
+          // Reactivate TFA if it was set to "deactivate TFA for next login"
+          $stmt = $pdo->prepare("UPDATE `tfa` SET `active`='1' WHERE `username` = :user");
+          $stmt->execute(array(':user' => $user));
+
+          unset($_SESSION['ldelay']);
+          return "user";
+        }
+      } elseif ($app_passwd_data['eas'] === true || $app_passwd_data['dav'] === true) {
+        // password is a app password
        $service = ($app_passwd_data['eas'] === true) ? 'EAS' : 'DAV';
        $stmt = $pdo->prepare("REPLACE INTO sasl_log (`service`, `app_password`, `username`, `real_rip`) VALUES (:service, :app_id, :username, :remote_addr)");
        $stmt->execute(array(
@@ -946,10 +974,12 @@ function check_login($user, $pass, $app_passwd_data = false) {
          ':username' => $user,
          ':remote_addr' => ($_SERVER['HTTP_X_REAL_IP'] ?? $_SERVER['REMOTE_ADDR'])
        ));
-      }
+
+        unset($_SESSION['ldelay']);
        return "user";
      }
    }
+  }

  if (!isset($_SESSION['ldelay'])) {
    $_SESSION['ldelay'] = "0";
@@ -1142,38 +1172,39 @@ function set_tfa($_data) {
  global $yubi;
  global $tfa;
  $_data_log = $_data;
+  $access_denied = null;
  !isset($_data_log['confirm_password']) ?: $_data_log['confirm_password'] = '*';
  $username = $_SESSION['mailcow_cc_username'];
-  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) {
-      $_SESSION['return'][] =  array(
-        'type' => 'danger',
-        'log' => array(__FUNCTION__, $_data_log),
-        'msg' => 'access_denied'
-      );
-      return false;
-  }
+
+  // check for empty user and role
+  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) $access_denied = true;
+
+  // check admin confirm password
+  if ($access_denied === null) {
    $stmt = $pdo->prepare("SELECT `password` FROM `admin`
        WHERE `username` = :username");
    $stmt->execute(array(':username' => $username));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
-  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-  if (!empty($num_results)) {
-    if (!verify_hash($row['password'], $_data["confirm_password"])) {
-      $_SESSION['return'][] =  array(
-        'type' => 'danger',
-        'log' => array(__FUNCTION__, $_data_log),
-        'msg' => 'access_denied'
-      );
-      return false;
+    if ($row) {
+      if (!verify_hash($row['password'], $_data["confirm_password"])) $access_denied = true;
+      else $access_denied = false;
    }
  }
+
+  // check mailbox confirm password
+  if ($access_denied === null) {
    $stmt = $pdo->prepare("SELECT `password` FROM `mailbox`
        WHERE `username` = :username");
    $stmt->execute(array(':username' => $username));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);
-  $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
-  if (!empty($num_results)) {
-    if (!verify_hash($row['password'], $_data["confirm_password"])) {
+    if ($row) {
+      if (!verify_hash($row['password'], $_data["confirm_password"])) $access_denied = true;
+      else $access_denied = false;
+    }
+  }
+
+  // set access_denied error
+  if ($access_denied){
    $_SESSION['return'][] =  array(
      'type' => 'danger',
      'log' => array(__FUNCTION__, $_data_log),
@@ -1181,8 +1212,6 @@ function set_tfa($_data) {
    );
    return false;
  }
-  }
-

  switch ($_data["tfa_method"]) {
    case "yubi_otp":
@@ -1220,8 +1249,7 @@ function set_tfa($_data) {
        $yubico_modhex_id = substr($_data["otp_token"], 0, 12);
        $stmt = $pdo->prepare("DELETE FROM `tfa`
          WHERE `username` = :username
-            AND (`authmech` != 'yubi_otp')
-            OR (`authmech` = 'yubi_otp' AND `secret` LIKE :modhex)");
+            AND (`authmech` = 'yubi_otp' AND `secret` LIKE :modhex)");
        $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id));
        $stmt = $pdo->prepare("INSERT INTO `tfa` (`key_id`, `username`, `authmech`, `active`, `secret`) VALUES
          (:key_id, :username, 'yubi_otp', '1', :secret)");
@@ -1265,9 +1293,6 @@ function set_tfa($_data) {
    case "webauthn":
        $key_id = (!isset($_data["key_id"])) ? 'unidentified' : $_data["key_id"];

-        $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username AND `authmech` != 'webauthn'");
-        $stmt->execute(array(':username' => $username));
-
        $stmt = $pdo->prepare("INSERT INTO `tfa` (`username`, `key_id`, `authmech`, `keyHandle`, `publicKey`, `certificate`, `counter`, `active`)
        VALUES (?, ?, 'webauthn', ?, ?, ?, ?, '1')");
        $stmt->execute(array(
@@ -1439,18 +1464,18 @@ function unset_tfa_key($_data) {
  global $pdo;
  global $lang;
  $_data_log = $_data;
+  $access_denied = null;
  $id = intval($_data['unset_tfa_key']);
  $username = $_SESSION['mailcow_cc_username'];
-  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) {
-    $_SESSION['return'][] =  array(
-      'type' => 'danger',
-      'log' => array(__FUNCTION__, $_data_log),
-      'msg' => 'access_denied'
-    );
-    return false;
-  }
+
+  // check for empty user and role
+  if (!isset($_SESSION['mailcow_cc_role']) || empty($username)) $access_denied = true;
+
  try {
-    if (!is_numeric($id)) {
+    if (!is_numeric($id)) $access_denied = true;
+    
+    // set access_denied error
+    if ($access_denied){
      $_SESSION['return'][] = array(
        'type' => 'danger',
        'log' => array(__FUNCTION__, $_data_log),
@@ -1458,6 +1483,8 @@ function unset_tfa_key($_data) {
      );
      return false;
    } 
+
+    // check if it's last key
    $stmt = $pdo->prepare("SELECT COUNT(*) AS `keys` FROM `tfa`
      WHERE `username` = :username AND `active` = '1'");
    $stmt->execute(array(':username' => $username));
@@ -1470,6 +1497,8 @@ function unset_tfa_key($_data) {
      );
      return false;
    }
+
+    // delete key
    $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `username` = :username AND `id` = :id");
    $stmt->execute(array(':username' => $username, ':id' => $id));
    $_SESSION['return'][] =  array(
@@ -1487,7 +1516,7 @@ function unset_tfa_key($_data) {
    return false;
  }
 }
-function get_tfa($username = null) {
+function get_tfa($username = null, $id = null) {
  global $pdo;
  if (isset($_SESSION['mailcow_cc_username'])) {
    $username = $_SESSION['mailcow_cc_username'];
@@ -1495,9 +1524,29 @@ function get_tfa($username = null) {
  elseif (empty($username)) {
    return false;
  }
-  $stmt = $pdo->prepare("SELECT * FROM `tfa`
+
+  if (!isset($id)){
+    // fetch all tfa methods - just get information about possible authenticators
+    $stmt = $pdo->prepare("SELECT `id`, `key_id`, `authmech` FROM `tfa`
        WHERE `username` = :username AND `active` = '1'");
    $stmt->execute(array(':username' => $username));
+    $results = $stmt->fetchAll(PDO::FETCH_ASSOC);
+ 
+    // no tfa methods found
+    if (count($results) == 0) {
+        $data['name'] = 'none';
+        $data['pretty'] = "-";
+        $data['additional'] = array();
+        return $data;
+    }
+
+    $data['additional'] = $results;
+    return $data;
+  } else {
+    // fetch specific authenticator details by id
+    $stmt = $pdo->prepare("SELECT * FROM `tfa`
+    WHERE `username` = :username AND `id` = :id AND `active` = '1'");
+    $stmt->execute(array(':username' => $username, ':id' => $id));
    $row = $stmt->fetch(PDO::FETCH_ASSOC);

    if (isset($row["authmech"])) {
@@ -1505,9 +1554,10 @@ function get_tfa($username = null) {
          case "yubi_otp":
            $data['name'] = "yubi_otp";
            $data['pretty'] = "Yubico OTP";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id`, RIGHT(`secret`, 12) AS 'modhex' FROM `tfa` WHERE `authmech` = 'yubi_otp' AND `username` = :username");
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, RIGHT(`secret`, 12) AS 'modhex' FROM `tfa` WHERE `authmech` = 'yubi_otp' AND `username` = :username AND `id` = :id");
            $stmt->execute(array(
              ':username' => $username,
+              ':id' => $id
            ));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            while($row = array_shift($rows)) {
@@ -1519,9 +1569,10 @@ function get_tfa($username = null) {
          case "u2f":
            $data['name'] = "u2f";
            $data['pretty'] = "Fido U2F";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
+            $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username AND `id` = :id");
            $stmt->execute(array(
              ':username' => $username,
+              ':id' => $id
            ));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            while($row = array_shift($rows)) {
@@ -1537,9 +1588,10 @@ function get_tfa($username = null) {
          case "totp":
            $data['name'] = "totp";
            $data['pretty'] = "Time-based OTP";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id`, `secret` FROM `tfa` WHERE `authmech` = 'totp' AND `username` = :username");
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, `secret` FROM `tfa` WHERE `authmech` = 'totp' AND `username` = :username AND `id` = :id");
            $stmt->execute(array(
              ':username' => $username,
+              ':id' => $id
            ));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            while($row = array_shift($rows)) {
@@ -1550,9 +1602,10 @@ function get_tfa($username = null) {
          case "webauthn":
            $data['name'] = "webauthn";
            $data['pretty'] = "WebAuthn";
-        $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'webauthn' AND `username` = :username");
+            $stmt = $pdo->prepare("SELECT `id`, `key_id` FROM `tfa` WHERE `authmech` = 'webauthn' AND `username` = :username AND `id` = :id");
            $stmt->execute(array(
              ':username' => $username,
+              ':id' => $id
            ));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            while($row = array_shift($rows)) {
@@ -1572,18 +1625,18 @@ function get_tfa($username = null) {
        $data['pretty'] = "-";
        return $data;
      }
+    }
 }
-function verify_tfa_login($username, $_data, $WebAuthn) {
+function verify_tfa_login($username, $_data) {
  global $pdo;
  global $yubi;
  global $u2f;
  global $tfa;
-    $stmt = $pdo->prepare("SELECT `authmech` FROM `tfa`
-        WHERE `username` = :username AND `active` = '1'");
-    $stmt->execute(array(':username' => $username));
-    $row = $stmt->fetch(PDO::FETCH_ASSOC);
+  global $WebAuthn;

-    switch ($row["authmech"]) {
+  if ($_data['tfa_method'] != 'u2f'){
+
+    switch ($_data["tfa_method"]) {
        case "yubi_otp":
            if (!ctype_alnum($_data['token']) || strlen($_data['token']) != 44) {
                $_SESSION['return'][] =  array(
@@ -1597,7 +1650,7 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            $stmt = $pdo->prepare("SELECT `id`, `secret` FROM `tfa`
                WHERE `username` = :username
                AND `authmech` = 'yubi_otp'
-                AND `active`='1'
+                AND `active` = '1'
                AND `secret` LIKE :modhex");
            $stmt->execute(array(':username' => $username, ':modhex' => '%' . $yubico_modhex_id));
            $row = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -1636,8 +1689,9 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            $stmt = $pdo->prepare("SELECT `id`, `secret` FROM `tfa`
                WHERE `username` = :username
                AND `authmech` = 'totp'
+                AND `id` = :id
                AND `active`='1'");
-            $stmt->execute(array(':username' => $username));
+            $stmt->execute(array(':username' => $username, ':id' => $_data['id']));
            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
            foreach ($rows as $row) {
              if ($tfa->verifyCode($row['secret'], $_data['token']) === true) {
@@ -1666,13 +1720,6 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            return false;
          }
        break;
-        // u2f - deprecated, should be removed
-        case "u2f":
-            // delete old keys that used u2f
-            $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `authmech` = :authmech AND `username` = :username");
-            $stmt->execute(array(':authmech' => 'u2f', ':username' => $username));
-
-            return true;
        case "webauthn":
            $tokenData = json_decode($_data['token']);
            $clientDataJSON = base64_decode($tokenData->clientDataJSON);
@@ -1681,13 +1728,20 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
            $id = base64_decode($tokenData->id);
            $challenge = $_SESSION['challenge'];

-            $stmt = $pdo->prepare("SELECT `key_id`, `keyHandle`, `username`, `publicKey` FROM `tfa` WHERE `keyHandle` = :tokenId");
-            $stmt->execute(array(':tokenId' => $tokenData->id));
+            $stmt = $pdo->prepare("SELECT `id`, `key_id`, `keyHandle`, `username`, `publicKey` FROM `tfa` WHERE `id` = :id AND `active`='1'");
+            $stmt->execute(array(':id' => $_data['id']));
            $process_webauthn = $stmt->fetch(PDO::FETCH_ASSOC);

-            if (empty($process_webauthn) || empty($process_webauthn['publicKey']) || empty($process_webauthn['username'])) return false;
+            if (empty($process_webauthn)){
+              $_SESSION['return'][] =  array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $username, '*'),
+                  'msg' => array('webauthn_verification_failed', 'authenticator not found')
+              );
+              return false;
+            } 
            
-            if ($process_webauthn['publicKey'] === false) {
+            if (empty($process_webauthn['publicKey']) || $process_webauthn['publicKey'] === false) {
                $_SESSION['return'][] =  array(
                    'type' => 'danger',
                    'log' => array(__FUNCTION__, $username, '*'),
@@ -1695,6 +1749,7 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                );
                return false;
            }
+
            try {
                $WebAuthn->processGet($clientDataJSON, $authenticatorData, $signature, $process_webauthn['publicKey'], $challenge, null, $GLOBALS['WEBAUTHN_UV_FLAG_LOGIN'], $GLOBALS['WEBAUTHN_USER_PRESENT_FLAG']);
            }
@@ -1707,7 +1762,6 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                return false;
            }

-            
            $stmt = $pdo->prepare("SELECT `superadmin` FROM `admin` WHERE `username` = :username");
            $stmt->execute(array(':username' => $process_webauthn['username']));
            $obj_props = $stmt->fetch(PDO::FETCH_ASSOC);
@@ -1721,12 +1775,18 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
              $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE `username` = :username");
              $stmt->execute(array(':username' => $process_webauthn['username']));
              $row = $stmt->fetch(PDO::FETCH_ASSOC);
-                if ($row['username'] == $process_webauthn['username']) {
+              if (!empty($row['username'])) {
                $_SESSION["mailcow_cc_role"] = "user";
+              } else {
+                $_SESSION['return'][] =  array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $username, '*'),
+                  'msg' => array('webauthn_verification_failed', 'could not determine user role')
+                );
+                return false;
              }
            }

-        
            if ($process_webauthn['username'] != $_SESSION['pending_mailcow_cc_username']){
                $_SESSION['return'][] =  array(
                    'type' => 'danger',
@@ -1736,9 +1796,8 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
                return false;
            }

-
            $_SESSION["mailcow_cc_username"] = $process_webauthn['username'];
-            $_SESSION['tfa_id'] = $process_webauthn['key_id'];
+            $_SESSION['tfa_id'] = $process_webauthn['id'];
            $_SESSION['authReq'] = null;
            unset($_SESSION["challenge"]);
            $_SESSION['return'][] =  array(
@@ -1759,6 +1818,17 @@ function verify_tfa_login($username, $_data, $WebAuthn) {
    }

    return false;
+  } else {
+    // delete old keys that used u2f
+    $stmt = $pdo->prepare("SELECT * FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+    if (count($rows) == 0) return false;
+
+    $stmt = $pdo->prepare("DELETE FROM `tfa` WHERE `authmech` = 'u2f' AND `username` = :username");
+    $stmt->execute(array(':username' => $username));
+    return true;
+  }
 }
 function admin_api($access, $action, $data = null) {
  global $pdo;
--- a/data/web/inc/functions.mailbox.inc.php
+++ b/data/web/inc/functions.mailbox.inc.php
@@ -336,9 +336,37 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $mins_interval        = $_data['mins_interval'];
          $enc1                 = $_data['enc1'];
          $custom_params        = (empty(trim($_data['custom_params']))) ? '' : trim($_data['custom_params']);
-          // Workaround, fixme
-          if (strpos($custom_params, 'pipemess')) {
-            $custom_params = '';
+
+          // validate custom params
+          foreach (explode('-', $custom_params) as $param){
+            if(empty($param)) continue;
+
+            // extract option
+            if (str_contains($param, '=')) $param = explode('=', $param)[0];
+            else $param = rtrim($param, ' ');
+            // remove first char if first char is -
+            if ($param[0] == '-') $param = ltrim($param, $param[0]);
+
+            if (str_contains($param, ' ')) {
+              // bad char
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'bad character SPACE'
+              );
+              return false;
+            }
+
+            // check if param is whitelisted
+            if (!in_array(strtolower($param), $GLOBALS["IMAPSYNC_OPTIONS"]["whitelist"])){
+              // bad option
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'bad option '. $param
+              );
+              return false;
+            }
          }
          if (empty($subfolder2)) {
            $subfolder2 = "";
@@ -443,16 +471,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          if ($_SESSION['mailcow_cc_role'] != "admin") {
            $_SESSION['return'][] = array(
              'type' => 'danger',
-              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_extra),
              'msg' => 'access_denied'
            );
            return false;
          }
          $domain       = idn_to_ascii(strtolower(trim($_data['domain'])), 0, INTL_IDNA_VARIANT_UTS46);
          $description  = $_data['description'];
-          if (empty($description)) {
-            $description = $domain;
-          }
+          if (empty($description)) $description = $domain;
+          $tags         = (array)$_data['tags'];
          $aliases      = (int)$_data['aliases'];
          $mailboxes    = (int)$_data['mailboxes'];
          $defquota     = (int)$_data['defquota'];
@@ -545,10 +572,12 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            );
            return false;
          }
+
          $stmt = $pdo->prepare("DELETE FROM `sender_acl` WHERE `external` = 1 AND `send_as` LIKE :domain");
          $stmt->execute(array(
            ':domain' => '%@' . $domain
          ));
+          // save domain
          $stmt = $pdo->prepare("INSERT INTO `domain` (`domain`, `description`, `aliases`, `mailboxes`, `defquota`, `maxquota`, `quota`, `backupmx`, `gal`, `active`, `relay_unknown_only`, `relay_all_recipients`)
            VALUES (:domain, :description, :aliases, :mailboxes, :defquota, :maxquota, :quota, :backupmx, :gal, :active, :relay_unknown_only, :relay_all_recipients)");
          $stmt->execute(array(
@@ -565,6 +594,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            ':relay_unknown_only' => $relay_unknown_only,
            ':relay_all_recipients' => $relay_all_recipients
          ));
+          // save tags
+          foreach($tags as $index => $tag){
+            if (empty($tag)) continue;
+            if ($index > $GLOBALS['TAGGING_LIMIT']) {
+              $_SESSION['return'][] = array(
+                'type' => 'warning',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+              );
+              break;
+            }
+            $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+            $stmt->execute(array(
+              ':domain' => $domain,
+              ':tag_name' => $tag,
+            ));
+          }
+
          try {
            $redis->hSet('DOMAIN_MAP', $domain, 1);
          }
@@ -580,8 +627,17 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            ratelimit('edit', 'domain', array('rl_value' => $_data['rl_value'], 'rl_frame' => $_data['rl_frame'], 'object' => $domain));
          }
          if (!empty($_data['key_size']) && !empty($_data['dkim_selector'])) {
+            if (!empty($redis->hGet('DKIM_SELECTORS', $domain))) {
+              $_SESSION['return'][] = array(
+                'type' => 'success',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'domain_add_dkim_available'
+              );
+            }
+            else {
              dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $domain));
            }
+          }
          if (!empty($restart_sogo)) {
            $restart_response = json_decode(docker('post', 'sogo-mailcow', 'restart'), true);
            if ($restart_response['type'] == "success") {
@@ -910,8 +966,17 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              ratelimit('edit', 'domain', array('rl_value' => $_data['rl_value'], 'rl_frame' => $_data['rl_frame'], 'object' => $alias_domain));
            }
            if (!empty($_data['key_size']) && !empty($_data['dkim_selector'])) {
+              if (!empty($redis->hGet('DKIM_SELECTORS', $alias_domain))) {
+                $_SESSION['return'][] = array(
+                  'type' => 'success',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'domain_add_dkim_available'
+                );
+              }
+              else {
                dkim('add', array('key_size' => $_data['key_size'], 'dkim_selector' => $_data['dkim_selector'], 'domains' => $alias_domain));
              }
+            }
            $_SESSION['return'][] = array(
              'type' => 'success',
              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -942,6 +1007,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $password     = $_data['password'];
          $password2    = $_data['password2'];
          $name         = ltrim(rtrim($_data['name'], '>'), '<');
+          $tags         = $_data['tags'];
          $quota_m      = intval($_data['quota']);
          if ((!isset($_SESSION['acl']['unlimited_quota']) || $_SESSION['acl']['unlimited_quota'] != "1") && $quota_m === 0) {
            $_SESSION['return'][] = array(
@@ -1103,6 +1169,23 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          $stmt->execute(array(
            ':username' => $username
          ));
+          // save tags
+          foreach($tags as $index => $tag){
+            if (empty($tag)) continue;
+            if ($index > $GLOBALS['TAGGING_LIMIT']) {
+              $_SESSION['return'][] = array(
+                'type' => 'warning',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+              );
+              break;
+            }
+            $stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
+            $stmt->execute(array(
+              ':username' => $username,
+              ':tag_name' => $tag,
+            ));
+          }
          $stmt = $pdo->prepare("INSERT INTO `quota2` (`username`, `bytes`, `messages`)
            VALUES (:username, '0', '0') ON DUPLICATE KEY UPDATE `bytes` = '0', `messages` = '0';");
          $stmt->execute(array(':username' => $username));
@@ -1709,8 +1792,37 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              );
              continue;
            }
-            if (strpos($custom_params, 'pipemess')) {
-              $custom_params = '';
+
+            // validate custom params
+            foreach (explode('-', $custom_params) as $param){
+              if(empty($param)) continue;
+
+              // extract option
+              if (str_contains($param, '=')) $param = explode('=', $param)[0];
+              else $param = rtrim($param, ' ');
+              // remove first char if first char is -
+              if ($param[0] == '-') $param = ltrim($param, $param[0]);
+
+              if (str_contains($param, ' ')) {
+                // bad char
+                $_SESSION['return'][] = array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'bad character SPACE'
+                );
+                return false;
+              }
+  
+              // check if param is whitelisted
+              if (!in_array(strtolower($param), $GLOBALS["IMAPSYNC_OPTIONS"]["whitelist"])){
+                // bad option
+                $_SESSION['return'][] = array(
+                  'type' => 'danger',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => 'bad option '. $param
+                );
+                return false;
+              }
            }
            if (empty($subfolder2)) {
              $subfolder2 = "";
@@ -2146,6 +2258,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                $gal                  = (isset($_data['gal'])) ? intval($_data['gal']) : $is_now['gal'];
                $description          = (!empty($_data['description']) && isset($_SESSION['acl']['domain_desc']) && $_SESSION['acl']['domain_desc'] == "1") ? $_data['description'] : $is_now['description'];
                (int)$relayhost       = (isset($_data['relayhost']) && isset($_SESSION['acl']['domain_relayhost']) && $_SESSION['acl']['domain_relayhost'] == "1") ? intval($_data['relayhost']) : intval($is_now['relayhost']);
+                $tags                 = (is_array($_data['tags']) ? $_data['tags'] : array());
              }
              else {
                $_SESSION['return'][] = array(
@@ -2155,6 +2268,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                );
                continue;
              }
+
              $stmt = $pdo->prepare("UPDATE `domain` SET
              `description` = :description,
              `gal` = :gal
@@ -2164,6 +2278,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                ':gal' => $gal,
                ':domain' => $domain
              ));
+              // save tags
+              foreach($tags as $index => $tag){
+                if (empty($tag)) continue;
+                if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                  $_SESSION['return'][] = array(
+                    'type' => 'warning',
+                    'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                    'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                  );
+                  break;
+                }
+                $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+                $stmt->execute(array(
+                  ':domain' => $domain,
+                  ':tag_name' => $tag,
+                ));
+              }
+
              $_SESSION['return'][] = array(
                'type' => 'success',
                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2185,6 +2317,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                $maxquota             = (!empty($_data['maxquota'])) ? $_data['maxquota'] : ($is_now['max_quota_for_mbox'] / 1048576);
                $quota                = (!empty($_data['quota'])) ? $_data['quota'] : ($is_now['max_quota_for_domain'] / 1048576);
                $description          = (!empty($_data['description'])) ? $_data['description'] : $is_now['description'];
+                $tags                 = (is_array($_data['tags']) ? $_data['tags'] : array());
                if ($relay_all_recipients == '1') {
                  $backupmx = '1';
                }
@@ -2283,6 +2416,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                );
                continue;
              }
+
              $stmt = $pdo->prepare("UPDATE `domain` SET
              `relay_all_recipients` = :relay_all_recipients,
              `relay_unknown_only` = :relay_unknown_only,
@@ -2312,6 +2446,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
                ':description' => $description,
                ':domain' => $domain
              ));
+              // save tags
+              foreach($tags as $index => $tag){
+                if (empty($tag)) continue;
+                if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                  $_SESSION['return'][] = array(
+                    'type' => 'warning',
+                    'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                    'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                  );
+                  break;
+                }
+                $stmt = $pdo->prepare("INSERT INTO `tags_domain` (`domain`, `tag_name`) VALUES (:domain, :tag_name)");
+                $stmt->execute(array(
+                  ':domain' => $domain,
+                  ':tag_name' => $tag,
+                ));
+              }
+
              $_SESSION['return'][] = array(
                'type' => 'success',
                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2360,6 +2512,7 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              $quota_b    = $quota_m * 1048576;
              $password   = (!empty($_data['password'])) ? $_data['password'] : null;
              $password2  = (!empty($_data['password2'])) ? $_data['password2'] : null;
+              $tags       = (is_array($_data['tags']) ? $_data['tags'] : array());
            }
            else {
              $_SESSION['return'][] = array(
@@ -2636,6 +2789,24 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              ':relayhost' => $relayhost,
              ':username' => $username
            ));
+            // save tags
+            foreach($tags as $index => $tag){
+              if (empty($tag)) continue;
+              if ($index > $GLOBALS['TAGGING_LIMIT']) {
+                $_SESSION['return'][] = array(
+                  'type' => 'warning',
+                  'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                  'msg' => array('tag_limit_exceeded', 'limit '.$GLOBALS['TAGGING_LIMIT'])
+                );
+                break;
+              }
+              $stmt = $pdo->prepare("INSERT INTO `tags_mailbox` (`username`, `tag_name`) VALUES (:username, :tag_name)");
+              $stmt->execute(array(
+                ':username' => $username,
+                ':tag_name' => $tag,
+              ));
+            }
+            
            $_SESSION['return'][] = array(
              'type' => 'success',
              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
@@ -2851,10 +3022,34 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
        break;
        case 'mailboxes':
          $mailboxes = array();
-          if (isset($_data) && !hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
-            return false;
+          if (isset($_extra) && is_array($_extra) && isset($_data)) {
+            // get by domain and tags
+            $tags = is_array($_extra) ? $_extra : array();
+
+            $sql = "";
+            foreach ($tags as $key => $tag) {
+              $sql = $sql."SELECT DISTINCT `username` FROM `tags_mailbox` WHERE `username` LIKE ? AND `tag_name` LIKE ?"; // distinct, avoid duplicates
+              if ($key === array_key_last($tags)) break;
+              $sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
+            }
+
+            // prepend domain to array
+            $params = array();
+            foreach ($tags as $key => $val){ 
+              array_push($params, '%'.$_data.'%');
+              array_push($params, '%'.$val.'%');
+            }
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute($params);
+
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              if (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], explode('@', $row['username'])[1])) 
+                $mailboxes[] = $row['username'];
+            }
          }
          elseif (isset($_data) && hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $_data)) {
+            // get by domain
            $stmt = $pdo->prepare("SELECT `username` FROM `mailbox` WHERE (`kind` = '' OR `kind` = NULL) AND `domain` = :domain");
            $stmt->execute(array(
              ':domain' => $_data,
@@ -3348,6 +3543,30 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
          if ($_SESSION['mailcow_cc_role'] != "admin" && $_SESSION['mailcow_cc_role'] != "domainadmin") {
            return false;
          }
+
+          if (isset($_extra) && is_array($_extra)){
+            // get by tags
+            $tags = is_array($_extra) ? $_extra : array();
+            // add % as prefix and suffix to every element for relative searching
+            $tags = array_map(function($x){ return '%'.$x.'%'; }, $tags);
+            $sql = "";
+            foreach ($tags as $key => $tag) {
+              $sql = $sql."SELECT DISTINCT `domain` FROM `tags_domain` WHERE `tag_name` LIKE ?"; // distinct, avoid duplicates
+              if ($key === array_key_last($tags)) break;
+              $sql = $sql.' UNION DISTINCT '; // combine querys with union - distinct, avoid duplicates
+            }
+            $stmt = $pdo->prepare($sql);
+            $stmt->execute($tags);
+
+            $rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
+            while($row = array_shift($rows)) {
+              if ($_SESSION['mailcow_cc_role'] == "admin")
+                $domains[] = $row['domain'];
+              elseif (hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $row['domain'])) 
+                $domains[] = $row['domain'];
+            }
+          } else {
+            // get all
            $stmt = $pdo->prepare("SELECT `domain` FROM `domain`
              WHERE (`domain` IN (
                SELECT `domain` from `domain_admins`
@@ -3362,6 +3581,8 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            while($row = array_shift($rows)) {
              $domains[] = $row['domain'];
            }
+          }
+
          return $domains;
        break;
        case 'domain_details':
@@ -3478,6 +3699,16 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
              $domain_admins = $stmt->fetch(PDO::FETCH_ASSOC);
              (isset($domain_admins['domain_admins'])) ? $domaindata['domain_admins'] = $domain_admins['domain_admins'] : $domaindata['domain_admins'] = "-";
          }
+          $stmt = $pdo->prepare("SELECT `tag_name`
+            FROM `tags_domain` WHERE `domain`= :domain");
+          $stmt->execute(array(
+            ':domain' => $_data
+          ));
+          $tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
+          while ($tag = array_shift($tags)) {
+            $domaindata['tags'][] = $tag['tag_name'];
+          }
+
          return $domaindata;
        break;
        case 'mailbox_details':
@@ -3613,6 +3844,15 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            }
            $mailboxdata['is_relayed'] = $row['backupmx'];
          }
+          $stmt = $pdo->prepare("SELECT `tag_name`
+            FROM `tags_mailbox` WHERE `username`= :username");
+          $stmt->execute(array(
+            ':username' => $_data
+          ));
+          $tags = $stmt->fetchAll(PDO::FETCH_ASSOC);
+          while ($tag = array_shift($tags)) {
+            $mailboxdata['tags'][] = $tag['tag_name'];
+          }

          return $mailboxdata;
        break;
@@ -4054,6 +4294,10 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            $stmt->execute(array(
              ':alias_domain' => $alias_domain,
            ));
+            $stmt = $pdo->prepare("DELETE FROM `spamalias` WHERE `address` LIKE :domain");
+            $stmt->execute(array(
+              ':domain' => '%@'.$alias_domain,
+            ));
            $stmt = $pdo->prepare("DELETE FROM `bcc_maps` WHERE `local_dest` = :alias_domain");
            $stmt->execute(array(
              ':alias_domain' => $alias_domain,
@@ -4338,6 +4582,108 @@ function mailbox($_action, $_type, $_data = null, $_extra = null) {
            );
          }
        break;
+        case 'tags_domain':    
+          if (!is_array($_data['domain'])) {
+            $domains = array();
+            $domains[] = $_data['domain'];
+          }
+          else {
+            $domains = $_data['domain'];
+          }
+          $tags = $_data['tags'];
+          if (!is_array($tags)) $tags = array();
+
+          
+          if ($_SESSION['mailcow_cc_role'] != "admin") {
+            $_SESSION['return'][] = array(
+              'type' => 'danger',
+              'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+              'msg' => 'access_denied'
+            );
+            return false;
+          }
+
+          $wasModified = false;
+          foreach ($domains as $domain) {            
+            if (!is_valid_domain_name($domain)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'domain_invalid'
+              );
+              continue;
+            }
+
+            foreach($tags as $tag){
+              // delete tag
+              $wasModified = true;
+              $stmt = $pdo->prepare("DELETE FROM `tags_domain` WHERE `domain` = :domain AND `tag_name` = :tag_name");
+              $stmt->execute(array(
+                ':domain' => $domain,
+                ':tag_name' => $tag,
+              ));
+            }
+          }
+
+          if (!$wasModified) return false;
+          $_SESSION['return'][] = array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+            'msg' => array('domain_modified', $domain)
+          );
+        break;
+        case 'tags_mailbox':
+          if (!is_array($_data['username'])) {
+            $usernames = array();
+            $usernames[] = $_data['username'];
+          }
+          else {
+            $usernames = $_data['username'];
+          }
+          $tags = $_data['tags'];
+          if (!is_array($tags)) $tags = array();
+
+          $wasModified = false;
+          foreach ($usernames as $username) {
+            if (!filter_var($username, FILTER_VALIDATE_EMAIL)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'email invalid'
+              );
+              continue;
+            }
+
+            $is_now = mailbox('get', 'mailbox_details', $username);
+            $domain     = $is_now['domain'];
+            if (!hasDomainAccess($_SESSION['mailcow_cc_username'], $_SESSION['mailcow_cc_role'], $domain)) {
+              $_SESSION['return'][] = array(
+                'type' => 'danger',
+                'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+                'msg' => 'access_denied'
+              );
+              continue;
+            }
+
+            // delete tags
+            foreach($tags as $tag){
+              $wasModified = true;
+              
+              $stmt = $pdo->prepare("DELETE FROM `tags_mailbox` WHERE `username` = :username AND `tag_name` = :tag_name");
+              $stmt->execute(array(
+                ':username' => $username,
+                ':tag_name' => $tag,
+              ));
+            }
+          }
+
+          if (!$wasModified) return false;
+          $_SESSION['return'][] = array(
+            'type' => 'success',
+            'log' => array(__FUNCTION__, $_action, $_type, $_data_log, $_attr),
+            'msg' => array('mailbox_modified', $username)
+          );
+        break;
      }
    break;
  }
--- a/data/web/inc/init_db.inc.php
+++ b/data/web/inc/init_db.inc.php
@@ -3,7 +3,7 @@ function init_db_schema() {
  try {
    global $pdo;

-    $db_version = "18012022_1020";
+    $db_version = "25072022_2300";

    $stmt = $pdo->query("SHOW TABLES LIKE 'versions'");
    $num_results = count($stmt->fetchAll(PDO::FETCH_ASSOC));
@@ -251,6 +251,26 @@ function init_db_schema() {
        ),
        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
      ),
+      "tags_domain" => array(
+        "cols" => array(
+          "tag_name" => "VARCHAR(255) NOT NULL",
+          "domain" => "VARCHAR(255) NOT NULL"
+        ),
+        "keys" => array(
+          "fkey" => array(
+            "fk_tags_domain" => array(
+              "col" => "domain",
+              "ref" => "domain.domain",
+              "delete" => "CASCADE",
+              "update" => "NO ACTION"
+            )
+          ),
+          "unique" => array(
+            "tag_name" => array("tag_name", "domain")
+          )
+        ),
+        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
+      ),
      "tls_policy_override" => array(
        "cols" => array(
          "id" => "INT NOT NULL AUTO_INCREMENT",
@@ -325,6 +345,26 @@ function init_db_schema() {
        ),
        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
      ),
+      "tags_mailbox" => array(
+        "cols" => array(
+          "tag_name" => "VARCHAR(255) NOT NULL",
+          "username" => "VARCHAR(255) NOT NULL"
+        ),
+        "keys" => array(
+          "fkey" => array(
+            "fk_tags_mailbox" => array(
+              "col" => "username",
+              "ref" => "mailbox.username",
+              "delete" => "CASCADE",
+              "update" => "NO ACTION"
+            )
+          ),
+          "unique" => array(
+            "tag_name" => array("tag_name", "username")
+          )
+        ),
+        "attr" => "ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 ROW_FORMAT=DYNAMIC"
+      ),
      "sieve_filters" => array(
        "cols" => array(
          "id" => "INT NOT NULL AUTO_INCREMENT",
@@ -400,7 +440,7 @@ function init_db_schema() {
          "spam_score" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "spam_policy" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "delimiter_action" => "TINYINT(1) NOT NULL DEFAULT '1'",
-          "syncjobs" => "TINYINT(1) NOT NULL DEFAULT '1'",
+          "syncjobs" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "eas_reset" => "TINYINT(1) NOT NULL DEFAULT '1'",
          "sogo_profile_reset" => "TINYINT(1) NOT NULL DEFAULT '0'",
          "pushover" => "TINYINT(1) NOT NULL DEFAULT '1'",
@@ -698,8 +738,8 @@ function init_db_schema() {
          "username" => "VARCHAR(255) NOT NULL",
          "authmech" => "ENUM('yubi_otp', 'u2f', 'hotp', 'totp', 'webauthn')",
          "secret" => "VARCHAR(255) DEFAULT NULL",
-          "keyHandle" => "VARCHAR(255) DEFAULT NULL",
-          "publicKey" => "VARCHAR(255) DEFAULT NULL",
+          "keyHandle" => "VARCHAR(1023) DEFAULT NULL",
+          "publicKey" => "VARCHAR(4096) DEFAULT NULL",
          "counter" => "INT NOT NULL DEFAULT '0'",
          "certificate" => "TEXT",
          "active" => "TINYINT(1) NOT NULL DEFAULT '0'"
@@ -864,7 +904,7 @@ function init_db_schema() {
      "sogo_sessions_folder" => array(
        "cols" => array(
          "c_id" => "VARCHAR(255) NOT NULL",
-          "c_value" => "VARCHAR(255) NOT NULL",
+          "c_value" => "VARCHAR(4096) NOT NULL",
          "c_creationdate" => "INT(11) NOT NULL",
          "c_lastseen" => "INT(11) NOT NULL"
        ),
@@ -1187,8 +1227,16 @@ function init_db_schema() {
      $pdo->query($create);
    }
    
-    // Mitigate imapsync pipemess issue
-    $pdo->query("UPDATE `imapsync` SET `custom_params` = '' WHERE `custom_params` LIKE '%pipemess%';");
+    // Mitigate imapsync argument injection issue
+    $pdo->query("UPDATE `imapsync` SET `custom_params` = '' 
+      WHERE `custom_params` LIKE '%pipemess%' 
+        OR custom_params LIKE '%skipmess%' 
+        OR custom_params LIKE '%delete2foldersonly%' 
+        OR custom_params LIKE '%delete2foldersbutnot%' 
+        OR custom_params LIKE '%regexflag%' 
+        OR custom_params LIKE '%pipemess%' 
+        OR custom_params LIKE '%regextrans2%' 
+        OR custom_params LIKE '%maxlinelengthcmd%';");
    
    // Migrate webauthn tfa
    $stmt = $pdo->query("ALTER TABLE `tfa` MODIFY COLUMN `authmech` ENUM('yubi_otp', 'u2f', 'hotp', 'totp', 'webauthn')");
--- a/data/web/inc/lib/composer.lock
+++ b/data/web/inc/lib/composer.lock
@@ -62,35 +62,40 @@
                "oauth",
                "oauth2"
            ],
+            "support": {
+                "issues": "https://github.com/bshaffer/oauth2-server-php/issues",
+                "source": "https://github.com/bshaffer/oauth2-server-php/tree/master"
+            },
            "time": "2018-12-04T00:29:32+00:00"
        },
        {
            "name": "ddeboer/imap",
-            "version": "1.12.1",
+            "version": "1.13.1",
            "source": {
                "type": "git",
                "url": "https://github.com/ddeboer/imap.git",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb"
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/ddeboer/imap/zipball/dbed05ca67b93509345a820b2859de10c48948fb",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb",
+                "url": "https://api.github.com/repos/ddeboer/imap/zipball/8b772d04b1deadb5df13782fb78c4b648f77496e",
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e",
                "shasum": ""
            },
            "require": {
                "ext-iconv": "*",
                "ext-imap": "*",
                "ext-mbstring": "*",
-                "php": "^7.4 || ^8.0"
+                "php": "^8.0.1"
            },
            "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.18.6",
-                "laminas/laminas-mail": "^2.14.0",
-                "phpstan/phpstan": "^0.12.84",
-                "phpstan/phpstan-phpunit": "^0.12.18",
-                "phpstan/phpstan-strict-rules": "^0.12.9",
-                "phpunit/phpunit": "^9.5.4"
+                "friendsofphp/php-cs-fixer": "^v3.4.0",
+                "laminas/laminas-mail": "^2.15.1",
+                "malukenho/mcbumpface": "^1.1.5",
+                "phpstan/phpstan": "^1.3.3",
+                "phpstan/phpstan-phpunit": "^1.0.0",
+                "phpstan/phpstan-strict-rules": "^1.1.0",
+                "phpunit/phpunit": "^9.5.11"
            },
            "type": "library",
            "autoload": {
@@ -124,7 +129,7 @@
            ],
            "support": {
                "issues": "https://github.com/ddeboer/imap/issues",
-                "source": "https://github.com/ddeboer/imap/tree/1.12.1"
+                "source": "https://github.com/ddeboer/imap/tree/1.13.1"
            },
            "funding": [
                {
@@ -136,35 +141,35 @@
                    "type": "github"
                }
            ],
-            "time": "2021-04-27T08:38:46+00:00"
+            "time": "2022-01-10T10:53:05+00:00"
        },
        {
            "name": "directorytree/ldaprecord",
-            "version": "v2.6.3",
+            "version": "v2.10.1",
            "source": {
                "type": "git",
                "url": "https://github.com/DirectoryTree/LdapRecord.git",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a"
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
+                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "ext-ldap": "*",
-                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
+                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0",
                "nesbot/carbon": "^1.0|^2.0",
                "php": ">=7.3",
-                "psr/log": "^1.0",
-                "psr/simple-cache": "^1.0",
+                "psr/log": "*",
+                "psr/simple-cache": "^1.0|^2.0",
                "tightenco/collect": "^5.6|^6.0|^7.0|^8.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
-                "phpunit/phpunit": "^8.0",
+                "phpunit/phpunit": "^9.0",
                "spatie/ray": "^1.24"
            },
            "type": "library",
@@ -209,31 +214,31 @@
                    "type": "github"
                }
            ],
-            "time": "2021-08-05T21:52:43+00:00"
+            "time": "2022-02-25T16:00:51+00:00"
        },
        {
            "name": "illuminate/contracts",
-            "version": "v8.53.1",
+            "version": "v9.3.0",
            "source": {
                "type": "git",
                "url": "https://github.com/illuminate/contracts.git",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb"
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/illuminate/contracts/zipball/504a34286a1b4c5421c43087d6bd4e176138f6fb",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb",
+                "url": "https://api.github.com/repos/illuminate/contracts/zipball/bf4b3c254c49d28157645d01e4883b5951b1e1d0",
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0",
                "shasum": ""
            },
            "require": {
-                "php": "^7.3|^8.0",
-                "psr/container": "^1.0",
-                "psr/simple-cache": "^1.0"
+                "php": "^8.0.2",
+                "psr/container": "^1.1.1|^2.0.1",
+                "psr/simple-cache": "^1.0|^2.0|^3.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "8.x-dev"
+                    "dev-master": "9.x-dev"
                }
            },
            "autoload": {
@@ -257,7 +262,7 @@
                "issues": "https://github.com/laravel/framework/issues",
                "source": "https://github.com/laravel/framework"
            },
-            "time": "2021-08-03T14:03:47+00:00"
+            "time": "2022-02-22T14:45:39+00:00"
        },
        {
            "name": "matthiasmullie/minify",
@@ -384,6 +389,10 @@
                "paths",
                "relative"
            ],
+            "support": {
+                "issues": "https://github.com/matthiasmullie/path-converter/issues",
+                "source": "https://github.com/matthiasmullie/path-converter/tree/1.1.3"
+            },
            "time": "2019-02-05T23:41:09+00:00"
        },
        {
@@ -438,16 +447,16 @@
        },
        {
            "name": "nesbot/carbon",
-            "version": "2.51.1",
+            "version": "2.57.0",
            "source": {
                "type": "git",
                "url": "https://github.com/briannesbitt/Carbon.git",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922"
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
+                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/4a54375c21eea4811dbd1149fe6b246517554e78",
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78",
                "shasum": ""
            },
            "require": {
@@ -455,15 +464,16 @@
                "php": "^7.1.8 || ^8.0",
                "symfony/polyfill-mbstring": "^1.0",
                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation": "^3.4 || ^4.0 || ^5.0"
+                "symfony/translation": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
+                "doctrine/dbal": "^2.0 || ^3.0",
                "doctrine/orm": "^2.7",
-                "friendsofphp/php-cs-fixer": "^2.14 || ^3.0",
+                "friendsofphp/php-cs-fixer": "^3.0",
                "kylekatarnls/multi-tester": "^2.0",
                "phpmd/phpmd": "^2.9",
                "phpstan/extension-installer": "^1.0",
-                "phpstan/phpstan": "^0.12.54",
+                "phpstan/phpstan": "^0.12.54 || ^1.0",
                "phpunit/phpunit": "^7.5.20 || ^8.5.14",
                "squizlabs/php_codesniffer": "^3.4"
            },
@@ -515,6 +525,7 @@
                "time"
            ],
            "support": {
+                "docs": "https://carbon.nesbot.com/docs",
                "issues": "https://github.com/briannesbitt/Carbon/issues",
                "source": "https://github.com/briannesbitt/Carbon"
            },
@@ -528,7 +539,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-28T13:16:28+00:00"
+            "time": "2022-02-13T18:13:33+00:00"
        },
        {
            "name": "paragonie/random_compat",
@@ -673,16 +684,16 @@
        },
        {
            "name": "phpmailer/phpmailer",
-            "version": "v6.5.0",
+            "version": "v6.6.0",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c"
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e43bac82edc26ca04b36143a48bde1c051cfd5b1",
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1",
                "shasum": ""
            },
            "require": {
@@ -694,10 +705,12 @@
            "require-dev": {
                "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
                "doctrine/annotations": "^1.2",
+                "php-parallel-lint/php-console-highlighter": "^0.5.0",
+                "php-parallel-lint/php-parallel-lint": "^1.3.1",
                "phpcompatibility/php-compatibility": "^9.3.5",
                "roave/security-advisories": "dev-latest",
-                "squizlabs/php_codesniffer": "^3.5.6",
-                "yoast/phpunit-polyfills": "^0.2.0"
+                "squizlabs/php_codesniffer": "^3.6.2",
+                "yoast/phpunit-polyfills": "^1.0.0"
            },
            "suggest": {
                "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
@@ -737,7 +750,7 @@
            "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
            "support": {
                "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.6.0"
            },
            "funding": [
                {
@@ -745,26 +758,31 @@
                    "type": "github"
                }
            ],
-            "time": "2021-06-16T14:33:43+00:00"
+            "time": "2022-02-28T15:31:21+00:00"
        },
        {
            "name": "psr/container",
-            "version": "1.1.1",
+            "version": "2.0.2",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/container.git",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf"
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/container/zipball/8622567409010282b7aeebe4bb841fe98b58dcaf",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf",
+                "url": "https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963",
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.0"
+                "php": ">=7.4.0"
            },
            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
            "autoload": {
                "psr-4": {
                    "Psr\\Container\\": "src/"
@@ -791,36 +809,36 @@
            ],
            "support": {
                "issues": "https://github.com/php-fig/container/issues",
-                "source": "https://github.com/php-fig/container/tree/1.1.1"
+                "source": "https://github.com/php-fig/container/tree/2.0.2"
            },
-            "time": "2021-03-05T17:36:06+00:00"
+            "time": "2021-11-05T16:47:00+00:00"
        },
        {
            "name": "psr/log",
-            "version": "1.1.4",
+            "version": "3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/log.git",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
+                "url": "https://api.github.com/repos/php-fig/log/zipball/fe5ea303b0887d5caefd3d431c3e61ad47037001",
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.1.x-dev"
+                    "dev-master": "3.x-dev"
                }
            },
            "autoload": {
                "psr-4": {
-                    "Psr\\Log\\": "Psr/Log/"
+                    "Psr\\Log\\": "src"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
@@ -841,31 +859,31 @@
                "psr-3"
            ],
            "support": {
-                "source": "https://github.com/php-fig/log/tree/1.1.4"
+                "source": "https://github.com/php-fig/log/tree/3.0.0"
            },
-            "time": "2021-05-03T11:20:27+00:00"
+            "time": "2021-07-14T16:46:02+00:00"
        },
        {
            "name": "psr/simple-cache",
-            "version": "1.0.1",
+            "version": "2.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/simple-cache.git",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b"
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
+                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/8707bf3cea6f710bf6ef05491234e3ab06f6432a",
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                }
            },
            "autoload": {
@@ -880,7 +898,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interfaces for simple caching",
@@ -892,22 +910,22 @@
                "simple-cache"
            ],
            "support": {
-                "source": "https://github.com/php-fig/simple-cache/tree/master"
+                "source": "https://github.com/php-fig/simple-cache/tree/2.0.0"
            },
-            "time": "2017-10-23T01:57:42+00:00"
+            "time": "2021-10-29T13:22:09+00:00"
        },
        {
            "name": "robthree/twofactorauth",
-            "version": "1.8.0",
+            "version": "1.8.1",
            "source": {
                "type": "git",
                "url": "https://github.com/RobThree/TwoFactorAuth.git",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c"
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/30a38627ae1e7c9399dae67e265063cd6ec5276c",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c",
+                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/5afcb45282f1c75562a48d479ecd1732c9bdb11b",
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b",
                "shasum": ""
            },
            "require": {
@@ -964,7 +982,7 @@
                    "type": "github"
                }
            ],
-            "time": "2021-03-09T18:24:05+00:00"
+            "time": "2021-10-20T12:19:55+00:00"
        },
        {
            "name": "soundasleep/html2text",
@@ -1014,92 +1032,33 @@
                "php",
                "text"
            ],
+            "support": {
+                "email": "support@jevon.org",
+                "issues": "https://github.com/soundasleep/html2text/issues",
+                "source": "https://github.com/soundasleep/html2text/tree/master"
+            },
            "time": "2017-04-19T22:01:50+00:00"
        },
-        {
-            "name": "symfony/deprecation-contracts",
-            "version": "v2.4.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=7.1"
-            },
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-main": "2.4-dev"
-                },
-                "thanks": {
-                    "name": "symfony/contracts",
-                    "url": "https://github.com/symfony/contracts"
-                }
-            },
-            "autoload": {
-                "files": [
-                    "function.php"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "A generic function and convention to trigger deprecation notices",
-            "homepage": "https://symfony.com",
-            "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v2.4.0"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "time": "2021-03-23T23:28:01+00:00"
-        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.23.0",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce"
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/46cd95797e9df938fdd2b03693b5fca5e64b01ce",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-ctype": "*"
+            },
            "suggest": {
                "ext-ctype": "For best performance"
            },
@@ -1114,12 +1073,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Ctype\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Ctype\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1144,7 +1103,7 @@
                "portable"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1160,25 +1119,28 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-02-19T12:13:01+00:00"
+            "time": "2021-10-20T20:35:02+00:00"
        },
        {
            "name": "symfony/polyfill-mbstring",
-            "version": "v1.23.1",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6"
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9174a3d80210dca8daa7f31fec659150bbeabfc6",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825",
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-mbstring": "*"
+            },
            "suggest": {
                "ext-mbstring": "For best performance"
            },
@@ -1193,12 +1155,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Mbstring\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Mbstring\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1224,7 +1186,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1240,20 +1202,20 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-05-27T12:26:48+00:00"
+            "time": "2021-11-30T18:21:41+00:00"
        },
        {
            "name": "symfony/polyfill-php80",
-            "version": "v1.23.1",
+            "version": "v1.24.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-php80.git",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be"
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/1100343ed1a92e3a38f9ae122fc0eb21602547be",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be",
+                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/57b712b08eddb97c762a8caa32c84e037892d2e9",
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9",
                "shasum": ""
            },
            "require": {
@@ -1270,12 +1232,12 @@
                }
            },
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Php80\\": ""
-                },
                "files": [
                    "bootstrap.php"
                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Php80\\": ""
+                },
                "classmap": [
                    "Resources/stubs"
                ]
@@ -1307,7 +1269,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-php80/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-php80/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1323,50 +1285,50 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-28T13:41:28+00:00"
+            "time": "2021-09-13T13:58:33+00:00"
        },
        {
            "name": "symfony/translation",
-            "version": "v5.3.4",
+            "version": "v6.0.5",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation.git",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1"
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation/zipball/d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
+                "url": "https://api.github.com/repos/symfony/translation/zipball/e69501c71107cc3146b32aaa45f4edd0c3427875",
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/deprecation-contracts": "^2.1",
+                "php": ">=8.0.2",
                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation-contracts": "^2.3"
+                "symfony/translation-contracts": "^2.3|^3.0"
            },
            "conflict": {
-                "symfony/config": "<4.4",
-                "symfony/dependency-injection": "<5.0",
-                "symfony/http-kernel": "<5.0",
-                "symfony/twig-bundle": "<5.0",
-                "symfony/yaml": "<4.4"
+                "symfony/config": "<5.4",
+                "symfony/console": "<5.4",
+                "symfony/dependency-injection": "<5.4",
+                "symfony/http-kernel": "<5.4",
+                "symfony/twig-bundle": "<5.4",
+                "symfony/yaml": "<5.4"
            },
            "provide": {
-                "symfony/translation-implementation": "2.3"
+                "symfony/translation-implementation": "2.3|3.0"
            },
            "require-dev": {
                "psr/log": "^1|^2|^3",
-                "symfony/config": "^4.4|^5.0",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/dependency-injection": "^5.0",
-                "symfony/finder": "^4.4|^5.0",
-                "symfony/http-kernel": "^5.0",
-                "symfony/intl": "^4.4|^5.0",
+                "symfony/config": "^5.4|^6.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/dependency-injection": "^5.4|^6.0",
+                "symfony/finder": "^5.4|^6.0",
+                "symfony/http-client-contracts": "^1.1|^2.0|^3.0",
+                "symfony/http-kernel": "^5.4|^6.0",
+                "symfony/intl": "^5.4|^6.0",
                "symfony/polyfill-intl-icu": "^1.21",
-                "symfony/service-contracts": "^1.1.2|^2",
-                "symfony/yaml": "^4.4|^5.0"
+                "symfony/service-contracts": "^1.1.2|^2|^3",
+                "symfony/yaml": "^5.4|^6.0"
            },
            "suggest": {
                "psr/log-implementation": "To use logging capability in translator",
@@ -1402,7 +1364,7 @@
            "description": "Provides tools to internationalize your application",
            "homepage": "https://symfony.com",
            "support": {
-                "source": "https://github.com/symfony/translation/tree/v5.3.4"
+                "source": "https://github.com/symfony/translation/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1418,24 +1380,24 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-25T09:39:16+00:00"
+            "time": "2022-02-09T15:52:48+00:00"
        },
        {
            "name": "symfony/translation-contracts",
-            "version": "v2.4.0",
+            "version": "v3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation-contracts.git",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95"
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/95c812666f3e91db75385749fe219c5e494c7f95",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95",
+                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5"
+                "php": ">=8.0.2"
            },
            "suggest": {
                "symfony/translation-implementation": ""
@@ -1443,7 +1405,7 @@
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-main": "2.4-dev"
+                    "dev-main": "3.0-dev"
                },
                "thanks": {
                    "name": "symfony/contracts",
@@ -1480,7 +1442,7 @@
                "standards"
            ],
            "support": {
-                "source": "https://github.com/symfony/translation-contracts/tree/v2.4.0"
+                "source": "https://github.com/symfony/translation-contracts/tree/v3.0.0"
            },
            "funding": [
                {
@@ -1496,35 +1458,35 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-03-23T23:28:01+00:00"
+            "time": "2021-09-07T12:43:40+00:00"
        },
        {
            "name": "symfony/var-dumper",
-            "version": "v5.3.6",
+            "version": "v6.0.5",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/var-dumper.git",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0"
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
+                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/60d6a756d5f485df5e6e40b337334848f79f61ce",
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16"
+                "php": ">=8.0.2",
+                "symfony/polyfill-mbstring": "~1.0"
            },
            "conflict": {
                "phpunit/phpunit": "<5.4.3",
-                "symfony/console": "<4.4"
+                "symfony/console": "<5.4"
            },
            "require-dev": {
                "ext-iconv": "*",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/process": "^4.4|^5.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/process": "^5.4|^6.0",
+                "symfony/uid": "^5.4|^6.0",
                "twig/twig": "^2.13|^3.0.4"
            },
            "suggest": {
@@ -1568,7 +1530,7 @@
                "dump"
            ],
            "support": {
-                "source": "https://github.com/symfony/var-dumper/tree/v5.3.6"
+                "source": "https://github.com/symfony/var-dumper/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1584,25 +1546,25 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-07-27T01:56:02+00:00"
+            "time": "2022-02-21T17:15:17+00:00"
        },
        {
            "name": "tightenco/collect",
-            "version": "v8.34.0",
+            "version": "v8.83.2",
            "source": {
                "type": "git",
                "url": "https://github.com/tighten/collect.git",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2"
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/tighten/collect/zipball/b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
+                "url": "https://api.github.com/repos/tighten/collect/zipball/d9c66d586ec2d216d8a31283d73f8df1400cc722",
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722",
                "shasum": ""
            },
            "require": {
-                "php": "^7.2|^8.0",
-                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0"
+                "php": "^7.3|^8.0",
+                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
@@ -1636,22 +1598,22 @@
            ],
            "support": {
                "issues": "https://github.com/tighten/collect/issues",
-                "source": "https://github.com/tighten/collect/tree/v8.34.0"
+                "source": "https://github.com/tighten/collect/tree/v8.83.2"
            },
-            "time": "2021-03-29T21:29:00+00:00"
+            "time": "2022-02-16T16:15:54+00:00"
        },
        {
            "name": "twig/twig",
-            "version": "v3.3.2",
+            "version": "v3.3.8",
            "source": {
                "type": "git",
                "url": "https://github.com/twigphp/Twig.git",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790"
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/21578f00e83d4a82ecfa3d50752b609f13de6790",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/972d8604a92b7054828b539f2febb0211dd5945c",
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c",
                "shasum": ""
            },
            "require": {
@@ -1661,7 +1623,7 @@
            },
            "require-dev": {
                "psr/container": "^1.0",
-                "symfony/phpunit-bridge": "^4.4.9|^5.0.9"
+                "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
            },
            "type": "library",
            "extra": {
@@ -1702,7 +1664,7 @@
            ],
            "support": {
                "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.3.2"
+                "source": "https://github.com/twigphp/Twig/tree/v3.3.8"
            },
            "funding": [
                {
@@ -1714,7 +1676,7 @@
                    "type": "tidelift"
                }
            ],
-            "time": "2021-05-16T12:14:13+00:00"
+            "time": "2022-02-04T06:59:48+00:00"
        },
        {
            "name": "yubico/u2flib-server",
@@ -1751,6 +1713,10 @@
            ],
            "description": "Library for U2F implementation",
            "homepage": "https://developers.yubico.com/php-u2flib-server",
+            "support": {
+                "issues": "https://github.com/Yubico/php-u2flib-server/issues",
+                "source": "https://github.com/Yubico/php-u2flib-server/tree/1.0.2"
+            },
            "time": "2018-09-07T08:16:44+00:00"
        }
    ],
@@ -1762,5 +1728,5 @@
    "prefer-lowest": false,
    "platform": [],
    "platform-dev": [],
-    "plugin-api-version": "2.1.0"
+    "plugin-api-version": "2.2.0"
 }
--- a/data/web/inc/lib/vendor/bin/carbon
+++ b/data/web/inc/lib/vendor/bin/carbon
@@ -1 +0,0 @@
-../nesbot/carbon/bin/carbon
--- a/data/web/inc/lib/vendor/bin/carbon
+++ b/data/web/inc/lib/vendor/bin/carbon
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../nesbot/carbon/bin/carbon)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/nesbot/carbon/bin/carbon');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/nesbot/carbon/bin/carbon';
--- a/data/web/inc/lib/vendor/bin/minifycss
+++ b/data/web/inc/lib/vendor/bin/minifycss
@@ -1 +0,0 @@
-../matthiasmullie/minify/bin/minifycss
--- a/data/web/inc/lib/vendor/bin/minifycss
+++ b/data/web/inc/lib/vendor/bin/minifycss
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../matthiasmullie/minify/bin/minifycss)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifycss');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifycss';
--- a/data/web/inc/lib/vendor/bin/minifyjs
+++ b/data/web/inc/lib/vendor/bin/minifyjs
@@ -1 +0,0 @@
-../matthiasmullie/minify/bin/minifyjs
--- a/data/web/inc/lib/vendor/bin/minifyjs
+++ b/data/web/inc/lib/vendor/bin/minifyjs
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../matthiasmullie/minify/bin/minifyjs)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifyjs');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/matthiasmullie/minify/bin/minifyjs';
--- a/data/web/inc/lib/vendor/bin/var-dump-server
+++ b/data/web/inc/lib/vendor/bin/var-dump-server
@@ -1 +0,0 @@
-../symfony/var-dumper/Resources/bin/var-dump-server
--- a/data/web/inc/lib/vendor/bin/var-dump-server
+++ b/data/web/inc/lib/vendor/bin/var-dump-server
@@ -0,0 +1,97 @@
+#!/usr/bin/env php
+<?php
+
+/**
+ * Proxy PHP file generated by Composer
+ *
+ * This file includes the referenced bin path (../symfony/var-dumper/Resources/bin/var-dump-server)
+ * using a stream wrapper to prevent the shebang from being output on PHP<8
+ *
+ * @generated
+ */
+
+namespace Composer;
+
+$GLOBALS['_composer_autoload_path'] = __DIR__ . '/..'.'/autoload.php';
+
+if (PHP_VERSION_ID < 80000) {
+    if (!class_exists('Composer\BinProxyWrapper')) {
+        /**
+         * @internal
+         */
+        final class BinProxyWrapper
+        {
+            private $handle;
+            private $position;
+
+            public function stream_open($path, $mode, $options, &$opened_path)
+            {
+                // get rid of composer-bin-proxy:// prefix for __FILE__ & __DIR__ resolution
+                $opened_path = substr($path, 21);
+                $opened_path = realpath($opened_path) ?: $opened_path;
+                $this->handle = fopen($opened_path, $mode);
+                $this->position = 0;
+
+                // remove all traces of this stream wrapper once it has been used
+                stream_wrapper_unregister('composer-bin-proxy');
+
+                return (bool) $this->handle;
+            }
+
+            public function stream_read($count)
+            {
+                $data = fread($this->handle, $count);
+
+                if ($this->position === 0) {
+                    $data = preg_replace('{^#!.*\r?\n}', '', $data);
+                }
+
+                $this->position += strlen($data);
+
+                return $data;
+            }
+
+            public function stream_cast($castAs)
+            {
+                return $this->handle;
+            }
+
+            public function stream_close()
+            {
+                fclose($this->handle);
+            }
+
+            public function stream_lock($operation)
+            {
+                return $operation ? flock($this->handle, $operation) : true;
+            }
+
+            public function stream_tell()
+            {
+                return $this->position;
+            }
+
+            public function stream_eof()
+            {
+                return feof($this->handle);
+            }
+
+            public function stream_stat()
+            {
+                return fstat($this->handle);
+            }
+
+            public function stream_set_option($option, $arg1, $arg2)
+            {
+                return true;
+            }
+        }
+    }
+
+    if (function_exists('stream_wrapper_register') && stream_wrapper_register('composer-bin-proxy', 'Composer\BinProxyWrapper')) {
+        include("composer-bin-proxy://" . __DIR__ . '/..'.'/symfony/var-dumper/Resources/bin/var-dump-server');
+        exit(0);
+    }
+}
+
+include __DIR__ . '/..'.'/symfony/var-dumper/Resources/bin/var-dump-server';
--- a/data/web/inc/lib/vendor/composer/ClassLoader.php
+++ b/data/web/inc/lib/vendor/composer/ClassLoader.php
@@ -42,30 +42,75 @@ namespace Composer\Autoload;
 */
 class ClassLoader
 {
+    /** @var ?string */
    private $vendorDir;

    // PSR-4
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<string, int>>
+     */
    private $prefixLengthsPsr4 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<int, string>>
+     */
    private $prefixDirsPsr4 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, string>
+     */
    private $fallbackDirsPsr4 = array();

    // PSR-0
+    /**
+     * @var array[]
+     * @psalm-var array<string, array<string, string[]>>
+     */
    private $prefixesPsr0 = array();
+    /**
+     * @var array[]
+     * @psalm-var array<string, string>
+     */
    private $fallbackDirsPsr0 = array();

+    /** @var bool */
    private $useIncludePath = false;
+
+    /**
+     * @var string[]
+     * @psalm-var array<string, string>
+     */
    private $classMap = array();
+
+    /** @var bool */
    private $classMapAuthoritative = false;
+
+    /**
+     * @var bool[]
+     * @psalm-var array<string, bool>
+     */
    private $missingClasses = array();
+
+    /** @var ?string */
    private $apcuPrefix;

+    /**
+     * @var self[]
+     */
    private static $registeredLoaders = array();

+    /**
+     * @param ?string $vendorDir
+     */
    public function __construct($vendorDir = null)
    {
        $this->vendorDir = $vendorDir;
    }

+    /**
+     * @return string[]
+     */
    public function getPrefixes()
    {
        if (!empty($this->prefixesPsr0)) {
@@ -75,28 +120,47 @@ class ClassLoader
        return array();
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, array<int, string>>
+     */
    public function getPrefixesPsr4()
    {
        return $this->prefixDirsPsr4;
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, string>
+     */
    public function getFallbackDirs()
    {
        return $this->fallbackDirsPsr0;
    }

+    /**
+     * @return array[]
+     * @psalm-return array<string, string>
+     */
    public function getFallbackDirsPsr4()
    {
        return $this->fallbackDirsPsr4;
    }

+    /**
+     * @return string[] Array of classname => path
+     * @psalm-return array<string, string>
+     */
    public function getClassMap()
    {
        return $this->classMap;
    }

    /**
-     * @param array $classMap Class to filename map
+     * @param string[] $classMap Class to filename map
+     * @psalm-param array<string, string> $classMap
+     *
+     * @return void
     */
    public function addClassMap(array $classMap)
    {
@@ -112,8 +176,10 @@ class ClassLoader
     * appending or prepending to the ones previously set for this prefix.
     *
     * @param string          $prefix  The prefix
-     * @param array|string $paths   The PSR-0 root directories
+     * @param string[]|string $paths   The PSR-0 root directories
     * @param bool            $prepend Whether to prepend the directories
+     *
+     * @return void
     */
    public function add($prefix, $paths, $prepend = false)
    {
@@ -157,10 +223,12 @@ class ClassLoader
     * appending or prepending to the ones previously set for this namespace.
     *
     * @param string          $prefix  The prefix/namespace, with trailing '\\'
-     * @param array|string $paths   The PSR-4 base directories
+     * @param string[]|string $paths   The PSR-4 base directories
     * @param bool            $prepend Whether to prepend the directories
     *
     * @throws \InvalidArgumentException
+     *
+     * @return void
     */
    public function addPsr4($prefix, $paths, $prepend = false)
    {
@@ -205,7 +273,9 @@ class ClassLoader
     * replacing any others previously set for this prefix.
     *
     * @param string          $prefix The prefix
-     * @param array|string $paths  The PSR-0 base directories
+     * @param string[]|string $paths  The PSR-0 base directories
+     *
+     * @return void
     */
    public function set($prefix, $paths)
    {
@@ -221,9 +291,11 @@ class ClassLoader
     * replacing any others previously set for this namespace.
     *
     * @param string          $prefix The prefix/namespace, with trailing '\\'
-     * @param array|string $paths  The PSR-4 base directories
+     * @param string[]|string $paths  The PSR-4 base directories
     *
     * @throws \InvalidArgumentException
+     *
+     * @return void
     */
    public function setPsr4($prefix, $paths)
    {
@@ -243,6 +315,8 @@ class ClassLoader
     * Turns on searching the include path for class files.
     *
     * @param bool $useIncludePath
+     *
+     * @return void
     */
    public function setUseIncludePath($useIncludePath)
    {
@@ -265,6 +339,8 @@ class ClassLoader
     * that have not been registered with the class map.
     *
     * @param bool $classMapAuthoritative
+     *
+     * @return void
     */
    public function setClassMapAuthoritative($classMapAuthoritative)
    {
@@ -285,6 +361,8 @@ class ClassLoader
     * APCu prefix to use to cache found/not-found classes, if the extension is enabled.
     *
     * @param string|null $apcuPrefix
+     *
+     * @return void
     */
    public function setApcuPrefix($apcuPrefix)
    {
@@ -305,6 +383,8 @@ class ClassLoader
     * Registers this instance as an autoloader.
     *
     * @param bool $prepend Whether to prepend the autoloader or not
+     *
+     * @return void
     */
    public function register($prepend = false)
    {
@@ -324,6 +404,8 @@ class ClassLoader

    /**
     * Unregisters this instance as an autoloader.
+     *
+     * @return void
     */
    public function unregister()
    {
@@ -403,6 +485,11 @@ class ClassLoader
        return self::$registeredLoaders;
    }

+    /**
+     * @param  string       $class
+     * @param  string       $ext
+     * @return string|false
+     */
    private function findFileWithExtension($class, $ext)
    {
        // PSR-4 lookup
@@ -474,6 +561,10 @@ class ClassLoader
 * Scope isolated include.
 *
 * Prevents access to $this/self from included files.
+ *
+ * @param  string $file
+ * @return void
+ * @private
 */
 function includeFile($file)
 {
--- a/data/web/inc/lib/vendor/composer/InstalledVersions.php
+++ b/data/web/inc/lib/vendor/composer/InstalledVersions.php
@@ -20,12 +20,25 @@ use Composer\Semver\VersionParser;
 *
 * See also https://getcomposer.org/doc/07-runtime.md#installed-versions
 *
- * To require it's presence, you can require `composer-runtime-api ^2.0`
+ * To require its presence, you can require `composer-runtime-api ^2.0`
 */
 class InstalledVersions
 {
+    /**
+     * @var mixed[]|null
+     * @psalm-var array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}|array{}|null
+     */
    private static $installed;
+
+    /**
+     * @var bool|null
+     */
    private static $canGetVendors;
+
+    /**
+     * @var array[]
+     * @psalm-var array<string, array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
+     */
    private static $installedByVendor = array();

    /**
@@ -228,7 +241,7 @@ class InstalledVersions

    /**
     * @return array
-     * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}
+     * @psalm-return array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}
     */
    public static function getRootPackage()
    {
@@ -242,7 +255,7 @@ class InstalledVersions
     *
     * @deprecated Use getAllRawData() instead which returns all datasets for all autoloaders present in the process. getRawData only returns the first dataset loaded, which may not be what you expect.
     * @return array[]
-     * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}
+     * @psalm-return array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}
     */
    public static function getRawData()
    {
@@ -265,7 +278,7 @@ class InstalledVersions
     * Returns the raw data of all installed.php which are currently loaded for custom implementations
     *
     * @return array[]
-     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}>
+     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
     */
    public static function getAllRawData()
    {
@@ -288,7 +301,7 @@ class InstalledVersions
     * @param  array[] $data A vendor/composer/installed.php data set
     * @return void
     *
-     * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>} $data
+     * @psalm-param array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>} $data
     */
    public static function reload($data)
    {
@@ -298,7 +311,7 @@ class InstalledVersions

    /**
     * @return array[]
-     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string}>}>
+     * @psalm-return list<array{root: array{name: string, version: string, reference: string, pretty_version: string, aliases: string[], dev: bool, install_path: string, type: string}, versions: array<string, array{dev_requirement: bool, pretty_version?: string, version?: string, aliases?: string[], reference?: string, replaced?: string[], provided?: string[], install_path?: string, type?: string}>}>
     */
    private static function getInstalled()
    {
--- a/data/web/inc/lib/vendor/composer/autoload_files.php
+++ b/data/web/inc/lib/vendor/composer/autoload_files.php
@@ -7,10 +7,9 @@ $baseDir = dirname($vendorDir);

 return array(
    '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => $vendorDir . '/symfony/polyfill-mbstring/bootstrap.php',
-    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
-    '6e3fae29631ef280660b3cdad06f25a8' => $vendorDir . '/symfony/deprecation-contracts/function.php',
-    'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php',
    '320cde22f66dd4f5d3fd621d3e88b98f' => $vendorDir . '/symfony/polyfill-ctype/bootstrap.php',
+    'a4a119a56e50fbb293281d9a48007e0e' => $vendorDir . '/symfony/polyfill-php80/bootstrap.php',
+    'a1105708a18b76903365ca1c4aa61b02' => $vendorDir . '/symfony/translation/Resources/functions.php',
    '667aeda72477189d0494fecd327c3641' => $vendorDir . '/symfony/var-dumper/Resources/functions/dump.php',
    'fe62ba7e10580d903cc46d808b5961a4' => $vendorDir . '/tightenco/collect/src/Collect/Support/helpers.php',
    'caf31cc6ec7cf2241cb6f12c226c3846' => $vendorDir . '/tightenco/collect/src/Collect/Support/alias.php',
--- a/data/web/inc/lib/vendor/composer/autoload_psr4.php
+++ b/data/web/inc/lib/vendor/composer/autoload_psr4.php
@@ -16,7 +16,7 @@ return array(
    'Symfony\\Component\\Translation\\' => array($vendorDir . '/symfony/translation'),
    'RobThree\\Auth\\' => array($vendorDir . '/robthree/twofactorauth/lib'),
    'Psr\\SimpleCache\\' => array($vendorDir . '/psr/simple-cache/src'),
-    'Psr\\Log\\' => array($vendorDir . '/psr/log/Psr/Log'),
+    'Psr\\Log\\' => array($vendorDir . '/psr/log/src'),
    'Psr\\Container\\' => array($vendorDir . '/psr/container/src'),
    'PhpMimeMailParser\\' => array($vendorDir . '/php-mime-mail-parser/php-mime-mail-parser/src'),
    'PHPMailer\\PHPMailer\\' => array($vendorDir . '/phpmailer/phpmailer/src'),
--- a/data/web/inc/lib/vendor/composer/autoload_real.php
+++ b/data/web/inc/lib/vendor/composer/autoload_real.php
@@ -65,11 +65,16 @@ class ComposerAutoloaderInit873464e4bd965a3168f133248b1b218b
    }
 }

+/**
+ * @param string $fileIdentifier
+ * @param string $file
+ * @return void
+ */
 function composerRequire873464e4bd965a3168f133248b1b218b($fileIdentifier, $file)
 {
    if (empty($GLOBALS['__composer_autoload_files'][$fileIdentifier])) {
-        require $file;
-
        $GLOBALS['__composer_autoload_files'][$fileIdentifier] = true;
+
+        require $file;
    }
 }
--- a/data/web/inc/lib/vendor/composer/autoload_static.php
+++ b/data/web/inc/lib/vendor/composer/autoload_static.php
@@ -8,10 +8,9 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b
 {
    public static $files = array (
        '0e6d7bf4a5811bfa5cf40c5ccd6fae6a' => __DIR__ . '/..' . '/symfony/polyfill-mbstring/bootstrap.php',
-        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
-        '6e3fae29631ef280660b3cdad06f25a8' => __DIR__ . '/..' . '/symfony/deprecation-contracts/function.php',
-        'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php',
        '320cde22f66dd4f5d3fd621d3e88b98f' => __DIR__ . '/..' . '/symfony/polyfill-ctype/bootstrap.php',
+        'a4a119a56e50fbb293281d9a48007e0e' => __DIR__ . '/..' . '/symfony/polyfill-php80/bootstrap.php',
+        'a1105708a18b76903365ca1c4aa61b02' => __DIR__ . '/..' . '/symfony/translation/Resources/functions.php',
        '667aeda72477189d0494fecd327c3641' => __DIR__ . '/..' . '/symfony/var-dumper/Resources/functions/dump.php',
        'fe62ba7e10580d903cc46d808b5961a4' => __DIR__ . '/..' . '/tightenco/collect/src/Collect/Support/helpers.php',
        'caf31cc6ec7cf2241cb6f12c226c3846' => __DIR__ . '/..' . '/tightenco/collect/src/Collect/Support/alias.php',
@@ -115,7 +114,7 @@ class ComposerStaticInit873464e4bd965a3168f133248b1b218b
        ),
        'Psr\\Log\\' => 
        array (
-            0 => __DIR__ . '/..' . '/psr/log/Psr/Log',
+            0 => __DIR__ . '/..' . '/psr/log/src',
        ),
        'Psr\\Container\\' => 
        array (
--- a/data/web/inc/lib/vendor/composer/installed.json
+++ b/data/web/inc/lib/vendor/composer/installed.json
@@ -63,34 +63,35 @@
        },
        {
            "name": "ddeboer/imap",
-            "version": "1.12.1",
-            "version_normalized": "1.12.1.0",
+            "version": "1.13.1",
+            "version_normalized": "1.13.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/ddeboer/imap.git",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb"
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/ddeboer/imap/zipball/dbed05ca67b93509345a820b2859de10c48948fb",
-                "reference": "dbed05ca67b93509345a820b2859de10c48948fb",
+                "url": "https://api.github.com/repos/ddeboer/imap/zipball/8b772d04b1deadb5df13782fb78c4b648f77496e",
+                "reference": "8b772d04b1deadb5df13782fb78c4b648f77496e",
                "shasum": ""
            },
            "require": {
                "ext-iconv": "*",
                "ext-imap": "*",
                "ext-mbstring": "*",
-                "php": "^7.4 || ^8.0"
+                "php": "^8.0.1"
            },
            "require-dev": {
-                "friendsofphp/php-cs-fixer": "^2.18.6",
-                "laminas/laminas-mail": "^2.14.0",
-                "phpstan/phpstan": "^0.12.84",
-                "phpstan/phpstan-phpunit": "^0.12.18",
-                "phpstan/phpstan-strict-rules": "^0.12.9",
-                "phpunit/phpunit": "^9.5.4"
+                "friendsofphp/php-cs-fixer": "^v3.4.0",
+                "laminas/laminas-mail": "^2.15.1",
+                "malukenho/mcbumpface": "^1.1.5",
+                "phpstan/phpstan": "^1.3.3",
+                "phpstan/phpstan-phpunit": "^1.0.0",
+                "phpstan/phpstan-strict-rules": "^1.1.0",
+                "phpunit/phpunit": "^9.5.11"
            },
-            "time": "2021-04-27T08:38:46+00:00",
+            "time": "2022-01-10T10:53:05+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -124,7 +125,7 @@
            ],
            "support": {
                "issues": "https://github.com/ddeboer/imap/issues",
-                "source": "https://github.com/ddeboer/imap/tree/1.12.1"
+                "source": "https://github.com/ddeboer/imap/tree/1.13.1"
            },
            "funding": [
                {
@@ -140,35 +141,35 @@
        },
        {
            "name": "directorytree/ldaprecord",
-            "version": "v2.6.3",
-            "version_normalized": "2.6.3.0",
+            "version": "v2.10.1",
+            "version_normalized": "2.10.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/DirectoryTree/LdapRecord.git",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a"
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
-                "reference": "5c93ec6d1ef458290825a8b0a148946dce7c1e7a",
+                "url": "https://api.github.com/repos/DirectoryTree/LdapRecord/zipball/bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
+                "reference": "bf512d9af7a7b0e2ed7a666ab29cefdd027bee88",
                "shasum": ""
            },
            "require": {
                "ext-json": "*",
                "ext-ldap": "*",
-                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0",
+                "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0",
                "nesbot/carbon": "^1.0|^2.0",
                "php": ">=7.3",
-                "psr/log": "^1.0",
-                "psr/simple-cache": "^1.0",
+                "psr/log": "*",
+                "psr/simple-cache": "^1.0|^2.0",
                "tightenco/collect": "^5.6|^6.0|^7.0|^8.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
-                "phpunit/phpunit": "^8.0",
+                "phpunit/phpunit": "^9.0",
                "spatie/ray": "^1.24"
            },
-            "time": "2021-08-05T21:52:43+00:00",
+            "time": "2022-02-25T16:00:51+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -216,29 +217,29 @@
        },
        {
            "name": "illuminate/contracts",
-            "version": "v8.53.1",
-            "version_normalized": "8.53.1.0",
+            "version": "v9.3.0",
+            "version_normalized": "9.3.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/illuminate/contracts.git",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb"
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/illuminate/contracts/zipball/504a34286a1b4c5421c43087d6bd4e176138f6fb",
-                "reference": "504a34286a1b4c5421c43087d6bd4e176138f6fb",
+                "url": "https://api.github.com/repos/illuminate/contracts/zipball/bf4b3c254c49d28157645d01e4883b5951b1e1d0",
+                "reference": "bf4b3c254c49d28157645d01e4883b5951b1e1d0",
                "shasum": ""
            },
            "require": {
-                "php": "^7.3|^8.0",
-                "psr/container": "^1.0",
-                "psr/simple-cache": "^1.0"
+                "php": "^8.0.2",
+                "psr/container": "^1.1.1|^2.0.1",
+                "psr/simple-cache": "^1.0|^2.0|^3.0"
            },
-            "time": "2021-08-03T14:03:47+00:00",
+            "time": "2022-02-22T14:45:39+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "8.x-dev"
+                    "dev-master": "9.x-dev"
                }
            },
            "installation-source": "dist",
@@ -453,17 +454,17 @@
        },
        {
            "name": "nesbot/carbon",
-            "version": "2.51.1",
-            "version_normalized": "2.51.1.0",
+            "version": "2.57.0",
+            "version_normalized": "2.57.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/briannesbitt/Carbon.git",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922"
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
-                "reference": "8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922",
+                "url": "https://api.github.com/repos/briannesbitt/Carbon/zipball/4a54375c21eea4811dbd1149fe6b246517554e78",
+                "reference": "4a54375c21eea4811dbd1149fe6b246517554e78",
                "shasum": ""
            },
            "require": {
@@ -471,19 +472,20 @@
                "php": "^7.1.8 || ^8.0",
                "symfony/polyfill-mbstring": "^1.0",
                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation": "^3.4 || ^4.0 || ^5.0"
+                "symfony/translation": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
+                "doctrine/dbal": "^2.0 || ^3.0",
                "doctrine/orm": "^2.7",
-                "friendsofphp/php-cs-fixer": "^2.14 || ^3.0",
+                "friendsofphp/php-cs-fixer": "^3.0",
                "kylekatarnls/multi-tester": "^2.0",
                "phpmd/phpmd": "^2.9",
                "phpstan/extension-installer": "^1.0",
-                "phpstan/phpstan": "^0.12.54",
+                "phpstan/phpstan": "^0.12.54 || ^1.0",
                "phpunit/phpunit": "^7.5.20 || ^8.5.14",
                "squizlabs/php_codesniffer": "^3.4"
            },
-            "time": "2021-07-28T13:16:28+00:00",
+            "time": "2022-02-13T18:13:33+00:00",
            "bin": [
                "bin/carbon"
            ],
@@ -533,6 +535,7 @@
                "time"
            ],
            "support": {
+                "docs": "https://carbon.nesbot.com/docs",
                "issues": "https://github.com/briannesbitt/Carbon/issues",
                "source": "https://github.com/briannesbitt/Carbon"
            },
@@ -697,17 +700,17 @@
        },
        {
            "name": "phpmailer/phpmailer",
-            "version": "v6.5.0",
-            "version_normalized": "6.5.0.0",
+            "version": "v6.6.0",
+            "version_normalized": "6.6.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/PHPMailer/PHPMailer.git",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c"
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/a5b5c43e50b7fba655f793ad27303cd74c57363c",
-                "reference": "a5b5c43e50b7fba655f793ad27303cd74c57363c",
+                "url": "https://api.github.com/repos/PHPMailer/PHPMailer/zipball/e43bac82edc26ca04b36143a48bde1c051cfd5b1",
+                "reference": "e43bac82edc26ca04b36143a48bde1c051cfd5b1",
                "shasum": ""
            },
            "require": {
@@ -719,10 +722,12 @@
            "require-dev": {
                "dealerdirect/phpcodesniffer-composer-installer": "^0.7.0",
                "doctrine/annotations": "^1.2",
+                "php-parallel-lint/php-console-highlighter": "^0.5.0",
+                "php-parallel-lint/php-parallel-lint": "^1.3.1",
                "phpcompatibility/php-compatibility": "^9.3.5",
                "roave/security-advisories": "dev-latest",
-                "squizlabs/php_codesniffer": "^3.5.6",
-                "yoast/phpunit-polyfills": "^0.2.0"
+                "squizlabs/php_codesniffer": "^3.6.2",
+                "yoast/phpunit-polyfills": "^1.0.0"
            },
            "suggest": {
                "ext-mbstring": "Needed to send email in multibyte encoding charset or decode encoded addresses",
@@ -732,7 +737,7 @@
                "stevenmaguire/oauth2-microsoft": "Needed for Microsoft XOAUTH2 authentication",
                "symfony/polyfill-mbstring": "To support UTF-8 if the Mbstring PHP extension is not enabled (^1.2)"
            },
-            "time": "2021-06-16T14:33:43+00:00",
+            "time": "2022-02-28T15:31:21+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -764,7 +769,7 @@
            "description": "PHPMailer is a full-featured email creation and transfer class for PHP",
            "support": {
                "issues": "https://github.com/PHPMailer/PHPMailer/issues",
-                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.5.0"
+                "source": "https://github.com/PHPMailer/PHPMailer/tree/v6.6.0"
            },
            "funding": [
                {
@@ -776,24 +781,29 @@
        },
        {
            "name": "psr/container",
-            "version": "1.1.1",
-            "version_normalized": "1.1.1.0",
+            "version": "2.0.2",
+            "version_normalized": "2.0.2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/container.git",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf"
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/container/zipball/8622567409010282b7aeebe4bb841fe98b58dcaf",
-                "reference": "8622567409010282b7aeebe4bb841fe98b58dcaf",
+                "url": "https://api.github.com/repos/php-fig/container/zipball/c71ecc56dfe541dbd90c5360474fbc405f8d5963",
+                "reference": "c71ecc56dfe541dbd90c5360474fbc405f8d5963",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.0"
+                "php": ">=7.4.0"
            },
-            "time": "2021-03-05T17:36:06+00:00",
+            "time": "2021-11-05T16:47:00+00:00",
            "type": "library",
+            "extra": {
+                "branch-alias": {
+                    "dev-master": "2.0.x-dev"
+                }
+            },
            "installation-source": "dist",
            "autoload": {
                "psr-4": {
@@ -821,39 +831,39 @@
            ],
            "support": {
                "issues": "https://github.com/php-fig/container/issues",
-                "source": "https://github.com/php-fig/container/tree/1.1.1"
+                "source": "https://github.com/php-fig/container/tree/2.0.2"
            },
            "install-path": "../psr/container"
        },
        {
            "name": "psr/log",
-            "version": "1.1.4",
-            "version_normalized": "1.1.4.0",
+            "version": "3.0.0",
+            "version_normalized": "3.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/log.git",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11"
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/log/zipball/d49695b909c3b7628b6289db5479a1c204601f11",
-                "reference": "d49695b909c3b7628b6289db5479a1c204601f11",
+                "url": "https://api.github.com/repos/php-fig/log/zipball/fe5ea303b0887d5caefd3d431c3e61ad47037001",
+                "reference": "fe5ea303b0887d5caefd3d431c3e61ad47037001",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
-            "time": "2021-05-03T11:20:27+00:00",
+            "time": "2021-07-14T16:46:02+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.1.x-dev"
+                    "dev-master": "3.x-dev"
                }
            },
            "installation-source": "dist",
            "autoload": {
                "psr-4": {
-                    "Psr\\Log\\": "Psr/Log/"
+                    "Psr\\Log\\": "src"
                }
            },
            "notification-url": "https://packagist.org/downloads/",
@@ -874,33 +884,33 @@
                "psr-3"
            ],
            "support": {
-                "source": "https://github.com/php-fig/log/tree/1.1.4"
+                "source": "https://github.com/php-fig/log/tree/3.0.0"
            },
            "install-path": "../psr/log"
        },
        {
            "name": "psr/simple-cache",
-            "version": "1.0.1",
-            "version_normalized": "1.0.1.0",
+            "version": "2.0.0",
+            "version_normalized": "2.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/php-fig/simple-cache.git",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b"
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
-                "reference": "408d5eafb83c57f6365a3ca330ff23aa4a5fa39b",
+                "url": "https://api.github.com/repos/php-fig/simple-cache/zipball/8707bf3cea6f710bf6ef05491234e3ab06f6432a",
+                "reference": "8707bf3cea6f710bf6ef05491234e3ab06f6432a",
                "shasum": ""
            },
            "require": {
-                "php": ">=5.3.0"
+                "php": ">=8.0.0"
            },
-            "time": "2017-10-23T01:57:42+00:00",
+            "time": "2021-10-29T13:22:09+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-master": "1.0.x-dev"
+                    "dev-master": "2.0.x-dev"
                }
            },
            "installation-source": "dist",
@@ -916,7 +926,7 @@
            "authors": [
                {
                    "name": "PHP-FIG",
-                    "homepage": "http://www.php-fig.org/"
+                    "homepage": "https://www.php-fig.org/"
                }
            ],
            "description": "Common interfaces for simple caching",
@@ -928,23 +938,23 @@
                "simple-cache"
            ],
            "support": {
-                "source": "https://github.com/php-fig/simple-cache/tree/master"
+                "source": "https://github.com/php-fig/simple-cache/tree/2.0.0"
            },
            "install-path": "../psr/simple-cache"
        },
        {
            "name": "robthree/twofactorauth",
-            "version": "1.8.0",
-            "version_normalized": "1.8.0.0",
+            "version": "1.8.1",
+            "version_normalized": "1.8.1.0",
            "source": {
                "type": "git",
                "url": "https://github.com/RobThree/TwoFactorAuth.git",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c"
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/30a38627ae1e7c9399dae67e265063cd6ec5276c",
-                "reference": "30a38627ae1e7c9399dae67e265063cd6ec5276c",
+                "url": "https://api.github.com/repos/RobThree/TwoFactorAuth/zipball/5afcb45282f1c75562a48d479ecd1732c9bdb11b",
+                "reference": "5afcb45282f1c75562a48d479ecd1732c9bdb11b",
                "shasum": ""
            },
            "require": {
@@ -958,7 +968,7 @@
                "bacon/bacon-qr-code": "Needed for BaconQrCodeProvider provider",
                "endroid/qr-code": "Needed for EndroidQrCodeProvider"
            },
-            "time": "2021-03-09T18:24:05+00:00",
+            "time": "2021-10-20T12:19:55+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1058,98 +1068,31 @@
            ],
            "install-path": "../soundasleep/html2text"
        },
-        {
-            "name": "symfony/deprecation-contracts",
-            "version": "v2.4.0",
-            "version_normalized": "2.4.0.0",
-            "source": {
-                "type": "git",
-                "url": "https://github.com/symfony/deprecation-contracts.git",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627"
-            },
-            "dist": {
-                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/deprecation-contracts/zipball/5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "reference": "5f38c8804a9e97d23e0c8d63341088cd8a22d627",
-                "shasum": ""
-            },
-            "require": {
-                "php": ">=7.1"
-            },
-            "time": "2021-03-23T23:28:01+00:00",
-            "type": "library",
-            "extra": {
-                "branch-alias": {
-                    "dev-main": "2.4-dev"
-                },
-                "thanks": {
-                    "name": "symfony/contracts",
-                    "url": "https://github.com/symfony/contracts"
-                }
-            },
-            "installation-source": "dist",
-            "autoload": {
-                "files": [
-                    "function.php"
-                ]
-            },
-            "notification-url": "https://packagist.org/downloads/",
-            "license": [
-                "MIT"
-            ],
-            "authors": [
-                {
-                    "name": "Nicolas Grekas",
-                    "email": "p@tchwork.com"
-                },
-                {
-                    "name": "Symfony Community",
-                    "homepage": "https://symfony.com/contributors"
-                }
-            ],
-            "description": "A generic function and convention to trigger deprecation notices",
-            "homepage": "https://symfony.com",
-            "support": {
-                "source": "https://github.com/symfony/deprecation-contracts/tree/v2.4.0"
-            },
-            "funding": [
-                {
-                    "url": "https://symfony.com/sponsor",
-                    "type": "custom"
-                },
-                {
-                    "url": "https://github.com/fabpot",
-                    "type": "github"
-                },
-                {
-                    "url": "https://tidelift.com/funding/github/packagist/symfony/symfony",
-                    "type": "tidelift"
-                }
-            ],
-            "install-path": "../symfony/deprecation-contracts"
-        },
        {
            "name": "symfony/polyfill-ctype",
-            "version": "v1.23.0",
-            "version_normalized": "1.23.0.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-ctype.git",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce"
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/46cd95797e9df938fdd2b03693b5fca5e64b01ce",
-                "reference": "46cd95797e9df938fdd2b03693b5fca5e64b01ce",
+                "url": "https://api.github.com/repos/symfony/polyfill-ctype/zipball/30885182c981ab175d4d034db0f6f469898070ab",
+                "reference": "30885182c981ab175d4d034db0f6f469898070ab",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-ctype": "*"
+            },
            "suggest": {
                "ext-ctype": "For best performance"
            },
-            "time": "2021-02-19T12:13:01+00:00",
+            "time": "2021-10-20T20:35:02+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1162,12 +1105,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Ctype\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Ctype\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1192,7 +1135,7 @@
                "portable"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.23.0"
+                "source": "https://github.com/symfony/polyfill-ctype/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1212,26 +1155,29 @@
        },
        {
            "name": "symfony/polyfill-mbstring",
-            "version": "v1.23.1",
-            "version_normalized": "1.23.1.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-mbstring.git",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6"
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/9174a3d80210dca8daa7f31fec659150bbeabfc6",
-                "reference": "9174a3d80210dca8daa7f31fec659150bbeabfc6",
+                "url": "https://api.github.com/repos/symfony/polyfill-mbstring/zipball/0abb51d2f102e00a4eefcf46ba7fec406d245825",
+                "reference": "0abb51d2f102e00a4eefcf46ba7fec406d245825",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
+            "provide": {
+                "ext-mbstring": "*"
+            },
            "suggest": {
                "ext-mbstring": "For best performance"
            },
-            "time": "2021-05-27T12:26:48+00:00",
+            "time": "2021-11-30T18:21:41+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1244,12 +1190,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Mbstring\\": ""
-                },
                "files": [
                    "bootstrap.php"
-                ]
+                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Mbstring\\": ""
+                }
            },
            "notification-url": "https://packagist.org/downloads/",
            "license": [
@@ -1275,7 +1221,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-mbstring/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1295,23 +1241,23 @@
        },
        {
            "name": "symfony/polyfill-php80",
-            "version": "v1.23.1",
-            "version_normalized": "1.23.1.0",
+            "version": "v1.24.0",
+            "version_normalized": "1.24.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/polyfill-php80.git",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be"
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/1100343ed1a92e3a38f9ae122fc0eb21602547be",
-                "reference": "1100343ed1a92e3a38f9ae122fc0eb21602547be",
+                "url": "https://api.github.com/repos/symfony/polyfill-php80/zipball/57b712b08eddb97c762a8caa32c84e037892d2e9",
+                "reference": "57b712b08eddb97c762a8caa32c84e037892d2e9",
                "shasum": ""
            },
            "require": {
                "php": ">=7.1"
            },
-            "time": "2021-07-28T13:41:28+00:00",
+            "time": "2021-09-13T13:58:33+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1324,12 +1270,12 @@
            },
            "installation-source": "dist",
            "autoload": {
-                "psr-4": {
-                    "Symfony\\Polyfill\\Php80\\": ""
-                },
                "files": [
                    "bootstrap.php"
                ],
+                "psr-4": {
+                    "Symfony\\Polyfill\\Php80\\": ""
+                },
                "classmap": [
                    "Resources/stubs"
                ]
@@ -1361,7 +1307,7 @@
                "shim"
            ],
            "support": {
-                "source": "https://github.com/symfony/polyfill-php80/tree/v1.23.1"
+                "source": "https://github.com/symfony/polyfill-php80/tree/v1.24.0"
            },
            "funding": [
                {
@@ -1381,54 +1327,54 @@
        },
        {
            "name": "symfony/translation",
-            "version": "v5.3.4",
-            "version_normalized": "5.3.4.0",
+            "version": "v6.0.5",
+            "version_normalized": "6.0.5.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation.git",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1"
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation/zipball/d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
-                "reference": "d89ad7292932c2699cbe4af98d72c5c6bbc504c1",
+                "url": "https://api.github.com/repos/symfony/translation/zipball/e69501c71107cc3146b32aaa45f4edd0c3427875",
+                "reference": "e69501c71107cc3146b32aaa45f4edd0c3427875",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/deprecation-contracts": "^2.1",
+                "php": ">=8.0.2",
                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16",
-                "symfony/translation-contracts": "^2.3"
+                "symfony/translation-contracts": "^2.3|^3.0"
            },
            "conflict": {
-                "symfony/config": "<4.4",
-                "symfony/dependency-injection": "<5.0",
-                "symfony/http-kernel": "<5.0",
-                "symfony/twig-bundle": "<5.0",
-                "symfony/yaml": "<4.4"
+                "symfony/config": "<5.4",
+                "symfony/console": "<5.4",
+                "symfony/dependency-injection": "<5.4",
+                "symfony/http-kernel": "<5.4",
+                "symfony/twig-bundle": "<5.4",
+                "symfony/yaml": "<5.4"
            },
            "provide": {
-                "symfony/translation-implementation": "2.3"
+                "symfony/translation-implementation": "2.3|3.0"
            },
            "require-dev": {
                "psr/log": "^1|^2|^3",
-                "symfony/config": "^4.4|^5.0",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/dependency-injection": "^5.0",
-                "symfony/finder": "^4.4|^5.0",
-                "symfony/http-kernel": "^5.0",
-                "symfony/intl": "^4.4|^5.0",
+                "symfony/config": "^5.4|^6.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/dependency-injection": "^5.4|^6.0",
+                "symfony/finder": "^5.4|^6.0",
+                "symfony/http-client-contracts": "^1.1|^2.0|^3.0",
+                "symfony/http-kernel": "^5.4|^6.0",
+                "symfony/intl": "^5.4|^6.0",
                "symfony/polyfill-intl-icu": "^1.21",
-                "symfony/service-contracts": "^1.1.2|^2",
-                "symfony/yaml": "^4.4|^5.0"
+                "symfony/service-contracts": "^1.1.2|^2|^3",
+                "symfony/yaml": "^5.4|^6.0"
            },
            "suggest": {
                "psr/log-implementation": "To use logging capability in translator",
                "symfony/config": "",
                "symfony/yaml": ""
            },
-            "time": "2021-07-25T09:39:16+00:00",
+            "time": "2022-02-09T15:52:48+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1459,7 +1405,7 @@
            "description": "Provides tools to internationalize your application",
            "homepage": "https://symfony.com",
            "support": {
-                "source": "https://github.com/symfony/translation/tree/v5.3.4"
+                "source": "https://github.com/symfony/translation/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1479,30 +1425,30 @@
        },
        {
            "name": "symfony/translation-contracts",
-            "version": "v2.4.0",
-            "version_normalized": "2.4.0.0",
+            "version": "v3.0.0",
+            "version_normalized": "3.0.0.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/translation-contracts.git",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95"
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/95c812666f3e91db75385749fe219c5e494c7f95",
-                "reference": "95c812666f3e91db75385749fe219c5e494c7f95",
+                "url": "https://api.github.com/repos/symfony/translation-contracts/zipball/1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
+                "reference": "1b6ea5a7442af5a12dba3dbd6d71034b5b234e77",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5"
+                "php": ">=8.0.2"
            },
            "suggest": {
                "symfony/translation-implementation": ""
            },
-            "time": "2021-03-23T23:28:01+00:00",
+            "time": "2021-09-07T12:43:40+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
-                    "dev-main": "2.4-dev"
+                    "dev-main": "3.0-dev"
                },
                "thanks": {
                    "name": "symfony/contracts",
@@ -1540,7 +1486,7 @@
                "standards"
            ],
            "support": {
-                "source": "https://github.com/symfony/translation-contracts/tree/v2.4.0"
+                "source": "https://github.com/symfony/translation-contracts/tree/v3.0.0"
            },
            "funding": [
                {
@@ -1560,32 +1506,32 @@
        },
        {
            "name": "symfony/var-dumper",
-            "version": "v5.3.6",
-            "version_normalized": "5.3.6.0",
+            "version": "v6.0.5",
+            "version_normalized": "6.0.5.0",
            "source": {
                "type": "git",
                "url": "https://github.com/symfony/var-dumper.git",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0"
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
-                "reference": "3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0",
+                "url": "https://api.github.com/repos/symfony/var-dumper/zipball/60d6a756d5f485df5e6e40b337334848f79f61ce",
+                "reference": "60d6a756d5f485df5e6e40b337334848f79f61ce",
                "shasum": ""
            },
            "require": {
-                "php": ">=7.2.5",
-                "symfony/polyfill-mbstring": "~1.0",
-                "symfony/polyfill-php80": "^1.16"
+                "php": ">=8.0.2",
+                "symfony/polyfill-mbstring": "~1.0"
            },
            "conflict": {
                "phpunit/phpunit": "<5.4.3",
-                "symfony/console": "<4.4"
+                "symfony/console": "<5.4"
            },
            "require-dev": {
                "ext-iconv": "*",
-                "symfony/console": "^4.4|^5.0",
-                "symfony/process": "^4.4|^5.0",
+                "symfony/console": "^5.4|^6.0",
+                "symfony/process": "^5.4|^6.0",
+                "symfony/uid": "^5.4|^6.0",
                "twig/twig": "^2.13|^3.0.4"
            },
            "suggest": {
@@ -1593,7 +1539,7 @@
                "ext-intl": "To show region name in time zone dump",
                "symfony/console": "To use the ServerDumpCommand and/or the bin/var-dump-server script"
            },
-            "time": "2021-07-27T01:56:02+00:00",
+            "time": "2022-02-21T17:15:17+00:00",
            "bin": [
                "Resources/bin/var-dump-server"
            ],
@@ -1631,7 +1577,7 @@
                "dump"
            ],
            "support": {
-                "source": "https://github.com/symfony/var-dumper/tree/v5.3.6"
+                "source": "https://github.com/symfony/var-dumper/tree/v6.0.5"
            },
            "funding": [
                {
@@ -1651,29 +1597,29 @@
        },
        {
            "name": "tightenco/collect",
-            "version": "v8.34.0",
-            "version_normalized": "8.34.0.0",
+            "version": "v8.83.2",
+            "version_normalized": "8.83.2.0",
            "source": {
                "type": "git",
                "url": "https://github.com/tighten/collect.git",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2"
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/tighten/collect/zipball/b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
-                "reference": "b069783ab0c547bb894ebcf8e7f6024bb401f9d2",
+                "url": "https://api.github.com/repos/tighten/collect/zipball/d9c66d586ec2d216d8a31283d73f8df1400cc722",
+                "reference": "d9c66d586ec2d216d8a31283d73f8df1400cc722",
                "shasum": ""
            },
            "require": {
-                "php": "^7.2|^8.0",
-                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0"
+                "php": "^7.3|^8.0",
+                "symfony/var-dumper": "^3.4 || ^4.0 || ^5.0 || ^6.0"
            },
            "require-dev": {
                "mockery/mockery": "^1.0",
                "nesbot/carbon": "^2.23.0",
                "phpunit/phpunit": "^8.3"
            },
-            "time": "2021-03-29T21:29:00+00:00",
+            "time": "2022-02-16T16:15:54+00:00",
            "type": "library",
            "installation-source": "dist",
            "autoload": {
@@ -1702,23 +1648,23 @@
            ],
            "support": {
                "issues": "https://github.com/tighten/collect/issues",
-                "source": "https://github.com/tighten/collect/tree/v8.34.0"
+                "source": "https://github.com/tighten/collect/tree/v8.83.2"
            },
            "install-path": "../tightenco/collect"
        },
        {
            "name": "twig/twig",
-            "version": "v3.3.2",
-            "version_normalized": "3.3.2.0",
+            "version": "v3.3.8",
+            "version_normalized": "3.3.8.0",
            "source": {
                "type": "git",
                "url": "https://github.com/twigphp/Twig.git",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790"
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c"
            },
            "dist": {
                "type": "zip",
-                "url": "https://api.github.com/repos/twigphp/Twig/zipball/21578f00e83d4a82ecfa3d50752b609f13de6790",
-                "reference": "21578f00e83d4a82ecfa3d50752b609f13de6790",
+                "url": "https://api.github.com/repos/twigphp/Twig/zipball/972d8604a92b7054828b539f2febb0211dd5945c",
+                "reference": "972d8604a92b7054828b539f2febb0211dd5945c",
                "shasum": ""
            },
            "require": {
@@ -1728,9 +1674,9 @@
            },
            "require-dev": {
                "psr/container": "^1.0",
-                "symfony/phpunit-bridge": "^4.4.9|^5.0.9"
+                "symfony/phpunit-bridge": "^4.4.9|^5.0.9|^6.0"
            },
-            "time": "2021-05-16T12:14:13+00:00",
+            "time": "2022-02-04T06:59:48+00:00",
            "type": "library",
            "extra": {
                "branch-alias": {
@@ -1771,7 +1717,7 @@
            ],
            "support": {
                "issues": "https://github.com/twigphp/Twig/issues",
-                "source": "https://github.com/twigphp/Twig/tree/v3.3.2"
+                "source": "https://github.com/twigphp/Twig/tree/v3.3.8"
            },
            "funding": [
                {
--- a/data/web/inc/lib/vendor/composer/installed.php
+++ b/data/web/inc/lib/vendor/composer/installed.php
@@ -1,22 +1,22 @@
 <?php return array(
    'root' => array(
-        'pretty_version' => 'dev-master',
-        'version' => 'dev-master',
+        'pretty_version' => '1.0.0+no-version-set',
+        'version' => '1.0.0.0',
        'type' => 'library',
        'install_path' => __DIR__ . '/../../',
        'aliases' => array(),
-        'reference' => '1c2923a4ddd7f89b3cf38c9594db289b7dd756d3',
+        'reference' => NULL,
        'name' => '__root__',
        'dev' => true,
    ),
    'versions' => array(
        '__root__' => array(
-            'pretty_version' => 'dev-master',
-            'version' => 'dev-master',
+            'pretty_version' => '1.0.0+no-version-set',
+            'version' => '1.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../../',
            'aliases' => array(),
-            'reference' => '1c2923a4ddd7f89b3cf38c9594db289b7dd756d3',
+            'reference' => NULL,
            'dev_requirement' => false,
        ),
        'bshaffer/oauth2-server-php' => array(
@@ -29,21 +29,21 @@
            'dev_requirement' => false,
        ),
        'ddeboer/imap' => array(
-            'pretty_version' => '1.12.1',
-            'version' => '1.12.1.0',
+            'pretty_version' => '1.13.1',
+            'version' => '1.13.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../ddeboer/imap',
            'aliases' => array(),
-            'reference' => 'dbed05ca67b93509345a820b2859de10c48948fb',
+            'reference' => '8b772d04b1deadb5df13782fb78c4b648f77496e',
            'dev_requirement' => false,
        ),
        'directorytree/ldaprecord' => array(
-            'pretty_version' => 'v2.6.3',
-            'version' => '2.6.3.0',
+            'pretty_version' => 'v2.10.1',
+            'version' => '2.10.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../directorytree/ldaprecord',
            'aliases' => array(),
-            'reference' => '5c93ec6d1ef458290825a8b0a148946dce7c1e7a',
+            'reference' => 'bf512d9af7a7b0e2ed7a666ab29cefdd027bee88',
            'dev_requirement' => false,
        ),
        'exorus/php-mime-mail-parser' => array(
@@ -53,12 +53,12 @@
            ),
        ),
        'illuminate/contracts' => array(
-            'pretty_version' => 'v8.53.1',
-            'version' => '8.53.1.0',
+            'pretty_version' => 'v9.3.0',
+            'version' => '9.3.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../illuminate/contracts',
            'aliases' => array(),
-            'reference' => '504a34286a1b4c5421c43087d6bd4e176138f6fb',
+            'reference' => 'bf4b3c254c49d28157645d01e4883b5951b1e1d0',
            'dev_requirement' => false,
        ),
        'matthiasmullie/minify' => array(
@@ -95,12 +95,12 @@
            'dev_requirement' => false,
        ),
        'nesbot/carbon' => array(
-            'pretty_version' => '2.51.1',
-            'version' => '2.51.1.0',
+            'pretty_version' => '2.57.0',
+            'version' => '2.57.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../nesbot/carbon',
            'aliases' => array(),
-            'reference' => '8619c299d1e0d4b344e1f98ca07a1ce2cfbf1922',
+            'reference' => '4a54375c21eea4811dbd1149fe6b246517554e78',
            'dev_requirement' => false,
        ),
        'paragonie/random_compat' => array(
@@ -122,48 +122,48 @@
            'dev_requirement' => false,
        ),
        'phpmailer/phpmailer' => array(
-            'pretty_version' => 'v6.5.0',
-            'version' => '6.5.0.0',
+            'pretty_version' => 'v6.6.0',
+            'version' => '6.6.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../phpmailer/phpmailer',
            'aliases' => array(),
-            'reference' => 'a5b5c43e50b7fba655f793ad27303cd74c57363c',
+            'reference' => 'e43bac82edc26ca04b36143a48bde1c051cfd5b1',
            'dev_requirement' => false,
        ),
        'psr/container' => array(
-            'pretty_version' => '1.1.1',
-            'version' => '1.1.1.0',
+            'pretty_version' => '2.0.2',
+            'version' => '2.0.2.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/container',
            'aliases' => array(),
-            'reference' => '8622567409010282b7aeebe4bb841fe98b58dcaf',
+            'reference' => 'c71ecc56dfe541dbd90c5360474fbc405f8d5963',
            'dev_requirement' => false,
        ),
        'psr/log' => array(
-            'pretty_version' => '1.1.4',
-            'version' => '1.1.4.0',
+            'pretty_version' => '3.0.0',
+            'version' => '3.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/log',
            'aliases' => array(),
-            'reference' => 'd49695b909c3b7628b6289db5479a1c204601f11',
+            'reference' => 'fe5ea303b0887d5caefd3d431c3e61ad47037001',
            'dev_requirement' => false,
        ),
        'psr/simple-cache' => array(
-            'pretty_version' => '1.0.1',
-            'version' => '1.0.1.0',
+            'pretty_version' => '2.0.0',
+            'version' => '2.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../psr/simple-cache',
            'aliases' => array(),
-            'reference' => '408d5eafb83c57f6365a3ca330ff23aa4a5fa39b',
+            'reference' => '8707bf3cea6f710bf6ef05491234e3ab06f6432a',
            'dev_requirement' => false,
        ),
        'robthree/twofactorauth' => array(
-            'pretty_version' => '1.8.0',
-            'version' => '1.8.0.0',
+            'pretty_version' => '1.8.1',
+            'version' => '1.8.1.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../robthree/twofactorauth',
            'aliases' => array(),
-            'reference' => '30a38627ae1e7c9399dae67e265063cd6ec5276c',
+            'reference' => '5afcb45282f1c75562a48d479ecd1732c9bdb11b',
            'dev_requirement' => false,
        ),
        'soundasleep/html2text' => array(
@@ -175,91 +175,82 @@
            'reference' => 'cdb89f6ffa2c4cc78f8ed9ea6ee0594a9133ccad',
            'dev_requirement' => false,
        ),
-        'symfony/deprecation-contracts' => array(
-            'pretty_version' => 'v2.4.0',
-            'version' => '2.4.0.0',
-            'type' => 'library',
-            'install_path' => __DIR__ . '/../symfony/deprecation-contracts',
-            'aliases' => array(),
-            'reference' => '5f38c8804a9e97d23e0c8d63341088cd8a22d627',
-            'dev_requirement' => false,
-        ),
        'symfony/polyfill-ctype' => array(
-            'pretty_version' => 'v1.23.0',
-            'version' => '1.23.0.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-ctype',
            'aliases' => array(),
-            'reference' => '46cd95797e9df938fdd2b03693b5fca5e64b01ce',
+            'reference' => '30885182c981ab175d4d034db0f6f469898070ab',
            'dev_requirement' => false,
        ),
        'symfony/polyfill-mbstring' => array(
-            'pretty_version' => 'v1.23.1',
-            'version' => '1.23.1.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-mbstring',
            'aliases' => array(),
-            'reference' => '9174a3d80210dca8daa7f31fec659150bbeabfc6',
+            'reference' => '0abb51d2f102e00a4eefcf46ba7fec406d245825',
            'dev_requirement' => false,
        ),
        'symfony/polyfill-php80' => array(
-            'pretty_version' => 'v1.23.1',
-            'version' => '1.23.1.0',
+            'pretty_version' => 'v1.24.0',
+            'version' => '1.24.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/polyfill-php80',
            'aliases' => array(),
-            'reference' => '1100343ed1a92e3a38f9ae122fc0eb21602547be',
+            'reference' => '57b712b08eddb97c762a8caa32c84e037892d2e9',
            'dev_requirement' => false,
        ),
        'symfony/translation' => array(
-            'pretty_version' => 'v5.3.4',
-            'version' => '5.3.4.0',
+            'pretty_version' => 'v6.0.5',
+            'version' => '6.0.5.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/translation',
            'aliases' => array(),
-            'reference' => 'd89ad7292932c2699cbe4af98d72c5c6bbc504c1',
+            'reference' => 'e69501c71107cc3146b32aaa45f4edd0c3427875',
            'dev_requirement' => false,
        ),
        'symfony/translation-contracts' => array(
-            'pretty_version' => 'v2.4.0',
-            'version' => '2.4.0.0',
+            'pretty_version' => 'v3.0.0',
+            'version' => '3.0.0.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/translation-contracts',
            'aliases' => array(),
-            'reference' => '95c812666f3e91db75385749fe219c5e494c7f95',
+            'reference' => '1b6ea5a7442af5a12dba3dbd6d71034b5b234e77',
            'dev_requirement' => false,
        ),
        'symfony/translation-implementation' => array(
            'dev_requirement' => false,
            'provided' => array(
-                0 => '2.3',
+                0 => '2.3|3.0',
            ),
        ),
        'symfony/var-dumper' => array(
-            'pretty_version' => 'v5.3.6',
-            'version' => '5.3.6.0',
+            'pretty_version' => 'v6.0.5',
+            'version' => '6.0.5.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../symfony/var-dumper',
            'aliases' => array(),
-            'reference' => '3dd8ddd1e260e58ecc61bb78da3b6584b3bfcba0',
+            'reference' => '60d6a756d5f485df5e6e40b337334848f79f61ce',
            'dev_requirement' => false,
        ),
        'tightenco/collect' => array(
-            'pretty_version' => 'v8.34.0',
-            'version' => '8.34.0.0',
+            'pretty_version' => 'v8.83.2',
+            'version' => '8.83.2.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../tightenco/collect',
            'aliases' => array(),
-            'reference' => 'b069783ab0c547bb894ebcf8e7f6024bb401f9d2',
+            'reference' => 'd9c66d586ec2d216d8a31283d73f8df1400cc722',
            'dev_requirement' => false,
        ),
        'twig/twig' => array(
-            'pretty_version' => 'v3.3.2',
-            'version' => '3.3.2.0',
+            'pretty_version' => 'v3.3.8',
+            'version' => '3.3.8.0',
            'type' => 'library',
            'install_path' => __DIR__ . '/../twig/twig',
            'aliases' => array(),
-            'reference' => '21578f00e83d4a82ecfa3d50752b609f13de6790',
+            'reference' => '972d8604a92b7054828b539f2febb0211dd5945c',
            'dev_requirement' => false,
        ),
        'yubico/u2flib-server' => array(
--- a/data/web/inc/lib/vendor/composer/platform_check.php
+++ b/data/web/inc/lib/vendor/composer/platform_check.php
@@ -4,8 +4,8 @@

 $issues = array();

-if (!(PHP_VERSION_ID >= 70400)) {
-    $issues[] = 'Your Composer dependencies require a PHP version ">= 7.4.0". You are running ' . PHP_VERSION . '.';
+if (!(PHP_VERSION_ID >= 80002)) {
+    $issues[] = 'Your Composer dependencies require a PHP version ">= 8.0.2". You are running ' . PHP_VERSION . '.';
 }

 if ($issues) {
--- a/data/web/inc/lib/vendor/ddeboer/imap/.php-cs-fixer.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/.php-cs-fixer.php
@@ -0,0 +1,73 @@
+<?php
+
+declare(strict_types=1);
+
+return (new PhpCsFixer\Config())
+    ->setRiskyAllowed(true)
+    ->setRules([
+        '@DoctrineAnnotation'                       => true,
+        '@Symfony'                                  => true,
+        '@Symfony:risky'                            => true,
+        '@PHPUnit75Migration:risky'                 => true,
+        '@PHP71Migration'                           => true,
+        '@PHP70Migration:risky'                     => true, // @TODO with next major version
+        'align_multiline_comment'                   => ['comment_type' => 'all_multiline'],
+        'array_indentation'                         => true,
+        'array_syntax'                              => ['syntax' => 'short'],
+        'binary_operator_spaces'                    => ['default' => 'align_single_space'],
+        'blank_line_before_statement'               => true,
+        'class_definition'                          => ['single_item_single_line' => true],
+        'compact_nullable_typehint'                 => true,
+        'concat_space'                              => ['spacing' => 'one'],
+        'echo_tag_syntax'                           => ['format' => 'long'],
+        'error_suppression'                         => false,
+        'escape_implicit_backslashes'               => true,
+        'explicit_indirect_variable'                => true,
+        'explicit_string_variable'                  => true,
+        'fully_qualified_strict_types'              => true,
+        'heredoc_to_nowdoc'                         => true,
+        'list_syntax'                               => ['syntax' => 'long'],
+        'method_argument_space'                     => ['on_multiline' => 'ensure_fully_multiline'],
+        'method_chaining_indentation'               => true,
+        'multiline_comment_opening_closing'         => true,
+        'multiline_whitespace_before_semicolons'    => ['strategy' => 'new_line_for_chained_calls'],
+        'native_constant_invocation'                => true,
+        'native_function_invocation'                => ['include' => ['@internal']],
+        'no_alternative_syntax'                     => true,
+        'no_break_comment'                          => true,
+        'no_extra_blank_lines'                      => ['tokens' => ['break', 'continue', 'extra', 'return', 'throw', 'use', 'parenthesis_brace_block', 'square_brace_block', 'curly_brace_block']],
+        'no_null_property_initialization'           => true,
+        'no_php4_constructor'                       => true,
+        'no_superfluous_elseif'                     => true,
+        'no_unneeded_curly_braces'                  => true,
+        'no_unneeded_final_method'                  => true,
+        'no_unreachable_default_argument_value'     => true,
+        'no_useless_else'                           => true,
+        'no_useless_return'                         => true,
+        'ordered_imports'                           => true,
+        'php_unit_method_casing'                    => true,
+        'php_unit_set_up_tear_down_visibility'      => true,
+        'php_unit_strict'                           => true,
+        'php_unit_test_annotation'                  => true,
+        'php_unit_test_case_static_method_calls'    => true,
+        'php_unit_test_class_requires_covers'       => false,
+        'phpdoc_add_missing_param_annotation'       => true,
+        'phpdoc_order'                              => true,
+        'phpdoc_order_by_value'                     => true,
+        'phpdoc_types_order'                        => true,
+        'random_api_migration'                      => true,
+        'semicolon_after_instruction'               => true,
+        'simplified_null_return'                    => true,
+        'single_line_comment_style'                 => true,
+        'single_line_throw'                         => false,
+        'space_after_semicolon'                     => true,
+        'static_lambda'                             => true,
+        'strict_comparison'                         => true,
+        'string_line_ending'                        => true,
+    ])
+    ->setFinder(
+        PhpCsFixer\Finder::create()
+            ->in(__DIR__ . '/src')
+            ->in(__DIR__ . '/tests')
+    )
+;
--- a/data/web/inc/lib/vendor/ddeboer/imap/composer.json
+++ b/data/web/inc/lib/vendor/ddeboer/imap/composer.json
@@ -1,12 +1,12 @@
 {
    "name": "ddeboer/imap",
    "description": "Object-oriented IMAP for PHP",
+    "license": "MIT",
    "keywords": [
        "email",
        "mail",
        "imap"
    ],
-    "license": "MIT",
    "authors": [
        {
            "name": "David de Boer",
@@ -22,18 +22,19 @@
        }
    ],
    "require": {
-        "php": "^7.4 || ^8.0",
+        "php": "^8.0.1",
        "ext-iconv": "*",
        "ext-imap": "*",
        "ext-mbstring": "*"
    },
    "require-dev": {
-        "friendsofphp/php-cs-fixer": "^2.18.6",
-        "laminas/laminas-mail": "^2.14.0",
-        "phpstan/phpstan": "^0.12.84",
-        "phpstan/phpstan-phpunit": "^0.12.18",
-        "phpstan/phpstan-strict-rules": "^0.12.9",
-        "phpunit/phpunit": "^9.5.4"
+        "friendsofphp/php-cs-fixer": "^v3.4.0",
+        "laminas/laminas-mail": "^2.15.1",
+        "malukenho/mcbumpface": "^1.1.5",
+        "phpstan/phpstan": "^1.3.3",
+        "phpstan/phpstan-phpunit": "^1.0.0",
+        "phpstan/phpstan-strict-rules": "^1.1.0",
+        "phpunit/phpunit": "^9.5.11"
    },
    "autoload": {
        "psr-4": {
@@ -44,5 +45,10 @@
        "psr-4": {
            "Ddeboer\\Imap\\Tests\\": "tests/"
        }
+    },
+    "config": {
+        "allow-plugins": {
+            "malukenho/mcbumpface": true
+        }
    }
 }
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Connection.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Connection.php
@@ -117,6 +117,7 @@ final class Connection implements ConnectionInterface
        return new Mailbox($this->resource, $name, $this->mailboxNames[$name]);
    }

+    #[\ReturnTypeWillChange]
    public function count()
    {
        $return = \imap_num_msg($this->resource->getStream());
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/ImapResource.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/ImapResource.php
@@ -6,6 +6,7 @@ namespace Ddeboer\Imap;

 use Ddeboer\Imap\Exception\InvalidResourceException;
 use Ddeboer\Imap\Exception\ReopenMailboxException;
+use IMAP\Connection;

 /**
 * An imap resource stream.
@@ -22,7 +23,7 @@ final class ImapResource implements ImapResourceInterface
    /**
     * Constructor.
     *
-     * @param resource $resource
+     * @param Connection|resource $resource
     */
    public function __construct($resource, MailboxInterface $mailbox = null)
    {
@@ -32,7 +33,10 @@ final class ImapResource implements ImapResourceInterface

    public function getStream()
    {
-        if (false === \is_resource($this->resource) || 'imap' !== \get_resource_type($this->resource)) {
+        if (
+            !$this->resource instanceof Connection
+            && (false === \is_resource($this->resource) || 'imap' !== \get_resource_type($this->resource))
+        ) {
            throw new InvalidResourceException('Supplied resource is not a valid imap resource');
        }

@@ -55,8 +59,14 @@ final class ImapResource implements ImapResourceInterface
            return;
        }

+        \set_error_handler(static function (): bool {
+            return true;
+        });
+
        \imap_reopen($this->resource, $this->mailbox->getFullEncodedName());

+        \restore_error_handler();
+
        if (self::isMailboxOpen($this->mailbox, $this->resource)) {
            return;
        }
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Mailbox.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Mailbox.php
@@ -64,6 +64,7 @@ final class Mailbox implements MailboxInterface
        return $this->info->delimiter;
    }

+    #[\ReturnTypeWillChange]
    public function count()
    {
        $return = \imap_num_msg($this->resource->getStream());
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Message/AbstractPart.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Message/AbstractPart.php
@@ -268,6 +268,7 @@ abstract class AbstractPart implements PartInterface
     *
     * @return mixed
     */
+    #[\ReturnTypeWillChange]
    final public function current()
    {
        $this->lazyParseStructure();
@@ -275,11 +276,13 @@ abstract class AbstractPart implements PartInterface
        return $this->parts[$this->key];
    }

+    #[\ReturnTypeWillChange]
    final public function getChildren()
    {
        return $this->current();
    }

+    #[\ReturnTypeWillChange]
    final public function hasChildren()
    {
        $this->lazyParseStructure();
@@ -290,21 +293,25 @@ abstract class AbstractPart implements PartInterface
    /**
     * @return int
     */
+    #[\ReturnTypeWillChange]
    final public function key()
    {
        return $this->key;
    }

+    #[\ReturnTypeWillChange]
    final public function next()
    {
        ++$this->key;
    }

+    #[\ReturnTypeWillChange]
    final public function rewind()
    {
        $this->key = 0;
    }

+    #[\ReturnTypeWillChange]
    final public function valid()
    {
        $this->lazyParseStructure();
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/Message/EmailAddress.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/Message/EmailAddress.php
@@ -19,6 +19,7 @@ final class EmailAddress
        $this->mailbox  = $mailbox;
        $this->hostname = $hostname;
        $this->name     = $name;
+        $this->address  = null;

        if (null !== $hostname) {
            $this->address = $mailbox . '@' . $hostname;
--- a/data/web/inc/lib/vendor/ddeboer/imap/src/MessageIteratorInterface.php
+++ b/data/web/inc/lib/vendor/ddeboer/imap/src/MessageIteratorInterface.php
@@ -9,7 +9,7 @@ use Ddeboer\Imap\Message\PartInterface;
 /**
 * @extends \Iterator<MessageInterface>
 */
-interface MessageIteratorInterface extends \Iterator
+interface MessageIteratorInterface extends \Iterator, \Countable
 {
    /**
     * Get current message.
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.github/workflows/run-tests.yml
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.github/workflows/run-tests.yml
@@ -13,7 +13,7 @@ jobs:
      fail-fast: false
      matrix:
        os: [ubuntu-latest, windows-latest]
-        php: [8.0, 7.4, 7.3]
+        php: [8.1, 8.0, 7.4, 7.3]

    name: ${{ matrix.os }} - P${{ matrix.php }}

@@ -39,3 +39,40 @@ jobs:

      - name: Execute tests
        run: vendor/bin/phpunit
+
+  run-analysis:
+    runs-on: ${{ matrix.os }}
+    name: Static code analysis (PHP ${{ matrix.php }})
+
+    strategy:
+      fail-fast: false
+      matrix:
+        os: [ubuntu-latest]
+        php: [8.0]
+
+    steps:
+      - name: Checkout code
+        uses: actions/checkout@v2
+
+      - name: Cache dependencies
+        uses: actions/cache@v2
+        with:
+          path: ~/.composer/cache/files
+          key: dependencies-php-${{ matrix.php }}-composer-${{ hashFiles('composer.json') }}
+
+      - name: Setup PHP
+        uses: shivammathur/setup-php@v2
+        with:
+          php-version: ${{ matrix.php }}
+          extensions: ldap, json
+          coverage: none
+          tools: psalm
+
+      - name: Validate composer.json
+        run: composer validate
+
+      - name: Install dependencies
+        run: composer update --prefer-dist --no-interaction
+
+      - name: Run Psalm
+        run: psalm
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.gitignore
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.gitignore
@@ -1,5 +1,6 @@
 vendor
 composer.lock
+psalm.phar
 .php_cs.cache
 .phpunit.result.cache
 .php-cs-fixer.cache
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/.styleci.yml
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/.styleci.yml
@@ -1,4 +1,8 @@
 preset: laravel
 enabled:
  - phpdoc_align
+  - phpdoc_separation
  - unalign_double_arrow
+disabled:
+  - laravel_phpdoc_alignment
+  - laravel_phpdoc_separation
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/composer.json
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/composer.json
@@ -32,19 +32,21 @@
        "php": ">=7.3",
        "ext-ldap": "*",
        "ext-json": "*",
-        "psr/log": "^1.0",
-        "psr/simple-cache": "^1.0",
+        "psr/log": "*",
+        "psr/simple-cache": "^1.0|^2.0",
        "nesbot/carbon": "^1.0|^2.0",
        "tightenco/collect": "^5.6|^6.0|^7.0|^8.0",
-        "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0"
+        "illuminate/contracts": "^5.0|^6.0|^7.0|^8.0|^9.0"
    },
    "require-dev": {
-        "phpunit/phpunit": "^8.0",
+        "phpunit/phpunit": "^9.0",
        "mockery/mockery": "^1.0",
        "spatie/ray": "^1.24"
    },
    "archive": {
-        "exclude": ["/tests"]
+        "exclude": [
+            "/tests"
+        ]
    },
    "autoload": {
        "psr-4": {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/readme.md
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/readme.md
@@ -92,3 +92,13 @@ We've all been there -- accidentally deleting a user or group in Active Director
 <p align="center">If you discover a security vulnerability within LdapRecord, please send an e-mail to Steve Bauman via <a href="mailto:steven_bauman@outlook.com">steven_bauman@outlook.com</a>.</p>

 <p align="center">All security vulnerabilities will be promptly addressed.</p>
+
+---
+
+<h3 align="center">Credits</h3>
+
+<p align="center">This package is directly inspired from <a href="https://laravel.com/docs/eloquent">Laravel's Eloquent</a>, and most features are direct ports to an LDAP equivalent.</p>
+
+<p align="center">I am forever grateful for the work <a href="https://github.com/taylorotwell">Taylor Otwell</a> has produced.</p>
+
+<p align="center">If you can, support his work by purchasing a <a href="https://github.com/sponsors/taylorotwell">sponsorship</a>, or one of his many Laravel based services.</p>
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Auth/Guard.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Auth/Guard.php
@@ -54,10 +54,10 @@ class Guard
     * @param string $password
     * @param bool   $stayBound
     *
+     * @return bool
+     *
     * @throws UsernameRequiredException
     * @throws PasswordRequiredException
-     *
-     * @return bool
     */
    public function attempt($username, $password, $stayBound = false)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/DomainConfiguration.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/DomainConfiguration.php
@@ -124,9 +124,9 @@ class DomainConfiguration
     *
     * @param string $key
     *
-     * @throws ConfigurationException When the option specified does not exist.
-     *
     * @return mixed
+     *
+     * @throws ConfigurationException When the option specified does not exist.
     */
    public function get($key)
    {
@@ -155,9 +155,9 @@ class DomainConfiguration
     * @param string $key
     * @param mixed  $value
     *
-     * @throws ConfigurationException When an option value given is an invalid type.
-     *
     * @return bool
+     *
+     * @throws ConfigurationException When an option value given is an invalid type.
     */
    protected function validate($key, $value)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/Validators/Validator.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Configuration/Validators/Validator.php
@@ -49,9 +49,9 @@ abstract class Validator
    /**
     * Validate the configuration value.
     *
-     * @throws ConfigurationException
-     *
     * @return bool
+     *
+     * @throws ConfigurationException
     */
    public function validate()
    {
@@ -65,9 +65,9 @@ abstract class Validator
    /**
     * Throw a configuration exception.
     *
-     * @throws ConfigurationException
-     *
     * @return void
+     *
+     * @throws ConfigurationException
     */
    protected function fail()
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Connection.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Connection.php
@@ -111,9 +111,9 @@ class Connection
     *
     * @param array $config
     *
-     * @throws Configuration\ConfigurationException
-     *
     * @return $this
+     *
+     * @throws Configuration\ConfigurationException
     */
    public function setConfiguration($config = [])
    {
@@ -241,10 +241,10 @@ class Connection
     * @param string|null $username
     * @param string|null $password
     *
+     * @return Connection
+     *
     * @throws Auth\BindException
     * @throws LdapRecordException
-     *
-     * @return Connection
     */
    public function connect($username = null, $password = null)
    {
@@ -274,10 +274,10 @@ class Connection
    /**
     * Reconnect to the LDAP server.
     *
+     * @return void
+     *
     * @throws Auth\BindException
     * @throws ConnectionException
-     *
-     * @return void
     */
    public function reconnect()
    {
@@ -385,9 +385,9 @@ class Connection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function runOperationCallback(Closure $operation)
    {
@@ -442,9 +442,9 @@ class Connection
     * @param LdapRecordException $e
     * @param Closure             $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function tryAgainIfCausedByLostConnection(LdapRecordException $e, Closure $operation)
    {
@@ -463,9 +463,9 @@ class Connection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function retry(Closure $operation)
    {
@@ -486,9 +486,9 @@ class Connection
     * @param LdapRecordException $e
     * @param Closure             $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function retryOnNextHost(LdapRecordException $e, Closure $operation)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/ConnectionManager.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/ConnectionManager.php
@@ -149,9 +149,9 @@ class ConnectionManager
     *
     * @param string|null $name
     *
-     * @throws ContainerException If the given connection does not exist.
-     *
     * @return Connection
+     *
+     * @throws ContainerException If the given connection does not exist.
     */
    public function get($name = null)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/Logger.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/Logger.php
@@ -39,11 +39,14 @@ class Logger
    {
        switch (true) {
            case $event instanceof AuthEvent:
-                return $this->auth($event);
+                $this->auth($event);
+                break;
            case $event instanceof ModelEvent:
-                return $this->model($event);
+                $this->model($event);
+                break;
            case $event instanceof QueryEvent:
-                return $this->query($event);
+                $this->query($event);
+                break;
        }
    }

--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/NullDispatcher.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Events/NullDispatcher.php
@@ -0,0 +1,113 @@
+<?php
+
+namespace LdapRecord\Events;
+
+class NullDispatcher implements DispatcherInterface
+{
+    /**
+     * The underlying dispatcher instance.
+     *
+     * @var DispatcherInterface
+     */
+    protected $dispatcher;
+
+    /**
+     * Constructor.
+     *
+     * @param DispatcherInterface $dispatcher
+     */
+    public function __construct(DispatcherInterface $dispatcher)
+    {
+        $this->dispatcher = $dispatcher;
+    }
+
+    /**
+     * Register an event listener with the dispatcher.
+     *
+     * @param string|array $events
+     * @param mixed        $listener
+     *
+     * @return void
+     */
+    public function listen($events, $listener)
+    {
+        $this->dispatcher->listen($events, $listener);
+    }
+
+    /**
+     * Determine if a given event has listeners.
+     *
+     * @param string $eventName
+     *
+     * @return bool
+     */
+    public function hasListeners($eventName)
+    {
+        return $this->dispatcher->hasListeners($eventName);
+    }
+
+    /**
+     * Fire an event until the first non-null response is returned.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     *
+     * @return null
+     */
+    public function until($event, $payload = [])
+    {
+        return null;
+    }
+
+    /**
+     * Fire an event and call the listeners.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     * @param bool          $halt
+     *
+     * @return null
+     */
+    public function fire($event, $payload = [], $halt = false)
+    {
+        return null;
+    }
+
+    /**
+     * Fire an event and call the listeners.
+     *
+     * @param string|object $event
+     * @param mixed         $payload
+     * @param bool          $halt
+     *
+     * @return null
+     */
+    public function dispatch($event, $payload = [], $halt = false)
+    {
+        return null;
+    }
+
+    /**
+     * Get all of the listeners for a given event name.
+     *
+     * @param string $eventName
+     *
+     * @return array
+     */
+    public function getListeners($eventName)
+    {
+        return $this->dispatcher->getListeners($eventName);
+    }
+
+    /**
+     * Remove a set of listeners from the dispatcher.
+     *
+     * @param string $event
+     *
+     * @return void
+     */
+    public function forget($event)
+    {
+        $this->dispatcher->forget($event);
+    }
+}
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/HandlesConnection.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/HandlesConnection.php
@@ -150,19 +150,21 @@ trait HandlesConnection
     *
     * @param Closure $operation
     *
-     * @throws LdapRecordException
-     *
     * @return mixed
+     *
+     * @throws LdapRecordException
     */
    protected function executeFailableOperation(Closure $operation)
    {
        // If some older versions of PHP, errors are reported instead of throwing
-        // exceptions, which could be a signifcant detriment to our application.
+        // exceptions, which could be a significant detriment to our application.
        // Here, we will enforce these operations to throw exceptions instead.
-        set_error_handler(function ($severity, $message, $file, $line) {
+        set_error_handler(function (int $severity, string $message, string $file, int $line): bool {
            if (! $this->shouldBypassError($message)) {
                throw new ErrorException($message, $severity, $severity, $file, $line);
            }
+
+            return true;
        });

        try {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Ldap.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Ldap.php
@@ -2,6 +2,9 @@

 namespace LdapRecord;

+use LDAP\Connection as RawLdapConnection;
+
+/** @psalm-suppress UndefinedClass */
 class Ldap implements LdapInterface
 {
    use HandlesConnection, DetectsErrors;
@@ -104,7 +107,7 @@ class Ldap implements LdapInterface
    public function getLastError()
    {
        if (! $this->connection) {
-            return;
+            return null;
        }

        return ldap_error($this->connection);
@@ -116,7 +119,7 @@ class Ldap implements LdapInterface
    public function getDetailedError()
    {
        if (! $number = $this->errNo()) {
-            return;
+            return null;
        }

        $this->getOption(LDAP_OPT_DIAGNOSTIC_MESSAGE, $message);
@@ -202,7 +205,9 @@ class Ldap implements LdapInterface
     */
    public function close()
    {
-        $result = is_resource($this->connection) ? @ldap_close($this->connection) : false;
+        $result = (is_resource($this->connection) || $this->connection instanceof RawLdapConnection)
+            ? @ldap_close($this->connection)
+            : false;

        $this->connection = null;
        $this->bound = false;
@@ -214,7 +219,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
@@ -235,7 +240,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
@@ -256,7 +261,7 @@ class Ldap implements LdapInterface
    /**
     * @inheritdoc
     */
-    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = [])
+    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = [])
    {
        return $this->executeFailableOperation(function () use (
            $dn,
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/LdapInterface.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/LdapInterface.php
@@ -156,7 +156,7 @@ interface LdapInterface
    /**
     * Return detailed information about an error.
     *
-     * Returns false when there was a successful last request.
+     * Returns null when there was a successful last request.
     *
     * Returns DetailedError when there was an error.
     *
@@ -202,9 +202,9 @@ interface LdapInterface
     *
     * @see http://php.net/manual/en/function.ldap-start-tls.php
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function startTLS();

@@ -247,7 +247,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function search($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Performs a single level search on the current connection.
@@ -265,7 +265,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function listing($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Reads an entry on the current connection.
@@ -283,7 +283,7 @@ interface LdapInterface
     *
     * @return resource
     */
-    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = null, $serverControls = []);
+    public function read($dn, $filter, array $fields, $onlyAttributes = false, $size = 0, $time = 0, $deref = LDAP_DEREF_NEVER, $serverControls = []);

    /**
     * Extract information from an LDAP result.
@@ -292,10 +292,10 @@ interface LdapInterface
     *
     * @param resource $result
     * @param int      $errorCode
-     * @param string   $dn
-     * @param string   $errorMessage
-     * @param array    $referrals
-     * @param array    $serverControls
+     * @param ?string  $dn
+     * @param ?string  $errorMessage
+     * @param ?array   $referrals
+     * @param ?array   $serverControls
     *
     * @return bool
     */
@@ -310,9 +310,9 @@ interface LdapInterface
     * @param string $username
     * @param string $password
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function bind($username, $password);

@@ -324,9 +324,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function add($dn, array $entry);

@@ -337,9 +337,9 @@ interface LdapInterface
     *
     * @param string $dn
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function delete($dn);

@@ -353,9 +353,9 @@ interface LdapInterface
     * @param string $newParent
     * @param bool   $deleteOldRdn
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function rename($dn, $newRdn, $newParent, $deleteOldRdn = false);

@@ -367,9 +367,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modify($dn, array $entry);

@@ -381,9 +381,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $values
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modifyBatch($dn, array $values);

@@ -395,9 +395,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modAdd($dn, array $entry);

@@ -409,9 +409,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modReplace($dn, array $entry);

@@ -423,9 +423,9 @@ interface LdapInterface
     * @param string $dn
     * @param array  $entry
     *
-     * @throws LdapRecordException
-     *
     * @return bool
+     *
+     * @throws LdapRecordException
     */
    public function modDelete($dn, array $entry);

--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Entry.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Entry.php
@@ -78,7 +78,7 @@ class Entry extends BaseEntry implements ActiveDirectory
     */
    public function isDeleted()
    {
-        return strtoupper($this->getFirstAttribute('isDeleted')) === 'TRUE';
+        return strtoupper((string) $this->getFirstAttribute('isDeleted')) === 'TRUE';
    }

    /**
@@ -86,9 +86,9 @@ class Entry extends BaseEntry implements ActiveDirectory
     *
     * @param string|null $newParentDn
     *
-     * @throws \LdapRecord\LdapRecordException
-     *
     * @return bool
+     *
+     * @throws \LdapRecord\LdapRecordException
     */
    public function restore($newParentDn = null)
    {
@@ -109,10 +109,9 @@ class Entry extends BaseEntry implements ActiveDirectory
            }
        });

-        $this->save([
-            'isDeleted' => null,
-            'distinguishedName' => $newDn,
-        ]);
+        $this->setRawAttribute('distinguishedname', $newDn);
+
+        $this->save(['isDeleted' => null]);
    }

    /**
@@ -120,9 +119,9 @@ class Entry extends BaseEntry implements ActiveDirectory
     *
     * @param string|null $connection
     *
-     * @throws \LdapRecord\Models\ModelNotFoundException
-     *
     * @return static
+     *
+     * @throws \LdapRecord\Models\ModelNotFoundException
     */
    public static function getRootDse($connection = null)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Group.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Group.php
@@ -63,7 +63,7 @@ class Group extends Entry
     */
    public function getRidAttribute()
    {
-        $objectSidComponents = explode('-', $this->getConvertedSid());
+        $objectSidComponents = explode('-', (string) $this->getConvertedSid());

        return [end($objectSidComponents)];
    }
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Scopes/InConfigurationContext.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/Scopes/InConfigurationContext.php
@@ -15,9 +15,9 @@ class InConfigurationContext implements Scope
     * @param Builder $query
     * @param Model   $model
     *
-     * @throws \LdapRecord\Models\ModelNotFoundException
-     *
     * @return void
+     *
+     * @throws \LdapRecord\Models\ModelNotFoundException
     */
    public function apply(Builder $query, Model $model)
    {
@@ -29,9 +29,9 @@ class InConfigurationContext implements Scope
     *
     * @param Model $model
     *
-     * @throws \LdapRecord\Models\ModelNotFoundException
-     *
     * @return mixed
+     *
+     * @throws \LdapRecord\Models\ModelNotFoundException
     */
    protected function getConfigurationNamingContext(Model $model)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/User.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/ActiveDirectory/User.php
@@ -2,6 +2,7 @@

 namespace LdapRecord\Models\ActiveDirectory;

+use Carbon\Carbon;
 use Illuminate\Contracts\Auth\Authenticatable;
 use LdapRecord\Models\ActiveDirectory\Concerns\HasPrimaryGroup;
 use LdapRecord\Models\ActiveDirectory\Scopes\RejectComputerObjectClass;
@@ -117,4 +118,42 @@ class User extends Entry implements Authenticatable
    {
        return $query->whereHas('msExchMailboxGuid');
    }
+
+    /**
+     * Scopes the query to users having a lockout value set.
+     *
+     * @param Builder $query
+     *
+     * @return Builder
+     */
+    public function scopeWhereHasLockout(Builder $query)
+    {
+        return $query->where('lockoutTime', '>=', 1);
+    }
+
+    /**
+     * Determine if the user is locked out using the domains LockoutDuration group policy value.
+     *
+     * @see https://ldapwiki.com/wiki/Active%20Directory%20Account%20Lockout
+     * @see https://docs.microsoft.com/en-us/windows/security/threat-protection/security-policy-settings/account-lockout-duration
+     *
+     * @param string|int $localTimezone
+     * @param int|null   $durationInMinutes
+     *
+     * @return bool
+     */
+    public function isLockedOut($localTimezone, $durationInMinutes = null)
+    {
+        $time = $this->getFirstAttribute('lockouttime');
+
+        if (! $time instanceof Carbon) {
+            return false;
+        }
+
+        is_int($localTimezone)
+            ? $time->addMinutes($localTimezone)
+            : $time->setTimezone($localTimezone)->addMinutes($durationInMinutes ?: 0);
+
+        return ! $time->isPast();
+    }
 }
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/AccountControl.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/AccountControl.php
@@ -53,14 +53,14 @@ class AccountControl
    /**
     * The account control flag values.
     *
-     * @var array
+     * @var array<int, int>
     */
    protected $values = [];

    /**
     * Constructor.
     *
-     * @param int $flag
+     * @param ?int $flag
     */
    public function __construct($flag = null)
    {
@@ -431,7 +431,7 @@ class AccountControl
    /**
     * Get the account control flag values.
     *
-     * @return array
+     * @return array<int, int>
     */
    public function getValues()
    {
@@ -441,7 +441,7 @@ class AccountControl
    /**
     * Set the account control values.
     *
-     * @param array $flags
+     * @param array<int, int> $flags
     *
     * @return void
     */
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/DistinguishedName.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/DistinguishedName.php
@@ -12,7 +12,7 @@ class DistinguishedName
    /**
     * The underlying raw value.
     *
-     * @var string|null
+     * @var string
     */
    protected $value;

@@ -23,7 +23,7 @@ class DistinguishedName
     */
    public function __construct($value = null)
    {
-        $this->value = trim($value);
+        $this->value = trim((string) $value);
    }

    /**
@@ -72,6 +72,18 @@ class DistinguishedName
        return new static($value);
    }

+    /**
+     * Determine if the given value is a valid distinguished name.
+     *
+     * @param string $value
+     *
+     * @return bool
+     */
+    public static function isValid($value)
+    {
+        return ! static::make($value)->isEmpty();
+    }
+
    /**
     * Explode a distinguished name into relative distinguished names.
     *
@@ -81,19 +93,19 @@ class DistinguishedName
     */
    public static function explode($dn)
    {
-        $dn = ldap_explode_dn($dn, $withoutAttributes = false);
+        $components = ldap_explode_dn($dn, (int) $withoutAttributes = false);

-        if (! is_array($dn)) {
+        if (! is_array($components)) {
            return [];
        }

-        if (! array_key_exists('count', $dn)) {
+        if (! array_key_exists('count', $components)) {
            return [];
        }

-        unset($dn['count']);
+        unset($components['count']);

-        return $dn;
+        return $components;
    }

    /**
@@ -310,6 +322,18 @@ class DistinguishedName
        return implode(',', $components) ?: null;
    }

+    /**
+     * Determine if the distinguished name is empty.
+     *
+     * @return bool
+     */
+    public function isEmpty()
+    {
+        return empty(
+            array_filter($this->values())
+        );
+    }
+
    /**
     * Determine if the current distinguished name is a parent of the given child.
     *
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/DistinguishedNameBuilder.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/DistinguishedNameBuilder.php
@@ -236,7 +236,7 @@ class DistinguishedNameBuilder
    /**
     * Build the distinguished name from the components.
     *
-     * @return $this
+     * @return string
     */
    protected function build()
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/EscapedValue.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/EscapedValue.php
@@ -34,7 +34,7 @@ class EscapedValue
     */
    public function __construct($value, $ignore = '', $flags = 0)
    {
-        $this->value = $value;
+        $this->value = (string) $value;
        $this->ignore = $ignore;
        $this->flags = $flags;
    }
@@ -59,6 +59,16 @@ class EscapedValue
        return ldap_escape($this->value, $this->ignore, $this->flags);
    }

+    /**
+     * Get the raw (unescaped) value.
+     *
+     * @return mixed
+     */
+    public function raw()
+    {
+        return $this->value;
+    }
+
    /**
     * Set the characters to exclude from being escaped.
     *
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/Password.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/Password.php
@@ -244,9 +244,9 @@ class Password
     *
     * @param int $type
     *
-     * @throws InvalidArgumentException
-     *
     * @return array
+     *
+     * @throws InvalidArgumentException
     */
    protected static function makeCryptPrefixAndLength($type)
    {
@@ -297,9 +297,9 @@ class Password
    /**
     * Attempt to retrieve a salt from the encrypted password.
     *
-     * @throws LdapRecordException
-     *
     * @return string
+     *
+     * @throws LdapRecordException
     */
    public static function getSalt($encryptedPassword)
    {
@@ -321,9 +321,9 @@ class Password
     *
     * @param string $method
     *
-     * @throws \ReflectionException
-     *
     * @return bool
+     *
+     * @throws \ReflectionException
     */
    public static function hashMethodRequiresSalt($method): bool
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/Timestamp.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Attributes/Timestamp.php
@@ -61,9 +61,9 @@ class Timestamp
     *
     * @param mixed $value
     *
-     * @throws LdapRecordException
-     *
     * @return float|string
+     *
+     * @throws LdapRecordException
     */
    public function fromDateTime($value)
    {
@@ -121,9 +121,9 @@ class Timestamp
     *
     * @param mixed $value
     *
-     * @throws LdapRecordException
-     *
     * @return Carbon|false
+     *
+     * @throws LdapRecordException
     */
    public function toDateTime($value)
    {
@@ -155,7 +155,7 @@ class Timestamp
     *
     * @param string $value
     *
-     * @return DateTime|bool
+     * @return DateTime|false
     */
    protected function convertLdapTimeToDateTime($value)
    {
@@ -184,7 +184,7 @@ class Timestamp
     *
     * @param string $value
     *
-     * @return DateTime|bool
+     * @return DateTime|false
     */
    protected function convertWindowsTimeToDateTime($value)
    {
@@ -213,9 +213,9 @@ class Timestamp
     *
     * @param int $value
     *
-     * @throws \Exception
+     * @return DateTime|false
     *
-     * @return DateTime|bool
+     * @throws \Exception
     */
    protected function convertWindowsIntegerTimeToDateTime($value)
    {
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/CanAuthenticate.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/CanAuthenticate.php
@@ -31,6 +31,7 @@ trait CanAuthenticate
     */
    public function getAuthPassword()
    {
+        return '';
    }

    /**
@@ -40,6 +41,7 @@ trait CanAuthenticate
     */
    public function getRememberToken()
    {
+        return '';
    }

    /**
@@ -60,5 +62,6 @@ trait CanAuthenticate
     */
    public function getRememberTokenName()
    {
+        return '';
    }
 }
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/HasAttributes.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/HasAttributes.php
@@ -238,26 +238,28 @@ trait HasAttributes
     * Returns the models attribute by its key.
     *
     * @param int|string $key
+     * @param mixed      $default
     *
     * @return mixed
     */
-    public function getAttribute($key)
+    public function getAttribute($key, $default = null)
    {
        if (! $key) {
            return;
        }

-        return $this->getAttributeValue($key);
+        return $this->getAttributeValue($key, $default);
    }

    /**
     * Get an attributes value.
     *
     * @param string $key
+     * @param mixed  $default
     *
     * @return mixed
     */
-    public function getAttributeValue($key)
+    public function getAttributeValue($key, $default = null)
    {
        $key = $this->normalizeAttributeKey($key);
        $value = $this->getAttributeFromArray($key);
@@ -274,7 +276,7 @@ trait HasAttributes
            return $this->castAttribute($key, $value);
        }

-        return $value;
+        return is_null($value) ? $default : $value;
    }

    /**
@@ -311,9 +313,9 @@ trait HasAttributes
     * @param string $type
     * @param mixed  $value
     *
-     * @throws LdapRecordException
-     *
     * @return float|string
+     *
+     * @throws LdapRecordException
     */
    public function fromDateTime($type, $value)
    {
@@ -326,9 +328,9 @@ trait HasAttributes
     * @param mixed  $value
     * @param string $type
     *
-     * @throws LdapRecordException
-     *
     * @return Carbon|false
+     *
+     * @throws LdapRecordException
     */
    public function asDateTime($value, $type)
    {
@@ -686,13 +688,14 @@ trait HasAttributes
     * Returns the first attribute by the specified key.
     *
     * @param string $key
+     * @param mixed  $default
     *
     * @return mixed
     */
-    public function getFirstAttribute($key)
+    public function getFirstAttribute($key, $default = null)
    {
        return Arr::first(
-            Arr::wrap($this->getAttribute($key))
+            Arr::wrap($this->getAttribute($key, $default)),
        );
    }

@@ -707,9 +710,9 @@ trait HasAttributes
    }

    /**
-     * Set an attribute value by the specified key and sub-key.
+     * Set an attribute value by the specified key.
     *
-     * @param mixed $key
+     * @param string $key
     * @param mixed  $value
     *
     * @return $this
@@ -737,6 +740,23 @@ trait HasAttributes
        return $this;
    }

+    /**
+     * Set an attribute on the model. No checking is done.
+     *
+     * @param string $key
+     * @param mixed  $value
+     *
+     * @return $this
+     */
+    public function setRawAttribute($key, $value)
+    {
+        $key = $this->normalizeAttributeKey($key);
+
+        $this->attributes[$key] = Arr::wrap($value);
+
+        return $this;
+    }
+
    /**
     * Set the models first attribute value.
     *
--- a/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/HasEvents.php
+++ b/data/web/inc/lib/vendor/directorytree/ldaprecord/src/Models/Concerns/HasEvents.php
@@ -3,10 +3,39 @@
 namespace LdapRecord\Models\Concerns;

 use Closure;
+use LdapRecord\Events\NullDispatcher;
 use LdapRecord\Models\Events\Event;

 trait HasEvents
 {
+    /**
+     * Execute the callback without raising any events.
+     *
+     * @param Closure $callback
+     *
+     * @return mixed
+     */
+    protected static function withoutEvents(Closure $callback)
+    {
+        $container = static::getConnectionContainer();
+
+        $dispatcher = $container->getEventDispatcher();
+
+        if ($dispatcher) {
+            $container->setEventDispatcher(
+                new NullDispatcher($dispatcher)
+            );
+        }
+
+        try {
+            return $callback();
+        } finally {
+            if ($dispatcher) {
+                $container->setEventDispatcher($dispatcher);
+            }
+        }
+    }
+
    /**
     * Fires the specified model event.
     *
--- a/Show More
+++ b/Show More
				`@@ -1 +0,0 @@`
				`../symfony/var-dumper/Resources/bin/var-dump-server`