Dependencies: Update MailKit to 4.15.1

[AndyButland]

Description

Updates MailKit from 4.14.1 to 4.15.1 to address a moderate security vulnerability in a transitive dependency (Mimekit).

After making this upgrade I got some compile errors in the internal class EmailMessageExtensions relating to nullability annotation changes introduced in MailKit 4.15.0+.

Breaking change risk

It seems that MailKit/Mimekit 4.15.0 tightened nullability annotations on several public APIs in a minor release. We've resolved them for Core in this PR, but there's a risk for implementors that may have code that interacts with these types directly.

Testing

Visual inspection and consideration of the breaking change risk should suffice. I've verified locally that sending an email still works as expected.

[Copilot]

Pull request overview

Updates the centrally-managed MailKit dependency to a patched version to address a reported security vulnerability, and adjusts Umbraco’s email-to-MimeMessage mapping to comply with MailKit 4.15+ nullability changes.

Changes:

• Bump MailKit from 4.14.1 to 4.15.1 in central package management.
• Update EmailMessageExtensions to use nullable InternetAddress out parameters and to avoid assigning null to MimeMessage.Subject / TextPart.Text.
• Simplify ToNotificationAddress parsing/type checks and ensure non-null display name.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 2 comments.

File	Description
Directory.Packages.props	Updates the centrally pinned MailKit version to 4.15.1.
src/Umbraco.Infrastructure/Extensions/EmailMessageExtensions.cs	Adapts email MIME/notification conversion logic to MailKit 4.15+ nullability constraints.

[Migaroez]

Did some testing

await _emailSender.SendAsync(new EmailMessage(null,"test@test.test",null,null,true), "test", false, TimeSpan.FromDays(1));
throws
ArgumentException: Value cannot be empty. (Parameter 'subject') Umbraco.Cms.Core.Models.Email.EmailMessage.ArgumentIsNotNullOrEmpty(string arg, string argName) in EmailMessage.cs, line 12

await _emailSender.SendAsync(new EmailMessage(null,"test@test.test",string.Empty,null,true), "test", false, TimeSpan.FromDays(1));
throws
ArgumentException: Value cannot be empty. (Parameter 'subject') Umbraco.Cms.Core.Models.Email.EmailMessage.ArgumentIsNotNullOrEmpty(string arg, string argName) in EmailMessage.cs, line 125

await _emailSender.SendAsync(new EmailMessage(null,"test@test.test",string.Empty,string.Empty,true), "test", false, TimeSpan.FromDays(1));
throws
ArgumentException: Value cannot be empty. (Parameter 'subject') Umbraco.Cms.Core.Models.Email.EmailMessage.ArgumentIsNotNullOrEmpty(string arg, string argName) in EmailMessage.cs, line 125

Only when I supply an actual subject and body does the email go trough
await _emailSender.SendAsync(new EmailMessage(null,"test@test.test","an actual subject","an actual body",true), "test", false, TimeSpan.FromDays(1));

The constructor in question

public EmailMessage(string? from, string? to, string? subject, string? body, bool isBodyHtml)
        : this(from, new[] { to }, null, null, null, subject, body, isBodyHtml, null)
    {
    }

I know this code hasn't changed, but just wanted to highlight it as it concerns the data format that is being passed in the method that changed.

I think the PR is fine as is since its main goal is to fix the nuget upgrade and the related code changes.

[AndyButland]

Thanks @Migaroez - I think this is OK. We could be more defensive as to what we pass here but really all we'd do is surface the error a little earlier.