* [Enhancement] Add composite rule for suspicious URLs in suspicious messages
* [Fix] Another try to fix setproctitle
* [Fix] Do not cleanup hyperscan files unless new ones are loaded
* [Fix] Fix various issues with canonicalisation of the paths
* [Fix] Properly set config field when creating tasks from Lua
* [Fix] Set loaded variable explicitly
* [Fix] known_senders: fix config handling
* [Fix] rbl: fix `exclude_local`
* [Minor] Add missing <algorithm> include for gcc 14
* [Minor] Add rule for messages missing both X-Mailer and User-Agent header
* [Minor] Bundle fasttext as linux distributives are just useless
* [Minor] Enable fasttext on RPM based linux
* [Minor] Forgot it in one more place
* [Minor] Improve FREEMAIL_AFF capture rates
* [Minor] Limit fasttext to amd64 only
* [Minor] Properly search for fasttext include
* [Minor] Treat *.zpaq attachments as archives and harmful
* [Minor] Update to 3.7.4
* [Minor] force_actions: set a group for symbols
* [WebUI] Update map editor

CodeJar 3.7.0 -> 4.2.0

Rationale: https://dshield.org/diary/Malware+Dropped+Through+a+ZPAQ+Archive/30366/

This commit addresses a compilation issue when using GCC 14. According
to GCC 14's porting guide [1], some C++ Standard Library headers no
longer include other headers they used to use internally. Specifically,
<algorithm> must now be explicitly included.

[1] https://gcc.gnu.org/gcc-14/porting_to.html

See-also: https://bugs.gentoo.org/916438
Signed-off-by: Petr Vaněk <arkamar@atlas.cz>

* [Fix] Emergency fix for the hyperscan path error

Issue: #4665

* [Feature] rbl: support checking returncodes by CIDR
* [Feature] rbl: support checking returncodes by regex
* [Feature] rbl: support globbed return codes
* [Fix] DMARC reporting: fix reporting for subdomains
* [Fix] Deal with fmtlib exceptions properly
* [Fix] backport fix for dlfcn.h from backward-cpp
* [Rules] Blank spam detection

[Feature] rbl: support use of different matchers for return codes

 - Demote message to info level
 - Name it returncodes_matcher for better specificity

Tighten rspamd's attachment policy

[WebUI] Fix history table vanishing

Reported by @fatalbanana.

on repeated rows per page input

Reverted based on feedback by @moisseev.

This reverts commit 8171424d84.

- app: Executable Application, blocked in Outlook by default
- aspx: Active Server Page Extended, blocked in Outlook by default
- dll: Dynamic-link Library
- dqy: Microsoft Query File, blocking recommended in MS365
- iqy: ditto
- mht: MHTML File, often abused for phishing and exploit attempts
- mhtml: ditto
- oqy: Microsoft Query File, blocking recommended in MS365
- rqy: ditto
- slk: Microsoft Symbolic Link
- wim: Windows Imaging Format

These are already banned in most environments, including GMail and
Outlook. We may as well bump this score up to 4 eventually.

These are as follows:
- htc: HTML Component File
- pyc: Compiled Python Script
- pyo: Optimized Compiled Python Module
- pyw: Python Script To Be Executed With Suppressed Terminal Window
- pyz: Python Zip Application
- pyzw: Python Zip Application
- vhd: Virtual Hard Disk
- vhdx: Virtual Hard Disk Extended
- wsf: Windows Script File

Note that the Python file types remain unscored in archives, so
distribution of these in source tarballs and the like is not affected by
this commit.

Source: https://support.microsoft.com/en-us/office/blocked-attachments-in-outlook-434752e1-02d3-4e90-9124-8b81e49a8519?ui=en-us&rs=en-us&ad=us

This avoids confusion and enqueries to the rspamd project, if it is made
clear that the decision to score certain attachments high has been
incorporated from a well-known third party, such as Google's or
Microsoft's attachment handling policy.

Issue: #4643

[Minor] RSPAMD_SHAREDIR is called SHAREDIR in configuration

[Test] Banish luacheck from functional tests

 - Use luacheck from GitLab

[Fix] DMARC reporting: fix reporting for subdomains