9561846979
Update workflow actions and Go versions ( #3245 )
...
This PR:
* Updates the versions of various actions used by the CI and release workflows
* Updates the release workflow to use Go version 1.22
* Updates the test matrix to use Go versions 1.21, 1.22, and 1.23
It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR.
As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.
2024-09-22 23:24:43 -05:00
908886f2cd
Enforce account locks when creating new users ( #3173 )
...
Properly enforce account locks when new users are created
---------
Co-authored-by: Caetan Tojeiro Carpente <caetan.tojeiro@tier8.com>
2024-09-22 22:53:08 -05:00
8e79294413
Added error handling to in-app reporting mechanism
2023-09-15 15:45:30 +01:00
ac9e6a7190
Add DB_NAME to run.sh to support mysql ( #2850 )
...
Adding environment variable DB_NAME to run.sh so that Gophish Container can be set up with mysql/mariadb.
db_name has to be changed in config to mysql for mysql connection to work.
2023-08-22 21:03:39 -05:00
04f0fb6dfd
Install ca-certificates on Docker image ( #2888 )
...
The ca-certificates package is necessary for Gophish to connect to webhooks using HTTPS.
2023-08-22 20:50:03 -05:00
d2efb18ef1
Updated regex pattern to allow longer TLDs
2022-12-16 17:04:55 +00:00
2d08befb6b
Modified "SMTP From" field to avoid SMTP server errors with RFC 5321 ( #2669 )
...
Co-authored-by: Thomas Castronovo <thocastronovo@cic.be>
2022-11-29 16:41:10 +00:00
cec2da5128
Fix new records being added on completing a campaign ( #2599 )
...
There were new records with name '[Deleted]' being added when a campaign was
completed. This used to happen when the resource associated with a campaign
(template, page, profile) was deleted before marking the campaign as
completed. The save gorm call used to upsert these values and ended up adding
rogue records.
2022-10-13 16:16:37 +01:00
095a9ba20c
Updated README.md with working source installation instructions (see https://github.com/golang/go/issues/48332 )
2022-09-29 13:21:31 +01:00
b1648f0759
Bumped version to 0.12.1
2022-09-14 11:30:00 +01:00
06e95c1fb8
Minified campaigns.js #2482
2022-09-14 11:29:18 +01:00
53537a221a
Fix resource selection during campaign copy ( #2482 )
...
Clear the selection of resource (template, page, profile) whenever the original
resource is deleted and there is only one currently available resource present
in the DB while copying a campaign. Without this fix, the only available
resource is shown as the original resource, instead of showing [Deleted].
2022-09-14 12:26:29 +02:00
2b85a2bda5
Updated release workflow to mitigate set-env vulnerability and fix Windows build
2022-09-14 11:06:03 +01:00
a53665b1b6
Updated formatting and CI to be in line with more recent versions of go
2022-09-12 22:05:34 +01:00
78e9a51168
Add Trusted Origins to CSRF Handler ( #2301 )
...
Enables the user to add addresses that they expect incoming connections
to come from. Helpful in cases where TLS termination is handled by a
load balancer upstream, rather than the application itself.
2022-09-06 16:20:19 +02:00
3863ad31b9
Fixed issue with sorting by login date of users
2022-08-26 23:09:14 +02:00
34f7457294
Update README.md
...
Updated installation command
2022-08-25 15:28:54 +02:00
32c0502999
Minified missing sending_profile file ( 741201b)
2022-08-24 18:00:00 +02:00
6b61426aab
Bumped version to 0.12.0
2022-08-12 21:31:43 +02:00
90cd444dcb
Minified template.js resolving #2545
2022-08-09 15:24:29 +01:00
5ef2d75e72
Fixed Account Locked bug, allowing user accounts to be locked
2022-06-11 11:25:56 +01:00
6fb77bf3ce
Fixed formatting from Custom Envelope PR #2334
2022-06-05 21:18:32 +01:00
d0ff3829e5
Disallow deleting of admin user from the UI ( #2487 )
2022-06-01 17:01:55 +01:00
0c255bbe92
Disallow changing of admin username from the UI ( #2487 )
2022-06-01 16:40:04 +01:00
b7c69662ce
Embed or attach files based on their file extension ( #1525 )
...
Embed or attach files based on their file extension:
* Set 'Content-Disposition: inline' for images
* Set 'Content-Disposition: attachment' for other files
2022-06-01 17:14:22 +02:00
704e6d56b3
Fix modal titles saying new when editing existing content ( #2318 )
2022-04-15 16:28:19 +02:00
bb516ef7ab
986 custom envelope sender remerge ( #2334 )
...
* Adds the ability to specify an envelope sender in templates (#986 )
Authored-by: ChessSpider <ChessSpider@users.noreply.github.com>
Authored-by: Olivier MEDOC <o_medoc@yahoo.fr>
Authored-by: ptitdoc <ptitdoc@free.fr>
2022-03-25 16:24:49 +01:00
e0acb99734
Bump minimist from 1.2.0 to 1.2.5 ( #2401 )
...
Bumps [minimist](https://github.com/substack/minimist ) from 1.2.0 to 1.2.5.
- [Release notes](https://github.com/substack/minimist/releases )
- [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.5 )
---
updated-dependencies:
- dependency-name: minimist
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-25 13:10:19 +01:00
eb016a437c
Bump copy-props from 2.0.4 to 2.0.5 ( #2399 )
...
Bumps [copy-props](https://github.com/gulpjs/copy-props ) from 2.0.4 to 2.0.5.
- [Release notes](https://github.com/gulpjs/copy-props/releases )
- [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md )
- [Commits](https://github.com/gulpjs/copy-props/compare/2.0.4...2.0.5 )
---
updated-dependencies:
- dependency-name: copy-props
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-17 15:03:51 +01:00
67e304f372
Fix open redirect vulnerability on the login page ( #2262 )
2022-02-16 17:26:51 +01:00
e215132bdf
Bump ajv from 6.10.0 to 6.12.6 ( #2395 )
...
Bumps [ajv](https://github.com/ajv-validator/ajv ) from 6.10.0 to 6.12.6.
- [Release notes](https://github.com/ajv-validator/ajv/releases )
- [Commits](https://github.com/ajv-validator/ajv/compare/v6.10.0...v6.12.6 )
---
updated-dependencies:
- dependency-name: ajv
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
2022-02-16 16:46:30 +01:00
741201b7f0
Added JS for Fix sending profile form ( #2389 )
2022-02-16 15:30:38 +00:00
1f95efcb7b
Fix sending profile form ( #2389 )
...
Credentials no longer suggested in the Search box in 'Sending Profiles'
2022-02-07 17:12:55 +01:00
a6627dfc6b
Added support for templating attachments ( #1936 )
...
The following attachment types support template variables: docx, docm, pptx, xlsx, xlsm, txt, html, ics.
2022-02-02 15:41:27 +01:00
0646f14c99
Updated the Ansible Playbook ( #2138 )
...
* Update Ansible role
* lint Ansible role
* Update Ansible Playbook README
* use python3 packages instead python2
2021-12-23 19:13:43 +01:00
ceab0509eb
Merge pull request #2296 from gophish/dependabot/npm_and_yarn/tar-4.4.19
...
Bump tar from 4.4.8 to 4.4.19
2021-12-18 09:49:34 +01:00
202ecd3397
Merge pull request #2277 from gophish/dependabot/npm_and_yarn/path-parse-1.0.7
...
Bump path-parse from 1.0.6 to 1.0.7
2021-12-18 09:49:20 +01:00
4b106b3fe2
Merge pull request #2211 from gophish/dependabot/npm_and_yarn/browserslist-4.16.6
...
Bump browserslist from 4.6.1 to 4.16.6
2021-12-18 09:49:11 +01:00
1d18ea7e01
Merge pull request #2196 from gophish/dependabot/npm_and_yarn/hosted-git-info-2.8.9
...
Bump hosted-git-info from 2.7.1 to 2.8.9
2021-12-18 09:48:50 +01:00
b3f0bad5ce
Merge pull request #2195 from gophish/dependabot/npm_and_yarn/lodash-4.17.21
...
Bump lodash from 4.17.19 to 4.17.21
2021-12-18 09:48:41 +01:00
12ecfd84cc
Merge pull request #2182 from gophish/dependabot/npm_and_yarn/ssri-6.0.2
...
Bump ssri from 6.0.1 to 6.0.2
2021-12-18 09:48:33 +01:00
4814620cdc
Merge pull request #2157 from gophish/dependabot/npm_and_yarn/y18n-3.2.2
...
Bump y18n from 3.2.1 to 3.2.2
2021-12-18 09:48:00 +01:00
003d143641
Bump tar from 4.4.8 to 4.4.19
...
Bumps [tar](https://github.com/npm/node-tar ) from 4.4.8 to 4.4.19.
- [Release notes](https://github.com/npm/node-tar/releases )
- [Changelog](https://github.com/npm/node-tar/blob/main/CHANGELOG.md )
- [Commits](https://github.com/npm/node-tar/compare/v4.4.8...v4.4.19 )
---
updated-dependencies:
- dependency-name: tar
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-09-01 04:00:10 +00:00
f89c85f558
Bump path-parse from 1.0.6 to 1.0.7
...
Bumps [path-parse](https://github.com/jbgutierrez/path-parse ) from 1.0.6 to 1.0.7.
- [Release notes](https://github.com/jbgutierrez/path-parse/releases )
- [Commits](https://github.com/jbgutierrez/path-parse/commits/v1.0.7 )
---
updated-dependencies:
- dependency-name: path-parse
dependency-type: indirect
...
Signed-off-by: dependabot[bot] <support@github.com>
2021-08-10 23:42:11 +00:00
5aa3a858cb
Bump browserslist from 4.6.1 to 4.16.6
...
Bumps [browserslist](https://github.com/browserslist/browserslist ) from 4.6.1 to 4.16.6.
- [Release notes](https://github.com/browserslist/browserslist/releases )
- [Changelog](https://github.com/browserslist/browserslist/blob/main/CHANGELOG.md )
- [Commits](https://github.com/browserslist/browserslist/compare/4.6.1...4.16.6 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-25 07:33:27 +00:00
82fd6adf68
Bump hosted-git-info from 2.7.1 to 2.8.9
...
Bumps [hosted-git-info](https://github.com/npm/hosted-git-info ) from 2.7.1 to 2.8.9.
- [Release notes](https://github.com/npm/hosted-git-info/releases )
- [Changelog](https://github.com/npm/hosted-git-info/blob/v2.8.9/CHANGELOG.md )
- [Commits](https://github.com/npm/hosted-git-info/compare/v2.7.1...v2.8.9 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-10 07:08:01 +00:00
5fc6ba6bef
Bump lodash from 4.17.19 to 4.17.21
...
Bumps [lodash](https://github.com/lodash/lodash ) from 4.17.19 to 4.17.21.
- [Release notes](https://github.com/lodash/lodash/releases )
- [Commits](https://github.com/lodash/lodash/compare/4.17.19...4.17.21 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-05-08 15:03:26 +00:00
a5b3b134ba
Bump ssri from 6.0.1 to 6.0.2
...
Bumps [ssri](https://github.com/npm/ssri ) from 6.0.1 to 6.0.2.
- [Release notes](https://github.com/npm/ssri/releases )
- [Changelog](https://github.com/npm/ssri/blob/v6.0.2/CHANGELOG.md )
- [Commits](https://github.com/npm/ssri/compare/v6.0.1...v6.0.2 )
Signed-off-by: dependabot[bot] <support@github.com>
2021-04-29 18:52:25 +00:00
f722065018
Bump y18n from 3.2.1 to 3.2.2
...
Bumps [y18n](https://github.com/yargs/y18n ) from 3.2.1 to 3.2.2.
- [Release notes](https://github.com/yargs/y18n/releases )
- [Changelog](https://github.com/yargs/y18n/blob/master/CHANGELOG.md )
- [Commits](https://github.com/yargs/y18n/commits )
Signed-off-by: dependabot[bot] <support@github.com>
2021-03-30 15:39:51 +00:00
db63ee978d
Bump yargs-parser from 5.0.0 to 5.0.1 ( #2151 )
2021-03-28 15:40:31 -05:00
Jordan Wright
Caetan
Glenn Wilkinson
RS
Philipp
tcastron
Vivek Kekuda
Mark Cabanero
Bálint József Jánvári
Jake Walker
ptitdoc
dependabot[bot]
Kirill
Mark Steward
Bilal Retiat