Merge cdd09ec1ce into 9561846979

This PR:

* Updates the versions of various actions used by the CI and release workflows
* Updates the release workflow to use Go version 1.22
* Updates the test matrix to use Go versions 1.21, 1.22, and 1.23

It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR.

As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.

.github/workflows/ci.yml

@@ -1,5 +1,7 @@
 name: CI
-on: [push]
+on:
+  - pull_request
+  - push
 jobs:
 
   build:
@@ -7,17 +9,17 @@ jobs:
     runs-on: ubuntu-latest
     strategy:
       matrix:
-        goVer: [1.16, 1.17, 1.18]
+        goVer: [1.21, 1.22, 1.23]
 
     steps:
     - name: Set up Go ${{ matrix.goVer }}
-      uses: actions/setup-go@v1
+      uses: actions/setup-go@v5
       with:
         go-version: ${{ matrix.goVer }}
       id: go
 
     - name: Check out code into the Go module directory
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
 
     - name: Get dependencies
       run: |
@@ -31,4 +33,4 @@ jobs:
       run: diff -u <(echo -n) <(gofmt -d .)
     
     - name: Test
-      run: go test -v ./...
+      run: go test ./...

.github/workflows/codeql.yml

@@ -0,0 +1,42 @@
+name: "CodeQL"
+
+on:
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: "35 12 * * 1"
+
+jobs:
+  analyze:
+    name: Analyze
+    runs-on: ubuntu-latest
+    permissions:
+      actions: read
+      contents: read
+      security-events: write
+
+    strategy:
+      fail-fast: false
+      matrix:
+        language: [ javascript, go ]
+
+    steps:
+      - name: Checkout
+        uses: actions/checkout@v3
+
+      - name: Initialize CodeQL
+        uses: github/codeql-action/init@v2
+        with:
+          languages: ${{ matrix.language }}
+          queries: +security-and-quality
+
+      - name: Autobuild
+        uses: github/codeql-action/autobuild@v2
+        if: ${{ matrix.language == 'javascript' || matrix.language == 'go' }}
+
+      - name: Perform CodeQL Analysis
+        uses: github/codeql-action/analyze@v2
+        with:
+          category: "/language:${{ matrix.language }}"

.github/workflows/release.yml

@@ -38,7 +38,7 @@ jobs:
             - name: Set up Go
               uses: actions/setup-go@v2
               with:
-                go-version: 1.14
+                go-version: 1.22
             - if: matrix.os == 'ubuntu-latest'
               run: sudo apt-get update && sudo apt-get install -y gcc-multilib
             - if: matrix.arch == '386'
@@ -47,7 +47,7 @@ jobs:
               run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" >> $GITHUB_ENV
             - if: matrix.os == 'windows-latest'
               run: echo "RELEASE=gophish-${{ github.event.release.tag_name }}-${{ matrix.releaseos }}-64bit" | Out-File -FilePath $env:GITHUB_ENV -Append # https://github.com/actions/runner/issues/1636
-            - uses: actions/checkout@v2
+            - uses: actions/checkout@v4
             - name: Build ${{ matrix.goos }}/${{ matrix.arch }}
               run: go build -o ${{ matrix.bin }}
               env:
@@ -55,7 +55,7 @@ jobs:
                 GOARCH: ${{ matrix.arch }}
                 CGO_ENABLED: 1
             - name: Upload to artifacts
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v4
               with:
                 name: ${{ env.RELEASE }}
                 path: ${{ matrix.bin }}
@@ -65,8 +65,8 @@ jobs:
         runs-on: ubuntu-latest
         needs: build
         steps:
-            - uses: actions/checkout@v2
-            - uses: actions/download-artifact@v2
+            - uses: actions/checkout@v4
+            - uses: actions/download-artifact@v4
               with:
                 path: bin
             - name: Package Releases
@@ -96,7 +96,7 @@ jobs:
                   done
                 done
             - name: Upload to artifacts
-              uses: actions/upload-artifact@v2
+              uses: actions/upload-artifact@v4
               with:
                 name: releases
                 path: releases/*.zip
@@ -106,7 +106,7 @@ jobs:
         runs-on: ubuntu-latest
         needs: package
         steps:
-            - uses: actions/download-artifact@v2
+            - uses: actions/download-artifact@v4
               with:
                 name: releases
                 path: releases/

controllers/api/user.go

@@ -109,6 +109,7 @@ func (as *Server) Users(w http.ResponseWriter, r *http.Request) {
 			Role:                   role,
 			RoleID:                 role.ID,
 			PasswordChangeRequired: ur.PasswordChangeRequired,
+			AccountLocked:          ur.AccountLocked,
 		}
 		err = models.PutUser(&user)
 		if err != nil {

imap/monitor.go

@@ -115,8 +115,8 @@ func (im *Monitor) Shutdown() error {
 	return nil
 }
 
-// checkForNewEmails logs into an IMAP account and checks unread emails
-//  for the rid campaign identifier.
+// checkForNewEmails logs into an IMAP account and checks unread emails for the
+// rid campaign identifier.
 func checkForNewEmails(im models.IMAP) {
 	im.Host = im.Host + ":" + strconv.Itoa(int(im.Port)) // Append port
 	mailServer := Mailbox{