Merge with base #2
Open
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This commit significantly improves the performance of campaign and group creation by changing database access to use transactions. It should also make things more consistent with campaign creation. Specifically, this will ensure that the entire campaign gets created before emails start sending, while I anticipate this will fix #1643, #1080, (possibly) #1677, and #1552.
…LS 1.2 as the minimum TLS version. This addresses #1691 and #1689. I am making this change since Microsoft, Google, and Apple have all chosen to deprecate TLS 1.0 and TLS 1.1 in early 2020. In late 2018, the companies recorded that less than 1.4 percent (max) of their connections used < TLS 1.2. Output before change: ``` docker run --rm -ti -p 3333:3333 drwetter/testssl.sh https://host.docker.internal:3333 Testing protocols via sockets except NPN+ALPN SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 offered (deprecated) TLS 1.1 offered (deprecated) TLS 1.2 offered (OK) TLS 1.3 offered (OK): final NPN/SPDY h2, http/1.1 (advertised) ALPN/HTTP2 h2, http/1.1 (offered) ``` Output after change: ``` docker run --rm -ti -p 3333:3333 drwetter/testssl.sh https://host.docker.internal:3333 Testing protocols via sockets except NPN+ALPN SSLv2 not offered (OK) SSLv3 not offered (OK) TLS 1 not offered TLS 1.1 not offered TLS 1.2 offered (OK) TLS 1.3 offered (OK): final NPN/SPDY h2, http/1.1 (advertised) ALPN/HTTP2 h2, http/1.1 (offered) ```
It appears that the MySQL driver dropped support for Go 1.9. Until we have vendoring in place (will happen soon!) we must follow suit and drop support for Go v1.9. This still allows us to support the latest three versions of Go.
Adds support for managing outgoing webhooks. Closes #1602
- Ran gofmt - Rebuilt minified static files - Updated validation payload
Get send_by_date field when query on GetCampaignSummary and GetCampaignSummaries
As mentioned in #1702, the query in `insertTargetIntoGroup` isn't needed, since both instances where it's used we already know that the target isn't in the group. This means it's safe to remove that query, improving performance dramatically. Before: ``` BenchmarkPostGroup100-4 81 12629754 ns/op 2989993 B/op 52918 allocs/op BenchmarkPostGroup1000-4 6 189527792 ns/op 29891818 B/op 528082 allocs/op BenchmarkPostGroup10000-4 1 6203645806 ns/op 299253648 B/op 5282859 allocs/op BenchmarkPutGroup100-4 100 10221833 ns/op 2589165 B/op 46078 allocs/op BenchmarkPutGroup1000-4 7 162692432 ns/op 25812440 B/op 458425 allocs/op BenchmarkPutGroup10000-4 1 7596445084 ns/op 260385808 B/op 4581569 allocs/op ``` After: ``` BenchmarkPostGroup100-4 133 8848973 ns/op 2354605 B/op 42322 allocs/op BenchmarkPostGroup1000-4 9 112557410 ns/op 23549206 B/op 422184 allocs/op BenchmarkPostGroup10000-4 1 3414209403 ns/op 235635952 B/op 4222090 allocs/op BenchmarkPutGroup100-4 147 8094333 ns/op 2271297 B/op 40777 allocs/op BenchmarkPutGroup1000-4 9 125092124 ns/op 22635067 B/op 405421 allocs/op BenchmarkPutGroup10000-4 1 5712591900 ns/op 228592920 B/op 4051316 allocs/op ```
* Added ParseLevel to set log level (#1671) * Moved logger config into the logger package for better decoupling. Added logging tests. Co-authored-by: Amal Alkhamees <[email protected]>
Initial support of managing reporting through IMAP. Co-Authored-By: Jordan Wright <[email protected]>
…tname+port when validating certificates. Fixes #1709
The Readme currently points to https://hub.docker.com/r/matteoggl/gophish/ which is a Docker image that hasn't been updated in over 2 years. This PR updates the Readme link to point to a more current Docker Image.
This PR enabled GitHub Actions as a replacement to TravisCI. I'm a fan of removing external dependencies where possible, and GitHub Actions has matured to be really useful.
Adding the ability to cache campaigns on maillogs to greatly improve generation time (and, by extension, sending speed and memory usage).
The timeline_series_data variable is created twice before using it. This resolves that.
After calls to get Template, Page, and SMTP, if the objects aren't found then we're currently trying to display error message using the name values of the non objects. This changes this behavior such that we use the name values from the campaign object to give better log messages.
Bumps [acorn](https://github.com/acornjs/acorn) from 6.1.1 to 6.4.1. - [Release notes](https://github.com/acornjs/acorn/releases) - [Commits](acornjs/acorn@6.1.1...6.4.1) Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
This commit adds the ability to mark a result as reported directly from the campaign results view.
Bumps [copy-props](https://github.com/gulpjs/copy-props) from 2.0.4 to 2.0.5. - [Release notes](https://github.com/gulpjs/copy-props/releases) - [Changelog](https://github.com/gulpjs/copy-props/blob/master/CHANGELOG.md) - [Commits](gulpjs/copy-props@2.0.4...2.0.5) --- updated-dependencies: - dependency-name: copy-props dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Bumps [minimist](https://github.com/substack/minimist) from 1.2.0 to 1.2.5. - [Release notes](https://github.com/substack/minimist/releases) - [Commits](https://github.com/substack/minimist/compare/1.2.0...1.2.5) --- updated-dependencies: - dependency-name: minimist dependency-type: indirect ... Signed-off-by: dependabot[bot] <[email protected]> Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
* Adds the ability to specify an envelope sender in templates (#986) Authored-by: ChessSpider <[email protected]> Authored-by: Olivier MEDOC <[email protected]> Authored-by: ptitdoc <[email protected]>
Embed or attach files based on their file extension: * Set 'Content-Disposition: inline' for images * Set 'Content-Disposition: attachment' for other files
Updated installation command
Enables the user to add addresses that they expect incoming connections to come from. Helpful in cases where TLS termination is handled by a load balancer upstream, rather than the application itself.
Clear the selection of resource (template, page, profile) whenever the original resource is deleted and there is only one currently available resource present in the DB while copying a campaign. Without this fix, the only available resource is shown as the original resource, instead of showing [Deleted].
There were new records with name '[Deleted]' being added when a campaign was completed. This used to happen when the resource associated with a campaign (template, page, profile) was deleted before marking the campaign as completed. The save gorm call used to upsert these values and ended up adding rogue records.
…2669) Co-authored-by: Thomas Castronovo <[email protected]>
The ca-certificates package is necessary for Gophish to connect to webhooks using HTTPS.
Adding environment variable DB_NAME to run.sh so that Gophish Container can be set up with mysql/mariadb. db_name has to be changed in config to mysql for mysql connection to work.
Properly enforce account locks when new users are created --------- Co-authored-by: Caetan Tojeiro Carpente <[email protected]>
This PR: * Updates the versions of various actions used by the CI and release workflows * Updates the release workflow to use Go version 1.22 * Updates the test matrix to use Go versions 1.21, 1.22, and 1.23 It also updates the CI workflow to run when pull requests are created or changed. This will help give feedback when formatting or tests are broken during a PR. As a good example of why this is useful, you'll see that I needed to run `gofmt` to get this to pass! We should have caught that earlier and now we'll catch it moving forward.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
No description provided.