diff --git a/.github/workflows/development.yml b/.github/workflows/development.yml
index da2880b5..005550d0 100644
--- a/.github/workflows/development.yml
+++ b/.github/workflows/development.yml
@@ -11,7 +11,7 @@ jobs:
     runs-on: ${{ matrix.os }}
     strategy:
       matrix:
-        go: [1.14]
+        go: [1.15]
         os: [ubuntu-latest, macos-latest]
         upload-coverage: [true]
         include:
@@ -19,6 +19,9 @@ jobs:
             os: ubuntu-latest
             upload-coverage: false
           - go: 1.14
+            os: ubuntu-latest
+            upload-coverage: false
+          - go: 1.15
             os: windows-latest
             upload-coverage: false
 
@@ -142,7 +145,7 @@ jobs:
       - name: Set up Go
         uses: actions/setup-go@v2
         with:
-          go-version: 1.14
+          go-version: 1.15
 
       - name: Build
         run: go build -ldflags "-s -w -X github.com/drakkan/sftpgo/version.commit=`git describe --always --dirty` -X github.com/drakkan/sftpgo/version.date=`date -u +%FT%TZ`" -o sftpgo
@@ -179,4 +182,4 @@ jobs:
       - name: Run golangci-lint
         uses: golangci/golangci-lint-action@v1
         with:
-          version: v1.29
+          version: v1.30
diff --git a/.github/workflows/release.yml b/.github/workflows/release.yml
index 9d476c01..5f6be8e8 100644
--- a/.github/workflows/release.yml
+++ b/.github/workflows/release.yml
@@ -5,7 +5,7 @@ on:
     tags: 'v*'
 
 env:
-  GO_VERSION: 1.14
+  GO_VERSION: 1.15
 
 jobs:
   create-release:
diff --git a/docs/external-auth.md b/docs/external-auth.md
index e146df92..bebfc89d 100644
--- a/docs/external-auth.md
+++ b/docs/external-auth.md
@@ -26,7 +26,7 @@ If the hook is an HTTP URL then it will be invoked as HTTP POST. The request bod
 If authentication succeed the HTTP response code must be 200 and the response body a valid SFTPGo user serialized as JSON. If the authentication fails the HTTP response code must be != 200 or the response body must be empty.
 
 If the authentication succeeds, the user will be automatically added/updated inside the defined data provider. Actions defined for users added/updated will not be executed in this case.
-The external hook should check authentication only. If there are login restrictions such as user disabled, expired, or login allowed only from specific IP addresses, it is enough to populate the matching user fields, and these conditions will be checked in the same way as for built-in users.
+
 The program hook must finish within 30 seconds, the HTTP hook timeout will use the global configuration for HTTP clients.
 
 This method is slower than built-in authentication, but it's very flexible as anyone can easily write his own authentication hooks.