Releases: snipe/snipe-it
v7.0.10
Caution
Snipe-IT now requires PHP 8.1.2 or greater
Hey everyone!
While this is just a point release, we're really excited for this one. We've a bunch of small bug fixes, but also added some UX sugar that we think will make everyone's workflows a little bit easier. You can now decide where you want to go after creating, editing, or checking in/out a first class object (Assets, Accessories, Licenses, Users, etc). You can also now check out more than one accessory at a time, if that's a thing that comes up in your workflow.
Also: If your table listings text ("Showing x of y pages") defaulted to Chinese, this release handles that (via #15133).
We've been doing a ton of under the hood stuff that won't seem very obvious as users, but it puts us in a much better position to move more quickly on a lot of things.
Another important technical note: this release mitigates a difficult to exploit but possible attack. If someone had access to your APP_KEY, it was possible to perform an RCE attack. We mitigated this by disabling cookie serialization, but I'd still argue that if someone has your APP_KEY, you're going to have a bad time in a bunch of other ways, so this is just a gentle reminder than your APP_KEY should never, ever be shared with anyone, for any reason, and you should never use the default APP_KEY values we have in some of our example env files. If you have encrypted custom fields and need to roll your APP_KEY because you feel it could have been compromised, we have a cli utility to handle that.
Next up: Custom fields for users, and the ability to check out accessories to assets and locations.
What's Changed
- Adds a command to resend acceptance emails by @Godmartinz in #14722
- Allow setting a prefix for Livewire's update and asset urls by @marcusmoore in #15073
- Fixed #10224: fix route names for optimize command by @dbakan in #15082
- Fixed #15094 - wrong translation string for model on checkout by @snipe in #15099
- Small layout tweaks to oauth page by @snipe in #15085
- Fixed #15067 - updated ldap sync locale to use
app()->getLocale()by @snipe in #15084 - Fixed: Missing Translation on a Tooltip by @akemidx in #15075
- Added EULAs in print user's assets by @mauro-miatello in #15088
- Checkout multiple of an accessory in one checkout by @snipe in #15114
- Improved Docker environment settings: implement
PHP_UPLOAD_LIMITfor Alpine images by @r-xyz in #15115 - Fixed a coupled test namespaces by @marcusmoore in #15110
- More localizations by @snipe in #15101
- Updated language strings by @snipe in #15120
- Added #14426: Makes all Manufacturer links dynamic, not just warranty lookup by @DrekiDegga in #14530
- Fixed #15121 - bulk delete restore logging by @snipe in #15122
- Added tests for bulk asset deletion and restore by @snipe in #15123
- Fixed use statement for Crypt in the importer, removed unused statements by @snipe in #15124
- Show existing images on user edit page by @snipe in #15125
- Fixes #15076 - Removes ability to remove the default avatar from disk by @snipe in #15127
- Nicer consumables layout by @snipe in #15128
- Hides the “Disable Other Login Mechanisms” if remote user option isn't checked by @snipe in #15132
- Load the english file again in case BS table doesn’t have a translation by @snipe in #15133
- [Snyk] Upgrade bootstrap-table from 1.22.5 to 1.23.0 #15131 by @snipe in #15134
- Updated translations by @snipe in #15144
- Switch to nb-NO from no-NO for Norwegian by @snipe in #15143
- Fix setup ssl check by @uberbrady in #15147
- Add Form Request and Tests for Update Asset API Method by @spencerrlongg in #14458
- Remove cookie serialization by @snipe in #15136
- Fixed start_date and end_date in user importer by @marcusmoore in #15148
- Fixed: Requiredness Check Bug by @spencerrlongg in #15149
- Fixed env var for backup config - related to #14964 by @snipe in #15153
- Fixes #15103 - Added EOL and audit into to user profile assets by @snipe in #15154
- Switch dockerfile to using php8.2 instead of 8.1 due to Alpine changes by @uberbrady in #15155
- [Snyk] Security upgrade alpine from 3.18.6 to 3.19 by @snipe in #15151
- Cleaned up UI on asset view by @snipe in #15158
- Allow cloning of deleted assets by @snipe in #15160
- Fixes 500 when depreciation is active but no purchase date by @snipe in #15161
- Added assets endpoint for locations by @snipe in #15162
- Registered custom anonymous blade component directory by @marcusmoore in #15150
- Improve restore sanitization - Fixes [sc-24840] by @uberbrady in #15168
- Create intermediate directories on restore if needed - Fixes [SC-25950] by @uberbrady in #15169
- Use blade component for submit redirect on asset edit/create by @snipe in #15172
- Dynamically iterate through the skin listing to build skins by @uberbrady in #15170
- Use the
pwd_secure_minvalue (plus 5) for generated password by @snipe in #15187
New Contributors
- @dbakan made their first contribution in #15082
- @r-xyz made their first contribution in #15115
- @DrekiDegga made their first contribution in #14530
Full Changelog: v7.0.9...v7.0.10
Contributors
Assets 2
v7.0.9
Caution
Snipe-IT now requires PHP 8.1.2 or greater
Another small patch release which largely handles missing translations and the some refinements on the upgrade.php script to make upgrading a little smoother, and added a boatload more automated tests. We also tightened up some queries on the consumables side, so hopefully those with much larger data sets for consumables will notice speedier load times there.
Additionally, we identified and fixed an issue where in some circumstances, custom field data could be lost when auditing an asset, and we also added better history tracking for consumables.
What's Changed
- General cleanup - Docblock fixes, adding type hinting, added tests, added asset model form validator by @snipe in #15029
- Fixed API key missing translations by @snipe in #15055
- Fixed missing print user assigned filter by @Godmartinz in #15059
- Fixes Potential Exception by @spencerrlongg in #15057
upgrade.php: More helpful output when we can't read.upgrade_requirements.jsonby @jerm in #15051upgrade.php: If we're on windows, make sure we can load intermediate certificates by @jerm in #15052- Small consumables optimizations by @snipe in #15071
- Fixed inconsistent attributes order in Print All Assigned report by @FlorentDotMe in #15069
New Contributors
- @FlorentDotMe made their first contribution in #15069
Full Changelog: v7.0.8...v7.0.9
Contributors
Assets 2
v7.0.8
Caution
Snipe-IT now requires PHP 8.1.2 or greater
Happy Monday, nerds! This release fixes some missing translations, adds some improvements for merging users, fixes a bug where custom field data could be lost when auditing under certain conditions, and also adds some query optimizations for speed. Enjoy!
What's Changed
- Added missing translations by @snipe in #15010
- Removed non-counts from allowed array by @snipe in #15021
- Resolved Potential Issue when Deleting Personal Access Tokens by @spencerrlongg in #15022
- Fixed #15005 - Improvements on user merge by @snipe in #15016
- Added files column to bulk user delete, optimized queries by @snipe in #15023
- Upgrade webpack from 5.91.0 to 5.92.0 #15008 by @snipe in #15025
- Added #15015 - ability for admins to select default avatar by @snipe in #15027
- Fixed #15037 - Removed custom fieldsets on auditing - it’s not used (yet) by @snipe in #15043
- Snyk - Updated jquery validation by @snipe in #15045
- Added localization for bootstrap-tables by @snipe in #15046
Full Changelog: v7.0.7...v7.0.8
Contributors
Assets 2
v7.0.7
Caution
Snipe-IT now requires PHP 8.1.2 or greater
Happy Tuesday! This point release handles the unusual (but possible) use-case where the language in APP_LOCALE had not been updated correctly to use the four/five letter ISO code and was still using the two-letter code, so users might have seen issues with translation strings related to FALLBACK_APP_LOCALE. This also fixes the upgrade script where the requirements checks would fail if you did not have gd installed, but you do have Imagemagick installed. Plus, a new label template for endless 62mm Brother printer rolls!
What's Changed
- Updated Livewire to v3 by @marcusmoore in #14831
- Check that the user exists before trying to fill the request by @snipe in #14982
- Fixed #14976, #14975, #14973 - Translation strings aren't always working by @uberbrady in #14981
- Removed "Edit Your Profile" button from View Assets page if user is not able to edit their profile by @marcusmoore in #14999
- Added links on user table to tabs on show user page by @marcusmoore in #15001
- Fixed extension requirement checking in upgrade script by @marcusmoore in #14986
- Use more modern reference for input text by @snipe in #14983
- Add Label Template: Use with endless 62mm Brother printer rolls by @Galaxy102 in #14870
New Contributors
- @Galaxy102 made their first contribution in #14870
Full Changelog: v7.0.6...v7.0.7
Contributors
Assets 2
v7.0.6
Caution
Snipe-IT now requires PHP 8.1.2 or greater
This is a small point release that should handle a few translation issues as well as fixing some configuration issues for docker users and users behind a reverse proxy server using SAML.
What's Changed
- Added avif to translation string by @snipe in #14963
- Fixes #14968 - translate forbidden page by @snipe in #14971
- Fixed importer table background color by @Godmartinz in #14966
- Fixed #14895 and #14919 - set SAML
baseurlto a sensible default for docker users and users behind a reverse proxy by @uberbrady in #14974
Full Changelog: v7.0.5...v7.0.6
Contributors
Assets 2
v7.0.5
Caution
Snipe-IT now requires PHP 8.1.2 or greater
This release largely handles some translation issues (especially related to backup notification emails), a few small importer issues related to date importing, and a bunch of additional automated tests. We also added the feature of being able to disallow your users to edit their profiles at all (via Admin > General Settings), and fixed an issue around the ability to delete users.
What's Changed
- Fixed importer audit date validation issue by @snipe in #14908
- Fixed backup notification translations by @snipe in #14920
- Added
lastname.firstnameas email format by @snipe in #14921 - Add storage path permissions test by @bryanlopezinc in #14912
- Added some style changes in label field selector for the
DefaultLabeltemplate by @Godmartinz in #14791 - Fixed incorrect translation path for edit profile confirmation message by @snipe in #14922
- Updated language strings by @snipe in #14923
- Fixed small deprecation warnings for PHP8.2 by @snipe in #14932
- Possible fix for #14915 - error on import when status label is not provided and no deployable statuses can be found by @snipe in #14924
- Added php 8.3 test by @snipe in #14934
- Fixed #14935 - improvements and more tests around user deletion by @snipe in #14937
- Updated PHPunit by @snipe in #14941
- Check that there is a depreciation date before formatting by @snipe in #14949
- Bump docker/build-push-action from 5 to 6 by @dependabot in #14947
- Updated translations by @snipe in #14950
- Additional translation strings by @snipe in #14925
- Added ability to disallow profile editing by @snipe in #14951
Full Changelog: v7.0.4...v7.0.5
Contributors
Assets 2
v7.0.4
Caution
Snipe-IT now requires PHP 8.1 or greater
This release just addresses some small issues for folks behind reverse proxies and fixes a few small bits for folks on PHP 8.1.x that would have only have had issues if they pulled from master within the past 24 hours.
What's Changed
- Prefaced fields with “users” for clarity by @snipe in #14893
- Fixed #14882 - Properly scope archived based on settings by @snipe in #14894
- Fixed #14898 - (regression) Reverted debugbar back into require vs require-dev by @snipe in #14899
- Fixed unable to install on PHP 8.1 by @marcusmoore in #14900
- Possible fix for proxy/reverse proxy by @snipe in #14896
Full Changelog: v7.0.3...v7.0.4
Contributors
Assets 2
v7.0.3
Caution
Snipe-IT now requires PHP 8.1 or greater
If you happen to be running Snipe-IT over a reverse-proxy and when you upgrade, your CSS does not load, try setting APP_FORCE_TLS=true in your .env.
What's Changed
- Fixed missing
}by @marcusmoore in #14884 - Added more tests around Asset Model by @marcusmoore in #14885
- Fixed namespace for ViewUserTest by @marcusmoore in #14887
- Bumped debugbar from v3.13.0 to v3.13.5 to fix issue with session messages by @marcusmoore in #14886
Full Changelog: v7.0.2...v7.0.3
Contributors
Assets 2
v7.0.2
Caution
Snipe-IT now requires PHP 8.1 or greater
Quick fix release for a backup notification issue, and also cleaned up some really small layout glitches.
If you happen to be running Snipe-IT over a reverse-proxy and when you upgrade, your CSS does not load, try setting APP_FORCE_TLS=true in your .env.
What's Changed
- Fixed small footer issues by @snipe in #14876
- Updated spatie backup notification config class names by @snipe in #14877
- Fixed weird layout in admin oauth [sc-25673] by @snipe in #14879
Full Changelog: v7.0.1...v7.0.2
Contributors
Assets 2
v7.0.1
Caution
Snipe-IT now requires PHP 8.1 or greater
There's always one, isn't there :)
This fixes a framework compatibility issue we missed that no longer uses the static Request::has() facade, and adds some tests to make sure we don't miss that in the future.
If you happen to be running Snipe-IT over a reverse-proxy and when you upgrade, your CSS does not load, try setting APP_FORCE_TLS=true in your .env.