Releases: snipe/snipe-it
v7.0.0
Caution
Snipe-IT now requires PHP 8.1 or greater
It's here it's here! The long-awaited v7 is out. While this is largely a framework-level upgrade, you should see some performance improvements and bug fixes throughout. We've also added the ability to determine where you get redirected after a checkout and checkin for assets, and we'll be adding more of that functionality in the future.
If you happen to be running Snipe-IT over a reverse-proxy and when you upgrade, your CSS does not load, try setting APP_FORCE_TLS=true
in your .env
.
What's Changed
- Updated Node version, and various packages to more recent by @uberbrady in #12956
- Fix webpack for v7 by @uberbrady in #12957
- Fixed the bulk edit button on Asset tab by @Godmartinz in #13763
- Fixed GitHub Action tests for v7 by @marcusmoore in #13864
- Fixed the
getExpiringLicenses
query by @Godmartinz in #13764 - Added user location scope by @Godmartinz in #13879
- Convert Vue Personal Access Tokens to Livewire by @spencerrlongg in #13888
- Fix client side validation in the v7 branch by @marcusmoore in #13882
- Last Vue Components by @spencerrlongg in #14024
- Removed unused files in assets directory by @marcusmoore in #14063
- Update snipeit.sh for v7 Requirements by @jerm in #14105
- Add php version requirements file for future-proofing upgrades by @jerm in #14127
- Add remote requirements checking to upgrade.php by @jerm in #14128
- Fixed test by removing non-existent trait by @marcusmoore in #14762
- Improved translations by @snipe in #14767
- Changed icon, added translation by @snipe in #14766
- Added tests around asset checkout by @marcusmoore in #14755
- Add index to 'parent_id' for users with large number of locations by @uberbrady in #14770
- Pass accessory's currency if set by location by @snipe in #14773
- Fixed #14771: improvements to groups API by @snipe in #14775
- Reports controller query optimizations by @snipe in #14777
- Fixed Array to string conversion exception in group create api endpoint by @marcusmoore in #14779
- Fixed sqlite tests in GitHub Actions by @marcusmoore in #14780
- Reduce IDE errors in
App\Http\Controllers\SettingsController
by @bryanlopezinc in #14782 - Allows Snipe-ITv7 to install on PHPv8.1-8.3 by @uberbrady in #14778
- Fixed deprecation warning on category test by @snipe in #14783
- Update mailer configurations for Symfony mailer by @jerm in #14349
- Removed extra div from User Details. by @Godmartinz in #14754
- Fixed/updated facade paths by @snipe in #14785
- #14743 - Upgrade bootstrap-table from 1.22.3 to 1.22.5 by @snipe in #14786
- Fixes path for redirect response by @snipe in #14787
- Updated jquery-UI by @snipe in #14788
- Fixed #14781 - Fixed broken wrench icon on some browsers in manufacturer section by @snipe in #14789
- Bulk Consumable Checkout by @ak-piracha in #13062
- Upgraded papaparse by @snipe in #14795
- Upgraded axios by @snipe in #14796
- Added: Export User Permissions (Superuser & Admin) by @akemidx in #14614
- Added Redirect options to asset check in/out by @Godmartinz in #14740
- Fixed checkin option from appearing by @Godmartinz in #14798
- Removed unused Livewire component by @marcusmoore in #14799
- Added test for setup page by @bryanlopezinc in #14797
- Small UI tweaks and redirects when asset model is invalid by @snipe in #14808
- Added a few more tests by @snipe in #14809
- Fixes #14815 - Fixed translation string by @snipe in #14817
- Bump crowdin/github-action from 1 to 2 by @dependabot in #14814
- Added logo support for Brother TZe24mm labels by @U-H-T in #14758
- Fixed correct signature image for s3 bucket by @fe80 in #14827
- Re-organized test suite by @marcusmoore in #14825
- Fixed select 2 Behavior by @Godmartinz in #14824
- Updated strings by @snipe in #14819
- Don't save next autoincrement base if it's going to fail, next by @uberbrady in #14816
- Added test for .env visibility for setup page by @bryanlopezinc in #14807
- Added missing class Illuminate\Support\Facades… by @fe80 in #14828
- Fixed #14812 - added consumables to individual inventory report by @snipe in #14832
- Fixed label preview window position by @Godmartinz in #14842
- Better validation for relations on delete by @snipe in #14830
- Optimization for listings of large numbers of users by @uberbrady in #14847
- Added GitHub workflow for tests in Postgres by @marcusmoore in #14843
- Added test for app url config by @bryanlopezinc in #14834
- Added #9413: Asset file upload from API by @Scarzy in #14698
- Allow CompanyableTrait trait on users by @snipe in #14801
- Importer tweaks by @snipe in #14800
- Moved
AssetFilesTest
by @marcusmoore in #14871 - Added Proper Docker Compose and .env.docker-setup files by @phil-flip in #14724
New Contributors
- @bryanlopezinc made their first contribution in #14782
- @U-H-T made their first contribution in #14758
- @Scarzy made their first contribution in #14698
- @phil-flip made their first contribution in #14724
Full Changelog: v6.4.2...v7.0.0
v7.0.0-pre
Caution
This is a PRE-RELEASE and should NOT be used in production!
It's finally happening! The develop
branch for Snipe-IT is now the pre-release of Snipe-IT v7.0.0. As we continue testing, we expect some additional changes and fixes to come (and a bunch of documentation fixes). Remember that this version WILL NOT WORK on versions of PHP under 8.1 - and also that while this is not a feature-free release, the primary goal for v7 was to upgrade the framework so we can start to tackle some of the bigger things we've wanted to work on for a while.
If you need to report bugs in this branch, please be sure to mention v7
in the title.
What's Changed
- Updated Node version, and various packages to more recent by @uberbrady in #12956
- Fix webpack for v7 by @uberbrady in #12957
- Snipeit v7 merge develop 05 01 2022 by @uberbrady in #12958
- fixed the bulk edit button on Asset tab by @Godmartinz in #13763
- Fixed GitHub Action tests for v7 by @marcusmoore in #13864
- Fixed the
getExpiringLicenses
query by @Godmartinz in #13764 - added user location scope by @Godmartinz in #13879
- Convert Vue Personal Access Tokens to Livewire by @spencerrlongg in #13888
- Fix client side validation in the v7 branch by @marcusmoore in #13882
- Last Vue Components by @spencerrlongg in #14024
- Removed unused files in assets directory by @marcusmoore in #14063
- Update snipeit.sh for v7 Requirements by @jerm in #14105
- Add php version requirements file for future-proofing upgrades by @jerm in #14127
- Add remote requirements checking to upgrade.php by @jerm in #14128
- Fixed Labels: bulk actions are handled before sorting by @Godmartinz in #14375
- Added route parameter by @snipe in #14372
- Upgrade jspdf-autotable from 3.8.1 to 3.8.2 #14365 by @snipe in #14378
- Fixed 1dbarcodes to populate based on settings by @Godmartinz in #14380
- Adds User email check when sending Asset acceptance reminder by @Godmartinz in #14371
- Fixes CVE-2024-27354 and CVE-2024-27355 in phpseclib/phpseclib by @joelpittet in #14370
- Default label setup with custom fields by @Godmartinz in #14320
- Fix #13515: Cannot restore backup by @chandanchowdhury in #14379
- Added console command to encrypt previously unencrypted fields by @snipe in #14385
- Fixed attempting to run bulk actions on an empty asset collection by @marcusmoore in #14388
- old engine works as intended by @Godmartinz in #14389
- Removed unneeded validation message by @snipe in #14392
- Guard against checking require acceptance on non-existent relationship in accessory model by @marcusmoore in #14393
- Ensure Chat and Teams endpoints are not blank before attempting to send webhook on checkout and check in by @marcusmoore in #14394
- Updated language strings, added Somali by @snipe in #14400
- Fixed uninitialized string offset error in labels in new label engine when field label was blank by @snipe in #14404
- Fixed checkout_date for licenses on print all assigned for users by @snipe in #14407
- Fixed deprecation warning on
strtoupper()
by @snipe in #14413 - Fixed requestable search API by @snipe in #14430
- Removes the unused
mediconesystems/livewire-datatables
package by @marcusmoore in #14427 - Fixed z-index of date-picker by @Godmartinz in #14415
- Fix [sc-25008] - correct and improve legacy language warnings by @uberbrady in #14401
- Removed dead test code by @marcusmoore in #14437
- Hide/Show ecnrypted values when click on the lock icon by @mauro-miatello in #14406
- Organized notification test cases by @marcusmoore in #14436
- Make sure the category is still valid before displaying on view assets by @snipe in #14445
- Add additional options to print all assigned view by @snipe in #14447
- Fixed Bulk delete locations bug by @Godmartinz in #14457
- [Snyk] Upgrade bootstrap-table from 1.22.2 to 1.22.3 #14455 by @snipe in #14461
- Wider country dropdown by @snipe in #14462
- Added #14460 add avif format by @snipe in #14465
- Added default location to print all assigned by @snipe in #14468
- Added "toggle all" to column selector by @snipe in #14464
- Removed the need to add
InteractsWithSettings
to each test case by @marcusmoore in #14438 - Adds a minimal amount of validation around asset_tags in AssetsController by @marcusmoore in #14421
- Added 2FA reset log entry by @snipe in #14469
- Use
htmlentities()
instead ofhtmlspecialcharacters()
on Custom Field Listbox Values by @spencerrlongg in #14089 - Added validation for last_audit_date and next_audit_date by @snipe in #14472
- Created Dymo LabelWriter Label 2112283 by @PP-JN-RL in #14485
- Fixes
last_audit_date
not being stored via API correctly by @marcusmoore in #14486 - Handle badly formatted
last_audit_date
inStoreAssetRequest
by @marcusmoore in #14488 - Fixed #14482 - bad method call model restore from view by @snipe in #14490
- Added Dymo Labelwriter 1933081 by @PP-JN-RL in #14491
- Fixed #14483 - Added deeplinking to search/sort/pagination by @snipe in #14492
- Added supplier details to license view by @snipe in #14494
- Fixed #14495 - Allow user_id to be passed to limit to only specific admins by @snipe in #14498
- Add new validator for custom field checkboxes and fix asset model default updates by @spencerrlongg in #14369
- Added validation around
pwd_secure_complexity
by @marcusmoore in #14502 - Added ability to filter in user's assigned assets by category ID and model ID by @snipe in #14509
- [Snyk] Upgrade alpinejs from 3.13.5 to 3.13.6 by @snipe in #14510
- Updated translations by @snipe in #14514
- Last Checkin Date added to Hardware View and Index by @akemidx in #14262
- Added signature to user print report for Accessories and Consumables by @Godmartinz in #14500
- Fixes #14289: /reports/activity API endpoint returns too many results due to orwhere by @squintfox in #14515
- Fixed sorting on last checkin assets api by @snipe in #14516
- Check that the array key exists in the label engine by @snipe in #14517
- Downgrade alpine to 3.13.5 by @snipe in #14518
- Default Locale value changed to en-US by @akemidx in #14456
- fixes z-index of table load by @Godmartinz in #14520
- Fixed ambiguous id clause in custom report by @snipe in #14551
- Redirect on checkin if the asset is already checked in by @snipe in #14552
- Fixed alignment of dropdown menu for user in nav bar by @Godmartinz in #14547
- Hide/Show encrypted values in hardware list by @mauro-miatello in #14529
- Fixed ldap location syncing incorrect locations for users. by @Godmartinz in #14559
- Added audit dates to label options by @Godmartinz in #14557
- Remove city as required field on location modal by @snipe in #14567
- Reduce Extra Space in Header Dropdown by @akemidx in #14582
- Fixed: Header Dropdown Menus had no hover coloring in dark themes by @akemidx in #14558
- Upgraded ...
v6.4.2
Caution
The NEXT MAJOR release of Snipe-IT (v7.0.0) will require PHP 8.1 or greater
As we wrap it all up for v7 (which you can preview on the snipeit_v7_laravel10
branch, we knew there would be a few more things we needed to handle. Most of these are small bugfixes (that have already been merged into the v7 branch) but we also came across some security issues that we wanted to patch as we close off the v6 line. Users are encouraged to upgrade to v6.4.2 - and of course, encouraged to make sure your servers are ready for v7 with PHP8.1.
What's Changed
- Bulk Edit Tests and Tweaks by @spencerrlongg in #14707
- Fixed user assets not updating when a user changes location by @Godmartinz in #14474
- Updated alpine to the latest version (3.13.10) by @marcusmoore in #14700
- Added security.txt file by @snipe in #14725
- Adds a note text area to asset acceptances/declines by @Godmartinz in #14451
- Only attempt to decrypt custom fields in activity log if the value is not empty by @snipe in #14728
- Added next audit date to assets form by @snipe in #14719
- Sets purchase date as date (versus datetime) in labels by @snipe in #14729
- Updated translations by @snipe in #14730
- Fixed #14664 - allow additional urls in env for CSP by @snipe in #14731
- Small translation additions by @snipe in #14736
- removed extra div tags by @Godmartinz in #14741
- Refactor group syncing on user edit API endpoint by @snipe in #14745
- Fixed #12299: permissions on storage dir in Docker (rebased) by @uberbrady in #14751
- Nicer handling of erroring when filename+log do not match by @snipe in #14752
- Added exif to required extensions by @snipe in #14753
Full Changelog: v6.4.1...v6.4.2
v6.4.1
Caution
The NEXT major release of Snipe-IT (v7.0.0) will require PHP 8.1 or greater
Hi folks - happy Monday! This is just tiny release to handle a few small remaining bug fixes as we head into v7.
The current working v7 branch will be merged into the existing develop branch within the week, and will then be available on the https://develop.snipeitapp.com demo link.
This update fixes a small issue with notifications and also optimizes some of the queries that populate the sidebar that could have slowed things down for folks with a lot of assets.
What's Changed
- Load settings in
SendUpcomingAuditReport
command by @marcusmoore in #14690 - Fixes #14692 - set default variables for sidebar totals by @snipe in #14693
- Fixes #14701 - wrong total asset count by @Toreg87 in #14702
- Fixed UI where delete button was not disabled even if the user couldn't be deleted by @snipe in #14697
- Fix memory-hog query in AssetCountForSidebar middleware by @jerm in #14711
- Bump codacy/codacy-analysis-cli-action from 4.4.0 to 4.4.1 by @dependabot in #14715
Full Changelog: v6.4.0...v6.4.1
v6.4.0
Caution
The NEXT major release of Snipe-IT (v7.0.0) will require PHP 8.1 or greater
Happy Monday, friends! This is the final release of the v6 line of Snipe-IT. (I know, I know.)
If you're hosted with us, you'll have these changes in your hot little hands within a day or so. If you're not, please make sure to upgrade your version of Snipe-IT. But more importantly, please make sure you're running PHP 8.1.x+ before you try to upgrade again after this.
No breaking changes, just some small tweaks, a few added features, and a few bug fixes. We did have to address a potential (though very hard to exploit) permissions escalation issue, which is why we're making this 6.4.0 instead of a point release.
v7 has been a long time coming, but we're nearly there.
Thanks as always to our community contributors for their awesome work! <3
What's Changed
- Fixed z-index of table load by @Godmartinz in #14520
- Fixed ambiguous id clause in custom report by @snipe in #14551
- Redirect on checkin if the asset is already checked in by @snipe in #14552
- Fixed alignment of dropdown menu for user in nav bar by @Godmartinz in #14547
- Hide/Show encrypted values in hardware list by @mauro-miatello in #14529
- Fixed ldap location syncing incorrect locations for users. by @Godmartinz in #14559
- Added audit dates to label options by @Godmartinz in #14557
- Remove city as required field on location modal by @snipe in #14567
- Reduce Extra Space in Header Dropdown by @akemidx in #14582
- Fixed: Header Dropdown Menus had no hover coloring in dark themes by @akemidx in #14558
- Upgraded Signature-pad.js && Fixed Resizing Canvas on mobile by @Godmartinz in #14577
- Fixed assigned to field in new label engine by @marcusmoore in #14581
- Fixed department validation to allow updates by @Godmartinz in #13880
- Fixed label fields only showing first option by @marcusmoore in #14594
- First fix for user FMCS scoping by @snipe in #14591
- Added test cases around modifying user groups via api by @marcusmoore in #14613
- Feat: add no-interactive flag for
upgrade.php
by @Q4kK in #14578 - Fixed #14508: Added PDO::MYSQL_ATTR_SSL_VERIFY_SERVER_CERT options to database.php … by @jeffclay in #14511
- Fixed check-all button behaving inconsistently by @snipe in #14622
- Added
ico
,image/x-icon
,image/vnd.microsoft.icon
to favicon validation by @snipe in #14628 - Removed escaping on notes for file uploads by @snipe in #14630
- Added "select" option to top of data sources in new label engine by @marcusmoore in #14632
- Fixed dark theme button text coloring by @akemidx in #14616
- Re-enabled updating encrypted custom fields via API [sc-41465] by @uberbrady in #14602
- Left Sidebar Was Not Respecting Theme by @akemidx in #14608
- Removed encrypted fields from label options by @Godmartinz in #14499
- Added a License Export function and button by @Godmartinz in #14587
- Fixed
purchase_cost
not being allowed to be a string when creating asset via api by @marcusmoore in #14651 - Refactored due/overdue for audit, added due/overdue for checkin API endpoint and GUI by @snipe in #14655
- Added Brother 18mm label type by @snipe in #14391
- Improve RTL support by @mustafa-online in #14679
- Upgrade tecnickcom/tcpdf from version 6.7.4 to 6.7.5 to address the security vulnerability CVE-2024-22640 by @franceslui in #14661
- [Snyk] Upgrade alpinejs from 3.13.5 to 3.13.8 #14646 by @snipe in #14686
- Upgrade fontawesome from 6.5.1 to 6.5.2 by @snipe in #14687
- [Snyk] Upgrade tableexport.jquery.plugin from 1.28.0 to 1.30.0 #14656 by @snipe in #14688
- Capitalize
N
instead ofy
since no is default by @KorvinSzanto in #14689
New API Endpoints:
- Added the
/api/v1/hardware/checkins/due
and/api/v1/hardware/checkins/overdue
endpoints - Added the
/api/v1/hardware/checkins/due-or-overdue
and/api/v1/hardware/audits/due-or-overdue
endpoints
New Dev Documentation:
New Contributors
- @Q4kK made their first contribution in #14578
- @jeffclay made their first contribution in #14511
- @mustafa-online made their first contribution in #14679
- @franceslui made their first contribution in #14661
- @KorvinSzanto made their first contribution in #14689
Full Changelog: v6.3.4...v6.4.0
v6.3.4
Caution
The upcoming v7 release of Snipe-IT will require PHP 8.1 or greater
Happy Friday! Lots of fixes and improvements in this version. Here's the tldr;, with the full changelog below:
- Added Somali translation
- Fixed several label setting glitches
- Fixed some API scoping issues where results were not as constrained as they should have been when searching
- Added column selectors and signatures to the "print all assigned" page
- Added 2FA reset logging (this shows up as a separate action, not a normal user edit)
- Added AVIF as an accepted image format
- Added ability to "toggle all" columns in the list views on most pages
- Added the ability to "deep link" to search results in those list views
- Updated the documentation to reflect that the php exif library is required
Warning
Upcoming Breaking API change! In between the last release and this one, we also discovered that a change we made midway through releases broke the Jamf2Snipe integration for adding/updating assets. We had changed the "shape" of the asset response to be more consistent with how we present that JSON in other API responses - however in doing so, we broke some of the Jamf2Snipe capabilities. We've reverted that change for now, but in the next release, we'll be adding that change back and updating the Jamf2Snipe library to match that capability.
We are noticing in some of the translations in CrowdIn that some trans_choice()
translations are showing with a weird <unk>
symbol instead of the pipe (|
) symbol that the translations strings need in order to decide whether or not to pluralize a string. We've been fixing them as we find them, but if you see anything unusual, open an issue here or propose the change in our CrowdIn project.
What's Changed
- Updated language strings, added Somali by @snipe in #14400
- Fixed uninitialized string offset error in labels in new label engine when field label was blank by @snipe in #14404
- Fixed
checkout_date
for licenses on print all assigned for users by @snipe in #14407 - Fixed deprecation warning on
strtoupper()
by @snipe in #14413 - Fixed requestable search API scoping by @snipe in #14430
- Removes the unused
mediconesystems/livewire-datatables
package by @marcusmoore in #14427 - Fixed z-index of date-picker by @Godmartinz in #14415
- Fix [sc-25008] - correct and improve legacy language warnings by @uberbrady in #14401
- Removed dead test code by @marcusmoore in #14437
- Hide/Show ecnrypted values when click on the lock icon by @mauro-miatello in #14406
- Organized notification test cases by @marcusmoore in #14436
- Make sure the category is still valid before displaying on view assets by @snipe in #14445
- Add additional options to print all assigned view by @snipe in #14447
- Fixed Bulk delete locations bug by @Godmartinz in #14457
- [Snyk] Upgrade bootstrap-table from 1.22.2 to 1.22.3 #14455 by @snipe in #14461
- Wider country dropdown by @snipe in #14462
- Added #14460 add avif format by @snipe in #14465
- Added default location to print all assigned by @snipe in #14468
- Added "toggle all" to column selector by @snipe in #14464
- Removed the need to add
InteractsWithSettings
to each test case by @marcusmoore in #14438 - Adds a minimal amount of validation around asset_tags in AssetsController by @marcusmoore in #14421
- Added 2FA reset log entry by @snipe in #14469
- Use
htmlentities()
instead ofhtmlspecialcharacters()
on Custom Field Listbox Values by @spencerrlongg in #14089 - Added validation for
last_audit_date
andnext_audit_date
by @snipe in #14472 - Created Dymo LabelWriter Label 2112283 by @PP-JN-RL in #14485
- Fixes
last_audit_date
not being stored via API correctly by @marcusmoore in #14486 - Handle badly formatted
last_audit_date
inStoreAssetRequest
by @marcusmoore in #14488 - Fixed #14482 - bad method call model restore from view by @snipe in #14490
- Added Dymo Labelwriter 1933081 by @PP-JN-RL in #14491
- Fixed #14483 - Added deeplinking to search/sort/pagination by @snipe in #14492
- Added supplier details to license view by @snipe in #14494
- Fixed #14495 - Allow user_id to be passed to limit to only specific admins by @snipe in #14498
- Add new validator for custom field checkboxes and fix asset model default updates by @spencerrlongg in #14369
- Added validation around
pwd_secure_complexity
by @marcusmoore in #14502 - Added ability to filter in user's assigned assets by category ID and model ID by @snipe in #14509
- Last Checkin Date added to Hardware View and Index by @akemidx in #14262
- Added signature to user print report for Accessories and Consumables by @Godmartinz in #14500
- Fixes #14289: /reports/activity API endpoint scoping by @squintfox in #14515
- Fixed sorting on last checkin assets api by @snipe in #14516
- Check that the array key exists in the label engine by @snipe in #14517
- Default Locale database value changed to en-US by @akemidx in #14456
New Contributors
- @PP-JN-RL made their first contribution in #14485
- @squintfox made their first contribution in #14515
Full Changelog: v6.3.3...v6.3.4
v6.3.3
Warning
Future versions of Snipe-IT will require PHP 8.1 or greater
This is a small patch release that fixes a few regressions introduced in the last released related to labels. It also includes some minor security patches, and introduces a new script to convert a previously unencrypted custom field to be an encrypted custom field.
v7 is still well on its way. We hit a small snag with Laravel's switch from Swiftmailer to Symfony for mail sending, but we're back on track now.
What's Changed
- Fixed Labels: bulk actions are handled before sorting by @Godmartinz in #14375
- Added route parameter by @snipe in #14372
- Upgrade
jspdf-autotable
from 3.8.1 to 3.8.2 #14365 by @snipe in #14378 - Fixed 1dbarcodes to populate based on settings by @Godmartinz in #14380
- Added User email check when sending Asset acceptance reminder by @Godmartinz in #14371
- Fixes CVE-2024-27354 and CVE-2024-27355 in phpseclib/phpseclib by @joelpittet in #14370
- Default label setup with custom fields by @Godmartinz in #14320
- Fix #13515: Cannot restore backup by @chandanchowdhury in #14379
- Added console command to encrypt previously unencrypted fields by @snipe in #14385
- Fixed attempting to run bulk actions on an empty asset collection by @marcusmoore in #14388
- Fixed old label engine to work as intended with CSS by @Godmartinz in #14389
- Removed unneeded validation message by @snipe in #14392
- Guard against checking require acceptance on non-existent relationship in accessory model by @marcusmoore in #14393
- [Snyk] Upgrade webpack from 5.90.1 to 5.90.2 by @snipe in #14395
- Ensure Chat and Teams endpoints are not blank before attempting to send webhook on checkout and check in by @marcusmoore in #14394
New Contributors
- @chandanchowdhury made their first contribution in #14379
Full Changelog: v6.3.2...v6.3.3
v6.3.2
⚠️ IMPORTANT: Future versions of Snipe-IT will require PHP 8.1 or greater
What's Changed
- Allowlist and db prefix for restore by @uberbrady in #14278
- Better handle large downloads on backup API by @snipe in #14296
- Added
/backups/latest
to API endpoint by @snipe in #14297 - Add missing EXIF PHP library for Alpine Docker image by @uberbrady in #14298
- Check that the model exists before trying to access properties by @snipe in #14299
- Disallow branding uploads in demo mode by @snipe in #14301
- Clean up the file extension on image file uploads by @uberbrady in #14302
- Added ability to bulk delete locations by @snipe in #14304
- Fixed title not appearing in new label engine by @marcusmoore in #14307
- Eager load relations to determine deletability on locations by @snipe in #14308
- Fixed #14183 API /hardware/:id/checkin doesn't return Licenses by @inietov in #14192
- Only send notification if the item is assigned to a person by @snipe in #14315
- Added email, phone icons by @snipe in #14316
- Made website searchable on users table by @snipe in #14317
- Fixes CVE-2024-25117 php-svg-lib lacks path validation on font through SVG inline styles by @joelpittet in #14323
- Adding in PDF download to Accesories/Asset/License Histories by @akemidx in #14321
- Check for activeFile before trying to get header on import by @snipe in #14319
- Check for valid supplier in license view by @snipe in #14325
- Nicer UI for history importer by @snipe in #14327
- Generate unique department names in factory by @marcusmoore in #14341
- Copy encrypted custom fields by @mauro-miatello in #14335
- Added created_by to groups table by @snipe in #14344
- Added
min_amt
functionality to licenses by @snipe in #14346 - Fixed: Checked in Assets Did Not Show in Custom Report when Selecting a Valid Checked Out Date by @akemidx in #14283
- Added better label previews with the new label engine by @Godmartinz in #14281
- Added tests around asset check in and added missing actions to the api controller action by @marcusmoore in #14260
- Dynamically show models/assets on requestable page by @snipe in #14347
- Use SVG cleaner on favicons by @snipe in #14354
- Updated language strings by @snipe in #14355
- Set CSP headers to true by default by @snipe in #14356
- Removed unsafe-inline and unsafe-eval by @snipe in #14357
- Fixes inconsistencies with generating labels by @Godmartinz in #14362
Full Changelog: v6.3.1...v6.3.2
v6.3.1
⚠️ IMPORTANT: Future versions of Snipe-IT will require PHP 8.1 or greater
What's Changed
- Fixed accessory checkout via API not sending notification and not adhering to qty limit by @marcusmoore in #14181
- Removed initial check for assets, licenses, etc by @snipe in #14215
- Fixed company asset counts for dashboard widget by @snipe in #14216
- Fixed FD-40296 - mobile uploads sometimes uploading with incorrect orientation by @snipe in #14213
- Upgrade bootstrap-table from 1.22.1 to 1.22.2 #14199 by @snipe in #14217
- Added support for Google Chat notifications by @Godmartinz in #14191
- Security upgrade alpine from 3.18.5 to 3.18.6 #14178 by @snipe in #14218
- Fixed consumable checkout via API not sending notification by @marcusmoore in #14190
- Use parseEscapedMarkedownInline for more views by @gitgrimbo in #13805
- Fixed #14185 - Resurfaced
load_remote
in admin by @snipe in #14219 - Removed loading of assets for label count by @snipe in #14220
- Chunk data to reduce memory on large datasets when updating
next_audit_date
by @snipe in #14221 - Added tests around getIdForCurrentUser method by @marcusmoore in #14222
- Switch to bulk updating to handle audit interval updates by @snipe in #14227
- Fixed Select2 functionality in User bulk check-in Delete User by @Godmartinz in #14223
- Fixed: 404 Error on Importer When Uploading a .csv Under Certain Circumstance by @akemidx in #14228
- Fixes file upload XSS vulnerability [sc-24156] by @uberbrady in #14233
- Fixed the general webhook not notifying anymore by @Godmartinz in #14187
- Fixed select inputs un-select2-ifying on mobile by @Godmartinz in #14229
- Fixed barcodes crashing if asset was deleted by @snipe in #14240
- Revert "Fixed barcodes crashing if asset was deleted" by @snipe in #14241
- Fixed ReportsController to not try to return a serial if the item doesn’t exist by @snipe in #14243
- Return null if asset was hard-deleted/purged by @snipe in #14244
- Fixes Default Location Being Set During Asset Creation and Checkout by @spencerrlongg in #14188
- Bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0 by @dependabot in #14251
- Fixed accessory check in emails being sent when setting disabled by @marcusmoore in #14256
- Cleaned up navbar-custom-menu by @mauro-miatello in #14250
- Change how we check forward-looking upgrade requirements by @jerm in #14236
- Fixes CVE-2024-24821 by upgrading composer/composer by @joelpittet in #14245
- Fixes CVE-2022-24894 by upgrading symfony/http-kernel by @joelpittet in #14246
- Fixes CVE-2023-37260 upgrading league/oauth2-server by @joelpittet in #14247
- Added LDAP group tag to LDAP tests by @marcusmoore in #14255
- Fixed incorrect string for location not existing by @snipe in #14261
- Added serial and status label to asset maintenances page and API by @snipe in #14264
- Updated testing helper name by @marcusmoore in #14272
- Upgrade alpinejs from 3.13.3 to 3.13.5 by @snipe in #14274
- Upgrade webpack from 5.89.0 to 5.90.0 by @snipe in #14275
- Fixed the notification listener by @Godmartinz in #14268
- Fixed ambiguous query on supplier_id in maintenances by @snipe in #14276
- Resolve Duplicate Activity Logs for Imports by @spencerrlongg in #14172
- Fixes #14010 Adds Components and Licenses logs to Assets history view by @inietov in #14197
- Lower log level to warning on webhook failure by @snipe in #14277
- Improved UI for fieldsets by @snipe in #14279
New Contributors
- @gitgrimbo made their first contribution in #13805
Full Changelog: v6.3.0...v6.3.1
v6.3.0
⚠️ IMPORTANT: Future versions of Snipe-IT will require PHP 8.1 or greater
Happy New Year, everyone! This update is a big one as we ramp up for the release of v7. We've got tons of bug-fixes, big and small, and we're stoked to announce support for Microsoft Teams in the notification integrations. As we continue work on v7, expect even more improvements and flexibility in notifications down the line.
We've also added the ability to specify custom fields that you would like to appear on the requestable assets page, and added user edit logging to track changes to users in the system (minus passwords, 2fa tokens, etc, of course), along with some bulk editing, LDAP and SAML improvements.
The full list of changes is below - enjoy!
What's Changed
- Check that the location is valid before debugging by @snipe in #13753
- Fixed #13652 - Labels Using Wrong Logo by @spencerrlongg in #13756
- Fixed RB-17334 - ErrorException: Undefined variable
$user_formatted_array
by @snipe in #13757 - Check for true/false explicitly on api table view by @snipe in #13759
- Check for valid date in custom report by @snipe in #13761
- Make sure order number is not an array by @snipe in #13762
- Fixed ErrorException: Array to String Conversion rb17355 by @inietov in #13758
- Fixed custom report date fields error by @Robert-Azelis in #13777
- Fixed accessory not found string by @snipe in #13784
- Map Snipe-IT logs to storage logs folder in Docker by @svpernova09 in #13786
- Fixed ErrorException: Undefined array key in importer blade [sc-23864] by @inietov in #13787
- Added an option to bulk edit location & fixed location bug by @Godmartinz in #13584
- Added optional custom fields to requestable assets page by @snipe in #13796
- Added employee number as a searchable field to the asset table by @Godmartinz in #13797
- Fixed #13795 Unlogged checkin action post updating the username of an asset through the CSV import by @inietov in #13799
- Improvements to EOL rate and EOL date by @Robert-Azelis in #13776
- Fixed FD-38641 - Bulk asset edit unable to update
model_id
, misc other bugs by @snipe in #13800 - Fixes EOL on Custom Report by @spencerrlongg in #13802
- Added User Phone & Address Fields to Custom Asset Report by @spencerrlongg in #13803
- Added
min_amt
value to model detail page by @snipe in #13809 - Fixed #11179:
APP_FORCE_TLS
missing from the example.env.docker
by @mmanjos in #13810 - Added
trim()
to import values by @snipe in #13731 - Added missing translation string by @Godmartinz in #13811
- Handle redirect from after
POST
request from backup restore by @snipe in #13812 - Added additional fields to Download All in Activity Report by @snipe in #13815
- Added checkboxes to intentionally remove field values in bulk user edit by @snipe in #13817
- Fixed validation handling on backup uploads by @snipe in #13818
- Check that the category exists on user print page by @snipe in #13819
- Fixed Attempt to read property fields on null [sc-23903] by @inietov in #13820
- Fixed datetime displayed on license edit for fields that should be date by @snipe in #13816
- More graceful failure if
ldap_results
JSON decode isn’t set by @snipe in #13821 - Fixed ldap location sync by @Godmartinz in #13828
- Added employee number to user merge screen by @snipe in #13837
- Removed Refresh button on Client Tables by @spencerrlongg in #13847
- Fixed notes not saving to action log when licenses are checked in/out by @marcusmoore in #13842
- Added #13754 - asset history tab to locations view by @ntbutler-nbcs in #13814
- New translation strings for Custom Asset report by @spencerrlongg in #13823
- Clarified address column under locations by @Godmartinz in #13769
- Fixed URL to favicon on default blade (used in 404 messages) by @snipe in #13852
- Fixed
undefined array key 266
in dashboard pie when over 265 status labels exist by @akemidx in #13857 - Security upgrade alpine from 3.17.3 to 3.17.5 by @snipe in #13871
- Link back to asset on create by @snipe in #13853
- Fixed exception when an array is incorrectly submitted and the exception occurs before validation by @spencerrlongg in #13830
- Added multi-location sync for ldap by @Godmartinz in #13831
- Fixed error
Attempt to read property "id" on bool
[sc-23945] by @inietov in #13859 - Changed data source input to select in new label engine by @marcusmoore in #13680
- Added default map back to the importer by @snipe in #13876
- Clarified upload error text by @snipe in #13878
- Fix for Unique Serial validation by @spencerrlongg in #13887
- Added
empty()
aroundlocation_id
to fix ldap sync bug by @Godmartinz in #13892 - Redirect if category is missing or invalid by @snipe in #13903
- Redirect back to the specific consumable for correction by @snipe in #13904
- Fixed #13850:
Too few arguments to function in App\Importer\UserImporter::fetchManager()
by @Azooz2014 in #13898 - Fixed #13905 - Use
unique_undeleted
instead ofunique_serial
by @snipe in #13913 - Fixed missing translation string for
validation.two_column_unique_undeleted
by @snipe in #13914 - Created mutator on category checkin_email by @snipe in #13922
- Quick revert for #13830 by @snipe in #13923
- Fixed issue where delete then restore could result in duplicate asset tags by @snipe in #13926
- Fixes double logging on asset restore by @snipe in #13928
- Added user observer by @snipe in #13930
- Use updated icons for activity report by @snipe in #13931
- Use allowlist for user observer logging by @snipe in #13932
- Removed extra return statement in consumables API checkout method by @snipe in #13933
- Escape the asset tag before passing it to the view by @snipe in #13934
- Added default location to user view assets by @snipe in #13940
- Upgraded webpack to 5.89.0 by @snipe in #13941
- Updated acorn to 8.11.2 by @snipe in #13942
- Upgrade alpinejs from 3.12.3 to 3.13.2 #13936 by @snipe in #13943
- Upgrade jspdf-autotable from 3.5.31 to 3.7.1 #13937 by @snipe in #13944
- Higher contrast on green dark skin (#13915 for develop) by @snipe in #13945
- SCIM active flag must be a boolean by @uberbrady in #13948
- Refactored checkout for items with bad or missing category by @snipe in #13947
- Check for the array key in
$activeFile->first_row
in importer by @snipe in #13950 - Hiding Order Column in Custom Fieldsets by @akemidx in #13909
- Updated language strings by @snipe in #13953
- Modified re-crypter to also work when given a CLI old-key by @uberbrady in #13958
- Fixed sqlite exception in migration by @marcusmoore in #13955
- Translation of No Group notice on User edit page by @akemidx in #13965
- Fixed status and model in bulk edit by @snipe in #13959
- Fixed user total asset cost to appear conditionally by @Godmartinz in #13954
- Created mutator for requestable attribute by @snipe in #13970
- Fixes CVE-2023...