Brady Wetherington
fcf023e3d2
WIP: trying to get prefixing and sanitization working
2024-02-13 12:16:15 +00:00
Brady Wetherington
8c882ddead
Starting to abstract out the SQL Streaming logic into its own class
2024-02-13 12:16:15 +00:00
Brady Wetherington
7d136f9970
Initial rough stabs at prefix removal and SQL sanitization
2024-02-13 12:16:15 +00:00
Jeremy Price
f4c1460c2b
remove help text options until i put together the help text
2024-02-12 19:18:26 -08:00
Jeremy Price
bb2e1de0a8
Change how we check forward-looking upgrade requirements
...
In https://github.com/snipe/snipe-it/pull/14128 we added the capability
for the upgrade.php script to check version requirements _before_
downloading the new source, to help keep from breaking installations.
Turns out, `file_get_contents()` isn't a reliable way to grab a url, because
some systems have `allow_url_fopen` turned off in their PHP
configurations.
In this iteration, we swap that out for a curl function, while also
adding more error handling, the ability to entirely skip the
PHP version checks if for some reason you Just Can't query the upgrade
json correctly, as well as adding a lot of helpful text around the whole
issue.
Additionally, I've added some error checking around DB backups and
initial artisan down-ing, since shell_exec would happily march right
past any errors.
2024-02-12 19:18:26 -08:00
Marcus Moore
c81bc1d2ee
Scaffold tests around asset check in
2024-02-12 17:54:22 -08:00
Marcus Moore
7154d23759
Pass the correct variable to the route helper
2024-02-12 16:45:18 -08:00
Marcus Moore
df23fd0dee
Remove usused import
2024-02-12 16:35:54 -08:00
Marcus Moore
adfb8895df
Improve factory state name
2024-02-12 16:31:32 -08:00
Marcus Moore
c8e12ddb5c
Remove bug in factory state
2024-02-12 16:30:09 -08:00
Marcus Moore
5b181ecea7
Remove old comment
2024-02-12 16:29:34 -08:00
Marcus Moore
728aaaab20
Ensure accessory check in emails are not sent when the setting is disabled
2024-02-12 16:22:59 -08:00
Marcus Moore
095a7d9b34
Scaffold tests around accessory check in
2024-02-12 12:54:48 -08:00
Marcus Moore
cf53f2778f
Add LDAP test cases to group
2024-02-12 12:28:27 -08:00
snipe
65e20282b6
Merge pull request #14251 from snipe/dependabot/github_actions/develop/codacy/codacy-analysis-cli-action-4.4.0
...
Bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0
2024-02-12 08:35:30 +00:00
dependabot[bot]
405c5b5ad0
Bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0
...
Bumps [codacy/codacy-analysis-cli-action](https://github.com/codacy/codacy-analysis-cli-action ) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/codacy/codacy-analysis-cli-action/releases )
- [Commits](https://github.com/codacy/codacy-analysis-cli-action/compare/v4.3.0...v4.4.0 )
---
updated-dependencies:
- dependency-name: codacy/codacy-analysis-cli-action
dependency-type: direct:production
update-type: version-update:semver-minor
...
Signed-off-by: dependabot[bot] <support@github.com>
2024-02-12 08:33:17 +00:00
MrM
6f0fe16b87
Update default.blade.php
...
removed some repeated attributes
2024-02-11 18:45:37 +01:00
snipe
111daffc17
Merge pull request #14188 from spencerrlongg/bug/14146
...
Fixes Default Location Being Set During Asset Creation and Checkout
2024-02-10 11:47:46 +00:00
Joël Pittet
b8a478f558
Fixes by CVE-2023-37260 upgrading league/oauth2-server
2024-02-09 17:24:07 -08:00
Joël Pittet
9f7084d077
Revert "Fixes by CVE-2022-24894 upgrading league/oauth2-server"
...
This reverts commit 0840cd3df3
.
2024-02-09 17:22:36 -08:00
Joël Pittet
0840cd3df3
Fixes by CVE-2022-24894 upgrading league/oauth2-server
2024-02-09 17:21:24 -08:00
Joël Pittet
cefdaf9a9b
Fixes CVE-2022-24894
2024-02-09 17:17:44 -08:00
Joël Pittet
13335b19e9
Fixes CVE-2024-24821
2024-02-09 17:04:34 -08:00
snipe
6e471a27e7
Merge remote-tracking branch 'origin/develop'
2024-02-09 21:10:27 +00:00
snipe
513ea67e7d
Merge pull request #14244 from snipe/fixes/null_barcode_if_hard_deleted
...
Return null if asset was hard-deleted/purged
2024-02-09 21:09:17 +00:00
snipe
3868e711f4
Return null if asset was hard-deleted/purged
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 21:08:07 +00:00
snipe
f33f712de7
Merge remote-tracking branch 'origin/develop'
2024-02-09 21:00:16 +00:00
snipe
c12e1f6d6c
Merge pull request #14243 from snipe/fixes/reports_controller_when_item_is_deleted
...
Fixed ReportsController to not try to return a serial if the item doesn’t exist
2024-02-09 20:54:37 +00:00
snipe
479abd5231
Do not try to return a serial if the item doesn’t exist
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:53:33 +00:00
snipe
a60a24a4a8
Merge remote-tracking branch 'origin/develop'
2024-02-09 20:42:48 +00:00
snipe
55b3050ca8
Re-applied previous withTrashed PR
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:37:18 +00:00
snipe
2c996a8508
Merge pull request #14241 from snipe/revert-14240-feature/sc-24786
...
Revert "Fixed barcodes crashing if asset was deleted"
2024-02-09 20:36:02 +00:00
snipe
84f8eee869
Revert "Fixed barcodes crashing if asset was deleted"
2024-02-09 20:35:45 +00:00
snipe
590c19dbd7
Merge pull request #14240 from snipe/feature/sc-24786
...
Feature/sc 24786
2024-02-09 20:28:31 +00:00
snipe
fa47707974
Use withTrashed() to get the barcode on deleted assets
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:26:49 +00:00
snipe
ca62481083
Added button and route
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:23:13 +00:00
snipe
1c3306046c
Merge remote-tracking branch 'origin/develop'
...
Signed-off-by: snipe <snipe@snipe.net>
# Conflicts:
# public/js/build/app.js
# public/js/dist/all.js
# public/mix-manifest.json
2024-02-08 23:14:54 +00:00
snipe
f4fc845375
Updated dev assets
...
Signed-off-by: snipe <snipe@snipe.net>
2024-02-08 23:06:47 +00:00
snipe
a7af987322
Merge pull request #14229 from Godmartinz/select2-target-fix
...
Fixed select inputs un-select2-ifying on mobile
2024-02-08 23:04:55 +00:00
Godfrey M
c4eaae923a
removed vue comments since they do not apply anymore
2024-02-08 15:02:47 -08:00
snipe
849ba02516
Merge pull request #14187 from Godmartinz/general-hook_fix
...
Fixed the general webhook not notifying anymore
2024-02-08 23:01:36 +00:00
Godfrey Martinez
9dcd14a712
Merge branch 'develop' into general-hook_fix
2024-02-08 14:59:25 -08:00
snipe
3412b4dc5a
Merge remote-tracking branch 'origin/develop'
2024-02-08 14:58:24 +00:00
snipe
a3b96aff1f
Merge pull request #14233 from uberbrady/prevent_svg_injection_with_fake_extensions_rebased
...
Fixes file upload XSS vulnerability [sc-24156]
2024-02-08 14:56:59 +00:00
Brady Wetherington
9bb191f29f
Fixes file upload XSS vulnerability [sc-24156]
2024-02-08 14:30:40 +00:00
snipe
4a43ccfa92
Merge pull request #14228 from akemidx/bug/sc-23516
...
Fixed: 404 Error on Importer When Uploading a .csv Under Certain Circumstance
2024-02-08 13:43:07 +00:00
Godfrey M
b73e8642d3
removed unnecessary changes
2024-02-06 13:06:21 -08:00
Godfrey M
cfe2277a64
forgot to remove comment line
2024-02-06 13:05:04 -08:00
akemidx
e776c2cffa
formatting the button tag
2024-02-06 15:51:04 -05:00
Godfrey M
ca59bc3c9c
removes if statement that prevents select2-ifying inputs
2024-02-06 12:46:17 -08:00