Commit graph

154 commits

Author SHA1 Message Date
snipe ab926f2e33
Merge pull request #14153 from Godmartinz/ms_teams_webhook
Added support for Microsoft Teams Notifications
2024-01-25 08:27:17 +00:00
Godfrey M cdcd868162 formats check in message for MS Teams 2024-01-17 17:31:23 -08:00
Joël Pittet 771e3ad0ad Fixes CVE-2023-51651 aws/aws-sdk-php with depdendencies 2024-01-02 17:31:10 -08:00
Joël Pittet 7ce37d0ffb Fixes CVE-2023-51651 aws/aws-sdk-php 2024-01-02 17:22:22 -08:00
snipe aca51d992b
Merge pull request #14038 from ubc-cpsc/bugfix/CVE-2023-50251
Fixes CVE-2023-50251 and CVE-2023-50262 DoS on parsing SVG
2023-12-19 14:00:13 +00:00
Joël Pittet 32aedabfe5 Force update with PHP 7.4.3 platform requirement and update lock 2023-12-14 09:59:11 -08:00
Joël Pittet b746c7d371 Fixes CVE-2023-43655 Composer Remote Code Execution vulnerability via web-accessible composer.phar 2023-12-14 09:34:25 -08:00
Joël Pittet 0a5eca53db Fixes CVE-2023-50251 and CVE-2023-50262 DoS on parsing SVG 2023-12-14 09:28:21 -08:00
snipe 5730518fc6
Merge pull request #13978 from uberbrady/test_ldap
Test ldap
2023-11-30 19:23:29 +00:00
Joël Pittet 5b4d6b346b Update for CVE-2023-49316 by upgrading phpseclib/phpseclib (3.0.14 => 3.0.34) 2023-11-29 11:03:12 -08:00
Brady Wetherington 8e8b1068ff Beginnings of LDAP test suite 2023-11-27 14:50:43 +00:00
Brady Wetherington 3184f795c2 Upgrade to new branch for our fork of laravel-scim-server 2023-09-07 18:29:23 +01:00
Marcus Moore 5828d29952 Remove Dusk 2023-08-30 16:43:18 -07:00
Marcus Moore 191c4f959f Bump guzzlehttp/psr7 to 2.4.5 2023-08-21 14:46:08 -07:00
Marcus Moore 1e10a7ee23 Bump nyholm/psr7 to 1.6.1 2023-08-21 14:45:21 -07:00
snipe 96b616be89 Downgraded TCPDF
Signed-off-by: snipe <snipe@snipe.net>
2023-08-15 20:11:56 +01:00
snipe 697dc10d76 More label tweaks
Signed-off-by: snipe <snipe@snipe.net>
2023-08-15 20:03:32 +01:00
Marcus Moore d8f22880d6
Allow installing on PHP 7.4 2023-07-10 17:35:21 -07:00
Marcus Moore 3f09e6017b
Install paratest to allow for parallel test running 2023-06-26 16:22:28 -07:00
snipe c52b48c383 Google oauth login
Signed-off-by: snipe <snipe@snipe.net>
2023-05-10 00:14:28 -07:00
Marcus Moore 48ef8443f5
Restrict PHP to >=7.4.3 <8.2 2023-05-02 12:01:09 -07:00
snipe 0b408218b0 Update dompdf
Signed-off-by: snipe <snipe@snipe.net>
2023-02-23 12:59:04 -08:00
Brady Wetherington 3a2b54fd47 Add libsodium shim, and mark the sodium extension as 'optional'
Trying to handle some composer.lock conflicts, as savely as possible.
2023-02-15 18:16:39 -08:00
snipe f4617d8d5b Added larastan and psalm to composer dev
Signed-off-by: snipe <snipe@snipe.net>
2023-02-07 11:01:21 -08:00
snipe aeb8dfb07d Added phpinsights
Signed-off-by: snipe <snipe@snipe.net>
2023-02-06 12:39:55 -08:00
snipe 2a8851bbd7
Merge pull request #12342 from marcusmoore/fix/dusk-test-suite
Fixed Dusk Test Suite
2023-02-02 09:50:34 -08:00
Brady Wetherington c5d3b3ab81 Change out the SCIM config for a fixed one; update our fork of the SCIM-server 2023-01-25 15:59:46 -08:00
Marcus Moore 2aa50859b3
Bump Dusk version to fix broken macOS chrome driver link 2023-01-10 17:01:03 -08:00
Brady Wetherington 06a1fe5b38 Pulled in latest upstream changes for improved standards-compliance 2022-11-22 12:52:11 -08:00
Brady Wetherington 383bd6bb45 Add new SCIM env vars; upgrade SCIM library 2022-11-09 19:08:15 +00:00
Brady Wetherington 9605dec22a Use the new scim-trace feature from our fork of laravel-scim-server lib 2022-10-05 17:43:59 -07:00
snipe 9dbc5070f8 Remove phplint (for now)
Signed-off-by: snipe <snipe@snipe.net>
2022-09-27 16:47:09 -07:00
snipe 443b1df5e1 Bumped packages
Signed-off-by: snipe <snipe@snipe.net>
2022-07-22 17:55:19 -07:00
Brady Wetherington b2112e6792 Whoops, bump version to have the right syntax! 2022-07-18 15:16:45 -07:00
Brady Wetherington 250db10249 Upgrade our fork of laravel-scim-server to better support scim creates 2022-07-18 15:05:42 -07:00
snipe 7e7ae3bb95 Really reverting this time
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:55:34 -07:00
snipe 838579e9a8 Reverting :(
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:30:56 -07:00
snipe c0b6d5aa2c Upgraded guzzle to 7.4.5
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:01:24 -07:00
snipe 3dc4f56fb4 Update constraints to allow up to 8.2
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 17:23:41 -07:00
snipe 4c06a451b8 Upgraded dompdf
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 10:17:46 -07:00
Brady Wetherington 599d725d55 Just needed to adjust the hash so that the composer.lock is correct 2022-04-05 20:31:34 +01:00
Brady Wetherington 9bd04eb8c9 Use our forked version of the Laravel-SCIM-Server package (hopefully temporary) 2022-04-05 20:26:40 +01:00
Brady Wetherington 6756dd193e SCIM integration using the 're-do-the routes' approach, which seems like a dead-end
Cleaning up routes to match laravel-scim-server's recommended implementation

Some actually *working* changes for SCIM support?!

Whoops, forgot my route file

Fix public SCIM routes

Removed Ziggy, removed old generated file, yanked Ziggy references

Resolves the first set of comments for SCIM

Ensure all /api routes have baseUrl prepended

Fix the parent:: call to be, uh, actually correct :P

Clarify the route-ordering, as it is quite tricky

This gets it so that users can actually be saved..

Work around the lack of callbacks with some inheritance

Mapped a bunch more fields from SCIM into Snipe-IT's user table

More baseUrl shenanigans since we yanked Ziggy :/

Properly map job title and work with some other necessary attributes

Map more fields...

Finalized basic mapping for core and enterprise namespaces

Latest tuned settings for SCIM config to work with Azure (and others)
2022-04-05 20:26:37 +01:00
Joël Pittet 472c94ef89 Security updates to enshrined/svg-sanitize and guzzlehttp/psr7 2022-04-04 12:31:27 -07:00
Godfrey Martinez fe6a6740db
Merge branch 'develop' into feature/sc-15014/asset-acceptance-and-signed-eula-as-pdf 2022-03-22 10:10:56 -07:00
snipe d06ef4bdef Bumped lockfile
Signed-off-by: snipe <snipe@snipe.net>
2022-03-08 22:17:46 -08:00
snipe b876d0abb0 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.env.example
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Kernel.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/Accessory.php
#	app/Models/Consumable.php
#	app/Presenters/AccessoryPresenter.php
#	app/Presenters/ComponentPresenter.php
#	app/Presenters/ConsumablePresenter.php
#	app/Providers/AuthServiceProvider.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/cors.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/build/app.js.LICENSE.txt
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/views/accessories/view.blade.php
#	resources/views/consumables/view.blade.php
#	resources/views/settings/saml.blade.php
#	routes/api.php
2022-03-03 21:59:38 -08:00
Godfrey M 533670f3f1 faulty method for converting asset acceptance to pdf 2022-02-24 14:50:16 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
Brady Wetherington 3c7f2e89ec Merge branch 'develop' into remove_old_ldap
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00