Commit graph

6663 commits

Author SHA1 Message Date
Ivan Nieto Vivanco 1ca770895a Apply trim() function when storing Custom Fields names 2021-11-22 18:43:21 -06:00
Klaus J. Mueller a85fa14f9c fix #10344 and #9135 2021-11-22 17:58:26 +01:00
snipe b058d84f2c
Merge pull request #10322 from snipe/uberbrady-patch-2
Change the `[END]` directive in `.htaccess` to `[L]`
2021-11-17 18:01:52 -08:00
Brady Wetherington 5fb05d8b1c
Change the [END] directive in .htaccess to [L]
This allows backwards-compatibility with older Apache versions (which we _used_ to have), and should do the exact same thing.
2021-11-17 15:29:51 -08:00
snipe 78809c0fe7 Bumped version
Signed-off-by: snipe <snipe@snipe.net>
2021-11-16 12:02:45 -08:00
snipe 7ce5993f5a
Merge pull request #10315 from snipe/fixes/escape_custom_fields_in_api_response
Escape custom field values in API response
2021-11-15 20:33:51 -08:00
snipe f7b483358f Escape custom field values in API response
Signed-off-by: snipe <snipe@snipe.net>
2021-11-15 20:32:59 -08:00
snipe e75a5f13ec
Merge pull request #10303 from inietov/fixes/weird_field_showing_up
Added the current_value string to correspondig 'en' language directory
2021-11-15 14:29:34 -08:00
snipe cf4e13f4df
Merge pull request #10312 from andrewshulgin/patch-1
Fixed: #10311: Docker: ldap_client_tls.{key,cert} are located in /var/www/html/storage instead of /var/lib/snipeit/keys
2021-11-15 14:28:59 -08:00
snipe 8e7565cbe9
Merge pull request #10313 from snipe/snyk-fix-d1fb08ebb2899913c99652bb6e188696
[Snyk] Security upgrade bootstrap-table from 1.18.3 to 1.19.1
2021-11-15 14:28:37 -08:00
snyk-bot 4839b0e008
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-BOOTSTRAPTABLE-1657597
2021-11-13 05:19:33 +00:00
Andrew Shulgin d3ddafdff4
Dockerfile: symlink for ldap_client_tls.{cert,key} 2021-11-13 03:00:09 +02:00
Ivan Nieto Vivanco b07db3b324 Added the current_value string to correspondig 'en' language directory 2021-11-11 14:43:47 -06:00
snipe 9ed1442bd1
Merge pull request #10286 from uberbrady/fix_bulk_audit_xss
Escape asset_tag attribute at controller level for bulk checkout
2021-11-08 20:32:02 -08:00
Brady Wetherington 3ea209a507 Escape asset_tag attribute at controller level for consumption in bulk checkout 2021-11-08 20:27:43 -08:00
snipe edf98cb795
Merge pull request #10279 from snipe/fixes/turn_get_into_post_for_custom_field_required
Turn custom fields required/optional/remove into POST requests
2021-11-08 14:37:36 -08:00
snipe 16d18bc7eb
Merge pull request #10283 from snipe/fixes/remove_get_logout_route 2021-11-08 12:55:19 -08:00
snipe 38c36af6fc Changes logout to POST
Signed-off-by: snipe <snipe@snipe.net>
2021-11-08 12:53:11 -08:00
snipe b5855e7be5 Removed get route for logout
Signed-off-by: snipe <snipe@snipe.net>
2021-11-08 12:35:15 -08:00
snipe 0d811d067c Turn cusotm fields required/optional/remove into POST requests
Signed-off-by: snipe <snipe@snipe.net>
2021-11-05 10:53:48 -07:00
snipe fba0e2b712 Revert tableexport
(It broke the npm run prod build)

Signed-off-by: snipe <snipe@snipe.net>
2021-11-03 16:17:19 -07:00
snipe 608c2f91a8 Updated package lock
Signed-off-by: snipe <snipe@snipe.net>
2021-11-03 16:04:48 -07:00
snipe 960028b376 Bumped version
Signed-off-by: snipe <snipe@snipe.net>
2021-11-03 16:04:39 -07:00
snipe 6690a0f1df
Merge pull request #10257 from Wouter0100/patch-1
fix(Docker): use correct python binary for exit listener
2021-11-02 14:53:35 -07:00
Wouter van Os 2c49c32e72 Fixed #10231: use correct python binary for exit listener
This fixes #10231, without creating an own Dockerfile.
2021-11-02 13:06:36 +01:00
snipe 76cc46c419
Merge pull request #9814 from 01ste02/importMinAmt
Improved Consumable Import: Import min_amt for consumables
2021-10-28 17:49:44 -07:00
snipe dc71f6ddc6
Merge pull request #9871 from jethron/patch-1
Fixed: double slashes in branding logo URL path
2021-10-28 17:36:43 -07:00
snipe 7470fdb605
Merge pull request #9912 from snipe/snyk-upgrade-1377cc2d38a76585c814757398543f5f
[Snyk] Upgrade tableexport.jquery.plugin from 1.10.21 to 1.10.26
2021-10-28 17:15:10 -07:00
snipe 930e220cf1
Merge pull request #9915 from snipe/snyk-upgrade-b2b26cf8ec7a697fe0094f699652a345
[Snyk] Upgrade bootstrap-table from 1.18.2 to 1.18.3
2021-10-28 17:12:47 -07:00
snipe 2f9e5f79af
Merge pull request #10139 from FliegenKLATSCH/patch-1
API: Do not include deleted items per default on lookup by serial
2021-10-28 17:09:20 -07:00
snipe 927fba179d
Merge pull request #10241 from snipe/snyk-fix-a23047e623395f58c0f4d50feb55a3a3
[Snyk] Security upgrade jquery-ui from 1.12.1 to 1.13.0
2021-10-28 16:35:32 -07:00
snyk-bot dfde50732b
fix: package.json & package-lock.json to reduce vulnerabilities
The following vulnerabilities are fixed with an upgrade:
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767167
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767175
- https://snyk.io/vuln/SNYK-JS-JQUERYUI-1767767
2021-10-28 07:28:38 +00:00
snipe 7455318fcf
Merge pull request #10225 from snipe/fixes/default_label_in_status_label_api
Set default_label to 0 instead of null in API
2021-10-25 20:18:37 -07:00
snipe 17bf899a17 Set default_label to 0 instead of null in API
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 20:14:01 -07:00
snipe a5230319b8
Merge pull request #10223 from snipe/fixes/fixed_missing_clone_button
Fixed #10222 - fixed permissions array to handle missing clone button
2021-10-25 15:39:28 -07:00
snipe 8b1c60a17a Make gates a little more consistent
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 15:34:22 -07:00
snipe 033c3253bb Fixed permissions array to handle missing clone button
Signed-off-by: snipe <snipe@snipe.net>
2021-10-25 14:10:17 -07:00
snipe a88f622ec3 Bumped version
Signed-off-by: snipe <snipe@snipe.net>
2021-10-18 16:45:51 -07:00
snipe f87ffb84d5
Merge pull request #10201 from snipe/fixes/xss_on_export
Fixes possible XSS on all-file-types export
2021-10-15 09:54:52 -07:00
snipe bda23bb1e6 Fixes possible XSS on all-file-types export
Signed-off-by: snipe <snipe@snipe.net>
2021-10-15 11:50:52 -05:00
FliegenKLATSCH 24c484303e Do not include deleted assets by default when doing lookup by serial
This commit introduces a new query parameter `deleted`, which can be set to `true` to include deleted assets in the response.
2021-10-09 08:56:31 +02:00
snipe 5d94b99035 Switched to 5 in one minute
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:53:32 -07:00
snipe c4856c8aed
Merge pull request #10180 from snipe/fixes/add_rate_limiting_to_forgotten_password
Throttle password reset requests to 5 every 60 seconds
2021-10-08 15:44:43 -07:00
snipe 0674ef5a3d Fixed number to 1 (for minutes)
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 15:43:32 -07:00
snipe 702791210e Throttle password reset requests to 5 every 60 seconds
Signed-off-by: snipe <snipe@snipe.net>
2021-10-08 14:26:30 -07:00
snipe 1c77fd0d09
Merge pull request #10178 from inietov/bug/sc-17520/symfony_component_debug_exception_fatalthrowableerror
Fixed typo when setting the headers
2021-10-08 12:04:45 -07:00
Ivan Nieto Vivanco d184da8611 Fixed typo (thanks @ssddanbrown) 2021-10-08 13:39:49 -05:00
snipe ac76364140
Merge pull request #10172 from snipe/fixes/S3_upload_preview
Fixed models preview - Use Storage:: facade
2021-10-06 13:14:02 -07:00
snipe 7848a3c3dc Use Storage:: facade for image preview for models
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 13:12:42 -07:00
snipe f41ec640fe Added Huntr.dev badge
Signed-off-by: snipe <snipe@snipe.net>
2021-10-06 12:49:30 -07:00