Commit graph

190 commits

Author SHA1 Message Date
Marcus Moore 3f09e6017b
Install paratest to allow for parallel test running 2023-06-26 16:22:28 -07:00
Brady Wetherington a9c7dbd17a Shift PHP version requiremeents for Snipe-IT v7 to be php 8.0-8.2 2023-05-17 17:51:02 -07:00
Brady Wetherington 09fdc946a0 Merge branch 'develop' into snipeit_v7
Had to do some asset rebuilds, and a composer update
2023-05-17 17:37:10 -07:00
snipe c52b48c383 Google oauth login
Signed-off-by: snipe <snipe@snipe.net>
2023-05-10 00:14:28 -07:00
Marcus Moore 48ef8443f5
Restrict PHP to >=7.4.3 <8.2 2023-05-02 12:01:09 -07:00
Brady Wetherington 9793130f6c Merge branch 'develop' into laravel_v9 2023-04-18 11:01:00 -07:00
snipe 0b408218b0 Update dompdf
Signed-off-by: snipe <snipe@snipe.net>
2023-02-23 12:59:04 -08:00
Brady Wetherington 645bba96cd WIP: First stabs at getting Laravel Vite to work; no luck so far :(
Probably going to back out all the 'vite' stuff anyways :/
2023-02-21 19:35:37 -08:00
Brady Wetherington 3a2b54fd47 Add libsodium shim, and mark the sodium extension as 'optional'
Trying to handle some composer.lock conflicts, as savely as possible.
2023-02-15 18:16:39 -08:00
snipe f4617d8d5b Added larastan and psalm to composer dev
Signed-off-by: snipe <snipe@snipe.net>
2023-02-07 11:01:21 -08:00
snipe aeb8dfb07d Added phpinsights
Signed-off-by: snipe <snipe@snipe.net>
2023-02-06 12:39:55 -08:00
snipe 2a8851bbd7
Merge pull request #12342 from marcusmoore/fix/dusk-test-suite
Fixed Dusk Test Suite
2023-02-02 09:50:34 -08:00
Brady Wetherington c5d3b3ab81 Change out the SCIM config for a fixed one; update our fork of the SCIM-server 2023-01-25 15:59:46 -08:00
Marcus Moore 2aa50859b3
Bump Dusk version to fix broken macOS chrome driver link 2023-01-10 17:01:03 -08:00
Brady Wetherington 06a1fe5b38 Pulled in latest upstream changes for improved standards-compliance 2022-11-22 12:52:11 -08:00
Brady Wetherington 383bd6bb45 Add new SCIM env vars; upgrade SCIM library 2022-11-09 19:08:15 +00:00
Brady Wetherington 9605dec22a Use the new scim-trace feature from our fork of laravel-scim-server lib 2022-10-05 17:43:59 -07:00
snipe 9dbc5070f8 Remove phplint (for now)
Signed-off-by: snipe <snipe@snipe.net>
2022-09-27 16:47:09 -07:00
snipe 443b1df5e1 Bumped packages
Signed-off-by: snipe <snipe@snipe.net>
2022-07-22 17:55:19 -07:00
Brady Wetherington b2112e6792 Whoops, bump version to have the right syntax! 2022-07-18 15:16:45 -07:00
Brady Wetherington 250db10249 Upgrade our fork of laravel-scim-server to better support scim creates 2022-07-18 15:05:42 -07:00
snipe 7e7ae3bb95 Really reverting this time
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:55:34 -07:00
snipe 838579e9a8 Reverting :(
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:30:56 -07:00
snipe c0b6d5aa2c Upgraded guzzle to 7.4.5
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:01:24 -07:00
snipe 3dc4f56fb4 Update constraints to allow up to 8.2
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 17:23:41 -07:00
snipe 4c06a451b8 Upgraded dompdf
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 10:17:46 -07:00
Brady Wetherington 599d725d55 Just needed to adjust the hash so that the composer.lock is correct 2022-04-05 20:31:34 +01:00
Brady Wetherington 9bd04eb8c9 Use our forked version of the Laravel-SCIM-Server package (hopefully temporary) 2022-04-05 20:26:40 +01:00
Brady Wetherington 6756dd193e SCIM integration using the 're-do-the routes' approach, which seems like a dead-end
Cleaning up routes to match laravel-scim-server's recommended implementation

Some actually *working* changes for SCIM support?!

Whoops, forgot my route file

Fix public SCIM routes

Removed Ziggy, removed old generated file, yanked Ziggy references

Resolves the first set of comments for SCIM

Ensure all /api routes have baseUrl prepended

Fix the parent:: call to be, uh, actually correct :P

Clarify the route-ordering, as it is quite tricky

This gets it so that users can actually be saved..

Work around the lack of callbacks with some inheritance

Mapped a bunch more fields from SCIM into Snipe-IT's user table

More baseUrl shenanigans since we yanked Ziggy :/

Properly map job title and work with some other necessary attributes

Map more fields...

Finalized basic mapping for core and enterprise namespaces

Latest tuned settings for SCIM config to work with Azure (and others)
2022-04-05 20:26:37 +01:00
Joël Pittet 472c94ef89 Security updates to enshrined/svg-sanitize and guzzlehttp/psr7 2022-04-04 12:31:27 -07:00
Godfrey Martinez fe6a6740db
Merge branch 'develop' into feature/sc-15014/asset-acceptance-and-signed-eula-as-pdf 2022-03-22 10:10:56 -07:00
snipe d06ef4bdef Bumped lockfile
Signed-off-by: snipe <snipe@snipe.net>
2022-03-08 22:17:46 -08:00
snipe b876d0abb0 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.env.example
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Kernel.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/Accessory.php
#	app/Models/Consumable.php
#	app/Presenters/AccessoryPresenter.php
#	app/Presenters/ComponentPresenter.php
#	app/Presenters/ConsumablePresenter.php
#	app/Providers/AuthServiceProvider.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/cors.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/build/app.js.LICENSE.txt
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/views/accessories/view.blade.php
#	resources/views/consumables/view.blade.php
#	resources/views/settings/saml.blade.php
#	routes/api.php
2022-03-03 21:59:38 -08:00
Godfrey M 533670f3f1 faulty method for converting asset acceptance to pdf 2022-02-24 14:50:16 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
Brady Wetherington 3c7f2e89ec Merge branch 'develop' into remove_old_ldap
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00
snipe 406211d2fe Move mockery to require-dev
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:22:46 -08:00
snipe fb06c136b9 Added mockery (because reasons?)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:11:14 -08:00
snipe 957d092844 Upgraded phpunit to v9
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:04:04 -08:00
snipe d96e95abd6 Small mods to configs, removed old faker, added new
Signed-off-by: snipe <snipe@snipe.net>
2021-12-01 13:46:21 -08:00
snipe d08c1787a1 First steps at getting dusk working
Signed-off-by: snipe <snipe@snipe.net>
2021-11-30 20:09:29 -08:00
Brady Wetherington 25d72d2978 Make composer install work on 7.4 as well as 8.0 2021-11-09 13:06:24 -08:00
Brady Wetherington ec030e9e1f Tweak some version requirements to make composer install run under phpv8 2021-11-08 21:19:23 -08:00
Brady Wetherington 4dda28de9e WIP: cleaning up LDAP 2021-10-28 18:19:50 -07:00
Brady Wetherington d80604f2ac Most of the basics are working, but not done and lots of debug messages are about
I picked up the change that picked a point-release difference on the AWS library since that usually
works out for us (x.y.1 vs. x.y.2 - usually a good call)
2021-10-04 22:06:48 -07:00
Brady Wetherington 3a73fa19f0 Try to generate a new composer lockfile under PHP 7.3 2021-09-29 10:53:44 -07:00
snipe 61cf9ec009 Small conflict handling bits
Signed-off-by: snipe <snipe@snipe.net>
2021-09-22 00:00:44 -07:00
snipe 7d1c2199ed Attempted to re-bound to lowest php version possible
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:29:43 -07:00
snipe d8191f738c Updated flysystem to 1.1.4 for critical security update
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:04:42 -07:00
Godfrey Martinez 246cc0eaa8
Feature/ch16172/adding other fields to ldap sync settings (#9416)
* new branch, added manager as an additional field. Currently having DB issues

* WIP DB Issue with eloquent

* added department to LDAP sync

* removed unused variables
2021-04-14 10:17:57 -07:00
snipe c8e172ec6b Downgrade packages
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 20:03:09 -07:00
snipe 1b890ffcc5 Added collision 2021-03-17 15:45:00 -07:00
snipe 89ab4bb86f Revert "Added PHP8 compatibility [experimental]"
This reverts commit 3873f14971.

# Conflicts:
#	composer.lock
2021-03-09 13:38:38 -08:00
snipe 707a68fc54 Rollback :( 2021-03-09 13:15:00 -08:00
snipe 2d6dcb6b3b Applying fix for Undefined class constant 'EM_AES_256' in spatie
https://github.com/spatie/laravel-backup/discussions/1247
2021-03-09 12:52:26 -08:00
snipe 3873f14971 Added PHP8 compatibility [experimental] 2021-03-09 12:39:49 -08:00
snipe 1e062d4fc8 Re-applying laravel update with PHP min 7.2.5 2021-02-02 20:58:15 -08:00
snipe ca37de5e45 Ugh. Rolling back composer.lock
Everything sucks
2021-02-02 20:44:07 -08:00
snipe 9ba2fd93c1 Reverted Laravel upgrade :( 2021-02-02 20:34:23 -08:00
Brady Wetherington b09ded2a3b
Upgrade laravel (#9081)
* Hotfix to develop to yank extraneous e()

* Upgrade Laravel release only to a later 6.18.x version

* Upgrade Laravel to 6.x and Passport 9.x, the recommended versions
2021-02-02 20:22:36 -08:00
snipe d3d96c8285 Reverted composer until we can figure out wtf happened 2020-12-15 17:25:17 -08:00
snipe bf34385c3e Temp revert to old slack library
Getting a weird error, need to troubleshoot remotely
2020-12-15 13:43:18 -08:00
snipe cb184a9687 Updated composer.lock with newer packages 2020-12-14 17:46:39 -08:00
snipe 8504c9e8b9 Added phplint to dev in composer 2020-11-16 19:08:04 -08:00
Johnson Yi b2930d6069 Added #542: add saml authentication 2020-05-06 00:06:19 +10:00
snipe c5e587f33b
Added codeception testing modules for —dev 2020-04-21 20:15:45 -07:00
snipe 5dc64ea91b
Re-added EasySlugger to fix tests 2020-04-21 19:28:24 -07:00
snipe 3cb4672ffe
Updated composer 2020-04-21 02:47:12 -07:00
snipe 450c1b9d56
Updated faker library to be compatible with PHP 7.4 2020-04-08 11:13:15 -07:00
snipe 5307e57bd9 Fix for CVE-2019-10772
Vuln in SVG sanitizer library
2020-03-04 22:15:31 -08:00
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639)
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe 3f5840d390 Bumped vendor files 2019-12-05 19:53:01 -08:00
dependabot[bot] d3f4205f09 Bump symfony/http-foundation from 3.4.30 to 3.4.36 (#7638)
Bumps [symfony/http-foundation](https://github.com/symfony/http-foundation) from 3.4.30 to 3.4.36.
- [Release notes](https://github.com/symfony/http-foundation/releases)
- [Changelog](https://github.com/symfony/http-foundation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/symfony/http-foundation/compare/v3.4.30...v3.4.36)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 19:37:00 -08:00
snipe ba197c8857 Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4 2019-08-15 03:02:24 -07:00
snipe 3dc2cc9f22
CORS for api (#7292)
* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe 740d5a6846 Downgrading rollbar for Laravel 5.5 2019-06-25 18:07:21 -07:00
snipe d1a8955ef9 Bumped packages 2019-05-23 19:09:14 -07:00
snipe 77c3b8f8c1 Updated packages 2019-05-22 00:07:49 -07:00
snipe c944304444 Updated packages
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
2019-05-20 10:10:46 -07:00
snipe d1e9fbfa24 Updated compoer 2019-03-20 02:37:44 -07:00
snipe da015ec4a8
Fixed #6834 and #6402 - use inline QR code generation for 2FA (#6840)
* Fixed  #6834 and #6402 - use inline QR code generation for

* Update auth controllers to use translations

* Updated composer lock

* Added comments

* Moar comments

* Typo
2019-03-20 01:24:31 -07:00
snipe 601c129bbf Embed images in emails 2019-01-17 20:45:24 -08:00
snipe d6f8d1b464 Updated composer lock 2018-10-19 16:40:54 -07:00
snipe ec7245965f Bumped to rollbar 2.4.1
https://github.com/rollbar/rollbar-php-laravel/issues/65
2018-10-04 17:09:12 -07:00
snipe a52575c7bf Lock rollbar to v2.3.0
https://github.com/rollbar/rollbar-php-laravel/issues/65
https://github.com/rollbar/rollbar-php-laravel/issues/67
2018-10-04 12:11:36 -07:00
snipe 1014bd74e0 Updated rollbar 2018-10-03 14:58:14 -07:00
snipe db385e024b Possible proxy issue fix 2018-10-03 13:04:25 -07:00
snipe bcb966af12 Updated composer 2018-07-17 14:17:02 -07:00
snipe aea37467d8 Attempt to add codeclimate test coverage 2018-02-22 22:34:08 -08:00
snipe a85b38850c Added roave security-advisories to composer
https://packagist.org/packages/roave/security-advisories
2018-02-22 13:22:13 -08:00
snipe b294635e17 Updated packages 2018-02-08 09:29:12 -08:00
snipe 9c108873e9 Trying 5.4.35 2017-12-12 16:32:45 -08:00
snipe 6fe5d00e9b Testing laravel 5.4.3 for PHP7.2 bug 2017-12-12 16:23:30 -08:00
snipe 30ec919048 Remove AWS package
We unfortunately can’t use it right now because it requires a symlink from the storage/app directory. Until we have a better way of checking for configuration issues and/or automatically handling that symlink creation, we’re pulling it for now, since it’s not used anywhere.
2017-11-06 21:45:31 -08:00
snipe 3a82fbe714 Switch to rollbar’s official package 2017-11-06 20:04:50 -08:00
snipe fbf516284c One more time… 2017-10-23 21:13:39 -07:00
snipe 3db25dca7a Downgrade doctrine for php5.6 2017-10-23 20:54:52 -07:00
snipe 0951a756cc Updated passport to 3.0
Re: https://stackoverflow.com/a/45029309/200021
via @robertpearce
2017-10-23 17:35:31 -07:00
Alex Markessinis 57422c9135 Added Redis support. (#4146)
* Fix forgotten password missing route (???)

* Fixes #4056 - check for assets before deleting user

* added predis/predis dependency to composer.json to support redis based cache/queue/session/broadcast
2017-10-09 15:39:20 -07:00
snipe 3687cbfdb3 Added rollbar support 2017-10-02 20:27:45 -07:00