Commit graph

12581 commits

Author SHA1 Message Date
snipe a76a69d085 Fixed incorrect string for location not existing
Signed-off-by: snipe <snipe@snipe.net>
2024-02-13 20:23:32 +00:00
snipe 60ba898167
Merge pull request #14255 from marcusmoore/chore/sc-24805
Added LDAP group tag to LDAP tests
2024-02-13 13:42:51 +00:00
snipe 2c9d5b9ea3
Merge pull request #14247 from ubc-cpsc/bugfix/CVE-2023-37260
Fixes CVE-2023-37260 upgrading league/oauth2-server
2024-02-13 13:40:53 +00:00
snipe eb6e2636b5
Merge pull request #14246 from ubc-cpsc/bugfix/CVE-2022-24894
Fixes CVE-2022-24894 by upgrading symfony/http-kernel
2024-02-13 13:40:33 +00:00
snipe 4c1964d509
Merge pull request #14245 from ubc-cpsc/bugfix/CVE-2024-24821
Fixes CVE-2024-24821 by upgrading composer/composer
2024-02-13 13:39:16 +00:00
snipe 7547277352
Merge pull request #14236 from snipe/jerm/upgrade-script-enhancements
Change how we check forward-looking upgrade requirements
2024-02-13 13:38:35 +00:00
snipe 3e00bc49fd
Merge pull request #14250 from mauro-miatello/develop
Cleaned up navbar-custom-menu
2024-02-13 13:33:03 +00:00
snipe 99e0b65de7
Merge pull request #14256 from marcusmoore/bug/sc-24790
Fixed accessory check in emails being sent when setting disabled
2024-02-13 13:32:42 +00:00
Jeremy Price f4c1460c2b remove help text options until i put together the help text 2024-02-12 19:18:26 -08:00
Jeremy Price bb2e1de0a8 Change how we check forward-looking upgrade requirements
In https://github.com/snipe/snipe-it/pull/14128 we added the capability
for the upgrade.php script to check version requirements _before_
downloading the new source, to help keep from breaking installations.

Turns out, `file_get_contents()` isn't a reliable way to grab a url, because
some systems have `allow_url_fopen` turned off in their PHP
configurations.

In this iteration, we swap that out for a curl function, while also
adding more error handling, the ability to entirely skip the
PHP version checks if for some reason you Just Can't query the upgrade
json correctly, as well as adding a lot of helpful text around the whole
issue.

Additionally, I've added some error checking around DB backups and
initial artisan down-ing, since shell_exec would happily march right
past any errors.
2024-02-12 19:18:26 -08:00
Marcus Moore 7154d23759
Pass the correct variable to the route helper 2024-02-12 16:45:18 -08:00
Marcus Moore df23fd0dee
Remove usused import 2024-02-12 16:35:54 -08:00
Marcus Moore adfb8895df
Improve factory state name 2024-02-12 16:31:32 -08:00
Marcus Moore c8e12ddb5c
Remove bug in factory state 2024-02-12 16:30:09 -08:00
Marcus Moore 5b181ecea7
Remove old comment 2024-02-12 16:29:34 -08:00
Marcus Moore 728aaaab20
Ensure accessory check in emails are not sent when the setting is disabled 2024-02-12 16:22:59 -08:00
Marcus Moore 095a7d9b34
Scaffold tests around accessory check in 2024-02-12 12:54:48 -08:00
Marcus Moore cf53f2778f
Add LDAP test cases to group 2024-02-12 12:28:27 -08:00
snipe 65e20282b6
Merge pull request #14251 from snipe/dependabot/github_actions/develop/codacy/codacy-analysis-cli-action-4.4.0
Bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0
2024-02-12 08:35:30 +00:00
dependabot[bot] 405c5b5ad0
Bump codacy/codacy-analysis-cli-action from 4.3.0 to 4.4.0
Bumps [codacy/codacy-analysis-cli-action](https://github.com/codacy/codacy-analysis-cli-action) from 4.3.0 to 4.4.0.
- [Release notes](https://github.com/codacy/codacy-analysis-cli-action/releases)
- [Commits](https://github.com/codacy/codacy-analysis-cli-action/compare/v4.3.0...v4.4.0)

---
updated-dependencies:
- dependency-name: codacy/codacy-analysis-cli-action
  dependency-type: direct:production
  update-type: version-update:semver-minor
...

Signed-off-by: dependabot[bot] <support@github.com>
2024-02-12 08:33:17 +00:00
MrM 6f0fe16b87
Update default.blade.php
removed some repeated attributes
2024-02-11 18:45:37 +01:00
snipe 111daffc17
Merge pull request #14188 from spencerrlongg/bug/14146
Fixes Default Location Being Set During Asset Creation and Checkout
2024-02-10 11:47:46 +00:00
Joël Pittet b8a478f558 Fixes by CVE-2023-37260 upgrading league/oauth2-server 2024-02-09 17:24:07 -08:00
Joël Pittet 9f7084d077 Revert "Fixes by CVE-2022-24894 upgrading league/oauth2-server"
This reverts commit 0840cd3df3.
2024-02-09 17:22:36 -08:00
Joël Pittet 0840cd3df3 Fixes by CVE-2022-24894 upgrading league/oauth2-server 2024-02-09 17:21:24 -08:00
Joël Pittet cefdaf9a9b Fixes CVE-2022-24894 2024-02-09 17:17:44 -08:00
Joël Pittet 13335b19e9 Fixes CVE-2024-24821 2024-02-09 17:04:34 -08:00
snipe 513ea67e7d
Merge pull request #14244 from snipe/fixes/null_barcode_if_hard_deleted
Return null if asset was hard-deleted/purged
2024-02-09 21:09:17 +00:00
snipe 3868e711f4 Return null if asset was hard-deleted/purged
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 21:08:07 +00:00
snipe c12e1f6d6c
Merge pull request #14243 from snipe/fixes/reports_controller_when_item_is_deleted
Fixed ReportsController to not try to return a serial if the item doesn’t exist
2024-02-09 20:54:37 +00:00
snipe 479abd5231 Do not try to return a serial if the item doesn’t exist
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:53:33 +00:00
snipe 55b3050ca8 Re-applied previous withTrashed PR
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:37:18 +00:00
snipe 2c996a8508
Merge pull request #14241 from snipe/revert-14240-feature/sc-24786
Revert "Fixed barcodes crashing if asset was deleted"
2024-02-09 20:36:02 +00:00
snipe 84f8eee869
Revert "Fixed barcodes crashing if asset was deleted" 2024-02-09 20:35:45 +00:00
snipe 590c19dbd7
Merge pull request #14240 from snipe/feature/sc-24786
Feature/sc 24786
2024-02-09 20:28:31 +00:00
snipe fa47707974 Use withTrashed() to get the barcode on deleted assets
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:26:49 +00:00
snipe ca62481083 Added button and route
Signed-off-by: snipe <snipe@snipe.net>
2024-02-09 20:23:13 +00:00
snipe f4fc845375 Updated dev assets
Signed-off-by: snipe <snipe@snipe.net>
2024-02-08 23:06:47 +00:00
snipe a7af987322
Merge pull request #14229 from Godmartinz/select2-target-fix
Fixed select inputs un-select2-ifying on mobile
2024-02-08 23:04:55 +00:00
Godfrey M c4eaae923a removed vue comments since they do not apply anymore 2024-02-08 15:02:47 -08:00
snipe 849ba02516
Merge pull request #14187 from Godmartinz/general-hook_fix
Fixed the general webhook not notifying anymore
2024-02-08 23:01:36 +00:00
Godfrey Martinez 9dcd14a712
Merge branch 'develop' into general-hook_fix 2024-02-08 14:59:25 -08:00
snipe a3b96aff1f
Merge pull request #14233 from uberbrady/prevent_svg_injection_with_fake_extensions_rebased
Fixes file upload XSS vulnerability [sc-24156]
2024-02-08 14:56:59 +00:00
Brady Wetherington 9bb191f29f Fixes file upload XSS vulnerability [sc-24156] 2024-02-08 14:30:40 +00:00
snipe 4a43ccfa92
Merge pull request #14228 from akemidx/bug/sc-23516
Fixed: 404 Error on Importer When Uploading a .csv Under Certain Circumstance
2024-02-08 13:43:07 +00:00
Godfrey M b73e8642d3 removed unnecessary changes 2024-02-06 13:06:21 -08:00
Godfrey M cfe2277a64 forgot to remove comment line 2024-02-06 13:05:04 -08:00
akemidx e776c2cffa formatting the button tag 2024-02-06 15:51:04 -05:00
Godfrey M ca59bc3c9c removes if statement that prevents select2-ifying inputs 2024-02-06 12:46:17 -08:00
akemidx 575362f4dc adding in line to null out the active file on click of button 2024-02-06 15:38:07 -05:00