Commit graph

167 commits

Author SHA1 Message Date
snipe c0b6d5aa2c Upgraded guzzle to 7.4.5
Signed-off-by: snipe <snipe@snipe.net>
2022-06-24 17:01:24 -07:00
snipe 3dc4f56fb4 Update constraints to allow up to 8.2
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 17:23:41 -07:00
snipe 4c06a451b8 Upgraded dompdf
Signed-off-by: snipe <snipe@snipe.net>
2022-05-16 10:17:46 -07:00
Brady Wetherington 599d725d55 Just needed to adjust the hash so that the composer.lock is correct 2022-04-05 20:31:34 +01:00
Brady Wetherington 9bd04eb8c9 Use our forked version of the Laravel-SCIM-Server package (hopefully temporary) 2022-04-05 20:26:40 +01:00
Brady Wetherington 6756dd193e SCIM integration using the 're-do-the routes' approach, which seems like a dead-end
Cleaning up routes to match laravel-scim-server's recommended implementation

Some actually *working* changes for SCIM support?!

Whoops, forgot my route file

Fix public SCIM routes

Removed Ziggy, removed old generated file, yanked Ziggy references

Resolves the first set of comments for SCIM

Ensure all /api routes have baseUrl prepended

Fix the parent:: call to be, uh, actually correct :P

Clarify the route-ordering, as it is quite tricky

This gets it so that users can actually be saved..

Work around the lack of callbacks with some inheritance

Mapped a bunch more fields from SCIM into Snipe-IT's user table

More baseUrl shenanigans since we yanked Ziggy :/

Properly map job title and work with some other necessary attributes

Map more fields...

Finalized basic mapping for core and enterprise namespaces

Latest tuned settings for SCIM config to work with Azure (and others)
2022-04-05 20:26:37 +01:00
Joël Pittet 472c94ef89 Security updates to enshrined/svg-sanitize and guzzlehttp/psr7 2022-04-04 12:31:27 -07:00
Godfrey Martinez fe6a6740db
Merge branch 'develop' into feature/sc-15014/asset-acceptance-and-signed-eula-as-pdf 2022-03-22 10:10:56 -07:00
snipe d06ef4bdef Bumped lockfile
Signed-off-by: snipe <snipe@snipe.net>
2022-03-08 22:17:46 -08:00
snipe b876d0abb0 Merge remote-tracking branch 'origin/master' into develop
Signed-off-by: snipe <snipe@snipe.net>

# Conflicts:
#	.env.example
#	app/Http/Controllers/Auth/LoginController.php
#	app/Http/Kernel.php
#	app/Http/Transformers/ActionlogsTransformer.php
#	app/Importer/AssetImporter.php
#	app/Models/Accessory.php
#	app/Models/Consumable.php
#	app/Presenters/AccessoryPresenter.php
#	app/Presenters/ComponentPresenter.php
#	app/Presenters/ConsumablePresenter.php
#	app/Providers/AuthServiceProvider.php
#	composer.json
#	composer.lock
#	config/app.php
#	config/cors.php
#	config/version.php
#	package-lock.json
#	public/js/build/app.js
#	public/js/build/app.js.LICENSE.txt
#	public/js/dist/all.js
#	public/mix-manifest.json
#	resources/views/accessories/view.blade.php
#	resources/views/consumables/view.blade.php
#	resources/views/settings/saml.blade.php
#	routes/api.php
2022-03-03 21:59:38 -08:00
Godfrey M 533670f3f1 faulty method for converting asset acceptance to pdf 2022-02-24 14:50:16 -08:00
Brady Wetherington 15abc84ab0 Migrate to Fruitcake/laravel-cors which has path-exclusion built-in 2022-02-23 11:06:19 -08:00
Brady Wetherington 3c7f2e89ec Merge branch 'develop' into remove_old_ldap
Had to re-do the composer install because the conflicts were too complicated.
2022-01-03 12:56:58 -08:00
snipe 406211d2fe Move mockery to require-dev
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:22:46 -08:00
snipe fb06c136b9 Added mockery (because reasons?)
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:11:14 -08:00
snipe 957d092844 Upgraded phpunit to v9
Signed-off-by: snipe <snipe@snipe.net>
2021-12-02 11:04:04 -08:00
snipe d96e95abd6 Small mods to configs, removed old faker, added new
Signed-off-by: snipe <snipe@snipe.net>
2021-12-01 13:46:21 -08:00
snipe d08c1787a1 First steps at getting dusk working
Signed-off-by: snipe <snipe@snipe.net>
2021-11-30 20:09:29 -08:00
Brady Wetherington 25d72d2978 Make composer install work on 7.4 as well as 8.0 2021-11-09 13:06:24 -08:00
Brady Wetherington ec030e9e1f Tweak some version requirements to make composer install run under phpv8 2021-11-08 21:19:23 -08:00
Brady Wetherington 4dda28de9e WIP: cleaning up LDAP 2021-10-28 18:19:50 -07:00
Brady Wetherington d80604f2ac Most of the basics are working, but not done and lots of debug messages are about
I picked up the change that picked a point-release difference on the AWS library since that usually
works out for us (x.y.1 vs. x.y.2 - usually a good call)
2021-10-04 22:06:48 -07:00
Brady Wetherington 3a73fa19f0 Try to generate a new composer lockfile under PHP 7.3 2021-09-29 10:53:44 -07:00
snipe 61cf9ec009 Small conflict handling bits
Signed-off-by: snipe <snipe@snipe.net>
2021-09-22 00:00:44 -07:00
snipe 7d1c2199ed Attempted to re-bound to lowest php version possible
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:29:43 -07:00
snipe d8191f738c Updated flysystem to 1.1.4 for critical security update
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:04:42 -07:00
Godfrey Martinez 246cc0eaa8
Feature/ch16172/adding other fields to ldap sync settings (#9416)
* new branch, added manager as an additional field. Currently having DB issues

* WIP DB Issue with eloquent

* added department to LDAP sync

* removed unused variables
2021-04-14 10:17:57 -07:00
snipe c8e172ec6b Downgrade packages
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 20:03:09 -07:00
snipe 1b890ffcc5 Added collision 2021-03-17 15:45:00 -07:00
snipe 89ab4bb86f Revert "Added PHP8 compatibility [experimental]"
This reverts commit 3873f14971.

# Conflicts:
#	composer.lock
2021-03-09 13:38:38 -08:00
snipe 707a68fc54 Rollback :( 2021-03-09 13:15:00 -08:00
snipe 2d6dcb6b3b Applying fix for Undefined class constant 'EM_AES_256' in spatie
https://github.com/spatie/laravel-backup/discussions/1247
2021-03-09 12:52:26 -08:00
snipe 3873f14971 Added PHP8 compatibility [experimental] 2021-03-09 12:39:49 -08:00
snipe 1e062d4fc8 Re-applying laravel update with PHP min 7.2.5 2021-02-02 20:58:15 -08:00
snipe ca37de5e45 Ugh. Rolling back composer.lock
Everything sucks
2021-02-02 20:44:07 -08:00
snipe 9ba2fd93c1 Reverted Laravel upgrade :( 2021-02-02 20:34:23 -08:00
Brady Wetherington b09ded2a3b
Upgrade laravel (#9081)
* Hotfix to develop to yank extraneous e()

* Upgrade Laravel release only to a later 6.18.x version

* Upgrade Laravel to 6.x and Passport 9.x, the recommended versions
2021-02-02 20:22:36 -08:00
snipe d3d96c8285 Reverted composer until we can figure out wtf happened 2020-12-15 17:25:17 -08:00
snipe bf34385c3e Temp revert to old slack library
Getting a weird error, need to troubleshoot remotely
2020-12-15 13:43:18 -08:00
snipe cb184a9687 Updated composer.lock with newer packages 2020-12-14 17:46:39 -08:00
snipe 8504c9e8b9 Added phplint to dev in composer 2020-11-16 19:08:04 -08:00
Johnson Yi b2930d6069 Added #542: add saml authentication 2020-05-06 00:06:19 +10:00
snipe c5e587f33b
Added codeception testing modules for —dev 2020-04-21 20:15:45 -07:00
snipe 5dc64ea91b
Re-added EasySlugger to fix tests 2020-04-21 19:28:24 -07:00
snipe 3cb4672ffe
Updated composer 2020-04-21 02:47:12 -07:00
snipe 450c1b9d56
Updated faker library to be compatible with PHP 7.4 2020-04-08 11:13:15 -07:00
snipe 5307e57bd9 Fix for CVE-2019-10772
Vuln in SVG sanitizer library
2020-03-04 22:15:31 -08:00
snipe e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] (#7639)
* Added enshrined/svg-sanitize

* Added modular image resizing/SVG cleaning method

(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)

* Use improved handleImages method to upload/resize/clean images

* Removed $old_image

This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe 3f5840d390 Bumped vendor files 2019-12-05 19:53:01 -08:00
dependabot[bot] d3f4205f09 Bump symfony/http-foundation from 3.4.30 to 3.4.36 (#7638)
Bumps [symfony/http-foundation](https://github.com/symfony/http-foundation) from 3.4.30 to 3.4.36.
- [Release notes](https://github.com/symfony/http-foundation/releases)
- [Changelog](https://github.com/symfony/http-foundation/blob/master/CHANGELOG.md)
- [Commits](https://github.com/symfony/http-foundation/compare/v3.4.30...v3.4.36)

Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 19:37:00 -08:00
snipe ba197c8857 Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4 2019-08-15 03:02:24 -07:00
snipe 3dc2cc9f22
CORS for api (#7292)
* Added CORS support to API

* Changed order so CORS will still work if throttle hit

* Added APP_CORS_ALLOWED_ORIGINS env option

* Fixed typo

* Clarified header comments

* More clarification

* DIsable CORS allowed origins by default to replicate existing behavior

* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe 740d5a6846 Downgrading rollbar for Laravel 5.5 2019-06-25 18:07:21 -07:00
snipe d1a8955ef9 Bumped packages 2019-05-23 19:09:14 -07:00
snipe 77c3b8f8c1 Updated packages 2019-05-22 00:07:49 -07:00
snipe c944304444 Updated packages
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
  - Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
  - Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
  - Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
  - Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
  - Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
  - Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
  - Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
  - Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
2019-05-20 10:10:46 -07:00
snipe d1e9fbfa24 Updated compoer 2019-03-20 02:37:44 -07:00
snipe da015ec4a8
Fixed #6834 and #6402 - use inline QR code generation for 2FA (#6840)
* Fixed  #6834 and #6402 - use inline QR code generation for

* Update auth controllers to use translations

* Updated composer lock

* Added comments

* Moar comments

* Typo
2019-03-20 01:24:31 -07:00
snipe 601c129bbf Embed images in emails 2019-01-17 20:45:24 -08:00
snipe d6f8d1b464 Updated composer lock 2018-10-19 16:40:54 -07:00
snipe ec7245965f Bumped to rollbar 2.4.1
https://github.com/rollbar/rollbar-php-laravel/issues/65
2018-10-04 17:09:12 -07:00
snipe a52575c7bf Lock rollbar to v2.3.0
https://github.com/rollbar/rollbar-php-laravel/issues/65
https://github.com/rollbar/rollbar-php-laravel/issues/67
2018-10-04 12:11:36 -07:00
snipe 1014bd74e0 Updated rollbar 2018-10-03 14:58:14 -07:00
snipe db385e024b Possible proxy issue fix 2018-10-03 13:04:25 -07:00
snipe bcb966af12 Updated composer 2018-07-17 14:17:02 -07:00
snipe aea37467d8 Attempt to add codeclimate test coverage 2018-02-22 22:34:08 -08:00
snipe a85b38850c Added roave security-advisories to composer
https://packagist.org/packages/roave/security-advisories
2018-02-22 13:22:13 -08:00
snipe b294635e17 Updated packages 2018-02-08 09:29:12 -08:00
snipe 9c108873e9 Trying 5.4.35 2017-12-12 16:32:45 -08:00
snipe 6fe5d00e9b Testing laravel 5.4.3 for PHP7.2 bug 2017-12-12 16:23:30 -08:00
snipe 30ec919048 Remove AWS package
We unfortunately can’t use it right now because it requires a symlink from the storage/app directory. Until we have a better way of checking for configuration issues and/or automatically handling that symlink creation, we’re pulling it for now, since it’s not used anywhere.
2017-11-06 21:45:31 -08:00
snipe 3a82fbe714 Switch to rollbar’s official package 2017-11-06 20:04:50 -08:00
snipe fbf516284c One more time… 2017-10-23 21:13:39 -07:00
snipe 3db25dca7a Downgrade doctrine for php5.6 2017-10-23 20:54:52 -07:00
snipe 0951a756cc Updated passport to 3.0
Re: https://stackoverflow.com/a/45029309/200021
via @robertpearce
2017-10-23 17:35:31 -07:00
Alex Markessinis 57422c9135 Added Redis support. (#4146)
* Fix forgotten password missing route (???)

* Fixes #4056 - check for assets before deleting user

* added predis/predis dependency to composer.json to support redis based cache/queue/session/broadcast
2017-10-09 15:39:20 -07:00
snipe 3687cbfdb3 Added rollbar support 2017-10-02 20:27:45 -07:00
Daniel Meltzer c2616412c0 Add laravel routes to javascript (#4092)
* Add laravel routes to javascript

This will clean up a lot of passing of urls.  Adds a route() helper and
everything...

This commit also moves the customfield fetching to only be fetched once
and shared with each file, rather than once for each file.

* Try to fix travis unit test things.

* Downgrade doctrine/inflector for php5

* Attempt to occasional seeder issues on travis if the asset does not generate validatable data.

* Update sql dump for functional tests.

* Try to fix api tests.
2017-10-01 12:59:55 -07:00
Daniel Meltzer e8a0c44e93 Update some composer dependencies to try to fix everything breaking in subdirectories. Attempts to fix #4052, it seems to help here. (#4078) 2017-09-29 17:05:20 -07:00
snipe 72dacda4f9 Trying again to resolve doctrine/php7 issue 2017-08-22 21:58:42 -07:00
snipe 9c2b986bb0 Fixes doctrine/etc compatibility issue
See: https://github.com/laravel/framework/issues/20490
2017-08-22 21:51:50 -07:00
snipe 9bda62d295 ADDED: Password rules for complexity, min length, rejecting common passwords 2017-08-22 20:32:39 -07:00
snipe 6a73ec6537 First stab at a recrypter for legacy mcrypt conversion 2017-08-21 22:30:56 -07:00
snipe 8aa920ca3a Update composer 2017-07-07 12:59:59 -07:00
snipe 0242283a11 Updated composer 2017-06-23 18:56:42 -07:00
snipe 95d1612234 Updated composer 2017-06-23 18:52:21 -07:00
snipe 9338b37b74 Try to fix the datepicker :(
Webpack has fucked everything. I hate everything.
2017-06-06 00:51:41 -07:00
snipe f6be7caaeb Updated composer to prevent ambiguous warnings 2017-04-27 18:50:00 -07:00
snipe 5ad9e8585d New composer options 2017-04-27 05:24:30 -07:00
snipe 6fbf45554b Updated phpunit, removed post install and post update commands to see if that fixes upgrade issues 2017-04-27 02:28:22 -07:00
snipe f4cdeaa956 Fixes #3514 - move tinker requirement out of dev 2017-04-25 07:46:56 -07:00
Daniel Meltzer 1bb89db451 A few fixes (#3437)
* This method was renamed, so we need to rename the eager load

* Readd tinker to the composer dev packages.

* Update sql dump for functional tests.
2017-03-31 13:48:31 -07:00
snipe 0469a44582 Bumped codeception version to fix travis breakage
Tests are still failing, but for the right reasons now
2017-03-11 17:12:21 -08:00
snipe 0c3840503e Laravel 5.4 2017-02-02 18:54:54 -08:00
snipe d02a7064e3 Added patchwork for fallback for systems without intl 2017-01-26 04:52:30 -08:00
snipe 481722507d Composer update 2017-01-25 21:33:11 -08:00
snipe dc47a0fad6 Fixes #2551 - use UTF-8 safe slugging for MySQL columns 2017-01-25 18:38:20 -08:00
Daniel Meltzer a2bf685901 Seeds and tests (#3210)
* Update composer phpcs

* Fix failing model validation in the database seeders.  Should make travis happy.  Also fix a few test issues
2017-01-18 16:50:33 -08:00
snipe 1d2489cf9c Updated composer lock 2017-01-11 14:53:51 -08:00
Daniel Meltzer 816d2fd095 More minor fixes (#3126)
* Update composer phpcs

* Minor Fixes found while working.
ALlow user_id to be nullable in category model validation

Point to the correct route in accessoriespresenter datatable.  Also add name() method

Add a translated category name

Fix typo in translation

* Add a method to the asset presenter to show deployed when asset is deployed.  Fixes #3114
2017-01-03 16:55:43 -08:00