Joël Pittet
96cd90f842
Security fixes to master branch
2022-04-04 11:04:06 -07:00
Brady Wetherington
15abc84ab0
Migrate to Fruitcake/laravel-cors which has path-exclusion built-in
2022-02-23 11:06:19 -08:00
snipe
7d1c2199ed
Attempted to re-bound to lowest php version possible
...
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:29:43 -07:00
snipe
d8191f738c
Updated flysystem to 1.1.4 for critical security update
...
Signed-off-by: snipe <snipe@snipe.net>
2021-06-23 16:04:42 -07:00
Godfrey Martinez
246cc0eaa8
Feature/ch16172/adding other fields to ldap sync settings ( #9416 )
...
* new branch, added manager as an additional field. Currently having DB issues
* WIP DB Issue with eloquent
* added department to LDAP sync
* removed unused variables
2021-04-14 10:17:57 -07:00
snipe
c8e172ec6b
Downgrade packages
...
Signed-off-by: snipe <snipe@snipe.net>
2021-03-17 20:03:09 -07:00
snipe
1b890ffcc5
Added collision
2021-03-17 15:45:00 -07:00
snipe
89ab4bb86f
Revert "Added PHP8 compatibility [experimental]"
...
This reverts commit 3873f14971
.
# Conflicts:
# composer.lock
2021-03-09 13:38:38 -08:00
snipe
707a68fc54
Rollback :(
2021-03-09 13:15:00 -08:00
snipe
2d6dcb6b3b
Applying fix for Undefined class constant 'EM_AES_256' in spatie
...
https://github.com/spatie/laravel-backup/discussions/1247
2021-03-09 12:52:26 -08:00
snipe
3873f14971
Added PHP8 compatibility [experimental]
2021-03-09 12:39:49 -08:00
snipe
1e062d4fc8
Re-applying laravel update with PHP min 7.2.5
2021-02-02 20:58:15 -08:00
snipe
ca37de5e45
Ugh. Rolling back composer.lock
...
Everything sucks
2021-02-02 20:44:07 -08:00
snipe
9ba2fd93c1
Reverted Laravel upgrade :(
2021-02-02 20:34:23 -08:00
Brady Wetherington
b09ded2a3b
Upgrade laravel ( #9081 )
...
* Hotfix to develop to yank extraneous e()
* Upgrade Laravel release only to a later 6.18.x version
* Upgrade Laravel to 6.x and Passport 9.x, the recommended versions
2021-02-02 20:22:36 -08:00
snipe
d3d96c8285
Reverted composer until we can figure out wtf happened
2020-12-15 17:25:17 -08:00
snipe
bf34385c3e
Temp revert to old slack library
...
Getting a weird error, need to troubleshoot remotely
2020-12-15 13:43:18 -08:00
snipe
cb184a9687
Updated composer.lock with newer packages
2020-12-14 17:46:39 -08:00
snipe
8504c9e8b9
Added phplint to dev in composer
2020-11-16 19:08:04 -08:00
Johnson Yi
b2930d6069
Added #542 : add saml authentication
2020-05-06 00:06:19 +10:00
snipe
c5e587f33b
Added codeception testing modules for —dev
2020-04-21 20:15:45 -07:00
snipe
5dc64ea91b
Re-added EasySlugger to fix tests
2020-04-21 19:28:24 -07:00
snipe
3cb4672ffe
Updated composer
2020-04-21 02:47:12 -07:00
snipe
450c1b9d56
Updated faker library to be compatible with PHP 7.4
2020-04-08 11:13:15 -07:00
snipe
5307e57bd9
Fix for CVE-2019-10772
...
Vuln in SVG sanitizer library
2020-03-04 22:15:31 -08:00
snipe
e71e57f16a
Fixed XSS vulnerability in SVG image uploads [ch10476] ( #7639 )
...
* Added enshrined/svg-sanitize
* Added modular image resizing/SVG cleaning method
(This already exists in v5, so I mostly ported it forward and added the SVG sanitizer.)
* Use improved handleImages method to upload/resize/clean images
* Removed $old_image
This is handled in the ImageUpload request now
2019-12-05 22:23:05 -08:00
snipe
3f5840d390
Bumped vendor files
2019-12-05 19:53:01 -08:00
dependabot[bot]
d3f4205f09
Bump symfony/http-foundation from 3.4.30 to 3.4.36 ( #7638 )
...
Bumps [symfony/http-foundation](https://github.com/symfony/http-foundation ) from 3.4.30 to 3.4.36.
- [Release notes](https://github.com/symfony/http-foundation/releases )
- [Changelog](https://github.com/symfony/http-foundation/blob/master/CHANGELOG.md )
- [Commits](https://github.com/symfony/http-foundation/compare/v3.4.30...v3.4.36 )
Signed-off-by: dependabot[bot] <support@github.com>
2019-12-05 19:37:00 -08:00
snipe
ba197c8857
Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4
2019-08-15 03:02:24 -07:00
snipe
3dc2cc9f22
CORS for api ( #7292 )
...
* Added CORS support to API
* Changed order so CORS will still work if throttle hit
* Added APP_CORS_ALLOWED_ORIGINS env option
* Fixed typo
* Clarified header comments
* More clarification
* DIsable CORS allowed origins by default to replicate existing behavior
* Change variable name to be clearer
2019-07-26 12:38:31 -07:00
snipe
740d5a6846
Downgrading rollbar for Laravel 5.5
2019-06-25 18:07:21 -07:00
snipe
d1a8955ef9
Bumped packages
2019-05-23 19:09:14 -07:00
snipe
77c3b8f8c1
Updated packages
2019-05-22 00:07:49 -07:00
snipe
c944304444
Updated packages
...
- Updating erusev/parsedown (v1.7.2 => 1.7.3): Downloading (100%)
- Updating squizlabs/php_codesniffer (3.4.1 => 3.4.2): Downloading (100%)
- Updating symfony/polyfill-mbstring (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/var-dumper (v3.4.23 => v3.4.27): Downloading (100%)
- Updating league/flysystem (1.0.50 => 1.0.51): Downloading (100%)
- Updating symfony/translation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating nesbot/carbon (1.36.2 => 1.37.1): Downloading (100%)
- Updating symfony/debug (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/console (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/finder (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-ctype (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php70 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/http-foundation (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/event-dispatcher (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/http-kernel (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/process (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/routing (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/polyfill-util (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/polyfill-php56 (v1.10.0 => v1.11.0): Downloading (100%)
- Updating symfony/psr-http-message-bridge (v1.1.1 => v1.1.2): Downloading (failed)
Downloading (100%)
- Updating rollbar/rollbar (v1.7.5 => v1.8.1): Downloading (100%)
- Updating symfony/yaml (v3.4.23 => v3.4.27): Downloading (100%)
- Updating symfony/browser-kit (v3.4.23 => v3.4.27): Downloading (100%)
2019-05-20 10:10:46 -07:00
snipe
d1e9fbfa24
Updated compoer
2019-03-20 02:37:44 -07:00
snipe
da015ec4a8
Fixed #6834 and #6402 - use inline QR code generation for 2FA ( #6840 )
...
* Fixed #6834 and #6402 - use inline QR code generation for
* Update auth controllers to use translations
* Updated composer lock
* Added comments
* Moar comments
* Typo
2019-03-20 01:24:31 -07:00
snipe
601c129bbf
Embed images in emails
2019-01-17 20:45:24 -08:00
snipe
d6f8d1b464
Updated composer lock
2018-10-19 16:40:54 -07:00
snipe
ec7245965f
Bumped to rollbar 2.4.1
...
https://github.com/rollbar/rollbar-php-laravel/issues/65
2018-10-04 17:09:12 -07:00
snipe
a52575c7bf
Lock rollbar to v2.3.0
...
https://github.com/rollbar/rollbar-php-laravel/issues/65
https://github.com/rollbar/rollbar-php-laravel/issues/67
2018-10-04 12:11:36 -07:00
snipe
1014bd74e0
Updated rollbar
2018-10-03 14:58:14 -07:00
snipe
db385e024b
Possible proxy issue fix
2018-10-03 13:04:25 -07:00
snipe
bcb966af12
Updated composer
2018-07-17 14:17:02 -07:00
snipe
aea37467d8
Attempt to add codeclimate test coverage
2018-02-22 22:34:08 -08:00
snipe
a85b38850c
Added roave security-advisories to composer
...
https://packagist.org/packages/roave/security-advisories
2018-02-22 13:22:13 -08:00
snipe
b294635e17
Updated packages
2018-02-08 09:29:12 -08:00
snipe
9c108873e9
Trying 5.4.35
2017-12-12 16:32:45 -08:00
snipe
6fe5d00e9b
Testing laravel 5.4.3 for PHP7.2 bug
2017-12-12 16:23:30 -08:00
snipe
30ec919048
Remove AWS package
...
We unfortunately can’t use it right now because it requires a symlink from the storage/app directory. Until we have a better way of checking for configuration issues and/or automatically handling that symlink creation, we’re pulling it for now, since it’s not used anywhere.
2017-11-06 21:45:31 -08:00
snipe
3a82fbe714
Switch to rollbar’s official package
2017-11-06 20:04:50 -08:00