LinuxServer Changes:
Rebasing to alpine 3.14.
snipe-it Changes:
⚠️ IMPORTANT: Later versions of Snipe-IT will require PHP 7.3 or greater. It is highly recommended you upgrade your version of PHP NOW.
(This is a requirement in order for us to be able to pull forward the dependencies that will allow us to support PHP8 and beyond moving forward.)
New in v5.3.0
Version 5.3.0 of Snipe-IT fixes some minor XSS security issues and includes some additions to the API, as well as some small bug-fixes. We're tagging this as v5.3.0 to encourage users to upgrade for the security improvements. (Yes, we know bumping it to a full minor version is not strictly adherent to semver, but we really want folks to upgrade.)
Added
- Added #10062: Added Support for Heroku Deployments [#10063]
- Added #9973 - add
use_default_eula
to category API endpoint [#10069] - Added #9969 - added
color
,show_in_nav
, anddefault_label
to status label API [#10070] - Upgraded Docker to PHP 7.4 [#10080]
- Added rewrite rule for Let's Encrypt certificates [#10082]
- Bumped number per page up to 1000
- Added totals to depreciation report footer [#10115]
- Add user permissions message if the user is not an admin or better
- Added assigned components to assets API (pass
?components=true
to the assets endpoint) [#10124] - Force revalidation headers when user logs out [#10164]
Fixed
- Fixed #10015 - Archived Assets Showing Under Locations/'Print All Assigned' Feature [#10079]
- Check for valid category name on print view of "print all assigned assets"
- Fixed issue where created_at date was not showing on uploads
- Fixed issue where
show_in_nav
was null (instead of zero) if no value passed - Fixed extraneous asset search in depreciation report [#10086]
- Improved Category API for
category_type
withstrtolower()
to make it case insensitive [#10112] - Fixed sorting on non-asset relations in API (FD23117) [#10114]
- Fixed issue where we tried to delete the file if there is no log entry in
AssetFilesController.php
- Check for admin rights before displaying admin permission options
- Fixed API Issue when checking out a component where remaining qty was 1 but the API would not allow you to checkout [#10122]
- Fixed JS code to handle the "enter key" / auto selections which had broken
- Fixed #9789 and Fixed #10088 and Fixed [fd23442] - Fix currency problems especially with European currency format [#10141]
- Fixed new department error importing users. [#10150]
- Fixed ownership of cache directory in Docker
- Set restore actions to
POST
requests instead ofGET
[#10165] - Fixed SVG XSS vuln [#10171]
- Fixed models preview - Use
Storage::
facade [#10172] - Throttle password reset requests to 5 every 60 seconds [#10180]
- Fixed possible XSS on all-file-types export [#10201]
For a full list of changes, see the complete changelog.
Upgrading
For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php
.