CI Report:
https://ci-tests.linuxserver.io/linuxserver/snipe-it/v7.1.14-ls305/index.html
LinuxServer Changes:
Rebase to Alpine 3.20. Existing users should update their nginx confs to avoid http2 deprecation warnings.
snipe-it Changes:
Caution
This is a security release. All Snipe-IT users are strongly encouraged to upgrade.
We seem to be getting a lot of mileage from that gif these days. 🫠
This is a security release that handles several CVEs, including CVE-2024-52301, which was just patched in the Laravel core yesterday.
While hosted customers were NOT affected (we do not have register_argc_argv enabled on any of our servers), self-hosted community users and support-only customers are encouraged to upgrade as soon as possible, or at the very least make sure that setting is not enabled in your php.ini.
In addition to the security patches, we have also added some new features, such as:
- Ability to import Asset Models (without accompanying assets) via the Importer
- Ability to override or null out the EOL date for assets via the asset bulk edit screen
- Optimized some queries and indexes to speed things up a bit
- Fixed a bug where OU was accidentally required to create locations via the GUI
- Miscellaneous UI improvements and fixes
- Full changelog can be found below
As always, still lots more on deck.
PS - we will likely be discontinuing posting updates on our Twitter account moving forward. Instead, find us in these other places:
- Join our Discord!
- Bluesky at @snipeitapp.com
- Mastodon at @grokability@hachyderm.io
- Our blog at Grokstar.Dev
- Subscribe here on Github for notifications about new releases. (Click on "Watch" on the main repo page, then go to "Custom" and check the box that says "Releases".)
FYI, in our excitement to get this released, we mistakenly tagged this as 7.1.14 instead of 7.0.14 (yay, automation, amirite?) Unfortunately, deleting tags makes this more difficult for the docker folks, so we're just running with it. Sorry for the confusion, but you didn't miss anything, it was just a simple typo. We'll update the version.php file so at least they both agree.
What's Changed
- Fixed numeric sort 'ambiguous order clause' error by @uberbrady in snipe/snipe-it#15610
- Fixed print assigned in profile by @snipe in snipe/snipe-it#15612
- Smarter word-wrapping on long text by @snipe in snipe/snipe-it#15613
- Add Import data tests by @bryanlopezinc in snipe/snipe-it#15579
- Removed duplicate JS and removed line break before user section by @snipe in snipe/snipe-it#15624
- Docker Env: Change trusted proxies to RFC1918 by @sniff122 in snipe/snipe-it#15621
- Added
Model::reguard()to importer by @marcusmoore in snipe/snipe-it#15603 - Improve importer tests by @marcusmoore in snipe/snipe-it#15616
- Only show EULA when available on print users page by @marcusmoore in snipe/snipe-it#15630
- Add importer tests by @marcusmoore in snipe/snipe-it#15631
- Fix bulk checkout to users, assets, and locations by @uberbrady in snipe/snipe-it#15642
- Fixed badge counter showing deleted assets on user detail page by @akemidx in snipe/snipe-it#15637
- Fixed #15439 - check database on healthcheck by @snipe in snipe/snipe-it#15601
- Updated livewire to 3.5.2 by @snipe in snipe/snipe-it#15648
- Switched to form requests for settings to better indicate invalid data by @snipe in snipe/snipe-it#15644
- Fixed #15651 - admin user now displaying on maintenances page by @snipe in snipe/snipe-it#15653
- Added tests for accessory api controller by @marcusmoore in snipe/snipe-it#15533
- Fixes #15654 Fix asset creation with API and FullMultipleCompanySupport by @Toreg87 in snipe/snipe-it#15655
- Refactor asset creation with API by @Toreg87 in snipe/snipe-it#15660
- Added LLM note by @snipe in snipe/snipe-it#15666
- Fixed #15663 - remove requiredness for OU by @snipe in snipe/snipe-it#15669
- Fixed
updated_atfor sort in users API by @snipe in snipe/snipe-it#15671 - Clean up how we use the
$locationin LDAP sync command by @uberbrady in snipe/snipe-it#15672 - Fix outdated comment in CompanyableTrait by @Toreg87 in snipe/snipe-it#15683
- Bulk checkout to bulk actions for assets by @uberbrady in snipe/snipe-it#15680
- Removed second icon in accessory file list by @marcusmoore in snipe/snipe-it#15704
- Added test to ensure icon component does not end in newline by @marcusmoore in snipe/snipe-it#15705
- Removed brianium/paratest by @marcusmoore in snipe/snipe-it#15693
- Linked accessory files in activity report by @marcusmoore in snipe/snipe-it#15703
- Fix user creation with FullMultipleCompanySupport enabled over API by @Toreg87 in snipe/snipe-it#15676
- Fixed custom field existence validation Issue by @spencerrlongg in snipe/snipe-it#15598
- Improve import performance by @bryanlopezinc in snipe/snipe-it#15649
- Better handle inline files in file listing by @snipe in snipe/snipe-it#15689
- Fixed Status Labels Error Message by @Godmartinz in snipe/snipe-it#15566
- Fixed #15686: Corrected capitalization for dashboard section titles by removing
strtolower()by @NebelKreis in snipe/snipe-it#15687 - Updated
Company::getIdForCurrentUser()to return null in certain scenarios by @marcusmoore in snipe/snipe-it#15691 - Fixes #15701 - load avif files properly in lightbox by @snipe in snipe/snipe-it#15710
- Fixed custom field checkboxes on asset edit page by @marcusmoore in snipe/snipe-it#15711
- Fixed #15717 - Added ability to checkout consumables in variable qty via API by @snipe in snipe/snipe-it#15719
- Fixed #15695 - Added manufacturer and model_number to components by @snipe in snipe/snipe-it#15720
- Fixed Component Factory: use manufacturer factory for
manufactuer_idby @Godmartinz in snipe/snipe-it#15722 - Upgraded
livewire v3.5.9 => v3.5.12by @Godmartinz in snipe/snipe-it#15712 - Fixed multi create partial failure (fixes: [RB-18591]) by @uberbrady in snipe/snipe-it#15550
- Added the display of logs when tests fail in GitHub Actions by @marcusmoore in snipe/snipe-it#15744
- Separated Notifications and Emails: Check ins and Check outs by @Godmartinz in snipe/snipe-it#15681
- changes
admin_cc_emailvalidation to allow an array by @Godmartinz in snipe/snipe-it#15756 - Fixed
${var}deprecation warning in License model by @jerm in snipe/snipe-it#15758 - Fixed MS Team Notifications to utilize workflows after deprecation by @Godmartinz in snipe/snipe-it#15731
- Fixed emails not being sent if target has no email or if not instance of User. Cc_emails will still be sent. by @Godmartinz in snipe/snipe-it#15763
- Added missing Livewire file by @marcusmoore in snipe/snipe-it#15765
- Revert "Added the display of logs when tests fail in GitHub Actions" by @marcusmoore in snipe/snipe-it#15771
- Fixed notifications for licenses and asset to asset checkoutables by @Godmartinz in snipe/snipe-it#15773
- Fixed CVE-2024-50342, CVE-2024-50345, CVE-2024-51736 by @joelpittet in snipe/snipe-it#15779
- Added Checkout ID column to user accessory table by @marcusmoore in snipe/snipe-it#15774
- Add new indexes to locations and users for faster manager lookups by @uberbrady in snipe/snipe-it#15780
- Added EOL date to bulk asset edit by @snipe in snipe/snipe-it#15792
- Added ability to specify null for calculation or explicit on bulk asset edit by @snipe in snipe/snipe-it#15793
- Check that the file exists before trying to download stored EULA by @snipe in snipe/snipe-it#15794
- Fixes Assets location not being resynced when Users location is updated via LDAP by @Godmartinz in snipe/snipe-it#14441
- Updated deprecated trigger for ms teams by @Godmartinz in snipe/snipe-it#15799
- Updated Laravel, additional packages for CVE-2024-52301 by @snipe in snipe/snipe-it#15804
- Fixed license serial gate in markdown by @Godmartinz in snipe/snipe-it#15805
- Added ability to import asset models (separate from assets) by @snipe in snipe/snipe-it#15802
- Fixed dark background to fieldsets and right border by @Godmartinz in snipe/snipe-it#15784
- Fixed login button disappearing under some circumstances with custom CSS by @akemidx in snipe/snipe-it#15730
- Fixed checkin/checkout email boolean check for Licenses by @Godmartinz in snipe/snipe-it#15808
- Patch for whitespace causing HTTP 500 errors. by @DarrenRainey in snipe/snipe-it#15807
- Fixed Microsoft Teams notifications by @marcusmoore in snipe/snipe-it#15809
New Contributors
- @sniff122 made their first contribution in snipe/snipe-it#15621
- @NebelKreis made their first contribution in snipe/snipe-it#15687
- @DarrenRainey made their first contribution in snipe/snipe-it#15807
Full Changelog: snipe/snipe-it@v7.0.13...v7.1.14