Caution
Snipe-IT now requires PHP 8.1.2 or greater
Hey everyone!
While this is just a point release, we're really excited for this one. We've a bunch of small bug fixes, but also added some UX sugar that we think will make everyone's workflows a little bit easier. You can now decide where you want to go after creating, editing, or checking in/out a first class object (Assets, Accessories, Licenses, Users, etc). You can also now check out more than one accessory at a time, if that's a thing that comes up in your workflow.
Also: If your table listings text ("Showing x of y pages") defaulted to Chinese, this release handles that (via #15133).
We've been doing a ton of under the hood stuff that won't seem very obvious as users, but it puts us in a much better position to move more quickly on a lot of things.
Another important technical note: this release mitigates a difficult to exploit but possible attack. If someone had access to your APP_KEY, it was possible to perform an RCE attack. We mitigated this by disabling cookie serialization, but I'd still argue that if someone has your APP_KEY, you're going to have a bad time in a bunch of other ways, so this is just a gentle reminder than your APP_KEY should never, ever be shared with anyone, for any reason, and you should never use the default APP_KEY values we have in some of our example env files. If you have encrypted custom fields and need to roll your APP_KEY because you feel it could have been compromised, we have a cli utility to handle that.
Next up: Custom fields for users, and the ability to check out accessories to assets and locations.
What's Changed
- Adds a command to resend acceptance emails by @Godmartinz in #14722
- Allow setting a prefix for Livewire's update and asset urls by @marcusmoore in #15073
- Fixed #10224: fix route names for optimize command by @dbakan in #15082
- Fixed #15094 - wrong translation string for model on checkout by @snipe in #15099
- Small layout tweaks to oauth page by @snipe in #15085
- Fixed #15067 - updated ldap sync locale to use
app()->getLocale()by @snipe in #15084 - Fixed: Missing Translation on a Tooltip by @akemidx in #15075
- Added EULAs in print user's assets by @mauro-miatello in #15088
- Checkout multiple of an accessory in one checkout by @snipe in #15114
- Improved Docker environment settings: implement
PHP_UPLOAD_LIMITfor Alpine images by @r-xyz in #15115 - Fixed a coupled test namespaces by @marcusmoore in #15110
- More localizations by @snipe in #15101
- Updated language strings by @snipe in #15120
- Added #14426: Makes all Manufacturer links dynamic, not just warranty lookup by @DrekiDegga in #14530
- Fixed #15121 - bulk delete restore logging by @snipe in #15122
- Added tests for bulk asset deletion and restore by @snipe in #15123
- Fixed use statement for Crypt in the importer, removed unused statements by @snipe in #15124
- Show existing images on user edit page by @snipe in #15125
- Fixes #15076 - Removes ability to remove the default avatar from disk by @snipe in #15127
- Nicer consumables layout by @snipe in #15128
- Hides the “Disable Other Login Mechanisms” if remote user option isn't checked by @snipe in #15132
- Load the english file again in case BS table doesn’t have a translation by @snipe in #15133
- [Snyk] Upgrade bootstrap-table from 1.22.5 to 1.23.0 #15131 by @snipe in #15134
- Updated translations by @snipe in #15144
- Switch to nb-NO from no-NO for Norwegian by @snipe in #15143
- Fix setup ssl check by @uberbrady in #15147
- Add Form Request and Tests for Update Asset API Method by @spencerrlongg in #14458
- Remove cookie serialization by @snipe in #15136
- Fixed start_date and end_date in user importer by @marcusmoore in #15148
- Fixed: Requiredness Check Bug by @spencerrlongg in #15149
- Fixed env var for backup config - related to #14964 by @snipe in #15153
- Fixes #15103 - Added EOL and audit into to user profile assets by @snipe in #15154
- Switch dockerfile to using php8.2 instead of 8.1 due to Alpine changes by @uberbrady in #15155
- [Snyk] Security upgrade alpine from 3.18.6 to 3.19 by @snipe in #15151
- Cleaned up UI on asset view by @snipe in #15158
- Allow cloning of deleted assets by @snipe in #15160
- Fixes 500 when depreciation is active but no purchase date by @snipe in #15161
- Added assets endpoint for locations by @snipe in #15162
- Registered custom anonymous blade component directory by @marcusmoore in #15150
- Improve restore sanitization - Fixes [sc-24840] by @uberbrady in #15168
- Create intermediate directories on restore if needed - Fixes [SC-25950] by @uberbrady in #15169
- Use blade component for submit redirect on asset edit/create by @snipe in #15172
- Dynamically iterate through the skin listing to build skins by @uberbrady in #15170
- Use the
pwd_secure_minvalue (plus 5) for generated password by @snipe in #15187
New Contributors
- @dbakan made their first contribution in #15082
- @r-xyz made their first contribution in #15115
- @DrekiDegga made their first contribution in #14530
Full Changelog: v7.0.9...v7.0.10