mirror/snipe-it
3
0
Fork 0
mirror of https://github.com/snipe/snipe-it.git synced 2026-06-25 00:15:56 +00:00
Code Issues Projects Releases Wiki Activity
23,245 Commits 121 Branches 232 Tags
develop
Commit Graph

23245 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
snipe
30dee23886 Merge pull request #19218 from grokability/add-option-to-require-user-agents-for-api-calls-v2 
🎥 API/Settings: Added optional requirement for non-generic user agent
 2026-06-24 17:23:31 +01:00
snipe
3a5d435aaa Pint 2026-06-24 14:44:32 +01:00
snipe
df41ac66b6 Redirect if the app is in demo mode 2026-06-24 14:44:15 +01:00
snipe
974b1b4ebf One more test 2026-06-24 14:31:30 +01:00
snipe
65dfbff53d Added null vs empty test 2026-06-24 14:21:23 +01:00
snipe
16bc195767 Fixed route parameter $next, updated language, added tests 2026-06-24 14:08:21 +01:00
snipe
ee16923f7a Pint 2026-06-24 12:39:30 +01:00
snipe
1d0f5876cd Removed SCIM warning 2026-06-24 12:39:07 +01:00
snipe
c45e1e2928 API/User Agent: Apply to SCIM routes 2026-06-24 12:28:54 +01:00
snipe
7e617bbfa3 Switch to stripos(...) === 0 
Updated the pattern check to use `stripos(...) === 0` (prefix match) instead of !== false (substring match), so scripted clients identify themselves at position 0, and prefix matching prevents a pattern from accidentally matching an unrelated UA that mentions it later. This makes surwe a UA like MyWrapper/1.0 (uses curl/8.5.0 internally) passes, and a plain curl/8.5.0 is blocked.
 2026-06-24 12:18:39 +01:00
snipe
9e6c5f1b1b Updated blockedPatterns order 
Get setting + UA.
  2. If UA is blank, block if blank-blocking is on, otherwise pass.
  3. Past this point UA is known non-blank.
  4. If pattern master is off, pass.
  5. Iterate patterns, reject on first match.
  6. Pass.

Side benefit: the if ($patterns === [] || $userAgent === '') short-circuit is gone — both conditions are unreachable by this point (UA is non blank by step 2; an empty pattern list just makes the foreach a no-op).
 2026-06-24 12:15:23 +01:00
snipe
7714179de8 API/Settings: Added optional requirement for non-generic user agent 
alternative to #19217
 2026-06-23 22:59:03 +01:00
snipe
c99155e563 Livewire: Fixed Unable to call component method. Public method [create] not found on component 2026-06-23 20:58:05 +01:00
snipe
5e208b5974 Merge pull request #19159 from Godmartinz/gh19081-bulk-edit-default-fixes 
Bulk Asset Edit: Fixes #19081 - Prevent Bulk Edit custom fields from populating default values.
 2026-06-23 20:21:53 +01:00
snipe
100b76c4ac Merge pull request #19216 from grokability/bulk-checkin-add-location 
Bulk Asset Checkin: Fixed #19214  Added option to change location
 2026-06-23 20:21:21 +01:00
snipe
ebd4bc6eac Bulk Asset Checkin: Fixed #19214 Added option to change location 2026-06-23 20:15:09 +01:00
Godfrey M
5dcf9d070d Merge branch 'develop' into gh19081-bulk-edit-default-fixes 
# Conflicts:
#	resources/views/models/custom_fields_form_bulk_edit.blade.php
 2026-06-23 12:00:20 -07:00
snipe
fbf441f2a2 Item Requests: Fixed FD-56095 - apply FMCS to requestable items listing 2026-06-22 17:52:18 +01:00
snipe
0aba33aa0a Item Acceptance: Fixed FD-56096 - tighter guard on acceptance deletion 2026-06-22 17:25:00 +01:00
snipe
ed61ff1797 CSS multiselect: Fixed #18943 - use lighter background 2026-06-22 16:44:17 +01:00
snipe
cb68b70ed1 Fixed test 2026-06-22 16:16:20 +01:00
snipe
c591c4efd3 Merge pull request #19211 from grokability/dependabot/github_actions/develop/actions/checkout-7 
Bump actions/checkout from 6 to 7
 2026-06-22 13:18:43 +01:00
snipe
4966cecea4 API: Fixed API to let superusers see across companies for users and assets 2026-06-22 13:12:38 +01:00
dependabot[bot]
5f52851fb9 Bump actions/checkout from 6 to 7 
Bumps [actions/checkout](https://github.com/actions/checkout) from 6 to 7.
- [Release notes](https://github.com/actions/checkout/releases)
- [Changelog](https://github.com/actions/checkout/blob/main/CHANGELOG.md)
- [Commits](https://github.com/actions/checkout/compare/v6...v7)

---
updated-dependencies:
- dependency-name: actions/checkout
  dependency-version: '7'
  dependency-type: direct:production
  update-type: version-update:semver-major
...

Signed-off-by: dependabot[bot] <support@github.com>
 2026-06-22 08:32:32 +00:00
snipe
39791fca3e Localization: Fixed #19205 - use translation for All Rights Reserved 2026-06-19 12:45:16 +01:00
snipe
c8bb221a16 FMCS: Location scoping - prevent scoping by location if not enabled 2026-06-19 12:44:36 +01:00
snipe
92c041156f Added password preview to users modal 2026-06-19 12:29:49 +01:00
snipe
4ae6702f7c Custom Fields+Bulk Edit: Fixed default value pre-population bug 
A user reported that the bulk edit form pre-populated custom field inputs with the field's configured default value instead of leaving them blank. Leaving the modal without touching a field would silently overwrite all selected assets.
 2026-06-19 12:27:24 +01:00
snipe
0ce35d845a FMCS location scoping: Allow checkout to parent 
A user reported that checking out an asset to a child location was failing with a company mismatch error when FMCS is enabled. Child locations that have company_id = null but inherit their company from a parent location were being rejected.
 2026-06-19 12:26:22 +01:00
snipe
b08148d493 Trim SCIM keys 2026-06-18 19:56:55 +01:00
snipe
c4082d36f4 Make sure custom field dn_column_name is populated 2026-06-18 19:45:06 +01:00
snipe
72aa9fc31a Merge pull request #19202 from marcusmoore/fixes/colors 
Styling - Fixed FD-56071 - Apply nav and link colors appropriately
 2026-06-18 02:18:26 +01:00
Marcus Moore
7e8c5bcf01 Styling: apply fallbacks for link colors properly 2026-06-17 18:06:33 -07:00
Marcus Moore
3942de9a90 Styling: Use correct column names when setting colors 2026-06-17 17:26:16 -07:00
Marcus Moore
96ae7feb63 Styling: use correct keys for link_light_color on profile 2026-06-17 17:25:50 -07:00
snipe
f67c3ac686 Reports: Unaccepted assets report - use title to fix ordering. Fixes #19199 2026-06-17 13:20:37 +01:00
snipe
cf7701e159 API Controllers: Fixed missing sorts on some columns 
In the presenters, we had some fields labeled as sortable that were not actually sortable via the API ($allowed_columns). This shores that up
 2026-06-17 12:20:56 +01:00
snipe
0415344096 Licenses API: Fixed missing sortable fields 2026-06-17 12:06:04 +01:00
snipe
2f749be466 Licenses API: Fixed n+1 query 
Line 122 called $licenses->count() up to twice (once for the comparison, and again if true to get the cap value), then line 173 called it a third time for the $total. The sort switch between them only adds orderBy/leftJoin calls which don't affect the count, so we can safely hoist $total above the offset line and reuse t.
 2026-06-17 12:04:35 +01:00
snipe
70ba654138 Accessories: make total_cost sortable 2026-06-16 23:19:30 +01:00
snipe
2cb184b098 Merge pull request #19196 from Godmartinz/rb-21679 
Custom Reports: Fix action logs sub query select to item_id.
 2026-06-16 22:39:58 +01:00
Godfrey M
0b70921d11 Custom Reports: change select to item_id for action logs sub query 2026-06-16 14:33:29 -07:00
snipe
07a432b8a0 Accessories: Fix sorting 2026-06-16 21:26:15 +01:00
snipe
4218edb57f Merge pull request #19194 from grokability/scim-throttle 
SCIM: added throttle
 2026-06-16 21:13:56 +01:00
snipe
1efd470a77 Bulk User Edit Logging: Fixed #19193 - log parity in bulk as for regular user edit 2026-06-16 18:50:46 +01:00
snipe
4f9722182f SCIM: added throttle 2026-06-16 13:13:49 +01:00
snipe
69215eaab6 Bumped version 2026-06-15 22:21:08 +01:00
snipe
69c50aa2ae Maintenances: Fixed FD-56038 - gate for maintenance view 2026-06-15 22:13:31 +01:00
snipe
157472773a Item Acceptance: Fixed RB-21671 - nullsafe check for copy 2026-06-15 21:41:32 +01:00
snipe
2c302d918e Fixed FD-56030 - removed assigned from fillable 2026-06-15 21:38:29 +01:00