snipe-it v4.7.7 Release Notes

Release Date: 2019-09-04 // 19 days ago
  • 🆕 New in v4.7.7

    🚀 IMPORTANT: This release requires PHP 7.1.3 or greater.

    💥 This is mostly a bugfix release, however it does introduce a breaking change to the API which caps the number of results returned at 500 by default. More details below. Additionally, we added a rekey console command that allows you to rotate your APP_KEY (in the event of a security breach where your APP_KEY was disclosed or discovered) which will decrypt any encrypted custom fields you have, generate a new key, and re-encrypt them using the newly generated key.

    Usage:

    php artisan snipeit:rotate-key

    Screen Shot 2019-08-06 at 9 34 26 PM

    💥 BREAKING CHANGE:

    0️⃣ The maximum number of items returned is now capped at 500 by default. This is to prevent server timeouts and memory issues when someone (usually a custom script) naively tries to request 100k items at one time. You can increase this limit by adding MAX_RESULTS to your .env file and setting that value to a higher number. Otherwise you should use standard pagination using the offset parameter to get your complete data set.

    🛠 Fixed

    • 🛠 Fixed CVE-2019-10742
    • 🛠 History importer fixes
    • 🛠 Fixed #7289 - git fetch before git checkout in upgrade.php
    • 🛠 Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4
    • Smaller chunking for custom report, add max_execution_time
    • ✂ Removed erroneous withErrors() on JSON response

    ➕ Added

    • ➕ Added #7321 - link to Helm Chart repo
    • ➕ Added console rekey tool (#7330)
    • Limit API request results per page (#7405)

    ⬆️ Upgrading

    ⬆️ For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

    👀 For a full list of changes, see the changelog.

    ⬆️ After completing the upgrade process, be sure to clear your browser cookies.

    ⬆️ Upgrading from v3

    ⬆️ Please see the upgrade instructions here.


Previous changes from v4.7.6

  • 🆕 New in v4.7.6

    🚀 IMPORTANT: This release requires PHP 7.1.3 or greater.

    🛠 Fixed

    • 🛠 Fixed an issue displaying assets due for audit if no audit interval was set in the settings
    • 🛠 Fixed an issue with the Users API that would prevent a user from being created if it didn't validate, but did not provide useful validation messages in the JSON RESPONSE
    • 🛠 Fixed an issue where custom fields would not correctly validate
    • 🛠 Fixed an issue where users could enter large number of warranty months that would cause a syntax error (now capped at 20 years)
    • 🛠 Fixed a crashing count() issue on user deletion where it checks if other items are checked out
    • 🛠 Fixed #7186 - has() vs filled() in User API blanking out groups if no groups were passed in the API request
    • 🛠 Fixed #6910 where consumables could sometimes return no results
    • 🛠 Fixed #7250 - permission issue for API fieldsets and fields endpoints
    • 🛠 Fixed #7270 - Checking-in Assets via API would remove the asset name

    ➕ Added

    • Command to fix custom field unicode conversion differences between PHP versions
    • 👍 CORS support for API

    ⬆️ Upgrading

    ⬆️ For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

    👀 For a full list of changes, see the changelog.

    ⬆️ After completing the upgrade process, be sure to clear your browser cookies.

    ⬆️ Upgrading from v3

    ⬆️ Please see the upgrade instructions here.