snipe-it

New in v4.9.0

IMPORTANT: This release requires PHP 7.1.3 or greater.

This is mostly a security/bugfix release, handling some smaller bugs.

Fixed

• Added slightly friendlier error handling for assets without models
• Include correct license, asset, etc count on user show API call
• Remove not existent variable id in the redirect causing error (#7732)
• Fix for weird JSON parsing in actionlogs when new custom fields are added and have no value and the asset is saved again (#7753)
• Fixed #7752 - reformat /api/v1/users/me to use transformer
• Fixed offset to use the actual item count as override instead of 0 (#7788)
• Use “invalid barcode” image and suppress errors when barcode format is not compatible with existing assets
• Fixed #7870: fixed SSL connectivity for PaaS DBs (#7874)
• Added validation to reject email addresses over 250 characters in password reset to prevent buffer overflow
• Fix for CVE-2019-10772

Improved

• Moved ldap import ini settings to config (#7679)
• Disallow 0 as a number for labels per page

Added

• Added license() endpoint for users
• Added 'requestable' to fillable attributes. (#7787)
• Added update() method for Departments (#7804)

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.8.0

IMPORTANT: This release requires PHP 7.1.3 or greater.

This is mostly a security/bugfix release, handling some smaller bugs and correcting an issue where users could no longer search on child assets.

We have also issued a fix for a security issue discovered in some versions of symfony/http-foundation, and have patched a persistent XSS vulnerability in the image uploads for most models where a malicious authorized user could potentially upload an SVG with a javascript payload. The severity of this issue is reduced due to the fact that the attack requires user interaction. Specifically, the attacker would have to trick an unsuspecting victim into opening the malicious asset model image in a new tab or from within an IFRAME. (Many thanks to Metin Kandemir for reporting that issue.)

Fixed

• Fixed maintenances permissions check to allow users who can edit assets to edit maintenances
• Fixed an error on audit due list when no audit_warning_days had been set in Admin Preferences
• Fixed bug where deleted consumable would throw an error on print page
• Adding Dept to license seats display (#7609)
• Removed escaping on custom fields in presenter (#7631)
• Updated child assets to reflect asset parent location (#7458)
• Updated symfony/http-foundation from 3.4.30 to 3.4.36 to address a security vulnerably in that dependency (#7638)
• Fixed XSS vulnerability in SVG image uploads (#7639)
• Fixed an issue where child locations where no longer searchable (#7646)

Improved

• #6440 Print All Assigned now opens in new tab (#7135)
• Updated translations

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.8

IMPORTANT: This release requires PHP 7.1.3 or greater.

This is mostly a bugfix release, addressing an issue when importing assets with custom fields, and fixing a latency issue when an install has a very large number of locations.

Fixed

• Limit license seats to 999 to prevent latency
• Fixes nested location selectlist (#7483)
• Remove unused variable
• Added software support and hardware support to maintenance types
• Added 4260352 to ldapsync enabled account constraint for AD

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.7

IMPORTANT: This release requires PHP 7.1.3 or greater.

This is mostly a bugfix release, however it does introduce a breaking change to the API which caps the number of results returned at 500 by default. More details below. Additionally, we added a rekey console command that allows you to rotate your APP_KEY (in the event of a security breach where your APP_KEY was disclosed or discovered) which will decrypt any encrypted custom fields you have, generate a new key, and re-encrypt them using the newly generated key.

Usage:

php artisan snipeit:rotate-key

BREAKING CHANGE:

The maximum number of items returned is now capped at 500 by default. This is to prevent server timeouts and memory issues when someone (usually a custom script) naively tries to request 100k items at one time. You can increase this limit by adding MAX_RESULTS to your .env file and setting that value to a higher number. Otherwise you should use standard pagination using the offset parameter to get your complete data set.

Fixed

• Fixed CVE-2019-10742
• History importer fixes
• Fixed #7289 - git fetch before git checkout in upgrade.php
• Fixed #7259 - upgraded phpdocumentor/reflection-docblock to v4
• Smaller chunking for custom report, add max_execution_time
• Removed erroneous withErrors() on JSON response

Added

• Added #7321 - link to Helm Chart repo
• Added console rekey tool (#7330)
• Limit API request results per page (#7405)

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.6

IMPORTANT: This release requires PHP 7.1.3 or greater.

Fixed

• Fixed an issue displaying assets due for audit if no audit interval was set in the settings
• Fixed an issue with the Users API that would prevent a user from being created if it didn't validate, but did not provide useful validation messages in the JSON RESPONSE
• Fixed an issue where custom fields would not correctly validate
• Fixed an issue where users could enter large number of warranty months that would cause a syntax error (now capped at 20 years)
• Fixed a crashing count() issue on user deletion where it checks if other items are checked out
• Fixed #7186 - has() vs filled() in User API blanking out groups if no groups were passed in the API request
• Fixed #6910 where consumables could sometimes return no results
• Fixed #7250 - permission issue for API fieldsets and fields endpoints
• Fixed #7270 - Checking-in Assets via API would remove the asset name

Added

• Command to fix custom field unicode conversion differences between PHP versions
• CORS support for API

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.5

IMPORTANT: This release requires PHP 7.1.3 or greater.

This release fixes a bug in the LDAP settings where the LDAP password could be blanked out when saving your LDAP settings.

Additionally, this release renames the groups table to permission_groups to avoid reserved name conflicts with later versions of MySQL. This should only be relevant to folks who have set up custom/third-party scripts that directly interface with the database. API endpoints, etc remain unchanged.

Fixed

• Fixed LDAP password blanking on save
• Fixed #7164, #7145 - change table name to permission_groups
• Reduce minimum group name length to 2 (from 3)
• Small fixes for phpleague CSV reader v9

Improved

• Improved error checking in locations importer

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.4

IMPORTANT: This release requires PHP 7.1.3 or greater.

This is a point release that fixes a bug in the backup notifications, which were previously trying to send email to [email protected] due to the default backup package config.

If you would like to be emailed when a backup has completed (or failed to complete, etc), add the following to your .env file:

[email protected]

This release also fixes a bug in bulk asset editing where it could potentially remove model_id information if none was passed (as would be the case if you were not changing the asset model).

Additionally, this release fixes an error that was being thrown on checkin if the entity being checked in from wasn't a person.

And finally, we've updated a few language strings, and added Filipino to the selectable dropdown list of languages.

We know there have been a lot of releases this week (not uncommon after an upgrade to the underlying framework), but our philosophy has always been that it's a bad idea to hold onto bugfixes for political/appearance reasons. Some folks only want to upgrade from a tagged release, so it makes more sense to us to get fixes in your hands sooner rather than later, so we release often.

Have a great weekend! Change details are below!

Fixed

• Fixed #7099 - set email to null by default for backup notifications
• Fixed #7100 - Check if $user isset on checkin
• Changed has() to filled() to fix bug in bulk asset editing that could remove a model_id

Added

• Added Filipino, corrected order for Spanish variations

Improved

• Increased throttle to 120 requests per minute

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.3

IMPORTANT: This release requires PHP 7.1.3 or greater. This version of Snipe-IT is compatible with PHP 7.3.

This is a point release that fixes a bug in the path for deleting generated backup files, and that also resolves in issue that was preventing certain users from being able to load the users/locations/etc select lists.

The select-list issue would typically only present itself if the Snipe-IT installation is running behind some configurations of proxies, or if they have unusual DNS masking or port numbers.

Fixed

• Fixed #7098 - updated backup config for deleteFile() method
• Fixed #7092 - handle weird port forwarding/port numbers for baseUrl

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.2

We had the bad luck of releasing just as Github was having some technical issues, so the version bump to v4.7.1 in the version file got missed in the 4.7.1 point release. So, we find ourselves releasing again, hoping Github doesn't bomb out again. Technology, amirite?

This is a point release just for docker users, which brings the version of PHP used in the docker file up to Snipe-IT v4.7 minimums.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.7.0

IMPORTANT: This release requires PHP 7.1.3 or greater. This version of Snipe-IT is compatible with PHP 7.3.

We've updated all of the package dependencies in this release and fixed a few small edge-case bugs. Users are encouraged to upgrade to v4.7 as soon as possible, as this release includes some security fixes for the underlying framework and package dependencies.

Added:

• Upgraded Laravel framework to 5.5

Fixed:

• Small fix for reordering fields in a fieldset
• Fixed bug where sorting by company name in Users API did not work
• Removed custom fields from AssignedSearch() to prevent confusing data in results
• Fixed Undefined variable user in $backto if asset is checked out to a non-user
• Check for valid model before attempting to access fieldsets on that model
• Fixed #7083 - Removed user_exists constraint on department save

Improved:

• Increased image resize size to 800px, added lightboxes

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

After completing the upgrade process, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.18

IMPORTANT: This IS THE final release of Snipe-IT that will work with PHP5. ALL future versions of Snipe-IT will require PHP 7.1.3 or greater.

This release is intended as a legacy release for users who will not be able to upgrade their version of PHP. If you are already running PHP7, you can skip this update and instead upgrade to 4.7, which will be released later today.

We upgraded some package dependencies to later versions for this release, however the we cannot upgrade the laravel framework itself due to PHP version constraints. Doing so would break the installations for everyone who is currently still running PHP 5x.

Users are strongly advised to upgrade their version of PHP so that they're ready for v4.7 and then v5.

Fixed:

• Fixed #6883 - remove escaping of fields on LDAP import
• Fixed #6880 - correctly encrypt encrypted fields via the API
• Fixes #5054: LDAP users deactivated LDAP (non-AD) (#7032)
• Updated package dependencies
• Fixed 4.6.17 regression #7044 - API update deleted custom fields if they are not re-presented
• Fixed XSS vulnerability when creating a new categories, etc via modal (thanks, @1Jesper1!)
• Updated email strings
• Fixed #7046 - added user website url back into UI
• Updated language strings

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.17

Added:

• Added Import locations from CSV via command line
• Added ability to update groups via API

Fixed:

• Leave the activated state for users alone in normal LDAP synchronization
• Fixed #7003 - crash when warranty months or purchase date is null
• Fixed #6956 - viewKeys policy inconsistent

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.16

Version 4.6.16 of Snipe-IT introduces a few small features and includes a bugfix for users who are getting an empty Assets listing if they have a null EOL date set for some or all assets.

New Audit Due / Audit Report Email Alerts and Web View

If you're already using the built-in scheduler, this will be included automatically. To run it manually, you would use php artisan snipeit:upcoming-audits.

This adds two new sidenav items into the Assets menu that bring you to a report of assets that are due soon (using whatever your audit threshold is set to in Admin Settings > Notifications) and what is overdue.

Upcoming/Overdue Audit API Endpoints

Two new GET endpoints have been added, /api/v1/hardware/audit/due and /api/v1/hardware/audit/overdue.

These actually use the main index Asset API controller, because there would have been a lot of copypasta otherwise, and that method is already a workhorse, but we wanted to provide a more semantic endpoint.

Added:

• Allow phone number to be changed in Edit Profile
• Added #6204 - added email alerts and web/API access to assets due or overdue for audit

Fixed:

• Fixed #6922 - date_add crashing if EOL is null
• Remove “Imported from LDAP” note override
• Fixed #6911 - note must be a string on license checkin

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New from v5.0.0-beta-1 to v5.0.0-beta-2

IMPORTANT: This version of Snipe-IT requires PHP 7.1.3 or greater.

Added

• Added half-year convention in depreciation
• Add a setting for the depreciation method
• Added predefined kits (this needs some UI love - in progress)
• Added kit permissions
• Allow multiple upload fields and add logo option to labels (#6736)
• Added ability to do full name search in user dropdown selectlist
• Added ability to search consumables by item number (#6785)
• Added write-only image_source field for asset create/edit API endpoint

Fixed

• Fixed #6703 - fixes password confirmation
• Fixed #6710 - explicitly make auto_increment_prefix nullable
• Fixed #6676 - consumables API not respecting category_id
• Fixed issue where offset could be greater than total items, resulting in “No results” confusion
• Fixed error if item requested or request was deleted (#6786)
• Run Laravel schedule in docker image using supervisord (#6606)
• Fixed miss label bugs
• Remove test data for Pie chart on dhasboard(#6793)

Want to Help Test?

Awesome! First things first, you should NOT test this in production yet, as it's a beta release. If you'd like to help us test, make a new copy of Snipe-IT and upgrade your copy to v5.0.0-beta-1.0, that way your data is safe. You should treat this test instance as a version you could easily throw away when you're done testing. (Hopefully it won't come to that, but hey, computers are hard.)

Things we're very interested in folks testing:

• LDAP/AD integration (login and sync)
• Using S3 to store files. We've built a little tool to help you migrate your local files to S3, which you can read about here.
• Client-side validation
• The importer, as always - that thing's a bear

If you need to create new bug reports for this beta release, please make sure you include the beta release version in the Github issue title so we can easily see that it's an issue specific to this beta.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

Upgrading from v3

Please see the upgrade instructions here. After completing the upgrade below, be sure to clear your browser cookies.

Thanks!

Special thanks to @jwhulette, @patrict, @VELIKII-DIVAN, @liquidhorse, @Seldaek, @inietov, @benrubson, @NMathar, @smb, @Sxderp, @fanta8897, @andreybolonin, @shinayoshi, @reuser, @KeenRivals, @omyno, @jackka, @herroworrd, @colin-campbell, @HinchK, and @uberbrady for helping bring v5 to life!

New in v4.6.15

Version 4.6.15 of Snipe-IT is a hotfix release that addresses an issue that users who have two-factor enabled have been experiencing because Google Image Charts turned off their API. (This was apparently announced quite some time ago, but because no API key is required, there wasn't really a super-efficient way of letting third-parties using their library know about it.) The new implementation should work seamlessly with older, already-enrolled devices, and is a more secure way of implementing 2FA, since we generate the QR enrollment barcode locally now, instead of reaching out to Google's API.

If you are using two-factor authentication in your Snipe-IT implementation, you should ABSOLUTELY upgrade as soon as you can.

We'll be rolling this update out to our hosted customers over the next 24 hours.

Developers: this fix has been forward-ported to the develop branch.

Fixed:

• Fixed #6834 and #6402 - skip Google's CharT Image API and generate enrollment QRs locally.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.14

Added:

• Added accessories endpoint to user API (#6775)
• Added README link to Marksman - A Windows agent for Snipe-IT
• Added ability to do full name search in user dropdown selectlist ("Jane Doe")
• Added ability to search consumables by item number
• Run Laravel schedule in docker image using supervisord
• Added Hungary date format (#6776)
• Added import permissions mask (#6826)

Fixed:

• Fixed error if item requested or request was deleted
• Fixed form label bugs in settings
• Fixed form label bugs in alerts settings
• Fixed a few XSS vulnerabilities (#6831) - thanks, @1jesper1!

Improved:

• Check for empty headers in import and throw a clearer error. (This should prevent the array_flip() errors on import in badly mapped import files.)
• Fixed #6821 - improved 2FA active for users list (#6822)

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.13

This release fixes a potential issue introduced in #6693, where we added the ability to nullify values via the API. It's a migration that sets several fields in the database to be nullable where they were sometimes previously not. (Fields are typically nullable by default, as we enforce those rules at the model level, however versions of Snipe-IT installed using a different version of MySQL may have had those fields created without the nullable attribute correctly set.)

In those cases, attempting to create assets, locations, users, etc with blank fields (even fields that are not required through the UI) could result in the MySQL error: Illuminate\Database\QueryException: SQLSTATE[23000]: Integrity constraint violation: 1048 Column 'foo' cannot be null.

The issue was introduced by implementing the ConvertEmptyStringsToNull() middleware, which is necessary by the API to nullify values (versus passing empty strings), but also caused issues for folks for whom those fields were not already nullable.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.12

This release fixes a small bug that was introduced in the last release which inadvertently changed the auto_increment_prefix to a boolean field. If you skipped the 4.6.11 release, this won't affect you, but we changed that migration in-place and then created an additional migration for folks who may have already upgraded. You may need to reset your auto increment prefix in the settings if you had upgraded to v4.6.11.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.11

Happy Valentines Day! To show you our love, we have a new release for you!

This release fixes a few very small bugs, one related to password confirmation validation, one related to the category not being respected in the consumables by category listing, and one more that addresses an issue where the pagination on one type of item could impact another, making it look like you have no items in that listing who you really do.

Fixed

• Fixed #6703 - fixes password confirmation
• Fixed #6676 - consumables API not respecting category id
• Fixed issue where offset could be greater than total items, resulting in "No results"

Breaking API changes:

• The password confirmation fix will require password_confirmation to be passed in API called when creating a new user, and it must match the password field.

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.

New in v4.6.10

This is a tiny release that fixes two bugs that would only affect a select group of users. While we hate to release multiple times in a day, we thought it prudent to get these fixes in your hot little hands as soon as possible, and we only just uncovered and fixed one of these bugs right after the 4.6.9 release went out.

The first issue would only happen for users who have full multiple company support enabled, and are not logged in as a superadmin. In that case, searching in the asset select list (for example, when checking a license out to an asset) would return an error that looks like Integrity constraint violation: 1052 Column 'company_id' in where clause is ambiguous.

The second issue affected only the /api/v1/hardware/byserial API endpoint, where we were applying the incorrect permission, so users that were NOT superadmins would get a permissions error.

Fixed

• Fixed #6367 - pass table name and column_id to scopeCompanyables()
• Fixed #6704 - don’t apply gate to $arrays collection, just check that the user can view assets

Upgrading

For general upgrading instructions, click here. Users who installed Snipe-IT via Git (recommended) can just run php upgrade.php.

For a full list of changes, see the changelog.

IMPORTANT: This will be one of the final releases of Snipe-IT that will work with PHP5. Future versions of Snipe-IT will require PHP 7.1.3 or greater. Please start upgrading your versions of PHP to 7.1.3 to prepare for the next major release. There may be a few small bug fix releases before Snipe-IT v5, but you should start preparing now.

Known Issues

Snipe-IT v4.x is not compatible with PHP 7.3. You'll need to use a version of PHP between 5.6.4 and 7.2.x. This is due to a limitation of the underlying framework. The upcoming v5 will support 7.3+.

Users running MariaDB 10.2.7 and later may have an issue upgrading or installing, due to a change in the way MariaDB stores null defaults. This issue will be fixed once the open pull request in the Doctrine repo is merged and a new version of Doctrine is released with these fixes. You can read more about that issue here.

After completing the upgrade process below, be sure to clear your browser cookies.

Upgrading from v3

Please see the upgrade instructions here.