Just a few days ago, a patch for CVE-2024-52301 was to Laravel’s core, Laravel being the PHP framework we use here at Grokability for Snipe-IT. The patch for this security flaw was released in v7.1.14 earlier today. While hosted customers were NOT affected (we do not have register_argc_argv enabled on any of our servers), self-hosted community users and support-only customers are...
As you likely know, we have two public demos of Snipe-IT, the version that’s on the master branch, and the version that’s on develop. We’ve had these public demos for years, so we’ve learned a thing or two about how people behave on public demos. 99% of the time, folks use the demos for their intended purpose, but that 1% can make things really annoying. We’ve seen...
Validation is one of those tiresome things that is archaic and should have been solved for good already, but because there are so many use-cases and scenarios – and therefore options – it can be tough to figure out which is the right solution to the problem at hand. As often happens in Laravel, we have a multitude of possible ways to handle validation. The most straightforward way is...