Skip to content

Merge Develop into Master for v25.11.1 release#1247

Merged
johnnyq merged 32 commits intomasterfrom
develop
Nov 17, 2025
Merged

Merge Develop into Master for v25.11.1 release#1247
johnnyq merged 32 commits intomasterfrom
develop

Conversation

@johnnyq
Copy link
Collaborator

@johnnyq johnnyq commented Nov 17, 2025

Merge Develop into Master for v25.11.1 release

johnnyq added 30 commits November 9, 2025 12:24
@johnnyq
Fix broken edit payment methods due to missing hidden field
6cdc26b
@johnnyq
[Feature] Added Asset Tags
abb97ad
@johnnyq
Add Asset Tags Display in Contact Details, asset details, along with …
0ac7676 
…their detail modals
@johnnyq
Fix unable to delete Vendor Templates
15ed4ef
@johnnyq
Fix Mail Queue link when sending a test email, updated the quote send…
26ab43c 
… email wording to Quote sent
@johnnyq
Added Quick Add Links to the majority of Side bars navs
af8e733
@johnnyq
Migrate Ticket Template add to ajax-modal, add category type option i…
7230325 
…f not defined, add product type if not defined
@johnnyq
Fix Add Ticket Watcher
46a1b67
@johnnyq
If ticket doesn't have a client dont show client section
1e6e7fd
@johnnyq
Add UserID: on hover in users
77b4dfa
@johnnyq
Afer Ticket Merge Redirect to new ticket Details
66a2b4b
@johnnyq
Add TOTP Secret to Export / Offboard Client Documentation PDF
b0724f5
@johnnyq
Add Where clause to only accept saved payment by logged in session_cl…
efcc0fd 
…ient_id in Client Portal
@johnnyq
Updated symfony/http-foundation from 7.3.3 to 7.3.7
6120416
@johnnyq
Composer updates
63141f3
@johnnyq
Add Back Delete Payment Provider, the db will cascade delete all rela…
aba5ed9 
…ted recurring payments, related saved cards and client payment provider relation
@johnnyq
Update Wording on delete provider
cf0fa00
@johnnyq
Fix Pay With a Saved Card in Invoice Listing if Saved Cards are on fi…
96b8fca 
…les for that client
@johnnyq
Fix regression in dashboard has client
a87b0b0
@johnnyq
Update Changelog and bunp App Version
47e647c
@johnnyq
Hide contract side nav as its not yet complete
29e1b56
@johnnyq
Added Tag Type Filter Nav to tags
1839599
@johnnyq
Add Tag Displays in edit and listing, remove unused type column
d2523cf
@johnnyq
Dont show Client Tickets in Ticket Details Breadcrumbs if not client …
79160f9 
…is assigned a ticket
@johnnyq
Ticket Details Checks, Dont display Add/edit relations if no cliet in…
b61dfac 
… selected, dont show relations in ticket edit if no client assigned to ticket, also dont display public and email response type if no contact_email exists
@johnnyq
Update Changelog
118f9a3
@johnnyq
Move Ticket edit from top Right Menu to Ticket Details Section
ef66d51
@johnnyq
Use btn-tool for side references in Ticket details and some cleanup
0c5883b
@johnnyq
Update Test IMAP to use a Raw connection instead of depending on the …
66fb999 
…Deprecated php-imap extension
@johnnyq
Update Ticket Detail card to use the adminlte's Card Collapse
19b8d09
@johnnyq johnnyq requested a review from wrongecho November 17, 2025 17:13
@sonarqubecloud
Copy link

sonarqubecloud bot commented Nov 17, 2025
edited
Loading

Quality Gate Failed Quality Gate failed

Failed conditions
E Security Rating on New Code (required ≥ A)

See analysis details on SonarQube Cloud

Catch issues before they fail your Quality Gate with our IDE extension SonarQube for IDE

github-advanced-security[bot]
github-advanced-security bot found potential problems Nov 17, 2025
View reviewed changes
admin/post/settings_mail.php
}

// Enable crypto on the stream
if (!stream_socket_enable_crypto($fp, true, STREAM_CRYPTO_METHOD_TLS_CLIENT)) {

Check failure

Code scanning / SonarCloud

Weak SSL/TLS protocols should not be used High

Change this code to use a stronger protocol. See more on SonarQube Cloud
agent/assets.php
Comment on lines +297 to +306
$sql_tags_filter = mysqli_query($mysqli, "
SELECT tag_id, tag_name
FROM tags
LEFT JOIN asset_tags ON asset_tag_tag_id = tag_id
LEFT JOIN assets ON asset_tag_asset_id = asset_id
WHERE tag_type = 5
$client_query OR tag_id IN ($tag_filter)
GROUP BY tag_id
HAVING COUNT(asset_tag_asset_id) > 0 OR tag_id IN ($tag_filter)
");

Check failure

Code scanning / SonarCloud

Database queries should not be vulnerable to injection attacks High

Change this code to not construct SQL queries directly from user-controlled data. See more on SonarQube Cloud
@wrongecho
Copy link
Collaborator

wrongecho commented Nov 17, 2025

Security alerts are false positives.
LGTM.

@johnnyq johnnyq merged commit c7ef362 into master Nov 17, 2025
3 of 5 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@wrongecho wrongecho wrongecho approved these changes

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@johnnyq @wrongecho