Dear all, we are happy to announce new release of phpipam IP address management – version 1.7. You can find full changelog below, please read it. You can download it on github.

Important notes:
  • Please read upgrade guide before upgrading!
  • As usual backup your database before upgrade.
  • PHP >= 7.2 is now required, phpipam will not work on older versions
  • Latest stable git branch is now master, develop is the development branch (until now master was the development branch). Specific release branches (1.6, 1.7 etc) are still available.
Donations
If you find phpIPAM useful for your company donation would be highly appreciated to support further development of phpIPAM software!

Most "important" new features and enhancements are:
  • Full php8.3 compatibility
  • Added support for passkeys / passwordless logins
  • Multiple bugfixes
  • Multiple security fixes
And much more. You can find full changelog below, please read it.
Special thanks to all the people submitting bug reports, translators and feature testers, and of course special thanks to @GarryAllan for his work on this relase and squashing bugs !


Full changelog for this release is:

New features:
------------
+ Full php8.3 compatibility;
+ Added support for passkeys / passwordless logins;
+ API:
    + Added API changelog;

Bugfixes:
----------------------------
+ Fixed Use UTF-16LE encoding for XLS sheet names, and UTF-8 as input encoding (#3977);
+ Fixed Update login_form.php for installation inside subdir (#3954);
+ Fixed php8 constructor fix for radius class (#3985);
+ Fixed Force mac address update during status update scan (#3791);
+ Fixed RADIUS authentication fails on 1.6.0 (#3986);
+ Fixed cannot add NAT issue (#3993);
+ Fixed Various Linked Addresses issues (#3275, #4188, #4189, #3274);
+ Fixed Duplicates tool not finding ALL duplicates (#4161);
+ Fixes fetch_favourite_subnets function returns empty array instead of false (#4182);
+ Fixed Dashboard widget widths are not correct percentage (#4176);
+ Fixed remove_offline_addresses.php can't execute (#4173);
+ Fixed Searches do not properly organize results (#3917)
+ Fixed Expand/compress all folders not working properly (#3583);
+ Fixed Bug when adding a user to a group (#4137);
+ Fixed Password validation errors (#4099,#2423);
+ Fixed Ripe import results in jQuery error (#4007);
+ Fixed Ripe import crashes if too many subnets are found (#4180);
+ Fixed Devices with height 0 crash Rack image generation (#4193);
+ Fixed Custom field not working in Routing module (#4174);
+ Fixed Circuit Type showing differently in two windows (#4104);
+ Fixed Vault Item Custom Field not writable (#4058);
+ Fixed Undefined variable when adding nameserver (#4230);
+ Fixed Tag Management Color Picker (#3629);
+ Fixed Arrows for linked addresses do not match between themes (#4216);
* Fixed Captcha and invalid login checks (#3480, #4198);
+ Fixed 2FA TOTP validation issues (#3724);

Enhancements, changes:
----------------------------
+ Added support for redundant PowerDNS databases (#3981);
+ Added option to export data for VLAN,VRF and Devices directly from tools page;
+ Added option to disable OpenStreetMap address geoip lookups;
+ Added $api_stringify_results config.php option for  php81 API backwards compatibility;
+ Added support for newly added widgets to be sortable with jQuery (#4711);
+ Added support for using widget parameters; added recent_logins widget (#4184);

Security Fixes:
----------------------------
+ Upgraded jQuery to 3.7.1;
+ Upgraded bootstrap to 3.4.1;
+ Upgraded jQuery-ui to 1.13.3;
+ Cookies set without Secure attribute;
+ Multiple XSS injections (#4145,#4146,#4147,#4148,#4149.#4150,#4151);
+ HTML DOM XSS injection via filenames when uploading (#4160);
+ Escape loaded database strings by default, stored XSS defense;
+ Increase minimum 2FA secret length to 32 (160bit);
+ Disable /app/install/ helper scripts via config.php $disable_installer;
+ LDAP user searches sent without ssl/tls;

br, Miha