Releases: Part-DB/Part-DB-server
Release list
Part-DB 2.13.2
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Part-DB 2.13.2
Bug fixes
- Respect the attachment file limits, when Part-DB downloads a file, or a file gets uploaded base64 encoded via API
- Prevent formula injection when exporting tables as excel files
- Fixed problem with javascript and CSS not loading when using apache with mod_php (#1423)
Other changes
- Updated dependencies
- Improved documentation (@Apfelwurm, #1438)
- Improved translations
New Contributors
- @Apfelwurm made their first contribution in #1438
Full Changelog: v2.13.1...v2.13.2
Part-DB 2.13.1
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Part-DB 2.13.1
This version is identical to Part-DB 2.13.0. See Release Notes there for list of changes.
This version is to fix the build and tagging of the docker images to fix issue #1430
Full Changelog: v2.13.0...v2.13.1
Part-DB 2.13.0
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Part-DB 2.13.0
New features & Improvements
- Improved password strength estimator and show time to crack estimate in tooltip
- Use better library for alerts and dialogs, instead of the outdated bootbox
- Improved page load error dialog
- Added bootswatch*s brite theme as possible theme
- Added Ollama as (local) AI provider
- Allow to configure the timeout for AI providers, making it more suitable for slow local inference
- Added full chinese translation (thannks @0x915)
- Allow to edit info provider references in part edit form
Bug fixes
- Fixed bug that stocktake date changed on part edit (#1390)
Other changes
- Updated dependencies
- Updated KiCad symbols
- Fixed many deprecations
New Contributors
Full Changelog: v2.12.3...v2.13.0
Part-DB 2.12.3
Important
This version contains security fixes, it is recommended to update to this version immediately.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Part-DB 2.12.3
Security fixes
- Fixed missing SVG sanitatization, when file was uploaded with non-svg extension
- Added CSP headers to static files, to prevent script execution, should an vulnerable file be uploaded somehow
Other changes
- Updated KiCad symbols
- Updated dependencies
Full Changelog: v2.12.2...v2.12.3
Part-DB 2.12.2
Important
This version contains security fixes, it is recommended to update to this version immediately.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Part-DB 2.12.2
Security fixes
- MEDIUM: Fixed XSS vulnerability in project BOM import
- MEDIUM: Fixed XSS vulnerability in project BOM table
Bug fixes
- Fixed invalid reference in api docs (PR #1403, @d-buchmann)
- Fixed problem that sidebar hide state was not persisted over page reloads (PR #1404, @d-buchmann)
- Do not log deprecations as the files can quickly get very large, old behavior can be reenabled via env setting. This might also give a small performance boost (fixes #1405)
Other changes
- Updated KiCad symbols
- Updated dependencies
- Fixed deprecations
Full Changelog: v2.12.1...v2.12.2
Part-DB 2.12.1
Important
This version contains critical security fixes, it is recommended to update to this version immediately.
Part-DB 2.12.1
Security fixes
- CRITICAL: Fixed issue that users with editing rights could execute arbitary php code in the docker installations by uploading phar files
- MEDIUM: Fixed XSS issue in unsanatized log entry extra. Due to the Content-Security-Policy this has limited impact, as no arbitrary javascript can be executed.
- MEDIUM: The
APP_SECRETenv must be changed to prevent forgery of REMEMBERME tokens. To be doable an attacker requires to know the secret password hash of a user, which is not obtainable without another security issue. Administrators will see an warning banner on the homepage, asking to change the APP_SECRET.
Generate an new random 32 character string with openssl rand -hex 32 and put the value for APP_SECRET into your .env.local or the environment section of the docker-compose.yaml.
Other changes
- Updated dependencies to fix known security issues in symfony and twig
- Updated KiCad symbol and footprint lists
Part-DB 2.12.0
Tip
If you like Part-DB, consider donating to support the development. Press the sponsor button on the main github page, for more info.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
New features
- Added browser plugin to quickly submit pages from a browser to Part-DB to create parts out of it. As it submits the browser HTML, this allows also for info extraction from pages like ebay, amazon or aliexpress. Plugin is available for Chrome and Firefox
- Added an "unsaved changes" warning, on when a form contains unsaved changes and user tries to navigate away (#1368)
- Changed/Unsaved fields get highlighted with a light blue border in forms
- The discard changes button also now correctly works with rich text editor fields and select fields.
Bug fixes
- Fixed problem with attachment referencing in API (#1370)
Miscellaneous
- Updated dependencies
- Updated translations
- Updated kicad symbols
Full Changelog: v2.11.1...v2.12.0
Part-DB 2.11.1
Part-DB 2.11.1
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Bug fixes
- Updated watchtower image in watchtower config example (#1363)
- Fixed problems of invalid links when AI Web Extractor encounters non-absolute links
Improvements
- Improved UserAgent randomizer for web scraper
Part-DB 2.11.0
Part-DB 2.11.0
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
New features
- Added AI powered website scraper to provide detailed part infos even from webshops with little structured data
- Added feature to force refresh of info provider search and results, and to skip delegation to specialized providers when using "create part from URL"
- Add Docker update support via Watchtower integration by @Sebbeben in #1330
- Add Quick Apply and batch update to bulk info provider import by @Sebbeben in #1316
- Add 'Add stock' button to part stock info page by @kernchen-brc in #1352
- Added 250 and 500 entry to table lengthes menus
Bug fixes
- Fix sort order after column reorder on page reload by @wschopohl in #1346
- Fixed error making editing of users impossible
- Fixed error with converting existing DB to postgresql database (#1362)
- Fixed error that original category were changed, if category cloned and eda info changed (#1341)
- Keep part table length selection across page loads (#1350)
Miscellaneous
- Updated dependencies
- Updated KiCad symbols and footprint list
Full Changelog: v2.10.0...v2.11.0
Part-DB 2.10.0
Part-DB 2.10.0
Warning
This version requires nodejs 22+ for frontend building. Check that you have it installed, before attempting automatic upgrade.
Tip
If you like Part-DB, consider donating to support the development. Press the sponsor button on the main github page, for more info.
Important
If you are using Part-DB it would be helpful if you fill out this short survey on your usage of Part-DB (Google Forms): https://forms.gle/Q15twx3YYq3qCNfe8
Changes
- Frontend building now requires at least nodejs 22.
- For security hardening reasons Part-DB's generic web provider and the attachment download feature cannot download from local network IPs to avoid SSRF attacks. If you require internal attachment download, you can enable it via an env option.
New features
- Make format06 barcode checking more resiliant for non-standard conform labels and scanners by @mkne in #1321
- Implement parsing of TME QR codes by @alufers in #1324
- Ignore public/.well-known folder by @klausman in #1335
- Enable BOM sorting on part fields (Storage location, Manufacturing status) @mkne in #1338
- Allow to create custom kicad symbol/footprint autocomplete lists @DanTrackpaw in #1342
- Add price columns to project BOM table and build price summary by @MayNiklas in #1345
- Allow to sort by numeric value with SI prefix. This is realized via a separate optional column @wschopohl in #1344
Bugfixes
Miscellaneous
- Updated dependencies
- Updated translations
- Updated kicad symbols
- Improved documentation
New Contributors
- @alufers made their first contribution in #1324
- @klausman made their first contribution in #1335
- @DanTrackpaw made their first contribution in #1342
- @wschopohl made their first contribution in #1344
Full Changelog: v2.9.1...v2.10.0