Fixed #19006 - update null location

Merge pull request #19030 from grokability/purchase-cost-fix
Fixed #19029 - switch back to text for purchase cost
2026-05-14 15:58:10 +01:00 · 2026-05-14 15:56:25 +01:00 · 2026-05-14 15:33:42 +01:00 · 2026-05-14 15:04:48 +01:00 · 2026-05-14 15:03:55 +01:00 · 2026-05-14 14:30:09 +01:00
7558 changed files with 480308 additions and 236629 deletions
@@ -3206,7 +3206,8 @@
      "avatar_url": "https://avatars.githubusercontent.com/u/3755203?v=4",
      "profile": "https://github.com/swift2512",
      "contributions": [
-        "bug"
+        "bug",
+        "code"
      ]
    },
    {
@@ -4234,6 +4235,42 @@
      "contributions": [
        "code"
      ]
+    },
+    {
+      "login": "smarsching",
+      "name": "Sebastian Marsching",
+      "avatar_url": "https://avatars.githubusercontent.com/u/2880129?v=4",
+      "profile": "http://sebastian.marsching.com/",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "mohammad-ahmadi1",
+      "name": "Mo",
+      "avatar_url": "https://avatars.githubusercontent.com/u/40658372?v=4",
+      "profile": "https://github.com/mohammad-ahmadi1",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "MarvelousAnything",
+      "name": "Owen V. Hayes",
+      "avatar_url": "https://avatars.githubusercontent.com/u/20994684?v=4",
+      "profile": "https://github.com/MarvelousAnything",
+      "contributions": [
+        "code"
+      ]
+    },
+    {
+      "login": "Husky-Devel",
+      "name": "Peter Gallwas",
+      "avatar_url": "https://avatars.githubusercontent.com/u/75509373?v=4",
+      "profile": "https://www.husky.nz",
+      "contributions": [
+        "code"
+      ]
    }
  ]
 }
@@ -137,6 +137,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -147,6 +149,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -144,6 +144,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -154,6 +156,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -40,12 +40,26 @@ DB_SANITIZE_BY_DEFAULT=false
 # --------------------------------------------
 # OPTIONAL: SSL DATABASE SETTINGS
 # --------------------------------------------
+# Enable SSL connection to database (true/false)
 DB_SSL=false
+
+# Set to true for cloud databases like AWS RDS, Azure Database, Google Cloud SQL
+# Set to false for self-hosted databases with client certificates
 DB_SSL_IS_PAAS=false
+
+# Required when DB_SSL_IS_PAAS=false (client certificate authentication)
 DB_SSL_KEY_PATH=null
 DB_SSL_CERT_PATH=null
+
+# Path to CA certificate bundle (required for SSL connections)
+# For AWS RDS, download from: https://truststore.pki.rds.amazonaws.com/global/global-bundle.pem
 DB_SSL_CA_PATH=null
+
+# SSL cipher (optional, leave null for default)
 DB_SSL_CIPHER=null
+
+# Verify server certificate (true/false, defaults to false if not set)
+# Set to false for development or when using self-signed certificates
 DB_SSL_VERIFY_SERVER=null

 # --------------------------------------------
@@ -76,7 +90,16 @@ IMAGE_LIB=gd

 # --------------------------------------------
 # OPTIONAL: BACKUP SETTINGS
-# --------------------------------------------
+# Backup filesystem configuration
+# - BACKUP_FILESYSTEM_DRIVER: Driver to use (local, s3, etc.)
+#   Default: local (backward compatible)
+#   Set to s3 to use S3 for backups (requires PRIVATE_AWS_* credentials)
+# - BACKUP_FILESYSTEM_ROOT: Root path/prefix
+#   For local driver: leave commented for default to storage_path("app")
+#   For S3 driver: empty string = bucket root, or specify prefix like "backups/"
+#--------------------------------------------
+BACKUP_FILESYSTEM_DRIVER=local
+#BACKUP_FILESYSTEM_ROOT=
 MAIL_BACKUP_NOTIFICATION_DRIVER=null
 MAIL_BACKUP_NOTIFICATION_ADDRESS=null
 BACKUP_ENV=true
@@ -135,6 +158,14 @@ REDIS_PORT=null
 MEMCACHED_HOST=null
 MEMCACHED_PORT=null

+# --------------------------------------------
+# OPTIONAL: S3 PROXY
+# When enabled, public uploads (images, logos, avatars) are served through
+# the application instead of directly from S3. This allows using a single
+# fully private S3 bucket for all storage.
+# --------------------------------------------
+PUBLIC_S3_PROXY=false
+
 # --------------------------------------------
 # OPTIONAL: PUBLIC S3 Settings
 # --------------------------------------------
@@ -143,6 +174,8 @@ PUBLIC_AWS_ACCESS_KEY_ID=null
 PUBLIC_AWS_DEFAULT_REGION=null
 PUBLIC_AWS_BUCKET=null
 PUBLIC_AWS_URL=null
+PUBLIC_AWS_ENDPOINT=null
+PUBLIC_AWS_PATH_STYLE=null
 PUBLIC_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -153,6 +186,8 @@ PRIVATE_AWS_SECRET_ACCESS_KEY=null
 PRIVATE_AWS_DEFAULT_REGION=null
 PRIVATE_AWS_BUCKET=null
 PRIVATE_AWS_URL=null
+PRIVATE_AWS_ENDPOINT=null
+PRIVATE_AWS_PATH_STYLE=null
 PRIVATE_AWS_BUCKET_ROOT=null

 # --------------------------------------------
@@ -190,13 +225,14 @@ APP_ALLOW_INSECURE_HOSTS=false
 GOOGLE_MAPS_API=
 LDAP_MEM_LIM=500M
 LDAP_TIME_LIM=600
+BACKUP_TIME_LIMIT=600
 IMPORT_TIME_LIMIT=600
 IMPORT_MEMORY_LIMIT=500M
 REPORT_TIME_LIMIT=12000
 API_THROTTLE_PER_MINUTE=120
 CSV_ESCAPE_FORMULAS=true
 LIVEWIRE_URL_PREFIX=null
-
+MAX_UNPAGINATED=5000

 # --------------------------------------------
 # OPTIONAL: SAML SETTINGS
@@ -0,0 +1,66 @@
+# Pint: Models
+9623fa4d87e7fb38307028338c6991afb7d4e099
+
+# Pint: Actions
+a3c7410c35388af08997b1c52adebda1056488a6
+
+# Pint: Console
+8bce38b9187d23089a28a4f3a4ab960ac7471e90
+
+# Pint: Enums and Events
+f7b82ad1ff513a25d775c20b58e9a8ce23461ec2
+
+# Pint: Exceptions
+2e7046a810ce1f7562dec9d3ee4fee0cbc7262db
+
+# Pint: Non-api controllers
+9bc92f57c8a29ac0e89c2d3f72f23c6c64567dd8
+
+# Pint: Api controllers
+1e5d426e70dcd72fd7e87c2b11ff42fe3cc7a1a4
+
+# Pint: Middleware
+ec6caf9b5959c6c57bd7be047e91bbb70fc303a7
+
+# Pint: Requests
+93168326da54fa87880570c82df3ccbf3ff152e1
+
+# Pint: Traits and Transformers
+a613380811f63f51e2951d2f4b8454d5274d5cdf
+
+# Pint: Importer
+3e831bf9b3cc060f11c88ec69a9313131de8ee1f
+
+# Pint: Jobs and Listeners
+317b1a462e079bf96d492dd3782de38b7144be9f
+
+# Pint: Livewire
+53f2ef2ca11b0571de758b101f08f259de7830cf
+
+# Pint: Mail
+de607e7d83704b30f809238c44d3d759196a77db
+
+# Pint: Notifications
+31043d1f5cb5d287c0ab2ca2ba1ae08665bc6ad5
+
+# Pint: Observers and policies
+b2c0a21230977443536655e43e524773e2ad9e27
+
+# Pint: Presenters
+55d46cbefec5fe0bb7e28b859d540977d2cfee46
+
+# Pint: Providers
+8b658a19b9182bf9a19e34bc9101ee11a13ed85b
+
+# Pint: Config
+c1a93e3ac890ed1fc1c27ba6c431f6b58ff661d6
+
+# Pint: Lang and resources
+84fdb5d6c19bf7882cb91d42fe8768fc0db0ce67
+
+# Pint: Database
+b5a46a370f85c6e87c8a9fa4a4593424bb027712
+
+# Pint: Tests
+d84eb43278177a9bcdfffe04c94d933eb49f2c48
+446f5f3cefdc1837a65fd4bc983741b29f821a78
@@ -0,0 +1,163 @@
+name: Bug Report
+description: File a bug report.
+title: "[Bug]: "
+projects: ["grokability/snipe-it"]
+type: bug
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this bug report! Most issues are documented in the [Snipe-IT repository's issues](https://github.com/grokability/snipe-it/issues) or in the official [Common Issues section of the Documentation](https://snipe-it.readme.io/docs/common-issues#/) and are due to the following:
+        
+        - `.env` misconfiguration
+        - [Server Permissions](https://snipe-it.readme.io/docs/debugging-permissions#/)
+        - [Database Migrations](https://snipe-it.readme.io/docs/database-issues#run-migrations)
+        
+        Please make sure you've checked these resources before submitting a new issue. If you find an existing issue, please add your context to it instead of opening a new issue. If your issue is more of a question, consider [opening a new discussion](https://github.com/grokability/snipe-it/discussions) or [pop by our Discord](https://discord.gg/yZFtShAcKk) instead of creating an issue.
+        
+        **Please write your bug report in English.** You can use tools like [DeepL](https://www.deepl.com) or [Google Translate](https://translate.google.com/) to translate if necessary. 
+        
+        **If you choose to upload screenshots or videos (which we always encourage), please make sure they do not contain any sensitive information.**
+  - type: input
+    id: version
+    attributes:
+      label: Snipe-IT Version
+      description: What version of Snipe-IT are you seeing this issue on? You can find the version number in the footer of any page in Snipe-IT.
+      placeholder: ex. v8.3.2 - build 19577 (master)
+    validations:
+      required: true
+  - type: input
+    id: php-version
+    attributes:
+      label: PHP Version
+      description: What version of PHP are you running? You can find the version of PHP your webserver is running in the `Admin Settings` section in the footer, and the cli version by running `php -v` via command line .
+      placeholder: ex. v8.3.1 (web), PHP 8.4.12 (cli)
+    validations:
+      required: true
+  - type: input
+    id: composer-version
+    attributes:
+      label: Composer Version
+      description: What version of composer are you running? You can find the version number by running `composer --version`.
+      placeholder: ex. 2.8.10
+    validations:
+      required: true
+  - type: input
+    id: db-version
+    attributes:
+      label: MySQL/MariaDB version
+      description: What database are you using, and what version?
+      placeholder: ex. MySQL 5.7
+    validations:
+      required: true
+  - type: dropdown
+    id: install-method
+    attributes:
+      label: How did you install Snipe-IT?
+      options:
+        - Git install
+        - Manual install (downloading zip/tar.gz)
+        - Docker
+        - install.sh
+        - Hosted by Grokability
+        - Other
+        - Not sure
+    validations:
+      required: true
+  - type: dropdown
+    id: upgrade-or-fresh
+    attributes:
+      label: Is this a fresh install or an upgrade?
+      options:
+        - Fresh install
+        - Upgrade
+        - NA
+    validations:
+      required: true
+  - type: textarea
+    id: what-happened
+    attributes:
+      label: What happened?
+      description: Also tell us, what did you expect to happen?
+      placeholder: Tell us what you see! (Be nice!)
+    validations:
+      required: true
+  - type: dropdown
+    id: browsers
+    attributes:
+      label: What browsers are you seeing the problem on?
+      multiple: true
+      options:
+        - Firefox
+        - Chrome
+        - Safari
+        - Microsoft Edge
+        - Other
+  - type: dropdown
+    id: on-demo
+    attributes:
+      label: Can you reproduce this on the public demo?
+      description: You can check this at https://demo.snipeitapp.com.
+      options:
+        - 'Yes'
+        - 'No'
+        - N/A
+    validations:
+      required: true
+  - type: dropdown
+    id: fmcs
+    attributes:
+      label: Do you have full multiple company support enabled?
+      description: You can check this in your Snipe-IT installation at `Admin Settings > General Settings > Scoping`.
+      options:
+        - 'Yes'
+        - 'No'
+    validations:
+      required: true
+  - type: dropdown
+    id: fmcs-location
+    attributes:
+      label: If you have full multiple company support enabled, do you have location scoping to company enabled?
+      description: You can check this in your Snipe-IT installation at `Admin Settings > General Settings > Scoping`.
+      options:
+        - 'Yes'
+        - 'No'
+        - I do not have full multiple company support enabled
+    validations:
+      required: true
+  - type: textarea
+    id: server-logs
+    attributes:
+      label: Application log output
+      description: Please copy and paste any relevant log output from `storage/logs/laravel.log`. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: textarea
+    id: browser-logs
+    attributes:
+      label: Browser console output
+      description: Please copy and paste any relevant log output from your browser console. This will be automatically formatted into code, so no need for backticks.
+      render: shell
+  - type: checkboxes
+    id: common-issues
+    attributes:
+      label: Common Issues
+      description: Please make sure you have done the following before submitting your issue.
+      options:
+        - label: I have searched this repo for existing issues related to my issue (including closed issues)
+          required: true
+        - label: My APP_URL is set correctly in my .env file (including http or https and no trailing slash)
+          required: true
+        - label: I have searched the official Snipe-IT documentation and have checked the Common Issues documentation (where applicable)
+          required: true
+        - label: I have run database migrations (where applicable).
+          required: true
+        - label: I have attached screenshots and/or videos of the issue (where applicable)
+          required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/grokability/snipe-it/blob/master/CODE_OF_CONDUCT.md).
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
@@ -0,0 +1,38 @@
+name: Feature Request
+description: Request a new feature.
+title: "[Feature]: "
+projects: ["grokability/snipe-it"]
+type: feature
+body:
+  - type: markdown
+    attributes:
+      value: |
+        Thanks for taking the time to fill out this feature request! Please make sure to search the existing issues in this repository to see if your feature has already been requested, and feel free to add your context to any existing requests.
+        
+        **Please write your issue in English.** You can use tools like [DeepL](https://www.deepl.com) or [Google Translate](https://translate.google.com/) to translate if necessary. 
+        
+         **If you choose to upload screenshots or videos (which we always encourage), please make sure they do not contain any sensitive information.**
+  - type: input
+    id: version
+    attributes:
+      label: Snipe-IT Version
+      description: What version of Snipe-IT are you currently running? You can find the version number in the footer of any page in Snipe-IT.
+      placeholder: ex. v8.3.1 - build 19577 (master)
+    validations:
+      required: true
+  - type: textarea
+    id: feature-description
+    attributes:
+      label: How can we help?
+      description: Let us know in detail what feature you'd like to see added. While we can't promise to implement every feature request, we do read every one and take them into consideration when planning future releases.
+      placeholder: Tell us what you'd like to see in Snipe-IT! (Be nice!)
+    validations:
+      required: true
+  - type: checkboxes
+    id: terms
+    attributes:
+      label: Code of Conduct
+      description: By submitting this issue, you agree to follow our [Code of Conduct](https://github.com/grokability/snipe-it/blob/master/CODE_OF_CONDUCT.md).
+      options:
+        - label: I agree to follow this project's Code of Conduct
+          required: true
@@ -1,10 +1,11 @@
-frontend: ["*.js", "*.css", "*.vue", "*.scss", "*.less", "*.blade.*", "resources/views/livewire/*"]
+frontend: ["*.js", "*.css", "*.scss", "*.less", "*.blade.*", "resources/views/livewire/*","resources/views/layouts/default.blade.php"]
 skins: ["*.js", "*.css", "*.scss", "*.less"]
 css: ["*.css","*.scss", "*.less"]
 javascript: ["*.js", "package.json", "package.lock"]
 backend: ["/app/*", "composer.json", "composer.lock"]
-translations: ["/resources/lang"]
+translations: ["/resources/lang/*"]
 livewire: ["/app/Http/Livewire/*", "resources/views/livewire/*"]
+blade-components: ["resources/views/blade/*"]
 backups: ["*backup*"]
 restore: ["*restore*"]
 saml: ["*saml*"]
@@ -16,7 +17,7 @@ api: ["/app/Http/Controllers/Api/*"]
 notifications: ["/app/Notifications/*"]
 importer: ["/app/Importer/*","/app/Http/Livewire/Importer.php", "resources/views/livewire/importer.php"]
 cli / artisan: ["/app/Console/*"]
-LDAP: ["*Ldap*", "/app/Console/Commands/Ldap*","/app/Models/Ldap.php"]
+LDAP: ["*Ldap*", "/app/Console/Commands/Ldap*","/app/Models/Ldap.php", "/resources/views/users/ldap.blade.php","/resources/views/settings/ldap.blade.php"]
 docker: ["*docker/*", "Dockerfile", "Dockerfile.alpine", "Dockerfile.fpm-alpine", ".dockerignore", ".env.docker"]
 tests: ["/tests/*", "/database/factories/*", "/stubs"]
 config: .github
@@ -0,0 +1,117 @@
+# GitHub Copilot Custom Instructions for Snipe-IT
+
+These instructions guide Copilot to generate code that aligns with modern Laravel 11 standards, PHP 8.2/8.4 features, software engineering principles, and industry best practices to improve software quality, maintainability, and security.
+
+## ✅ General Coding Standards
+
+- Prefer short, expressive, and readable code.
+- Use **meaningful, descriptive variable, function, class, and file names**.
+- Apply proper PHPDoc blocks for classes, methods, and complex logic.
+- Organize code into small, reusable functions or classes with single responsibility.
+- Avoid magic numbers or hard-coded strings; use constants or config files.
+
+## ✅ PHP 8.2/8.4 Best Practices
+
+- Use **readonly properties** to enforce immutability where applicable.
+- Use **Enums** instead of string or integer constants.
+- Utilize **First-class callable syntax** for callbacks.
+- Leverage **Constructor Property Promotion**.
+- Use **Union Types**, **Intersection Types**, and **true/false return types** for strict typing.
+- Apply **Static Return Type** where needed.
+- Use the **Nullsafe Operator (?->)** for optional chaining.
+- Adopt **final classes** where extension is not intended.
+- Use **Named Arguments** for improved clarity when calling functions with multiple parameters.
+
+## ✅ Laravel 11 Project Structure & Conventions
+
+- Follow the official Laravel project structure:
+    - `app/Http/Controllers` - Controllers
+    - `app/Models` - Eloquent models
+    - `app/Http/Requests` - Form request validation
+    - `app/Http/Resources` - API resource responses
+    - `app/Enums` - Enums
+    - `app/Actions` - Single-responsibility action classes
+    - `app/Policies` - Authorization logic
+
+- Controllers must:
+    - Use dependency injection.
+    - Use Form Requests for validation. The request class should utilize the rules set on the model.
+    - Return typed responses (e.g., `JsonResponse`).
+    - Use Transformers for API responses.
+
+## ✅ Eloquent ORM & Database
+
+- Use **Eloquent Models** with proper `$fillable` or `$guarded` attributes for mass assignment protection.
+- Utilize **casts** for date, boolean, JSON, and custom data types.
+- Apply **accessors & mutators** for attribute transformation.
+- Avoid direct raw SQL unless absolutely necessary; prefer Eloquent or Query Builder.
+- Migrations:
+    - Always use migrations for schema changes.
+    - Include proper constraints (foreign keys, unique indexes, etc.).
+    - Prefer UUIDs or ULIDs as primary keys where applicable.
+
+## ✅ API Development
+
+- Use **Transformer classes** for consistent and structured JSON responses.
+- Apply **route model binding** where possible.
+- Use Form Requests for input validation.
+
+## ✅ Blade & Frontend (if applicable)
+
+- Keep Blade templates clean and logic-free; use View Composers or dedicated View Models for complex data.
+- Use `@props`, `@aware`, `@once` Blade features appropriately.
+- Utilize Alpine.js or Livewire for interactive frontend logic (optional).
+
+## ✅ Security Best Practices
+
+- Never trust user input; always validate and sanitize inputs.
+- Use prepared statements via Eloquent or Query Builder to prevent SQL injection.
+- Use Laravel's built-in CSRF, XSS, and validation mechanisms.
+- Store sensitive information in `.env`, never hard-code secrets.
+- Apply proper authorization checks using Policies or Gates.
+- Follow principle of least privilege for users, roles, and permissions.
+
+## ✅ Testing Standards
+
+- Use **factories** for test data setup.
+- Include feature tests for user-facing functionality.
+- Include unit tests for business logic, services, and helper classes.
+- Mock external services using Laravel's `Http::fake()` or equivalent.
+- Maintain high code coverage but focus on meaningful tests over 100% coverage obsession.
+
+## ✅ Software Quality & Maintainability
+
+- Follow **SOLID Principles**:
+    - Single Responsibility Principle (SRP)
+    - Open/Closed Principle (OCP)
+    - Liskov Substitution Principle (LSP)
+    - Interface Segregation Principle (ISP)
+    - Dependency Inversion Principle (DIP)
+
+- Follow **DRY** (Don't Repeat Yourself) and **KISS** (Keep It Simple, Stupid) principles.
+- Apply **YAGNI** (You Aren't Gonna Need It) to avoid overengineering.
+- Document complex logic with PHPDoc and inline comments.
+
+## ✅ Performance & Optimization
+
+- Eager load relationships to avoid N+1 queries.
+- Use caching with Laravel's Cache system for frequently accessed data.
+- Paginate large datasets using `paginate()` instead of `get()`.
+- Queue long-running tasks using Laravel Queues.
+- Optimize database indexes for common queries.
+
+## ✅ Modern Laravel Features to Use
+
+- Use **Event Broadcasting** if real-time updates are needed.
+- Use **Full-text search** if search functionality is required.
+- Use **Rate Limiting** for API routes.
+
+## ✅ Additional Copilot Behavior Preferences
+
+- Generate **strictly typed**, modern PHP code using latest language features.
+- Prioritize **readable, clean, maintainable** code over cleverness.
+- Avoid legacy or deprecated Laravel patterns (facade overuse, logic-heavy views, etc.).
+- Suggest proper class placement based on Laravel directory structure.
+- Suggest tests alongside new features where applicable.
+- Default to **immutability**, **dependency injection**, and **encapsulation** best practices.
+  No newline at end of file
@@ -26,14 +26,14 @@ jobs:
        language: [ 'javascript' ]
    steps:
    - name: Checkout repository
-      uses: actions/checkout@v5
+      uses: actions/checkout@v6

    # Initializes the CodeQL tools for scanning.
    - name: Initialize CodeQL
-      uses: github/codeql-action/init@v3
+      uses: github/codeql-action/init@v4
      with:
        languages: ${{ matrix.language }}
    - name: Autobuild
-      uses: github/codeql-action/autobuild@v3
+      uses: github/codeql-action/autobuild@v4
    - name: Perform CodeQL Analysis
-      uses: github/codeql-action/analyze@v3
+      uses: github/codeql-action/analyze@v4
@@ -1,57 +0,0 @@
-# This workflow checks out code, performs a Codacy security scan
-# and integrates the results with the
-# GitHub Advanced Security code scanning feature.  For more information on
-# the Codacy security scan action usage and parameters, see
-# https://github.com/codacy/codacy-analysis-cli-action.
-# For more information on Codacy Analysis CLI in general, see
-# https://github.com/codacy/codacy-analysis-cli.
-
-name: Codacy Security Scan
-
-on:
-  push:
-    branches: [ develop ]
-  pull_request:
-    # The branches below must be a subset of the branches above
-    branches: [ develop ]
-  schedule:
-    - cron: '36 23 * * 3'
-
-permissions:
-  contents: read
-
-jobs:
-  codacy-security-scan:
-    # Ensure schedule job never runs on forked repos. It's only executed for 'grokability/snipe-it'
-    permissions:
-      contents: read  # for actions/checkout to fetch code
-      security-events: write  # for github/codeql-action/upload-sarif to upload SARIF results
-    if: (github.repository == 'grokability/snipe-it') || ((github.repository != 'grokability/snipe-it') && (github.event_name != 'schedule'))
-    name: Codacy Security Scan
-    runs-on: ubuntu-latest
-    steps:
-      # Checkout the repository to the GitHub Actions runner
-      - name: Checkout code
-        uses: actions/checkout@v5
-
-      # Execute Codacy Analysis CLI and generate a SARIF output with the security issues identified during the analysis
-      - name: Run Codacy Analysis CLI
-        uses: codacy/codacy-analysis-cli-action@v4.4.7
-        with:
-          # Check https://github.com/codacy/codacy-analysis-cli#project-token to get your project token from your Codacy repository
-          # You can also omit the token and run the tools that support default configurations
-          project-token: ${{ secrets.CODACY_PROJECT_TOKEN }}
-          verbose: true
-          output: results.sarif
-          format: sarif
-          # Adjust severity of non-security issues
-          gh-code-scanning-compat: true
-          # Force 0 exit code to allow SARIF file generation
-          # This will handover control about PR rejection to the GitHub side
-          max-allowed-issues: 2147483647
-
-      # Upload the SARIF file generated in the previous step
-      - name: Upload SARIF results file
-        uses: github/codeql-action/upload-sarif@v3
-        with:
-          sarif_file: results.sarif
@@ -9,7 +9,7 @@ jobs:
    runs-on: ubuntu-latest
    steps:
      - name: Checkout
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      - name: Crowdin push
        uses: crowdin/github-action@v2
@@ -42,17 +42,17 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -64,7 +64,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
        with:
          context: .
          file: ./Dockerfile.alpine
@@ -42,17 +42,17 @@ jobs:
    steps:
      # https://github.com/actions/checkout
      - name: Checkout codebase
-        uses: actions/checkout@v5
+        uses: actions/checkout@v6

      # https://github.com/docker/setup-buildx-action
      - name: Setup Docker Buildx
-        uses: docker/setup-buildx-action@v3
+        uses: docker/setup-buildx-action@v4

      # https://github.com/docker/login-action
      - name: Login to DockerHub
        # Only login if not a PR, as PRs only trigger a Docker build and not a push
        if: github.event_name != 'pull_request'
-        uses: docker/login-action@v3
+        uses: docker/login-action@v4
        with:
          username: ${{ secrets.DOCKER_USERNAME }}
          password: ${{ secrets.DOCKER_ACCESS_TOKEN }}
@@ -64,7 +64,7 @@ jobs:
      # Get Metadata for docker_build step below
      - name: Sync metadata (tags, labels) from GitHub to Docker for 'snipe-it' image
        id: meta_build
-        uses: docker/metadata-action@v5
+        uses: docker/metadata-action@v6
        with:
          images: snipe/snipe-it
          tags: ${{ env.IMAGE_TAGS }}
@@ -73,7 +73,7 @@ jobs:
      # https://github.com/docker/build-push-action
      - name: Build and push 'snipe-it' image
        id: docker_build
-        uses: docker/build-push-action@v6
+        uses: docker/build-push-action@v7
        with:
          context: .
          file: ./Dockerfile
@@ -11,7 +11,7 @@ jobs:
  dockerHubDescription:
    runs-on: ubuntu-latest
    steps:
-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Docker Hub Description
        uses: grokability/dockerhub-description@7ea9d275c7cdbe2b676a093a0308c50665e3b8b4
@@ -0,0 +1,69 @@
+# This workflow uses actions that are not certified by GitHub.
+# They are provided by a third-party and are governed by
+# separate terms of service, privacy policy, and support
+# documentation.
+
+# EthicalCheck addresses the critical need to continuously security test APIs in development and in production.
+
+# EthicalCheck provides the industry’s only free & automated API security testing service that uncovers security vulnerabilities using OWASP API list.
+# Developers relies on EthicalCheck to evaluate every update and release, ensuring that no APIs go to production with exploitable vulnerabilities.
+
+# You develop the application and API, we bring complete and continuous security testing to you, accelerating development.
+
+# Know your API and Applications are secure with EthicalCheck – our free & automated API security testing service.
+
+# How EthicalCheck works?
+# EthicalCheck functions in the following simple steps.
+# 1. Security Testing.
+# Provide your OpenAPI specification or start with a public Postman collection URL.
+# EthicalCheck instantly instrospects your API and creates a map of API endpoints for security testing.
+# It then automatically creates hundreds of security tests that are non-intrusive to comprehensively and completely test for authentication, authorizations, and OWASP bugs your API. The tests addresses the OWASP API Security categories including OAuth 2.0, JWT, Rate Limit etc.
+
+# 2. Reporting.
+# EthicalCheck generates security test report that includes all the tested endpoints, coverage graph, exceptions, and vulnerabilities.
+# Vulnerabilities are fully triaged, it contains CVSS score, severity, endpoint information, and OWASP tagging.
+
+
+# This is a starter workflow to help you get started with EthicalCheck Actions
+
+name: EthicalCheck-Workflow
+
+# Controls when the workflow will run
+on:
+  # Triggers the workflow on push or pull request events but only for the "master" branch
+  # Customize trigger events based on your DevSecOps processes.
+  push:
+    branches: [ "master" ]
+  pull_request:
+    branches: [ "master" ]
+  schedule:
+    - cron: '35 17 * * 6'
+
+  # Allows you to run this workflow manually from the Actions tab
+  workflow_dispatch:
+
+permissions:
+  contents: read
+
+jobs:
+  Trigger_EthicalCheck:
+    permissions:
+      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
+      actions: read # only required for a private repository by github/codeql-action/upload-sarif to get the Action run status
+    runs-on: ubuntu-latest
+
+    steps:
+       - name: EthicalCheck  Free & Automated API Security Testing Service
+         uses: apisec-inc/ethicalcheck-action@005fac321dd843682b1af6b72f30caaf9952c641
+         with:
+          # The OpenAPI Specification URL or Swagger Path or Public Postman collection URL.
+          oas-url: "http://netbanking.apisec.ai:8080/v2/api-docs"
+          # The email address to which the penetration test report will be sent.
+          email: "snipe@snipe.net"
+          sarif-result-file: "ethicalcheck-results.sarif"
+
+       - name: Upload sarif file to repository
+         uses: github/codeql-action/upload-sarif@v3
+         with:
+          sarif_file: ./ethicalcheck-results.sarif
+
@@ -11,7 +11,7 @@ jobs:
      issues: write
      #  pull-requests: write
    steps:
-      - uses: actions/stale@v9
+      - uses: actions/stale@v10
        with:
          debug-only: true
          ascending: true
@@ -28,6 +28,7 @@ jobs:
          - "8.2"
          - "8.3"
          - "8.4"
+          - "8.5"

    name: PHP ${{ matrix.php-version }}

@@ -37,13 +38,13 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -76,4 +77,16 @@ jobs:
          DB_DATABASE: snipeit
          DB_PORT: ${{ job.services.mysql.ports[3306] }}
          DB_USERNAME: root
+          LOG_CHANNEL: single
+          LOG_LEVEL: debug
        run: php artisan test
+
+      - name: Upload Laravel logs as artifacts
+        if: always()
+        uses: actions/upload-artifact@v7
+        with:
+          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
+          path: |
+            storage/logs/*.log
+          if-no-files-found: ignore
+          retention-days: 7
@@ -24,6 +24,7 @@ jobs:
          - "8.2"
          - "8.3"
          - "8.4"
+          - "8.5"


    name: PHP ${{ matrix.php-version }}
@@ -34,13 +35,13 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -75,4 +76,16 @@ jobs:
          DB_PORT: ${{ job.services.postgresql.ports[5432] }}
          DB_USERNAME: snipeit
          DB_PASSWORD: password
+          LOG_CHANNEL: single
+          LOG_LEVEL: debug
        run: php artisan test
+
+      - name: Upload Laravel logs as artifacts
+        if: always()
+        uses: actions/upload-artifact@v7
+        with:
+          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
+          path: |
+            storage/logs/*.log
+          if-no-files-found: ignore
+          retention-days: 7
@@ -15,7 +15,7 @@ jobs:
      fail-fast: false
      matrix:
        php-version:
-          - "8.3"
+          - "8.5"

    name: PHP ${{ matrix.php-version }}

@@ -25,13 +25,13 @@ jobs:
          php-version: "${{ matrix.php-version }}"
          coverage: none

-      - uses: actions/checkout@v5
+      - uses: actions/checkout@v6

      - name: Get Composer Cache Directory
        id: composer-cache
        run: |
          echo "dir=$(composer config cache-files-dir)" >> $GITHUB_OUTPUT
-      - uses: actions/cache@v4
+      - uses: actions/cache@v5
        with:
          path: ${{ steps.composer-cache.outputs.dir }}
          key: ${{ runner.os }}-${{ matrix.php-version }}-composer-${{ hashFiles('**/composer.lock') }}
@@ -61,4 +61,16 @@ jobs:
      - name: Execute tests (Unit and Feature tests) via PHPUnit
        env:
          DB_CONNECTION: sqlite
+          LOG_CHANNEL: single
+          LOG_LEVEL: debug
        run: php artisan test
+
+      - name: Upload Laravel logs as artifacts
+        if: always()
+        uses: actions/upload-artifact@v7
+        with:
+          name: laravel-logs-php-${{ matrix.php-version }}-run-${{ github.run_attempt }}
+          path: |
+            storage/logs/*.log
+          if-no-files-found: ignore
+          retention-days: 7
@@ -1,10 +1,10 @@
 {
-    "DOC1": "This file is meant to be pulled from the current HEAD of the desired branch, NOT referenced locally",
-    "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
-    "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
-    "DOC4": "You should really just ignore it and run upgrade.php. Really",
-    "php_min_version": "8.2.0",
-    "php_max_major_minor": "8.4",
-    "php_max_wontwork": "8.5.0",
-    "current_snipeit_version": "8.0"
+  "DOC1": "This file is meant to be pulled from the current HEAD of the desired branch, NOT referenced locally",
+  "DOC2": "In other words, what you see locally are the requirements for your _current_ install",
+  "DOC3": "Please don't rely on these versions for planning upgrades unless you've fetched the most recent version",
+  "DOC4": "You should really just ignore it and run upgrade.php. Really",
+  "php_min_version": "8.2.0",
+  "php_max_major_minor": "8.5",
+  "php_max_wontwork": "8.6.0",
+  "current_snipeit_version": "8.0"
 }
@@ -0,0 +1,110 @@
+# CLAUDE.md
+
+This file provides guidance to Claude Code (claude.ai/code) when working with code in this repository.
+
+## Stack
+
+- **PHP 8.2+** / **Laravel 12** (framework), **Laravel Mix** (webpack) for frontend assets
+- **AdminLTE 2** / **Bootstrap 3** UI — Blade views, no Livewire/Inertia
+- **Chart.js v2.9.4** — bundled at `public/js/dist/Chart.min.js`; use `horizontalBar` type (v2 API, not v3)
+
+## Common Commands
+
+```bash
+# Run all tests
+php artisan test
+# or
+vendor/bin/phpunit
+
+# Run a single test file
+php artisan test tests/Feature/Assets/AssetsTest.php
+
+# Run a specific test method
+php artisan test --filter testSomeMethod
+
+# Build frontend assets (dev)
+npm run dev
+
+# Build for production
+npm run prod
+
+# Laravel Mix watch
+npm run watch
+
+# Tinker / REPL
+php artisan tinker
+
+# Clear caches after config/route changes
+php artisan optimize:clear
+```
+
+Dev server is served via **Laravel Herd** (`herd coverage` for coverage reports).
+
+## Architecture
+
+### Controllers
+
+Two parallel controller trees:
+- `app/Http/Controllers/` — web/UI controllers (Blade views)
+- `app/Http/Controllers/Api/` — REST API controllers (JSON, used by datatables + select2)
+
+Subdirectory groupings: `Assets/`, `Licenses/`, `Users/`, `Accessories/`, `Consumables/`, `Components/`, `Kits/`, `Account/`, `Auth/`
+
+### API Pattern
+
+Every API controller returns data via a **Transformer** (`app/Http/Transformers/`). Never return raw model attributes from API controllers — always pass through the transformer. `DatatablesTransformer` wraps paginated results.
+
+```php
+return (new AssetsTransformer)->transformAssets($assets, $assets->count());
+```
+
+### Authorization
+
+All authorization goes through **Policies** (`app/Policies/`). `CheckoutablePermissionsPolicy` is the base for assets/licenses/accessories/consumables — its `checkout()` / `checkin()` methods accept `$item = null` so you can use `@can('checkout', \App\Models\Asset::class)` without an instance.
+
+### FMCS (Full Multiple Company Support)
+
+`Setting::getSettings()->full_multiple_companies_support == '1'` gates company-scoped filtering. The select2 API endpoints (`selectlist()` methods) accept a `companyId` query param — apply it like this:
+
+```php
+if ((Setting::getSettings()->full_multiple_companies_support == '1') && ($request->filled('companyId'))) {
+    $query->where('table.company_id', $request->input('companyId'));
+}
+```
+
+Pass `data-company-id="{{ $user->company_id }}"` in Blade to wire it to select2.
+
+### Select2 AJAX Dropdowns
+
+Use `class="js-data-ajax"` with `data-endpoint="hardware|licenses|consumables|..."`. `snipeit.js` auto-initializes these, forwarding `data-company-id` as `companyId` and `data-asset-status-type` as `statusType` to the API.
+
+### Routes
+
+All routes are in `routes/web.php` (UI) and `routes/api.php` (API). Breadcrumbs are defined inline using `->breadcrumbs(fn (Trail $trail) => ...)` from `tabuna/breadcrumbs`. Every UI route should have a breadcrumb.
+
+Note: the `reports/unaccepted_assets` route is named with slashes, not dots — use `route('reports/unaccepted_assets')`.
+
+### Translations
+
+String keys live in `resources/lang/en-US/general.php` (and other files in that directory). Always add new UI strings as translation keys rather than hard-coding English.
+
+### Checkout Redirect Flow
+
+After checkout, `Helper::getRedirectOption()` reads `$request->redirect_option`. For redirecting back to the assigned user after checkout:
+- Set `redirect_option=target` in the form
+- Set `checkout_to_type=user` in the form
+- Set `assigned_user={{ $user->id }}` in the form
+
+### Key Helper Methods (`app/Helpers/Helper.php`)
+
+- `Helper::deployableStatusLabelList()` — status labels for checkout forms
+- `Helper::defaultChartColors()` — 10-color palette used in charts
+- `Helper::getRedirectOption($request, $id, $table)` — post-checkout redirect logic
+
+### Global View Variables
+
+`$snipeSettings` is injected into all views via a service provider — no need to pass `Setting::getSettings()` from every controller. Use it directly in Blade.
+
+## Testing
+
+Tests live in `tests/Feature/` (organized by entity) and `tests/Unit/`. Feature tests hit the database; the test environment uses `array` cache/session/mail drivers. Tests use factories for data setup.
@@ -52,7 +52,7 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/2565989?v=4" width="110px;"/><br /><sub>coach1988</sub>](https://github.com/coach1988)<br />[💻](https://github.com/snipe/snipe-it/commits?author=coach1988 "Code") | [<img src="https://avatars.githubusercontent.com/u/11910225?v=4" width="110px;"/><br /><sub>MrM</sub>](https://github.com/mauro-miatello)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mauro-miatello "Code") | [<img src="https://avatars.githubusercontent.com/u/60405354?v=4" width="110px;"/><br /><sub>koiakoia</sub>](https://github.com/koiakoia)<br />[💻](https://github.com/snipe/snipe-it/commits?author=koiakoia "Code") | [<img src="https://avatars.githubusercontent.com/u/5323832?v=4" width="110px;"/><br /><sub>Mustafa Online</sub>](https://github.com/mustafa-online)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mustafa-online "Code") | [<img src="https://avatars.githubusercontent.com/u/104601439?v=4" width="110px;"/><br /><sub>franceslui</sub>](https://github.com/franceslui)<br />[💻](https://github.com/snipe/snipe-it/commits?author=franceslui "Code") | [<img src="https://avatars.githubusercontent.com/u/125313163?v=4" width="110px;"/><br /><sub>Q4kK</sub>](https://github.com/Q4kK)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Q4kK "Code") | [<img src="https://avatars.githubusercontent.com/u/55590532?v=4" width="110px;"/><br /><sub>squintfox</sub>](https://github.com/squintfox)<br />[💻](https://github.com/snipe/snipe-it/commits?author=squintfox "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/1380084?v=4" width="110px;"/><br /><sub>Jeff Clay</sub>](https://github.com/jeffclay)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jeffclay "Code") | [<img src="https://avatars.githubusercontent.com/u/52716446?v=4" width="110px;"/><br /><sub>Phil J R</sub>](https://github.com/PP-JN-RL)<br />[💻](https://github.com/snipe/snipe-it/commits?author=PP-JN-RL "Code") | [<img src="https://avatars.githubusercontent.com/u/1496725?v=4" width="110px;"/><br /><sub>i_virus</sub>](https://www.corelight.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chandanchowdhury "Code") | [<img src="https://avatars.githubusercontent.com/u/1020541?v=4" width="110px;"/><br /><sub>Paul Grime</sub>](https://github.com/gitgrimbo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gitgrimbo "Code") | [<img src="https://avatars.githubusercontent.com/u/922815?v=4" width="110px;"/><br /><sub>Lee Porte</sub>](https://leeporte.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeePorte "Code") | [<img src="https://avatars.githubusercontent.com/u/23613427?v=4" width="110px;"/><br /><sub>BRYAN </sub>](https://github.com/bryanlopezinc)<br />[💻](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Code") [⚠️](https://github.com/snipe/snipe-it/commits?author=bryanlopezinc "Tests") | [<img src="https://avatars.githubusercontent.com/u/64061710?v=4" width="110px;"/><br /><sub>U-H-T</sub>](https://github.com/U-H-T)<br />[💻](https://github.com/snipe/snipe-it/commits?author=U-H-T "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/5395363?v=4" width="110px;"/><br /><sub>Matt Tyree</sub>](https://github.com/Tyree)<br />[📖](https://github.com/snipe/snipe-it/commits?author=Tyree "Documentation") | [<img src="https://avatars.githubusercontent.com/u/292081?v=4" width="110px;"/><br /><sub>Florent Bervas</sub>](http://spoontux.net)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorentDotMe "Code") | [<img src="https://avatars.githubusercontent.com/u/4498077?v=4" width="110px;"/><br /><sub>Daniel Albertsen</sub>](https://ditscheri.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dbakan "Code") | [<img src="https://avatars.githubusercontent.com/u/100710244?v=4" width="110px;"/><br /><sub>r-xyz</sub>](https://github.com/r-xyz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=r-xyz "Code") | [<img src="https://avatars.githubusercontent.com/u/47491036?v=4" width="110px;"/><br /><sub>Steven Mainor</sub>](https://github.com/DrekiDegga)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DrekiDegga "Code") | [<img src="https://avatars.githubusercontent.com/u/65785975?v=4" width="110px;"/><br /><sub>arne-kroeger</sub>](https://github.com/arne-kroeger)<br />[💻](https://github.com/snipe/snipe-it/commits?author=arne-kroeger "Code") | [<img src="https://avatars.githubusercontent.com/u/167117705?v=4" width="110px;"/><br /><sub>Glukose1</sub>](https://github.com/Glukose1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Glukose1 "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") | [<img src="https://avatars.githubusercontent.com/u/143394709?v=4" width="110px;"/><br /><sub>Sebastian Groß</sub>](https://github.com/sgross-emlix)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sgross-emlix "Code") | [<img src="https://avatars.githubusercontent.com/u/41107778?v=4" width="110px;"/><br /><sub>Anouar Touati</sub>](https://github.com/AnouarTouati)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AnouarTouati "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1197791?v=4" width="110px;"/><br /><sub>Scarzy</sub>](https://github.com/Scarzy)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Scarzy "Code") | [<img src="https://avatars.githubusercontent.com/u/37372069?v=4" width="110px;"/><br /><sub>setpill</sub>](https://github.com/setpill)<br />[💻](https://github.com/snipe/snipe-it/commits?author=setpill "Code") | [<img src="https://avatars.githubusercontent.com/u/3755203?v=4" width="110px;"/><br /><sub>swift2512</sub>](https://github.com/swift2512)<br />[🐛](https://github.com/snipe/snipe-it/issues?q=author%3Aswift2512 "Bug reports") [💻](https://github.com/snipe/snipe-it/commits?author=swift2512 "Code") | [<img src="https://avatars.githubusercontent.com/u/6136439?v=4" width="110px;"/><br /><sub>Darren Rainey</sub>](https://darrenraineys.co.uk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=DarrenRainey "Code") | [<img src="https://avatars.githubusercontent.com/u/133033121?v=4" width="110px;"/><br /><sub>maciej-poleszczyk</sub>](https://github.com/maciej-poleszczyk)<br />[💻](https://github.com/snipe/snipe-it/commits?author=maciej-poleszczyk "Code") | [<img src="https://avatars.githubusercontent.com/u/143394709?v=4" width="110px;"/><br /><sub>Sebastian Groß</sub>](https://github.com/sgross-emlix)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sgross-emlix "Code") | [<img src="https://avatars.githubusercontent.com/u/41107778?v=4" width="110px;"/><br /><sub>Anouar Touati</sub>](https://github.com/AnouarTouati)<br />[💻](https://github.com/snipe/snipe-it/commits?author=AnouarTouati "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/25596663?v=4" width="110px;"/><br /><sub>aHVzY2g</sub>](https://github.com/aHVzY2g)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aHVzY2g "Code") | [<img src="https://avatars.githubusercontent.com/u/13408130?v=4" width="110px;"/><br /><sub>林博仁 Buo-ren Lin</sub>](https://brlin.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=brlin-tw "Code") | [<img src="https://avatars.githubusercontent.com/u/18550946?v=4" width="110px;"/><br /><sub>Adugna Gizaw</sub>](https://orbalia.pythonanywhere.com/)<br />[🌍](#translation-addex12 "Translation") | [<img src="https://avatars.githubusercontent.com/u/760989?v=4" width="110px;"/><br /><sub>Jesse Ostrander</sub>](https://github.com/jostrander)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jostrander "Code") | [<img src="https://avatars.githubusercontent.com/u/31522486?v=4" width="110px;"/><br /><sub>James M</sub>](https://github.com/azmcnutt)<br />[💻](https://github.com/snipe/snipe-it/commits?author=azmcnutt "Code") | [<img src="https://avatars.githubusercontent.com/u/5183146?v=4" width="110px;"/><br /><sub>Fiala06</sub>](https://github.com/Fiala06)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Fiala06 "Code") | [<img src="https://avatars.githubusercontent.com/u/28693782?v=4" width="110px;"/><br /><sub>Nathan Taylor</sub>](https://github.com/ntaylor-86)<br />[💻](https://github.com/snipe/snipe-it/commits?author=ntaylor-86 "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/16699443?v=4" width="110px;"/><br /><sub>fvollmer</sub>](https://github.com/fvollmer)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fvollmer "Code") | [<img src="https://avatars.githubusercontent.com/u/109086466?v=4" width="110px;"/><br /><sub>36864</sub>](https://github.com/36864)<br />[💻](https://github.com/snipe/snipe-it/commits?author=36864 "Code") | [<img src="https://avatars.githubusercontent.com/u/365751?v=4" width="110px;"/><br /><sub>Daniel O'Connor</sub>](http://clockwerx.blogspot.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=CloCkWeRX "Code") | [<img src="https://avatars.githubusercontent.com/u/102852568?v=4" width="110px;"/><br /><sub>BeatSpark</sub>](https://github.com/BeatSpark)<br />[💻](https://github.com/snipe/snipe-it/commits?author=BeatSpark "Code") | [<img src="https://avatars.githubusercontent.com/u/59203607?v=4" width="110px;"/><br /><sub>mrdahbi</sub>](https://github.com/mrdahbi)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mrdahbi "Code") | [<img src="https://avatars.githubusercontent.com/u/6661332?v=4" width="110px;"/><br /><sub>Fabian Schmid</sub>](http://sr.solutions)<br />[💻](https://github.com/snipe/snipe-it/commits?author=chfsx "Code") | [<img src="https://avatars.githubusercontent.com/u/1288116?v=4" width="110px;"/><br /><sub>Chris Olin</sub>](https://www.chrisolin.com)<br />[💻](https://github.com/snipe/snipe-it/commits?author=realchrisolin "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/3803132?v=4" width="110px;"/><br /><sub>Dan</sub>](https://github.com/mnemonicly)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mnemonicly "Code") | [<img src="https://avatars.githubusercontent.com/u/43917728?v=4" width="110px;"/><br /><sub>Nebel</sub>](https://github.com/NebelKreis)<br />[💻](https://github.com/snipe/snipe-it/commits?author=NebelKreis "Code") | [<img src="https://avatars.githubusercontent.com/u/132433803?v=4" width="110px;"/><br /><sub>test1337ahp</sub>](https://github.com/test1337ahp)<br />[💻](https://github.com/snipe/snipe-it/commits?author=test1337ahp "Code") | [<img src="https://avatars.githubusercontent.com/u/1916566?v=4" width="110px;"/><br /><sub>Jonathon Reinhart</sub>](https://github.com/JonathonReinhart)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JonathonReinhart "Code") | [<img src="https://avatars.githubusercontent.com/u/484742?v=4" width="110px;"/><br /><sub>aranar-pro</sub>](https://github.com/aranar-pro)<br />[💻](https://github.com/snipe/snipe-it/commits?author=aranar-pro "Code") | [<img src="https://avatars.githubusercontent.com/u/27019397?v=4" width="110px;"/><br /><sub>Phil</sub>](https://github.com/phil-flip)<br />[💻](https://github.com/snipe/snipe-it/commits?author=phil-flip "Code") | [<img src="https://avatars.githubusercontent.com/u/6473460?v=4" width="110px;"/><br /><sub>Steffy Fort</sub>](https://fe80.fr/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=fe80 "Code") |
@@ -68,7 +68,8 @@ Thanks goes to all of these wonderful people ([emoji key](https://github.com/ken
 | [<img src="https://avatars.githubusercontent.com/u/181059?v=4" width="110px;"/><br /><sub>Juan Font</sub>](https://github.com/juanfont)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juanfont "Code") | [<img src="https://avatars.githubusercontent.com/u/13137708?v=4" width="110px;"/><br /><sub>Juho Taipale</sub>](https://github.com/juhotaipale)<br />[💻](https://github.com/snipe/snipe-it/commits?author=juhotaipale "Code") | [<img src="https://avatars.githubusercontent.com/u/1007419?v=4" width="110px;"/><br /><sub>Korvin Szanto</sub>](https://github.com/KorvinSzanto)<br />[💻](https://github.com/snipe/snipe-it/commits?author=KorvinSzanto "Code") | [<img src="https://avatars.githubusercontent.com/u/8513053?v=4" width="110px;"/><br /><sub>Lewis Foster</sub>](https://lewisfoster.foo/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=sniff122 "Code") | [<img src="https://avatars.githubusercontent.com/u/33877541?v=4" width="110px;"/><br /><sub>Logan Swartzendruber</sub>](https://github.com/loganswartz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=loganswartz "Code") | [<img src="https://avatars.githubusercontent.com/u/1156208?v=4" width="110px;"/><br /><sub>Lorenzo P.</sub>](https://github.com/lopezio)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lopezio "Code") | [<img src="https://avatars.githubusercontent.com/u/33946590?v=4" width="110px;"/><br /><sub>Lukas Jung</sub>](https://github.com/m4us1ne)<br />[💻](https://github.com/snipe/snipe-it/commits?author=m4us1ne "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/10965027?v=4" width="110px;"/><br /><sub>Ellie</sub>](https://leafedfox.xyz/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=LeafedFox "Code") | [<img src="https://avatars.githubusercontent.com/u/20960555?v=4" width="110px;"/><br /><sub>GA Stamper</sub>](https://github.com/gastamper)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gastamper "Code") | [<img src="https://avatars.githubusercontent.com/u/206553556?v=4" width="110px;"/><br /><sub>Guillaume Lefranc</sub>](https://github.com/gl-pup)<br />[💻](https://github.com/snipe/snipe-it/commits?author=gl-pup "Code") | [<img src="https://avatars.githubusercontent.com/u/733892?v=4" width="110px;"/><br /><sub>Hajo Möller</sub>](https://github.com/dasjoe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=dasjoe "Code") | [<img src="https://avatars.githubusercontent.com/u/3420063?v=4" width="110px;"/><br /><sub>Istvan Basa</sub>](https://github.com/pottom)<br />[💻](https://github.com/snipe/snipe-it/commits?author=pottom "Code") | [<img src="https://avatars.githubusercontent.com/u/810824?v=4" width="110px;"/><br /><sub>JJ Asghar</sub>](https://jjasghar.github.io/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jjasghar "Code") | [<img src="https://avatars.githubusercontent.com/u/40404495?v=4" width="110px;"/><br /><sub>James E. Msenga</sub>](https://github.com/JemCdo)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JemCdo "Code") |
 | [<img src="https://avatars.githubusercontent.com/u/6865786?v=4" width="110px;"/><br /><sub>Jan Felix Wiebe</sub>](https://github.com/jfwiebe)<br />[💻](https://github.com/snipe/snipe-it/commits?author=jfwiebe "Code") | [<img src="https://avatars.githubusercontent.com/u/43412008?v=4" width="110px;"/><br /><sub>Jo Drexl</sub>](https://www.nfon.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=drexljo "Code") | [<img src="https://avatars.githubusercontent.com/u/4807843?v=4" width="110px;"/><br /><sub>Austin Sasko</sub>](https://github.com/austinsasko)<br />[💻](https://github.com/snipe/snipe-it/commits?author=austinsasko "Code") | [<img src="https://avatars.githubusercontent.com/u/4875039?v=4" width="110px;"/><br /><sub>Jasson</sub>](http://jassoncordones.github.io)<br />[💻](https://github.com/snipe/snipe-it/commits?author=JassonCordones "Code") | [<img src="https://avatars.githubusercontent.com/u/76069640?v=4" width="110px;"/><br /><sub>Okean</sub>](https://github.com/Tinyblargon)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Tinyblargon "Code") | [<img src="https://avatars.githubusercontent.com/u/6515064?v=4" width="110px;"/><br /><sub>Alejandro Medrano</sub>](https://www.lst.tfo.upm.es/alejandro-medrano/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=amedranogil "Code") | [<img src="https://avatars.githubusercontent.com/u/58696401?v=4" width="110px;"/><br /><sub>Lukas Kraic</sub>](https://github.com/lukaskraic)<br />[💻](https://github.com/snipe/snipe-it/commits?author=lukaskraic "Code") |
-| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/1571724?v=4" width="110px;"/><br /><sub>Герхард PICCORO Lenz McKAY </sub>](https://github-readme-stats.vercel.app/api?username=mckaygerhard)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mckaygerhard "Code") | [<img src="https://avatars.githubusercontent.com/u/15015119?v=4" width="110px;"/><br /><sub>Johannes Pollitt</sub>](https://github.com/FlorestanII)<br />[💻](https://github.com/snipe/snipe-it/commits?author=FlorestanII "Code") | [<img src="https://avatars.githubusercontent.com/u/14185442?v=4" width="110px;"/><br /><sub>Michael Strobel</sub>](https://strobelm.de)<br />[💻](https://github.com/snipe/snipe-it/commits?author=strobelm "Code") | [<img src="https://avatars.githubusercontent.com/u/634790?v=4" width="110px;"/><br /><sub>Nicky West</sub>](http://nickwest.me)<br />[💻](https://github.com/snipe/snipe-it/commits?author=nickwest "Code") | [<img src="https://avatars.githubusercontent.com/u/1347327?v=4" width="110px;"/><br /><sub>akaspeh1</sub>](https://github.com/akaspeh1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=akaspeh1 "Code") | [<img src="https://avatars.githubusercontent.com/u/2880129?v=4" width="110px;"/><br /><sub>Sebastian Marsching</sub>](http://sebastian.marsching.com/)<br />[💻](https://github.com/snipe/snipe-it/commits?author=smarsching "Code") | [<img src="https://avatars.githubusercontent.com/u/40658372?v=4" width="110px;"/><br /><sub>Mo</sub>](https://github.com/mohammad-ahmadi1)<br />[💻](https://github.com/snipe/snipe-it/commits?author=mohammad-ahmadi1 "Code") |
+| [<img src="https://avatars.githubusercontent.com/u/20994684?v=4" width="110px;"/><br /><sub>Owen V. Hayes</sub>](https://github.com/MarvelousAnything)<br />[💻](https://github.com/snipe/snipe-it/commits?author=MarvelousAnything "Code") | [<img src="https://avatars.githubusercontent.com/u/75509373?v=4" width="110px;"/><br /><sub>Peter Gallwas</sub>](https://www.husky.nz)<br />[💻](https://github.com/snipe/snipe-it/commits?author=Husky-Devel "Code") |
 <!-- ALL-CONTRIBUTORS-LIST:END -->

 This project follows the [all-contributors](https://github.com/kentcdodds/all-contributors) specification. Contributions of any kind welcome!
@@ -1,35 +1,35 @@
-FROM alpine:3.19
+FROM alpine:3.23
 # Apache + PHP
 RUN  apk add --no-cache \
        apache2 \
-        php82 \
-        php82-common \
-        php82-apache2 \
-        php82-curl \
-        php82-ldap \
-        php82-mysqli \
-        php82-gd \
-        php82-xml \
-        php82-mbstring \
-        php82-zip \
-        php82-ctype \
-        php82-tokenizer \
-        php82-pdo_mysql \
-        php82-openssl \
-        php82-bcmath \
-        php82-phar \
-        php82-json \
-        php82-iconv \
-        php82-fileinfo \
-        php82-simplexml \
-        php82-session \
-        php82-dom \
-        php82-xmlwriter \
-        php82-xmlreader \
-        php82-sodium \
-        php82-redis \
-        php82-pecl-memcached \
-        php82-exif \
+        php84 \
+        php84-common \
+        php84-apache2 \
+        php84-curl \
+        php84-ldap \
+        php84-mysqli \
+        php84-gd \
+        php84-xml \
+        php84-mbstring \
+        php84-zip \
+        php84-ctype \
+        php84-tokenizer \
+        php84-pdo_mysql \
+        php84-openssl \
+        php84-bcmath \
+        php84-phar \
+        php84-json \
+        php84-iconv \
+        php84-fileinfo \
+        php84-simplexml \
+        php84-session \
+        php84-dom \
+        php84-xmlwriter \
+        php84-xmlreader \
+        php84-sodium \
+        php84-redis \
+        php84-pecl-memcached \
+        php84-exif \
        curl \
        wget \
        vim \
@@ -42,7 +42,7 @@ COPY docker/column-statistics.cnf /etc/mysql/conf.d/column-statistics.cnf
 # Where apache's PID lives
 RUN mkdir -p /run/apache2 && chown apache:apache /run/apache2

-RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php82/php.ini
+RUN sed -i 's/variables_order = .*/variables_order = "EGPCS"/' /etc/php84/php.ini
 COPY  docker/000-default-2.4.conf /etc/apache2/conf.d/default.conf

 # Enable mod_rewrite
@@ -1,13 +1,13 @@
 ![snipe-it-by-grok](https://github.com/grokability/snipe-it/assets/197404/b515673b-c7c8-4d9a-80f5-9fa58829a602)

-[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/) [![Codacy Badge](https://app.codacy.com/project/badge/Grade/804dd1beb14a41f38810ab77d64fc4fc)](https://app.codacy.com/gh/grokability/snipe-it/dashboard?utm_source=gh&utm_medium=referral&utm_content=&utm_campaign=Badge_grade) [![Tests](https://github.com/grokability/snipe-it/actions/workflows/tests.yml/badge.svg)](https://github.com/grokability/snipe-it/actions/workflows/tests.yml)
+[![Crowdin](https://d322cqt584bo4o.cloudfront.net/snipe-it/localized.svg)](https://crowdin.com/project/snipe-it) [![Docker Pulls](https://img.shields.io/docker/pulls/snipe/snipe-it.svg)](https://hub.docker.com/r/snipe/snipe-it/)  [![Tests in MySQL](https://github.com/grokability/snipe-it/actions/workflows/tests-mysql.yml/badge.svg)](https://github.com/grokability/snipe-it/actions/workflows/tests-mysql.yml)
 [![All Contributors](https://img.shields.io/badge/all_contributors-331-orange.svg?style=flat-square)](#contributing) [![Discord](https://badgen.net/badge/icon/discord?icon=discord&label)](https://discord.gg/yZFtShAcKk)

 ## Snipe-IT - Open Source Asset Management System

 This is a FOSS project for asset management in IT Operations. Knowing who has which laptop, when it was purchased in order to depreciate it correctly, handling software licenses, etc.

-It is built on [Laravel 11](http://laravel.com).
+It is built on [Laravel 12](http://laravel.com).

 Snipe-IT is actively developed and we [release quite frequently](https://github.com/grokability/snipe-it/releases). ([Check out the live demo here](https://snipeitapp.com/demo/).)

@@ -78,11 +78,14 @@ Since the release of the JSON REST API, several third-party developers have been

 #### Libraries & Modules

+- [SnipeScheduler](https://github.com/JSY-Ben/SnipeScheduler) by [@JSY-Ben](https://github.com/JSY-Ben) - An Asset Reservation/Checkout System for Snipe-IT
+- [Snipe-IT MCP Server](https://github.com/jameshgordy/snipeit-mcp) by [@jameshgordy](https://github.com/jameshgordy) - A Model Context Protocol (MCP) server for managing Snipe-IT inventory systems
 - [SnipeSharp - .NET module in C#](https://github.com/barrycarey/SnipeSharp) by [@barrycarey](https://github.com/barrycarey)
 - [SnipeitPS](https://github.com/snazy2000/SnipeitPS) by [@snazy2000](https://github.com/snazy2000) - Powershell API Wrapper for Snipe-it
 - [jamf2snipe](https://github.com/grokability/jamf2snipe) - Python script to sync assets between a JAMFPro instance and a Snipe-IT instance
 - [jamf-snipe-rename](https://macblog.org/jamf-snipe-rename/) - Python script to rename computers in Jamf from Snipe-IT
 - [Snipe-IT plugin for Jira Service Desk](https://marketplace.atlassian.com/apps/1220964/snipe-it-for-jira)
+- [Rudder2Snipe](https://github.com/norbertoaquino/rudder2snipe) by [@norbertoaquino](https://github.com/norbertoaquino) - Rudder.io integration for Snipe-IT
 - [Python 3 CSV importer](https://github.com/gastamper/snipeit-csvimporter) - allows importing assets into Snipe-IT based on Item Name rather than Asset Tag.
 - [Snipe-IT Kubernetes Helm Chart](https://github.com/t3n/helm-charts/tree/master/snipeit) - For more information, [click here](https://hub.helm.sh/charts/t3n/snipeit).
 - [Snipe-IT Bulk Edit](https://github.com/bricelabelle/snipe-it-bulkedit) - Google Script files to use Google Sheets as a bulk checkout/checkin/edit tool for Snipe-IT.
@@ -121,7 +124,7 @@ We're currently working on our own mobile app, but in the meantime, check out th

 ### Contributing

-**Please refrain from submitting issues or pull requests generated by fully-automated tools. Maintainers reserve the right, at their sole discretion, to close such submissions and to block any account responsible for them.** 
+**Please refrain from submitting issues or pull requests generated by fully-automated tools. Maintainers reserve the right, at their sole discretion, to close such submissions and to block any account responsible for them.** Please see our [AI Contribution Policy](https://snipe-it.readme.io/docs/contributing-overview#ai-usage-policy) for more information.

 Contributions should follow from a human-to-human discussion in the form of an issue for the best chances of being merged into the core project. (Sometimes we might already be working on that feature, sometimes we've decided against )

@@ -10,9 +10,9 @@ however there are times when library dependencies and/or PHP/MySQL dependencies
 make it impossible to backport security fixes on older versions. 

 | Version | Supported          |
-|---------| ------------------ |
+|---------|--------------------|
 | 8.x     | :white_check_mark: |
-| 7.x     | :white_check_mark: |
+| 7.x     | :x:                |
 | 6.x     | :x:                |
 | 5.1.x   | :x:                |
 | 5.0.x   | :x:                |
@@ -24,7 +24,18 @@ make it impossible to backport security fixes on older versions.
 Security vulnerabilities should be sent to security@snipeitapp.com. You can typically expect a 
 response within two business days, and we typically have fixes out in under a week from the initial disclosure.

-This obviously varies based on the severity of the  security issue and the difficulty in remediation, 
-but those have historically been the timelines we worm around.
+This obviously varies based on the severity of the security issue and the difficulty in remediation, but those have
+historically been the timelines we work around.
+
+We do ask that you do not disclose the vulnerability publicly until we have had a chance to address it and tag a release
+so that we can protect our users, and we will work
+with you to coordinate a public disclosure once we have a fix out. We will also work with you to ensure that you receive
+appropriate credit for the discovery of the vulnerability, if you would like to be credited. (Please provide a GitHub
+username or other information if you would like to be credited, and please let us know if you would like to remain
+anonymous.)
+
+For responsible disclosure, we ask that you give us at least __90 days__ to address the issue before disclosing it
+publicly,
+but we will work with you if you need to disclose it sooner than that.

 For a full breakdown of our security policies, please see https://snipeitapp.com/security.
@@ -0,0 +1,109 @@
+<?php
+
+namespace App\Actions\Breadcrumbs;
+
+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\CheckoutAcceptance;
+use App\Models\Consumable;
+use App\Models\License;
+use App\Models\LicenseSeat;
+use App\Models\User;
+use Tabuna\Breadcrumbs\Trail;
+
+final class BuildAcceptanceBreadcrumbs
+{
+    public static function forAcceptance(Trail $trail, CheckoutAcceptance|int|string $acceptance): void
+    {
+        $acceptance = self::resolveAcceptance($acceptance);
+        $trail->parent('home');
+
+        if (! $acceptance instanceof CheckoutAcceptance) {
+            self::appendProfileContext($trail);
+
+            return;
+        }
+
+        if (! self::isSignInPlaceFlow($acceptance)) {
+            self::appendProfileContext($trail);
+            $trail->push(trans('general.accept_item'), route('account.accept.item', $acceptance));
+
+            return;
+        }
+
+        self::appendCheckoutFlowContext($trail, $acceptance);
+        $trail->push(self::buildSignInPlaceLabel($acceptance));
+    }
+
+    private static function resolveAcceptance(CheckoutAcceptance|int|string $acceptance): ?CheckoutAcceptance
+    {
+        if ($acceptance instanceof CheckoutAcceptance) {
+            return $acceptance;
+        }
+
+        if (is_numeric($acceptance)) {
+            return CheckoutAcceptance::find((int) $acceptance);
+        }
+
+        return null;
+    }
+
+    private static function isSignInPlaceFlow(CheckoutAcceptance $acceptance): bool
+    {
+        return (int) session('sign_in_place_acceptance_id') === (int) $acceptance->id;
+    }
+
+    private static function appendProfileContext(Trail $trail): void
+    {
+        $trail->push(trans('general.profile'), route('account'));
+        $trail->push(trans('general.accept_items'), route('account.accept'));
+    }
+
+    private static function appendCheckoutFlowContext(Trail $trail, CheckoutAcceptance $acceptance): void
+    {
+        $checkoutable = $acceptance->checkoutable;
+
+        if ($checkoutable instanceof Asset) {
+            $trail->push(trans('general.assets'), route('hardware.index'));
+            $trail->push($checkoutable->display_name ?? trans('general.asset'), route('hardware.show', $checkoutable));
+            $trail->push(trans('general.checkout'));
+
+            return;
+        }
+
+        if ($checkoutable instanceof LicenseSeat) {
+            $license = $checkoutable->license;
+
+            if ($license instanceof License) {
+                $trail->push(trans('general.licenses'), route('licenses.index'));
+                $trail->push($license->display_name ?? trans('general.license'), route('licenses.show', $license));
+                $trail->push(trans('general.checkout'));
+            }
+
+            return;
+        }
+
+        if ($checkoutable instanceof Consumable) {
+            $trail->push(trans('general.consumables'), route('consumables.index'));
+            $trail->push($checkoutable->display_name ?? trans('general.consumable'), route('consumables.show', $checkoutable));
+            $trail->push(trans('general.checkout'));
+
+            return;
+        }
+
+        if ($checkoutable instanceof Accessory) {
+            $trail->push(trans('general.accessories'), route('accessories.index'));
+            $trail->push($checkoutable->display_name ?? trans('general.accessory'), route('accessories.show', $checkoutable));
+            $trail->push(trans('general.checkout'));
+        }
+    }
+
+    private static function buildSignInPlaceLabel(CheckoutAcceptance $acceptance): string
+    {
+        if ($acceptance->assignedTo instanceof User) {
+            return sprintf('%s for %s', trans('general.sign_in_place'), $acceptance->assignedTo->display_name);
+        }
+
+        return trans('general.sign_in_place');
+    }
+}
@@ -0,0 +1,59 @@
+<?php
+
+namespace App\Actions\Categories;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssetModels;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Category;
+use Illuminate\Support\Facades\Storage;
+
+class DestroyCategoryAction
+{
+    /**
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasAssetModels
+     * @throws ItemStillHasComponents
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasConsumables
+     */
+    public static function run(Category $category): bool
+    {
+        $category->loadCount([
+            'assets as assets_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+            'licenses as licenses_count',
+            'models as models_count',
+        ]);
+
+        if ($category->assets_count > 0) {
+            throw new ItemStillHasAssets($category);
+        }
+        if ($category->accessories_count > 0) {
+            throw new ItemStillHasAccessories($category);
+        }
+        if ($category->consumables_count > 0) {
+            throw new ItemStillHasConsumables($category);
+        }
+        if ($category->components_count > 0) {
+            throw new ItemStillHasComponents($category);
+        }
+        if ($category->licenses_count > 0) {
+            throw new ItemStillHasLicenses($category);
+        }
+        if ($category->models_count > 0) {
+            throw new ItemStillHasAssetModels($category);
+        }
+
+        Storage::disk('public')->delete('categories'.'/'.$category->image);
+        $category->delete();
+
+        return true;
+    }
+}
@@ -14,8 +14,8 @@ class CancelCheckoutRequestAction
 {
    public static function run(Asset $asset, User $user)
    {
-        if (!Company::isCurrentUserHasAccess($asset)) {
-            throw new AuthorizationException();
+        if (! Company::isCurrentUserHasAccess($asset)) {
+            throw new AuthorizationException;
        }

        $asset->cancelRequest();
@@ -27,7 +27,7 @@ class CancelCheckoutRequestAction
        $data['item_quantity'] = 1;
        $settings = Setting::getSettings();

-        $logaction = new Actionlog();
+        $logaction = new Actionlog;
        $logaction->item_id = $data['asset_id'] = $asset->id;
        $logaction->item_type = $data['item_type'] = Asset::class;
        $logaction->created_at = $data['requested_date'] = date('Y-m-d H:i:s');
@@ -44,5 +44,4 @@ class CancelCheckoutRequestAction

        return true;
    }
-
-}
+}
@@ -23,8 +23,8 @@ class CreateCheckoutRequestAction
        if (is_null(Asset::RequestableAssets()->find($asset->id))) {
            throw new AssetNotRequestable($asset);
        }
-        if (!Company::isCurrentUserHasAccess($asset)) {
-            throw new AuthorizationException();
+        if (! Company::isCurrentUserHasAccess($asset)) {
+            throw new AuthorizationException;
        }

        $data['item'] = $asset;
@@ -32,7 +32,7 @@ class CreateCheckoutRequestAction
        $data['item_quantity'] = 1;
        $settings = Setting::getSettings();

-        $logaction = new Actionlog();
+        $logaction = new Actionlog;
        $logaction->item_id = $data['asset_id'] = $asset->id;
        $logaction->item_type = $data['item_type'] = Asset::class;
        $logaction->created_at = $data['requested_date'] = date('Y-m-d H:i:s');
@@ -44,11 +44,11 @@ class CreateCheckoutRequestAction
        $asset->request();
        $asset->increment('requests_counter', 1);
        try {
-            $settings->notify(new RequestAssetNotification($data));
+            $settings->notify((new RequestAssetNotification($data))->locale($settings->locale));
        } catch (\Exception $e) {
            Log::warning($e);
        }

        return true;
    }
-}
+}
@@ -0,0 +1,62 @@
+<?php
+
+namespace App\Actions\Manufacturers;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Models\Manufacturer;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+
+class DeleteManufacturerAction
+{
+    /**
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasComponents
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasConsumables
+     */
+    public static function run(Manufacturer $manufacturer): bool
+    {
+        $manufacturer->loadCount([
+            'assets as assets_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+            'licenses as licenses_count',
+        ]);
+
+        if ($manufacturer->assets_count > 0) {
+            throw new ItemStillHasAssets($manufacturer);
+        }
+        if ($manufacturer->accessories_count > 0) {
+            throw new ItemStillHasAccessories($manufacturer);
+        }
+        if ($manufacturer->consumables_count > 0) {
+            throw new ItemStillHasConsumables($manufacturer);
+        }
+        if ($manufacturer->components_count > 0) {
+            throw new ItemStillHasComponents($manufacturer);
+        }
+        if ($manufacturer->licenses_count > 0) {
+            throw new ItemStillHasLicenses($manufacturer);
+        }
+
+        if ($manufacturer->image) {
+            try {
+                Storage::disk('public')->delete('manufacturers/'.$manufacturer->image);
+            } catch (\Exception $e) {
+                Log::info($e);
+            }
+        }
+
+        $manufacturer->delete();
+        // dd($manufacturer);
+
+        return true;
+    }
+}
@@ -0,0 +1,30 @@
+<?php
+
+namespace App\Actions\Permissions;
+
+final class NormalizePermissionsPayloadAction
+{
+    /**
+     * Normalize permissions payloads from request/model to a consistent associative array.
+     *
+     * @return array<string, mixed>
+     */
+    public static function run(mixed $permissions): array
+    {
+        if (is_string($permissions)) {
+            $decoded = json_decode($permissions, true);
+
+            return is_array($decoded) ? $decoded : [];
+        }
+
+        if (is_array($permissions)) {
+            return $permissions;
+        }
+
+        if ($permissions instanceof \stdClass) {
+            return (array) $permissions;
+        }
+
+        return [];
+    }
+}
@@ -0,0 +1,41 @@
+<?php
+
+namespace App\Actions\Permissions;
+
+use App\Models\User;
+
+final class PreserveUnauthorizedPrivilegedPermissionsAction
+{
+    /**
+     * Preserve privileged permission keys unless the authenticated user may manage them.
+     *
+     * @param  array<string, mixed>  $requestedPermissions
+     * @param  array<string, mixed>  $originalPermissions
+     * @return array<string, mixed>
+     */
+    public static function run(array $requestedPermissions, User $authenticatedUser, array $originalPermissions = [], ?User $targetUser = null): array
+    {
+        // Disallow non-admin/superuser users from modifying their own permissions, but allow them to modify other users' permissions (except for admin/superuser keys).
+        if ($targetUser && ! $authenticatedUser->isSuperUser() && $authenticatedUser->id === $targetUser->id) {
+            return $originalPermissions;
+        }
+
+        if (! $authenticatedUser->isSuperUser()) {
+            if (array_key_exists('superuser', $originalPermissions)) {
+                $requestedPermissions['superuser'] = $originalPermissions['superuser'];
+            } else {
+                unset($requestedPermissions['superuser']);
+            }
+        }
+
+        if ((! $authenticatedUser->isAdmin()) && (! $authenticatedUser->isSuperUser())) {
+            if (array_key_exists('admin', $originalPermissions)) {
+                $requestedPermissions['admin'] = $originalPermissions['admin'];
+            } else {
+                unset($requestedPermissions['admin']);
+            }
+        }
+
+        return $requestedPermissions;
+    }
+}
@@ -0,0 +1,71 @@
+<?php
+
+namespace App\Actions\Suppliers;
+
+use App\Exceptions\ItemStillHasAccessories;
+use App\Exceptions\ItemStillHasAssets;
+use App\Exceptions\ItemStillHasComponents;
+use App\Exceptions\ItemStillHasConsumables;
+use App\Exceptions\ItemStillHasLicenses;
+use App\Exceptions\ItemStillHasMaintenances;
+use App\Models\Supplier;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;
+
+class DestroySupplierAction
+{
+    /**
+     * @throws ItemStillHasLicenses
+     * @throws ItemStillHasAssets
+     * @throws ItemStillHasMaintenances
+     * @throws ItemStillHasAccessories
+     * @throws ItemStillHasConsumables
+     * @throws ItemStillHasComponents
+     */
+    public static function run(Supplier $supplier): bool
+    {
+        $supplier->loadCount([
+            'maintenances as maintenances_count',
+            'assets as assets_count',
+            'licenses as licenses_count',
+            'accessories as accessories_count',
+            'consumables as consumables_count',
+            'components as components_count',
+        ]);
+        if ($supplier->assets_count > 0) {
+            throw new ItemStillHasAssets($supplier);
+        }
+
+        if ($supplier->maintenances_count > 0) {
+            throw new ItemStillHasMaintenances($supplier);
+        }
+
+        if ($supplier->licenses_count > 0) {
+            throw new ItemStillHasLicenses($supplier);
+        }
+
+        if ($supplier->accessories_count > 0) {
+            throw new ItemStillHasAccessories($supplier);
+        }
+
+        if ($supplier->consumables_count > 0) {
+            throw new ItemStillHasConsumables($supplier);
+        }
+
+        if ($supplier->components_count > 0) {
+            throw new ItemStillHasComponents($supplier);
+        }
+
+        if ($supplier->image) {
+            try {
+                Storage::disk('public')->delete('suppliers/'.$supplier->image);
+            } catch (\Exception $e) {
+                Log::info($e->getMessage());
+            }
+        }
+
+        $supplier->delete();
+
+        return true;
+    }
+}
@@ -4,9 +4,7 @@ namespace App\Console\Commands;

 use App\Models\License;
 use App\Models\LicenseSeat;
-use App\Models\User;
 use Illuminate\Console\Command;
-use Illuminate\Database\Eloquent\Model;

 class CheckinLicensesFromAllUsers extends Command
 {
@@ -3,10 +3,8 @@
 namespace App\Console\Commands;

 use App\Models\License;
-use App\Models\LicenseSeat;
 use App\Models\User;
 use Illuminate\Console\Command;
-use Illuminate\Database\Eloquent\Model;

 class CheckoutLicenseToAllUsers extends Command
 {
@@ -75,6 +73,7 @@ class CheckoutLicenseToAllUsers extends Command

            if ($user->licenses->where('id', '=', $license_id)->count()) {
                $this->info($user->username.' already has this license checked out to them. Skipping... ');
+
                continue;
            }

@@ -21,7 +21,7 @@ class CleanIncorrectCheckoutAcceptances extends Command
     *
     * @var string
     */
-    protected $description = "Delete checkout acceptances for checkouts to non-users";
+    protected $description = 'Delete checkout acceptances for checkouts to non-users';

    /**
     * Execute the console command.
@@ -35,30 +35,32 @@ class CleanIncorrectCheckoutAcceptances extends Command
        $this->withProgressBar(CheckoutAcceptance::all(), function ($checkoutAcceptance) use (&$deletions, &$skips) {
            $item = $checkoutAcceptance->checkoutable;
            $checkout_to_id = $checkoutAcceptance->assigned_to_id;
-            if(is_null($item)) {
+            if (is_null($item)) {
                $this->info("'Checkoutable' Item is null, going to next record");
-                return; //'false' allegedly breaks execution entirely, so 'true' maybe doesn't? hrm. just straight return maybe?
+
+                return; // 'false' allegedly breaks execution entirely, so 'true' maybe doesn't? hrm. just straight return maybe?
            }
-            if(get_class($item) == LicenseSeat::class) {
+            if (get_class($item) == LicenseSeat::class) {
                $item = $item->license;
            }
-            foreach($item->assetlog()->where('action_type','checkout')->get() as $assetlog) {
+            foreach ($item->assetlog()->where('action_type', 'checkout')->get() as $assetlog) {
                if ($assetlog->target_id == $checkout_to_id && $assetlog->target_type != User::class) {
-                    //We have a checkout-to an ID for a non-User, which matches to an ID in the checkout_acceptances table
+                    // We have a checkout-to an ID for a non-User, which matches to an ID in the checkout_acceptances table

-                    //now, let's compare the _times_ - are they close?
-                    //I'm picking `created_at` over `action_date` because I'm more interested in when the actionlogs
-                    //were _created_, not when they were alleged to have happened - those created_at times need to be within 'X' seconds of
-                    //each other (currently 5)
-                    if ($assetlog->created_at->diffInSeconds($checkoutAcceptance->created_at, true) <= 5) { //we're allowing for five _ish_ seconds of slop
+                    // now, let's compare the _times_ - are they close?
+                    // I'm picking `created_at` over `action_date` because I'm more interested in when the actionlogs
+                    // were _created_, not when they were alleged to have happened - those created_at times need to be within 'X' seconds of
+                    // each other (currently 5)
+                    if ($assetlog->created_at->diffInSeconds($checkoutAcceptance->created_at, true) <= 5) { // we're allowing for five _ish_ seconds of slop
                        $deletions++;
                        $checkoutAcceptance->forceDelete(); // HARD delete this record; it should have never been
+
                        return;
                    } else {
-                        //$this->info("The two records are too far apart");
+                        // $this->info("The two records are too far apart");
                    }
                } else {
-                    //$this->info("No match! checkout to id: " . $checkout_to_id." target_id: ".$assetlog->target_id." target_type: ".$assetlog->target_type);
+                    // $this->info("No match! checkout to id: " . $checkout_to_id." target_id: ".$assetlog->target_id." target_type: ".$assetlog->target_type);
                }
            }
            $skips++;
@@ -8,6 +8,7 @@ use Illuminate\Console\Command;
 class CleanOldCheckoutRequests extends Command
 {
    private int $deletions = 0;
+
    private int $skips = 0;

    /**
@@ -44,12 +45,14 @@ class CleanOldCheckoutRequests extends Command
            if ($this->shouldForceDelete($request)) {
                $request->forceDelete();
                $this->deletions++;
+
                return;
            }

            if ($this->shouldSoftDelete($request)) {
                $request->delete();
                $this->deletions++;
+
                return;
            }

@@ -64,7 +67,7 @@ class CleanOldCheckoutRequests extends Command
    private function shouldForceDelete(CheckoutRequest $request)
    {
        // check if the requestable or user relationship is null
-        return !$request->requestable || !$request->user;
+        return ! $request->requestable || ! $request->user;
    }

    private function shouldSoftDelete(CheckoutRequest $request)
@@ -2,31 +2,28 @@

 namespace App\Console\Commands;

+use App\Models\User;
 use Illuminate\Console\Command;
-use \App\Models\User;
-
+use Illuminate\Support\Carbon;

 class CreateAdmin extends Command
 {
-
    /** @mixin User **/
    /**
     * App\Console\CreateAdmin
+     *
     * @property mixed $first_name
     * @property string $last_name
     * @property string $username
     * @property string $email
     * @property string $permissions
     * @property string $password
-     * @property boolean $activated
-     * @property boolean $show_in_list
-     * @property boolean $autoassign_licenses
-     * @property \Illuminate\Support\Carbon|null $created_at
+     * @property bool $activated
+     * @property bool $show_in_list
+     * @property bool $autoassign_licenses
+     * @property Carbon|null $created_at
     * @property mixed $created_by
     */
-
-
-
    protected $signature = 'snipeit:create-admin {--first_name=} {--last_name=}  {--email=}  {--username=}  {--password=} {show_in_list?} {autoassign_licenses?}';

    /**
@@ -46,7 +43,6 @@ class CreateAdmin extends Command
        parent::__construct();
    }

-
    public function handle()
    {
        $first_name = $this->option('first_name');
@@ -57,8 +53,6 @@ class CreateAdmin extends Command
        $show_in_list = $this->argument('show_in_list');
        $autoassign_licenses = $this->argument('autoassign_licenses');

-
-
        if (($first_name == '') || ($last_name == '') || ($username == '') || ($email == '') || ($password == '')) {
            $this->info('ERROR: All fields are required.');
        } else {
@@ -24,6 +24,7 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command
    protected $description = 'This script attempts to fix timestamps and missing created_by values for bulk checkin entries in the log table';

    private bool $dryrun = false;
+
    private bool $skipBackup = false;

    /**
@@ -50,10 +51,11 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command

        if ($logs->isEmpty()) {
            $this->info('No logs found with incorrect timestamps.');
+
            return 0;
        }

-        $this->info('Found ' . $logs->count() . ' logs with incorrect timestamps:');
+        $this->info('Found '.$logs->count().' logs with incorrect timestamps:');

        $this->table(
            ['ID', 'Created By', 'Created At', 'Updated At'],
@@ -67,11 +69,11 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command
            })
        );

-        if (!$this->dryrun && !$this->confirm('Update these logs?')) {
+        if (! $this->dryrun && ! $this->confirm('Update these logs?')) {
            return 0;
        }

-        if (!$this->dryrun && !$this->skipBackup) {
+        if (! $this->dryrun && ! $this->skipBackup) {
            $this->info('Backing up the database before making changes...');
            $this->call('snipeit:backup');
        }
@@ -83,7 +85,7 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command

        foreach ($logs as $log) {
            $this->newLine();
-            $this->info('Processing log id:' . $log->id);
+            $this->info('Processing log id:'.$log->id);

            // created_by was not being set for accessory bulk checkins
            // so let's see if there was another bulk checkin log
@@ -106,7 +108,7 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command
            $this->line(vsprintf('Updating log id:%s from %s to %s', [$log->id, $log->created_at, $log->updated_at]));
            $log->created_at = $log->updated_at;

-            if (!$this->dryrun) {
+            if (! $this->dryrun) {
                Model::withoutTimestamps(function () use ($log) {
                    $log->saveQuietly();
                });
@@ -129,7 +131,7 @@ class FixBulkAccessoryCheckinActionLogEntries extends Command
     * This method attempts to find a bulk check in log that was
     * created at the same time as the log passed in.
     */
-    private function getCreatedByAttributeFromSimilarLog(Actionlog $log): null|int
+    private function getCreatedByAttributeFromSimilarLog(Actionlog $log): ?int
    {
        $similarLog = Actionlog::query()
            ->whereNotNull('created_by')
@@ -2,6 +2,21 @@

 namespace App\Console\Commands;

+use App\Models\Accessory;
+use App\Models\Asset;
+use App\Models\AssetModel;
+use App\Models\Company;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\Department;
+use App\Models\Depreciation;
+use App\Models\Group;
+use App\Models\License;
+use App\Models\Location;
+use App\Models\Manufacturer;
+use App\Models\Statuslabel;
+use App\Models\Supplier;
+use App\Models\User;
 use Illuminate\Console\Command;

 class FixDoubleEscape extends Command
@@ -38,21 +53,21 @@ class FixDoubleEscape extends Command
    public function handle()
    {
        $tables = [
-            \App\Models\Asset::class => ['name'],
-            \App\Models\License::class => ['name'],
-            \App\Models\Consumable::class => ['name'],
-            \App\Models\Accessory::class => ['name'],
-            \App\Models\Component::class => ['name'],
-            \App\Models\Company::class => ['name'],
-            \App\Models\Manufacturer::class => ['name'],
-            \App\Models\Supplier::class => ['name'],
-            \App\Models\Statuslabel::class => ['name'],
-            \App\Models\Depreciation::class => ['name'],
-            \App\Models\AssetModel::class => ['name'],
-            \App\Models\Group::class => ['name'],
-            \App\Models\Department::class => ['name'],
-            \App\Models\Location::class => ['name'],
-            \App\Models\User::class => ['first_name', 'last_name'],
+            Asset::class => ['name'],
+            License::class => ['name'],
+            Consumable::class => ['name'],
+            Accessory::class => ['name'],
+            Component::class => ['name'],
+            Company::class => ['name'],
+            Manufacturer::class => ['name'],
+            Supplier::class => ['name'],
+            Statuslabel::class => ['name'],
+            Depreciation::class => ['name'],
+            AssetModel::class => ['name'],
+            Group::class => ['name'],
+            Department::class => ['name'],
+            Location::class => ['name'],
+            User::class => ['first_name', 'last_name'],
        ];

        $count = [];
@@ -4,6 +4,7 @@ namespace App\Console\Commands;

 use App\Models\Actionlog;
 use App\Models\Asset;
+use App\Models\User;
 use Illuminate\Console\Command;

 class FixMismatchedAssetsAndLogs extends Command
@@ -56,26 +57,26 @@ class FixMismatchedAssetsAndLogs extends Command

        $mismatch_count = 0;
        $assets = Asset::whereNotNull('assigned_to')
-            ->where('assigned_type', '=', \App\Models\User::class)
+            ->where('assigned_type', '=', User::class)
            ->orderBy('id', 'ASC')->get();
        foreach ($assets as $asset) {

            // get the last checkout of the asset
-            if ($checkout_log = Actionlog::where('target_type', '=', \App\Models\User::class)
+            if ($checkout_log = Actionlog::where('target_type', '=', User::class)
                ->where('action_type', '=', 'checkout')
                ->where('item_id', '=', $asset->id)
                ->orderBy('created_at', 'DESC')
                ->first()) {

-                    // Now check for a subsequent checkin log - we want to ignore those
-                if (! $checkin_log = Actionlog::where('target_type', '=', \App\Models\User::class)
-                        ->where('action_type', '=', 'checkin from')
-                        ->where('item_id', '=', $asset->id)
-                        ->whereDate('created_at', '>', $checkout_log->created_at)
-                        ->orderBy('created_at', 'DESC')
-                        ->first()) {
+                // Now check for a subsequent checkin log - we want to ignore those
+                if (! $checkin_log = Actionlog::where('target_type', '=', User::class)
+                    ->where('action_type', '=', 'checkin from')
+                    ->where('item_id', '=', $asset->id)
+                    ->whereDate('created_at', '>', $checkout_log->created_at)
+                    ->orderBy('created_at', 'DESC')
+                    ->first()) {

-                        //print_r($asset);
+                    // print_r($asset);
                    if ($checkout_log->target_id != $asset->assigned_to) {
                        $this->error('Log ID: '.$checkout_log->id.' -- Asset ID '.$checkout_log->item_id.' SHOULD BE checked out to User '.$checkout_log->target_id.' but its assigned_to is '.$asset->assigned_to);

@@ -90,7 +91,7 @@ class FixMismatchedAssetsAndLogs extends Command
                        $mismatch_count++;
                    }
                } else {
-                    //$this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
+                    // $this->info('Asset ID '.$asset->id.': There is a checkin '.$checkin_log->created_at.' after this checkout '.$checkout_log->created_at);
                }
            }
        }
@@ -27,6 +27,6 @@ class FixUpAssignedTypeWithoutAssignedTo extends Command
    public function handle()
    {
        DB::table('assets')->whereNotNull('assigned_type')->whereNull('assigned_to')->update(['assigned_type' => null]);
-        $this->info("Assets with an assigned_type but no assigned_to are fixed");
+        $this->info('Assets with an assigned_type but no assigned_to are fixed');
    }
 }
@@ -27,40 +27,42 @@ class FixupAssignedToWithoutAssignedType extends Command
     */
    public function handle()
    {
-        $assets = Asset::whereNull("assigned_type")->whereNotNull("assigned_to")->withTrashed();
+        $assets = Asset::whereNull('assigned_type')->whereNotNull('assigned_to')->withTrashed();
        $this->withProgressBar($assets->get(), function (Asset $asset) {
-            //now check each action log, from the most recent backwards, to find the last checkin or checkout
-            foreach($asset->log()->orderBy("id","desc")->get() as $action_log) {
-                if($this->option("debug")) {
-                    $this->info("Asset id: " . $asset->id . " action log, action type is: " . $action_log->action_type);
+            // now check each action log, from the most recent backwards, to find the last checkin or checkout
+            foreach ($asset->log()->orderBy('id', 'desc')->get() as $action_log) {
+                if ($this->option('debug')) {
+                    $this->info('Asset id: '.$asset->id.' action log, action type is: '.$action_log->action_type);
                }
-                switch($action_log->action_type) {
+                switch ($action_log->action_type) {
                    case 'checkin from':
-                        if($this->option("debug")) {
-                            $this->info("Doing a checkin for ".$asset->id);
+                        if ($this->option('debug')) {
+                            $this->info('Doing a checkin for '.$asset->id);
                        }
                        $asset->assigned_to = null;
                        // if you have a required custom field, we still want to save, and we *don't* want an action_log
                        $asset->saveQuietly();
+
                        return;

                    case 'checkout':
-                        if($this->option("debug")) {
-                            $this->info("Doing a checkout for " . $asset->id . " picking target type: " . $action_log->target_type);
+                        if ($this->option('debug')) {
+                            $this->info('Doing a checkout for '.$asset->id.' picking target type: '.$action_log->target_type);
                        }
-                        if($asset->assigned_to != $action_log->target_id) {
-                            $this->error("Asset's assigned_to does *NOT* match Action Log's target_id. \$asset->assigned_to=".$asset->assigned_to." vs. \$action_log->target_id=".$action_log->target_id);
-                            //FIXME - do we abort here? Do we try to keep looking? I don't know, this means your data is *really* messed up...
+                        if ($asset->assigned_to != $action_log->target_id) {
+                            $this->error("Asset's assigned_to does *NOT* match Action Log's target_id. \$asset->assigned_to=".$asset->assigned_to.' vs. $action_log->target_id='.$action_log->target_id);
+                            // FIXME - do we abort here? Do we try to keep looking? I don't know, this means your data is *really* messed up...
                        }
                        $asset->assigned_type = $action_log->target_type;
                        $asset->saveQuietly(); // see above
+
                        return;
                }
            }
-            $asset->assigned_to = null; //asset was never checked in or out in its lifetime - it stays 'checked in'
-            $asset->saveQuietly(); //see above
+            $asset->assigned_to = null; // asset was never checked in or out in its lifetime - it stays 'checked in'
+            $asset->saveQuietly(); // see above
        });
        $this->newLine();
-        $this->info("Assets assigned_type are fixed");
+        $this->info('Assets assigned_type are fixed');
    }
 }
@@ -2,14 +2,13 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\User;
-use Laravel\Passport\TokenRepository;
+use Illuminate\Console\Command;
 use Illuminate\Support\Facades\DB;
+use Laravel\Passport\TokenRepository;

 class GeneratePersonalAccessToken extends Command
 {
-
    /**
     * The name and signature of the console command.
     *
@@ -27,15 +26,13 @@ class GeneratePersonalAccessToken extends Command
     */
    protected $description = 'This console command allows you to generate Personal API tokens to be used with the Snipe-IT JSON REST API on behalf of a user.';

-
    /**
     * The token repository implementation.
     *
-     * @var \Laravel\Passport\TokenRepository
+     * @var TokenRepository
     */
    protected $tokenRepository;

-
    /**
     * Create a new command instance.
     *
@@ -56,11 +53,11 @@ class GeneratePersonalAccessToken extends Command
    {

        $accessTokenName = $this->option('name');
-        if ($accessTokenName=='') {
+        if ($accessTokenName == '') {
            $accessTokenName = 'CLI Auth Token';
        }

-        if ($this->option('user_id')=='') {
+        if ($this->option('user_id') == '') {
            return $this->error('ERROR: user_id cannot be blank.');
        }

@@ -75,7 +72,7 @@ class GeneratePersonalAccessToken extends Command

                $this->warn('Your API Token has been created. Be sure to copy this token now, as it WILL NOT be accessible again.');

-                if ($token = DB::table('oauth_access_tokens')->where('user_id', '=', $user->id)->where('name','=',$accessTokenName)->orderBy('created_at', 'desc')->first()) {
+                if ($token = DB::table('oauth_access_tokens')->where('user_id', '=', $user->id)->where('name', '=', $accessTokenName)->orderBy('created_at', 'desc')->first()) {
                    $this->info('API Token ID: '.$token->id);
                }

@@ -84,11 +81,8 @@ class GeneratePersonalAccessToken extends Command
                $this->info('API Token: '.$createAccessToken);
            }
        } else {
-           return $this->error('ERROR: Invalid user. API key was not created.');
+            return $this->error('ERROR: Invalid user. API key was not created.');
        }

-
-
-
    }
 }
@@ -46,7 +46,7 @@ class ImportLocations extends Command
        $filename = $this->argument('filename');
        $csv = Reader::createFromPath(storage_path('private_uploads/imports/').$filename, 'r');
        $this->info('Attempting to process: '.storage_path('private_uploads/imports/').$filename);
-        $csv->setHeaderOffset(0); //because we don't want to insert the header
+        $csv->setHeaderOffset(0); // because we don't want to insert the header
        $results = $csv->getRecords();

        // Import parent location names first if they don't exist
@@ -38,22 +38,23 @@ class KillAllSessions extends Command
    public function handle()
    {

-        if (!$this->option('force') && !$this->confirm("****************************************************\nTHIS WILL FORCE A LOGIN FOR ALL LOGGED IN USERS.\n\nAre you SURE you wish to continue? ")) {
-            return $this->error("Session loss not confirmed");
+        if (! $this->option('force') && ! $this->confirm("****************************************************\nTHIS WILL FORCE A LOGIN FOR ALL LOGGED IN USERS.\n\nAre you SURE you wish to continue? ")) {
+            return $this->error('Session loss not confirmed');
        }

-        $session_files = glob(storage_path("framework/sessions/*"));
+        $session_files = glob(storage_path('framework/sessions/*'));

        $count = 0;
        foreach ($session_files as $file) {

-            if (is_file($file))
+            if (is_file($file)) {
                unlink($file);
-                $count++;
+            }
+            $count++;
        }
        \DB::table('users')->update(['remember_token' => null]);

-        $this->info($count. ' sessions cleared!');
+        $this->info($count.' sessions cleared!');

    }
 }
@@ -5,11 +5,11 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\Department;
 use App\Models\Group;
-use Illuminate\Console\Command;
-use App\Models\Setting;
 use App\Models\Ldap;
-use App\Models\User;
 use App\Models\Location;
+use App\Models\Setting;
+use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Log;

 class LdapSync extends Command
@@ -19,7 +19,7 @@ class LdapSync extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=*} {--base_dn=} {--filter=} {--summary} {--json_summary}';
+    protected $signature = 'snipeit:ldap-sync {--location=} {--location_id=*} {--base_dn=} {--filter=} {--delete} {--summary} {--json_summary}';

    /**
     * The console command description.
@@ -47,35 +47,34 @@ class LdapSync extends Command
    {

        // If LDAP enabled isn't set to 1 (ldap_enabled!=1) then we should cut this short immediately without going any further
-        if (Setting::getSettings()->ldap_enabled!='1') {
+        if (Setting::getSettings()->ldap_enabled != '1') {
            $this->error('LDAP is not enabled. Aborting. See Settings > LDAP to enable it.');
            exit();
        }

-        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); //600 seconds = 10 minutes
+        ini_set('max_execution_time', env('LDAP_TIME_LIM', 600)); // 600 seconds = 10 minutes
        ini_set('memory_limit', env('LDAP_MEM_LIM', '500M'));

-
        // Map the LDAP attributes to the Snipe-IT user fields.
        $ldap_map = [
-            "username" => Setting::getSettings()->ldap_username_field,
-            "last_name" => Setting::getSettings()->ldap_lname_field,
-            "first_name" => Setting::getSettings()->ldap_fname_field,
-            "active_flag" => Setting::getSettings()->ldap_active_flag,
-            "emp_num" => Setting::getSettings()->ldap_emp_num,
-            "email" => Setting::getSettings()->ldap_email,
-            "phone" => Setting::getSettings()->ldap_phone_field,
-            "mobile" => Setting::getSettings()->ldap_mobile,
-            "jobtitle" => Setting::getSettings()->ldap_jobtitle,
-            "address" => Setting::getSettings()->ldap_address,
-            "city" => Setting::getSettings()->ldap_city,
-            "state" => Setting::getSettings()->ldap_state,
-            "zip" => Setting::getSettings()->ldap_zip,
-            "country" => Setting::getSettings()->ldap_country,
-            "location" => Setting::getSettings()->ldap_location,
-            "dept" => Setting::getSettings()->ldap_dept,
-            "manager" => Setting::getSettings()->ldap_manager,
-            "display_name" => Setting::getSettings()->ldap_display_name,
+            'username' => Setting::getSettings()->ldap_username_field,
+            'last_name' => Setting::getSettings()->ldap_lname_field,
+            'first_name' => Setting::getSettings()->ldap_fname_field,
+            'active_flag' => Setting::getSettings()->ldap_active_flag,
+            'emp_num' => Setting::getSettings()->ldap_emp_num,
+            'email' => Setting::getSettings()->ldap_email,
+            'phone' => Setting::getSettings()->ldap_phone_field,
+            'mobile' => Setting::getSettings()->ldap_mobile,
+            'jobtitle' => Setting::getSettings()->ldap_jobtitle,
+            'address' => Setting::getSettings()->ldap_address,
+            'city' => Setting::getSettings()->ldap_city,
+            'state' => Setting::getSettings()->ldap_state,
+            'zip' => Setting::getSettings()->ldap_zip,
+            'country' => Setting::getSettings()->ldap_country,
+            'location' => Setting::getSettings()->ldap_location,
+            'dept' => Setting::getSettings()->ldap_dept,
+            'manager' => Setting::getSettings()->ldap_manager,
+            'display_name' => Setting::getSettings()->ldap_display_name,
        ];

        $ldap_default_group = Setting::getSettings()->ldap_default_group;
@@ -95,19 +94,20 @@ class LdapSync extends Command
        }

        $summary = [];
+        $seen_ldap_usernames = [];

        try {

            /**
             * if a location ID has been specified, use that OU
             */
-            if ( $this->option('location_id') ) {
+            if ($this->option('location_id')) {

-                foreach($this->option('location_id') as $location_id){
+                foreach ($this->option('location_id') as $location_id) {
                    $location_ou = Location::where('id', '=', $location_id)->value('ldap_ou');
                    $search_base = $location_ou;
                    Log::debug('Importing users from specified location OU: \"'.$search_base.'\".');
-                 }
+                }
            }

            /**
@@ -153,21 +153,21 @@ class LdapSync extends Command
        $default_location = null;
        if ($this->option('location') != '') {
            if ($default_location = Location::where('name', '=', $this->option('location'))->first()) {
-                Log::debug('Location name ' . $this->option('location') . ' passed');
+                Log::debug('Location name '.$this->option('location').' passed');
                Log::debug('Importing to '.$default_location->name.' ('.$default_location->id.')');
            }

        } elseif ($this->option('location_id')) {
-            //TODO - figure out how or why this is an array?
-            foreach($this->option('location_id') as $location_id) {
+            // TODO - figure out how or why this is an array?
+            foreach ($this->option('location_id') as $location_id) {
                if ($default_location = Location::where('id', '=', $location_id)->first()) {
-                    Log::debug('Location ID ' . $location_id . ' passed');
+                    Log::debug('Location ID '.$location_id.' passed');
                    Log::debug('Importing to '.$default_location->name.' ('.$default_location->id.')');
                }

            }
        }
-        if (!isset($default_location)) {
+        if (! isset($default_location)) {
            Log::debug('That location is invalid or a location was not provided, so no location will be assigned by default.');
        }

@@ -208,17 +208,17 @@ class LdapSync extends Command
                }
                $usernames = [];
                for ($i = 0; $i < $location_users['count']; $i++) {
-                    if (array_key_exists($ldap_map["username"], $location_users[$i])) {
+                    if (array_key_exists($ldap_map['username'], $location_users[$i])) {
                        $location_users[$i]['ldap_location_override'] = true;
                        $location_users[$i]['location_id'] = $ldap_loc['id'];
-                        $usernames[] = $location_users[$i][$ldap_map["username"]][0];
+                        $usernames[] = $location_users[$i][$ldap_map['username']][0];
                    }
                }

                // Delete located users from the general group.
                foreach ($results as $key => $generic_entry) {
-                    if ((is_array($generic_entry)) && (array_key_exists($ldap_map["username"], $generic_entry))) {
-                        if (in_array($generic_entry[$ldap_map["username"]][0], $usernames)) {
+                    if ((is_array($generic_entry)) && (array_key_exists($ldap_map['username'], $generic_entry))) {
+                        if (in_array($generic_entry[$ldap_map['username']][0], $usernames)) {
                            unset($results[$key]);
                        }
                    }
@@ -232,42 +232,41 @@ class LdapSync extends Command

        $manager_cache = [];

-        if($ldap_default_group != null) {
+        if ($ldap_default_group != null) {

            $default = Group::find($ldap_default_group);
-            if (!$default) {
+            if (! $default) {
                $ldap_default_group = null; // un-set the default group if that group doesn't exist
            }

        }

-
        // Assign the mapped LDAP attributes for each user to the Snipe-IT user fields
        for ($i = 0; $i < $results['count']; $i++) {
            $item = [];
-            $item['username'] = $results[$i][$ldap_map["username"]][0] ?? '';
-            $item['display_name'] = $results[$i][$ldap_map["display_name"]][0] ?? '';
-            $item['employee_number'] = $results[$i][$ldap_map["emp_num"]][0] ?? '';
-            $item['lastname'] = $results[$i][$ldap_map["last_name"]][0] ?? '';
-            $item['firstname'] = $results[$i][$ldap_map["first_name"]][0] ?? '';
-            $item['email'] = $results[$i][$ldap_map["email"]][0] ?? '';
-            $item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? '';
-            $item['location_id'] = $results[$i]['location_id'] ?? '';
-            $item['telephone'] = $results[$i][$ldap_map["phone"]][0] ?? '';
-            $item['mobile'] = $results[$i][$ldap_map["mobile"]][0] ?? '';
-            $item['jobtitle'] = $results[$i][$ldap_map["jobtitle"]][0] ?? '';
-            $item['address'] = $results[$i][$ldap_map["address"]][0] ?? '';
-            $item['city'] = $results[$i][$ldap_map["city"]][0] ?? '';
-            $item['state'] = $results[$i][$ldap_map["state"]][0] ?? '';
-            $item['country'] = $results[$i][$ldap_map["country"]][0] ?? '';
-            $item['zip'] = $results[$i][$ldap_map["zip"]][0] ?? '';
-            $item['department'] = $results[$i][$ldap_map["dept"]][0] ?? '';
-            $item['manager'] = $results[$i][$ldap_map["manager"]][0] ?? '';
-            $item['location'] = $results[$i][$ldap_map["location"]][0] ?? '';
-            $location = $default_location; //initially, set '$location' to the default_location (which may just be `null`)
+            $item['username'] = $results[$i][$ldap_map['username']][0] ?? null;
+            $item['display_name'] = $results[$i][$ldap_map['display_name']][0] ?? null;
+            $item['employee_number'] = $results[$i][$ldap_map['emp_num']][0] ?? null;
+            $item['lastname'] = $results[$i][$ldap_map['last_name']][0] ?? null;
+            $item['firstname'] = $results[$i][$ldap_map['first_name']][0] ?? null;
+            $item['email'] = $results[$i][$ldap_map['email']][0] ?? null;
+            $item['ldap_location_override'] = $results[$i]['ldap_location_override'] ?? null;
+            $item['location_id'] = $results[$i]['location_id'] ?? null;
+            $item['telephone'] = $results[$i][$ldap_map['phone']][0] ?? null;
+            $item['mobile'] = $results[$i][$ldap_map['mobile']][0] ?? null;
+            $item['jobtitle'] = $results[$i][$ldap_map['jobtitle']][0] ?? null;
+            $item['address'] = $results[$i][$ldap_map['address']][0] ?? null;
+            $item['city'] = $results[$i][$ldap_map['city']][0] ?? null;
+            $item['state'] = $results[$i][$ldap_map['state']][0] ?? null;
+            $item['country'] = $results[$i][$ldap_map['country']][0] ?? null;
+            $item['zip'] = $results[$i][$ldap_map['zip']][0] ?? null;
+            $item['department'] = $results[$i][$ldap_map['dept']][0] ?? null;
+            $item['manager'] = $results[$i][$ldap_map['manager']][0] ?? null;
+            $item['location'] = $results[$i][$ldap_map['location']][0] ?? null;
+            $location = $default_location; // initially, set '$location' to the default_location (which may just be null)

            // ONLY if you are using the "ldap_location" option *AND* you have an actual result
-            if ($ldap_map["location"] && $item['location']) {
+            if ($ldap_map['location'] && $item['location']) {
                $location = Location::firstOrCreate([
                    'name' => $item['location'],
                ]);
@@ -276,8 +275,14 @@ class LdapSync extends Command
                'name' => $item['department'],
            ]);

-            $user = User::where('username', $item['username'])->first();
+            $user = User::withTrashed()->where('username', $item['username'])->first();
+            if (! empty($item['username'])) {
+                $seen_ldap_usernames[] = $item['username'];
+            }
            if ($user) {
+                if ($user->trashed()) {
+                    $user->restore();
+                }
                // Updating an existing user.
                $item['createorupdate'] = 'updated';
            } else {
@@ -289,46 +294,58 @@ class LdapSync extends Command
                $item['createorupdate'] = 'created';
            }

-            //If a sync option is not filled in on the LDAP settings don't populate the user field
-            if($ldap_map["username"]  != null){
+            // If a sync option is not filled in on the LDAP settings don't populate the user field
+            if ($ldap_map['username'] != null) {
                $user->username = $item['username'];
            }
-            if($ldap_map["display_name"]  != null){
+            if ($ldap_map['display_name'] != null) {
                $user->display_name = $item['display_name'];
            }
-            if($ldap_map["last_name"] != null){
+            if ($ldap_map['last_name'] != null) {
                $user->last_name = $item['lastname'];
            }
-            if($ldap_map["first_name"] != null){
+            if ($ldap_map['first_name'] != null) {
                $user->first_name = $item['firstname'];
            }
-            if($ldap_map["emp_num"]  != null){
+            if ($ldap_map['emp_num'] != null) {
                $user->employee_num = e($item['employee_number']);
            }
-            if($ldap_map["email"] != null){
+            if ($ldap_map['email'] != null) {
                $user->email = $item['email'];
            }
-            if($ldap_map["phone"] != null){
+            if ($ldap_map['phone'] != null) {
                $user->phone = $item['telephone'];
            }
-            if($ldap_map["mobile"] != null){
+            if ($ldap_map['mobile'] != null) {
                $user->mobile = $item['mobile'];
            }
-            if($ldap_map["jobtitle"] != null){
+            if ($ldap_map['jobtitle'] != null) {
                $user->jobtitle = $item['jobtitle'];
            }
-            if($ldap_map["country"] != null){
+            if ($ldap_map['address'] != null) {
+                $user->address = $item['address'];
+            }
+            if ($ldap_map['city'] != null) {
+                $user->city = $item['city'];
+            }
+            if ($ldap_map['state'] != null) {
+                $user->state = $item['state'];
+            }
+            if ($ldap_map['country'] != null) {
                $user->country = $item['country'];
            }
-            if($ldap_map["dept"]  != null){
+            if ($ldap_map['zip'] != null) {
+                $user->zip = $item['zip'];
+            }
+            if ($ldap_map['dept'] != null) {
                $user->department_id = $department->id;
            }
-            if($ldap_map["location"] != null){
+            if ($ldap_map['location'] != null) {
                $user->location_id = $location?->id;
            }

-            if($ldap_map["manager"] != null){
-                if($item['manager'] != null) {
+            if ($ldap_map['manager'] != null) {
+                if ($item['manager'] != null) {
                    // Check Cache first
                    if (isset($manager_cache[$item['manager']])) {
                        // found in cache; use that and avoid extra lookups
@@ -338,23 +355,23 @@ class LdapSync extends Command
                        try {
                            $ldap_manager = Ldap::findLdapUsers($item['manager'], -1, $this->option('filter'));
                        } catch (\Exception $e) {
-                            Log::warning("Manager lookup caused an exception: " . $e->getMessage() . ". Falling back to direct username lookup");
+                            Log::warning('Manager lookup caused an exception: '.$e->getMessage().'. Falling back to direct username lookup');
                            // Hail-mary for Okta manager 'shortnames' - will only work if
                            // Okta configuration is using full email-address-style usernames
                            $ldap_manager = [
-                                "count" => 1,
+                                'count' => 1,
                                0 => [
-                                    $ldap_map["username"] => [$item['manager']]
-                                ]
+                                    $ldap_map['username'] => [$item['manager']],
+                                ],
                            ];
                        }
-                        
+
                        $add_manager_to_cache = true;
-                        if ($ldap_manager["count"] > 0) {
+                        if ($ldap_manager['count'] > 0) {
                            try {
                                // Get the Manager's username
                                // PHP LDAP returns every LDAP attribute as an array, and 90% of the time it's an array of just one item. But, hey, it's an array.
-                                $ldapManagerUsername = $ldap_manager[0][$ldap_map["username"]][0];
+                                $ldapManagerUsername = $ldap_manager[0][$ldap_map['username']][0];

                                // Get User from Manager username.
                                $ldap_manager = User::where('username', $ldapManagerUsername)->first();
@@ -365,11 +382,11 @@ class LdapSync extends Command
                                }
                            } catch (\Exception $e) {
                                $add_manager_to_cache = false;
-                                \Log::warning('Handling ldap manager ' . $item['manager'] . ' caused an exception: ' . $e->getMessage() . '. Continuing synchronization.');
+                                \Log::warning('Handling ldap manager '.$item['manager'].' caused an exception: '.$e->getMessage().'. Continuing synchronization.');
                            }
                        }
                        if ($add_manager_to_cache) {
-                            $manager_cache[$item['manager']] = $ldap_manager && isset($ldap_manager->id)  ? $ldap_manager->id : null; // Store results in cache, even if 'failed'
+                            $manager_cache[$item['manager']] = $ldap_manager && isset($ldap_manager->id) ? $ldap_manager->id : null; // Store results in cache, even if 'failed'
                        }

                    }
@@ -377,18 +394,18 @@ class LdapSync extends Command
            }

            // Sync activated state for Active Directory.
-            if (!empty($ldap_map["active_flag"])) { // IF we have an 'active' flag set....
+            if (! empty($ldap_map['active_flag'])) { // IF we have an 'active' flag set....
                // ....then *most* things that are truthy will activate the user. Anything falsey will deactivate them.
                // (Specifically, we don't handle a value of '0.0' correctly)
-                $raw_value = @$results[$i][$ldap_map["active_flag"]][0];
+                $raw_value = @$results[$i][$ldap_map['active_flag']][0];
                $filter_var = filter_var($raw_value, FILTER_VALIDATE_BOOLEAN, FILTER_NULL_ON_FAILURE);
-                
+
                $boolean_cast = (bool) $raw_value;
-                
+
                if (Setting::getSettings()->ldap_invert_active_flag === 1) {
                    // Because ldap_active_flag is set, if filter_var is true or boolean_cast is true, then user is suspended
-                    $user->activated = !($filter_var ?? $boolean_cast);
-                }else{
+                    $user->activated = ! ($filter_var ?? $boolean_cast);
+                } else {
                    $user->activated = $filter_var ?? $boolean_cast; // if filter_var() was true or false, use that. If it's null, use the $boolean_cast
                }

@@ -396,7 +413,6 @@ class LdapSync extends Command
                // ....otherwise, (ie if no 'active' LDAP flag is defined), IF the UAC setting exists,
                // ....then use the UAC setting on the account to determine can-log-in vs. cannot-log-in

-
                /* The following is _probably_ the correct logic, but we can't use it because
                    some users may have been dependent upon the previous behavior, and this
                    could cause additional access to be available to users they don't want
@@ -422,7 +438,7 @@ class LdapSync extends Command
                    '262688', //   0x40220 NORMAL_ACCOUNT, PASSWD_NOTREQD, SMARTCARD_REQUIRED
                    '328192', //   0x50200 NORMAL_ACCOUNT, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
                    '328224', //   0x50220 NORMAL_ACCOUNT, PASSWD_NOT_REQD, SMARTCARD_REQUIRED, DONT_EXPIRE_PASSWORD
-                    '4194816',//  0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
+                    '4194816', //  0x400200 NORMAL_ACCOUNT, DONT_REQ_PREAUTH
                    '4260352', // 0x410200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, DONT_REQ_PREAUTH
                    '1049088', // 0x100200 NORMAL_ACCOUNT, NOT_DELEGATED
                    '1114624', // 0x110200 NORMAL_ACCOUNT, DONT_EXPIRE_PASSWORD, NOT_DELEGATED,
@@ -433,14 +449,13 @@ class LdapSync extends Command
            } /* implied 'else' here - leave the $user->activated flag alone. Newly-created accounts will be active.
            already-existing accounts will be however the administrator has set them */

-
            if ($item['ldap_location_override'] == true) {
                $user->location_id = $item['location_id'];
-            } elseif ((isset($location)) && (!empty($location))) {
+            } elseif ((isset($location)) && (! empty($location))) {
                if ((is_array($location)) && (array_key_exists('id', $location))) {
                    $user->location_id = $location['id'];
                } elseif (is_object($location)) {
-                    $user->location_id = $location->id; //THIS is the magic line, this should do it.
+                    $user->location_id = $location->id; // THIS is the magic line, this should do it.
                }
            }
            // TODO - should we be NULLING locations if $location is really `null`, and that's what we came up with?
@@ -452,16 +467,17 @@ class LdapSync extends Command
            $errors = '';

            if ($user->save()) {
+                $item['id'] = $user->id;
                $item['note'] = $item['createorupdate'];
                $item['status'] = 'success';
                if ($item['createorupdate'] === 'created' && $ldap_default_group) {
-                 // Check if the relationship already exists
-                if (!$user->groups()->where('group_id', $ldap_default_group)->exists()) {
-                $user->groups()->attach($ldap_default_group);
+                    // Check if the relationship already exists
+                    if (! $user->groups()->where('group_id', $ldap_default_group)->exists()) {
+                        $user->groups()->attach($ldap_default_group);
                    }
                }
-                
-                //updates assets location based on user's location
+
+                // updates assets location based on user's location
                if ($user->wasChanged('location_id')) {
                    foreach ($user->assets as $asset) {
                        $asset->location_id = $user->location_id;
@@ -481,6 +497,41 @@ class LdapSync extends Command
            array_push($summary, $item);
        }

+        // Optionally soft-delete LDAP-imported users that are no longer present in LDAP.
+        // users with assests etc. are not deletable and skipped
+        if ($this->option('delete')) {
+            $missing_ldap_users = User::where('ldap_import', 1);
+            $missing_ldap_users = $missing_ldap_users->whereNotIn('username', $seen_ldap_usernames);
+            $missing_ldap_users = $missing_ldap_users->get();
+
+            foreach ($missing_ldap_users as $missing_user) {
+                $is_deletable = $this->isUserDeletable($missing_user);
+
+                $missing_item = [
+                    'id' => $missing_user->id,
+                    'username' => $missing_user->username,
+                    'firstname' => $missing_user->first_name,
+                    'lastname' => $missing_user->last_name,
+                    'email' => $missing_user->email,
+                    'createorupdate' => 'skipped',
+                    'status' => 'info',
+                    'deletable' => $is_deletable,
+                    'note' => $is_deletable ? 'missing from LDAP' : 'missing from LDAP, but not deletable',
+                ];
+
+                if ($is_deletable) {
+                    $missing_user->delete();
+                    $missing_item['createorupdate'] = 'deleted';
+                    $missing_item['status'] = 'success';
+                    $missing_item['note'] = 'deleted_missing_from_ldap';
+                }
+
+                $summary[] = $missing_item;
+            }
+        }
+
+
+
        if ($this->option('summary')) {
            for ($x = 0; $x < count($summary); $x++) {
                if ($summary[$x]['status'] == 'error') {
@@ -496,4 +547,23 @@ class LdapSync extends Command
            return $summary;
        }
    }
+
+    /**
+     * Checks if the user is deletable without gate check
+     * 
+     * A user is considered deletable if they have no associated assets, accessories, licenses, consumables, managed users, or managed locations.
+     * 
+     * @param User $user The user to check
+     * 
+     * @return bool True if the user is deletable, false otherwise
+     */
+    private function isUserDeletable(User $user): bool
+    {
+        return (($user->assets_count ?? $user->assets()->count()) === 0)
+            && (($user->accessories_count ?? $user->accessories()->count()) === 0)
+            && (($user->licenses_count ?? $user->licenses()->count()) === 0)
+            && (($user->consumables_count ?? $user->consumables()->count()) === 0)
+            && (($user->manages_users_count ?? $user->managesUsers()->count()) === 0)
+            && (($user->manages_locations_count ?? $user->managedLocations()->count()) === 0);
+    }
 }
@@ -2,29 +2,32 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
+use App\Models\Ldap;
 use App\Models\Setting;
 use Exception;
+use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Crypt;
-use App\Models\Ldap;

 /**
 * Check if a given ip is in a network
- * @param  string $ip    IP to check in IPV4 format eg. 127.0.0.1
- * @param  string $range IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
- * @return boolean true if the ip is in this range / false if not.
+ *
+ * @param  string  $ip  IP to check in IPV4 format eg. 127.0.0.1
+ * @param  string  $range  IP/CIDR netmask eg. 127.0.0.0/24, also 127.0.0.1 is accepted and /32 assumed
+ * @return bool true if the ip is in this range / false if not.
 */
-function ip_in_range( $ip, $range ) {
-	if ( strpos( $range, '/' ) == false ) {
-		$range .= '/32';
-	}
-	// $range is in IP/CIDR format eg 127.0.0.1/24
-	list( $range, $netmask ) = explode( '/', $range, 2 );
-	$range_decimal = ip2long( $range );
-	$ip_decimal = ip2long( $ip );
-	$wildcard_decimal = pow( 2, ( 32 - $netmask ) ) - 1;
-	$netmask_decimal = ~ $wildcard_decimal;
-	return ( ( $ip_decimal & $netmask_decimal ) == ( $range_decimal & $netmask_decimal ) );
+function ip_in_range($ip, $range)
+{
+    if (strpos($range, '/') == false) {
+        $range .= '/32';
+    }
+    // $range is in IP/CIDR format eg 127.0.0.1/24
+    [$range, $netmask] = explode('/', $range, 2);
+    $range_decimal = ip2long($range);
+    $ip_decimal = ip2long($ip);
+    $wildcard_decimal = pow(2, (32 - $netmask)) - 1;
+    $netmask_decimal = ~$wildcard_decimal;
+
+    return  ($ip_decimal & $netmask_decimal) == ($range_decimal & $netmask_decimal);
 }
 // NOTE - this function was shamelessly stolen from this gist: https://gist.github.com/tott/7684443

@@ -33,10 +36,10 @@ function ip_in_range( $ip, $range ) {
 */
 function parenthesized_filter($filter)
 {
-    if(substr($filter,0,1) == "(" ) {
+    if (substr($filter, 0, 1) == '(') {
        return $filter;
    } else {
-        return "(".$filter.")";
+        return '('.$filter.')';
    }

 }
@@ -74,41 +77,44 @@ class LdapTroubleshooter extends Command

    /**
     * Output something *only* if debug is enabled
-     * 
+     *
     * @return void
     */
    public function debugout($string)
    {
-        if($this->option('debug')) {
+        if ($this->option('debug')) {
            $this->line($string);
        }
    }

    /**
     * Clean the results from ldap_get_entries into something useful
-     * @param array $array
+     *
+     * @param  array  $array
     * @return array
     */
-    public function ldap_results_cleaner ($array) {
+    public function ldap_results_cleaner($array)
+    {
        $cleaned = [];
-        for($i = 0; $i < $array['count']; $i++) {
+        for ($i = 0; $i < $array['count']; $i++) {
            $row = $array[$i];
            $clean_row = [];
-            foreach($row AS $key => $val ) {
-                $this->debugout("Key is: ".$key);
-                if($key == "count" || is_int($key) || $key == "dn") {
+            foreach ($row as $key => $val) {
+                $this->debugout('Key is: '.$key);
+                if ($key == 'count' || is_int($key) || $key == 'dn') {
                    $this->debugout(" and we're gonna skip it\n");
+
                    continue;
                }
                $this->debugout(" And that seems fine.\n");
-                if(array_key_exists('count',$val)) {
-                    if($val['count'] == 1) {
+                if (array_key_exists('count', $val)) {
+                    if ($val['count'] == 1) {
                        $clean_row[$key] = $val[0];
                    } else {
-                        unset($val['count']); //these counts are annoying
+                        unset($val['count']); // these counts are annoying
                        $elements = [];
-                        foreach($val as $entry) {
-                            if(isset($ldap_constants[$entry])) {
+                        foreach ($val as $entry) {
+                            if (isset($ldap_constants[$entry])) {
                                $elements[] = $ldap_constants[$entry];
                            } else {
                                $elements[] = $entry;
@@ -122,6 +128,7 @@ class LdapTroubleshooter extends Command
            }
            $cleaned[$i] = $clean_row;
        }
+
        return $cleaned;
    }

@@ -132,58 +139,58 @@ class LdapTroubleshooter extends Command
     */
    public function handle()
    {
-        if($this->option('trace')) {
-    	    ldap_set_option(NULL, LDAP_OPT_DEBUG_LEVEL, 7);
+        if ($this->option('trace')) {
+            ldap_set_option(null, LDAP_OPT_DEBUG_LEVEL, 7);
        }

        $settings = Setting::getSettings();
        $this->settings = $settings;
-        if($this->option('ldap-search')) {
-            if(!$this->option('force')) {
+        if ($this->option('ldap-search')) {
+            if (! $this->option('force')) {
                $confirmation = $this->confirm('WARNING: This command will display your LDAP password on your terminal. Are you sure this is ok?');
-                if(!$confirmation) {
+                if (! $confirmation) {
                    $this->error('ABORTING');
                    exit(-1);
                }
            }
            $output = [];
-            if($settings->ldap_server_cert_ignore) {
-                $this->line("# Ignoring server certificate validity");
-                $output[] = "LDAPTLS_REQCERT=never";
+            if ($settings->ldap_server_cert_ignore) {
+                $this->line('# Ignoring server certificate validity');
+                $output[] = 'LDAPTLS_REQCERT=never';
            }
-            if($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
-                $this->line("# Adding LDAP Client Certificate and Key");
-                $output[] = "LDAPTLS_CERT=storage/ldap_client_tls.cert";
-                $output[] = "LDAPTLS_KEY=storage/ldap_client_tls.key";
+            if ($settings->ldap_client_tls_cert && $settings->ldap_client_tls_key) {
+                $this->line('# Adding LDAP Client Certificate and Key');
+                $output[] = 'LDAPTLS_CERT=storage/ldap_client_tls.cert';
+                $output[] = 'LDAPTLS_KEY=storage/ldap_client_tls.key';
            }
-            $output[] = "ldapsearch";
-            $output[] = "-H ".$settings->ldap_server;
-            $output[] = "-x";
-            $output[] = "-b ".escapeshellarg($settings->ldap_basedn);
-            $output[] = "-D ".escapeshellarg($settings->ldap_uname);
+            $output[] = 'ldapsearch';
+            $output[] = '-H '.$settings->ldap_server;
+            $output[] = '-x';
+            $output[] = '-b '.escapeshellarg($settings->ldap_basedn);
+            $output[] = '-D '.escapeshellarg($settings->ldap_uname);

            try {
                $w = Crypt::Decrypt($settings->ldap_pword);
-            } catch (\Exception $e) {
-                $this->warn("Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.");
+            } catch (Exception $e) {
+                $this->warn('Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.');
                exit(0);
            }

-            $output[] = "-w ". escapeshellarg($w);
+            $output[] = '-w '.escapeshellarg($w);
            $output[] = escapeshellarg(parenthesized_filter($settings->ldap_filter));
-            if($settings->ldap_tls) {
-                $this->line("# adding STARTTLS option");
-                $output[] = "-Z";
+            if ($settings->ldap_tls) {
+                $this->line('# adding STARTTLS option');
+                $output[] = '-Z';
            }
-            $output[] = "-v";
+            $output[] = '-v';
            $this->line("\n");
-            $this->line(implode(" \\\n",$output));
+            $this->line(implode(" \\\n", $output));
            exit(0);
        }

-        //PHP Version check for warning
+        // PHP Version check for warning
        $php_version = phpversion();
-        list($major, $minor, $patch) = explode('.', $php_version);
+        [$major, $minor, $patch] = explode('.', $php_version);
        if (
            $major < 8 ||
            ($major == 8 && $minor < 3) ||
@@ -191,22 +198,22 @@ class LdapTroubleshooter extends Command
            ($major == 8 && $minor == 4 && $patch < 7)
        ) {
            $this->warn("PHP Version: $php_version WARNING - Versions before 8.3.21 or 8.4.7 will return INCONSISTENT results!");
-            if (!$this->confirm("Are you sure you wish to continue?")) {
-                $this->warn("ABORTING");
+            if (! $this->confirm('Are you sure you wish to continue?')) {
+                $this->warn('ABORTING');
                exit(-1);
            }
        }

-        if(!$this->option('force')) {
+        if (! $this->option('force')) {
            $confirmation = $this->confirm('WARNING: This command will make several attempts to connect to your LDAP server. Are you sure this is ok?');
-            if(!$confirmation) {
+            if (! $confirmation) {
                $this->error('ABORTING');
                exit(-1);
            }
        }
-        //$this->line(print_r($settings,true));
-        $this->line("STAGE 1: Checking settings");
-        if(!$settings->ldap_enabled) {
+        // $this->line(print_r($settings,true));
+        $this->line('STAGE 1: Checking settings');
+        if (! $settings->ldap_enabled) {
            $this->error("WARNING: Snipe-IT's LDAP setting is not turned on. (That may be OK if you're still trying to figure out settings)");
        }

@@ -214,123 +221,126 @@ class LdapTroubleshooter extends Command
        try {
            $ldap_conn = ldap_connect($settings->ldap_server);
        } catch (Exception $e) {
-            $this->error("WARNING: Exception caught when executing 'ldap_connect()' - ".$e->getMessage().". We will try to guess.");
+            $this->error("WARNING: Exception caught when executing 'ldap_connect()' - ".$e->getMessage().'. We will try to guess.');
        }

-        if(!$ldap_conn) {
-            $this->error("WARNING: LDAP Server setting of: ".$settings->ldap_server." cannot be parsed. We will try to guess.");
-            //exit(-1);
+        if (! $ldap_conn) {
+            $this->error('WARNING: LDAP Server setting of: '.$settings->ldap_server.' cannot be parsed. We will try to guess.');
+            // exit(-1);
        }
-        //since we never use $ldap_conn again, we don't have to ldap_unbind() it (it's not even connected, tbh - that only happens at bind-time)
+        // since we never use $ldap_conn again, we don't have to ldap_unbind() it (it's not even connected, tbh - that only happens at bind-time)

        $parsed = parse_url($settings->ldap_server);

-        if(@$parsed['scheme'] != 'ldap' && @$parsed['scheme'] != 'ldaps') {
+        if (@$parsed['scheme'] != 'ldap' && @$parsed['scheme'] != 'ldaps') {
            $this->error("WARNING: LDAP URL Scheme of '".@$parsed['scheme']."' is probably incorrect; should usually be ldap or ldaps");
        }

-        if(!@$parsed['host']) {
-            $this->error("ERROR: Cannot determine hostname or IP from ldap URL: ".$settings->ldap_server.". ABORTING.");
+        if (! @$parsed['host']) {
+            $this->error('ERROR: Cannot determine hostname or IP from ldap URL: '.$settings->ldap_server.'. ABORTING.');
            exit(-1);
        } else {
-            $this->info("Determined LDAP hostname to be: ".$parsed['host']);
+            $this->info('Determined LDAP hostname to be: '.$parsed['host']);
        }

        $raw_ips = [];

        if (inet_pton($parsed['host']) !== false) {
-            $this->line($parsed['host'] . " already looks like an address; skipping DNS lookup");
+            $this->line($parsed['host'].' already looks like an address; skipping DNS lookup');
            $raw_ips[] = $parsed['host'];
        } else {
-            $this->line("Performing DNS lookup of: " . $parsed['host']);
+            $this->line('Performing DNS lookup of: '.$parsed['host']);
            $ips = dns_get_record($parsed['host']);

-            //$this->info("Host IP is: ".print_r($ips,true));
+            // $this->info("Host IP is: ".print_r($ips,true));

-            if (!$ips || count($ips) == 0) {
-                $this->error("ERROR: DNS lookup of host: " . $parsed['host'] . " has failed. ABORTING.");
+            if (! $ips || count($ips) == 0) {
+                $this->error('ERROR: DNS lookup of host: '.$parsed['host'].' has failed. ABORTING.');
                exit(-1);
            }
-            $this->debugout("IP's? " . print_r($ips, true));
+            $this->debugout("IP's? ".print_r($ips, true));
            foreach ($ips as $ip) {
-                if (!isset($ip['ip'])) {
+                if (! isset($ip['ip'])) {
                    continue;
                }
                $raw_ips[] = $ip['ip'];
            }
        }
        foreach ($raw_ips as $ip) {
-            if ($ip == "127.0.0.1") {
-                $this->error("WARNING: Using the localhost IP as the LDAP server. This is usually wrong");
+            if ($ip == '127.0.0.1') {
+                $this->error('WARNING: Using the localhost IP as the LDAP server. This is usually wrong');
            }
            if (ip_in_range($ip, '10.0.0.0/8') || ip_in_range($ip, '192.168.0.0/16') || ip_in_range($ip, '172.16.0.0/12')) {
-                $this->error("WARNING: Using an RFC1918 Private address for LDAP server. This may be correct, but it can be a problem if your Snipe-IT instance is not hosted on your private network");
+                $this->error('WARNING: Using an RFC1918 Private address for LDAP server. This may be correct, but it can be a problem if your Snipe-IT instance is not hosted on your private network');
            }
        }

-        $this->line("STAGE 2: Checking basic network connectivity");
+        $this->line('STAGE 2: Checking basic network connectivity');
        $ports = [636, 389];
-        if(@$parsed['port'] && !in_array($parsed['port'],$ports)) {
+        if (@$parsed['port'] && ! in_array($parsed['port'], $ports)) {
            $ports[] = $parsed['port'];
        }

-        $open_ports=[];
-        foreach($ports as $port ) {
+        $open_ports = [];
+        foreach ($ports as $port) {
            $errno = 0;
            $errstr = '';
            $timeout = 30.0;
            $result = '';
-            $this->line("Attempting to connect to port: " . $port . " - may take up to $timeout seconds");
+            $this->line('Attempting to connect to port: '.$port." - may take up to $timeout seconds");
            try {
                $result = fsockopen($parsed['host'], $port, $errno, $errstr, 30.0);
-            } catch(Exception $e) {
-                $this->error("Exception: ".$e->getMessage());
+            } catch (Exception $e) {
+                $this->error('Exception: '.$e->getMessage());
            }
-            if($result) {
-                $this->info("Success!");
+            if ($result) {
+                $this->info('Success!');
                $open_ports[] = $port;
            } else {
                $this->error("WARNING: Cannot connect to port: $port - $errstr ($errno)");
            }
        }

-        if(count($open_ports) == 0) {
-            $this->error("ERROR - no open ports. ABORTING.");
+        if (count($open_ports) == 0) {
+            $this->error('ERROR - no open ports. ABORTING.');
            exit(-1);
        }

-        $this->line("STAGE 3: Determine encryption algorithm, if any");
+        $this->line('STAGE 3: Determine encryption algorithm, if any');

        $ldap_urls = []; // [url, cert-check?, start_tls?]
        $pretty_ldap_urls = [];
-        foreach($open_ports as $port) {
+        foreach ($open_ports as $port) {
            $this->line("Trying TLS first for port $port");
-            $ldap_url = "ldaps://".$parsed['host'].":$port";
-            if($this->test_anonymous_bind($ldap_url)) {
+            $ldap_url = 'ldaps://'.$parsed['host'].":$port";
+            if ($this->test_anonymous_bind($ldap_url)) {
                $this->info("Anonymous bind succesful to $ldap_url!");
-                $ldap_urls[] = [ $ldap_url, true, false ];
-                $pretty_ldap_urls[] = [$ldap_url, "enabled", "n/a (no)"];
+                $ldap_urls[] = [$ldap_url, true, false];
+                $pretty_ldap_urls[] = [$ldap_url, 'enabled', 'n/a (no)'];
+
                continue; // TODO - lots of copypasta in these if(test_anonymous_bind()) routines...
            } else {
                $this->error("WARNING: Failed to bind to $ldap_url - trying without certificate checks.");
            }

-            if($this->test_anonymous_bind($ldap_url, false)) {
+            if ($this->test_anonymous_bind($ldap_url, false)) {
                $this->info("Anonymous bind successful to $ldap_url with certificate-checks disabled");
                $ldap_urls[] = [$ldap_url, false, false];
-                $pretty_ldap_urls[] = [$ldap_url, "DISABLED", "n/a (no)"];
+                $pretty_ldap_urls[] = [$ldap_url, 'DISABLED', 'n/a (no)'];
+
                continue;
            } else {
                $this->error("WARNING: Failed to bind to $ldap_url with certificate checks disabled. Trying unencrypted with STARTTLS");
            }

            // now switching to ldap:// URL's from ldaps://
-            $ldap_url = "ldap://".$parsed['host'].":$port";
+            $ldap_url = 'ldap://'.$parsed['host'].":$port";

-            if($this->test_anonymous_bind($ldap_url, true, true)) {
+            if ($this->test_anonymous_bind($ldap_url, true, true)) {
                $this->info("Plain connection to $ldap_url with STARTTLS succesful!");
-                $ldap_urls[] = [ $ldap_url, true, true ];
-                $pretty_ldap_urls[] = [$ldap_url, "enabled", "STARTTLS ENABLED"];
+                $ldap_urls[] = [$ldap_url, true, true];
+                $pretty_ldap_urls[] = [$ldap_url, 'enabled', 'STARTTLS ENABLED'];
+
                continue;
            } else {
                $this->error("WARNING: Failed to bind to $ldap_url with STARTTLS enabled. Trying without certificate checks.");
@@ -339,224 +349,235 @@ class LdapTroubleshooter extends Command
            if ($this->test_anonymous_bind($ldap_url, false, true)) {
                $this->info("Plain connection to $ldap_url with STARTTLS and cert checks *disabled* successful!");
                $ldap_urls[] = [$ldap_url, false, true];
-                $pretty_ldap_urls[] = [$ldap_url, "DISABLED", "STARTTLS ENABLED"];
+                $pretty_ldap_urls[] = [$ldap_url, 'DISABLED', 'STARTTLS ENABLED'];
+
                continue;
            } else {
                $this->error("WARNING: Failed to bind to $ldap_url with STARTTLS enabled, and cert checks disabled. Trying without STARTTLS");
            }

-            if($this->test_anonymous_bind($ldap_url)) {
+            if ($this->test_anonymous_bind($ldap_url)) {
                $this->info("Plain connection to $ldap_url succesful!");
-                $ldap_urls[] = [ $ldap_url, true, false ];
-                $pretty_ldap_urls[] = [$ldap_url, "n/a", "starttls disabled"];
+                $ldap_urls[] = [$ldap_url, true, false];
+                $pretty_ldap_urls[] = [$ldap_url, 'n/a', 'starttls disabled'];
+
                continue;
            } else {
                $this->error("WARNING: Failed to bind to $ldap_url. Giving up on port $port");
            }
        }

-        $this->debugout(print_r($ldap_urls,true));
+        $this->debugout(print_r($ldap_urls, true));

-        if(count($ldap_urls) > 0 ) {
+        if (count($ldap_urls) > 0) {
            $this->debugout("Found working LDAP URL's: ");
-            foreach($ldap_urls as $ldap_url) { // TODO maybe do this as a $this->table() instead?
-                $this->debugout("LDAP URL: " . $ldap_url[0]);
-                $this->debugout($ldap_url[0] . ($ldap_url[1] ? " certificate checks enabled" : " certificate checks disabled") . ($ldap_url[2] ? " STARTTLS Enabled " : " STARTTLS Disabled"));
+            foreach ($ldap_urls as $ldap_url) { // TODO maybe do this as a $this->table() instead?
+                $this->debugout('LDAP URL: '.$ldap_url[0]);
+                $this->debugout($ldap_url[0].($ldap_url[1] ? ' certificate checks enabled' : ' certificate checks disabled').($ldap_url[2] ? ' STARTTLS Enabled ' : ' STARTTLS Disabled'));
            }
-            $this->table(["URL", "Cert Checks?", "STARTTLS?"], $pretty_ldap_urls);
+            $this->table(['URL', 'Cert Checks?', 'STARTTLS?'], $pretty_ldap_urls);
        } else {
            $this->error("ERROR - no valid LDAP URL's available - ABORTING");
            exit(1);
        }

-        $this->line("STAGE 4: Test Administrative Bind for LDAP Sync");
-        foreach($ldap_urls AS $ldap_url) {
+        $this->line('STAGE 4: Test Administrative Bind for LDAP Sync');
+        foreach ($ldap_urls as $ldap_url) {
            try {
                $w = Crypt::Decrypt($settings->ldap_pword);
-            } catch (\Exception $e) {
-                $this->warn("Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.");
+            } catch (Exception $e) {
+                $this->warn('Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.');
                exit(0);
            }
            $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $settings->ldap_uname, $w);
        }

-        $this->line("STAGE 5: Test BaseDN");
-        //grab all LDAP_ constants and fill up a reversed array mapping from weird LDAP dotted-strings to (Constant Name)
+        $this->line('STAGE 5: Test BaseDN');
+        // grab all LDAP_ constants and fill up a reversed array mapping from weird LDAP dotted-strings to (Constant Name)
        $all_defined_constants = get_defined_constants();
        $ldap_constants = [];
-        foreach($all_defined_constants AS $key => $val) {
-            if(starts_with($key,"LDAP_") && is_string($val)) {
+        foreach ($all_defined_constants as $key => $val) {
+            if (starts_with($key, 'LDAP_') && is_string($val)) {
                $ldap_constants[$val] = $key; // INVERT the meaning here!
            }
        }
-        $this->debugout("LDAP constants are: ".print_r($ldap_constants,true));
+        $this->debugout('LDAP constants are: '.print_r($ldap_constants, true));

-        foreach($ldap_urls AS $ldap_url) {
+        foreach ($ldap_urls as $ldap_url) {
            try {
                $w = Crypt::Decrypt($settings->ldap_pword);
-            } catch (\Exception $e) {
-                $this->warn("Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.");
+            } catch (Exception $e) {
+                $this->warn('Could not decrypt password. This usually means an LDAP password was not set or the APP_KEY was changed since the LDAP pasword was last saved.  Aborting.');
                exit(0);
            }

-            if($this->test_informational_bind($ldap_url[0],$ldap_url[1],$ldap_url[2],$settings->ldap_uname,$w,$settings)) {
-                $this->info("Success getting informational bind!");
+            if ($this->test_informational_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $settings->ldap_uname, $w, $settings)) {
+                $this->info('Success getting informational bind!');
            } else {
-                $this->error("Unable to get information from bind.");
+                $this->error('Unable to get information from bind.');
            }
        }

-        $this->line("STAGE 6: Test LDAP Login to Snipe-IT");
-        foreach($ldap_urls AS $ldap_url) {
-            $this->line("Starting auth to " . $ldap_url[0]);
-            while(true) {
-                $with_tls = $ldap_url[1] ? "with": "without";
-                $with_startssl = $ldap_url[2] ? "using": "not using";
-                if(!$this->confirm('Do you wish to try to authenticate to this directory: '.$ldap_url[0]." $with_tls TLS and $with_startssl STARTSSL?")) {
+        $this->line('STAGE 6: Test LDAP Login to Snipe-IT');
+        foreach ($ldap_urls as $ldap_url) {
+            $this->line('Starting auth to '.$ldap_url[0]);
+            while (true) {
+                $with_tls = $ldap_url[1] ? 'with' : 'without';
+                $with_startssl = $ldap_url[2] ? 'using' : 'not using';
+                if (! $this->confirm('Do you wish to try to authenticate to this directory: '.$ldap_url[0]." $with_tls TLS and $with_startssl STARTSSL?")) {
                    break;
                }
-                $username = $this->ask("Username");
-                $password = $this->secret("Password");
+                $username = $this->ask('Username');
+                $password = $this->secret('Password');
                $results = $this->test_authed_bind($ldap_url[0], $ldap_url[1], $ldap_url[2], $username, $password); // FIXME - should do some other stuff here, maybe with the concatenating or something? maybe? and/or should put up some results?
                if ($results) {
-                    $this->info("Success authenticating with " . $username);
+                    $this->info('Success authenticating with '.$username);
                } else {
-                    $this->error("Unable to authenticate with " . $username);
+                    $this->error('Unable to authenticate with '.$username);
                }
            }
        }

-        $this->info("LDAP TROUBLESHOOTING COMPLETE!");
+        $this->info('LDAP TROUBLESHOOTING COMPLETE!');
    }

-    public function connect_to_ldap($ldap_url, $check_cert, $start_tls) 
+    public function connect_to_ldap($ldap_url, $check_cert, $start_tls)
    {
        if ($check_cert) {
-            $this->line("we *ARE* checking certs");
+            $this->line('we *ARE* checking certs');
            Ldap::ignoreCertificates(false);

        } else {
-            $this->line("we are IGNORING certs");
+            $this->line('we are IGNORING certs');
            Ldap::ignoreCertificates(true);
        }
        $lconn = ldap_connect($ldap_url);
        ldap_set_option($lconn, LDAP_OPT_PROTOCOL_VERSION, 3); // should we 'test' different protocol versions here? Does anyone even use anything other than LDAPv3?
-                                                             // no - it's formally deprecated: https://tools.ietf.org/html/rfc3494
-        if($this->settings->ldap_client_tls_cert && $this->settings->ldap_client_tls_key) {
+        // no - it's formally deprecated: https://tools.ietf.org/html/rfc3494
+        if ($this->settings->ldap_client_tls_cert && $this->settings->ldap_client_tls_key) {
            // client-side TLS certificate support for LDAP (Google Secure LDAP)
            putenv('LDAPTLS_CERT=storage/ldap_client_tls.cert');
            putenv('LDAPTLS_KEY=storage/ldap_client_tls.key');
        }
-        if($start_tls) {
-            if(!ldap_start_tls($lconn)) {
-                $this->error("WARNING: Unable to start TLS");
+        if ($start_tls) {
+            if (! ldap_start_tls($lconn)) {
+                $this->error('WARNING: Unable to start TLS');
+
                return false;
            }
        }
-        if(!$lconn) {
-            $this->error("WARNING: Failed to generate connection string - using: ".$ldap_url);
+        if (! $lconn) {
+            $this->error('WARNING: Failed to generate connection string - using: '.$ldap_url);
+
            return false;
        }
        $net = ldap_set_option($lconn, LDAP_OPT_NETWORK_TIMEOUT, $this->option('timeout'));
        $time = ldap_set_option($lconn, LDAP_OPT_TIMELIMIT, $this->option('timeout'));
-        if(!$net || !$time) {
-            $this->error("Unable to set timeouts!");
+        if (! $net || ! $time) {
+            $this->error('Unable to set timeouts!');
        }
+
        return $lconn;
    }

    public function test_anonymous_bind($ldap_url, $check_cert = true, $start_tls = false)
    {
-        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert , $start_tls) {
+        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls) {
            try {
                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
-                $this->line("Attempting to bind now, this can take a while if we mess it up");
+                $this->line('Attempting to bind now, this can take a while if we mess it up');
                $bind_results = ldap_bind($lconn);
-                $this->line("Bind results are: " . $bind_results . " which translate into boolean: " . (bool)$bind_results);
+                $this->line('Bind results are: '.$bind_results.' which translate into boolean: '.(bool) $bind_results);
                ldap_close($lconn);
-                return (bool)$bind_results;
+
+                return (bool) $bind_results;
            } catch (Exception $e) {
-                $this->error("WARNING: Exception caught during bind - ".$e->getMessage());
+                $this->error('WARNING: Exception caught during bind - '.$e->getMessage());
+
                return false;
            }
        });
    }

-    public function test_authed_bind($ldap_url, $check_cert, $start_tls, $username, $password) 
+    public function test_authed_bind($ldap_url, $check_cert, $start_tls, $username, $password)
    {
        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password) {
            try {
                $lconn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
                $bind_results = ldap_bind($lconn, $username, $password);
                ldap_close($lconn);
-                if(!$bind_results) {
+                if (! $bind_results) {
                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+
                    return false;
                } else {
                    $this->info("SUCCESS - Able to bind to $ldap_url as $username");
-                    return (bool)$lconn;
+
+                    return (bool) $lconn;
                }
            } catch (Exception $e) {
                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+
                return false;
            }
        });
    }

-    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password,$settings)
+    public function test_informational_bind($ldap_url, $check_cert, $start_tls, $username, $password, $settings)
    {
        return $this->timed_boolean_execute(function () use ($ldap_url, $check_cert, $start_tls, $username, $password, $settings) {
            try { // TODO - copypasta'ed from test_authed_bind
                $conn = $this->connect_to_ldap($ldap_url, $check_cert, $start_tls);
                $bind_results = ldap_bind($conn, $username, $password);
-                if(!$bind_results) {
+                if (! $bind_results) {
                    $this->error("WARNING: Failed to bind to $ldap_url as $username");
+
                    return false;
                }
                $this->info("SUCCESS - Able to bind to $ldap_url as $username");
                $cleaned_results = [];
                try {
                    // This _may_ only work for Active Directory?
-                    $result = ldap_read($conn, '', '(objectClass=*)'/* , ['supportedControl']*/);
+                    $result = ldap_read($conn, '', '(objectClass=*)'/* , ['supportedControl'] */);
                    $results = ldap_get_entries($conn, $result);
                    $cleaned_results = $this->ldap_results_cleaner($results);
-                    //$this->line(print_r($cleaned_results,true));
+                    // $this->line(print_r($cleaned_results,true));
                    $default_naming_contexts = $cleaned_results[0]['namingcontexts'];
-                    $this->info("Default Naming Contexts:");
-                    $this->info(implode(", ", $default_naming_contexts));
-                    //okay, great - now how do we display those results? I have no idea.
-                } catch (\Exception $e) {
+                    $this->info('Default Naming Contexts:');
+                    $this->info(implode(', ', $default_naming_contexts));
+                    // okay, great - now how do we display those results? I have no idea.
+                } catch (Exception $e) {
                    $this->error("Unable to get base naming contexts - here's what we *did* get:");
                    $this->line(print_r($cleaned_results, true));
                }
                // I don't see why this throws an Exception for Google LDAP, but I guess we ought to try and catch it?
                $this->debugout("I guess we're trying to do the ldap search here, but sometimes it takes too long?");
-                $this->debugout("Base DN is: ".$settings->ldap_basedn." and filter is: ".parenthesized_filter($settings->ldap_filter));
+                $this->debugout('Base DN is: '.$settings->ldap_basedn.' and filter is: '.parenthesized_filter($settings->ldap_filter));
                $search_results = ldap_search($conn, $settings->ldap_basedn, parenthesized_filter($settings->ldap_filter));
                $entries = ldap_get_entries($conn, $search_results);
-                $this->info("Printing first 10 results: ");
+                $this->info('Printing first 10 results: ');
                $pretty_data = array_slice($this->ldap_results_cleaner($entries), 0, 10);
-                //print_r($data);
+                // print_r($data);
                $headers = [];
                foreach ($pretty_data as $row) {
-                    //populate headers
+                    // populate headers
                    foreach ($row as $key => $value) {
-                        //skip objectsid and objectguid because it junks up output
-                        if ($key == "objectsid" || $key == "objectguid") {
+                        // skip objectsid and objectguid because it junks up output
+                        if ($key == 'objectsid' || $key == 'objectguid') {
                            continue;
                        }
-                        if (!in_array($key, $headers)) {
+                        if (! in_array($key, $headers)) {
                            $headers[] = $key;
                        }
                    }
                }
                $table = [];
-                //repeat again to populate table
+                // repeat again to populate table
                foreach ($pretty_data as $row) {
                    $newrow = [];
                    foreach ($headers as $header) {
                        if (is_array(@$row[$header])) {
-                            $newrow[] = "[" . implode(", ", $row[$header]) . "]";
+                            $newrow[] = '['.implode(', ', $row[$header]).']';
                        } else {
                            $newrow[] = @$row[$header];
                        }
@@ -565,8 +586,9 @@ class LdapTroubleshooter extends Command
                }

                $this->table($headers, $table);
-            } catch (\Exception $e) {
+            } catch (Exception $e) {
                $this->error("WARNING: Exception caught during Authed bind to $username - ".$e->getMessage());
+
                return false;
            } finally {
                ldap_close($conn);
@@ -575,53 +597,54 @@ class LdapTroubleshooter extends Command
    }

    /***********************************************
-     * 
-     * This function executes $function - which is expected to be some kind of executable function - 
+     *
+     * This function executes $function - which is expected to be some kind of executable function -
     * with a timeout set. It respects the timeout by forking execution and setting a strict timer
     * for which to get back a SIGUSR1 or SIGUSR2 signal from the forked process.
-     * 
+     *
     ***********************************************/
    private function timed_boolean_execute($function)
    {
-        if(!(function_exists('pcntl_sigtimedwait') && function_exists('posix_getpid') && function_exists('pcntl_fork') && function_exists('posix_kill') && function_exists('pcntl_wifsignaled'))) {
+        if (! (function_exists('pcntl_sigtimedwait') && function_exists('posix_getpid') && function_exists('pcntl_fork') && function_exists('posix_kill') && function_exists('pcntl_wifsignaled'))) {
            // POSIX functions needed for forking aren't present, just run the function inline (ignoring timeout)
            $this->line('WARNING: Unable to execute POSIX fork() commands, timeout may not be respected');
+
            return $function();
        } else {
            $parent_pid = posix_getpid();
            $pid = pcntl_fork();
-            switch($pid) {
+            switch ($pid) {
                case 0:
-                    //we're the 'child'
-                    if($function()) {
-                        //SUCCESS = SIGUSR1
+                    // we're the 'child'
+                    if ($function()) {
+                        // SUCCESS = SIGUSR1
                        posix_kill($parent_pid, SIGUSR1);
                    } else {
-                        //FAILURE = SIGUSR2
+                        // FAILURE = SIGUSR2
                        posix_kill($parent_pid, SIGUSR2);
                    }
                    exit();
-                    break; //yes I know we don't need it.
+                    break; // yes I know we don't need it.
                case -1:
-                    //couldn't fork
-                    $this->error("COULD NOT FORK - assuming failure");
+                    // couldn't fork
+                    $this->error('COULD NOT FORK - assuming failure');
+
                    return false;
-                    break; //I still know that we don't need it
+                    break; // I still know that we don't need it
                default:
-                    //we remain the 'parent', $pid is the PID of the forked process.
+                    // we remain the 'parent', $pid is the PID of the forked process.
                    $siginfo = [];
-                    $exit_status = pcntl_sigtimedwait ([SIGUSR1, SIGUSR2], $siginfo, $this->option('timeout'));
+                    $exit_status = pcntl_sigtimedwait([SIGUSR1, SIGUSR2], $siginfo, $this->option('timeout'));
                    if ($exit_status == SIGUSR1) {
                        return true;
                    } else {
-                        posix_kill($pid, SIGKILL); //make sure we don't have processes hanging around that might try and send signals during later executions, confusing us
+                        posix_kill($pid, SIGKILL); // make sure we don't have processes hanging around that might try and send signals during later executions, confusing us
+
                        return false;
                    }
-                    break; //Yeah I get it already, shush.
+                    break; // Yeah I get it already, shush.
            }
        }

    }
-
-
 }
@@ -44,19 +44,15 @@ class MergeUsersByUsername extends Command
        $users = User::where('username', 'LIKE', '%@%')->whereNull('deleted_at')->get();
        $this->info($users->count().' total non-deleted users whose usernames contain a @ symbol.');

-
        foreach ($users as $user) {
            $parts = explode('@', trim($user->username));
            $this->info('Checking against username '.trim($parts[0]).'.');

-
            $bad_users = User::where('username', '=', trim($parts[0]))
                ->whereNull('deleted_at')
-                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations','uploads', 'acceptances')
+                ->with('assets', 'manager', 'userlog', 'licenses', 'consumables', 'accessories', 'managedLocations', 'uploads', 'acceptances')
                ->get();

-
-
            foreach ($bad_users as $bad_user) {
                $this->info($bad_user->username.' ('.$bad_user->id.')  will be merged into '.$user->username.'  ('.$user->id.') ');

@@ -125,7 +121,6 @@ class MergeUsersByUsername extends Command

                event(new UserMerged($bad_user, $user, null));

-
            }
        }
    }
@@ -0,0 +1,73 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Enums\ActionType;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Str;
+
+class MigrateLicenseSeatQuantitiesInActionLogs extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:migrate-license-seat-quantities-in-action-logs
+                            {--no-interaction: Do not ask any interactive question}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Updates quantity field in action_logs table for license seats that were added or deleted.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $query = DB::table('action_logs')
+            ->whereIn('action_type', [
+                ActionType::AddSeats->value,
+                ActionType::DeleteSeats->value,
+            ])
+            ->where('quantity', '=', 1)
+            ->orderBy('id');
+
+        $count = $query->count();
+
+        if ($count === 0) {
+            $this->info('Nothing to update');
+
+            return 0;
+        }
+
+        $this->info("{$count} logs to update");
+
+        if ($this->option('no-interaction') || $this->confirm('Update quantities in the action log?')) {
+            $query->chunk(50, function ($logs) {
+                $logs->each(function ($log) {
+                    $quantityFromNote = Str::between($log->note, 'ed ', ' seats');
+
+                    if (! is_numeric($quantityFromNote)) {
+                        $this->error('Could not parse quantity from ID: {id}', ['id' => $log->id]);
+                    }
+
+                    if ($log->quantity !== (int) $quantityFromNote) {
+                        $this->info(vsprintf('Updating id: %s to quantity %s', [
+                            'id' => $log->id,
+                            'new_quantity' => $quantityFromNote,
+                        ]));
+
+                        DB::table('action_logs')->where('id', $log->id)->update(['quantity' => (int) $quantityFromNote]);
+                    }
+                });
+            });
+        }
+
+        return 0;
+    }
+}
@@ -3,8 +3,8 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
-use Illuminate\Support\Facades\Storage;
 use Illuminate\Support\Facades\Log;
+use Illuminate\Support\Facades\Storage;

 class MoveUploadsToNewDisk extends Command
 {
@@ -47,30 +47,29 @@ class MoveUploadsToNewDisk extends Command
        }
        $delete_local = $this->argument('delete_local');

-        $public_uploads['accessories'] = glob('public/uploads/accessories'."/*.*");
-        $public_uploads['assets'] = glob('public/uploads/assets'."/*.*");
-        $public_uploads['avatars'] = glob('public/uploads/avatars'."/*.*");
-        $public_uploads['categories'] = glob('public/uploads/categories'."/*.*");
-        $public_uploads['companies'] = glob('public/uploads/companies'."/*.*");
-        $public_uploads['components'] = glob('public/uploads/components'."/*.*");
-        $public_uploads['consumables'] = glob('public/uploads/consumables'."/*.*");
-        $public_uploads['departments'] = glob('public/uploads/departments'."/*.*");
-        $public_uploads['locations'] = glob('public/uploads/locations'."/*.*");
-        $public_uploads['manufacturers'] = glob('public/uploads/manufacturers'."/*.*");
-        $public_uploads['suppliers'] = glob('public/uploads/suppliers'."/*.*");
-        $public_uploads['assetmodels'] = glob('public/uploads/models'."/*.*");
-
+        $public_uploads['accessories'] = glob('public/uploads/accessories'.'/*.*');
+        $public_uploads['assets'] = glob('public/uploads/assets'.'/*.*');
+        $public_uploads['avatars'] = glob('public/uploads/avatars'.'/*.*');
+        $public_uploads['categories'] = glob('public/uploads/categories'.'/*.*');
+        $public_uploads['companies'] = glob('public/uploads/companies'.'/*.*');
+        $public_uploads['components'] = glob('public/uploads/components'.'/*.*');
+        $public_uploads['consumables'] = glob('public/uploads/consumables'.'/*.*');
+        $public_uploads['departments'] = glob('public/uploads/departments'.'/*.*');
+        $public_uploads['locations'] = glob('public/uploads/locations'.'/*.*');
+        $public_uploads['manufacturers'] = glob('public/uploads/manufacturers'.'/*.*');
+        $public_uploads['suppliers'] = glob('public/uploads/suppliers'.'/*.*');
+        $public_uploads['assetmodels'] = glob('public/uploads/models'.'/*.*');

        // iterate files
        foreach ($public_uploads as $public_type => $public_upload) {
            $type_count = 0;
-            $this->info('- There are ' . count($public_upload) . ' PUBLIC ' . $public_type . ' files.');
+            $this->info('- There are '.count($public_upload).' PUBLIC '.$public_type.' files.');

            for ($i = 0; $i < count($public_upload); $i++) {
                $type_count++;
                $filename = basename($public_upload[$i]);

-                try  {
+                try {
                    Storage::disk('public')->put('uploads/'.$public_type.'/'.$filename, file_get_contents($public_upload[$i]));
                    $new_url = Storage::disk('public')->url('uploads/'.$public_type.'/'.$filename, $filename);
                    $this->info($type_count.'. PUBLIC: '.$filename.' was copied to '.$new_url);
@@ -81,49 +80,46 @@ class MoveUploadsToNewDisk extends Command
            }
        }

-        $logos = glob("public/uploads/setting*.*");
-        $this->info("- There are ".count($logos).' files that might be logos.');
+        $logos = glob('public/uploads/setting*.*');
+        $this->info('- There are '.count($logos).' files that might be logos.');
        $type_count = 0;

        foreach ($logos as $logo) {
            $this->info($logo);
            $type_count++;
            $filename = basename($logo);
-            Storage::disk('public')->put('uploads/' . $filename, file_get_contents($logo));
-            $this->info($type_count . '. LOGO: ' . $filename . ' was copied to ' . env('PUBLIC_AWS_URL') . '/uploads/' . $filename);
+            Storage::disk('public')->put('uploads/'.$filename, file_get_contents($logo));
+            $this->info($type_count.'. LOGO: '.$filename.' was copied to '.env('PUBLIC_AWS_URL').'/uploads/'.$filename);
        }

-        $private_uploads['assets'] = glob('storage/private_uploads/assets'."/*.*");
-        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'."/*.*");
-        $private_uploads['audits'] = glob('storage/private_uploads/audits'."/*.*");
-        $private_uploads['assetmodels'] = glob('storage/private_uploads/models'."/*.*");
-        $private_uploads['imports'] = glob('storage/private_uploads/imports'."/*.*");
-        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'."/*.*");
-        $private_uploads['users'] = glob('storage/private_uploads/users'."/*.*");
-        $private_uploads['backups'] = glob('storage/private_uploads/backups'."/*.*");
-        
+        $private_uploads['assets'] = glob('storage/private_uploads/assets'.'/*.*');
+        $private_uploads['signatures'] = glob('storage/private_uploads/signatures'.'/*.*');
+        $private_uploads['audits'] = glob('storage/private_uploads/audits'.'/*.*');
+        $private_uploads['assetmodels'] = glob('storage/private_uploads/models'.'/*.*');
+        $private_uploads['imports'] = glob('storage/private_uploads/imports'.'/*.*');
+        $private_uploads['licenses'] = glob('storage/private_uploads/licenses'.'/*.*');
+        $private_uploads['users'] = glob('storage/private_uploads/users'.'/*.*');
+        $private_uploads['backups'] = glob('storage/private_uploads/backups'.'/*.*');

        foreach ($private_uploads as $private_type => $private_upload) {
-            {
-                $this->info('- There are ' . count($private_upload) . ' PRIVATE ' . $private_type . ' files.');

-                $type_count = 0;
-                for ($x = 0; $x < count($private_upload); $x++) {
-                    $type_count++;
-                    $filename = basename($private_upload[$x]);
+            $this->info('- There are '.count($private_upload).' PRIVATE '.$private_type.' files.');

-                    try {
-                        Storage::put($private_type . '/' . $filename, file_get_contents($private_upload[$i]));
-                        $new_url = Storage::url($private_type . '/' . $filename, $filename);
-                        $this->info($type_count . '. PRIVATE: ' . $filename . ' was copied to ' . $new_url);
-                    } catch (\Exception $e) {
-                        Log::debug($e);
-                        $this->error($e);
-                    }
+            $type_count = 0;
+            for ($x = 0; $x < count($private_upload); $x++) {
+                $type_count++;
+                $filename = basename($private_upload[$x]);
+
+                try {
+                    Storage::put($private_type.'/'.$filename, file_get_contents($private_upload[$x]));
+                    $new_url = Storage::url($private_type.'/'.$filename, $filename);
+                    $this->info($type_count.'. PRIVATE: '.$filename.' was copied to '.$new_url);
+                } catch (\Exception $e) {
+                    Log::debug($e);
+                    $this->error($e);
                }
            }

-
            if ($delete_local == 'true') {
                $public_delete_count = 0;
                $private_delete_count = 0;
@@ -160,7 +156,7 @@ class MoveUploadsToNewDisk extends Command
                        }
                    }

-                    $this->info($public_delete_count . ' PUBLIC local files and ' . $private_delete_count . ' PRIVATE local files were deleted from your filesystem.');
+                    $this->info($public_delete_count.' PUBLIC local files and '.$private_delete_count.' PRIVATE local files were deleted from your filesystem.');
                }
            }
        }
@@ -2,8 +2,8 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\User;
+use Illuminate\Console\Command;

 class NormalizeUserNames extends Command
 {
@@ -40,13 +40,13 @@ class NormalizeUserNames extends Command
    {

        $users = User::get();
-            $this->info($users->count() . ' users');
+        $this->info($users->count().' users');

-            foreach ($users as $user) {
-                $user->first_name = ucwords(strtolower($user->first_name));
-                $user->last_name = ucwords(strtolower($user->last_name));
-                $user->email = strtolower($user->email);
-                $user->save();
+        foreach ($users as $user) {
+            $user->first_name = ucwords(strtolower($user->first_name));
+            $user->last_name = ucwords(strtolower($user->last_name));
+            $user->email = strtolower($user->email);
+            $user->save();
        }
    }
 }
@@ -3,13 +3,10 @@
 namespace App\Console\Commands;

 use Illuminate\Console\Command;
-use Symfony\Component\Console\Input\InputArgument;
-use Symfony\Component\Console\Input\InputOption;
 use Illuminate\Support\Facades\Log;
 use Symfony\Component\Console\Helper\ProgressIndicator;
-
-ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); //600 seconds = 10 minutes
-ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
+use Symfony\Component\Console\Input\InputArgument;
+use Symfony\Component\Console\Input\InputOption;

 /**
 * Class ObjectImportCommand
@@ -35,6 +32,11 @@ class ObjectImportCommand extends Command
     */
    protected ProgressIndicator $progressIndicator;

+    /**
+     * Logger instance with configurable log path
+     */
+    protected $logger;
+
    /**
     * Create a new command instance.
     *
@@ -52,21 +54,26 @@ class ObjectImportCommand extends Command
     */
    public function handle()
    {
+        ini_set('max_execution_time', env('IMPORT_TIME_LIMIT', 600)); // 600 seconds = 10 minutes
+        ini_set('memory_limit', env('IMPORT_MEMORY_LIMIT', '500M'));
+
        $this->progressIndicator = new ProgressIndicator($this->output);

        $filename = $this->argument('filename');
-        $class = title_case($this->option('item-type'));
+        $class = ucfirst($this->option('item-type'));
        $classString = "App\\Importer\\{$class}Importer";
        $importer = new $classString($filename);
        $importer->setCallbacks([$this, 'log'], [$this, 'progress'], [$this, 'errorCallback'])
-                 ->setCreatedBy($this->option('user_id'))
-                 ->setUpdating($this->option('update'))
-                 ->setShouldNotify($this->option('send-welcome'))
-                 ->setUsernameFormat($this->option('username_format'));
+            ->setCreatedBy($this->option('user_id'))
+            ->setUpdating($this->option('update'))
+            ->setShouldNotify($this->option('send-welcome'))
+            ->setUsernameFormat($this->option('username_format'));
+
+        $this->logger = Log::build([
+            'driver' => 'single',
+            'path' => $this->option('logfile'),
+        ]);

-        // This $logFile/useFiles() bit is currently broken, so commenting it out for now
-        // $logFile = $this->option('logfile');
-        // Log::useFiles($logFile);
        $this->progressIndicator->start('======= Importing Items from '.$filename.' =========');

        $importer->import();
@@ -91,17 +98,19 @@ class ObjectImportCommand extends Command
     * If a warning message is passed, we'll spit it to the console as well.
     *
     * @author Daniel Melzter
+     *
     * @since 3.0
-     * @param string $string
-     * @param string $level
+     *
+     * @param  string  $string
+     * @param  string  $level
     */
    public function log($string, $level = 'info')
    {
        if ($level === 'warning') {
-            Log::warning($string);
+            $this->logger->warning($string);
            $this->comment($string);
        } else {
-            Log::Info($string);
+            $this->logger->Info($string);
            if ($this->option('verbose')) {
                $this->comment($string);
            }
@@ -112,7 +121,9 @@ class ObjectImportCommand extends Command
     * Get the console command arguments.
     *
     * @author Daniel Melzter
+     *
     * @since 3.0
+     *
     * @return array
     */
    protected function getArguments()
@@ -126,20 +137,22 @@ class ObjectImportCommand extends Command
     * Get the console command options.
     *
     * @author Daniel Melzter
+     *
     * @since 3.0
+     *
     * @return array
     */
    protected function getOptions()
    {
        return [
-        ['email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null],
-        ['username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null],
-        ['logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log')],
-        ['item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'],
-        ['web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'],
-        ['user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1],
-        ['update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'],
-        ['send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'],
+            ['email_format', null, InputOption::VALUE_REQUIRED, 'The format of the email addresses that should be generated. Options are firstname.lastname, firstname, filastname', null],
+            ['username_format', null, InputOption::VALUE_REQUIRED, 'The format of the username that should be generated. Options are firstname.lastname, firstname, filastname, email', null],
+            ['logfile', null, InputOption::VALUE_REQUIRED, 'The path to log output to.  storage/logs/importer.log by default', storage_path('logs/importer.log')],
+            ['item-type', null, InputOption::VALUE_REQUIRED, 'Item Type To import.  Valid Options are Asset, Consumable, Accessory, License, or User', 'Asset'],
+            ['web-importer', null, InputOption::VALUE_NONE, 'Internal: packages output for use with the web importer'],
+            ['user_id', null, InputOption::VALUE_REQUIRED, 'ID of user creating items', 1],
+            ['update', null, InputOption::VALUE_NONE, 'If a matching item is found, update item information'],
+            ['send-welcome', null, InputOption::VALUE_NONE, 'Whether to send a welcome email to any new users that are created.'],
        ];
    }
 }
@@ -2,11 +2,10 @@

 namespace App\Console\Commands;

-use App\Models\Asset;
 use App\Models\CustomField;
-use Illuminate\Support\Facades\Schema;
-use Illuminate\Support\Facades\DB;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Support\Facades\Schema;

 class PaveIt extends Command
 {
@@ -42,9 +41,9 @@ class PaveIt extends Command
    public function handle()
    {

-        if (!$this->option('force')) {
+        if (! $this->option('force')) {
            $confirmation = $this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE DATA IN YOUR DATABASE. \nThere is NO undo. This WILL destroy ALL of your data, \nINCLUDING ANY non-Snipe-IT tables you have in this database. \n****************************************************\n\nDo you wish to continue? No backsies! ");
-            if (!$confirmation) {
+            if (! $confirmation) {
                $this->error('ABORTING');
                exit(-1);
            }
@@ -79,16 +78,16 @@ class PaveIt extends Command
        foreach ($tables as $table_obj) {
            $table = $table_obj['name'];
            if (in_array($table, $except_tables)) {
-                $this->info($table. ' is SKIPPED.');
+                $this->info($table.' is SKIPPED.');
            } else {
                \DB::statement('truncate '.$table);
-                $this->info($table. ' is TRUNCATED.');
+                $this->info($table.' is TRUNCATED.');
            }
        }

        // Leave in the demo oauth keys so we don't have to reset them every day in the demos
        DB::statement('delete from oauth_clients WHERE id > 2');
        DB::statement('delete from oauth_access_tokens WHERE user_id > 2');
-    
+
    }
-}
+}
@@ -149,13 +149,13 @@ class Purge extends Command
                $filenames = Actionlog::where('action_type', 'uploaded')
                    ->where('item_id', $user->id)
                    ->pluck('filename');
-                foreach($filenames as $filename) {
+                foreach ($filenames as $filename) {
                    try {
-                        if (Storage::exists($rel_path . '/' . $filename)) {
-                            Storage::delete($rel_path . '/' . $filename);
+                        if (Storage::exists($rel_path.'/'.$filename)) {
+                            Storage::delete($rel_path.'/'.$filename);
                        }
                    } catch (\Exception $e) {
-                        Log::info('An error occurred while deleting files: ' . $e->getMessage());
+                        Log::info('An error occurred while deleting files: '.$e->getMessage());
                    }
                }
                $this->info('- User "'.$user->username.'" deleted.');
@@ -0,0 +1,155 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\CheckoutAcceptance;
+use Carbon\Carbon;
+use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Storage;
+
+class PurgeEulaPDFs extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:purge-eula-pdfs  
+                            {--older-than-days= : The number of days we should delete before }
+                            {--company-id= : Only purge acceptances for users in this company}
+                            {--only-deleted-users : Only purge acceptances for deleted users, including soft-deleted or missing users}
+                            {--force : Skip the interactive yes/no prompt for confirmation}
+                            {--dryrun : Show the records that would be deleted but don\'t update the database or delete files from disk}
+                            {--with-output : Display the results in a table in your console}';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This purges signature files and EULAs from the system if they are older than the date passed with --older-than-days=.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+
+        $before = $this->option('older-than-days');
+
+        if (($before == '') || (! is_numeric($before))) {
+            return $this->error('ERROR: You must pass a valid number for --older-than-days (example: snipeit:purge-eula-pdfs --older-than-days=365.)');
+        }
+
+        $interval_date = Carbon::now()->subDays($before);
+        $signature_path = 'private_uploads/signatures/';
+        $eula_path = 'private_uploads/eula-pdfs/';
+
+        if (! Storage::exists($eula_path)) {
+            $this->fail('The storage directory "'.$eula_path.'" does not exist. No EULA files will be deleted.');
+        }
+
+        if (! Storage::exists($signature_path)) {
+            $this->fail('The storage directory "'.$signature_path.'" does not exist. No signature files will be deleted.');
+        }
+
+        if ($this->option('dryrun')) {
+            $this->info('This script is being run with the --dryrun option. No files or records will be deleted.');
+
+        }
+        $companyId = $this->option('company-id');
+        $query = CheckoutAcceptance::HasFiles()->where('updated_at', '<', $interval_date)
+            ->with([
+                'assignedTo' => function ($query) {
+                    $query->withTrashed();
+                },
+            ]);
+
+        if ($this->option('only-deleted-users')) {
+            $query->where(function ($query) use ($companyId) {
+                $query->whereHas('assignedTo', function ($q) use ($companyId) {
+                    $q->withTrashed()->whereNotNull('deleted_at');
+
+                    if ($companyId) {
+                        $q->where('company_id', $companyId);
+                    }
+                });
+
+                $query->orWhereDoesntHave('assignedTo');
+            });
+        } else {
+            if ($companyId) {
+                $query->whereHas('assignedTo', function ($query) use ($companyId) {
+                    $query->withTrashed()->where('company_id', $companyId);
+                });
+            }
+        }
+        $acceptances = $query->get();
+
+        if (! $this->option('force')) {
+            if ($this->confirm("\n****************************************************\nTHIS WILL DELETE ALL OF THE SIGNATURES AND EULA PDF FILES SINCE $interval_date. \nThere is NO undo! \n****************************************************\n\nDo you wish to continue? No backsies! [y|N]")) {
+            }
+        }
+
+        if ($acceptances->count() == 0) {
+            return $this->warn('There are no item acceptances with signatures or EULA PDFs from before '.$interval_date);
+        }
+
+        $this->info(number_format($acceptances->count()).' EULA PDFs from before '.$interval_date.' will be purged');
+
+        if (! $this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
+        } else {
+            $this->table(
+                [
+                    trans('general.user'),
+                    trans('general.type'),
+                    trans('general.item'),
+                    trans('general.category'),
+                    trans('general.accepted_date'),
+                    trans('general.declined_date'),
+                    trans('general.signature'),
+                    trans('general.filename'),
+
+                ],
+                $acceptances->map(fn ($acceptance) => [
+                    trans('general.user') => $acceptance->assignedTo->display_name,
+                    trans('general.type') => $acceptance->display_checkoutable_type,
+                    trans('general.item') => $acceptance->checkoutable_type::find($acceptance->checkoutable_id)->display_name,
+                    trans('general.category') => $acceptance->checkoutable_category_name,
+                    trans('general.accepted_date') => $acceptance->accepted_at,
+                    trans('general.declined_date') => $acceptance->declined_at,
+                    trans('general.signature') => $acceptance->signature_filename,
+                    trans('general.filename') => $acceptance->stored_eula_file,
+                ])
+            );
+        }
+
+        foreach ($acceptances as $acceptance) {
+
+            $signature_file = $signature_path.$acceptance->signature_filename;
+            $eula_file = $eula_path.$acceptance->stored_eula_file;
+
+            if (Storage::exists($signature_file)) {
+                if (! $this->option('dryrun')) {
+                    Storage::delete($signature_file);
+                }
+            } else {
+                $this->error('The file "'.$signature_file.'" does not exist.');
+            }
+
+            if (Storage::exists($eula_file)) {
+                if (! $this->option('dryrun')) {
+                    Storage::delete($eula_file);
+                }
+            } else {
+                $this->error('The file "'.$eula_file.'" does not exist.');
+            }
+
+            if (! $this->option('dryrun')) {
+                $acceptance->delete();
+            }
+        }
+
+    }
+}
@@ -82,10 +82,10 @@ class ReEncodeCustomFieldNames extends Command
                if ($field->db_column == $field->convertUnicodeDbSlug() && \Schema::hasColumn('assets', $field->convertUnicodeDbSlug())) {
                    $this->info('-- ✓ This field exists on the assets table and the value for db_column matches in the custom_fields table.');

-                /**
-                 * There is a mismatch between the fieldname on the assets table and
-                 * what $field->convertUnicodeDbSlug() is *now* expecting.
-                 */
+                    /**
+                     * There is a mismatch between the fieldname on the assets table and
+                     * what $field->convertUnicodeDbSlug() is *now* expecting.
+                     */
                } else {

                    if ($field->db_column != $field->convertUnicodeDbSlug()) {
@@ -96,7 +96,6 @@ class ReEncodeCustomFieldNames extends Command

                    }

-
                    /** Make sure the custom_field_columns array has the ID */
                    if (array_key_exists($field->id, $custom_field_columns)) {

@@ -114,7 +113,6 @@ class ReEncodeCustomFieldNames extends Command
                        $field->db_column = $field->convertUnicodeDbSlug();
                        $field->save();

-
                    } else {
                        $this->warn('-- ✘ WARNING: There is no field on the assets table ending in  '.$field->id.'. This may require more in-depth investigation and may mean the schema was altered manually.');
                    }
@@ -4,8 +4,8 @@ namespace App\Console\Commands;

 use App\Models\Asset;
 use App\Models\Setting;
-use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Artisan;

 class RegenerateAssetTags extends Command
 {
@@ -44,7 +44,7 @@ class RemoveExplicitEols extends Command
        }
        $endTime = microtime(true);
        $executionTime = ($endTime - $startTime);
-        $this->info('Command executed in ' . round($executionTime, 2) . ' seconds.');
+        $this->info('Command executed in '.round($executionTime, 2).' seconds.');
    }

    private function updateAssets($assets)
@@ -55,6 +55,6 @@ class RemoveExplicitEols extends Command
            $asset->save();
        }

-        $this->info($assets->count() . ' Assets updated successfully');
+        $this->info($assets->count().' Assets updated successfully');
    }
 }
@@ -0,0 +1,56 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Actionlog;
+use Illuminate\Console\Command;
+
+class RemoveInvalidUploadDeleteActionLogItems extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:remove-invalid-upload-delete-action-log-items';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'Permanently remove invalid "upload deleted" action log items that have a null filename. This command can potentially result in deleted files being "resurrected" in the UI.';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $invalidLogs = Actionlog::query()
+            ->where('action_type', 'upload deleted')
+            ->whereNull('filename')
+            ->withTrashed()
+            ->get();
+
+        $this->info("{$invalidLogs->count()} invalid log items found.");
+
+        if ($invalidLogs->count() === 0) {
+            return 0;
+        }
+
+        $this->table(['ID', 'Action Type', 'Item Type', 'Item ID', 'Created At', 'Deleted At'], $invalidLogs->map(fn ($log) => [
+            $log->id,
+            $log->action_type,
+            $log->item_type,
+            $log->item_id,
+            $log->created_at,
+            $log->deleted_at,
+        ])->toArray());
+
+        if ($this->confirm("Do you wish to remove {$invalidLogs->count()} log items?")) {
+            $invalidLogs->each(fn ($log) => $log->forceDelete());
+        }
+
+        return 0;
+    }
+}
@@ -2,7 +2,6 @@

 namespace App\Console\Commands;

-
 use App\Models\Setting;
 use App\Models\User;
 use Illuminate\Console\Command;
@@ -49,14 +48,16 @@ class ResetDemoSettings extends Command
        $settings->logo = 'snipe-logo.png';
        $settings->alert_email = 'service@snipe-it.io';
        $settings->login_note = 'Use `admin` / `password` to login to the demo.';
-        $settings->header_color = null;
+        $settings->header_color = '#3c8dbc';
+        $settings->link_dark_color = '#5fa4cc';
+        $settings->link_light_color = '#296282;';
+        $settings->nav_link_color = '#FFFFFF';
        $settings->label2_2d_type = 'QRCODE';
        $settings->default_currency = 'USD';
        $settings->brand = 2;
        $settings->ldap_enabled = 0;
        $settings->full_multiple_companies_support = 0;
        $settings->label2_1d_type = 'C128';
-        $settings->skin = '';
        $settings->email_domain = 'snipeitapp.com';
        $settings->email_format = 'filastname';
        $settings->username_format = 'filastname';
@@ -75,11 +76,12 @@ class ResetDemoSettings extends Command
        $settings->saml_custom_settings = null;
        $settings->default_avatar = 'default.png';

-
        $settings->save();

        if ($user = User::where('username', '=', 'admin')->first()) {
            $user->locale = 'en-US';
+            $user->enable_confetti = 1;
+            $user->enable_sounds = 1;
            $user->save();
        }

@@ -87,5 +89,4 @@ class ResetDemoSettings extends Command
        \Storage::disk('public')->put('snipe-logo-lg.png', file_get_contents(public_path('img/demo/snipe-logo-lg.png')));

    }
-
 }
@@ -6,9 +6,9 @@ use App\Models\Actionlog;
 use App\Models\Asset;
 use App\Models\License;
 use App\Models\User;
+use Illuminate\Console\Command;
 use Illuminate\Support\Facades\Artisan;
 use Illuminate\Support\Facades\DB;
-use Illuminate\Console\Command;

 class RestoreDeletedUsers extends Command
 {
@@ -75,7 +75,7 @@ class RestoreDeletedUsers extends Command

                    DB::table('assets')
                        ->where('id', $user_log->item_id)
-                        ->update(['assigned_to' => $user->id, 'assigned_type'=> User::class]);
+                        ->update(['assigned_to' => $user->id, 'assigned_type' => User::class]);

                    $this->info('      ** Asset '.$user_log->item->id.' ('.$user_log->item->asset_tag.') restored to user '.$user->id.'');
                } elseif ($user_log->item_type == License::class) {
@@ -2,13 +2,17 @@

 namespace App\Console\Commands;

+use enshrined\svgSanitize\Sanitizer;
 use Illuminate\Console\Command;
-use ZipArchive;
 use Illuminate\Support\Facades\Log;
+use ZipArchive;

-class SQLStreamer {
+class SQLStreamer
+{
    private $input;
+
    private $output;
+
    // embed the prefix here?
    public ?string $prefix;

@@ -17,106 +21,112 @@ class SQLStreamer {
    public static $buffer_size = 1024 * 1024;  // use a 1MB buffer, ought to work fine for most cases?

    public array $tablenames = [];
+
    private bool $should_guess = false;
+
    private bool $statement_is_permitted = false;

-    public function __construct($input, $output, string $prefix = null)
+    public function __construct($input, $output, ?string $prefix = null)
    {
        $this->input = $input;
        $this->output = $output;
        $this->prefix = $prefix;
    }

-    public function parse_sql(string $line): string {
+    public function parse_sql(string $line): string
+    {
        // take into account the 'start of line or not' setting as an instance variable?
        // 'continuation' lines for a permitted statement are PERMITTED.
        // remove *only* line-feeds & carriage-returns; helpful for regexes against lines from
        // Windows dumps
        $line = trim($line, "\r\n");
-        if($this->statement_is_permitted && $line[0] === ' ') {
-            return $line . "\n"; //re-add the newline
+        if ($this->statement_is_permitted && $line[0] === ' ') {
+            return $line."\n"; // re-add the newline
        }

        $table_regex = '`?([a-zA-Z0-9_]+)`?';
        $allowed_statements = [
            "/^(DROP TABLE (?:IF EXISTS )?)`$table_regex(.*)$/" => false,
-            "/^(CREATE TABLE )$table_regex(.*)$/" => true, //sets up 'continuation'
+            "/^(CREATE TABLE )$table_regex(.*)$/" => true, // sets up 'continuation'
            "/^(LOCK TABLES )$table_regex(.*)$/" => false,
            "/^(INSERT INTO )$table_regex(.*)$/" => false,
-            "/^UNLOCK TABLES/" => false,
+            '/^UNLOCK TABLES/' => false,
            // "/^\\) ENGINE=InnoDB AUTO_INCREMENT=16 DEFAULT CHARSET=utf8mb4 COLLATE=utf8mb4_unicode_ci;/" => false, // FIXME not sure what to do here?
-            "/^\\)[a-zA-Z0-9_= ]*;$/" => false,
+            '/^\\)[a-zA-Z0-9_= ]*;$/' => false,
            // ^^^^^^ that bit should *exit* the 'permitted' block
-            "/^\\(.*\\)[,;]$/" => false, //older MySQL dump style with one set of values per line
+            '/^\\(.*\\)[,;]$/' => false, // older MySQL dump style with one set of values per line
            /* we *could* have made the ^INSERT INTO blah VALUES$ turn on the capturing state, and closed it with
               a ^(blahblah);$ but it's cleaner to not have to manage the state machine. We're just going to
               assume that (blahblah), or (blahblah); are values for INSERT and are always acceptable. */
-            "<^/\*!40101 SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>"                                   => false, //using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
-            "<^/\*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' \*/;$>" => false, //same, now handle zero-values
+            "<^/\*![0-9]{5} SET NAMES '?[a-zA-Z0-9_-]+'? \*/;$>" => false, // using weird delimiters (<,>) for readability. allow quoted or unquoted charsets
+            "<^/\*!40101 SET @OLD_SQL_MODE=@@SQL_MODE, SQL_MODE='NO_AUTO_VALUE_ON_ZERO' \*/;$>" => false, // same, now handle zero-values
        ];

-        foreach($allowed_statements as $statement => $statechange) {
-//            $this->info("Checking regex: $statement...\n");
+        foreach ($allowed_statements as $statement => $statechange) {
+            //            $this->info("Checking regex: $statement...\n");
            $matches = [];
-            if (preg_match($statement,$line,$matches)) {
+            if (preg_match($statement, $line, $matches)) {
                $this->statement_is_permitted = $statechange;
                // matches are: 1 => first part of the statement, 2 => tablename, 3 => rest of statement
                // (with of course 0 being "the whole match")
                if (@$matches[2]) {
-//                    print "Found a tablename! It's: ".$matches[2]."\n";
+                    //                    print "Found a tablename! It's: ".$matches[2]."\n";
                    if ($this->should_guess) {
                        @$this->tablenames[$matches[2]] += 1;
-                        continue; //oh? FIXME
+
+                        continue; // oh? FIXME
                    } else {
-                        $cleaned_tablename = \DB::getTablePrefix().preg_replace('/^'.$this->prefix.'/','',$matches[2]);
-                        $line = preg_replace($statement,'$1`'.$cleaned_tablename.'`$3' , $line);
+                        $cleaned_tablename = \DB::getTablePrefix().preg_replace('/^'.$this->prefix.'/', '', $matches[2]);
+                        $line = preg_replace($statement, '$1`'.$cleaned_tablename.'`$3', $line);
                    }
                } else {
                    // no explicit tablename in this one, leave the line alone
                }
-                //how do we *replace* the tablename?
-//                print "RETURNING LINE: $line";
-                return $line . "\n"; //re-add newline
+
+                // how do we *replace* the tablename?
+                //                print "RETURNING LINE: $line";
+                return $line."\n"; // re-add newline
            }
        }
+
        // all that is not allowed is denied.
-        return "";
+        return '';
    }

-    //this is used in exactly *TWO* places, and in both cases should return a prefix I think?
+    // this is used in exactly *TWO* places, and in both cases should return a prefix I think?
    // first - if you do the --sanitize-only one (which is mostly for testing/development)
    // next - when you run *without* a guessed prefix, this is run first to figure out the prefix
    // I think we have to *duplicate* the call to be able to run it again?
-    public static function guess_prefix($input):string
+    public static function guess_prefix($input): string
    {
        $parser = new self($input, null);
        $parser->should_guess = true;
        $parser->line_aware_piping(); // <----- THIS is doing the heavy lifting!

-        $check_tables = ['settings' => null, 'migrations' => null /* 'assets' => null */]; //TODO - move to statics?
-        //can't use 'users' because the 'accessories_checkout' table?
+        $check_tables = ['settings' => null, 'migrations' => null /* 'assets' => null */]; // TODO - move to statics?
+        // can't use 'users' because the 'accessories_checkout' table?
        // can't use 'assets' because 'ver1_components_assets'
-        foreach($check_tables as $check_table => $_ignore) {
+        foreach ($check_tables as $check_table => $_ignore) {
            foreach ($parser->tablenames as $tablename => $_count) {
-//                print "Comparing $tablename to $check_table\n";
-                if (str_ends_with($tablename,$check_table)) {
-//                    print "Found one!\n";
-                    $check_tables[$check_table] = substr($tablename,0,-strlen($check_table));
+                //                print "Comparing $tablename to $check_table\n";
+                if (str_ends_with($tablename, $check_table)) {
+                    //                    print "Found one!\n";
+                    $check_tables[$check_table] = substr($tablename, 0, -strlen($check_table));
                }
            }
        }
        $guessed_prefix = null;
        foreach ($check_tables as $clean_table => $prefix_guess) {
-            if(is_null($prefix_guess)) {
-                print("Couldn't find table $clean_table\n");
-                die();
+            if (is_null($prefix_guess)) {
+                echo "Couldn't find table $clean_table\n";
+                exit();
            }
-            if(is_null($guessed_prefix)) {
+            if (is_null($guessed_prefix)) {
                $guessed_prefix = $prefix_guess;
            } else {
                if ($guessed_prefix != $prefix_guess) {
-                    print("Prefix mismatch! Had guessed $guessed_prefix but got $prefix_guess\n");
-                    die();
+                    echo "Prefix mismatch! Had guessed $guessed_prefix but got $prefix_guess\n";
+                    exit();
                }
            }
        }
@@ -129,7 +139,7 @@ class SQLStreamer {
    {
        $bytes_read = 0;
        if (! $this->input) {
-            throw new \Exception("No Input available for line_aware_piping");
+            throw new \Exception('No Input available for line_aware_piping');
        }

        while (($buffer = fgets($this->input, SQLStreamer::$buffer_size)) !== false) {
@@ -141,25 +151,24 @@ class SQLStreamer {
                    $bytes_written = fwrite($this->output, $cleaned_buffer);

                    if ($bytes_written === false) {
-                        throw new \Exception("Unable to write to pipe");
+                        throw new \Exception('Unable to write to pipe');
                    }
                }
            }
            // if we got a newline at the end of this, then the _next_ read is the beginning of a line
-            if($buffer[strlen($buffer)-1] === "\n") {
+            if ($buffer[strlen($buffer) - 1] === "\n") {
                $this->reading_beginning_of_line = true;
            } else {
                $this->reading_beginning_of_line = false;
            }

        }
+
        return $bytes_read;

    }
 }

-
-
 class RestoreFromBackup extends Command
 {
    /**
@@ -201,7 +210,7 @@ class RestoreFromBackup extends Command
    public function handle()
    {
        $dir = getcwd();
-        if( $dir != base_path() ) { // usually only the case when running via webserver, not via command-line
+        if ($dir != base_path()) { // usually only the case when running via webserver, not via command-line
            Log::debug("Current working directory is: $dir, changing directory to: ".base_path());
            chdir(base_path()); // TODO - is this *safe* to change on a running script?!
        }
@@ -220,7 +229,7 @@ class RestoreFromBackup extends Command
            return $this->error('DB_CONNECTION must be MySQL in order to perform a restore. Detected: '.config('database.default'));
        }

-        $za = new ZipArchive();
+        $za = new ZipArchive;

        $errcode = $za->open($filename/* , ZipArchive::RDONLY */); // that constant only exists in PHP 7.4 and higher
        if ($errcode !== true) {
@@ -239,12 +248,12 @@ class RestoreFromBackup extends Command
            return $this->error('Could not access file: '.$filename.' - '.array_key_exists($errcode, $errors) ? $errors[$errcode] : " Unknown reason: $errcode");
        }

-
        $private_dirs = [
            'storage/private_uploads/accessories',
-            'storage/private_uploads/assetmodels',
-            'storage/private_uploads/maintenances',
-            'storage/private_uploads/models',
+            'storage/private_uploads/assetmodels' => 'storage/private_uploads/models', // this was changed from assetmodels => models Aug 10 2025
+            'storage/private_uploads/asset_maintenances' => 'storage/private_uploads/maintenances', // this was changed from asset_maintenances => maintenances Aug 10 2025
+            'storage/private_uploads/maintenances', // but let 'maintenances' take precedence
+            'storage/private_uploads/models', // and let 'models' take precedence
            'storage/private_uploads/assets', // these are asset _files_, not the pictures.
            'storage/private_uploads/audits',
            'storage/private_uploads/components',
@@ -262,7 +271,7 @@ class RestoreFromBackup extends Command
        ];
        $public_dirs = [
            'public/uploads/accessories',
-            'public/uploads/assetmodels',
+            // 'public/uploads/assetmodels' => 'public/uploads/models', //according to git, this was _never_ a thing... (see below)
            'public/uploads/maintenances',
            'public/uploads/assets', // these are asset _pictures_, not asset files
            'public/uploads/avatars',
@@ -273,7 +282,7 @@ class RestoreFromBackup extends Command
            'public/uploads/departments',
            'public/uploads/locations',
            'public/uploads/manufacturers',
-            'public/uploads/models',
+            'public/uploads/models', // ...it's been this way for 9 years (as of late 2025)
            'public/uploads/suppliers',
        ];

@@ -286,8 +295,6 @@ class RestoreFromBackup extends Command
            'public/uploads/favicon-uploaded.*',
        ];

-        $all_files = $private_dirs + $public_dirs;
-
        $sqlfiles = [];
        $sqlfile_indices = [];

@@ -295,71 +302,115 @@ class RestoreFromBackup extends Command
        $boring_files = [];
        $unsafe_files = [];

+        $good_extensions = config('filesystems.allowed_upload_extensions_array');
+
+        $private_extensions = array_merge($good_extensions, ['csv', 'key']); // add csv, and 'key'
+        $public_extensions = array_diff($good_extensions, ['xml']); // remove xml
+
+        $sanitizer = new Sanitizer;
+
+        /**
+         * TODO: I _hate_ the "continue 3" thing we keep doing here
+         * I think a better approach might be to have the "each file" stuff be in a method on this class, and the
+         * boring_files and interesting_files be properties on it that we fill out. Then, in that method, we could
+         * just do a 'return' once the file is actually handled (yay or nay). We could also start to break out some of
+         * the _other_ things that we do into their own methods too? But I don't care about that as much.
+         */
        for ($i = 0; $i < $za->numFiles; $i++) {
            $stat_results = $za->statIndex($i);
            // echo "index: $i\n";
            // print_r($stat_results);

            $raw_path = $stat_results['name'];
-            if (strpos($raw_path, '\\') !== false) { //found a backslash, swap it to forward-slash
+            if (strpos($raw_path, '\\') !== false) { // found a backslash, swap it to forward-slash
                $raw_path = strtr($raw_path, '\\', '/');
-                //print "Translating file: ".$stat_results['name']." to: ".$raw_path."\n";
+                // print "Translating file: ".$stat_results['name']." to: ".$raw_path."\n";
            }

            // skip macOS resource fork files (?!?!?!)
            if (strpos($raw_path, '__MACOSX') !== false && strpos($raw_path, '._') !== false) {
-                //print "SKIPPING macOS Resource fork file: $raw_path\n";
-                $boring_files[] = $raw_path;
+                // print "SKIPPING macOS Resource fork file: $raw_path\n";
+                // $boring_files[] = $raw_path; //stop adding this to the boring files list; it's just confusing
                continue;
            }
            if (@pathinfo($raw_path, PATHINFO_EXTENSION) == 'sql') {
-                Log::debug("Found a sql file!");
+                Log::debug('Found a sql file!');
                $sqlfiles[] = $raw_path;
                $sqlfile_indices[] = $i;
+
                continue;
            }
+            if ($raw_path[-1] == '/') {
+                // last character is '/' - this is a directory, and we don't need it, and we don't need to warn about it
+                continue;
+            }
+            if (in_array(basename($raw_path), ['.gitkeep', '.gitignore', '.DS_Store'])) {
+                // skip these boring files silently without reporting on them; they're stupid
+                continue;
+            }
+            $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));

-            foreach (array_merge($private_dirs, $public_dirs) as $dir) {
-                $last_pos = strrpos($raw_path, $dir . '/');
-                if ($last_pos !== false) {
-                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
-                    //print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
-                    $interesting_files[$raw_path] = ['dest' => $dir, 'index' => $i];
-                    continue 2;
-                    if ($last_pos + strlen($dir) + 1 == strlen($raw_path)) {
-                        // we don't care about that; we just want files with the appropriate prefix
-                        //print("FOUND THE EXACT DIRECTORY: $dir AT: $raw_path!!!\n");
+            foreach (['public' => $public_dirs, 'private' => $private_dirs] as $purpose => $dirs) {
+                $allowed_extensions = match ($purpose) {
+                    'public' => $public_extensions,
+                    'private' => $private_extensions,
+                };
+                foreach ($dirs as $dir => $destdir) {
+                    if (is_int($dir)) {
+                        $dir = $destdir;
+                    }
+                    $last_pos = strrpos($raw_path, $dir.'/');
+                    if ($last_pos !== false) {
+                        // print("INTERESTING - last_pos is $last_pos when searching $raw_path for $dir - last_pos+strlen(\$dir) is: ".($last_pos+strlen($dir))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
+                        // print("We would copy $raw_path to $dir.\n"); //FIXME append to a path?
+                        // the CSV bit, below, is because we store CSV files as "blahcsv" - without an extension
+                        if (! in_array($extension, $allowed_extensions) && ! ($dir == 'storage/private_uploads/imports' && substr($raw_path, -3) == 'csv' && $extension == '')) {
+                            $unsafe_files[] = $raw_path;
+                            Log::debug($raw_path.' from directory '.$dir.' is being skipped');
+                        } else {
+                            if ($dir != $destdir) {
+                                Log::debug("Getting ready to save file $raw_path to new directory $destdir");
+                            }
+                            $interesting_files[$raw_path] = ['dest' => $destdir, 'index' => $i];
+                        }
+
+                        continue 3;
                    }
                }
            }

-            $good_extensions = config('filesystems.allowed_upload_extensions_array');
-
-            foreach (array_merge($private_files, $public_files) as $file) {
-                $has_wildcard = (strpos($file, '*') !== false);
-                if ($has_wildcard) {
-                    $file = substr($file, 0, -1); //trim last character (which should be the wildcard)
-                }
-                $last_pos = strrpos($raw_path, $file); // no trailing slash!
-                if ($last_pos !== false) {
-                    $extension = strtolower(pathinfo($raw_path, PATHINFO_EXTENSION));
-                    if (!in_array($extension, $good_extensions)) {
-                        // gathering potentially unsafe files here to return at exit
-                        $unsafe_files[] = $raw_path;
-                        Log::debug('Potentially unsafe file '.$raw_path.' is being skipped');
-                        $boring_files[] = $raw_path;
-                        continue 2;
+            foreach (['public' => $public_files, 'private' => $private_files] as $purpose => $files) {
+                $allowed_extensions = match ($purpose) {
+                    'public' => $public_extensions,
+                    'private' => $private_extensions,
+                };
+                foreach ($files as $file) {
+                    $has_wildcard = (strpos($file, '*') !== false);
+                    if ($has_wildcard) {
+                        $file = substr($file, 0, -1); // trim last character (which should be the wildcard)
                    }
-                    //print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
-                    //no wildcards found in $file, process 'normally'
-                    if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { //again, no trailing slash. or this is a wildcard and we just take it.
-                        // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
-                        $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
-                        continue 2;
+                    $last_pos = strrpos($raw_path, $file); // no trailing slash!
+                    if ($last_pos !== false) {
+                        if (! in_array($extension, $allowed_extensions)) {
+                            // gathering potentially unsafe files here to return at exit
+                            $unsafe_files[] = $raw_path;
+                            Log::debug('Potentially unsafe file '.$raw_path.' is being skipped');
+                            $boring_files[] = $raw_path;
+
+                            continue 3;
+                        }
+                        // print("INTERESTING - last_pos is $last_pos when searching $raw_path for $file - last_pos+strlen(\$file) is: ".($last_pos+strlen($file))." and strlen(\$rawpath) is: ".strlen($raw_path)."\n");
+                        // no wildcards found in $file, process 'normally'
+                        if ($last_pos + strlen($file) == strlen($raw_path) || $has_wildcard) { // again, no trailing slash. or this is a wildcard and we just take it.
+                            // print("FOUND THE EXACT FILE: $file AT: $raw_path!!!\n"); //we *do* care about this, though.
+                            $interesting_files[$raw_path] = ['dest' => dirname($file), 'index' => $i];
+
+                            continue 3;
+                        }
                    }
                }
            }
-            $boring_files[] = $raw_path; //if we've gotten to here and haven't continue'ed our way into the next iteration, we don't want this file
+            $boring_files[] = $raw_path; // if we've gotten to here and haven't continue'ed our way into the next iteration, we don't want this file
        } // end of pre-processing the ZIP file for-loop
        // print_r($interesting_files);exit(-1);

@@ -368,12 +419,12 @@ class RestoreFromBackup extends Command
        }

        if (strpos($sqlfiles[0], 'db-dumps') === false) {
-            //return $this->error("SQL backup file is missing 'db-dumps' component of full pathname: ".$sqlfiles[0]);
-            //older Snipe-IT installs don't have the db-dumps subdirectory component
+            // return $this->error("SQL backup file is missing 'db-dumps' component of full pathname: ".$sqlfiles[0]);
+            // older Snipe-IT installs don't have the db-dumps subdirectory component
        }

        $sql_stat = $za->statIndex($sqlfile_indices[0]);
-        //$this->info("SQL Stat is: ".print_r($sql_stat,true));
+        // $this->info("SQL Stat is: ".print_r($sql_stat,true));
        $sql_contents = $za->getStream($sql_stat['name']); // maybe copy *THIS* thing?

        // OKAY, now that we *found* the sql file if we're doing just the guess-prefix thing, we can do that *HERE* I think?
@@ -388,27 +439,32 @@ class RestoreFromBackup extends Command
        if ($this->option('sql-stdout-only')) {
            $sql_importer = new SQLStreamer($sql_contents, STDOUT, $this->option('sanitize-with-prefix'));
            $bytes_read = $sql_importer->line_aware_piping();
+
            return $this->warn("$bytes_read total bytes read");
-            //TODO - it'd be nice to dump this message to STDERR so that STDOUT is just pure SQL,
+            // TODO - it'd be nice to dump this message to STDERR so that STDOUT is just pure SQL,
            // which would be good for redirecting to a file, and not having to trim the last line off of it
        }

-        //how to invoke the restore?
+        // how to invoke the restore?
        $pipes = [];

        $env_vars = getenv();
        $env_vars['MYSQL_PWD'] = config('database.connections.mysql.password');
        // TODO notes: we are stealing the dump_binary_path (which *probably* also has your copy of the mysql binary in it. But it might not, so we might need to extend this)
        //             we unilaterally prepend a slash to the `mysql` command. This might mean your path could look like /blah/blah/blah//mysql - which should be fine. But maybe in some environments it isn't?
-        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').\DIRECTORY_SEPARATOR.'mysql'.(\DIRECTORY_SEPARATOR == '\\' ? ".exe" : "");
-        if( ! file_exists($mysql_binary) ) {
+        $mysql_binary = config('database.connections.mysql.dump.dump_binary_path').\DIRECTORY_SEPARATOR.'mysql'.(\DIRECTORY_SEPARATOR == '\\' ? '.exe' : '');
+        if (! file_exists($mysql_binary)) {
            return $this->error("mysql tool at: '$mysql_binary' does not exist, cannot restore. Please edit DB_DUMP_PATH in your .env to point to a directory that contains the mysqldump and mysql binary");
        }
-        $proc_results = proc_open("$mysql_binary -h ".escapeshellarg(config('database.connections.mysql.host')).' -u '.escapeshellarg(config('database.connections.mysql.username')).' '.escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
-                                  [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']],
-                                  $pipes,
-                                  null,
-                                  $env_vars); // this is not super-duper awesome-secure, but definitely more secure than showing it on the CLI, or dropping temporary files with passwords in them.
+        $proc_results = proc_open("$mysql_binary -h " .
+            escapeshellarg(config('database.connections.mysql.host')) .
+            ' -u ' . escapeshellarg(config('database.connections.mysql.username')) . ' ' .
+            ' -P ' . escapeshellarg(config('database.connections.mysql.port')) . ' ' .
+            escapeshellarg(config('database.connections.mysql.database')), // yanked -p since we pass via ENV
+            [0 => ['pipe', 'r'], 1 => ['pipe', 'w'], 2 => ['pipe', 'w']],
+            $pipes,
+            null,
+            $env_vars); // this is not super-duper awesome-secure, but definitely more secure than showing it on the CLI, or dropping temporary files with passwords in them.
        if ($proc_results === false) {
            return $this->error('Unable to invoke mysql via CLI');
        }
@@ -422,7 +478,7 @@ class RestoreFromBackup extends Command
        // should we read stdout?
        // fwrite($pipes[0],config("database.connections.mysql.password")."\n"); //this doesn't work :(

-        //$sql_contents = fopen($sqlfiles[0], "r"); //NOPE! This isn't a real file yet, silly-billy!
+        // $sql_contents = fopen($sqlfiles[0], "r"); //NOPE! This isn't a real file yet, silly-billy!

        // FIXME - this feels like it wants to go somewhere else?
        // and it doesn't seem 'right' - if you can't get a stream to the .sql file,
@@ -437,7 +493,7 @@ class RestoreFromBackup extends Command
        }

        try {
-            if ( $this->option('sanitize-with-prefix') === null) {
+            if ($this->option('sanitize-with-prefix') === null) {
                // "Legacy" direct-piping
                $bytes_read = 0;
                while (($buffer = fgets($sql_contents, SQLStreamer::$buffer_size)) !== false) {
@@ -446,7 +502,7 @@ class RestoreFromBackup extends Command
                    $bytes_written = fwrite($pipes[0], $buffer);

                    if ($bytes_written === false) {
-                        throw new Exception("Unable to write to pipe");
+                        throw new Exception('Unable to write to pipe');
                    }
                }
            } else {
@@ -454,37 +510,37 @@ class RestoreFromBackup extends Command
                $bytes_read = $sql_importer->line_aware_piping();
            }
        } catch (\Exception $e) {
-            Log::error("Error during restore!!!! ".$e->getMessage());
+            Log::error('Error during restore!!!! '.$e->getMessage());
            // FIXME - put these back and/or put them in the right places?!
            $err_out = fgets($pipes[1]);
            $err_err = fgets($pipes[2]);
-            Log::error("Error OUTPUT: ".$err_out);
+            Log::error('Error OUTPUT: '.$err_out);
            $this->info($err_out);
-            Log::error("Error ERROR : ".$err_err);
+            Log::error('Error ERROR : '.$err_err);
            $this->error($err_err);
            throw $e;
        }
-        if (!feof($sql_contents) || $bytes_read == 0) {
-            return $this->error("Not at end of file for sql file, or zero bytes read. aborting!");
+        if (! feof($sql_contents) || $bytes_read == 0) {
+            return $this->error('Not at end of file for sql file, or zero bytes read. aborting!');
        }
-    
+
        fclose($pipes[0]);
        fclose($sql_contents);
-        
+
        $this->line(stream_get_contents($pipes[1]));
        fclose($pipes[1]);

        $this->error(stream_get_contents($pipes[2]));
        fclose($pipes[2]);

-        //wait, have to do fclose() on all pipes first?
+        // wait, have to do fclose() on all pipes first?
        $close_results = proc_close($proc_results);
        if ($close_results != 0) {
            return $this->error('There may have been a problem with the database import: Error number '.$close_results);
        }

-        //and now copy the files over too (right?)
-        //FIXME - we don't prune the filesystem space yet!!!!
+        // and now copy the files over too (right?)
+        // FIXME - we don't prune the filesystem space yet!!!!
        if ($this->option('no-progress')) {
            $bar = null;
        } else {
@@ -492,18 +548,25 @@ class RestoreFromBackup extends Command
        }
        foreach ($interesting_files as $pretty_file_name => $file_details) {
            $ugly_file_name = $za->statIndex($file_details['index'])['name'];
-            $fp = $za->getStream($ugly_file_name);
-            //$this->info("Weird problem, here are file details? ".print_r($file_details,true));
-            if (!is_dir($file_details['dest'])) {
-                mkdir($file_details['dest'], 0755, true); //0755 is what Laravel uses, so we do that
+            $migrated_file_name = $file_details['dest'].'/'.basename($pretty_file_name);
+            if (strcasecmp(substr($pretty_file_name, -4), '.svg') === 0) {
+                $svg_contents = $za->getFromIndex($file_details['index']);
+                $cleaned_svg = $sanitizer->sanitize($svg_contents);
+                file_put_contents($migrated_file_name, $cleaned_svg);
+            } else {
+                $fp = $za->getStream($ugly_file_name);
+                // $this->info("Weird problem, here are file details? ".print_r($file_details,true));
+                if (! is_dir($file_details['dest'])) {
+                    mkdir($file_details['dest'], 0755, true); // 0755 is what Laravel uses, so we do that
+                }
+                $migrated_file = fopen($migrated_file_name, 'w');
+                while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
+                    fwrite($migrated_file, $buffer);
+                }
+                fclose($migrated_file);
+                fclose($fp);
+                // $this->info("Wrote $ugly_file_name to $pretty_file_name");
            }
-            $migrated_file = fopen($file_details['dest'].'/'.basename($pretty_file_name), 'w');
-            while (($buffer = fgets($fp, SQLStreamer::$buffer_size)) !== false) {
-                fwrite($migrated_file, $buffer);
-            }
-            fclose($migrated_file);
-            fclose($fp);
-            //$this->info("Wrote $ugly_file_name to $pretty_file_name");
            if ($bar) {
                $bar->advance();
            }
@@ -5,10 +5,10 @@ namespace App\Console\Commands;
 use App\Models\Asset;
 use App\Models\CustomField;
 use App\Models\Setting;
-use Illuminate\Support\Facades\Artisan;
 use Illuminate\Console\Command;
 use Illuminate\Contracts\Encryption\DecryptException;
 use Illuminate\Encryption\Encrypter;
+use Illuminate\Support\Facades\Artisan;

 class RotateAppKey extends Command
 {
@@ -46,12 +46,13 @@ class RotateAppKey extends Command
     */
    public function handle()
    {
-        //make sure they specify only exactly one of --emergency, or a filename. Not neither, and not both.
-        if ( (!$this->option('emergency') && !$this->argument('previous_key')) || ( $this->option('emergency') && $this->argument('previous_key'))) {
-            $this->error("Specify only one of --emergency, or an app key value, in order to rotate keys");
+        // make sure they specify only exactly one of --emergency, or a filename. Not neither, and not both.
+        if ((! $this->option('emergency') && ! $this->argument('previous_key')) || ($this->option('emergency') && $this->argument('previous_key'))) {
+            $this->error('Specify only one of --emergency, or an app key value, in order to rotate keys');
+
            return 1;
        }
-        if ( $this->option('emergency') ) {
+        if ($this->option('emergency')) {
            $msg = "\n****************************************************\nTHIS WILL MODIFY YOUR APP_KEY AND DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND \nRE-ENCRYPT THEM WITH A NEWLY GENERATED KEY. \n\nThere is NO undo. \n\nMake SURE you have a database backup and a backup of your .env generated BEFORE running this command. \n\nIf you do not save the newly generated APP_KEY to your .env in this process, \nyour encrypted data will no longer be decryptable. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup and an .env backup? ";
        } else {
            $msg = "\n****************************************************\nTHIS WILL DE-CRYPT YOUR ENCRYPTED CUSTOM FIELDS AND RE-ENCRYPT THEM WITH YOUR\nAPP_KEY.\n\nThere is NO undo. \n\nMake SURE you have a database backup BEFORE running this command. \n\nAre you SURE you wish to continue, and have confirmed you have a database backup? ";
@@ -79,9 +80,9 @@ class RotateAppKey extends Command
                $new_app_key = config('app.key');
            }

-            $this->warn('Your app cipher is: ' . $cipher);
-            $this->warn('Your old APP_KEY is: ' . $old_app_key);
-            $this->warn('Your new APP_KEY is: ' . $new_app_key);
+            $this->warn('Your app cipher is: '.$cipher);
+            $this->warn('Your old APP_KEY is: '.$old_app_key);
+            $this->warn('Your new APP_KEY is: '.$new_app_key);

            // Manually create an old encrypter instance using the old app key
            // and also create a new encrypter instance so we can re-crypt the field
@@ -97,12 +98,13 @@ class RotateAppKey extends Command
                foreach ($assets as $asset) {
                    try {
                        $asset->{$field->db_column} = $oldEncrypter->decrypt($asset->{$field->db_column});
-                        $this->line('DECRYPTED: ' . $field->db_column);
+                        $this->line('DECRYPTED: '.$field->db_column);
                    } catch (DecryptException $e) {
-                        $this->line('Could not decrypt '. $field->db_column.' using "old key" - skipping...');
+                        $this->line('Could not decrypt '.$field->db_column.' using "old key" - skipping...');
+
                        continue;
                    } catch (\Exception $e) {
-                        $this->error("Error decrypting ".$field->db_column.", reason: ".$e->getMessage().". Aborting key rotation");
+                        $this->error('Error decrypting '.$field->db_column.', reason: '.$e->getMessage().'. Aborting key rotation');
                        throw $e;
                    }
                    $asset->{$field->db_column} = $newEncrypter->encrypt($asset->{$field->db_column});
@@ -119,8 +121,8 @@ class RotateAppKey extends Command
                    $setting->ldap_pword = $newEncrypter->encrypt($setting->ldap_pword);
                    $setting->save();
                    $this->warn('LDAP password has been re-encrypted.');
-                } catch(DecryptException $e) {
-                    $this->warn("Unable to decrypt old LDAP password; skipping");
+                } catch (DecryptException $e) {
+                    $this->warn('Unable to decrypt old LDAP password; skipping');
                }
            }
        } else {
@@ -2,8 +2,8 @@

 namespace App\Console\Commands;

-use Illuminate\Console\Command;
 use App\Models\SamlNonce;
+use Illuminate\Console\Command;

 class SamlClearExpiredNonces extends Command
 {
@@ -38,7 +38,8 @@ class SamlClearExpiredNonces extends Command
     */
    public function handle()
    {
-        SamlNonce::where('not_valid_after','<=',now())->delete();
+        SamlNonce::where('not_valid_after', '<=', now())->delete();
+
        return 0;
    }
 }
@@ -3,13 +3,15 @@
 namespace App\Console\Commands;

 use App\Mail\UnacceptedAssetReminderMail;
+use App\Models\Accessory;
 use App\Models\Asset;
 use App\Models\CheckoutAcceptance;
-use App\Models\Setting;
+use App\Models\Component;
+use App\Models\Consumable;
+use App\Models\LicenseSeat;
 use App\Models\User;
-use App\Notifications\CheckoutAssetNotification;
-use App\Notifications\CurrentInventory;
 use Illuminate\Console\Command;
+use Illuminate\Database\Eloquent\Relations\MorphTo;
 use Illuminate\Support\Facades\Mail;

 class SendAcceptanceReminder extends Command
@@ -26,7 +28,7 @@ class SendAcceptanceReminder extends Command
     *
     * @var string
     */
-    protected $description = 'This will resend users with unaccepted assets a reminder to accept or decline them.';
+    protected $description = 'This will resend users with unaccepted items a reminder to accept or decline them.';

    /**
     * Create a new command instance.
@@ -45,28 +47,39 @@ class SendAcceptanceReminder extends Command
     */
    public function handle()
    {
-        $pending = CheckoutAcceptance::pending()->where('checkoutable_type', 'App\Models\Asset')
-                                                ->whereHas('checkoutable', function($query) {
-                                                    $query->where('accepted_at', null)
-                                                          ->where('declined_at', null);
-                                                })
-                                                ->with(['assignedTo', 'checkoutable.assignedTo', 'checkoutable.model', 'checkoutable.adminuser'])
-                                                ->get();
+        $pending = CheckoutAcceptance::query()
+            ->with([
+                'checkoutable' => function (MorphTo $morph) {
+                    $morph->morphWith([
+                        Asset::class => ['model.category', 'assignedTo', 'adminuser', 'company', 'checkouts'],
+                        Accessory::class => ['category', 'company', 'checkouts'],
+                        LicenseSeat::class => ['user', 'license', 'checkouts'],
+                        Component::class => ['assignedTo', 'company', 'checkouts'],
+                        Consumable::class => ['company', 'checkouts'],
+                    ]);
+                },
+                'assignedTo',
+            ])
+            ->whereHasMorph(
+                'checkoutable',
+                [Asset::class, Accessory::class, LicenseSeat::class, Component::class, Consumable::class],
+                fn ($q) => $q->whereNull('accepted_at')
+                    ->whereNull('declined_at')
+            )
+            ->pending()
+            ->get();

        $count = 0;
        $unacceptedAssetGroups = $pending
-            ->filter(function($acceptance) {
-                return $acceptance->checkoutable_type == 'App\Models\Asset';
-            })
-            ->map(function($acceptance) {
+            ->map(function ($acceptance) {
                return ['assetItem' => $acceptance->checkoutable, 'acceptance' => $acceptance];
            })
-            ->groupBy(function($item) {
+            ->groupBy(function ($item) {
                return $item['acceptance']->assignedTo ? $item['acceptance']->assignedTo->id : '';
            });
-            $no_email_list= [];
+        $no_email_list = [];

-        foreach($unacceptedAssetGroups as $unacceptedAssetGroup) {
+        foreach ($unacceptedAssetGroups as $unacceptedAssetGroup) {
            // The [0] is weird, but it allows for the item_count to work and grabs the appropriate info for each user.
            // Collapsing and flattening the collection doesn't work above.
            $acceptance = $unacceptedAssetGroup[0]['acceptance'];
@@ -74,7 +87,7 @@ class SendAcceptanceReminder extends Command
            $locale = $acceptance->assignedTo?->locale;
            $email = $acceptance->assignedTo?->email;

-            if(!$email){
+            if (! $email) {
                $no_email_list[] = [
                    'id' => $acceptance->assignedTo?->id,
                    'name' => $acceptance->assignedTo?->display_name,
@@ -100,12 +113,11 @@ class SendAcceptanceReminder extends Command
            $rows[] = [$user['id'], $user['name']];
        }

-        if (!empty($rows)) {
-            $this->info("The following users do not have an email address:");
+        if (! empty($rows)) {
+            $this->info('The following users do not have an email address:');
            $this->table($headers, $rows);
        }

        return 0;
    }
-
 }
@@ -2,6 +2,7 @@

 namespace App\Console\Commands;

+use App\Helpers\Helper;
 use App\Models\Asset;
 use App\Models\Recipients\AlertRecipient;
 use App\Models\Setting;
@@ -9,6 +10,7 @@ use App\Notifications\ExpectedCheckinAdminNotification;
 use App\Notifications\ExpectedCheckinNotification;
 use Carbon\Carbon;
 use Illuminate\Console\Command;
+use Illuminate\Support\Facades\Notification;

 class SendExpectedCheckinAlerts extends Command
 {
@@ -17,7 +19,7 @@ class SendExpectedCheckinAlerts extends Command
     *
     * @var string
     */
-    protected $name = 'snipeit:expected-checkin';
+    protected $signature = 'snipeit:expected-checkin {--with-output : Display the results in a table in your console in addition to sending the email}';

    /**
     * The console command description.
@@ -42,19 +44,46 @@ class SendExpectedCheckinAlerts extends Command
    public function handle()
    {
        $settings = Setting::getSettings();
-        $interval = $settings->audit_warning_days ?? 0;
+        $interval = $settings->due_checkin_days ?? 0;
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);
-        
+        $count = 0;
+
+        if (! $this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
+        }
+
        $assets = Asset::whereNull('deleted_at')->DueOrOverdueForCheckin($settings)->orderBy('assets.expected_checkin', 'desc')->get();

-        $this->info($assets->count().' assets must be checked in on or before '.$interval_date.' is deadline');
-
+        $this->info($assets->count().' assets must be checked on or before '.Helper::getFormattedDateObject($interval_date, 'date', false));

        foreach ($assets as $asset) {
-            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email!='') && $asset->checkedOutToUser()) {
-                $this->info('Sending User ExpectedCheckinNotification to: '.$asset->assignedTo->email);
+            if ($asset->assignedTo && (isset($asset->assignedTo->email)) && ($asset->assignedTo->email != '') && $asset->checkedOutToUser()) {
                $asset->assignedTo->notify((new ExpectedCheckinNotification($asset)));
+                $count++;
+            }
+        }
+
+        if ($this->option('with-output')) {
+            if (($assets) && ($assets->count() > 0) && ($settings->alert_email != '')) {
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('admin/hardware/form.tag'),
+                        trans('admin/hardware/form.model'),
+                        trans('general.model_no'),
+                        trans('general.purchase_date'),
+                        trans('admin/hardware/form.expected_checkin'),
+                    ],
+                    $assets->map(fn ($assets) => [
+                        trans('general.id') => $assets->id,
+                        trans('admin/hardware/form.tag') => $assets->asset_tag,
+                        trans('admin/hardware/form.model') => $assets->model->name,
+                        trans('general.model_no') => $assets->model->model_number,
+                        trans('general.purchase_date') => $assets->purchase_date_formatted,
+                        trans('admin/hardware/form.eol_date') => $assets->expected_checkin_formattedDate ? $assets->expected_checkin_formattedDate.' ('.$assets->expected_checkin_diff_for_humans.')' : '',
+                    ])
+                );
            }
        }

@@ -63,10 +92,11 @@ class SendExpectedCheckinAlerts extends Command
            $recipients = collect(explode(',', $settings->alert_email))->map(function ($item) {
                return new AlertRecipient($item);
            });
-
-            $this->info('Sending Admin ExpectedCheckinNotification to: '.$settings->alert_email);
-            \Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));
+            Notification::send($recipients, new ExpectedCheckinAdminNotification($assets));

        }
+
+        $this->info('Sent checkin reminders to to '.$count.' users.');
+
    }
 }
@@ -13,11 +13,11 @@ use Illuminate\Support\Facades\Mail;
 class SendExpirationAlerts extends Command
 {
    /**
-     * The console command name.
+     * The name and signature of the console command.
     *
     * @var string
     */
-    protected $name = 'snipeit:expiring-alerts';
+    protected $signature = 'snipeit:expiring-alerts {--expired-licenses}';

    /**
     * The console command description.
@@ -48,27 +48,80 @@ class SendExpirationAlerts extends Command

            // Send a rollup to the admin, if settings dictate
            $recipients = collect(explode(',', $settings->alert_email))
-                ->map(fn($item) => trim($item)) // Trim each email
-                ->filter(fn($item) => !empty($item))
+                ->map(fn ($item) => trim($item)) // Trim each email
+                ->filter(fn ($item) => ! empty($item))
                ->all();
            // Expiring Assets
-            $assets = Asset::getExpiringWarrantee($alert_interval);
+            $assets = Asset::getExpiringWarrantyOrEol($alert_interval);
+
+            $assets->load(['assignedTo', 'supplier']);

            if ($assets->count() > 0) {
-                $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $alert_interval]));
+
                Mail::to($recipients)->send(new ExpiringAssetsMail($assets, $alert_interval));
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('admin/hardware/form.tag'),
+                        trans('admin/hardware/form.model'),
+                        trans('general.model_no'),
+                        trans('general.purchase_date'),
+                        trans('admin/hardware/form.eol_rate'),
+                        trans('admin/hardware/form.eol_date'),
+                        trans('admin/hardware/form.warranty_expires'),
+                    ],
+                    $assets->map(fn ($item) => [
+                        trans('general.id') => $item->id,
+                        trans('admin/hardware/form.tag') => $item->asset_tag,
+                        trans('admin/hardware/form.model') => $item->model->name,
+                        trans('general.model_no') => $item->model->model_number,
+                        trans('general.purchase_date') => $item->purchase_date_formatted,
+                        trans('admin/hardware/form.eol_rate') => $item->model->eol,
+                        trans('admin/hardware/form.eol_date') => $item->eol_date ? $item->eol_formatted_date.' ('.$item->eol_diff_for_humans.')' : '',
+                        trans('admin/hardware/form.warranty_expires') => $item->warranty_expires ? $item->warranty_expires_formatted_date.' ('.$item->warranty_expires_diff_for_humans.')' : '',
+                    ])
+                );
            }

            // Expiring licenses
-            $licenses = License::getExpiringLicenses($alert_interval);
+            $licenses = License::query()->ExpiringLicenses($alert_interval, $this->option('expired-licenses'))
+                ->with('manufacturer', 'category')
+                ->orderBy('expiration_date', 'ASC')
+                ->orderBy('termination_date', 'ASC')
+                ->get();
            if ($licenses->count() > 0) {
-                $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $alert_interval]));
                Mail::to($recipients)->send(new ExpiringLicenseMail($licenses, $alert_interval));
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('general.name'),
+                        trans('general.purchase_date'),
+                        trans('admin/licenses/form.expiration'),
+                        trans('mail.expires'),
+                        trans('admin/licenses/form.termination_date'),
+                        trans('mail.terminates')],
+                    $licenses->map(fn ($item) => [
+                        trans('general.id') => $item->id,
+                        trans('general.name') => $item->name,
+                        trans('general.purchase_date') => $item->purchase_date_formatted,
+                        trans('admin/licenses/form.expiration') => $item->expires_formatted_date,
+                        trans('mail.expires') => $item->expires_formatted_date ? $item->expires_diff_for_humans : '',
+                        trans('admin/licenses/form.termination_date') => $item->terminates_formatted_date,
+                        trans('mail.terminates') => $item->terminates_diff_for_humans,
+                    ])
+                );
            }
+
+            // Send a message even if the count is 0
+            $this->info(trans_choice('mail.assets_warrantee_alert', $assets->count(), ['count' => $assets->count(), 'threshold' => $alert_interval]));
+            $this->info(trans_choice('mail.license_expiring_alert', $licenses->count(), ['count' => $licenses->count(), 'threshold' => $alert_interval]));
+
        } else {
            if ($settings->alert_email == '') {
                $this->error('Could not send email. No alert email configured in settings');
-            } elseif (1 != $settings->alerts_enabled) {
+            } elseif ($settings->alerts_enabled != 1) {
                $this->info('Alerts are disabled in the settings. No mail will be sent');
            }
        }
@@ -52,12 +52,14 @@ class SendInventoryAlerts extends Command
                    return new AlertRecipient($item);
                });

-                \Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+                Notification::send($recipients, new InventoryAlert($items, $settings->alert_threshold));
+            } else {
+                $this->info('No low inventory items found. No mail sent.');
            }
        } else {
            if ($settings->alert_email == '') {
                $this->error('Could not send email. No alert email configured in settings');
-            } elseif (1 != $settings->alerts_enabled) {
+            } elseif ($settings->alerts_enabled != 1) {
                $this->info('Alerts are disabled in the settings. No mail will be sent');
            }
        }
@@ -16,7 +16,7 @@ class SendUpcomingAuditReport extends Command
     *
     * @var string
     */
-    protected $signature = 'snipeit:upcoming-audits';
+    protected $signature = 'snipeit:upcoming-audits {--with-output : Display the results in a table in your console in addition to sending the email}';

    /**
     * The console command description.
@@ -47,20 +47,62 @@ class SendUpcomingAuditReport extends Command
        $today = Carbon::now();
        $interval_date = $today->copy()->addDays($interval);

-        $assets = Asset::whereNull('deleted_at')->dueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'desc')->get();
-        $this->info($assets->count() . ' assets must be audited in on or before ' . $interval_date . ' is deadline');
+        $assets_query = Asset::whereNull('deleted_at')->dueOrOverdueForAudit($settings)->orderBy('assets.next_audit_date', 'asc')->with('supplier');
+        $asset_count = $assets_query->count();
+        $this->info(number_format($asset_count).' assets must be audited on or before '.$interval_date);
+        if (! $this->option('with-output')) {
+            $this->info('Run this command with the --with-output option to see the full list in the console.');
+        }

+        if ($asset_count > 0) {
+
+            $assets_for_email = $assets_query->limit(30)->get();

-        if ((count($assets) !== 0) && ($assets->count() > 0) && ($settings->alert_email != '')) {
            // Send a rollup to the admin, if settings dictate
-            $recipients = collect(explode(',', $settings->alert_email))
-                ->map(fn($item) => trim($item))
-                ->filter(fn($item) => !empty($item))
-                ->all();
+            if ($settings->alert_email != '') {

+                $recipients = collect(explode(',', $settings->alert_email))
+                    ->map(fn ($item) => trim($item))
+                    ->filter(fn ($item) => ! empty($item))
+                    ->all();

-            $this->info('Sending Admin SendUpcomingAuditNotification to: ' . $settings->alert_email);
-            Mail::to($recipients)->send(new SendUpcomingAuditMail($assets, $settings->audit_warning_days));
+                Mail::to($recipients)->send(new SendUpcomingAuditMail($assets_for_email, $settings->audit_warning_days, $asset_count));
+                $this->info('Audit notification sent to: '.$settings->alert_email);
+
+            } else {
+                $this->info('There is no admin alert email set so no email will be sent.');
+            }
+
+            if ($this->option('with-output')) {
+
+                // Get the full list if the user wants output in the console
+                $assets_for_output = $assets_query->limit(null)->get();
+
+                $this->table(
+                    [
+                        trans('general.id'),
+                        trans('general.name'),
+                        trans('general.last_audit'),
+                        trans('general.next_audit_date'),
+                        trans('mail.Days'),
+                        trans('mail.supplier'),
+                        trans('mail.assigned_to'),
+
+                    ],
+                    $assets_for_output->map(fn ($item) => [
+                        trans('general.id') => $item->id,
+                        trans('general.name') => $item->display_name,
+                        trans('general.last_audit') => $item->last_audit_formatted_date,
+                        trans('general.next_audit_date') => $item->next_audit_formatted_date,
+                        trans('mail.Days') => round($item->next_audit_diff_in_days),
+                        trans('mail.supplier') => $item->supplier ? $item->supplier->name : '',
+                        trans('mail.assigned_to') => $item->assignedTo ? $item->assignedTo->display_name : '',
+                    ])
+                );
+            }
+
+        } else {
+            $this->info('There are no assets due for audit in the next '.$interval.' days.');
        }

    }
@@ -63,16 +63,14 @@ class SyncAssetCounters extends Command

                    }

-            } else {
-                $this->info('No assets to sync');
-            }
-        });
-        
+                } else {
+                    $this->info('No assets to sync');
+                }
+            });

        $bar->finish();
        $time_elapsed_secs = microtime(true) - $start;
        $this->info("\nSync of ".$assets_count.' assets executed in '.$time_elapsed_secs.' seconds');

-
    }
 }
@@ -3,6 +3,8 @@
 namespace App\Console\Commands;

 use App\Models\Asset;
+use App\Models\Location;
+use App\Models\User;
 use Illuminate\Console\Command;

 class SyncAssetLocations extends Command
@@ -57,7 +59,7 @@ class SyncAssetLocations extends Command
            $bar->advance();
        }

-        $assigned_user_assets = Asset::where('assigned_type', \App\Models\User::class)->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
+        $assigned_user_assets = Asset::where('assigned_type', User::class)->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
        $output['info'][] = 'There are '.$assigned_user_assets->count().' assets checked out to users.';
        foreach ($assigned_user_assets as $assigned_user_asset) {
            if (($assigned_user_asset->assignedTo) && ($assigned_user_asset->assignedTo->userLoc)) {
@@ -73,7 +75,7 @@ class SyncAssetLocations extends Command
            $bar->advance();
        }

-        $assigned_location_assets = Asset::where('assigned_type', \App\Models\Location::class)
+        $assigned_location_assets = Asset::where('assigned_type', Location::class)
            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
        $output['info'][] = 'There are '.$assigned_location_assets->count().' assets checked out to locations.';

@@ -90,13 +92,13 @@ class SyncAssetLocations extends Command
        }

        // Assigned to assets
-        $assigned_asset_assets = Asset::where('assigned_type', \App\Models\Asset::class)
+        $assigned_asset_assets = Asset::where('assigned_type', Asset::class)
            ->whereNotNull('assigned_to')->whereNull('deleted_at')->get();
        $output['info'][] = 'Asset-assigned assets: '.$assigned_asset_assets->count();

        foreach ($assigned_asset_assets as $assigned_asset_asset) {

-                // Check to make sure there aren't any invalid relationships
+            // Check to make sure there aren't any invalid relationships
            if ($assigned_asset_asset->assetLoc()) {
                $assigned_asset_asset->location_id = $assigned_asset_asset->assetLoc()->id;
                $output['info'][] = 'Setting Asset Assigned asset '.$assigned_asset_asset->assetLoc()->id.' ('.$assigned_asset_asset->asset_tag.') location to: '.$assigned_asset_asset->assetLoc()->id;
@@ -37,11 +37,13 @@ class SystemBackup extends Command
     */
    public function handle()
    {
+        ini_set('max_execution_time', env('BACKUP_TIME_LIMIT', 600)); // 600 seconds = 10 minutes
+
        if ($this->option('filename')) {
            $filename = $this->option('filename');

            // Make sure the filename ends in .zip
-            if (!ends_with($filename, '.zip')) {
+            if (! ends_with($filename, '.zip')) {
                $filename = $filename.'.zip';
            }

@@ -47,5 +47,4 @@ class TestLocationsFMCS extends Command
        $this->table($header, $mismatched);

    }
-
 }
@@ -17,7 +17,6 @@ class ToggleCustomfieldEncryption extends Command
    protected $signature = 'snipeit:customfield-encryption
                             {fieldname : the db_column_name of the field}';

-
    /**
     * The console command description.
     *
@@ -61,15 +60,15 @@ class ToggleCustomfieldEncryption extends Command
                    $field->field_encrypted = 1;
                    $field->save();

-                // This field is already encrypted. Do nothing.
+                    // This field is already encrypted. Do nothing.
                } else {
-                    $this->error('The custom field ' . $field->db_column.' is already encrypted. No action was taken.');
+                    $this->error('The custom field '.$field->db_column.' is already encrypted. No action was taken.');
                }
            });

-        // No matching column name found
+            // No matching column name found
        } else {
-            $this->error('No matching results for unencrypted custom fields with db_column name: ' . $fieldname.'. Please check the fieldname.');
+            $this->error('No matching results for unencrypted custom fields with db_column name: '.$fieldname.'. Please check the fieldname.');
        }

    }
@@ -0,0 +1,92 @@
+<?php
+
+namespace App\Console\Commands;
+
+use App\Models\Asset;
+use Illuminate\Console\Command;
+use Illuminate\Support\MessageBag;
+
+class ValidateAssets extends Command
+{
+    /**
+     * The name and signature of the console command.
+     *
+     * @var string
+     */
+    protected $signature = 'snipeit:validate-assets {--all : Display the valid assets in your table output as well} ';
+
+    /**
+     * The console command description.
+     *
+     * @var string
+     */
+    protected $description = 'This runs through the list of assets and checks for any validation errors that would prevent it from being updated or checked in or out. ';
+
+    /**
+     * Execute the console command.
+     */
+    public function handle()
+    {
+        $showAll = (bool) $this->option('all');
+
+        $assets = Asset::query()
+            ->whereNull('deleted_at')
+            ->with('model')
+            ->orderBy('assets.created_at', 'desc')
+            ->get();
+
+        if (! $showAll) {
+            $this->info('Run this command with the --all option to see the full list in the console.');
+        }
+
+        $rows = $assets
+            ->filter(fn (Asset $asset) => $showAll || ! $asset->isValid())
+            ->map(fn (Asset $asset) => [
+                trans('general.id') => $asset->id,
+                trans('admin/hardware/form.tag') => $asset->asset_tag,
+                trans('admin/hardware/form.serial') => $asset->serial ?? '',
+                trans('admin/hardware/form.model') => $asset->model?->name ?? '',
+                trans('general.model_no') => $asset->model?->model_number ?? '',
+                trans('general.error') => $asset->isValid() ? '√ valid' : $this->formatValidationErrors($asset),
+            ])
+            ->values()
+            ->all();
+
+        $this->table(
+            [
+                trans('general.id'),
+                trans('admin/hardware/form.tag'),
+                trans('admin/hardware/form.serial'),
+                trans('admin/hardware/form.model'),
+                trans('general.model_no'),
+                trans('general.error'),
+            ],
+            $rows
+        );
+
+        return self::SUCCESS;
+    }
+
+    private function formatValidationErrors(Asset $asset): string
+    {
+        $errors = $asset->getErrors();
+        $messages = [];
+
+        if ($errors instanceof MessageBag) {
+            $messages = $errors->all();
+        } elseif (is_array($errors)) {
+            $messages = $errors;
+        } else {
+            $messages = [(string) $errors];
+        }
+
+        $prefixedMessages = collect($messages)
+            ->map(fn ($message) => trim((string) $message))
+            ->filter()
+            ->map(fn (string $message) => str_starts_with($message, '✘') ? $message : '✘ '.$message)
+            ->values()
+            ->all();
+
+        return implode(PHP_EOL, $prefixedMessages);
+    }
+}
@@ -87,7 +87,7 @@ class Version extends Command
            $app_version = 'v'."$maj.".($min + 1).".$patch";
        } elseif ($use_type == 'patch') {
            $app_version = 'v'."$maj.$min.".($patch + 1);
-        // If nothing is passed, leave the version as it is, just increment the build
+            // If nothing is passed, leave the version as it is, just increment the build
        } else {
            $app_version = 'v'."$maj.$min.".$patch;
        }
@@ -2,9 +2,6 @@

 namespace App\Console;

-use App\Console\Commands\ImportLocations;
-use App\Console\Commands\ReEncodeCustomFieldNames;
-use App\Console\Commands\RestoreDeletedUsers;
 use App\Models\Setting;
 use Illuminate\Console\Scheduling\Schedule;
 use Illuminate\Foundation\Console\Kernel as ConsoleKernel;
@@ -14,12 +11,11 @@ class Kernel extends ConsoleKernel
    /**
     * Define the application's command schedule.
     *
-     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
     * @return void
     */
    protected function schedule(Schedule $schedule)
    {
-        if(Setting::getSettings()?->alerts_enabled === 1) {
+        if (Setting::getSettings()?->alerts_enabled === 1) {
            $schedule->command('snipeit:inventory-alerts')->daily();
            $schedule->command('snipeit:expiring-alerts')->daily();
            $schedule->command('snipeit:expected-checkin')->daily();
@@ -0,0 +1,37 @@
+<?php
+
+namespace App\Enums;
+
+enum ActionType: string
+{
+    // General
+    case Create = 'create';
+    case Update = 'update';
+    case Delete = 'delete';
+    case Restore = 'restore';
+
+    // Assets/Accessories/Components/Licenses/Consumables
+    case Checkout = 'checkout';
+    case CheckinFrom = 'checkin from';
+    case ForceCheckin = 'force checkin';
+    case Requested = 'requested';
+    case RequestCanceled = 'request canceled';
+    case Accepted = 'accepted';
+    case Declined = 'declined';
+    case Audit = 'audit';
+    case NoteAdded = 'note added';
+
+    // Users
+    case TwoFactorReset = '2FA reset';
+    case Merged = 'merged';
+    case TokenRevoked = 'token revoked';
+    case TokenUnrevoked = 'token unrevoked';
+
+    // Licenses
+    case DeleteSeats = 'delete seats';
+    case AddSeats = 'add seats';
+
+    // File Uploads
+    case Uploaded = 'uploaded';
+    case UploadDeleted = 'upload deleted';
+}
@@ -3,7 +3,6 @@
 namespace App\Events;

 use App\Models\CheckoutAcceptance;
-use App\Models\Contracts\Acceptable;
 use Illuminate\Foundation\Events\Dispatchable;
 use Illuminate\Queue\SerializesModels;

@@ -3,7 +3,6 @@
 namespace App\Events;

 use App\Models\CheckoutAcceptance;
-use App\Models\Contracts\Acceptable;
 use Illuminate\Foundation\Events\Dispatchable;
 use Illuminate\Queue\SerializesModels;

@@ -11,10 +11,15 @@ class CheckoutableCheckedIn
    use Dispatchable, SerializesModels;

    public $checkoutable;
+
    public $checkedOutTo;
+
    public $checkedInBy;
+
    public $note;
+
    public $action_date; // Date setted in the hardware.checkin view at the checkin_at input, for the action log
+
    public $originalValues;

    /**
@@ -11,22 +11,32 @@ class CheckoutableCheckedOut
    use Dispatchable, SerializesModels;

    public $checkoutable;
+
    public $checkedOutTo;
+
    public $checkedOutBy;
+
    public $note;
+
    public $originalValues;

+    public int $quantity;
+
+    public bool $signInPlace;
+
    /**
     * Create a new event instance.
     *
     * @return void
     */
-    public function __construct($checkoutable, $checkedOutTo, User $checkedOutBy, $note, $originalValues = [])
+    public function __construct($checkoutable, $checkedOutTo, User $checkedOutBy, $note, $originalValues = [], $quantity = 1, bool $signInPlace = false)
    {
        $this->checkoutable = $checkoutable;
        $this->checkedOutTo = $checkedOutTo;
        $this->checkedOutBy = $checkedOutBy;
        $this->note = $note;
        $this->originalValues = $originalValues;
+        $this->quantity = $quantity;
+        $this->signInPlace = $signInPlace;
    }
 }
@@ -0,0 +1,23 @@
+<?php
+
+namespace App\Events;
+
+use App\Models\User;
+use Illuminate\Database\Eloquent\Model;
+use Illuminate\Foundation\Events\Dispatchable;
+use Illuminate\Queue\SerializesModels;
+use Illuminate\Support\Collection;
+
+class CheckoutablesCheckedOutInBulk
+{
+    use Dispatchable, SerializesModels;
+
+    public function __construct(
+        public Collection $assets,
+        public Model $target,
+        public User $admin,
+        public string $checkout_at,
+        public string $expected_checkin,
+        public string $note,
+    ) {}
+}
@@ -2,9 +2,9 @@

 namespace App\Events;

+use App\Models\User;
 use Illuminate\Foundation\Events\Dispatchable;
 use Illuminate\Queue\SerializesModels;
-use App\Models\User;

 class UserMerged
 {
@@ -17,8 +17,8 @@ class UserMerged
     */
    public function __construct(User $from_user, User $to_user, ?User $admin)
    {
-        $this->merged_from        = $from_user;
-        $this->merged_to      = $to_user;
-        $this->admin            = $admin;
+        $this->merged_from = $from_user;
+        $this->merged_to = $to_user;
+        $this->admin = $admin;
    }
 }
@@ -4,6 +4,4 @@ namespace App\Exceptions;

 use Exception;

-class AssetNotRequestable extends Exception
-{
-}
+class AssetNotRequestable extends Exception {}
@@ -2,16 +2,25 @@

 namespace App\Exceptions;

-use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
 use App\Helpers\Helper;
-use Illuminate\Validation\ValidationException;
-use Illuminate\Auth\AuthenticationException;
 use ArieTimmerman\Laravel\SCIMServer\Exceptions\SCIMException;
-use Illuminate\Support\Facades\Log;
-use Throwable;
-use JsonException;
 use Carbon\Exceptions\InvalidFormatException;
-use Illuminate\Http\Exceptions\ThrottleRequestsException;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Auth\AuthenticationException;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Illuminate\Foundation\Exceptions\Handler as ExceptionHandler;
+use Illuminate\Http\JsonResponse;
+use Illuminate\Http\RedirectResponse;
+use Illuminate\Http\Request;
+use Illuminate\Http\Response;
+use Illuminate\Session\TokenMismatchException;
+use Illuminate\Support\Facades\Log;
+use Illuminate\Validation\ValidationException;
+use Intervention\Image\Exception\NotSupportedException;
+use JsonException;
+use League\OAuth2\Server\Exception\OAuthServerException;
+use Symfony\Component\HttpKernel\Exception\HttpException;
+use Throwable;

 class Handler extends ExceptionHandler
 {
@@ -21,16 +30,16 @@ class Handler extends ExceptionHandler
     * @var array
     */
    protected $dontReport = [
-        \Illuminate\Auth\AuthenticationException::class,
-        \Illuminate\Auth\Access\AuthorizationException::class,
-        \Symfony\Component\HttpKernel\Exception\HttpException::class,
-        \Illuminate\Database\Eloquent\ModelNotFoundException::class,
-        \Illuminate\Session\TokenMismatchException::class,
-        \Illuminate\Validation\ValidationException::class,
-        \Intervention\Image\Exception\NotSupportedException::class,
-        \League\OAuth2\Server\Exception\OAuthServerException::class,
+        AuthenticationException::class,
+        AuthorizationException::class,
+        HttpException::class,
+        ModelNotFoundException::class,
+        TokenMismatchException::class,
+        ValidationException::class,
+        NotSupportedException::class,
+        OAuthServerException::class,
        JsonException::class,
-        SCIMException::class, //these generally don't need to be reported
+        SCIMException::class, // these generally don't need to be reported
        InvalidFormatException::class,
    ];

@@ -39,7 +48,6 @@ class Handler extends ExceptionHandler
     *
     * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
     *
-     * @param  \Throwable  $exception
     * @return void
     */
    public function report(Throwable $exception)
@@ -48,23 +56,23 @@ class Handler extends ExceptionHandler
            if (class_exists(Log::class)) {
                Log::error($exception);
            }
+
            return parent::report($exception);
        }
    }

    /**
     * Render an exception into an HTTP response.
-     * 
-     * @param  \Illuminate\Http\Request  $request
+     *
+     * @param  Request  $request
     * @param  \Exception  $e
-     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse|\Illuminate\Http\Response
+     * @return JsonResponse|RedirectResponse|Response
     */
    public function render($request, Throwable $e)
    {

-
        // CSRF token mismatch error
-        if ($e instanceof \Illuminate\Session\TokenMismatchException) {
+        if ($e instanceof TokenMismatchException) {
            return redirect()->back()->with('error', trans('general.token_expired'));
        }

@@ -78,9 +86,10 @@ class Handler extends ExceptionHandler
        if ($e instanceof SCIMException) {
            try {
                $e->report(); // logs as 'debug', so shouldn't get too noisy
-            } catch(\Exception $reportException) {
-                //do nothing
+            } catch (\Exception $reportException) {
+                // do nothing
            }
+
            return $e->render($request); // ALL SCIMExceptions have the 'render()' method
        }

@@ -98,9 +107,10 @@ class Handler extends ExceptionHandler
            }

            // Handle API requests that fail because the model doesn't exist
-            if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+            if ($e instanceof ModelNotFoundException) {
                $className = last(explode('\\', $e->getModel()));
-                return response()->json(Helper::formatStandardApiResponse('error', null, $className . ' not found'), 200);
+
+                return response()->json(Helper::formatStandardApiResponse('error', null, $className.' not found'), 200);
            }

            // Handle API requests that fail because of an HTTP status code and return a useful error message
@@ -111,8 +121,8 @@ class Handler extends ExceptionHandler
                // API throttle requests are handled in the RouteServiceProvider configureRateLimiting() method, so we don't need to handle them here
                switch ($e->getStatusCode()) {
                    case '404':
-                       return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode . ' endpoint not found'), 404);
-                     case '405':
+                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode.' endpoint not found'), 404);
+                    case '405':
                        return response()->json(Helper::formatStandardApiResponse('error', null, 'Method not allowed'), 405);
                    default:
                        return response()->json(Helper::formatStandardApiResponse('error', null, $statusCode), $statusCode);
@@ -124,19 +134,20 @@ class Handler extends ExceptionHandler
            // never even get to the controller where we normally  nicely format JSON responses
            if ($e instanceof ValidationException) {
                $response = $this->invalidJson($request, $e);
-                return response()->json(Helper::formatStandardApiResponse('error', null,  $e->errors()), 200);
+
+                return response()->json(Helper::formatStandardApiResponse('error', null, $e->errors()), 200);
            }

        }

-
        // This is traaaaash but it handles models that are not found while using route model binding :(
        // The only alternative is to set that at *each* route, which is crazypants
-        if ($e instanceof \Illuminate\Database\Eloquent\ModelNotFoundException) {
+        if ($e instanceof ModelNotFoundException) {
            $ids = method_exists($e, 'getIds') ? $e->getIds() : [];

            if (in_array('bulkedit', $ids, true)) {
-            $error_array = session()->get('bulk_asset_errors');
+                $error_array = session()->get('bulk_asset_errors');
+
                return redirect()
                    ->route('hardware.index')
                    ->withErrors($error_array, 'bulk_asset_errors')
@@ -144,7 +155,7 @@ class Handler extends ExceptionHandler
            }

            // This gets the MVC model name from the exception and formats in a way that's less fugly
-            $model_name = trim(strtolower(implode(" ", preg_split('/(?=[A-Z])/', last(explode('\\', $e->getModel()))))));
+            $model_name = trim(strtolower(implode(' ', preg_split('/(?=[A-Z])/', last(explode('\\', $e->getModel()))))));
            $route = str_plural(strtolower(last(explode('\\', $e->getModel())))).'.index';

            // Sigh.
@@ -162,6 +173,8 @@ class Handler extends ExceptionHandler
                $route = 'licenses.index';
            } elseif (($route === 'customfieldsets.index') || ($route === 'customfields.index')) {
                $route = 'fields.index';
+            } elseif ($route == 'actionlogs.index') {
+                $route = 'home';
            }

            return redirect()
@@ -169,28 +182,26 @@ class Handler extends ExceptionHandler
                ->withError(trans('general.generic_model_not_found', ['model' => $model_name]));
        }

-
-        if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404' )) {
+        if ($this->isHttpException($e) && (isset($statusCode)) && ($statusCode == '404')) {
            return response()->view('layouts/basic', [
-                'content' => view('errors/404')
-            ],$statusCode);
+                'content' => view('errors/404'),
+            ], $statusCode);
        }

        return parent::render($request, $e);

    }

- /**
+    /**
     * Convert an authentication exception into an unauthenticated response.
     *
-     * @param  \Illuminate\Http\Request  $request
-     * @param  \Illuminate\Auth\AuthenticationException  $exception
-     * @return \Illuminate\Http\JsonResponse|\Illuminate\Http\RedirectResponse
-  */
+     * @param  Request  $request
+     * @return JsonResponse|RedirectResponse
+     */
    protected function unauthenticated($request, AuthenticationException $exception)
    {
        if ($request->expectsJson()) {
-            return response()->json(['error' => 'Unauthorized or unauthenticated.'], 401);
+            return response()->json(['error' => trans('general.unauthorized')], 401);
        }

        return redirect()->guest('login');
@@ -201,8 +212,7 @@ class Handler extends ExceptionHandler
        return response()->json(Helper::formatStandardApiResponse('error', null, $exception->errors()), 200);
    }

-
-    /** 
+    /**
     * A list of the inputs that are never flashed for validation exceptions.
     *
     * @var array
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasAccessories extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasAssetModels extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,5 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasAssets extends ItemStillHasChildren {}
@@ -0,0 +1,14 @@
+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+
+class ItemStillHasChildren extends Exception
+{
+    // public function __construct($message, $code = 0, Exception $previous = null, $parent, $children)
+    // {
+    //    trans()
+    //
+    // }
+}
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasComponents extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasConsumables extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasLicenses extends ItemStillHasChildren
+{
+    //
+}
@@ -0,0 +1,8 @@
+<?php
+
+namespace App\Exceptions;
+
+class ItemStillHasMaintenances extends ItemStillHasChildren
+{
+    //
+}
@@ -4,7 +4,4 @@ namespace App\Exceptions;

 use Exception;

-class UserDoestExistException extends Exception
-{
-
-}
+class UserDoestExistException extends Exception {}
@@ -4,18 +4,26 @@ namespace App\Helpers;

 class IconHelper
 {
-
-    public static function icon($type) {
+    public static function icon($type)
+    {
        switch ($type) {
+            case 'apple':
+                return 'fa-brands fa-apple';
+            case 'google':
+                return 'fa-brands fa-google';
            case 'checkout':
                return 'fa-solid fa-rotate-left';
            case 'checkin':
                return 'fa-solid fa-rotate-right';
            case 'edit':
+            case 'update':
                return 'fas fa-pencil-alt';
            case 'clone':
                return 'far fa-clone';
+            case 'upload':
+                return 'fa-solid fa-file-circle-plus';
            case 'delete':
+            case 'upload deleted':
                return 'fas fa-trash';
            case 'create':
                return 'fa-solid fa-plus';
@@ -35,14 +43,20 @@ class IconHelper
                return 'fa-solid fa-user';
            case 'users':
                return 'fas fa-users';
+            case 'supplier':
+                return 'fa-solid fa-store';
            case 'restore':
                return 'fa-solid fa-trash-arrow-up';
            case 'external-link':
                return 'fa fa-external-link';
+            case 'link':
+                return 'fa fa-link';
            case 'email':
                return 'fa-regular fa-envelope';
            case 'phone':
                return 'fa-solid fa-phone';
+            case 'fax':
+                return 'fa-solid fa-fax';
            case 'mobile':
                return 'fas fa-mobile-screen-button';
            case 'long-arrow-right':
@@ -50,7 +64,7 @@ class IconHelper
            case 'download':
                return 'fas fa-download';
            case 'checkmark':
-                return 'fas fa-check icon-white';
+                return 'fas fa-check';
            case 'x':
                return 'fas fa-times';
            case 'logout':
@@ -64,6 +78,7 @@ class IconHelper
            case 'angle-right':
                return 'fas fa-angle-right';
            case 'warning':
+            case 'alert':
                return 'fas fa-exclamation-triangle';
            case 'kits':
                return 'fas fa-object-group';
@@ -82,8 +97,11 @@ class IconHelper
            case 'licenses':
            case 'license':
                return 'far fa-save';
+            case 'requests':
            case 'requestable':
-                return 'fas fa-laptop';
+            case 'request':
+            case 'requested':
+                return 'fa-solid fa-bell-concierge';
            case 'reports':
                return 'fas fa-chart-bar';
            case 'heart':
@@ -103,13 +121,14 @@ class IconHelper
            case 'password':
                return 'fa-solid fa-key';
            case 'api-key':
-                return 'fa-solid fa-user-secret';
+                return 'fas fa-user-secret';
            case 'nav-toggle':
                return 'fas fa-bars';
            case 'dashboard':
                return 'fas fa-tachometer-alt';
            case 'info-circle':
-                    return 'fas fa-info-circle';
+            case 'info':
+                return 'fas fa-info-circle';
            case 'caret-right':
                return 'fa fa-caret-right';
            case 'caret-up':
@@ -127,19 +146,29 @@ class IconHelper
            case 'paperclip':
                return 'fas fa-paperclip';
            case 'files':
-                return 'fa-regular fa-file';
+                return 'fa-solid fa-file-contract';
+            case 'contact-card':
+                return 'fa-regular fa-id-card';
+            case 'eula':
+            case 'eulas':
+                return 'fa-regular fa-handshake';
+            case 'star':
+            case 'vip':
+                return 'fa-solid fa-star';
+            case 'remote':
+                return 'fa-solid fa-house-laptop';
            case 'more-info':
+            case 'help':
+            case 'support':
                return 'far fa-life-ring';
-            case 'calendar':
-                return 'fas fa-calendar';
            case 'plus':
                return 'fas fa-plus';
            case 'history':
-                return 'fas fa-history';
+                return 'fa-solid fa-timeline';
            case 'more-files':
                return 'fa-solid fa-laptop-file';
            case 'maintenances':
-                return 'fas fa-wrench';
+                return 'fa-solid fa-screwdriver-wrench';
            case 'seats':
                return 'far fa-list-alt';
            case 'globe-us':
@@ -185,15 +214,75 @@ class IconHelper
                return 'fas fa-crosshairs';
            case 'oauth':
                return 'fas fa-user-secret';
-            case 'employee_num' :
+            case 'employee_num':
                return 'fa-regular fa-id-card';
-            case 'department' :
+            case 'department':
                return 'fa-solid fa-building-user';
-            case 'home' :
+            case 'home':
                return 'fa-solid fa-house';
            case 'note':
            case 'notes':
                return 'fas fa-sticky-note';
+            case 'tip':
+                return 'fa-solid fa-lightbulb';
+            case 'highlight':
+                return 'fa-solid fa-highlighter';
+            case 'manager':
+                return 'fa-solid fa-user-tie';
+            case 'company':
+                return 'fa-regular fa-building';
+            case 'parent':
+                return 'fa-solid fa-building-flag';
+            case 'number':
+                return 'fa-solid fa-hashtag';
+            case 'depreciation':
+                return 'fa-solid fa-arrows-down-to-line';
+            case 'calendar':
+                return 'fas fa-calendar';
+            case 'depreciation-calendar':
+            case 'expiration':
+            case 'terminates':
+                return 'fa-regular fa-calendar-xmark';
+            case 'deleted-date':
+            case 'end_date':
+                return 'fa-solid fa-calendar-xmark';
+            case 'expected_checkin':
+            case 'start_date':
+                return 'fa-solid fa-calendar-check';
+            case 'eol':
+                return 'fa-regular fa-calendar-days';
+            case 'manufacturer':
+                return 'fa-solid fa-industry';
+            case 'fieldset':
+                return 'fa-regular fa-rectangle-list';
+            case 'category':
+                return 'fa-solid fa-icons';
+            case 'cost':
+                return 'fa-solid fa-money-bills';
+            case 'available':
+                return 'fa-solid fa-box';
+            case 'checkedout':
+                return 'fa-solid fa-box-open';
+            case 'purchase_order':
+                return 'fa-solid fa-file-invoice-dollar';
+            case 'order':
+                return 'fa-solid fa-file-invoice';
+            case 'checkout-all':
+                return 'fa-solid fa-arrows-down-to-people';
+            case 'checkin-all':
+                return 'fa-solid fa-arrows-turn-right';
+            case 'square-right':
+                return 'fa-regular fa-square-caret-right';
+            case 'square-left':
+                return 'fa-regular fa-square-caret-left';
+            case 'square':
+                return 'fa-solid fa-square';
+            case 'models':
+            case 'model':
+                return 'fa-solid fa-boxes-stacked';
+            case 'min-qty':
+                return 'fa-solid fa-chart-pie';
+
        }
    }
 }
@@ -2,32 +2,39 @@

 namespace App\Helpers;

-use Illuminate\Support\Facades\Storage;
-use Illuminate\Http\Response;
 use Illuminate\Http\RedirectResponse;
+use Illuminate\Support\Facades\Storage;
 use Symfony\Component\HttpFoundation\BinaryFileResponse;
 use Symfony\Component\HttpFoundation\StreamedResponse;
-use Illuminate\Contracts\Filesystem\FileNotFoundException;
+
 class StorageHelper
 {
-    public static function downloader($filename, $disk = 'default') : BinaryFileResponse | RedirectResponse | StreamedResponse
+    public static function downloader($filename, $disk = 'default'): BinaryFileResponse|RedirectResponse|StreamedResponse
    {
        if ($disk == 'default') {
            $disk = config('filesystems.default');
        }
        switch (config("filesystems.disks.$disk.driver")) {
-        case 'local':
-            return response()->download(Storage::disk($disk)->path($filename)); //works for PRIVATE or public?!
+            case 'local':
+                return response()->download(Storage::disk($disk)->path($filename)); // works for PRIVATE or public?!

-        case 's3':
-            return redirect()->away(Storage::disk($disk)->temporaryUrl($filename, now()->addMinutes(5))); //works for private or public, I guess?
+            case 's3':
+                Storage::disk($disk)->temporaryUrl(
+                    $filename,
+                    now()->addMinutes(5),
+                    [
+                        'ResponseContentType' => 'application/octet-stream',
+                        'ResponseContentDisposition' => 'attachment; filename=download-file',
+                    ]
+                );

-        default:
-            return Storage::disk($disk)->download($filename);
+            default:
+                return Storage::disk($disk)->download($filename);
        }
    }

-    public static function getMediaType($file_with_path) {
+    public static function getMediaType($file_with_path)
+    {

        // Get the file extension and determine the media type
        if (Storage::exists($file_with_path)) {
@@ -64,6 +71,7 @@ class StorageHelper
                    return $extension; // Default for unknown types
            }
        }
+
        return null;
    }

@@ -72,8 +80,9 @@ class StorageHelper
     * to determine that they are safe to display inline.
     *
     * @author <A. Gianotto> [<snipe@snipe.net]>
+     *
     * @since  v7.0.14
-     * @param  $file_with_path
+     *
     * @return bool
     */
    public static function allowSafeInline($file_with_path)
@@ -96,11 +105,11 @@ class StorageHelper
            'webp',
        ];

-
        // The file exists and is allowed to be displayed inline
        if (Storage::exists($file_with_path) && (in_array(pathinfo($file_with_path, PATHINFO_EXTENSION), $allowed_inline))) {
            return true;
        }
+
        return false;

    }
@@ -116,34 +125,4 @@ class StorageHelper
        return null;

    }
-
-
-    /**
-     * Decide whether to show the file inline or download it.
-     */
-    public static function showOrDownloadFile($file, $filename)
-    {
-
-        $headers = [];
-
-        if (request('inline') == 'true') {
-
-            $headers = [
-                'Content-Disposition' => 'inline',
-            ];
-
-            // This is NOT allowed as inline - force it to be displayed as text in the browser
-            if (self::allowSafeInline($file) != true) {
-                $headers = array_merge($headers, ['Content-Type' => 'text/plain']);
-            }
-        }
-
-        // Everything else seems okay, but the file doesn't exist on the server.
-        if (Storage::missing($file)) {
-            throw new FileNotFoundException();
-        }
-
-        return Storage::download($file, $filename, $headers);
-
-    }
 }
--- a/Show More
+++ b/Show More