morganwelp, let's make an #inventree #pyinfra installer.
Matthias MairWe are adding more #hotkeys to #inventree and I am unsure about how we can provide the best #ux - here is my current plan; happy for any #feedback
InvenTree#inventree is gearing up for 1.4.0 - You can help!
There are a few breaking changes coming up and now is the perfect time to:
- help with translations
- check if you plugins work with the 'latest' images
- deploy on your testing instance and look for any breakage
The release is expected to be cut in the next 3 weeks once final PRs and bug reports are completed.
See full announcement https://github.com/inventree/InvenTree/discussions/12135
#opensource #inventreedb #inventory
I have developed something new for the #inventree ecosystem: a project management plugin that enables you to:
- define required parameters based on type/stage
- do light task tracking (with ideas how this could be coupled to GitHub issues/jira/openproject)
- parse and emit project data formats
This is still in alpha and requires a dev/latest instance for testing. Feel free to reach out if you are intrested, install via custom index.
#inventreedb #openhardware #projectmanagement
Jmp49Tinkering in #inventree recently & wouldnt it be great if I could search it for the location of X using lab's #homeassistant page. HA>inventree integration broken (author aware), and too heavy for task. So wrote a HA script to search via latest api. Then someone said "I thought it'd be voice activated". Challenge accepted... Voice intents on HA and some yaml/scripts later We can ask HA voice pipeline "Where is a X" and it reads out stock location. Will try to make time to publish it on github.
New blog entry: Open Source Tools for Open Source Hardware
https://mjmair.com/blog/2026/open-source-tools-for-open-source-hardware
Ready about my new-ish project (about 2 months old now). Direct link to the project https://beta.mid-size.org/
Attention all sysadmins / selfhosters of #inventree instances:
We will publish a critical security vulnerability and patched version on 2026-04-08 21:00 UTC
Read https://inventree.org/blog/2026/03/25/security-release for more details - there are several recommended steps to keep your instance safe in the meantime.
Please prepare to update as soon as we release. #inventreedb #opensource
Action required - Upcoming Security Release
The InvenTree core development team has received a report of a critical security vulnerability affecting a large range of releases since 2024. We will release a disclosure and a fixed release for the 1.2.x release series on 2026-04-08 21:00 UTC. The vulnerability allows for lateral movement and privilege escalation within an InvenTree instance. It has a low attack complexity.
@jpm #inventree provides native packages for Debian and has bare metal instructions. What issues are you phasing?
InvenTree 1.2.6 contains fixes for new security advisories
Updating to 1.2.6 is strongly advised. See GHSA-rhc5-7c3r-c769 and GHSA-m8j2-vfmq-p6qg for details.
Every admin should be aware of the assumed trust in our threat model. If you followed it you are not vulnerable see https://docs.inventree.org/en/latest/concepts/threat_model/
many thanks to patelhettt (x2) and alonaki for their research and responsible disclosure
Attention: Release 1.2.0 has no support for PostgreSQL 13 - our docs contain information regarding PostgreSQL updates - https://docs.inventree.org/en/latest/start/migrate/#migrating-between-incompatible-database-versions.
At least PostgreSQL 14 is required, we recommend PostgreSQL 18.