What's Changed
- Documentation update with latest features by @shzd-tridz in #8
- Frappe cloud redirection in documentation by @shzd-tridz in #10
- fix: handling csrf token by @shzd-tridz in #11
- fix(pos): switch from fetch to call.post for make_invoice API call by @emmanuel-mwendwa in #13
- fix(printing): fetch network printer settings correctly and enable CUPS printing by @emmanuel-mwendwa in #21
- fix: fetch room-wise menu correctly and correct variable reference in… by @swafa-as in #38
- fix: cancel reason mandatory by @shzd-tridz in #31
- Documentation by @swafa-as in #40
- Documentation by @swafa-as in #41
- Security Fix and erpnext pos build issue fix by @shzd-tridz in #43
New Contributors
- @emmanuel-mwendwa made their first contribution in #13
- @swafa-as made their first contribution in #38
Full Changelog: v0.2.0...v0.2.1
Updates
- Documentation: Updated URY documentation with the latest setup and usage details.
Security Fixes:
- Database Query Escaping: Replaced direct frappe.db.get_all calls with frappe.db.escape in the overridden POS function to prevent query injection.
- Input Validation: Added validation for search input to enhance data security and integrity.
Vulnerability Acknowledgment
We sincerely thank VulDB for responsibly reporting the vulnerability related to potential database query injection.
Contributors
emmanuel-mwendwa, shzdb, and swafa-as