growerp / growerpuntil20220814 Goto Github PK

GrowERP Flutter Administrator front-end & Hotel & Ecommerce for Android, IOS and Web using Moqui.org, Apache OFBiz

License: Other

Dart 83.22% Dockerfile 0.44% Kotlin 0.06% HTML 4.11% Swift 1.72% Objective-C 0.38% Ruby 0.77% Java 0.28% Shell 0.08% CMake 2.83% C++ 5.86% C 0.25%

admin flutter moqui ofbiz erp frontend-app hotel-management-system chat java dart

growerpuntil20220814's Introduction

Welcome to flutter open source GrowERP.

GrowERP is an open source multi platform ERP application you can try right now!

We have latest test version at admin.growerp.org Data at this site will be refreshed regularly.

We have now started a Beta production version:

When the application is loaded, create a new company, select demo data and look around!

If you like this initiative, please give a star to the project.

Documentation available at https://www.growerp.com

We also created a first vertical app for Hotel owners which will be released later.

Install flutter admin app locally

Please note we currectly use the beta version of flutter to switch to beta:

flutter channel beta
flutter upgrade

to install:

git clone https://github.com/growerp/growerp.git 
cd growerp/packages/core 
flutter pub get & flutter pub run build_runner build 
cd ../admin

Prepare for backend

OR: install backend according: https://github.com/growerp/growerp-moqui.git

OR: use our test backend:
change file packages/admin/assets/cfg/app_settings.json:

- from:   "databaseUrlDebug": "http://localhost:8080",
- to:     "databaseUrlDebug": "https://test.growerp.org",  

- from:   "chatUrlDebug":  "ws://localhost:8081",
- to:     "chatUrlDebug": "wss://chat.growerp.org",

start emulator or use browser and start app in directory: packages/admin:

flutter run

Some phone screen shots:

Some web/tablet screen shots:

The generated business website:

growerpuntil20220814's People

Contributors

Stargazers

Watchers

Forkers

sunilbakale nilsys hbyufan yahi99 dwtcourses mylovetop profive ryukira mohsinalimat narproje banging12 locnguyenx zhuangdaoyuan rrsart2023

growerpuntil20220814's Issues

Migrate flutter_bloc from V7 -> V8 and move to domain organized project structure

migration guide: https://bloclibrary.dev/?utm_campaign=Flutter%2BDeveloper%2BWeekly&utm_medium=web&utm_source=Flutter_Developer_Weekly_2#/migration

Implement Stripe payment being part of one of the first implementations in Thailand.

use the existing moqui component at https://github.com/akasiri/mantle-stripe

CVE-2021-32740 (High) detected in addressable-2.7.0.gem - autoclosed

CVE-2021-32740 - High Severity Vulnerability

Vulnerable Library - addressable-2.7.0.gem

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. It is flexible, offers heuristic parsing, and additionally provides extensive support for IRIs and URI templates.

Library home page: https://rubygems.org/gems/addressable-2.7.0.gem

Dependency Hierarchy:

fastlane-2.184.0.gem (Root Library)
- ❌ addressable-2.7.0.gem (Vulnerable Library)

Found in HEAD commit: 35c02877dac15a6442105e068f773b1fa2ad32eb

Found in base branch: master

Vulnerability Details

Addressable is an alternative implementation to the URI implementation that is part of Ruby's standard library. An uncontrolled resource consumption vulnerability exists after version 2.3.0 through version 2.7.0. Within the URI template implementation in Addressable, a maliciously crafted template may result in uncontrolled resource consumption, leading to denial of service when matched against a URI. In typical usage, templates would not normally be read from untrusted user input, but nonetheless, no previous security advisory for Addressable has cautioned against doing this. Users of the parsing capabilities in Addressable but not the URI template capabilities are unaffected. The vulnerability is patched in version 2.8.0. As a workaround, only create Template objects from trusted sources that have been validated not to produce catastrophic backtracking.

Publish Date: 2021-07-06

URL: CVE-2021-32740

CVSS 3 Score Details (7.5)

Base Score Metrics:

Exploitability Metrics:
- Attack Vector: Network
- Attack Complexity: Low
- Privileges Required: None
- User Interaction: None
- Scope: Unchanged
Impact Metrics:
- Confidentiality Impact: None
- Integrity Impact: None
- Availability Impact: High

For more information on CVSS3 Scores, click here.

Suggested Fix

Type: Upgrade version

Origin: GHSA-jxhc-q857-3j6g

Release Date: 2021-07-06

Fix Resolution: addressable - 2.8.0

Step up your Open Source Security Game with WhiteSource here